ChatGPT/FastGPT
1
0
Fork 0
mirror of https://github.com/labring/FastGPT.git synced 2026-05-08 01:08:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,807 Commits 9 Branches 289 Tags
0806eec9162fe19ee1eb92841764fbce6e52291b
Commit Graph

188 Commits

Author SHA1 Message Date
YeYuheng 036af0f1be helper-error (#6802) 
* helper-error

* helper-error

* helper-error

* helper-error

* reset helperbot fe

---------

Co-authored-by: archer <545436317@qq.com>
 2026-04-26 21:12:30 +08:00
Archer 9bbdaab0f7 fix: adapt systemTool (#6817) 2026-04-25 21:39:36 +08:00
Archer 32438be5ce fix: messages adapt test (#6813) 
* doc

* doc

* doc
 2026-04-24 18:35:41 +08:00
Archer 08acbfac4f perf: SSRF check (#6805) 
* perf: SSRF check

* doc
 2026-04-22 23:35:58 +08:00
Archer 702349607d perf: wechat channel (#6800) 
* perf: wechat channel

* fix: review
 2026-04-22 16:31:06 +08:00
Archer 509b227f2d doc (#6793) 2026-04-21 23:04:26 +08:00
Archer e6584acfda fix: correct export config sensitive filter behavior (#6782) 
* fix: correct export config sensitive filter behavior (#6778)

* docs (#6779)

---------

Co-authored-by: Ryo <whoeverimf5@gmail.com>
 2026-04-20 20:18:35 +08:00
Archer 181f743901 fix: parent datasetId type;fix: v1 completions; (#6775) 
* fix: parent datasetId type

* doc

* fix(chat): keep stream resume out of v1 completions (#6774)

* fix(chat): avoid duplicate v1 completion history items

* fix(chat): restore v1 completion persistence flow

* fix(chat): keep stream resume out of v1 completions

* fix(chat): revert pushChatRecords append flow

* Mobile UI (#6776)

* doc

* perf: review

* fix: review

---------

Co-authored-by: Ryo <whoeverimf5@gmail.com>
Co-authored-by: YeYuheng <57035043+YYH211@users.noreply.github.com>
 2026-04-20 17:45:22 +08:00
Archer df8f0d56d5 doc (#6772) 2026-04-20 13:51:34 +08:00
Archer 025b3dacab fix: http tool schema (#6768) 
* fix: http tool schema

* perf: del dataset

* perf: review

* add test
 2026-04-18 20:47:39 +08:00
Archer 7506a147e6 V4.14.x (#6751) 
* batch node (#6732)

* batch node

* docs: add local code quality standards and style guides for automated review

* refactor: remove enforced minimum for parallel concurrency, simplify edge handling in task runtime context, and fix loop output mapping

* feat: auto-infer and sync valueType for parallel loop input and output based on referenced array source

* fix: refactor parallelRun output type synchronization and improve sub-workflow error handling in dispatch service

* feat: enforce parallel concurrency limits and validate against workflow loop constraints

* feat: implement retry mechanism for parallel workflow tasks with usage tracking per attempt

* fix review

* perf: use function

* refactor: abstract nested node logic into useNestedNode hook and update parallelRun icon/service logic

* fix: type import

* refactor: update ParallelRunStatusEnum and i18n labels for improved status clarity

* feat: parallel run details and input/output display to chat response modal and service dispatch

* fix: config limit error

* refactor: optimize parallel run task execution, fix point accumulation, and improve error handling for sub-workflows

* fix: include totalPoints in parallel task results

* refactor: centralize nested input injection and point safety utilities for workflow dispatchers

* test: add unit tests for safePoints utility function

* refactor: update parallel workflow runtime types and clean up docstring placement in dispatch utils

* fix: include all runtime nodes in parallel execution to ensure variable reference accessibility

* refactor: update pushSubWorkflowUsage signature to use object parameter for improved consistency

---------

Co-authored-by: DigHuang <114602213+DigHuang@users.noreply.github.com>

* feat(s3): add proxy transfer mode with tokenized upload/download (#6729)

