opensource/dify - dify - Gitea: Git with a cup of tea

mirror of https://github.com/langgenius/dify.git synced 2026-05-09 21:28:25 +08:00

Author	SHA1	Message	Date
L1nSn0w	8b07cacb0a	fix(api): reject extensionless files even with empty whitelist entries A whitelist with an empty / whitespace entry (e.g. a stray comma in DSL) combined with an extensionless file would spuriously match — both sides normalize to "" and pass. Filter empty normalized whitelist entries and short-circuit when the input extension itself normalizes to empty, so invalid whitelist entries can't widen the allowlist. Reported by Copilot on PR review.	2026-05-09 11:57:31 +08:00
autofix-ci[bot]	f3ea530ae8	[autofix.ci] apply automated fixes	2026-05-09 11:57:31 +08:00
L1nSn0w	079fa3e2f9	fix(api): keep empty extension whitelist as deny in CUSTOM bucket Follow-up to the prior fix. The bucket-semantics rewrite changed the extension-whitelist guard from `is not None` to truthiness, which silently widened behavior for the empty-list case (UI never submits it, but DSL / API paths could). Restore the original deny-on-empty posture: when a file falls into the CUSTOM bucket, an explicitly set whitelist (including []) is authoritative. Also tightens _normalize_extension so whitespace-only input returns "" consistent with empty input, and locks two contracts with tests: - empty whitelist + CUSTOM bucket rejects (regression guard for the silent widening) - TokenBufferMemory passes config=None to build_from_message_file (regression guard for the replay-skips-validation contract)	2026-05-09 11:57:31 +08:00
L1nSn0w	2aa9c69ac4	fix(api): accept resolved file types in custom bucket on history replay A Chatflow file uploaded into the CUSTOM type slot is coerced to its detected type by _resolve_file_type (PNG -> IMAGE), and MessageFile.type persists that resolved type. On history replay, build_from_message_file rebuilds mapping["type"] from MessageFile.type, so a file that passed round 1 (mapping["type"]=="custom") was rejected on round 2 (mapping["type"]=="image") even though the workflow config was unchanged. - Refactor is_file_valid_with_config with bucket semantics: CUSTOM acts as a fallback bucket gated by allowed_file_extensions, compared case- and dot-insensitively. This also fixes a parallel mismatch where a user whitelist of [".PNG", "png", "JPG", ...] failed to match the upload-side ".png" (always lowercase with leading dot). - Skip re-validation when rehydrating files from conversation history in TokenBufferMemory and BaseAgentRunner; history files were validated at upload time, mirroring build_file_from_stored_mapping.	2026-05-09 11:57:31 +08:00
Asuka Minato	140ad6ba4e	chore: add Type to test (#35942 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-09 03:16:22 +00:00
Crazywoola	e03eb3a76c	chore: bump LiteLLM for CVE-2026-42208 (#35953 )	2026-05-09 03:14:14 +00:00
Asuka Minato	38a419d073	ci: auto gen api doc and download link (#35919 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: WH-2099 <wh2099@pm.me>	2026-05-09 03:01:47 +00:00
wangxiaolei	c74cbb68da	fix: change write to db order (#35948 )	2026-05-09 02:36:54 +00:00
yyh	271019006e	fix: prevent workflow preview resize observer loop (#35936 )	2026-05-09 01:29:20 +00:00
Asuka Minato	19bf36a716	chore: dep inject for session (#35934 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-08 17:48:33 +00:00
macat	48d27e250b	refactor: split docker-compose env config into separate files (#31586 ) Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: -LAN- <laipz8200@outlook.com>	2026-05-08 15:36:20 +00:00
-LAN-	d06b5529b3	chore(docker): clean up env examples (#35938 )	2026-05-08 12:53:13 +00:00
wangxiaolei	8132c444dc	feat: support SQLALCHEMY_POOL_RESET_ON_RETURN config (#31156 )	2026-05-08 12:25:46 +00:00
github-actions[bot]	cb0356e9d7	chore(i18n): sync translations with en-US (#35933 ) Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by: yyh <92089059+lyzno1@users.noreply.github.com>	2026-05-08 11:25:15 +00:00
EvanYao	4d80892d7b	refactor: convert isinstance chains to match/case (#35902 ) (#35922 ) Signed-off-by: EvanYao826 <2869018789@qq.com>	2026-05-08 09:51:10 +00:00
Joel	af754f497a	chore: add query generator before lauch webapp (#35416 ) Co-authored-by: yyh <yuanyouhuilyz@gmail.com>	2026-05-08 09:49:43 +00:00
yyh	8f93bb36ba	feat(dify-ui): add drawer (#35917 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-08 08:53:32 +00:00
