Skip to content

Prevent partial copy of custom widgets when performing linked promotion on subgraphs #6079

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Prevent partial copy of custom widgets when performing linked promotion on subgraphs #6079

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions src/lib/litegraph/src/subgraph/SubgraphNode.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ import type {
} from '@/lib/litegraph/src/types/serialisation'
import type { IBaseWidget } from '@/lib/litegraph/src/types/widgets'
import type { UUID } from '@/lib/litegraph/src/utils/uuid'
import { toConcreteWidget } from '@/lib/litegraph/src/widgets/widgetMap'
import { BaseWidget } from '@/lib/litegraph/src/widgets/BaseWidget'

import { ExecutableNodeDTO } from './ExecutableNodeDTO'
import type { ExecutableLGraphNode, ExecutionId } from './ExecutableNodeDTO'
Expand Down Expand Up @@ -317,9 +317,10 @@ export class SubgraphNode extends LGraphNode implements BaseLGraph {
inputWidget: IWidgetLocator | undefined
) {
// Use the first matching widget
const promotedWidget = toConcreteWidget(widget, this).createCopyForNode(
this
)
const promotedWidget =
widget instanceof BaseWidget
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[architecture] high Priority

Issue: Type safety concern - no runtime type checking for BaseWidget instanceof check
Context: The instanceof check relies on runtime type information which could fail if widgets are created through different contexts or loaded modules
Suggestion: Add explicit type checking or use duck typing to verify the widget has createCopyForNode method before calling it

? widget.createCopyForNode(this)
: { ...widget, node: this }
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[quality] medium Priority

Issue: Inconsistent widget copying strategies may lead to different behavior
Context: BaseWidget instances use createCopyForNode() which may have different copying semantics than object spread with node assignment
Suggestion: Document the differences between these approaches or consider unifying the widget copying strategy to ensure consistent behavior

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[security] low Priority

Issue: Object spread may inadvertently copy unsafe properties from untrusted widgets
Context: The spread operator {...widget} copies all enumerable properties, potentially including functions or references that weren't intended to be cloned
Suggestion: Use a more explicit copying approach that only copies known safe properties, similar to how BaseWidget.constructor already filters out unsafe properties


Object.assign(promotedWidget, {
get name() {
Expand Down