* feat(s3): add proxy transfer mode with tokenized upload/download

* wip: switch to proxy mode for upload progress

* fix: office mime types

* fix(s3): upload MIME validation, multer whitelist, API error status

- Treat AVI/MPEG mime aliases (incl. video/mp1s vs video/mpeg) as matching
- Optional allowedExtensions on multer for dataset images and localFile
- Map S3/business errors to 4xx in jsonRes where appropriate
- Align presign max size with team plan; fix dataset import size UX
- Add upload validation tests

Made-with: Cursor

* fix: show clear message when upload frequency limit is exceeded

- Reject ERROR_ENUM.uploadFileIntervalLimit from authFrequencyLimit instead of Mongo doc
- Add i18n for upload_file_interval_limit (zh-CN/en/zh-Hant)

Made-with: Cursor

* fix file token validation and upload mime checks

* fix: test

* fix(s3): treat m4a audio/mp4 and audio/x-m4a as equivalent

- Add MIME equivalence group for AAC/M4A container mismatch (mime-types vs file-type)
- Add upload validation test for minimal ftyp/M4A buffer
- Test env: keep FILE_TOKEN_KEY in vitest test.env and test/setup.ts (drop loadTestEnv file)

Made-with: Cursor

* fix(chat): 调试区文件类型与编辑态一致,并修复 accept 在 WebKit 下不更新

- ChatTest: 用 getAppChatConfig + getGuideModule 合并画布引导节点与 chatConfig
- useChatTest: 依赖 fileSelectConfig 序列化与 chatConfig,避免深层变更未触发预览更新
- useSelectFile: 用 useCallback + input key 替代 useMemoizedFn,确保 accept 变更后重建 input

Made-with: Cursor

* fix: invalid request

* feat: prompt inject (#6757)

* feat: resume chat stream (#6722)

* fix: openapi schema issue while creating openapi json

* feat: resume chat stream

* wip: chat status and read status

* feat: sync chat side bar status

* fix: allow reassignment of variables in chatTest handler

Made-with: Cursor

* feat(chat): stream resume hardening, resume modules in @fastgpt/service, stale generating cron

- Move stream resume mirror + resumeStatus into packages/service; update API imports
- chatTest: ensurePendingChatRoundItems, default responseChatItemId; zod default import for client
- useChatTest + HomeChatWindow: enableAutoResume and sync init chatGenerateStatus
- ChatContext: safe no-op defaults without provider
- Cron: clean MongoChat stuck in generating >30min; timer lock cleanStaleGeneratingChat

Made-with: Cursor

* fix(chat): address stream-resume PR review (zod/mongoose enum, legacy status, upsert, UI race)

- Zod: use z.nativeEnum(ChatGenerateStatusEnum); mongoose chatGenerateStatus enum as [0,1,2] only
- Init APIs: default missing chatGenerateStatus to done before read/unread logic
- ensurePendingChatRoundItems: unique index + upsert; rename ChatGenerateStatusEnum
- ChatBox auto-resume: guard by chatId; sidebar sync via targetChatId
- Tests: chat history/feedback APIs pass with schema fixes

Made-with: Cursor

* fix(chat): expose resume at /api/v2/chat/resume; openapi + review tidy

- Move handler from v1/stream to v2/chat/resume (pairs with v2 completions + Redis mirror)
- Update fetch, OpenAPI AIPath, comments; remove slim projects/app global chat api
- getHistoryStatus default chatGenerateStatus; team init + chatTest notes; ChatItem tweak

Made-with: Cursor

* fix(chat): fix resume JSON parse catch shadowing; drop unused resumeChatStream

Made-with: Cursor

* docs(chat): comment closed+stream mirror write path in workflow dispatch

Made-with: Cursor

* refactor: unify resumable stream mirroring

* fix: keep v1 chat completions out of resume flow

* refactor: make prepared chat rounds transactional

* fix: handle resume stream terminal errors

* fix: rerank max token

* feat(workflow): extend variable update node with Number/Boolean/Array operations (#6752)

* feat(workflow): extend variable update node with   Number/Boolean/Array ops

* feat: math operator icons and refactor variable update renderers for improved layout and consistency

* chore(workflow): clean up variable update types and restore icon   cleanup

* feat: add test

* fix:md_ascii_bug (#6755)

* md_ascii_bug

* md_ascii_bug

* md_ascii_bug

* md_ascii_bug

* md_ascii_bug

* perf: test

---------

Co-authored-by: archer <545436317@qq.com>

* doc

* del dataset

* perf: date auto coerce

* doc

* add test

* perf: channel setting

* doc

* fix: chat resume stream (#6759)

* refactor(api): move stream resume to /api/core/chat/resume

Relocate resume handler from pages/api/v2 to pages/api/core, update
OpenAPI paths, frontend streamResumeFetch URL, tests, and comments.

