OpenHands icon indicating copy to clipboard operation
OpenHands copied to clipboard
verified publisher icon All-Hands-AI

[Bug]: Security analyzer (invariant) is broken

Open amanape opened this issue 1 year ago • 2 comments

Is there an existing issue for the same bug?

  • [X] I have checked the existing issues.

Describe the bug and reproduction steps

  1. Enabling the security analyzer does not wait for user confirmation before. It always runs the command
  2. Enabling the "Invariant" option causes the app to go into an unhealthy loop. Seems to be related to the asyncio changes

OpenHands Installation

Docker command in README

OpenHands Version

0.14.2

Operating System

None

Logs, Errors, Screenshots, and Additional Context

No response

amanape avatar Nov 25 '24 18:11 amanape

I can take a look here - do you know which asyncio changes cause this issue?

mbalunovic avatar Nov 26 '24 10:11 mbalunovic

I can't tell for sure. You can replicate the issue by enabling it and selecting the Invariant security analyzer. If you observe the terminal, it repeats the same asyncio error.

amanape avatar Nov 26 '24 15:11 amanape

I had a chance to take a look - I added a PR with changes that seem to fix it: https://github.com/All-Hands-AI/OpenHands/pull/5356

mbalunovic avatar Dec 01 '24 23:12 mbalunovic