Expand dangerous imports blocklist for better coverage #215

dguido · 2026-01-23T02:47:55Z

Summary

Expands UNSAFE_IMPORTS in fickle.py from ~20 to ~60+ modules
Adds network modules (requests, aiohttp, httplib, etc.)
Adds FFI modules (ctypes, _ctypes)
Adds profiling/debugging modules (cProfile, profile, pdb, timeit, trace)
Adds pickle recursion modules (pickle, dill, cloudpickle, joblib)
Adds filesystem modules (shutil, tempfile, distutils)
Adds import manipulation modules (importlib, pkgutil, zipimport)
Adds torch dangerous modules (torch.hub, torch._dynamo, etc.)

Test plan

All existing tests pass
Linters pass
Manual verification with test pickle files

🤖 Generated with Claude Code

Add ~40 additional modules to UNSAFE_IMPORTS including: - Network modules (requests, aiohttp, httplib, etc.) - FFI modules (ctypes, _ctypes) - Profiling/debugging (cProfile, profile, pdb, timeit, trace) - Pickle recursion (pickle, dill, cloudpickle, joblib) - Filesystem (shutil, tempfile, distutils) - Import manipulation (importlib, pkgutil, zipimport) - Torch dangerous (torch.hub, torch._dynamo, torch._inductor, torch.jit) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

dguido requested a review from ESultanik as a code owner January 23, 2026 02:47

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Expand dangerous imports blocklist for better coverage #215

Expand dangerous imports blocklist for better coverage #215

Uh oh!

dguido commented Jan 23, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Expand dangerous imports blocklist for better coverage #215

Are you sure you want to change the base?

Expand dangerous imports blocklist for better coverage #215

Uh oh!

Conversation

dguido commented Jan 23, 2026

Summary

Test plan

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants