mirror of
https://github.com/Significant-Gravitas/AutoGPT.git
synced 2026-02-13 00:05:02 -05:00
a4d194cb076c23457be54bac945bf50eb2eeeb34
7954 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Zamil Majdy
|
a4d194cb07 |
fix(frontend): Address PR review comments
- Remove legacy-builder changes: revert BlocksControl.tsx, CustomNode.tsx, and Flow.tsx to dev state - Move MCPToolDialog.tsx from legacy-builder/ to components/ and update import path in NewControlPanel/NewBlockMenu/Block.tsx - Revert out-of-scope CredentialsSelect auto-defaulting behavior - Remove `as any` cast in CredentialsInput.tsx display name |
||
|
Zamil Majdy
|
3ed4d6e56b |
Merge branch 'dev' into feat/mcp-blocks
Resolve conflict in backend/data/block.py caused by the circular
import refactor (
|
||
|
Abhimanyu Yadav
|
4f6055f494 |
refactor(frontend): remove default expiration date from API key credentials form (#12092)
### Changes 🏗️ Removed the default expiration date for API keys in the credentials modal. Previously, API keys were set to expire the next day by default, but now the expiration date field starts empty, allowing users to explicitly choose whether they want to set an expiration date. ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Open the API key credentials modal and verify the expiration date field is empty by default - [x] Test creating an API key with and without an expiration date - [x] Verify both scenarios work correctly <!-- greptile_comment --> <h2>Greptile Overview</h2> <details><summary><h3>Greptile Summary</h3></summary> Removed the default expiration date for API key credentials in the credentials modal. Previously, API keys were automatically set to expire the next day at midnight. Now the expiration date field starts empty, allowing users to explicitly choose whether to set an expiration. - Removed `getDefaultExpirationDate()` helper function that calculated tomorrow's date - Changed default `expiresAt` value from calculated date to empty string - Backend already supports optional expiration (`expires_at?: number`), so no backend changes needed - Form submission correctly handles empty expiration by passing `undefined` to the API </details> <details><summary><h3>Confidence Score: 5/5</h3></summary> - This PR is safe to merge with minimal risk - The changes are straightforward and well-contained. The refactor removes a helper function and changes a default value. The backend API already supports optional expiration dates, and the form submission logic correctly handles empty values by passing undefined. The change improves UX by not forcing a default expiration date on users. - No files require special attention </details> <!-- greptile_other_comments_section --> <!-- /greptile_comment --> |
||
|
Otto
|
695a185fa1 |
fix(frontend): remove fixed min-height from CoPilot message container (#12091)
## Summary Removes the `min-h-screen` class from `ConversationContent` in ChatMessagesContainer, which was causing fixed height layout issues in the CoPilot chat interface. ## Changes - Removed `min-h-screen` from ConversationContent className ## Linear Fixes [SECRT-1944](https://linear.app/autogpt/issue/SECRT-1944) <!-- greptile_comment --> <h2>Greptile Overview</h2> <details><summary><h3>Greptile Summary</h3></summary> Removes the `min-h-screen` (100vh) class from `ConversationContent` that was causing the chat message container to enforce a minimum viewport height. The parent container already handles height constraints with `h-full min-h-0` and flexbox layout, so the fixed minimum height was creating layout conflicts. The component now properly grows within its flex container using `flex-1`. </details> <details><summary><h3>Confidence Score: 5/5</h3></summary> - This PR is safe to merge with minimal risk - The change removes a single problematic CSS class that was causing fixed height layout issues. The parent container already handles height constraints properly with flexbox, and removing min-h-screen allows the component to size correctly within its flex parent. This is a targeted, low-risk bug fix with no logic changes. - No files require special attention </details> <!-- greptile_other_comments_section --> <!-- /greptile_comment --> |
||
|
Reinier van der Leer
|
113e87a23c |
refactor(backend): Reduce circular imports (#12068)
I'm getting circular import issues because there is a lot of cross-importing between `backend.data`, `backend.blocks`, and other modules. This change reduces block-related cross-imports and thus risk of breaking circular imports. ### Changes 🏗️ - Strip down `backend.data.block` - Move `Block` base class and related class/enum defs to `backend.blocks._base` - Move `is_block_auth_configured` to `backend.blocks._utils` - Move `get_blocks()`, `get_io_block_ids()` etc. to `backend.blocks` (`__init__.py`) - Update imports everywhere - Remove unused and poorly typed `Block.create()` - Change usages from `block_cls.create()` to `block_cls()` - Improve typing of `load_all_blocks` and `get_blocks` - Move cross-import of `backend.api.features.library.model` from `backend/data/__init__.py` to `backend/data/integrations.py` - Remove deprecated attribute `NodeModel.webhook` - Re-generate OpenAPI spec and fix frontend usage - Eliminate module-level `backend.blocks` import from `blocks/agent.py` - Eliminate module-level `backend.data.execution` and `backend.executor.manager` imports from `blocks/helpers/review.py` - Replace `BlockInput` with `GraphInput` for graph inputs ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - CI static type-checking + tests should be sufficient for this |
||
|
Abhimanyu Yadav
|
d09f1532a4 |
feat(frontend): replace legacy builder with new flow editor
(#12081) ### Changes 🏗️ This PR completes the migration from the legacy builder to the new Flow editor by removing all legacy code and feature flags. **Removed:** - Old builder view toggle functionality (`BuilderViewTabs.tsx`) - Legacy debug panel (`RightSidebar.tsx`) - Feature flags: `NEW_FLOW_EDITOR` and `BUILDER_VIEW_SWITCH` - `useBuilderView` hook and related view-switching logic **Updated:** - Simplified `build/page.tsx` to always render the new Flow editor - Added CSS styling (`flow.css`) to properly render Phosphor icons in React Flow handles **Tests:** - Skipped e2e test suite in `build.spec.ts` (legacy builder tests) - Follow-up PR (#12082) will add new e2e tests for the Flow editor ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Create a new flow and verify it loads correctly - [x] Add nodes and connections to verify basic functionality works - [x] Verify that node handles render correctly with the new CSS - [x] Check that the UI is clean without the old debug panel or view toggles #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes |
||
|
Zamil Majdy
|
cd242dcda7 | Merge branch 'dev' into feat/mcp-blocks | ||
|
Zamil Majdy
|
a78145505b |
fix(copilot): merge split assistant messages to prevent Anthropic API errors (#12062)
## Summary
- When the copilot model responds with both text content AND a
long-running tool call (e.g., `create_agent`), the streaming code
created two separate consecutive assistant messages — one with text, one
with `tool_calls`. This caused Anthropic's API to reject with
`"unexpected tool_use_id found in tool_result blocks"` because the
`tool_result` couldn't find a matching `tool_use` in the immediately
preceding assistant message.
