mirror of
https://github.com/Significant-Gravitas/AutoGPT.git
synced 2026-01-29 17:08:01 -05:00
52ad474df3787fb94de14c29f263f092a27b9bce
7791 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Ubbe
|
e562ca37aa |
fix(frontend): login redirects + onboarding (#11125)
## Changes 🏗️ ### Fix re-direct bugs Sometimes the app will re-direct to a strange URL after login: ``` http://localhost:3000/marketplace,%20/marketplace ``` It looks like a race-condition because the re-direct to `/marketplace` was done on a [server action](https://nextjs.org/docs/14/app/building-your-application/data-fetching/server-actions-and-mutations) rather than in the browser. **✅ Fixed by** Moving the login / signup server actions to Next.js API endpoints. In this way the login/signup pages just call an API endpoint and handle its response without having to hassle with serverless 💆🏽 ### Wallet layout flash <img width="800" height="744" alt="Screenshot 2025-10-08 at 22 52 03" src="https://github.com/user-attachments/assets/7cb85fd5-7dc4-4870-b4e1-173cc8148e51" /> The wallet popover would sometimes flash after login, because it was re-rendering once onboarding and credits data loaded. **✅ Fixed by** Only rendering once we have onboarding and credits data, without the popover is useless and causes flashes. ## Checklist 📋 ### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Login / Signup to the app with email and Google - [x] Works fine - [x] Onboarding popover does not flash - [x] Onboarding and marketplace re-directs work ### For configuration changes: None |
||
|
Nicholas Tindle
|
f906fd9298 |
fix(backend): Allow Project.content to be optional for linear search projects (#11118)
Changed the type of the 'content' field in the Project model to accept None, making it optional instead of required. Linear doesn't always return data here if its not set by the user. <!-- Clearly explain the need for these changes: --> ### Changes 🏗️ - Makes the content optional <!-- Concisely describe all of the changes made in this pull request: --> ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Manually test it works with our data <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Bug Fixes** - Improved handling of projects with no content by making content optional. - Prevents validation errors during project creation, import, or sync when content is missing. - Enhances compatibility with integrations that may omit content fields. - No impact on existing projects with content; behavior remains unchanged. - No user action required. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
seer-by-sentry[bot]
|
9e79add436 |
fix(backend): Change progress type to float in Linear Project (#11117)
### Changes 🏗️ - Changed the type of the `progress` field in the `LinearTask` model from `int` to `float` to fix [BUILDER-3V5](https://sentry.io/organizations/significant-gravitas/issues/6929150079/). ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Root cause analysis confirms fix -- testing will need to occur in dev environment before release to prod but this should merge now <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Progress indicators now support decimal values, allowing more precise tracking (e.g., 42.5% instead of 42%). This enables finer-grained updates in the interface and any integrations consuming progress data. - Users may notice smoother progress changes during long-running tasks, with improved accuracy in percentage displays across relevant views and APIs. <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: seer-by-sentry[bot] <157164994+seer-by-sentry[bot]@users.noreply.github.com> Co-authored-by: Nicholas Tindle <nicholas.tindle@agpt.co> |
||
|
Nicholas Tindle
|
de6f4fca23 | Merge branch 'master' into dev | ||
|
Nicholas Tindle
|
fb4b8ed9fc |
feat: track users with sentry on client side (not backend yet) (#11077)
<!-- Clearly explain the need for these changes: --> We need to be able to count user impact by user count which means we need to track that ### Changes 🏗️ - Attaches user id to frontend actions (which hopefully propagate to the backend in some places) <!-- Concisely describe all of the changes made in this pull request: --> ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Test login -> shows on sentry - [x] Test logout -> no longer shows on sentry |
||
|
Zamil Majdy
|
f3900127d7 |
feat(backend): instrument prometheus for internal services (#11114)
<!-- Clearly explain the need for these changes: --> ### Changes 🏗️ Instrument Prometheus for internal services ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Existing tests |
||
|
Abhimanyu Yadav
|
7c47f54e25 |
feat(frontend): add an API key modal for adding credentials in new builder. (#11105)
In this PR, I’ve added an API Key modal to the new builder so users can add API key credentials. https://github.com/user-attachments/assets/68da226c-3787-4950-abb0-7a715910355e ### Changes - Updated the credential field to support API key. - Added a modal for creating new API keys and improved the selection UI for credentials. - Refactored components for better modularity and maintainability. - Enhanced styling and user experience in the FlowEditor components. - Updated OpenAPI documentation for better clarity on credential operations. ### Checklist 📋 - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Able to create API key perfectly. - [x] can select the correct credentials. |
||
|
Lluis Agusti
|
927042d93e | fix(frontend): more turnstile experiments (2) | ||
|
Lluis Agusti
|
4244979a45 | fix(frontend): more turnstile experiments | ||
|
Lluis Agusti
|
aa27365e7f | fix(frontend): fix captcha reset | ||
|
Nicholas Tindle
|
b86aa8b14e |
feat(frontend): launchdarkly tracking on frontend browser (#11076)
<!-- Clearly explain the need for these changes: --> We struggle to identify where issues are coming from feature flags and which are from normal use. This adds that split on the frontend. ### Changes 🏗️ Include sentry in the LD initialization <!-- Concisely describe all of the changes made in this pull request: --> ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Test that launch darkly flags get attached to the frontend (browser only) |
||
|
Lluis Agusti
|
e7ab2626f5 | fix(frontend): remove captcha ref reset | ||
|
Ubbe
|
ff58ce174b |
fix(frontend): possible login issues related to turnstile (#11094)
## Changes 🏗️ We are seeing login and authentication issues in production and staging. Locally though, the app behaves fine. We also had issues related to the CAPTCHA in the past. Our CAPTCHA code is less than ideal, with some heavy `useEffect` that will load the Turnstile script into the DOM. I have the impression that is loading the script multiple times ( due to dependencies on the effects array not being well set ), or the like causing associated login issues. Created a new Turnstile component using [`react-turnstile`](https://docs.page/marsidev/react-turnstile) that is way simpler and should hopefully be more stable. I also fixed an issue with the Credits popover layout rendering cropped on the window. ## Checklist 📋 ### For code changes - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Login/logout on the app multiple times with Turnstile ON, everything is stable - [x] Credits popover appears on the right place ### For configuration changes: None |
||
|
Abhimanyu Yadav
|
2d8ab6b7c0 |
feat(frontend): add selecting UI for custom node in new builder (#11091)
React Flow has built-in functionality to select multiple nodes by using `cmd` + click. You can also select using rectangle selection by holding the shift key. However, we need to design a custom node after it’s selected. <img width="845" height="510" alt="Screenshot 2025-10-06 at 12 41 16 PM" src="https://github.com/user-attachments/assets/c91f22e3-2211-46b6-b3d3-fbc89148e99a" /> ### Tests - [x] Selecting Ui is visible after selecting a node, using cmd + click, and after rectangle selection. |
||
|
Abhimanyu Yadav
|
a7306970b8 |
refactor(frontend): simplify marketplace search page and update data fetching (#11061)
This PR refactors the marketplace search page to improve code maintainability, readability, and follows modern React patterns by extracting complex logic into a custom hook and creating dedicated components. ### 🔄 Changes #### **Architecture Improvements** - **Component Extraction**: Replaced the monolithic `SearchResults` component with a cleaner `MainSearchResultPage` component that focuses solely on presentation - **Custom Hook Pattern**: Extracted all business logic and state management into `useMainSearchResultPage` hook for better separation of concerns - **Loading State Component**: Added dedicated `MainSearchResultPageLoading` component for consistent loading UI #### **Code Simplification** - **Reduced search page to 19 lines** (from 175 lines) by removing inline logic and state management - **Centralized data fetching** using auto-generated API endpoints (`useGetV2ListStoreAgents`, `useGetV2ListStoreCreators`) - **Improved error handling** with dedicated error states and loading states #### **Feature Updates** - **Sort Options**: Commented out "Most Recent" and "Highest Rated" sort options due to backend limitations (no date/rating data available) - **Client-side Sorting**: Implemented client-side sorting for "runs" and "rating" as a temporary solution - **Search Filters**: Maintained filter functionality for agents/creators with improved state management ### 📊 Impact - **Better Developer Experience**: Code is now more modular and easier to understand - **Improved Maintainability**: Business logic separated from presentation layer - **Future-Ready**: Structure prepared for backend improvements when date/rating data becomes available - **Type Safety**: Leveraging TypeScript with auto-generated API types ### 🧪 Testing Checklist - [x] Search functionality works correctly with various search terms - [x] Filter chips correctly toggle between "All", "Agents", and "Creators" - [x] Sort dropdown displays only "Most Runs" option - [x] Client-side sorting correctly sorts agents and creators by runs - [x] Loading state displays while fetching data - [x] Error state displays when API calls fail - [x] "No results found" message appears for empty searches - [x] Search bar in results page is functional - [x] Results display correctly with proper layout and styling |
||
|
Abhimanyu Yadav
|
c42f94ce2a |
feat(frontend): add new credential field for new builder (#11066)
In this PR, I’ve added a feature to select a credential from a list and also provided a UI to create a new credential if desired. <img width="443" height="157" alt="Screenshot 2025-10-06 at 9 28 07 AM" src="https://github.com/user-attachments/assets/d9e72a14-255d-45b6-aa61-b55c2465dd7e" /> #### Frontend Changes: - **Refactored credential field** from a single component to a modular architecture: - Created `CredentialField/` directory with separated concerns - Added `SelectCredential.tsx` component for credential selection UI with provider details display - Implemented `useCredentialField.ts` custom hook for credential data fetching with 10-minute caching - Added `helpers.ts` with credential filtering and provider name formatting utilities - Added loading states with skeleton UI while fetching credentials - **Enhanced UI/UX features**: - Dropdown selector showing credentials with provider, title, username, and host details - Visual key icon for each credential option - Placeholder "Add API Key" button (implementation pending) - Loading skeleton UI for better perceived performance - Smart filtering of credentials based on provider requirements - **Template improvements**: - Updated `FieldTemplate.tsx` to properly handle credential field display - Special handling for credential field labels showing provider-specific names - Removed input handle for credential fields in the node editor #### Backend Changes: - **API Documentation improvements**: - Added OpenAPI summaries to `/credentials` endpoint ("List Credentials") - Added summary to `/{provider}/credentials/{cred_id}` endpoint ("Get Specific Credential By ID") ### Test Plan 📋 - [x] Navigate to the flow builder - [x] Add a block that requires credentials (e.g., API block) - [x] Verify the credential dropdown loads and displays available credentials - [x] Check that only credentials matching the provider requirements are shown |
||
|
Zamil Majdy
|
4e1557e498 |
fix(backend): Add dynamic input pin support for Smart Decision Maker Block (#11082)
