Python: Add class validation for Dapr Runtime step loading#13499
Merged
moonbox3 merged 2 commits intomicrosoft:mainfrom Feb 2, 2026
Merged
Python: Add class validation for Dapr Runtime step loading#13499moonbox3 merged 2 commits intomicrosoft:mainfrom
moonbox3 merged 2 commits intomicrosoft:mainfrom
Conversation
Collaborator
Author
Python Test Coverage Report •
Python Unit Test Overview
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
dmytrostruk
approved these changes
Jan 30, 2026
alliscode
approved these changes
Jan 30, 2026
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
4 tasks
moonbox3
added a commit
that referenced
this pull request
Mar 24, 2026
### Motivation and Context Follow-up to #13499. The previous PR added the `allowed_module_prefixes` parameter but defaulted it to `None`, which meant the module restriction was only active if developers discovered and configured it. Secure-by-default is the right posture here — restrict first, let developers widen as needed. - Change `allowed_module_prefixes` default from `None` to `("semantic_kernel.",)` across Dapr runtime step loading - Non-SK step classes now require developers to explicitly add their module prefix (e.g. `("semantic_kernel.", "myapp.steps.")`) - Developers can pass `None` to opt out entirely, but the secure default is now enforced - The Dapr runtime code is experimental, so this is a non-breaking change per our stability guarantees <!-- Thank you for your contribution to the semantic-kernel repo! Please help reviewers and future users, providing the following information: 1. Why is this change required? 2. What problem does it solve? 3. What scenario does it contribute to? 4. If it fixes an open issue, please link to the issue here. --> <!-- Describe your changes, the overall approach, the underlying design. These notes will help understanding how your code works. Thanks! --> ### Contribution Checklist <!-- Before submitting this PR, please make sure: --> - [X] The code builds clean without any errors or warnings - [X] The PR follows the [SK Contribution Guidelines](https://github.com/microsoft/semantic-kernel/blob/main/CONTRIBUTING.md) and the [pre-submission formatting script](https://github.com/microsoft/semantic-kernel/blob/main/CONTRIBUTING.md#development-scripts) raises no violations - [X] All unit tests pass, and I have added new tests where possible - [ ] I didn't break anyone 😄 --------- Co-authored-by: MAF Dashboard Bot <maf-dashboard-bot@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation and Context
The Dapr Runtime uses string-based class names to load step classes dynamically. This PR adds validation to ensure that only valid KernelProcessStep subclasses can be loaded and instantiated, improving type safety and providing better error messages when misconfigured.
The new allowed_module_prefixes parameter gives users control over which modules are permitted for step class loading, which can be useful in environments where stricter control is desired.
Description
Contribution Checklist