fix: remove unused fields

fix: mypy static type checking issues
Merge branch 'main' into feat/retry-single-step-debug
2026-01-25 14:25:57 +08:00 · 2024-12-26 14:51:33 +08:00 · 2024-12-26 09:04:29 +08:00 · 2024-12-26 08:56:24 +08:00 · 2024-12-25 10:40:02 +08:00 · 2024-12-25 10:38:54 +08:00
3940 changed files with 287053 additions and 97337 deletions
--- a/.devcontainer/post_create_command.sh
+++ b/.devcontainer/post_create_command.sh
@ -1,12 +1,11 @@
 #!/bin/bash

-npm add -g pnpm@9.12.2
-cd web && pnpm install
+cd web && npm install
 pipx install poetry

 echo 'alias start-api="cd /workspaces/dify/api && poetry run python -m flask run --host 0.0.0.0 --port=5001 --debug"' >> ~/.bashrc
 echo 'alias start-worker="cd /workspaces/dify/api && poetry run python -m celery -A app.celery worker -P gevent -c 1 --loglevel INFO -Q dataset,generation,mail,ops_trace,app_deletion"' >> ~/.bashrc
-echo 'alias start-web="cd /workspaces/dify/web && pnpm dev"' >> ~/.bashrc
+echo 'alias start-web="cd /workspaces/dify/web && npm run dev"' >> ~/.bashrc
 echo 'alias start-containers="cd /workspaces/dify/docker && docker-compose -f docker-compose.middleware.yaml -p dify up -d"' >> ~/.bashrc
 echo 'alias stop-containers="cd /workspaces/dify/docker && docker-compose -f docker-compose.middleware.yaml -p dify down"' >> ~/.bashrc

--- a/.github/actions/setup-poetry/action.yml
+++ b/.github/actions/setup-poetry/action.yml
@ -8,7 +8,7 @@ inputs:
  poetry-version:
    description: Poetry version to set up
    required: true
-    default: '2.0.1'
+    default: '1.8.4'
  poetry-lockfile:
    description: Path to the Poetry lockfile to restore cache from
    required: true
--- a/.github/workflows/api-tests.yml
+++ b/.github/workflows/api-tests.yml
@ -26,9 +26,6 @@ jobs:
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false

      - name: Setup Poetry and Python ${{ matrix.python-version }}
        uses: ./.github/actions/setup-poetry
@ -45,17 +42,25 @@ jobs:
        run: poetry install -C api --with dev

      - name: Check dependencies in pyproject.toml
-        run: poetry run -P api bash dev/pytest/pytest_artifacts.sh
+        run: poetry run -C api bash dev/pytest/pytest_artifacts.sh

      - name: Run Unit tests
-        run: poetry run -P api bash dev/pytest/pytest_unit_tests.sh
+        run: poetry run -C api bash dev/pytest/pytest_unit_tests.sh
+
+      - name: Run ModelRuntime
+        run: poetry run -C api bash dev/pytest/pytest_model_runtime.sh

      - name: Run dify config tests
-        run: poetry run -P api python dev/pytest/pytest_config_tests.py
+        run: poetry run -C api python dev/pytest/pytest_config_tests.py
+
+      - name: Run Tool
+        run: poetry run -C api bash dev/pytest/pytest_tools.sh

      - name: Run mypy
        run: |
-          poetry run -C api python -m mypy --install-types --non-interactive .
+          pushd api
+          poetry run python -m mypy --install-types --non-interactive .
+          popd

      - name: Set up dotenvs
        run: |
@ -75,4 +80,4 @@ jobs:
            ssrf_proxy

      - name: Run Workflow
-        run: poetry run -P api bash dev/pytest/pytest_workflow.sh
+        run: poetry run -C api bash dev/pytest/pytest_workflow.sh
--- a/.github/workflows/build-push.yml
+++ b/.github/workflows/build-push.yml
@ -79,12 +79,10 @@ jobs:
          cache-to: type=gha,mode=max,scope=${{ matrix.service_name }}

      - name: Export digest
-        env:
-          DIGEST: ${{ steps.build.outputs.digest }}
        run: |
          mkdir -p /tmp/digests
-          sanitized_digest=${DIGEST#sha256:}
-          touch "/tmp/digests/${sanitized_digest}"
+          digest="${{ steps.build.outputs.digest }}"
+          touch "/tmp/digests/${digest#sha256:}"

      - name: Upload digest
        uses: actions/upload-artifact@v4
@ -134,15 +132,10 @@ jobs:

      - name: Create manifest list and push
        working-directory: /tmp/digests
-        env:
-          IMAGE_NAME: ${{ env[matrix.image_name_env] }}
        run: |
          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-            $(printf "$IMAGE_NAME@sha256:%s " *)
+            $(printf '${{ env[matrix.image_name_env] }}@sha256:%s ' *)

      - name: Inspect image
-        env:
-          IMAGE_NAME: ${{ env[matrix.image_name_env] }}
-          IMAGE_VERSION: ${{ steps.meta.outputs.version }}
        run: |
-          docker buildx imagetools inspect "$IMAGE_NAME:$IMAGE_VERSION"
+          docker buildx imagetools inspect ${{ env[matrix.image_name_env] }}:${{ steps.meta.outputs.version }}
--- a/.github/workflows/db-migration-test.yml
+++ b/.github/workflows/db-migration-test.yml
@ -4,7 +4,6 @@ on:
  pull_request:
    branches:
      - main
-      - plugins/beta
    paths:
      - api/migrations/**
      - .github/workflows/db-migration-test.yml
@ -20,9 +19,6 @@ jobs:
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false

      - name: Setup Poetry and Python
        uses: ./.github/actions/setup-poetry
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@ -1,47 +0,0 @@
-name: Build docker image
-
-on:
-  pull_request:
-    branches:
-      - "main"
-    paths:
-      - api/Dockerfile
-      - web/Dockerfile
-
-concurrency:
-  group: docker-build-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  build-docker:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        include:
-          - service_name: "api-amd64"
-            platform: linux/amd64
-            context: "api"
-          - service_name: "api-arm64"
-            platform: linux/arm64
-            context: "api"
-          - service_name: "web-amd64"
-            platform: linux/amd64
-            context: "web"
-          - service_name: "web-arm64"
-            platform: linux/arm64
-            context: "web"
-    steps:
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Build Docker Image
-        uses: docker/build-push-action@v6
-        with:
-          push: false
-          context: "{{defaultContext}}:${{ matrix.context }}"
-          platforms: ${{ matrix.platform }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
--- a/.github/workflows/expose_service_ports.sh
+++ b/.github/workflows/expose_service_ports.sh
@ -9,6 +9,6 @@ yq eval '.services["pgvecto-rs"].ports += ["5431:5432"]' -i docker/docker-compos
 yq eval '.services["elasticsearch"].ports += ["9200:9200"]' -i docker/docker-compose.yaml
 yq eval '.services.couchbase-server.ports += ["8091-8096:8091-8096"]' -i docker/docker-compose.yaml
 yq eval '.services.couchbase-server.ports += ["11210:11210"]' -i docker/docker-compose.yaml
-yq eval '.services.tidb.ports += ["4000:4000"]' -i docker/tidb/docker-compose.yaml
+yq eval '.services.tidb.ports += ["4000:4000"]' -i docker/docker-compose.yaml

 echo "Ports exposed for sandbox, weaviate, tidb, qdrant, chroma, milvus, pgvector, pgvecto-rs, elasticsearch, couchbase"
--- a/.github/workflows/style.yml
+++ b/.github/workflows/style.yml
@ -17,9 +17,6 @@ jobs:
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false

      - name: Check changed files
        id: changed-files
@ -41,12 +38,12 @@ jobs:
        if: steps.changed-files.outputs.any_changed == 'true'
        run: |
          poetry run -C api ruff --version
-          poetry run -C api ruff check ./
-          poetry run -C api ruff format --check ./
+          poetry run -C api ruff check ./api
+          poetry run -C api ruff format --check ./api

      - name: Dotenv check
        if: steps.changed-files.outputs.any_changed == 'true'
-        run: poetry run -P api dotenv-linter ./api/.env.example ./web/.env.example
+        run: poetry run -C api dotenv-linter ./api/.env.example ./web/.env.example

      - name: Lint hints
        if: failure()
@ -62,9 +59,6 @@ jobs:
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false

      - name: Check changed files
        id: changed-files
@ -72,58 +66,22 @@ jobs:
        with:
          files: web/**

-      - name: Install pnpm
-        uses: pnpm/action-setup@v4
-        with:
-          version: 10
-          run_install: false
-
      - name: Setup NodeJS
        uses: actions/setup-node@v4
        if: steps.changed-files.outputs.any_changed == 'true'
        with:
          node-version: 20
-          cache: pnpm
+          cache: yarn
          cache-dependency-path: ./web/package.json

      - name: Web dependencies
        if: steps.changed-files.outputs.any_changed == 'true'
-        run: pnpm install --frozen-lockfile
+        run: yarn install --frozen-lockfile

      - name: Web style check
        if: steps.changed-files.outputs.any_changed == 'true'
-        run: pnpm run lint
+        run: yarn run lint

-  docker-compose-template:
-    name: Docker Compose Template
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false
-
-      - name: Check changed files
-        id: changed-files
-        uses: tj-actions/changed-files@v45
-        with:
-          files: |
-            docker/generate_docker_compose
-            docker/.env.example
-            docker/docker-compose-template.yaml
-            docker/docker-compose.yaml
-
-      - name: Generate Docker Compose
-        if: steps.changed-files.outputs.any_changed == 'true'
-        run: |
-          cd docker
-          ./generate_docker_compose
-
-      - name: Check for changes
-        if: steps.changed-files.outputs.any_changed == 'true'
-        run: git diff --exit-code

  superlinter:
    name: SuperLinter
@ -132,9 +90,6 @@ jobs:
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false

      - name: Check changed files
        id: changed-files
--- a/.github/workflows/tool-test-sdks.yaml
+++ b/.github/workflows/tool-test-sdks.yaml
@ -26,19 +26,16 @@ jobs:

    steps:
      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false

      - name: Use Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node-version }}
          cache: ''
-          cache-dependency-path: 'pnpm-lock.yaml'
+          cache-dependency-path: 'yarn.lock'

      - name: Install Dependencies
-        run: pnpm install --frozen-lockfile
+        run: yarn install

      - name: Test
-        run: pnpm test
+        run: yarn test
--- a/.github/workflows/translate-i18n-base-on-english.yml
+++ b/.github/workflows/translate-i18n-base-on-english.yml
@ -16,7 +16,6 @@ jobs:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 2 # last 2 commits
-          persist-credentials: false

      - name: Check for file changes in i18n/en-US
        id: check_files
@ -39,11 +38,11 @@ jobs:

      - name: Install dependencies
        if: env.FILES_CHANGED == 'true'
-        run: pnpm install --frozen-lockfile
+        run: yarn install --frozen-lockfile

      - name: Run npm script
        if: env.FILES_CHANGED == 'true'
-        run: pnpm run auto-gen-i18n
+        run: npm run auto-gen-i18n

      - name: Create Pull Request
        if: env.FILES_CHANGED == 'true'
--- a/.github/workflows/vdb-tests.yml
+++ b/.github/workflows/vdb-tests.yml
@ -28,9 +28,6 @@ jobs:
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false

      - name: Setup Poetry and Python ${{ matrix.python-version }}
        uses: ./.github/actions/setup-poetry
@ -54,15 +51,7 @@ jobs:
      - name: Expose Service Ports
        run: sh .github/workflows/expose_service_ports.sh

-      - name: Set up Vector Store (TiDB)
-        uses: hoverkraft-tech/compose-action@v2.0.2
-        with:
-          compose-file: docker/tidb/docker-compose.yaml
-          services: |
-            tidb
-            tiflash
-
-      - name: Set up Vector Stores (Weaviate, Qdrant, PGVector, Milvus, PgVecto-RS, Chroma, MyScale, ElasticSearch, Couchbase)
+      - name: Set up Vector Stores (TiDB, Weaviate, Qdrant, PGVector, Milvus, PgVecto-RS, Chroma, MyScale, ElasticSearch, Couchbase)
        uses: hoverkraft-tech/compose-action@v2.0.2
        with:
          compose-file: |
@ -78,9 +67,7 @@ jobs:
            pgvector
            chroma
            elasticsearch
-
-      - name: Check TiDB Ready
-        run: poetry run -P api python api/tests/integration_tests/vdb/tidb_vector/check_tiflash_ready.py
+            tidb

      - name: Test Vector Stores
-        run: poetry run -P api bash dev/pytest/pytest_vdb.sh
+        run: poetry run -C api bash dev/pytest/pytest_vdb.sh
--- a/.github/workflows/web-tests.yml
+++ b/.github/workflows/web-tests.yml
@ -22,34 +22,25 @@ jobs:
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          persist-credentials: false

      - name: Check changed files
        id: changed-files
        uses: tj-actions/changed-files@v45
        with:
          files: web/**
-      # to run pnpm, should install package canvas, but it always install failed on amd64 under ubuntu-latest
-      # - name: Install pnpm
-      #   uses: pnpm/action-setup@v4
-      #   with:
-      #     version: 10
-      #     run_install: false

-      # - name: Setup Node.js
-      #   uses: actions/setup-node@v4
-      #   if: steps.changed-files.outputs.any_changed == 'true'
-      #   with:
-      #     node-version: 20
-      #     cache: pnpm
-      #     cache-dependency-path: ./web/package.json
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        if: steps.changed-files.outputs.any_changed == 'true'
+        with:
+          node-version: 20
+          cache: yarn
+          cache-dependency-path: ./web/package.json

-      # - name: Install dependencies
-      #   if: steps.changed-files.outputs.any_changed == 'true'
-      #   run: pnpm install --frozen-lockfile
+      - name: Install dependencies
+        if: steps.changed-files.outputs.any_changed == 'true'
+        run: yarn install --frozen-lockfile

-      # - name: Run tests
-      #   if: steps.changed-files.outputs.any_changed == 'true'
-      #   run: pnpm test
+      - name: Run tests
+        if: steps.changed-files.outputs.any_changed == 'true'
+        run: yarn test
--- a/.gitignore
+++ b/.gitignore
@ -163,7 +163,6 @@ docker/volumes/db/data/*
 docker/volumes/redis/data/*
 docker/volumes/weaviate/*
 docker/volumes/qdrant/*
-docker/tidb/volumes/*
 docker/volumes/etcd/*
 docker/volumes/minio/*
 docker/volumes/milvus/*
@ -176,7 +175,6 @@ docker/volumes/pgvector/data/*
 docker/volumes/pgvecto_rs/data/*
 docker/volumes/couchbase/*
 docker/volumes/oceanbase/*
-docker/volumes/plugin_daemon/*
 !docker/volumes/oceanbase/init.d

 docker/nginx/conf.d/default.conf
@ -195,9 +193,3 @@ api/.vscode

 .idea/
 .vscode
-
-# pnpm
-/.pnpm-store
-
-# plugin migrate
-plugins.jsonl
--- a/README.md
+++ b/README.md
@ -25,9 +25,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="follow on X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="follow on LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
@ -108,72 +105,6 @@ Please refer to our [FAQ](https://docs.dify.ai/getting-started/install-self-host
 **7. Backend-as-a-Service**: 
  All of Dify's offerings come with corresponding APIs, so you could effortlessly integrate Dify into your own business logic.

-## Feature Comparison
-<table style="width: 100%;">
-  <tr>
-    <th align="center">Feature</th>
-    <th align="center">Dify.AI</th>
-    <th align="center">LangChain</th>
-    <th align="center">Flowise</th>
-    <th align="center">OpenAI Assistants API</th>
-  </tr>
-  <tr>
-    <td align="center">Programming Approach</td>
-    <td align="center">API + App-oriented</td>
-    <td align="center">Python Code</td>
-    <td align="center">App-oriented</td>
-    <td align="center">API-oriented</td>
-  </tr>
-  <tr>
-    <td align="center">Supported LLMs</td>
-    <td align="center">Rich Variety</td>
-    <td align="center">Rich Variety</td>
-    <td align="center">Rich Variety</td>
-    <td align="center">OpenAI-only</td>
-  </tr>
-  <tr>
-    <td align="center">RAG Engine</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-  </tr>
-  <tr>
-    <td align="center">Agent</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-    <td align="center">✅</td>
-  </tr>
-  <tr>
-    <td align="center">Workflow</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-  </tr>
-  <tr>
-    <td align="center">Observability</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-    <td align="center">❌</td>
-  </tr>
-  <tr>
-    <td align="center">Enterprise Feature (SSO/Access control)</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-    <td align="center">❌</td>
-    <td align="center">❌</td>
-  </tr>
-  <tr>
-    <td align="center">Local Deployment</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-  </tr>
-</table>

 ## Using Dify

--- a/README_AR.md
+++ b/README_AR.md
@ -21,9 +21,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="follow on X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="follow on LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
--- a/README_CN.md
+++ b/README_CN.md
@ -21,9 +21,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="follow on X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="follow on LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
--- a/README_ES.md
+++ b/README_ES.md
@ -21,9 +21,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="seguir en X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="seguir en LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Descargas de Docker" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
--- a/README_FR.md
+++ b/README_FR.md
@ -21,9 +21,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="suivre sur X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="suivre sur LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Tirages Docker" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
--- a/README_JA.md
+++ b/README_JA.md
@ -21,9 +21,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="X(Twitter)でフォロー"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="LinkedInでフォロー"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
--- a/README_KL.md
+++ b/README_KL.md
@ -21,9 +21,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="follow on X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="follow on LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
@ -87,7 +84,9 @@ Dify is an open-source LLM app development platform. Its intuitive interface com

 ## Feature Comparison
 <table style="width: 100%;">
-  <tr>
+  <tr
+
+>
    <th align="center">Feature</th>
    <th align="center">Dify.AI</th>
    <th align="center">LangChain</th>
--- a/README_KR.md
+++ b/README_KR.md
@ -21,9 +21,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="follow on X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="follow on LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
--- a/README_PT.md
+++ b/README_PT.md
@ -25,9 +25,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="follow on X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="follow on LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
--- a/README_SI.md
+++ b/README_SI.md
@ -22,9 +22,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="follow on X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="follow on LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
@ -106,73 +103,6 @@ Prosimo, glejte naša pogosta vprašanja [FAQ](https://docs.dify.ai/getting-star
 **7. Backend-as-a-Service**: 
  AVse ponudbe Difyja so opremljene z ustreznimi API-ji, tako da lahko Dify brez težav integrirate v svojo poslovno logiko.

-## Primerjava Funkcij
-
-<table style="width: 100%;">
-  <tr>
-    <th align="center">Funkcija</th>
-    <th align="center">Dify.AI</th>
-    <th align="center">LangChain</th>
-    <th align="center">Flowise</th>
-    <th align="center">OpenAI Assistants API</th>
-  </tr>
-  <tr>
-    <td align="center">Programski pristop</td>
-    <td align="center">API + usmerjeno v aplikacije</td>
-    <td align="center">Python koda</td>
-    <td align="center">Usmerjeno v aplikacije</td>
-    <td align="center">Usmerjeno v API</td>
-  </tr>
-  <tr>
-    <td align="center">Podprti LLM-ji</td>
-    <td align="center">Bogata izbira</td>
-    <td align="center">Bogata izbira</td>
-    <td align="center">Bogata izbira</td>
-    <td align="center">Samo OpenAI</td>
-  </tr>
-  <tr>
-    <td align="center">RAG pogon</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-  </tr>
-  <tr>
-    <td align="center">Agent</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-    <td align="center">✅</td>
-  </tr>
-  <tr>
-    <td align="center">Potek dela</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-  </tr>
-  <tr>
-    <td align="center">Spremljanje</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-    <td align="center">❌</td>
-  </tr>
-  <tr>
-    <td align="center">Funkcija za podjetja (SSO/nadzor dostopa)</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-    <td align="center">❌</td>
-    <td align="center">❌</td>
-  </tr>
-  <tr>
-    <td align="center">Lokalna namestitev</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">✅</td>
-    <td align="center">❌</td>
-  </tr>
-</table>

 ## Uporaba Dify

@ -254,4 +184,4 @@ Zaradi zaščite vaše zasebnosti se izogibajte objavljanju varnostnih vprašanj

 ## Licenca

-To skladišče je na voljo pod [odprtokodno licenco Dify](LICENSE) , ki je v bistvu Apache 2.0 z nekaj dodatnimi omejitvami.
+To skladišče je na voljo pod [odprtokodno licenco Dify](LICENSE) , ki je v bistvu Apache 2.0 z nekaj dodatnimi omejitvami.
--- a/README_TR.md
+++ b/README_TR.md
@ -21,9 +21,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="X(Twitter)'da takip et"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="LinkedIn'da takip et"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Çekmeleri" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
@ -65,6 +62,8 @@ Görsel bir arayüz üzerinde güçlü AI iş akışları oluşturun ve test edi
 ![providers-v5](https://github.com/langgenius/dify/assets/13230914/5a17bdbe-097a-4100-8363-40255b70f6e3)


+Özür dilerim, haklısınız. Daha anlamlı ve akıcı bir çeviri yapmaya çalışayım. İşte güncellenmiş çeviri:
+
 **3. Prompt IDE**: 
  Komut istemlerini oluşturmak, model performansını karşılaştırmak ve sohbet tabanlı uygulamalara metin-konuşma gibi ek özellikler eklemek için kullanıcı dostu bir arayüz.

@ -151,6 +150,8 @@ Görsel bir arayüz üzerinde güçlü AI iş akışları oluşturun ve test edi
 ## Dify'ı Kullanma

 - **Cloud </br>**
+İşte verdiğiniz metnin Türkçe çevirisi, kod bloğu içinde:
+- 
 Herkesin sıfır kurulumla denemesi için bir [Dify Cloud](https://dify.ai) hizmeti sunuyoruz. Bu hizmet, kendi kendine dağıtılan versiyonun tüm yeteneklerini sağlar ve sandbox planında 200 ücretsiz GPT-4 çağrısı içerir.

