TradingAgents/cli
ahmet guzererler b1a775882e
fix: Replace unsafe `ast.literal_eval` with `extract_json` in `parse_tool_call` (#105)
Remove the potential DoS and code-execution vulnerability by replacing `ast.literal_eval(tool_call)` with `json.loads` and `extract_json` in `cli/main.py`. Ensures strict JSON parsing without breaking tests or relying on unsafe structures.

Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
Co-authored-by: aguzererler <6199053+aguzererler@users.noreply.github.com>
2026-03-25 10:17:28 +01:00
..
static chore(release): v0.1.0 – initial public release of TradingAgents 2025-06-05 04:27:57 -07:00
__init__.py chore(release): v0.1.0 – initial public release of TradingAgents 2025-06-05 04:27:57 -07:00
announcements.py feat: add announcements panel fetching from api.tauric.ai/v1/announcements 2026-02-03 22:27:20 +00:00
config.py feat: add announcements panel fetching from api.tauric.ai/v1/announcements 2026-02-03 22:27:20 +00:00
main.py fix: Replace unsafe `ast.literal_eval` with `extract_json` in `parse_tool_call` (#105) 2026-03-25 10:17:28 +01:00
models.py chore(release): v0.1.0 – initial public release of TradingAgents 2025-06-05 04:27:57 -07:00
stats_handler.py feat: add footer statistics tracking with LangChain callbacks 2026-02-03 22:27:20 +00:00
utils.py merge: sync with upstream TauricResearch/TradingAgents v0.2.2 2026-03-23 12:17:25 +00:00