mirror of
https://github.com/Significant-Gravitas/AutoGPT.git
synced 2026-02-10 23:05:17 -05:00
82c483d6c817a66a68342e02aa87a8066887fb0e
7918 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Zamil Majdy
|
82c483d6c8 | Merge branch 'dev' into feat/copitlot-claude-code | ||
|
Zamil Majdy
|
7cffa1895f |
fix(backend/chat): Filter duplicate StreamStart from non-SDK path
Routes.py already publishes a StreamStart before calling the service. The SDK path filters the duplicate internally, but the non-SDK path did not, causing two StreamStart events to reach the frontend. |
||
|
Zamil Majdy
|
9791bdd724 |
fix(backend/chat): Use normpath+startswith pattern for CodeQL path sanitization
CodeQL doesn't recognize re.sub as a path sanitizer. Switch to the os.path.normpath + startswith prefix check pattern that CodeQL's taint model explicitly recognizes as breaking the taint chain. |
||
|
Zamil Majdy
|
750a674c78 | fix lock | ||
|
Zamil Majdy
|
960c7980a3 |
fix(backend/chat): Use named helper for session_id sanitization to satisfy CodeQL
Replace inline comprehension with _sanitize_session_id() using re.sub so CodeQL recognizes the path-traversal sanitization barrier. |
||
|
Zamil Majdy
|
e85d437bb2 | fix(backend/chat): Sanitize session_id in SDK cwd path to prevent path traversal | ||
|
dependabot[bot]
|
2cd0d4fe0f |
chore(deps): bump actions/checkout from 4 to 6 (#12034)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>v6-beta by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li> <li>update readme/changelog for v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p> <h2>v6-beta</h2> <h2>What's Changed</h2> <p>Updated persist-credentials to store the credentials under <code>$RUNNER_TEMP</code> instead of directly in the local git config.</p> <p>This requires a minimum Actions Runner version of <a href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a> to access the persisted credentials for <a href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker container action</a> scenarios.</p> <h2>v5.0.1</h2> <h2>What's Changed</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> <h2>v4.3.1</h2> <h2>What's Changed</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.1">https://github.com/actions/checkout/compare/v4...v4.3.1</a></p> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v6.0.2</h2> <ul> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <h2>v6.0.1</h2> <ul> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> </ul> <h2>v6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>v5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>v5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>v4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>v4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Zamil Majdy
|
44f9536bd6 | fix lock | ||
|
Zamil Majdy
|
1c1085a227 |
Merge remote-tracking branch 'origin/dev' into feat/copitlot-claude-code
# Conflicts: # autogpt_platform/backend/backend/api/features/chat/config.py # autogpt_platform/backend/poetry.lock |
||
|
Zamil Majdy
|
d7ef70469e |
fix(backend/chat): Fix cleanup race condition and move to outer finally
- Use session-specific temp dir (/tmp/copilot-{session_id}) as SDK cwd
to prevent concurrent sessions from deleting each other's tool-result
files during cleanup
- Move _cleanup_sdk_tool_results() to outer finally block so it runs
even when the outer except Exception fires
- Clean up the temp cwd directory after each session
- Remove unnecessary inner try/finally nesting
|
||
|
Zamil Majdy
|
1926127ddd |
fix(backend/chat): Fix bugs and remove dead code in SDK integration
- Fix message accumulation bug: reset has_appended_assistant when creating new post-tool assistant message to prevent lost text deltas - Fix hardcoded model in anthropic_fallback.py: use config.model instead of hardcoded "claude-sonnet-4-20250514" - Fix _SDK_TOOL_RESULTS_DIR using hardcoded /root/ path: use expanduser - Remove unused create_strict_security_hooks (~75 lines) - Remove unused create_heartbeat/create_usage from response adapter - Remove unused RAW_TOOL_NAMES from tool_adapter - Extract _MAX_TOOL_ITERATIONS constant from magic number |
||
|
Zamil Majdy
|
8b509e56de |
refactor(backend/chat): Replace --resume with conversation context, add compaction and dedup
- Remove broken --resume/session file approach (CLI v2.1.38 can't load >2 message session files) and delete session_file.py + tests - Embed prior conversation turns as <conversation_history> context in the user message for multi-turn memory - Add context compaction using shared compress_context() from prompt.py with LLM summarization + truncation fallback for long conversations - Reuse _build_system_prompt and _generate_session_title from parent service.py instead of duplicating (gains Langfuse prompt support) - Add has_conversation_history param to _build_system_prompt to avoid greeting on multi-turn conversations - Fix _SDK_TOOL_RESULTS_GLOB from hardcoded /root/ to expanduser ~/ |
||
|
dependabot[bot]
|
1ecae8c87e |
chore(backend/deps): bump aiofiles from 24.1.0 to 25.1.0 in /autogpt_platform/backend (#12043)
