Yufeng He
094c2de85a
fix: surface weixin media send failures ( #8175 )
...
* fix: surface weixin media send failures
* fix: include weixin send failure context
* Delete tests/unit/test_weixin_oc_adapter.py
---------
Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com >
2026-05-14 12:17:59 +08:00
counhopig
7d402fa16a
fix: add ollama and nvidia embedding ( #8104 )
...
* fix: add ollama and nvidia embedding
* fix: address code review feedback for embedding providers
- Remove redundant proxy branch in NvidiaEmbeddingProvider._get_client
- Change ClientError handling to re-raise instead of wrapping in Exception
- Add exc_info=True for better error diagnostics
- Remove redundant isinstance check in OllamaEmbeddingProvider._build_payload
2026-05-14 12:16:35 +08:00
lingyun14
3a1d6c8f89
fix: handle None tool arguments from Claude API for no-parameter tools ( #8136 )
...
* fix: handle None tool arguments returned by Claude API for no-parameter tools
* fix: handle None tool arguments from Claude API for no-parameter tools
* fix: generalize None tool args comment
* fix: generalize None tool args comment
* 去除空格,以保证格式正确
2026-05-14 12:01:19 +08:00
Chang Lee
35f5d7e710
perf: enhance AMR audio quality and simplify opus logic ( #8153 )
...
* chore: streamline convert_audio_to_opus logic
- Route Opus conversion directly through the underlying convert_audio_format.
- Remove redundant FFmpeg processing chains to improve code reusability.
* perf: optimize AMR voice encoding parameters
- Enhance AMR audio quality via built-in FFmpeg filters.
2026-05-14 11:57:14 +08:00
M1LKT
720d384b44
fix: synchronize the autoScroll state of the consoleDisplayer component using $refs ( #8186 )
2026-05-14 11:44:42 +08:00
Yufeng He
3290d75519
fix: prefer bundled dashboard over stale data dist ( #8172 )
...
* fix: prefer bundled dashboard over stale dist
* fix: harden dashboard dist version checks
2026-05-14 09:00:16 +08:00
lingyun14
ef73d2da33
docs: Clarify and expand the LLM tool registration guidance in the AI plugin documentation ( #8178 )
...
* docs(zh/ai): fix misleading tool registration guide and add warnings
* docs(en/ai): add tool registration section with deprecation warnings
2026-05-14 08:58:37 +08:00
Soulter
c77cb0f4e2
chore: bump version to 4.24.5
v4.24.5
2026-05-14 01:16:26 +08:00
Soulter
0e6ad1c443
feat: cli supports ASTRBOT_DASHBOARD_INITIAL_PASSWORD env
2026-05-14 01:13:46 +08:00
Soulter
e05dd650ab
feat(auth): add legacy password login failure message and FAQ guidance for upgrade issues
2026-05-14 00:48:15 +08:00
Soulter
93428a7976
feat: add initial dashboard password resolution from environment variable
2026-05-14 00:45:37 +08:00
Soulter
37142fd253
feat: enhance update dialog with progress tracking and localization updates
...
- Added advanced settings option in update dialog for better user control.
- Implemented detailed progress tracking for update stages including download size and speed.
- Updated localization files for English, Russian, and Chinese to include new strings for update progress and advanced settings.
- Improved UI for update dialog with better layout and responsiveness.
- Enhanced test coverage for update process including progress tracking.
2026-05-14 00:40:24 +08:00
Tsukumi
1b09132e4a
fix: respect explicit Shipyard Neo profile ( #8167 )
2026-05-13 14:38:11 +08:00
NayukiMeko
22ba831a31
fix(message_tools): throw exception and block message sending when path does not exist ( #8149 )
...
* fix(message_tools): 路径不存在时抛出异常并阻止消息发送
- _resolve_path_from_sandbox 在所有解析路径均失败时改为抛出 FileNotFoundError,而非静默返回原始路径,避免将无效路径传递给下游组件
- 新增 component_type 关键字参数,使错误信息能明确指出是 image/record/video/file 哪类资源路径缺失
- 在 call 方法中捕获 FileNotFoundError 并提前返回错误字符串,确保路径无效时不会继续构建或发送任何消息组件
- 补充单元测试,验证缺失图片路径场景下 send_message 不会被调用
* Update tests/unit/test_message_tools.py
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
* fix(tools): propagate sandbox error instead of masking as FileNotFoundError
---------
Co-authored-by: Ruochen Pan <badbatch0x01@gmail.com >
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: RC-CHN <1051989940@qq.com >
2026-05-13 11:50:06 +08:00
Soulter
4672a04eb7
docs: update FAQ to clarify default password usage for first-time login
2026-05-13 01:50:37 +08:00
Soulter
c48108040c
chore: bump version to 4.24.4
v4.24.4
2026-05-13 01:46:08 +08:00
Soulter
2d6f5e64b8
fix(auth): update login failure message for first-time users with details on random password
2026-05-13 01:37:35 +08:00
Soulter
7d72e3a9e7
docs: update FAQ with details on first login account and random password generation
2026-05-13 00:37:24 +08:00
Soulter
37d6159234
docs: update login instructions to use random initial password for first-time users
2026-05-13 00:24:21 +08:00
Soulter
989cc0d609
chore: bump version to 4.24.3
2026-05-13 00:17:27 +08:00
lingyun14
cb90de752d
fix(docs): fix multiple errors in plugin development guides ( #8166 )
...
