- Updated `validateMCPServerSecurity` to only allow whitelisted commands, removing the extensive list of dangerous commands.
- Introduced `validateArgsForLocalFileAccess` to check for potential local file access patterns and null byte injections.
- Updated `Supergateway_MCP` to utilize the new argument validation function.
- Added a warning in `CustomMCP` regarding upcoming changes to Remote MCP support.
* - Implemented a validation function to check for banned commands and dangerous patterns.
- Added checks for potential shell injection attempts in command and arguments.
- Security validation is conditionally enabled based on environment variable CUSTOM_MCP_SECURITY_CHECK.
* Enhance security by implementing command and argument validation in SupergatewayMCP. Added checks for banned commands, dangerous patterns, and potential shell injection attempts. Security validation is conditionally enabled based on the CUSTOM_MCP_SECURITY_CHECK environment variable.
* add validateMCPServerSecurity
* feat: Implement SSO token caching and retrieval in CachePool
This implementation improves the authentication process by securely caching SSO tokens and managing user sessions.
* Removed commented code
* feat: add deleteSSOTokenCache in ssoSuccess
---------
Co-authored-by: Ong Chung Yau <33013947+chungyau97@users.noreply.github.com>
Co-authored-by: chungyau97 <chungyau97@gmail.com>
* Refactor URL filtering logic in App class
- Introduced a denylist for URLs using the DENYLIST_URLS environment variable.
- Updated the whitelist logic to filter out denylisted URLs, ensuring improved request validation.
* revery whitelist url changes
* revert whitelist url changes
Refactor URL filtering logic in App class
- Introduced a denylist for URLs using the DENYLIST_URLS environment variable.
- Updated the whitelist logic to filter out denylisted URLs, ensuring improved request validation.
Refactor account and evaluations routes to use POST for billing and run-again endpoints
- Changed the billing route from GET to POST in account.route.ts and account.api.js for consistency with other account actions.
- Updated the run-again route from GET to POST in evaluations/index.ts and evaluations.js to align with the API design for creating actions.
refactor: Update code execution sandbox implementation across components
- Replaced NodeVM usage with a new createCodeExecutionSandbox function for improved sandbox management.
- Enhanced JavaScript code execution with executeJavaScriptCode function, allowing for better handling of libraries and output streaming.
- Updated multiple components to utilize the new sandboxing approach, ensuring consistent execution environment.
- Added validation for UUIDs and URLs in various tools to enhance input safety.
- Refactored input handling in CustomFunction and IfElseFunction to streamline variable management.
Refactor: Update pnpm-lock.yaml and enhance UI components for safe HTML rendering
- Updated pnpm-lock.yaml to improve dependency management and ensure consistency.
- Refactored the JSONViewer component to utilize a new JsonToken for syntax highlighting.
- Introduced SafeHTML component to sanitize and safely render HTML content in ViewMessagesDialog and NodeExecutionDetails.
- Replaced direct HTML rendering with SafeHTML in ChatMessage component for enhanced security.
* refactor: Implement SecureZodSchemaParser for safe Zod schema handling and add FilterParser for Supabase filters
* Replaced direct Zod schema evaluation with SecureZodSchemaParser in StructuredOutputParserAdvanced and CustomTool.
* Introduced FilterParser to safely handle Supabase filter strings, preventing arbitrary code execution.
* Added new filterParser.ts file to encapsulate filter parsing logic.
* Updated Supabase vector store to utilize the new FilterParser for RPC filters.
* Created secureZodParser.ts for secure parsing of Zod schemas.
* remove console log
Enhance file upload capabilities by adding support for additional file types (html, css, js, xml, md, excel, powerpoint) and updating related MIME type mappings. Improve user interface for file type selection in FileUpload component.
feat: Implement caching for MCP toolkit in CachePool
- Added methods to CachePool for managing MCP toolkit cache.
- Integrated caching logic in CustomMCP to store and retrieve toolkit data based on workspaceId and configuration.
- Updated node service to pass cachePool to CustomMCP for enhanced performance.
* Update README.md
Enhanced the readability of file file and fixed minor grammatical errors
* Update README.md
Added proper spacing and fixed few minor erros
* Added region support to chatGoogleVertexAi
* Added region to the vertex ai embeddings loader too
* Updated the available vertex text embedding models to be valid
* Update ChatGoogleVertexAI.ts
* Update GoogleVertexAIEmbedding.ts
---------
Co-authored-by: Henry Heng <henryheng@flowiseai.com>
Ilango Rajagopal
Jake A. Smith
Henry
Ong Chung Yau
Henry Heng
Ilango
russelj1
matekungl-byborg
Philip I. Thomas
Vinod Kiran
Karl Stoney
Karl Stoney
Amr Aly
Krishna Somani
Kang Nahoon