Commit Graph

2319 Commits

Author SHA1 Message Date
Exynos
40720fc2bd fix: updates the aiocqhttp platform adapter and message event handler to include self_id routing parameters across multiple API calls (#8779)
Updates the aiocqhttp platform adapter and message event handler to include self_id routing parameters across multiple API calls, including message sending, forwarding, and fetching group/user details. It also adds handling to ignore mface message types. The review feedback suggests refactoring the duplicate self_id extraction logic in the message forwarding code to reduce redundancy and improve maintainability.
2026-06-14 20:28:32 +08:00
Weilong Liao
0d8e8682db refactor(core): migrate backend backbone from Quart to FastAPI and introduce more OpenAPI (#8688)
* refactor: migrate to fastapi

* structure refactor

* fix: pyright fix

* refactor: improve error handling and public messages in plugin services

* feat(api): refactor API client integration and enhance request handling

- Updated API client configuration to use a dedicated HTTP client.
- Introduced utility functions for generating options, queries, and form data for API requests.
- Refactored multiple API methods to utilize the new utility functions for improved consistency and readability.
- Renamed types for clarity and updated import statements accordingly.

feat(docs): add script to update OpenAPI JSON from YAML spec

- Created a Python script to convert OpenAPI YAML specification to JSON format.
- The script supports customizable input and output paths.
- Ensured the script handles directory creation for output paths and validates the YAML structure.

* fix

* feat(auth): implement rate limiting for v1 login endpoint and enhance request handling

* Refactor dashboard API routers to use legacy_router for backward compatibility

- Changed all instances of dashboard_router to legacy_router across multiple API modules including platform, plugins, providers, sessions, skills, stats, subagents, t2i, tools, updates, and asgi_runtime.
- Updated route definitions to ensure existing endpoints remain functional under the new router structure.
- Introduced support for Quart request context in asgi_runtime to enhance compatibility with existing Quart-based plugins.
- Added a test case to validate the functionality of the new Quart request context handling in plugin extensions.

* chore: remove cli test

* fix: update dashboard tests for fastapi migration

* chore: satisfy ruff checks

* fix: update openapi api key scopes

* fix: sync config scope chip selection

* fix: restore quart dependency

* docs: clarify quart plugin api compatibility

* docs: update openapi scope documentation

* fix: use singular skill openapi scope

* fix: hide update service exception details

* fix: address fastapi review comments

* fix: address dashboard review findings

* docs: revert unrelated package deployment changes

* docs: update agent api generation guidance

* feat: add plugin page web api helpers

* docs: add plugin page bridge demo

* fix: type plugin upload files

* fix: stabilize plugin page uploads

* fix: type plugin web request proxy

* docs: remove plugin page docs example

* fix: authenticate plugin page SSE bridge
2026-06-14 15:03:26 +08:00
Soulter
fadada3d67 fix: correct plugin llm tool toggle ownership check 2026-06-14 11:02:16 +08:00
Weilong Liao
7c366a708b fix: unify media reference handling (#8764)
* fix: unify media reference handling

* fix: accept bare base64 record media refs

* chore: update agents.md

* fix: unify file URI handling across media components and utilities

* fix: unify media reference type handling with MediaRefStr alias

* Potential fix for pull request finding 'CodeQL / Incomplete URL substring sanitization'

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

* Update astrbot/core/platform/sources/discord/discord_platform_adapter.py

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* fix: unify media handling and improve base64 decoding across components

* fix: simplify client_kwargs type definition and enhance media message handling in platform adapter

* fix: unify media utility documentation and enhance function descriptions

* perf: drop "pilk" requirement, improve audio outbound for tencent-related IM apps which using silk

* fix: unify Tencent Silk audio handling and enhance media resolver functionality

---

- Centralize media reference materialization and base64 resolution for local paths, http(s), base64://, data URIs, and legacy bare base64 payloads.
- Normalize incoming Record audio to wav and Image media to temporary jpg during preprocess, with event-scoped cleanup.
- Reuse the shared media resolver across OpenAI, Gemini, Anthropic, MiMo, DeerFlow, STT, and platform media paths while sanitizing logs and cleaning temporary conversion outputs.
- Ensure generated TTS audio is tracked for cleanup after the event finishes.

