104 Commits

Author SHA1 Message Date
lxfight
296fcfb54a fix: compensate partial knowledge base upload failures (#9007) (#9246)
* fix: roll back document rows when FAISS insert fails

Validate embedding shape/dimension before local writes. If DocumentStorage
commits but FAISS write fails, best-effort delete the partial FAISS ids and
document rows so the two stores do not diverge.

* fix: clean up partial KB upload state before metadata commit

Track metadata_committed right after commit succeeds. On failure before
metadata commit, roll back chunks/vectors first, then residual KB rows and
media files. After metadata is committed, keep the document even if stats
or refresh fails.

* test: cover knowledge base upload atomicity and rollback

Add unit tests for insert_batch FAISS failure rollback, dimension validation
before document writes, upload cleanup order, no-rollback after metadata
commit, and real DocumentStorage+FAISS no-orphan cases.

* fix: log media directory cleanup failures after upload rollback

Best-effort rmdir of the per-document media directory should still emit a
warning when removal fails so incomplete cleanup is diagnosable.
2026-07-15 16:11:02 +08:00
Soulter
6070da9ae2 fix: resume ChatUI streams after refresh (#9259)
* fix: resume ChatUI streams after refresh

* fix: hide chat run service errors

* fix: harden resumed chat streams
2026-07-13 23:05:03 +08:00
Weilong Liao
0dee40bd9d feat: add event loop diagnostics (#9168)
* feat: add event loop diagnostics

* fix: write event loop watchdog dumps to rotating log

* chore: use fixed event loop diagnostic defaults

* fix: keep event loop watchdog alive after dump failures
2026-07-07 00:14:03 +08:00
killer-qert
afb0079116 fix: exit MCP anyio contexts in the lifecycle task on disable (#9132)
* fix: exit MCP anyio contexts in the lifecycle task on disable

#9070 moved MCP shutdown cleanup into the per-server lifecycle task so
that the anyio cancel scopes entered in connect_to_server() are exited
from the task that entered them. Running the cleanup through
asyncio.shield() defeats that: shield wraps the coroutine in a new
task, so disabling a server still fails with "Attempted to exit cancel
scope in a different task than it was entered in" and leaves the scope
state corrupted -- the failure mode behind the CPU spin reported in
#9068.

Await _terminate_mcp_client() directly instead. The graceful disable
path has no cancellation in flight, and on forced shutdown the
lifecycle task still runs its finally block in-task, so the shield only
served to break task affinity.

Closes #9068

* fix: absorb late cancellations during MCP shutdown cleanup

A cancellation delivered while the lifecycle task is already running its
finally-block cleanup would abort _terminate_mcp_client() halfway,
stranding the runtime entry and the MCP transport. Retry the cleanup in
the same task and uncancel() the absorbed request instead, so a forced
shutdown can no longer skip it.

* fix: guard Task.uncancel() for Python 3.10 runtimes

Task.uncancel() only exists on Python 3.11+. On 3.10 absorbing the
CancelledError is sufficient, so skip the call when unavailable.
2026-07-06 23:04:41 +08:00
Weilong Liao
b43cc6dee0 feat: improve ChatUI attachment display (#9134) 2026-07-04 17:56:33 +08:00
Soulter
20008f179c fix: preserve absolute custom workspace paths 2026-07-03 22:59:21 +08:00
NayukiChiba
8a31cf01f2 fix(core): improve web search API key failover
Merge PR #8896
2026-07-03 22:53:22 +08:00
lxfight
ea9e3421d9 fix: align knowledge base CRUD API contract with kb_name, canonical payload fields, and matching OpenAPI types (#9000)
Warning: Potential breaking changes in /kb related openapi.

* fix(kb): align CRUD API contract end-to-end

Unify knowledge base create/update/list with kb_name, canonical_payload,
optional list pagination with total, and matching OpenAPI plus dashboard types.

