Files
wehub-resource-sync e93507a09c
Lockfile supply-chain audit / lockfile supply-chain audit (push) Has been cancelled
Windows Studio GGUF CI / GPU prebuilt resolves without Visual Studio (push) Has been cancelled
Windows Studio GGUF CI / setup.ps1 unit tests (VS 2026 / CMake guard) (push) Has been cancelled
Windows Studio GGUF CI / real-VS detection (VS 2022) (push) Has been cancelled
Windows Studio GGUF CI / real-VS detection (VS 2026) (push) Has been cancelled
Windows Studio GGUF CI / VC++ runtime detect + install round-trip (windows-2025-vs2026) (push) Has been cancelled
Windows Studio GGUF CI / VC++ runtime detect + install round-trip (windows-latest) (push) Has been cancelled
Windows Studio Update CI / Studio Updating Tests (push) Has been cancelled
Wheel CI / Wheel build + content sanity + import smoke (push) Has been cancelled
Lint CI / Source lint (Python + shell + YAML + JSON + safety nets) (push) Has been cancelled
MLX CI on Mac M1 / dispatch (push) Has been cancelled
Security audit / advisory audit (pip + npm + cargo) (push) Has been cancelled
Security audit / pip scan-packages :: extras (push) Has been cancelled
Security audit / pip scan-packages :: studio (push) Has been cancelled
Security audit / pip scan-packages :: hf-stack (push) Has been cancelled
Security audit / npm scan-packages (Studio frontend tarballs) (push) Has been cancelled
Security audit / workflow-trigger lint (pull_request_target / cache-poisoning) (push) Has been cancelled
Security audit / pytest tests/security (push) Has been cancelled
Security audit / npm provenance + new install-script diff (push) Has been cancelled
Studio API CI / Studio API & Auth Tests (push) Has been cancelled
Backend CI / (Python 3.10) (push) Has been cancelled
Backend CI / (Python 3.11) (push) Has been cancelled
Backend CI / (Python 3.12) (push) Has been cancelled
Backend CI / (Python 3.13) (push) Has been cancelled
Backend CI / Repo tests (CPU) (push) Has been cancelled
Frontend CI / Frontend build + bundle sanity (push) Has been cancelled
Studio GGUF CI / OpenAI, Anthropic API tests (push) Has been cancelled
Studio GGUF CI / Tool calling Tests (push) Has been cancelled
Studio GGUF CI / JSON, images (push) Has been cancelled
Mac Studio GGUF CI / OpenAI, Anthropic API tests (push) Has been cancelled
Mac Studio GGUF CI / Tool calling Tests (push) Has been cancelled
Mac Studio GGUF CI / JSON, images (push) Has been cancelled
Mac Studio Install Matrix CI / Install + load (macos-14) (push) Has been cancelled
Mac Studio Install Matrix CI / Install + load (macos-15) (push) Has been cancelled
Mac Studio Install Matrix CI / Install + load (macos-26) (push) Has been cancelled
Mac Studio Install Matrix CI / Install + load (macos-15-intel) (push) Has been cancelled
Mac Studio API CI / Studio API & Auth Tests (push) Has been cancelled
Mac Studio Install Matrix CI / Install + load (macos-26-intel) (push) Has been cancelled
Mac Studio UI CI / Chat UI Tests (push) Has been cancelled
Studio Tauri CI / Tauri Linux debug build (no codesign) (push) Has been cancelled
Mac Studio Update CI / Studio Updating Tests (push) Has been cancelled
Studio UI CI / Chat UI Tests (push) Has been cancelled
Windows Studio API CI / Studio API & Auth Tests (push) Has been cancelled
Windows Studio UI CI / Chat UI Tests (push) Has been cancelled
Studio Update CI / Studio Updating Tests (push) Has been cancelled
Core / Core (HF=default + TRL=default) (push) Has been cancelled
Core / Core (HF=4.57.6 + TRL<1) (push) Has been cancelled
Core / Core (HF=latest + TRL=latest) (push) Has been cancelled
Core / llama.cpp build + smoke (push) Has been cancelled
Windows Studio GGUF CI / OpenAI, Anthropic API tests (push) Has been cancelled
Windows Studio GGUF CI / Tool calling Tests (push) Has been cancelled
Windows Studio GGUF CI / JSON, images (push) Has been cancelled
Windows Studio GGUF CI / Studio install + inference without Visual Studio (push) Has been cancelled
Studio export capability / capability (macos-latest) (push) Has been cancelled
Studio export capability / capability (ubuntu-latest) (push) Has been cancelled
Studio export capability / capability (windows-latest) (push) Has been cancelled
Cross-platform parity / parity (macos-latest) (push) Has been cancelled
Cross-platform parity / parity (windows-latest) (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Studio load-orchestrator CI / test (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:59:56 +08:00

393 lines
14 KiB
Python

# SPDX-License-Identifier: AGPL-3.0-only
# Copyright 2026-present the Unsloth AI Inc. team. All rights reserved. See /studio/LICENSE.AGPL-3.0
"""Tests for the `--secure/--no-secure` Studio flag: option registration,
re-exec/run_server forwarding, the forced 127.0.0.1 bind, and rejection
alongside --no-cloudflare or before a subcommand. Modeled on
test_studio_cloudflare_flag.py."""