Made-with: Cursor

* fix: remove stray conflict markers; use z.nativeEnum for chatGenerateStatus

Made-with: Cursor

* fix: use enum instead of nativeEnum

* fix(chat): address resume review suggestions

* fix(chat): require sse when resuming generating chats

* revert(chat): keep chatitem dataId index non-unique

* fix: ts

* fix doc

* fix(chat): gate stream resume mirror by header (#6760)

* fix: remove stray conflict markers; use z.nativeEnum for chatGenerateStatus

Made-with: Cursor

* fix: use enum instead of nativeEnum

* fix(chat): address resume review suggestions

* fix(chat): require sse when resuming generating chats

* feat(chat): gate stream resume mirror by header

* refactor(chat): decouple resume mirror header parsing

* perf: dataset queue

* fix: multipleselect

* perf: workflow bug

* doc

* doc

* perf: deploy yml;fix: child nodes watch

* adapt embedding model defaultconfig

* install shell

* add mcp zod check

* feat: http tool zod schema

* Feat/batch UI (#6763)

* feat: aggregate parallel run results into task-specific virtual nodes and update UI to support i18n arguments for module names

* style: update workflow node card padding and table styling for improved layout consistency

* feat: implement parallel run workflow node with documentation and i18n support

* style(modal): WholeResponseModal UI and layout styling

* chore: improve chat resume UX (#6764)

* fix: remove stray conflict markers; use z.nativeEnum for chatGenerateStatus

Made-with: Cursor

* fix: use enum instead of nativeEnum

* fix(chat): address resume review suggestions

* fix(chat): require sse when resuming generating chats

* feat(chat): gate stream resume mirror by header

* refactor(chat): decouple resume mirror header parsing

* feat: improve stream resume fallback

* feat: block duplicate chat generation

* feat: polish resume unavailable recovery

* test: stabilize resume stream timeout

* fix: harden resume wait flow

* fix: get mcp tool raw schema

* style: update UI styling and layout for LLM request detail and response modals

* perf: http tool

* fix: test

* fix: http raw schema

* fix: test

* deploy yml

* deploy yml

---------

Co-authored-by: DigHuang <114602213+DigHuang@users.noreply.github.com>
Co-authored-by: Ryo <whoeverimf5@gmail.com>
Co-authored-by: YeYuheng <57035043+YYH211@users.noreply.github.com>
 2026-04-17 23:28:43 +08:00
Archer ac04d44457 Add Zod check for api (#6741) 
* feat: llm request zod

* feat: apidataset zod

* feat: training zod

* permission data

* feat: dataset data zod

* add log categories

* update skill

* fix: test

* fix: training billId field

* fix: review

* fix: review

* feat: collection zod

* feat: dataset colletion schema

* fix: review

* review

* fix: ts

* feat: update team

* fix: type
 2026-04-13 11:25:12 +08:00
Archer 8524487034 feat: zod schema (#6740) 
* feat: zod schema

move file api

feat: chat and dataset zod

* fix: review

* feat: dataset openapi

* fix: test

* update cr
 2026-04-10 22:55:44 +08:00
Archer fc6953fcb3 Fix secret (#6738) 
* fix: nosql inject

* fix: nosql

* fix: ts

* doc

* fix: update feedbacksession
 2026-04-10 13:58:10 +08:00
Archer e3b5b3788f fix: mcp auth (#6733) 
* fix: mcp auth

* doc

* doc
 2026-04-09 15:12:39 +08:00
Archer ec9e8fdfc5 deploy doc (#6728) 2026-04-08 16:15:25 +08:00
Archer 5c709afef0 fix: model refresh (#6725) 2026-04-07 21:48:43 +08:00
Archer a55fdb4b0e deploy doc (#6711) 
* deploy doc

