Commit Graph

58 Commits

Author SHA1 Message Date
LIghtJUNction
dcaaf6286a test: comprehensive test coverage and type fixes
- Add 100+ new test files covering provider sources, platform adapters,
  agent runners, star/plugin system, knowledge base, core utils,
  pipeline, computer tools, builtin commands, and dashboard routes
- Fix Python type errors in sqlite.py (col() wrappers for SQLModel),
  astr_agent_tool_exec, core_lifecycle, star context/manager
- Fix TypeScript strict mode errors across 30+ dashboard Vue files
- Add import smoke tests, auth roundtrip, startup tests
- Add compile-all check and CLI entry test for AUR compatibility
- Restore BotMessageAccumulator and helpers lost in merge
2026-04-29 06:29:56 +08:00
LIghtJUNction
cafe26b154 fix: repair test failures from merge
- test_astr_agent_tool_exec: add get_llm_tool_manager mock to handoff tests
- test_astr_main_agent: fix fullwidth punctuation, Firecrawl->Tavily, streaming
  test, CUA/shipyard sandbox tests, add get_llm_tool_manager mock
- shipyard_neo/browser.py: add @builtin_tool to BrowserExecTool/BatchExecTool/RunBrowserSkillTool
- shipyard_neo/neo_skills.py: add @builtin_tool to all 11 NeoSkillToolBase subclasses
2026-04-29 04:04:08 +08:00
LIghtJUNction
d57582e599 fix: restore merge-dropped port/ip_addr variable definitions and payload type ignore 2026-04-29 03:06:56 +08:00
LIghtJUNction
497fefb3ca fix: restore missing sentinel classes and import lost in merge 2026-04-29 02:27:46 +08:00
LIghtJUNction
f5d60f3c7f fix: restore persistent shell session lost in merge, upgrade axios to 1.15.0 2026-04-29 02:18:08 +08:00
LIghtJUNction
0208dbb15f Merge branch 'master' of https://github.com/AstrBotDevs/AstrBot into dev
# Conflicts:
#	dashboard/vite.config.ts
2026-04-29 02:16:18 +08:00
LIghtJUNction
5f827fffd2 feat: persistent shell session and remove dead ToolSessionManager
- Replace LocalShellComponent's one-shot subprocess.run() with a
  PersistentShellSession that wraps a long-running bash process per UMO.
  cd/export/source now persist naturally within a conversation.
- Support background task execution via nohup.
- Remove unused ToolSessionManager / ToolSessionState (dead code,
  never wired to any consumer).
- Fix performance benchmark: separate throughput and memory measurement
  so tracemalloc doesn't distort timing (was 7x slower).
- Optimize bool validation in CommandFilter with frozenset + isinstance
  short-circuit.
2026-04-29 02:06:24 +08:00
LIghtJUNction
4463895c89 chore: improve code quality score from 55 to 81
- Convert bad type: ignore[...] to blanket ignores
- Remove unused type: ignore directives
- Fix genie_tts/dashscope_tts Any type annotations
- Remove temp file
2026-04-29 01:28:20 +08:00
Weilong Liao
8f356b84c7 fix(core): restrict send_message_to_user to current session (security fix #7822) (#7824)
* fix(core): security fix - restrict send_message_to_user to current session only

Closes #7822

SECURITY: Remove the user-controlled 'session' parameter from the
send_message_to_user tool. Previously, a regular user could ask the
LLM to send messages to any arbitrary session (group chat) by
providing a crafted session string, which is a high-risk
vulnerability.

Changes:
- Remove 'session' parameter from tool schema (LLM can no longer
  propose it)
- Always use context.context.event.unified_msg_origin as the target
  session
- Update description to clearly state that messages can only be sent
  to the current user's session

* fix: restore session param but restrict to admin only

- Re-add the  parameter removed in the original PR
- Non-admin users can only send to their own session (current_session)
- Admin users can send to any session via the  param
- Uses  from computer_tools.util (same pattern as fs.py)
- Ref: https://github.com/AstrBotDevs/AstrBot/issues/7822

Co-authored-by: Soulter <soulter@astrbot.app>

* Update message_tools.py

---------

Co-authored-by: AstrBot <bot@astrbot.app>
2026-04-29 00:15:16 +08:00
Soulter
962c299c2d feat(shell): enhance exec method to support timeout parameter and improve background command handling 2026-04-28 23:55:29 +08:00
Weilong Liao
ac7f6aa60d feat(shell): add background command execution with output redirection and timeout support (#7835)
* feat(shell): add background command execution with output redirection and timeout support

* feat(shell): update timeout parameter to be optional in shell execution methods

* feat(shell): set default timeout for shell execution to 10,000,000 milliseconds

* feat(shell): set default timeout to 300s for shell execution

* feat(shell): reorder timeout parameter in ExecuteShellTool configuration

* feat(shell): implement background command execution with detached shell command support