shawnYJ	82f24b336d	fix(workflow): handle file-preview URLs in node output display (#34150 )	2026-05-08 07:55:46 +00:00
非法操作	927a17804b	feat: support configurable explore app categories (#35723 )	2026-05-08 06:04:07 +00:00
Xiyuan Chen	29f34848cd	fix(tools): scope builtin tool default-credential clear to tenant (#35887 )	2026-05-08 05:08:23 +00:00
Baki Burak Öğün	1b0d4637b3	fix(i18n): update Turkish translations for new strings (#35905 ) Co-authored-by: Baki Burak Öğün <b.burak.ogun@goc.local> Co-authored-by: Crazywoola <100913391+crazywoola@users.noreply.github.com>	2026-05-08 03:24:02 +00:00
EvanYao	936a09c704	fix: replace SimpleNamespace with MagicMock(spec=App) in _app_stub (#34636 ) (#35897 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-08 03:18:21 +00:00
kien duong	5cc62fd1c9	fix(web): pass end_user.external_user_id string to transcript_asr (#35898 )	2026-05-08 02:55:32 +00:00
kien duong	7bc19d8251	fix(web): explicitly resume AudioContext and play audio on first TTS load (#35901 )	2026-05-08 02:51:14 +00:00
Stephen Zhou	e845475408	chore: update deps (#35907 )	2026-05-08 02:33:18 +00:00
yyh	9a8aa6a0c3	refactor(web): inline tag query defaults (#35883 ) Signed-off-by: yyh <yuanyouhuilyz@gmail.com>	2026-05-08 02:06:10 +00:00
Stephen Zhou	76a7f5f4b9	chore: update deps (#35812 )	2026-05-08 01:32:14 +00:00
yyh	2ff50514c8	refactor: migrate app selector to combobox (#35896 )	2026-05-08 01:23:32 +00:00
Asuka Minato	7901ac9a97	chore: example of isinstance to match case (#35903 )	2026-05-08 01:07:19 +00:00
Asuka Minato	ecd830083a	test: add type to test (#35871 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-08 01:06:25 +00:00
NVIDIAN	203b3a9499	refactor(api): migrate console apikey responses to BaseModel (#35218 ) Co-authored-by: ai-hpc <ai-hpc@users.noreply.github.com>	2026-05-07 16:12:25 +00:00
Coding On Star	9331024d91	refactor(web): portal to follow elem migration (#35892 ) Co-authored-by: CodingOnStar <hanxujiang@dify.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: yyh <yuanyouhuilyz@gmail.com>	2026-05-07 13:02:11 +00:00
Escape0707	c6a5de3c18	fix: delete redundant api/libs/typing.py (#35890 )	2026-05-07 11:16:29 +00:00
Escape0707	cd3327013a	chore(test): Move plugin permission tests to testcontainers (#35884 )	2026-05-07 09:57:53 +00:00
yyh	cd66559ebf	refactor(web): migrate tag controls to combobox (#35881 )	2026-05-07 08:55:13 +00:00
Joel	8b77ec7f31	fix: transfer workspace dropdown not show (#35876 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-07 07:46:47 +00:00
yyh	bb3de5dd32	refactor: improve model selector search (#35875 )	2026-05-07 07:05:14 +00:00
Stream	1e2d309122	chore: easier and simpler deploy (#35708 )	2026-05-07 06:01:32 +00:00
yyh	a24ec60e51	feat: add dify-ui autocomplete and combobox (#35868 )	2026-05-07 05:39:13 +00:00
Asuka Minato	8fd616d27f	refactor: add type to test (#30873 ) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-07 03:46:23 +00:00
Stephen Zhou	e5bdc40dce	feat(dev-proxy): init package (#35852 )	2026-05-07 03:32:14 +00:00
shawnYJ	376c43e5ac	fix(workflow): use correct field ID in KB metadata filter selection (#34149 ) Co-authored-by: 非法操作 <hjlarry@163.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-07 02:21:30 +00:00
dependabot[bot]	3ebb449d25	chore(deps): bump gitpython from 3.1.47 to 3.1.49 in /api (#35864 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-07 02:12:20 +00:00
dependabot[bot]	5297ac76ec	chore(deps): bump mako from 1.3.11 to 1.3.12 in /api (#35863 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-07 02:11:55 +00:00
zyssyz123	bbed1d4a7c	fix: update endpoint when update tidb status (#35854 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-07 01:54:07 +00:00
Asuka Minato	c804dbed8c	ci: bump tyck (#35862 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-07 01:49:40 +00:00
yyh	00bf3f83f2	refactor: verticalize tag management and batch bindings (#35840 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-07 01:36:10 +00:00
github-actions[bot]	7e6745e105	chore(i18n): sync translations with en-US (#35853 ) Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>	2026-05-06 12:50:46 +00:00
Joel	d648ce6888	chore: improve the progress of education pay (#35851 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-06 10:42:03 +00:00
Stephen Zhou	f3c3534e33	chore(web): add enterprise dev proxy support (#35842 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-06 09:26:34 +00:00

1 2 3 4 5 ...

10529 Commits