## Summary - Centralize dynamic field delimiters and helpers in backend/data/dynamic_fields.py. - Refactor SmartDecisionMaker: build function signatures with dynamic-field mapping and re-map tool outputs back to original dynamic names. - Deterministic retry loop with retry-only feedback to avoid polluting final conversation history. - Update executor/utils.py and data/graph.py to use centralized utilities. - Update and extend tests: dynamic-field E2E flow, mapping verification, output yielding, and retry validation; switch mocked llm_call to AsyncMock; align tool-name expectations. - Add a single-tool fallback in schema lookup to support mocked scenarios. ## Validation - Full backend test suite: 1125 passed, 88 skipped, 53 warnings (local). - Backend lint/format pass. ## Scope - Minimal and localized to SmartDecisionMaker and dynamic-field utilities; unrelated pyright warnings remain unchanged. ## Risks/Mitigations - Behavior is backward-compatible; dynamic-field constants are centralized and reused. - Output re-mapping only affects SmartDecisionMaker tool outputs and matches existing link naming conventions. ## Checklist - [x] Formatted and linted - [x] All updated tests pass locally - [x] No secrets introduced --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
seer-by-sentry[bot]
|
7f8cf36ceb |
feat(frontend): Add description to Upload Agent dialog (#11053)
### Changes 🏗️ - Added a description to the Upload Agent dialog to provide more context for users. Fixes [BUILDER-3N1](https://sentry.io/organizations/significant-gravitas/issues/6915512912/). The issue was that: DialogContent in LibraryUploadAgentDialog lacks an accessible description, violating WAI-ARIA standards. <img width="2066" height="1740" alt="image" src="https://github.com/user-attachments/assets/c876fb33-4375-4a66-a6a2-6b13c00ef8d3" /> ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Test it works - [x] Get design approval Co-authored-by: seer-by-sentry[bot] <157164994+seer-by-sentry[bot]@users.noreply.github.com> Co-authored-by: Nicholas Tindle <nicholas.tindle@agpt.co> |
||
|
Ubbe
|
0978566089 |
fix(frontend): performance and layout issues (#11036)
## Changes 🏗️ ### Performance (Onboarding) 🐎 - Moved non-UI logic into `providers/onboarding/helpers.ts` to reduce provider complexity. - Memoized provider value and narrowed state updates to cut unnecessary re-renders. - Deferred non-critical effects until after mount to lower initial JS work. **Result:** faster initial render and smoother onboarding flows under load. ### Layout and overflow fixes 📐 - Replaced `w-screen` with `w-full` in platform/admin/profile layouts and marketplace wrappers to avoid 100vw scrollbar overflow. - Adjusted mobile navbar position (`right-0` instead of `-right-4`) to prevent off-viewport elements. **Result:** removed horizontal scrolling on Marketplace, Library, and Settings pages; Build remains unaffected. ### New Generic Error pages - Standardized global error handling in `app/global-error.tsx` for consistent display and user feedback. - Added platform-scoped error page(s) under `app/(platform)/error` for route-level failures with a consistent layout. - Improved retry affordances using existing `ErrorCard`. ## Checklist 📋 ### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Verify onboarding flows render faster and re-render less (DevTools flamegraph) - [x] Confirm no horizontal scrolling on Marketplace, Library, Settings at common widths - [x] Validate mobile navbar stays within viewport - [x] Trigger errors to confirm global and platform error pages render consistently ### For configuration changes: None |
||
|
Zamil Majdy
|
8b4eb6f87c |
fix(backend): resolve SmartDecisionMaker ChatCompletionMessage error and enhance tool call token counting (#11059)
## Summary Fix two critical production issues affecting SmartDecisionMaker functionality and prompt compression accuracy. ### 🔧 Changes Made #### Issue 1: SmartDecisionMaker ChatCompletionMessage Error **Problem**: PR #11015 introduced code that appended `response.raw_response` (ChatCompletionMessage object) directly to conversation history, causing `'ChatCompletionMessage' object has no attribute 'get'` errors. **Root Cause**: ChatCompletionMessage objects don't have `.get()` method but conversation history processing expects dictionary objects with `.get()` capability. **Solution**: Created `_convert_raw_response_to_dict()` helper function for type-safe conversion: - ✅ **Helper function**: Safely converts raw_response to dictionary format for conversation history - ✅ **Type safety**: Handles OpenAI (ChatCompletionMessage), Anthropic (Message), and Ollama (string) responses - ✅ **Preserves context**: Maintains conversation flow for multi-turn tool calling scenarios - ✅ **DRY principle**: Single helper used in both validation error path (line 624) and success path (line 681) - ✅ **No breaking changes**: Tool call continuity preserved for complex workflows #### Issue 2: Tool Call Token Counting in Prompt Compression **Problem**: `_msg_tokens()` function only counted tokens in 'content' field, severely undercounting tool calls which store data in different fields (tool_calls, function.arguments, etc.). **Root Cause**: Tool calls have no 'content' to calculate length of, causing massive token undercounting during prompt compression that could lead to context overflow. **Solution**: Enhanced `_msg_tokens()` to handle both OpenAI and Anthropic tool call formats: - ✅ **OpenAI format**: Count tokens in `tool_calls[].id`, `type`, `function.name`, `function.arguments` - ✅ **Anthropic format**: Count tokens in `content[].tool_use` (`id`, `name`, `input`) and `content[].tool_result` - ✅ **Backward compatibility**: Regular string content counted exactly as before - ✅ **Comprehensive testing**: Added 11 unit tests in `prompt_test.py` ### 📊 Validation Results - ✅ **SmartDecisionMaker errors resolved**: No more ChatCompletionMessage.get() failures - ✅ **Token counting accuracy**: OpenAI tool calls 9+ tokens vs previous 3-4 wrapper-only tokens - ✅ **Token counting accuracy**: Anthropic tool calls 13+ tokens vs previous 3-4 wrapper-only tokens - ✅ **Backward compatibility**: Regular messages maintain exact same token count - ✅ **Type safety**: 0 type errors in both modified files - ✅ **Test coverage**: All 11 new unit tests pass + existing SmartDecisionMaker tests pass - ✅ **Multi-turn conversations**: Tool call workflows continue working correctly ### 🎯 Impact - **Resolves Sentry issue OPEN-2750**: ChatCompletionMessage errors eliminated - **Prevents context overflow**: Accurate token counting during prompt compression for long tool call conversations - **Production stability**: SmartDecisionMaker retry mechanism works correctly with proper conversation flow - **Resource efficiency**: Better memory management through accurate token accounting - **Zero breaking changes**: Full backward compatibility maintained ### 🧪 Test Plan - [x] Verified SmartDecisionMaker no longer crashes with ChatCompletionMessage errors - [x] Validated tool call token counting accuracy with comprehensive unit tests (11 tests all pass) - [x] Confirmed backward compatibility for regular message token counting - [x] Tested both OpenAI and Anthropic tool call formats - [x] Verified type safety with pyright checks - [x] Ensured conversation history flows correctly with helper function - [x] Confirmed multi-turn tool calling scenarios work with preserved context ### 📝 Files Modified - `backend/blocks/smart_decision_maker.py` - Added `_convert_raw_response_to_dict()` helper for safe conversion - `backend/util/prompt.py` - Enhanced tool call token counting for accurate prompt compression - `backend/util/prompt_test.py` - Comprehensive unit tests for token counting (11 tests) ### ⚡ Ready for Review Both fixes are critical for production stability and have been thoroughly tested with zero breaking changes. The helper function approach ensures type safety while preserving essential conversation context for complex tool calling workflows. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
Reinier van der Leer
|
4b7d17b9d2 |
refactor(blocks/code): Clean up & rename code execution blocks (#11019)
The code execution blocks' implementations are heavily duplicated and their names aren't very clear. E.g. the "InstantiationBlock" just shows up as "Instantiation" in the block list. I would've done this in #11017 but kept the refactoring separate for easier reviewing. ### Changes 🏗️ - Rename "Code Execution" block to "Execute Code" - Rename "Instantiation" block to "Instantiate Code Sandbox" - Rename "Step Execution" block to "Execute Code Step" - Deduplicate implementation of the three code execution blocks - Add `dispose_sandbox` toggle to "Execute Code" and "Execute Code Step" blocks - Note: it's default `True` on the Execute Code block, default `False` on the Execute Code Step block - Update block and input descriptions to clarify behavior - Fix all linting issues <details> <summary>Screenshots</summary>     </details> ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Test all code execution blocks manually |
||
|
dependabot[bot]
|
0fc6a44389 |
chore(backend/deps-dev): Bump the development-dependencies group across 1 directory with 4 updates (#10946)
Bumps the development-dependencies group with 4 updates in the /autogpt_platform/backend directory: [faker](https://github.com/joke2k/faker), [pyright](https://github.com/RobertCraigie/pyright-python), [pytest-mock](https://github.com/pytest-dev/pytest-mock) and [ruff](https://github.com/astral-sh/ruff). Updates `faker` from 37.6.0 to 37.8.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/joke2k/faker/releases">faker's releases</a>.</em></p> <blockquote> <h2>Release v37.8.0</h2> <p>See <a href="https://github.com/joke2k/faker/blob/refs/tags/v37.8.0/CHANGELOG.md">CHANGELOG.md</a>.</p> <h2>Release v37.7.0</h2> <p>See <a href="https://github.com/joke2k/faker/blob/refs/tags/v37.7.0/CHANGELOG.md">CHANGELOG.md</a>.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/joke2k/faker/blob/master/CHANGELOG.md">faker's changelog</a>.</em></p> <blockquote> <h3><a href="https://github.com/joke2k/faker/compare/v37.7.0...v37.8.0">v37.8.0 - 2025-09-15</a></h3> <ul> <li>Add Automotive providers for <code>ja_JP</code> locale. Thanks <a href="https://github.com/ItoRino424"><code>@ItoRino424</code></a>.</li> </ul> <h3><a href="https://github.com/joke2k/faker/compare/v37.6.0...v37.7.0">v37.7.0 - 2025-09-15</a></h3> <ul> <li>Add Nigerian name locales (<code>yo_NG</code>, <code>ha_NG</code>, <code>ig_NG</code>, <code>en_NG</code>). Thanks <a href="https://github.com/ifeoluwaoladeji"><code>@ifeoluwaoladeji</code></a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f5ee579ab2 |
chore(backend/deps): Bump firecrawl-py from 2.16.3 to 4.3.1 in /autogpt_platform/backend (#10809)
Bumps [firecrawl-py](https://github.com/firecrawl/firecrawl) from 2.16.3
to 4.3.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/firecrawl/firecrawl/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Upgrade firecrawl-py to v4.3.6 and refactor firecrawl blocks to new v4
API, formats handling, method names, and response fields.
>
> - **Dependencies**
> - Bump `firecrawl-py` from `2.16.3` to `4.3.6` (adds `httpx`, updates
`pydantic>=2`).
> - **Firecrawl API migration**
> - Centralize `ScrapeFormat` in `backend/blocks/firecrawl/_api.py`.
> - Add `_format_utils.convert_to_format_options` to map `ScrapeFormat`
(incl. `screenshot@fullPage`) to v4 `FormatOption`/`ScreenshotFormat`.
> - Switch to v4 types (`firecrawl.v2.types.ScrapeOptions`); adopt
snake_case fields (`only_main_content`, `max_age`, `wait_for`).
> - Rename methods: `crawl_url` → `crawl`, `scrape_url` → `scrape`,
`map_url` → `map`.
> - Normalize response attributes: `rawHtml` → `raw_html`,
`changeTracking` → `change_tracking`.
> - **Blocks**
> - `crawl.py`, `scrape.py`, `search.py`: use new formats conversion and
updated options/fields; adjust iteration over results (`search`: iterate
`web` when present).
> - `map.py`: return both `links` and detailed `results`
(url/title/description) and update output schema accordingly.
> - **Project files**
> - Update `pyproject.toml` and `poetry.lock` for new dependency
versions.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
Zamil Majdy
|
57a06f7088 |
fix(blocks, security): Fixes for various DoS vulnerabilities (#10798)
This PR addresses multiple critical and medium security vulnerabilities
that could lead to Denial of Service (DoS) attacks. All fixes implement
defense-in-depth strategies with comprehensive testing.
