Skip to content

Pre/beta #438

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 51 commits into from
Jul 9, 2024
Merged

Pre/beta #438

merged 51 commits into from
Jul 9, 2024

Conversation

VinciGit00
Copy link
Collaborator

@VinciGit00 VinciGit00 commented Jul 4, 2024
edited
Loading

Results of the tests, the ones who failed for the graphs are the Ernies one

Screenshot 2024-07-04 alle 21 14 11

VinciGit00 and others added 30 commits June 19, 2024 10:42
@VinciGit00
add new models tokens
40b4b2d
@VinciGit00
add new models tokens
79a2f51
@VinciGit00
add convert function
8bb560a
@VinciGit00
add benchmark
6d78375
@VinciGit00
fixed a bug
23bc633
@VinciGit00
Update generate_answer_node_prompts.py
5664eb2
@VinciGit00
refactoring of fetch node
2f02830
@VinciGit00 @DiTo97
add new convert function
5d61238 
Co-Authored-By: Federico Minutoli <40361744+DiTo97@users.noreply.github.com>
@VinciGit00 @vedovati-matteo
add trigger
7af411a 
Co-Authored-By: Matteo Vedovati <68272450+vedovati-matteo@users.noreply.github.com>
@VinciGit00
fixed a bug
d1c3de7
@VinciGit00
add test
cf9a3d1
@VinciGit00
Update Readme.md
6549915
@VinciGit00
fixed generate_answer_node
afd46ac
@VinciGit00
add new examples
d8fcb6c
@VinciGit00
fixed request
9917972
@VinciGit00
add load examples from a yml file
92cabe1
@VinciGit00
fix: add test
3a537ee
@VinciGit00
feat: add fireworks integration
df0e310
@VinciGit00
add examples + test
4b56604
@VinciGit00
add new force
228a1de
@VinciGit00
modify fetch node with no cut mode
9b45ebc
@VinciGit00
feat: add integrations for markdown files
2804434
@VinciGit00
Merge branch 'md_scraper_integration' into integration_markdown
30ca15c
@VinciGit00
Merge pull request #419 from VinciGit00/integration_markdown
2242b10 
Integration markdown
@VinciGit00
feat: improve md prompt recognition
5fe694b
@VinciGit00
feat: add vertexai integration
119514b
@VinciGit00
add new info
f3b6343
@VinciGit00
Merge pull request #428 from VinciGit00/integration_markdown
e3a19c2 
Integration markdown
@VinciGit00
feat: add integration for infos
3bf5f57
@VinciGit00
update the chunk size
ed2af51
VinciGit00 and others added 18 commits July 4, 2024 14:22
@VinciGit00
update prompts
3ee1743
@f-aguzzi
chore(CI): fix pylint workflow
583c321
@f-aguzzi
chore(Docker): fix port number
afeb81f
@f-aguzzi
Merge pull request #405 from ScrapeGraphAI/integration_markdown
2ab7ddc 
Integration markdown
@f-aguzzi
Merge branch 'fireworks_integration' into support
720f187
@f-aguzzi
chore(rye): rebuild lockfiles
27c2dd2
@f-aguzzi
Merge branch '423-add-vertex-ai-integration' into support
d77a622
@VinciGit00
add new env
591cab0
@VinciGit00
Merge pull request #437 from ScrapeGraphAI/main
8f4a13b 
allignment
@f-aguzzi
Merge pull request #407 from ScrapeGraphAI/404-split-unit-testing-fro…
1bbd25a 
…m-src

Merge #404 (split unit testing from src)
@semantic-release-bot
ci(release): 1.8.1-beta.1 [skip ci]
8f9f96f 
## [1.8.1-beta.1](v1.8.0...v1.8.1-beta.1) (2024-07-04)

### Bug Fixes

* add test ([3a537ee](3a537ee))

### Docs

* **roadmap:** fix urls ([14faba4](14faba4))
* **roadmap:** next steps ([3e644f4](3e644f4))
@f-aguzzi
Merge branch 'pre/beta' into support
104d869
@VinciGit00
Merge pull request #436 from ScrapeGraphAI/support
fd6142e 
Support
@VinciGit00
Merge pull request #429 from ScrapeGraphAI/421-default-prompt-templat…
8a52914 
…e-customization

421 default prompt template customization
@VinciGit00
Merge pull request #417 from ScrapeGraphAI/md_scraper_integration
765b548 
feat: add integrations for markdown files
@semantic-release-bot
ci(release): 1.9.0-beta.1 [skip ci]
146432d 
## [1.9.0-beta.1](v1.8.1-beta.1...v1.9.0-beta.1) (2024-07-04)

