* add telemetry for productId
* updated multiple services (chatflows, buildChatflow, upsertVector) to use the new method for fetching product ID from subscriptions, improving consistency and error handling
* add tools warning
* Enhance file handling tools with security features
- Introduced new input parameters: workspacePath, enforceWorkspaceBoundaries, maxFileSize, and allowedExtensions for better control over file operations.
- Added validation for file paths and sizes to prevent unsafe operations.
- Implemented workspace boundary checks to restrict file access based on user-defined settings.
Added background toggle functionality across multiple components (AgentflowCanvas, MarketplaceCanvas, Canvas) with new icons for enabling/disabling background.
Enhance file upload functionality in createAttachment
- Added support for configurable allowed file types and file upload status in createFileAttachment.
- Implemented validation to ensure uploaded files match allowed types, throwing errors for disallowed types.
* Add tts UI
* Add tts backend
* Add description to eleven labs credentials
* Fix issue with fetching eleven labs voices
* Fix issue with text to speech tab not showing correct saved voice
* Add option to autoplay tts audio after prediction completes
* Fix crash issue when first changing tts provider
* Set up streaming response for text to speech audio
* Update controllers - fix issue with sse client getting removed before tts events are sent
* Use existing sse streamer to stream tts audio before sse client is removed
* Add tts sse to redis publisher
* Fix issues with TTS - openai voices, streaming audio, rate limiting, speed of speech
* Refactor
* Refactor TTS - fix issues with tts loading and stop audio buttons
* Abort TTS SSE when clicking the stop button
* Update SSE handling for TTS
* Fix issue with test voice feature
* Fix issue with tts voices not loading
* Update generate tts endpoint and its usage in internal chat
* Whitelist tts generate endpoint
* Refactor Text-to-Speech Provider Selection and Enhance UI Components
- Updated the text-to-speech controller to select the active provider based on status instead of the first available provider
- Added audio waveform controls and test audio functionality in the TextToSpeech component, allowing users to play and pause test audio
- Integrated Autocomplete for voice selection in the TextToSpeech component
- Implemented TTS action management in ChatMessage to prevent auto-scrolling during TTS actions
* - Implemented stopAllTTS function calls to halt existing TTS audio before playing new audio or starting a new TTS stream
* Updated the condition for enabling TTS providers to exclude the 'none' provider, ensuring only valid providers are considered for text-to-speech functionality.
* Remove unnecessary code
* Add ability to abort audio streaming in TTS and release lock on chat input
* Remove logger
* Fix tts audio not playing when clicking speaker button
* update
* TTS abort controller
* Fix abort not working for TTS autoplay
* Send metadata event when aborting autoplay TTS
* Fix UI issue
* Remove elevenlabs sdk from root package.json
* Remove redundant condition for tts autoplay in chatflow
---------
Co-authored-by: Henry <hzj94@hotmail.com>
feat: enhance OpenAPI Toolkit with input type options and server selection
- Updated OpenAPI Toolkit to support multiple input types: file upload or link.
- Added async options for selecting servers and endpoints from the OpenAPI specification.
- Improved error handling for loading OpenAPI specs and fetching server data.
- Updated version to 2.1.
Co-authored-by: Mehdi Chebbah <MChebbah@aas.com.sa>
Remove cancel subscription functionality from account controller and UI components; update email background and logo URLs across multiple email templates.
* Feature: Update Loop Agentflow to include fallback message and version increment to 1.1
- Added a new input parameter 'fallbackMessage' to the Loop Agentflow for displaying a message when the loop count is exceeded.
- Incremented the version of Loop Agentflow from 1.0 to 1.1.
- Updated the processing logic to handle the fallback message appropriately when the maximum loop count is reached.
* - Introduced a new input parameter 'loopUpdateState' to allow updating the runtime state during workflow execution.
- Added a method to list runtime state keys for dynamic state management.
- Implemented logic to retrieve and utilize the current loop count in variable resolution.
- Updated the Loop Agentflow output to reflect the new state and final output content.
* disable available dependencies by default, only allow when ALLOW_BUILTIN_DEP is set to true
* update contributing.md
* update pnpm lock
* Enhance security by adding secure wrappers for Axios and Node Fetch in utils.ts, and update dependency handling to include default external dependencies.
* Fix formatting in pnpm-lock.yaml
feat: enhance security validation for MCP configurations
- Added environment variable checks for CUSTOM_MCP_SECURITY_CHECK, CUSTOM_MCP_PROTOCOL, and HTTP_DENY_LIST across various Docker and application files.
- Implemented validation functions in MCP core to prevent command injection and ensure safe environment variable usage
* add acceptVariable property to vector store metadata filter
* add accepVariadd acceptVariable property to other json fields
* add camelcase chatflowId to flowConfig
- Added `secureFetch` and `checkDenyList` functions from `httpSecurity` to enhance security in web crawling and link fetching processes.
- Updated relevant functions to utilize these new security measures, ensuring safer data handling.
* fix gsuite tool params
* custom assistant only check for mandatory fields for visible params
* azure chat openai fix for gpt5
* return raw from executeJavaScriptCode
* add json5 for parsing
* azure chatopenai use maxCompletionTokens
* feat: add CometAPI integration with ChatCometAPI node and credential support
* feat: remove timeout and stop sequence parameters from ChatCometAPI node
* Fixed background color of file upload box in Chat configuration
* Refactor FileUpload to use useSelector for customization
* lint fix
---------
Co-authored-by: Henry Heng <henryheng@flowiseai.com>
* feat: Add agentflow name filter to executions page
- Add agentflow name text field to executions filter UI
- Implement backend filtering with case-insensitive partial matching
- Add database index on chat_flow.name for improved query performance
- Support filtering executions by agentflow name across all database types
* chore: Fix linting issues and remove screenshot
- Apply prettier formatting to migration files
- Fix formatting in executions service
- Remove accidentally committed screenshot file
OrbisAI Sec
Henry Heng
Bharath
Henry
Ilango
Rostyslav Borovyk
Mehdi
Kushal Bhana
Yau
vilashjagani
Jakub Drobník
toi500
Marvelous Ikponmwosa
anatolii burtsev
TensorNull