mirror of
https://github.com/Significant-Gravitas/AutoGPT.git
synced 2026-02-09 06:15:41 -05:00
2e16ef22727ff4fab3362f779a35bb004f448cff
7529 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Nicholas Tindle
|
2e16ef2272 | Merge branch 'dev' into claude/admin-user-management-011CULzkwgiPXZYcvCeozofC | ||
|
Ubbe
|
e68896a25a |
feat(backend): allow regex on CORS allowed origins (#11336)
## Changes 🏗️ Allow dynamic URLs in the CORS config, to match them via regex. This helps because currently we have Front-end preview deployments which are isolated ( _nice they don't pollute or overrride other domains_ ) like: ``` https://autogpt-git-{branch_name}-{commit}-significant-gravitas.vercel.app ``` The Front-end builds and works there, but as soon as you login, any API requests to endpoints that need auth will fail due to CORS, given our current CORS config does not support dynamically generated domains. ### Changes After these changes we can specify dynamic domains to be allowed under CORS. I also made `localhost` disabled if the API is in production for safety... ### Before ```yml cors: allowOrigin: "https://dev-builder.agpt.co" # could only specify full URL strings, not dyamic ones ``` ### After ```yml cors: allowOrigins: - "https://dev-builder.agpt.co" - "regex:https://autogpt-git-[a-z0-9-]+\\.vercel\\.app" # dynamic domains supported via regex ``` ### Files - add `build_cors_params` utility to parse literal/regex origins and block localhost in production (`backend/server/utils/cors.py`) - apply the helper in both `AgentServer` and `WebsocketServer` so CORS logic and validations remain consistent - add reusable `override_config` testing helper and update existing WebSocket tests to cover the shared CORS behavior - introduce targeted unit tests for the new CORS helper (`backend/server/utils/cors_test.py`) ## Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] We will know once we made the origin config changes on infra and test with this... |
||
|
Ubbe
|
dfed092869 |
dx(frontend): make preview deploys work + minor improvements (#11329)
## Changes 🏗️ Make sure we can login on preview deployments generated by Vercel to test Front-end changes. As of now, the Cloudflare CAPTCHA verification fails, we don't need to have it active there. ### Minor improvements <img width="1599" height="755" alt="Screenshot 2025-11-06 at 16 18 10" src="https://github.com/user-attachments/assets/0a3fb1f3-2d4d-49fe-885f-10f141dc0ce4" /> Prevent the following build error: ``` 15:58:01.507 at j (.next/server/app/(no-navbar)/onboarding/reset/page.js:1:5125) 15:58:01.507 at <unknown> (.next/server/chunks/5826.js:2:14221) 15:58:01.507 at b.handleCallbackErrors (.next/server/chunks/5826.js:43:43068) 15:58:01.507 at <unknown> (.next/server/chunks/5826.js:2:14194) { 15:58:01.507 description: "Route /onboarding/reset couldn't be rendered statically because it used `cookies`. See more info here: https://nextjs.org/docs/messages/dynamic-server-error", 15:58:01.507 digest: 'DYNAMIC_SERVER_USAGE' 15:58:01.507 } ``` by making the reset onboarding route a client one. I made a new component, `<LoadingSpinner />`, and that page will show it while onboarding it's being reset. ## Checklist 📋 ### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] You can login/signup on the app and use it in the preview URL generated by Vercel |
||
|
Nicholas Tindle
|
98cb639ab3 |
Clarify admin execution API descriptions
Updated descriptions for admin diagnostic endpoints to specify use of add_graph_execution and robust stop_graph_execution methods for requeue and stop operations, providing clearer implementation details for API consumers. |
||
|
Nicholas Tindle
|
d0102f4e1f |
Refactor admin execution stop/requeue logic and tests
Replaces legacy stop/requeue functions in diagnostics.py with robust implementations using add_graph_execution and stop_graph_execution. Updates admin diagnostics routes to use these new methods, ensuring proper cascading and parallel handling. Adds comprehensive tests for admin routes, including edge cases and validation for bulk operations. Enhances get_graph_executions to support filtering by execution_ids for efficiency. |
||
|
Nicholas Tindle
|
4950da2092 |
Add diagnostics for invalid execution states
Introduces detection and reporting of executions in impossible states (QUEUED with startedAt, RUNNING without startedAt) to backend diagnostics, API, and frontend. Adds a new read-only admin endpoint and UI tab for manual investigation of data corruption cases, updates metrics and OpenAPI spec, and refactors queries to support filtering by startedAt. |
||
|
Nicholas Tindle
|
96e40daf80 | Merge branch 'dev' into claude/admin-user-management-011CULzkwgiPXZYcvCeozofC | ||
|
Nicholas Tindle
|
f7b332a435 |
Refactor diagnostics admin routes and add utility functions
Refactored admin diagnostics routes to remove redundant try/except blocks and streamline response handling. Added utility functions in diagnostics.py for fetching all orphaned and stuck queued execution IDs, and for counting failed executions. Updated execution.py to support offset in get_graph_executions. These changes improve maintainability, error logging, and enable bulk operations for admin endpoints. |
||
|
Swifty
|
5559d978d7 | fix(platform): chat duplicate messages (#11332) autogpt-platform-beta-v0.6.36 | ||
|
Bently
|
dcecb17bd1 |
feat(backend): Remove deprecated LLM models and add migration script (#11331)
These models have become deprecated - deepseek-r1-distill-llama-70b - gemma2-9b-it - llama3-70b-8192 - llama3-8b-8192 - google/gemini-flash-1.5 I have removed them and setup a migration, the migration is to convert all the old versions of the model to new versions, the model changes will happen like so - llama3-70b-8192 → llama-3.3-70b-versatile - llama3-8b-8192 → llama-3.1-8b-instant - google/gemini-flash-1.5 → google/gemini-2.5-flash - deepseek-r1-distill-llama-70b → gpt-5-chat-latest - gemma2-9b-it → gpt-5-chat-latest ### Changes 🏗️ <!-- Concisely describe all of the changes made in this pull request: --> ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Check to see if old models where removed - [x] Check to see if migration worked and converted old models to new one in graph |
||
|
Swifty
|
a056d9e71a | feature(backend): Limit Chat to Auth Users, Limit Agent Runs Per Chat (#11330) | ||
|
Swifty
|
42b643579f | feat(frontend): Chat UI Frontend (#11290) | ||
|
seer-by-sentry[bot]
|
5b52ca9227 |
fix(platform): Implement backwards-compatible Set operations for input validation (#11197)
### Changes 🏗️ - Replaces `isSupersetOf` and `difference` Set operations with backwards-compatible implementations using `Array.from` and `every`/`filter` methods. - This ensures compatibility with older JavaScript environments that may not fully support modern Set operations. Fixes [BUILDER-451](https://sentry.io/organizations/significant-gravitas/issues/6952591149/). The issue was that: ES2024 Set methods `isSupersetOf` and `difference` are unsupported in iOS Safari 16.7, causing a TypeError during component render. This fix was generated by Seer in Sentry, triggered automatically. 👁️ Run ID: 2032240 Not quite right? [Click here to continue debugging with Seer.](https://sentry.io/organizations/significant-gravitas/issues/6952591149/?seerDrawer=true) ### Checklist 📋 #### For code changes: - [ ] I have clearly listed my changes in the PR description - [ ] I have made a test plan - [ ] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [ ] Test on iOS Safari 16.7 to ensure no TypeError occurs during component render. - [ ] Verify that the replaced `isSupersetOf` and `difference` implementations function correctly in other supported browsers. <details> <summary>Example test plan</summary> - [ ] Create from scratch and execute an agent with at least 3 blocks - [ ] Import an agent from file upload, and confirm it executes correctly - [ ] Upload agent to marketplace - [ ] Import an agent from marketplace and confirm it executes correctly - [ ] Edit an agent from monitor, and confirm it executes correctly </details> #### For configuration changes: - [ ] `.env.default` is updated or already compatible with my changes - [ ] `docker-compose.yml` is updated or already compatible with my changes - [ ] I have included a list of my configuration changes in the PR description (under **Changes**) <details> <summary>Examples of configuration changes</summary> - Changing ports - Adding new services that need to communicate with each other - Secrets or environment variable changes - New or infrastructure changes such as databases </details> Co-authored-by: seer-by-sentry[bot] <157164994+seer-by-sentry[bot]@users.noreply.github.com> |
||