Bumps [aiofiles](https://github.com/Tinche/aiofiles) from 24.1.0 to 25.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Tinche/aiofiles/releases">aiofiles's releases</a>.</em></p> <blockquote> <h2>v25.1.0</h2> <ul> <li>Switch to <a href="https://docs.astral.sh/uv/">uv</a> + add Python v3.14 support. (<a href="https://redirect.github.com/Tinche/aiofiles/pull/219">#219</a>)</li> <li>Add <code>ruff</code> formatter and linter. <a href="https://redirect.github.com/Tinche/aiofiles/pull/216">#216</a></li> <li>Drop Python 3.8 support. If you require it, use version 24.1.0. <a href="https://redirect.github.com/Tinche/aiofiles/pull/204">#204</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/danielsmyers"><code>@danielsmyers</code></a> made their first contribution in <a href="https://redirect.github.com/Tinche/aiofiles/pull/185">Tinche/aiofiles#185</a></li> <li><a href="https://github.com/stankudrow"><code>@stankudrow</code></a> made their first contribution in <a href="https://redirect.github.com/Tinche/aiofiles/pull/192">Tinche/aiofiles#192</a></li> <li><a href="https://github.com/waketzheng"><code>@waketzheng</code></a> made their first contribution in <a href="https://redirect.github.com/Tinche/aiofiles/pull/221">Tinche/aiofiles#221</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Tinche/aiofiles/compare/v24.1.0...v25.1.0">https://github.com/Tinche/aiofiles/compare/v24.1.0...v25.1.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Tinche/aiofiles/blob/main/CHANGELOG.md">aiofiles's changelog</a>.</em></p> <blockquote> <h2>25.1.0 (2025-10-09)</h2> <ul> <li>Switch to <a href="https://docs.astral.sh/uv/">uv</a> + add Python v3.14 support. (<a href="https://redirect.github.com/Tinche/aiofiles/pull/219">#219</a>)</li> <li>Add <code>ruff</code> formatter and linter. <a href="https://redirect.github.com/Tinche/aiofiles/pull/216">#216</a></li> <li>Drop Python 3.8 support. If you require it, use version 24.1.0. <a href="https://redirect.github.com/Tinche/aiofiles/pull/204">#204</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
659338f90c |
chore(deps): bump peter-evans/repository-dispatch from 3 to 4 (#12035)
Bumps [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) from 3 to 4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/repository-dispatch/releases">peter-evans/repository-dispatch's releases</a>.</em></p> <blockquote> <h2>Repository Dispatch v4.0.0</h2> <p>⚙️ Requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later if you are using a self-hosted runner for Node 24 support.</p> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.8 to 18.19.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/306">peter-evans/repository-dispatch#306</a></li> <li>build(deps): bump peter-evans/repository-dispatch from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/307">peter-evans/repository-dispatch#307</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.10 to 18.19.14 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/308">peter-evans/repository-dispatch#308</a></li> <li>build(deps): bump peter-evans/create-pull-request from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/310">peter-evans/repository-dispatch#310</a></li> <li>build(deps): bump peter-evans/slash-command-dispatch from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/309">peter-evans/repository-dispatch#309</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.14 to 18.19.15 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/311">peter-evans/repository-dispatch#311</a></li> <li>build(deps-dev): bump prettier from 3.2.4 to 3.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/312">peter-evans/repository-dispatch#312</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.15 to 18.19.17 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/313">peter-evans/repository-dispatch#313</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.17 to 18.19.18 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/314">peter-evans/repository-dispatch#314</a></li> <li>build(deps-dev): bump eslint-plugin-github from 4.10.1 to 4.10.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/316">peter-evans/repository-dispatch#316</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.18 to 18.19.21 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/317">peter-evans/repository-dispatch#317</a></li> <li>build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/318">peter-evans/repository-dispatch#318</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.21 to 18.19.22 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/319">peter-evans/repository-dispatch#319</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.22 to 18.19.24 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/320">peter-evans/repository-dispatch#320</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.24 to 18.19.26 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/321">peter-evans/repository-dispatch#321</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.26 to 18.19.29 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/322">peter-evans/repository-dispatch#322</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.29 to 18.19.31 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/323">peter-evans/repository-dispatch#323</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.31 to 18.19.33 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/324">peter-evans/repository-dispatch#324</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.33 to 18.19.34 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/325">peter-evans/repository-dispatch#325</a></li> <li>build(deps-dev): bump prettier from 3.2.5 to 3.3.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/326">peter-evans/repository-dispatch#326</a></li> <li>build(deps-dev): bump prettier from 3.3.1 to 3.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/327">peter-evans/repository-dispatch#327</a></li> <li>build(deps-dev): bump braces from 3.0.2 to 3.0.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/328">peter-evans/repository-dispatch#328</a></li> <li>build(deps-dev): bump ws from 7.5.9 to 7.5.