Commit Graph

5326 Commits

Author SHA1 Message Date
LIghtJUNction
92c58f8a2a fix: resolve merge follow-ups (typing, imports, frontend tests) 2026-05-19 21:16:25 +08:00
LIghtJUNction
987099d4cb chore: merge origin/master into dev 2026-05-19 21:15:22 +08:00
Soulter
dceacd5a87 docs: update release version instructions in AGENTS.md 2026-05-17 15:07:39 +08:00
Soulter
d609f23b71 chore: bump version to 4.25.1 v4.25.1 2026-05-17 15:01:59 +08:00
Soulter
a1e95081be feat: add random suffix for weixin and dingtalk id 2026-05-17 14:56:15 +08:00
Midwich
b3381c6448 fix(webui): add Noto Sans to global font-family stack for Cyrillic text (#8205)
PR #8015 added 'Noto Sans' to the Google Fonts link and CJK fallback list,
but the font was placed at the end of $cjk-sans-fallback where browsers
never reach it for Cyrillic text. The global $body-font-family also lacked
'Outfit' entirely, causing Vuetify to use CJK fonts as the primary face.

Changes:
- Remove 'Noto Sans' from the end of $cjk-sans-fallback (it is not a CJK font)
- Add 'Outfit' and 'Noto Sans' to $body-font-family before CJK fallbacks
- Update .Outfit class in _container.scss to match the new stack

This ensures:
- Latin text → Outfit
- Cyrillic text → Noto Sans (loaded by vite-plugin-webfont-dl)
- CJK text → Noto Sans SC / PingFang SC etc.

Fixes follow-up to #8015.
2026-05-16 22:03:13 +08:00
Soulter
02291a3217 chore: bump version to 4.25.0 v4.25.0 2026-05-16 01:39:04 +08:00
Yufeng He
1d69626421 fix: pass image inputs through active replies (#8119)
* fix(core): pass images through active replies

* fix: harden active reply image collection

* test: avoid logger coupling in active reply test

* Delete tests/unit/test_builtin_astrbot_main.py

---------

Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
2026-05-16 01:34:03 +08:00
Tom8266
871b932785 fix: detect Tencent SILK (\x02 prefix) in audio magic bytes to avoid ffmpeg failure (#8009)
* fix: detect Tencent SILK (\x02 prefix) in audio magic bytes to avoid ffmpeg failure

QQ official bot sends voice in Tencent SILK format (leading \x02 byte before
#!SILK_V3 magic). _get_audio_magic_type() had two off-by-one slice errors:

  1. Standard SILK:  header[:8]  vs b'#!SILK_V3' (8 != 9 bytes) — never matched
  2. Tencent SILK:   not detected at all

Fixes:
  - Standard SILK:  header[:9]  == b'#!SILK_V3'   (correct 9-byte slice)
  - Tencent SILK:   header[:1] == b"\x02" and header[1:10] == b'#!SILK_V3'
  - ensure_wav() routes detected silk to tencent_silk_to_wav()

Before: QQ voice → ffmpeg → 'Invalid data found'
After:  QQ voice → magic detects silk → tencent_silk_to_wav → WAV OK

* refactor: use startswith() for SILK magic byte detection

Replace manual slice comparisons with startswith() — cleaner, less
error-prone, and immune to off-by-one slice errors.

Suggested by: sourcery-ai
2026-05-16 01:20:52 +08:00
Weilong Liao
c88025c2a3 feat(dingtalk): implement one-click QR registration and polling mechanism (#8198) 2026-05-15 18:43:21 +08:00
lingyun14
094aef6241 fix: drop **kwargs bug in two register funcs (#8141) 2026-05-15 17:00:03 +08:00
Weilong Liao
6982ef7d94 feat(weixin_oc): handle session timeout and clear login state (#8196) 2026-05-15 15:30:56 +08:00
Midwich
1a0306343a fix(webui): add Noto Sans font support for Cyrillic text (#8015)
The WebUI only loaded Noto Sans SC (Simplified Chinese), which lacks
Cyrillic glyphs. Russian text fell back to system sans-serif, causing
poor rendering depending on the OS.

Changes:
- Load Noto Sans (regular) from Google Fonts alongside Noto Sans SC
- Add 'Noto Sans' at the END of $cjk-sans-fallback (after CJK fonts)
  so Chinese text still renders with system CJK fonts first,
  while Cyrillic text falls through to Noto Sans.