from __future__ import annotations
import sys
from pathlib import Path
import pytest
from typer.testing import CliRunner
_REPO_ROOT = Path(__file__).resolve().parents[2]
if str(_REPO_ROOT) not in sys.path:
sys.path.insert(0, str(_REPO_ROOT))
def _studio():
from unsloth_cli.commands import studio as _studio_mod
return _studio_mod
_BASE = ["--model", "unsloth/Qwen3-1.7B-GGUF"]
# ── option registration ──────────────────────────────────────────────
def test_run_exposes_secure_option_default_off():
import inspect
opt = inspect.signature(_studio().run).parameters["secure"].default
decls = set(getattr(opt, "param_decls", []) or [])
assert "--secure/--no-secure" in decls
assert getattr(opt, "default", None) is False
def test_studio_default_exposes_secure_option_default_off():
import inspect
opt = inspect.signature(_studio().studio_default).parameters["secure"].default
decls = set(getattr(opt, "param_decls", []) or [])
assert "--secure/--no-secure" in decls
assert getattr(opt, "default", None) is False
def test_secure_exposes_hidden_not_secure_alias():
# --not-secure is a hidden, deprecated alias for --no-secure on both commands.
import inspect
for fn in (_studio().run, _studio().studio_default):
opt = inspect.signature(fn).parameters["not_secure"].default
decls = set(getattr(opt, "param_decls", []) or [])
assert "--not-secure" in decls
assert getattr(opt, "hidden", False) is True
assert getattr(opt, "default", None) is False
# ── re-exec capture plumbing (mirrors test_studio_cloudflare_flag.py) ─
class _ExecCaptured(SystemExit):
def __init__(self, argv):
super().__init__(0)
self.argv = list(argv)
def _install_run_reexec_capture(monkeypatch):
studio_mod = _studio()
captured = []
monkeypatch.setattr(sys, "prefix", "/nonexistent/outer/venv")
fake_venv = Path("/fake/studio/venv/unsloth_studio")
monkeypatch.setattr(studio_mod, "_studio_venv_python", lambda: fake_venv / "bin" / "python")
fake_bin = fake_venv / "bin" / "unsloth"
real_is_file = Path.is_file
monkeypatch.setattr(
Path,
"is_file",
lambda self: True if str(self) == str(fake_bin) else real_is_file(self),
)
from unsloth_cli import _tool_policy as _tp_mod
monkeypatch.setattr(
_tp_mod,
"resolve_tool_policy",
lambda host, flag, yes, silent: False if flag is None else bool(flag),
)
monkeypatch.setattr(sys, "platform", "linux")
def fake_execvp(file, argv):
captured.append(list(argv))
raise _ExecCaptured(argv)
monkeypatch.setattr(studio_mod.os, "execvp", fake_execvp)
return captured
def _invoke_run(monkeypatch, args):
import typer as _typer
captured = _install_run_reexec_capture(monkeypatch)
app = _typer.Typer()
app.command(
context_settings = {"allow_extra_args": True, "ignore_unknown_options": True},
)(_studio().run)
CliRunner().invoke(app, args, catch_exceptions = True)
return captured
def _invoke_studio_default(monkeypatch, args):
import typer as _typer
studio_mod = _studio()
captured = []
monkeypatch.setattr(sys, "prefix", "/nonexistent/outer/venv")
monkeypatch.setattr(studio_mod, "_ensure_studio_env_exported", lambda: None)
fake_venv = Path("/fake/studio/venv/unsloth_studio")
monkeypatch.setattr(studio_mod, "_studio_venv_python", lambda: fake_venv / "bin" / "python")
monkeypatch.setattr(studio_mod, "_find_run_py", lambda: Path("/fake/studio/run.py"))
monkeypatch.setattr(studio_mod, "_find_frontend_dist", lambda: None)
monkeypatch.setattr(sys, "platform", "linux")
def fake_execvp(file, argv):
captured.append(list(argv))
raise _ExecCaptured(argv)
monkeypatch.setattr(studio_mod.os, "execvp", fake_execvp)
app = _typer.Typer()
app.command()(studio_mod.studio_default)
CliRunner().invoke(app, args, catch_exceptions = True)
return captured
# ── re-exec forwarding ────────────────────────────────────────────────
@pytest.mark.parametrize(
"user_flag,expected,unexpected",
[
(None, "--no-secure", "--secure"), # default off
("--secure", "--secure", "--no-secure"),
("--no-secure", "--no-secure", "--secure"),
("--not-secure", "--no-secure", "--secure"), # deprecated alias -> canonical
],
)
def test_run_reexec_forwards_secure_polarity(monkeypatch, user_flag, expected, unexpected):
extras = [user_flag] if user_flag else []
captured = _invoke_run(monkeypatch, _BASE + extras)
assert len(captured) == 1, captured
argv = captured[0]
assert expected in argv and unexpected not in argv, argv
def test_run_secure_forces_localhost_in_reexec(monkeypatch):
