Commit Graph

2645 Commits

Author SHA1 Message Date
LIghtJUNction
433836d972 fix: guard against None system_prompt in _ensure_persona_and_skills (#7880)
* fix: guard against None system_prompt in _ensure_persona_and_skills

ProviderRequest.system_prompt defaults to None. When a persona with a
prompt is configured, _ensure_persona_and_skills calls
``req.system_prompt += ...`` which crashes with ``TypeError`` when
system_prompt is None.

Added a None guard before the persona prompt injection and skills prompt
appending sections so they always operate on a string.

* chore: delete tests/unit/test_system_prompt_none_bug.py

---------

Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
2026-04-30 23:12:31 +08:00
Weilong Liao
d72cb78f37 feat: re-implement plugin pinning functionality for extensions (#7918)
* feat: re-implement plugin pinning functionality for extensions

Co-authored-by: Copilot <copilot@github.com>

* chore: update subset

---------

Co-authored-by: Copilot <copilot@github.com>
2026-04-30 22:17:52 +08:00
Weilong Liao
34dc91e4b0 perf: improve ui and supports edit skills file in webui (#7903)
* feat: update ExtensionCard variant to outlined and adjust InstalledPluginsTab layout for better responsiveness

* feat: update MCP servers management UI and add descriptions for better clarity

* feat: enhance OutlinedActionListItem component with clickable functionality and new slots

feat(i18n): update English, Russian, and Chinese translations for extension and knowledge base features

fix: improve DocumentDetail and KBDetail views with outlined card styles and remove unnecessary dividers

refactor: streamline KBList component to use OutlinedActionListItem for better UI consistency

style: adjust styles for knowledge base components and improve responsive design

test: add security tests for skill file browser and editor to prevent path traversal and file size issues

* feat: update UI components and styles for improved layout and readability
2026-04-30 22:11:15 +08:00
bugkeep
938c241799 fix: align OpenAI http_client with SDK httpx (#7773)
* fix: align OpenAI http_client with SDK httpx

* fix: narrow openai httpx import fallback
2026-04-30 10:53:34 +08:00
千岚之夏
71b6349b6a fix: stop_event() 后续 handler 仍然执行 (#7900)
* fix: check event.is_stopped() after handler execution in star_request.py

* fix: move is_stopped() check before clear_result(), add check in except block and loop start

* fix: remove redundant is_stopped() check after stop_event() in except block

---------

Co-authored-by: Blueteemo <Blueteemo@users.noreply.github.com>
2026-04-30 09:24:33 +08:00
Weilong Liao
7c185f8e40 feat: add PluginDetailPage component for detailed plugin information display (#7896)
* feat: add PluginDetailPage component for detailed plugin information display

refactor: remove extension preference storage management and related tests

chore: clean up useExtensionPage by removing unused preference storage logic

* feat: add getHandlerDisplayName function for improved handler name display
2026-04-29 22:42:02 +08:00
s11IM
587286a967 fix: warn when default chat provider is unset (#7498)
* fix: warn when default chat provider is unset

* fix: align startup warning with provider fallback

* refactor: simplify default chat provider warning guard checks

* feat: warn when default chat provider id is invalid or missing

 - Emit a warning when `default_provider_id` points to a
 non-existent enabled provider, preventing silent fallback to
 an unexpected model.
 - Reset the warning guard before each
 `provider_manager.initialize()` so configuration reloads
 trigger a fresh re-evaluation.
 - Harden guard checks to handle `None` `provider_settings` and
 `None` provider IDs gracefully.

* test: cover fallback and invalid default provider id warnings

 - Add case for `curr_provider_inst=None` to verify fallback to
 `providers[0]`.
 - Add case for a `default_provider_id` that does not match any enabled
 provider.

