04954918a5
Merge commit from fork
...
* fix(oraclevector): SQL Injection
Signed-off-by: -LAN- <laipz8200@outlook.com >
* fix(oraclevector): Remove bind variables from FETCH FIRST clause
Oracle doesn't support bind variables in the FETCH FIRST clause.
Fixed by using validated integers directly in the SQL string while
maintaining proper input validation to prevent SQL injection.
- Updated search_by_vector method to use validated top_k directly
- Updated search_by_full_text method to use validated top_k directly
- Adjusted parameter numbering for document_ids_filter placeholders
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-Authored-By: Claude <noreply@anthropic.com >
---------
Signed-off-by: -LAN- <laipz8200@outlook.com >
Co-authored-by: Claude <noreply@anthropic.com >
2025-08-26 13:51:23 +08:00
eb3a031964
readme and claude.md sync. ( #24495 )
2025-08-26 12:57:26 +08:00
410fe7293f
opt(api): optimize update contention on the providers table ( #24520 )
2025-08-26 11:41:38 +08:00
d7869a4d1e
feat: add authorizations for swagger doc ( #24518 )
2025-08-26 11:41:00 +08:00
cfb8d224da
fix: standardize authentication error messages to prevent user enumeration ( #24324 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-26 09:46:23 +08:00
c14b498676
hotfix: add test containers based tests for workflow app service ( #24501 )
2025-08-26 09:24:45 +08:00
ac5aed7a45
Fix missing return 200 in response handling ( #24499 )
...
Co-authored-by: Yongtao Huang <99629139+hyongtao-db@users.noreply.github.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-26 09:24:18 +08:00
f6cfe80bf5
feat: migrate Inner API module to Flask-RESTX ( #24492 )
2025-08-26 00:23:48 +08:00
2b91ba2411
example: limit current user usage ( #24470 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-26 00:23:29 +08:00
99fec40117
example of remove some reflections ( #24488 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-25 23:16:59 +08:00
3df04c7e9a
Fix TypeError: object of type int has no len() ( #24484 )
...
Signed-off-by: zhanluxianshen <zhanluxianshen@163.com >
2025-08-25 19:50:51 +08:00
1d776c4cd0
feat: If combining text and files, place the text prompt after the fi… ( #24472 )
2025-08-25 17:51:46 +08:00
6010d5f24c
feat: add multi model credentials ( #24451 )
...
Co-authored-by: zxhlyh <jasonapring2015@outlook.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-25 16:12:29 +08:00
b08bfa203a
fix(flask_restx): invite member email parse error ( #24464 )
2025-08-25 15:50:20 +08:00
a06681913d
remove: document download file permission ( #24459 )
2025-08-25 15:11:48 +08:00
424fdf4b52
fix: flask_restx namespace path wrong ( #24456 )
2025-08-25 14:56:20 +08:00
a9e106b17e
fix: Fix login error handling by raising exception instead of returning ( #24452 )
2025-08-25 13:54:25 +08:00
044ad5100e
fix: Update doc word count after delete chunks ( #24435 )
...
Co-authored-by: wangmuke <wangmuke@kingsware.cn >
2025-08-25 12:08:34 +08:00
3032e6fe59
example for logging ( #24441 )
2025-08-25 11:41:17 +08:00
4eba2ee92b
docs: better doc for dev in api like Claude.md ( #24442 )
...
Signed-off-by: yihong0618 <zouzou0208@gmail.com >
2025-08-25 11:14:04 +08:00
3aedc139ac
fix delete conversations via Api and delete conversations from db as well ( #23591 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <427733928@qq.com >
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2025-08-25 09:43:45 +08:00
fe06d266e9
refactor: better error handler ( #24422 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
2025-08-25 09:28:42 +08:00
9a18911eba
Fix auth error handling ( #24420 )
...