### Changes 🏗️
#### **Critical Security Fixes:**
1. **GHSA-m2wr-7m3r-p52c - ReDoS in CodeExtractionBlock**
- Fixed catastrophic backtracking in regex patterns `\s+[\s\S]*?` and
`\s+(.*?)`
- Replaced with safer patterns: `[ \t]*\n([^\s\S]*?)`
- Files: `backend/blocks/code_extraction_block.py`
2. **GHSA-955p-gpfx-r66j - AITextSummarizerBlock Memory Amplification**
- Added 1MB text size limit and 100 chunk maximum
- Prevents 10K input → 50G memory amplification attacks
- Files: `backend/blocks/llm.py`
3. **GHSA-5cqw-g779-9f9x - RSS Feed XML Bomb DoS**
- Added 10MB feed size limit and 30s timeout
- Prevents deep XML parsing memory exhaustion
- Files: `backend/blocks/rss.py`
4. **GHSA-7g34-7fvq-xxq6 - File Storage Disk Exhaustion**
- Added 100MB per file and 1GB per execution directory limits
- Prevents disk space exhaustion from file uploads
- Files: `backend/util/file.py`
5. **GHSA-pppq-xx2w-7jpq - ExtractTextInformationBlock ReDoS**
- Added 1MB text limit, 1000 match limit, and 5s timeout protection
- Prevents lookahead pattern memory exhaustion
- Files: `backend/blocks/text.py`
6. **GHSA-vw3v-whvp-33v5 - Docker Logging Disk Exhaustion**
- Added log rotation limits at Docker (10MB × 3 files) and application
levels
- Prevents unbounded log growth causing disk exhaustion
- Files: `docker-compose.platform.yml`,
`autogpt_libs/autogpt_libs/logging/config.py`
#### **Additional Security Improvements:**
7. **StepThroughItemsBlock DoS Prevention**
- Added 10,000 item limit and 1MB input size limit
- Prevents large iteration DoS attacks
- Files: `backend/blocks/iteration.py`
8. **XMLParserBlock XML Bomb Prevention**
- Added 10MB XML input size limit
- Files: `backend/blocks/xml_parser.py`
#### **Code Quality:**
- Fixed Python 3.10 typing compatibility issues
- Added comprehensive security test suite
- All code formatted and linted
### Checklist 📋
#### For code changes:
- [x] I have clearly listed my changes in the PR description
- [x] I have made a test plan
- [x] I have tested my changes according to the test plan:
- [x] Created comprehensive security test suite covering all
vulnerabilities
- [x] Verified ReDoS patterns are fixed and don't cause timeouts
- [x] Confirmed memory limits prevent amplification attacks
- [x] Tested file size limits prevent disk exhaustion
- [x] Validated log rotation prevents unbounded growth
- [x] Ensured backward compatibility for normal usage
#### For configuration changes:
- [x] `docker-compose.yml` is updated with logging limits
- [x] I have included a list of my configuration changes in the PR
description (under **Changes**)
### Test Plan 🧪
**Security Tests:**
1. **ReDoS Protection**: Tested with malicious regex inputs (large
spaces) - completes without hanging
2. **Memory Limits**: Verified 2MB text input gets truncated to 1MB,
chunk limits enforced
3. **File Size Limits**: Confirmed 200MB files rejected, directory size
limits enforced
4. **Iteration Limits**: Tested 20K item arrays rejected, large JSON
strings rejected
5. **Timeout Protection**: Dangerous regex patterns timeout after 5s
instead of hanging
**Compatibility Tests:**
- Normal functionality preserved for all blocks
- Existing tests pass with new security limits
- Performance impact minimal for typical usage
### Security Impact 🛡️
**Before:** Multiple attack vectors could cause:
- CPU exhaustion (ReDoS attacks)
- Memory exhaustion (amplification attacks)
- Disk exhaustion (file/log bombs)
- Service unavailability
**After:** All attack vectors mitigated with:
- Input validation and size limits
- Timeout protections
- Resource quotas
- Defense-in-depth approach
All fixes maintain backward compatibility while preventing DoS attacks.
🤖 Generated with [Claude Code](https://claude.ai/code)
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Adds robust DoS protections across blocks (regex, memory, iteration,
XML/RSS, file I/O) and enables app/Docker log rotation with
comprehensive tests.
>
> - **Security hardening**:
> - Replace unsafe regex in `backend/blocks/code_extraction_block.py` to
prevent ReDoS; add safer extraction/removal patterns.
> - Constrain LLM summarizer chunking in `backend/blocks/llm.py` (1MB
cap, chunk/overlap validation, chunk count limit).
> - Limit RSS fetching in `backend/blocks/rss.py` (scheme validation,
10MB cap, timeout, bounded read) and return empty on failure.
> - Impose XML size limit (10MB) in `backend/blocks/xml_parser.py`.
> - Add file upload/download limits in `backend/util/file.py`
(100MB/file, 1GB dir quota) and enforce scanning before write.
> - Enable rotating file logs in `autogpt_libs/logging/config.py` (size
+ backups) and Docker json-file log rotation in
`docker-compose.platform.yml`.
> - **Iteration block**:
> - Add item count/string size limits; fix yielded key for dicts; cap
iterations in `backend/blocks/iteration.py`.
> - **Tests**:
> - New `backend/blocks/test/test_security_fixes.py` covering ReDoS,
timeouts, memory/size and iteration limits, XML/file constraints.
> - **Misc**:
> - Typing fallback for `NotRequired` in `activity_status_generator.py`.
> - Dependency updates in `backend/poetry.lock`.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
Zamil Majdy
|
258bf0b1a5 |
fix(backend): improve activity status generation accuracy and handle missing blocks gracefully (#11039)
## Summary Fix critical issues where activity status generator incorrectly reported failed executions as successful, and enhance AI evaluation logic to be more accurate about actual task accomplishment. ## Changes Made ### 1. Missing Block Handling (`backend/data/graph.py`) - **Replace ValueError with graceful degradation**: When blocks are deleted/missing, return `_UnknownBlock` placeholder instead of crashing - **Comprehensive interface implementation**: `_UnknownBlock` implements all expected Block methods to prevent type errors - **Warning logging**: Log missing blocks for debugging without breaking execution flow - **Removed unnecessary caching**: Direct constructor calls instead of cached wrapper functions ### 2. Enhanced Activity Status AI Evaluation (`backend/executor/activity_status_generator.py`) #### Intention-Based Success Evaluation - **Graph description analysis**: AI now reads graph description FIRST to understand intended purpose - **Purpose-driven evaluation**: Success is measured against what the graph was designed to accomplish - **Critical output analysis**: Enhanced detection of missing outputs from key blocks (Output, Post, Create, Send, Publish, Generate) - **Sub-agent failure detection**: Better identification when AgentExecutorBlock produces no outputs #### Improved Prompting - **Intent-specific examples**: 'blog writing' → check for blog content, 'email automation' → check for sent emails - **Primary evaluation criteria**: 'Did this execution accomplish what the graph was designed to do?' - **Enhanced checklist**: 7-point analysis including graph description matching - **Technical vs. goal completion**: Distinguish between workflow steps completing vs. actual user goals achieved #### Removed Database Error Handling - **Eliminated try-catch blocks**: No longer needed around `get_graph_metadata` and `get_graph` calls - **Direct database calls**: Simplified error handling after fixing missing block root cause - **Cleaner code flow**: More predictable execution path without redundant error handling ## Problem Solved - **False success reports**: AI previously marked executions as 'successful' when critical output blocks produced no results - **Missing block crashes**: System would fail when trying to analyze executions with deleted/missing blocks - **Intent-blind evaluation**: AI evaluated technical completion instead of actual goal achievement - **Database service errors**: 500 errors when missing blocks caused graph loading failures ## Business Impact - **More accurate user feedback**: Users get honest assessment of whether their automations actually worked - **Better task completion detection**: Clear distinction between 'workflow completed' vs. 'goal achieved' - **Improved reliability**: System handles edge cases gracefully without crashing - **Enhanced user trust**: Truthful reporting builds confidence in the platform ## Testing - ✅ Tested with problematic executions that previously showed false successes - ✅ Confirmed missing block handling works without warnings - ✅ Verified enhanced prompt correctly identifies failures - ✅ Database calls work without try-catch protection ## Example Before/After **Before (False Success):** ``` Graph: "Automated SEO Blog Writer" Status: "✅ I successfully completed your blog writing task!" Reality: No blog content was actually created (critical output blocks had no outputs) ``` **After (Accurate Failure Detection):** ``` Graph: "Automated SEO Blog Writer" Status: "❌ The task failed because the blog post creation step didn't produce any output." Reality: Correctly identifies that the intended blog writing goal was not achieved ``` ## Files Modified - `backend/data/graph.py`: Missing block graceful handling with complete interface - `backend/executor/activity_status_generator.py`: Enhanced AI evaluation with intention-based analysis ## Type of Change - [x] Bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update ## Checklist - [x] My code follows the style guidelines of this project - [x] I have performed a self-review of my own code - [x] I have commented my code, particularly in hard-to-understand areas - [x] I have made corresponding changes to the documentation - [x] My changes generate no new warnings - [x] I have added tests that prove my fix is effective or that my feature works - [x] New and existing unit tests pass locally with my changes - [x] Any dependent changes have been merged and published in downstream modules --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
Ubbe
|
4a1cb6d64b |
fix(frontend): performance and layout issues (#11036)
## Changes 🏗️ ### Performance (Onboarding) 🐎 - Moved non-UI logic into `providers/onboarding/helpers.ts` to reduce provider complexity. - Memoized provider value and narrowed state updates to cut unnecessary re-renders. - Deferred non-critical effects until after mount to lower initial JS work. **Result:** faster initial render and smoother onboarding flows under load. ### Layout and overflow fixes 📐 - Replaced `w-screen` with `w-full` in platform/admin/profile layouts and marketplace wrappers to avoid 100vw scrollbar overflow. - Adjusted mobile navbar position (`right-0` instead of `-right-4`) to prevent off-viewport elements. **Result:** removed horizontal scrolling on Marketplace, Library, and Settings pages; Build remains unaffected. ### New Generic Error pages - Standardized global error handling in `app/global-error.tsx` for consistent display and user feedback. - Added platform-scoped error page(s) under `app/(platform)/error` for route-level failures with a consistent layout. - Improved retry affordances using existing `ErrorCard`. ## Checklist 📋 ### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Verify onboarding flows render faster and re-render less (DevTools flamegraph) - [x] Confirm no horizontal scrolling on Marketplace, Library, Settings at common widths - [x] Validate mobile navbar stays within viewport - [x] Trigger errors to confirm global and platform error pages render consistently ### For configuration changes: None |
||
|
Copilot
|
7c9db7419a |
fix(frontend): Display run cost correctly - convert cents to dollars run detail components (#10997)
Fixed costs being displayed as raw cent values instead of properly
formatted dollar amounts in the frontend monitoring and agent run detail
pages.
## Problem
The platform was showing costs incorrectly in two key areas:
- **Monitoring page**: Total cost displayed as raw cents with incorrect
"seconds" unit (e.g., "Total cost: 150 seconds")
- **Agent run details**: Individual run costs displayed as raw cents
(e.g., "Cost: $150" for what should be $1.50)
## Solution
Updated the affected components to properly convert cents to dollars
with consistent formatting:
**FlowRunsStatus.tsx** - Fixed total cost calculation and display:
```tsx
// Before
{filteredFlowRuns.reduce((total, run) => total + (run.stats?.cost ?? 0), 0)} seconds
// After
${(filteredFlowRuns.reduce((total, run) => total + (run.stats?.cost ?? 0), 0) / 100).toFixed(2)}
```
**RunDetailHeader.tsx** - Fixed individual run cost display:
```tsx
// Before
Cost: ${run.stats.cost}
// After
Cost: ${(run.stats.cost / 100).toFixed(2)}
```
## Validation
- Backend correctly stores costs in cents (verified in models and
database schemas)
- Email notification templates already handle the conversion properly
using `(credits_used|float)/100`
- Other components use the existing `formatCredits()` utility which
correctly converts cents to dollars
- No security vulnerabilities introduced (CodeQL verification passed)
- All linting and formatting checks pass
The fix ensures users now see accurate dollar amounts (e.g., $1.50
instead of $150 or "150 seconds") across the platform's cost reporting
interfaces.
