security: add timeouts to HTTP requests to prevent DoS via slow servers

dfgvaetyj3456356-hash · dfgvaetyj3456356-hash · commit 0f95acb11ca5 · 2026-05-28T06:17:36.000-05:00
Adds a 30-second timeout to requests.get() calls in cache.py and
common.py to prevent indefinite hanging when remote servers are
unresponsive. This mitigates potential denial-of-service via slow
or malicious endpoints.
diff --git a/src/data_profiling/utils/cache.py b/src/data_profiling/utils/cache.py
@@ -2,7 +2,10 @@
 import zipfile
 from pathlib import Path
 
-from requests import get as get_file
+from functools import partial
+from requests import get as _get_file
+
+get_file = partial(_get_file, timeout=30)
 
 from data_profiling.utils.paths import get_data_path
 
diff --git a/src/data_profiling/utils/common.py b/src/data_profiling/utils/common.py
@@ -102,7 +102,7 @@ def analytics_features(
                 f"&dbx={dbx}"
             )
 
-            requests.get(request_message)
+            requests.get(request_message, timeout=30)
 
 
 def is_running_in_databricks():

Original file line number	Diff line number	Diff line change
`@@ -102,7 +102,7 @@ def analytics_features(`
`102`	`102`	`f"&dbx={dbx}"`
`103`	`103`	`)`
`104`	`104`
`105`		`- requests.get(request_message)`
	`105`	`+ requests.get(request_message, timeout=30)`
`106`	`106`
`107`	`107`
`108`	`108`	`def is_running_in_databricks():`