* style: format default chat provider warning

---------

Co-authored-by: RC-CHN <1051989940@qq.com>
2026-04-29 11:05:38 +08:00
Ruochen Pan
eb69bf3687 fix(shipyard-neo): add readiness gate and graceful sandbox cleanup (#7881)
* fix(shipyard-neo): add readiness gate and graceful sandbox cleanup

* fix:  Add **kwargs to ComputerBooter.shutdown()

* test(shipyard-neo): add tests for readiness gate and shutdown behavior
2026-04-29 10:26:20 +08:00
Soulter
6b36e1abac fix: comment out tool_choice parameter in ToolLoopAgentRunner for debugging
fixes: #7853
closes: #7856
closes: #7862
2026-04-29 00:20:38 +08:00
Weilong Liao
8f356b84c7 fix(core): restrict send_message_to_user to current session (security fix #7822) (#7824)
* fix(core): security fix - restrict send_message_to_user to current session only

Closes #7822

SECURITY: Remove the user-controlled 'session' parameter from the
send_message_to_user tool. Previously, a regular user could ask the
LLM to send messages to any arbitrary session (group chat) by
providing a crafted session string, which is a high-risk
vulnerability.

Changes:
- Remove 'session' parameter from tool schema (LLM can no longer
  propose it)
- Always use context.context.event.unified_msg_origin as the target
  session
- Update description to clearly state that messages can only be sent
  to the current user's session

* fix: restore session param but restrict to admin only

- Re-add the  parameter removed in the original PR
- Non-admin users can only send to their own session (current_session)
- Admin users can send to any session via the  param
- Uses  from computer_tools.util (same pattern as fs.py)
- Ref: https://github.com/AstrBotDevs/AstrBot/issues/7822

Co-authored-by: Soulter <soulter@astrbot.app>

* Update message_tools.py

---------

Co-authored-by: AstrBot <bot@astrbot.app>
2026-04-29 00:15:16 +08:00
Soulter
962c299c2d feat(shell): enhance exec method to support timeout parameter and improve background command handling 2026-04-28 23:55:29 +08:00
daniel5u
66d620dab5 fix: merge anthropic parallel tool results (#7875) 2026-04-28 23:48:09 +08:00
Weilong Liao
ac7f6aa60d feat(shell): add background command execution with output redirection and timeout support (#7835)
* feat(shell): add background command execution with output redirection and timeout support

* feat(shell): update timeout parameter to be optional in shell execution methods

* feat(shell): set default timeout for shell execution to 10,000,000 milliseconds

* feat(shell): set default timeout to 300s for shell execution

* feat(shell): reorder timeout parameter in ExecuteShellTool configuration

* feat(shell): implement background command execution with detached shell command support

Co-authored-by: Copilot <copilot@github.com>

* test(shell): remove obsolete test for background shell command output redirection

* fix: reorder import statements in shell.py for consistency

* fix: wrap command in parentheses for background output redirection

---------

Co-authored-by: Copilot <copilot@github.com>
2026-04-28 23:25:54 +08:00
エイカク
2f33c34b5c fix: protect desktop plugin installs with core lock (#7872) 2026-04-28 21:10:19 +09:00
Weilong Liao
d8de0035a9 feat: add attachment saved event handling in chat and live chat routes (#7869)
Co-authored-by: Zhilan615 <2864095951@qq.com>
2026-04-28 17:14:40 +08:00
EterUltimate
e218620a37 feat: add one-line deploy script (deploy-cli.sh) (#7631)
* feat: add one-line deploy script (deploy-cli.sh) and update cli.md

- Add docs/scripts/deploy-cli.sh for one-command deployment (Linux/macOS/WSL)
- Update docs/zh/deploy/astrbot/cli.md to reference local script
- Replace non-existent https://astrbot.app/deploy.sh with raw.githubusercontent.com URL
- Add local run tip and WSL-based Windows support