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/329">peter-evans/repository-dispatch#329</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.34 to 18.19.38 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/330">peter-evans/repository-dispatch#330</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.38 to 18.19.39 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/332">peter-evans/repository-dispatch#332</a></li> <li>build(deps-dev): bump prettier from 3.3.2 to 3.3.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/334">peter-evans/repository-dispatch#334</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.39 to 18.19.41 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/335">peter-evans/repository-dispatch#335</a></li> <li>build(deps-dev): bump eslint-plugin-prettier from 5.1.3 to 5.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/336">peter-evans/repository-dispatch#336</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.41 to 18.19.42 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/337">peter-evans/repository-dispatch#337</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.42 to 18.19.43 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/338">peter-evans/repository-dispatch#338</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.43 to 18.19.44 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/339">peter-evans/repository-dispatch#339</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.44 to 18.19.45 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/340">peter-evans/repository-dispatch#340</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.45 to 18.19.47 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/341">peter-evans/repository-dispatch#341</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.47 to 18.19.50 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/343">peter-evans/repository-dispatch#343</a></li> <li>build(deps): bump peter-evans/create-pull-request from 6 to 7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/342">peter-evans/repository-dispatch#342</a></li> <li>build(deps-dev): bump eslint from 8.57.0 to 8.57.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/344">peter-evans/repository-dispatch#344</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.50 to 18.19.53 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/345">peter-evans/repository-dispatch#345</a></li> <li>build(deps-dev): bump <code>@vercel/ncc</code> from 0.38.1 to 0.38.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/346">peter-evans/repository-dispatch#346</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/347">peter-evans/repository-dispatch#347</a></li> <li>build(deps): bump <code>@actions/core</code> from 1.10.1 to 1.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/349">peter-evans/repository-dispatch#349</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.53 to 18.19.54 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/348">peter-evans/repository-dispatch#348</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/350">peter-evans/repository-dispatch#350</a></li> <li>build(deps): bump <code>@actions/core</code> from 1.11.0 to 1.11.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/351">peter-evans/repository-dispatch#351</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.54 to 18.19.55 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/352">peter-evans/repository-dispatch#352</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/353">peter-evans/repository-dispatch#353</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.55 to 18.19.56 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/354">peter-evans/repository-dispatch#354</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Abhimanyu Yadav
|
4df5b7bde7 |
refactor(frontend): remove defaultExpanded prop from ToolAccordion components (#12054)
### Changes - Removed `defaultExpanded` prop from `ToolAccordion` in CreateAgent, EditAgent, RunAgent, and RunBlock components to streamline the code and improve readability. ### Impact - This refactor enhances maintainability by reducing complexity in the component structure while preserving existing functionality. ### Changes 🏗️ - Removed conditional expansion logic from all tool components - Simplified ToolAccordion implementation across all affected components ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Create and run agents with various tools to verify accordion behavior works correctly - [x] Verify that UI components expand and collapse as expected - [x] Test with different output types to ensure proper rendering --------- Co-authored-by: Ubbe <hi@ubbe.dev> Co-authored-by: Lluis Agusti <hi@llu.lu>autogpt-platform-beta-v0.6.47 |
||
|
Zamil Majdy
|
acb2d0bd1b |
fix(backend/chat): Resolve symlinks in session file path for --resume
The CLI resolves symlinks when computing its project directory (e.g. /tmp -> /private/tmp on macOS), so our session file writes must use the resolved path to match. Also adds cwd to ClaudeAgentOptions and debug logging for SDK messages. |
||
|
Zamil Majdy
|
51aa369c80 |
fix(backend): Restore PyYAML cp38 wheel entries in poetry.lock
Re-add Python 3.8 wheel entries for PyYAML that were dropped by poetry lock resolution, keeping the lockfile consistent with dev. |
||
|
Otto
|
017a00af46 |
feat(copilot): Enable extended thinking for Claude models (#12052)
## Summary
Enables Anthropic's extended thinking feature for Claude models in
CoPilot via OpenRouter. This keeps the model's chain-of-thought
reasoning internal rather than outputting it to users.
## Problem
The CoPilot prompt was designed for a thinking agent (with
`<internal_reasoning>` tags), but extended thinking wasn't enabled on
the API side. This caused the model to output its reasoning as regular
text, leaking internal analysis to users.