 - **Dify Topluluk Sürümünü Kendi Sunucunuzda Barındırma</br>**
@ -176,6 +177,8 @@ GitHub'da Dify'a yıldız verin ve yeni sürümlerden anında haberdar olun.
 >- RAM >= 4GB

 </br>
+İşte verdiğiniz metnin Türkçe çevirisi, kod bloğu içinde:
+
 Dify sunucusunu başlatmanın en kolay yolu, [docker-compose.yml](docker/docker-compose.yaml) dosyamızı çalıştırmaktır. Kurulum komutunu çalıştırmadan önce, makinenizde [Docker](https://docs.docker.com/get-docker/) ve [Docker Compose](https://docs.docker.com/compose/install/)'un kurulu olduğundan emin olun:

 ```bash
--- a/README_VI.md
+++ b/README_VI.md
@ -21,9 +21,6 @@
    <a href="https://twitter.com/intent/follow?screen_name=dify_ai" target="_blank">
        <img src="https://img.shields.io/twitter/follow/dify_ai?logo=X&color=%20%23f5f5f5"
            alt="theo dõi trên X(Twitter)"></a>
-    <a href="https://www.linkedin.com/company/langgenius/" target="_blank">
-        <img src="https://custom-icon-badges.demolab.com/badge/LinkedIn-0A66C2?logo=linkedin-white&logoColor=fff"
-            alt="theo dõi trên LinkedIn"></a>
    <a href="https://hub.docker.com/u/langgenius" target="_blank">
        <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/langgenius/dify-web?labelColor=%20%23FDB062&color=%20%23f79009"></a>
    <a href="https://github.com/langgenius/dify/graphs/commit-activity" target="_blank">
--- a/api/.dockerignore
+++ b/api/.dockerignore
@ -1,10 +1,7 @@
 .env
 *.env.*

-storage/generate_files/*
 storage/privkeys/*
-storage/tools/*
-storage/upload_files/*

 # Logs
 logs
@ -12,8 +9,6 @@ logs

 # jetbrains
 .idea
-.mypy_cache
-.ruff_cache

 # venv
 .venv
--- a/api/.env.example
+++ b/api/.env.example
@ -23,9 +23,6 @@ FILES_ACCESS_TIMEOUT=300
 # Access token expiration time in minutes
 ACCESS_TOKEN_EXPIRE_MINUTES=60

-# Refresh token expiration time in days
-REFRESH_TOKEN_EXPIRE_DAYS=30
-
 # celery configuration
 CELERY_BROKER_URL=redis://:difyai123456@localhost:6379/1

@ -409,6 +406,7 @@ MAX_VARIABLE_SIZE=204800
 APP_MAX_EXECUTION_TIME=1200
 APP_MAX_ACTIVE_REQUESTS=0

+
 # Celery beat configuration
 CELERY_BEAT_SCHEDULER_TIME=1

@ -421,22 +419,6 @@ POSITION_PROVIDER_PINS=
 POSITION_PROVIDER_INCLUDES=
 POSITION_PROVIDER_EXCLUDES=

-# Plugin configuration
-PLUGIN_DAEMON_KEY=lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi
-PLUGIN_DAEMON_URL=http://127.0.0.1:5002
-PLUGIN_REMOTE_INSTALL_PORT=5003
-PLUGIN_REMOTE_INSTALL_HOST=localhost
-PLUGIN_MAX_PACKAGE_SIZE=15728640
-INNER_API_KEY=QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1
-INNER_API_KEY_FOR_PLUGIN=QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1
-
-# Marketplace configuration
-MARKETPLACE_ENABLED=true
-MARKETPLACE_API_URL=https://marketplace.dify.ai
-
-# Endpoint configuration
-ENDPOINT_URL_TEMPLATE=http://localhost:5002/e/{hook_id}
-
 # Reset password token expiry minutes
 RESET_PASSWORD_TOKEN_EXPIRY_MINUTES=5

--- a/api/.ruff.toml
+++ b/api/.ruff.toml
@ -53,12 +53,10 @@ ignore = [
    "FURB152", # math-constant
    "UP007", # non-pep604-annotation
    "UP032", # f-string
-    "UP045", # non-pep604-annotation-optional
    "B005", # strip-with-multi-characters
    "B006", # mutable-argument-default
    "B007", # unused-loop-control-variable
    "B026", # star-arg-unpacking-after-keyword-arg
-    "B903", # class-as-data-structure
    "B904", # raise-without-from-inside-except
    "B905", # zip-without-explicit-strict
    "N806", # non-lowercase-variable-in-function
@ -87,11 +85,11 @@ ignore = [
 ]
 "tests/*" = [
    "F811", # redefined-while-unused
+    "F401", # unused-import
 ]

 [lint.pyflakes]
-allowed-unused-imports = [
+extend-generics = [
    "_pytest.monkeypatch",
    "tests.integration_tests",
-    "tests.unit_tests",
 ]
--- a/api/Dockerfile
+++ b/api/Dockerfile
@ -4,7 +4,7 @@ FROM python:3.12-slim-bookworm AS base
 WORKDIR /app/api

 # Install Poetry
-ENV POETRY_VERSION=2.0.1
+ENV POETRY_VERSION=1.8.4

 # if you located in China, you can use aliyun mirror to speed up
 # RUN pip install --no-cache-dir poetry==${POETRY_VERSION} -i https://mirrors.aliyun.com/pypi/simple/
@ -48,20 +48,16 @@ ENV TZ=UTC

 WORKDIR /app/api

-RUN \
-    apt-get update \
-    # Install dependencies
-    && apt-get install -y --no-install-recommends \
-        # basic environment
-        curl nodejs libgmp-dev libmpfr-dev libmpc-dev \
-        # For Security
-        expat libldap-2.5-0 perl libsqlite3-0 zlib1g \
-        # install a chinese font to support the use of tools like matplotlib
-        fonts-noto-cjk \
-        # install a package to improve the accuracy of guessing mime type and file extension
-        media-types \
-        # install libmagic to support the use of python-magic guess MIMETYPE
-        libmagic1 \
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends curl nodejs libgmp-dev libmpfr-dev libmpc-dev \
+    # if you located in China, you can use aliyun mirror to speed up
+    # && echo "deb http://mirrors.aliyun.com/debian testing main" > /etc/apt/sources.list \
+    && echo "deb http://deb.debian.org/debian testing main" > /etc/apt/sources.list \
+    && apt-get update \
+    # For Security
+    && apt-get install -y --no-install-recommends expat=2.6.4-1 libldap-2.5-0=2.5.18+dfsg-3+b1 perl=5.40.0-8 libsqlite3-0=3.46.1-1 zlib1g=1:1.3.dfsg+really1.3.1-1+b1 \
+    # install a chinese font to support the use of tools like matplotlib
+    && apt-get install -y fonts-noto-cjk \
    && apt-get autoremove -y \
    && rm -rf /var/lib/apt/lists/*

@ -73,10 +69,6 @@ ENV PATH="${VIRTUAL_ENV}/bin:${PATH}"
 # Download nltk data
 RUN python -c "import nltk; nltk.download('punkt'); nltk.download('averaged_perceptron_tagger')"

-ENV TIKTOKEN_CACHE_DIR=/app/api/.tiktoken_cache
-
-RUN python -c "import tiktoken; tiktoken.encoding_for_model('gpt2')"
-
 # Copy source code
 COPY . /app/api/

@ -84,6 +76,7 @@ COPY . /app/api/
 COPY docker/entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh

+
 ARG COMMIT_SHA
 ENV COMMIT_SHA=${COMMIT_SHA}

--- a/api/README.md
+++ b/api/README.md
@ -37,13 +37,7 @@

 4. Create environment.

-   Dify API service uses [Poetry](https://python-poetry.org/docs/) to manage dependencies. First, you need to add the poetry shell plugin, if you don't have it already, in order to run in a virtual environment. [Note: Poetry shell is no longer a native command so you need to install the poetry plugin beforehand]
-
-   ```bash
-   poetry self add poetry-plugin-shell
-   ```
-   
-   Then, You can execute `poetry shell` to activate the environment.
+   Dify API service uses [Poetry](https://python-poetry.org/docs/) to manage dependencies. You can execute `poetry shell` to activate the environment.

 5. Install dependencies

@ -85,5 +79,5 @@
 2. Run the tests locally with mocked system environment variables in `tool.pytest_env` section in `pyproject.toml`

   ```bash
-   poetry run -P api bash dev/pytest/pytest_all_tests.sh
+   poetry run -C api bash dev/pytest/pytest_all_tests.sh
   ```
--- a/api/app.py
+++ b/api/app.py
@ -1,8 +1,12 @@
-import os
-import sys
+from libs import version_utils
+
+# preparation before creating app
+version_utils.check_supported_python_version()


 def is_db_command():
+    import sys
+
    if len(sys.argv) > 1 and sys.argv[0].endswith("flask") and sys.argv[1] == "db":
        return True
    return False
@ -14,25 +18,10 @@ if is_db_command():

    app = create_migrations_app()
 else:
-    # It seems that JetBrains Python debugger does not work well with gevent,
-    # so we need to disable gevent in debug mode.
-    # If you are using debugpy and set GEVENT_SUPPORT=True, you can debug with gevent.
-    if (flask_debug := os.environ.get("FLASK_DEBUG", "0")) and flask_debug.lower() in {"false", "0", "no"}:
-        from gevent import monkey  # type: ignore
-
-        # gevent
-        monkey.patch_all()
-
-        from grpc.experimental import gevent as grpc_gevent  # type: ignore
-
-        # grpc gevent
-        grpc_gevent.init_gevent()
-
-        import psycogreen.gevent  # type: ignore
-
-        psycogreen.gevent.patch_psycopg()
-
    from app_factory import create_app
+    from libs import threadings_utils
+
+    threadings_utils.apply_gevent_threading_patch()

    app = create_app()
    celery = app.extensions["celery"]
--- a/api/commands.py
+++ b/api/commands.py
@ -25,8 +25,6 @@ from models.dataset import Document as DatasetDocument
 from models.model import Account, App, AppAnnotationSetting, AppMode, Conversation, MessageAnnotation
 from models.provider import Provider, ProviderModel
 from services.account_service import RegisterService, TenantService
-from services.plugin.data_migration import PluginDataMigration
-from services.plugin.plugin_migration import PluginMigration


@click.command("reset-password", help="Reset the account password.")
@ -526,7 +524,7 @@ def add_qdrant_doc_id_index(field: str):
                        )
                    )

-    except Exception:
+    except Exception as e:
        click.echo(click.style("Failed to create Qdrant client.", fg="red"))

    click.echo(click.style(f"Index creation complete. Created {create_count} collection indexes.", fg="green"))
@ -595,7 +593,7 @@ def upgrade_db():

            click.echo(click.style("Database migration successful!", fg="green"))

-        except Exception:
+        except Exception as e:
            logging.exception("Failed to execute database migration")
        finally:
            lock.release()
@ -641,7 +639,7 @@ where sites.id is null limit 1000"""
                        account = accounts[0]
                        print("Fixing missing site for app {}".format(app.id))
                        app_was_created.send(app, account=account)
-                except Exception:
+                except Exception as e:
                    failed_app_ids.append(app_id)
                    click.echo(click.style("Failed to fix missing site for app {}".format(app_id), fg="red"))
                    logging.exception(f"Failed to fix app related site missing issue, app_id: {app_id}")
@ -651,69 +649,3 @@ where sites.id is null limit 1000"""
                break

    click.echo(click.style("Fix for missing app-related sites completed successfully!", fg="green"))
-
-
-@click.command("migrate-data-for-plugin", help="Migrate data for plugin.")
-def migrate_data_for_plugin():
-    """
-    Migrate data for plugin.
-    """
-    click.echo(click.style("Starting migrate data for plugin.", fg="white"))
-
-    PluginDataMigration.migrate()
-
-    click.echo(click.style("Migrate data for plugin completed.", fg="green"))
-
-
-@click.command("extract-plugins", help="Extract plugins.")
-@click.option("--output_file", prompt=True, help="The file to store the extracted plugins.", default="plugins.jsonl")
-@click.option("--workers", prompt=True, help="The number of workers to extract plugins.", default=10)
-def extract_plugins(output_file: str, workers: int):
-    """
-    Extract plugins.
-    """
-    click.echo(click.style("Starting extract plugins.", fg="white"))
-
-    PluginMigration.extract_plugins(output_file, workers)
-
-    click.echo(click.style("Extract plugins completed.", fg="green"))
-
-
-@click.command("extract-unique-identifiers", help="Extract unique identifiers.")
-@click.option(
-    "--output_file",
-    prompt=True,
-    help="The file to store the extracted unique identifiers.",
-    default="unique_identifiers.json",
-)
-@click.option(
-    "--input_file", prompt=True, help="The file to store the extracted unique identifiers.", default="plugins.jsonl"
-)
-def extract_unique_plugins(output_file: str, input_file: str):
-    """
-    Extract unique plugins.
-    """
-    click.echo(click.style("Starting extract unique plugins.", fg="white"))
-
-    PluginMigration.extract_unique_plugins_to_file(input_file, output_file)
-
-    click.echo(click.style("Extract unique plugins completed.", fg="green"))
-
-
-@click.command("install-plugins", help="Install plugins.")
-@click.option(
-    "--input_file", prompt=True, help="The file to store the extracted unique identifiers.", default="plugins.jsonl"
-)
-@click.option(
-    "--output_file", prompt=True, help="The file to store the installed plugins.", default="installed_plugins.jsonl"
-)
-@click.option("--workers", prompt=True, help="The number of workers to install plugins.", default=100)
-def install_plugins(input_file: str, output_file: str, workers: int):
-    """
-    Install plugins.
-    """
-    click.echo(click.style("Starting install plugins.", fg="white"))
-
-    PluginMigration.install_plugins(input_file, output_file, workers)
-
-    click.echo(click.style("Install plugins completed.", fg="green"))
--- a/api/configs/feature/init.py
+++ b/api/configs/feature/init.py
@ -134,60 +134,6 @@ class CodeExecutionSandboxConfig(BaseSettings):
    )


-class PluginConfig(BaseSettings):
-    """
-    Plugin configs
-    """
-
-    PLUGIN_DAEMON_URL: HttpUrl = Field(
-        description="Plugin API URL",
-        default="http://localhost:5002",
-    )
-
-    PLUGIN_DAEMON_KEY: str = Field(
-        description="Plugin API key",
-        default="plugin-api-key",
-    )
-
-    INNER_API_KEY_FOR_PLUGIN: str = Field(description="Inner api key for plugin", default="inner-api-key")
-
-    PLUGIN_REMOTE_INSTALL_HOST: str = Field(
-        description="Plugin Remote Install Host",
-        default="localhost",
-    )
-
-    PLUGIN_REMOTE_INSTALL_PORT: PositiveInt = Field(
-        description="Plugin Remote Install Port",
-        default=5003,
-    )
-
-    PLUGIN_MAX_PACKAGE_SIZE: PositiveInt = Field(
-        description="Maximum allowed size for plugin packages in bytes",
-        default=15728640,
-    )
-
-    PLUGIN_MAX_BUNDLE_SIZE: PositiveInt = Field(
-        description="Maximum allowed size for plugin bundles in bytes",
-        default=15728640 * 12,
-    )
-
-
-class MarketplaceConfig(BaseSettings):
-    """
-    Configuration for marketplace
-    """
-
-    MARKETPLACE_ENABLED: bool = Field(
-        description="Enable or disable marketplace",
-        default=True,
-    )
-
-    MARKETPLACE_API_URL: HttpUrl = Field(
-        description="Marketplace API URL",
-        default="https://marketplace.dify.ai",
-    )
-
-
 class EndpointConfig(BaseSettings):
    """
    Configuration for various application endpoints and URLs
@ -200,7 +146,7 @@ class EndpointConfig(BaseSettings):
    )

    CONSOLE_WEB_URL: str = Field(
-        description="Base URL for the console web interface,used for frontend references and CORS configuration",
+        description="Base URL for the console web interface," "used for frontend references and CORS configuration",
        default="",
    )

@ -214,10 +160,6 @@ class EndpointConfig(BaseSettings):
        default="",
    )

-    ENDPOINT_URL_TEMPLATE: str = Field(
-        description="Template url for endpoint plugin", default="http://localhost:5002/e/{hook_id}"
-    )
-

 class FileAccessConfig(BaseSettings):
    """
@ -373,8 +315,8 @@ class HttpConfig(BaseSettings):
    )

    RESPECT_XFORWARD_HEADERS_ENABLED: bool = Field(
-        description="Enable handling of X-Forwarded-For, X-Forwarded-Proto, and X-Forwarded-Port headers"
-        " when the app is behind a single trusted reverse proxy.",
+        description="Enable or disable the X-Forwarded-For Proxy Fix middleware from Werkzeug"
+        " to respect X-* headers to redirect clients",
        default=False,
    )

@ -546,21 +488,11 @@ class AuthConfig(BaseSettings):
        default=60,
    )

-    REFRESH_TOKEN_EXPIRE_DAYS: PositiveFloat = Field(
-        description="Expiration time for refresh tokens in days",
-        default=30,
-    )
-
    LOGIN_LOCKOUT_DURATION: PositiveInt = Field(
        description="Time (in seconds) a user must wait before retrying login after exceeding the rate limit.",
        default=86400,
    )

-    FORGOT_PASSWORD_LOCKOUT_DURATION: PositiveInt = Field(
-        description="Time (in seconds) a user must wait before retrying password reset after exceeding the rate limit.",
-        default=86400,
-    )
-

 class ModerationConfig(BaseSettings):
    """
@ -669,7 +601,7 @@ class RagEtlConfig(BaseSettings):

    UNSTRUCTURED_API_KEY: Optional[str] = Field(
        description="API key for Unstructured.io service",
-        default="",
+        default=None,
    )

    SCARF_NO_ANALYTICS: Optional[str] = Field(
@ -735,11 +667,6 @@ class IndexingConfig(BaseSettings):
        default=4000,
    )

-    CHILD_CHUNKS_PREVIEW_NUMBER: PositiveInt = Field(
-        description="Maximum number of child chunks to preview",
-        default=50,
-    )
-

 class MultiModalTransferConfig(BaseSettings):
    MULTIMODAL_SEND_FORMAT: Literal["base64", "url"] = Field(
@ -838,21 +765,12 @@ class LoginConfig(BaseSettings):
    )


-class AccountConfig(BaseSettings):
-    ACCOUNT_DELETION_TOKEN_EXPIRY_MINUTES: PositiveInt = Field(
-        description="Duration in minutes for which a account deletion token remains valid",
-        default=5,
-    )
-
-
 class FeatureConfig(
    # place the configs in alphabet order
    AppExecutionConfig,
    AuthConfig,  # Changed from OAuthConfig to AuthConfig
    BillingConfig,
    CodeExecutionSandboxConfig,
-    PluginConfig,
-    MarketplaceConfig,
    DataSetConfig,
    EndpointConfig,
    FileAccessConfig,
@ -874,7 +792,6 @@ class FeatureConfig(
    WorkflowNodeExecutionConfig,
    WorkspaceConfig,
    LoginConfig,
-    AccountConfig,
    # hosted services config
    HostedServiceConfig,
    CeleryBeatConfig,
--- a/api/configs/feature/hosted_service/init.py
+++ b/api/configs/feature/hosted_service/init.py
@ -1,40 +1,9 @@
 from typing import Optional

-from pydantic import Field, NonNegativeInt, computed_field
+from pydantic import Field, NonNegativeInt
 from pydantic_settings import BaseSettings


-class HostedCreditConfig(BaseSettings):
-    HOSTED_MODEL_CREDIT_CONFIG: str = Field(
-        description="Model credit configuration in format 'model:credits,model:credits', e.g., 'gpt-4:20,gpt-4o:10'",
-        default="",
-    )
-
-    def get_model_credits(self, model_name: str) -> int:
-        """
-        Get credit value for a specific model name.
-        Returns 1 if model is not found in configuration (default credit).
-
-        :param model_name: The name of the model to search for
-        :return: The credit value for the model
-        """
-        if not self.HOSTED_MODEL_CREDIT_CONFIG:
-            return 1
-
-        try:
-            credit_map = dict(
-                item.strip().split(":", 1) for item in self.HOSTED_MODEL_CREDIT_CONFIG.split(",") if ":" in item
-            )
-
-            # Search for matching model pattern
-            for pattern, credit in credit_map.items():
-                if pattern.strip() == model_name:
-                    return int(credit)
-            return 1  # Default quota if no match found
-        except (ValueError, AttributeError):
-            return 1  # Return default quota if parsing fails
-
-
 class HostedOpenAiConfig(BaseSettings):
    """
    Configuration for hosted OpenAI service
@ -212,7 +181,7 @@ class HostedFetchAppTemplateConfig(BaseSettings):
    """

    HOSTED_FETCH_APP_TEMPLATES_MODE: str = Field(
-        description="Mode for fetching app templates: remote, db, or builtin default to remote,",
+        description="Mode for fetching app templates: remote, db, or builtin" " default to remote,",
        default="remote",
    )

@ -233,7 +202,5 @@ class HostedServiceConfig(
    HostedZhipuAIConfig,
    # moderation
    HostedModerationConfig,
-    # credit config
-    HostedCreditConfig,
 ):
    pass
--- a/api/configs/middleware/init.py
+++ b/api/configs/middleware/init.py
@ -1,4 +1,3 @@
-import os
 from typing import Any, Literal, Optional
 from urllib.parse import quote_plus

@ -167,11 +166,6 @@ class DatabaseConfig(BaseSettings):
        default=False,
    )

-    RETRIEVAL_SERVICE_EXECUTORS: NonNegativeInt = Field(
-        description="Number of processes for the retrieval service, default to CPU cores.",
-        default=os.cpu_count(),
-    )
-
    @computed_field
    def SQLALCHEMY_ENGINE_OPTIONS(self) -> dict[str, Any]:
        return {
--- a/api/configs/middleware/vdb/milvus_config.py
+++ b/api/configs/middleware/vdb/milvus_config.py
@ -33,9 +33,3 @@ class MilvusConfig(BaseSettings):
        description="Name of the Milvus database to connect to (default is 'default')",
        default="default",
    )
-
-    MILVUS_ENABLE_HYBRID_SEARCH: bool = Field(
-        description="Enable hybrid search features (requires Milvus >= 2.5.0). Set to false for compatibility with "
-        "older versions",
-        default=True,
-    )
--- a/api/configs/packaging/init.py
+++ b/api/configs/packaging/init.py
@ -9,7 +9,7 @@ class PackagingInfo(BaseSettings):

    CURRENT_VERSION: str = Field(
        description="Dify version",
-        default="1.0.0",
+        default="0.14.2",
    )

    COMMIT_SHA: str = Field(
--- a/api/constants/init.py
+++ b/api/constants/init.py
@ -15,7 +15,7 @@ AUDIO_EXTENSIONS.extend([ext.upper() for ext in AUDIO_EXTENSIONS])

 if dify_config.ETL_TYPE == "Unstructured":
    DOCUMENT_EXTENSIONS = ["txt", "markdown", "md", "mdx", "pdf", "html", "htm", "xlsx", "xls"]
-    DOCUMENT_EXTENSIONS.extend(("doc", "docx", "csv", "eml", "msg", "pptx", "xml", "epub"))
+    DOCUMENT_EXTENSIONS.extend(("docx", "csv", "eml", "msg", "pptx", "xml", "epub"))
    if dify_config.UNSTRUCTURED_API_URL:
        DOCUMENT_EXTENSIONS.append("ppt")
    DOCUMENT_EXTENSIONS.extend([ext.upper() for ext in DOCUMENT_EXTENSIONS])
--- a/api/contexts/init.py
+++ b/api/contexts/init.py
@ -1,19 +1,9 @@
 from contextvars import ContextVar
-from threading import Lock
 from typing import TYPE_CHECKING

 if TYPE_CHECKING:
-    from core.plugin.entities.plugin_daemon import PluginModelProviderEntity
-    from core.tools.plugin_tool.provider import PluginToolProviderController
    from core.workflow.entities.variable_pool import VariablePool

-
 tenant_id: ContextVar[str] = ContextVar("tenant_id")

 workflow_variable_pool: ContextVar["VariablePool"] = ContextVar("workflow_variable_pool")
-
-plugin_tool_providers: ContextVar[dict[str, "PluginToolProviderController"]] = ContextVar("plugin_tool_providers")
-plugin_tool_providers_lock: ContextVar[Lock] = ContextVar("plugin_tool_providers_lock")
-
-plugin_model_providers: ContextVar[list["PluginModelProviderEntity"] | None] = ContextVar("plugin_model_providers")
-plugin_model_providers_lock: ContextVar[Lock] = ContextVar("plugin_model_providers_lock")
--- a/api/controllers/common/helpers.py
+++ b/api/controllers/common/helpers.py
@ -1,32 +1,12 @@
 import mimetypes
 import os
-import platform
 import re
 import urllib.parse
-import warnings
 from collections.abc import Mapping
 from typing import Any
 from uuid import uuid4

 import httpx
-
-try:
-    import magic
-except ImportError:
-    if platform.system() == "Windows":
-        warnings.warn(
-            "To use python-magic guess MIMETYPE, you need to run `pip install python-magic-bin`", stacklevel=2
-        )
-    elif platform.system() == "Darwin":
-        warnings.warn("To use python-magic guess MIMETYPE, you need to run `brew install libmagic`", stacklevel=2)
-    elif platform.system() == "Linux":
-        warnings.warn(
-            "To use python-magic guess MIMETYPE, you need to run `sudo apt-get install libmagic1`", stacklevel=2
-        )
-    else:
-        warnings.warn("To use python-magic guess MIMETYPE, you need to install `libmagic`", stacklevel=2)
-    magic = None  # type: ignore
-
 from pydantic import BaseModel

 from configs import dify_config
@ -67,13 +47,6 @@ def guess_file_info_from_response(response: httpx.Response):
        # If guessing fails, use Content-Type from response headers
        mimetype = response.headers.get("Content-Type", "application/octet-stream")

-    # Use python-magic to guess MIME type if still unknown or generic
-    if mimetype == "application/octet-stream" and magic is not None:
-        try:
-            mimetype = magic.from_buffer(response.content[:1024], mime=True)
-        except magic.MagicException:
-            pass
-
    extension = os.path.splitext(filename)[1]

    # Ensure filename has an extension
--- a/api/controllers/console/init.py
+++ b/api/controllers/console/init.py
@ -2,7 +2,7 @@ from flask import Blueprint

 from libs.external_api import ExternalApi

-from .app.app_import import AppImportApi, AppImportCheckDependenciesApi, AppImportConfirmApi
+from .app.app_import import AppImportApi, AppImportConfirmApi
 from .explore.audio import ChatAudioApi, ChatTextApi
 from .explore.completion import ChatApi, ChatStopApi, CompletionApi, CompletionStopApi
 from .explore.conversation import (
@ -40,7 +40,6 @@ api.add_resource(RemoteFileUploadApi, "/remote-files/upload")
 # Import App
 api.add_resource(AppImportApi, "/apps/imports")
 api.add_resource(AppImportConfirmApi, "/apps/imports/<string:import_id>/confirm")
-api.add_resource(AppImportCheckDependenciesApi, "/apps/imports/<string:app_id>/check-dependencies")

 # Import other controllers
 from . import admin, apikey, extension, feature, ping, setup, version
@ -167,15 +166,4 @@ api.add_resource(
 from .tag import tags

 # Import workspace controllers
-from .workspace import (
-    account,
-    agent_providers,
-    endpoint,
-    load_balancing_config,
-    members,
-    model_providers,
-    models,
-    plugin,
-    tool_providers,
-    workspace,
-)
+from .workspace import account, load_balancing_config, members, model_providers, models, tool_providers, workspace
--- a/api/controllers/console/admin.py
+++ b/api/controllers/console/admin.py
@ -2,8 +2,6 @@ from functools import wraps

 from flask import request
 from flask_restful import Resource, reqparse  # type: ignore
-from sqlalchemy import select
-from sqlalchemy.orm import Session
 from werkzeug.exceptions import NotFound, Unauthorized

 from configs import dify_config
@ -56,10 +54,9 @@ class InsertExploreAppListApi(Resource):
        parser.add_argument("position", type=int, required=True, nullable=False, location="json")
        args = parser.parse_args()

-        with Session(db.engine) as session:
-            app = session.execute(select(App).filter(App.id == args["app_id"])).scalar_one_or_none()
+        app = App.query.filter(App.id == args["app_id"]).first()
        if not app:
-            raise NotFound(f"App '{args['app_id']}' is not found")
+            raise NotFound(f'App \'{args["app_id"]}\' is not found')

        site = app.site
        if not site:
@ -73,10 +70,7 @@ class InsertExploreAppListApi(Resource):
            privacy_policy = site.privacy_policy or args["privacy_policy"] or ""
            custom_disclaimer = site.custom_disclaimer or args["custom_disclaimer"] or ""

-        with Session(db.engine) as session:
-            recommended_app = session.execute(
-                select(RecommendedApp).filter(RecommendedApp.app_id == args["app_id"])
-            ).scalar_one_or_none()
+        recommended_app = RecommendedApp.query.filter(RecommendedApp.app_id == args["app_id"]).first()

        if not recommended_app:
            recommended_app = RecommendedApp(
@ -116,27 +110,17 @@ class InsertExploreAppApi(Resource):
    @only_edition_cloud
    @admin_required
    def delete(self, app_id):
-        with Session(db.engine) as session:
-            recommended_app = session.execute(
-                select(RecommendedApp).filter(RecommendedApp.app_id == str(app_id))
-            ).scalar_one_or_none()
-
+        recommended_app = RecommendedApp.query.filter(RecommendedApp.app_id == str(app_id)).first()
        if not recommended_app:
            return {"result": "success"}, 204

-        with Session(db.engine) as session:
-            app = session.execute(select(App).filter(App.id == recommended_app.app_id)).scalar_one_or_none()
-
+        app = App.query.filter(App.id == recommended_app.app_id).first()
        if app:
            app.is_public = False

-        with Session(db.engine) as session:
-            installed_apps = session.execute(
-                select(InstalledApp).filter(
-                    InstalledApp.app_id == recommended_app.app_id,