Co-authored-by: Copilot <copilot@github.com>

* test(shell): remove obsolete test for background shell command output redirection

* fix: reorder import statements in shell.py for consistency

* fix: wrap command in parentheses for background output redirection

---------

Co-authored-by: Copilot <copilot@github.com>
2026-04-28 23:25:54 +08:00
エイカク
cb5c172e69 feat: add CUA computer-use sandbox support (#7828)
* feat: add CUA computer-use sandbox support

* fix: add CUA config metadata translations

* fix: address CUA sandbox review feedback

* fix: default CUA sandbox to local mode

* fix: harden CUA SDK method compatibility

* fix: harden CUA GUI and permission handling

* fix: refine CUA capability and shell handling

* fix: avoid inline CUA screenshot image results by default

* fix: guide CUA browser startup workflow

* feat: add CUA browser and key press tools

* fix: launch CUA browser as sandbox user

* fix: stabilize CUA browser screenshots

* fix: simplify CUA browser launch command

* fix: remove CUA open browser tool

* fix: align CUA desktop control guidance

* fix: harden CUA shell background handling

* fix: harden CUA runtime adapters

* fix: surface CUA filesystem failures

* fix: clarify CUA shell fallback support

* fix: harden CUA shell helpers

* fix: guard CUA file fallbacks

* fix: redact sensitive config log paths

* fix: guard CUA download fallback

* test: cover CUA GUI and shell env wiring

* fix: preserve CUA command result output

* fix: normalize CUA return codes

* fix: preserve foreground shell behavior

* fix: clean up failed CUA boots

* docs: add CUA sandbox runtime guide

* test: cover CUA GUI tool registration

* refactor: simplify CUA fallback handling

* refactor: simplify CUA shell helpers

* test: cover CUA screenshot result shapes
2026-04-28 01:40:14 +09:00
wjiajian
17aea1aa2c feat: add Firecrawl web search tools (#7764)
* feat: add Firecrawl web search and extract tools, update configuration and tests

* feat: implement Firecrawl API integration and error handling in web search tools

* feat: enhance Firecrawl web search with session management and payload validation

* feat:  Firecrawl web search to use aiohttp.ClientSession directly for improved session management as it was

* feat: update Firecrawl search to handle grouped web data response and add corresponding tests

* feat: refactor Firecrawl web search to use aiohttp.ClientSession for improved error handling and session management

* feat: remove unused coercion function and update Firecrawl search to use default limit in payload
2026-04-26 13:07:27 +08:00
Rhonin Wang
d4cdeeae72 fix(computer): send sandbox image downloads as images (#7785) 2026-04-25 16:44:08 +08:00
LIghtJUNction
2ecd95b9e9 chore: ruff check && format 2026-04-23 04:29:07 +08:00
LIghtJUNction
c4048bb8eb refactor: delete _internal
remove deprecated API modules and example scripts; update core modules
(agents, providers, tools, platform adapters, utils), dashboard package
and components, and unit tests.
2026-04-23 04:16:30 +08:00
LIghtJUNction
33ec7bbf9c merge: master -> dev 2026-04-23 01:12:06 +08:00
Soulter
e6b68e9b09 perf: update FileReadTool description to mention image, PDF and docx support, and enhance modality checking in tool result case (#7506)
* feat: update FileReadTool description to mention image and PDF support

Add explicit mention of image (OCR) and PDF (text extraction) support
to the FileReadTool description for better discoverability.

* feat: update FileReadTool description to include support for docx and epub files; change base64 decoding to utf-8

* feat: enhance ToolLoopAgentRunner to support image and audio modalities; add context sanitization logic
2026-04-22 11:38:40 +08:00
千岚之夏
b40bcbbd86 fix: resolve relative file paths within a local workspace root for the SendMessageToUserTool (#7668)
* fix: resolve relative file paths against workspace directory

* fix: add path normalization and security check for workspace resolution

* chore: remove temp PR body file

* chore: added some comments

Added comments to clarify path resolution logic.

* Update astrbot/core/tools/message_tools.py

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

---------

Co-authored-by: Test User <test@test.com>
Co-authored-by: Soulter <37870767+Soulter@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-04-19 14:09:02 +08:00
MagicSun7940
b2a95713f8 修复了使用 Bocha 搜索时报错 "Can not decode content-encoding: br"的bug (#7655)
* 修复了使用 Bocha 搜索时报错 "Can not decode content-encoding: br"的bug

* 添加了注释,解释为什么要限制 Accept-Encoding,方便以后的维护者理解这是针对 aiohttp brotli bug 的临时规避方案。
2026-04-19 13:04:20 +08:00
Hongbro886
22e8cbd10d fix: return an explicit erro from the cron tool when scheduling a task fails instead of processing silently(#7513)
* fix: 定时任务创建失败时返回错误信息而非静默处理