- Added a defensive merge of consecutive assistant messages in
`to_openai_messages()` (fixes existing corrupt sessions too)
- Fixed `_yield_tool_call` to add tool_calls to the existing
current-turn assistant message instead of creating a new one
- Changed `accumulated_tool_calls` assignment to use `extend` to prevent
overwriting tool_calls added by long-running tool flow
## Test plan
- [x] All 23 chat feature tests pass (`backend/api/features/chat/`)
- [x] All 44 prompt utility tests pass (`backend/util/prompt_test.py`)
- [x] All pre-commit hooks pass (ruff, isort, black, pyright)
- [ ] Manual test: create an agent via copilot, then ask a follow-up
question — should no longer get 400 error
<!-- greptile_comment -->
<h2>Greptile Overview</h2>
<details><summary><h3>Greptile Summary</h3></summary>
Fixes a critical bug where long-running tool calls (like `create_agent`)
caused Anthropic API 400 errors due to split assistant messages. The fix
ensures tool calls are added to the existing assistant message instead
of creating new ones, and adds a defensive merge function to repair any
existing corrupt sessions.
**Key changes:**
- Added `_merge_consecutive_assistant_messages()` to defensively merge
split assistant messages in `to_openai_messages()`
- Modified `_yield_tool_call()` to append tool calls to the current-turn
assistant message instead of creating a new one
- Changed `accumulated_tool_calls` from assignment to `extend` to
preserve tool calls already added by long-running tool flow
**Impact:** Resolves the issue where users received 400 errors after
creating agents via copilot and asking follow-up questions.
</details>
<details><summary><h3>Confidence Score: 4/5</h3></summary>
- Safe to merge with minor verification recommended
- The changes are well-targeted and solve a real API compatibility
issue. The logic is sound: searching backwards for the current assistant
message is correct, and using `extend` instead of assignment prevents
overwriting. The defensive merge in `to_openai_messages()` also fixes
existing corrupt sessions. All existing tests pass according to the PR
description.
- No files require special attention - changes are localized and
defensive
</details>
<details><summary><h3>Sequence Diagram</h3></summary>
```mermaid
sequenceDiagram
participant User
participant StreamAPI as stream_chat_completion
participant Chunks as _stream_chat_chunks
participant ToolCall as _yield_tool_call
participant Session as ChatSession
User->>StreamAPI: Send message
StreamAPI->>Chunks: Stream chat chunks
alt Text + Long-running tool call
Chunks->>StreamAPI: Text delta (content)
StreamAPI->>Session: Append assistant message with content
Chunks->>ToolCall: Tool call detected
Note over ToolCall: OLD: Created new assistant message<br/>NEW: Appends to existing assistant
ToolCall->>Session: Search backwards for current assistant
ToolCall->>Session: Append tool_call to existing message
ToolCall->>Session: Add pending tool result
end
StreamAPI->>StreamAPI: Merge accumulated_tool_calls
Note over StreamAPI: Use extend (not assign)<br/>to preserve existing tool_calls
StreamAPI->>Session: to_openai_messages()
Session->>Session: _merge_consecutive_assistant_messages()
Note over Session: Defensive: Merges any split<br/>assistant messages
Session-->>StreamAPI: Merged messages
StreamAPI->>User: Return response
```
</details>
<!-- greptile_other_comments_section -->
<!-- /greptile_comment -->
|
||
|
Zamil Majdy
|
19d8ba941b | Merge branch 'feat/mcp-blocks' of github.com:Significant-Gravitas/AutoGPT into feat/mcp-blocks | ||
|
Otto
|
36aeb0b2b3 |
docs(blocks): clarify HumanInTheLoop output descriptions for agent builder (#12069)
## Problem The agent builder (LLM) misinterprets the HumanInTheLoop block outputs. It thinks `approved_data` and `rejected_data` will yield status strings like "APPROVED" or "REJECTED" instead of understanding that the actual input data passes through. This leads to unnecessary complexity - the agent builder adds comparison blocks to check for status strings that don't exist. ## Solution Enriched the block docstring and all input/output field descriptions to make it explicit that: 1. The output is the actual data itself, not a status string 2. The routing is determined by which output pin fires 3. How to use the block correctly (connect downstream blocks to appropriate output pins) ## Changes - Updated block docstring with clear "How it works" and "Example usage" sections - Enhanced `data` input description to explain data flow - Enhanced `name` input description for reviewer context - Enhanced `approved_data` output to explicitly state it's NOT a status string - Enhanced `rejected_data` output to explicitly state it's NOT a status string - Enhanced `review_message` output for clarity ## Testing Documentation-only change to schema descriptions. No functional changes. Fixes SECRT-1930 <!-- greptile_comment --> <h2>Greptile Overview</h2> <details><summary><h3>Greptile Summary</h3></summary> Enhanced documentation for the `HumanInTheLoopBlock` to clarify how output pins work. The key improvement explicitly states that output pins (`approved_data` and `rejected_data`) yield the actual input data, not status strings like "APPROVED" or "REJECTED". This prevents the agent builder (LLM) from misinterpreting the block's behavior and adding unnecessary comparison blocks. **Key changes:** - Added "How it works" and "Example usage" sections to the block docstring - Clarified that routing is determined by which output pin fires, not by comparing output values - Enhanced all input/output field descriptions with explicit data flow explanations - Emphasized that downstream blocks should be connected to the appropriate output pin based on desired workflow path This is a documentation-only change with no functional modifications to the code logic. </details> <details><summary><h3>Confidence Score: 5/5</h3></summary> - This PR is safe to merge with no risk - Documentation-only change that accurately reflects the existing code behavior. No functional changes, no runtime impact, and the enhanced descriptions correctly explain how the block outputs work based on verification of the implementation code. - No files require special attention </details> <!-- greptile_other_comments_section --> <!-- /greptile_comment --> Co-authored-by: Zamil Majdy <zamil.majdy@agpt.co> |
||