fix #8676
fix #8543
fix #7588
fix #7580
fix #8030
fix #8034
fix #7461
fix #7565
fix #6509
fix #7144
fix #7795



---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-06-14 10:37:16 +08:00
Soulter
3ca6f241ac fix: resolve subdirectory llm tool plugin ownership 2026-06-13 17:34:11 +08:00
Yufeng He
d4e7aa0489 fix: avoid duplicate quoted image captions (#8718) 2026-06-13 16:12:54 +08:00
Yufeng He
690b184a62 fix: preserve embedding api version suffixes (#8736) 2026-06-13 15:57:36 +08:00
lingyun14
fb8f4d68e1 feat: backup skills directory (#8700)
* feat: include skills directory in backup

* Update settings.json

* Update settings.json

* Update settings.json

* Update settings.json

* Update settings.json
2026-06-10 16:51:29 +08:00
yzy123908944141
eeabdb9829 style: apply pyupgrade updates (#8684) 2026-06-10 16:47:22 +08:00
Zayn
0b22349363 feat: add ElevenLabs TTS API provider 2026-06-10 16:47:14 +08:00
千岚之夏
bec0de2e2b fix: defer faiss C library import to prevent process hang on startup (#8696)
* fix: defer faiss C library import to prevent process hang on startup

Move top-level `import faiss` from embedding_storage.py to __init__() method,
and make the EmbeddingStorage import in vec_db.py lazy. This prevents the faiss
C library from being loaded at module import time, which can cause process hang
(SIGILL or deadlock) with faiss-cpu 1.14.2 on certain CPU architectures.

Ref #8695

* chore: apply review suggestions

- Preserve original exception context with `from e` when re-raising ImportError
- Move EmbeddingStorage import back to top level in vec_db.py (safe now that
  faiss is no longer imported at module level in embedding_storage.py)

* ci: trigger re-run

---------

Co-authored-by: Blueteemo <Blueteemo@users.noreply.github.com>
2026-06-10 15:31:48 +08:00
Ruochen Pan
ae44b912fc feat(dashboard): add per-tool permission management for function tools (#8693)
* feat(func-tool): add per-tool permission management

* feat(dashboard): add permission column to function tool table

* refactor(dashboard): encapsulate tool actions into composable and unify permission UI

* style: format code

* fix: guard sync handler, simplify sp access, skip builtin instantiation
2026-06-09 14:47:41 +08:00
C₂₂H₂₅NO₆
0fb3f5eb93 feat: display current weekday information (#8669)
在现实世界时间感知提示中追加 Weekday 字段,让模型能直接获取今天是星期几。\n\n使用固定英文星期表避免受系统 locale 影响,并补充单测覆盖输出格式。

Co-authored-by: C₂₂H₂₅NO₆ <Sisyphbaous-DT-Project@users.noreply.github.com>
2026-06-09 10:11:20 +08:00
MUHAMED FAZAL PS
992aea9869 fix: address review feedback - add plugin naming pattern check and edge case handling
Address feedback from Sourcery AI and Gemini Code Assist:
- Only apply fallback path to known plugin naming patterns (astrbot_plugin_*)
- Add defensive check for None/empty tool.__module__
- Fallback to tool.__module__ if _parts is empty
2026-06-08 17:27:00 +05:30
MUHAMED FAZAL PS
736bc93b2a fix: consistent handler_module_path for subdirectory tools (#8578) 2026-06-08 17:21:19 +05:30
時壹
4b562689ee fix: dispose database engine on shutdown (#8650) 2026-06-08 11:00:26 +08:00
Soulter
af70151ff8 chore: bump version to 4.25.5 2026-06-08 01:23:06 +08:00
Weilong Liao
66ec415e56 fix: restrict local file paths in message tools (#8660)
* fix: restrict local file paths in message tool

* Update astrbot/core/tools/message_tools.py

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* fix: rf

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-06-08 01:20:47 +08:00
Weilong Liao
8f5178d265 fix: restore star context typing (#8659) 2026-06-08 00:24:45 +08:00
Soulter
05c137eb29 fix: qq official webhook mode can not restart normally 2026-06-07 18:10:45 +08:00
Copilot
1a04998787 perf: handle Anthropic usage=None on content-filtered responses (#8647)
* Initial plan