* fix: address PR review feedback for deploy-cli.sh

- Replace sort -V with Python-native version check (macOS BSD compat)
- Bump Python requirement from >=3.10 to >=3.12 (match pyproject.toml)
- Detect current directory as project root (avoid nested clone)
- Handle existing non-git directory explicitly
- Add curl dependency check
- Support ASTRBOT_REPO and ASTRBOT_DIR env vars for forks/mirrors
- Update cli.md version description to match

* feat: add Windows PowerShell deploy script and update docs

- Add deploy-cli.ps1 for Windows native environment (PowerShell 7+)
- Update cli.md to document Windows one-liner deployment
- Add local script execution instructions for both bash and ps1

* refactor: standardize log messages and improve clarity in various modules

Co-authored-by: Copilot <copilot@github.com>

* docs: 移除一行命令快速部署部分,简化安装说明

* feat: 添加脚本以复制部署 CLI 文件并更新构建命令

* refactor: 更新日志消息以提高可读性,统一英文提示信息

---------

Co-authored-by: Soulter <905617992@qq.com>
Co-authored-by: Copilot <copilot@github.com>
Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
2026-04-28 14:49:50 +08:00
エイカク
cb5c172e69 feat: add CUA computer-use sandbox support (#7828)
* feat: add CUA computer-use sandbox support

* fix: add CUA config metadata translations

* fix: address CUA sandbox review feedback

* fix: default CUA sandbox to local mode

* fix: harden CUA SDK method compatibility

* fix: harden CUA GUI and permission handling

* fix: refine CUA capability and shell handling

* fix: avoid inline CUA screenshot image results by default

* fix: guide CUA browser startup workflow

* feat: add CUA browser and key press tools

* fix: launch CUA browser as sandbox user

* fix: stabilize CUA browser screenshots

* fix: simplify CUA browser launch command

* fix: remove CUA open browser tool

* fix: align CUA desktop control guidance

* fix: harden CUA shell background handling

* fix: harden CUA runtime adapters

* fix: surface CUA filesystem failures

* fix: clarify CUA shell fallback support

* fix: harden CUA shell helpers

* fix: guard CUA file fallbacks

* fix: redact sensitive config log paths

* fix: guard CUA download fallback

* test: cover CUA GUI and shell env wiring

* fix: preserve CUA command result output

* fix: normalize CUA return codes

* fix: preserve foreground shell behavior

* fix: clean up failed CUA boots

* docs: add CUA sandbox runtime guide

* test: cover CUA GUI tool registration

* refactor: simplify CUA fallback handling

* refactor: simplify CUA shell helpers

* test: cover CUA screenshot result shapes
2026-04-28 01:40:14 +09:00
時壹
b711425b73 feat: add message-level markdown control for QQ Official platform (#6980)
* feat: add message-level markdown control for QQ Official platform

* feat: propagate MessageChain metadata through RespondStage chain splitting
2026-04-27 21:21:56 +08:00
若月千鸮
72f4e748e8 fix: restore T2I text template rendering (#7789)
* fix: restore T2I text template rendering

- keep using {{ text | safe }} instead of text_base64
- inject Shiki runtime by default for T2I templates
- update built-in templates to read markdown from a hidden textarea
- improve WebUI preview sample text and Shiki runtime serving
- add regression tests for template rendering and runtime injection

* fix: prevent injected Shiki runtime from breaking T2I templates

* fix(t2i): restore raw text template rendering

* test(t2i): remove test

* fix(t2i): restore previewText
2026-04-27 15:38:43 +08:00
Soulter
09ab45fcb5 chore: bump version to 4.23.6 2026-04-27 13:05:20 +08:00
Weilong Liao
1efe4fd60e fix(stats): TPM now only counts output tokens (#7827)
* fix(stats): TPM now only counts output tokens

- Add range_total_output_tokens accumulation, separate from total tokens
- Change range_avg_tpm formula to use output tokens only
- Update i18n labels to reflect Output TPM