> [!WARNING]
>
> <details>
> <summary>Firewall rules blocked me from connecting to one or more
addresses (expand for details)</summary>
>
> #### I tried to connect to the following addresses, but was blocked by
firewall rules:
>
> - `checkpoint.prisma.io`
> - Triggering command: `/usr/bin/node
/root/.cache/prisma-python/binaries/5.17.0/393aa359c9ad4a4bb28630fb5613f9c281cde053/node_modules/prisma/build/child
{"product":"prisma","version":"5.17.0","cli_install_type":"local","information":"","local_timestamp":"2025-09-25T21:41:17Z","project_hash":"a5170f80","cli_path":"/root/.cache/prisma-python/binaries/5.17.0/393aa359c9ad4a4bb28630fb5613f9c281cde053/node_modules/prisma/build/index.js","cli_path_hash":"40bbdaf9","endpoint":"REDACTED","disable":false,"arch":"x64","os":"linux","node_version":"v20.19.5","ci":false,"ci_name":"","command":"generate","schema_providers":["postgresql"],"schema_preview_features":[],"schema_generators_providers":["prisma-client-py"],"cache_file":"/root/.cache/checkpoint-nodejs/prisma-40bbdaf9","cache_duration":43200000,"remind_duration":172800000,"force":false,"timeout":5000,"unref":true,"child_path":"/root/.cache/prisma-python/binaries/5.17.0/393aa359c9ad4a4bb28630fb5613f9c281cde053/node_modules/prisma/build/child","client_event_id":"","previous_client_event_id":"","check_if_update_available":false}`
(dns block)
> - Triggering command: `/usr/bin/node
/root/.cache/prisma-python/binaries/5.17.0/393aa359c9ad4a4bb28630fb5613f9c281cde053/node_modules/prisma/build/child
{"product":"prisma","version":"5.17.0","cli_install_type":"local","information":"","local_timestamp":"2025-09-25T21:41:19Z","project_hash":"a5170f80","cli_path":"/root/.cache/prisma-python/binaries/5.17.0/393aa359c9ad4a4bb28630fb5613f9c281cde053/node_modules/prisma/build/index.js","cli_path_hash":"40bbdaf9","endpoint":"REDACTED","disable":false,"arch":"x64","os":"linux","node_version":"v20.19.5","ci":false,"ci_name":"","command":"migrate
deploy","schema_providers":["postgresql"],"schema_preview_features":[],"schema_generators_providers":["prisma-client-py"],"cache_file":"/root/.cache/checkpoint-nodejs/prisma-40bbdaf9","cache_duration":43200000,"remind_duration":172800000,"force":false,"timeout":5000,"unref":true,"child_path":"/root/.cache/prisma-python/binaries/5.17.0/393aa359c9ad4a4bb28630fb5613f9c281cde053/node_modules/prisma/build/child","client_event_id":"","previous_client_event_id":"","check_if_update_available":false}`
(dns block)
> - Triggering command: `/opt/hostedtoolcache/node/21.7.3/x64/bin/node
/home/REDACTED/.cache/prisma-python/binaries/5.17.0/393aa359c9ad4a4bb28630fb5613f9c281cde053/node_modules/prisma/build/child
{"product":"prisma","version":"5.17.0","cli_install_type":"local","information":"","local_timestamp":"2025-09-25T21:44:58Z","project_hash":"c6190a20","cli_path":"/home/REDACTED/.cache/prisma-python/binaries/5.17.0/393aa359c9ad4a4bb28630fb5613f9c281cde053/node_modules/prisma/build/index.js","cli_path_hash":"8d85b642","endpoint":"REDACTED","disable":false,"arch":"x64","os":"linux","node_version":"v21.7.3","ci":true,"ci_name":"GitHub
Actions","command":"generate","schema_providers":["postgresql"],"schema_preview_features":[],"schema_generators_providers":["prisma-client-py"],"cache_file":"/home/REDACTED/.cache/checkpoint-nodejs/prisma-8d85b642","cache_duration":43200000,"remind_duration":172800000,"force":false,"timeout":5000,"unref":true,"child_path":"/home/REDACTED/.cache/prisma-python/binaries/5.17.0/393aa359c9ad4a4bb28630fb5613f9c281cde053/node_modules/prisma/build/child","client_event_id":"","previous_client_event_id":"","check_if_update_available":false}`
(dns block)
> - `fonts.googleapis.com`
> - Triggering command: `node
/home/REDACTED/work/AutoGPT/AutoGPT/autogpt_platform/frontend/node_modules/.bin/../next/dist/bin/next
build` (dns block)
> -
`https://api.github.com/repos/Significant-Gravitas/Significant-Gravitas%2FAutoGPT/languages`
> - Triggering command:
`/home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps
/home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js`
(http block)
> - `o1.ingest.sentry.io`
> - Triggering command: `node
/home/REDACTED/work/AutoGPT/AutoGPT/autogpt_platform/frontend/node_modules/.bin/../next/dist/bin/next
build` (dns block)
>
> If you need me to access, download, or install something from one of
these locations, you can either:
>
> - Configure [Actions setup
steps](https://gh.io/copilot/actions-setup-steps) to set up my
environment, which run before the firewall is enabled
> - Add the appropriate URLs or hosts to the custom allowlist in this
repository's [Copilot coding agent
settings](https://github.com/Significant-Gravitas/AutoGPT/settings/copilot/coding_agent)
(admins only)
>
> </details>
<!-- START COPILOT CODING AGENT SUFFIX -->
<details>
<summary>Original prompt</summary>
>
> ----
>
> *This section details on the original issue you should resolve*
>
> <issue_title>Costs are being shown as dollars rather than cents based
on the new runs page</issue_title>
> <issue_description></issue_description>
>
> ## Comments on the Issue (you are @copilot in this section)
>
> <comments>
> </comments>
>
</details>
Fixes Significant-Gravitas/AutoGPT#10886
<!-- START COPILOT CODING AGENT TIPS -->
---
💡 You can make Copilot smarter by setting up custom instructions,
customizing its development environment and configuring Model Context
Protocol (MCP) servers. Learn more [Copilot coding agent
tips](https://gh.io/copilot-coding-agent-tips) in the docs.
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: ntindle <8845353+ntindle@users.noreply.github.com>
Co-authored-by: Nicholas Tindle <nicholas.tindle@agpt.co>
|
||
|
Krzysztof Czerwinski
|
18bbd8e572 |
fix(frontend): Fix confetti (#11031)
### Changes 🏗️ - Fix not being able to complete `MARKETPLACE_RUN_AGENT` task - Fix confetti shooting on every refresh - Fix confetti shooting from top-left corner ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Bugs eradicatedautogpt-platform-beta-v0.6.31 |
||
|
Zamil Majdy
|
047f011520 |
fix(platform): resolve authentication performance bottlenecks and improve reliability (#11028)
## Summary Fix critical authentication performance bottlenecks causing infinite loading during login and malformed redirect URL handling. ## Root Cause Analysis - **OnboardingProvider** was running expensive `isOnboardingEnabled()` database queries on every route for all users - **Timezone detection** was calling backend APIs during authentication flow instead of only during onboarding - **Malformed redirect URLs** like `/marketplace,%20/marketplace` causing authentication callback failures - **Arbitrary setTimeout** creating race conditions instead of proper authentication state management ## Changes Made ### 1. Backend: Cache Expensive Onboarding Queries (`backend/data/onboarding.py`) - Add `@cached(maxsize=1, ttl_seconds=300)` decorator to `onboarding_enabled()` - Cache expensive database queries for 5 minutes to prevent repeated execution during auth - Optimize query with `take=MIN_AGENT_COUNT + 1` to stop counting early - Fix typo: "Onboading" → "Onboarding" ### 2. Frontend: Optimize OnboardingProvider (`providers/onboarding/onboarding-provider.tsx`) - **Route-based optimization**: Only call `isOnboardingEnabled()` when user is actually on `/onboarding/*` routes - **Preserve functionality**: Still fetch `getUserOnboarding()` for step completion tracking on all routes - **Smart redirects**: Only handle onboarding completion redirects when on onboarding routes - **Performance improvement**: Eliminates expensive database calls for 95% of page loads ### 3. Frontend: Fix Timezone Detection Race Conditions (`hooks/useOnboardingTimezoneDetection.ts`) - **Remove setTimeout hack**: Replace arbitrary 1000ms timeout with proper authentication state checks - **Add route filtering**: Only run timezone detection on `/onboarding/*` routes using `pathname.startsWith()` - **Proper auth dependencies**: Use `useSupabase()` hook to wait for `user` and `!isUserLoading` - **Fire-and-forget updates**: Change from `mutateAsync()` to `mutate()` to prevent blocking UI ### 4. Frontend: Apply Fire-and-Forget Pattern (`hooks/useTimezoneDetection.ts`) - Change timezone auto-detection from `mutateAsync()` to `mutate()` - Prevents blocking user interactions during background timezone updates - API still executes successfully, user doesn't wait for response ### 5. Frontend: Enhanced URL Validation (`auth/callback/route.ts`) - **Add malformed URL detection**: Check for commas and spaces in redirect URLs - **Constants**: Use `DEFAULT_REDIRECT_PATH = "/marketplace"` instead of hardcoded strings - **Better error handling**: Try-catch with fallback to safe default path - **Path depth limits**: Reject suspiciously deep URLs (>5 segments) - **Race condition mitigation**: Default to `/marketplace` for corrupted URLs with warning logs ## Technical Implementation ### Performance Optimizations - **Database caching**: 5-minute cache prevents repeated expensive onboarding queries - **Route-aware logic**: Heavy operations only run where needed (`/onboarding/*` routes) - **Non-blocking updates**: Timezone updates don't block authentication flow - **Proper state management**: Wait for actual authentication instead of arbitrary delays ### Authentication Flow Improvements - **Eliminate race conditions**: No more setTimeout guessing - wait for proper auth state - **Faster auth**: Remove blocking timezone API calls during login flow - **Better UX**: Handle malformed URLs gracefully instead of failing ## Files Changed - `backend/data/onboarding.py` - Add caching to expensive queries - `providers/onboarding/onboarding-provider.tsx` - Route-based optimization - `hooks/useOnboardingTimezoneDetection.ts` - Proper auth state + route filtering + fire-and-forget - `hooks/useTimezoneDetection.ts` - Fire-and-forget pattern - `auth/callback/route.ts` - Enhanced URL validation ## Impact - **Eliminates infinite loading** during authentication flow - **Improves auth response times** from 5-11+ seconds to sub-second - **Prevents malformed redirect URLs** that confused users - **Reduces database load** through intelligent caching - **Maintains all existing functionality** with better performance - **Eliminates race conditions** from arbitrary timeouts ## Validation - ✅ All pre-commit hooks pass (format, lint, typecheck) - ✅ No breaking changes to existing functionality - ✅ Backward compatible with all onboarding flows - ✅ Enhanced error logging and graceful fallbacks 🤖 Generated with [Claude Code](https://claude.ai/code) --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
Reinier van der Leer
|
d11917eb10 |
feat(blocks): Improve data output of code execution block (#11017)
- Resolves #11016 ### Changes 🏗️ - Add more extensive outputs to Code Execution Block - Rename "Response" output to "Main Text Output" ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Object outputs can be accessed now |
||
|
Copilot
|
4663066e65 |
feat(blocks): Implement AI Condition Block for natural language condition evaluation (#10996)
This PR implements the AI Condition Block as requested in issue
AUTOMAT-60. The new block enables users to define conditional logic
using natural language descriptions instead of traditional comparison
operators, while maintaining the same yes/no data pass-through
functionality as the existing ConditionBlock.
## Overview
The AI Condition Block uses Large Language Models to evaluate conditions
written in plain English, such as:
- "the input is the body of an email"
- "the input is a City in the USA"
- "the input is an error or a refusal"
## Key Features
**Natural Language Processing**: Users can express complex conditions in
everyday English rather than programming logic, making agent workflows
more intuitive and accessible.