## Solution
Added thinking configuration to the OpenRouter `extra_body` for
Anthropic models:
```python
extra_body["provider"] = {
"anthropic": {
"thinking": {
"type": "enabled",
"budget_tokens": config.thinking_budget_tokens,
}
}
}
```
## Configuration
New settings in `ChatConfig`:
| Setting | Default | Description |
|---------|---------|-------------|
| `thinking_enabled` | `True` | Enable extended thinking for Claude
models |
| `thinking_budget_tokens` | `10000` | Token budget for thinking
(1000-100000) |
## Changes
- `config.py`: Added `thinking_enabled` and `thinking_budget_tokens`
settings
- `service.py`: Added thinking config to all 3 places where `extra_body`
is built for LLM calls
## Testing
- Verify CoPilot responses no longer include internal reasoning text
- Check that Claude's extended thinking is working (should see thinking
tokens in usage)
- Confirm non-Anthropic models are unaffected
## Related
Discussion:
https://discord.com/channels/1126875755960336515/1126875756925046928/1470779843552612607
---------
Co-authored-by: Swifty <craigswift13@gmail.com>
|
||
|
Zamil Majdy
|
6403ffe353 |
fix(backend/chat): Use --resume with session files for multi-turn conversations
Replace broken AsyncIterable approach (CLI rejects assistant-type stdin messages) with JSONL session files written to the CLI's storage directory. This enables --resume to load full user+assistant context with turn-level compaction support for long conversations. |
||
|
Reinier van der Leer
|
52650eed1d |
refactor(frontend/auth): Move /copilot auth check to middleware (#12053)
These "is the user authenticated, and should they be?" checks should not be spread across the codebase, it's complex enough as it is. :') - Follow-up to #12050 ### Changes 🏗️ - Revert "fix(frontend): copilot redirect logout (#12050)" - Add `/copilot` to `PROTECTED_PAGES` in `@/lib/supabase/helpers` ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Trivial change, we know this works for other pages |
||
|
Zamil Majdy
|
c40a98ba3c | Merge branches 'feat/copitlot-claude-code' and 'dev' of github.com:Significant-Gravitas/AutoGPT into feat/copitlot-claude-code | ||
|
Zamil Majdy
|
a31fc8b162 |
refactor(backend/chat): Use proper SDK types and in-memory conversation history
Replace duck typing (class name checks, getattr) with isinstance() using SDK-exported dataclasses. Replace file-based --resume with AsyncIterable message injection for conversation history, eliminating disk I/O. Add 15 unit tests for the response adapter. |
||
|
dependabot[bot]
|
81c1524658 |
chore(backend/deps): bump the production-dependencies group in /autogpt_platform/backend with 2 updates (#12037)
Bumps the production-dependencies group in /autogpt_platform/backend with 2 updates: [fastapi](https://github.com/fastapi/fastapi) and [langfuse](https://github.com/langfuse/langfuse). Updates `fastapi` from 0.128.5 to 0.128.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fastapi/fastapi/releases">fastapi's releases</a>.</em></p> <blockquote> <h2>0.128.6</h2> <h3>Fixes</h3> <ul> <li>🐛 Fix <code>on_startup</code> and <code>on_shutdown</code> parameters of <code>APIRouter</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14873">#14873</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> <h3>Translations</h3> <ul> <li>🌐 Update translations for zh (update-outdated). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14843">#14843</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> </ul> <h3>Internal</h3> <ul> <li>✅ Fix parameterized tests with snapshots. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14875">#14875</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Ubbe
|
f2ead70f3d |
fix(frontend): copilot redirect logout (#12050)
## Changes 🏗️ Redirect to `/login` if the user is not authenticated and tries to access `/copilot` ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Run the app locally and tested |
||
|
Zamil Majdy
|
0f2d1a6553 | Merge branch 'dev' into feat/copitlot-claude-code | ||
|
Zamil Majdy
|
87d817b83b |
fix(backend/chat): Allow MCP-registered tools through security hook and fix title generation
- Skip BLOCKED_TOOLS check for tools with mcp__copilot__ prefix since they are already sandboxed by tool_adapter (fixes Read tool being blocked) - Fall back to session.messages for title generation when message=None |
||
|
Abhimanyu Yadav
|
7d4c020a9b |
feat(chat): implement AI SDK integration with custom streaming response handling (#11901)
### Changes 🏗️ - Added AI SDK integration for chat streaming with proper message handling - Implemented custom to_sse method in StreamToolOutputAvailable to exclude non-spec fields - Modified stream_chat_completion to reuse message IDs for tool call continuations - Created new Copilot 2.0 UI with AI SDK React components - Added streamdown and related packages for markdown rendering - Built reusable conversation and message components for the chat interface - Added support for tool output display in the chat UI ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Start a new chat session and verify streaming works correctly - [x] Test tool calls and verify they display properly in the UI - [x] Verify message continuations don't create duplicate messages - [x] Test markdown rendering with code blocks and other formatting - [x] Verify the UI is responsive and scrolls correctly #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) --------- Co-authored-by: Lluis Agusti <hi@llu.lu> Co-authored-by: Ubbe <hi@ubbe.dev> |
||
