Commit Graph

7200 Commits

Author SHA1 Message Date
OrbisAI Security
82f3735770 fix: upgrade crawl4ai to 0.9.0 (GHSA-r253-r9jw-qg44) (#16426)
## Summary
Upgrade crawl4ai from 0.8.9 to 0.9.0 to fix GHSA-r253-r9jw-qg44.

## Vulnerability
| Field | Value |
|-------|-------|
| **ID** | GHSA-r253-r9jw-qg44 |
| **Severity** | CRITICAL |
| **Scanner** | trivy |
| **Rule** | `GHSA-r253-r9jw-qg44` |
| **File** | `uv.lock` |
| **Assessment** | Likely exploitable |

**Description**: Crawl4AI: Unauthenticated RCE via Chromium
launch-argument injection in browser_config.extra_args

## Evidence

**Scanner confirmation**: trivy rule `GHSA-r253-r9jw-qg44` flagged this
pattern.

**Production code**: This file is in the production codebase, not
test-only code.

## Threat Model Context

This is a web service - vulnerabilities in request handlers are directly
exploitable by remote attackers.

## Changes
- `pyproject.toml`
- `uv.lock`

## Verification
- [x] Build passes
- [x] Scanner re-scan confirms fix
- [x] LLM code review passed

---
*This change addresses a pattern flagged by static analysis. The code
path handles user-influenced input and the fix reduces the attack
surface against both manual and automated exploitation.*

---
*Automated security fix by [OrbisAI Security](https://orbisappsec.com)*

Co-authored-by: Ling Qin <qinling0210@163.com>
nightly
2026-07-06 21:28:19 +08:00
Hernandez Avelino
5a8660df23 [Bug]: Workflow agent completions default stream=True when stream is omitted (#15484)
## Summary

Closes #15483.

Default workflow/session agent completions to non-streaming when
`stream` is omitted.

## Changes

- `api/apps/restful_apis/agent_api.py`: `req.get("stream", False)` on
workflow paths.

## Test plan

- [ ] POST workflow completion without `stream`; assert JSON response.
2026-07-06 21:27:22 +08:00
Mattie Schraeder
8a19c6aa5a Make RAPTOR GMM robust on small reduced clusters (#16632) 2026-07-06 21:09:35 +08:00
Mei Zhihan
85b565244d fix(mcp): handle dict response in list_chats when /chats API returns paginated envelope (#16639) 2026-07-06 21:06:22 +08:00
Mattie Schraeder
0c2fb622e9 Collapse small RAPTOR layers in one step instead of one node per layer (#16633) 2026-07-06 21:06:04 +08:00
OSHA-B
779bf52549 fix: handle missing ES/OpenSearch index in check_embedding (HTTP 500 on empty dataset) (#16650) 2026-07-06 20:30:16 +08:00
Mattie Schraeder
8fb8e4197c fix(graphrag): filter negative-judgment and misattributed relationship edges (#16541) 2026-07-06 20:26:13 +08:00
Zhichang Yu
55af1d70f3 Align Go parser backends and PDF pipeline with Python (#16676)
Ports remaining Go parser wiring and PDF backends, adds tenant-aware VLM
dispatch, aligns post-processing with Python, and adds end-to-end
pipeline coverage with a generated six-page PDF.
2026-07-06 19:50:54 +08:00
euvre
3044283442 fix(go): add missing 'resume' chunk method for new tenants (#16660) 2026-07-06 19:21:14 +08:00
Hz_
8ee3f097b9 fix(go-document): keep upload partial success data as array (#16661)
### Summary

Keep `data` as the uploaded document array when dataset document upload
partially succeeds.

