FEAT: Replaced GPL/LGPL licensed dependencies with permissive alternate dependencies #1125
Conversation
| subdivisions = list(pycountry.subdivisions) | ||
| # NEW: | ||
| # Build country names list from iso3166 | ||
| country_names = [c.name for c in countries] |
There was a problem hiding this comment.
if we're just doing a list like this for subdivision names why not for countries as well? Perhaps that's simpler than adding a dependency
pyrit/executor/workflow/xpia.py
Outdated
| prompt = "Please trigger the processing target's execution and paste the output here:" | ||
| return await questionary.text(prompt).ask_async() # type: ignore |
There was a problem hiding this comment.
I'm reluctant to introduce yet another dependency just for this one line...
So far, this workflow is something we run by itself anyway so blocking with input(...) would be ok. Or maybe something like
await asyncio.to_thread(input, prompt)
is also fine. Not sure if that messes with jupyter, though.
…ce_gpl_libraries
…ce_gpl_libraries
@microsoft-github-policy-service agree |
|
Hi @romanlutz , |
|
Sounds good. I wanted to review but it seems like you pulled in th changes from the Entra PR. I'll pull when that's merged to make it easier to see the actual diff |
pyproject.toml
Outdated
| "feedgen>=1.0.0", | ||
| "flake8>=7.2.0", | ||
| "flake8-copyright>=0.2.4", | ||
| "fpdf2>=2.8.3", |
There was a problem hiding this comment.
This should probably be removed?
| Parameters | ||
| ---------- | ||
| n_v : ndarray, with shape (V,) | ||
| Number of pairable elements for each value. | ||
| dtype : data-type | ||
| Result and computation data-type. | ||
| Returns | ||
| ------- | ||
| e : ndarray, with shape (V, V) |
There was a problem hiding this comment.
Across this file, the doc style isn't what we're using elsewhere ("Google style"). Can you adjust that?
| from fpdf import FPDF | ||
| from pypdf import PageObject, PdfReader, PdfWriter | ||
|
|
||
| # from fpdf import FPDF |
There was a problem hiding this comment.
| # from fpdf import FPDF |
| # def _generate_pdf(self, content: str) -> bytes: | ||
| # """ | ||
| # Generates a PDF with the given content. | ||
|
|
||
| # Args: | ||
| # content (str): The text content to include in the PDF. | ||
|
|
||
| # Returns: | ||
| # bytes: The generated PDF content in bytes. | ||
| # """ | ||
| # pdf = FPDF(format=(self._page_width, self._page_height)) # Use custom page size | ||
| # pdf.add_page() | ||
| # pdf.set_font(self._font_type, size=self._font_size) # Use custom font settings | ||
| # pdf.multi_cell(self._column_width, self._row_height, content) # Use configurable cell dimensions | ||
|
|
||
| # pdf_bytes = BytesIO() | ||
| # pdf.output(pdf_bytes) | ||
| # return pdf_bytes.getvalue() | ||
|
|
There was a problem hiding this comment.
Please remove this and the references to FPDF in the code below. I'll validate this with an example I have and will report back.
| from pyrit.score.scorer_evaluation.metrics_type import MetricsType | ||
| from pyrit.score.true_false.true_false_scorer import TrueFalseScorer | ||
|
|
||
| from .krippendorff import alpha as _krippendorff_alpha |
There was a problem hiding this comment.
we should probably just call it that from the start
| @@ -0,0 +1,154 @@ | |||
| # Copyright (c) Microsoft Corporation. | |||
| # Licensed under the MIT license. | |||
| """Krippendorff's alpha for ordinal data. | |||
There was a problem hiding this comment.
Is this adapted from LightTag/simpledorff? If so, it would be nice to give them a shoutout in the docstring.
We should also add the unit tests they have to make sure the implementation doesn't have a small bug anywhere.
There was a problem hiding this comment.
Yes, it was inspired by LightTag/simpledorff’s decomposition but reimplemented in numpy based form for ordinal data. I’ll add a docstring acknowledgment and create equivalent unit tests.
There was a problem hiding this comment.
Would be great if the function was broken up a bit more to help with readability and to make it easier to understand. If you want I can provide suggestions.
There was a problem hiding this comment.
Sure, I’d appreciate some suggestions on that.
There was a problem hiding this comment.
Sounds good. I should be able to get to this by Thursday.
3 participants
Description
This PR replaces three GPL/LGPL licensed dependencies with permissively licensed alternatives. All replacements maintain full backward compatibility with existing functionality.
Dependencies Replaced:
aioconsole → questionary (GPL-3.0 → MIT)
Used in XPIA manual workflow for async user input
File: pyrit/executor/workflow/xpia.py
pycountry → iso3166 (LGPL-2.1 → Apache-2.0)
Provides country/region names for bias testing datasets
File: pyrit/datasets/seclists_bias_testing_dataset.py
Added hardcoded subdivision list extracted from pycountry's subdivision list, since iso3166 only provides countries
fpdf2 → ReportLab (LGPL-3.0 → BSD)
Generates PDFs and overlays text on existing PDFs
File: pyrit/prompt_converter/pdf_converter.py
Implemented custom text wrapping to match original behavior.
Issue no:
#1123
@romanlutz
Tests and Documentation
Unit test for the three modified files:
