Merge pull request #27 from groupthinking/copilot/fix-213aa9e3-0b23-4bd9-9b0c-2eb2bc585c94

groupthinking · web-flow · commit 4cf97873fa8a · 2025-07-08T14:19:37.000-05:00
Fix 6 critical security vulnerabilities: replace pickle with JSON, MD5 with SHA-256, remove hardcoded credentials
diff --git a/connectors/mcp_debug_tool.py b/connectors/mcp_debug_tool.py
@@ -7,7 +7,10 @@
  copilot/fix-94a3a2ef-451e-4b72-9782-aff6506fa546
 import traceback
 import os
+ copilot/fix-213aa9e3-0b23-4bd9-9b0c-2eb2bc585c94
 =======
+=======
+ master
  master
 from datetime import datetime, timezone
 from typing import Dict, Any, Optional, List
diff --git a/llm/continuous_learning_system.py b/llm/continuous_learning_system.py
@@ -597,10 +597,14 @@ async def _create_model_version(
             training_data_size=self.training_stats["total_samples_processed"],
             quantum_optimized=self.quantum_connector.connected,
             file_path=str(self.model_dir / f"{version_id}.json"),
+ copilot/fix-213aa9e3-0b23-4bd9-9b0c-2eb2bc585c94
+            checksum=hashlib.sha256(version_id.encode()).hexdigest(),
+
  copilot/fix-94a3a2ef-451e-4b72-9782-aff6506fa546
             checksum=hashlib.sha256(version_id.encode()).hexdigest(),
-=======
+
             checksum=hashlib.md5(version_id.encode()).hexdigest(),
+ master
  master
         )
 
@@ -611,12 +615,17 @@ async def _create_model_version(
             "model_state": "simulated_model_state",
         }
 
+ copilot/fix-213aa9e3-0b23-4bd9-9b0c-2eb2bc585c94
+        with open(version.file_path, "w") as f:
+            json.dump(model_data, f, indent=2, default=str)
+
  copilot/fix-94a3a2ef-451e-4b72-9782-aff6506fa546
         with open(version.file_path, "w") as f:
             json.dump(model_data, f, indent=2, default=str)
 
         with open(version.file_path, "w", encoding="utf-8") as f:
             json.dump(model_data, f, cls=ModelVersionJSONEncoder, indent=2)
+ master
  master
 
         # Update current version
@@ -666,13 +675,18 @@ async def _load_or_create_model(self):
             json_files = list(self.model_dir.glob("*.json"))
             pkl_files = list(self.model_dir.glob("*.pkl"))
 
+ copilot/fix-213aa9e3-0b23-4bd9-9b0c-2eb2bc585c94
+                with open(latest_file, "r") as f:
+                    model_data = json.load(f)
+
             if json_files:
                 # Load latest JSON version
                 latest_file = max(json_files, key=lambda f: f.stat().st_mtime)
  master
 
                 with open(latest_file, "r", encoding="utf-8") as f:
                     model_data = json.load(f, cls=ModelVersionJSONDecoder)
+ master
 
                 self.current_model_version = model_data["version_info"]
                 logger.info(
