943b23b042
Merge remote-tracking branch 'origin/main' into feat/cli
2026-05-24 22:47:33 -07:00
f70b745ec2
Potential fix for pull request finding 'CodeQL / Incomplete URL substring sanitization'
...
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2026-05-25 12:34:45 +08:00
eba0041973
fix(openapi): close 4 critical OAuth device-flow security findings
...
1. Host-header injection (sso_initiate / sso_complete): replace
request.host_url with dify_config.CONSOLE_API_URL via a
_trusted_origin() helper that fails closed when unset. An
attacker-controlled Host header on sso-initiate would otherwise
be sealed into the signed state envelope, causing the IdP to
redirect the victim's EE-signed SSO assertion to evil.com.
2. Unvalidated JWS claim payloads: add ExtSubjectAssertionClaims
and ApprovalGrantClaimsPayload pydantic models and route every
verified payload through model_validate. A signed-but-malformed
blob now returns BadRequest('invalid_sso_assertion') or
VerifyError('claim shape invalid') instead of crashing the
handler with KeyError / 500. ApprovalGrantClaimsPayload is
imported lazily inside verify_approval_grant to break the
libs -> controllers cycle.
3. Timing-unsafe CSRF compare in approve_external: replace plain
!= with secrets.compare_digest.
4. Bearer rate-limit bypass on revoked tokens: move
enforce_bearer_rate_limit to fire after sha256_hex but before
resolver.resolve, so revoked-token replay is now bounded. Also
collapse the two distinct error messages (unknown token prefix
vs token unknown or revoked) into a single generic
'invalid_bearer' to remove the prefix-validity oracle.
Tests: 4 new unit-test files cover each finding plus one updated
test for the new bearer error string. 744 tests pass.
2026-05-24 21:17:36 -07:00
639e12a306
fix: request /api/datasets raise exception ( #36591 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-25 02:27:54 +00:00
da10ea017a
Merge branch 'main' into feat/cli
2026-05-25 10:16:50 +08:00
8d99326fb3
feat(plugin): cache plugin model providers by tenant ( #36449 )
...
Co-authored-by: WH-2099 <wh2099@pm.me >
2026-05-23 09:12:09 +00:00
8d7ee1d761
Merge branch 'main' into feat/cli
2026-05-23 14:37:18 +08:00
a831920803
fix typing
2026-05-23 14:21:04 +08:00
98de360447
refactor: move db query from api leyer to service layer
2026-05-23 14:21:04 +08:00
95816a26b8
refactor(workspace): move data access to service
2026-05-23 14:21:04 +08:00
f39e7d6cd5
refactor: move select to data access layer
2026-05-23 14:21:04 +08:00
a6970bc144
[autofix.ci] apply automated fixes
2026-05-23 03:14:43 +00:00
fecdef6c21
fix test
2026-05-23 11:10:09 +08:00
0c1b37687f
refactor: decouple Context from flask
2026-05-23 10:33:07 +08:00
341a82bf1e
[autofix.ci] apply automated fixes
2026-05-23 01:37:21 +00:00
e71df18d72
add test for openapi registration
2026-05-23 09:28:31 +08:00
790ca72627
refactor(api): migrate console/service_api.dataset to BaseModel ( #36480 )
2026-05-22 17:39:07 +00:00
4c2ba50dfe
Merge remote-tracking branch 'upstream/main' into feat/cli
2026-05-22 21:38:55 +08:00
3df1042706
fix api test
2026-05-22 21:38:17 +08:00
d94e302045
fix typings
2026-05-22 18:15:28 +08:00
473c945839
chore: seprate vector space quota query ( #36514 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-22 09:26:17 +00:00
851bf36f24
Merge remote-tracking branch 'upstream/main' into feat/cli
2026-05-22 16:07:59 +08:00
92181dbe09
fix(api): preserve remote file URL query params ( #36478 )
2026-05-22 01:45:20 +00:00
30deef45d9
fix(api): pass SSL verify flag to SSRF proxy mounts ( #36455 )
2026-05-22 01:31:46 +00:00
7ecbed3b04
chore: add Type to test ( #36454 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-21 19:25:03 +00:00
ea5e487d3c
fix(api): stop returning 204 with response body and add CI check ( #36489 )
2026-05-21 16:20:34 +00:00
f19702f76c
feat(api): Flask-RESTX response() vs actual return value checker ( #36488 )
2026-05-21 15:05:06 +00:00
092c8bca81
refactor(api): migrate console.datasets.metadata to BaseModel ( #36450 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-21 15:04:42 +00:00
0cf9597f52
fix: suggested questions API crash on legacy conversation override configs ( #36459 )
2026-05-21 01:58:52 +00:00
60cd346fa6
feat: wire workflow agent node runtime ( #36437 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-20 12:39:45 +00:00
56d4d54c16
chore: compatiable conversation is not exists ( #33274 )
...