|
Ubbe
|
2a189c44c4 |
fix(frontend): API stream issues leaking into prompt (#12063)
## Changes 🏗️ <img width="800" height="621" alt="Screenshot 2026-02-11 at 19 32 39" src="https://github.com/user-attachments/assets/e97be1a7-972e-4ae0-8dfa-6ade63cf287b" /> When the BE API has an error, prevent it from leaking into the stream and instead handle it gracefully via toast. ## Checklist 📋 ### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Run the app locally and trust the changes <!-- greptile_comment --> <h2>Greptile Overview</h2> <details><summary><h3>Greptile Summary</h3></summary> This PR fixes an issue where backend API stream errors were leaking into the chat prompt instead of being handled gracefully. The fix involves both backend and frontend changes to ensure error events conform to the AI SDK's strict schema. **Key Changes:** - **Backend (`response_model.py`)**: Added custom `to_sse()` method for `StreamError` that only emits `type` and `errorText` fields, stripping extra fields like `code` and `details` that cause AI SDK validation failures - **Backend (`prompt.py`)**: Added validation step after context compression to remove orphaned tool responses without matching tool calls, preventing "unexpected tool_use_id" API errors - **Frontend (`route.ts`)**: Implemented SSE stream normalization with `normalizeSSEStream()` and `normalizeSSEEvent()` functions to strip non-conforming fields from error events before they reach the AI SDK - **Frontend (`ChatMessagesContainer.tsx`)**: Added toast notifications for errors and improved error display UI with deduplication logic The changes ensure a clean separation between internal error metadata (useful for logging/debugging) and the strict schema required by the AI SDK on the frontend. </details> <details><summary><h3>Confidence Score: 4/5</h3></summary> - This PR is safe to merge with low risk - The changes are well-structured and address a specific bug with proper error handling. The dual-layer approach (backend filtering in `to_sse()` + frontend normalization) provides defense-in-depth. However, the lack of automated tests for the new error normalization logic and the potential for edge cases in SSE parsing prevent a perfect score. - Pay close attention to `autogpt_platform/frontend/src/app/api/chat/sessions/[sessionId]/stream/route.ts` - the SSE normalization logic should be tested with various error scenarios </details> <details><summary><h3>Sequence Diagram</h3></summary> ```mermaid sequenceDiagram participant User participant Frontend as ChatMessagesContainer participant Proxy as /api/chat/.../stream participant Backend as Backend API participant AISDK as AI SDK User->>Frontend: Send message Frontend->>Proxy: POST with message Proxy->>Backend: Forward request with auth Backend->>Backend: Process message alt Success Path Backend->>Proxy: SSE stream (text-delta, etc.) Proxy->>Proxy: normalizeSSEStream (pass through) Proxy->>AISDK: Forward SSE events AISDK->>Frontend: Update messages Frontend->>User: Display response else Error Path Backend->>Backend: StreamError.to_sse() Note over Backend: Only emit {type, errorText} Backend->>Proxy: SSE error event Proxy->>Proxy: normalizeSSEEvent() Note over Proxy: Strip extra fields (code, details) Proxy->>AISDK: {type: "error", errorText: "..."} AISDK->>Frontend: error state updated Frontend->>Frontend: Toast notification (deduplicated) Frontend->>User: Show error UI + toast end ``` </details> <!-- greptile_other_comments_section --> <!-- /greptile_comment --> --------- Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> Co-authored-by: Otto-AGPT <otto@agpt.co> |
||
|
Abhimanyu Yadav
|
508759610f |
fix(frontend): add min-width-0 to ContentCard to prevent overflow (#12060)
### Changes 🏗️ Added `min-w-0` class to the ContentCard component in the ToolAccordion to prevent content overflow issues. This CSS fix ensures that the card properly respects its container width constraints and allows text truncation to work correctly when content is too wide. ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Verified that tool content displays correctly in the accordion - [x] Confirmed that long content properly truncates instead of overflowing - [x] Tested with various screen sizes to ensure responsive behavior #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes <!-- greptile_comment --> <h2>Greptile Overview</h2> <details><summary><h3>Greptile Summary</h3></summary> Added `min-w-0` class to `ContentCard` component to fix text truncation overflow in grid layouts. This is a standard CSS fix that allows grid items to shrink below their content size, enabling `truncate` classes on child elements (`ContentCardTitle`, `ContentCardSubtitle`) to work correctly. The fix follows the same pattern already used in `ContentCardHeader` (line 54) and `ToolAccordion` (line 54). </details> <details><summary><h3>Confidence Score: 5/5</h3></summary> - Safe to merge with no risk - Single-line CSS fix that addresses a well-known flexbox/grid layout issue. The change follows existing patterns in the codebase and is thoroughly tested. No logic changes, no breaking changes, no side effects. - No files require special attention </details> <!-- greptile_other_comments_section --> <!-- /greptile_comment --> |
||
|
Otto
|
062fe1aa70 |
fix(security): enforce disabled flag on blocks in graph validation (#12059)