# `unsloth studio run -H 0.0.0.0 --secure` must re-exec with --host 127.0.0.1.
captured = _invoke_run(monkeypatch, _BASE + ["-H", "0.0.0.0", "--secure"])
assert len(captured) == 1, captured
argv = captured[0]
assert "--secure" in argv
assert argv[argv.index("--host") + 1] == "127.0.0.1", argv
def test_studio_default_reexec_forwards_secure(monkeypatch):
captured = _invoke_studio_default(monkeypatch, ["-H", "0.0.0.0", "--secure"])
assert len(captured) == 1, captured
argv = captured[0]
assert "--secure" in argv
# studio_default also forces the loopback bind under --secure.
assert argv[argv.index("--host") + 1] == "127.0.0.1", argv
def test_studio_default_not_secure_alias_forwards_no_secure(monkeypatch):
# --not-secure on `unsloth studio` forwards the canonical --no-secure.
captured = _invoke_studio_default(monkeypatch, ["--not-secure"])
assert len(captured) == 1, captured
argv = captured[0]
assert "--no-secure" in argv and "--secure" not in argv, argv
@pytest.mark.parametrize(
"argv_order,expected,unexpected",
[
# --not-secure tracks --no-secure: the last secure flag on argv wins,
# matching the backend BooleanOptionalAction.
(["--secure", "--not-secure"], "--no-secure", "--secure"),
(["--not-secure", "--secure"], "--secure", "--no-secure"),
],
)
def test_run_not_secure_alias_respects_last_wins(monkeypatch, argv_order, expected, unexpected):
monkeypatch.setattr(sys, "argv", ["unsloth", "studio", "run", *argv_order])
captured = _invoke_run(monkeypatch, _BASE + argv_order)
assert len(captured) == 1, captured
argv = captured[0]
assert expected in argv and unexpected not in argv, argv
# ── in-venv path forwards secure + forced host into run_server ────────
class _RunServerCaptured(SystemExit):
def __init__(self, kwargs):
super().__init__(0)
self.kwargs = dict(kwargs)
def test_run_in_venv_passes_secure_and_forces_host(monkeypatch):
import types
studio_mod = _studio()
fake_venv = Path("/fake/studio/venv/unsloth_studio")
monkeypatch.setattr(sys, "prefix", str(fake_venv))
monkeypatch.setattr(studio_mod, "STUDIO_HOME", fake_venv.parent)
from unsloth_cli import _tool_policy as _tp_mod
monkeypatch.setattr(
_tp_mod,
"resolve_tool_policy",
lambda host, flag, yes, silent: False if flag is None else bool(flag),
)
captured: dict = {}
def fake_run_server(**kwargs):
captured.update(kwargs)
raise _RunServerCaptured(kwargs)
fake_backend_run = sys.modules.setdefault(
"studio.backend.run", types.ModuleType("studio.backend.run")
)
fake_backend_run.run_server = fake_run_server
fake_backend_run._resolve_external_ip = lambda: "127.0.0.1"
monkeypatch.setattr(studio_mod, "_RUN_MODULE", fake_backend_run)
import typer as _typer
app = _typer.Typer()
app.command(
context_settings = {"allow_extra_args": True, "ignore_unknown_options": True},
)(studio_mod.run)
CliRunner().invoke(app, _BASE + ["-H", "0.0.0.0", "--secure"], catch_exceptions = True)
assert captured.get("secure") is True, captured
assert captured.get("host") == "127.0.0.1", captured
# ── --secure + --no-cloudflare is rejected ───────────────────────────
def test_run_secure_rejects_no_cloudflare(monkeypatch):
studio_mod = _studio()
import typer as _typer
app = _typer.Typer()
app.command(
context_settings = {"allow_extra_args": True, "ignore_unknown_options": True},
)(studio_mod.run)
result = CliRunner().invoke(app, _BASE + ["--secure", "--no-cloudflare"])
assert result.exit_code == 2, result.output
def test_studio_default_rejects_secure_with_subcommand():
import typer as _typer
studio_mod = _studio()
app = _typer.Typer()
app.add_typer(studio_mod.studio_app, name = "studio")
result = CliRunner().invoke(app, ["studio", "--secure", "run", "--model", "X"])
assert result.exit_code == 2, result.output
combined = (result.output or "") + (getattr(result, "stderr", "") or "")
assert "--secure" in combined, combined
# ── secure resolves tools against the loopback bind (tools stay ON) ──
def test_run_secure_resolves_tools_against_loopback(monkeypatch):