* fix: restore _model_dict references, add KnowledgeBaseCreateRequest, fix OpenAPI allOf validation

- Replace 3 remaining _model_dict() calls with payload.model_dump(exclude_none=True)
- Add KnowledgeBaseCreateRequest schema with required kb_name + embedding_provider_id
- Remove additionalProperties: false from OpenAPI allOf sub-schema to avoid validation failures
- Use Pydantic Field(alias="name") + populate_by_name=True for legacy name migration
- Delegate _canonical_kb_payload to KnowledgeBaseRequest to eliminate duplicated logic
- Add getattr default None for update_kb to prevent AttributeError
- Add validation error tests: missing kb_name, missing embedding_provider_id

* fix: address knowledge base contract follow-ups

* fix: preserve knowledge base create error shape
2026-07-03 22:18:56 +08:00
lxfight
e2f3b00088 fix(kb): clean up KBMedia records on document delete, fix update_kb_stats (#9120)
* fix(kb): clean up KBMedia records on document delete, fix update_kb_stats

- delete_document_by_id now deletes associated KBMedia records before
  removing the KBDocument row, preventing orphaned media data.
- update_kb_stats now passes kb_id filter to vec_db.count_documents,
  fixing chunk count that previously counted across all KBs.
- add tests for document deletion cleanup and update_kb_stats behavior.

* fix(kb): merge media and document deletion into single transaction
2026-07-03 22:13:23 +08:00
Weilong Liao
e7d5be632f feat: add ChatUI project workspaces (#9066)
* feat: add ChatUI project workspaces

* feat: refine chatui layout

* feat: enhance chat input and project view styles for attachment handling

* feat: adjust chat sidebar brand logo positioning

* feat: enhance project dialog with error handling and loading state
2026-07-03 21:54:20 +08:00
VectorPeak
89b80a6ca7 fix: enable only synced ModelScope MCP servers (#9084)
* fix: enable only synced ModelScope MCP servers

* fix: avoid mutating default MCP config
2026-07-03 01:05:25 +08:00
100yoGranny
413340fca5 fix: apply fallback chat models to background wakeups (#9094) 2026-07-03 00:40:20 +08:00
VectorPeak
70a52ea6d0 fix: reject non-200 download responses (#9085)
* fix: reject non-200 download responses

* fix: share download response handling
2026-07-02 11:53:45 +09:00
Gargantua
c1cc74b6bc fix: preserve fallback models for future tasks (#9054)
* fix: preserve fallback models for future tasks

* chore: remove local test markdown ignore

---------

Co-authored-by: Gargantua <22532097@zju.edu.cn>
2026-06-28 00:03:31 +08:00
Weilong Liao
de572e3fe0 fix: avoid duplicate send_message_to_user replies (#9051) 2026-06-27 16:57:17 +08:00
Fiber
298078b536 Fix: KV storage not cleared on plugin uninstall. Improved cleanup logic and updated i18n strings to indicate database KV data removal. (#8291)
* fix: 完善插件卸载时的清理逻辑,新增KV数据清理,更新了多语言文案以说明会清理数据库KV数据

* fix: 修复插件关闭时不清理KV的问题,更新单元测试

* refactor: 统一插件ID生成逻辑

将插件ID生成逻辑抽离到StarMetadata类中,移除重复的代码实现,
同时在__post_init__中自动补全plugin_id字段。

* refactor: 将plugin_id属性从方法转换为属性,确保在属性赋值后正确计算
2026-06-27 16:06:14 +08:00
Weilong Liao
c6b2c65b04 fix: preserve image formats in media handling (#9019)
* fix: preserve image formats in media handling

* fix: address image format review feedback

* fix: avoid tainted image temp path rename
2026-06-26 11:27:32 +08:00
Weilong Liao
473377f340 feat: update permission handling to delegate event context in guarded tools (#9001) 2026-06-25 16:18:04 +08:00
Weilong Liao
d90530af8e Revert "fix: reconnect MCP client on terminated session (#8694)" (#8991)
This reverts commit 2bda4e4d96.
2026-06-24 22:44:45 +08:00
EterUltimate
2bda4e4d96 fix: reconnect MCP client on terminated session (#8694)
* fix: reconnect MCP client on terminated session

* Update astrbot/core/agent/mcp_client.py

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* Update mcp_client.py

---------

Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-06-24 22:43:24 +08:00
Weilong Liao
df4d93d724 fix: normalize cron weekday scheduling (#8984) 2026-06-24 16:22:58 +08:00
Tanishq
ae29a7eaf9 feat(websearch): add Exa as a web search provider (#8973)
- Add ExaWebSearchTool (web_search_exa) with keyword/semantic search,
  category filters, domain restrictions, and date range support
- Add ExaGetContentsTool (exa_get_contents) for extracting web page content
- Add _exa_search() and _exa_get_contents() API helpers hitting
  https://api.exa.ai/search and https://api.exa.ai/contents
- Add _EXA_KEY_ROTATOR for multi-key rotation
- Register Exa tools in _apply_web_search_tools() dispatch
- Add Exa to WEB_SEARCH_CITATION_TOOL_NAMES for citation support
- Add websearch_exa_key config default and provider option
- Add i18n metadata for en-US, zh-CN, ru-RU
- Add Exa section to docs (en + zh)
- Add 6 unit tests covering search, contents, error handling, and
  legacy config migration