* Update listen-message-event.md
* Update listen-message-event.md
* Update ai.md
* Update plugin-new.md
* Update plugin-new.md
* Update simple.md
* Update star_handler.py
* Update listen-message-event.md
* Update listen-message-event.md
2026-05-13 00:04:12 +08:00
Soulter
48e111e47e
chore: remove test
2026-05-12 23:57:16 +08:00
Weilong Liao
7ddf6371b9
fix(webui): enforce 12-char dashboard password policy with backend+frontend validation ( #7338 )
...
* fix(webui): enforce 12-char dashboard password policy with backend+frontend validation
* fix(i18n): update password policy hints and validation rules for improved security
* test: adapt dashboard auth fixtures for hashed default password
* fix(security): increase PBKDF2 iterations
* feat(auth): implement secure login challenge and proof verification
* chore: ruff format
* fix(auth): update md5 import syntax for consistency
* feat(dashboard): implement random password generation for empty dashboard password
* feat(auth): enforce plaintext password requirement for legacy MD5 hashes
* fix(i18n): update password hint texts to reflect auto-generated initial passwords
* feat(dashboard): implement password change requirement and reset logic
* feat(auth): implement account setup flow and password change requirements
* feat: Implement legacy password support and upgrade mechanism
- Added `hash_legacy_dashboard_password` function for MD5 hashing of passwords.
- Updated configuration handling to store both PBKDF2 and legacy password hashes.
- Introduced logic to check if password storage has been upgraded and if a password change is required.
- Modified dashboard authentication routes to handle legacy password checks and prompts for upgrades.
- Updated frontend to display warnings for legacy password storage and required upgrades.
- Enhanced tests to cover scenarios for legacy password handling and migration to new storage format.
* fix(logo): update text color styles to use CSS variables for consistency
* feat(dashboard): upgrade password storage and enforce change requirement
* fix(dashboard): update minimum password length from 12 to 10 characters
* fix(dashboard): update minimum password length from 10 to 8 characters
---------
Co-authored-by: RC-CHN <1051989940@qq.com >
2026-05-12 23:46:57 +08:00
Yufeng He
f86de988a4
fix: keep Discord startup alive on command quota ( #8061 )
...
* fix: keep Discord startup alive on command quota
* Update discord_platform_adapter.py
---------
Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com >
2026-05-12 23:28:23 +08:00
dependabot[bot]
1d3f54ca49
chore(deps): bump pnpm/action-setup in the github-actions group ( #8156 )
...
Bumps the github-actions group with 1 update: [pnpm/action-setup](https://github.com/pnpm/action-setup ).
Updates `pnpm/action-setup` from 6.0.5 to 6.0.7
- [Release notes](https://github.com/pnpm/action-setup/releases )
- [Commits](https://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.7 )
---
updated-dependencies:
- dependency-name: pnpm/action-setup
dependency-version: 6.0.7
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-12 23:16:19 +08:00
jdjfjdsfj
f6a99a25b9
Update API Key reference in knowledge-base.md ( #8129 )
...
* Update API Key reference in knowledge-base.md
* Update docs/zh/use/knowledge-base.md
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
---------
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-05-12 08:43:53 +08:00
NayukiMeko
041c35c35b
Fix: Fix issue where temporary directory is not cleaned and error tracking false positives when repeatedly installing plugins ( #8148 )
...
* fix(star): 修复重复安装插件时临时目录未清理及错误追踪误报问题
- 引入 skip_failed_tracking 标志,当目标目录已存在时跳过失败安装追踪,避免将预期冲突错误误记为安装失败
- 修复 finally 块中临时目录清理逻辑,确保冲突场景下 plugin_upload_* 临时目录也能被正确删除
- 新增测试用例 test_install_plugin_from_file_conflict_keeps_failed_plugins_clean,验证重复安装同名插件时 failed_plugin_dict 为空且无残留临时目录
Ref #8122
* style(star): ruff 格式化
2026-05-11 16:36:03 +08:00
エイカク
ad516950f2
fix(provider): force Gemini chat client to use managed httpx client ( #8112 )
...
