Feature icp canister adapter#32
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ff757b269c
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| #[update] | ||
| fn set_pack(bytes: Vec<u8>, label: String) -> HealthDto { |
There was a problem hiding this comment.
Add an explicit caller check before allowing set_pack/clear_pack to mutate state. As implemented, any principal that can reach the canister can overwrite or erase the knowledge pack, which means a public deployment can be trivially defaced or made unavailable by anonymous callers. This is a production-impacting security issue because the write methods are exposed as unrestricted #[update] entrypoints.
Useful? React with 👍 / 👎.
| const output = execFileSync(dfxBin, args, { | ||
| cwd, | ||
| encoding: 'utf8', | ||
| env, | ||
| }); |
There was a problem hiding this comment.
runDfx uses execFileSync with the default maxBuffer, so knolo icp query can fail once JSON output grows beyond that limit (for example, larger block texts with top_k up to 50). In that case the canister call itself may succeed but the CLI throws due to buffered stdout size, which makes the command unreliable on realistic packs. Set a larger maxBuffer or stream output instead of buffering it all.
Useful? React with 👍 / 👎.
2 participants
No description provided.