-                    InstalledApp.tenant_id != InstalledApp.app_owner_tenant_id,
-                )
-            ).all()
+        installed_apps = InstalledApp.query.filter(
+            InstalledApp.app_id == recommended_app.app_id, InstalledApp.tenant_id != InstalledApp.app_owner_tenant_id
+        ).all()

        for installed_app in installed_apps:
            db.session.delete(installed_app)
--- a/api/controllers/console/apikey.py
+++ b/api/controllers/console/apikey.py
@ -3,8 +3,6 @@ from typing import Any
 import flask_restful  # type: ignore
 from flask_login import current_user  # type: ignore
 from flask_restful import Resource, fields, marshal_with
-from sqlalchemy import select
-from sqlalchemy.orm import Session
 from werkzeug.exceptions import Forbidden

 from extensions.ext_database import db
@ -28,16 +26,7 @@ api_key_list = {"data": fields.List(fields.Nested(api_key_fields), attribute="it


 def _get_resource(resource_id, tenant_id, resource_model):
-    if resource_model == App:
-        with Session(db.engine) as session:
-            resource = session.execute(
-                select(resource_model).filter_by(id=resource_id, tenant_id=tenant_id)
-            ).scalar_one_or_none()
-    else:
-        with Session(db.engine) as session:
-            resource = session.execute(
-                select(resource_model).filter_by(id=resource_id, tenant_id=tenant_id)
-            ).scalar_one_or_none()
+    resource = resource_model.query.filter_by(id=resource_id, tenant_id=tenant_id).first()

    if resource is None:
        flask_restful.abort(404, message=f"{resource_model.__name__} not found.")
--- a/api/controllers/console/app/app.py
+++ b/api/controllers/console/app/app.py
@ -57,13 +57,12 @@ class AppListApi(Resource):
        )
        parser.add_argument("name", type=str, location="args", required=False)
        parser.add_argument("tag_ids", type=uuid_list, location="args", required=False)
-        parser.add_argument("is_created_by_me", type=inputs.boolean, location="args", required=False)

        args = parser.parse_args()

        # get app list
        app_service = AppService()
-        app_pagination = app_service.get_paginate_apps(current_user.id, current_user.current_tenant_id, args)
+        app_pagination = app_service.get_paginate_apps(current_user.current_tenant_id, args)
        if not app_pagination:
            return {"data": [], "total": 0, "page": 1, "limit": 20, "has_more": False}

--- a/api/controllers/console/app/app_import.py
+++ b/api/controllers/console/app/app_import.py
@ -5,16 +5,14 @@ from flask_restful import Resource, marshal_with, reqparse  # type: ignore
 from sqlalchemy.orm import Session
 from werkzeug.exceptions import Forbidden

-from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import (
    account_initialization_required,
    setup_required,
 )
 from extensions.ext_database import db
-from fields.app_fields import app_import_check_dependencies_fields, app_import_fields
+from fields.app_fields import app_import_fields
 from libs.login import login_required
 from models import Account
-from models.model import App
 from services.app_dsl_service import AppDslService, ImportStatus


@ -90,20 +88,3 @@ class AppImportConfirmApi(Resource):
        if result.status == ImportStatus.FAILED.value:
            return result.model_dump(mode="json"), 400
        return result.model_dump(mode="json"), 200
-
-
-class AppImportCheckDependenciesApi(Resource):
-    @setup_required
-    @login_required
-    @get_app_model
-    @account_initialization_required
-    @marshal_with(app_import_check_dependencies_fields)
-    def get(self, app_model: App):
-        if not current_user.is_editor:
-            raise Forbidden()
-
-        with Session(db.engine) as session:
-            import_service = AppDslService(session)
-            result = import_service.check_dependencies(app_model=app_model)
-
-        return result.model_dump(mode="json"), 200
--- a/api/controllers/console/app/audio.py
+++ b/api/controllers/console/app/audio.py
@ -22,7 +22,7 @@ from controllers.console.wraps import account_initialization_required, setup_req
 from core.errors.error import ModelCurrentlyNotSupportError, ProviderTokenNotInitError, QuotaExceededError
 from core.model_runtime.errors.invoke import InvokeError
 from libs.login import login_required
-from models import App, AppMode
+from models.model import AppMode
 from services.audio_service import AudioService
 from services.errors.audio import (
    AudioTooLargeServiceError,
@ -79,7 +79,7 @@ class ChatMessageTextApi(Resource):
    @login_required
    @account_initialization_required
    @get_app_model
-    def post(self, app_model: App):
+    def post(self, app_model):
        from werkzeug.exceptions import InternalServerError

        try:
@ -98,13 +98,9 @@ class ChatMessageTextApi(Resource):
                and app_model.workflow.features_dict
            ):
                text_to_speech = app_model.workflow.features_dict.get("text_to_speech")
-                if text_to_speech is None:
-                    raise ValueError("TTS is not enabled")
                voice = args.get("voice") or text_to_speech.get("voice")
            else:
                try:
-                    if app_model.app_model_config is None:
-                        raise ValueError("AppModelConfig not found")
                    voice = args.get("voice") or app_model.app_model_config.text_to_speech_dict.get("voice")
                except Exception:
                    voice = None
--- a/api/controllers/console/app/completion.py
+++ b/api/controllers/console/app/completion.py
@ -20,6 +20,7 @@ from controllers.web.error import InvokeRateLimitError as InvokeRateLimitHttpErr
 from core.app.apps.base_app_queue_manager import AppQueueManager
 from core.app.entities.app_invoke_entities import InvokeFrom
 from core.errors.error import (
+    AppInvokeQuotaExceededError,
    ModelCurrentlyNotSupportError,
    ProviderTokenNotInitError,
    QuotaExceededError,
@ -75,7 +76,7 @@ class CompletionMessageApi(Resource):
            raise ProviderModelCurrentlyNotSupportError()
        except InvokeError as e:
            raise CompletionRequestError(e.description)
-        except ValueError as e:
+        except (ValueError, AppInvokeQuotaExceededError) as e:
            raise e
        except Exception as e:
            logging.exception("internal server error.")
@ -140,7 +141,7 @@ class ChatMessageApi(Resource):
            raise InvokeRateLimitHttpError(ex.description)
        except InvokeError as e:
            raise CompletionRequestError(e.description)
-        except ValueError as e:
+        except (ValueError, AppInvokeQuotaExceededError) as e:
            raise e
        except Exception as e:
            logging.exception("internal server error.")
--- a/api/controllers/console/app/site.py
+++ b/api/controllers/console/app/site.py
@ -2,7 +2,6 @@ from datetime import UTC, datetime

 from flask_login import current_user  # type: ignore
 from flask_restful import Resource, marshal_with, reqparse  # type: ignore
-from sqlalchemy.orm import Session
 from werkzeug.exceptions import Forbidden, NotFound

 from constants.languages import supported_language
@ -51,37 +50,33 @@ class AppSite(Resource):
        if not current_user.is_editor:
            raise Forbidden()

-        with Session(db.engine) as session:
-            site = session.query(Site).filter(Site.app_id == app_model.id).first()
+        site = Site.query.filter(Site.app_id == app_model.id).one_or_404()

-            if not site:
-                raise NotFound
+        for attr_name in [
+            "title",
+            "icon_type",
+            "icon",
+            "icon_background",
+            "description",
+            "default_language",
+            "chat_color_theme",
+            "chat_color_theme_inverted",
+            "customize_domain",
+            "copyright",
+            "privacy_policy",
+            "custom_disclaimer",
+            "customize_token_strategy",
+            "prompt_public",
+            "show_workflow_steps",
+            "use_icon_as_answer_icon",
+        ]:
+            value = args.get(attr_name)
+            if value is not None:
+                setattr(site, attr_name, value)

-            for attr_name in [
-                "title",
-                "icon_type",
-                "icon",
-                "icon_background",
-                "description",
-                "default_language",
-                "chat_color_theme",
-                "chat_color_theme_inverted",
-                "customize_domain",
-                "copyright",
-                "privacy_policy",
-                "custom_disclaimer",
-                "customize_token_strategy",
-                "prompt_public",
-                "show_workflow_steps",
-                "use_icon_as_answer_icon",
-            ]:
-                value = args.get(attr_name)
-                if value is not None:
-                    setattr(site, attr_name, value)
-
-            site.updated_by = current_user.id
-            site.updated_at = datetime.now(UTC).replace(tzinfo=None)
-            session.commit()
+        site.updated_by = current_user.id
+        site.updated_at = datetime.now(UTC).replace(tzinfo=None)
+        db.session.commit()

        return site

--- a/api/controllers/console/app/statistic.py
+++ b/api/controllers/console/app/statistic.py
@ -273,7 +273,8 @@ FROM
            messages m
            ON c.id = m.conversation_id
        WHERE
-            c.app_id = :app_id"""
+            c.override_model_configs IS NULL
+            AND c.app_id = :app_id"""
        arg_dict = {"tz": account.timezone, "app_id": app_model.id}

        timezone = pytz.timezone(account.timezone)
--- a/api/controllers/console/app/workflow.py
+++ b/api/controllers/console/app/workflow.py
@ -2,7 +2,7 @@ import json
 import logging

 from flask import abort, request
-from flask_restful import Resource, inputs, marshal_with, reqparse  # type: ignore
+from flask_restful import Resource, marshal_with, reqparse  # type: ignore
 from werkzeug.exceptions import Forbidden, InternalServerError, NotFound

 import services
@ -14,13 +14,12 @@ from controllers.console.wraps import account_initialization_required, setup_req
 from core.app.apps.base_app_queue_manager import AppQueueManager
 from core.app.entities.app_invoke_entities import InvokeFrom
 from factories import variable_factory
-from fields.workflow_fields import workflow_fields, workflow_pagination_fields
+from fields.workflow_fields import workflow_fields
 from fields.workflow_run_fields import workflow_run_node_execution_fields
 from libs import helper
 from libs.helper import TimestampField, uuid_value
 from libs.login import current_user, login_required
 from models import App
-from models.account import Account
 from models.model import AppMode
 from services.app_generate_service import AppGenerateService
 from services.errors.app import WorkflowHashNotEqualError
@ -97,9 +96,6 @@ class DraftWorkflowApi(Resource):
        else:
            abort(415)

-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
        workflow_service = WorkflowService()

        try:
@ -143,9 +139,6 @@ class AdvancedChatDraftWorkflowRunApi(Resource):
        if not current_user.is_editor:
            raise Forbidden()

-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, location="json")
        parser.add_argument("query", type=str, required=True, location="json", default="")
@ -167,7 +160,7 @@ class AdvancedChatDraftWorkflowRunApi(Resource):
            raise ConversationCompletedError()
        except ValueError as e:
            raise e
-        except Exception:
+        except Exception as e:
            logging.exception("internal server error.")
            raise InternalServerError()

@ -185,9 +178,6 @@ class AdvancedChatDraftRunIterationNodeApi(Resource):
        if not current_user.is_editor:
            raise Forbidden()

-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, location="json")
        args = parser.parse_args()
@ -204,7 +194,7 @@ class AdvancedChatDraftRunIterationNodeApi(Resource):
            raise ConversationCompletedError()
        except ValueError as e:
            raise e
-        except Exception:
+        except Exception as e:
            logging.exception("internal server error.")
            raise InternalServerError()

@ -222,9 +212,6 @@ class WorkflowDraftRunIterationNodeApi(Resource):
        if not current_user.is_editor:
            raise Forbidden()

-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, location="json")
        args = parser.parse_args()
@ -241,7 +228,7 @@ class WorkflowDraftRunIterationNodeApi(Resource):
            raise ConversationCompletedError()
        except ValueError as e:
            raise e
-        except Exception:
+        except Exception as e:
            logging.exception("internal server error.")
            raise InternalServerError()

@ -259,9 +246,6 @@ class DraftWorkflowRunApi(Resource):
        if not current_user.is_editor:
            raise Forbidden()

-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, required=True, nullable=False, location="json")
        parser.add_argument("files", type=list, required=False, location="json")
@ -310,20 +294,13 @@ class DraftWorkflowNodeRunApi(Resource):
        if not current_user.is_editor:
            raise Forbidden()

-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, required=True, nullable=False, location="json")
        args = parser.parse_args()

-        inputs = args.get("inputs")
-        if inputs == None:
-            raise ValueError("missing inputs")
-
        workflow_service = WorkflowService()
        workflow_node_execution = workflow_service.run_draft_workflow_node(
-            app_model=app_model, node_id=node_id, user_inputs=inputs, account=current_user
+            app_model=app_model, node_id=node_id, user_inputs=args.get("inputs"), account=current_user
        )

        return workflow_node_execution
@ -362,9 +339,6 @@ class PublishedWorkflowApi(Resource):
        if not current_user.is_editor:
            raise Forbidden()

-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
        workflow_service = WorkflowService()
        workflow = workflow_service.publish_workflow(app_model=app_model, account=current_user)

@ -402,17 +376,12 @@ class DefaultBlockConfigApi(Resource):
        if not current_user.is_editor:
            raise Forbidden()

-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
        parser = reqparse.RequestParser()
        parser.add_argument("q", type=str, location="args")
        args = parser.parse_args()

-        q = args.get("q")
-
        filters = None
-        if q:
+        if args.get("q"):
            try:
                filters = json.loads(args.get("q", ""))
            except json.JSONDecodeError:
@ -438,9 +407,6 @@ class ConvertToWorkflowApi(Resource):
        if not current_user.is_editor:
            raise Forbidden()

-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
        if request.data:
            parser = reqparse.RequestParser()
            parser.add_argument("name", type=str, required=False, nullable=True, location="json")
@ -474,29 +440,29 @@ class WorkflowConfigApi(Resource):
        }


-class PublishedAllWorkflowApi(Resource):
+class DraftWorkflowNodeRetriableApi(Resource):
    @setup_required
    @login_required
    @account_initialization_required
    @get_app_model(mode=[AppMode.ADVANCED_CHAT, AppMode.WORKFLOW])
-    @marshal_with(workflow_pagination_fields)
-    def get(self, app_model: App):
+    @marshal_with(workflow_run_node_execution_fields)
+    def post(self, app_model: App, node_id: str):
        """
-        Get published workflows
+        Run draft workflow node
        """
+        # The role of the current user in the ta table must be admin, owner, or editor
        if not current_user.is_editor:
            raise Forbidden()

        parser = reqparse.RequestParser()
-        parser.add_argument("page", type=inputs.int_range(1, 99999), required=False, default=1, location="args")
-        parser.add_argument("limit", type=inputs.int_range(1, 100), required=False, default=20, location="args")
+        parser.add_argument("inputs", type=dict, required=True, nullable=False, location="json")
        args = parser.parse_args()
-        page = args.get("page")
-        limit = args.get("limit")
        workflow_service = WorkflowService()
-        workflows, has_more = workflow_service.get_all_published_workflow(app_model=app_model, page=page, limit=limit)
+        workflow_node_execution = workflow_service.run_retriable_draft_workflow_node(
+            app_model=app_model, node_id=node_id, user_inputs=args.get("inputs", {}), account=current_user
+        )

-        return {"items": workflows, "page": page, "limit": limit, "has_more": has_more}
+        return workflow_node_execution


 api.add_resource(DraftWorkflowApi, "/apps/<uuid:app_id>/workflows/draft")
@ -513,9 +479,9 @@ api.add_resource(
    WorkflowDraftRunIterationNodeApi, "/apps/<uuid:app_id>/workflows/draft/iteration/nodes/<string:node_id>/run"
 )
 api.add_resource(PublishedWorkflowApi, "/apps/<uuid:app_id>/workflows/publish")
-api.add_resource(PublishedAllWorkflowApi, "/apps/<uuid:app_id>/workflows")
 api.add_resource(DefaultBlockConfigsApi, "/apps/<uuid:app_id>/workflows/default-workflow-block-configs")
 api.add_resource(
    DefaultBlockConfigApi, "/apps/<uuid:app_id>/workflows/default-workflow-block-configs/<string:block_type>"
 )
 api.add_resource(ConvertToWorkflowApi, "/apps/<uuid:app_id>/convert-to-workflow")
+api.add_resource(DraftWorkflowNodeRetriableApi, "/apps/<uuid:app_id>/workflows/draft/retry/nodes/<string:node_id>/run")
--- a/api/controllers/console/auth/error.py
+++ b/api/controllers/console/auth/error.py
@ -53,15 +53,3 @@ class EmailCodeLoginRateLimitExceededError(BaseHTTPException):
    error_code = "email_code_login_rate_limit_exceeded"
    description = "Too many login emails have been sent. Please try again in 5 minutes."
    code = 429
-
-
-class EmailCodeAccountDeletionRateLimitExceededError(BaseHTTPException):
-    error_code = "email_code_account_deletion_rate_limit_exceeded"
-    description = "Too many account deletion emails have been sent. Please try again in 5 minutes."
-    code = 429
-
-
-class EmailPasswordResetLimitError(BaseHTTPException):
-    error_code = "email_password_reset_limit"
-    description = "Too many failed password reset attempts. Please try again in 24 hours."
-    code = 429
--- a/api/controllers/console/auth/forgot_password.py
+++ b/api/controllers/console/auth/forgot_password.py
@ -3,19 +3,16 @@ import secrets

 from flask import request
 from flask_restful import Resource, reqparse  # type: ignore
-from sqlalchemy import select
-from sqlalchemy.orm import Session

 from constants.languages import languages
 from controllers.console import api
 from controllers.console.auth.error import (
    EmailCodeError,
-    EmailPasswordResetLimitError,
    InvalidEmailError,
    InvalidTokenError,
    PasswordMismatchError,
 )
-from controllers.console.error import AccountInFreezeError, AccountNotFound, EmailSendIpLimitError
+from controllers.console.error import AccountNotFound, EmailSendIpLimitError
 from controllers.console.wraps import setup_required
 from events.tenant_event import tenant_was_created
 from extensions.ext_database import db
@ -23,7 +20,6 @@ from libs.helper import email, extract_remote_ip
 from libs.password import hash_password, valid_password
 from models.account import Account
 from services.account_service import AccountService, TenantService
-from services.errors.account import AccountRegisterError
 from services.errors.workspace import WorkSpaceNotAllowedCreateError
 from services.feature_service import FeatureService

@ -45,8 +41,7 @@ class ForgotPasswordSendEmailApi(Resource):
        else:
            language = "en-US"

-        with Session(db.engine) as session:
-            account = session.execute(select(Account).filter_by(email=args["email"])).scalar_one_or_none()
+        account = Account.query.filter_by(email=args["email"]).first()
        token = None
        if account is None:
            if FeatureService.get_system_features().is_allow_register:
@ -71,10 +66,6 @@ class ForgotPasswordCheckApi(Resource):

        user_email = args["email"]

-        is_forgot_password_error_rate_limit = AccountService.is_forgot_password_error_rate_limit(args["email"])
-        if is_forgot_password_error_rate_limit:
-            raise EmailPasswordResetLimitError()
-
        token_data = AccountService.get_reset_password_data(args["token"])
        if token_data is None:
            raise InvalidTokenError()
@ -83,10 +74,8 @@ class ForgotPasswordCheckApi(Resource):
            raise InvalidEmailError()

        if args["code"] != token_data.get("code"):
-            AccountService.add_forgot_password_error_rate_limit(args["email"])
            raise EmailCodeError()

-        AccountService.reset_forgot_password_error_rate_limit(args["email"])
        return {"is_valid": True, "email": token_data.get("email")}


@ -119,8 +108,7 @@ class ForgotPasswordResetApi(Resource):
        password_hashed = hash_password(new_password, salt)
        base64_password_hashed = base64.b64encode(password_hashed).decode()

-        with Session(db.engine) as session:
-            account = session.execute(select(Account).filter_by(email=reset_data.get("email"))).scalar_one_or_none()
+        account = Account.query.filter_by(email=reset_data.get("email")).first()
        if account:
            account.password = base64_password_hashed
            account.password_salt = base64_salt
@ -141,8 +129,6 @@ class ForgotPasswordResetApi(Resource):
                )
            except WorkSpaceNotAllowedCreateError:
                pass
-            except AccountRegisterError:
-                raise AccountInFreezeError()

        return {"result": "success"}

--- a/api/controllers/console/auth/login.py
+++ b/api/controllers/console/auth/login.py
@ -5,7 +5,6 @@ from flask import request
 from flask_restful import Resource, reqparse  # type: ignore

 import services
-from configs import dify_config
 from constants.languages import languages
 from controllers.console import api
 from controllers.console.auth.error import (
@ -17,7 +16,6 @@ from controllers.console.auth.error import (
 )
 from controllers.console.error import (
    AccountBannedError,
-    AccountInFreezeError,
    AccountNotFound,
    EmailSendIpLimitError,
    NotAllowedCreateWorkspace,
@ -28,8 +26,6 @@ from libs.helper import email, extract_remote_ip
 from libs.password import valid_password
 from models.account import Account
 from services.account_service import AccountService, RegisterService, TenantService
-from services.billing_service import BillingService
-from services.errors.account import AccountRegisterError
 from services.errors.workspace import WorkSpaceNotAllowedCreateError
 from services.feature_service import FeatureService

@ -48,9 +44,6 @@ class LoginApi(Resource):
        parser.add_argument("language", type=str, required=False, default="en-US", location="json")
        args = parser.parse_args()

-        if dify_config.BILLING_ENABLED and BillingService.is_email_in_freeze(args["email"]):
-            raise AccountInFreezeError()
-
        is_login_error_rate_limit = AccountService.is_login_error_rate_limit(args["email"])
        if is_login_error_rate_limit:
            raise EmailPasswordLoginLimitError()
@ -120,10 +113,8 @@ class ResetPasswordSendEmailApi(Resource):
            language = "zh-Hans"
        else:
            language = "en-US"
-        try:
-            account = AccountService.get_user_through_email(args["email"])
-        except AccountRegisterError as are:
-            raise AccountInFreezeError()
+
+        account = AccountService.get_user_through_email(args["email"])
        if account is None:
            if FeatureService.get_system_features().is_allow_register:
                token = AccountService.send_reset_password_email(email=args["email"], language=language)
@ -151,11 +142,8 @@ class EmailCodeLoginSendEmailApi(Resource):
            language = "zh-Hans"
        else:
            language = "en-US"
-        try:
-            account = AccountService.get_user_through_email(args["email"])
-        except AccountRegisterError as are:
-            raise AccountInFreezeError()

+        account = AccountService.get_user_through_email(args["email"])
        if account is None:
            if FeatureService.get_system_features().is_allow_register:
                token = AccountService.send_email_code_login_email(email=args["email"], language=language)
@ -189,10 +177,7 @@ class EmailCodeLoginApi(Resource):
            raise EmailCodeError()

        AccountService.revoke_email_code_login_token(args["token"])
-        try:
-            account = AccountService.get_user_through_email(user_email)
-        except AccountRegisterError as are:
-            raise AccountInFreezeError()
+        account = AccountService.get_user_through_email(user_email)
        if account:
            tenant = TenantService.get_join_tenants(account)
            if not tenant:
@ -211,8 +196,6 @@ class EmailCodeLoginApi(Resource):
                )
            except WorkSpaceNotAllowedCreateError:
                return NotAllowedCreateWorkspace()
-            except AccountRegisterError as are:
-                raise AccountInFreezeError()
        token_pair = AccountService.login(account, ip_address=extract_remote_ip(request))
        AccountService.reset_login_error_rate_limit(args["email"])
        return {"result": "success", "data": token_pair.model_dump()}
--- a/api/controllers/console/auth/oauth.py
+++ b/api/controllers/console/auth/oauth.py
@ -5,8 +5,6 @@ from typing import Optional
 import requests
 from flask import current_app, redirect, request
 from flask_restful import Resource  # type: ignore
-from sqlalchemy import select
-from sqlalchemy.orm import Session
 from werkzeug.exceptions import Unauthorized

 from configs import dify_config
@ -18,7 +16,7 @@ from libs.oauth import GitHubOAuth, GoogleOAuth, OAuthUserInfo
 from models import Account
 from models.account import AccountStatus
 from services.account_service import AccountService, RegisterService, TenantService
-from services.errors.account import AccountNotFoundError, AccountRegisterError
+from services.errors.account import AccountNotFoundError
 from services.errors.workspace import WorkSpaceNotAllowedCreateError, WorkSpaceNotFoundError
 from services.feature_service import FeatureService

@ -101,8 +99,6 @@ class OAuthCallback(Resource):
                f"{dify_config.CONSOLE_WEB_URL}/signin"
                "?message=Workspace not found, please contact system admin to invite you to join in a workspace."
            )
-        except AccountRegisterError as e:
-            return redirect(f"{dify_config.CONSOLE_WEB_URL}/signin?message={e.description}")

        # Check account status
        if account.status == AccountStatus.BANNED.value:
@ -137,8 +133,7 @@ def _get_account_by_openid_or_email(provider: str, user_info: OAuthUserInfo) ->
    account: Optional[Account] = Account.get_by_openid(provider, user_info.id)

    if not account:
-        with Session(db.engine) as session:
-            account = session.execute(select(Account).filter_by(email=user_info.email)).scalar_one_or_none()
+        account = Account.query.filter_by(email=user_info.email).first()

    return account

--- a/api/controllers/console/datasets/data_source.py
+++ b/api/controllers/console/datasets/data_source.py
@ -4,8 +4,6 @@ import json
 from flask import request
 from flask_login import current_user  # type: ignore
 from flask_restful import Resource, marshal_with, reqparse  # type: ignore
-from sqlalchemy import select
-from sqlalchemy.orm import Session
 from werkzeug.exceptions import NotFound

 from controllers.console import api
@ -78,10 +76,7 @@ class DataSourceApi(Resource):