* fix(stats): range
2026-04-27 12:59:44 +08:00
Weilong Liao
c5ab4f7263 feat: add /stats command to view conversation token usage (#7831)
* feat: add /stats command to view conversation token usage

- Add stats() method to ConversationCommands that queries ProviderStat
  records by conversation_id and aggregates token breakdowns
- Register /stats command in main.py

* feat: reorder conversation stats output for better readability

Co-authored-by: Copilot <copilot@github.com>

* feat: reorder token usage output for improved clarity

* feat: enhance stats command to aggregate conversation token usage

* feat: add cached input tokens display and update translations for clarity

* feat: update stats command to clarify conversation token usage display

---------

Co-authored-by: Copilot <copilot@github.com>
2026-04-27 12:59:21 +08:00
Weilong Liao
415da218f6 fix: update reasoning_content handling to support empty string values (#7830)
* fix: update reasoning_content handling to support empty string values

* fix: add reasoning_content field for DeepSeek v4 models in assistant messages
2026-04-27 11:47:32 +08:00
Weilong Liao
07b37b98de fix: handle empty reasoning content for DeepSeek v4 models (#7823)
Co-authored-by: Copilot <copilot@github.com>
2026-04-27 02:19:40 +08:00
bugkeep
bbda1e678f fix(core): downscale oversized images (#7807)
* fix(core): downscale oversized images

* refactor: share image max-size check helper

* Delete tests/unit/test_media_utils_compress_image.py

---------

Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
2026-04-26 23:10:58 +08:00
EnemyWind
3c1d0cd2c2 [fix] 将Minimax TTS默认输出格式改为wav以解决RIFF错误 (#7797)
## 问题
在 QQ 官方平台插件中,处理来自 Minimax TTS 的语音时,会抛出错误:`处理语音时出错: file does not start with RIFF id`。
## 原因
Minimax TTS 提供商 (`minimax_tts_api_source.py`) 默认配置的音频输出格式为 `mp3`,而 `qqofficial_message_event.py` 中的 `wav_to_tencent_silk` 函数要求输入为 WAV 格式(具有 RIFF 文件头)。
## 解决方案
将 `minimax_tts_api_source.py` 文件中 `ProviderMiniMaxTTSAPI` 类的 `audio_setting` 字典的 `format` 键值,从 `"mp3"` 修改为 `"wav"`。
## 结果
修改后,Minimax TTS 生成的音频文件将直接为 WAV 格式,从而被下游函数正确识别和处理,修复上述错误。
2026-04-26 23:06:54 +08:00
Weilong Liao
d16ed4e552 fix: revise reasoning_key attribute to OpenRouter (#7821) 2026-04-26 22:21:57 +08:00
Yufeng He
55c1558686 fix(openai): apply empty-assistant filter to streaming path (fixes #7721) (#7758)
PR #7202 added empty-assistant filtering in `_query` so strict
providers (Moonshot, etc.) wouldn't 400 on history with blank
assistant entries. The streaming sibling `_query_stream` was
never updated, so DeepSeek Reasoner — which returns reasoning only
during tool calls, leaving serialized content as `""` — blew up with
`Invalid assistant message: content or tool_calls must be set` on
the next turn.

Hoisted the filter into a `_sanitize_assistant_messages` helper and
called it from both paths. Also widened the empty check to cover
`content == []`, which the original filter missed and which shows up
with providers that emit content as a list of parts.
2026-04-26 13:10:47 +08:00
wjiajian
17aea1aa2c feat: add Firecrawl web search tools (#7764)
* feat: add Firecrawl web search and extract tools, update configuration and tests

* feat: implement Firecrawl API integration and error handling in web search tools

* feat: enhance Firecrawl web search with session management and payload validation

* feat:  Firecrawl web search to use aiohttp.ClientSession directly for improved session management as it was

* feat: update Firecrawl search to handle grouped web data response and add corresponding tests

* feat: refactor Firecrawl web search to use aiohttp.ClientSession for improved error handling and session management