### Features

* add fireworks integration ([df0e310](df0e310))
* add integration for infos ([3bf5f57](3bf5f57))
* add integrations for markdown files ([2804434](2804434))
* add vertexai integration ([119514b](119514b))
* improve md prompt recognition ([5fe694b](5fe694b))

### chore

* **Docker:** fix port number ([afeb81f](afeb81f))
* **CI:** fix pylint workflow ([583c321](583c321))
* **rye:** rebuild lockfiles ([27c2dd2](27c2dd2))
@VinciGit00
add compatibility for versions
ba782a6
@VinciGit00
Merge branch 'pre/beta' of https://github.com/ScrapeGraphAI/Scrapegra…
ff80cbb 
…ph-ai into pre/beta
@VinciGit00 VinciGit00 requested a review from f-aguzzi July 4, 2024 19:15
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 4, 2024
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
actions/eifinger/setup-rye 3.*.* 🟢 5.1
Details
CheckScoreReason
Code-Review⚠️ 0Found 0/9 approved changesets -- score normalized to 0
Maintained🟢 1015 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
SAST🟢 9SAST tool detected but not run on all commits
Vulnerabilities🟢 64 existing vulnerabilities detected
actions/actions/setup-python 3.*.* 🟢 5.2
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained⚠️ 12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Security-Policy🟢 9security policy file detected
SAST🟢 10SAST tool is run on all commits
Vulnerabilities⚠️ 046 existing vulnerabilities detected
pip/langchain 🟢 5.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 5Found 17/30 approved changesets -- score normalized to 5
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 032 existing vulnerabilities detected
pip/langchain-fireworks 0.1.3 🟢 5.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 5Found 17/30 approved changesets -- score normalized to 5
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 032 existing vulnerabilities detected
pip/langchain-google-genai UnknownUnknown
pip/langchain-google-vertexai UnknownUnknown
pip/langchain-openai 🟢 5.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 5Found 17/30 approved changesets -- score normalized to 5
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 032 existing vulnerabilities detected
pip/trafilatura 1.10.0 🟢 5.2
Details
CheckScoreReason
Code-Review⚠️ 2Found 6/30 approved changesets -- score normalized to 2
Maintained🟢 1030 commit(s) and 27 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST🟢 10SAST tool is run on all commits
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
pip/langchain 0.1.15 🟢 5.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 5Found 17/30 approved changesets -- score normalized to 5
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 032 existing vulnerabilities detected
pip/langchain-google-genai 1.0.3 UnknownUnknown
pip/langchain-openai 0.1.6 🟢 5.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 5Found 17/30 approved changesets -- score normalized to 5
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 032 existing vulnerabilities detected
pip/beautifulsoup4 4.12.3 UnknownUnknown
pip/faiss-cpu 1.8.0 🟢 4.8
Details
CheckScoreReason
Code-Review⚠️ 1Found 3/18 approved changesets -- score normalized to 1
Maintained🟢 109 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy⚠️ 0security policy file not detected
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
pip/free-proxy 1.1.1 🟢 3.6
Details
CheckScoreReason
Maintained⚠️ 00 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0
Code-Review🟢 3Found 4/13 approved changesets -- score normalized to 3
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ -1No tokens found
Pinned-Dependencies⚠️ -1no dependencies found
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow⚠️ -1no workflows found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 82 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
pip/google 3.0.0 🟢 3
Details
CheckScoreReason
Code-Review⚠️ 1Found 4/25 approved changesets -- score normalized to 1
Maintained⚠️ 23 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Token-Permissions⚠️ -1No tokens found
Binary-Artifacts🟢 10no binaries found in the repo
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
Pinned-Dependencies⚠️ -1no dependencies found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
pip/graphviz 0.20.1 🟢 5.5
Details
CheckScoreReason
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Maintained🟢 108 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
SAST⚠️ 0no SAST tool detected
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy⚠️ 0security policy file not detected
pip/html2text 2020.1.16 🟢 5.1
Details
CheckScoreReason
Code-Review🟢 6Found 12/19 approved changesets -- score normalized to 6
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Signed-Releases⚠️ -1no releases found
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
pip/langchain 0.1.14 🟢 5.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 5Found 17/30 approved changesets -- score normalized to 5
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 032 existing vulnerabilities detected
pip/langchain-anthropic 0.1.11 🟢 5.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 5Found 17/30 approved changesets -- score normalized to 5
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 032 existing vulnerabilities detected
pip/langchain-aws 0.1.2 UnknownUnknown
pip/langchain-google-genai 1.0.1 UnknownUnknown
pip/langchain-groq 0.1.3 🟢 5.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 5Found 17/30 approved changesets -- score normalized to 5
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 032 existing vulnerabilities detected
pip/langchain-openai 0.1.1 🟢 5.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 5Found 17/30 approved changesets -- score normalized to 5
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 032 existing vulnerabilities detected
pip/minify-html 0.15.0 🟢 3.5
Details
CheckScoreReason
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
SAST⚠️ 0no SAST tool detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging🟢 10packaging workflow detected
pip/pandas 2.0.3 🟢 6.4
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 0no badge detected
Code-Review🟢 825 out of last 30 changesets reviewed before merge -- score normalized to 8
Contributors🟢 1047 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool⚠️ 0no update tool detected
Fuzzing🟢 10project is fuzzed with [OSSFuzz]
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 21 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
SAST🟢 7SAST tool detected but not run on all commmits
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ 00 out of 5 artifacts are signed or have provenance
Token-Permissions⚠️ 0non read-only tokens detected in GitHub workflows
Vulnerabilities🟢 10no vulnerabilities detected
pip/playwright 1.43.0 🟢 7.2
Details
CheckScoreReason
Code-Review🟢 10all last 30 commits are reviewed through GitHub
Maintained🟢 1030 commit(s) out of 30 and 25 issue activity out of 30 found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no badge detected
Vulnerabilities🟢 10no vulnerabilities detected
Signed-Releases⚠️ -1no releases found
License🟢 10license file detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0non read-only tokens detected in GitHub workflows
Packaging⚠️ -1no published package detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies🟢 5dependency not pinned by hash detected -- score normalized to 5
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
pip/python-dotenv 1.0.1 🟢 5
Details
CheckScoreReason
Code-Review🟢 5Found 16/29 approved changesets -- score normalized to 5
Maintained🟢 64 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities🟢 91 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
pip/semchunk 1.0.1 UnknownUnknown
pip/tiktoken >= 0.5.2,< 0.6.0 🟢 5.1
Details
CheckScoreReason
Code-Review🟢 3Found 10/30 approved changesets -- score normalized to 3
Maintained🟢 103 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Signed-Releases⚠️ -1no releases found
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
pip/tqdm 4.66.3 🟢 5.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/8 approved changesets -- score normalized to 1
Maintained🟢 57 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
CII-Best-Practices🟢 5badge detected: Passing
License🟢 9license file detected
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
Token-Permissions⚠️ -1No tokens found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ -1no dependencies found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing🟢 10project is fuzzed
Security-Policy⚠️ 0security policy file not detected
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
pip/undetected-playwright 0.3.0 UnknownUnknown

