fix: Docker API hook manager crashes for all user-provided hooks (#1878)

[hafezparast]

Summary

• Fixes [Bug]: Docker API hook manager crashes for all kind of user-provided hooks #1878: PR Release v0.8.0: Crash Recovery, Prefetch Mode & Security Fixes #1712 removed __import__ from safe builtins for security, but the hook compiler still used exec("import asyncio", namespace) which requires __import__ — breaking ALL user-provided hooks
• Replace exec-based imports with direct module injection into the namespace (namespace['asyncio'] = asyncio, etc.)
• Add standard exception classes (ValueError, TypeError, KeyError, etc.) to safe builtins so hooks can use try/except properly
• __import__ remains blocked — users still cannot import arbitrary modules at runtime

Changes

• deploy/docker/hook_manager.py: Fix module injection + add exception classes to allowed builtins
• tests/docker/test_hook_manager_unit.py: 36 unit tests covering:
  • Issue [Bug]: Docker API hook manager crashes for all kind of user-provided hooks #1878 exact repro + all 8 hook points
  • Security: import/__import__/exec/eval/open all blocked
  • Validation: empty code, sync func, missing params, syntax errors
  • Adversarial: infinite loop timeout, exception capture, 10k-line code, unicode, namespace isolation
  • Exception classes: raise/catch, isinstance checks, all 14 classes verified

Test plan

• 36 unit tests passing locally (pytest tests/docker/test_hook_manager_unit.py -v)
• Verified exact curl from issue [Bug]: Docker API hook manager crashes for all kind of user-provided hooks #1878 scenario compiles and runs
• Verified __import__ still blocked at runtime (security preserved)
• Integration test with Docker server (needs running container)

🤖 Generated with Claude Code

[ntohidi]

@hafezparast , thanks for the solid fix — the approach of replacing exec("import ...") with direct module injection is clean and correctly preserves the security intent of PR #1712. Tests are thorough.

A few things to address before the merge:

Must fix (critical):

• Remove BaseException from allowed_builtins. Since asyncio.CancelledError inherits from BaseException (Python 3.9+), a hook with except BaseException: pass can defeat the asyncio.wait_for timeout in execute_hook_safely, creating a DoS vector. Users should only be able to catch Exception and its subclasses.

Should fix:

• Inject the typing module itself into the namespace (namespace['typing'] = typing) alongside the individual names (Dict, List, Optional). Currently, if a user needs Union, Any, Tuple, etc., they have no way to access them since import is blocked.
• Replace asyncio.get_event_loop().run_until_complete() in tests — it's deprecated since Python 3.10 and noisy on 3.12+. Use asyncio.run() or pytest-asyncio with @pytest.mark.asyncio.