**Consistent Interface**: Maintains the same input/output schema as the
standard ConditionBlock:
- Boolean `result` output indicating condition evaluation
- `yes_output` and `no_output` for conditional data flow
- Optional custom values for yes/no cases
**Robust Error Handling**: Defaults to `false` on AI evaluation failures
to ensure safe operation and prevent workflow interruption.
**Performance Optimized**: Uses minimal token limits (10 tokens) for
true/false responses to reduce latency and API costs.
## Implementation Details
The block is implemented as `AIConditionBlock` in
`backend/blocks/ai_condition.py` and inherits from `AIBlockBase`
following established platform patterns. It includes:
- Proper LLM integration with credential management
- Token usage tracking and statistics
- Comprehensive test mocking for reliable CI/CD
- Full documentation with examples and use cases
## Use Cases
This block enables more sophisticated conditional logic for:
- **Content Classification**: Automatically categorize text, emails, or
documents
- **Data Validation**: Validate inputs using natural language rules
- **Smart Routing**: Route data based on AI-evaluated conditions
- **Error Detection**: Identify and handle error messages or problematic
inputs
- **Quality Control**: Check content against flexible quality standards
## Testing
The implementation includes comprehensive testing that integrates with
the existing platform test suite. All tests pass, including:
- Unit tests with proper LLM response mocking
- Code quality checks (linting, formatting, type checking)
- Security analysis via CodeQL
- Integration testing to ensure proper block discovery and loading
The block is automatically discovered by the platform's block loading
system and is immediately available for use in agent workflows.
## PR Checklist
- [x] **Have you listed your changes in the description?**
- Added new `AIConditionBlock` in `backend/blocks/ai_condition.py`
- Added comprehensive documentation in
`docs/content/platform/blocks/ai_condition.md`
- Implemented natural language condition evaluation using LLMs
- [x] **Have you included a test plan?**
- Unit tests with mocked LLM responses
- Integration tests for block discovery and loading
- Error handling validation
- Token usage tracking verification
- [x] **Have you tested your changes according to the test plan?**
- All existing tests pass
- Linting and formatting checks pass
- Type checking passes
- Security analysis via CodeQL passes
- Fixed `json_format` parameter to `force_json_output` per recent API
changes
> [!WARNING]
>
> <details>
> <summary>Firewall rules blocked me from connecting to one or more
addresses (expand for details)</summary>
>
> #### I tried to connect to the following addresses, but was blocked by
firewall rules:
>
> - `api.openai.com`
> - Triggering command:
`/home/REDACTED/.cache/pypoetry/virtualenvs/autogpt-platform-backend-Ajv4iu2i-py3.11/bin/python
/home/REDACTED/.cache/pypoetry/virtualenvs/autogpt-platform-backend-Ajv4iu2i-py3.11/bin/pytest
backend/blocks/test/test_block.py::test_available_blocks -k
AIConditionBlock -v` (dns block)
> -
`https://api.github.com/repos/Significant-Gravitas/Significant-Gravitas%2FAutoGPT/languages`
> - Triggering command:
`/home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps
/home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js`
(http block)
>
> If you need me to access, download, or install something from one of
these locations, you can either:
>
> - Configure [Actions setup
steps](https://gh.io/copilot/actions-setup-steps) to set up my
environment, which run before the firewall is enabled
> - Add the appropriate URLs or hosts to the custom allowlist in this
repository's [Copilot coding agent
settings](https://github.com/Significant-Gravitas/AutoGPT/settings/copilot/coding_agent)
(admins only)
>
> </details>
<!-- START COPILOT CODING AGENT SUFFIX -->
<details>
<summary>Original prompt</summary>
> Issue Title: AI Condition Block
> Issue Description: A version of the condition/if block that uses an AI
powered condition.
>
> It should have the same yes/no data pass throughs, as well as
outputting a result Boolean.
>
> The condition is plaintext English, provided by the user, and could be
anything.
>
> e.g
> If `[the input] is the body of an email`
> If `[the input] is a City in the USA`
> If `[the input] is an error or a refusal`
> Fixes https://linear.app/autogpt/issue/AUTOMAT-60/ai-condition-block
>
>
> Comment by User 4bcbb358-1758-43e4-abef-a0a42b63442f:
> 📋 I need a **repo** label on this issue to determine which GitHub
repository to work in.
>
> Please add a repo label to this issue with the format
`owner/repository-name` (e.g., `github/copilot`), then I'll
automatically start working on it!
>
> Comment by User :
> This thread is for an agent session with githubcopilotcodingagent.
>
>
</details>
<!-- START COPILOT CODING AGENT TIPS -->
---
✨ Let Copilot coding agent [set things up for
you](https://github.com/Significant-Gravitas/AutoGPT/issues/new?title=✨+Set+up+Copilot+instructions&body=Configure%20instructions%20for%20this%20repository%20as%20documented%20in%20%5BBest%20practices%20for%20Copilot%20coding%20agent%20in%20your%20repository%5D%28https://gh.io/copilot-coding-agent-tips%29%2E%0A%0A%3COnboard%20this%20repo%3E&assignees=copilot)
— coding agent works faster and does higher quality work when set up for
your repo.
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Introduces `AIConditionBlock` that uses an LLM to evaluate
natural-language conditions and outputs boolean result with yes/no
pass-through, plus accompanying documentation.
>
> - **Backend**:
> - **New block**: `backend/blocks/ai_condition.py`
> - Evaluates natural-language conditions via `llm_call` using
selectable `LlmModel` and credentials.
> - Parses strict true/false responses (with fallback token matching),
yields `result`, `yes_output`/`no_output`, and `error` on
ambiguity/failure.
> - Tracks token usage via `NodeExecutionStats`; includes test
inputs/mocks and `force_json_output=False`.
> - **Docs**:
> - Adds `docs/content/platform/blocks/ai_condition.md` with usage,
inputs/outputs, examples, and considerations.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
Krzysztof Czerwinski
|
48a0faa611 |
feat(frontend): Restore onboarding steps (#11027)
Wallet update removed `BUILDER_OPEN` and `BUILDER_RUN_AGENT`. ### Changes 🏗️ - Restore completion codepaths for `BUILDER_OPEN` and `BUILDER_RUN_AGENT` for analytical purposes ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Tasks are completed silently |
||
|
Nicholas Tindle
|
70d00b4104 |
fix(ci): Delete pr_reviewer section in .pr_agent.toml (#11024)
Remove pr_reviewer section from configuration <!-- Clearly explain the need for these changes: --> ### Changes 🏗️ removes the out of config status section <!-- Concisely describe all of the changes made in this pull request: --> ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] validated by global config |
||
|
Nicholas Tindle
|
aad0434cb2 |
feat(frontend): Enhance Sentry integration and TallyPopup telemetry (#10862)
Added Sentry captureConsoleIntegration and extraErrorDataIntegration to client, edge, and server configs. Improved replay integration with unmasking support. Updated TallyPopup to collect and expose Sentry replay data, user agent, and page URL for enhanced telemetry and debugging. Improved event handling and error logging for Tally events. Marked CustomNode title for Sentry unmasking.<!-- Clearly explain the need for these changes: --> ### Changes 🏗️ Reconfigure sentry Pass the id with sentry replay to tally alongside prefilling email, and passing non user identifying attributes like platform url, full url, and is authenticated. <!-- Concisely describe all of the changes made in this pull request: --> ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Test the results show up in sentry - [x] Test the url works in tally |
||
|
Krzysztof Czerwinski
|
f33ec1f2ec |
feat(platform): New retention-focused tasks and wallet update (#10977)
### Changes 🏗️ - Rename wallet and update design - Update tasks and add Hidden Tasks section - Update onboarding backend code and related db migration - Add progress bar for some tasks ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] All tasks can be finished - [x] Finished tasks add correct amount of credits --------- Co-authored-by: Zamil Majdy <zamil.majdy@agpt.co> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Nicholas Tindle <nicholas.tindle@agpt.co> Co-authored-by: Reinier van der Leer <pwuts@agpt.co> |
||
|
dependabot[bot]
|
e68b873bcf |
chore(frontend/deps): Bump @faker-js/faker from 9.9.0 to 10.0.0 in /autogpt_platform/frontend (#10806)
Bumps [@faker-js/faker](https://github.com/faker-js/faker) from 9.9.0 to 10.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/faker-js/faker/releases"><code>@faker-js/faker</code>'s releases</a>.</em></p> <blockquote> <h2>v10.0.0</h2> <h2>New & Noteworthy</h2> <ul> <li>esm only (for cjs support look into migration guide, we got you covered 😉)</li> <li>remove v9 deprecations</li> <li>change default error strategy to 'fail' in word module</li> <li>remove invalid credit card issuer patterns</li> <li>see our <a href="https://v10.fakerjs.dev/guide/upgrading.html">migration guide</a></li> </ul> <h2>What's Changed</h2> <ul> <li>ci: use node 24 by <a href="https://github.com/Shinigami92"><code>@Shinigami92</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3543">faker-js/faker#3543</a></li> <li>infra: stop using node 18 by <a href="https://github.com/Shinigami92"><code>@Shinigami92</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3536">faker-js/faker#3536</a></li> <li>infra: use import.meta.dirname by <a href="https://github.com/Shinigami92"><code>@Shinigami92</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3542">faker-js/faker#3542</a></li> <li>chore(deps): update devdependencies (major) by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3512">faker-js/faker#3512</a></li> <li>chore(deps): update eslint by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3555">faker-js/faker#3555</a></li> <li>chore(deps): update dependency <code>@vitest/eslint-plugin</code> to v1.3.4 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3554">faker-js/faker#3554</a></li> <li>chore(deps): update devdependencies by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3556">faker-js/faker#3556</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3557">faker-js/faker#3557</a></li> <li>feat!: esm only by <a href="https://github.com/Shinigami92"><code>@Shinigami92</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3540">faker-js/faker#3540</a></li> <li>refactor!: remove deprecations by <a href="https://github.com/Shinigami92"><code>@Shinigami92</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3553">faker-js/faker#3553</a></li> <li>docs: migration guide for v10 by <a href="https://github.com/matthewmayer"><code>@matthewmayer</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3559">faker-js/faker#3559</a></li> <li>infra: more precise engines field by <a href="https://github.com/matthewmayer"><code>@matthewmayer</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3561">faker-js/faker#3561</a></li> <li>refactor(word)!: change default error strategy to 'fail' by <a href="https://github.com/xDivisionByZerox"><code>@xDivisionByZerox</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3560">faker-js/faker#3560</a></li> <li>chore(release): 10.0.0-beta.0 by <a href="https://github.com/fakerjs-bot"><code>@fakerjs-bot</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3565">faker-js/faker#3565</a></li> <li>docs: Minor improvements to migration guide by <a href="https://github.com/matthewmayer"><code>@matthewmayer</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3569">faker-js/faker#3569</a></li> <li>chore(deps): update pnpm to v10.13.1 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3570">faker-js/faker#3570</a></li> <li>chore(deps): update devdependencies by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3571">faker-js/faker#3571</a></li> <li>chore(deps): update eslint by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3572">faker-js/faker#3572</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3562">faker-js/faker#3562</a></li> <li>chore(deps): update dependency typescript to v5.9.2 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3576">faker-js/faker#3576</a></li> <li>chore(deps): update pnpm to v10.14.