* deploy doc
 2026-04-02 13:43:47 +08:00
Archer fbbe852596 update deploy yml (#6695) 
* deploy doc

* doc

* doc

* doc
 2026-04-01 13:34:01 +08:00
Archer d5ea3179a0 V4.14.10 dev (#6686) 
* docker

* fix: community version check

* perf: deploy doc

* doc

* doc

* remove invalide md
 2026-03-31 23:15:29 +08:00
Archer 7f2dd9d24a fix: mcp toolcall (#6683) 
* fix: mcp toolcall

* perf: test sign
 2026-03-31 17:02:56 +08:00
Archer b884631363 feat: sandbox readfile tool (#6679) 
* feat: sandbox readfile tool

* perf: read stream

* fix: schema name

* update sdk version

* udpate enum

* perf: time
 2026-03-31 13:50:26 +08:00
Archer 3f4400a500 V4.14.10 dev (#6674) 
* feat: model config with brand-new price calculate machanism (#6616)

* fix: image read and json error (Agent) (#6502)

* fix:
1.image read
2.JSON parsing error

* dataset cite and pause

* perf: plancall second parse

* add test

---------

Co-authored-by: archer <545436317@qq.com>

* master message

* remove invalid code

* wip: model config

* feat: model config with brand-new price calculate machanism

* merge main branch

* ajust calculate way

* ajust priceTiers resolve procession

* perf: price config code

* fix: default price

* fix: test

* fix: comment

* fix test

---------

Co-authored-by: YeYuheng <57035043+YYH211@users.noreply.github.com>
Co-authored-by: archer <545436317@qq.com>

* wip: fix modal UI (#6634)

* wip: fix modal UI

* fix: maxInputToken set

* chore: add price unit for non llm models

* chore: replace question mark icon with beta tag (#6672)

* feat:rerank too long; fix:rerank ui(agent),embedding returns 0 (#6663)

* feat:rerank too long; fix:rerank ui(agent),embedding returns 0

* rerank

* fix:rerank function

* perf: rerank code

* fix rerank

* perf: model price ui

---------

Co-authored-by: archer <545436317@qq.com>

* remove llmtype field

* revert model init

* fix: filed

* fix: model select filter

* perf: multiple selector render

* remove invalid checker

* remove invalid i18n

* perf: model selector tip

* perf: model selector tip

* fix cr

* limit pnpm version

* fix: i18n

* fix action

* set default mintoken

* update i18n

* perf: usage push

* fix:rerank model ui (#6677)

* fix: tier match error

* fix: testr

---------

Co-authored-by: Ryo <whoeverimf5@gmail.com>
Co-authored-by: YeYuheng <57035043+YYH211@users.noreply.github.com>
 2026-03-30 10:05:42 +08:00
Archer 03dd9c00a8 perf: runtime performance (#6665) 
* perf: runtime performance

* add stringify trace

* remove trace val

* remove trace val

* remove logger

* remove logger

* add test

* add log
 2026-03-27 17:06:36 +08:00
Archer cc3a91d009 Opensandbox (#6657) 
* Opensandbox (#6651)

* volumn manager

* feat: opensandbox volumn

* perf: action (#6654)

* perf: action

* doc

* doc

* deploy tml

* update template
 2026-03-26 18:25:57 +08:00
Archer d0f96723ea fix: plugin catch (#6643) 2026-03-25 20:20:19 +08:00
Archer bd966d479f fix: login secret (#6635) 
* fix: login secret

* lock

* env template

* fix: ts

* fix: ts

* fix: ts
 2026-03-25 14:45:38 +08:00
Archer 86758af5bb feishu stream (#6629) 2026-03-24 18:02:38 +08:00
Archer e05ae8a3ec fix: child workflow variable default value not init (#6620) 2026-03-24 09:59:30 +08:00
Archer 37bbccdc1f Fix outlink doc (#6619) 
* doc

