DATA/deerflow-factory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
75315d958e94b082ecb340d0660c95166c71a614
deerflow-factory/deer-flow/scripts/wait-for-port.sh
DATA 6de0bf9f5b Initial commit: hardened DeerFlow factory 
Vendored deer-flow upstream (bytedance/deer-flow) plus prompt-injection
hardening:

- New deerflow.security package: content_delimiter, html_cleaner,
  sanitizer (8 layers — invisible chars, control chars, symbols, NFC,
  PUA, tag chars, horizontal whitespace collapse with newline/tab
  preservation, length cap)
- New deerflow.community.searx package: web_search, web_fetch,
  image_search backed by a private SearX instance, every external
  string sanitized and wrapped in <<<EXTERNAL_UNTRUSTED_CONTENT>>>
  delimiters
- All native community web providers (ddg_search, tavily, exa,
  firecrawl, jina_ai, infoquest, image_search) replaced with hard-fail
  stubs that raise NativeWebToolDisabledError at import time, so a
  misconfigured tool.use path fails loud rather than silently falling
  back to unsanitized output
- Native client back-doors (jina_client.py, infoquest_client.py)
  stubbed too
- Native-tool tests quarantined under tests/_disabled_native/
  (collect_ignore_glob via local conftest.py)
- Sanitizer Layer 7 fix: only collapse horizontal whitespace, preserve
  newlines and tabs so list/table structure survives
- Hardened runtime config.yaml references only the searx-backed tools
- Factory overlay (backend/) kept in sync with deer-flow tree as a
  reference / source

See HARDENING.md for the full audit trail and verification steps.
2026-04-12 14:23:57 +02:00

62 lines
1.6 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
#
# wait-for-port.sh - Wait for a TCP port to become available
#
# Usage: ./scripts/wait-for-port.sh <port> [timeout_seconds] [service_name]
#
# Arguments:
# port - TCP port to wait for (required)
# timeout_seconds - Max seconds to wait (default: 60)
# service_name - Display name for messages (default: "Service")
#
# Exit codes:
# 0 - Port is listening
# 1 - Timed out waiting
PORT="${1:?Usage: wait-for-port.sh <port> [timeout] [service_name]}"
TIMEOUT="${2:-60}"
SERVICE="${3:-Service}"
elapsed=0
interval=1
is_port_listening() {
if command -v lsof >/dev/null 2>&1; then
if lsof -nP -iTCP:"$PORT" -sTCP:LISTEN -t >/dev/null 2>&1; then
return 0
fi
fi
if command -v ss >/dev/null 2>&1; then
if ss -ltn "( sport = :$PORT )" 2>/dev/null | tail -n +2 | grep -q .; then
return 0
fi
fi
if command -v netstat >/dev/null 2>&1; then
if netstat -ltn 2>/dev/null | awk '{print $4}' | grep -Eq "(^|[.:])${PORT}$"; then
return 0
fi
fi
if command -v timeout >/dev/null 2>&1; then
timeout 1 bash -c "exec 3<>/dev/tcp/127.0.0.1/$PORT" >/dev/null 2>&1
return $?
fi
return 1
}
while ! is_port_listening; do
if [ "$elapsed" -ge "$TIMEOUT" ]; then
echo ""
echo "$SERVICE failed to start on port $PORT after ${TIMEOUT}s"
exit 1
fi
printf "\r Waiting for %s on port %s... %ds" "$SERVICE" "$PORT" "$elapsed"
sleep "$interval"
elapsed=$((elapsed + interval))
done
printf "\r %-60s\r" "" # clear the waiting line
Reference in New Issue View Git Blame Copy Permalink