## Summary Blocks marked `disabled=True` (like BlockInstallationBlock) were not being checked during graph validation, allowing them to be used via direct API calls despite being hidden from the UI. This adds a security check in `_validate_graph_get_errors()` to reject any graph containing disabled blocks. ## Security Advisory GHSA-4crw-9p35-9x54 ## Linear SECRT-1927 ## Changes - Added `block.disabled` check in graph validation (6 lines) ## Testing - Graphs with disabled blocks → rejected with clear error message - Graphs with valid blocks → unchanged behavior <!-- greptile_comment --> <h2>Greptile Overview</h2> <details><summary><h3>Greptile Summary</h3></summary> Adds critical security validation to prevent execution of disabled blocks (like `BlockInstallationBlock`) via direct API calls. The fix validates that `block.disabled` is `False` during graph validation in `_validate_graph_get_errors()` on line 747-750, ensuring disabled blocks are rejected before graph creation or execution. This closes a vulnerability where blocks marked disabled in the UI could still be used through API endpoints. </details> <details><summary><h3>Confidence Score: 5/5</h3></summary> - This PR is safe to merge and addresses a critical security vulnerability - The fix is minimal (6 lines), correctly placed in the validation flow, includes clear security context (GHSA reference), and follows existing validation patterns. The check is positioned after block existence validation and before input validation, ensuring disabled blocks are caught early in both graph creation and execution paths. - No files require special attention </details> <!-- greptile_other_comments_section --> <!-- /greptile_comment --> --------- Co-authored-by: Nicholas Tindle <nicholas.tindle@agpt.co> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>autogpt-platform-beta-v0.6.48 |
||
|
Zamil Majdy
|
db760a7ce9 |
fix(mcp): Remove silent exception swallowing in credential lookup
Let credential lookup errors propagate in discover_tools endpoint instead of silently catching all exceptions. Upgrade block.py auto-lookup logging from debug to warning. Update tests to mock creds_manager so they don't hit the database. |
||
|
Zamil Majdy
|
ab0ec3cfe7 | Merge branch 'dev' into feat/mcp-blocks | ||
|
Zamil Majdy
|
3263d50f4b |
refactor(mcp): Use BlockUIType.MCP_TOOL instead of SpecialBlockID checks
Add MCP_TOOL to backend BlockType enum and frontend BlockUIType enum, matching the existing pattern used by AGENT blocks. Replace all SpecialBlockID.MCP_TOOL type-checks with uiType-based checks. |
||
|
Zamil Majdy
|
99a3891bb6 |
fix(backend/mcp): Add defensive validation for OAuth callback and token refresh
- Validate frontend_base_url in mcp_oauth_callback (matching login route) - Validate mcp_token_url metadata before attempting token refresh |
||
|
Zamil Majdy
|
ade1072e4a |
fix(backend/executor): Nullify credentials when deleted instead of using field default
When a configured credential is deleted, set input_data to None (consistent
with the "no credentials" path at line 279) instead of the field's raw
default value ({}), which would fail CredentialsMetaInput validation.
|
||
|
Zamil Majdy
|
23f092d65c |
fix(backend/mcp): Use httpx.AsyncClient in test_routes to prevent event loop corruption
Replace fastapi.testclient.TestClient with httpx.AsyncClient + ASGITransport. TestClient creates a new anyio blocking portal per request. When 11+ portals are created and destroyed in a session that also has pytest-asyncio session-scoped async fixtures, the session event loop gets corrupted, causing "RuntimeError: Event loop is closed" in subsequent async tests. AsyncClient with ASGITransport runs the ASGI app directly in the current event loop without creating blocking portals. |
||
|
dependabot[bot]
|
2cd0d4fe0f |
chore(deps): bump actions/checkout from 4 to 6 (#12034)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>v6-beta by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li> <li>update readme/changelog for v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p> <h2>v6-beta</h2> <h2>What's Changed</h2> <p>Updated persist-credentials to store the credentials under <code>$RUNNER_TEMP</code> instead of directly in the local git config.</p> <p>This requires a minimum Actions Runner version of <a href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a> to access the persisted credentials for <a href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker container action</a> scenarios.</p> <h2>v5.0.1</h2> <h2>What's Changed</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> <h2>v4.3.1</h2> <h2>What's Changed</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.1">https://github.com/actions/checkout/compare/v4...v4.3.1</a></p> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v6.0.2</h2> <ul> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <h2>v6.0.1</h2> <ul> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> </ul> <h2>v6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>v5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>v5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>v4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>v4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
1ecae8c87e |
chore(backend/deps): bump aiofiles from 24.1.0 to 25.1.0 in /autogpt_platform/backend (#12043)
Bumps [aiofiles](https://github.com/Tinche/aiofiles) from 24.1.0 to 25.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Tinche/aiofiles/releases">aiofiles's releases</a>.</em></p> <blockquote> <h2>v25.1.0</h2> <ul> <li>Switch to <a href="https://docs.astral.sh/uv/">uv</a> + add Python v3.14 support. (<a href="https://redirect.github.com/Tinche/aiofiles/pull/219">#219</a>)</li> <li>Add <code>ruff</code> formatter and linter. <a href="https://redirect.github.com/Tinche/aiofiles/pull/216">#216</a></li> <li>Drop Python 3.8 support. If you require it, use version 24.1.0. <a href="https://redirect.github.com/Tinche/aiofiles/pull/204">#204</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/danielsmyers"><code>@danielsmyers</code></a> made their first contribution in <a href="https://redirect.github.com/Tinche/aiofiles/pull/185">Tinche/aiofiles#185</a></li> <li><a href="https://github.com/stankudrow"><code>@stankudrow</code></a> made their first contribution in <a href="https://redirect.github.com/Tinche/aiofiles/pull/192">Tinche/aiofiles#192</a></li> <li><a href="https://github.com/waketzheng"><code>@waketzheng</code></a> made their first contribution in <a href="https://redirect.github.com/Tinche/aiofiles/pull/221">Tinche/aiofiles#221</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Tinche/aiofiles/compare/v24.1.0...v25.1.0">https://github.com/Tinche/aiofiles/compare/v24.1.0...v25.1.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Tinche/aiofiles/blob/main/CHANGELOG.md">aiofiles's changelog</a>.</em></p> <blockquote> <h2>25.1.0 (2025-10-09)</h2> <ul> <li>Switch to <a href="https://docs.astral.sh/uv/">uv</a> + add Python v3.14 support. (<a href="https://redirect.github.com/Tinche/aiofiles/pull/219">#219</a>)</li> <li>Add <code>ruff</code> formatter and linter. <a href="https://redirect.github.com/Tinche/aiofiles/pull/216">#216</a></li> <li>Drop Python 3.8 support. If you require it, use version 24.1.0. <a href="https://redirect.github.com/Tinche/aiofiles/pull/204">#204</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
