ferdi2go/OnlyFrames
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: scope-check paths in /move, update anthropic SDK to 0.89.0

Browse Source
This commit is contained in:
Ferdinand
2026-04-07 16:28:33 +02:00
parent 9f4985a444
commit c58817becc
2 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
requirements.txt
View File

@@ -4,6 +4,6 @@ pillow==12.2.0
opencv-python-headless==4.13.0.92 opencv-python-headless==4.13.0.92
imagehash==4.3.1 imagehash==4.3.1
python-dotenv==1.0.1 python-dotenv==1.0.1
anthropic==0.25.0 anthropic==0.89.0
pytest==8.1.1 pytest==8.1.1
httpx==0.27.0 httpx==0.27.0

13
server.py
View File

@@ -78,14 +78,21 @@ def analyze(req: AnalyzeRequest):
@app.post("/move") @app.post("/move")
def move_files(req: MoveRequest): def move_files(req: MoveRequest):
target_dir = os.path.join(req.folder, "_aussortiert") folder_abs = os.path.abspath(req.folder)
if not os.path.isdir(folder_abs):
raise HTTPException(status_code=400, detail=f"Ordner nicht gefunden: {req.folder}")
target_dir = os.path.join(folder_abs, "_aussortiert")
os.makedirs(target_dir, exist_ok=True) os.makedirs(target_dir, exist_ok=True)
moved = [] moved = []
errors = [] errors = []
for path in req.paths: for path in req.paths:
path_abs = os.path.abspath(path)
if not path_abs.startswith(folder_abs + os.sep):
errors.append({"path": path, "error": "Pfad liegt außerhalb des analysierten Ordners"})
continue
try: try:
dest = os.path.join(target_dir, os.path.basename(path)) dest = os.path.join(target_dir, os.path.basename(path_abs))
shutil.move(path, dest) shutil.move(path_abs, dest)
moved.append(path) moved.append(path)
except Exception as e: except Exception as e:
errors.append({"path": path, "error": str(e)}) errors.append({"path": path, "error": str(e)})