Merge branch 'dev' into add-sbom-to-workflow

notebooks/api/0.8/01-submit-code.ipynb

@@ -37,7 +37,7 @@
    "source": [
     "import syft as sy\n",
     "sy.requires(SYFT_VERSION)\n",
-    "from syft.client.api import NodeView\n",
+    "from syft.client.api import NodeIdentity\n",
     "from syft.service.request.request import RequestStatus\n",
     "import pandas as pd"
    ]
@@ -358,10 +358,10 @@
    "source": [
     "# Tests\n",
     "assert len(sum_trade_value_mil.kwargs) == 1\n",
-    "node_view = NodeView.from_api(jane_client.api)\n",
-    "assert node_view in sum_trade_value_mil.kwargs\n",
-    "assert \"trade_data\" in sum_trade_value_mil.kwargs[node_view]\n",
-    "assert sum_trade_value_mil.input_policy_init_kwargs[node_view][\"trade_data\"] == asset.action_id"
+    "node_identity = NodeIdentity.from_api(jane_client.api)\n",
+    "assert node_identity in sum_trade_value_mil.kwargs\n",
+    "assert \"trade_data\" in sum_trade_value_mil.kwargs[node_identity]\n",
+    "assert sum_trade_value_mil.input_policy_init_kwargs[node_identity][\"trade_data\"] == asset.action_id"
    ]
   },
   {
@@ -550,7 +550,7 @@
    "name": "python",
    "nbconvert_exporter": "python",
    "pygments_lexer": "ipython3",
-   "version": "3.9.7"
+   "version": "3.10.11"
   },
   "toc": {
    "base_numbering": 1,

notebooks/tutorials/data-scientist/03-working-with-private-datasets.ipynb

@@ -543,7 +543,7 @@
    "name": "python",
    "nbconvert_exporter": "python",
    "pygments_lexer": "ipython3",
-   "version": "3.11.2"
+   "version": "3.9.16"
   },
   "toc": {
    "base_numbering": 1,

notebooks/tutorials/enclaves/Enclave-single-notebook-DO-DS.ipynb

@@ -416,7 +416,7 @@
    "metadata": {},
    "outputs": [],
    "source": [
-    "@sy.syft_function_single_use(canada_census_data=canada_census_data, italy_census_data=italy_census_data)\n",
+    "@sy.syft_function_single_use(canada_census_data=canada_census_data, italy_census_data=italy_census_data, share_results_with_owners=True)\n",
     "def compute_census_matches(canada_census_data, italy_census_data):\n",
     "    import recordlinkage\n",
     "        \n",
@@ -543,10 +543,20 @@
    "metadata": {},
    "outputs": [],
    "source": [
-    "for st in status.base_dict.values():\n",
+    "for st in status.status_dict.values():\n",
     "    assert st == sy.service.request.request.UserCodeStatus.EXECUTE"
    ]
   },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "id": "43538640",
+   "metadata": {},
+   "outputs": [],
+   "source": [
+    "ds_enclave_proxy_client.code[-1].output_policy"
+   ]
+  },
   {
    "cell_type": "code",
    "execution_count": null,
@@ -601,10 +611,58 @@
     "assert real_result == 813"
    ]
   },
+  {
+   "cell_type": "markdown",
+   "id": "0c186d96",
+   "metadata": {},
+   "source": [
+    "# DO"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "id": "92a07f21",
+   "metadata": {},
+   "source": [
+    "## Can also get the result"
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "id": "0a0cc302",
+   "metadata": {},
+   "outputs": [],
+   "source": [
+    "request = do_ca_client.requests[0]\n",
+    "request"
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "id": "bc567390",
+   "metadata": {},
+   "outputs": [],
+   "source": [
+    "result_ptr = request.get_results()\n",
+    "result_ptr"
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "id": "c3715aa1",
+   "metadata": {},
+   "outputs": [],
+   "source": [
+    "assert result_ptr.syft_action_data == 813"
+   ]
+  },
   {
    "cell_type": "code",
    "execution_count": null,
-   "id": "c7e8c775-400a-46ce-ba3c-58ca0563621e",
+   "id": "1beca4ac",
    "metadata": {},
    "outputs": [],
    "source": []
@@ -626,7 +684,7 @@
    "name": "python",
    "nbconvert_exporter": "python",
    "pygments_lexer": "ipython3",
-   "version": "3.11.4"
+   "version": "3.9.16"
   },
   "toc": {
    "base_numbering": 1,

packages/grid/backend/backend.dockerfile

@@ -56,8 +56,9 @@ RUN --mount=type=cache,target=/root/.cache \
     pip uninstall ansible ansible-core -y && \
     rm -rf ~/.local/lib/python3.11/site-packages/ansible_collections
 
-# clean up
-RUN apt purge --auto-remove linux-libc-dev -y
+# security patches
+RUN apt purge --auto-remove linux-libc-dev -y || true
+RUN apt purge --auto-remove libldap-2.5-0 -y || true
 