    def patch(self, binding_id, action):
        binding_id = str(binding_id)
        action = str(action)
-        with Session(db.engine) as session:
-            data_source_binding = session.execute(
-                select(DataSourceOauthBinding).filter_by(id=binding_id)
-            ).scalar_one_or_none()
+        data_source_binding = DataSourceOauthBinding.query.filter_by(id=binding_id).first()
        if data_source_binding is None:
            raise NotFound("Data source binding not found.")
        # enable binding
@ -113,53 +108,47 @@ class DataSourceNotionListApi(Resource):
    def get(self):
        dataset_id = request.args.get("dataset_id", default=None, type=str)
        exist_page_ids = []
-        with Session(db.engine) as session:
-            # import notion in the exist dataset
-            if dataset_id:
-                dataset = DatasetService.get_dataset(dataset_id)
-                if not dataset:
-                    raise NotFound("Dataset not found.")
-                if dataset.data_source_type != "notion_import":
-                    raise ValueError("Dataset is not notion type.")
-
-                documents = session.execute(
-                    select(Document).filter_by(
-                        dataset_id=dataset_id,
-                        tenant_id=current_user.current_tenant_id,
-                        data_source_type="notion_import",
-                        enabled=True,
-                    )
-                ).all()
-                if documents:
-                    for document in documents:
-                        data_source_info = json.loads(document.data_source_info)
-                        exist_page_ids.append(data_source_info["notion_page_id"])
-            # get all authorized pages
-            data_source_bindings = session.scalars(
-                select(DataSourceOauthBinding).filter_by(
-                    tenant_id=current_user.current_tenant_id, provider="notion", disabled=False
-                )
+        # import notion in the exist dataset
+        if dataset_id:
+            dataset = DatasetService.get_dataset(dataset_id)
+            if not dataset:
+                raise NotFound("Dataset not found.")
+            if dataset.data_source_type != "notion_import":
+                raise ValueError("Dataset is not notion type.")
+            documents = Document.query.filter_by(
+                dataset_id=dataset_id,
+                tenant_id=current_user.current_tenant_id,
+                data_source_type="notion_import",
+                enabled=True,
            ).all()
-            if not data_source_bindings:
-                return {"notion_info": []}, 200
-            pre_import_info_list = []
-            for data_source_binding in data_source_bindings:
-                source_info = data_source_binding.source_info
-                pages = source_info["pages"]
-                # Filter out already bound pages
-                for page in pages:
-                    if page["page_id"] in exist_page_ids:
-                        page["is_bound"] = True
-                    else:
-                        page["is_bound"] = False
-                pre_import_info = {
-                    "workspace_name": source_info["workspace_name"],
-                    "workspace_icon": source_info["workspace_icon"],
-                    "workspace_id": source_info["workspace_id"],
-                    "pages": pages,
-                }
-                pre_import_info_list.append(pre_import_info)
-            return {"notion_info": pre_import_info_list}, 200
+            if documents:
+                for document in documents:
+                    data_source_info = json.loads(document.data_source_info)
+                    exist_page_ids.append(data_source_info["notion_page_id"])
+        # get all authorized pages
+        data_source_bindings = DataSourceOauthBinding.query.filter_by(
+            tenant_id=current_user.current_tenant_id, provider="notion", disabled=False
+        ).all()
+        if not data_source_bindings:
+            return {"notion_info": []}, 200
+        pre_import_info_list = []
+        for data_source_binding in data_source_bindings:
+            source_info = data_source_binding.source_info
+            pages = source_info["pages"]
+            # Filter out already bound pages
+            for page in pages:
+                if page["page_id"] in exist_page_ids:
+                    page["is_bound"] = True
+                else:
+                    page["is_bound"] = False
+            pre_import_info = {
+                "workspace_name": source_info["workspace_name"],
+                "workspace_icon": source_info["workspace_icon"],
+                "workspace_id": source_info["workspace_id"],
+                "pages": pages,
+            }
+            pre_import_info_list.append(pre_import_info)
+        return {"notion_info": pre_import_info_list}, 200


 class DataSourceNotionApi(Resource):
@ -169,17 +158,14 @@ class DataSourceNotionApi(Resource):
    def get(self, workspace_id, page_id, page_type):
        workspace_id = str(workspace_id)
        page_id = str(page_id)
-        with Session(db.engine) as session:
-            data_source_binding = session.execute(
-                select(DataSourceOauthBinding).filter(
-                    db.and_(
-                        DataSourceOauthBinding.tenant_id == current_user.current_tenant_id,
-                        DataSourceOauthBinding.provider == "notion",
-                        DataSourceOauthBinding.disabled == False,
-                        DataSourceOauthBinding.source_info["workspace_id"] == f'"{workspace_id}"',
-                    )
-                )
-            ).scalar_one_or_none()
+        data_source_binding = DataSourceOauthBinding.query.filter(
+            db.and_(
+                DataSourceOauthBinding.tenant_id == current_user.current_tenant_id,
+                DataSourceOauthBinding.provider == "notion",
+                DataSourceOauthBinding.disabled == False,
+                DataSourceOauthBinding.source_info["workspace_id"] == f'"{workspace_id}"',
+            )
+        ).first()
        if not data_source_binding:
            raise NotFound("Data source binding not found.")

--- a/api/controllers/console/datasets/datasets.py
+++ b/api/controllers/console/datasets/datasets.py
@ -14,7 +14,6 @@ from controllers.console.wraps import account_initialization_required, enterpris
 from core.errors.error import LLMBadRequestError, ProviderTokenNotInitError
 from core.indexing_runner import IndexingRunner
 from core.model_runtime.entities.model_entities import ModelType
-from core.plugin.entities.plugin import ModelProviderID
 from core.provider_manager import ProviderManager
 from core.rag.datasource.vdb.vector_type import VectorType
 from core.rag.extractor.entity.extract_setting import ExtractSetting
@ -53,12 +52,12 @@ class DatasetListApi(Resource):
        # provider = request.args.get("provider", default="vendor")
        search = request.args.get("keyword", default=None, type=str)
        tag_ids = request.args.getlist("tag_ids")
-        include_all = request.args.get("include_all", default="false").lower() == "true"
+
        if ids:
            datasets, total = DatasetService.get_datasets_by_ids(ids, current_user.current_tenant_id)
        else:
            datasets, total = DatasetService.get_datasets(
-                page, limit, current_user.current_tenant_id, current_user, search, tag_ids, include_all
+                page, limit, current_user.current_tenant_id, current_user, search, tag_ids
            )

        # check embedding setting
@ -73,9 +72,7 @@ class DatasetListApi(Resource):

        data = marshal(datasets, dataset_detail_fields)
        for item in data:
-            # convert embedding_model_provider to plugin standard format
            if item["indexing_technique"] == "high_quality":
-                item["embedding_model_provider"] = str(ModelProviderID(item["embedding_model_provider"]))
                item_model = f"{item['embedding_model']}:{item['embedding_model_provider']}"
                if item_model in model_names:
                    item["embedding_available"] = True
@ -460,7 +457,7 @@ class DatasetIndexingEstimateApi(Resource):
            )
        except LLMBadRequestError:
            raise ProviderNotInitializeError(
-                "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                "No Embedding Model available. Please configure a valid provider " "in the Settings -> Model Provider."
            )
        except ProviderTokenNotInitError as ex:
            raise ProviderNotInitializeError(ex.description)
@ -622,7 +619,9 @@ class DatasetRetrievalSettingApi(Resource):
        vector_type = dify_config.VECTOR_STORE
        match vector_type:
            case (
-                VectorType.RELYT
+                VectorType.MILVUS
+                | VectorType.RELYT
+                | VectorType.PGVECTOR
                | VectorType.TIDB_VECTOR
                | VectorType.CHROMA
                | VectorType.TENCENT
@ -641,12 +640,10 @@ class DatasetRetrievalSettingApi(Resource):
                | VectorType.MYSCALE
                | VectorType.ORACLE
                | VectorType.ELASTICSEARCH
-                | VectorType.ELASTICSEARCH_JA
                | VectorType.PGVECTOR
                | VectorType.TIDB_ON_QDRANT
                | VectorType.LINDORM
                | VectorType.COUCHBASE
-                | VectorType.MILVUS
            ):
                return {
                    "retrieval_method": [
@ -686,7 +683,6 @@ class DatasetRetrievalSettingMockApi(Resource):
                | VectorType.MYSCALE
                | VectorType.ORACLE
                | VectorType.ELASTICSEARCH
-                | VectorType.ELASTICSEARCH_JA
                | VectorType.COUCHBASE
                | VectorType.PGVECTOR
                | VectorType.LINDORM
--- a/api/controllers/console/datasets/datasets_document.py
+++ b/api/controllers/console/datasets/datasets_document.py
@ -7,6 +7,7 @@ from flask import request
 from flask_login import current_user  # type: ignore
 from flask_restful import Resource, fields, marshal, marshal_with, reqparse  # type: ignore
 from sqlalchemy import asc, desc
+from transformers.hf_argparser import string_to_bool  # type: ignore
 from werkzeug.exceptions import Forbidden, NotFound

 import services
@ -39,7 +40,6 @@ from core.indexing_runner import IndexingRunner
 from core.model_manager import ModelManager
 from core.model_runtime.entities.model_entities import ModelType
 from core.model_runtime.errors.invoke import InvokeAuthorizationError
-from core.plugin.manager.exc import PluginDaemonClientSideError
 from core.rag.extractor.entity.extract_setting import ExtractSetting
 from extensions.ext_database import db
 from extensions.ext_redis import redis_client
@ -150,20 +150,8 @@ class DatasetDocumentListApi(Resource):
        sort = request.args.get("sort", default="-created_at", type=str)
        # "yes", "true", "t", "y", "1" convert to True, while others convert to False.
        try:
-            fetch_val = request.args.get("fetch", default="false")
-            if isinstance(fetch_val, bool):
-                fetch = fetch_val
-            else:
-                if fetch_val.lower() in ("yes", "true", "t", "y", "1"):
-                    fetch = True
-                elif fetch_val.lower() in ("no", "false", "f", "n", "0"):
-                    fetch = False
-                else:
-                    raise ArgumentTypeError(
-                        f"Truthy value expected: got {fetch_val} but expected one of yes/no, true/false, t/f, y/n, 1/0 "
-                        f"(case insensitive)."
-                    )
-        except (ArgumentTypeError, ValueError, Exception):
+            fetch = string_to_bool(request.args.get("fetch", default="false"))
+        except (ArgumentTypeError, ValueError, Exception) as e:
            fetch = False
        dataset = DatasetService.get_dataset(dataset_id)
        if not dataset:
@ -269,8 +257,7 @@ class DatasetDocumentListApi(Resource):
        parser.add_argument("original_document_id", type=str, required=False, location="json")
        parser.add_argument("doc_form", type=str, default="text_model", required=False, nullable=False, location="json")
        parser.add_argument("retrieval_model", type=dict, required=False, nullable=False, location="json")
-        parser.add_argument("embedding_model", type=str, required=False, nullable=True, location="json")
-        parser.add_argument("embedding_model_provider", type=str, required=False, nullable=True, location="json")
+
        parser.add_argument(
            "doc_language", type=str, default="English", required=False, nullable=False, location="json"
        )
@ -362,7 +349,8 @@ class DatasetInitApi(Resource):
                )
            except InvokeAuthorizationError:
                raise ProviderNotInitializeError(
-                    "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                    "No Embedding Model available. Please configure a valid provider "
+                    "in the Settings -> Model Provider."
                )
            except ProviderTokenNotInitError as ex:
                raise ProviderNotInitializeError(ex.description)
@ -441,8 +429,6 @@ class DocumentIndexingEstimateApi(DocumentResource):
                    )
                except ProviderTokenNotInitError as ex:
                    raise ProviderNotInitializeError(ex.description)
-                except PluginDaemonClientSideError as ex:
-                    raise ProviderNotInitializeError(ex.description)
                except Exception as e:
                    raise IndexingEstimateError(str(e))

@ -539,12 +525,11 @@ class DocumentBatchIndexingEstimateApi(DocumentResource):
                return response.model_dump(), 200
            except LLMBadRequestError:
                raise ProviderNotInitializeError(
-                    "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                    "No Embedding Model available. Please configure a valid provider "
+                    "in the Settings -> Model Provider."
                )
            except ProviderTokenNotInitError as ex:
                raise ProviderNotInitializeError(ex.description)
-            except PluginDaemonClientSideError as ex:
-                raise ProviderNotInitializeError(ex.description)
            except Exception as e:
                raise IndexingEstimateError(str(e))

--- a/api/controllers/console/datasets/datasets_segments.py
+++ b/api/controllers/console/datasets/datasets_segments.py
@ -168,7 +168,8 @@ class DatasetDocumentSegmentApi(Resource):
                )
            except LLMBadRequestError:
                raise ProviderNotInitializeError(
-                    "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                    "No Embedding Model available. Please configure a valid provider "
+                    "in the Settings -> Model Provider."
                )
            except ProviderTokenNotInitError as ex:
                raise ProviderNotInitializeError(ex.description)
@ -216,7 +217,8 @@ class DatasetDocumentSegmentAddApi(Resource):
                )
            except LLMBadRequestError:
                raise ProviderNotInitializeError(
-                    "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                    "No Embedding Model available. Please configure a valid provider "
+                    "in the Settings -> Model Provider."
                )
            except ProviderTokenNotInitError as ex:
                raise ProviderNotInitializeError(ex.description)
@ -265,7 +267,8 @@ class DatasetDocumentSegmentUpdateApi(Resource):
                )
            except LLMBadRequestError:
                raise ProviderNotInitializeError(
-                    "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                    "No Embedding Model available. Please configure a valid provider "
+                    "in the Settings -> Model Provider."
                )
            except ProviderTokenNotInitError as ex:
                raise ProviderNotInitializeError(ex.description)
@ -365,9 +368,9 @@ class DatasetDocumentSegmentBatchImportApi(Resource):
            result = []
            for index, row in df.iterrows():
                if document.doc_form == "qa_model":
-                    data = {"content": row.iloc[0], "answer": row.iloc[1]}
+                    data = {"content": row[0], "answer": row[1]}
                else:
-                    data = {"content": row.iloc[0]}
+                    data = {"content": row[0]}
                result.append(data)
            if len(result) == 0:
                raise ValueError("The CSV file is empty.")
@ -434,7 +437,8 @@ class ChildChunkAddApi(Resource):
                )
            except LLMBadRequestError:
                raise ProviderNotInitializeError(
-                    "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                    "No Embedding Model available. Please configure a valid provider "
+                    "in the Settings -> Model Provider."
                )
            except ProviderTokenNotInitError as ex:
                raise ProviderNotInitializeError(ex.description)
--- a/api/controllers/console/error.py
+++ b/api/controllers/console/error.py
@ -92,12 +92,3 @@ class UnauthorizedAndForceLogout(BaseHTTPException):
    error_code = "unauthorized_and_force_logout"
    description = "Unauthorized and force logout."
    code = 401
-
-
-class AccountInFreezeError(BaseHTTPException):
-    error_code = "account_in_freeze"
-    code = 400
-    description = (
-        "This email account has been deleted within the past 30 days"
-        "and is temporarily unavailable for new account registration."
-    )
--- a/api/controllers/console/explore/completion.py
+++ b/api/controllers/console/explore/completion.py
@ -18,11 +18,7 @@ from controllers.console.explore.error import NotChatAppError, NotCompletionAppE
 from controllers.console.explore.wraps import InstalledAppResource
 from core.app.apps.base_app_queue_manager import AppQueueManager
 from core.app.entities.app_invoke_entities import InvokeFrom
-from core.errors.error import (
-    ModelCurrentlyNotSupportError,
-    ProviderTokenNotInitError,
-    QuotaExceededError,
-)
+from core.errors.error import ModelCurrentlyNotSupportError, ProviderTokenNotInitError, QuotaExceededError
 from core.model_runtime.errors.invoke import InvokeError
 from extensions.ext_database import db
 from libs import helper
--- a/api/controllers/console/explore/conversation.py
+++ b/api/controllers/console/explore/conversation.py
@ -32,7 +32,7 @@ class ConversationListApi(InstalledAppResource):

        pinned = None
        if "pinned" in args and args["pinned"] is not None:
-            pinned = args["pinned"] == "true"
+            pinned = True if args["pinned"] == "true" else False

        try:
            with Session(db.engine) as session:
--- a/api/controllers/console/explore/message.py
+++ b/api/controllers/console/explore/message.py
@ -50,7 +50,7 @@ class MessageListApi(InstalledAppResource):

        try:
            return MessageService.pagination_by_first_id(
-                app_model, current_user, args["conversation_id"], args["first_id"], args["limit"]
+                app_model, current_user, args["conversation_id"], args["first_id"], args["limit"], "desc"
            )
        except services.errors.conversation.ConversationNotExistsError:
            raise NotFound("Conversation Not Exists.")
@ -66,17 +66,10 @@ class MessageFeedbackApi(InstalledAppResource):

        parser = reqparse.RequestParser()
        parser.add_argument("rating", type=str, choices=["like", "dislike", None], location="json")
-        parser.add_argument("content", type=str, location="json")
        args = parser.parse_args()

        try:
-            MessageService.create_feedback(
-                app_model=app_model,
-                message_id=message_id,
-                user=current_user,
-                rating=args.get("rating"),
-                content=args.get("content"),
-            )
+            MessageService.create_feedback(app_model, message_id, current_user, args.get("rating"), args.get("content"))
        except services.errors.message.MessageNotExistsError:
            raise NotFound("Message Not Exists.")

--- a/api/controllers/console/explore/workflow.py
+++ b/api/controllers/console/explore/workflow.py
@ -13,11 +13,7 @@ from controllers.console.explore.error import NotWorkflowAppError
 from controllers.console.explore.wraps import InstalledAppResource
 from core.app.apps.base_app_queue_manager import AppQueueManager
 from core.app.entities.app_invoke_entities import InvokeFrom
-from core.errors.error import (
-    ModelCurrentlyNotSupportError,
-    ProviderTokenNotInitError,
-    QuotaExceededError,
-)
+from core.errors.error import ModelCurrentlyNotSupportError, ProviderTokenNotInitError, QuotaExceededError
 from core.model_runtime.errors.invoke import InvokeError
 from libs import helper
 from libs.login import current_user
--- a/api/controllers/console/init_validate.py
+++ b/api/controllers/console/init_validate.py
@ -2,11 +2,8 @@ import os

 from flask import session
 from flask_restful import Resource, reqparse  # type: ignore
-from sqlalchemy import select
-from sqlalchemy.orm import Session

 from configs import dify_config
-from extensions.ext_database import db
 from libs.helper import StrLen
 from models.model import DifySetup
 from services.account_service import TenantService
@ -45,11 +42,7 @@ class InitValidateAPI(Resource):
 def get_init_validate_status():
    if dify_config.EDITION == "SELF_HOSTED":
        if os.environ.get("INIT_PASSWORD"):
-            if session.get("is_init_validated"):
-                return True
-
-            with Session(db.engine) as db_session:
-                return db_session.execute(select(DifySetup)).scalar_one_or_none()
+            return session.get("is_init_validated") or DifySetup.query.first()

    return True

--- a/api/controllers/console/setup.py
+++ b/api/controllers/console/setup.py
@ -4,7 +4,7 @@ from flask_restful import Resource, reqparse  # type: ignore
 from configs import dify_config
 from libs.helper import StrLen, email, extract_remote_ip
 from libs.password import valid_password
-from models.model import DifySetup, db
+from models.model import DifySetup
 from services.account_service import RegisterService, TenantService

 from . import api
@ -52,9 +52,8 @@ class SetupApi(Resource):

 def get_setup_status():
    if dify_config.EDITION == "SELF_HOSTED":
-        return db.session.query(DifySetup).first()
-    else:
-        return True
+        return DifySetup.query.first()
+    return True


 api.add_resource(SetupApi, "/setup")
--- a/api/controllers/console/workspace/init.py
+++ b/api/controllers/console/workspace/init.py
@ -1,56 +0,0 @@
-from functools import wraps
-
-from flask_login import current_user  # type: ignore
-from sqlalchemy.orm import Session
-from werkzeug.exceptions import Forbidden
-
-from extensions.ext_database import db
-from models.account import TenantPluginPermission
-
-
-def plugin_permission_required(
-    install_required: bool = False,
-    debug_required: bool = False,
-):
-    def interceptor(view):
-        @wraps(view)
-        def decorated(*args, **kwargs):
-            user = current_user
-            tenant_id = user.current_tenant_id
-
-            with Session(db.engine) as session:
-                permission = (
-                    session.query(TenantPluginPermission)
-                    .filter(
-                        TenantPluginPermission.tenant_id == tenant_id,
-                    )
-                    .first()
-                )
-
-                if not permission:
-                    # no permission set, allow access for everyone
-                    return view(*args, **kwargs)
-
-                if install_required:
-                    if permission.install_permission == TenantPluginPermission.InstallPermission.NOBODY:
-                        raise Forbidden()
-                    if permission.install_permission == TenantPluginPermission.InstallPermission.ADMINS:
-                        if not user.is_admin_or_owner:
-                            raise Forbidden()
-                    if permission.install_permission == TenantPluginPermission.InstallPermission.EVERYONE:
-                        pass
-
-                if debug_required:
-                    if permission.debug_permission == TenantPluginPermission.DebugPermission.NOBODY:
-                        raise Forbidden()
-                    if permission.debug_permission == TenantPluginPermission.DebugPermission.ADMINS:
-                        if not user.is_admin_or_owner:
-                            raise Forbidden()
-                    if permission.debug_permission == TenantPluginPermission.DebugPermission.EVERYONE:
-                        pass
-
-            return view(*args, **kwargs)
-
-        return decorated
-
-    return interceptor
--- a/api/controllers/console/workspace/account.py
+++ b/api/controllers/console/workspace/account.py
@ -11,7 +11,6 @@ from controllers.console import api
 from controllers.console.workspace.error import (
    AccountAlreadyInitedError,
    CurrentPasswordIncorrectError,
-    InvalidAccountDeletionCodeError,
    InvalidInvitationCodeError,
    RepeatPasswordNotMatchError,
 )
@ -22,7 +21,6 @@ from libs.helper import TimestampField, timezone
 from libs.login import login_required
 from models import AccountIntegrate, InvitationCode
 from services.account_service import AccountService
-from services.billing_service import BillingService
 from services.errors.account import CurrentPasswordIncorrectError as ServiceCurrentPasswordIncorrectError


@ -244,54 +242,6 @@ class AccountIntegrateApi(Resource):
        return {"data": integrate_data}


-class AccountDeleteVerifyApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def get(self):
-        account = current_user
-
-        token, code = AccountService.generate_account_deletion_verification_code(account)
-        AccountService.send_account_deletion_verification_email(account, code)
-
-        return {"result": "success", "data": token}
-
-
-class AccountDeleteApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def post(self):
-        account = current_user
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("token", type=str, required=True, location="json")
-        parser.add_argument("code", type=str, required=True, location="json")
-        args = parser.parse_args()
-
-        if not AccountService.verify_account_deletion_code(args["token"], args["code"]):
-            raise InvalidAccountDeletionCodeError()
-
-        AccountService.delete_account(account)
-
-        return {"result": "success"}
-
-
-class AccountDeleteUpdateFeedbackApi(Resource):
-    @setup_required
-    def post(self):
-        account = current_user
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("email", type=str, required=True, location="json")
-        parser.add_argument("feedback", type=str, required=True, location="json")
-        args = parser.parse_args()
-
-        BillingService.update_account_deletion_feedback(args["email"], args["feedback"])
-
-        return {"result": "success"}
-
-
 # Register API resources
 api.add_resource(AccountInitApi, "/account/init")
 api.add_resource(AccountProfileApi, "/account/profile")
@ -302,8 +252,5 @@ api.add_resource(AccountInterfaceThemeApi, "/account/interface-theme")
 api.add_resource(AccountTimezoneApi, "/account/timezone")
 api.add_resource(AccountPasswordApi, "/account/password")
 api.add_resource(AccountIntegrateApi, "/account/integrates")
-api.add_resource(AccountDeleteVerifyApi, "/account/delete/verify")
-api.add_resource(AccountDeleteApi, "/account/delete")
-api.add_resource(AccountDeleteUpdateFeedbackApi, "/account/delete/feedback")