Closes #5621
2026-06-24 15:53:47 +08:00
Weilong Liao
da7f53d5eb fix: keep system tools with persona tool lists (#8908) 2026-06-20 01:15:31 +08:00
lxfight
2d98d38078 fix: inject knowledge base context as temporary user content (#8904) 2026-06-19 22:48:23 +08:00
Weilong Liao
29d66b84b9 feat: support workspace skills in requests (#8884)
* feat: support workspace skills in requests

* fix: harden workspace skill discovery

* fix: address workspace skills review comments
2026-06-19 12:03:07 +08:00
Weilong Liao
309e05d3cc fix: enforce future task owner checks (#8881) 2026-06-18 23:35:33 +08:00
Yufeng He
1a9d1f566d fix(core): enforce persona tool boundaries (#8786)
* fix(core): enforce persona tool boundaries

* refactor: filter persona tools in one pass

---------

Co-authored-by: Soulter <905617992@qq.com>
2026-06-18 23:15:25 +08:00
エイカク
2c8736fe42 fix: harden sandbox file transfers (#8840)
* fix: harden sandbox file transfers

* fix: check CUA sandbox availability with shell probe

* fix: address sandbox transfer review feedback

* fix: preserve CUA health check cancellation

* fix: tighten CUA health probe checks
2026-06-17 22:25:51 +09:00
Weilong Liao
4f5075e608 feat: add startup reset password flag 2026-06-17 00:32:37 +08:00
エイカク
12d4a613b4 fix: write config files atomically (#8793)
* fix: write config files atomically

* Update astrbot_config.py

---------

Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
2026-06-15 22:06:14 +08:00
エイカク
dd828c99f4 fix: run local python in session workspace (#8792) 2026-06-15 20:52:00 +08:00
エイカク
6f88ad9a35 fix: preserve guarded run-based tools (#8790) 2026-06-15 20:47:03 +08:00
Soulter
a2b6aad849 fix: stabilize dashboard route tests on latest FastAPI 2026-06-15 13:41:13 +08:00
Weilong Liao
0d8e8682db refactor(core): migrate backend backbone from Quart to FastAPI and introduce more OpenAPI (#8688)
* refactor: migrate to fastapi

* structure refactor

* fix: pyright fix

* refactor: improve error handling and public messages in plugin services

* feat(api): refactor API client integration and enhance request handling

- Updated API client configuration to use a dedicated HTTP client.
- Introduced utility functions for generating options, queries, and form data for API requests.
- Refactored multiple API methods to utilize the new utility functions for improved consistency and readability.
- Renamed types for clarity and updated import statements accordingly.

feat(docs): add script to update OpenAPI JSON from YAML spec

- Created a Python script to convert OpenAPI YAML specification to JSON format.
- The script supports customizable input and output paths.
- Ensured the script handles directory creation for output paths and validates the YAML structure.

* fix

* feat(auth): implement rate limiting for v1 login endpoint and enhance request handling

* Refactor dashboard API routers to use legacy_router for backward compatibility

- Changed all instances of dashboard_router to legacy_router across multiple API modules including platform, plugins, providers, sessions, skills, stats, subagents, t2i, tools, updates, and asgi_runtime.
- Updated route definitions to ensure existing endpoints remain functional under the new router structure.
- Introduced support for Quart request context in asgi_runtime to enhance compatibility with existing Quart-based plugins.
- Added a test case to validate the functionality of the new Quart request context handling in plugin extensions.