This matches the Python API behavior and allows parse-on-creation to run
for successfully uploaded files when other files in the same folder are
unsupported.
2026-07-06 19:15:29 +08:00
Hz_
7e0ccee7e2 fix(go-agent): missing input form for ExeSQL and Browser agent nodes (#16675)
## Summary
- Add Go dynamic input form support for ExeSQL and Browser components.
- Align their input form metadata with the Python implementation.
- Add regression tests for `/components/:component_id/input-form`.
2026-07-06 19:15:09 +08:00
Hz_
b2e82a42d6 fix(go-agent): Yahoofinance input and run (#16658)
## Summary

Debugging YahooFinance component in agent canvas returns "unknown
component" and "no input_form".
YahooFinance was only registered as an eino tool, not as a runtime
component. The component factory only searches the runtime registry.
- `universe_a_wrappers.go`: add `yahooFinanceComponent` wrapper
delegating to `agenttool.YahooFinanceTool` with `GetInputForm()`
- `fixture_stubs.go`: register `"YahooFinance"` component

## TEST
`go build` and `go test ./internal/agent/component/...` all pass.
2026-07-06 19:14:50 +08:00
Kevin Hu
52f985f43e Refactor: Remove redundant functions. (#16671)
### Summary

Remove redundant functions.
2026-07-06 19:02:25 +08:00
euvre
bfb9641128 fix(go): uploaded documents should be enabled by default (#16674) 2026-07-06 19:01:32 +08:00
Wang Qi
3a247dbb3c Fix filter to use Chinese (#16673) 2026-07-06 18:20:42 +08:00
Jin Hai
b3d536c48e Go: merge functions (#16622)
### Summary

Merge HTTP response functions into common/response.go

---------

Signed-off-by: Jin Hai <haijin.chn@gmail.com>
2026-07-06 18:14:05 +08:00
Wang Qi
ed52255868 Fix Agent session lost <think></think> tag (#16670) 2026-07-06 17:47:38 +08:00
Wang Qi
57625c919a Fix Tag weight should be greater than 0 (#16657) 2026-07-06 16:06:27 +08:00
balibabu
290ab557a5 Fix: Layout of the agent prompt dropdown menu is messed up. (#16653) 2026-07-06 14:48:42 +08:00
Harsh Kashyap
98189cd20a Fix OpenAI response created timestamp (#16401)
## What this fixes

Closes #16400.

`get_data_openai()` currently returns `created: null` when callers do
not pass a timestamp, and it replaces explicit timestamp values with the
current time. This makes non-streaming OpenAI-compatible responses
inconsistent with the expected integer `created` timestamp field.

## Change

- Preserve explicit `created` values when provided.
- Default non-streaming responses to `int(time.time())` when `created`
is not provided.
- Add focused unit coverage for default timestamps, explicit timestamps,
and unchanged streaming chunk shape.

## Verification

- `./.venv/bin/python -m pytest
test/unit_test/api/utils/test_api_utils.py -q`
- `python3 -m py_compile api/utils/api_utils.py
test/unit_test/api/utils/test_api_utils.py`
- `uvx ruff check api/utils/api_utils.py
test/unit_test/api/utils/test_api_utils.py`

---------

Co-authored-by: Harsh Kashyap <harshkashyap@Harshs-MacBook-Pro.local>
2026-07-06 14:16:16 +08:00
Crystora
b633ff0435 feat(go): drop empty and duplicate chunks in postprocess filter (#16049)
### What problem does this PR solve?

The Go chunk pipeline's `PostprocessOperator` `filter` stage
(`internal/ingestion/chunk/postprocess.go`) only filtered by length
(`min_length`/`max_length`). It could not drop empty/whitespace-only
chunks or duplicate chunks — both standard RAG post-processing steps
(blank chunks shouldn't be indexed; identical chunks waste embedding
compute and add redundant retrieval results).

This adds two optional, default-off booleans to the `filter` config:

- `drop_empty` — drop chunks whose content is empty or whitespace-only.
- `drop_duplicates` — drop chunks whose exact content already appeared
(order-preserving; the first occurrence is kept).

They compose with the existing length bounds and are reflected in
`String()` for plan explainability. Also adds the first unit tests for
the postprocess filter (length bounds, drop_empty, drop_duplicates,
combined, exact-content matching, and config parsing).

Validation: `gofmt` clean, `go vet ./internal/ingestion/chunk/` clean,
`go build` ok, `go test ./internal/ingestion/chunk/` — all tests pass.

