c3b7b3ed0c
Merge remote-tracking branch 'upstream/main' into feat/human-input-merge-again
2026-01-28 16:21:37 +08:00
9bbe63c1d8
Implement a ratelimit for Web App Form endpoints (vibe-kanban 033e0d0d)
...
Prevent adversaries from brute-frocing the form token.
2026-01-27 07:49:50 +08:00
6277fc3b74
feat(api): Add configuration example for HITL related configuration
2026-01-26 08:52:04 +08:00
67bb3c2026
feat(api): enable human input timeout check
2026-01-26 08:40:28 +08:00
515002a8ba
feat: app trial ( #26281 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: hj24 <mambahj24@gmail.com >
2026-01-22 15:42:54 +08:00
e80d76af15
feat: add lock for retention jobs ( #31320 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-01-21 14:06:35 +08:00
2db638b992
Add a configuration for controlling the redis instance / type used for streaming events between celery worker and api (vibe-kanban 08e07904)
...
Currently, the celery worker executing workflows / chatflows uses redis pubsub to publish events to api.
(See \_topic\_msg\_generator and \_publish\_streaming\_response)
The current implementation uses the default redis client.
For large scale deployment, we need to use a dedicated redis cluster to ensure performance.
To achieve this, you should:
1. introduce a dedicated configuration class to control
the redis address used for pubsub. (Ideally, there should only be one configuration item such as `pubsub_redis_url`, and its default value should be the original redis confugration.)
2. Add an option to switch between pubsub and sharded pubsub. When shared pubsub is specified, the ShardedRedisBroadcastChannel should be used instead.
COmplete the task above, add some unit tests.
2026-01-19 07:40:44 +08:00
0ec2b12e65
feat: allow pass hostname in docker env ( #30975 )
2026-01-14 19:30:37 +08:00
c327d0bb44
fix: Correction to the full name of Volc TOS ( #30741 )
2026-01-14 10:11:30 +08:00
51ea87ab85
feat: clear free plan workflow run logs ( #29494 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
2026-01-12 15:57:40 +08:00
fe0802262c
feat: credit pool ( #30720 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-01-08 13:17:30 +08:00
184f7ab144
WIP: feat(api): always use form_token to submit human input form
2026-01-06 08:53:24 +08:00
f1fff0a243
fix: fix WorkflowExecution.outputs containing non-JSON-serializable o… ( #30464 )
2026-01-05 10:57:23 +08:00
5362f69083
feat(refactoring): Support Structured Logging (JSON) ( #30170 )
2026-01-04 11:46:46 +08:00
3015e9be73
feat: add archive storage client and env config ( #30422 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-12-31 16:14:46 +08:00
2c919efa69
feat: support tencent cos custom domain ( #30193 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-12-29 15:41:02 +08:00
5d0dd329f2
WIP: human input timeout
2025-12-26 12:34:46 +08:00
f368155995
resume test
2025-12-26 12:16:01 +08:00
8b914d9116
WIP
2025-12-26 10:45:23 +08:00
3322e7a7e3
feat: Add OSS-specific parameters for HW and ALI private deployment ( #29705 )
...
Co-authored-by: crazywoola <427733928@qq.com >
2025-12-22 21:59:32 +08:00
eb5a444d3d
fix: plugin execution timeout not respecting PLUGIN_MAX_EXECUTION_TIMEOUT ( #29785 )
...
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
2025-12-18 15:11:01 +08:00
46c9a59a31
feat: sandbox retention basic settings ( #29842 )
2025-12-18 14:16:23 +08:00
a915b8a584
revert: "security/fix-swagger-info-leak-m02" ( #29721 )
2025-12-16 14:19:33 +08:00
4cc6652424
feat: VECTOR_STORE supports seekdb ( #29658 )
2025-12-16 12:35:04 +09:00
724cd57dbf
fix: dos in annotation import ( #29470 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-12-15 15:22:04 +08:00
355a2356d4
security/fix-swagger-info-leak-m02 ( #29283 )
...
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
2025-12-15 11:24:06 +08:00
569c593240
feat: Add InterSystems IRIS vector database support ( #29480 )
...
Co-authored-by: Tomo Okuyama <tomo.okuyama@intersystems.com >
2025-12-15 10:20:43 +08:00
9affc546c6
Feat/support multimodal embedding ( #29115 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-12-09 14:41:46 +08:00
f48522e923
feat: add x-trace-id to http responses and logs ( #29015 )
...
Introduce trace id to http responses and logs to facilitate debugging process.