|
Zamil Majdy
|
acf932bf4f | refactor(backend/chat): Move glob/os imports to top-level in SDK service | ||
|
Zamil Majdy
|
f562d9a277 |
fix(backend/chat): Add Read tool for SDK oversized tool results
The Claude Agent SDK saves tool results exceeding its token limit to files and instructs the agent to read them back with a Read tool. Our MCP server didn't have this tool, breaking the agent on large results like run_block output (117K+ chars). Changes: - Add a Read tool to the MCP server (restricted to /root/.claude/) - Register it in COPILOT_TOOL_NAMES so the SDK can use it - Add safety-net truncation at 500K chars for extreme cases - Clean up SDK tool-result files after each client session |
||
|
Zamil Majdy
|
3c92a96504 |
fix(backend/chat): Publish StreamError before StreamFinish on error paths
When run_ai_generation() or event_generator() encounter errors, they were only publishing StreamFinish without a preceding StreamError. The frontend treats finish-without-error as normal completion, leaving the user with an apparently stuck/empty response requiring a page refresh. |
||
|
Zamil Majdy
|
8b8e1df739 |
fix(backend/chat): Auto-expire stale running tasks to unblock sessions
Tasks stuck in "running" status beyond stream_timeout (300s) are now auto-marked as failed when looked up, preventing zombie tasks from blocking the session indefinitely. |
||
|
dependabot[bot]
|
e596ea87cb |
chore(libs/deps-dev): bump pytest-cov from 6.2.1 to 7.0.0 in /autogpt_platform/autogpt_libs (#12030)
Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 6.2.1 to 7.0.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst">pytest-cov's changelog</a>.</em></p> <blockquote> <h2>7.0.0 (2025-09-09)</h2> <ul> <li> <p>Dropped support for subprocesses measurement.</p> <p>It was a feature added long time ago when coverage lacked a nice way to measure subprocesses created in tests. It relied on a <code>.pth</code> file, there was no way to opt-out and it created bad interations with <code>coverage's new patch system <https://coverage.readthedocs.io/en/latest/config.html#run-patch></code>_ added in <code>7.10 <https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24></code>_.</p> <p>To migrate to this release you might need to enable the suprocess patch, example for <code>.coveragerc</code>:</p> <p>.. code-block:: ini</p> <p>[run] patch = subprocess</p> <p>This release also requires at least coverage 7.10.6.</p> </li> <li> <p>Switched packaging to have metadata completely in <code>pyproject.toml</code> and use <code>hatchling <https://pypi.org/project/hatchling/></code>_ for building. Contributed by Ofek Lev in <code>[#551](https://github.com/pytest-dev/pytest-cov/issues/551) <https://github.com/pytest-dev/pytest-cov/pull/551></code>_ with some extras in <code>[#716](https://github.com/pytest-dev/pytest-cov/issues/716) <https://github.com/pytest-dev/pytest-cov/pull/716></code>_.</p> </li> <li> <p>Removed some not really necessary testing deps like <code>six</code>.</p> </li> </ul> <h2>6.3.0 (2025-09-06)</h2> <ul> <li>Added support for markdown reports. Contributed by Marcos Boger in <code>[#712](https://github.com/pytest-dev/pytest-cov/issues/712) <https://github.com/pytest-dev/pytest-cov/pull/712></code>_ and <code>[#714](https://github.com/pytest-dev/pytest-cov/issues/714) <https://github.com/pytest-dev/pytest-cov/pull/714></code>_.</li> <li>Fixed some formatting issues in docs. Anonymous contribution in <code>[#706](https://github.com/pytest-dev/pytest-cov/issues/706) <https://github.com/pytest-dev/pytest-cov/pull/706></code>_.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Zamil Majdy
|
602a0a4fb1 | fix(backend/chat): Strip tool call noise from conversation history context | ||
|
Zamil Majdy
|
8d7d531ae0 | refactor(backend/chat): Remove unused max_context_messages config | ||
|
Zamil Majdy
|
43153a12e0 | fix(backend/chat): Remove manual context truncation from SDK path, let SDK handle compaction | ||
|
Zamil Majdy
|
587e11c60a | refactor(backend/chat): Extract MCP server name constants to avoid hardcoded strings | ||
|
Zamil Majdy
|
57da545e02 | Merge branch 'dev' into feat/copitlot-claude-code | ||
|
Otto
|
81f8290f01 |
debug(backend/db): Add diagnostic logging for vector type errors (#12024)
Adds diagnostic logging when the `type vector does not exist` error occurs in raw SQL queries. ## Problem We're seeing intermittent "type vector does not exist" errors on dev-behave ([Sentry issue](https://significant-gravitas.sentry.io/issues/7205929979/)). The pgvector extension should be in the search_path, but occasionally queries fail to resolve the vector type. ## Solution When a query fails with this specific error, we now log: - `SHOW search_path` - what schemas are being searched - `SELECT current_schema()` - the active schema - `SELECT current_user, session_user, current_database()` - connection context This diagnostic info will help identify why the vector extension isn't visible in certain cases. ## Changes - Added `_log_vector_error_diagnostics()` helper function in `backend/data/db.py` - Wrapped SQL execution in try/except to catch and diagnose vector type errors - Original exception is re-raised after logging (no behavior change) ## Testing This is observational/diagnostic code. It will be validated by waiting for the error to occur naturally on dev and checking the logs. ## Rollout Once we've captured diagnostic logs and identified the root cause, this logging can be removed or reduced in verbosity. |