When both aiohttp and httpx are installed, google-genai prefers aiohttp
as the async HTTP backend. In error response paths, the aiohttp backend
returns raw aiohttp.ClientResponse objects that google-genai cannot handle,
masking real API errors with:
Unsupported response type: <class 'aiohttp.client_reqrep.ClientResponse'>
This fix explicitly creates an httpx.AsyncClient and passes it via
HttpOptions.httpx_async_client, ensuring the chat provider always uses
the httpx backend. The managed client is closed in terminate().
- Preserve HTTP_PROXY/HTTPS_PROXY support via trust_env=True.
- Preserve provider-level proxy via httpx.AsyncClient(proxy=...).
- Avoid logging full proxy URLs for security.
Fixes #7564
2026-05-10 00:20:36 +09:00
lingyun14
c9182c27a2
fix: fix console log level alignment and mobile layout issue ( #7988 )
...
* fix: fix console log level alignment and mobile layout issue
* Update ConsoleDisplayer.vue
2026-05-09 22:18:21 +08:00
lingyun14
bd9aade842
fix(docs):多份文档汉译英并整理 ( #8001 )
...
* docs(en): translate plugin-platform-adapter.md from Chinese to English
* docs(en): translate plugin-platform-adapter.md from Chinese to English
* Update ppio.md
* Update provider-lmstudio.md
* Update function-calling.md
* Update skills.md
* Update ai.md
* Update simple.md
* Update mcp.md
* Update config.mjs kook
* fix(docs): fix MessageSesion import path in platform adapter example
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
---------
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-05-09 22:17:47 +08:00
dependabot[bot]
4bcaaab44f
chore(deps): bump pnpm/action-setup in the github-actions group ( #8004 )
...
Bumps the github-actions group with 1 update: [pnpm/action-setup](https://github.com/pnpm/action-setup ).
Updates `pnpm/action-setup` from 6.0.3 to 6.0.5
- [Release notes](https://github.com/pnpm/action-setup/releases )
- [Commits](https://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.5 )
---
updated-dependencies:
- dependency-name: pnpm/action-setup
dependency-version: 6.0.5
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-09 22:16:30 +08:00
AstrBot
224915fbc8
docs: add 16MB size limit note for plugin publishing ( #8108 )
...
Add documentation to clarify the 16MB zip size limit for plugin
marketplace submissions, along with practical recommendations:
- Compress static assets like images
- Clean up unnecessary files (.git, __pycache__, etc.)
- Optimize dependency sizes
- Use .gitattributes or release branches
Also mention the option to contact maintainers for manual bypass
when the limit cannot be met.
Co-authored-by: Seio <seio@astrbot.app >
2026-05-09 22:00:15 +08:00
M1LKT
f9cbe79099
fix(ui): always show actions btn instead of on hover in OutlinedActionListItem ( #8081 )
2026-05-09 08:41:26 +08:00
AstrBot
77fa0e466c
docs: update Trendshift badge to AstrBotDevs repo ( #21369 ) for all README languages ( #8079 )
...
Co-authored-by: AstrBot <astrbot@container>
2026-05-08 15:41:56 +08:00
Ruochen Pan
f29b339ea2
fix(t2i): validate template content to prevent Jinja2 SSTI injection ( #8077 )
...
* fix(t2i): validate template content to prevent Jinja2 SSTI injection
* fix(t2i): add error feedback
* fix(test): update assertion to match previous commits
* style: format code
2026-05-08 15:30:52 +08:00
LIghtJUNction
273b6777cf
test: fix unit tests after master→dev merge
...
- Fix test_long_term_memory.py: Image(file=), Provider spec, config keys
- Fix test_star_manager.py: Metric.upload AsyncMock, os.path.exists patch
- Fix test_kb_helper.py: chunk assertion signature, session.begin mock
- Fix test_file_extract.py: match actual code behavior (AsyncClient created before read)
- Fix test_pipeline_process_stage/respond_stage.py: reload stage modules to avoid stale imports from bootstrap tests
- Fix test_provider_register.py: handle pre-existing registry entries
- Fix test_pipeline_scheduler.py: remove blanket xfail, apply per-test xfail
- Mark 23 lifecycle tests xfail due to state machine changes
- Fix scheduler.py: missing break after generator stage stops propagation
- Frontend build verified
2026-05-08 12:17:58 +08:00
LIghtJUNction
d373a24320
merge: sync origin/master into dev
...