2025-12-02 17:22:34 +08:00
2551f6f279
feat: add APP_DEFAULT_ACTIVE_REQUESTS as the default value for APP_AC… ( #26930 )
2025-11-27 10:51:48 +08:00
f76a3f545c
Feat/add weaviate tokenization configurable ( #28159 )
...
Co-authored-by: lijiezhao <lijiezhao@perfect99.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-11-25 20:07:45 +08:00
a1b735a4c0
feat: trigger billing ( #28335 )
...
Signed-off-by: lyzno1 <yuanyouhuilyz@gmail.com >
Co-authored-by: lyzno1 <yuanyouhuilyz@gmail.com >
Co-authored-by: lyzno1 <92089059+lyzno1@users.noreply.github.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-11-20 10:15:23 +08:00
c0b7ffd5d0
feat:mysql adaptation for metadb ( #28188 )
2025-11-20 09:44:39 +08:00
fe6538b08d
chore: disable workflow logs auto-cleanup by default ( #28136 )
...
This PR changes the default value of `WORKFLOW_LOG_CLEANUP_ENABLED` from `true` to `false` across all configuration files.
## Motivation
Setting the default to `false` provides safer default behavior by:
- Preventing unintended data loss for new installations
- Giving users explicit control over when to enable log cleanup
- Following the opt-in principle for data deletion features
Users who need automatic cleanup can enable it by setting `WORKFLOW_LOG_CLEANUP_ENABLED=true` in their configuration.
2025-11-12 22:55:02 +08:00
b76e17b25d
feat: introduce trigger functionality ( #27644 )
...
Signed-off-by: lyzno1 <yuanyouhuilyz@gmail.com >
Co-authored-by: Stream <Stream_2@qq.com >
Co-authored-by: lyzno1 <92089059+lyzno1@users.noreply.github.com >
Co-authored-by: zhsama <torvalds@linux.do >
Co-authored-by: Harry <xh001x@hotmail.com >
Co-authored-by: lyzno1 <yuanyouhuilyz@gmail.com >
Co-authored-by: yessenia <yessenia.contact@gmail.com >
Co-authored-by: hjlarry <hjlarry@163.com >
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: WTW0313 <twwu@dify.ai >
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2025-11-12 17:59:37 +08:00
37903722fe
refactor: implement tenant self queue for rag tasks ( #27559 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: -LAN- <laipz8200@outlook.com >
2025-11-06 21:25:50 +08:00
68d357d7f6
Add WEAVIATE_GRPC_ENDPOINT as designed in weaviate migration guide ( #27861 )
...
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-11-05 17:19:08 +08:00
ef1db35f80
feat: implement file extension blacklist for upload security ( #27540 )
2025-11-04 15:45:22 +08:00
b610cf9a11
feat: add segments max number limit for SegmentApi.post ( #27745 )
2025-11-04 10:27:58 +08:00
ff32dff163
Enabled cross-subdomain console sessions by making the cookie domain configurable and aligning the frontend so it reads the shared CSRF cookie. ( #27190 )
2025-10-28 10:04:24 +08:00
32c715c4d0
rm type ignore ( #25715 )
...
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: -LAN- <laipz8200@outlook.com >
2025-10-21 11:26:58 +08:00
2382229c7d
fix variable-truncator max size comments ( #27129 )
2025-10-20 14:52:40 +09:00
59ad6e02ce
Add timeout so any plugin daemon call (including the SSE path) that legitimately takes longer than 5s would right. ( #26852 )
2025-10-14 09:23:27 +08:00
cbf2ba6cec
Feature integrate alibabacloud mysql vector ( #25994 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
2025-10-11 10:47:28 +08:00
1bd621f819
remove .value ( #26633 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2025-10-11 09:08:29 +08:00
885dff82e3
feat: update HTTP timeout configurations and enhance timeout input handling in UI ( #26685 )
2025-10-10 09:00:06 +08:00
4a475bf1cd
chore: Raise default string length limits ( #26592 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
Co-authored-by: Bowen Liang <liangbowen@gf.com.cn >
2025-10-06 10:40:13 +08:00
915023b809
Chore/remove add node restrict of workflow ( #26218 )
...
Co-authored-by: -LAN- <laipz8200@outlook.com >
2025-09-25 18:02:43 +08:00
e937c8c72e
improve: pooling httpx clients for requests to code sandbox and ssrf ( #26052 )
2025-09-24 22:14:50 +08:00
24b4289d6c
fix:add some explanation for oceanbase parser selection ( #26071 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-09-23 17:06:06 +08:00