659338f90c |
chore(deps): bump peter-evans/repository-dispatch from 3 to 4 (#12035)
Bumps [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) from 3 to 4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/repository-dispatch/releases">peter-evans/repository-dispatch's releases</a>.</em></p> <blockquote> <h2>Repository Dispatch v4.0.0</h2> <p>⚙️ Requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later if you are using a self-hosted runner for Node 24 support.</p> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.8 to 18.19.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/306">peter-evans/repository-dispatch#306</a></li> <li>build(deps): bump peter-evans/repository-dispatch from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/307">peter-evans/repository-dispatch#307</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.10 to 18.19.14 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/308">peter-evans/repository-dispatch#308</a></li> <li>build(deps): bump peter-evans/create-pull-request from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/310">peter-evans/repository-dispatch#310</a></li> <li>build(deps): bump peter-evans/slash-command-dispatch from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/309">peter-evans/repository-dispatch#309</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.14 to 18.19.15 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/311">peter-evans/repository-dispatch#311</a></li> <li>build(deps-dev): bump prettier from 3.2.4 to 3.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/312">peter-evans/repository-dispatch#312</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.15 to 18.19.17 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/313">peter-evans/repository-dispatch#313</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.17 to 18.19.18 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/314">peter-evans/repository-dispatch#314</a></li> <li>build(deps-dev): bump eslint-plugin-github from 4.10.1 to 4.10.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/316">peter-evans/repository-dispatch#316</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.18 to 18.19.21 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/317">peter-evans/repository-dispatch#317</a></li> <li>build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/318">peter-evans/repository-dispatch#318</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.21 to 18.19.22 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/319">peter-evans/repository-dispatch#319</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.22 to 18.19.24 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/320">peter-evans/repository-dispatch#320</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.24 to 18.19.26 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/321">peter-evans/repository-dispatch#321</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.26 to 18.19.29 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/322">peter-evans/repository-dispatch#322</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.29 to 18.19.31 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/323">peter-evans/repository-dispatch#323</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.31 to 18.19.33 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/324">peter-evans/repository-dispatch#324</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.33 to 18.19.34 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/325">peter-evans/repository-dispatch#325</a></li> <li>build(deps-dev): bump prettier from 3.2.5 to 3.3.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/326">peter-evans/repository-dispatch#326</a></li> <li>build(deps-dev): bump prettier from 3.3.1 to 3.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/327">peter-evans/repository-dispatch#327</a></li> <li>build(deps-dev): bump braces from 3.0.2 to 3.0.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/328">peter-evans/repository-dispatch#328</a></li> <li>build(deps-dev): bump ws from 7.5.9 to 7.5.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/329">peter-evans/repository-dispatch#329</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.34 to 18.19.38 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/330">peter-evans/repository-dispatch#330</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.38 to 18.19.39 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/332">peter-evans/repository-dispatch#332</a></li> <li>build(deps-dev): bump prettier from 3.3.2 to 3.3.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/334">peter-evans/repository-dispatch#334</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.39 to 18.19.41 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/335">peter-evans/repository-dispatch#335</a></li> <li>build(deps-dev): bump eslint-plugin-prettier from 5.1.3 to 5.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/336">peter-evans/repository-dispatch#336</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.41 to 18.19.42 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/337">peter-evans/repository-dispatch#337</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.42 to 18.19.43 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/338">peter-evans/repository-dispatch#338</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.43 to 18.19.44 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/339">peter-evans/repository-dispatch#339</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.44 to 18.19.45 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/340">peter-evans/repository-dispatch#340</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.45 to 18.19.47 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/341">peter-evans/repository-dispatch#341</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.47 to 18.19.50 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/343">peter-evans/repository-dispatch#343</a></li> <li>build(deps): bump peter-evans/create-pull-request from 6 to 7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/342">peter-evans/repository-dispatch#342</a></li> <li>build(deps-dev): bump eslint from 8.57.0 to 8.57.