* chore: remove cli test

* fix: update dashboard tests for fastapi migration

* chore: satisfy ruff checks

* fix: update openapi api key scopes

* fix: sync config scope chip selection

* fix: restore quart dependency

* docs: clarify quart plugin api compatibility

* docs: update openapi scope documentation

* fix: use singular skill openapi scope

* fix: hide update service exception details

* fix: address fastapi review comments

* fix: address dashboard review findings

* docs: revert unrelated package deployment changes

* docs: update agent api generation guidance

* feat: add plugin page web api helpers

* docs: add plugin page bridge demo

* fix: type plugin upload files

* fix: stabilize plugin page uploads

* fix: type plugin web request proxy

* docs: remove plugin page docs example

* fix: authenticate plugin page SSE bridge
2026-06-14 15:03:26 +08:00
Weilong Liao
7c366a708b fix: unify media reference handling (#8764)
* fix: unify media reference handling

* fix: accept bare base64 record media refs

* chore: update agents.md

* fix: unify file URI handling across media components and utilities

* fix: unify media reference type handling with MediaRefStr alias

* Potential fix for pull request finding 'CodeQL / Incomplete URL substring sanitization'

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Update astrbot/core/platform/sources/discord/discord_platform_adapter.py

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* fix: unify media handling and improve base64 decoding across components

* fix: simplify client_kwargs type definition and enhance media message handling in platform adapter

* fix: unify media utility documentation and enhance function descriptions

* perf: drop "pilk" requirement, improve audio outbound for tencent-related IM apps which using silk

* fix: unify Tencent Silk audio handling and enhance media resolver functionality

---

- Centralize media reference materialization and base64 resolution for local paths, http(s), base64://, data URIs, and legacy bare base64 payloads.
- Normalize incoming Record audio to wav and Image media to temporary jpg during preprocess, with event-scoped cleanup.
- Reuse the shared media resolver across OpenAI, Gemini, Anthropic, MiMo, DeerFlow, STT, and platform media paths while sanitizing logs and cleaning temporary conversion outputs.
- Ensure generated TTS audio is tracked for cleanup after the event finishes.

fix #8676
fix #8543
fix #7588
fix #7580
fix #8030
fix #8034
fix #7461
fix #7565
fix #6509
fix #7144
fix #7795



---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-06-14 10:37:16 +08:00
Soulter
3ca6f241ac fix: resolve subdirectory llm tool plugin ownership 2026-06-13 17:34:11 +08:00
星鸿SeRazon
f3aa2a6959 perf(cli): optimize plugin list building performance and robustness while adding coverage for key merge and edge-case scenarios (#8705)
* perf: optimize plugin list merge

* fix: guard plugin list directory iteration

* test: move plugin utils tests to unit suite

* fix: minimize plugin path guard change

* test: cover missing plugin directory listing

* fix: address code review feedback on plugin utils and tests

* perf: optimize plugin comparison using dict pop method

* style: format plugin.py and retry CI
2026-06-13 16:44:22 +08:00
Yufeng He
d4e7aa0489 fix: avoid duplicate quoted image captions (#8718) 2026-06-13 16:12:54 +08:00
Ruochen Pan
ae44b912fc feat(dashboard): add per-tool permission management for function tools (#8693)
* feat(func-tool): add per-tool permission management

* feat(dashboard): add permission column to function tool table

* refactor(dashboard): encapsulate tool actions into composable and unify permission UI

* style: format code

* fix: guard sync handler, simplify sp access, skip builtin instantiation
2026-06-09 14:47:41 +08:00
C₂₂H₂₅NO₆
0fb3f5eb93 feat: display current weekday information (#8669)
在现实世界时间感知提示中追加 Weekday 字段,让模型能直接获取今天是星期几。\n\n使用固定英文星期表避免受系统 locale 影响,并补充单测覆盖输出格式。

Co-authored-by: C₂₂H₂₅NO₆ <Sisyphbaous-DT-Project@users.noreply.github.com>
2026-06-09 10:11:20 +08:00
Weilong Liao
66ec415e56 fix: restrict local file paths in message tools (#8660)
* fix: restrict local file paths in message tool

* Update astrbot/core/tools/message_tools.py

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* fix: rf

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-06-08 01:20:47 +08:00
Weilong Liao
c7e9d5b481 fix: Prevent duplicate web search citation prompts from being repeatedly appended to the system message after multiple tool invocations in a single interaction (#8642) 2026-06-07 12:23:03 +08:00
Weilong Liao
bdc32bb78c Revert "fix: retry provider stats on sqlite lock" (#8639)
This reverts commit 1ad2b2c385.
2026-06-07 10:51:27 +08:00
Weilong Liao
c70a1924fe Revert "fix SQLAlchemy compatibility issues on macOS" (#8638)
* Revert "fix SQLAlchemy compatibility issues on macOS (#7724)"

This reverts commit 2d78626840.