Signed-off-by: Yongtao Huang <yongtaoh2022@gmail.com >
Co-authored-by: Yongtao Huang <99629139+hyongtao-db@users.noreply.github.com >
2025-08-25 09:28:10 +08:00
8c6e655380
feat: API docs for /files ( #24423 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
2025-08-25 09:27:09 +08:00
3075d415e1
feat: API docs for mcp ( #24424 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
2025-08-25 09:27:01 +08:00
b7466f8b65
feat: API docs for service api ( #24425 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
2025-08-25 09:26:54 +08:00
846b6bd14e
hotfix: add test containers based tests for website service ( #24430 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-25 09:25:50 +08:00
d8000251ff
chore: apply static type checks on celery async task dispatches and imports ( #24418 )
2025-08-24 23:07:22 +08:00
b5159d8c8a
hotfix: add test containers based tests for webapp auth service ( #24397 )
2025-08-24 21:04:39 +08:00
23dcb2dc1b
fix(vector): use semantic version comparison for version check ( #24409 )
2025-08-24 21:04:33 +08:00
f31ddc4b1c
fix(api): restful to restx migration issue ( #24416 )
2025-08-24 20:58:42 +08:00
18dce66443
try flask_restful -> flask_restx ( #24310 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
Co-authored-by: -LAN- <laipz8200@outlook.com >
2025-08-24 13:45:47 +08:00
b84bb4164f
fix : #24292 HTTP Request Node Unable to Access File from Start Node When Using Remote URL in Workflow API Call ( #24293 )
...
Co-authored-by: 李强04 <liqiang04@gaotu.cn >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-24 00:32:42 +08:00
1d09708eb7
Fix incorrect exception reference for json.dumps() ( #24329 )
...
Co-authored-by: Yongtao Huang <99629139+hyongtao-db@users.noreply.github.com >
2025-08-24 00:31:04 +08:00
8a348bea21
fix child-chunk ownership validation ( #24374 )
...
Signed-off-by: kenwoodjw <blackxin55+@gmail.com >
2025-08-23 20:17:44 +08:00
68576a5d63
feature: add test containers based tests for web conversation service ( #24372 )
2025-08-23 11:03:51 +08:00
2e47558f4b
fix: correct agent node token counting to properly separate prompt and completion tokens ( #24368 )
2025-08-23 11:00:14 +08:00
0a2111f33d
Expose agent node usage ( #24355 )
2025-08-23 10:57:58 +08:00
da9af7b547
[Chore/Refactor] Use centralized naive_utc_now for UTC datetime operations ( #24352 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
2025-08-22 23:53:05 +08:00
ad2c541163
Fix missing database commit in provider update handler ( #24357 )
2025-08-22 21:56:36 +08:00
77223e4df4
refactor: simplify repository factory with Django-style import_string ( #24354 )
2025-08-22 21:56:25 +08:00
51cc2bf429
example of next(, None) ( #24345 )
2025-08-22 18:32:22 +08:00
2a43e634e8
Update knowledge_retrieval_node.py ( #24111 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-22 16:43:59 +08:00
805b698c2e
Feat/chat message image first for agent and advanced_chat APP ( #23796 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-22 16:42:15 +08:00
455f842785
Flask 3.1.2 upgrade fix by Avoids using current_user in background thread ( #24290 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-22 14:47:13 +08:00
c5614d04d2
an example of sessionmaker ( #24246 )
2025-08-22 10:17:50 +08:00
1459fded08
Annotations example ( #24304 )
2025-08-22 10:14:17 +08:00
6b466a8469
[Test] add unit tests for web_reader_tool.py ( #24309 )
...
Co-authored-by: Yongtao Huang <99629139+hyongtao-db@users.noreply.github.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-08-22 09:28:00 +08:00
21c56c3107
feature: add test containers base tests for tag service ( #24313 )
2025-08-22 09:27:51 +08:00
5ab6bc283c
[CHORE]: x: T = None to x: Optional[T] = None ( #24217 )
2025-08-21 21:58:39 +08:00