Closes #16048

### Type of change

- [x] New Feature (non-breaking change which adds functionality)

Co-authored-by: Ling Qin <qinling0210@163.com>
2026-07-06 14:14:31 +08:00
Crystora
4effc242fd feat(go): add length split strategy with overlap to chunk pipeline (#16047)
### What problem does this PR solve?

The Go ingestion chunk pipeline's `SplitOperator`
(`internal/ingestion/chunk/split.go`) supported only `sentence`, `char`,
and `paragraph` strategies, but not **fixed-size (length) chunking with
overlap** — the canonical RAG strategy for bounding chunk length while
preserving cross-boundary context.

This adds a `length` strategy alongside the existing ones, configurable
via DSL `params`:

- `chunk_size` — target window size in **runes** (rune-aware:
multi-byte/CJK text is windowed by character, never split mid-rune).
- `overlap` — runes carried from the end of each window into the next.

The window advances by `chunk_size - overlap`. `chunk_size` falls back
to a default (256) when unset/non-positive, and `overlap` is clamped to
`[0, chunk_size-1]` so the window always advances and the operation
terminates. Implementation follows the existing
`splitByChar`/`splitByParagraph` pattern and reuses `DetectLanguage` for
chunk metadata.

It also adds `split_test.go` — the first unit tests for the `chunk`
package — covering basic windowing, overlap, overlap
clamping/termination, rune-awareness (CJK), default sizing, no-overlap
reconstruction, empty input, and DSL param parsing.

Validation: `gofmt` clean, `go vet ./internal/ingestion/chunk/` clean,
`go build` ok, `go test ./internal/ingestion/chunk/` — all tests pass.

Closes #16046

### Type of change

- [x] New Feature (non-breaking change which adds functionality)

Co-authored-by: bittoby <218712309+bittoby@users.noreply.github.com>
2026-07-06 14:14:21 +08:00
Hz_
c4166a91e0 fix(go-agent): align agent debug input form with Python (#16654)
## Summary

- derive Go Agent debug input forms from prompt variable references
instead of Agent meta fields
- seed `sys.*` debug params into `CanvasState.Sys` so single-component
debug resolves prompt variables like Python
- restore Agent test-run parity for form rendering and debug execution

## Tests

- `go test ./internal/agent/component -run
'TestAgent_(GetInputForm_UsesPromptReferences|GetInputForm_DeduplicatesPromptReferences|Meta_DefaultsToEmpty|Reset_NoTools)$'`
- `go test ./internal/handler -run
'Test(DebugComponent_SeedsSysInputsIntoCanvasState|DebugComponent_HappyPath_Begin|GetComponentInputForm_HappyPath)$'`

AFTER:
<img width="669" height="456" alt="image"
src="https://github.com/user-attachments/assets/4fd86559-aafc-4027-91ae-6e666137ee1b"
/>
2026-07-06 13:29:10 +08:00
chanx
c9f064d5fd fix(metadata): inline value edits not persisted to backend (#16655) 2026-07-06 13:04:04 +08:00
OSHA-B
d607b55c24 fix(nlp): prevent dotted-number cross-references from being classified as headings in Laws chunker (#16626) 2026-07-06 13:02:58 +08:00
Wang Qi
48ef1f4965 Dev: Fix nats host (#16656) 2026-07-06 11:50:37 +08:00
jony376
aaade3530e fix(api): cap memory message limit and top_n at REST_API_MAX_PAGE_SIZE (#15376)
## Related issues

Closes #15375

### What problem does this PR solve?

`GET /api/v1/messages` and `GET /api/v1/messages/search` accepted
unbounded `limit` / `top_n` query parameters while other REST list
endpoints enforce `REST_API_MAX_PAGE_SIZE` (100) via
`validate_rest_api_page_size()`. Oversized values can trigger expensive
memory index queries and large result sets (DoS risk).

