From 908e637cef24024b6e67338c6e3890feb7c5e31a Mon Sep 17 00:00:00 2001 From: asofter Date: Thu, 10 Aug 2023 22:43:21 +0200 Subject: [PATCH] * Add Dependabot * Add CodeQL scanner * Lock libraries * More linters * Fix logo URL --- .github/dependabot.yml | 16 +++++++++++++++ .github/workflows/codeql.yml | 27 +++++++++++++++++++++++++ .pre-commit-config.yaml | 7 +++++-- CHANGELOG.md | 21 ++++++++++++++++++- README.md | 2 +- llm_guard/input_scanners/token_limit.py | 4 ++-- requirements-dev.txt | 10 ++++----- requirements.txt | 16 +++++++-------- setup.py | 2 +- 9 files changed, 85 insertions(+), 20 deletions(-) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/codeql.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..9e00936c --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,16 @@ +version: 2 +updates: + # Maintain dependencies for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + + # Maintain dependencies for Python + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "weekly" + allow: + - dependency-type: "all" + open-pull-requests-limit: 2 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..ccce3475 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,27 @@ +name: codeql + +on: + push: + branches: [main] + pull_request: + branches: [main] + schedule: + - cron: "0 13 * * 1" + workflow_dispatch: + +jobs: + analyze: + permissions: + actions: read + contents: read + security-events: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-python@v4 + with: + python-version: "3.x" + - uses: github/codeql-action/init@v1 + with: + languages: python + - uses: github/codeql-action/analyze@v1 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index e6e93a68..01885c62 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -5,9 +5,12 @@ repos: - id: check-yaml - id: end-of-file-fixer - id: trailing-whitespace + - id: end-of-file-fixer + types: [ python ] + - id: requirements-txt-fixer - repo: https://github.com/psf/black - rev: 23.3.0 + rev: 23.7.0 hooks: - id: black args: [ --line-length=100, --exclude="" ] @@ -24,7 +27,7 @@ repos: # and this tool removes unused imports, which may be providing # necessary side effects for the code to run - repo: https://github.com/PyCQA/autoflake - rev: v1.6.1 + rev: v2.2.0 hooks: - id: autoflake args: diff --git a/CHANGELOG.md b/CHANGELOG.md index 45beeed3..55390c0b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,23 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added - +## [0.0.3] - 2023-08-10 + +### Added +- Dependabot support +- CodeQL support +- More pre-commit hooks to improve linters + +### Fixed +- Locked libraries in `requirements.txt` +- Logo link in README + +## [0.0.2] - 2023-08-07 + +### Fixed + +- Fixed missing `.json` files in the package + ## [0.0.1] - 2023-08-07 ### Added @@ -38,4 +55,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - [Toxicity](./llm_guard/output_scanners/toxicity.py) [Unreleased]: https://github.com/laiyer-ai/llm-guard/commits/main -[0.0.1]: https://github.com/laiyer-ai/llm-guard/compare/v0.0.0...v0.0.1 +[0.0.3]: https://github.com/laiyer-ai/llm-guard/commits/v0.0.3 +[0.0.2]: https://github.com/laiyer-ai/llm-guard/commits/v0.0.2 +[0.0.1]: https://github.com/laiyer-ai/llm-guard/commits/v0.0.1 diff --git a/README.md b/README.md index 11d65e4e..c3181ad4 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -![LLM-Guard Logo](./docs/logo.png) +![LLM-Guard Logo](https://github.com/laiyer-ai/llm-guard/blob/a7cde324dec3118ebe8427da1a9e15fbd03ce5fe/docs/logo.png?raw=true) # LLM Guard - The Security Toolkit for LLM Interactions diff --git a/llm_guard/input_scanners/token_limit.py b/llm_guard/input_scanners/token_limit.py index 7a23dfc8..b10ecf5e 100644 --- a/llm_guard/input_scanners/token_limit.py +++ b/llm_guard/input_scanners/token_limit.py @@ -1,5 +1,5 @@ import logging -from typing import List +from typing import List, Optional import tiktoken @@ -18,7 +18,7 @@ def __init__( self, limit: int = 4096, encoding_name: str = "cl100k_base", - model_name: str = None, + model_name: Optional[str] = None, ): """ Initializes TokenLimit with a limit, encoding name, and model name. diff --git a/requirements-dev.txt b/requirements-dev.txt index ef1d7394..b960e143 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,5 +1,5 @@ -black -pytest -pytest-cov -isort -autoflake +autoflake==2.2.0 +black==23.7.0 +isort==5.12.0 +pytest==7.4.0 +pytest-cov==4.1.0 diff --git a/requirements.txt b/requirements.txt index 852b8a4d..ea91b8f1 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,8 @@ -sentence-transformers -spacy -transformers -xformers -nltk -tiktoken -presidio-anonymizer -presidio-analyzer +nltk==3.8.1 +presidio-analyzer==2.2.33 +presidio-anonymizer==2.2.33 +sentence-transformers==2.2.2 +spacy==3.6.1 +tiktoken==0.4.0 +transformers==4.31.0 +xformers==0.0.20 diff --git a/setup.py b/setup.py index 3d5c62ff..daeaff6a 100644 --- a/setup.py +++ b/setup.py @@ -17,7 +17,7 @@ def parse_requirements(file_name: str) -> List[str]: setuptools.setup( name="llm-guard", - version="0.0.2", + version="0.0.3", author="Laiyer.ai", author_email="hello@laiyer.ai", description=(