* fix: handle missing anthropic usage on filtered responses

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
2026-06-07 15:29:22 +08:00
Soulter
c4251e8210 chore: bump version to 4.25.4 2026-06-07 12:35:12 +08:00
Weilong Liao
66a10c08b2 perf: increase weixin http api request timeout from 15s to 120s (#8643) 2026-06-07 12:26:26 +08:00
Weilong Liao
c7e9d5b481 fix: Prevent duplicate web search citation prompts from being repeatedly appended to the system message after multiple tool invocations in a single interaction (#8642) 2026-06-07 12:23:03 +08:00
時壹
556903c135 fix: keep strong refs to pipeline tasks to prevent GC (#8618) 2026-06-07 10:52:11 +08:00
Weilong Liao
bdc32bb78c Revert "fix: retry provider stats on sqlite lock" (#8639)
This reverts commit 1ad2b2c385.
2026-06-07 10:51:27 +08:00
Weilong Liao
c70a1924fe Revert "fix SQLAlchemy compatibility issues on macOS" (#8638)
* Revert "fix SQLAlchemy compatibility issues on macOS (#7724)"

This reverts commit 2d78626840.

* fix

* chore: add busy timeout pragma
2026-06-07 10:50:33 +08:00
Soulter
fde0ea9236 chore: bump version to 4.25.3 2026-06-06 00:51:50 +08:00
Weilong Liao
ef53a933ec fix: keep DingTalk stream reconnecting (#8610)
* fix: keep DingTalk stream reconnecting

* fix
2026-06-06 00:46:37 +08:00
Weilong Liao
7e22a07e0d feat: introduce a command /name to name a umo, and display in ui (#8575)
* feat: introduce a command /name to name a umo, and display in ui

* docs: add docs

* fix

* fix test

* fix: test
2026-06-05 19:09:48 +08:00
エイカク
1ad2b2c385 fix: retry provider stats on sqlite lock
Retry transient SQLite lock failures when persisting internal provider stats.
2026-06-04 19:24:12 +09:00
tjc66666666
85ec7a969f feat: Enhance Reply chain handling for Record components (#8527)
* Enhance Reply chain handling for Record components

Added processing for Record components within Reply chains, including WAV conversion and STT functionality.

* Refactor STT processing for Record components

* Add STT record function for voice-to-text processing

* Update stage.py

* Update stage.py

* Update stage.py
2026-06-04 09:00:57 +08:00
NayukiChiba
9a648eb426 fix(wecomai_event): Fix whitespace handling when extracting plain text from message chains (#8563)
* fix(wecomai_event): 修复消息链提取纯文本时的空白处理
- 增加了strip_result参数以控制是否去除首尾空白
- 流式输出时保留换行等格式字符
- 更新相关调用以适应新参数

* test(wecomai_event): 添加企业微信智能机器人消息事件处理的单元测试
- 测试 _extract_plain_text_from_chain 方法在流式和非流式场景下的行为
- 确保流式输出时换行符等格式字符能够正确保留
- 覆盖了不同输入场景的测试用例

* fix(wecomai_event): 删除企业微信智能机器人消息事件处理的单元测试
- 移除测试文件 test_wecomai_event.py,包含多个针对 _extract_plain_text_from_chain 方法的测试用例
- 测试用例涵盖了流式和非流式场景下的文本提取行为
2026-06-04 08:59:59 +08:00
Weilong Liao
24f568b149 feat: future task UI (#8559)
* feat: future task UI

* fix: update filter label for UMO in English and Chinese locales

* feat: enhance cron job management with delivery target handling and UI improvements

* fix: update session label to indicate optional delivery target

* feat: add tooltip for last run time and error in cron job display
2026-06-03 22:02:59 +08:00
Foolllll
1daa0e3367 fix(compress): improve context compression, improve kv-cache rate of context compression, handle compression model modalities (#8530)
* fix(context): restore turn cap, serialize content parts and tool calls for llm compress, fix AftCompact debug log

Three context-compaction regression fixes after #8226:

1. Restore max_context_length -> enforce_max_turns propagation so
   normal turn-based truncation works again.
2. Serialize ContentPart and ToolCall objects into plain dicts in
   _message_to_dict so llm_compress no longer fails with JSON
   serialization errors.
3. Print _provider_messages (compacted) instead of run_context.messages
   (unchanged) in AftCompact debug log; truncate long role lists to
   first4,...,last4 to avoid log spam.