 # api.add_resource(AccountEmailApi, '/account/email')
 # api.add_resource(AccountEmailVerifyApi, '/account/email-verify')
--- a/api/controllers/console/workspace/agent_providers.py
+++ b/api/controllers/console/workspace/agent_providers.py
@ -1,36 +0,0 @@
-from flask_login import current_user  # type: ignore
-from flask_restful import Resource  # type: ignore
-
-from controllers.console import api
-from controllers.console.wraps import account_initialization_required, setup_required
-from core.model_runtime.utils.encoders import jsonable_encoder
-from libs.login import login_required
-from services.agent_service import AgentService
-
-
-class AgentProviderListApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
-
-        return jsonable_encoder(AgentService.list_agent_providers(user_id, tenant_id))
-
-
-class AgentProviderApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def get(self, provider_name: str):
-        user = current_user
-        user_id = user.id
-        tenant_id = user.current_tenant_id
-        return jsonable_encoder(AgentService.get_agent_provider(user_id, tenant_id, provider_name))
-
-
-api.add_resource(AgentProviderListApi, "/workspaces/current/agent-providers")
-api.add_resource(AgentProviderApi, "/workspaces/current/agent-provider/<path:provider_name>")
--- a/api/controllers/console/workspace/endpoint.py
+++ b/api/controllers/console/workspace/endpoint.py
@ -1,205 +0,0 @@
-from flask_login import current_user  # type: ignore
-from flask_restful import Resource, reqparse  # type: ignore
-from werkzeug.exceptions import Forbidden
-
-from controllers.console import api
-from controllers.console.wraps import account_initialization_required, setup_required
-from core.model_runtime.utils.encoders import jsonable_encoder
-from libs.login import login_required
-from services.plugin.endpoint_service import EndpointService
-
-
-class EndpointCreateApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def post(self):
-        user = current_user
-        if not user.is_admin_or_owner:
-            raise Forbidden()
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("plugin_unique_identifier", type=str, required=True)
-        parser.add_argument("settings", type=dict, required=True)
-        parser.add_argument("name", type=str, required=True)
-        args = parser.parse_args()
-
-        plugin_unique_identifier = args["plugin_unique_identifier"]
-        settings = args["settings"]
-        name = args["name"]
-
-        return {
-            "success": EndpointService.create_endpoint(
-                tenant_id=user.current_tenant_id,
-                user_id=user.id,
-                plugin_unique_identifier=plugin_unique_identifier,
-                name=name,
-                settings=settings,
-            )
-        }
-
-
-class EndpointListApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def get(self):
-        user = current_user
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("page", type=int, required=True, location="args")
-        parser.add_argument("page_size", type=int, required=True, location="args")
-        args = parser.parse_args()
-
-        page = args["page"]
-        page_size = args["page_size"]
-
-        return jsonable_encoder(
-            {
-                "endpoints": EndpointService.list_endpoints(
-                    tenant_id=user.current_tenant_id,
-                    user_id=user.id,
-                    page=page,
-                    page_size=page_size,
-                )
-            }
-        )
-
-
-class EndpointListForSinglePluginApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def get(self):
-        user = current_user
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("page", type=int, required=True, location="args")
-        parser.add_argument("page_size", type=int, required=True, location="args")
-        parser.add_argument("plugin_id", type=str, required=True, location="args")
-        args = parser.parse_args()
-
-        page = args["page"]
-        page_size = args["page_size"]
-        plugin_id = args["plugin_id"]
-
-        return jsonable_encoder(
-            {
-                "endpoints": EndpointService.list_endpoints_for_single_plugin(
-                    tenant_id=user.current_tenant_id,
-                    user_id=user.id,
-                    plugin_id=plugin_id,
-                    page=page,
-                    page_size=page_size,
-                )
-            }
-        )
-
-
-class EndpointDeleteApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def post(self):
-        user = current_user
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("endpoint_id", type=str, required=True)
-        args = parser.parse_args()
-
-        if not user.is_admin_or_owner:
-            raise Forbidden()
-
-        endpoint_id = args["endpoint_id"]
-
-        return {
-            "success": EndpointService.delete_endpoint(
-                tenant_id=user.current_tenant_id, user_id=user.id, endpoint_id=endpoint_id
-            )
-        }
-
-
-class EndpointUpdateApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def post(self):
-        user = current_user
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("endpoint_id", type=str, required=True)
-        parser.add_argument("settings", type=dict, required=True)
-        parser.add_argument("name", type=str, required=True)
-        args = parser.parse_args()
-
-        endpoint_id = args["endpoint_id"]
-        settings = args["settings"]
-        name = args["name"]
-
-        if not user.is_admin_or_owner:
-            raise Forbidden()
-
-        return {
-            "success": EndpointService.update_endpoint(
-                tenant_id=user.current_tenant_id,
-                user_id=user.id,
-                endpoint_id=endpoint_id,
-                name=name,
-                settings=settings,
-            )
-        }
-
-
-class EndpointEnableApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def post(self):
-        user = current_user
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("endpoint_id", type=str, required=True)
-        args = parser.parse_args()
-
-        endpoint_id = args["endpoint_id"]
-
-        if not user.is_admin_or_owner:
-            raise Forbidden()
-
-        return {
-            "success": EndpointService.enable_endpoint(
-                tenant_id=user.current_tenant_id, user_id=user.id, endpoint_id=endpoint_id
-            )
-        }
-
-
-class EndpointDisableApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def post(self):
-        user = current_user
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("endpoint_id", type=str, required=True)
-        args = parser.parse_args()
-
-        endpoint_id = args["endpoint_id"]
-
-        if not user.is_admin_or_owner:
-            raise Forbidden()
-
-        return {
-            "success": EndpointService.disable_endpoint(
-                tenant_id=user.current_tenant_id, user_id=user.id, endpoint_id=endpoint_id
-            )
-        }
-
-
-api.add_resource(EndpointCreateApi, "/workspaces/current/endpoints/create")
-api.add_resource(EndpointListApi, "/workspaces/current/endpoints/list")
-api.add_resource(EndpointListForSinglePluginApi, "/workspaces/current/endpoints/list/plugin")
-api.add_resource(EndpointDeleteApi, "/workspaces/current/endpoints/delete")
-api.add_resource(EndpointUpdateApi, "/workspaces/current/endpoints/update")
-api.add_resource(EndpointEnableApi, "/workspaces/current/endpoints/enable")
-api.add_resource(EndpointDisableApi, "/workspaces/current/endpoints/disable")
--- a/api/controllers/console/workspace/error.py
+++ b/api/controllers/console/workspace/error.py
@ -35,9 +35,3 @@ class AccountNotInitializedError(BaseHTTPException):
    error_code = "account_not_initialized"
    description = "The account has not been initialized yet. Please proceed with the initialization process first."
    code = 400
-
-
-class InvalidAccountDeletionCodeError(BaseHTTPException):
-    error_code = "invalid_account_deletion_code"
-    description = "Invalid account deletion code."
-    code = 400
--- a/api/controllers/console/workspace/load_balancing_config.py
+++ b/api/controllers/console/workspace/load_balancing_config.py
@ -112,10 +112,10 @@ class LoadBalancingConfigCredentialsValidateApi(Resource):
 # Load Balancing Config
 api.add_resource(
    LoadBalancingCredentialsValidateApi,
-    "/workspaces/current/model-providers/<path:provider>/models/load-balancing-configs/credentials-validate",
+    "/workspaces/current/model-providers/<string:provider>/models/load-balancing-configs/credentials-validate",
 )

 api.add_resource(
    LoadBalancingConfigCredentialsValidateApi,
-    "/workspaces/current/model-providers/<path:provider>/models/load-balancing-configs/<string:config_id>/credentials-validate",
+    "/workspaces/current/model-providers/<string:provider>/models/load-balancing-configs/<string:config_id>/credentials-validate",
 )
--- a/api/controllers/console/workspace/members.py
+++ b/api/controllers/console/workspace/members.py
@ -122,7 +122,7 @@ class MemberUpdateRoleApi(Resource):
            return {"code": "invalid-role", "message": "Invalid role"}, 400

        member = db.session.get(Account, str(member_id))
-        if not member:
+        if member:
            abort(404)

        try:
--- a/api/controllers/console/workspace/model_providers.py
+++ b/api/controllers/console/workspace/model_providers.py
@ -79,7 +79,7 @@ class ModelProviderValidateApi(Resource):
        response = {"result": "success" if result else "error"}

        if not result:
-            response["error"] = error or "Unknown error"
+            response["error"] = error

        return response

@ -125,10 +125,9 @@ class ModelProviderIconApi(Resource):
    Get model provider icon
    """

-    def get(self, tenant_id: str, provider: str, icon_type: str, lang: str):
+    def get(self, provider: str, icon_type: str, lang: str):
        model_provider_service = ModelProviderService()
        icon, mimetype = model_provider_service.get_model_provider_icon(
-            tenant_id=tenant_id,
            provider=provider,
            icon_type=icon_type,
            lang=lang,
@ -184,17 +183,53 @@ class ModelProviderPaymentCheckoutUrlApi(Resource):
        return data


+class ModelProviderFreeQuotaSubmitApi(Resource):
+    @setup_required
+    @login_required
+    @account_initialization_required
+    def post(self, provider: str):
+        model_provider_service = ModelProviderService()
+        result = model_provider_service.free_quota_submit(tenant_id=current_user.current_tenant_id, provider=provider)
+
+        return result
+
+
+class ModelProviderFreeQuotaQualificationVerifyApi(Resource):
+    @setup_required
+    @login_required
+    @account_initialization_required
+    def get(self, provider: str):
+        parser = reqparse.RequestParser()
+        parser.add_argument("token", type=str, required=False, nullable=True, location="args")
+        args = parser.parse_args()
+
+        model_provider_service = ModelProviderService()
+        result = model_provider_service.free_quota_qualification_verify(
+            tenant_id=current_user.current_tenant_id, provider=provider, token=args["token"]
+        )
+
+        return result
+
+
 api.add_resource(ModelProviderListApi, "/workspaces/current/model-providers")

-api.add_resource(ModelProviderCredentialApi, "/workspaces/current/model-providers/<path:provider>/credentials")
-api.add_resource(ModelProviderValidateApi, "/workspaces/current/model-providers/<path:provider>/credentials/validate")
-api.add_resource(ModelProviderApi, "/workspaces/current/model-providers/<path:provider>")
+api.add_resource(ModelProviderCredentialApi, "/workspaces/current/model-providers/<string:provider>/credentials")
+api.add_resource(ModelProviderValidateApi, "/workspaces/current/model-providers/<string:provider>/credentials/validate")
+api.add_resource(ModelProviderApi, "/workspaces/current/model-providers/<string:provider>")
+api.add_resource(
+    ModelProviderIconApi, "/workspaces/current/model-providers/<string:provider>/<string:icon_type>/<string:lang>"
+)

 api.add_resource(
-    PreferredProviderTypeUpdateApi, "/workspaces/current/model-providers/<path:provider>/preferred-provider-type"
+    PreferredProviderTypeUpdateApi, "/workspaces/current/model-providers/<string:provider>/preferred-provider-type"
 )
-api.add_resource(ModelProviderPaymentCheckoutUrlApi, "/workspaces/current/model-providers/<path:provider>/checkout-url")
 api.add_resource(
-    ModelProviderIconApi,
-    "/workspaces/<string:tenant_id>/model-providers/<path:provider>/<string:icon_type>/<string:lang>",
+    ModelProviderPaymentCheckoutUrlApi, "/workspaces/current/model-providers/<string:provider>/checkout-url"
+)
+api.add_resource(
+    ModelProviderFreeQuotaSubmitApi, "/workspaces/current/model-providers/<string:provider>/free-quota-submit"
+)
+api.add_resource(
+    ModelProviderFreeQuotaQualificationVerifyApi,
+    "/workspaces/current/model-providers/<string:provider>/free-quota-qualification-verify",
 )
--- a/api/controllers/console/workspace/models.py
+++ b/api/controllers/console/workspace/models.py
@ -325,7 +325,7 @@ class ModelProviderModelValidateApi(Resource):
        response = {"result": "success" if result else "error"}

        if not result:
-            response["error"] = error or ""
+            response["error"] = error

        return response

@ -362,26 +362,26 @@ class ModelProviderAvailableModelApi(Resource):
        return jsonable_encoder({"data": models})


-api.add_resource(ModelProviderModelApi, "/workspaces/current/model-providers/<path:provider>/models")
+api.add_resource(ModelProviderModelApi, "/workspaces/current/model-providers/<string:provider>/models")
 api.add_resource(
    ModelProviderModelEnableApi,
-    "/workspaces/current/model-providers/<path:provider>/models/enable",
+    "/workspaces/current/model-providers/<string:provider>/models/enable",
    endpoint="model-provider-model-enable",
 )
 api.add_resource(
    ModelProviderModelDisableApi,
-    "/workspaces/current/model-providers/<path:provider>/models/disable",
+    "/workspaces/current/model-providers/<string:provider>/models/disable",
    endpoint="model-provider-model-disable",
 )
 api.add_resource(
-    ModelProviderModelCredentialApi, "/workspaces/current/model-providers/<path:provider>/models/credentials"
+    ModelProviderModelCredentialApi, "/workspaces/current/model-providers/<string:provider>/models/credentials"
 )
 api.add_resource(
-    ModelProviderModelValidateApi, "/workspaces/current/model-providers/<path:provider>/models/credentials/validate"
+    ModelProviderModelValidateApi, "/workspaces/current/model-providers/<string:provider>/models/credentials/validate"
 )

 api.add_resource(
-    ModelProviderModelParameterRuleApi, "/workspaces/current/model-providers/<path:provider>/models/parameter-rules"
+    ModelProviderModelParameterRuleApi, "/workspaces/current/model-providers/<string:provider>/models/parameter-rules"
 )
 api.add_resource(ModelProviderAvailableModelApi, "/workspaces/current/models/model-types/<string:model_type>")
 api.add_resource(DefaultModelApi, "/workspaces/current/default-model")
--- a/api/controllers/console/workspace/plugin.py
+++ b/api/controllers/console/workspace/plugin.py
@ -1,475 +0,0 @@
-import io
-
-from flask import request, send_file
-from flask_login import current_user  # type: ignore
-from flask_restful import Resource, reqparse  # type: ignore
-from werkzeug.exceptions import Forbidden
-
-from configs import dify_config
-from controllers.console import api
-from controllers.console.workspace import plugin_permission_required
-from controllers.console.wraps import account_initialization_required, setup_required
-from core.model_runtime.utils.encoders import jsonable_encoder
-from core.plugin.manager.exc import PluginDaemonClientSideError
-from libs.login import login_required
-from models.account import TenantPluginPermission
-from services.plugin.plugin_permission_service import PluginPermissionService
-from services.plugin.plugin_service import PluginService
-
-
-class PluginDebuggingKeyApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def get(self):
-        tenant_id = current_user.current_tenant_id
-
-        try:
-            return {
-                "key": PluginService.get_debugging_key(tenant_id),
-                "host": dify_config.PLUGIN_REMOTE_INSTALL_HOST,
-                "port": dify_config.PLUGIN_REMOTE_INSTALL_PORT,
-            }
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginListApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def get(self):
-        tenant_id = current_user.current_tenant_id
-        try:
-            plugins = PluginService.list(tenant_id)
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-        return jsonable_encoder({"plugins": plugins})
-
-
-class PluginListInstallationsFromIdsApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("plugin_ids", type=list, required=True, location="json")
-        args = parser.parse_args()
-
-        try:
-            plugins = PluginService.list_installations_from_ids(tenant_id, args["plugin_ids"])
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-        return jsonable_encoder({"plugins": plugins})
-
-
-class PluginIconApi(Resource):
-    @setup_required
-    def get(self):
-        req = reqparse.RequestParser()
-        req.add_argument("tenant_id", type=str, required=True, location="args")
-        req.add_argument("filename", type=str, required=True, location="args")
-        args = req.parse_args()
-
-        try:
-            icon_bytes, mimetype = PluginService.get_asset(args["tenant_id"], args["filename"])
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-        icon_cache_max_age = dify_config.TOOL_ICON_CACHE_MAX_AGE
-        return send_file(io.BytesIO(icon_bytes), mimetype=mimetype, max_age=icon_cache_max_age)
-
-
-class PluginUploadFromPkgApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(install_required=True)
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        file = request.files["pkg"]
-
-        # check file size
-        if file.content_length > dify_config.PLUGIN_MAX_PACKAGE_SIZE:
-            raise ValueError("File size exceeds the maximum allowed size")
-
-        content = file.read()
-        try:
-            response = PluginService.upload_pkg(tenant_id, content)
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-        return jsonable_encoder(response)
-
-
-class PluginUploadFromGithubApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(install_required=True)
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("repo", type=str, required=True, location="json")
-        parser.add_argument("version", type=str, required=True, location="json")
-        parser.add_argument("package", type=str, required=True, location="json")
-        args = parser.parse_args()
-
-        try:
-            response = PluginService.upload_pkg_from_github(tenant_id, args["repo"], args["version"], args["package"])
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-        return jsonable_encoder(response)
-
-
-class PluginUploadFromBundleApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(install_required=True)
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        file = request.files["bundle"]
-
-        # check file size
-        if file.content_length > dify_config.PLUGIN_MAX_BUNDLE_SIZE:
-            raise ValueError("File size exceeds the maximum allowed size")
-
-        content = file.read()
-        try:
-            response = PluginService.upload_bundle(tenant_id, content)
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-        return jsonable_encoder(response)
-
-
-class PluginInstallFromPkgApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(install_required=True)
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("plugin_unique_identifiers", type=list, required=True, location="json")
-        args = parser.parse_args()
-
-        # check if all plugin_unique_identifiers are valid string
-        for plugin_unique_identifier in args["plugin_unique_identifiers"]:
-            if not isinstance(plugin_unique_identifier, str):
-                raise ValueError("Invalid plugin unique identifier")
-
-        try:
-            response = PluginService.install_from_local_pkg(tenant_id, args["plugin_unique_identifiers"])
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-        return jsonable_encoder(response)
-
-
-class PluginInstallFromGithubApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(install_required=True)
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("repo", type=str, required=True, location="json")
-        parser.add_argument("version", type=str, required=True, location="json")
-        parser.add_argument("package", type=str, required=True, location="json")
-        parser.add_argument("plugin_unique_identifier", type=str, required=True, location="json")
-        args = parser.parse_args()
-
-        try:
-            response = PluginService.install_from_github(
-                tenant_id,
-                args["plugin_unique_identifier"],
-                args["repo"],
-                args["version"],
-                args["package"],
-            )
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-        return jsonable_encoder(response)
-
-
-class PluginInstallFromMarketplaceApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(install_required=True)
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("plugin_unique_identifiers", type=list, required=True, location="json")
-        args = parser.parse_args()
-
-        # check if all plugin_unique_identifiers are valid string
-        for plugin_unique_identifier in args["plugin_unique_identifiers"]:
-            if not isinstance(plugin_unique_identifier, str):
-                raise ValueError("Invalid plugin unique identifier")
-
-        try:
-            response = PluginService.install_from_marketplace_pkg(tenant_id, args["plugin_unique_identifiers"])
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-        return jsonable_encoder(response)
-
-
-class PluginFetchManifestApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def get(self):
-        tenant_id = current_user.current_tenant_id
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("plugin_unique_identifier", type=str, required=True, location="args")
-        args = parser.parse_args()
-
-        try:
-            return jsonable_encoder(
-                {
-                    "manifest": PluginService.fetch_plugin_manifest(
-                        tenant_id, args["plugin_unique_identifier"]
-                    ).model_dump()
-                }
-            )
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginFetchInstallTasksApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def get(self):
-        tenant_id = current_user.current_tenant_id
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("page", type=int, required=True, location="args")
-        parser.add_argument("page_size", type=int, required=True, location="args")
-        args = parser.parse_args()
-
-        try:
-            return jsonable_encoder(
-                {"tasks": PluginService.fetch_install_tasks(tenant_id, args["page"], args["page_size"])}
-            )
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginFetchInstallTaskApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def get(self, task_id: str):
-        tenant_id = current_user.current_tenant_id
-
-        try:
-            return jsonable_encoder({"task": PluginService.fetch_install_task(tenant_id, task_id)})
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginDeleteInstallTaskApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def post(self, task_id: str):
-        tenant_id = current_user.current_tenant_id
-
-        try:
-            return {"success": PluginService.delete_install_task(tenant_id, task_id)}
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginDeleteAllInstallTaskItemsApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        try:
-            return {"success": PluginService.delete_all_install_task_items(tenant_id)}
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginDeleteInstallTaskItemApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def post(self, task_id: str, identifier: str):
-        tenant_id = current_user.current_tenant_id
-
-        try:
-            return {"success": PluginService.delete_install_task_item(tenant_id, task_id, identifier)}
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginUpgradeFromMarketplaceApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("original_plugin_unique_identifier", type=str, required=True, location="json")
-        parser.add_argument("new_plugin_unique_identifier", type=str, required=True, location="json")
-        args = parser.parse_args()
-
-        try:
-            return jsonable_encoder(
-                PluginService.upgrade_plugin_with_marketplace(
-                    tenant_id, args["original_plugin_unique_identifier"], args["new_plugin_unique_identifier"]
-                )
-            )
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginUpgradeFromGithubApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def post(self):
-        tenant_id = current_user.current_tenant_id
-
-        parser = reqparse.RequestParser()
-        parser.add_argument("original_plugin_unique_identifier", type=str, required=True, location="json")
-        parser.add_argument("new_plugin_unique_identifier", type=str, required=True, location="json")
-        parser.add_argument("repo", type=str, required=True, location="json")
-        parser.add_argument("version", type=str, required=True, location="json")
-        parser.add_argument("package", type=str, required=True, location="json")
-        args = parser.parse_args()
-
-        try:
-            return jsonable_encoder(
-                PluginService.upgrade_plugin_with_github(
-                    tenant_id,
-                    args["original_plugin_unique_identifier"],
-                    args["new_plugin_unique_identifier"],
-                    args["repo"],
-                    args["version"],
-                    args["package"],
-                )
-            )
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginUninstallApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @plugin_permission_required(debug_required=True)
-    def post(self):
-        req = reqparse.RequestParser()
-        req.add_argument("plugin_installation_id", type=str, required=True, location="json")
-        args = req.parse_args()
-
-        tenant_id = current_user.current_tenant_id
-
-        try:
-            return {"success": PluginService.uninstall(tenant_id, args["plugin_installation_id"])}
-        except PluginDaemonClientSideError as e:
-            raise ValueError(e)
-
-
-class PluginChangePermissionApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def post(self):
-        user = current_user
-        if not user.is_admin_or_owner:
-            raise Forbidden()
-
-        req = reqparse.RequestParser()
-        req.add_argument("install_permission", type=str, required=True, location="json")
-        req.add_argument("debug_permission", type=str, required=True, location="json")
-        args = req.parse_args()
-
-        install_permission = TenantPluginPermission.InstallPermission(args["install_permission"])
-        debug_permission = TenantPluginPermission.DebugPermission(args["debug_permission"])
-
-        tenant_id = user.current_tenant_id
-
-        return {"success": PluginPermissionService.change_permission(tenant_id, install_permission, debug_permission)}
-
-
-class PluginFetchPermissionApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def get(self):
-        tenant_id = current_user.current_tenant_id
-
-        permission = PluginPermissionService.get_permission(tenant_id)
-        if not permission:
-            return jsonable_encoder(
-                {
