* fix(webui): enforce 12-char dashboard password policy with backend+frontend validation
* fix(i18n): update password policy hints and validation rules for improved security
* test: adapt dashboard auth fixtures for hashed default password
* fix(security): increase PBKDF2 iterations
* feat(auth): implement secure login challenge and proof verification
* chore: ruff format
* fix(auth): update md5 import syntax for consistency
* feat(dashboard): implement random password generation for empty dashboard password
* feat(auth): enforce plaintext password requirement for legacy MD5 hashes
* fix(i18n): update password hint texts to reflect auto-generated initial passwords
* feat(dashboard): implement password change requirement and reset logic
* feat(auth): implement account setup flow and password change requirements
* feat: Implement legacy password support and upgrade mechanism
- Added `hash_legacy_dashboard_password` function for MD5 hashing of passwords.
- Updated configuration handling to store both PBKDF2 and legacy password hashes.
- Introduced logic to check if password storage has been upgraded and if a password change is required.
- Modified dashboard authentication routes to handle legacy password checks and prompts for upgrades.
- Updated frontend to display warnings for legacy password storage and required upgrades.
- Enhanced tests to cover scenarios for legacy password handling and migration to new storage format.
* fix(logo): update text color styles to use CSS variables for consistency
* feat(dashboard): upgrade password storage and enforce change requirement
* fix(dashboard): update minimum password length from 12 to 10 characters
* fix(dashboard): update minimum password length from 10 to 8 characters
---------
Co-authored-by: RC-CHN <1051989940@qq.com>
* feat: supports plugin to add skills
* fix tests
* fix: fs tools
* Add tests for plugin skills handling and improve skill management
- Implement test for restricted local member reading plugin skill inventory even if the plugin is inactive.
- Ensure that the skill synchronization process retains built-in skills when local skills are empty, including proper handling of plugin paths.
- Update dashboard tests to verify that plugin details include components when requested.
- Enhance skill metadata enrichment tests to include inactive plugin-provided skills for inventory.
- Add filtering tests for plugin skills based on current configuration, ensuring only allowed plugins are considered and inactive plugins are skipped.
Co-authored-by: Copilot <copilot@github.com>
* fix: handle PPIO platform context-length error messages (#7888)
* fix: 压缩算法删除 user 消息 Bug 修复
* perf: improve truncate algo
* fix: improve context length error detection for PPIO platform compatibility
- Extend error detection to handle PPIO's error message format:
'The input is longer than the model's context length'
- Add case-insensitive matching using .lower() for robustness
- Maintain backward compatibility with existing 'maximum context length' check
This fixes the issue where PPIO platform models (e.g., ppio/zai-org/glm-5-turbo)
would fail with AgentState.ERROR due to unrecognized context length errors.
---------
Co-authored-by: Soulter <905617992@qq.com>
* fix: 支持微信客服文件消息 (#7923)
* fix: 支持微信客服文件消息
* fix: remove WeCom file message placeholder
* fix(provider): fix Anthropic custom headers and system prompt compatibility (#7587)
* fix(provider): fix Anthropic custom headers and system prompt compatibility
- Pass custom_headers via AsyncAnthropic's `default_headers` parameter
instead of creating a separate httpx.AsyncClient. This avoids
`isinstance` check failures when multiple httpx installations exist
on sys.path (e.g. bundled Python + system Python).
- Use list format for the `system` parameter (`[{"type": "text", ...}]`)
instead of a plain string. The list format is supported by the official
Anthropic API and is also compatible with third-party API proxies that
reject the string format.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(provider): fix Anthropic custom headers and system prompt compatibility
- Pass custom_headers via AsyncAnthropic's `default_headers` parameter
instead of creating a separate httpx.AsyncClient. This avoids
`isinstance` check failures when multiple httpx installations exist
on sys.path (e.g. bundled Python + system Python).
- Use list format for the `system` parameter (`[{"type": "text", ...}]`)
instead of a plain string. The list format is supported by the official
Anthropic API and is also compatible with third-party API proxies that
reject the string format.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Add test unit
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* perf: improve logic of adding models
Co-authored-by: piexian <piexian@users.noreply.github.com>
* chore: remove redundant logger messages and improve log clarity
Co-authored-by: Copilot <copilot@github.com>
* chore: ruff format
* docs: update knowledge base docs
closes: #7962
* fix(#7907): send_message_to_user cron 场景下 session 容错 (#7911)
* fix: send_message_to_user cron 场景下 session 容错 (#7907)
- LLM 在主动场景可能只传 session_id 而非完整三段式,
from_str 失败时用 current_session 补全前两段。
Co-authored-by: Copilot <copilot@github.com>
* fix: 限制 session 补全仅对裸 session_id 生效,避免误修带冒号的错误输入 (#7907)
* feat: add session information to cron job payload
Co-authored-by: Copilot <copilot@github.com>
* fix: improve clarity and consistency of safety mode prompts
Co-authored-by: Copilot <copilot@github.com>
---------
Co-authored-by: Copilot <copilot@github.com>
Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
Co-authored-by: Soulter <905617992@qq.com>
* perf: tool rendering in conversation page (#7937)
* fix(dashboard): route conversation history tool messages through ToolCallCard
When viewing conversation history, large tool outputs (e.g. a single
git log --stat producing tens of KB) caused the browser renderer to
freeze. Root cause: formattedMessages mapped every role (including
tool / system / _checkpoint) into user/bot bubbles, and bot plain
strings went through markstream-vue's MarkdownRender. Single 88KB
tool messages plus 88-of-them adding up to ~349KB of synchronous
markdown parsing was enough to block the main thread for 5+ seconds.