### Type of change

- [x] Bug Fix (non-breaking change which fixes an issue)

### Changes

| File | Change |
|------|--------|
| `api/apps/restful_apis/memory_api.py` | Cap `limit` and `top_n` with
`validate_rest_api_page_size`; return argument error when exceeded |
|
`test/testcases/test_web_api/test_message_app/test_message_routes_unit.py`
| Regression tests for oversized `limit` / `top_n` |

### Test plan

- [x] Unit tests added
- [ ] `pytest
test/testcases/test_web_api/test_message_app/test_message_routes_unit.py`

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-07-06 11:20:13 +08:00
Sohaib Ahmed
534a3a7faa fix: Docling parser extracts mathematical formulas (#16645) 2026-07-06 11:17:46 +08:00
qinling0210
3d2f60c34f Port agent PRs to GO - 4 (#16652)
### Summary

Port

https://github.com/infiniflow/ragflow/pull/15399
https://github.com/infiniflow/ragflow/pull/16469
2026-07-06 10:58:40 +08:00
Carlo Beltrame
09eb9dbd21 Switch the default minio image in the helm chart as well (#16322)
Follow-up from #13896
Fixes #13840

### What problem does this PR solve?

In #13896, only the docker-compose-base.yml was adjusted. However, in
the Helm chart, the unmaintained minio/minio image is still referenced.
This PR syncs the Helm chart with the docker compose setup again.

I also added a line to AGENTS.md, so agents should know to do this
automatically in the future.

### Type of change

- [x] Bug Fix (non-breaking change which fixes an issue)
- [ ] New Feature (non-breaking change which adds functionality)
- [x] Documentation Update
- [ ] Refactoring
- [ ] Performance Improvement
- [ ] Other (please describe):

Co-authored-by: Zhichang Yu <yuzhichang@gmail.com>
2026-07-06 10:32:19 +08:00
AI-Mart
fe2f3b60a1 feat(agent): expose thinking mode control per LLM node in Agent canvas (#16640)
## Summary

Add **per-node thinking mode control** for LLM components in RAGFlow
Agent canvas, supporting Qwen3/Qwen3.6/B200M thinking-capable models.
Users can now independently configure thinking mode
(thinking/non-thinking) for each LLM node via the existing UI dropdown.

## Motivation

When Qwen3.6-27B (and other thinking-capable models like Qwen3-32B,
B200M) are used in RAGFlow Agent nodes, different nodes need different
thinking behavior:
- **Reasoning nodes** (complex analysis, math, coding): thinking mode ON
- **Simple nodes** (direct Q&A, intent classification): thinking mode
OFF

The web UI already has a `thinking` dropdown (default/enabled/disabled)
in LLM settings, and the LLM backend `_apply_model_family_policies()`
already supports `enable_thinking`. **The missing link was `gen_conf()`
not forwarding the parameter.**

This 3-line fix completes the chain.

## Changes

**`agent/component/llm.py`** — `LLMParam.gen_conf()`:

```python
if hasattr(self, "thinking") and self.thinking and self.thinking != "default":
    conf["thinking"] = self.thinking
```

## End-to-end flow

```
UI dropdown: default / enabled / disabled
  → DSL: {"thinking": "enabled"}
    → LLMParam.thinking = "enabled"
      → gen_conf() returns {"thinking": "enabled"}
        → _apply_model_family_policies()
          → extra_body {enable_thinking: true}
            → Model API call with thinking ON
```

## Backward compatibility

- **Fully backward compatible** — only 3 lines added, nothing changed
- When `thinking` is "default" or not set, existing behavior is
preserved
- Qwen3 models default to `enable_thinking: false` (non-thinking),
unchanged

## Related issues

- Closes #16321 (thinking content leaks in non-streaming agent API
responses)
- Closes #13957 (how to view model reasoning process in agent API)

## Testing

- Verified in
`test/unit_test/rag/llm/test_chat_model_thinking_policy.py` that
thinking policy already tested for Qwen3 models
- The 3-line change passes through existing tested code path
(`_apply_model_family_policies`)

Co-authored-by: Hermes Agent <hermes-agent@agent.local>
2026-07-06 10:19:27 +08:00
Hz_
358152f758 fix(go-document): add document and file access checks (#16592)
## Summary
Adds ownership/access checks before updating or deleting documents,
setting document metadata, and reading file contents from storage. Also
adds tests for authorized and unauthorized access paths.
2026-07-06 10:13:46 +08:00
Hz_
e5d217993b fix(go-skill): Elasticsearch skill search field mapping (#16611)
## Summary

Fix Elasticsearch-backed skill search by mapping skill search fields to
their indexed token fields.