* fix: test and format

---------

Co-authored-by: Soulter <905617992@qq.com>
2026-04-16 20:14:55 +08:00
LIghtJUNction
e16e5c7630 fix: resolve merge conflicts from upstream and fix tool conflict resolution
- ToolSet.add() now protects active tools from inactive overrides
- Add missing _has_meaningful_content() method in RespondStage
- Remove is_local=True from ExecuteShellTool (no longer supported)
- Fix ToolSet() missing namespace argument in get_full_tool_set()
- Rewrite tests to match new tool architecture (cron_tools, func_tool_manager, tool_conflict_resolution)
2026-04-15 20:45:11 +08:00
LIghtJUNction
4d1e0ef1be merge: resolve conflicts from upstream
Conflict resolution: accepted HEAD versions for all conflicted files.
2026-04-15 17:03:54 +08:00
Soulter
8d28693e32 fix: ensure JSON response is encoded with non-ASCII characters for shell command execution (#7475)
fixes: #7452
2026-04-12 14:01:20 +08:00
Soulter
2472a12671 feat: filesystem grep, read, write, edit file and workspace support (#7402)
* feat: filesystem grep, read, edit file

* feat: add file write tool and enhance file read functionality

* feat: enhance tool prompt formatting and add escaped text decoding for file editing

* feat: remove redundant safe path tests from security restrictions

* feat: implement file read tool with support for text and image files, including validation for large files

* feat: add file read utilities and integrate with filesystem tools

* refactor: move computer tools to builtin tools registry

* refactor: remove unused plugin_context parameter from _apply_sandbox_tools

* feat: supports to display enabled builtin tools in configs

* feat: add tooltip for disabled builtin tools and update localization strings

* feat: add workspace extra prompt handling in message processing

* feat: add ripgrep installation to Dockerfile

* perf: shell executed in workspace dir in local env

* feat: enhance file reading capabilities to support PDF and DOCX parsing, including workspace storage for long documents

* feat: update converted text notice to suggest using grep for large files

* feat: implement handling for large tool results with overflow file writing and read tool integration

* fix: test

* feat: enhance onboarding steps to include computer access configuration and related help information

* feat: add support for additional temporary path in restricted environment checks

* feat: update computer access hints and add detailed configuration instructions
2026-04-11 17:01:54 +08:00
LIghtJUNction
18e66595f0 chore: ruff check --fix && ruff format . 2026-04-10 20:12:33 +08:00
LIghtJUNction
ec1af1ac0f ruff check --fix --select ALL 2026-04-10 19:57:02 +08:00
Soulter
c791c815e1 perf: merge 3 cron tools into 1 cron manage tool, and add edit capability for cron tool. (#7445)
* perf: replace cron tools with FutureTaskTool for improved task management

* feat: enhance FutureTaskTool with edit functionality and improve descriptions

* feat: add edit functionality for cron jobs and update related UI components
2026-04-10 14:32:57 +08:00
LIghtJUNction
43156d6eac Merge branch 'origin/dev' into dev
Resolved merge conflicts in:
- func_tool_manager.py: kept origin version (full implementation)
- astr_main_agent*.py: kept HEAD version (complete refactor)
- cron_tools.py: kept HEAD version (with get_all_tools)
- config/default.py: kept HEAD version (DEFAULT_WEB_SEARCH_PROVIDER)
- dashboard/*.vue: kept HEAD version
- web_searcher engines: kept HEAD version
- Added new tools: knowledge_base_tools, message_tools, registry, web_search_tools
2026-04-08 19:45:16 +08:00
Soulter
38b1b4d4ea refactor: improve astrbot builtin tool management (#7418)
* feat: Refactor astrbot builtin tool management

- Introduced a new registry for builtin tools to streamline their management.
- Added `SendMessageToUserTool`, `KnowledgeBaseQueryTool`, and various web search tools as builtin tools.
- Updated `FunctionToolManager` to cache and retrieve builtin tools efficiently.
- Modified `CronJobManager` to utilize the new `SendMessageToUserTool`.
- Enhanced the dashboard to display readonly status for builtin tools and prevent toggling their state.
- Added tests for builtin tool injection and retrieval to ensure proper functionality.