-                    "install_permission": TenantPluginPermission.InstallPermission.EVERYONE,
-                    "debug_permission": TenantPluginPermission.DebugPermission.EVERYONE,
-                }
-            )
-
-        return jsonable_encoder(
-            {
-                "install_permission": permission.install_permission,
-                "debug_permission": permission.debug_permission,
-            }
-        )
-
-
-api.add_resource(PluginDebuggingKeyApi, "/workspaces/current/plugin/debugging-key")
-api.add_resource(PluginListApi, "/workspaces/current/plugin/list")
-api.add_resource(PluginListInstallationsFromIdsApi, "/workspaces/current/plugin/list/installations/ids")
-api.add_resource(PluginIconApi, "/workspaces/current/plugin/icon")
-api.add_resource(PluginUploadFromPkgApi, "/workspaces/current/plugin/upload/pkg")
-api.add_resource(PluginUploadFromGithubApi, "/workspaces/current/plugin/upload/github")
-api.add_resource(PluginUploadFromBundleApi, "/workspaces/current/plugin/upload/bundle")
-api.add_resource(PluginInstallFromPkgApi, "/workspaces/current/plugin/install/pkg")
-api.add_resource(PluginInstallFromGithubApi, "/workspaces/current/plugin/install/github")
-api.add_resource(PluginUpgradeFromMarketplaceApi, "/workspaces/current/plugin/upgrade/marketplace")
-api.add_resource(PluginUpgradeFromGithubApi, "/workspaces/current/plugin/upgrade/github")
-api.add_resource(PluginInstallFromMarketplaceApi, "/workspaces/current/plugin/install/marketplace")
-api.add_resource(PluginFetchManifestApi, "/workspaces/current/plugin/fetch-manifest")
-api.add_resource(PluginFetchInstallTasksApi, "/workspaces/current/plugin/tasks")
-api.add_resource(PluginFetchInstallTaskApi, "/workspaces/current/plugin/tasks/<task_id>")
-api.add_resource(PluginDeleteInstallTaskApi, "/workspaces/current/plugin/tasks/<task_id>/delete")
-api.add_resource(PluginDeleteAllInstallTaskItemsApi, "/workspaces/current/plugin/tasks/delete_all")
-api.add_resource(PluginDeleteInstallTaskItemApi, "/workspaces/current/plugin/tasks/<task_id>/delete/<path:identifier>")
-api.add_resource(PluginUninstallApi, "/workspaces/current/plugin/uninstall")
-
-api.add_resource(PluginChangePermissionApi, "/workspaces/current/plugin/permission/change")
-api.add_resource(PluginFetchPermissionApi, "/workspaces/current/plugin/permission/fetch")
--- a/api/controllers/console/workspace/tool_providers.py
+++ b/api/controllers/console/workspace/tool_providers.py
@ -25,10 +25,8 @@ class ToolProviderListApi(Resource):
    @login_required
    @account_initialization_required
    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        req = reqparse.RequestParser()
        req.add_argument(
@ -49,43 +47,28 @@ class ToolBuiltinProviderListToolsApi(Resource):
    @login_required
    @account_initialization_required
    def get(self, provider):
-        user = current_user
-
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        return jsonable_encoder(
            BuiltinToolManageService.list_builtin_tool_provider_tools(
+                user_id,
                tenant_id,
                provider,
            )
        )


-class ToolBuiltinProviderInfoApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    def get(self, provider):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
-
-        return jsonable_encoder(BuiltinToolManageService.get_builtin_tool_provider_info(user_id, tenant_id, provider))
-
-
 class ToolBuiltinProviderDeleteApi(Resource):
    @setup_required
    @login_required
    @account_initialization_required
    def post(self, provider):
-        user = current_user
-
-        if not user.is_admin_or_owner:
+        if not current_user.is_admin_or_owner:
            raise Forbidden()

-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        return BuiltinToolManageService.delete_builtin_tool_provider(
            user_id,
@ -99,13 +82,11 @@ class ToolBuiltinProviderUpdateApi(Resource):
    @login_required
    @account_initialization_required
    def post(self, provider):
-        user = current_user
-
-        if not user.is_admin_or_owner:
+        if not current_user.is_admin_or_owner:
            raise Forbidden()

-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        parser = reqparse.RequestParser()
        parser.add_argument("credentials", type=dict, required=True, nullable=False, location="json")
@ -150,13 +131,11 @@ class ToolApiProviderAddApi(Resource):
    @login_required
    @account_initialization_required
    def post(self):
-        user = current_user
-
-        if not user.is_admin_or_owner:
+        if not current_user.is_admin_or_owner:
            raise Forbidden()

-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        parser = reqparse.RequestParser()
        parser.add_argument("credentials", type=dict, required=True, nullable=False, location="json")
@ -189,11 +168,6 @@ class ToolApiProviderGetRemoteSchemaApi(Resource):
    @login_required
    @account_initialization_required
    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
-
        parser = reqparse.RequestParser()

        parser.add_argument("url", type=str, required=True, nullable=False, location="args")
@ -201,8 +175,8 @@ class ToolApiProviderGetRemoteSchemaApi(Resource):
        args = parser.parse_args()

        return ApiToolManageService.get_api_tool_provider_remote_schema(
-            user_id,
-            tenant_id,
+            current_user.id,
+            current_user.current_tenant_id,
            args["url"],
        )

@ -212,10 +186,8 @@ class ToolApiProviderListToolsApi(Resource):
    @login_required
    @account_initialization_required
    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        parser = reqparse.RequestParser()

@ -237,13 +209,11 @@ class ToolApiProviderUpdateApi(Resource):
    @login_required
    @account_initialization_required
    def post(self):
-        user = current_user
-
-        if not user.is_admin_or_owner:
+        if not current_user.is_admin_or_owner:
            raise Forbidden()

-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        parser = reqparse.RequestParser()
        parser.add_argument("credentials", type=dict, required=True, nullable=False, location="json")
@ -278,13 +248,11 @@ class ToolApiProviderDeleteApi(Resource):
    @login_required
    @account_initialization_required
    def post(self):
-        user = current_user
-
-        if not user.is_admin_or_owner:
+        if not current_user.is_admin_or_owner:
            raise Forbidden()

-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        parser = reqparse.RequestParser()

@ -304,10 +272,8 @@ class ToolApiProviderGetApi(Resource):
    @login_required
    @account_initialization_required
    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        parser = reqparse.RequestParser()

@ -327,11 +293,7 @@ class ToolBuiltinProviderCredentialsSchemaApi(Resource):
    @login_required
    @account_initialization_required
    def get(self, provider):
-        user = current_user
-
-        tenant_id = user.current_tenant_id
-
-        return BuiltinToolManageService.list_builtin_provider_credentials_schema(provider, tenant_id)
+        return BuiltinToolManageService.list_builtin_provider_credentials_schema(provider)


 class ToolApiProviderSchemaApi(Resource):
@ -382,13 +344,11 @@ class ToolWorkflowProviderCreateApi(Resource):
    @login_required
    @account_initialization_required
    def post(self):
-        user = current_user
-
-        if not user.is_admin_or_owner:
+        if not current_user.is_admin_or_owner:
            raise Forbidden()

-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        reqparser = reqparse.RequestParser()
        reqparser.add_argument("workflow_app_id", type=uuid_value, required=True, nullable=False, location="json")
@ -421,13 +381,11 @@ class ToolWorkflowProviderUpdateApi(Resource):
    @login_required
    @account_initialization_required
    def post(self):
-        user = current_user
-
-        if not user.is_admin_or_owner:
+        if not current_user.is_admin_or_owner:
            raise Forbidden()

-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        reqparser = reqparse.RequestParser()
        reqparser.add_argument("workflow_tool_id", type=uuid_value, required=True, nullable=False, location="json")
@ -463,13 +421,11 @@ class ToolWorkflowProviderDeleteApi(Resource):
    @login_required
    @account_initialization_required
    def post(self):
-        user = current_user
-
-        if not user.is_admin_or_owner:
+        if not current_user.is_admin_or_owner:
            raise Forbidden()

-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        reqparser = reqparse.RequestParser()
        reqparser.add_argument("workflow_tool_id", type=uuid_value, required=True, nullable=False, location="json")
@ -488,10 +444,8 @@ class ToolWorkflowProviderGetApi(Resource):
    @login_required
    @account_initialization_required
    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        parser = reqparse.RequestParser()
        parser.add_argument("workflow_tool_id", type=uuid_value, required=False, nullable=True, location="args")
@ -522,10 +476,8 @@ class ToolWorkflowProviderListToolApi(Resource):
    @login_required
    @account_initialization_required
    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        parser = reqparse.RequestParser()
        parser.add_argument("workflow_tool_id", type=uuid_value, required=True, nullable=False, location="args")
@ -546,10 +498,8 @@ class ToolBuiltinListApi(Resource):
    @login_required
    @account_initialization_required
    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        return jsonable_encoder(
            [
@ -567,10 +517,8 @@ class ToolApiListApi(Resource):
    @login_required
    @account_initialization_required
    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        return jsonable_encoder(
            [
@ -588,10 +536,8 @@ class ToolWorkflowListApi(Resource):
    @login_required
    @account_initialization_required
    def get(self):
-        user = current_user
-
-        user_id = user.id
-        tenant_id = user.current_tenant_id
+        user_id = current_user.id
+        tenant_id = current_user.current_tenant_id

        return jsonable_encoder(
            [
@ -617,18 +563,16 @@ class ToolLabelsApi(Resource):
 api.add_resource(ToolProviderListApi, "/workspaces/current/tool-providers")

 # builtin tool provider
-api.add_resource(ToolBuiltinProviderListToolsApi, "/workspaces/current/tool-provider/builtin/<path:provider>/tools")
-api.add_resource(ToolBuiltinProviderInfoApi, "/workspaces/current/tool-provider/builtin/<path:provider>/info")
-api.add_resource(ToolBuiltinProviderDeleteApi, "/workspaces/current/tool-provider/builtin/<path:provider>/delete")
-api.add_resource(ToolBuiltinProviderUpdateApi, "/workspaces/current/tool-provider/builtin/<path:provider>/update")
+api.add_resource(ToolBuiltinProviderListToolsApi, "/workspaces/current/tool-provider/builtin/<provider>/tools")
+api.add_resource(ToolBuiltinProviderDeleteApi, "/workspaces/current/tool-provider/builtin/<provider>/delete")
+api.add_resource(ToolBuiltinProviderUpdateApi, "/workspaces/current/tool-provider/builtin/<provider>/update")
 api.add_resource(
-    ToolBuiltinProviderGetCredentialsApi, "/workspaces/current/tool-provider/builtin/<path:provider>/credentials"
+    ToolBuiltinProviderGetCredentialsApi, "/workspaces/current/tool-provider/builtin/<provider>/credentials"
 )
 api.add_resource(
-    ToolBuiltinProviderCredentialsSchemaApi,
-    "/workspaces/current/tool-provider/builtin/<path:provider>/credentials_schema",
+    ToolBuiltinProviderCredentialsSchemaApi, "/workspaces/current/tool-provider/builtin/<provider>/credentials_schema"
 )
-api.add_resource(ToolBuiltinProviderIconApi, "/workspaces/current/tool-provider/builtin/<path:provider>/icon")
+api.add_resource(ToolBuiltinProviderIconApi, "/workspaces/current/tool-provider/builtin/<provider>/icon")

 # api tool provider
 api.add_resource(ToolApiProviderAddApi, "/workspaces/current/tool-provider/api/add")
--- a/api/controllers/console/wraps.py
+++ b/api/controllers/console/wraps.py
@ -7,7 +7,6 @@ from flask_login import current_user  # type: ignore

 from configs import dify_config
 from controllers.console.workspace.error import AccountNotInitializedError
-from extensions.ext_database import db
 from models.model import DifySetup
 from services.feature_service import FeatureService, LicenseStatus
 from services.operation_service import OperationService
@ -135,13 +134,9 @@ def setup_required(view):
    @wraps(view)
    def decorated(*args, **kwargs):
        # check setup
-        if (
-            dify_config.EDITION == "SELF_HOSTED"
-            and os.environ.get("INIT_PASSWORD")
-            and not db.session.query(DifySetup).first()
-        ):
+        if dify_config.EDITION == "SELF_HOSTED" and os.environ.get("INIT_PASSWORD") and not DifySetup.query.first():
            raise NotInitValidateError()
-        elif dify_config.EDITION == "SELF_HOSTED" and not db.session.query(DifySetup).first():
+        elif dify_config.EDITION == "SELF_HOSTED" and not DifySetup.query.first():
            raise NotSetupError()

        return view(*args, **kwargs)
--- a/api/controllers/files/init.py
+++ b/api/controllers/files/init.py
@ -6,4 +6,4 @@ bp = Blueprint("files", __name__)
 api = ExternalApi(bp)


-from . import image_preview, tool_files, upload
+from . import image_preview, tool_files
--- a/api/controllers/files/upload.py
+++ b/api/controllers/files/upload.py
@ -1,69 +0,0 @@
-from flask import request
-from flask_restful import Resource, marshal_with  # type: ignore
-from werkzeug.exceptions import Forbidden
-
-import services
-from controllers.console.wraps import setup_required
-from controllers.files import api
-from controllers.files.error import UnsupportedFileTypeError
-from controllers.inner_api.plugin.wraps import get_user
-from controllers.service_api.app.error import FileTooLargeError
-from core.file.helpers import verify_plugin_file_signature
-from fields.file_fields import file_fields
-from services.file_service import FileService
-
-
-class PluginUploadFileApi(Resource):
-    @setup_required
-    @marshal_with(file_fields)
-    def post(self):
-        # get file from request
-        file = request.files["file"]
-
-        timestamp = request.args.get("timestamp")
-        nonce = request.args.get("nonce")
-        sign = request.args.get("sign")
-        tenant_id = request.args.get("tenant_id")
-        if not tenant_id:
-            raise Forbidden("Invalid request.")
-
-        user_id = request.args.get("user_id")
-        user = get_user(tenant_id, user_id)
-
-        filename = file.filename
-        mimetype = file.mimetype
-
-        if not filename or not mimetype:
-            raise Forbidden("Invalid request.")
-
-        if not timestamp or not nonce or not sign:
-            raise Forbidden("Invalid request.")
-
-        if not verify_plugin_file_signature(
-            filename=filename,
-            mimetype=mimetype,
-            tenant_id=tenant_id,
-            user_id=user_id,
-            timestamp=timestamp,
-            nonce=nonce,
-            sign=sign,
-        ):
-            raise Forbidden("Invalid request.")
-
-        try:
-            upload_file = FileService.upload_file(
-                filename=filename,
-                content=file.read(),
-                mimetype=mimetype,
-                user=user,
-                source=None,
-            )
-        except services.errors.file.FileTooLargeError as file_too_large_error:
-            raise FileTooLargeError(file_too_large_error.description)
-        except services.errors.file.UnsupportedFileTypeError:
-            raise UnsupportedFileTypeError()
-
-        return upload_file, 201
-
-
-api.add_resource(PluginUploadFileApi, "/files/upload/for-plugin")
--- a/api/controllers/inner_api/init.py
+++ b/api/controllers/inner_api/init.py
@ -5,5 +5,4 @@ from libs.external_api import ExternalApi
 bp = Blueprint("inner_api", __name__, url_prefix="/inner/api")
 api = ExternalApi(bp)

-from .plugin import plugin
 from .workspace import workspace
--- a/api/controllers/inner_api/plugin/plugin.py
+++ b/api/controllers/inner_api/plugin/plugin.py
@ -1,293 +0,0 @@
-from flask_restful import Resource  # type: ignore
-
-from controllers.console.wraps import setup_required
-from controllers.inner_api import api
-from controllers.inner_api.plugin.wraps import get_user_tenant, plugin_data
-from controllers.inner_api.wraps import plugin_inner_api_only
-from core.file.helpers import get_signed_file_url_for_plugin
-from core.model_runtime.utils.encoders import jsonable_encoder
-from core.plugin.backwards_invocation.app import PluginAppBackwardsInvocation
-from core.plugin.backwards_invocation.base import BaseBackwardsInvocationResponse
-from core.plugin.backwards_invocation.encrypt import PluginEncrypter
-from core.plugin.backwards_invocation.model import PluginModelBackwardsInvocation
-from core.plugin.backwards_invocation.node import PluginNodeBackwardsInvocation
-from core.plugin.backwards_invocation.tool import PluginToolBackwardsInvocation
-from core.plugin.entities.request import (
-    RequestInvokeApp,
-    RequestInvokeEncrypt,
-    RequestInvokeLLM,
-    RequestInvokeModeration,
-    RequestInvokeParameterExtractorNode,
-    RequestInvokeQuestionClassifierNode,
-    RequestInvokeRerank,
-    RequestInvokeSpeech2Text,
-    RequestInvokeSummary,
-    RequestInvokeTextEmbedding,
-    RequestInvokeTool,
-    RequestInvokeTTS,
-    RequestRequestUploadFile,
-)
-from core.tools.entities.tool_entities import ToolProviderType
-from libs.helper import compact_generate_response
-from models.account import Account, Tenant
-from models.model import EndUser
-
-
-class PluginInvokeLLMApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeLLM)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeLLM):
-        def generator():
-            response = PluginModelBackwardsInvocation.invoke_llm(user_model.id, tenant_model, payload)
-            return PluginModelBackwardsInvocation.convert_to_event_stream(response)
-
-        return compact_generate_response(generator())
-
-
-class PluginInvokeTextEmbeddingApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeTextEmbedding)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeTextEmbedding):
-        try:
-            return jsonable_encoder(
-                BaseBackwardsInvocationResponse(
-                    data=PluginModelBackwardsInvocation.invoke_text_embedding(
-                        user_id=user_model.id,
-                        tenant=tenant_model,
-                        payload=payload,
-                    )
-                )
-            )
-        except Exception as e:
-            return jsonable_encoder(BaseBackwardsInvocationResponse(error=str(e)))
-
-
-class PluginInvokeRerankApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeRerank)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeRerank):
-        try:
-            return jsonable_encoder(
-                BaseBackwardsInvocationResponse(
-                    data=PluginModelBackwardsInvocation.invoke_rerank(
-                        user_id=user_model.id,
-                        tenant=tenant_model,
-                        payload=payload,
-                    )
-                )
-            )
-        except Exception as e:
-            return jsonable_encoder(BaseBackwardsInvocationResponse(error=str(e)))
-
-
-class PluginInvokeTTSApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeTTS)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeTTS):
-        def generator():
-            response = PluginModelBackwardsInvocation.invoke_tts(
-                user_id=user_model.id,
-                tenant=tenant_model,
-                payload=payload,
-            )
-            return PluginModelBackwardsInvocation.convert_to_event_stream(response)
-
-        return compact_generate_response(generator())
-
-
-class PluginInvokeSpeech2TextApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeSpeech2Text)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeSpeech2Text):
-        try:
-            return jsonable_encoder(
-                BaseBackwardsInvocationResponse(
-                    data=PluginModelBackwardsInvocation.invoke_speech2text(
-                        user_id=user_model.id,
-                        tenant=tenant_model,
-                        payload=payload,
-                    )
-                )
-            )
-        except Exception as e:
-            return jsonable_encoder(BaseBackwardsInvocationResponse(error=str(e)))
-
-
-class PluginInvokeModerationApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeModeration)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeModeration):
-        try:
-            return jsonable_encoder(
-                BaseBackwardsInvocationResponse(
-                    data=PluginModelBackwardsInvocation.invoke_moderation(
-                        user_id=user_model.id,
-                        tenant=tenant_model,
-                        payload=payload,
-                    )
-                )
-            )
-        except Exception as e:
-            return jsonable_encoder(BaseBackwardsInvocationResponse(error=str(e)))
-
-
-class PluginInvokeToolApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeTool)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeTool):
-        def generator():
-            return PluginToolBackwardsInvocation.convert_to_event_stream(
-                PluginToolBackwardsInvocation.invoke_tool(
-                    tenant_id=tenant_model.id,
-                    user_id=user_model.id,
-                    tool_type=ToolProviderType.value_of(payload.tool_type),
-                    provider=payload.provider,
-                    tool_name=payload.tool,
-                    tool_parameters=payload.tool_parameters,
-                ),
-            )
-
-        return compact_generate_response(generator())
-
-
-class PluginInvokeParameterExtractorNodeApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeParameterExtractorNode)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeParameterExtractorNode):
-        try:
-            return jsonable_encoder(
-                BaseBackwardsInvocationResponse(
-                    data=PluginNodeBackwardsInvocation.invoke_parameter_extractor(
-                        tenant_id=tenant_model.id,
-                        user_id=user_model.id,
-                        parameters=payload.parameters,
-                        model_config=payload.model,
-                        instruction=payload.instruction,
-                        query=payload.query,
-                    )
-                )
-            )
-        except Exception as e:
-            return jsonable_encoder(BaseBackwardsInvocationResponse(error=str(e)))
-
-
-class PluginInvokeQuestionClassifierNodeApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeQuestionClassifierNode)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeQuestionClassifierNode):
-        try:
-            return jsonable_encoder(
-                BaseBackwardsInvocationResponse(
-                    data=PluginNodeBackwardsInvocation.invoke_question_classifier(
-                        tenant_id=tenant_model.id,
-                        user_id=user_model.id,
-                        query=payload.query,
-                        model_config=payload.model,
-                        classes=payload.classes,
-                        instruction=payload.instruction,
-                    )
-                )
-            )
-        except Exception as e:
-            return jsonable_encoder(BaseBackwardsInvocationResponse(error=str(e)))
-
-
-class PluginInvokeAppApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeApp)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeApp):
-        response = PluginAppBackwardsInvocation.invoke_app(
-            app_id=payload.app_id,
-            user_id=user_model.id,
-            tenant_id=tenant_model.id,
-            conversation_id=payload.conversation_id,
-            query=payload.query,
-            stream=payload.response_mode == "streaming",
-            inputs=payload.inputs,
-            files=payload.files,
-        )
-
-        return compact_generate_response(PluginAppBackwardsInvocation.convert_to_event_stream(response))
-
-
-class PluginInvokeEncryptApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeEncrypt)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeEncrypt):
-        """
-        encrypt or decrypt data
-        """
-        try:
-            return BaseBackwardsInvocationResponse(
-                data=PluginEncrypter.invoke_encrypt(tenant_model, payload)
-            ).model_dump()
-        except Exception as e:
-            return BaseBackwardsInvocationResponse(error=str(e)).model_dump()
-
-
-class PluginInvokeSummaryApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestInvokeSummary)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestInvokeSummary):
-        try:
-            return BaseBackwardsInvocationResponse(
-                data={
-                    "summary": PluginModelBackwardsInvocation.invoke_summary(
-                        user_id=user_model.id,
-                        tenant=tenant_model,
-                        payload=payload,
-                    )
-                }
-            ).model_dump()
-        except Exception as e:
-            return BaseBackwardsInvocationResponse(error=str(e)).model_dump()
-
-
-class PluginUploadFileRequestApi(Resource):
-    @setup_required
-    @plugin_inner_api_only
-    @get_user_tenant
-    @plugin_data(payload_type=RequestRequestUploadFile)
-    def post(self, user_model: Account | EndUser, tenant_model: Tenant, payload: RequestRequestUploadFile):
-        # generate signed url
-        url = get_signed_file_url_for_plugin(payload.filename, payload.mimetype, tenant_model.id, user_model.id)
-        return BaseBackwardsInvocationResponse(data={"url": url}).model_dump()
-
-
-api.add_resource(PluginInvokeLLMApi, "/invoke/llm")
-api.add_resource(PluginInvokeTextEmbeddingApi, "/invoke/text-embedding")
-api.add_resource(PluginInvokeRerankApi, "/invoke/rerank")
-api.add_resource(PluginInvokeTTSApi, "/invoke/tts")
-api.add_resource(PluginInvokeSpeech2TextApi, "/invoke/speech2text")
-api.add_resource(PluginInvokeModerationApi, "/invoke/moderation")
-api.add_resource(PluginInvokeToolApi, "/invoke/tool")
-api.add_resource(PluginInvokeParameterExtractorNodeApi, "/invoke/parameter-extractor")
-api.add_resource(PluginInvokeQuestionClassifierNodeApi, "/invoke/question-classifier")
-api.add_resource(PluginInvokeAppApi, "/invoke/app")
-api.add_resource(PluginInvokeEncryptApi, "/invoke/encrypt")
-api.add_resource(PluginInvokeSummaryApi, "/invoke/summary")
-api.add_resource(PluginUploadFileRequestApi, "/upload/file/request")
--- a/api/controllers/inner_api/plugin/wraps.py
+++ b/api/controllers/inner_api/plugin/wraps.py
@ -1,116 +0,0 @@
-from collections.abc import Callable
-from functools import wraps
-from typing import Optional
-
-from flask import request
-from flask_restful import reqparse  # type: ignore
-from pydantic import BaseModel
-from sqlalchemy.orm import Session
-
-from extensions.ext_database import db
-from models.account import Account, Tenant
-from models.model import EndUser
-from services.account_service import AccountService
-
-
-def get_user(tenant_id: str, user_id: str | None) -> Account | EndUser:
-    try:
-        with Session(db.engine) as session:
-            if not user_id:
-                user_id = "DEFAULT-USER"
-
-            if user_id == "DEFAULT-USER":
-                user_model = session.query(EndUser).filter(EndUser.session_id == "DEFAULT-USER").first()
-                if not user_model:
-                    user_model = EndUser(
-                        tenant_id=tenant_id,
-                        type="service_api",
-                        is_anonymous=True if user_id == "DEFAULT-USER" else False,