* doc
 2026-03-23 23:37:12 +08:00
Archer a49321c850 deploy doc (#6612) 2026-03-23 16:26:22 +08:00
Archer f6bd798fe6 doc (#6610) 2026-03-23 12:17:04 +08:00
Archer 3048dd5cfb doc (#6609) 2026-03-23 12:10:44 +08:00
Archer c37b3aa0e8 wechat publish (#6607) 
* wechat publish

* update test

* doc
 2026-03-23 11:57:05 +08:00
Archer f7b64f25b1 V4.14.9 features (#6602) 
* fix: image read and json error (Agent) (#6502)

* fix:
1.image read
2.JSON parsing error

* dataset cite and pause

* perf: plancall second parse

* add test

---------

Co-authored-by: archer <545436317@qq.com>

* master message

* remove invalid code

* fix: sandbox download file

* update lock

* sub set

* i18n

* perf: system forbid sandbox

* fix: i18n; next config

* fix: authchat uid

* update i18n

* perf: check exists

* stop in tool

* stop in tool

* fix: chat

* update action

* doc

* deploy doc

---------

Co-authored-by: YeYuheng <57035043+YYH211@users.noreply.github.com>
 2026-03-22 17:58:45 +08:00
Archer 05bb197990 V4.14.9 features (#6599) 
* fix: image read and json error (Agent) (#6502)

* fix:
1.image read
2.JSON parsing error

* dataset cite and pause

* perf: plancall second parse

* add test

---------

Co-authored-by: archer <545436317@qq.com>

* master message

* remove invalid code

* feat(sre): integrate traces, logs, metrics into one sdk (#6580)

* fix: image read and json error (Agent) (#6502)

* fix:
1.image read
2.JSON parsing error

* dataset cite and pause

* perf: plancall second parse

* add test

---------

Co-authored-by: archer <545436317@qq.com>

* master message

* wip: otel sdk

* feat(sre): integrate traces, logs, metrics into one sdk

* fix(sre): use SpanStatusCode constants

* fix(sre): clarify step memory measurement

* update package

* fix: ts

---------

Co-authored-by: YeYuheng <57035043+YYH211@users.noreply.github.com>
Co-authored-by: archer <545436317@qq.com>

* doc

* sandbox in agent (#6579)

* doc

* update template

* fix: pr

* fix: sdk package

* update lock

* update next

* update dockerfile

* dockerfile

* dockerfile

* update sdk version

* update dockerefile

* version

---------

Co-authored-by: YeYuheng <57035043+YYH211@users.noreply.github.com>
Co-authored-by: Ryo <whoeverimf5@gmail.com>
 2026-03-21 12:19:44 +08:00
Archer 7a6601394d perf: agent pause (#6588) 
* doc

* feat: Pause Recovery (#6494)

* feat: Pause Recovery

* agent pause

* agent pause

* fix:agent pause

* fix:agent pause

* perf: pause agent call

* fix: test

---------

Co-authored-by: archer <545436317@qq.com>

* fix: image read and json error (Agent) (#6502)

* fix:
1.image read
2.JSON parsing error

* dataset cite and pause

* perf: plancall second parse

* add test

---------

Co-authored-by: archer <545436317@qq.com>

* master message

* remove invalid code

* fix: pause agent (#6595)

* fix: ask and step result

* delete console

* udpate pnpm version

* prettier

---------

Co-authored-by: YeYuheng <57035043+YYH211@users.noreply.github.com>
 2026-03-20 18:07:29 +08:00
Archer b29e10cf65 V4.14.9 dev (#6582) 
* update doc

* update pnpm version

* update lock

* update model config doc

* time

* update dockerfile
 2026-03-19 14:09:03 +08:00
zjj-225 765ec526cc Refactor FAQ and troubleshooting documentation with new guides (#6581) 
* docs(faq): 更新常见问题文档并新增注意事项页面

- 在 error.mdx 中调整问题序号并新增 OCR 配置问题
- 新增 attention.mdx 页面,提供问题排查步骤和技术支持指引
- 重构 dataset.mdx 内容结构,使用数字序号并补充知识库闪烁问题

* docs: 重构私有部署故障排查文档结构并新增详细指南

将原有的 FAQ 文档拆分为多个专题文档,包括通用问题排查、S3问题、OneAPI错误、模型可用性问题和排查方法。更新了导航菜单和目录结构,使文档组织更清晰,便于用户快速定位和解决特定问题。