Co-authored-by: -LAN- <laipz8200@outlook.com >
2026-05-20 12:37:33 +00:00
e3b45a48eb
fix: allow config pubsub join timeout for lower post-run latency ( #36438 )
...
Co-authored-by: QuantumGhost <obelisk.reg+git@gmail.com >
2026-05-20 08:45:51 +00:00
f04d809426
fix(api): fix invalid token error while changing email ( #36412 )
2026-05-20 05:51:15 +00:00
7bc5c89e3c
fix: prevent recursion error when SharePoint folder is empty ( #36372 )
2026-05-20 03:56:49 +00:00
5381452de9
feat(cli,api): difyctl version probes server and reports compat verdict ( #36356 )
...
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-20 10:27:34 +08:00
d9e90d0fa0
feat: add new agent ( #36284 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-19 10:43:23 +00:00
2565637e36
test: stabilize trigger subscription name uniqueness setup ( #36353 )
2026-05-19 10:09:02 +00:00
34a89416f7
test(api): manage backend pytest services natively ( #36235 )
2026-05-19 07:52:15 +00:00
04d62867af
feat(dify-ui): add shared form primitives ( #36334 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-19 05:38:57 +00:00
de0a44be06
Merge branch 'main' into feat/cli
2026-05-19 10:37:42 +08:00
2d5186fb28
fix(offline): guard marketplace I/O paths for ENG-421 ( #36335 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-18 13:53:42 +00:00
9dc95eeb20
test(api): isolate container DB between tests ( #36310 )
...
Co-authored-by: Asuka Minato <i@asukaminato.eu.org >
2026-05-18 08:52:19 +00:00
76bba64b79
chore: add type to test ( #36324 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-18 08:47:47 +00:00
2eb37caf2e
refactor(api): migrate console.app.workflow to BaseModel ( #36216 )
...
Co-authored-by: WH-2099 <wh2099@pm.me >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-18 07:31:37 +00:00
d1238180ed
fix: use Generator type annotation with @contextmanager decorators ( #36297 )
...
Co-authored-by: Asuka Minato <i@asukaminato.eu.org >
2026-05-18 07:12:49 +00:00
e2d6ae818c
Merge remote-tracking branch 'upstream/main' into feat/cli
2026-05-18 14:00:59 +08:00
b96f372f45
chore(api): upgrade graphon to 0.4.0 ( #36124 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: QuantumGhost <obelisk.reg+git@gmail.com >
2026-05-18 00:34:17 +00:00
3c70d28064
fix(auth): preserve phase field in _TokenData so reset-password / change-email phase-bound checks don't 400 ( #36116 ) ( #36117 )
...
Signed-off-by: vuko <alexander.vukovic@seqis.com >
2026-05-17 19:55:00 +00:00
9d0906c684
chore: improve swagger markdown optional fields typing ( #36247 )
2026-05-16 16:40:20 +00:00
41b6f894c0
fix: fetch memory of LLM node may cause out of flask context ( #36253 )
2026-05-16 16:38:48 +00:00
