-
-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Uploading documents connects to external web services such as an AWS ELB? #687
Comments
FWIW blocking the two connections didn't appear to affect the functionality of Uploading a document. I was later able to select it and use it in context with |
Hi, Thanks for reporting this issue. Could you verify that AWS ELB connection is 100% occurring from the webui-side? Our backend code does no contain any code that explicitly makes connection with AWS ELB, so my guess is the request is made from one of our dependency libraries. If you could narrow down what part of the code making the connection, that would be tremendously helpful, Thanks! |
Yup makes sense! I'll try to narrow this down 👌 As you said, If you're not doing this explicitly in this codebase then I consider a sneaky supply chain type of thing 🤣 |
Note that this is the container itself trying to do this, so something to do with the backend. |
Doing a search for the 2nd connection yield this: Are we using this in the backenda anywhere? 🤔 |
Here's a list of our suspects:
|
We are: Why does it need to connect to an external service? 🤔 |
I can't figure out this random ELB though, might need some help figuring that one out. But at least we have some culprits now.... The question is, what do we do about it? Blocking both doesn't adversely affect Ollama Web UI in any way that I can tell hmmm |
Oh wow! def scarf_analytics():
... If this library is sending analytics, that's disgusting 😱 |
|
I have half a mind to go yell at this company and ask them to please explain themselves 🤣 Shame on them! |
Just reviewed the code, I reckon setting |
Love it! Let's do it, happy to test the fix 👌 |
And thank you for responding to this so quickly! When you're self hosting and insisting on doing things locally, you really don't expect your software to reach out to the internet without you knowing about it 😅 |
Some kudos I posted for you 😅 |
Good find guys, ya that definitely not nice of them to do. Is there any disclosure from the libary anywhere? |
Are you suggesting we file a bug upstream too? It was a bit of a rude surprise to be honest 😅 |
@justinh-rahb none I can find from their readme :/ EDIT: they do mention at the very bottom of their readme to set the environment variable |
Added
with #694, it should disable the telemetry. Please try it out and let me know! |
With RAG being as hot as it is right now, I guess we shouldn't be surprised that some libary authors are cashing in on the user data flowing through their code. Perhaps it'll be prudent to think about dependency audits in the future. With Ollama now supporting a broad range of CPU-only configurations, it can be integrated into GitHub Actions, along with Ollama-WebUI for thorough end-to-end testing. I'm going to give this a think over the weekend, I seem to recall there being a thread in discussions about using the webUI API directly that may come in handy here, time to do some research... |
@prologic has the issue been resolved with the latest release? |
I pulled the latest Docker image and restarted my local instance and so far so good 😊 |
I'll close this issue for now, feel free to open new issues if you encounter any spywares from the dependency supply chain, thanks! |
Do you have an example code how to upload a document programatically through an api? is it possible |
Bug Report
Description
Bug Summary:
I tried to upload a document to my locally hosted instance of Ollama Web UI and to my horror I discovered that the Docker container (running Ollaba Web UI) wanted to connect to an AWS ELB?! Naturally I blocked this connection (thanks to LittleSnitch). Then it wanted to connect to another external services, some packages (didn't capture it).
Steps to Reproduce:
Expected Behavior:
I don't know wtf this is trying to do, but I really DO NOT expect a locally hosted instance of anything to be connecting externally to some 3rd-party services (within reason of course). This is absurd.
At the very least, could someone please explain why this is happening and what this is even used for? Maybe it's legit and required for some part of the "Upload Document" user journey to work?
Actual Behavior:
I expect locally hosted software to NOT connect to external services. The whole point of using Ollama in the first place is to run local LLM models 😅
Environment
Not really relevant. But Docker container on a Mac.
PS: Your Issue template is too long. Please simplify it, I don't generally have and time and patience to fill out everything asked, especially of a vision impaired person. It also takes some of the "human"(ity) out of helping to contribute to "better" open source software.
The text was updated successfully, but these errors were encountered: