mirror of
https://github.com/labring/FastGPT.git
synced 2026-05-02 01:02:05 +08:00
6b61359516640ac6c8325f930166aecd4d03c6b3
9 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Archer
|
6b61359516 |
feat(sandbox): 重构代码沙盒,支持内置函数和网络请求 (#6479)
* fix(sandbox): 重构代码沙盒,支持内置函数和网络请求 (#6462) * feat(sandbox): 重写代码沙盒 - Bun + Hono + 统一子进程模型 - 运行时: Node.js → Bun - HTTP 框架: NestJS + Fastify → Hono - JS 执行: isolated-vm → Bun 子进程(与 Python 统一) - 架构: 统一子进程模型,JS 和 Python 共享同一套执行引擎 - SubprocessRunner 基类,JS/Python 各自继承 - ProcessPool 进程池预热(SANDBOX_JS_POOL_SIZE / SANDBOX_PYTHON_POOL_SIZE) - SystemHelper 命名空间(JS 端保留向后兼容全局函数) - 临时文件系统隔离 + 路径遍历防护 + 磁盘配额 - 请求级资源限制(timeoutMs / memoryMB / diskMB) - JS: 原型链冻结 + Bun API 禁用 + Function 构造器注入 safe require(模块白名单) - Python: 宿主侧正则预检 + __import__ 拦截 + resource 限制 - 移除: @nestjs/*(6个包)、fastify、isolated-vm、node-gyp、reflect-metadata、rxjs - 新增: hono - 保留: tiktoken - 新增用户可用包: lodash、dayjs、axios、moment、uuid、crypto-js、qs - 67 个测试全部通过(单元测试 + 安全测试 + 集成测试) - vitest 独立配置,不影响全局 * fix(sandbox): 安全加固 - 扩展 Bun API 封锁、清理 process.env、闭包封装 Python import 拦截 - JS: 扩展 Bun 危险 API 封锁列表(serve/connect/listen/udpSocket/dns/plugin/build/Transpiler) - JS: 清理 process.env,仅保留沙箱必要变量,防止泄露敏感环境变量 - Python: 用闭包封装 _safe_import,del 掉 _original_import/_make_safe_import/_BLOCKED_MODULES 防止用户代码恢复原始 __import__ - Dockerfile: 复制 bun.lock 并使用 --frozen-lockfile 确保构建可复现 * fix(sandbox): 将 sandbox 从 pnpm workspace 中移除,独立管理依赖 * fix(sandbox): 从全局 vitest 移除 sandbox 测试,集成测试无 SANDBOX_URL 时跳过 * ci(sandbox): 添加独立测试 workflow,仅 sandbox 代码变更时触发 * refactor(sandbox): 使用 export default 启动方式,与 sandbox_server 保持一致 * fix: sandbox security hardening & comprehensive test suite Security fixes: - JS: freeze Function constructor to block constructor.constructor escape - JS: handle undefined return from main() (serialize as null) - Python: fix http_request using from-import after __import__ interception - Python: __import__ whitelist mode blocks exec/eval import bypasses New tests (223 passing): - security/escape-attacks: JS/Python escape attack vectors - security/network-security: IP blacklist, protocol restrictions, httpRequest - compat/legacy-js: 18 backward compatibility tests - compat/legacy-python: 21 backward compatibility tests - boundary: timeout, memory, disk, edge cases - examples: common user code patterns * feat(sandbox): env vars for all limits + rewrite README - Network limits configurable via env: SANDBOX_MAX_REQUESTS, SANDBOX_REQUEST_TIMEOUT, SANDBOX_MAX_RESPONSE_SIZE - Resource upper bounds configurable: SANDBOX_MAX_TIMEOUT, SANDBOX_MAX_MEMORY_MB, SANDBOX_MAX_DISK_MB - README: architecture, API docs, env var reference, how to add JS/Python packages, security overview, built-in functions * refactor(sandbox): extract env.ts with dotenv for typed env loading - New env.ts: dotenv.config() + typed helpers (str/int/bool) - config.ts re-exports env for backward compatibility - index.ts imports env first to ensure .env loaded before anything else * refactor(sandbox): use zod for env validation and type coercion - Replace manual parseInt/str helpers with zod schema + coerce - Invalid env vars now fail fast with formatted error on startup - dotenv + zod, clean and declarative * chore(sandbox): remove unused process pool code - Delete pool.ts and pool.test.ts (pool was never wired into runners) - Remove PoolConfig/PooledProcess types - Remove pool env vars from env.ts - Clean up README * feat(sandbox): add concurrency limiter with semaphore - New Semaphore utility for max concurrent subprocess control - SANDBOX_MAX_CONCURRENCY env var (default 50) - Excess requests queue instead of spawning unbounded processes - Health endpoint exposes concurrency stats (current/queued/max) * test(sandbox): add semaphore tests and expand coverage to 292 cases - New semaphore.test.ts (11 tests): acquire/release, queuing, FIFO, stats, serial execution - JS runner: blank code, template literals, primitive returns, more modules, unicode, partial limits - Python runner: blank code, triple quotes, primitive returns, unicode, null vars, division errors - JS security: process.exit, globalThis, Symbol.unscopables, Proxy, dynamic import, path traversal - Python security: pickle/multiprocessing/threading/ctypes/signal, exec bypass, __subclasses__ - Escape attacks: type() class creation, __builtins__ tampering, getattr access - Boundary: long vars, special JSON chars, float precision, big ints, circular refs, Promise.reject * test(sandbox): test-master review - add 31 tests, coverage report - base-runner.test.ts (10): BaseRunner precheck, temp dir, semaphore integration - semaphore-race.test.ts (5): race conditions, rapid acquire/release, stress test - coverage-gaps.test.ts (16): security coverage gaps found during review - REVIEW-REPORT.md: full test audit report Total: 323 passed, 0 failed * fix(sandbox): address PR #6439 review issues Security fixes: - Intercept Python builtins.open(), restrict file access to sandbox tmpdir - Remove unused pool.ts, warmup.mjs, warmup.py (security risk) - Fix DNS rebinding TOCTOU: use resolved IP for HTTP connections - Fix symlink path traversal: use realpath instead of normpath - Add try/finally cleanup for __import__ hook Robustness: - Add __SANDBOX_RESULT__ prefix to stdout parsing, prevent user output interference - Fix disk quota tracking: deduct old file size on overwrite - Add __import__() pattern scanning in Python precheck Tests: - Fix eval+__import__ test assertion (accept both catch and fail paths) All 323 tests passing. * fix(sandbox): remove warmup scripts COPY from Dockerfile * docs(sandbox): add technical design document * feat(sandbox): configurable module allowlist/blocklist via env vars - SANDBOX_JS_ALLOWED_MODULES: JS require whitelist (comma-separated) - SANDBOX_PYTHON_BLOCKED_MODULES: Python import blacklist (comma-separated) - Defaults unchanged, fully backward compatible * fix(sandbox): 修复多个安全漏洞 1. Python HTTPS DNS rebinding: HTTPS 请求现在也使用 resolved IP 发起连接 2. Python __import__ hook 恢复漏洞: 移除 finally 块中恢复原始 __import__ 的代码 3. Python 内部变量泄露: 用户代码执行前删除 _os, _socket 等内部模块引用 4. JS process 危险 API: 禁用 process.binding/dlopen/kill/chdir 等,冻结 process.env 5. Python open() fd 绕过: 阻止通过整数文件描述符绕过路径检查 6. API 输入校验: 使用 zod schema 校验请求体,限制代码大小 1MB 7. 无认证警告: SANDBOX_TOKEN 未设置时输出生产环境警告 新增 security-fixes.test.ts 包含所有修复的回归测试 * test: consolidate security tests + add integration test suite - Merge 6 security test files into 1 consolidated security.test.ts (109 tests) - JS/Python module interception (precheck + runtime) - JS escape attacks (prototype, constructor, Reflect, globalThis) - Python escape attacks (__import__ hook, exec/eval, internal vars, __subclasses__) - SSRF protection (private IPs, cloud metadata, file protocol) - File system isolation (path traversal, fd, disk quota) - Variable injection attacks - API input validation - Add black-box integration test suite functional.test.ts (56 tests) - Basic operations (math, string, array, JSON, regex, Date, Promise, Map/Set) - Variable passing (string, number, complex objects, empty, multiple) - Whitelisted modules (crypto-js, moment, lodash) - SystemHelper/system_helper (fs, delay, strToBase64, httpRequest) - Error handling (syntax, runtime, undefined var, timeout) - Network requests (GET, POST) - Complex scenarios (CSV pipeline, recursion, class definition) - Remove 34 duplicate test cases across merged files - Total: 363 passed, 8 skipped (integration API tests need server) * fix(sandbox): z.record() zod v4 compatibility - add key type param * feat(sandbox): add .env.template with all config options and comments * refactor(sandbox): remove disk write support and temp filesystem * test(sandbox): remove all fs-related tests and add test case inventory - Remove fs read/write tests from unit, integration, boundary, examples - Remove path traversal, absolute path, open fd, builtins.open tests from security - Add comprehensive test/case.md with all 344 test cases categorized - All tests pass: 344 passed, 8 skipped, 0 failed * feat(sandbox): add GET /sandbox/modules API to list available packages and builtins * test(sandbox): add unit tests for GET /sandbox/modules API * refactor(test): rewrite api.test.ts to use app.request() - no external server needed * feat(sandbox): validate SANDBOX_TOKEN charset in env schema (ASCII printable only) * chore(sandbox): remove DESIGN.md and package-lock.json from PR * feat(sandbox): replace spawn-per-request with process pool architecture - Add ProcessPool (JS) and PythonProcessPool with long-lived worker processes - Workers communicate via stdin/stdout line-based JSON protocol - Pool size configurable via SANDBOX_POOL_SIZE env var (default 20) - Auto-respawn workers on crash - Semaphore-based queueing when requests exceed pool size Performance gains (simple functions): - JS: 22 QPS → 1,328 QPS (60x improvement) - Python: 14.7 QPS → 3,395 QPS (231x improvement) - Fix import.meta.dir compatibility for vitest (Node) environments - Export poolReady promise for test initialization - Add benchmark scripts to test/benchmark/ - All 354 tests passing (12 test files) * chore(sandbox): clean up unused files, update README with pool architecture - Remove test/REVIEW-REPORT.md, test/case.md, test/benchmark.ts (obsolete) - Rewrite README: pool architecture diagram, performance benchmarks, SANDBOX_POOL_SIZE config, project structure, health endpoint format * fix(sandbox): 修复进程池超时后 worker respawn 竞态条件 根因:超时 kill worker 后,exit 事件是异步的,release() 先执行时 worker 还在列表里,死 worker 被放回 idle 池,后续请求发给死进程。 修复: - 超时回调中先 removeWorker 再 kill,防止 release 归还死 worker - removeWorker 返回 bool,exit 事件中避免重复 respawn - 超时回调主动触发 spawnWorker 补充池 - release 检查 worker 是否仍在池中 - spawnWorker 完成时检查 waitQueue 直接分配 * fix: security hardening & test migration to process pool - JS worker: harden process object (kill/chdir/env freeze/binding/dlopen) - Python worker: stack-frame based __import__ hook to block exec/eval bypass - Python worker: BuiltinsProxy to prevent __import__ override via builtins module - Python worker: restricted __builtins__ dict in exec_globals (no internal refs) - Python worker: restore __import__ before each execution - Migrate all 9 test files from JsRunner/PythonRunner to ProcessPool/PythonProcessPool - Configure vitest for serial execution (pool size=1, fileParallelism: false) - Fix security test assertion for builtins tampering (success=true with escaped=false) - All 102 security tests passing * docs(sandbox): update README with accurate benchmark data, remove non-existent features - Update performance table with latest benchmark results (JS 1414 QPS, Python 4247 QPS) - Remove SANDBOX_DISK_MB/SANDBOX_MAX_DISK_MB env vars (not implemented) - Remove SystemHelper.fs.* / system_helper.fs.* docs (not implemented in workers) - Fix security section to match actual implementation - Update test count to 351 * refactor(sandbox): remove legacy runner/sandbox/template code - Delete src/runner/ (base.ts, js-runner.ts, python-runner.ts) - Delete src/sandbox/ (js-template.ts, python-template.ts, network-config.ts) - Delete test/unit/js-runner.test.ts, test/unit/python-runner.test.ts - Keep src/utils/semaphore.ts (generic utility, has its own tests) - Update README project structure and test count (297 cases) All functionality is now in src/pool/ (process-pool architecture). 297 tests passing, 0 failures. * test(sandbox): add process pool lifecycle/respawn/concurrency tests - ProcessPool: init/shutdown/stats, worker crash respawn, timeout respawn, pool-full queuing, concurrent crash isolation - PythonProcessPool: init/shutdown/stats, timeout respawn, queuing - 14 new test cases, total 311 passing * fix(sandbox): ping/pong health check, replace httpbin.org with baidu.com - Worker health check: send actual ping message and verify pong response instead of only checking stdin.writable (detects stuck workers) - JS worker.ts: handle {type:'ping'} → reply {type:'pong'} - Python worker.py: handle {type:'ping'} → reply {type:'pong'} - ProcessPool/PythonProcessPool: rewrite pingWorker to send ping, wait for pong with timeout, replace worker on failure - Replace all httpbin.org URLs with www.baidu.com in tests (httpbin.org unreachable from China/Sealos Devbox) - Add 4 new health check tests (ping/pong for JS and Python pools) - All 318 tests passing, 0 failures * docs: add test report (test/README.md) and update README testing section - test/README.md: detailed report with 315 passed / 3 skipped / 0 failed - README.md: updated test section with coverage dimensions table and link to report * docs: add functional test cases checklist (110 cases) * fix(sandbox): fix Dockerfile Python env and import detection 1. Dockerfile: Remove broken multi-stage Python 3.11 copy. - The previous approach copied python3 binary from python:3.11-alpine but missed libpython3.11.so.1.0, causing Python pool init failure. - Now uses system Python from apk and installs pip packages directly. 2. worker.py: Fix false positive import blocking for third-party packages. - numpy/pandas were blocked because their internal 'import os' was detected as user-initiated (full stack scan found user code frames). - Changed to check only the direct caller frame: if the import comes from site-packages (third-party lib internals), allow it. - Direct user imports of blocked modules are still properly rejected. * fix(sandbox): block dynamic import() and restrict file system access Security fixes found during deep review: 1. JS: Block import() dynamic imports that bypass require whitelist. - import('fs') could read arbitrary files on the container. - Added static regex check to reject code containing import(). 2. Python: Restrict open() to prevent user code from reading files. - open('/etc/passwd') was accessible from user code. - Added _restricted_open() that checks caller frame: only allows stdlib/site-packages internal calls, blocks user code (<string>). 3. Python: Remove duplicate return statement in _safe_import. All 315 tests pass (3 skipped). * test(sandbox): add regression tests for import() and open() security fixes - JS: import('fs'), import('child_process'), import('os') blocked - JS: string containing 'import' not false-positive - Python: open('/etc/passwd'), open('/proc/self/environ'), open('/tmp/evil.txt', 'w') blocked - Python: numpy internal open() not affected (conditional on numpy availability) Total: 322 passed | 3 skipped (was 315 passed) * docs(sandbox): rewrite sandbox documentation with JS + Python coverage - Add Python language support documentation - Add httpRequest/http_request function docs - Add available modules list (JS whitelist + Python safe modules) - Add security restrictions section - Add practical examples (data processing, date calc, webhook signing) - Add JS/Python function name mapping table * docs(sandbox): use SystemHelper/system_helper for built-in functions Direct calls (countToken, delay, etc.) are deprecated (kept for compat). All examples now use SystemHelper.xxx() / system_helper.xxx(). * docs(sandbox): Python only show named-params style as recommended * feat(sandbox): unify Python SystemHelper API with camelCase aliases - Add camelCase aliases to Python SystemHelper: countToken, strToBase64, createHmac, httpRequest (matching JS API exactly) - Update docs to use SystemHelper uniformly for both JS and Python - snake_case methods (count_token, etc.) still work for backward compat * feat(sandbox): add matplotlib and increase HTTP timeout to 60s - Add matplotlib to Python dependencies - Increase HTTP request timeout from 10s to 60s (both JS and Python) - Update docs accordingly * docs(sandbox): split docs for old/new sandbox versions - sandbox.mdx → '代码运行(旧版)' for FastGPT ≤ 4.14.7 (URL unchanged) - sandbox-v5.mdx → '代码运行' for FastGPT ≥ 4.14.8 - Both pages cross-link to each other - meta.json updated: sandbox-v5 listed before sandbox * docs: rename old sandbox doc to 代码运行(弃) * refactor(sandbox): remove SANDBOX_TIMEOUT, use SANDBOX_MAX_TIMEOUT as unified timeout * fix(sandbox): add build dependencies for matplotlib in Dockerfile * refactor(sandbox): migrate Python from blocklist to allowlist for module control - Change SANDBOX_PYTHON_BLOCKED_MODULES to SANDBOX_PYTHON_ALLOWED_MODULES - Update Python worker to use allowlist instead of blocklist - Add comprehensive safe module list: math, json, datetime, numpy, pandas, etc. - Improve error message: 'Module X is not in the allowlist' - Consistent with JS allowlist approach for better security * fix(sandbox): add _strptime to allowlist and update test assertions - Add _strptime module (required by datetime.strptime) - Update test assertions for Python module import errors - All 325 tests now pass (322 passed, 3 skipped) * fix(docs): center SVG icon in size-5 container on medium screens * docs(sandbox): simplify built-in functions and improve module documentation - Remove delay, countToken, strToBase64, createHmac functions (keep only httpRequest) - Convert Python module list to table format (10 tables by category) - Reorganize usage examples with collapsible sections (JS and Python) - Fix icon alignment in desktop/mobile sidebar navigation - All 325 tests passing --------- Co-authored-by: Lobster 3 <lobster3@sandbox.dev> Co-authored-by: OpenClaw Bot <bot@openclaw.ai> Co-authored-by: Archer <c121914yu@gmail.com> Co-authored-by: archer <archer@archerdeMac-mini.local> * perf: code sandbox * update action * Update projects/app/src/components/core/chat/ChatContainer/ChatBox/index.tsx Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * update timeout * update memory limit function * sandbox * perf: process poll * env template * feat: code tip * fix: code sandbox error tip * update memory limit fn * update memory limit fn * fix: test * fix: test * fix: sandbox --------- Co-authored-by: Archer <archer@fastgpt.io> Co-authored-by: Lobster 3 <lobster3@sandbox.dev> Co-authored-by: OpenClaw Bot <bot@openclaw.ai> Co-authored-by: Archer <c121914yu@gmail.com> Co-authored-by: archer <archer@archerdeMac-mini.local> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Archer
|
76d6234de6 |
V4.14.7 features (#6406)
* Agent features (#6345) * Test agent (#6220) * squash: compress all commits into one * feat: plan response in ui * response ui * perf: agent config * merge * tool select ux * perf: chat ui * perf: agent editform * tmp code * feat: save chat * Complete agent parent (#6049) * add role and tools filling * add: file-upload --------- Co-authored-by: xxyyh <2289112474@qq> * perf: top agent code * top agent (#6062) Co-authored-by: xxyyh <2289112474@qq> * fix: ts * skill editor ui * ui * perf: rewrite type with zod * skill edit ui * skill agent (#6089) * cp skill chat * rebase |
||
|
Archer
|
c93c3937e1 |
S3 sdk (#6215)
* refactor: fastgpt object storage & global proxy (#6155) * feat: migrate to fastgpt storage sdk * chore: rename env variable * chore: move to sdk dir * docs: object storage * CHORE * chore: storage mocks * chore: update docker-compose * fix: global proxy agent * fix: update COS proxy * refactor: use fetch instead of http.request * fix: axios request base url * fix: axios proxy request behavior * fix: bumps axios * fix: patch axios for proxy * fix: replace axios with proxied axios * fix: upload txt file encoding * clean code * fix: use "minio" for minio adapter (#6205) * fix: use minio client to delete files when using minio vendor (#6206) * doc * feat: filter citations and add response button control (#6170) * feat: filter citations and add response button control * i18n * fix * fix test * perf: chat api code * fix: workflow edge overlap and auto-align in folded loop nodes (#6204) * fix: workflow edge overlap and auto-align in folded loop nodes * sort * fix * fix edge * fix icon * perf: s3 file name * perf: admin get app api * perf: catch user error * fix: refactor useOrg hook to use debounced search key (#6180) * chore: comment minio adapter (#6207) * chore: filename with suffix random id * perf: s3 storage code * fix: encode filename when copy object --------- Co-authored-by: archer <545436317@qq.com> * fix: node card link * json * perf: chat index; * index * chat item soft delete (#6216) * chat item soft delete * temp * fix * remove code * perf: delete chat item --------- Co-authored-by: archer <545436317@qq.com> * feat: select wheather filter sensitive info when export apps (#6222) * fix some bugs (#6210) * fix v4.14.5 bugs * type * fix * fix * custom feedback * fix * code * fix * remove invalid function --------- Co-authored-by: archer <545436317@qq.com> * perf: test * fix file default local upload (#6223) * docs: improve object storage introduction (#6224) * doc --------- Co-authored-by: roy <whoeverimf5@gmail.com> Co-authored-by: heheer <heheer@sealos.io> Co-authored-by: Finley Ge <32237950+FinleyGe@users.noreply.github.com> |
||
|
Archer
|
d571c768ea |
V4.14.1 feature (#5880)
* feat: app split (#5858) * feat: app split script * fix: app split * chore: app split script try-catch * adjust dashborad page (#5872) * create page * create page * create button * router name * bot * template * create page * mobile * toolfolder * fix * fix * fix build * split tool select * img * doc * rename enum * fix page adjust (#5883) * fix page adjust * fix ad store * fix: initv4141 (#5886) * fix: create app * doc * hide api * doc * feat: payment pause interactive (#5892) * fix: copy clbs (#5889) * fix: copy clbs * fix: copy clbs * fix: http protocol handling in baseURL (#5890) * fix: http protocol handling in baseURL * ui fix * auto saved version * fix * auto save * fix: model permission modal (#5895) * folder * fix: del app * navbar * fix: plugin file selector (#5893) * fix: plugin file selector * fix: plugin file selector * workflow tool inputform * pick --------- Co-authored-by: archer <545436317@qq.com> * fix: workflow tool time * doc * fix workorder button (#5896) * add inform track (#5897) * remove invalid track * comment * feat: marketplace refresh api (#5884) * marketplace refresh * fix: helper bot menu button (#5898) --------- Co-authored-by: Finley Ge <32237950+FinleyGe@users.noreply.github.com> Co-authored-by: heheer <heheer@sealos.io> Co-authored-by: 伍闲犬 <whoeverimf5@gmail.com> |
||
|
Theresa
|
2d3117c5da |
feat: update ESLint config with @typescript-eslint/consistent-type-imports (#4746)
* update: Add type * fix: update import statement for NextApiRequest type * fix: update imports to use type for LexicalEditor and EditorState * Refactor imports to use 'import type' for type-only imports across multiple files - Updated imports in various components and API files to use 'import type' for better clarity and to optimize TypeScript's type checking. - Ensured consistent usage of type imports in files related to chat, dataset, workflow, and user management. - Improved code readability and maintainability by distinguishing between value and type imports. * refactor: remove old ESLint configuration and add new rules - Deleted the old ESLint configuration file from the app project. - Added a new ESLint configuration file with updated rules and settings. - Changed imports to use type-only imports in various files for better clarity and performance. - Updated TypeScript configuration to remove unnecessary options. - Added an ESLint ignore file to exclude build and dependency directories from linting. * fix: update imports to use 'import type' for type-only imports in schema files |
||
|
Archer
|
565a966d19 |
Python Sandbox (#4380)
* Python3 Sandbox (#3944) * update python box (#4251) * update python box * Adjust the height of the NodeCode border. * update python sandbox and add test systemcall bash * update sandbox * add VERSION_RELEASE (#4376) * save empty docx * fix pythonbox log error * fix: js template --------- Co-authored-by: dogfar <37035781+dogfar@users.noreply.github.com> Co-authored-by: gggaaallleee <91131304+gggaaallleee@users.noreply.github.com> Co-authored-by: gggaaallleee <1293587368@qq.com> |
||
|
Archer
|
0472dc2967 |
perf: checkbox dom (#3149)
* perf: checkbox dom * perf: null check * perf: simple mode variables * perf: get csv encoding code * fix: dataset filter * perf: code editor ui |
||
|
Archer
|
e9d52ada73 |
4.8.13 feature (#3118)