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3579">faker-js/faker#3579</a></li> <li>chore(deps): update mcr.microsoft.com/devcontainers/typescript-node:22 docker digest to 2baa40a by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3575">faker-js/faker#3575</a></li> <li>chore(deps): update devdependencies by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3577">faker-js/faker#3577</a></li> <li>chore(deps): update eslint (major) by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3580">faker-js/faker#3580</a></li> <li>chore(deps): update eslint by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3578">faker-js/faker#3578</a></li> <li>feat(locale): extended list of colors in Polish by <a href="https://github.com/pkuczynski"><code>@pkuczynski</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3586">faker-js/faker#3586</a></li> <li>refactor(locale): remove invalid credit card issuer patterns by <a href="https://github.com/xDivisionByZerox"><code>@xDivisionByZerox</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3568">faker-js/faker#3568</a></li> <li>docs: update migration guide with findings from playground update by <a href="https://github.com/xDivisionByZerox"><code>@xDivisionByZerox</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3587">faker-js/faker#3587</a></li> <li>chore: fix typo in test by <a href="https://github.com/noritaka1166"><code>@noritaka1166</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3591">faker-js/faker#3591</a></li> <li>chore(deps): update all non-major dependencies by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3596">faker-js/faker#3596</a></li> <li>chore(deps): update amannn/action-semantic-pull-request action to v6 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3598">faker-js/faker#3598</a></li> <li>chore(deps): update devdependencies by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3599">faker-js/faker#3599</a></li> <li>chore(deps): update actions/checkout action to v5 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3597">faker-js/faker#3597</a></li> <li>chore(deps): update dependency cypress to v15 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3603">faker-js/faker#3603</a></li> <li>chore(deps): update dependency vitepress to v1.6.4 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3601">faker-js/faker#3601</a></li> <li>chore(deps): pin dependency node to 24.6.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3600">faker-js/faker#3600</a></li> <li>chore(deps): update dependency typescript-eslint to v8.40.0 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3602">faker-js/faker#3602</a></li> <li>chore(deps): update dependency eslint-plugin-jsdoc to v54 by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3604">faker-js/faker#3604</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a>[bot] in <a href="https://redirect.github.com/faker-js/faker/pull/3584">faker-js/faker#3584</a></li> <li>chore(release): 10.0.0 by <a href="https://github.com/fakerjs-bot"><code>@fakerjs-bot</code></a> in <a href="https://redirect.github.com/faker-js/faker/pull/3605">faker-js/faker#3605</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/faker-js/faker/blob/next/CHANGELOG.md"><code>@faker-js/faker</code>'s changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/faker-js/faker/compare/v10.0.0-beta.0...v10.0.0">10.0.0</a> (2025-08-21)</h2> <h3>New Locales</h3> <ul> <li><strong>locale:</strong> extended list of colors in Polish (<a href="https://redirect.github.com/faker-js/faker/issues/3586">#3586</a>) (<a href=" |
||
|
Nicholas Tindle
|
4530e97e59 |
feat(platform/blocks): Add table input UI and builder block (#10829)
<!-- Clearly explain the need for these changes: --> https://github.com/user-attachments/assets/909a6ecf-5731-424c-8dee-fe25db907365 ### Need 💡 This PR introduces a new "Table Input" block and corresponding UI component, allowing users to easily input structured, tabular data directly within the agent builder. This addresses the need for a user-friendly way to define custom column headers and populate rows of data, which is then output as a list of dictionaries. ### Changes 🏗️ <!-- Concisely describe all of the changes made in this pull request: --> * **New `TableInputBlock` (backend):** A new block (`backend/backend/blocks/table_input.py`) has been added. It defines an `Input` schema with `headers` (a list of strings for column names) and `value` (a list of dictionaries representing table rows). The block outputs the `value` data in the specified dictionary format. * **New `NodeTableInput` Component (frontend):** A new React component (`frontend/src/components/node-table-input.tsx`) was created to render an editable table UI, supporting dynamic row addition/removal and cell editing. * **Frontend Integration:** * `NodeGenericInputField` and `NodeObjectInputTree` were updated to pass `parentContext` down the component hierarchy. * `NodeArrayInput` was modified to conditionally render the new `NodeTableInput` component. It now detects when an array field (`selfKey` is "value") is part of a parent context that defines `headers`, indicating it should be rendered as a table. ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Add a "Table Input" block to the builder. - [x] Define custom headers (e.g., "Name", "Email"). - [x] Add several rows of data using the table UI. - [x] Verify that adding, editing, and removing rows works as expected. - [x] Connect the output of the "Table Input" block to another block (e.g., a "Print" block) and confirm the output format is a list of dictionaries with the defined headers as keys. - [x] Test with an empty table (no rows). - [x] Test with no headers defined (should default). - [x] Test that an empty row returns empty data (is this a good behavior? example output of the block ``` { "advanced": false, "column_headers": [ "Col 1", "Col 2", "Col 3" ], "name": "table_input", "value": [ { "Col 1": "row 1", "Col 2": "row 1", "Col 3": "row 1" }, { "Col 1": "val 1", "Col 2": "val 2", "Col 3": "val 3" } ] } ``` --- <a href="https://cursor.com/background-agent?bcId=bc-b8d31867-1034-4374-852c-b92ca69cc399"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://cursor.com/open-in-cursor-dark.svg"> <source media="(prefers-color-scheme: light)" srcset="https://cursor.com/open-in-cursor-light.svg"> <img alt="Open in Cursor" src="https://cursor.com/open-in-cursor.svg"> </picture> </a> <a href="https://cursor.com/agents?id=bc-b8d31867-1034-4374-852c-b92ca69cc399"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://cursor.com/open-in-web-dark.svg"> <source media="(prefers-color-scheme: light)" srcset="https://cursor.com/open-in-web-light.svg"> <img alt="Open in Web" src="https://cursor.com/open-in-web.svg"> </picture> </a> --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com> Co-authored-by: Nicholas Tindle <ntindle@users.noreply.github.com> |
||
|
Bently
|
477c261488 |
feat(blocks): Add claude-sonnet-4.5 (#11023)
## Summary
Adds claude-sonnet-4.5 model to the platform and sets the price to 9
### Checklist 📋
#### For code changes:
- [x] I have clearly listed my changes in the PR description
- [x] I have made a test plan
- [x] I have tested my changes according to the test plan:
<!-- Put your test plan here: -->
- [x] test the new claude-sonnet-4.5 model on the platform to make sure
it works
|
||
|
dependabot[bot]
|
8ac2228e1e |
chore(frontend/deps): Upgrade @sentry/nextjs from 9.42.0 to 10.8.0 (#10802)
Bumps [@sentry/nextjs](https://github.com/getsentry/sentry-javascript) from 9.42.0 to 10.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-javascript/releases"><code>@sentry/nextjs</code>'s releases</a>.</em></p> <blockquote> <h2>10.8.0</h2> <h3>Important Changes</h3> <ul> <li> <p><strong>feat(sveltekit): Add Compatibility for builtin SvelteKit Tracing (<a href="https://redirect.github.com/getsentry/sentry-javascript/pull/17423">#17423</a>)</strong></p> <p>This release makes the <code>@sentry/sveltekit</code> SDK compatible with SvelteKit's native <a href="https://svelte.dev/docs/kit/observability">observability support</a> introduced in SvelteKit version <code>2.31.0</code>. If you enable both, instrumentation and tracing, the SDK will now initialize early enough to set up additional instrumentation like database queries and it will pick up spans emitted from SvelteKit.</p> <p>We will follow up with docs how to set up the SDK soon. For now, If you're on SvelteKit version <code>2.31.0</code> or newer, you can easily opt into the new feature:</p> <ol> <li> <p>Enable <a href="https://svelte.dev/docs/kit/observability">experimental tracing and instrumentation support</a> in <code>svelte.config.js</code>:</p> </li> <li> <p>Move your <code>Sentry.init()</code> call from <code>src/hooks.server.(js|ts)</code> to the new <code>instrumentation.server.(js|ts)</code> file:</p> <pre lang="ts"><code>// instrumentation.server.ts import * as Sentry from '@sentry/sveltekit'; <p>Sentry.init({<br /> dsn: '...',<br /> // rest of your config<br /> });<br /> </code></pre></p> <p>The rest of your Sentry config in <code>hooks.server.ts</code> (<code>sentryHandle</code> and <code>handleErrorWithSentry</code>) should stay the same.</p> </li> </ol> <p>If you prefer to stay on the hooks-file based config for now, the SDK will continue to work as previously.</p> <p>Thanks to the Svelte team and <a href="https://github.com/elliott-with-the-longest-name-on-github"><code>@elliott-with-the-longest-name-on-github</code></a> for implementing observability support and for reviewing our PR!</p> </li> </ul> <h3>Other Changes</h3> <ul> <li>fix(react): Avoid multiple name updates on navigation spans (<a href="https://redirect.github.com/getsentry/sentry-javascript/pull/17438">#17438</a>)</li> </ul> <!-- raw HTML omitted --> <ul> <li>test(profiling): Add tests for current state of profiling (<a href="https://redirect.github.com/getsentry/sentry-javascript/pull/17470">#17470</a>)</li> </ul> <!-- raw HTML omitted --> <h2>Bundle size 📦</h2> <table> <thead> <tr> <th>Path</th> <th>Size</th> </tr> </thead> <tbody> <tr> <td><code>@sentry/browser</code></td> <td>23.59 KB</td> </tr> <tr> <td><code>@sentry/browser</code> - with treeshaking flags</td> <td>22.2 KB</td> </tr> <tr> <td><code>@sentry/browser</code> (incl. Tracing)</td> <td>38.94 KB</td> </tr> <tr> <td><code>@sentry/browser</code> (incl. Tracing, Replay)</td> <td>76.4 KB</td> </tr> <tr> <td><code>@sentry/browser</code> (incl. Tracing, Replay) - with treeshaking flags</td> <td>66.43 KB</td> </tr> </tbody> </table> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md"><code>@sentry/nextjs</code>'s changelog</a>.</em></p> <blockquote> <h2>10.8.0</h2> <h3>Important Changes</h3> <ul> <li> <p><strong>feat(sveltekit): Add Compatibility for builtin SvelteKit Tracing (<a href="https://redirect.github.com/getsentry/sentry-javascript/pull/17423">#17423</a>)</strong></p> <p>This release makes the <code>@sentry/sveltekit</code> SDK compatible with SvelteKit's native <a href="https://svelte.dev/docs/kit/observability">observability support</a> introduced in SvelteKit version <code>2.31.0</code>. If you enable both, instrumentation and tracing, the SDK will now initialize early enough to set up additional instrumentation like database queries and it will pick up spans emitted from SvelteKit.</p> <p>We will follow up with docs how to set up the SDK soon. For now, If you're on SvelteKit version <code>2.31.0</code> or newer, you can easily opt into the new feature:</p> <ol> <li> <p>Enable <a href="https://svelte.dev/docs/kit/observability">experimental tracing and instrumentation support</a> in <code>svelte.config.js</code>:</p> </li> <li> <p>Move your <code>Sentry.init()</code> call from <code>src/hooks.server.(js|ts)</code> to the new <code>instrumentation.server.(js|ts)</code> file:</p> <pre lang="ts"><code>// instrumentation.server.ts import * as Sentry from '@sentry/sveltekit'; <p>Sentry.init({<br /> dsn: '...',<br /> // rest of your config<br /> });<br /> </code></pre></p> <p>The rest of your Sentry config in <code>hooks.server.ts</code> (<code>sentryHandle</code> and <code>handleErrorWithSentry</code>) should stay the same.</p> </li> </ol> <p>If you prefer to stay on the hooks-file based config for now, the SDK will continue to work as previously.</p> <p>Thanks to the Svelte team and <a href="https://github.com/elliott-with-the-longest-name-on-github"><code>@elliott-with-the-longest-name-on-github</code></a> for implementing observability support and for reviewing our PR!</p> </li> </ul> <h3>Other Changes</h3> <ul> <li>fix(react): Avoid multiple name updates on navigation spans (<a href="https://redirect.github.com/getsentry/sentry-javascript/pull/17438">#17438</a>)</li> </ul> <!-- raw HTML omitted --> <ul> <li>test(profiling): Add tests for current state of profiling (<a href="https://redirect.github.com/getsentry/sentry-javascript/pull/17470">#17470</a>)</li> </ul> <!-- raw HTML omitted --> <h2>10.7.0</h2> <h3>Important Changes</h3> <ul> <li><strong>feat(cloudflare): Add <code>instrumentPrototypeMethods</code> option to instrument RPC methods for DurableObjects (<a href="https://redirect.github.com/getsentry/sentry-javascript/pull/17424">#17424</a>)</strong></li> </ul> <p>By default, <code>Sentry.instrumentDurableObjectWithSentry</code> will not wrap any RPC methods on the prototype. To enable wrapping for RPC methods, set <code>instrumentPrototypeMethods</code> to <code>true</code> or, if performance is a concern, a list of only the methods you want to instrument:</p> <pre lang="js"><code></tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Zamil Majdy