* fix: escape file path in shell command to prevent injection vulnerabilities
2026-04-08 14:49:58 +08:00
Soulter
94a529d3fd refactor: remove default web search (#7416)
* refactor: remove default web search

* chore: ruff format
2026-04-08 13:26:53 +08:00
LIghtJUNction
868c81bbc7 chore: commit all changes 2026-04-02 21:23:23 +08:00
LIghtJUNction
360a13b227 chore: smart commit — update AGENTS.md, run ruff format, and apply small targeted fixes 2026-04-01 00:52:50 +08:00
LIghtJUNction
92ba30b6e1 chore: apply ruff format to codebase
Reformat 23 files for consistent code style.
2026-03-24 10:14:28 +08:00
LIghtJUNction
da62b57c56 feat(i18n): add Chinese and English language support for CLI and TUI
- Add CLI i18n module (astrbot/cli/i18n.py) with zh/en translations
- Add TUI i18n module (astrbot/tui/i18n.py) with zh/en translations
- Update CLI commands to use translated strings
- Update TUI app and screen to use translated strings
- Add ASTRBOT_CLI_LANG and ASTRBOT_TUI_LANG to .env.example
- Update cmd_run.py env var documentation
- Add backward compatibility for moved modules with DeprecationWarning
2026-03-23 12:43:37 +08:00
LIghtJUNction
a05f9eba7d feat: add TUI platform adapter and chat route
- Add TUI platform adapter (tui_adapter, tui_event, tui_queue_mgr)
- Add TUI chat route for dashboard
- Add cmd_run_tui command
- Fix shared_preferences TypeVar syntax
- Various platform adapter and provider updates
2026-03-23 05:57:55 +08:00
LIghtJUNction
1c7085d650 fix: simplify JSON Schema in SendMessageToUserTool parameters
Simplify the message items schema by using additionalProperties
instead of explicit properties, while preserving type info for LLM docs.

Note: 12 ty diagnostics remain in send_message.py and
astr_main_agent_resources.py due to architectural issue where
FunctionTool.parameters JSON Schema is used by ty for Python
type inference. This requires larger refactoring to fix properly.
2026-03-23 03:11:05 +08:00
LIghtJUNction
d6f74a8493 feat(tui): add support for tool and reasoning message types
- Add additionalProperties to message schema for flexibility
- Add TOOL_MSG and REASONING_MSG color pairs for visual distinction
2026-03-23 02:58:09 +08:00
LIghtJUNction
ae4cbcdf21 fix: resolve typos and add type annotations
- Fix typo in tui_app.py: key == key == curses.KEY_DOWN -> key == curses.KEY_DOWN
- Add type annotations in send_message.py for better type checking
2026-03-23 02:57:03 +08:00
LIghtJUNction
b4a32fbda8 fix: resolve documentation formatting issues
- Add 'config' to known zh/en doc structure differences
- Remove trailing whitespace from docs/zh/faq.md
- Remove trailing whitespace from docs/en/dev/plugin-platform-adapter.md
- Ensure all README files end with newline
2026-03-23 02:49:15 +08:00
LIghtJUNction
00c9388da3 重构:彻底放弃md5保存密码
main.py调整说明
修复一系列导入问题
修复一部分ruff check问题
2026-03-21 00:09:58 +08:00
LIghtJUNction
ef5dac77a2 chore: fw2hw 2026-03-20 00:44:08 +08:00
LIghtJUNction
92bae1fdae docs: replace prints with logger in upload_doc_images_to_r2.py 2026-03-19 23:30:25 +08:00
LIghtJUNction
b53f042a6d fix(core): ensure parent directories exist before saving skill config and cache; fix async file read in star_manager 2026-03-17 22:33:56 +08:00
LIghtJUNction
f3d6f762c3 refactor: rename skills_like to lazy_load and add skill schema support 2026-03-17 20:46:07 +08:00
Gao Jinzhe
7d3401fec0 Merge branch 'dev' into agent-fix-clean 2026-03-14 23:17:10 +08:00
advent259141
3a8bfa0873 style: ruff format on merge-touched files 2026-03-13 09:20:08 +08:00
advent259141
c07fba7add merge: resolve conflicts with origin/master
- .gitignore: keep both .serena and .worktrees/ entries
- astr_main_agent_resources.py: keep deletion (refactored to tools/)
- send_message.py: port video message type support from master
2026-03-13 09:17:31 +08:00
Stable Genius
7b43448ce4 fix: prefer named weekday cron examples (#6091)
Co-authored-by: stablegenius49 <185121704+stablegenius49@users.noreply.github.com>
2026-03-12 23:57:45 +08:00
zenfun
f16edd4fff refactor: delegate tool injection to booter self-description API
- Add get_default_tools/get_tools/get_system_prompt_parts to ComputerBooter base
- Each booter subclass (ShipyardNeo, Shipyard, Boxlite) declares its own tools
- ComputerToolProvider now delegates to booter API via computer_client helpers
- Add unified query API: get_sandbox_tools, get_default_sandbox_tools, etc.
- Extract Neo prompts to dedicated computer/prompts.py module
- Add booter type constants (booters/constants.py)
- Fix subagent tool path to pass sandbox_cfg and session_id
- Fix Sourcery issues: shell injection in send_message, typo in prompts,
  internal tools bypass inactivated_llm_tools check
2026-03-12 02:43:19 +08:00