youngkingdom/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-05-04 01:18:05 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,871 Commits 489 Branches 170 Tags
a678dd1a324340daf699dd1b32cba58e4dfd73cb
Commit Graph

8871 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
QuantumGhost
c51cedff7e security(api): enforce privilege validation for dataset-to-pipeline transformation (#25603) 
The transformation from classic dataset to knowledge pipeline represents an irreversible
write operation that permanently alters the dataset structure. To prevent unauthorized
modifications, this change implements strict privilege validation in RagPipelineTransformApi.

Only users with editor privileges or dataset operator roles are authorized to execute
this transformation, ensuring proper access control for this critical operation.
 2025-09-12 17:12:06 +08:00
QuantumGhost
32a1a61d65 security(api): enforce privilege validation for dataset-to-pipeline transformation 
The transformation from classic dataset to knowledge pipeline represents an irreversible
write operation that permanently alters the dataset structure. To prevent unauthorized
modifications, this change implements strict privilege validation in `RagPipelineTransformApi`.

Only users with editor privileges or dataset operator roles are authorized to execute
this transformation, ensuring proper access control for this critical operation.
 2025-09-12 17:07:26 +08:00
jyong
ad870de554 add dataset service api enable 2025-09-12 15:35:13 +08:00
kenwoodjw
c91253d05d fix segment deletion race condition (#24408) 
Signed-off-by: kenwoodjw <blackxin55+@gmail.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-09-12 15:29:57 +08:00
Guangdong Liu
285291f545 refactor: update API routes and documentation for console endpoints (#25554) 2025-09-12 11:51:24 +08:00
JQSevenMiao
c0e1015c6e fix: filter temporary edges from workflow draft sync (#25442) 
Co-authored-by: jiasiqi <jiasiqi3@tal.com>
 2025-09-12 11:19:57 +08:00
github-actions[bot]
12d1bcc545 chore: translate i18n files and update type definitions (#25575) 
Co-authored-by: iamjoel <2120155+iamjoel@users.noreply.github.com>
 2025-09-12 10:39:38 +08:00
QuantumGhost
ac41151571 chore(api): remove unused installed_plugins.jsonl 2025-09-12 10:38:43 +08:00
Yeuoly
ec808f3fe8 refactor: centralize default end user session ID constant (#25416) 
This PR refactors the handling of the default end user session ID by centralizing it as an enum in the models module where the `EndUser` model is defined. This improves code organization and makes the relationship between the constant and the model clearer.