-                        session_id=user_id,
-                    )
-                    session.add(user_model)
-                    session.commit()
-            else:
-                user_model = AccountService.load_user(user_id)
-                if not user_model:
-                    user_model = session.query(EndUser).filter(EndUser.id == user_id).first()
-                if not user_model:
-                    raise ValueError("user not found")
-    except Exception:
-        raise ValueError("user not found")
-
-    return user_model
-
-
-def get_user_tenant(view: Optional[Callable] = None):
-    def decorator(view_func):
-        @wraps(view_func)
-        def decorated_view(*args, **kwargs):
-            # fetch json body
-            parser = reqparse.RequestParser()
-            parser.add_argument("tenant_id", type=str, required=True, location="json")
-            parser.add_argument("user_id", type=str, required=True, location="json")
-
-            kwargs = parser.parse_args()
-
-            user_id = kwargs.get("user_id")
-            tenant_id = kwargs.get("tenant_id")
-
-            if not tenant_id:
-                raise ValueError("tenant_id is required")
-
-            if not user_id:
-                user_id = "DEFAULT-USER"
-
-            del kwargs["tenant_id"]
-            del kwargs["user_id"]
-
-            try:
-                tenant_model = (
-                    db.session.query(Tenant)
-                    .filter(
-                        Tenant.id == tenant_id,
-                    )
-                    .first()
-                )
-            except Exception:
-                raise ValueError("tenant not found")
-
-            if not tenant_model:
-                raise ValueError("tenant not found")
-
-            kwargs["tenant_model"] = tenant_model
-            kwargs["user_model"] = get_user(tenant_id, user_id)
-
-            return view_func(*args, **kwargs)
-
-        return decorated_view
-
-    if view is None:
-        return decorator
-    else:
-        return decorator(view)
-
-
-def plugin_data(view: Optional[Callable] = None, *, payload_type: type[BaseModel]):
-    def decorator(view_func):
-        def decorated_view(*args, **kwargs):
-            try:
-                data = request.get_json()
-            except Exception:
-                raise ValueError("invalid json")
-
-            try:
-                payload = payload_type(**data)
-            except Exception as e:
-                raise ValueError(f"invalid payload: {str(e)}")
-
-            kwargs["payload"] = payload
-            return view_func(*args, **kwargs)
-
-        return decorated_view
-
-    if view is None:
-        return decorator
-    else:
-        return decorator(view)
--- a/api/controllers/inner_api/workspace/workspace.py
+++ b/api/controllers/inner_api/workspace/workspace.py
@ -1,10 +1,8 @@
-import json
-
 from flask_restful import Resource, reqparse  # type: ignore

 from controllers.console.wraps import setup_required
 from controllers.inner_api import api
-from controllers.inner_api.wraps import enterprise_inner_api_only
+from controllers.inner_api.wraps import inner_api_only
 from events.tenant_event import tenant_was_created
 from models.account import Account
 from services.account_service import TenantService
@ -12,7 +10,7 @@ from services.account_service import TenantService

 class EnterpriseWorkspace(Resource):
    @setup_required
-    @enterprise_inner_api_only
+    @inner_api_only
    def post(self):
        parser = reqparse.RequestParser()
        parser.add_argument("name", type=str, required=True, location="json")
@ -31,34 +29,4 @@ class EnterpriseWorkspace(Resource):
        return {"message": "enterprise workspace created."}


-class EnterpriseWorkspaceNoOwnerEmail(Resource):
-    @setup_required
-    @enterprise_inner_api_only
-    def post(self):
-        parser = reqparse.RequestParser()
-        parser.add_argument("name", type=str, required=True, location="json")
-        args = parser.parse_args()
-
-        tenant = TenantService.create_tenant(args["name"], is_from_dashboard=True)
-
-        tenant_was_created.send(tenant)
-
-        resp = {
-            "id": tenant.id,
-            "name": tenant.name,
-            "encrypt_public_key": tenant.encrypt_public_key,
-            "plan": tenant.plan,
-            "status": tenant.status,
-            "custom_config": json.loads(tenant.custom_config) if tenant.custom_config else {},
-            "created_at": tenant.created_at.isoformat() + "Z" if tenant.created_at else None,
-            "updated_at": tenant.updated_at.isoformat() + "Z" if tenant.updated_at else None,
-        }
-
-        return {
-            "message": "enterprise workspace created.",
-            "tenant": resp,
-        }
-
-
 api.add_resource(EnterpriseWorkspace, "/enterprise/workspace")
-api.add_resource(EnterpriseWorkspaceNoOwnerEmail, "/enterprise/workspace/ownerless")
--- a/api/controllers/inner_api/wraps.py
+++ b/api/controllers/inner_api/wraps.py
@ -10,7 +10,7 @@ from extensions.ext_database import db
 from models.model import EndUser


-def enterprise_inner_api_only(view):
+def inner_api_only(view):
    @wraps(view)
    def decorated(*args, **kwargs):
        if not dify_config.INNER_API:
@ -18,7 +18,7 @@ def enterprise_inner_api_only(view):

        # get header 'X-Inner-Api-Key'
        inner_api_key = request.headers.get("X-Inner-Api-Key")
-        if not inner_api_key or inner_api_key != dify_config.INNER_API_KEY_FOR_PLUGIN:
+        if not inner_api_key or inner_api_key != dify_config.INNER_API_KEY:
            abort(401)

        return view(*args, **kwargs)
@ -26,7 +26,7 @@ def enterprise_inner_api_only(view):
    return decorated


-def enterprise_inner_api_user_auth(view):
+def inner_api_user_auth(view):
    @wraps(view)
    def decorated(*args, **kwargs):
        if not dify_config.INNER_API:
@ -60,19 +60,3 @@ def enterprise_inner_api_user_auth(view):
        return view(*args, **kwargs)

    return decorated
-
-
-def plugin_inner_api_only(view):
-    @wraps(view)
-    def decorated(*args, **kwargs):
-        if not dify_config.PLUGIN_DAEMON_KEY:
-            abort(404)
-
-        # get header 'X-Inner-Api-Key'
-        inner_api_key = request.headers.get("X-Inner-Api-Key")
-        if not inner_api_key or inner_api_key != dify_config.INNER_API_KEY_FOR_PLUGIN:
-            abort(404)
-
-        return view(*args, **kwargs)
-
-    return decorated
--- a/api/controllers/service_api/init.py
+++ b/api/controllers/service_api/init.py
@ -7,4 +7,4 @@ api = ExternalApi(bp)

 from . import index
 from .app import app, audio, completion, conversation, file, message, workflow
-from .dataset import dataset, document, hit_testing, segment, upload_file
+from .dataset import dataset, document, hit_testing, segment
--- a/api/controllers/service_api/app/completion.py
+++ b/api/controllers/service_api/app/completion.py
@ -18,6 +18,7 @@ from controllers.service_api.wraps import FetchUserArg, WhereisUserArg, validate
 from core.app.apps.base_app_queue_manager import AppQueueManager
 from core.app.entities.app_invoke_entities import InvokeFrom
 from core.errors.error import (
+    AppInvokeQuotaExceededError,
    ModelCurrentlyNotSupportError,
    ProviderTokenNotInitError,
    QuotaExceededError,
@ -73,7 +74,7 @@ class CompletionApi(Resource):
            raise ProviderModelCurrentlyNotSupportError()
        except InvokeError as e:
            raise CompletionRequestError(e.description)
-        except ValueError as e:
+        except (ValueError, AppInvokeQuotaExceededError) as e:
            raise e
        except Exception as e:
            logging.exception("internal server error.")
@ -132,7 +133,7 @@ class ChatApi(Resource):
            raise ProviderModelCurrentlyNotSupportError()
        except InvokeError as e:
            raise CompletionRequestError(e.description)
-        except ValueError as e:
+        except (ValueError, AppInvokeQuotaExceededError) as e:
            raise e
        except Exception as e:
            logging.exception("internal server error.")
--- a/api/controllers/service_api/app/message.py
+++ b/api/controllers/service_api/app/message.py
@ -10,7 +10,6 @@ from controllers.service_api.app.error import NotChatAppError
 from controllers.service_api.wraps import FetchUserArg, WhereisUserArg, validate_app_token
 from core.app.entities.app_invoke_entities import InvokeFrom
 from fields.conversation_fields import message_file_fields
-from fields.message_fields import feedback_fields, retriever_resource_fields
 from fields.raws import FilesContainedField
 from libs.helper import TimestampField, uuid_value
 from models.model import App, AppMode, EndUser
@ -19,6 +18,26 @@ from services.message_service import MessageService


 class MessageListApi(Resource):
+    feedback_fields = {"rating": fields.String}
+    retriever_resource_fields = {
+        "id": fields.String,
+        "message_id": fields.String,
+        "position": fields.Integer,
+        "dataset_id": fields.String,
+        "dataset_name": fields.String,
+        "document_id": fields.String,
+        "document_name": fields.String,
+        "data_source_type": fields.String,
+        "segment_id": fields.String,
+        "score": fields.Float,
+        "hit_count": fields.Integer,
+        "word_count": fields.Integer,
+        "segment_position": fields.Integer,
+        "index_node_hash": fields.String,
+        "content": fields.String,
+        "created_at": TimestampField,
+    }
+
    agent_thought_fields = {
        "id": fields.String,
        "chain_id": fields.String,
@ -70,7 +89,7 @@ class MessageListApi(Resource):

        try:
            return MessageService.pagination_by_first_id(
-                app_model, end_user, args["conversation_id"], args["first_id"], args["limit"], "desc"
+                app_model, end_user, args["conversation_id"], args["first_id"], args["limit"]
            )
        except services.errors.conversation.ConversationNotExistsError:
            raise NotFound("Conversation Not Exists.")
@ -89,13 +108,7 @@ class MessageFeedbackApi(Resource):
        args = parser.parse_args()

        try:
-            MessageService.create_feedback(
-                app_model=app_model,
-                message_id=message_id,
-                user=end_user,
-                rating=args.get("rating"),
-                content=args.get("content"),
-            )
+            MessageService.create_feedback(app_model, message_id, end_user, args.get("rating"), args.get("content"))
        except services.errors.message.MessageNotExistsError:
            raise NotFound("Message Not Exists.")

--- a/api/controllers/service_api/app/workflow.py
+++ b/api/controllers/service_api/app/workflow.py
@ -16,6 +16,7 @@ from controllers.service_api.wraps import FetchUserArg, WhereisUserArg, validate
 from core.app.apps.base_app_queue_manager import AppQueueManager
 from core.app.entities.app_invoke_entities import InvokeFrom
 from core.errors.error import (
+    AppInvokeQuotaExceededError,
    ModelCurrentlyNotSupportError,
    ProviderTokenNotInitError,
    QuotaExceededError,
@ -93,7 +94,7 @@ class WorkflowRunApi(Resource):
            raise ProviderModelCurrentlyNotSupportError()
        except InvokeError as e:
            raise CompletionRequestError(e.description)
-        except ValueError as e:
+        except (ValueError, AppInvokeQuotaExceededError) as e:
            raise e
        except Exception as e:
            logging.exception("internal server error.")
--- a/api/controllers/service_api/dataset/dataset.py
+++ b/api/controllers/service_api/dataset/dataset.py
@ -31,11 +31,8 @@ class DatasetListApi(DatasetApiResource):
        # provider = request.args.get("provider", default="vendor")
        search = request.args.get("keyword", default=None, type=str)
        tag_ids = request.args.getlist("tag_ids")
-        include_all = request.args.get("include_all", default="false").lower() == "true"

-        datasets, total = DatasetService.get_datasets(
-            page, limit, tenant_id, current_user, search, tag_ids, include_all
-        )
+        datasets, total = DatasetService.get_datasets(page, limit, tenant_id, current_user, search, tag_ids)
        # check embedding setting
        provider_manager = ProviderManager()
        configurations = provider_manager.get_configurations(tenant_id=current_user.current_tenant_id)
--- a/api/controllers/service_api/dataset/document.py
+++ b/api/controllers/service_api/dataset/document.py
@ -8,17 +8,12 @@ from werkzeug.exceptions import NotFound
 import services.dataset_service
 from controllers.common.errors import FilenameNotExistsError
 from controllers.service_api import api
-from controllers.service_api.app.error import (
-    FileTooLargeError,
-    NoFileUploadedError,
-    ProviderNotInitializeError,
-    TooManyFilesError,
-    UnsupportedFileTypeError,
-)
+from controllers.service_api.app.error import ProviderNotInitializeError
 from controllers.service_api.dataset.error import (
    ArchivedDocumentImmutableError,
    DocumentIndexingError,
-    InvalidMetadataError,
+    NoFileUploadedError,
+    TooManyFilesError,
 )
 from controllers.service_api.wraps import DatasetApiResource, cloud_edition_billing_resource_check
 from core.errors.error import ProviderTokenNotInitError
@ -51,9 +46,6 @@ class DocumentAddByTextApi(DatasetApiResource):
            "indexing_technique", type=str, choices=Dataset.INDEXING_TECHNIQUE_LIST, nullable=False, location="json"
        )
        parser.add_argument("retrieval_model", type=dict, required=False, nullable=False, location="json")
-        parser.add_argument("doc_type", type=str, required=False, nullable=True, location="json")
-        parser.add_argument("doc_metadata", type=dict, required=False, nullable=True, location="json")
-
        args = parser.parse_args()
        dataset_id = str(dataset_id)
        tenant_id = str(tenant_id)
@ -65,28 +57,6 @@ class DocumentAddByTextApi(DatasetApiResource):
        if not dataset.indexing_technique and not args["indexing_technique"]:
            raise ValueError("indexing_technique is required.")

-        # Validate metadata if provided
-        if args.get("doc_type") or args.get("doc_metadata"):
-            if not args.get("doc_type") or not args.get("doc_metadata"):
-                raise InvalidMetadataError("Both doc_type and doc_metadata must be provided when adding metadata")
-
-            if args["doc_type"] not in DocumentService.DOCUMENT_METADATA_SCHEMA:
-                raise InvalidMetadataError(
-                    "Invalid doc_type. Must be one of: " + ", ".join(DocumentService.DOCUMENT_METADATA_SCHEMA.keys())
-                )
-
-            if not isinstance(args["doc_metadata"], dict):
-                raise InvalidMetadataError("doc_metadata must be a dictionary")
-
-            # Validate metadata schema based on doc_type
-            if args["doc_type"] != "others":
-                metadata_schema = DocumentService.DOCUMENT_METADATA_SCHEMA[args["doc_type"]]
-                for key, value in args["doc_metadata"].items():
-                    if key in metadata_schema and not isinstance(value, metadata_schema[key]):
-                        raise InvalidMetadataError(f"Invalid type for metadata field {key}")
-            # set to MetaDataConfig
-            args["metadata"] = {"doc_type": args["doc_type"], "doc_metadata": args["doc_metadata"]}
-
        text = args.get("text")
        name = args.get("name")
        if text is None or name is None:
@ -133,8 +103,6 @@ class DocumentUpdateByTextApi(DatasetApiResource):
            "doc_language", type=str, default="English", required=False, nullable=False, location="json"
        )
        parser.add_argument("retrieval_model", type=dict, required=False, nullable=False, location="json")
-        parser.add_argument("doc_type", type=str, required=False, nullable=True, location="json")
-        parser.add_argument("doc_metadata", type=dict, required=False, nullable=True, location="json")
        args = parser.parse_args()
        dataset_id = str(dataset_id)
        tenant_id = str(tenant_id)
@ -143,32 +111,6 @@ class DocumentUpdateByTextApi(DatasetApiResource):
        if not dataset:
            raise ValueError("Dataset is not exist.")

-        # indexing_technique is already set in dataset since this is an update
-        args["indexing_technique"] = dataset.indexing_technique
-
-        # Validate metadata if provided
-        if args.get("doc_type") or args.get("doc_metadata"):
-            if not args.get("doc_type") or not args.get("doc_metadata"):
-                raise InvalidMetadataError("Both doc_type and doc_metadata must be provided when adding metadata")
-
-            if args["doc_type"] not in DocumentService.DOCUMENT_METADATA_SCHEMA:
-                raise InvalidMetadataError(
-                    "Invalid doc_type. Must be one of: " + ", ".join(DocumentService.DOCUMENT_METADATA_SCHEMA.keys())
-                )
-
-            if not isinstance(args["doc_metadata"], dict):
-                raise InvalidMetadataError("doc_metadata must be a dictionary")
-
-            # Validate metadata schema based on doc_type
-            if args["doc_type"] != "others":
-                metadata_schema = DocumentService.DOCUMENT_METADATA_SCHEMA[args["doc_type"]]
-                for key, value in args["doc_metadata"].items():
-                    if key in metadata_schema and not isinstance(value, metadata_schema[key]):
-                        raise InvalidMetadataError(f"Invalid type for metadata field {key}")
-
-            # set to MetaDataConfig
-            args["metadata"] = {"doc_type": args["doc_type"], "doc_metadata": args["doc_metadata"]}
-
        if args["text"]:
            text = args.get("text")
            name = args.get("name")
@ -215,30 +157,6 @@ class DocumentAddByFileApi(DatasetApiResource):
            args["doc_form"] = "text_model"
        if "doc_language" not in args:
            args["doc_language"] = "English"
-
-        # Validate metadata if provided
-        if args.get("doc_type") or args.get("doc_metadata"):
-            if not args.get("doc_type") or not args.get("doc_metadata"):
-                raise InvalidMetadataError("Both doc_type and doc_metadata must be provided when adding metadata")
-
-            if args["doc_type"] not in DocumentService.DOCUMENT_METADATA_SCHEMA:
-                raise InvalidMetadataError(
-                    "Invalid doc_type. Must be one of: " + ", ".join(DocumentService.DOCUMENT_METADATA_SCHEMA.keys())
-                )
-
-            if not isinstance(args["doc_metadata"], dict):
-                raise InvalidMetadataError("doc_metadata must be a dictionary")
-
-            # Validate metadata schema based on doc_type
-            if args["doc_type"] != "others":
-                metadata_schema = DocumentService.DOCUMENT_METADATA_SCHEMA[args["doc_type"]]
-                for key, value in args["doc_metadata"].items():
-                    if key in metadata_schema and not isinstance(value, metadata_schema[key]):
-                        raise InvalidMetadataError(f"Invalid type for metadata field {key}")
-
-            # set to MetaDataConfig
-            args["metadata"] = {"doc_type": args["doc_type"], "doc_metadata": args["doc_metadata"]}
-
        # get dataset info
        dataset_id = str(dataset_id)
        tenant_id = str(tenant_id)
@ -268,10 +186,7 @@ class DocumentAddByFileApi(DatasetApiResource):
            user=current_user,
            source="datasets",
        )
-        data_source = {
-            "type": "upload_file",
-            "info_list": {"data_source_type": "upload_file", "file_info_list": {"file_ids": [upload_file.id]}},
-        }
+        data_source = {"type": "upload_file", "info_list": {"file_info_list": {"file_ids": [upload_file.id]}}}
        args["data_source"] = data_source
        # validate args
        knowledge_config = KnowledgeConfig(**args)
@ -306,29 +221,6 @@ class DocumentUpdateByFileApi(DatasetApiResource):
        if "doc_language" not in args:
            args["doc_language"] = "English"

-        # Validate metadata if provided
-        if args.get("doc_type") or args.get("doc_metadata"):
-            if not args.get("doc_type") or not args.get("doc_metadata"):
-                raise InvalidMetadataError("Both doc_type and doc_metadata must be provided when adding metadata")
-
-            if args["doc_type"] not in DocumentService.DOCUMENT_METADATA_SCHEMA:
-                raise InvalidMetadataError(
-                    "Invalid doc_type. Must be one of: " + ", ".join(DocumentService.DOCUMENT_METADATA_SCHEMA.keys())
-                )
-
-            if not isinstance(args["doc_metadata"], dict):
-                raise InvalidMetadataError("doc_metadata must be a dictionary")
-
-            # Validate metadata schema based on doc_type
-            if args["doc_type"] != "others":
-                metadata_schema = DocumentService.DOCUMENT_METADATA_SCHEMA[args["doc_type"]]
-                for key, value in args["doc_metadata"].items():
-                    if key in metadata_schema and not isinstance(value, metadata_schema[key]):
-                        raise InvalidMetadataError(f"Invalid type for metadata field {key}")
-
-            # set to MetaDataConfig
-            args["metadata"] = {"doc_type": args["doc_type"], "doc_metadata": args["doc_metadata"]}
-
        # get dataset info
        dataset_id = str(dataset_id)
        tenant_id = str(tenant_id)
@ -346,22 +238,14 @@ class DocumentUpdateByFileApi(DatasetApiResource):
            if not file.filename:
                raise FilenameNotExistsError

-            try:
-                upload_file = FileService.upload_file(
-                    filename=file.filename,
-                    content=file.read(),
-                    mimetype=file.mimetype,
-                    user=current_user,
-                    source="datasets",
-                )
-            except services.errors.file.FileTooLargeError as file_too_large_error:
-                raise FileTooLargeError(file_too_large_error.description)
-            except services.errors.file.UnsupportedFileTypeError:
-                raise UnsupportedFileTypeError()
-            data_source = {
-                "type": "upload_file",
-                "info_list": {"data_source_type": "upload_file", "file_info_list": {"file_ids": [upload_file.id]}},
-            }
+            upload_file = FileService.upload_file(
+                filename=file.filename,
+                content=file.read(),
+                mimetype=file.mimetype,
+                user=current_user,
+                source="datasets",
+            )
+            data_source = {"type": "upload_file", "info_list": {"file_info_list": {"file_ids": [upload_file.id]}}}
            args["data_source"] = data_source
        # validate args
        args["original_document_id"] = str(document_id)
--- a/api/controllers/service_api/dataset/segment.py
+++ b/api/controllers/service_api/dataset/segment.py
@ -53,7 +53,8 @@ class SegmentApi(DatasetApiResource):
                )
            except LLMBadRequestError:
                raise ProviderNotInitializeError(
-                    "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                    "No Embedding Model available. Please configure a valid provider "
+                    "in the Settings -> Model Provider."
                )
            except ProviderTokenNotInitError as ex:
                raise ProviderNotInitializeError(ex.description)
@ -94,7 +95,8 @@ class SegmentApi(DatasetApiResource):
                )
            except LLMBadRequestError:
                raise ProviderNotInitializeError(
-                    "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                    "No Embedding Model available. Please configure a valid provider "
+                    "in the Settings -> Model Provider."
                )
            except ProviderTokenNotInitError as ex:
                raise ProviderNotInitializeError(ex.description)
@ -173,7 +175,8 @@ class DatasetSegmentApi(DatasetApiResource):
                )
            except LLMBadRequestError:
                raise ProviderNotInitializeError(
-                    "No Embedding Model available. Please configure a valid provider in the Settings -> Model Provider."
+                    "No Embedding Model available. Please configure a valid provider "
+                    "in the Settings -> Model Provider."
                )
            except ProviderTokenNotInitError as ex:
                raise ProviderNotInitializeError(ex.description)
--- a/api/controllers/service_api/dataset/upload_file.py
+++ b/api/controllers/service_api/dataset/upload_file.py
@ -1,54 +0,0 @@
-from werkzeug.exceptions import NotFound
-
-from controllers.service_api import api
-from controllers.service_api.wraps import (
-    DatasetApiResource,
-)
-from core.file import helpers as file_helpers
-from extensions.ext_database import db
-from models.dataset import Dataset
-from models.model import UploadFile
-from services.dataset_service import DocumentService
-
-
-class UploadFileApi(DatasetApiResource):
-    def get(self, tenant_id, dataset_id, document_id):
-        """Get upload file."""
-        # check dataset
-        dataset_id = str(dataset_id)
-        tenant_id = str(tenant_id)
-        dataset = db.session.query(Dataset).filter(Dataset.tenant_id == tenant_id, Dataset.id == dataset_id).first()
-        if not dataset:
-            raise NotFound("Dataset not found.")
-        # check document
-        document_id = str(document_id)
-        document = DocumentService.get_document(dataset.id, document_id)
-        if not document:
-            raise NotFound("Document not found.")
-        # check upload file
-        if document.data_source_type != "upload_file":
-            raise ValueError(f"Document data source type ({document.data_source_type}) is not upload_file.")
-        data_source_info = document.data_source_info_dict
-        if data_source_info and "upload_file_id" in data_source_info:
-            file_id = data_source_info["upload_file_id"]
-            upload_file = db.session.query(UploadFile).filter(UploadFile.id == file_id).first()
-            if not upload_file:
-                raise NotFound("UploadFile not found.")
-        else:
-            raise ValueError("Upload file id not found in document data source info.")
-
-        url = file_helpers.get_signed_file_url(upload_file_id=upload_file.id)
-        return {
-            "id": upload_file.id,
-            "name": upload_file.name,
-            "size": upload_file.size,
-            "extension": upload_file.extension,
-            "url": url,
-            "download_url": f"{url}&as_attachment=true",
-            "mime_type": upload_file.mime_type,
-            "created_by": upload_file.created_by,
-            "created_at": upload_file.created_at.timestamp(),
-        }, 200
-
-
-api.add_resource(UploadFileApi, "/datasets/<uuid:dataset_id>/documents/<uuid:document_id>/upload-file")
--- a/api/controllers/service_api/wraps.py
+++ b/api/controllers/service_api/wraps.py
@ -1,5 +1,5 @@
 from collections.abc import Callable
-from datetime import UTC, datetime, timedelta
+from datetime import UTC, datetime
 from enum import Enum
 from functools import wraps
 from typing import Optional
@ -8,8 +8,6 @@ from flask import current_app, request
 from flask_login import user_logged_in  # type: ignore
 from flask_restful import Resource  # type: ignore
 from pydantic import BaseModel
-from sqlalchemy import select, update
-from sqlalchemy.orm import Session
 from werkzeug.exceptions import Forbidden, Unauthorized

 from extensions.ext_database import db
@ -176,7 +174,7 @@ def validate_dataset_token(view=None):
    return decorator


-def validate_and_get_api_token(scope: str | None = None):
+def validate_and_get_api_token(scope=None):
    """
    Validate and get API token.
    """
@ -190,29 +188,20 @@ def validate_and_get_api_token(scope: str | None = None):