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/344">peter-evans/repository-dispatch#344</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.50 to 18.19.53 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/345">peter-evans/repository-dispatch#345</a></li> <li>build(deps-dev): bump <code>@vercel/ncc</code> from 0.38.1 to 0.38.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/346">peter-evans/repository-dispatch#346</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/347">peter-evans/repository-dispatch#347</a></li> <li>build(deps): bump <code>@actions/core</code> from 1.10.1 to 1.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/349">peter-evans/repository-dispatch#349</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.53 to 18.19.54 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/348">peter-evans/repository-dispatch#348</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/350">peter-evans/repository-dispatch#350</a></li> <li>build(deps): bump <code>@actions/core</code> from 1.11.0 to 1.11.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/351">peter-evans/repository-dispatch#351</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.54 to 18.19.55 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/352">peter-evans/repository-dispatch#352</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/353">peter-evans/repository-dispatch#353</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.55 to 18.19.56 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/354">peter-evans/repository-dispatch#354</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Zamil Majdy
|
4ac025da09 |
fix(backend/mcp): Fix test_routes.py tests and refine exception handling
- discover_tools: Keep generic Exception catch → 502 for MCP connectivity errors - mcp_oauth_callback: Add targeted exception handler for token exchange → 400 - test_routes: Fix discover_auth_server_metadata mock for no-OAuth-support case - oauth.py: Auto-formatting only |
||
|
Zamil Majdy
|
fbe4c740cb |
refactor(backend/mcp): Remove useless catch-reraise exception patterns in routes
Drop the broad `except Exception` catch-and-reraise-as-HTTPException blocks. Keep only the meaningful error handlers (HTTPClientError for 401/403, MCPClientError for 502). Unhandled exceptions now propagate naturally to FastAPI's default 500 handler. |
||
|
Zamil Majdy
|
ff48f4335b |
fix(backend/mcp): Set loop_scope=session on all async MCP tests
Matches the pattern used by oauth_test.py to prevent event loop conflicts with session-scoped fixtures (server, graph_cleanup). |
||
|
Zamil Majdy
|
11fbb51a70 |
fix(tests): Remove MCP conftest.py to fix session event loop conflict
The MCP conftest.py with pytest hooks (pytest_addoption, pytest_collection_modifyitems) was disrupting pytest-asyncio's session event loop lifecycle, causing the SpinTestServer to be torn down before session-scoped oauth tests could run. Replace the conftest-based e2e gating with a simple pytestmark skipif in the test file itself. |
||
|
Zamil Majdy
|
bb8b56c7de |
fix(mcp): Validate JSON-RPC response is a dict before accessing keys
Add isinstance check after response.json() to prevent TypeError/ AttributeError if an MCP server returns a non-object JSON response. |
||
|
Zamil Majdy
|
6ebd97f874 |
fix(executor): Extract only tool_arguments for MCPToolBlock input reshaping
The entire merged input_data dict (containing server_url, credentials, selected_tool, etc.) was being assigned to tool_arguments instead of just the tool_arguments sub-dict. This would cause validation failures or MCP server rejections. |
||
|
Abhimanyu Yadav
|
4df5b7bde7 |
refactor(frontend): remove defaultExpanded prop from ToolAccordion components (#12054)
### Changes - Removed `defaultExpanded` prop from `ToolAccordion` in CreateAgent, EditAgent, RunAgent, and RunBlock components to streamline the code and improve readability. ### Impact - This refactor enhances maintainability by reducing complexity in the component structure while preserving existing functionality. ### Changes 🏗️ - Removed conditional expansion logic from all tool components - Simplified ToolAccordion implementation across all affected components ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Create and run agents with various tools to verify accordion behavior works correctly - [x] Verify that UI components expand and collapse as expected - [x] Test with different output types to ensure proper rendering --------- Co-authored-by: Ubbe <hi@ubbe.dev> Co-authored-by: Lluis Agusti <hi@llu.lu>autogpt-platform-beta-v0.6.47 |
||
|
Zamil Majdy
|
e934f0d0c2 |
fix(tests): Remove session-scoped fixture overrides from MCP conftest
The MCP conftest.py was overriding session-scoped `server` and `graph_cleanup` fixtures with no-op versions. Having two session-scoped fixtures with the same name at different directory levels caused pytest-asyncio event loop conflicts, making all oauth_test.py tests fail with "Event loop is closed". Since these fixtures are session-scoped and shared across the entire test run, the override was unnecessary — the SpinTestServer is already created for other tests. Also adds defensive `access_token` key validation in MCP OAuth token exchange and refresh to prevent KeyError on malformed responses. |
||
|
Otto
|
017a00af46 |
feat(copilot): Enable extended thinking for Claude models (#12052)
## Summary
Enables Anthropic's extended thinking feature for Claude models in
CoPilot via OpenRouter. This keeps the model's chain-of-thought
reasoning internal rather than outputting it to users.
## Problem
The CoPilot prompt was designed for a thinking agent (with
`<internal_reasoning>` tags), but extended thinking wasn't enabled on
the API side. This caused the model to output its reasoning as regular
text, leaking internal analysis to users.
