jprdonnelly/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-02-14 01:00:52 -05:00
Code Issues Packages Projects Releases Wiki Activity
8,646 Commits 386 Branches 165 Tags
065a69ced08386fff3b6830c8aaea91943a6ffa2
Commit Graph

5085 Commits

Author SHA1 Message Date
Byron Wang
065a69ced0 bump weave version and regenerate lock 2026-02-10 17:40:22 +08:00
Byron Wang
615da29433 bump unstructured pypi version 2026-02-10 16:22:12 +08:00
Byron Wang
16ef73cd76 remove unused stage 2026-02-10 15:46:22 +08:00
Byron Wang
e532b6e882 update api base image to dhi base 2026-02-10 15:16:15 +08:00
Xiyuan Chen
3d2aea11a3 Update api/services/tools/builtin_tools_manage_service.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-04 18:35:15 -08:00
yunlu.wen
ffc18bf318 chore: upgrade deps, see pull #30976 2026-01-28 13:02:01 +08:00
GareArc
6fd5df658c fix: add TYPE_CHECKING import for Account type annotation 2026-01-26 16:08:09 -08:00
GareArc
69b11cc364 security: fix IDOR and privilege escalation in set_default_provider 
- Add tenant_id verification to prevent IDOR attacks
- Add admin check for enterprise tenant-wide default changes
- Preserve non-enterprise behavior (users can set own defaults)
 2026-01-26 16:01:06 -08:00
GareArc
57721225b9 fix: remove user_id filter when clearing default provider (enterprise only) 
When setting a new default credential in enterprise mode, the code was
only clearing is_default for credentials matching the current user_id.
This caused issues when:
1. Enterprise credential A (synced with system user_id) was default
2. User sets local credential B as default
3. A still had is_default=true (different user_id)
4. Both A and B were considered defaults

The fix removes user_id from the filter only for enterprise deployments,
since enterprise credentials may have different user_id than local ones.
Non-enterprise behavior is unchanged to avoid breaking existing setups.