 # copy any changed source
 COPY syft/src /app/syft/src

packages/grid/vpn/headscale.dockerfile

@@ -44,7 +44,8 @@ RUN mkdir -p /headscale/data
 
 ENV NETWORK_NAME="omnet"
 
-# clean up
-RUN apt purge --auto-remove linux-libc-dev -y
+# security patches
+RUN apt purge --auto-remove linux-libc-dev -y || true
+RUN apt purge --auto-remove libldap-2.5-0 -y || true
 
 CMD ["sh", "-c", "/headscale/headscale.sh ${NETWORK_NAME}"]

packages/grid/worker/worker.dockerfile

@@ -58,8 +58,9 @@ RUN --mount=type=cache,target=/root/.cache \
     pip uninstall ansible ansible-core -y && \
     rm -rf ~/.local/lib/python3.11/site-packages/ansible_collections
 
-# clean up
-RUN apt purge --auto-remove linux-libc-dev -y
+# security patches
+RUN apt purge --auto-remove linux-libc-dev -y || true
+RUN apt purge --auto-remove libldap-2.5-0 -y || true
 
 # copy any changed source
 COPY syft/src /app/syft/src

packages/syft/src/syft/client/api.py

@@ -17,7 +17,6 @@
 
 # third party
 from nacl.exceptions import BadSignatureError
-from pydantic import BaseModel
 from pydantic import EmailStr
 from result import OkErr
 from result import Result
@@ -43,6 +42,7 @@
 from ..service.service import UserServiceConfigRegistry
 from ..service.warnings import APIEndpointWarning
 from ..service.warnings import WarningContext
+from ..types.identity import Identity
 from ..types.syft_object import SYFT_OBJECT_VERSION_1
 from ..types.syft_object import SyftBaseObject
 from ..types.syft_object import SyftObject
@@ -671,19 +671,14 @@ def monkey_patch_getdef(self, obj, oname="") -> Union[str, None]:
 
 
 @serializable()
-class NodeView(BaseModel):
-    class Config:
-        arbitrary_types_allowed = True
-
+class NodeIdentity(Identity):
     node_name: str
-    node_id: UID
-    verify_key: SyftVerifyKey
 
     @staticmethod
     def from_api(api: SyftAPI):
         # stores the name root verify key of the domain node
         node_metadata = api.connection.get_node_metadata(api.signing_key)
-        return NodeView(
+        return NodeIdentity(
             node_name=node_metadata.name,
             node_id=api.node_uid,
             verify_key=SyftVerifyKey.from_string(node_metadata.verify_key),
@@ -698,7 +693,7 @@ def from_change_context(cls, context: ChangeContext):
         )
 
     def __eq__(self, other: Any) -> bool:
-        if not isinstance(other, NodeView):
+        if not isinstance(other, NodeIdentity):
             return False
         return (
             self.node_name == other.node_name
@@ -709,6 +704,9 @@ def __eq__(self, other: Any) -> bool:
     def __hash__(self) -> int:
         return hash((self.node_name, self.verify_key))
 
+    def __repr__(self) -> str:
+        return f"NodeIdentity <name={self.node_name}, id={self.node_id.short()}, 🔑={str(self.verify_key)[0:8]}>"
+
 
 def validate_callable_args_and_kwargs(args, kwargs, signature: Signature):
     _valid_kwargs = {}

packages/syft/src/syft/client/domain_client.py

@@ -124,6 +124,8 @@ def data_subject_registry(self) -> Optional[APIModule]:
 
     @property
     def code(self) -> Optional[APIModule]:
+        # if self.api.refresh_api_callback is not None:
+        #     self.api.refresh_api_callback()
         if self.api.has_service("code"):
             return self.api.services.code
         return None

packages/syft/src/syft/client/enclave_client.py

@@ -122,7 +122,9 @@ def request_code_execution(self, code: SubmitUserCode):
                 apis += [api]
 
         for api in apis:
-            api.services.code.request_code_execution(code=code)
+            res = api.services.code.request_code_execution(code=code)
+            if isinstance(res, SyftError):
+                return res
 
         # we are using the real method here, see the .code property getter
         _ = self.code

packages/syft/src/syft/service/action/action_service.py

@@ -33,7 +33,9 @@
 from .action_object import ActionType
 from .action_object import AnyActionObject
 from .action_object import TwinMode
+from .action_permissions import ActionObjectPermission
 from .action_permissions import ActionObjectREAD
+from .action_permissions import ActionPermission
 from .action_store import ActionStore
 from .action_types import action_type_for_type
 from .numpy import NumpyArrayObject
@@ -211,8 +213,18 @@ def _user_code_execute(
             syft_object=result_action_object,
             has_result_read_permission=True,
         )
+
         if set_result.is_err():
             return set_result.err()
+
+        if len(code_item.output_policy.output_readers) > 0:
+            self.store.add_permissions(
+                [
+                    ActionObjectPermission(result_id, ActionPermission.READ, x)
+                    for x in code_item.output_policy.output_readers
+                ]
+            )
+
         return Ok(result_action_object)
 
     def execute_plan(