|
Bently
|
8e83586d13 |
feat(frontend): Cookie consent banner and settings (#11306)
Implements a cookie consent banner and settings modal for GDPR compliance, allowing users to manage preferences for analytics and monitoring cookies. Integrates consent checks with Sentry, Vercel Analytics, and Google Analytics, ensuring tracking is only enabled with user permission. Refactors dialog components for improved layout and adds consent management utilities and hooks. #### For code changes: - [x] Banner appears at bottom of page on first visit with rounded corners and proper spacing (40px margins) - [x] Banner shows three buttons: "Reject All", "Settings", and "Accept All" - [x] Clicking "Accept All" hides banner and enables analytics/monitoring - [x] Clicking "Reject All" hides banner and keeps analytics/monitoring disabled - [x] Banner does not reappear after consent is given (check localStorage: `autogpt_cookie_consent`) **Cookie Settings Modal:** - [x] Clicking "Settings" button opens the Cookie Settings modal - [x] Modal displays three categories: Essential Cookies (always active), Analytics & Performance (toggle), Error Monitoring & Session Replay (toggle) - [x] Clicking "Save Preferences" saves custom settings and closes modal - [x] Clicking "Accept All" enables all cookies and closes modal - [x] Clicking "Reject All" disables optional cookies and closes modal - [x] Modal can be closed with X button or clicking outside **Consent Persistence:** - [x] Refresh page after giving consent - banner should not reappear - [x] Clear localStorage and refresh - banner should reappear - [x] Consent choices persist across browser sessions <img width="1123" height="126" alt="image" src="https://github.com/user-attachments/assets/7425efab-b5cc-4449-802d-0e12bd65053b" /> <img width="1124" height="372" alt="image" src="https://github.com/user-attachments/assets/2f28919a-97e8-44f5-9021-70d3836bb996" /> |
||
|
seer-by-sentry[bot]
|
df9850a141 |
fix(frontend): prevent state updates on unmounted OnboardingProvider (#11211)
<!-- Clearly explain the need for these changes: --> Fixes [BUILDER-48G](https://sentry.io/organizations/significant-gravitas/issues/6960009111/). The issue was that: Asynchronous API update scheduled via `setTimeout(0)` in `OnboardingProvider` creates a race condition, causing React-DOM's portal cleanup (`removeChild`) to fail during concurrent component unmounting. ### Changes 🏗️ <!-- Concisely describe all of the changes made in this pull request: --> - Prevents state updates and API calls after the `OnboardingProvider` component has been unmounted. - Introduces a `isMounted` ref to track the component's mount status. - Uses a `pendingUpdatesRef` to manage and cancel pending API update promises on unmount, preventing memory leaks and errors. - Ensures that API update errors are only logged if the component is still mounted. This fix was generated by Seer in Sentry, triggered by Craig Swift. 👁️ Run ID: 2058387 Not quite right? [Click here to continue debugging with Seer.](https://sentry.io/organizations/significant-gravitas/issues/6960009111/?seerDrawer=true) ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Onboarding works and does not throw errors when unmounted --------- Co-authored-by: seer-by-sentry[bot] <157164994+seer-by-sentry[bot]@users.noreply.github.com> Co-authored-by: Lluis Agusti <hi@llu.lu> Co-authored-by: Ubbe <hi@ubbe.dev> |
||
|
Reinier van der Leer
|
cbe4086e79 |
feat(frontend/marketplace): Update agent download UI (#11322)
- Resolves #11314 ### Changes 🏗️ - Change "Download agent" CTA button to action link at bottom of summary agent info - Move agent ratings above CTA buttons to prevent it from jumping on page load - Update vertical spacings to more closely match designs  ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Designer approves of new look - [x] Tests pass |
||
|
seer-by-sentry[bot]
|
fbd5f34a61 |
fix(frontend): Ensure agent version is fetched when active_version_id exists (#11291)
### Changes 🏗️ Fixes [BUILDER-4HJ](https://sentry.io/organizations/significant-gravitas/issues/6979388537/). The issue was that: Server-side rendering failed to retrieve the Supabase access token, causing authenticated API calls to omit the Authorization header. - Ensures that the agent version is fetched only when `creator_agent.active_version_id` exists and the status code is 200. - Enables the `prefetchGetV2GetAgentByStoreIdQuery` query when `creator_agent.active_version_id` exists. This fix was generated by Seer in Sentry, triggered by Craig Swift. 👁️ Run ID: 2234004 Not quite right? [Click here to continue debugging with Seer.](https://sentry.io/organizations/significant-gravitas/issues/6979388537/?seerDrawer=true) ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Loading marketplace works... Co-authored-by: seer-by-sentry[bot] <157164994+seer-by-sentry[bot]@users.noreply.github.com> Co-authored-by: Ubbe <hi@ubbe.dev> |
||
|
Ubbe
|
0b680d4990 |
feat(frontend): <Button variant="link" /> (#11320)
## Changes 🏗️ <img width="800" height="800" alt="Screenshot 2025-11-04 at 23 05 22" src="https://github.com/user-attachments/assets/ecb3f442-8f1b-4a80-a6c9-0c4b6d5e0427" /> New `<Button variant="link" />` for when you need to render an HTML `<button>` but with our link styles. ## Checklist 📋 ### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Run Storybook locally - [x] Looks good |
||
|
Zamil Majdy
|
6037f80502 |
feat(backend): Add correctness score to execution activity generation (#11325)
## Summary Add AI-generated correctness score field to execution activity status generation to provide quantitative assessment of how well executions achieved their intended purpose. New page: <img width="1000" height="229" alt="image" src="https://github.com/user-attachments/assets/5cb907cf-5bc7-4b96-8128-8eecccde9960" /> Old page: <img width="1000" alt="image" src="https://github.com/user-attachments/assets/ece0dfab-1e50-4121-9985-d585f7fcd4d2" /> ## What Changed - Added `correctness_score` field (float 0.0-1.0) to `GraphExecutionStats` model - **REFACTORED**: Removed duplicate `llm_utils.py` and reused existing `AIStructuredResponseGeneratorBlock` logic - Updated activity status generator to use structured responses instead of plain text - Modified prompts to include correctness assessment with 5-tier scoring system: - 0.0-0.2: Failure - 0.2-0.4: Poor - 0.4-0.6: Partial Success - 0.6-0.8: Mostly Successful - 0.8-1.0: Success - Updated manager.py to extract and set both activity_status and correctness_score - Fixed tests to work with existing structured response interface ## Technical Details - **Code Reuse**: Eliminated duplication by using existing `AIStructuredResponseGeneratorBlock` instead of creating new LLM utilities - Added JSON validation with retry logic for malformed responses - Maintained backward compatibility for existing activity status functionality - Score is clamped to valid 0.0-1.0 range and validated - All type errors resolved and linting passes ## Test Plan - [x] All existing tests pass with refactored structure - [x] Structured LLM call functionality tested with success and error cases - [x] Activity status generation tested with various execution scenarios - [x] Integration tests verify both fields are properly set in execution stats - [x] No code duplication - reuses existing block logic 🤖 Generated with [Claude Code](https://claude.ai/code) --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by: Zamil Majdy <majdyz@users.noreply.github.com> |
||
|
Nicholas Tindle
|
37b3e4e82e |
feat(blocks)!: Update Exa search block to match latest API specification (#11185)
BREAKING CHANGE: Removed deprecated use_auto_prompt field from Input
schema. Existing workflows using this field will need to be updated to
use the type field set to "auto" instead.
## Summary of Changes 📝
This PR comprehensively updates all Exa search blocks to match the
latest Exa API specification and adds significant new functionality
through the Websets API integration.
### Core API Updates 🔄
- **Migration to Exa SDK**: Replaced manual API calls with the official
`exa_py` AsyncExa SDK across all blocks for better reliability and
maintainability
- **Removed deprecated fields**: Eliminated
`use_auto_prompt`/`useAutoprompt` field (breaking change)
- **Fixed incomplete field definitions**: Corrected `user_location`
field definition
- **Added new input fields**: Added `moderation` and `context` fields
for enhanced content filtering
### Enhanced Content Settings 🛠️
- **Text field improvements**: Support both boolean and advanced object
configurations
- **New content options**:
- Added `livecrawl` settings (never, fallback, always, preferred)
- Added `subpages` support for deeper content retrieval
- Added `extras` settings for links and images
- Added `context` settings for additional contextual information
- **Updated settings**: Enhanced `highlight` and `summary`
configurations with new query and schema options
### Comprehensive Cost Tracking 💰
- Added detailed cost tracking models:
- `CostDollars` for monetary costs
- `CostCredits` for API credit tracking
- `CostDuration` for time-based costs
- New output fields: `request_id`, `resolved_search_type`,
`cost_dollars`
- Improved response handling to conditionally yield fields based on
availability
### New Websets API Integration 🚀
Added eight new specialized blocks for Exa's Websets API:
- **`websets.py`**: Core webset management (create, get, list, delete)
- **`websets_search.py`**: Search operations within websets
- **`websets_items.py`**: Individual item management (add, get, update,
delete)
- **`websets_enrichment.py`**: Data enrichment operations
- **`websets_import_export.py`**: Bulk import/export functionality
- **`websets_monitor.py`**: Monitor and track webset changes
- **`websets_polling.py`**: Poll for updates and changes
### New Special-Purpose Blocks 🎯
- **`code_context.py`**: Code search capabilities for finding relevant
code snippets from open source repositories, documentation, and Stack
Overflow
- **`research.py`**: Asynchronous research capabilities that explore the
web, gather sources, synthesize findings, and return structured results
with citations
### Code Organization Improvements 📁
- **Removed legacy code**: Deleted `model.py` file containing deprecated
API models
- **Centralized helpers**: Consolidated shared models and utilities in
`helpers.py`
- **Improved modularity**: Each webset operation is now in its own
dedicated file
### Other Changes 🔧
- Updated `.gitignore` for better development workflow
- Updated `CLAUDE.md` with project-specific instructions
- Updated documentation in `docs/content/platform/new_blocks.md` with
error handling, data models, and file input guidelines
- Improved webhook block implementations with SDK integration
### Files Changed 📂
- **Modified (11 files)**:
- `.gitignore`
- `autogpt_platform/CLAUDE.md`
- `autogpt_platform/backend/backend/blocks/exa/answers.py`
- `autogpt_platform/backend/backend/blocks/exa/contents.py`
- `autogpt_platform/backend/backend/blocks/exa/helpers.py`
- `autogpt_platform/backend/backend/blocks/exa/search.py`
- `autogpt_platform/backend/backend/blocks/exa/similar.py`
- `autogpt_platform/backend/backend/blocks/exa/webhook_blocks.py`
- `autogpt_platform/backend/backend/blocks/exa/websets.py`
- `docs/content/platform/new_blocks.md`
- **Added (8 files)**:
- `autogpt_platform/backend/backend/blocks/exa/code_context.py`
- `autogpt_platform/backend/backend/blocks/exa/research.py`
- `autogpt_platform/backend/backend/blocks/exa/websets_enrichment.py`
- `autogpt_platform/backend/backend/blocks/exa/websets_import_export.py`
- `autogpt_platform/backend/backend/blocks/exa/websets_items.py`
- `autogpt_platform/backend/backend/blocks/exa/websets_monitor.py`
- `autogpt_platform/backend/backend/blocks/exa/websets_polling.py`
- `autogpt_platform/backend/backend/blocks/exa/websets_search.py`
- **Deleted (1 file)**:
- `autogpt_platform/backend/backend/blocks/exa/model.py`
### Migration Guide 🚦
For users with existing workflows using the deprecated `use_auto_prompt`
field:
1. Remove the `use_auto_prompt` field from your input configuration
2. Set the `type` field to `ExaSearchTypes.AUTO` (or "auto" in JSON) to
achieve the same behavior
3. Review any custom content settings as the structure has been enhanced
### Testing Recommendations ✅
- Test existing workflows to ensure they handle the breaking change
- Verify cost tracking fields are properly returned
- Test new content settings options (livecrawl, subpages, extras,
context)
- Validate websets functionality if using the new Websets API blocks
🤖 Generated with [Claude Code](https://claude.com/claude-code)
### Checklist 📋
#### For code changes:
- [x] I have clearly listed my changes in the PR description
- [x] I have made a test plan
- [x] I have tested my changes according to the test plan:
- [x] made + ran a test agent for the blocks and flows between them
[Exa
Tests_v44.json](https://github.com/user-attachments/files/23226143/Exa.Tests_v44.json)
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Migrates Exa blocks to AsyncExa SDK, adds comprehensive
Websets/research/code-context blocks, updates existing
search/content/answers/similar, deletes legacy models, adjusts
tests/docs; breaking: remove `use_auto_prompt` in favor of
`type="auto"`.
>
> - **Backend — Exa integration (SDK migration & BREAKING)**:
> - Replace manual HTTP calls with `exa_py.AsyncExa` across `search`,
`similar`, `contents`, `answers`, and webhooks; richer outputs
(citations, context, costs, resolved search type).
> - BREAKING: remove `Input.use_auto_prompt`; use `type = "auto"`.