* fix

* chore: add busy timeout pragma
2026-06-07 10:50:33 +08:00
エイカク
1ad2b2c385 fix: retry provider stats on sqlite lock
Retry transient SQLite lock failures when persisting internal provider stats.
2026-06-04 19:24:12 +09:00
Foolllll
1daa0e3367 fix(compress): improve context compression, improve kv-cache rate of context compression, handle compression model modalities (#8530)
* fix(context): restore turn cap, serialize content parts and tool calls for llm compress, fix AftCompact debug log

Three context-compaction regression fixes after #8226:

1. Restore max_context_length -> enforce_max_turns propagation so
   normal turn-based truncation works again.
2. Serialize ContentPart and ToolCall objects into plain dicts in
   _message_to_dict so llm_compress no longer fails with JSON
   serialization errors.
3. Print _provider_messages (compacted) instead of run_context.messages
   (unchanged) in AftCompact debug log; truncate long role lists to
   first4,...,last4 to avoid log spam.

Assertions in tests are also hardened to avoid coupling to exact prompt
wording.

* fix(tool_loop_agent_runner): simplify context handling by removing redundant provider messages

* fix(tool_loop_agent_runner): rename context manager variables for clarity

* fix: update context compression to use recent token ratio instead of fixed count

* fix: enhance LLMSummaryCompressor to sanitize contexts and improve message handling

* ruff format

---------

Co-authored-by: Soulter <905617992@qq.com>
2026-06-03 17:40:05 +08:00
Ruochen Pan
d2f5551513 fix(ltm): prevent wake commands from being recorded as group chat context (#8536)
* fix(ltm): prevent wake commands from being recorded as group chat context

* test: fix mock event get_extra return value in group context wiring tests

* test: strengthen group context mock and add slash-command skip test
2026-06-03 09:25:01 +08:00
NayukiChiba
7d45a247d5 fix(message): Fix private message sending failure caused by extra fields in Reply component's toDict method (#8477)
- Reply.toDict() 继承 BaseMessageComponent.toDict() 会将所有非 None 默认字段序列化,导致 OneBot V11 reply 段包含多余字段,引起私聊引用回复失败(message not found)
- 重写 Reply.toDict() 方法,仅返回 {"type": "reply", "data": {"id": str(self.id)}},符合协议标准
- 新增 tests/unit/test_aiocqhttp_reply.py,覆盖 Reply.toDict() 输出格式、_parse_onebot_json 路径及私聊发送场景的验证
2026-06-02 08:40:55 +08:00
鸦羽
e8d13af5b9 feat: add TOTP two-factor authentication for dashboard login (#8189)
* feat: add TOTP two-factor authentication for dashboard login

* fix: ensure TOTP verification uses UTC for accurate time comparison

* fix: update recovery code validation logic for disabling TOTP

* test: add unit tests for TOTP functionality and recovery code validation

* chore: format

* feat: add trust_proxy_headers switch for auth rate-limit IP source

* feat: make dashboard auth rate-limit configurable via system settings

Add auth_rate_limit config block to dashboard settings with enable
(default: true), average_interval (default: 1.0s), and max_burst
(default: 3) options. The dashboard auth middleware now reads from
config instead of using hardcoded values. The average_interval and
max_burst fields are conditionally shown only when rate limiting is
enabled.

* fix: normalize dashboard client IP from trusted proxy headers

* refactor: encapsulate rate limiter state into registry, add TTL

* feat: show dynamic page title during two-factor verification

* fix: require two-factor verification for protected config saves

* chore: format

* refactor: reorganize TOTP verification UI components for better layout

* refactor: clean up recovery stage UI by removing unused styles and improving label handling

* docs: add TOTP two-factor authentication documentation for WebUI

---------

Co-authored-by: Soulter <905617992@qq.com>
2026-06-01 16:40:29 +08:00
Misaka Mikoto
90a3a2171a fix: Template config optimization (#8228)
* fix: improve template list config handling

* feat(webui): show template list display item

* feat(webui): allow hiding template list hints

* docs: document template list metadata fields

* fix: support file fields in template list configs
2026-05-30 22:13:09 +08:00