||
|
Zamil Majdy
|
626980bf27 | Merge branch 'dev' into feat/copitlot-claude-code | ||
|
Reinier van der Leer
|
6467f6734f |
debug(backend/chat): Add timing logging to chat stream generation mechanism (#12019)
[SECRT-1912: Investigate & eliminate chat session start latency](https://linear.app/autogpt/issue/SECRT-1912) ### Changes 🏗️ - Add timing logs to `backend.api.features.chat` in `routes.py`, `service.py`, and `stream_registry.py` - Remove unneeded DB join in `create_chat_session` ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - CI checks |
||
|
Otto
|
5a30d11416 |
refactor(copilot): Code cleanup and deduplication (#11950)
## Summary Code cleanup of the AI Copilot codebase - rebased onto latest dev. ## Changes ### New Files - `backend/util/validation.py` - UUID validation helpers - `backend/api/features/chat/tools/helpers.py` - Shared tool utilities ### Credential Matching Consolidation - Added shared utilities to `utils.py` - Refactored `run_block._check_block_credentials()` with discriminator support - Extracted `_resolve_discriminated_credentials()` for multi-provider handling ### Routes Cleanup - Extracted `_create_stream_generator()` and `SSE_RESPONSE_HEADERS` ### Tool Files Cleanup - Updated `run_agent.py` and `run_block.py` to use shared helpers **WIP** - This PR will be updated incrementally. |
||
|
Bently
|
1f4105e8f9 |
fix(frontend): Handle object values in FileInput component (#11948)
Fixes [#11800](https://github.com/Significant-Gravitas/AutoGPT/issues/11800) ## Problem The FileInput component crashed with `TypeError: e.startsWith is not a function` when the value was an object (from external API) instead of a string. ## Example Input Object When using the external API (`/external-api/v1/graphs/{id}/execute/{version}`), file inputs can be passed as objects: ```json { "node_input": { "input_image": { "name": "image.jpeg", "type": "image/jpeg", "size": 131147, "data": "/9j/4QAW..." } } } ``` ## Changes - Updated `getFileLabelFromValue()` to handle object format: `{ name, type, size, data }` - Added type guards for string vs object values - Graceful fallback for edge cases (null, undefined, empty object) ## Test cases verified - Object with name: returns filename - Object with type only: extracts and formats MIME type - String data URI: parses correctly - String file path: extracts extension - Edge cases: returns "File" fallback |
||
|
Bently
|
caf9ff34e6 |
fix(backend): Handle stale RabbitMQ channels on connection drop (#11929)
### Changes 🏗️ Fixes [**AUTOGPT-SERVER-1TN**](https://autoagpt.sentry.io/issues/?query=AUTOGPT-SERVER-1TN) (~39K events since Feb 2025) and related connection issues **6JC/6JD/6JE/6JF** (~6K combined). #### Problem When the RabbitMQ TCP connection drops (network blip, server restart, etc.): 1. `connect_robust` (aio_pika) automatically reconnects the underlying AMQP connection 2. But `AsyncRabbitMQ._channel` still references the **old dead channel** 3. `is_ready` checks `not self._channel.is_closed` — but the channel object doesn't know the transport is gone 4. `publish_message` tries to use the stale channel → `ChannelInvalidStateError: No active transport in channel` 5. `@func_retry` retries 5 times, but each retry hits the same stale channel (it passes `is_ready`) This means every connection drop generates errors until the process is restarted. #### Fix **New `_ensure_channel()` helper** that resets stale channels before reconnecting, so `connect()` creates a fresh one instead of short-circuiting on `is_connected`. **Explicit `ChannelInvalidStateError` handling in `publish_message`:** 1. First attempt uses `_ensure_channel()` (handles normal staleness) 2. If publish throws `ChannelInvalidStateError`, does a full reconnect (resets both `_channel` and `_connection`) and retries once 3. `@func_retry` provides additional retry resilience on top **Simplified `get_channel()`** to use the same resilient helper. **1 file changed, 62 insertions, 24 deletions.** #### Impact - Eliminates ~39K `ChannelInvalidStateError` Sentry events - RabbitMQ operations self-heal after connection drops without process restart - Related transport EOF errors (6JC/6JD/6JE/6JF) should also reduce |
||
|
Swifty
|
e42b27af3c | Merge branch 'dev' into feat/copitlot-claude-code | ||
|
Zamil Majdy
|
34face15d2 | fix lock | ||
|
Nicholas Tindle
|
e8fc8ee623 |
fix(backend): filter graph-only blocks from CoPilot's find_block results (#11892)
Filters out blocks that are unsuitable for standalone execution from
CoPilot's block search and execution. These blocks serve graph-specific
purposes and will either fail, hang, or confuse users when run outside
of a graph context.
**Important:** This does NOT affect the Builder UI which uses
`load_all_blocks()` directly.