> - Centralize models/utilities in `exa/helpers.py` (content settings,
cost models, result mappers).
> - **New Blocks**:
> - **Websets**: management (`websets.py`), searches, items,
enrichments, imports/exports, monitors, polling (new files under
`exa/websets_*`).
> - **Research**: async research task create/get/wait/list
(`exa/research.py`).
> - **Code Context**: code snippet/context retrieval
(`exa/code_context.py`).
> - **Removals**:
> - Delete deprecated `exa/model.py`.
> - **Docs & DX**:
> - Update `docs/new_blocks.md` (error handling, models, file input) and
`CLAUDE.md`; ignore backend logs in `.gitignore`.
> - **Frontend Tests**:
> - Split/extend “e” block tests and improve block add robustness in
Playwright (`build.spec.ts`, `build.page.ts`).
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
Reinier van der Leer
|
de7c5b5c31 | Merge branch 'master' into dev | ||
|
Reinier van der Leer
|
d68dceb9c1 |
fix(backend/executor): Improve graph execution permission check (#11323)
- Resolves #11316 - Durable fix to replace #11318 ### Changes 🏗️ - Expand graph execution permissions check - Don't require library membership for execution as sub-graph ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Can run sub-agent with non-latest graph version - [x] Can run sub-agent that is available in Marketplace but not added to Library |
||
|
Zamil Majdy
|
193866232c |
hotfix(backend): fix rate-limited messages blocking queue by republishing to back (#11326)
## Summary Fix critical queue blocking issue where rate-limited user messages prevent other users' executions from being processed, causing the 135 late executions reported in production. ## Root Cause Analysis When a user exceeds `max_concurrent_graph_executions_per_user` (25), the executor uses `basic_nack(requeue=True)` which sends the message to the **FRONT** of the RabbitMQ queue. This creates an infinite blocking loop where: 1. Rate-limited message goes to front of queue 2. Gets processed, hits rate limit again 3. Goes back to front of queue 4. Blocks all other users' messages indefinitely ## Solution Implementation ### 🔧 Core Changes - **New setting**: `requeue_by_republishing` (default: `True`) in `backend/util/settings.py` - **Smart `_ack_message`**: Automatically uses republishing when `requeue=True` and setting enabled - **Efficient implementation**: Uses existing `self.run_client` connection instead of creating new ones - **Integration test**: Real RabbitMQ test validates queue ordering behavior ### 🔄 Technical Implementation **Before (blocking):** ```python basic_nack(delivery_tag, requeue=True) # Goes to FRONT of queue ❌ ``` **After (non-blocking):** ```python if requeue and self.config.requeue_by_republishing: # First: Republish to BACK of queue self.run_client.publish_message(...) # Then: Reject without requeue basic_nack(delivery_tag, requeue=False) ``` ### 📊 Impact - ✅ **Other users' executions no longer blocked** by rate-limited users - ✅ **Fair queue processing** - FIFO behavior maintained for all users - ✅ **Rate limiting still works** - just doesn't block others - ✅ **Configurable** - can revert to old behavior with `requeue_by_republishing=False` - ✅ **Zero performance impact** - uses existing connections ## Test Plan - **Integration test**: `test_requeue_integration.py` validates real RabbitMQ queue ordering - **Scenario testing**: Confirms rate-limited messages go to back of queue - **Cross-user validation**: Verifies other users' messages process correctly - **Setting test**: Confirms configuration loads with correct defaults ## Deployment Strategy This is a **hotfix** that can be deployed immediately: - **Backward compatible**: Old behavior available via config - **Safe default**: New behavior is safer than current state - **No breaking changes**: All existing functionality preserved - **Immediate relief**: Resolves production queue blocking ## Files Modified - `backend/executor/manager.py`: Enhanced `_ack_message` logic and `_requeue_message_to_back` method - `backend/util/settings.py`: Added `requeue_by_republishing` configuration field - `test_requeue_integration.py`: Integration test for queue ordering validation ## Related Issues Fixes the 135 late executions issue where messages were stuck in QUEUED state despite available executor capacity (583m/600m utilization). 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
Krzysztof Czerwinski
|
979826f559 |
fix(platform): Wallet fixes (#11304)
### Changes 🏗️ - Unmask for Sentry: - Agent name&creator on onboarding cards - Edge paths - Block I/O names - Prevent firing `onClick` when onboarding agents are loading - Prevent confetti on null elements and top-left corner - Fix tooltip on Wallet hover - Fix `0` appearing in place of notification dot on the Wallet button ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Onboarding works and can be completed - [x] Wallet confetti works properly - [x] Tooltip works |
||
|
Swifty
|
2f87e13d17 |
feat(platform): Chat system backend (#11230)
Implements foundational backend infrastructure for chat-based agent interaction system. Users will be able to discover, configure, and run marketplace agents through conversational AI. **Note:** Chat routes are behind a feature flag ### Changes 🏗️ **Core Chat System:** - Chat service with LLM orchestration (Claude 3.5 Sonnet, Haiku, GPT-4) - REST API routes for sessions and messages - Database layer for chat persistence - System prompts and configuration **5 Conversational Tools:** 1. `find_agent` - Search marketplace by keywords 2. `get_agent_details` - Fetch agent info, inputs, credentials 3. `get_required_setup_info` - Check user readiness, missing credentials 4. `run_agent` - Execute agents immediately 5. `setup_agent` - Configure scheduled execution with cron **Testing:** - 28 tests across chat tools (23 passing, 5 skipped for scheduler) - Test fixtures for simple, LLM, and Firecrawl agents - Service and data layer tests **Bug Fixes:** - Fixed `setup_agent.py` to create schedules instead of immediate execution - Fixed graph lookup to use UUID instead of username/slug - Fixed credential matching by provider/type instead of ID - Fixed internal tool calls to use `._execute()` instead of `.execute()` ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] All 28 chat tool tests pass (23 pass, 5 skip - require scheduler) - [x] Code formatting and linting pass - [x] Tool execution flow validated through unit tests - [x] Agent discovery, details, and execution tested - [x] Credential parsing and matching tested #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) No configuration changes required - all existing settings compatible. |
||
|
Zamil Majdy
|
2ad5a88a5c |
feat(frontend): Change copywriting for execution task summary (#11324)
### Changes 🏗️ Change copywriting for execution task summary ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Manual review |
||
|
Abhimanyu Yadav
|
e9cd40c0d4 |
fix(frontend): Correctly rendering all types of outputs in the custom node in the new builder (#11258)