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-09-12 10:27:16 +08:00
Joel
394b0ac9c0 fix: login security issue frontend (#25571) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-12 10:25:06 +08:00
zyssyz123
c2fcd2895b Feat/email register refactor (#25369) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
Co-authored-by: Joel <iamjoel007@gmail.com>
 2025-09-12 10:24:54 +08:00
Ganondorf
bb1514be2d Force update search method to keyword_search (#25464) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-09-12 10:12:25 +08:00
Kurumi1997
8ffb9b6aed fix: Support passing the default app mode when creating an app (#25142) 
Co-authored-by: 王博 <wangbo@localhost.com>
 2025-09-12 10:06:07 +08:00
Matri Qi
33afa7c84a Fix/disable no unsafe optional chaining (#25553) 2025-09-12 10:03:34 +08:00
L
69aad38d03 fix(date-picker): handle string date to avoid crash (#25522) 
Co-authored-by: 刘佳佳 <liujiajia@nanjingwanhui.com>
Co-authored-by: crazywoola <427733928@qq.com>
 2025-09-12 10:01:26 +08:00
Novice
17b5309e47 fix: single step system file error (#25533) 
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-09-12 09:47:45 +08:00
Asuka Minato
05af23f88f use autospec=True in mock (#25497) 2025-09-12 09:46:02 +08:00
Yongtao Huang
4511f4f537 Remove redundant parse_args call in WorkflowByIdApi.patch (#25498) 2025-09-12 09:40:41 +08:00
dependabot[bot]
bdacc4da36 chore(deps): bump mermaid from 11.4.1 to 11.10.0 in /web (#25521) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-12 09:40:18 +08:00
15
1a078657d8 Fixes #25530 (#25531) 2025-09-12 09:39:17 +08:00
Asuka Minato
77ba3e8f26 add autofix pnpm (#25557) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-12 09:37:54 +08:00
Wu Tianwei
84e3571ec3 fix: delete get upload file endpoint (#25543) 
Co-authored-by: jyong <718720800@qq.com>
 2025-09-12 09:36:53 +08:00
NeatGuyCoding
de18b14372 feat: add test containers based tests for delete segment from index task (#25564) 2025-09-12 09:33:39 +08:00
Yongtao Huang
a1322ddb5d Fix: correct has_more pagination logic in get_conversational_variable (#25484) 
Signed-off-by: Yongtao Huang<yongtaoh2022@gmail.com>
 2025-09-12 09:32:22 +08:00
GuanMu
c7868fb176 test: remove print code (#25481) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-09-12 09:30:56 +08:00
椰子糖
4b6687db6b Fix log time display bug (#25475) 
Co-authored-by: wxliqigang <wxliqigang@gfpartner.com.cn>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2025-09-12 02:46:04 +09:00
-LAN-
462ba354a4 Merge remote-tracking branch 'origin/main' into feat/queue-based-graph-engine 2025-09-12 00:21:06 +08:00
JeeekXY
f1d5bc58b0 fix: app name overflow (#25551) 
Co-authored-by: luxiaoyu1 <luxiaoyu1@xiaomi.com>
 2025-09-11 21:19:55 +08:00
NeatGuyCoding
99f4cd1cfa feat: add test containers based tests for deal dataset vector index (#25545) 2025-09-11 21:12:53 +08:00
-LAN-
3c668e4a5c fix: update test assertions for ToolProviderApiEntity validation 
- Fixed test_repack_provider_entity_no_dark_icon to use empty string instead of None for icon_dark field
- Updated test_builtin_provider_to_user_provider_no_credentials assertion to match actual implementation behavior where masked_credentials always contains empty strings for schema fields
 2025-09-11 16:41:10 +08:00
zxhlyh
c2ad68d59a refactor(workflow): streamline node metadata structure and enhance filtering logic (#25528) 2025-09-11 16:11:34 +08:00
twwu
274e7f4f09 refactor(workflow): streamline node metadata structure and enhance filtering logic 2025-09-11 16:02:06 +08:00
-LAN-
872cff7bab chore(iteration_node): convert some Any to object 
Signed-off-by: -LAN- <laipz8200@outlook.com>
 2025-09-11 15:40:12 +08:00
-LAN-
8fb69429f9 feat(graph_engine): support parallel mode in iteration node 
Signed-off-by: -LAN- <laipz8200@outlook.com>
 2025-09-11 15:37:46 +08:00
-LAN-
85064bd8cf Merge remote-tracking branch 'origin/main' into feat/queue-based-graph-engine 2025-09-11 15:13:31 +08:00
-LAN-
ba5df3612b fix: tests 
Signed-off-by: -LAN- <laipz8200@outlook.com>
 2025-09-11 15:13:18 +08:00
-LAN-
a923ab1ab8 fix: type errors 
Signed-off-by: -LAN- <laipz8200@outlook.com>
 2025-09-11 15:01:16 +08:00
QuantumGhost
874406d934 security(api): fix privilege escalation vulnerability in model config and chat message APIs (#25518) 
The `ChatMessageApi` (`POST /console/api/apps/{app_id}/chat-messages`) and 
`ModelConfigResource` (`POST /console/api/apps/{app_id}/model-config`) 
endpoints do not properly validate user permissions, allowing users without `editor` 
permission to access restricted functionality.

This PR addresses this issue by adding proper permission check.
 2025-09-11 14:53:35 +08:00
Nite Knite
07d067d828 chore: support Zendesk widget (#25517) 2025-09-11 13:17:50 +08:00
Xiyuan Chen
af7f67dc9c Feat/enteprise cd (#25508) 2025-09-10 20:53:42 -07:00
QuantumGhost
9458ebe320 fix: Add waiting state to document embedding process (#25478) 2025-09-11 11:00:47 +08:00
QuantumGhost
5c3d12cfc8 refactor(i18n): clean up code structure and improve readability (#25510) 2025-09-11 11:00:14 +08:00
WTW0313
b146f5d3fa refactor(i18n): clean up code structure and improve readability 2025-09-11 10:53:40 +08:00
Xiyuan Chen
34e55028ae Feat/enteprise cd (#25485) 2025-09-10 19:01:32 -07:00
-LAN-
b4c1766932 fix: type errors 
Signed-off-by: -LAN- <laipz8200@outlook.com>
 2025-09-10 21:48:05 +08:00
-LAN-
00a1af8506 refactor(graph_engine): use singledispatch in Node 
Signed-off-by: -LAN- <laipz8200@outlook.com>
 2025-09-10 20:59:34 +08:00
twwu
f925cb5191 fix: Fix typo in embedding process variable name 2025-09-10 16:05:44 +08:00
twwu
4559d19d46 fix: Add waiting state to document embedding process 2025-09-10 15:59:13 +08:00
Eric Guo
70e4d6be34 Fix 500 in dataset page. (#25474) 2025-09-10 15:57:04 +08:00
Wu Tianwei
b690ac4e2a fix: Remove sticky positioning from workflow component fields (#25470) 2025-09-10 15:17:49 +08:00