## Solution
Added thinking configuration to the OpenRouter `extra_body` for
Anthropic models:
```python
extra_body["provider"] = {
"anthropic": {
"thinking": {
"type": "enabled",
"budget_tokens": config.thinking_budget_tokens,
}
}
}
```
## Configuration
New settings in `ChatConfig`:
| Setting | Default | Description |
|---------|---------|-------------|
| `thinking_enabled` | `True` | Enable extended thinking for Claude
models |
| `thinking_budget_tokens` | `10000` | Token budget for thinking
(1000-100000) |
## Changes
- `config.py`: Added `thinking_enabled` and `thinking_budget_tokens`
settings
- `service.py`: Added thinking config to all 3 places where `extra_body`
is built for LLM calls
## Testing
- Verify CoPilot responses no longer include internal reasoning text
- Check that Claude's extended thinking is working (should see thinking
tokens in usage)
- Confirm non-Anthropic models are unaffected
## Related
Discussion:
https://discord.com/channels/1126875755960336515/1126875756925046928/1470779843552612607
---------
Co-authored-by: Swifty <craigswift13@gmail.com>
|
||
|
Reinier van der Leer
|
52650eed1d |
refactor(frontend/auth): Move /copilot auth check to middleware (#12053)
These "is the user authenticated, and should they be?" checks should not be spread across the codebase, it's complex enough as it is. :') - Follow-up to #12050 ### Changes 🏗️ - Revert "fix(frontend): copilot redirect logout (#12050)" - Add `/copilot` to `PROTECTED_PAGES` in `@/lib/supabase/helpers` ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Trivial change, we know this works for other pages |
||
|
Zamil Majdy
|
3e38b141dd |
fix(tests): Use async pytest_asyncio fixtures in MCP conftest
The MCP conftest's sync server/graph_cleanup fixtures must match the parent conftest's async pytest_asyncio fixtures to avoid disrupting the session event loop management, which caused "Event loop is closed" errors in oauth_test.py tests. |
||
|
Zamil Majdy
|
ec72e7eb7b |
fix(tests): Restore pytest_asyncio.fixture with loop_scope for session fixtures
The server and graph_cleanup fixtures in conftest.py require explicit pytest_asyncio.fixture(loop_scope="session") to properly manage the session event loop. Using plain pytest.fixture causes "Event loop is closed" errors in all oauth_test.py tests. |
||
|
Zamil Majdy
|
db038cd0e0 |
fix(tests): Revert oauth_test.py fixture scope changes to fix event loop error
Restores session-scoped fixtures and pytest_asyncio decorators that were accidentally changed, causing "RuntimeError: Event loop is closed" in test_authorize_creates_code_in_database. Also regenerates openapi.json. |
||
|
dependabot[bot]
|
81c1524658 |
chore(backend/deps): bump the production-dependencies group in /autogpt_platform/backend with 2 updates (#12037)
Bumps the production-dependencies group in /autogpt_platform/backend with 2 updates: [fastapi](https://github.com/fastapi/fastapi) and [langfuse](https://github.com/langfuse/langfuse). Updates `fastapi` from 0.128.5 to 0.128.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fastapi/fastapi/releases">fastapi's releases</a>.</em></p> <blockquote> <h2>0.128.6</h2> <h3>Fixes</h3> <ul> <li>🐛 Fix <code>on_startup</code> and <code>on_shutdown</code> parameters of <code>APIRouter</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14873">#14873</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> <h3>Translations</h3> <ul> <li>🌐 Update translations for zh (update-outdated). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14843">#14843</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> </ul> <h3>Internal</h3> <ul> <li>✅ Fix parameterized tests with snapshots. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14875">#14875</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Ubbe
|
f2ead70f3d |
fix(frontend): copilot redirect logout (#12050)
## Changes 🏗️ Redirect to `/login` if the user is not authenticated and tries to access `/copilot` ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Run the app locally and tested |
||
|
Zamil Majdy
|
6805a4f3c5 | Merge branch 'dev' into feat/mcp-blocks | ||
|
Abhimanyu Yadav
|
7d4c020a9b |
feat(chat): implement AI SDK integration with custom streaming response handling (#11901)
### Changes 🏗️ - Added AI SDK integration for chat streaming with proper message handling - Implemented custom to_sse method in StreamToolOutputAvailable to exclude non-spec fields - Modified stream_chat_completion to reuse message IDs for tool call continuations - Created new Copilot 2.0 UI with AI SDK React components - Added streamdown and related packages for markdown rendering - Built reusable conversation and message components for the chat interface - Added support for tool output display in the chat UI ### Checklist 📋 #### For code changes: - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] Start a new chat session and verify streaming works correctly - [x] Test tool calls and verify they display properly in the UI - [x] Verify message continuations don't create duplicate messages - [x] Test markdown rendering with code blocks and other formatting - [x] Verify the UI is responsive and scrolls correctly #### For configuration changes: - [x] `.env.default` is updated or already compatible with my changes - [x] `docker-compose.yml` is updated or already compatible with my changes - [x] I have included a list of my configuration changes in the PR description (under **Changes**) --------- Co-authored-by: Lluis Agusti <hi@llu.lu> Co-authored-by: Ubbe <hi@ubbe.dev> |
||
|
Zamil Majdy
|
cb7a0cbdd7 | refactor(mcp): Make create_mcp_oauth_handler public and use top-level import | ||
|
Zamil Majdy
|
79d6e8e2d7 |
fix(frontend/credentials): Handle stale credential IDs in CredentialsSelect