Currently, we are rendering text for all types of outputs, even if it’s a video, image, or other type. So, In current we fixed it by rendering them correctly. Also, some output actions weren’t working, so fixed them also. <img width="1486" height="1080" alt="Screenshot 2025-10-27 at 4 36 33 PM" src="https://github.com/user-attachments/assets/4e4ee43f-5400-477e-8fa9-2914acf11466" /> <img width="463" height="683" alt="Screenshot 2025-10-27 at 4 39 00 PM" src="https://github.com/user-attachments/assets/bfc09c00-58dd-4a0d-96a2-aa51cc282797" /> <img width="1455" height="753" alt="Screenshot 2025-10-27 at 4 36 56 PM" src="https://github.com/user-attachments/assets/52870ffe-3e47-4b0f-bfa3-8d8bbe38cbbd" /> <img width="1131" height="1062" alt="Screenshot 2025-10-27 at 4 37 17 PM" src="https://github.com/user-attachments/assets/e55040e9-33e6-45a8-8397-bf912e93840f" /> ### Changes 🏗️ - Add a new design for the node output. - Render the correct HTML tag for each type. - Make all the output actions below the data section workable, such as viewing the complete data or copying it. - Add a “View more” button. We’re only seeing two pins of output. If we have more pins, we can view all the output in a dialogue box. ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] able to render different types of output data correctly. - [x] All output actions are working perfectly. --------- Co-authored-by: Krzysztof Czerwinski <34861343+kcze@users.noreply.github.com> Co-authored-by: Ubbe <hi@ubbe.dev> |
||
|
dependabot[bot]
|
4744675ef9 |
chore(frontend/deps-dev): bump the development-dependencies group across 1 directory with 13 updates (#11288)
Bumps the development-dependencies group with 13 updates in the /autogpt_platform/frontend directory: | Package | From | To | | --- | --- | --- | | [@chromatic-com/storybook](https://github.com/chromaui/addon-visual-tests) | `4.1.1` | `4.1.2` | | [@playwright/test](https://github.com/microsoft/playwright) | `1.55.0` | `1.56.1` | | [@tanstack/eslint-plugin-query](https://github.com/TanStack/query/tree/HEAD/packages/eslint-plugin-query) | `5.86.0` | `5.91.2` | | [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools) | `5.87.3` | `5.90.2` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.3.1` | `24.9.2` | | [axe-playwright](https://github.com/abhinaba-ghosh/axe-playwright) | `2.1.0` | `2.2.2` | | [chromatic](https://github.com/chromaui/chromatic-cli) | `13.1.4` | `13.3.2` | | [msw](https://github.com/mswjs/msw) | `2.11.1` | `2.11.6` | | [msw-storybook-addon](https://github.com/mswjs/msw-storybook-addon/tree/HEAD/packages/msw-addon) | `2.0.5` | `2.0.6` | | [orval](https://github.com/orval-labs/orval) | `7.11.2` | `7.15.0` | | [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.3` | `3.1.5` | | [prettier-plugin-tailwindcss](https://github.com/tailwindlabs/prettier-plugin-tailwindcss) | `0.6.14` | `0.7.1` | | [typescript](https://github.com/microsoft/TypeScript) | `5.9.2` | `5.9.3` | Updates `@chromatic-com/storybook` from 4.1.1 to 4.1.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chromaui/addon-visual-tests/releases"><code>@chromatic-com/storybook</code>'s releases</a>.</em></p> <blockquote> <h2>v4.1.2</h2> <h4>🐛 Bug Fix</h4> <ul> <li>Broaden version-range for storybook peerDependency to include 10.1.0-0 <a href="https://redirect.github.com/chromaui/addon-visual-tests/pull/392">#392</a> (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h4>Authors: 2</h4> <ul> <li><a href="https://github.com/chromatic-support"><code>@chromatic-support</code></a></li> <li>Norbert de Langen (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h2>v4.1.2-next.4</h2> <h4>⚠️ Pushed to <code>next</code></h4> <ul> <li>Broaden version-range for storybook peerDependency to include 10.2.0-0 and 10.3.0-0 (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h4>Authors: 1</h4> <ul> <li>Norbert de Langen (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h2>v4.1.2-next.3</h2> <h4>⚠️ Pushed to <code>next</code></h4> <ul> <li>Update GitHub Actions workflow to fetch full git history and tags with optimized settings (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h4>Authors: 1</h4> <ul> <li>Norbert de Langen (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h2>v4.1.2-next.2</h2> <h4>⚠️ Pushed to <code>next</code></h4> <ul> <li>bump yarn version (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h4>Authors: 1</h4> <ul> <li>Norbert de Langen (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h2>v4.1.2-next.1</h2> <h4>🐛 Bug Fix</h4> <ul> <li>Broaden version-range for storybook peerDependency to include 10.1.0-0 <a href="https://redirect.github.com/chromaui/addon-visual-tests/pull/392">#392</a> (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h4>Authors: 1</h4> <ul> <li>Norbert de Langen (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <h2>v4.1.2-next.0</h2> <h4>🐛 Bug Fix</h4> <ul> <li>Main <a href="https://redirect.github.com/chromaui/addon-visual-tests/pull/391">#391</a> (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a> <a href="https://github.com/chromatic-support"><code>@chromatic-support</code></a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/chromaui/addon-visual-tests/blob/v4.1.2/CHANGELOG.md"><code>@chromatic-com/storybook</code>'s changelog</a>.</em></p> <blockquote> <h1>v4.1.2 (Wed Oct 29 2025)</h1> <h4>🐛 Bug Fix</h4> <ul> <li>Broaden version-range for storybook peerDependency to include 10.1.0-0 <a href="https://redirect.github.com/chromaui/addon-visual-tests/pull/392">#392</a> (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> <li>Main <a href="https://redirect.github.com/chromaui/addon-visual-tests/pull/391">#391</a> (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a> <a href="https://github.com/chromatic-support"><code>@chromatic-support</code></a>)</li> </ul> <h4>Authors: 2</h4> <ul> <li><a href="https://github.com/chromatic-support"><code>@chromatic-support</code></a></li> <li>Norbert de Langen (<a href="https://github.com/ndelangen"><code>@ndelangen</code></a>)</li> </ul> <hr /> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Zamil Majdy
|
910fd2640d |
hotfix(backend): Temporarily disable library existence check for graph execution (#11318)
### Changes 🏗️ add_store_agent_to_library does not add subagents to the user library, this check can cause issues. ### Checklist 📋 #### For code changes: - [ ] I have clearly listed my changes in the PR description - [ ] I have made a test plan - [ ] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [ ] ... <details> <summary>Example test plan</summary> - [ ] Create from scratch and execute an agent with at least 3 blocks - [ ] Import an agent from file upload, and confirm it executes correctly - [ ] Upload agent to marketplace - [ ] Import an agent from marketplace and confirm it executes correctly - [ ] Edit an agent from monitor, and confirm it executes correctly </details> #### For configuration changes: - [ ] `.env.default` is updated or already compatible with my changes - [ ] `docker-compose.yml` is updated or already compatible with my changes - [ ] I have included a list of my configuration changes in the PR description (under **Changes**) <details> <summary>Examples of configuration changes</summary> - Changing ports - Adding new services that need to communicate with each other - Secrets or environment variable changes - New or infrastructure changes such as databases </details> |
||
|
Ubbe
|
eae2616fb5 |
fix(frontend): marketplace breadcrumbs typo (#11315)
## Changes 🏗️ Fixing a ✍🏽 typo found by @Pwuts ## Checklist 📋 ### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Run the app - [x] No typos on the breadcrumbs |
||
|
Abhimanyu Yadav
|
ad3ea59d90 |
feat(frontend): Add cron-based scheduling functionality to new builder with input/credential support (#11312)
