sascha/esphome
1
0
Fork 0
mirror of https://github.com/esphome/esphome.git synced 2025-09-04 04:12:23 +01:00
Code Issues Releases Wiki Activity

Merge branch 'integration' into memory_api

Browse Source
This commit is contained in:
J. Nick Koston
2025-08-11 17:22:09 -05:00
parent 0813362ea8 a62d846dd1
commit daa7633ebb
2 changed files with 27 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
esphome/components/api/proto.h
View File

@@ -16,19 +16,19 @@
namespace esphome::api {
// Helper functions for ZigZag encoding/decoding
static constexpr uint32_t encode_zigzag32(int32_t value) {
inline constexpr uint32_t encode_zigzag32(int32_t value) {
return (static_cast<uint32_t>(value) << 1) ^ (static_cast<uint32_t>(value >> 31));
}
static constexpr uint64_t encode_zigzag64(int64_t value) {
inline constexpr uint64_t encode_zigzag64(int64_t value) {
return (static_cast<uint64_t>(value) << 1) ^ (static_cast<uint64_t>(value >> 63));
}
static constexpr int32_t decode_zigzag32(uint32_t value) {
inline constexpr int32_t decode_zigzag32(uint32_t value) {
return (value & 1) ? static_cast<int32_t>(~(value >> 1)) : static_cast<int32_t>(value >> 1);
}
static constexpr int64_t decode_zigzag64(uint64_t value) {
inline constexpr int64_t decode_zigzag64(uint64_t value) {
return (value & 1) ? static_cast<int64_t>(~(value >> 1)) : static_cast<int64_t>(value >> 1);
}

24
esphome/components/substitutions/jinja.py
View File

@@ -25,6 +25,24 @@ def has_jinja(st):
return detect_jinja_re.search(st) is not None
# SAFE_GLOBAL_FUNCTIONS defines a allowlist of built-in functions that are considered safe to expose
# in Jinja templates or other sandboxed evaluation contexts. Only functions that do not allow
# arbitrary code execution, file access, or other security risks are included.
#
# The following functions are considered safe:
# - ord: Converts a character to its Unicode code point integer.
# - chr: Converts an integer to its corresponding Unicode character.
# - len: Returns the length of a sequence or collection.
#
# These functions were chosen because they are pure, have no side effects, and do not provide access
# to the file system, environment, or other potentially sensitive resources.
SAFE_GLOBAL_FUNCTIONS = {
"ord": ord,
"chr": chr,
"len": len,
}
class JinjaStr(str):
"""
Wraps a string containing an unresolved Jinja expression,
@@ -66,7 +84,11 @@ class Jinja:
self.env.add_extension("jinja2.ext.do")
self.env.globals["math"] = math # Inject entire math module
self.context_vars = {**context_vars}
self.env.globals = {**self.env.globals, **self.context_vars}
self.env.globals = {
**self.env.globals,
**self.context_vars,
**SAFE_GLOBAL_FUNCTIONS,
}
def expand(self, content_str):
"""