temporalio.worker.workflow_sandbox.SandboxRestrictions

class documentation

class SandboxRestrictions: (source)

Set of restrictions that can be applied to a sandbox.

Method	`with_passthrough_modules`	Create a new restriction set with the given modules added to the `passthrough_modules` set.
Class Variable	`default`	Combination of `passthrough_modules_default`, `invalid_module_members_default`, and no invalid modules.
Class Variable	`invalid_module_members`	Module members which cannot be accessed. This includes variables, functions, class methods (including __init__, etc). The check compares the against the fully qualified path to the item.
Class Variable	`invalid_module_members_default`	Default set of module members Temporal suggests be restricted for non-determinism reasons.
Class Variable	`invalid_modules`	Modules which cannot even be imported. If possible, use `invalid_module_members` instead so modules that are unused by running code can still be imported for other non-running code. The check whether a module matches here is an access match using the fully qualified module name.
Class Variable	`passthrough_modules`	Modules which pass through because we know they are side-effect free (or the side-effecting pieces are restricted). These modules will not be reloaded, but instead will just be forwarded from outside of the sandbox...
Class Variable	`passthrough_modules_default`	Same as `passthrough_modules_maximum`.
Class Variable	`passthrough_modules_maximum`	All modules that can be passed through. This includes all standard library modules.
Class Variable	`passthrough_modules_minimum`	Set of modules that must be passed through at the minimum.
Class Variable	`passthrough_modules_with_temporal`	Minimum modules that must be passed through and the Temporal modules.

def with_passthrough_modules(self, *modules: str) -> SandboxRestrictions: (source) ¶

Create a new restriction set with the given modules added to the passthrough_modules set.

default: ClassVar[SandboxRestrictions] = (source) ¶

Combination of passthrough_modules_default, invalid_module_members_default, and no invalid modules.

invalid_module_members: SandboxMatcher = (source) ¶

Module members which cannot be accessed. This includes variables, functions, class methods (including __init__, etc). The check compares the against the fully qualified path to the item.

invalid_module_members_default: ClassVar[SandboxMatcher] = (source) ¶

Default set of module members Temporal suggests be restricted for non-determinism reasons.

invalid_modules: SandboxMatcher = (source) ¶

Modules which cannot even be imported. If possible, use invalid_module_members instead so modules that are unused by running code can still be imported for other non-running code. The check whether a module matches here is an access match using the fully qualified module name.

passthrough_modules: Set[str] = (source) ¶

Modules which pass through because we know they are side-effect free (or the side-effecting pieces are restricted). These modules will not be reloaded, but instead will just be forwarded from outside of the sandbox. Any module listed will apply to all children.

passthrough_modules_default: ClassVar[Set[str]] = (source) ¶

Same as passthrough_modules_maximum.

passthrough_modules_maximum: ClassVar[Set[str]] = (source) ¶

All modules that can be passed through. This includes all standard library modules.

passthrough_modules_minimum: ClassVar[Set[str]] = (source) ¶

Set of modules that must be passed through at the minimum.

passthrough_modules_with_temporal: ClassVar[Set[str]] = (source) ¶

Minimum modules that must be passed through and the Temporal modules.