### Changes 🏗️
- **find_block.py**: Added `EXCLUDED_BLOCK_TYPES` and
`EXCLUDED_BLOCK_IDS` constants, skip excluded blocks in search results
- **run_block.py**: Added execution guard that returns clear error
message for excluded blocks
- **content_handlers.py**: Added filtering to
`BlockHandler.get_missing_items()` and `get_stats()` to prevent indexing
excluded blocks
**Excluded by BlockType:**
| BlockType | Reason |
|-----------|--------|
| `INPUT` | Graph interface definition - data enters via chat, not graph
inputs |
| `OUTPUT` | Graph interface definition - data exits via chat, not graph
outputs |
| `WEBHOOK` | Wait for external events - would hang forever in CoPilot |
| `WEBHOOK_MANUAL` | Same as WEBHOOK |
| `NOTE` | Visual annotation only - no runtime behavior |
| `HUMAN_IN_THE_LOOP` | Pauses for human approval - CoPilot IS
human-in-the-loop |
| `AGENT` | AgentExecutorBlock requires graph context - use `run_agent`
tool instead |
**Excluded by ID:**
| Block | Reason |
|-------|--------|
| `SmartDecisionMakerBlock` | Dynamically discovers downstream blocks
via graph topology |
### Checklist 📋
#### For code changes:
- [x] I have clearly listed my changes in the PR description
- [x] I have made a test plan
- [x] I have tested my changes according to the test plan:
- [ ] Search for "input" in CoPilot - should NOT return AgentInputBlock
variants
- [ ] Search for "output" in CoPilot - should NOT return
AgentOutputBlock
- [ ] Search for "webhook" in CoPilot - should NOT return trigger blocks
- [ ] Search for "human" in CoPilot - should NOT return
HumanInTheLoopBlock
- [ ] Search for "decision" in CoPilot - should NOT return
SmartDecisionMakerBlock
- [ ] Verify functional blocks still appear (e.g., "email", "http",
"text")
- [ ] Verify Builder UI still shows ALL blocks (no regression)
#### For configuration changes:
- [x] `.env.default` is updated or already compatible with my changes
- [x] `docker-compose.yml` is updated or already compatible with my
changes
- [x] I have included a list of my configuration changes in the PR
description (under **Changes**)
No configuration changes required.
---
Resolves: [SECRT-1831](https://linear.app/autogpt/issue/SECRT-1831)
🤖 Generated with [Claude Code](https://claude.ai/code)
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> **Low Risk**
> Behavior change is limited to CoPilot’s block discovery/execution
guards and is covered by new tests; main risk is inadvertently excluding
a block that should be runnable.
>
> **Overview**
> CoPilot now **filters out graph-only blocks** from `find_block`
results and prevents them from being executed via `run_block`, returning
a clear error when a user attempts to run an excluded block.
>
> `find_block` introduces explicit exclusion lists (by `BlockType` and a
specific block ID), over-fetches search results to maintain up to 10
usable matches after filtering, and adds debug logging when results are
reduced. New unit tests cover both the search filtering and the
`run_block` execution guard; a minor cleanup removes an unused `pytest`
import in `execution_queue_test.py`.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
|
||
|
dependabot[bot]
|
1a16e203b8 |
chore(deps): Bump actions/setup-node from 4 to 6 (#11213)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-node/releases">actions/setup-node's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <p><strong>Breaking Changes</strong></p> <ul> <li>Limit automatic caching to npm, update workflows and documentation by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1374">actions/setup-node#1374</a></li> </ul> <p><strong>Dependency Upgrades</strong></p> <ul> <li>Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1336">#1336</a></li> <li>Upgrade prettier from 2.8.8 to 3.6.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1334">#1334</a></li> <li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1362">#1362</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-node/compare/v5...v6.0.0">https://github.com/actions/setup-node/compare/v5...v6.0.0</a></p> <h2>v5.0.0</h2> <h2>What's Changed</h2> <h3>Breaking Changes</h3> <ul> <li>Enhance caching in setup-node with automatic package manager detection by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1348">actions/setup-node#1348</a></li> </ul> <p>This update, introduces automatic caching when a valid <code>packageManager</code> field is present in your <code>package.json</code>. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set <code>package-manager-cache: false</code></p> <pre lang="yaml"><code>steps: - uses: actions/checkout@v5 - uses: actions/setup-node@v5 with: package-manager-cache: false </code></pre> <ul> <li>Upgrade action to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1325">actions/setup-node#1325</a></li> </ul> <p>Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. <a href="https://github.com/actions/runner/releases/tag/v2.327.1">See Release Notes</a></p> <h3>Dependency Upgrades</h3> <ul> <li>Upgrade <code>@octokit/request-error</code> and <code>@actions/github</code> by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1227">actions/setup-node#1227</a></li> <li>Upgrade uuid from 9.0.1 to 11.