Fixes EE-1511
 2026-01-26 15:43:13 -08:00
GareArc
68dfb3d4d9 feat: add redis mq for account deletion cleanup 2026-01-25 22:38:19 -08:00
Xiyuan Chen
7058de7a88 feat: implement workspace permission checks for member invitations an… (#31202) 2026-01-25 21:21:58 -08:00
wangxiaolei
5cd11a0071 fix: remove _try_resolve_user_from_request (#31360) 2026-01-22 11:25:06 +08:00
wangxiaolei
37c2f3d4b6 fix: fix instance is not bind to session (#30913) 2026-01-21 17:05:13 +08:00
-LAN-
036a7cf839 chore: bump version to 1.11.4 (#30961) 2026-01-15 11:40:33 +08:00
wangxiaolei
2c6bd90d6f fix: fix missing id and message_id (#31008) 2026-01-15 11:40:13 +08:00
-LAN-
a22cc5bc5e chore: Bump Dify version to 1.11.3 (#30903) 2026-01-13 17:49:13 +08:00
非法操作
491e1fd6a4 chore: case insensitive email (#29978) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: -LAN- <laipz8200@outlook.com>
 2026-01-13 15:42:44 +08:00
非法操作
c09e29c3f8 chore: rename the migration file (#30893) 2026-01-13 15:26:41 +08:00
wangxiaolei
2d53ba8671 fix: fix object value is optional should skip validate (#30894) 2026-01-13 15:21:06 +08:00
呆萌闷油瓶
9be863fefa fix: missing content if assistant message with tool_calls (#30083) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-13 12:46:33 +08:00
heyszt
450578d4c0 feat(ops): set root span kind for AliyunTrace to enable service-level metrics aggregation (#30728) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-13 10:12:00 +08:00
非法操作
837237aa6d fix: use node factory for single-step workflow nodes (#30859) 2026-01-13 10:11:18 +08:00
QuantumGhost
b63dfbf654 fix(api): defer streaming response until referenced variables are updated (#30832) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-12 16:23:18 +08:00
非法操作
51ea87ab85 feat: clear free plan workflow run logs (#29494) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2026-01-12 15:57:40 +08:00
dependabot[bot]
8cfdde594c chore(deps-dev): bump tos from 2.7.2 to 2.9.0 in /api (#30834) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-12 12:44:21 +08:00
-LAN-
1e10bf525c refactor(models): Refine MessageAgentThought SQLAlchemy typing (#27749) 
Co-authored-by: Asuka Minato <i@asukaminato.eu.org>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-10 17:17:45 +09:00
wangxiaolei
0711dd4159 feat: enhance start node object value check (#30732) 2026-01-09 16:13:17 +08:00
QuantumGhost
ae0a26f5b6 revert: "fix: fix assign value stand as default (#30651)" (#30717) 
The original fix seems correct on its own. However, for chatflows with multiple answer nodes, the `message_replace` command only preserves the output of the last executed answer node.
 2026-01-09 16:08:24 +08:00
zyssyz123
fe0802262c feat: credit pool (#30720) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-01-08 13:17:30 +08:00
Xiyuan Chen
adaf0e32c0 feat: add decryption decorators for password and code fields in webapp (#30704) 2026-01-08 10:03:39 +08:00
-LAN-
7ccf858ce6 fix(workflow): pass correct user_from/invoke_from into graph init (#30637) 2026-01-07 21:47:23 +08:00
Asuka Minato
885f226f77 refactor: split changes for api/controllers/console/workspace/trigger… (#30627) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-01-07 21:18:02 +08:00
wangxiaolei
187bfafe8b fix: fix assign value stand as default (#30651) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-07 14:54:11 +08:00
Xiangxuan Qu
666640f7d5 refactor: remove unnecessary type: ignore from rag_pipeline_fields.py (#30666) 
Co-authored-by: fghpdf <fghpdf@users.noreply.github.com>
 2026-01-07 14:40:35 +08:00
Xiangxuan Qu
93faa672cc fix: add DB_TYPE environment variable to unit tests (#30660) 
Co-authored-by: fghpdf <fghpdf@users.noreply.github.com>
 2026-01-07 10:16:17 +08:00
Sara Rasool
4f0fb6df2b chore: use from __future__ import annotations (#30254) 
Co-authored-by: Dev <dev@Devs-MacBook-Pro-4.local>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Asuka Minato <i@asukaminato.eu.org>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2026-01-06 23:57:20 +09:00
Asuka Minato
0294555893 refactor: port api/fields/file_fields.py (#30638) 2026-01-06 22:55:58 +08:00
-LAN-
55de731f9c refactor(api): clarify published RAG pipeline invoke naming (#30644) 2026-01-06 23:48:06 +09:00
Toshiki Sugimizu
f57aa08a3f fix: flask db check fails due to nullable mismatch between migrations and models (#30474) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Maries <xh001x@hotmail.com>
 2026-01-06 20:23:59 +08:00
wangxiaolei
2cc89d30db feat: use more universal C.UTF-8 instead of en_US.UTF-8 (#30621) 2026-01-06 16:39:04 +08:00
-LAN-
1f5d744cc2 fix(db): parameterize sessionmaker with Session (#30612) 2026-01-06 15:23:50 +08:00
wangxiaolei
68d68a46a0 refactor: generate_url to support scenario to build url (#30598) 2026-01-06 14:53:38 +08:00
-LAN-
d12b91a01a refactor(api): inject sessionmaker into conversation variable updater (#30609) 2026-01-06 14:52:59 +08:00
lif
f3ca8be9f9 refactor: clean type: ignore comments in login.py and template_transformer.py (#30510) 
Signed-off-by: majiayu000 <1835304752@qq.com>
 2026-01-06 14:33:27 +08:00
wangxiaolei
4f74e90f51 fix: _model_to_insertion_dict missing id (#30603) 2026-01-06 14:13:29 +08:00
-LAN-
d6e9c3310f feat: Add conversation variable persistence layer (#30531) 2026-01-06 14:05:33 +08:00
CodeCraftsman
89463cc11d fix: allow unauthenticated CORS preflight for embedded bots (#30587) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-06 11:40:34 +08:00
Zhiqiang Yang
114a34e008 fix: correct docx hyperlink extraction (#30360) 2026-01-06 11:24:26 +08:00
Asuka Minato
f320fd5f95 refactor: port controllers/console/app/app.py (#30522) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-06 10:12:52 +08:00
wangxiaolei
061d552928 feat: unified management stop event (#30479) 2026-01-06 10:12:05 +08:00