This patch:
- Indexes tool-role messages by tool_call_id
- Filters formattedMessages to user/assistant only — tool, system and
_checkpoint roles no longer render as standalone bubbles
- Converts assistant.tool_calls (OpenAI shape, with tc.name/tc.arguments
fallbacks) into the existing tool_call MessagePart, attaching the
paired result so MessageList's ToolCallCard renders it (default
collapsed, no longer feeds large strings into the markdown renderer)
- Drops empty placeholder plain parts when an assistant message only
carries tool_calls
- Sets ts/finished_ts to 0 as a sentinel: ToolCallCard.toolCallDuration
returns "" when startTime <= 0, suppressing a misleading "0ms"
duration that would otherwise appear because conversation history
has no real timing data
Behavior change: tool results are now embedded in their assistant's
ToolCallCard.result instead of appearing as separate bot bubbles.
This matches the main chat UI's behavior.
Fixes#7929
Refs #7372#7456
* style(dashboard): use single scrollbar in conversation history preview
ToolCallCard's result/args panes have their own max-height + overflow,
which produced a nested scrollbar when nested inside the history
preview's already-scrollable .conversation-messages-container. Override
those constraints inside the preview only — the outer 500px-bounded
container already provides scroll bounds, so a single scrollbar feels
cleaner. The main chat UI is unaffected.
---------
Co-authored-by: wanger <wanger@example.com>
* fix: ruff format
* feat: add python tool timeout param (#7953)
* feat: add python tool timeout param
* Update python.py
---------
Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
* fix: 钉钉连接超时后自动重连失败 (#7924)
* fix: improve DingTalk adapter error handling in run() method
* fix: add retry logic for DingTalk SDK task unexpected exit
* fix: use task.add_done_callback to wake thread on task completion, handle UnboundLocalError
* refactor: extract retry logic into handle_retry helper function
---------
Co-authored-by: Blueteemo <Blueteemo@users.noreply.github.com>
---------
Co-authored-by: Copilot <copilot@github.com>
Co-authored-by: leonforcode <leonbeyourside01@gmail.com>
Co-authored-by: AstralSolipsism <134063164+AstralSolipsism@users.noreply.github.com>
Co-authored-by: Pink YuDeer <wer00001@outlook.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: piexian <piexian@users.noreply.github.com>
Co-authored-by: NayukiMeko <ChibaNayuki@163.com>
Co-authored-by: wanger <122891289+10knamesmore@users.noreply.github.com>
Co-authored-by: wanger <wanger@example.com>
Co-authored-by: Haoran Xu <3230105281@zju.edu.cn>
Co-authored-by: 千岚之夏 <108566281+Blueteemo@users.noreply.github.com>
Co-authored-by: Blueteemo <Blueteemo@users.noreply.github.com>
* fix: warn when default chat provider is unset
* fix: align startup warning with provider fallback
* refactor: simplify default chat provider warning guard checks
* feat: warn when default chat provider id is invalid or missing
- Emit a warning when `default_provider_id` points to a
non-existent enabled provider, preventing silent fallback to
an unexpected model.
- Reset the warning guard before each
`provider_manager.initialize()` so configuration reloads
trigger a fresh re-evaluation.
- Harden guard checks to handle `None` `provider_settings` and
`None` provider IDs gracefully.
* test: cover fallback and invalid default provider id warnings
- Add case for `curr_provider_inst=None` to verify fallback to
`providers[0]`.
- Add case for a `default_provider_id` that does not match any enabled
provider.
* style: format default chat provider warning
---------
Co-authored-by: RC-CHN <1051989940@qq.com>
InitialLoader.start now calls lifecycle.initialize() (not initialize_core).
Updated test mocks and assertions accordingly. 3 tests remain that assume
a split-phase bootstrap_runtime call that no longer exists in the current
InitialLoader.
Real bash subprocess via PersistentShellSession binds stdin/stdout to the
creating event loop. pytest-asyncio's per-function loop switching caused
'Future attached to a different loop' errors. Mock the session instead.
Also remove the unused session-level cleanup fixture and patch.
- Replace LocalShellComponent's one-shot subprocess.run() with a
PersistentShellSession that wraps a long-running bash process per UMO.
cd/export/source now persist naturally within a conversation.
- Support background task execution via nohup.
- Remove unused ToolSessionManager / ToolSessionState (dead code,
never wired to any consumer).