    if auth_scheme != "bearer":
        raise Unauthorized("Authorization scheme must be 'Bearer'")

-    current_time = datetime.now(UTC).replace(tzinfo=None)
-    cutoff_time = current_time - timedelta(minutes=1)
-    with Session(db.engine, expire_on_commit=False) as session:
-        update_stmt = (
-            update(ApiToken)
-            .where(
-                ApiToken.token == auth_token,
-                (ApiToken.last_used_at.is_(None) | (ApiToken.last_used_at < cutoff_time)),
-                ApiToken.type == scope,
-            )
-            .values(last_used_at=current_time)
-            .returning(ApiToken)
+    api_token = (
+        db.session.query(ApiToken)
+        .filter(
+            ApiToken.token == auth_token,
+            ApiToken.type == scope,
        )
-        result = session.execute(update_stmt)
-        api_token = result.scalar_one_or_none()
+        .first()
+    )

-        if not api_token:
-            stmt = select(ApiToken).where(ApiToken.token == auth_token, ApiToken.type == scope)
-            api_token = session.scalar(stmt)
-            if not api_token:
-                raise Unauthorized("Access token is invalid")
-        else:
-            session.commit()
+    if not api_token:
+        raise Unauthorized("Access token is invalid")
+
+    api_token.last_used_at = datetime.now(UTC).replace(tzinfo=None)
+    db.session.commit()

    return api_token

@ -240,7 +229,7 @@ def create_or_update_end_user_for_user_id(app_model: App, user_id: Optional[str]
            tenant_id=app_model.tenant_id,
            app_id=app_model.id,
            type="service_api",
-            is_anonymous=user_id == "DEFAULT-USER",
+            is_anonymous=True if user_id == "DEFAULT-USER" else False,
            session_id=user_id,
        )
        db.session.add(end_user)
--- a/api/controllers/web/completion.py
+++ b/api/controllers/web/completion.py
@ -19,11 +19,7 @@ from controllers.web.error import InvokeRateLimitError as InvokeRateLimitHttpErr
 from controllers.web.wraps import WebApiResource
 from core.app.apps.base_app_queue_manager import AppQueueManager
 from core.app.entities.app_invoke_entities import InvokeFrom
-from core.errors.error import (
-    ModelCurrentlyNotSupportError,
-    ProviderTokenNotInitError,
-    QuotaExceededError,
-)
+from core.errors.error import ModelCurrentlyNotSupportError, ProviderTokenNotInitError, QuotaExceededError
 from core.model_runtime.errors.invoke import InvokeError
 from libs import helper
 from libs.helper import uuid_value
--- a/api/controllers/web/conversation.py
+++ b/api/controllers/web/conversation.py
@ -39,7 +39,7 @@ class ConversationListApi(WebApiResource):

        pinned = None
        if "pinned" in args and args["pinned"] is not None:
-            pinned = args["pinned"] == "true"
+            pinned = True if args["pinned"] == "true" else False

        try:
            with Session(db.engine) as session:
--- a/api/controllers/web/message.py
+++ b/api/controllers/web/message.py
@ -21,7 +21,7 @@ from core.app.entities.app_invoke_entities import InvokeFrom
 from core.errors.error import ModelCurrentlyNotSupportError, ProviderTokenNotInitError, QuotaExceededError
 from core.model_runtime.errors.invoke import InvokeError
 from fields.conversation_fields import message_file_fields
-from fields.message_fields import agent_thought_fields, feedback_fields, retriever_resource_fields
+from fields.message_fields import agent_thought_fields
 from fields.raws import FilesContainedField
 from libs import helper
 from libs.helper import TimestampField, uuid_value
@ -34,6 +34,27 @@ from services.message_service import MessageService


 class MessageListApi(WebApiResource):
+    feedback_fields = {"rating": fields.String}
+
+    retriever_resource_fields = {
+        "id": fields.String,
+        "message_id": fields.String,
+        "position": fields.Integer,
+        "dataset_id": fields.String,
+        "dataset_name": fields.String,
+        "document_id": fields.String,
+        "document_name": fields.String,
+        "data_source_type": fields.String,
+        "segment_id": fields.String,
+        "score": fields.Float,
+        "hit_count": fields.Integer,
+        "word_count": fields.Integer,
+        "segment_position": fields.Integer,
+        "index_node_hash": fields.String,
+        "content": fields.String,
+        "created_at": TimestampField,
+    }
+
    message_fields = {
        "id": fields.String,
        "conversation_id": fields.String,
@ -70,7 +91,7 @@ class MessageListApi(WebApiResource):

        try:
            return MessageService.pagination_by_first_id(
-                app_model, end_user, args["conversation_id"], args["first_id"], args["limit"]
+                app_model, end_user, args["conversation_id"], args["first_id"], args["limit"], "desc"
            )
        except services.errors.conversation.ConversationNotExistsError:
            raise NotFound("Conversation Not Exists.")
--- a/api/controllers/web/workflow.py
+++ b/api/controllers/web/workflow.py
@ -14,11 +14,7 @@ from controllers.web.error import (
 from controllers.web.wraps import WebApiResource
 from core.app.apps.base_app_queue_manager import AppQueueManager
 from core.app.entities.app_invoke_entities import InvokeFrom
-from core.errors.error import (
-    ModelCurrentlyNotSupportError,
-    ProviderTokenNotInitError,
-    QuotaExceededError,
-)
+from core.errors.error import ModelCurrentlyNotSupportError, ProviderTokenNotInitError, QuotaExceededError
 from core.model_runtime.errors.invoke import InvokeError
 from libs import helper
 from models.model import App, AppMode, EndUser
--- a/api/core/agent/base_agent_runner.py
+++ b/api/core/agent/base_agent_runner.py
@ -1,6 +1,7 @@
 import json
 import logging
 import uuid
+from datetime import UTC, datetime
 from typing import Optional, Union, cast

 from core.agent.entities import AgentEntity, AgentToolEntity
@ -31,16 +32,19 @@ from core.model_runtime.entities import (
 from core.model_runtime.entities.message_entities import ImagePromptMessageContent
 from core.model_runtime.entities.model_entities import ModelFeature
 from core.model_runtime.model_providers.__base.large_language_model import LargeLanguageModel
+from core.model_runtime.utils.encoders import jsonable_encoder
 from core.prompt.utils.extract_thread_messages import extract_thread_messages
-from core.tools.__base.tool import Tool
 from core.tools.entities.tool_entities import (
    ToolParameter,
+    ToolRuntimeVariablePool,
 )
+from core.tools.tool.dataset_retriever_tool import DatasetRetrieverTool
+from core.tools.tool.tool import Tool
 from core.tools.tool_manager import ToolManager
-from core.tools.utils.dataset_retriever_tool import DatasetRetrieverTool
 from extensions.ext_database import db
 from factories import file_factory
 from models.model import Conversation, Message, MessageAgentThought, MessageFile
+from models.tools import ToolConversationVariables

 logger = logging.getLogger(__name__)

@ -58,9 +62,11 @@ class BaseAgentRunner(AppRunner):
        queue_manager: AppQueueManager,
        message: Message,
        user_id: str,
-        model_instance: ModelInstance,
        memory: Optional[TokenBufferMemory] = None,
        prompt_messages: Optional[list[PromptMessage]] = None,
+        variables_pool: Optional[ToolRuntimeVariablePool] = None,
+        db_variables: Optional[ToolConversationVariables] = None,
+        model_instance: ModelInstance,
    ) -> None:
        self.tenant_id = tenant_id
        self.application_generate_entity = application_generate_entity
@ -73,6 +79,8 @@ class BaseAgentRunner(AppRunner):
        self.user_id = user_id
        self.memory = memory
        self.history_prompt_messages = self.organize_agent_history(prompt_messages=prompt_messages or [])
+        self.variables_pool = variables_pool
+        self.db_variables_pool = db_variables
        self.model_instance = model_instance

        # init callback
@ -133,10 +141,11 @@ class BaseAgentRunner(AppRunner):
            agent_tool=tool,
            invoke_from=self.application_generate_entity.invoke_from,
        )
-        assert tool_entity.entity.description
+        tool_entity.load_variables(self.variables_pool)
+
        message_tool = PromptMessageTool(
            name=tool.tool_name,
-            description=tool_entity.entity.description.llm,
+            description=tool_entity.description.llm if tool_entity.description else "",
            parameters={
                "type": "object",
                "properties": {},
@ -144,7 +153,7 @@ class BaseAgentRunner(AppRunner):
            },
        )

-        parameters = tool_entity.get_merged_runtime_parameters()
+        parameters = tool_entity.get_all_runtime_parameters()
        for parameter in parameters:
            if parameter.form != ToolParameter.ToolParameterForm.LLM:
                continue
@ -177,11 +186,9 @@ class BaseAgentRunner(AppRunner):
        """
        convert dataset retriever tool to prompt message tool
        """
-        assert tool.entity.description
-
        prompt_tool = PromptMessageTool(
-            name=tool.entity.identity.name,
-            description=tool.entity.description.llm,
+            name=tool.identity.name if tool.identity else "unknown",
+            description=tool.description.llm if tool.description else "",
            parameters={
                "type": "object",
                "properties": {},
@ -227,7 +234,8 @@ class BaseAgentRunner(AppRunner):
            # save prompt tool
            prompt_messages_tools.append(prompt_tool)
            # save tool entity
-            tool_instances[dataset_tool.entity.identity.name] = dataset_tool
+            if dataset_tool.identity is not None:
+                tool_instances[dataset_tool.identity.name] = dataset_tool

        return tool_instances, prompt_messages_tools

@ -312,68 +320,68 @@ class BaseAgentRunner(AppRunner):
    def save_agent_thought(
        self,
        agent_thought: MessageAgentThought,
-        tool_name: str | None,
-        tool_input: Union[str, dict, None],
-        thought: str | None,
+        tool_name: str,
+        tool_input: Union[str, dict],
+        thought: str,
        observation: Union[str, dict, None],
        tool_invoke_meta: Union[str, dict, None],
-        answer: str | None,
+        answer: str,
        messages_ids: list[str],
        llm_usage: LLMUsage | None = None,
    ):
        """
        Save agent thought
        """
-        updated_agent_thought = (
+        queried_thought = (
            db.session.query(MessageAgentThought).filter(MessageAgentThought.id == agent_thought.id).first()
        )
-        if not updated_agent_thought:
-            raise ValueError("agent thought not found")
-        agent_thought = updated_agent_thought
+        if not queried_thought:
+            raise ValueError(f"Agent thought {agent_thought.id} not found")
+        agent_thought = queried_thought

-        if thought:
+        if thought is not None:
            agent_thought.thought = thought

-        if tool_name:
+        if tool_name is not None:
            agent_thought.tool = tool_name

-        if tool_input:
+        if tool_input is not None:
            if isinstance(tool_input, dict):
                try:
                    tool_input = json.dumps(tool_input, ensure_ascii=False)
-                except Exception:
+                except Exception as e:
                    tool_input = json.dumps(tool_input)

-            updated_agent_thought.tool_input = tool_input
+            agent_thought.tool_input = tool_input

-        if observation:
+        if observation is not None:
            if isinstance(observation, dict):
                try:
                    observation = json.dumps(observation, ensure_ascii=False)
-                except Exception:
+                except Exception as e:
                    observation = json.dumps(observation)

-            updated_agent_thought.observation = observation
+            agent_thought.observation = observation

-        if answer:
+        if answer is not None:
            agent_thought.answer = answer

        if messages_ids is not None and len(messages_ids) > 0:
-            updated_agent_thought.message_files = json.dumps(messages_ids)
+            agent_thought.message_files = json.dumps(messages_ids)

        if llm_usage:
-            updated_agent_thought.message_token = llm_usage.prompt_tokens
-            updated_agent_thought.message_price_unit = llm_usage.prompt_price_unit
-            updated_agent_thought.message_unit_price = llm_usage.prompt_unit_price
-            updated_agent_thought.answer_token = llm_usage.completion_tokens
-            updated_agent_thought.answer_price_unit = llm_usage.completion_price_unit
-            updated_agent_thought.answer_unit_price = llm_usage.completion_unit_price
-            updated_agent_thought.tokens = llm_usage.total_tokens
-            updated_agent_thought.total_price = llm_usage.total_price
+            agent_thought.message_token = llm_usage.prompt_tokens
+            agent_thought.message_price_unit = llm_usage.prompt_price_unit
+            agent_thought.message_unit_price = llm_usage.prompt_unit_price
+            agent_thought.answer_token = llm_usage.completion_tokens
+            agent_thought.answer_price_unit = llm_usage.completion_price_unit
+            agent_thought.answer_unit_price = llm_usage.completion_unit_price
+            agent_thought.tokens = llm_usage.total_tokens
+            agent_thought.total_price = llm_usage.total_price

        # check if tool labels is not empty
-        labels = updated_agent_thought.tool_labels or {}
-        tools = updated_agent_thought.tool.split(";") if updated_agent_thought.tool else []
+        labels = agent_thought.tool_labels or {}
+        tools = agent_thought.tool.split(";") if agent_thought.tool else []
        for tool in tools:
            if not tool:
                continue
@ -384,20 +392,42 @@ class BaseAgentRunner(AppRunner):
                else:
                    labels[tool] = {"en_US": tool, "zh_Hans": tool}

-        updated_agent_thought.tool_labels_str = json.dumps(labels)
+        agent_thought.tool_labels_str = json.dumps(labels)

        if tool_invoke_meta is not None:
            if isinstance(tool_invoke_meta, dict):
                try:
                    tool_invoke_meta = json.dumps(tool_invoke_meta, ensure_ascii=False)
-                except Exception:
+                except Exception as e:
                    tool_invoke_meta = json.dumps(tool_invoke_meta)

-            updated_agent_thought.tool_meta_str = tool_invoke_meta
+            agent_thought.tool_meta_str = tool_invoke_meta

        db.session.commit()
        db.session.close()

+    def update_db_variables(self, tool_variables: ToolRuntimeVariablePool, db_variables: ToolConversationVariables):
+        """
+        convert tool variables to db variables
+        """
+        queried_variables = (
+            db.session.query(ToolConversationVariables)
+            .filter(
+                ToolConversationVariables.conversation_id == self.message.conversation_id,
+            )
+            .first()
+        )
+
+        if not queried_variables:
+            return
+
+        db_variables = queried_variables
+
+        db_variables.updated_at = datetime.now(UTC).replace(tzinfo=None)
+        db_variables.variables_str = json.dumps(jsonable_encoder(tool_variables.pool))
+        db.session.commit()
+        db.session.close()
+
    def organize_agent_history(self, prompt_messages: list[PromptMessage]) -> list[PromptMessage]:
        """
        Organize agent history
@ -434,11 +464,11 @@ class BaseAgentRunner(AppRunner):
                        tool_call_response: list[ToolPromptMessage] = []
                        try:
                            tool_inputs = json.loads(agent_thought.tool_input)
-                        except Exception:
+                        except Exception as e:
                            tool_inputs = {tool: {} for tool in tools}
                        try:
                            tool_responses = json.loads(agent_thought.observation)
-                        except Exception:
+                        except Exception as e:
                            tool_responses = dict.fromkeys(tools, agent_thought.observation)

                        for tool in tools:
@ -485,11 +515,7 @@ class BaseAgentRunner(AppRunner):
        files = db.session.query(MessageFile).filter(MessageFile.message_id == message.id).all()
        if not files:
            return UserPromptMessage(content=message.query)
-        if message.app_model_config:
-            file_extra_config = FileUploadConfigManager.convert(message.app_model_config.to_dict())
-        else:
-            file_extra_config = None
-
+        file_extra_config = FileUploadConfigManager.convert(message.app_model_config.to_dict())
        if not file_extra_config:
            return UserPromptMessage(content=message.query)

--- a/api/core/agent/cot_agent_runner.py
+++ b/api/core/agent/cot_agent_runner.py
@ -1,6 +1,6 @@
 import json
 from abc import ABC, abstractmethod
-from collections.abc import Generator, Mapping, Sequence
+from collections.abc import Generator, Mapping
 from typing import Any, Optional

 from core.agent.base_agent_runner import BaseAgentRunner
@ -18,8 +18,8 @@ from core.model_runtime.entities.message_entities import (
 )
 from core.ops.ops_trace_manager import TraceQueueManager
 from core.prompt.agent_history_prompt_transform import AgentHistoryPromptTransform
-from core.tools.__base.tool import Tool
 from core.tools.entities.tool_entities import ToolInvokeMeta
+from core.tools.tool.tool import Tool
 from core.tools.tool_engine import ToolEngine
 from models.model import Message

@ -27,11 +27,11 @@ from models.model import Message
 class CotAgentRunner(BaseAgentRunner, ABC):
    _is_first_iteration = True
    _ignore_observation_providers = ["wenxin"]
-    _historic_prompt_messages: list[PromptMessage]
-    _agent_scratchpad: list[AgentScratchpadUnit]
-    _instruction: str
-    _query: str
-    _prompt_messages_tools: Sequence[PromptMessageTool]
+    _historic_prompt_messages: list[PromptMessage] | None = None
+    _agent_scratchpad: list[AgentScratchpadUnit] | None = None
+    _instruction: str = ""  # FIXME this must be str for now
+    _query: str | None = None
+    _prompt_messages_tools: list[PromptMessageTool] = []

    def run(
        self,
@ -42,7 +42,6 @@ class CotAgentRunner(BaseAgentRunner, ABC):
        """
        Run Cot agent application
        """
-
        app_generate_entity = self.application_generate_entity
        self._repack_app_generate_entity(app_generate_entity)
        self._init_react_state(query)
@ -55,19 +54,17 @@ class CotAgentRunner(BaseAgentRunner, ABC):
                app_generate_entity.model_conf.stop.append("Observation")

        app_config = self.app_config
-        assert app_config.agent

        # init instruction
        inputs = inputs or {}
-        instruction = app_config.prompt_template.simple_prompt_template or ""
-        self._instruction = self._fill_in_inputs_from_external_data_tools(instruction, inputs)
+        instruction = app_config.prompt_template.simple_prompt_template
+        self._instruction = self._fill_in_inputs_from_external_data_tools(instruction=instruction or "", inputs=inputs)

        iteration_step = 1
        max_iteration_steps = min(app_config.agent.max_iteration if app_config.agent else 5, 5) + 1

        # convert tools into ModelRuntime Tool format
-        tool_instances, prompt_messages_tools = self._init_prompt_tools()
-        self._prompt_messages_tools = prompt_messages_tools
+        tool_instances, self._prompt_messages_tools = self._init_prompt_tools()

        function_call_state = True
        llm_usage: dict[str, Optional[LLMUsage]] = {"usage": None}
@ -119,7 +116,14 @@ class CotAgentRunner(BaseAgentRunner, ABC):
                callbacks=[],
            )

-            usage_dict: dict[str, Optional[LLMUsage]] = {}
+            if not isinstance(chunks, Generator):
+                raise ValueError("Expected streaming response from LLM")
+
+            # check llm result
+            if not chunks:
+                raise ValueError("failed to invoke llm")
+
+            usage_dict: dict[str, Optional[LLMUsage]] = {"usage": None}
            react_chunks = CotAgentOutputParser.handle_react_stream_output(chunks, usage_dict)
            scratchpad = AgentScratchpadUnit(
                agent_response="",
@ -139,25 +143,25 @@ class CotAgentRunner(BaseAgentRunner, ABC):
                if isinstance(chunk, AgentScratchpadUnit.Action):
                    action = chunk
                    # detect action
-                    assert scratchpad.agent_response is not None
-                    scratchpad.agent_response += json.dumps(chunk.model_dump())
+                    if scratchpad.agent_response is not None:
+                        scratchpad.agent_response += json.dumps(chunk.model_dump())
                    scratchpad.action_str = json.dumps(chunk.model_dump())
                    scratchpad.action = action
                else:
-                    assert scratchpad.agent_response is not None
-                    scratchpad.agent_response += chunk
-                    assert scratchpad.thought is not None
-                    scratchpad.thought += chunk
+                    if scratchpad.agent_response is not None:
+                        scratchpad.agent_response += chunk
+                    if scratchpad.thought is not None:
+                        scratchpad.thought += chunk
                    yield LLMResultChunk(
                        model=self.model_config.model,
                        prompt_messages=prompt_messages,
                        system_fingerprint="",
                        delta=LLMResultChunkDelta(index=0, message=AssistantPromptMessage(content=chunk), usage=None),
                    )
-
-            assert scratchpad.thought is not None
-            scratchpad.thought = scratchpad.thought.strip() or "I am thinking about how to help you"
-            self._agent_scratchpad.append(scratchpad)
+            if scratchpad.thought is not None:
+                scratchpad.thought = scratchpad.thought.strip() or "I am thinking about how to help you"
+            if self._agent_scratchpad is not None:
+                self._agent_scratchpad.append(scratchpad)

            # get llm usage
            if "usage" in usage_dict:
@ -168,7 +172,7 @@ class CotAgentRunner(BaseAgentRunner, ABC):

            self.save_agent_thought(
                agent_thought=agent_thought,
-                tool_name=(scratchpad.action.action_name if scratchpad.action and not scratchpad.is_final() else ""),
+                tool_name=scratchpad.action.action_name if scratchpad.action else "",
                tool_input={scratchpad.action.action_name: scratchpad.action.action_input} if scratchpad.action else {},
                tool_invoke_meta={},
                thought=scratchpad.thought or "",
@ -252,6 +256,8 @@ class CotAgentRunner(BaseAgentRunner, ABC):
            answer=final_answer,
            messages_ids=[],
        )
+        if self.variables_pool is not None and self.db_variables_pool is not None:
+            self.update_db_variables(self.variables_pool, self.db_variables_pool)
        # publish end event
        self.queue_manager.publish(
            QueueMessageEndEvent(
@ -269,7 +275,7 @@ class CotAgentRunner(BaseAgentRunner, ABC):
    def _handle_invoke_action(
        self,
        action: AgentScratchpadUnit.Action,
-        tool_instances: Mapping[str, Tool],
+        tool_instances: dict[str, Tool],
        message_file_ids: list[str],
        trace_manager: Optional[TraceQueueManager] = None,
    ) -> tuple[str, ToolInvokeMeta]:
@ -309,7 +315,11 @@ class CotAgentRunner(BaseAgentRunner, ABC):
        )

        # publish files
-        for message_file_id in message_files:
+        for message_file_id, save_as in message_files:
+            if save_as is not None and self.variables_pool:
+                # FIXME the save_as type is confusing, it should be a string or not
+                self.variables_pool.set_file(tool_name=tool_call_name, value=message_file_id, name=str(save_as))
+
            # publish message file
            self.queue_manager.publish(
                QueueMessageFileEvent(message_file_id=message_file_id), PublishFrom.APPLICATION_MANAGER
@ -332,7 +342,7 @@ class CotAgentRunner(BaseAgentRunner, ABC):
        for key, value in inputs.items():
            try:
                instruction = instruction.replace(f"{{{{{key}}}}}", str(value))
-            except Exception:
+            except Exception as e:
                continue

        return instruction
@ -369,7 +379,7 @@ class CotAgentRunner(BaseAgentRunner, ABC):
        return message

    def _organize_historic_prompt_messages(
-        self, current_session_messages: list[PromptMessage] | None = None
+        self, current_session_messages: Optional[list[PromptMessage]] = None
    ) -> list[PromptMessage]:
        """
        organize historic prompt messages
@ -381,7 +391,8 @@ class CotAgentRunner(BaseAgentRunner, ABC):
        for message in self.history_prompt_messages:
            if isinstance(message, AssistantPromptMessage):
                if not current_scratchpad:
-                    assert isinstance(message.content, str)
+                    if not isinstance(message.content, str | None):
+                        raise NotImplementedError("expected str type")
                    current_scratchpad = AgentScratchpadUnit(
                        agent_response=message.content,
                        thought=message.content or "I am thinking about how to help you",
@ -400,8 +411,9 @@ class CotAgentRunner(BaseAgentRunner, ABC):
                    except:
                        pass
            elif isinstance(message, ToolPromptMessage):
-                if current_scratchpad:
-                    assert isinstance(message.content, str)
+                if not current_scratchpad:
+                    continue
+                if isinstance(message.content, str):
                    current_scratchpad.observation = message.content
                else:
                    raise NotImplementedError("expected str type")
--- a/api/core/agent/cot_chat_agent_runner.py
+++ b/api/core/agent/cot_chat_agent_runner.py
@ -19,8 +19,8 @@ class CotChatAgentRunner(CotAgentRunner):
        """
        Organize system prompt
        """
-        assert self.app_config.agent
-        assert self.app_config.agent.prompt
+        if not self.app_config.agent:
+            raise ValueError("Agent configuration is not set")

        prompt_entity = self.app_config.agent.prompt
        if not prompt_entity:
@ -83,10 +83,8 @@ class CotChatAgentRunner(CotAgentRunner):
            assistant_message.content = ""  # FIXME: type check tell mypy that assistant_message.content is str
            for unit in agent_scratchpad:
                if unit.is_final():
-                    assert isinstance(assistant_message.content, str)
                    assistant_message.content += f"Final Answer: {unit.agent_response}"
                else:
-                    assert isinstance(assistant_message.content, str)
                    assistant_message.content += f"Thought: {unit.thought}\n\n"
                    if unit.action_str:
                        assistant_message.content += f"Action: {unit.action_str}\n\n"
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Novice Lee	81375088e9	fix: remove unused fields	2024-12-26 14:51:33 +08:00
Novice Lee	cfade297e8	fix: mypy static type checking issues	2024-12-26 09:04:29 +08:00
Novice Lee	8933dd85bf	Merge branch 'main' into feat/retry-single-step-debug	2024-12-26 08:56:24 +08:00
Novice Lee	ae5e8d3160	fix: remove unused import	2024-12-25 10:40:02 +08:00
Novice Lee	fc6c0317a5	feat: add single step retry	2024-12-25 10:38:54 +08:00