jason/mempalace
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(bench): remove global SSL verification bypass in convomem_bench (#176)

Browse Source 
The module-level `ssl._create_default_https_context = ssl._create_unverified_context`
disables certificate verification for ALL urllib requests in the process,
not just the benchmark's HuggingFace downloads. This silently exposes
the benchmark runner to MITM attacks.

If a specific environment needs to skip verification (e.g. corporate proxy),
users can set `PYTHONHTTPSVERIFY=0` or pass a custom ssl context per-request
rather than globally patching the ssl module.

Co-authored-by: Tadao <tadao@travisfixes.com>
This commit is contained in:
travisBREAKS
2026-04-12 01:14:12 -05:00
committed by GitHub
parent 007acca59a
commit d8b2db696f
1 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
benchmarks/convomem_bench.py
-4
View File
@@ -25,7 +25,6 @@ import os
import sys
import json
import shutil
import ssl
import tempfile
import argparse
import urllib.request
@@ -35,9 +34,6 @@ from datetime import datetime
import chromadb
# Bypass SSL for restricted environments
ssl._create_default_https_context = ssl._create_unverified_context
sys.path.insert(0, str(Path(__file__).parent.parent))
HF_BASE = "https://huggingface.co/datasets/Salesforce/ConvoMem/resolve/main/core_benchmark/evidence_questions"