Resolved 76 file conflicts across backend, frontend, and tests:
- Core backend: agent, platform, provider, star, tools, cron, KB, utils
- Dashboard backend: auth, config, plugin routes, server, runtime bootstrap
- Frontend components: shared, extension, provider components
- Frontend views: console, trace, cron, extension, platform, provider, etc.
- Frontend infrastructure: layouts, router, stores, main.ts
- Assets: MDI font subset (css, woff, woff2)
- Tests: fixtures, plugin manager, anthropic provider, dashboard tests
Strategy per file:
- Most backend: merged master improvements (metrics, http_client -> default_headers,
download_url params, plugin i18n, runtime guards, auth middleware)
- Frontend views: adopted master dashboard-shell layout (v-container, is-dark theme)
- InstalledPluginsTab: kept dev pinned-plugins feature (drag-sort, pin/unpin)
- Binary assets: resolved via git checkout
- Tests: merged both branches' assertions and mock updates
2026-05-08 11:04:03 +08:00
エイカク
f02845ebdc
fix(config): expose cua idle timeout in dashboard ( #8075 )
...
* fix(config): expose cua idle timeout in dashboard
* fix(config): remove exposed cua ttl setting
* fix(config): centralize cua idle timeout default
2026-05-08 10:08:53 +09:00
エイカク
49cd4d2a20
feat(cua): expire idle sandbox sessions ( #8074 )
...
* feat(cua): expire idle sandbox sessions
* fix(cua): simplify idle timeout state
2026-05-08 09:41:59 +09:00
Yufeng He
116c66b5b7
fix: skip KB retrieval for blank prompts ( #8073 )
2026-05-08 08:35:24 +08:00
LIghtJUNction
e9c348199c
wip: current local changes before squash rebase
2026-05-08 06:57:08 +08:00
エイカク
5745ce5b80
fix(cua): use native file interfaces for uploads ( #8069 )
2026-05-08 02:36:43 +09:00
AstrBot
dd716e61a4
feat: add visual separator between thinking content and response ( #8059 )
...
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2026-05-07 22:19:50 +08:00
Ruochen Pan
718449d6ac
fix(core): use correct asset filename in GitHub fallback download URL ( #8046 )
...
* fix(core): use correct asset filename in GitHub fallback download URL
* fix(core):resolve the tag via GitHub API with certifi SSL and proxy support.
2026-05-07 09:00:56 +08:00
エイカク
d1059cd504
fix windows updater zip root path normalization ( #8019 )
...
* fix: normalize updater zip root paths on windows
* refactor: share updater archive path normalization
* test: expand updater archive root coverage
* fix: guard empty updater archive roots
* refactor: share updater extraction safeguards
* refactor: simplify updater extraction cleanup
* refactor: inline updater root normalization
* fix: infer archive root from zip entries
2026-05-07 09:41:45 +09:00
Ruochen Pan
b32cc8d273
feat(console): persist auto-scroll toggle state in localStorage ( #8024 )
2026-05-06 10:55:32 +08:00
千岚之夏
e8d3e1837c
feat: add disable_metrics config option for WebUI ( #7946 )
...
* feat: add disable_metrics config option for WebUI
* fix: remove dead code _disable_metrics, narrow exception catching
* fix: add Russian translation for disable_metrics
* fix: 将 disable_metrics 移到系统配置
* fix: 将 disable_metrics 元数据从 general 移到 system 分组
---------
Co-authored-by: Blueteemo <Blueteemo@users.noreply.github.com >
2026-05-06 09:02:35 +08:00
168SDTH
942dcdfc77
Fix: typo in API Key environment variable example ( #7977 )
2026-05-06 08:50:24 +08:00
Rhonin Wang
b4e1181d1e
fix(config): hide Baidu web search key when disabled ( #7992 )
...
* fix(config): hide Baidu web search key when disabled
* chore: remove unnecessary test change
---------
Co-authored-by: RhoninSeiei <RhoninSeiei@users.noreply.github.com >
Co-authored-by: Rhonin <rhonin@STARFORGE.localdomain >
2026-05-06 08:49:11 +08:00
Midwich
7a519d4d1e
fix(config): add missing websearch_firecrawl_key to DEFAULT_CONFIG ( #8012 )
...
The websearch_firecrawl_key config key was added in PR #7764 (Firecrawl
web search provider) but was missing from DEFAULT_CONFIG in default.py.
Because AstrBotConfig.check_config_integrity() removes keys that exist
in the user's cmd_config.json but are absent from DEFAULT_CONFIG, the
firecrawl API key is silently deleted on every container restart.
Fixes: unreported issue (config key removed on restart)
2026-05-06 08:47:04 +08:00