|
91dd9364bb |
fix(backend): implement retry mechanism for SmartDecisionMaker tool call validation (#11015)
<!-- Clearly explain the need for these changes: --> This PR fixes a critical production issue where SmartDecisionMakerBlock was silently accepting tool calls with typo'd parameter names (e.g., 'maximum_keyword_difficulty' instead of 'max_keyword_difficulty'), causing downstream blocks to receive null values and execution failures. The solution implements comprehensive parameter validation with automatic retry when the LLM provides malformed tool calls, giving the LLM specific feedback to correct the errors. ### Changes 🏗️ <!-- Concisely describe all of the changes made in this pull request: --> **Core Validation & Retry Logic (`backend/blocks/smart_decision_maker.py`)** - Add tool call parameter validation against function schema - Implement retry mechanism using existing `create_retry_decorator` from `backend.util.retry` - Validate provided parameters against expected schema properties and required fields - Generate specific error messages for unknown parameters (typos) and missing required parameters - Add error feedback to conversation history for LLM learning on retry attempts - Use `input_data.retry` field to configure number of retry attempts **Comprehensive Test Coverage (`backend/blocks/test/test_smart_decision_maker.py`)** - Add `test_smart_decision_maker_parameter_validation` with 4 comprehensive test scenarios: 1. Tool call with typo'd parameter (should retry and eventually fail with clear error) 2. Tool call missing required parameter (should fail immediately with clear error) 3. Valid tool call with optional parameter missing (should succeed) 4. Valid tool call with all parameters provided (should succeed) - Verify retry mechanism works correctly and respects retry count - Mock LLM responses for controlled testing of validation logic **Load Tests Documentation Update (`load-tests/README.md`)** - Update documentation to reflect current orchestrator-based architecture - Remove references to deprecated `run-tests.js` and `comprehensive-orchestrator.js` - Streamline documentation to focus on working `orchestrator/orchestrator.js` - Update NPM scripts and command examples for current workflow - Clean up outdated file references to match actual infrastructure **Production Impact** - **Prevents silent failures**: Tool call parameter typos now cause retries instead of null downstream values - **Maintains compatibility**: No breaking changes to existing SmartDecisionMaker functionality - **Improves reliability**: LLM receives feedback to correct parameter errors - **Configurable retries**: Uses existing `retry` field for user control - **Accurate documentation**: Load-tests docs now match actual working infrastructure ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [x] Run existing SmartDecisionMaker tests to ensure no regressions: `poetry run pytest backend/blocks/test/test_smart_decision_maker.py -xvs` ✅ All 4 tests passed - [x] Run new parameter validation test specifically: `poetry run pytest backend/blocks/test/test_smart_decision_maker.py::test_smart_decision_maker_parameter_validation -xvs` ✅ Passed with retry behavior confirmed - [x] Verify retry mechanism works by checking log output for retry attempts ✅ Confirmed in test logs - [x] Test tool call validation with different scenarios (typos, missing params, valid calls) ✅ All scenarios covered and working - [x] Run code formatting and linting: `poetry run format` ✅ All formatters passed - [x] Verify no breaking changes to existing SmartDecisionMaker functionality ✅ All existing tests pass - [x] Verify load-tests documentation accuracy ✅ README now matches actual orchestrator infrastructure #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) **Note**: No configuration changes were needed as this uses existing retry infrastructure and block schema validation. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
Zamil Majdy
|
f314fbf14f |
fix(backend): resolve two critical long-running agent execution failures (#11011)
## Summary
Fix two production issues causing agent execution failures that occurred
this morning:
1. **AsyncRedisLock Release Error** (ExecutionID:
08b2c251-ee27-45de-b88d-1792823ca3ee)
- Error: "Cannot release a lock that's no longer owned"
- Root cause: Race condition where lock expires during long database
operations
- Location: backend/executor/manager.py synchronized context manager
2. **Tool Call Parameter Validation** (ExecutionID:
766fd9a0-5f22-4a77-96e8-14c9d02f3292)
- Issue: LLM used typo'd parameter 'maximum_keyword_difficulty' instead
of 'max_keyword_difficulty'
- SmartDecisionMakerBlock silently accepted typo, setting correct
parameter to null
- Result: Downstream blocks received null values causing execution
failures
## Changes Made
### AsyncRedisLock Error Handling
- Add try-catch blocks around AsyncRedisLock.release() calls in
ExecutionManager and OAuth refresh
- Prevent crashes when locks expire between ownership check and release
- Log warnings instead of crashing execution
### Tool Call Parameter Validation
- **Reject unknown parameters**: Raise ValueError for typo'd parameter
names with detailed error messages
- **Allow optional parameters**: Only validate missing REQUIRED
parameters
- **Safe parameter access**: Use .get() to handle optional parameters
with defaults
- **Clean code**: Extract parameters object once to eliminate
duplication
## Technical Implementation
**Lock Release Protection:**
```python
if await lock.locked() and await lock.owned():
try:
await lock.release()
except Exception as e:
logger.warning(f"Failed to release lock for key {key}: {e}")
```
**Parameter Validation Logic:**
```python
# Get parameters schema from tool definition
if tool_def and "function" in tool_def and "parameters" in tool_def["function"]:
parameters = tool_def["function"]["parameters"]
expected_args = parameters.get("properties", {})
required_params = set(parameters.get("required", []))
# Detect parameter typos and missing required params
unexpected_args = provided_args - expected_args_set
missing_required_args = required_params - provided_args
if unexpected_args or missing_required_args:
raise ValueError(error_msg) # Detailed error explaining the problem
```
## Testing
- [x] All existing tests pass
- [x] Lock error handling prevents execution crashes
- [x] Tool validation catches typos while allowing optional parameters
- [x] Maintains backward compatibility with existing workflows
## Impact
- ✅ No more "Cannot release a lock" crashes during long database
operations
- ✅ Tool calls with typo'd parameters are rejected with clear error
messages
- ✅ Optional parameters work correctly with default values
- ✅ Production stability improved with graceful error handling
## Files Modified
- `backend/executor/manager.py` - AsyncRedisLock error handling in
synchronized context
- `backend/integrations/creds_manager.py` - OAuth refresh lock error
handling
- `backend/blocks/smart_decision_maker.py` - Tool call parameter
validation with typo detection
Fixes two critical production failures that were causing 2/5 agent runs
to fail this morning.
---------
Co-authored-by: Claude <noreply@anthropic.com>
|
||
|
Zamil Majdy
|
a97ff641c3 |
feat(backend): optimize FastAPI endpoints performance and alert system (#11000)
## Summary Comprehensive performance optimization fixing event loop binding issues and addressing all PR feedback. ### Original Performance Issues Fixed **Event Loop Binding Problems:** - JWT authentication dependencies were synchronous, causing thread pool bottlenecks under high concurrency - FastAPI's default thread pool (40 threads) was insufficient for high-load scenarios - Backend services lacked proper event loop configuration **Security & Performance Improvements:** - Security middleware converted from BaseHTTPMiddleware to pure ASGI for better performance - Added blocks endpoint to cacheable paths for improved response times - Cross-platform uvloop detection with Windows compatibility ### Key Changes Made #### 1. JWT Authentication Async Conversion - **Files**: `autogpt_libs/auth/dependencies.py`, `autogpt_libs/auth/jwt_utils.py` - **Change**: Convert all JWT functions to async (`requires_user`, `requires_admin_user`, `get_user_id`, `get_jwt_payload`) - **Impact**: Eliminates thread pool blocking, improves concurrency handling - **Tests**: All 25+ authentication tests updated to async patterns #### 2. FastAPI Thread Pool Optimization - **File**: `backend/server/rest_api.py:82-93` - **Change**: Configure thread pool size via `config.fastapi_thread_pool_size` - **Default**: Increased from 40 to higher limit for sync operations - **Impact**: Better handling of remaining sync dependencies #### 3. Performance-Optimized Security Middleware - **File**: `backend/server/middleware/security.py` - **Change**: Pure ASGI implementation replacing BaseHTTPMiddleware - **Headers**: HTTP spec compliant capitalization (X-Content-Type-Options, X-Frame-Options, etc.) - **Caching**: Added `/api/blocks` and `/api/v1/blocks` to cacheable paths - **Impact**: Reduced middleware overhead, improved header compliance #### 4. Cross-Platform Event Loop Configuration - **File**: `backend/server/rest_api.py:311-312` - **Change**: Platform-aware uvloop detection: `'uvloop' if platform.system() != 'Windows' else 'auto'` - **Impact**: Windows compatibility while maintaining Unix performance benefits - **Verified**: 'auto' is valid uvicorn default parameter #### 5. Enhanced Caching Infrastructure - **File**: `autogpt_libs/utils/cache.py:118-132` - **Change**: Per-event-loop asyncio.Lock instances prevent cross-loop deadlocks - **Impact**: Thread-safe caching across multiple event loops #### 6. Database Query Limits & Performance - **Files**: Multiple data layer files - **Change**: Added configurable limits to prevent unbounded queries - **Constants**: `MAX_GRAPH_VERSIONS_FETCH=50`, `MAX_USER_API_KEYS_FETCH=500`, etc. - **Impact**: Consistent performance regardless of data volume #### 7. OpenAPI Documentation Improvements - **File**: `backend/server/routers/v1.py:68-85` - **Change**: Added proper response model and schema for blocks endpoint - **Impact**: Better API documentation and type safety #### 8. Error Handling & Retry Logic Fixes - **File**: `backend/util/retry.py:63` - **Change**: Accurate retry threshold comments referencing EXCESSIVE_RETRY_THRESHOLD - **Impact**: Clear documentation for debugging retry scenarios ### ntindle Feedback Addressed ✅ **HTTP Header Capitalization**: All headers now use proper HTTP spec capitalization ✅ **Windows uvloop Compatibility**: Clean platform detection with inline conditional ✅ **OpenAPI Response Model**: Blocks endpoint properly documented in schema ✅ **Retry Comment Accuracy**: References actual threshold constants instead of hardcoded numbers ✅ **Code Cleanliness**: Inline conditionals preferred over verbose if statements ### Performance Testing Results **Before Optimization:** - High latency under concurrent load - Thread pool exhaustion at ~40 concurrent requests - Event loop binding issues causing timeouts **After Optimization:** - Improved concurrency handling with async JWT pipeline - Configurable thread pool scaling - Cross-platform event loop optimization - Reduced middleware overhead ### Backward Compatibility ✅ **All existing functionality preserved** ✅ **No breaking API changes** ✅ **Enhanced test coverage with async patterns** ✅ **Windows and Unix compatibility maintained** ### Files Modified **Core Authentication & Performance:** - `autogpt_libs/auth/dependencies.py` - Async JWT dependencies - `autogpt_libs/auth/jwt_utils.py` - Async JWT utilities - `backend/server/rest_api.py` - Thread pool config + uvloop detection - `backend/server/middleware/security.py` - ASGI security middleware **Database & Limits:** - `backend/data/includes.py` - Performance constants and configurable includes - `backend/data/api_key.py`, `backend/data/credit.py`, `backend/data/graph.py`, `backend/data/integrations.py` - Query limits **Caching & Infrastructure:** - `autogpt_libs/utils/cache.py` - Per-event-loop lock safety - `backend/server/routers/v1.py` - OpenAPI improvements - `backend/util/retry.py` - Comment accuracy **Testing:** - `autogpt_libs/auth/dependencies_test.py` - 25+ async test conversions - `autogpt_libs/auth/jwt_utils_test.py` - Async JWT test patterns Ready for review and production deployment. 🚀 --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
Zamil Majdy
|