This ensures both Chinese and Cyrillic text render correctly.
2026-05-15 13:36:37 +08:00
千岚之夏
a09657e620 fix: handle MiniMax TTS timber weight configuration more robustly to avoid crashes on invalid or empty values
* fix: add comments and await asyncio.sleep(0) for startup signal

* fix: [Bug] 修复 MiniMax TTS 空字符串配置解析报错

* fix: 采纳AI审查建议,添日志+提取默认配置变量

* fix: 移除误加的core_lifecycle.py改动

---------

Co-authored-by: RainBot-Ai <qianlanzhiya@gmail.com>
2026-05-15 13:01:36 +08:00
Weilong Liao
aace90daab feat: supports scan QR code to configure feishu / lark (#8191)
* feat(lark): implement app registration and bot info retrieval

- Add app registration functionality for Lark and Feishu platforms, including endpoints and request handling.
- Introduce polling mechanism for app registration status.
- Create bot info retrieval functionality to fetch bot details after successful registration.
- Enhance dashboard with new UI components for one-click QR setup and manual setup options.
- Update internationalization files to support new features and actions.
- Add unit tests for app registration endpoint resolution and data handling.

* feat(weixin_oc): add WeChat login registration and QR code handling
2026-05-15 13:00:26 +08:00
Yufeng He
094c2de85a fix: surface weixin media send failures (#8175)
* fix: surface weixin media send failures

* fix: include weixin send failure context

* Delete tests/unit/test_weixin_oc_adapter.py

---------

Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
2026-05-14 12:17:59 +08:00
counhopig
7d402fa16a fix: add ollama and nvidia embedding (#8104)
* fix: add ollama and nvidia embedding

* fix: address code review feedback for embedding providers

 - Remove redundant proxy branch in NvidiaEmbeddingProvider._get_client

 - Change ClientError handling to re-raise instead of wrapping in Exception

 - Add exc_info=True for better error diagnostics

 - Remove redundant isinstance check in OllamaEmbeddingProvider._build_payload
2026-05-14 12:16:35 +08:00
lingyun14
3a1d6c8f89 fix: handle None tool arguments from Claude API for no-parameter tools (#8136)
* fix: handle None tool arguments returned by Claude API for no-parameter tools

* fix: handle None tool arguments from Claude API for no-parameter tools

* fix: generalize None tool args comment

* fix: generalize None tool args comment

* 去除空格,以保证格式正确
2026-05-14 12:01:19 +08:00
Chang Lee
35f5d7e710 perf: enhance AMR audio quality and simplify opus logic (#8153)
* chore: streamline convert_audio_to_opus logic

- Route Opus conversion directly through the underlying convert_audio_format.
- Remove redundant FFmpeg processing chains to improve code reusability.

* perf: optimize AMR voice encoding parameters

- Enhance AMR audio quality via built-in FFmpeg filters.
2026-05-14 11:57:14 +08:00
M1LKT
720d384b44 fix: synchronize the autoScroll state of the consoleDisplayer component using $refs (#8186) 2026-05-14 11:44:42 +08:00
Yufeng He
3290d75519 fix: prefer bundled dashboard over stale data dist (#8172)
* fix: prefer bundled dashboard over stale dist

* fix: harden dashboard dist version checks
2026-05-14 09:00:16 +08:00
lingyun14
ef73d2da33 docs: Clarify and expand the LLM tool registration guidance in the AI plugin documentation (#8178)
* docs(zh/ai): fix misleading tool registration guide and add warnings

* docs(en/ai): add tool registration section with deprecation warnings
2026-05-14 08:58:37 +08:00
Soulter
c77cb0f4e2 chore: bump version to 4.24.5 v4.24.5 2026-05-14 01:16:26 +08:00
Soulter
0e6ad1c443 feat: cli supports ASTRBOT_DASHBOARD_INITIAL_PASSWORD env 2026-05-14 01:13:46 +08:00
Soulter
e05dd650ab feat(auth): add legacy password login failure message and FAQ guidance for upgrade issues 2026-05-14 00:48:15 +08:00
Soulter
93428a7976 feat: add initial dashboard password resolution from environment variable 2026-05-14 00:45:37 +08:00
Soulter
37142fd253 feat: enhance update dialog with progress tracking and localization updates
- Added advanced settings option in update dialog for better user control.
- Implemented detailed progress tracking for update stages including download size and speed.
- Updated localization files for English, Russian, and Chinese to include new strings for update progress and advanced settings.
- Improved UI for update dialog with better layout and responsiveness.
- Enhanced test coverage for update process including progress tracking.
2026-05-14 00:40:24 +08:00
Tsukumi
1b09132e4a fix: respect explicit Shipyard Neo profile (#8167) 2026-05-13 14:38:11 +08:00
NayukiMeko
22ba831a31 fix(message_tools): throw exception and block message sending when path does not exist (#8149)
* fix(message_tools): 路径不存在时抛出异常并阻止消息发送

