Open
Conversation
Changed connection defaults from localhost to Docker service names: - Redis: redis://localhost:6379 → redis://redis:6379 - Agent Memory Server: http://localhost:8088 → http://agent-memory-server:8000
|
Hi, I’m Jit, a friendly security platform designed to help developers build secure applications from day zero with an MVS (Minimal viable security) mindset. In case there are security findings, they will be communicated to you as a comment inside the PR. Hope you’ll enjoy using Jit. Questions? Comments? Want to learn more? Get in touch with us. |
🛡️ Jit Security Scan Results
🚨 Summary• Critical vulnerability in langchain-experimental allows arbitrary code execution 🔍 FindingsCRITICAL - 1 finding
1. Critical Eval Injection in LangChain Experimental
HIGH - 1 finding
1. XXE Vulnerability in LangChain Text Splitters
Remediation: - langchain-text-splitters>=0.3.0
+ langchain-text-splitters==0.3.9
|
…ical_manager - Replace text-embedding-ada-002 with text-embedding-3-small (3 places) - Update comment to reflect correct model name - Fixes embedding model not available error in LiteLLM proxy
- Update HybridQuery to use combination_method='RRF' (industry best practice) - Add documentation for RRF vs LINEAR combination methods - Replace deprecated alpha parameter with rrf_window/rrf_constant - Update code comments to reflect FT.HYBRID command (Redis 8.4+) - Improve explanation of hybrid search results
- Add HybridQuery import for FT.HYBRID command (Redis 8.4+) - Implement three search strategies: hybrid, exact_match, semantic_only - Use RRF combination method as default (industry best practice) - Add LINEAR combination support with configurable linear_alpha - Use course_manager.embeddings pattern (matches university code) - Remove separate _get_embeddings() helper function - Add department filtering support for hybrid queries
Add Part 3: Hybrid Search to stage_2_data_engineered_rag.ipynb: - Introduction explaining what hybrid search is and why it matters - Real-world scenarios showing when semantic/keyword search fail alone - Industry adoption context (Elasticsearch, Pinecone, Weaviate, Redis) - Detailed comparison of RRF vs LINEAR combination methods - RedisVL implementation examples with HybridQuery - Four code examples: basic RRF, LINEAR weighting, filters, comparison - Best practices and decision table for search type selection - Updated wrap-up section with hybrid search takeaways
- Add chat_notebooks directory with stage1_chat, stage4_chat, stage6_chat notebooks - Add chat_ui.py and chat_interface.py for Stage 1, 4, 6 agents - Update __init__.py exports to include start_chat functions - Fix Agent Memory Server port mapping in docker-compose.yml (8000:8000) - Use Docker service names (redis:6379, agent-memory-server:8000) by default - Match university materials configuration for seamless Docker execution
…upport" This reverts commit 23cb003.
Notebook fixes: - Add nest_asyncio.apply() to 01-1 and 01-2 for async support - Fix path stage2_data_engineered -> stage2_context_engineered in 01-2 - Fix module import data_engineering -> context_engineering in 01-2 - Add None check to count_tokens() in 02-1 - Fix token efficiency calculation in 02-1 Dependency updates (requirements.txt): - Add langchain-experimental>=0.3.0 (SemanticChunker) - Add langchain-text-splitters>=0.3.0 (RecursiveCharacterTextSplitter) - Add langchain-huggingface>=0.1.0 (HuggingFaceEmbeddings) - Add sentence-transformers>=2.0.0 (semantic chunking backend) - Add nest-asyncio>=1.5.0 (Jupyter async support) - Add jupyter>=1.0.0 and ipykernel>=6.0.0 - Add pypdf>=3.0.0 (PDF parsing) Dependency updates (pyproject.toml): - Add nest-asyncio>=1.5.0 - Add version constraint to pypdf>=3.0.0 All notebooks now execute successfully: - 01-1_baseline_rag.ipynb - 01-2_data_engineered_rag.ipynb - 02-1_data_engineering_theory.ipynb - 03-1_memory_systems.ipynb
Removed old notebooks (replaced with new naming convention): - 01_introduction_to_context_engineering.ipynb - 02_rag_essentials.ipynb - 03_data_engineering_theory.ipynb - 04_memory_systems.ipynb - stage6_chat.ipynb (duplicate, kept chat_notebooks/stage6_chat.ipynb) Updated chat notebooks with collapsible cells and fixes: - chat_notebooks/stage0_chat.ipynb - chat_notebooks/stage1_chat.ipynb - chat_notebooks/stage6_chat.ipynb Other updates: - arch/03_progressive_agents_demo.ipynb - stage1_baseline_rag/agent/nodes.py
Workshop notebooks (materials/ws/): - Remove LOCAL_DEV environment variable detection and conditional logic - Use Docker service names directly (redis:6379, litellm:4000, agent-memory-server:8000) - Clear stale notebook outputs containing localhost URLs University materials (materials/university/): - Update Agent Memory Server URL from localhost:8088 to agent-memory-server:8000 - Fix CLI files and notebooks to use correct Docker service names Files updated: - 11 workshop notebooks - 4 university files (stage5/stage6 CLI, query_long_term_memory.py, stage_5_working_memory.ipynb)
Change Path('') to Path('..') to correctly resolve project root from notebooks directory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.