feat: enable one sentence clone #484
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Fix security issue: prevent unauthorized file access
…e/openstellar/astra-agent
- Removed unused `tts-api-url` and `clone-api-url` from application.yml - Removed `cloneApiUrl` property from CustomSpeakerServiceImpl - Inlined `CLONE_API_URL` constant in CustomSpeakerServiceImpl - Removed `ttsApiUrl` property from VoiceServiceImpl - Inlined `TTS_API_URL` constant in VoiceServiceImpl- Removed unused RtaUtil class entirely
- Renamed ModelManufacturerEnum to SpeakerTypeEnum - Changed field name from modelManufacturer to speakerType- Updated enum value from XFYUN to NORMAL- Modified database column name from model_manufacturer to speaker_type - Adjusted query wrapper to use new speakerType field and enum
- Insert new permissions for speaker training endpoints - Update pronunciation person configurations with new speaker types - Remove outdated pronunciation person entries - Add new pronunciation persons with flow and oral speaker types- Modify column structure to include speaker_type in pronunciation config
- Add speaker name internationalization configuration - Update database speaker names to use i18n keys - Create speaker_en.properties and speaker_zh.properties files- Modify VoiceServiceImpl to convert i18n keys to localized names- Adjust InternationalConfig to include speaker resource bundle- Add i18n utility dependency in VoiceServiceImpl- Reorganize import statements in InternationalConfig
…figuration class - Removed related bean definition for RtasrClient- Cleaned up associated properties injection - Eliminated legacy rtasr client setup logic
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| log.error("create task failed", e); | ||
| throw e; | ||
| } finally { | ||
| if (tempFile.exists() && !tempFile.delete()) { |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
| log.error("create task failed", e); | ||
| throw e; | ||
| } finally { | ||
| if (tempFile.exists() && !tempFile.delete()) { |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
- Implemented sanitizeFilename method to prevent path traversal attacks - Extracted filename part from user input to avoid directory traversal- Removed dangerous characters from filenames (keeping only safe characters) - Added validation for empty or dot-only filenames - Limited filename length to prevent overly long names - Updated temp file creation to use sanitized filenames- Added documentation for the new sanitization method
…rt safely to avoid path traversal attacks - Handle null filename case when getFileName() returns null- Remove dangerous characters from filename using regex replacement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Type of Change
Related Issue
Changes
Testing
Screenshots (if applicable)
Checklist