When a credential is deleted but the node still references its ID, CredentialsSelect now treats the stale ID as unselected and falls back to the first available credential instead of showing the raw ID. |
||
|
Zamil Majdy
|
472117a872 |
fix(mcp): Handle MCP credential deletion with dynamic OAuth handler
MCP credentials use per-server dynamic OAuth handlers, not a static handler registered in HANDLERS_BY_NAME. The delete endpoint now creates a dynamic handler from credential metadata for token revocation instead of failing with "Provider 'mcp' does not support OAuth". |
||
|
Zamil Majdy
|
75a7ccf36e |
fix(mcp): Address PR review comments - defensive checks and docs
- Validate token_endpoint in OAuth metadata before accessing it - Check authorization_servers list is non-empty before indexing - Use provider_matches() (renamed from private _provider_matches) in creds_manager for Python 3.13 StrEnum compatibility - Fill in MCP block documentation with technical explanation and use cases |
||
|
Zamil Majdy
|
84809f4b94 |
fix(mcp): Set customized_name at block creation and add pre-run validation
- Set customized_name in metadata when MCP and Agent blocks are created (both legacy and new builder) so titles persist through save/load - Remove convoluted agent_name fallback from NodeHeader and getNodeTitle - Add custom block-level validation in graph pre-run checks so MCP tool arguments are validated before execution - Fix server_name fallback to URL hostname in discover_tools endpoint |
||
|
Zamil Majdy
|
4364a771d4 |
fix(mcp): Validate required tool args and fix title fallback for existing blocks
Backend: Add required-field validation in MCPToolBlock.run() before calling the MCP server. The executor-level validation is bypassed for MCP blocks because get_input_defaults() flattens tool_arguments, stripping tool_input_schema from the validation context. Frontend: NodeHeader now derives the MCP server label from the server URL hostname when server_name is missing (pruned by pruneEmptyValues). This fixes the title for existing blocks that don't have customized_name in metadata. |
||
|
Zamil Majdy
|
4d4ed562f0 |
fix(frontend/mcp): Ensure MCP block title persists across save/refresh
When the MCP server returns a null server_name, fall back to the URL hostname so customized_name is always set in metadata. This prevents the title from degrading to "MCP:" after save and reload. |
||
|
dependabot[bot]
|
e596ea87cb |
chore(libs/deps-dev): bump pytest-cov from 6.2.1 to 7.0.0 in /autogpt_platform/autogpt_libs (#12030)
Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 6.2.1 to 7.0.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst">pytest-cov's changelog</a>.</em></p> <blockquote> <h2>7.0.0 (2025-09-09)</h2> <ul> <li> <p>Dropped support for subprocesses measurement.</p> <p>It was a feature added long time ago when coverage lacked a nice way to measure subprocesses created in tests. It relied on a <code>.pth</code> file, there was no way to opt-out and it created bad interations with <code>coverage's new patch system <https://coverage.readthedocs.io/en/latest/config.html#run-patch></code>_ added in <code>7.10 <https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24></code>_.</p> <p>To migrate to this release you might need to enable the suprocess patch, example for <code>.coveragerc</code>:</p> <p>.. code-block:: ini</p> <p>[run] patch = subprocess</p> <p>This release also requires at least coverage 7.10.6.</p> </li> <li> <p>Switched packaging to have metadata completely in <code>pyproject.toml</code> and use <code>hatchling <https://pypi.org/project/hatchling/></code>_ for building. Contributed by Ofek Lev in <code>[#551](https://github.com/pytest-dev/pytest-cov/issues/551) <https://github.com/pytest-dev/pytest-cov/pull/551></code>_ with some extras in <code>[#716](https://github.com/pytest-dev/pytest-cov/issues/716) <https://github.com/pytest-dev/pytest-cov/pull/716></code>_.</p> </li> <li> <p>Removed some not really necessary testing deps like <code>six</code>.</p> </li> </ul> <h2>6.3.0 (2025-09-06)</h2> <ul> <li>Added support for markdown reports. Contributed by Marcos Boger in <code>[#712](https://github.com/pytest-dev/pytest-cov/issues/712) <https://github.com/pytest-dev/pytest-cov/pull/712></code>_ and <code>[#714](https://github.com/pytest-dev/pytest-cov/issues/714) <https://github.com/pytest-dev/pytest-cov/pull/714></code>_.</li> <li>Fixed some formatting issues in docs. Anonymous contribution in <code>[#706](https://github.com/pytest-dev/pytest-cov/issues/706) <https://github.com/pytest-dev/pytest-cov/pull/706></code>_.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Zamil Majdy
|
8bea7cf875 |
chore(mcp): Remove dev artifacts and simplify credential lookup
- Remove MCP_BLOCK_IMPLEMENTATION.md development doc - Remove console.log debug statements from OAuth callback - Simplify credential lookup to single call (get_creds_by_provider already handles Python 3.13 StrEnum bug via _provider_matches) - Remove unused Credentials import from routes.py |
||
|
Zamil Majdy
|
c1c269c4a9 |
fix(frontend/credentials): Auto-select first credential and persist MCP block title
- CredentialsSelect: default to first available credential instead of "None" when credentials exist, reorder options to show credentials before the "None" option, and notify parent on auto-select - Revert CredentialsGroupedView user auto-select effect (now handled at the CredentialsSelect level) - Block.tsx: persist MCP block title as customized_name in metadata so it survives save/load |
||
|
Zamil Majdy
|
65987ff15e |
fix(frontend/credentials): Auto-select user credentials in run dialog
Add auto-selection for user credentials (like MCP OAuth) in the CredentialsGroupedView run dialog. When exactly one credential matches the provider, type, and discriminator values (e.g. MCP server URL), it is pre-selected instead of defaulting to "None (skip this credential)". |