Security hardening for observability packages#198
Merged
nikhilNava merged 11 commits intomainfrom Mar 17, 2026
Merged
Conversation
… utils Replace all 30 assert statements in utils.py with equivalent if-not-raise TypeError checks. This ensures type validation is not silently stripped when Python runs with -O (optimized mode). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
… asserts, and more - Fix #1: Downgrade sensitive data logging from INFO to DEBUG in agent365_exporter.py - Fix #2: Fix unpaired context.attach() in opentelemetry_scope.py add_baggage() by storing and detaching baggage tokens on scope end - Fix #3: Add bounded OrderedDict caps to unbounded dicts in OpenAI trace_processor.py - Fix #4: Replace 30 assert statements with proper TypeError raises in LangChain utils.py - Fix #5: Log security warning when HTTP domain override is detected - Fix #6: Warn when bearer token sent over non-HTTPS connection - Fix #10: Respect Retry-After header and use exponential backoff in retries - Fix #13: Rename reset() to _reset() in ObservabilityHostingManager - Fix #15: Replace print() with logger.warning() in LangChain tracer_instrumentor.py Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com>
Copilot created this pull request from a session on behalf of
nikhilNava
March 16, 2026 15:36
View session
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
Contributor
There was a problem hiding this comment.
Pull request overview
Security hardening PR for observability packages addressing information disclosure, memory safety, reliability under -O, and credential protection across 6 packages.
Changes:
- Downgraded sensitive data logging from INFO to DEBUG, added HTTP security warnings, exponential backoff with
Retry-Aftersupport, and removed response body from error logs in the exporter - Replaced
assertwithif/raise TypeErrorin LangChain utils, convertedprint()tologger.warning(), and fixed context token leak inadd_baggage()with proper detach on scope end - Converted unbounded dicts to capped
OrderedDictin OpenAI trace processor and renamedreset()to_reset()for test-only API
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| agent365_exporter.py | INFO→DEBUG logging, response body removal, exponential backoff, Retry-After support, bearer-over-HTTP warning |
| opentelemetry_scope.py | Baggage token storage and reverse-order detach on scope end |
| utils.py (exporters) | HTTP domain override security warning |
| trace_processor.py | OrderedDict with cap for all tracking dicts, _cap_ordered_dict helper |
| utils.py (langchain) | assert→if/raise TypeError for all 30 assertions |
| tracer_instrumentor.py | print→logger.warning, logging import added |
| observability_hosting_manager.py | reset()→_reset() |
| utils.py (openai) | Type hints widened to accept Mapping for OrderedDict compatibility |
| test_agent365_exporter.py | Updated test expectations for DEBUG log level |
| test_observability_hosting_manager.py | Updated to use _reset() |
You can also share your feedback on Copilot code review. Take the survey.
...ents-a365-observability-core/microsoft_agents_a365/observability/core/opentelemetry_scope.py
Outdated
Show resolved
Hide resolved
...5-observability-core/microsoft_agents_a365/observability/core/exporters/agent365_exporter.py
Outdated
Show resolved
Hide resolved
Agent IDs and tenant IDs are not sensitive data and are useful for debugging. Restore them in debug/error log messages. Also restore truncated response text in HTTP error logs to help developers debug failures. Log levels remain at DEBUG (from the prior security fix). Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com>
The method had an unpaired context.attach() that leaked context tokens. Users should use BaggageBuilder.build() context manager instead, which properly restores the previous context on exit. Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com>
Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com>
Contributor
|
@copilot fix the linting error |
…se TypeError with isinstance guards in langchain utils.py Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com>
Contributor
Author
Fixed in 596cc6a. The formatting issue in Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
…ry_after function Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com>
juliomenendez
previously approved these changes
Mar 17, 2026
...5-observability-core/microsoft_agents_a365/observability/core/exporters/agent365_exporter.py
Outdated
Show resolved
Hide resolved
… review Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com>
|
Comparing with nodejs security check, python is missing the following: Content recording gate (core scopes) defined but never checked, no bounded collections for LangChain, no per-attribute limit. |
- Convert LangChain _spans_by_run from unbounded DictWithLock to bounded OrderedDict with _MAX_TRACKED_RUNS=10000 cap - Add _cap_ordered_dict helper for FIFO eviction (matching OpenAI pattern) - Add thread-safe lock usage for _spans_by_run in error handlers - Add _MAX_OUTPUT_MESSAGES=5000 cap for OutputScope._output_messages - Add unit tests for both bounded collections Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com>
fpfp100
approved these changes
Mar 17, 2026
juliomenendez
approved these changes
Mar 17, 2026
biswapm
pushed a commit
to biswapm/Agent365-python
that referenced
this pull request
Mar 20, 2026
* Initial plan * Replace assert statements with explicit TypeError raises in langchain utils Replace all 30 assert statements in utils.py with equivalent if-not-raise TypeError checks. This ensures type validation is not silently stripped when Python runs with -O (optimized mode). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * security: fix sensitive data logging, context leak, unbounded memory, asserts, and more - Fix microsoft#1: Downgrade sensitive data logging from INFO to DEBUG in agent365_exporter.py - Fix microsoft#2: Fix unpaired context.attach() in opentelemetry_scope.py add_baggage() by storing and detaching baggage tokens on scope end - Fix microsoft#3: Add bounded OrderedDict caps to unbounded dicts in OpenAI trace_processor.py - Fix microsoft#4: Replace 30 assert statements with proper TypeError raises in LangChain utils.py - Fix microsoft#5: Log security warning when HTTP domain override is detected - Fix microsoft#6: Warn when bearer token sent over non-HTTPS connection - Fix microsoft#10: Respect Retry-After header and use exponential backoff in retries - Fix microsoft#13: Rename reset() to _reset() in ObservabilityHostingManager - Fix microsoft#15: Replace print() with logger.warning() in LangChain tracer_instrumentor.py Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com> * Restore agent/tenant IDs and response text in exporter log messages Agent IDs and tenant IDs are not sensitive data and are useful for debugging. Restore them in debug/error log messages. Also restore truncated response text in HTTP error logs to help developers debug failures. Log levels remain at DEBUG (from the prior security fix). Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com> * Remove add_baggage() from OpenTelemetryScope The method had an unpaired context.attach() that leaked context tokens. Users should use BaggageBuilder.build() context manager instead, which properly restores the previous context on exit. Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com> * Security hardening for observability packages Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com> * Fix formatting in test_agent365_exporter.py and replace remaining raise TypeError with isinstance guards in langchain utils.py Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com> * Move _parse_retry_after to exporters/utils.py as standalone parse_retry_after function Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com> * Replace type(e).__name__ with str(e) in exporter error logging per PR review Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com> * feat: add bounded collections for LangChain tracer and OutputScope - Convert LangChain _spans_by_run from unbounded DictWithLock to bounded OrderedDict with _MAX_TRACKED_RUNS=10000 cap - Add _cap_ordered_dict helper for FIFO eviction (matching OpenAI pattern) - Add thread-safe lock usage for _spans_by_run in error handlers - Add _MAX_OUTPUT_MESSAGES=5000 cap for OutputScope._output_messages - Add unit tests for both bounded collections Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: nikhilNava <211831449+nikhilNava@users.noreply.github.com> Co-authored-by: Nikhil Navakiran <nikhil.navakiran@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
_spans_by_runOrderedDict with_MAX_TRACKED_RUNS=10000)_output_messageslist in OutputScope (cap at_MAX_OUTPUT_MESSAGES=5000)💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.