* feat: remove unused coercion function and update Firecrawl search to use default limit in payload
2026-04-26 13:07:27 +08:00
Rhonin Wang
d4cdeeae72 fix(computer): send sandbox image downloads as images (#7785) 2026-04-25 16:44:08 +08:00
lingyun14
5ce02da6df fix: use certifi ssl context on Windows (#7778)
* fix: use certifi ssl context on Windows

* docs: update docstring to reflect hybrid SSL context

* chore: ruff

---------

Co-authored-by: Soulter <905617992@qq.com>
2026-04-25 16:34:50 +08:00
Soulter
5d79c99938 feat: add deduplication for WeChat kefu text messages within 15 seconds (#7788) 2026-04-25 16:26:30 +08:00
Soulter
f0a1dd79c4 perf: improve provider config ui (#7772)
* stage

* style: update font families and improve responsive design across components
2026-04-24 20:46:45 +08:00
bugkeep
aaec41e505 fix: prevent path traversal in file uploads (#7751)
* fix: prevent path traversal in uploads

* fix: remove embedded NUL bytes from upload filenames

---------

Co-authored-by: RC-CHN <1051989940@qq.com>
2026-04-24 09:01:02 +08:00
Soulter
9f8ce24726 chore: bump version to 4.23.5 2026-04-23 22:28:40 +08:00
Soulter
8eefda4611 chore: bump version to 4.23.4 2026-04-23 21:30:03 +08:00
SJ
489e2a33c8 fix(platform): clarify shared appid hint text (#7746)
Co-authored-by: idiotsj <idiotsj@users.noreply.github.com>
2026-04-23 21:00:11 +08:00
Soulter
bb6619f38c perf: improve tool calls in reasoning and multiple tool calls display (#7742)
* perf: improve tool calls in reasoning and multiple tool calls display

- Updated LiveChatRoute and OpenApiRoute to replace manual message accumulation with BotMessageAccumulator.
- Simplified message saving logic by using build_bot_history_content and collect_plain_text_from_message_parts.
- Enhanced message processing to handle various message types (plain, image, record, file, video) more efficiently.
- Improved reasoning handling by extracting thinking parts and displaying them correctly in the UI components.
- Refactored message normalization and reasoning extraction logic in useMessages composable for better clarity and maintainability.
- Updated ChatMessageList, MessageList, StandaloneChat, and ReasoningBlock components to accommodate new message structure and rendering logic.

* feat(chat): reasoning activity panel

- Introduced a new ReasoningSidebar component for displaying reasoning details.
- Refactored MessageList and StandaloneChat components to utilize renderBlocks for improved message part handling.
- Added ReasoningTimeline component to visualize reasoning steps.
- Updated message handling logic to differentiate between thinking and content blocks.
- Enhanced localization for reasoning-related terms in English, Russian, and Chinese.
- Improved styling for various components to ensure consistency and readability.

* Update astrbot/dashboard/routes/chat.py

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-04-23 17:46:53 +08:00
Soulter
2f479b5204 fix: add missing platform adapter filter types (#7738) 2026-04-23 13:42:45 +08:00
Soulter
c1cd5627bb chore: bump version to 4.23.3 2026-04-23 12:00:10 +08:00
千岚之夏
9bad7b2951 fix: missing replies when reasoning content is present by always emitting reasoning messages alongside normal completion outputs (#7715)
* fix: handle reasoning_content when completion_text is empty (kimi-for-coding thinking mode)

* fix: use elif for result_chain/completion_text to avoid duplication, keep reasoning_content independent per review feedback

---------

Co-authored-by: Blueteemo <Blueteemo@users.noreply.github.com>
2026-04-22 13:22:48 +08:00
千岚之夏
00ebebb176 fix: add retry on DNS/connection transient errors for QQ Official API (#7718)
* fix: add ConnectionError and OSError to retry decorator for QQ Official API