- Fix performance benchmark: separate throughput and memory measurement
so tracemalloc doesn't distort timing (was 7x slower).
- Optimize bool validation in CommandFilter with frozenset + isinstance
short-circuit.
* feat: add one-line deploy script (deploy-cli.sh) and update cli.md
- Add docs/scripts/deploy-cli.sh for one-command deployment (Linux/macOS/WSL)
- Update docs/zh/deploy/astrbot/cli.md to reference local script
- Replace non-existent https://astrbot.app/deploy.sh with raw.githubusercontent.com URL
- Add local run tip and WSL-based Windows support
* fix: address PR review feedback for deploy-cli.sh
- Replace sort -V with Python-native version check (macOS BSD compat)
- Bump Python requirement from >=3.10 to >=3.12 (match pyproject.toml)
- Detect current directory as project root (avoid nested clone)
- Handle existing non-git directory explicitly
- Add curl dependency check
- Support ASTRBOT_REPO and ASTRBOT_DIR env vars for forks/mirrors
- Update cli.md version description to match
* feat: add Windows PowerShell deploy script and update docs
- Add deploy-cli.ps1 for Windows native environment (PowerShell 7+)
- Update cli.md to document Windows one-liner deployment
- Add local script execution instructions for both bash and ps1
* refactor: standardize log messages and improve clarity in various modules
Co-authored-by: Copilot <copilot@github.com>
* docs: 移除一行命令快速部署部分,简化安装说明
* feat: 添加脚本以复制部署 CLI 文件并更新构建命令
* refactor: 更新日志消息以提高可读性,统一英文提示信息
---------
Co-authored-by: Soulter <905617992@qq.com>
Co-authored-by: Copilot <copilot@github.com>
Co-authored-by: Weilong Liao <37870767+Soulter@users.noreply.github.com>
* feat: add Firecrawl web search and extract tools, update configuration and tests
* feat: implement Firecrawl API integration and error handling in web search tools
* feat: enhance Firecrawl web search with session management and payload validation
* feat: Firecrawl web search to use aiohttp.ClientSession directly for improved session management as it was
* feat: update Firecrawl search to handle grouped web data response and add corresponding tests
* feat: refactor Firecrawl web search to use aiohttp.ClientSession for improved error handling and session management
* feat: remove unused coercion function and update Firecrawl search to use default limit in payload
remove deprecated API modules and example scripts; update core modules
(agents, providers, tools, platform adapters, utils), dashboard package
and components, and unit tests.
* feat: update FileReadTool description to mention image and PDF support
Add explicit mention of image (OCR) and PDF (text extraction) support
to the FileReadTool description for better discoverability.
* feat: update FileReadTool description to include support for docx and epub files; change base64 decoding to utf-8
* feat: enhance ToolLoopAgentRunner to support image and audio modalities; add context sanitization logic
* feat: implement FTS5 support in DocumentStorage and SparseRetriever with tokenizer enhancements
* feat: optimize FTS row handling in DocumentStorage and update query tokenization in SparseRetriever
- ToolSet.add() now protects active tools from inactive overrides
- Add missing _has_meaningful_content() method in RespondStage
- Remove is_local=True from ExecuteShellTool (no longer supported)
- Fix ToolSet() missing namespace argument in get_full_tool_set()
- Rewrite tests to match new tool architecture (cron_tools, func_tool_manager, tool_conflict_resolution)
* feat: filesystem grep, read, edit file
* feat: add file write tool and enhance file read functionality
* feat: enhance tool prompt formatting and add escaped text decoding for file editing
* feat: remove redundant safe path tests from security restrictions
* feat: implement file read tool with support for text and image files, including validation for large files
* feat: add file read utilities and integrate with filesystem tools
* refactor: move computer tools to builtin tools registry
* refactor: remove unused plugin_context parameter from _apply_sandbox_tools
* feat: supports to display enabled builtin tools in configs
* feat: add tooltip for disabled builtin tools and update localization strings
* feat: add workspace extra prompt handling in message processing
* feat: add ripgrep installation to Dockerfile
* perf: shell executed in workspace dir in local env
* feat: enhance file reading capabilities to support PDF and DOCX parsing, including workspace storage for long documents
* feat: update converted text notice to suggest using grep for large files
* feat: implement handling for large tool results with overflow file writing and read tool integration
* fix: test
* feat: enhance onboarding steps to include computer access configuration and related help information
* feat: add support for additional temporary path in restricted environment checks
* feat: update computer access hints and add detailed configuration instructions
Resolved all conflicts using dev (HEAD) version:
- func_tool_manager.py: migrated old implementation into new architecture
- tool_loop_agent_runner.py: preserve lazy_load mode, remove step limit
- Platform adapters, dashboard, core modules: use HEAD version
* perf: replace cron tools with FutureTaskTool for improved task management
* feat: enhance FutureTaskTool with edit functionality and improve descriptions
* feat: add edit functionality for cron jobs and update related UI components