docs: Expand sandbox allowed imports with window functions and utilities#1127
docs: Expand sandbox allowed imports with window functions and utilities#1127promptless[bot] wants to merge 7 commits intomainfrom
Conversation
Add newly allowed imports from canvas-plugins PR #1615: - html module: escape, unescape - urllib.parse: unquote - django.db.models: FloatField, Func, RowRange, ValueRange, Window - django.db.models.functions: window functions (CumeDist, DenseRank, FirstValue, Lag, LastValue, Lead, NthValue, Ntile, PercentRank, Rank, RowNumber) plus Coalesce and Trim
![promptless[bot]](https://avatars.githubusercontent.com/in/979718?s=60&v=4){kind=small}
| @@ -202,6 +213,22 @@ Django's database expressions for complex query operations and conditional logic | |||
| - `Value` | |||
There was a problem hiding this comment.
Added django.db.models.functions section with window functions (CumeDist, DenseRank, FirstValue, Lag, LastValue, Lead, NthValue, Ntile, PercentRank, Rank, RowNumber) plus Coalesce and Trim based on the allow list additions in plugin_runner/sandbox.py.
| - `compare_digest` | ||
| - `new` | ||
|
|
||
| ##### `html` |
There was a problem hiding this comment.
Added html module with escape and unescape functions based on ALLOWED_MODULE_ATTRIBUTES additions in plugin_runner/sandbox.py.
|
@djantzen we're trialing promptless--let me know what you think of this result |
|
This pull request is automatically being deployed by Amplify Hosting (learn more). |
@beaugunderson Fundamentally similar to what I did (with Claude) except for removing the |
Adds the `time` class from the datetime module to the list of allowed imports in the plugin sandbox, per canvas-plugins PR #1595.
Document that plugin developers can use requests.codes for HTTP status code constants (like requests.codes.ok, requests.codes.not_found) in the sandbox. Enabled by canvas-plugins PR #1597.
Adds nanosecond-precision time function to the allowed imports list. Enabled by canvas-plugins PR #1598.
Documents additional sandbox items from canvas-plugins PR #1615: - traceback.format_exc for exception formatting - extract_exc_frames builtin for safe frame extraction - __args__, __members__, __origin__, __traceback__ dunder attributes
|
I noticed that some CI checks failed for this PR. I'm investigating whether the failures are caused by this suggestion. If they're unrelated or pre-existing, I'll leave this suggestion unchanged and create a separate suggestion if a standalone docs fix is needed. |
- Add `from logger import log` to both code examples - Change `logger.info` to `log.info` to match standard pattern - Mark blocks as partial since they use Canvas sandbox builtins
2 participants
Open this suggestion in Promptless to view citations and reasoning process
Documents newly allowed imports in the plugin sandbox from canvas-plugins PR #1615. Adds the html module (escape, unescape), urllib.parse.unquote, Django model fields (FloatField, Func), window expression classes (Window, RowRange, ValueRange), and Django window functions (CumeDist, DenseRank, FirstValue, Lag, LastValue, Lead, NthValue, Ntile, PercentRank, Rank, RowNumber). Also documents the previously undocumented Coalesce and Trim functions.