新增了详细的故障排查步骤、CURL测试示例和具体错误解决方案,特别是针对对象存储连接、签名错误和模型调用失败等常见问题提供了更全面的指导。

* docs: 移除已弃用的 OneAPI 错误排查文档

移除 `oneapi-errors` 相关文档文件,因其内容已过时或合并至其他章节。同步更新中英文文档目录和元数据文件中的引用。

* docs: 更新文档FAQ内容,移除过时条目并重新编号

- 删除关于OneAPI官网的过时FAQ条目
- 重新编号故障排除FAQ章节,使序号连续
- 同步更新中英文文档内容保持一致

* docs: 重构FAQ和自托管文档结构,合并错误排查内容

将原FAQ中的“报错”和“注意”章节迁移至自托管文档的“故障排查”目录下
在model-errors.mdx中整合常见错误解决方案,如“上游负载饱和”和“Connection Error”
更新meta.json和toc.mdx文件以反映新的文档结构

---------

Co-authored-by: Archer <545436317@qq.com>
 2026-03-19 11:32:14 +08:00
Archer 9959707fb3 V4.14.9 fix issue (#6573) 
* fix: session error

* fix: session error

* fix: workflow runtime and add e2b
 2026-03-19 11:15:14 +08:00
zjj-225 f057a2ae19 docs(faq): 更新常见问题文档并新增注意事项页面 (#6465) 
* docs(faq): 更新常见问题文档并新增注意事项页面

- 在 error.mdx 中调整问题序号并新增 OCR 配置问题
- 新增 attention.mdx 页面,提供问题排查步骤和技术支持指引
- 重构 dataset.mdx 内容结构,使用数字序号并补充知识库闪烁问题

* docs: 重构私有部署故障排查文档结构并新增详细指南

将原有的 FAQ 文档拆分为多个专题文档,包括通用问题排查、S3问题、OneAPI错误、模型可用性问题和排查方法。更新了导航菜单和目录结构,使文档组织更清晰,便于用户快速定位和解决特定问题。

新增了详细的故障排查步骤、CURL测试示例和具体错误解决方案,特别是针对对象存储连接、签名错误和模型调用失败等常见问题提供了更全面的指导。

* docs: 移除已弃用的 OneAPI 错误排查文档

移除 `oneapi-errors` 相关文档文件,因其内容已过时或合并至其他章节。同步更新中英文文档目录和元数据文件中的引用。

* docs: 更新文档FAQ内容,移除过时条目并重新编号

- 删除关于OneAPI官网的过时FAQ条目
- 重新编号故障排除FAQ章节,使序号连续
- 同步更新中英文文档内容保持一致

---------

Co-authored-by: Archer <545436317@qq.com>
 2026-03-17 14:44:54 +08:00
Archer aaa7d17ef1 V4.14.9 dev (#6555) 
* feat: encapsulate logger (#6535)

* feat: encapsulate logger

* update engines

---------

Co-authored-by: archer <545436317@qq.com>

* next config

* dev shell

* Agent sandbox (#6532)

* docs: switch to docs layout and apply black theme (#6533)

* feat: add Gemini 3.1 models

- Add gemini-3.1-pro-preview (released February 19, 2026)
- Add gemini-3.1-flash-lite-preview (released March 3, 2026)

Both models support:
- 1M context window
- 64k max response
- Vision
- Tool choice

* docs: switch to docs layout and apply black theme

- Change layout from notebook to docs
- Update logo to icon + text format
- Apply fumadocs black theme
- Simplify global.css (keep only navbar and TOC styles)
- Fix icon components to properly accept className props
- Add mobile text overflow handling
- Update Node engine requirement to >=20.x

* doc

* doc

* lock

* fix: ts

* doc

* doc

---------

Co-authored-by: archer <archer@archerdeMac-mini.local>
Co-authored-by: archer <545436317@qq.com>

* Doc (#6493)

* cloud doc

* doc refactor

* doc move

* seo

* remove doc

* yml

* doc

* fix: tsconfig

* fix: tsconfig

* sandbox version (#6497)