Scanned Manifest Files

.github/workflows/pylint.yml
  • eifinger/setup-rye@3.*.*
  • actions/setup-python@3.*.*
pyproject.toml
  • langchain@
  • langchain-fireworks@0.1.3
  • langchain-google-genai@
  • langchain-google-vertexai@
  • langchain-openai@
  • trafilatura@1.10.0
  • langchain@0.1.15
  • langchain-google-genai@1.0.3
  • langchain-openai@0.1.6
requirements.txt
  • beautifulsoup4@4.12.3
  • faiss-cpu@1.8.0
  • free-proxy@1.1.1
  • google@3.0.0
  • graphviz@0.20.1
  • html2text@2020.1.16
  • langchain@0.1.14
  • langchain-anthropic@0.1.11
  • langchain-aws@0.1.2
  • langchain-google-genai@1.0.1
  • langchain-groq@0.1.3
  • langchain-openai@0.1.1
  • minify-html@0.15.0
  • pandas@2.0.3
  • playwright@1.43.0
  • python-dotenv@1.0.1
  • semchunk@1.0.1
  • tiktoken@>= 0.5.2,< 0.6.0
  • tqdm@4.66.3
  • undetected-playwright@0.3.0

@f-aguzzi
Copy link
Member

f-aguzzi commented Jul 4, 2024

The Ernie tests fail because we have no Ernie key. The other test failures seem to be caused by non-deterministic behavior. We either have to use mock models for everything, or not test at all

f-aguzzi
f-aguzzi reviewed Jul 4, 2024
View reviewed changes
Copy link
Member

@f-aguzzi f-aguzzi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need a better way to test things. For now, there's little to no correlation between the failing tests and the actual behavior of the library

@semantic-release-bot
ci(release): 1.9.0-beta.2 [skip ci]
5cb5fbf 
## [1.9.0-beta.2](v1.9.0-beta.1...v1.9.0-beta.2) (2024-07-05)

### Bug Fixes

* fix pyproject.toml ([7570bf8](7570bf8))
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 5, 2024

🎉 This issue has been resolved in version 1.9.0-beta.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

@VinciGit00 VinciGit00 merged commit f3f7dfe into main Jul 9, 2024
2 checks passed
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 9, 2024

🎉 This issue has been resolved in version 1.9.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@f-aguzzi f-aguzzi f-aguzzi left review comments

Assignees
No one assigned
Labels
released on @dev released on @stable
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@VinciGit00 @f-aguzzi @semantic-release-bot