`name`, `tags`, `description`, and `content` are stored for display but
are not searchable in the skill ES mapping. Search queries now target
`name_tks`, `tags_tks`, `description_tks`, and `content_tks`.

## Testing

- Ran Go unit tests:

```bash
/usr/local/go/bin/go test -count=1 ./internal/engine/elasticsearch
```

- Frontend verification:
    1. Open /files/skills.
    2. Enter a skill space.
3. Reindex the skill space if existing skills were created before this
fix.
    4. Search by skill name or description keyword.
    5. Confirm matching skills are returned.
2026-07-06 10:05:34 +08:00
euvre
0265ffbc53 fix(agent): enable single-component debug for Agent in Go backend (#16606)
### Summary

This PR fixes two issues that prevented the Agent component's
single-component debug/test run from working under the Go backend:

1. **Dynamic input_form generation**: Some components (e.g. `Agent`) do
not store a static `input_form` in the DSL. The Go handler now falls
back to the runtime component's `GetInputForm()` method, matching
Python's `Canvas.get_component_input_form` behavior. This resolves the
frontend 102 error: `component has no input_form`.

2. **Tenant ID injection for debug**: Single-component debug runs use a
fresh `CanvasState` that previously lacked `tenant_id`.
`AgentComponent.Invoke` resolves LLM credentials via the tenant tables,
so the debug run failed with `api key is required`. The handler now
seeds `state.Sys["tenant_id"]` with the authenticated user's ID,
mirroring Python's `@add_tenant_id_to_kwargs` decorator.

### Changes

- `internal/handler/agent_component.go`:
- Added `componentInputForm` helper that first reads the static
`input_form` and, if missing, instantiates the component and calls
`GetInputForm()`.
- In `DebugComponent`, set `debugState.Sys["tenant_id"] = user.ID`
before invoking the component.
2026-07-06 09:57:00 +08:00
euvre
8b065d3ddd fix(agent): collect CodeExec artifacts from ReAct tool responses (#16609)
### Summary

The Go backend Agent component was not returning artifacts produced by
the CodeExec tool. While the Python agent collects the "`_ARTIFACTS`"
envelope from tool responses and appends artifact markdown to the final
content, the Go agent only returned the assistant text, so generated
images were missing from the chat output.

### Changes

- Wire `react.WithMessageFuture()` in `runEinoReActAgent` and store the
resulting `MessageFuture` in the invocation context.
- After the ReAct loop finishes, drain the future and extract
``_ARTIFACTS`` entries from every tool response message.
- Support reading the tool payload from both `msg.Content` and
`msg.UserInputMultiContent` to match eino's tool contract.
- De-duplicate artifacts by URL and render images as `!` and other files
as download links.
- Add `agent_artifact_test.go` with a regression test that simulates a
CodeExec-style tool response carrying an image artifact and verifies it
is collected and formatted.

### Verification

- `go test ./internal/agent/component/... -run
TestAgent_ReActAgent_CollectsArtifactsFromCodeExecTool` passes.
- `go test ./internal/agent/component/... -count=1` compiles; the only
failure is an unrelated DNS-pinning timeout test
(`TestInvoke_ProxyDNSPin`).
- `gofmt` clean for modified files.

### Related

Fixes the behavior shown in the screenshot where the Go agent ignored
the CodeExec-generated PNG artifact.
dev-20260706
2026-07-05 20:53:43 +08:00
Jack
1d3c100acb Refactor: pdf parser (#16625)
### Summary

PDF parser refactor
2026-07-05 20:45:35 +08:00
Zhichang Yu
014c3f634f Align Go ingestion boundaries with Python (#16647)
Moves doc_id blob resolution into Parser, tightens chunker/tokenizer to
Python output_format semantics, updates extractor list handling, and
fixes real-template integration tests.
2026-07-05 20:43:52 +08:00
Mattie Schraeder
0fcfb38365 Cap RAPTOR UMAP n_neighbors to prevent OOM on large datasets (#16627)
## Problem
`raptor.py` computes `n_neighbors = int((len(embeddings) - 1) ** 0.8)`
and
passes it to `umap.UMAP(...)`. In a dataset-scope RAPTOR build the first
layer's `embeddings` is the entire KB's chunk set, so this is
effectively
unbounded: ~93k chunks → n_neighbors ≈ 9,446.