This PR introduces scheduling functionality to the new builder, allowing users to create cron-based schedules for automated graph execution with configurable inputs and credentials. https://github.com/user-attachments/assets/20c1359f-a3d6-47bf-a881-4f22c657906c ## What's New ### 🚀 Features #### Scheduling Infrastructure - **CronSchedulerDialog Component**: Interactive dialog for creating scheduled runs with: - Schedule name configuration - Cron expression builder with visual UI - Timezone support (displays user timezone or defaults to UTC) - Integration with backend scheduling API - **ScheduleGraph Component**: New action button in builder actions toolbar - Clock icon button to initiate scheduling workflow - Handles conditional flow based on input/credential requirements #### Enhanced Input Management - **Unified RunInputDialog**: Refactored to support both manual runs and scheduled runs - Dynamic "purpose" prop (`"run"` | `"schedule"`) for contextual behavior - Seamless credential and input collection flow - Transitions to cron scheduler when scheduling #### Builder Actions Improvements - **New Action Buttons Layout**: Three primary actions in the builder toolbar: 1. Agent Outputs (placeholder for future implementation) 2. Run Graph (play/stop button with gradient styling) 3. Schedule Graph (clock icon for scheduling) ## Technical Details ### New Components - `CronSchedulerDialog` - Main scheduling dialog component - `useCronSchedulerDialog` - Hook managing scheduling logic and API calls - `ScheduleGraph` - Schedule button component - `useScheduleGraph` - Hook for scheduling flow control - `AgentOutputs` - Placeholder component for future outputs feature ### Modified Components - `BuilderActions` - Added new action buttons - `RunGraph` - Enhanced with tooltip support - `RunInputDialog` - Made multi-purpose for run/schedule - `useRunInputDialog` - Added scheduling dialog state management ### API Integration - Uses `usePostV1CreateExecutionSchedule` for schedule creation - Fetches user timezone with `useGetV1GetUserTimezone` - Validates and passes graph ID, version, inputs, and credentials ## User Experience 1. **Without Inputs/Credentials**: - Click schedule button → Opens cron scheduler directly 2. **With Inputs/Credentials**: - Click schedule button → Opens input dialog - Fill required fields → Click "Schedule Run" - Configure cron expression → Create schedule 3. **Timezone Awareness**: - Shows user's configured timezone - Warns if no timezone is set (defaults to UTC) - Provides link to timezone settings ## Testing Checklist - [x] Create a schedule without inputs/credentials - [x] Create a schedule with required inputs - [x] Create a schedule with credentials - [x] Verify timezone display (with and without user timezone) |
||
|
Reinier van der Leer
|
69b6b732a2 |
feat(frontend/ui): Increase contrast of Switch component (#11309)
- Resolves #11308 ### Changes 🏗️ - Change background color of `Switch` in unchecked state from `neutral-200` to `zinc-300` Before / after: <center> <img width="48%" alt="before" src="https://github.com/user-attachments/assets/d23c9531-2f7e-49d3-8a92-f4ad40e9fa14" /> <img width="48%" alt="after" src="https://github.com/user-attachments/assets/9f27fbee-081e-4b26-8b24-74d5d5cdcef8" /> </center> ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Visually verified new look |
||
|
Abhimanyu Yadav
|
b1a2d21892 |
feat(frontend): add undo/redo functionality with keyboard shortcuts to flow builder (#11307)
This PR introduces comprehensive undo/redo functionality to the flow builder, allowing users to revert and restore changes to their workflows. The implementation includes keyboard shortcuts (Ctrl/Cmd+Z for undo, Ctrl/Cmd+Y for redo) and visual controls in the UI. https://github.com/user-attachments/assets/514253a6-4e86-4ac5-96b4-992180fb3b00 ### What's New 🚀 - **Undo/Redo State Management**: Implemented a dedicated Zustand store (`historyStore`) that tracks up to 50 historical states of nodes and connections - **Keyboard Shortcuts**: Added cross-platform keyboard shortcuts: - `Ctrl/Cmd + Z` for undo - `Ctrl/Cmd + Y` for redo - **UI Controls**: Added dedicated undo/redo buttons to the control panel with: - Visual feedback when actions are available/disabled - Tooltips for better user guidance - Proper accessibility attributes - **Automatic History Tracking**: Integrated history tracking into node operations (add, remove, position changes, data updates) ### Technical Details 🔧 #### Architecture - **History Store** (`historyStore.ts`): Manages past and future states using a stack-based approach - Stores snapshots of nodes and connections - Implements state deduplication to prevent duplicate history entries - Limits history to 50 states to manage memory usage - **Integration Points**: - `nodeStore.ts`: Modified to push state changes to history on relevant operations - `Flow.tsx`: Added the new `useFlowRealtime` hook for real-time updates - `NewControlPanel.tsx`: Integrated the new `UndoRedoButtons` component #### UI Improvements - **Enhanced Control Panel Button**: Updated to support different HTML elements (button/div) with proper role attributes for accessibility - **Block Menu Tooltips**: Added tooltips to improve user guidance - **Responsive UI**: Adjusted tooltip delays for better responsiveness (100ms delay) ### Testing Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description ✅ - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Create a new flow with multiple nodes and verify undo/redo works for node additions - [x] Move nodes and verify position changes can be undone/redone - [x] Delete nodes and verify deletions can be undone - [x] Test keyboard shortcuts (Ctrl/Cmd+Z and Ctrl/Cmd+Y) on different platforms - [x] Verify undo/redo buttons are disabled when no history is available - [x] Test with complex flows (10+ nodes) to ensure performance remains good |
||
|
Zamil Majdy
|
a78b08f5e7 |
feat(platform): implement admin user impersonation with header-based authentication (#11298)
## Summary Implement comprehensive admin user impersonation functionality to enable admins to act on behalf of any user for debugging and support purposes. ## 🔐 Security Features - **Admin Role Validation**: Only users with 'admin' role can impersonate others - **Header-Based Authentication**: Uses `X-Act-As-User-Id` header for impersonation requests - **Comprehensive Audit Logging**: All impersonation attempts logged with admin details - **Secure Error Handling**: Proper HTTP 403/401 responses for unauthorized access - **SSR Safety**: Client-side environment checks prevent server-side rendering issues ## 🏗️ Architecture ### Backend Implementation (`autogpt_libs/auth/dependencies.py`) - Enhanced `get_user_id` FastAPI dependency to process impersonation headers - Admin role verification using existing `verify_user()` function - Audit trail logging with admin email, user ID, and target user - Seamless integration with all existing routes using `get_user_id` dependency ### Frontend Implementation - **React Hook**: `useAdminImpersonation` for state management and API calls - **Security Banner**: Prominent warning when impersonation is active - **Admin Panel**: Control interface for starting/stopping impersonation - **Session Persistence**: Maintains impersonation state across page refreshes - **Full Page Refresh**: Ensures all data updates correctly on state changes ### API Integration - **Header Forwarding**: All API requests include impersonation header when active - **Proxy Support**: Next.js API proxy forwards headers to backend - **Generated Hooks**: Compatible with existing React Query API hooks - **Error Handling**: Graceful fallback for storage/authentication failures ## 🎯 User Experience ### For Admins 1. Navigate to `/admin/impersonation` 2. Enter target user ID (UUID format with validation) 3. System displays security banner during active impersonation 4. All API calls automatically use impersonated user context 5. Click "Stop Impersonation" to return to admin context ### Security Notice - **Audit Trail**: All impersonation logged with `logger.info()` including admin email - **Session Isolation**: Impersonation state stored in sessionStorage (not persistent) - **No Token Manipulation**: Uses header-based approach, preserving admin's JWT - **Role Enforcement**: Backend validates admin role on every impersonated request ## 🔧 Technical Details ### Constants & Configuration - `IMPERSONATION_HEADER_NAME = "X-Act-As-User-Id"` - `IMPERSONATION_STORAGE_KEY = "admin-impersonate-user-id"` - Centralized in `frontend/src/lib/constants.ts` and `autogpt_libs/auth/dependencies.py` ### Code Quality Improvements - **DRY Principle**: Eliminated duplicate header forwarding logic - **Icon Compliance**: Uses Phosphor Icons per coding guidelines - **Type Safety**: Proper TypeScript interfaces and error handling - **SSR Compatibility**: Environment checks for client-side only operations - **Error Consistency**: Uniform silent failure with logging approach ### Testing - Updated backend auth dependency tests for new function signatures - Added Mock Request objects for comprehensive test coverage - Maintained existing test functionality while extending capabilities ## 🚀 CodeRabbit Review Responses All CodeRabbit feedback has been addressed: 1. ✅ **DRY Principle**: Refactored duplicate header forwarding logic 2. ✅ **Icon Library**: Replaced lucide-react with Phosphor Icons 3. ✅ **SSR Safety**: Added environment checks for sessionStorage 4. ✅ **UI Improvements**: Synchronous initialization prevents flicker 5. ✅ **Error Handling**: Consistent silent failure with logging 6. ✅ **Backend Validation**: Confirmed comprehensive security implementation 7. ✅ **Type Safety**: Addressed TypeScript concerns 8. ✅ **Code Standards**: Followed all coding guidelines and best practices ## 🧪 Testing Instructions 1. **Login as Admin**: Ensure user has admin role 2. **Navigate to Panel**: Go to `/admin/impersonation` 3. **Test Impersonation**: Enter valid user UUID and start impersonation 4. **Verify Banner**: Security banner should appear at top of all pages 5. **Test API Calls**: Verify credits/graphs/etc show impersonated user's data 6. **Check Logging**: Backend logs should show impersonation audit trail 7. **Stop Impersonation**: Verify return to admin context works correctly ## 📝 Files Modified ### Backend - `autogpt_libs/auth/dependencies.py` - Core impersonation logic - `autogpt_libs/auth/dependencies_test.py` - Updated test signatures ### Frontend - `src/hooks/useAdminImpersonation.ts` - State management hook - `src/components/admin/AdminImpersonationBanner.tsx` - Security warning banner - `src/components/admin/AdminImpersonationPanel.tsx` - Admin control interface - `src/app/(platform)/admin/impersonation/page.tsx` - Admin page - `src/app/(platform)/admin/layout.tsx` - Navigation integration - `src/app/(platform)/layout.tsx` - Banner integration - `src/lib/autogpt-server-api/client.ts` - Header injection for API calls - `src/lib/autogpt-server-api/helpers.ts` - Header forwarding logic - `src/app/api/proxy/[...path]/route.ts` - Proxy header forwarding - `src/app/api/mutators/custom-mutator.ts` - Enhanced error handling - `src/lib/constants.ts` - Shared constants ## 🔒 Security Compliance - **Authorization**: Admin role required for impersonation access - **Authentication**: Uses existing JWT validation with additional role checks - **Audit Logging**: Comprehensive logging of all impersonation activities - **Error Handling**: Secure error responses without information leakage - **Session Management**: Temporary sessionStorage without persistent data - **Header Validation**: Proper sanitization and validation of impersonation headers This implementation provides a secure, auditable, and user-friendly admin impersonation system that integrates seamlessly with the existing AutoGPT Platform architecture. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Admin user impersonation to view the app as another user. * New "User Impersonation" admin page for entering target user IDs and managing sessions. * Sidebar link for quick access to the impersonation page. * Persistent impersonation state that updates app data (e.g., credits) and survives page reloads. * Top warning banner when impersonation is active with a Stop Impersonation control. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
Nicholas Tindle
|
4e6fd3f68f | Update SchedulesTable.tsx | ||
|
Nicholas Tindle
|
43dedd8c42 |
Move error toast to useEffect in ExecutionsTable
Error toast notification is now shown inside a useEffect hook to avoid side effects during render. Also updated the error message to 'Failed to fetch executions'. |
||
|
Nicholas Tindle
|
c1c371bcf3 |
Add total upcoming execution runs to diagnostics
Backend now calculates and returns the total number of scheduled execution runs in the next hour and 24 hours, not just unique schedules. The frontend displays these new metrics in the diagnostics admin panel. The OpenAPI schema is updated to reflect the new fields. |
||
|
Nicholas Tindle
|
6a72440005 |
Add admin endpoints for bulk stopping and cleanup of executions
Introduces backend and frontend support for stopping all long-running executions and cleaning up all stuck queued executions via new admin endpoints. Updates diagnostics logic to ensure both cancel signals and DB status updates are performed, adds corresponding API routes, and enhances the admin UI to expose these bulk actions. Also updates the sidebar icon for diagnostics. |
||
|
Nicholas Tindle
|
1403c8f2de |
Improve failed executions error extraction and counting
Extract error messages from the stats JSON field in failed executions details. Update the admin diagnostics route to always count the actual number of failed executions within the specified time window, ensuring accurate pagination. |
||
|
Nicholas Tindle
|
6068ed3516 |
Add admin diagnostics for agent schedules
Introduces backend endpoints and models for schedule diagnostics, including orphaned schedule detection, listing, and bulk cleanup. Updates the frontend to display schedule health metrics and a new schedules table with management actions. OpenAPI spec is updated to document the new endpoints and models. |
||
|
Nicholas Tindle
|
53a6de9fdb |
feat(admin): Enhance diagnostics with comprehensive execution monitoring and management
Add extensive diagnostic capabilities for on-call engineers to monitor and manage execution health. Backend Enhancements: - Add 18 diagnostic metrics covering failures, orphaned executions, stuck queued, throughput, and queue health - Implement orphaned execution detection (>24h old, not in executor) - Add stuck queued detection (QUEUED >1h, never started) - Add long-running execution detection (RUNNING >24h) - Monitor both execution and cancel RabbitMQ queues - Track failure rates (1h, 24h) and execution throughput metrics New Backend Endpoints (15 total): - GET /admin/diagnostics/executions/orphaned - List orphaned executions - GET /admin/diagnostics/executions/stuck-queued - List stuck queued executions - GET /admin/diagnostics/executions/long-running - List long-running executions - GET /admin/diagnostics/executions/failed - List failed executions with error messages - POST /admin/diagnostics/executions/cleanup-all-orphaned - Cleanup all orphaned (operates on entire dataset) - POST /admin/diagnostics/executions/requeue - Requeue single stuck execution - POST /admin/diagnostics/executions/requeue-bulk - Requeue selected executions - POST /admin/diagnostics/executions/requeue-all-stuck - Requeue all stuck queued (operates on entire dataset) Execution Management: - Dual-mode stop: Active executions (cancel signals) vs orphaned (direct DB cleanup) - Intelligent Stop All: Auto-splits active/orphaned, executes in parallel - Requeue functionality for stuck QUEUED executions with credit cost warnings - Stop sends cancel signals to RabbitMQ for graceful termination - Cleanup orphaned updates DB directly without cancel signals - ALL endpoints operate on entire datasets (not limited to pagination) Frontend Enhancements: - 5-tab filtering interface: All, Orphaned, Stuck Queued, Long-Running, Failed - Clickable alert cards (🟠 🔴 🟡) automatically switch to relevant tabs - Tab badges show live counts from diagnostics metrics - Age column displays execution duration (e.g., "245d 12h") - Orange row highlighting for orphaned executions (>24h old) - Error message column for failed executions with hover tooltips - Click-to-copy for execution IDs and user IDs with visual feedback - Status badge colors match library view (blue=RUNNING, yellow=QUEUED, red=FAILED) Tab-Specific Actions: - Stuck Queued: Cleanup All OR Requeue All buttons with cost warnings - Stuck Queued per-row: 🟠 Cleanup OR 🔵 Requeue buttons - Orphaned: Cleanup All (operates on ALL orphaned) - Long-Running: Stop All (sends cancel signals) - Failed: View-only with error details - All: Stop All (intelligent split of active/orphaned) Alert Cards: - 🟠 Orphaned: Shows count with RUNNING/QUEUED breakdown, click to view - 🔴 Failed (24h): Shows count with hourly rate, click to view - 🟡 Long-Running: Shows count with oldest execution age, click to view Updated Diagnostic Info Card: - Color-coded explanations for each execution type - When to cleanup vs requeue vs stop - Credit cost implications clearly documented - Queue health thresholds explained Provides ~70% coverage of on-call guide requirements for troubleshooting execution issues, orphaned database records, and system health monitoring. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> |
||
|
Nicholas Tindle
|
cdd501c031 | Merge branch 'dev' into claude/admin-user-management-011CULzkwgiPXZYcvCeozofC | ||
|
Ubbe
|
5359f20070 |
feat(frontend): Google Drive Picker component (#11286)
## Changes 🏗️ <img width="800" height="876" alt="Screenshot_2025-10-29_at_22 56 43" src="https://github.com/user-attachments/assets/e1d9cf62-0a81-4658-82c2-6e673d636479" /> New `<GoogleDrivePicker />` component that, when rendered: - re-uses existing Google credentials OR asks the user to SSO - uses the Google Drive Picker script to launch a modal for the user to select files We will need this 3 new environment variables on the Front-end for it to work: ``` # Google Drive Picker NEXT_PUBLIC_GOOGLE_CLIENT_ID= NEXT_PUBLIC_GOOGLE_API_KEY= NEXT_PUBLIC_GOOGLE_APP_ID= ``` Updated `.env.default` with them. ### Next We need to figure out how to map this to an agent input type and update the Back-end to accept the files as input. ## Checklist 📋 ### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] I tried the whole flow ### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) |
||
|
Abhimanyu Yadav
|
427c7eb1d4 |
feat(frontend): Add dynamic input dialog for agent execution with credential support (#11301)
### Changes 🏗️ This PR enhances the agent execution functionality by introducing a dynamic input dialog that collects both regular inputs and credentials before running agents. <img width="1309" height="826" alt="Screenshot 2025-11-03 at 10 16 38 AM" src="https://github.com/user-attachments/assets/2015da5d-055d-49c5-8e7e-31bd0fe369f4" /> #### ✨ New Features - **Dynamic Input Dialog**: Added a new `RunInputDialog` component that automatically detects when agents require inputs or credentials and prompts users before execution - **Credential Management**: Integrated credential input handling directly into the execution flow, supporting various credential types (API keys, OAuth, passwords) - **Enhanced Run Controls**: Improved the `RunGraph` component with better state management and visual feedback for running/stopping agents - **Form Renderer**: Created a new unified `FormRenderer` component for consistent input rendering across the application #### 🔧 Refactoring - **Input Renderer Migration**: Moved input renderer components from FlowEditor-specific location to a shared components directory for better reusability: - Migrated fields (AnyOfField, CredentialField, ObjectField) - Migrated widgets (ArrayEditor, DateInput, SelectWidget, TextInput, etc.) - Migrated templates (FieldTemplate, ArrayFieldTemplate) - **State Management**: Enhanced `graphStore` with schemas for inputs and credentials, including helper methods to check for their presence - **Component Organization**: Restructured BuilderActions components for better modularity #### 🗑️ Cleanup - Removed outdated FlowEditor documentation files (FORM_CREATOR.md, README.md) - Removed deprecated `RunGraph` and `useRunGraph` implementations from FlowEditor - Consolidated duplicate functionality into new shared components #### 🎨 UI/UX Improvements - Added gradient styling to Run/Stop button for better visual appeal - Improved dialog layout with clear sections for Credentials and Inputs - Enhanced form fields with size variants (small, medium, large) for better responsiveness - Added loading states and proper error handling during execution ### Technical Details - The new system automatically detects input requirements from the graph schema - Credentials are handled separately with special UI treatment based on credential type - The dialog only appears when inputs or credentials are actually required - Execution flow: Save graph → Check for inputs/credentials → Show dialog if needed → Execute with provided values ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Create an agent without inputs and verify it runs directly without dialog - [x] Create an agent with input blocks and verify the dialog appears with correct fields - [x] Create an agent requiring credentials and verify credential selection/creation works - [x] Test agent execution with both inputs and credentials - [x] Verify Stop Agent functionality during execution - [x] Test error handling for invalid inputs or missing credentials - [x] Verify that the dialog closes properly after submission - [x] Test that execution state is properly reflected in the UI |
||
|
Krzysztof Czerwinski
|
c17a2f807d |
fix(frontend): Reset beads on run (#11303)
Beads are reset when saving but not on run which can result in beads from previous runs accumulating on the opened graph. ### Changes 🏗️ - Move bead reset code to function and call it before run ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Beads reset on every run |
||
|
Krzysztof Czerwinski
|
f80739d38c | Merge branch 'master' into dev | ||
|
Krzysztof Czerwinski
|
f97e19f418 |
hotfix: Patch onboarding (#11299)
### Changes 🏗️ - Prevent removing progress of user onboarding tasks by merging arrays on the backend instead of replacing them - New endpoint for onboarding reset ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Tasks are not being reset - [x] `/onboarding/reset` works |
||
|
Reinier van der Leer
|
42b9facd4a |
hotfix(backend/scheduler): Bump apscheduler to DST-fixed version 3.11.1 (#11294)
- #11273 - Bump `apscheduler` to v3.11.1 which contains a fix for the issue - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] "It's a rather ugly solution but the test proves that it works." ~the maintainer - [x] CI passes |
||
|
Reinier van der Leer
|
a02b8d9ad7 |
fix(backend/scheduler): Bump apscheduler to DST-fixed version 3.11.1 (#11294)
- #11273 ### Changes 🏗️ - Bump `apscheduler` to v3.11.1 which contains a fix for the issue ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] "It's a rather ugly solution but the test proves that it works." ~the maintainer - [x] CI passes |
||
|
Nicholas Tindle
|
834617d221 | hotfix(backend): Clarify prompt requirements for list generation for our friend claude (#11293) |