Assertions in tests are also hardened to avoid coupling to exact prompt
wording.

* fix(tool_loop_agent_runner): simplify context handling by removing redundant provider messages

* fix(tool_loop_agent_runner): rename context manager variables for clarity

* fix: update context compression to use recent token ratio instead of fixed count

* fix: enhance LLMSummaryCompressor to sanitize contexts and improve message handling

* ruff format

---------

Co-authored-by: Soulter <905617992@qq.com>
2026-06-03 17:40:05 +08:00
Soulter
df6eef052f fix: fix some bugs in #8226 2026-06-03 10:58:20 +08:00
Rat
f01dc474ef fix(gemini-embedding): wrap batch embedding texts in Content to avoid collapse on gemini-embedding-2 (#8537)
* fix(provider): wrap batch embedding texts in Content to avoid collapse on gemini-embedding-2

* fix(gemini_embedding): format list comprehension for better readability

---------

Co-authored-by: Rat0323 <Rat0323@users.noreply.github.com>
Co-authored-by: Soulter <905617992@qq.com>
2026-06-03 10:42:04 +08:00
Allen You
072691877d fix(openai-embedding): temporarily fix invalid paramater for SiliconFlow provider's non-Qwen embedding models (#8508)
* fix(openai-embedding): SiliconFlow provider's non-Qwen embedding models do not support dimensions parameter

* fix: accept AI Reviewers' suggestions
2026-06-03 10:38:31 +08:00
tjc66666666
6a467fc043 perf(stt-whisper): close the audio file handle after calling the OpenAI transcription API (#8528)
* 在调用 OpenAI API 后关闭文件句柄再删除临时文件。

核心问题:whisper_api_source.py 第 121 行用 open(audio_url, "rb") 打开文件后,文件句柄没有被关闭,导致 Windows 上报 "另一个程序正在使用此文件" 的错误,temp wav 文件无法删除。
修复方案:在调用 OpenAI API 后关闭文件句柄再删除临时文件。

* fix(whisper_api): use context manager for audio file handling to ensure proper closure

---------

Co-authored-by: Soulter <905617992@qq.com>
2026-06-03 10:32:12 +08:00
tjc66666666
d912e1497c Add check for audio file existence (#8529)
Handle case where audio file may not exist yet.
2026-06-03 10:28:32 +08:00
tjc66666666
4bb1b897df fix: cannot resolve voice when using aiocqhttp adapter (#8523)
Refactor file handling to resolve sources more effectively, including decoding file URIs and handling base64 data. Update methods to ensure compatibility with different file formats and paths.
2026-06-03 10:22:35 +08:00
Octopus
def81530b0 feat: upgrade MiniMax Token Plan default model to M3 (#8505)
Set MiniMax-M3 as the default fallback model for the Token Plan provider.
The model list itself is already fetched dynamically from the MiniMax API,
so all available models including M3 are auto-discovered. This change just
updates the hardcoded fallback used when no model is configured to the
current flagship.

MiniMax-M2.7 remains fully usable; users can still configure it explicitly.
2026-06-02 12:45:04 +08:00
C₂₂H₂₅NO₆
4b097011cf fix(core): Fix image delivery to the model by treating empty modalities as unconfigured (#8451)
* fix(core): 将空 list modalities 视为未配置,修复图片无法传递到模型的问题

migra_helper 将未配置的 modalities 迁移为空 list [],而新增的
_provider_supports_modality()、_assemble_request_context_for_provider()、
_should_fix_modalities_for_provider()、_func_tool_for_provider() 四个函数
对 [] 和 None 的处理不一致,导致所有未在 WebUI 手动配置 modalities 的
provider 无法传递图片、引用图片被跳过、工具被错误清除。