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1273">actions/setup-node#1273</a></li> <li>Upgrade undici from 5.28.5 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1295">actions/setup-node#1295</a></li> <li>Upgrade form-data to bring in fix for critical vulnerability by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1332">actions/setup-node#1332</a></li> <li>Upgrade actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-node/pull/1345">actions/setup-node#1345</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-node/pull/1348">actions/setup-node#1348</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-node/pull/1325">actions/setup-node#1325</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-node/compare/v4...v5.0.0">https://github.com/actions/setup-node/compare/v4...v5.0.0</a></p> <h2>v4.4.0</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Zamil Majdy
|
7d32c83f95 | fix(backend/chat): Handle non-serializable SDK objects in tool result output | ||
|
dependabot[bot]
|
5dae303ce0 |
chore(frontend/deps): Bump react-window and @types/react-window in /autogpt_platform/frontend (#10943)
Bumps [react-window](https://github.com/bvaughn/react-window) and [@types/react-window](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-window). These dependencies needed to be updated together. Updates `react-window` from 1.8.11 to 2.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bvaughn/react-window/releases">react-window's releases</a>.</em></p> <blockquote> <h2>2.1.0</h2> <p>Improved ARIA support:</p> <ul> <li>Add better default ARIA attributes for outer <code>HTMLDivElement</code></li> <li>Add optional <code>ariaAttributes</code> prop to row and cell renderers to simplify better ARIA attributes for user-rendered cells</li> <li>Remove intermediate <code>HTMLDivElement</code> from <code>List</code> and <code>Grid</code> <ul> <li>This may enable more/better custom CSS styling</li> <li>This may also enable adding an optional <code>children</code> prop to <code>List</code> and <code>Grid</code> for e.g. overlays/tooltips</li> </ul> </li> <li>Add optional <code>tagName</code> prop; defaults to <code>"div"</code> but can be changed to e.g. <code>"ul"</code></li> </ul> <pre lang="tsx"><code>// Example of how to use new `ariaAttributes` prop function RowComponent({ ariaAttributes, index, style, ...rest }: RowComponentProps<object>) { return ( <div style={style} {...ariaAttributes}> ... </div> ); } </code></pre> <p>Added optional <code>children</code> prop to better support edge cases like sticky rows.</p> <p>Minor changes to <code>onRowsRendered</code> and <code>onCellsRendered</code> callbacks to make it easier to differentiate between <em>visible</em> items and items rendered due to overscan settings. These methods will now receive two params– the first for <em>visible</em> rows and the second for <em>all</em> rows (including overscan), e.g.:</p> <pre lang="ts"><code>function onRowsRendered( visibleRows: { startIndex: number; stopIndex: number; }, allRows: { startIndex: number; stopIndex: number; } ): void { // ... } <p>function onCellsRendered(<br /> visibleCells: {<br /> columnStartIndex: number;<br /> columnStopIndex: number;<br /> rowStartIndex: number;<br /> rowStopIndex: number;<br /> </tr></table><br /> </code></pre></p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/bvaughn/react-window/blob/master/CHANGELOG.md">react-window's changelog</a>.</em></p> <blockquote> <h2>2.1.0</h2> <p>Improved ARIA support:</p> <ul> <li>Add better default ARIA attributes for outer <code>HTMLDivElement</code></li> <li>Add optional <code>ariaAttributes</code> prop to row and cell renderers to simplify better ARIA attributes for user-rendered cells</li> <li>Remove intermediate <code>HTMLDivElement</code> from <code>List</code> and <code>Grid</code> <ul> <li>This may enable more/better custom CSS styling</li> <li>This may also enable adding an optional <code>children</code> prop to <code>List</code> and <code>Grid</code> for e.g. overlays/tooltips</li> </ul> </li> <li>Add optional <code>tagName</code> prop; defaults to <code>"div"</code> but can be changed to e.g. <code>"ul"</code></li> </ul> <pre lang="tsx"><code>// Example of how to use new `ariaAttributes` prop function RowComponent({ ariaAttributes, index, style, ...rest }: RowComponentProps<object>) { return ( <div style={style} {...ariaAttributes}> ... </div> ); } </code></pre> <p>Added optional <code>children</code> prop to better support edge cases like sticky rows.</p> <p>Minor changes to <code>onRowsRendered</code> and <code>onCellsRendered</code> callbacks to make it easier to differentiate between <em>visible</em> items and items rendered due to overscan settings. These methods will now receive two params– the first for <em>visible</em> rows and the second for <em>all</em> rows (including overscan), e.g.:</p> <pre lang="ts"><code>function onRowsRendered( visibleRows: { startIndex: number; stopIndex: number; }, allRows: { startIndex: number; stopIndex: number; } ): void { // ... } <p>function onCellsRendered(<br /> visibleCells: {<br /> columnStartIndex: number;<br /> columnStopIndex: number;<br /> rowStartIndex: number;<br /> </tr></table><br /> </code></pre></p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Zamil Majdy
|
6e2a45b84e | style(backend): Remove unused pytest import in execution_queue_test |