* sandbox version

* add sandbox log

* update lock

* fix

* fix: sandbox

* doc

* add console

* i18n

* sandbxo in agent

* feat: agent sandbox

* lock

* feat: sandbox ui

* sandbox check exists

* env tempalte

* doc

* lock

* sandbox in chat window

* sandbox entry

* fix: test

* rename var

* sandbox config tip

* update sandbox lifecircle

* update prompt

* rename provider test

* sandbox logger

* yml

---------

Co-authored-by: Archer <archer@fastgpt.io>
Co-authored-by: archer <archer@archerdeMac-mini.local>

* perf: sandbox error tip

* Add sandbox limit and fix some issue (#6550)

* sandbox in plan

* fix: some issue

* fix: test

* editor default path

* fix: comment

* perf: sandbox worksapce

* doc

* perf: del sandbox

* sandbox build

* fix: test

* fix: pr comment

---------

Co-authored-by: Ryo <whoeverimf5@gmail.com>
Co-authored-by: Archer <archer@fastgpt.io>
Co-authored-by: archer <archer@archerdeMac-mini.local>
 2026-03-16 17:09:25 +08:00
Archer 6ea65f644b Fix issue (#6560) 
* perf: mcp json schema type

* fix: workflow form value reset

* fix: ts

* fix: test
 2026-03-14 23:42:53 +08:00
Archer 4b4f856e16 fix: api dataset (#6551) 
* fix: api dataset

* Update packages/global/core/chat/type.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-12 20:51:00 +08:00
Archer 91a130307d fix: SSRF vulnerability in HTTP Tool (GHSA-6g6x-8hq5-9cw4) (#6546) 
* fix: SSRF vulnerability in HTTP Tool (GHSA-6g6x-8hq5-9cw4)

修复 HTTP Tool 中的 SSRF 漏洞,防止攻击者访问内部网络资源。

主要变更:
1. 在 runHTTPTool 函数中添加 isInternalAddress 验证
2. 修改 CHECK_INTERNAL_IP 默认行为为启用(安全优先)
3. 添加全面的单元测试验证修复

安全改进:
- 阻止访问 AWS/GCP/Azure 等云服务商元数据端点
- 阻止访问 Kubernetes 服务端点
- 阻止访问私有 IP 范围 (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16)
- 阻止访问 localhost 和 127.0.0.1
- 阻止访问 link-local 地址 (169.254.0.0/16)

破坏性变更:
- CHECK_INTERNAL_IP 环境变量默认值从 false 改为 true
- 需要访问内部服务的用户需要显式设置 CHECK_INTERNAL_IP=false(不推荐)

测试:
- 添加 23 个测试用例覆盖各种 SSRF 攻击场景
- 所有测试通过

相关问题:
- Fixes GHSA-6g6x-8hq5-9cw4
- CWE-918: Server-Side Request Forgery

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* test: update isInternalAddress tests for new default behavior

更新测试以反映 CHECK_INTERNAL_IP 的新默认行为(默认启用安全检查)。

变更:
- 修改默认行为测试:现在默认阻止私有 IP 地址
- 添加 CHECK_INTERNAL_IP=false 测试组:测试向后兼容模式
- 所有 62 个测试通过

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* doc

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 00:15:29 +08:00
Archer 38f6f9dd9f fix: tool id (#6544) 
* fix: tool id

* fix: test

* fix: ts

* add test
 2026-03-11 23:15:17 +08:00
Finley Ge f268dec80c docs: typo & api dataset doc & fix: custom domain fe logic (#6528) 
* fix: typo

* chore: update doc

* docs: api dataset

* fix: custom domain add button/ empty tip logic
 2026-03-09 17:39:53 +08:00
Finley Ge 8eb841cc96 fix: version-list & update docker-compose.yamls (#6526) 
* fix: get version list api for workflow/agent tools

* chore: update docker-composes
 2026-03-09 12:02:02 +08:00
Finley Ge 31ad2d6162 docs: upgrade v4.14.8 (#6520) 2026-03-06 19:32:23 +08:00
Finley Ge cf1eb7092e docs: upgrade v4.14.8 (#6518) 2026-03-06 19:11:46 +08:00