修改策略:将 [] 与 None 统一视为未配置状态,保持向后兼容。
仅在 modalities 为非空 list 时才启用过滤和修复逻辑。

- _provider_supports_modality: [] 返回 True,默认支持
- _assemble_request_context_for_provider: [] 不过滤图片
- _should_fix_modalities_for_provider: [] 不触发历史上下文修复
- _func_tool_for_provider: [] 不清除工具

复现脚本已确认 Bug 不再复现,82 个相关单元测试全部通过。

* fix(core): 补充修复 tool loop 中 cached images 的 modalities 判断

上一笔 commit 遗漏了 tool_loop_agent_runner.py 第 917 行对
cached images 的 modalities 检查,当 modalities=[] 时,tool call
返回的图片不会被追加到消息中,导致模型看不到 tool 结果中的图片。

修复方式与主修复一致:not modalities or image in modalities

复现脚本和 82 个单元测试全部通过。

* test: 补充 fake_save_image mock 缺少的 mime_type 字段

修复 modalities=[] 导致 cached images 分支变为可达后,暴露
了 test_tool_result_includes_all_calltoolresult_content 中
fake_save_image mock 不完整的问题:返回的 SimpleNamespace
缺少 mime_type 属性,而实际 tool_image_cache.save_image()
始终包含该字段。

---------

Co-authored-by: C₂₂H₂₅NO₆ <Sisyphbaous-DT-Project@users.noreply.github.com>
2026-06-02 08:53:59 +08:00
NayukiChiba
7d45a247d5 fix(message): Fix private message sending failure caused by extra fields in Reply component's toDict method (#8477)
- Reply.toDict() 继承 BaseMessageComponent.toDict() 会将所有非 None 默认字段序列化,导致 OneBot V11 reply 段包含多余字段,引起私聊引用回复失败(message not found)
- 重写 Reply.toDict() 方法,仅返回 {"type": "reply", "data": {"id": str(self.id)}},符合协议标准
- 新增 tests/unit/test_aiocqhttp_reply.py,覆盖 Reply.toDict() 输出格式、_parse_onebot_json 路径及私聊发送场景的验证
2026-06-02 08:40:55 +08:00
鸦羽
e8d13af5b9 feat: add TOTP two-factor authentication for dashboard login (#8189)
* feat: add TOTP two-factor authentication for dashboard login

* fix: ensure TOTP verification uses UTC for accurate time comparison

* fix: update recovery code validation logic for disabling TOTP

* test: add unit tests for TOTP functionality and recovery code validation

* chore: format

* feat: add trust_proxy_headers switch for auth rate-limit IP source

* feat: make dashboard auth rate-limit configurable via system settings

Add auth_rate_limit config block to dashboard settings with enable
(default: true), average_interval (default: 1.0s), and max_burst
(default: 3) options. The dashboard auth middleware now reads from
config instead of using hardcoded values. The average_interval and
max_burst fields are conditionally shown only when rate limiting is
enabled.

* fix: normalize dashboard client IP from trusted proxy headers

* refactor: encapsulate rate limiter state into registry, add TTL

* feat: show dynamic page title during two-factor verification

* fix: require two-factor verification for protected config saves

* chore: format

* refactor: reorganize TOTP verification UI components for better layout

* refactor: clean up recovery stage UI by removing unused styles and improving label handling

* docs: add TOTP two-factor authentication documentation for WebUI

---------

Co-authored-by: Soulter <905617992@qq.com>
2026-06-01 16:40:29 +08:00
lingyun14
e4044cc5a0 fix: waking bot with a reply component and empty user prompt (#8461)
* Update internal.py

* Update astr_main_agent.py

* Update astr_main_agent.py

* ruff

* Update astr_main_agent.py
2026-06-01 10:03:24 +08:00
千岚之夏
c89ac61892 feat: dynamically fetch model list for MiniMax Token Plan (#8475) 2026-06-01 09:59:52 +08:00
Rain-0x01_
fbc0633cd3 chore: fix token terminology in zh (#8465) 2026-05-31 21:54:44 +08:00
Soulter
0e973bd4d4 chore: bump version to 4.25.2 2026-05-30 20:10:51 +08:00
Weilong Liao
0da17485bd fix(plugin_manager): improve plugin state cleanup and add tests for unbinding and loading plugins (#8441)
fixes: #8439
2026-05-30 18:45:33 +08:00