* fix: remove redundant ConnectionError and add asyncio.TimeoutError per review feedback

* fix: rename decorator back to _qqofficial_retry

---------

Co-authored-by: Blueteemo <Blueteemo@users.noreply.github.com>
2026-04-22 11:52:04 +08:00
Soulter
36d6f3b67e feat: add inline message editing and regeneration functionality for webui (#7673)
* feat: add inline message editing and regeneration functionality for webui

- Implemented inline editing for user messages in the chat component.
- Added a regenerate menu for retrying messages with different models.
- Enhanced message handling to include llm_checkpoint_id for better tracking.
- Updated localization files to include new actions for retrying and model selection.
- Introduced tests for checkpoint message handling and chat route functionality.

* feat: thread mode in webui

* feat: enhance message editing functionality to allow only the latest user message to be edited

* feat: add error handling and user feedback for thread creation in chat component

* feat: add thread count display and localization support in chat component

* feat: add RefsSidebar component and integrate reference management in chat UI

* feat: improve message editing validation and cleanup for bot messages

* feat: enhance checkpoint message handling with binding and dumping functionality
2026-04-22 11:51:12 +08:00
Soulter
e6b68e9b09 perf: update FileReadTool description to mention image, PDF and docx support, and enhance modality checking in tool result case (#7506)
* feat: update FileReadTool description to mention image and PDF support

Add explicit mention of image (OCR) and PDF (text extraction) support
to the FileReadTool description for better discoverability.

* feat: update FileReadTool description to include support for docx and epub files; change base64 decoding to utf-8

* feat: enhance ToolLoopAgentRunner to support image and audio modalities; add context sanitization logic
2026-04-22 11:38:40 +08:00
ShadowLemoon
662b1d3678 fix: accept both str and re.Pattern in RegexFilter (#7633)
* fix: accept both str and re.Pattern in RegexFilter

RegexFilter.__init__ now handles compiled re.Pattern objects by
extracting .pattern for regex_str, preventing TypeError during
JSON serialization in the dashboard plugin API.

* perf: 精简代码
2026-04-21 23:34:22 +08:00
SaintaToken
17ace9b5db feat: add buffered intermediate messages for non-streaming agent loop (#7627)
* feat: add buffered intermediate messages for non-streaming agent loop

* Refactored buffering logic into helpers to reduce inline complexity.

* feat: add buffer_intermediate_messages configuration for merging Agent intermediate messages

---------

Co-authored-by: Soulter <905617992@qq.com>
2026-04-21 23:32:00 +08:00
Sebastion
7778d8bb63 fix: prevent path traversal in backup importer (CWE-22) (#7681)
* fix: prevent path traversal in backup importer (CWE-22)

Validate that all file write targets resolve within their expected
base directories before writing. This prevents crafted backup ZIP
files from writing to arbitrary filesystem locations via malicious
path values in attachment records, media file paths, or directory
entries.

* fix: use Path.is_relative_to for robust path containment check

* fix: add explicit strict=False to Path.resolve() calls

* style: format backup importer

---------

Co-authored-by: 邹永赫 <1259085392@qq.com>
2026-04-21 22:52:34 +08:00
Rain-0x01_
6b756f666f docs: Unify documentation links (#7709)
astrbot.app -> docs.astrbot.app
2026-04-21 22:42:27 +08:00
Soulter
03bbf0bf5a feat: re-establishing /provider as a built-in command (#7691)
* feat: re-establishing /provider as a built-in command

* style: format provider command

---------

Co-authored-by: 邹永赫 <1259085392@qq.com>
2026-04-21 22:41:31 +08:00
C₂₂H₂₅NO₆
d9ab35348e fix: drop legacy documents_fts table if exists (#7706)
* fix: recover FTS5 index from legacy documents_fts table

* fix: normalize SQL whitespace when checking contentless_delete
2026-04-21 22:27:40 +08:00