* chore(ui): login page & workflow page (#3046) * login page & number input & multirow select & llm select * workflow * adjust nodes * New file upload (#3058) * feat: toolNode aiNode readFileNode adapt new version * update docker-compose * update tip * feat: adapt new file version * perf: file input * fix: ts * feat: add chat history time label (#3024) * feat:add chat and logs time * feat: add chat history time label * code perf * code perf --------- Co-authored-by: 勤劳上班的卑微小张 <jiazhan.zhang@ggimage.com> * add chatType (#3060) * pref: slow query of full text search (#3044) * Adapt findLast api;perf: markdown zh format. (#3066) * perf: context code * fix: adapt findLast api * perf: commercial plugin run error * perf: markdown zh format * perf: dockerfile proxy (#3067) * fix ui (#3065) * fix ui * fix * feat: support array reference multi-select (#3041) * feat: support array reference multi-select * fix build * fix * fix loop multi-select * adjust condition * fix get value * array and non-array conversion * fix plugin input * merge func * feat: iframe code block;perf: workflow selector type (#3076) * feat: iframe code block * perf: workflow selector type * node pluginoutput check (#3074) * feat: View will move when workflow check error;fix: ui refresh error when continuous file upload (#3077) * fix: plugin output check * fix: ui refresh error when continuous file upload * feat: View will move when workflow check error * add dispatch try catch (#3075) * perf: workflow context split (#3083) * perf: workflow context split * perf: context * 4.8.13 test (#3085) * perf: workflow node ui * chat iframe url * feat: support sub route config (#3071) * feat: support sub route config * dockerfile * fix upload * delete unused code * 4.8.13 test (#3087) * fix: image expired * fix: datacard navbar ui * perf: build action * fix: workflow file upload refresh (#3088) * fix: http tool response (#3097) * loop node dynamic height (#3092) * loop node dynamic height * fix * fix * feat: support push chat log (#3093) * feat: custom uid/metadata * to: custom info * fix: chat push latest * feat: add chat log envs * refactor: move timer to pushChatLog * fix: using precise log --------- Co-authored-by: Finley Ge <m13203533462@163.com> * 4.8.13 test (#3098) * perf: loop node refresh * rename context * comment * fix: ts * perf: push chat log * array reference check & node ui (#3100) * feat: loop start add index (#3101) * feat: loop start add index * update doc * 4.8.13 test (#3102) * fix: loop index;edge parent check * perf: reference invalid check * fix: ts * fix: plugin select files and ai response check (#3104) * fix: plugin select files and ai response check * perf: text editor selector;tool call tip;remove invalid image url; * perf: select file * perf: drop files * feat: source id prefix env (#3103) * 4.8.13 test (#3106) * perf: select file * perf: drop files * perf: env template * 4.8.13 test (#3107) * perf: select file * perf: drop files * fix: imple mode adapt files * perf: push chat log (#3109) * fix: share page load title error (#3111) * 4.8.13 perf (#3112) * fix: share page load title error * update file input doc * perf: auto add file urls * perf: auto ser loop node offset height * 4.8.13 test (#3117) * perf: plugin * updat eaction * feat: add more share config (#3120) * feat: add more share config * add i18n en * fix: missing subroute (#3121) * perf: outlink config (#3128) * update action * perf: outlink config * fix: ts (#3129) * 更新 docSite 文档内容 (#3131) * fix: null pointer (#3130) * fix: null pointer * perf: not input text * update doc url * perf: outlink default value (#3134) * update doc (#3136) * 4.8.13 test (#3137) * update doc * perf: completions chat api * Restore docSite content based on upstream/4.8.13-dev (#3138) * Restore docSite content based on upstream/4.8.13-dev * 4813.md缺少更正 * update doc (#3141) --------- Co-authored-by: heheer <heheer@sealos.io> Co-authored-by: papapatrick <109422393+Patrickill@users.noreply.github.com> Co-authored-by: 勤劳上班的卑微小张 <jiazhan.zhang@ggimage.com> Co-authored-by: Finley Ge <32237950+FinleyGe@users.noreply.github.com> Co-authored-by: a.e. <49438478+I-Info@users.noreply.github.com> Co-authored-by: Finley Ge <m13203533462@163.com> Co-authored-by: Jiangween <145003935+Jiangween@users.noreply.github.com> |
||
|
Archer
|
9639139b52 | Sandbox (#1610) (#1611) |