From 9d0d614706581a8bfa57db45f62f84ab23d26f15 Mon Sep 17 00:00:00 2001
From: Patrick Peng <retr0@retr0.blog>
Date: Tue, 30 Apr 2024 15:58:19 +0800
Subject: [PATCH] fix: Replacing unsafe `eval()` with `json.loads()` (#1890)

---
 private_gpt/components/llm/custom/sagemaker.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/private_gpt/components/llm/custom/sagemaker.py b/private_gpt/components/llm/custom/sagemaker.py
index e20f53948..bd2aec18a 100644
--- a/private_gpt/components/llm/custom/sagemaker.py
+++ b/private_gpt/components/llm/custom/sagemaker.py
@@ -218,7 +218,7 @@ def complete(self, prompt: str, **kwargs: Any) -> CompletionResponse:
 
         response_body = resp["Body"]
         response_str = response_body.read().decode("utf-8")
-        response_dict = eval(response_str)
+        response_dict = json.loads(response_str)
 
         return CompletionResponse(
             text=response_dict[0]["generated_text"][len(prompt) :], raw=resp