# --secure is a loopback bind behind an authenticated tunnel, so tools resolve
# against 127.0.0.1 (ON): the child gets --enable-tools, not --disable-tools.
studio_mod = _studio()
monkeypatch.setattr(sys, "prefix", "/nonexistent/outer/venv")
fake_venv = Path("/fake/studio/venv/unsloth_studio")
monkeypatch.setattr(studio_mod, "_studio_venv_python", lambda: fake_venv / "bin" / "python")
fake_bin = fake_venv / "bin" / "unsloth"
real_is_file = Path.is_file
monkeypatch.setattr(
Path,
"is_file",
lambda self: True if str(self) == str(fake_bin) else real_is_file(self),
)
monkeypatch.setattr(sys, "platform", "linux")
from unsloth_cli import _tool_policy as _tp_mod
calls = []
def rec(host, flag, yes, silent):
calls.append(host)
return True if flag is None else bool(flag) # default ON everywhere
monkeypatch.setattr(_tp_mod, "resolve_tool_policy", rec)
captured = []
def fake_execvp(file, argv):
captured.append(list(argv))
raise _ExecCaptured(argv)
monkeypatch.setattr(studio_mod.os, "execvp", fake_execvp)
import typer as _typer
app = _typer.Typer()
app.command(
context_settings = {"allow_extra_args": True, "ignore_unknown_options": True},
)(studio_mod.run)
CliRunner().invoke(app, _BASE + ["-H", "0.0.0.0", "--secure"], catch_exceptions = True)
# Resolved against the forced-loopback bind, not the public 0.0.0.0 exposure.
assert calls and calls[0] == "127.0.0.1", calls
assert len(captured) == 1, captured
assert "--enable-tools" in captured[0] and "--disable-tools" not in captured[0], captured[0]
def test_run_secure_enable_tools_no_auto_yes(monkeypatch):
# No prompt now, so a secure --enable-tools forwards --enable-tools but not
# --yes (only an explicit --yes is forwarded).
captured = _invoke_run(monkeypatch, _BASE + ["-H", "0.0.0.0", "--secure", "--enable-tools"])
assert len(captured) == 1, captured
argv = captured[0]
assert "--enable-tools" in argv, argv
assert "--yes" not in argv, argv
# ── plain `unsloth studio` exposes + forwards --enable-tools/--disable-tools ──
def test_studio_default_exposes_enable_tools_option_default_none():
import inspect
opt = inspect.signature(_studio().studio_default).parameters["enable_tools"].default
decls = set(getattr(opt, "param_decls", []) or [])
assert "--enable-tools/--disable-tools" in decls
assert opt.default is None # tri-state: omitted -> leave policy unset (tools on)
def test_studio_default_forwards_disable_tools(monkeypatch):
captured = _invoke_studio_default(monkeypatch, ["--disable-tools"])
assert len(captured) == 1, captured
assert "--disable-tools" in captured[0] and "--enable-tools" not in captured[0], captured[0]
def test_studio_default_forwards_enable_tools(monkeypatch):
captured = _invoke_studio_default(monkeypatch, ["--enable-tools"])
assert len(captured) == 1, captured
assert "--enable-tools" in captured[0] and "--disable-tools" not in captured[0], captured[0]
def test_studio_default_no_tool_flag_omits_both(monkeypatch):
# No flag -> neither flag forwarded; run.py leaves the policy unset (tools on).
captured = _invoke_studio_default(monkeypatch, [])
assert len(captured) == 1, captured
assert "--enable-tools" not in captured[0] and "--disable-tools" not in captured[0], captured[0]
def test_studio_default_rejects_enable_tools_with_subcommand():
import typer as _typer
studio_mod = _studio()
app = _typer.Typer()
app.add_typer(studio_mod.studio_app, name = "studio")
result = CliRunner().invoke(app, ["studio", "--enable-tools", "run", "--model", "X"])
assert result.exit_code == 2, result.output
combined = (result.output or "") + (getattr(result, "stderr", "") or "")
assert "--enable-tools" in combined, combined
def test_run_tool_help_reflects_default_on_everywhere():
# Help must match the new policy (tools on everywhere, no prompt).
import inspect
params = inspect.signature(_studio().run).parameters
tools_help = params["enable_tools"].default.help or ""
assert "on for every bind" in tools_help, tools_help
assert "0.0.0.0" not in tools_help, tools_help
yes_help = params["yes"].default.help or ""
assert "Skip the 0.0.0.0" not in yes_help, yes_help
assert "no longer prompts" in yes_help, yes_help