UMAP's k-NN graph is `N × n_neighbors`; at these values the raw neighbor
arrays alone are ~14 GB (93k × 9446 × 16 B), and the symmetrized fuzzy
simplicial set + spectral init push peak well past 30 GB. The task
executor is OOM-killed inside `fit_transform` before any clustering runs
—
the log shows "Task has been received" with no "Cluster one layer" line
—
after which the unacked task re-queues and OOMs again in a loop.

The line above already flags this: `# Degrade too much ??`.

## Fix
Cap `n_neighbors` at 100. UMAP's neighborhood size has strongly
diminishing returns well below this (default 15; a few dozen already
captures global structure), so the ceiling preserves — likely improves —
cluster quality while bounding memory to O(N). Mirrors the existing
`n_components=min(12, len(embeddings) - 2)` clamp two lines down.

​```diff
-        n_neighbors = int((len(embeddings) - 1) ** 0.8)
+        n_neighbors = min(int((len(embeddings) - 1) ** 0.8), 100)
​```

## Repro
Dataset-scope RAPTOR over a KB with ~90k+ chunks on a box with <~64 GB
available: executor OOM-killed in the first-layer UMAP `fit_transform`.
With the cap, first-layer UMAP peaks in low single-digit GB and the
build
proceeds to completion.

## Scope
Only affects large dataset-scope builds; file-scope RAPTOR already had
n_neighbors well under 100. No behavior change beyond the ceiling.
2026-07-04 17:47:43 +08:00
Wang Qi
a0e65637eb Delete canvas_app.py and evaluation_service.py (#16614)
Follow on PR #13295
2026-07-03 21:03:54 +08:00
Kevin Hu
cf634b92b4 Feat: Put some wiki templates. (#16617)
### Summary

Add a few of wiki templates.
2026-07-03 20:52:27 +08:00
Wang Qi
06aa169df7 Update development script (#16623) 2026-07-03 20:34:30 +08:00
Liu An
63a4ed55d8 docs: update Docker build instructions for deps image (#16620)
### Summary

update Docker build instructions for deps image
2026-07-03 19:57:12 +08:00
monsterDavid
7da4f200e5 fix(agent): enable MCP file preview via doc_id (#15399)
## Summary
MCP-wrapped agents could only force-download files looked up by
`doc_id`. This adds an explicit preview path and inline response headers
for previewable file types.

- **New** `GET /api/v1/agents/attachments/{attachment_id}/preview` —
inline preview for PDFs, images, and other safe types (pass `ext` and/or
`mime_type`)
- **Improved** `GET /api/v1/documents/{doc_id}/preview` — sets inline
disposition using the document filename
- **Improved** attachment download routing — resolves `mime_type` /
`ext` query params (no default `markdown`), supports
`disposition=inline`
- **DocGenerator output** — includes URL-encoded `preview_url` for MCP
clients
- **Legacy `/document/download/...` aliases** — still use download
semantics; MCP clients should call `/preview` explicitly

Fixes #15398

## Test plan
- [x] `pytest test/unit_test/api/utils/test_file_response_headers.py`
(6/6)

---------

Co-authored-by: MkDev11 <mkdev11@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Ling Qin <qinling0210@163.com>
2026-07-03 19:56:01 +08:00
maoyifeng
0f4f2135f3 Go:cli move _order _columns sort group (#16615)
### Summary
1. Move common functions to format.go
2. modify show name spaces to _
3. move _order _columns column sort group;
4. add dao empty enterprise file
2026-07-03 19:37:53 +08:00
Jin Hai
6b571694df Go: Update error info (#16619)
As title.