- _resolve_path_from_sandbox 在所有解析路径均失败时改为抛出 FileNotFoundError,而非静默返回原始路径,避免将无效路径传递给下游组件
- 新增 component_type 关键字参数,使错误信息能明确指出是 image/record/video/file 哪类资源路径缺失
- 在 call 方法中捕获 FileNotFoundError 并提前返回错误字符串,确保路径无效时不会继续构建或发送任何消息组件
- 补充单元测试,验证缺失图片路径场景下 send_message 不会被调用

* Update tests/unit/test_message_tools.py

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* fix(tools): propagate sandbox error instead of masking as FileNotFoundError

---------

Co-authored-by: Ruochen Pan <badbatch0x01@gmail.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: RC-CHN <1051989940@qq.com>
2026-05-13 11:50:06 +08:00
Soulter
4672a04eb7 docs: update FAQ to clarify default password usage for first-time login 2026-05-13 01:50:37 +08:00
Soulter
c48108040c chore: bump version to 4.24.4 v4.24.4 2026-05-13 01:46:08 +08:00
Soulter
2d6f5e64b8 fix(auth): update login failure message for first-time users with details on random password 2026-05-13 01:37:35 +08:00
Soulter
7d72e3a9e7 docs: update FAQ with details on first login account and random password generation 2026-05-13 00:37:24 +08:00
Soulter
37d6159234 docs: update login instructions to use random initial password for first-time users 2026-05-13 00:24:21 +08:00
Soulter
989cc0d609 chore: bump version to 4.24.3 2026-05-13 00:17:27 +08:00
lingyun14
cb90de752d fix(docs): fix multiple errors in plugin development guides (#8166)
* Update listen-message-event.md

* Update listen-message-event.md

* Update ai.md

* Update plugin-new.md

* Update plugin-new.md

* Update simple.md

* Update star_handler.py

* Update listen-message-event.md

* Update listen-message-event.md
2026-05-13 00:04:12 +08:00
Soulter
48e111e47e chore: remove test 2026-05-12 23:57:16 +08:00
Weilong Liao
7ddf6371b9 fix(webui): enforce 12-char dashboard password policy with backend+frontend validation (#7338)
* fix(webui): enforce 12-char dashboard password policy with backend+frontend validation

* fix(i18n): update password policy hints and validation rules for improved security

* test: adapt dashboard auth fixtures for hashed default password

* fix(security): increase PBKDF2 iterations

* feat(auth): implement secure login challenge and proof verification

* chore: ruff format

* fix(auth): update md5 import syntax for consistency

* feat(dashboard): implement random password generation for empty dashboard password

* feat(auth): enforce plaintext password requirement for legacy MD5 hashes

* fix(i18n): update password hint texts to reflect auto-generated initial passwords

* feat(dashboard): implement password change requirement and reset logic

* feat(auth): implement account setup flow and password change requirements

* feat: Implement legacy password support and upgrade mechanism

- Added `hash_legacy_dashboard_password` function for MD5 hashing of passwords.
- Updated configuration handling to store both PBKDF2 and legacy password hashes.
- Introduced logic to check if password storage has been upgraded and if a password change is required.
- Modified dashboard authentication routes to handle legacy password checks and prompts for upgrades.
- Updated frontend to display warnings for legacy password storage and required upgrades.
- Enhanced tests to cover scenarios for legacy password handling and migration to new storage format.

* fix(logo): update text color styles to use CSS variables for consistency

* feat(dashboard): upgrade password storage and enforce change requirement

* fix(dashboard): update minimum password length from 12 to 10 characters

* fix(dashboard): update minimum password length from 10 to 8 characters

---------

Co-authored-by: RC-CHN <1051989940@qq.com>
2026-05-12 23:46:57 +08:00
Yufeng He
f86de988a4 fix: keep Discord startup alive on command quota (#8061)
* fix: keep Discord startup alive on command quota

* Update discord_platform_adapter.py

---------

Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
2026-05-12 23:28:23 +08:00
dependabot[bot]
1d3f54ca49 chore(deps): bump pnpm/action-setup in the github-actions group (#8156)
Bumps the github-actions group with 1 update: [pnpm/action-setup](https://github.com/pnpm/action-setup).