114f604d7b | Merge branch 'master' of github.com:Significant-Gravitas/AutoGPT into dev | ||
|
Zamil Majdy
|
3abea1ed96 |
fix(backend): prevent duplicate graph executions across multiple executor pods (#11008)
## Problem Multiple executor pods could simultaneously execute the same graph, leading to: - Duplicate executions and wasted resources - Inconsistent execution states and results - Race conditions in graph execution management - Inefficient resource utilization in cluster environments ## Solution Implement distributed locking using ClusterLock to ensure only one executor pod can process a specific graph execution at a time. ## Key Changes ### Core Fix: Distributed Execution Coordination - **ClusterLock implementation**: Redis-based distributed locking prevents duplicate executions - **Atomic lock acquisition**: Only one executor can hold the lock for a specific graph execution - **Automatic lock expiry**: Prevents deadlocks if executor pods crash or become unresponsive - **Graceful degradation**: System continues operating even if Redis becomes temporarily unavailable ### Technical Implementation - Move ClusterLock to `backend/executor/` alongside ExecutionManager (its primary consumer) - Comprehensive integration tests (27 test scenarios) ensure reliability under all conditions - Redis client compatibility for different deployment configurations - Rate-limited lock refresh to minimize Redis load ### Reliability Improvements - **Context manager support**: Automatic lock cleanup prevents resource leaks - **Ownership verification**: Locks can only be refreshed/released by the owner - **Concurrency testing**: Thread-safe operations verified under high contention - **Error handling**: Robust failure scenarios including network partitions ## Test Coverage - ✅ Concurrent executor coordination (prevents duplicate executions) - ✅ Lock expiry and refresh mechanisms (prevents deadlocks) - ✅ Redis connection failures (graceful degradation) - ✅ Thread safety under high load (production scenarios) - ✅ Long-running executions with periodic refresh ## Impact - **No more duplicate executions**: Eliminates wasted compute resources and inconsistent results - **Improved reliability**: Robust distributed coordination across executor pods - **Better resource utilization**: Only one pod processes each execution - **Scalable architecture**: Supports multiple executor pods without conflicts ## Validation - All integration tests pass ✅ - Existing ExecutionManager functionality preserved ✅ - No breaking changes to APIs ✅ - Production-ready distributed locking ✅ 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com> |
||
|
Abhimanyu Yadav
|
da6e1ad26d |
refactor(frontend): enhance builder UI for better performance (#10922)
### Changes 🏗️ This PR introduces a new high-performance builder interface for the AutoGPT platform, implementing a React Flow-based visual editor with optimized state management and rendering. #### Key Changes: 1. **New Flow Editor Implementation** - Built on React Flow for efficient graph rendering and interaction - Implements a node-based visual workflow builder with custom nodes and edges - Dynamic form generation using React JSON Schema Form (RJSF) for block inputs - Intelligent connection handling with visual feedback 2. **State Management Optimization** - Added Zustand for lightweight, performant state management - Separated node and edge stores for better data isolation - Reduced unnecessary re-renders through granular state updates 3. **Dual Builder View (Temporary)** - Added toggle between old and new builder implementations - Allows A/B testing and gradual migration - Feature flagged for controlled rollout 4. **Enhanced UI Components** - Custom form widgets for various input types (date, time, file, etc.) - Array and object editors with improved UX - Connection handles with visual state indicators - Advanced mode toggle for complex configurations 5. **Architecture Improvements** - Modular component structure for better code organization - Comprehensive documentation for the new system - Type-safe implementation with TypeScript #### Dependencies Added: - `zustand` (v5.0.2) - State management - `@rjsf/core` (v5.22.8) - JSON Schema Form core - `@rjsf/utils` (v5.22.8) - RJSF utilities - `@rjsf/validator-ajv8` (v5.22.8) - Schema validation ### Performance Improvements 🚀 - **Reduced Re-renders**: Zustand's shallow comparison and selective subscriptions minimize unnecessary component updates - **Optimized Graph Rendering**: React Flow provides efficient canvas-based rendering for large workflows - **Lazy Loading**: Components are loaded on-demand reducing initial bundle size - **Memoized Computations**: Heavy calculations are cached to avoid redundant processing ### Test Plan 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: #### Test Checklist: - [x] Create a new agent from scratch with at least 5 blocks - [x] Connect blocks and verify connections render correctly - [x] Switch between old and new builder views - [x] Test all form input types (text, number, boolean, array, object) - [x] Verify data persistence when switching views - [x] Test advanced mode toggle functionality - [x] Performance test with 50+ blocks to verify smooth interaction ### Migration Strategy The implementation includes a temporary toggle to switch between the old and new builder. This allows for: - Gradual user migration - A/B testing to measure performance improvements - Fallback option if issues are discovered - Collecting user feedback before full rollout ### Documentation Comprehensive documentation has been added: - `/components/FlowEditor/docs/README.md` - Architecture overview and store management - `/components/FlowEditor/docs/FORM_CREATOR.md` - Detailed form system documentation --------- Co-authored-by: Zamil Majdy <zamil.majdy@agpt.co> Co-authored-by: Claude <noreply@anthropic.com> |
||
|
Swifty
|
634fffb967 |
fix(blocks): Handle NoneType in DataForSEO Blocks and Add missing Err (#11004)
This PR fixes critical issues in the DataForSEO blocks to improve error handling and prevent runtime exceptions. ### Changes 🏗️ 1. **Fixed NoneType error in DataForSEO Related Keywords Block** (#10990) - Added null check to ensure `items` is always a list before iteration - Prevents TypeError when API returns None for items field - Ensures robust handling of unexpected API responses 2. **Added error output pins to DataForSEO blocks** (#10981) - Added `error` field to Output schema in both `related_keywords.py` and `keyword_suggestions.py` - Wrapped entire `run` methods in try-except blocks - Errors are now properly yielded to the error output pin, allowing agents to handle failures gracefully ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Verified that DataForSEO blocks handle None responses without throwing TypeError - [x] Confirmed error output pins capture and yield exceptions properly - [x] Ensured backwards compatibility with existing block implementations - [x] Tested both Related Keywords and Keyword Suggestions blocks #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) --- Fixes #10990 Fixes #10981 Generated with [Claude Code](https://claude.ai/code) <!-- Clearly explain the need for these changes: --> ### Changes 🏗️ <!-- Concisely describe all of the changes made in this pull request: --> ### Checklist 📋 #### For code changes: - [ ] I have clearly listed my changes in the PR description - [ ] I have made a test plan - [ ] I have tested my changes according to the test plan: <!-- Put your test plan here: --> - [ ] ... <details> <summary>Example test plan</summary> - [ ] Create from scratch and execute an agent with at least 3 blocks - [ ] Import an agent from file upload, and confirm it executes correctly - [ ] Upload agent to marketplace - [ ] Import an agent from marketplace and confirm it executes correctly - [ ] Edit an agent from monitor, and confirm it executes correctly </details> #### For configuration changes: - [ ] `.env.default` is updated or already compatible with my changes - [ ] `docker-compose.yml` is updated or already compatible with my changes - [ ] I have included a list of my configuration changes in the PR description (under **Changes**) <details> <summary>Examples of configuration changes</summary> - Changing ports - Adding new services that need to communicate with each other - Secrets or environment variable changes - New or infrastructure changes such as databases </details> Co-authored-by: Toran Bruce Richards <toran.richards@gmail.com> |
||
|
Toran Bruce Richards
|
f3ec426c82 |
fix(blocks): Handle NoneType in DataForSEO Blocks and Add missing Error pins (#10995)
This PR fixes critical issues in the DataForSEO blocks to improve error handling and prevent runtime exceptions. ### Changes 🏗️ 1. **Fixed NoneType error in DataForSEO Related Keywords Block** (#10990) - Added null check to ensure `items` is always a list before iteration - Prevents TypeError when API returns None for items field - Ensures robust handling of unexpected API responses 2. **Added error output pins to DataForSEO blocks** (#10981) - Added `error` field to Output schema in both `related_keywords.py` and `keyword_suggestions.py` - Wrapped entire `run` methods in try-except blocks - Errors are now properly yielded to the error output pin, allowing agents to handle failures gracefully ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Verified that DataForSEO blocks handle None responses without throwing TypeError - [x] Confirmed error output pins capture and yield exceptions properly - [x] Ensured backwards compatibility with existing block implementations - [x] Tested both Related Keywords and Keyword Suggestions blocks #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) --- Fixes #10990 Fixes #10981 Generated with [Claude Code](https://claude.ai/code) |
||
|
Reinier van der Leer
|
0b267f573e |
feat(blocks): Improve JSON generation+parsing in AI Structured Response block (#10960)
The AI Structured Response Generator block currently doesn't support responses that aren't pure JSON. This prohibits multi-step prompting because reasoning content is not allowed in the response, which in turn limits performance. ### Changes 🏗️ - Adjust prompt to enclose JSON in pre-defined tags so we can extract it from a response that isn't pure JSON - Adjust mechanism to extract and parse JSON - Add `force_json_output` input (advanced, default `False`) - Update incorrect `max_output_tokens` values for Claude 4 and 3.7 to prevent responses from being cut off due to `max_tokens` ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] LLMs correctly follows response generation instructions - [x] LLMs follow system response format instructions even if user prompt contains conflicting instructions - [x] JSON is extracted from response successfully - [x] `force_json_output` works (at least for models that support it) Tested with Claude 4 Sonnet, various GPT models, and Llama 3.3 70B. --------- Co-authored-by: Zamil Majdy <zamil.majdy@agpt.co> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Nicholas Tindle <nicholas.tindle@agpt.co> |
||
|
Reinier van der Leer
|
7bd571d9ce |
fix(blocks): Default disable HTML escaping in all blocks with templating features (#10955)
- Resolves #10954 Unnecessary escaping distorts content and so should be disabled wherever the output isn't used in HTML. ### Changes 🏗️ - Disable HTML escaping on prompt value insertion in AI blocks - Make HTML escaping optional in text formatting and output blocks ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] `SandboxedEnvironment(autoescape=False).from_string(template_str).render(values)` doesn't escape characters with HTML entities |
||
|
Zamil Majdy
|
7a331651ba |
feat(backend): enhance database indexes for AgentGraph and AgentGraphExecution performance (#10985)
## Summary Enhances database performance by improving indexes on `AgentGraph` and `AgentGraphExecution` tables for better query efficiency. ### Changes 🏗️ - **Database Schema**: Updated Prisma schema to enhance database indexes - Modified `AgentGraph` index from `[userId, isActive]` to `[userId, isActive, id, version]` for better compound query performance - Enhanced `AgentGraphExecution` index from `[userId]` to `[userId, isDeleted, createdAt]` to support filtered queries with sorting - **Migration**: Auto-generated Prisma migration to implement the index changes - Drops existing indexes: `AgentGraph_userId_isActive_idx` and `AgentGraphExecution_userId_idx` - Creates new compound indexes: `AgentGraph_userId_isActive_id_version_idx` and `AgentGraphExecution_userId_isDeleted_createdAt_idx` ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Verified migration runs successfully - [x] Confirmed database queries continue to work with new indexes - [x] Tested that existing functionality remains unaffected #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com> |