Signed-off-by: Jin Hai <haijin.chn@gmail.com>
2026-07-03 19:37:25 +08:00
S
1861087787 fix(agent): defend against @ in var names at all template-split sites (#16469)
## Summary

While fixing #16467 (IterationItem crash on `@` in user-defined output
keys), an audit of `agent/**/*.py` revealed **three additional sites**
with the same vulnerability. This PR hardens all of them with
`maxsplit=1` and adds regression tests.

This is **defense-in-depth hardening**, not a behavior change. The
current `variable_ref_patt` regex constrains `var_nm` to
`[A-Za-z0-9_.-]+`, so single-`@` templates resolve exactly as before.
The `maxsplit=1` only kicks in if the trailing side itself contains `@`
— currently unreachable from the public DSL surface, but trivially
exploitable the moment a user-defined output key happens to contain `@`
(e.g. `user@email`) or the regex is ever relaxed.

> **Note on issue scope**: The primary fix for #16467 (the
`list_tenant_added_models` `ValueError` crash on `@` in model names) is
in PR #16468. This PR is a **follow-up hardening sweep** of the same
vulnerability class found in `agent/` during that audit; it does not
duplicate or replace #16468.

## Sites hardened

| File | Line | Method |
|------|------|--------|
| `agent/canvas.py` | 206 | `Graph.get_variable_value` |
| `agent/canvas.py` | 256 | `Graph.set_variable_value` |
| `agent/component/base.py` | 533 |
`ComponentBase.get_input_elements_from_text` |
| `agent/component/iterationitem.py` | 88 |
`IterationItem.output_collation` |

All now use `split("@", 1)` with an inline comment explaining the
rationale. The trailing side keeps any embedded `@`.

## Sites already safe (audited but left alone)

| File | Reason safe |
|------|------------|
| `agent/canvas.py:708` (`is_reff`) | Pre-checks `len(arr) != 2` |
| `agent/component/categorize.py` | Uses `rsplit` |
| `agent/component/iteration.py` | Pre-validates via regex |
| Other call sites | `rsplit` or regex pre-validation |

## Regression tests

9 new tests across 2 files, all `pytest.mark.p2`:

| File | Tests |
|------|-------|
| `test/unit_test/agent/test_canvas_at_split.py` | 6 —
`get_variable_value`, `set_variable_value`, round-trip, single-`@`,
missing-component |
| `test/unit_test/agent/component/test_iterationitem_at_split.py` | 3 —
`output_collation` with `@` in var, single-`@`, non-matching cid |

Each test was **verified to fail with `ValueError: too many values to
unpack (expected 2)`** when the corresponding fix is temporarily
reverted, confirming the tests actually catch the bug rather than just
exercising the happy path.

## Test results

```
9 passed in 0.04s
```

Full agent unit suite also clean (38 passed, 3 skipped; 6 unrelated
pre-existing collection errors from missing `peewee`/`requests` in local
venv — not caused by this PR).

## Related

- Issue: #16467
- Primary fix PR: #16468 (closes the issue)
- This PR: defense-in-depth follow-up, intentionally non-blocking on
#16467

---------

Co-authored-by: skbs-eng <skbs-eng@users.noreply.github.com>
2026-07-03 19:26:27 +08:00
Haruko386
fd7fb6669a fix: cannot get query in agent-log (#16610)
### Summary

As title

bug:


fixed:
<img width="1827" height="1286" alt="image"
src="https://github.com/user-attachments/assets/0cdc391c-43d7-4330-bc34-3aefe5d4f4ee"
/>
2026-07-03 18:56:32 +08:00
Jin Hai
83d09b16ce Fix Go: list providers order issue. (#16616)
### Summary

As title.

---------

Signed-off-by: Jin Hai <haijin.chn@gmail.com>
2026-07-03 18:27:32 +08:00
Haruko386
dde8b6d54c fix: get team's search in own search-list (#16599)
### Summary

As title:
2026-07-03 18:26:03 +08:00
Haruko386
226d0ff77c fix: get team merber's chat (#16597)
### Summary

As title
2026-07-03 18:25:31 +08:00