Updates `pnpm/action-setup` from 6.0.5 to 6.0.7
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](https://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.7)

---
updated-dependencies:
- dependency-name: pnpm/action-setup
  dependency-version: 6.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-12 23:16:19 +08:00
jdjfjdsfj
f6a99a25b9 Update API Key reference in knowledge-base.md (#8129)
* Update API Key reference in knowledge-base.md

* Update docs/zh/use/knowledge-base.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-05-12 08:43:53 +08:00
NayukiMeko
041c35c35b Fix: Fix issue where temporary directory is not cleaned and error tracking false positives when repeatedly installing plugins (#8148)
* fix(star): 修复重复安装插件时临时目录未清理及错误追踪误报问题

- 引入 skip_failed_tracking 标志,当目标目录已存在时跳过失败安装追踪,避免将预期冲突错误误记为安装失败
- 修复 finally 块中临时目录清理逻辑,确保冲突场景下 plugin_upload_* 临时目录也能被正确删除
- 新增测试用例 test_install_plugin_from_file_conflict_keeps_failed_plugins_clean,验证重复安装同名插件时 failed_plugin_dict 为空且无残留临时目录

Ref #8122

* style(star): ruff 格式化
2026-05-11 16:36:03 +08:00
エイカク
ad516950f2 fix(provider): force Gemini chat client to use managed httpx client (#8112)
When both aiohttp and httpx are installed, google-genai prefers aiohttp
as the async HTTP backend. In error response paths, the aiohttp backend
returns raw aiohttp.ClientResponse objects that google-genai cannot handle,
masking real API errors with:
  Unsupported response type: <class 'aiohttp.client_reqrep.ClientResponse'>

This fix explicitly creates an httpx.AsyncClient and passes it via
HttpOptions.httpx_async_client, ensuring the chat provider always uses
the httpx backend. The managed client is closed in terminate().

- Preserve HTTP_PROXY/HTTPS_PROXY support via trust_env=True.
- Preserve provider-level proxy via httpx.AsyncClient(proxy=...).
- Avoid logging full proxy URLs for security.

Fixes #7564
2026-05-10 00:20:36 +09:00
lingyun14
c9182c27a2 fix: fix console log level alignment and mobile layout issue (#7988)
* fix: fix console log level alignment and mobile layout issue

* Update ConsoleDisplayer.vue
2026-05-09 22:18:21 +08:00
lingyun14
bd9aade842 fix(docs):多份文档汉译英并整理 (#8001)
* docs(en): translate plugin-platform-adapter.md from Chinese to English

* docs(en): translate plugin-platform-adapter.md from Chinese to English

* Update ppio.md

* Update provider-lmstudio.md

* Update function-calling.md

* Update skills.md

* Update ai.md

* Update simple.md

* Update mcp.md

* Update config.mjs kook

* fix(docs): fix MessageSesion import path in platform adapter example

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-05-09 22:17:47 +08:00
dependabot[bot]
4bcaaab44f chore(deps): bump pnpm/action-setup in the github-actions group (#8004)
Bumps the github-actions group with 1 update: [pnpm/action-setup](https://github.com/pnpm/action-setup).


Updates `pnpm/action-setup` from 6.0.3 to 6.0.5
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](https://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.5)

---
updated-dependencies:
- dependency-name: pnpm/action-setup
  dependency-version: 6.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-09 22:16:30 +08:00
AstrBot
224915fbc8 docs: add 16MB size limit note for plugin publishing (#8108)
Add documentation to clarify the 16MB zip size limit for plugin
marketplace submissions, along with practical recommendations:
- Compress static assets like images
- Clean up unnecessary files (.git, __pycache__, etc.)
- Optimize dependency sizes
- Use .gitattributes or release branches

Also mention the option to contact maintainers for manual bypass
when the limit cannot be met.

Co-authored-by: Seio <seio@astrbot.app>
2026-05-09 22:00:15 +08:00
M1LKT
f9cbe79099 fix(ui): always show actions btn instead of on hover in OutlinedActionListItem (#8081) 2026-05-09 08:41:26 +08:00
AstrBot
77fa0e466c docs: update Trendshift badge to AstrBotDevs repo (#21369) for all README languages (#8079)
Co-authored-by: AstrBot <astrbot@container>
2026-05-08 15:41:56 +08:00
Ruochen Pan
f29b339ea2 fix(t2i): validate template content to prevent Jinja2 SSTI injection (#8077)
* fix(t2i): validate template content to prevent Jinja2 SSTI injection

* fix(t2i): add error feedback

* fix(test): update assertion to match previous commits

* style: format code
2026-05-08 15:30:52 +08:00