* feat: add JSONPathExtractor tool with lodash-based path extraction
- Implement JSONPathExtractor tool for extracting values from JSON using path notation
- Use lodash.get for robust path extraction supporting edge cases (numeric string keys, array indexing)
- Add configurable error handling with returnNullOnError parameter
- Include comprehensive test suite with 34 tests covering all scenarios
- Support JSON strings, objects, and arrays as input
* fix lint
* Update pnpm-lock.yaml
* fix: exclude test files from TypeScript compilation
Prevents test files from being included in the dist folder which was causing
"jest is not defined" errors during server startup.
---------
Co-authored-by: Henry Heng <henryheng@flowiseai.com>
* fix(entities/ChatFlow.ts): make type column non-nullable with default value
* fix(postgres/ModifyChatflowType): set default type and make column non-nullable
* fix(sqlite/ModifyChatflowType): set default type and make column non-nullable
* fix(mysql/ModifyChatflowType): set default type and make column non-nullable
* chore(sqlite/ModifyChatflowType): standardize type column to VARCHAR(20)
* chore(postgres/ModifyChatflowType): standardize type column to VARCHAR(20)
* fix(mariadb/ModifyChatflowType): set default type and make column non-nullable
* chore: rename ChatflowType to EnumChatflowType and update references
* feat(chatflows): add chatflow type validation
* fix(chatflows): empty string bypassing type validation on update
* feature/bugfix: added otpional css selector to puppeteer web scraper, fixed error when puppeteerLoader does not work.
* feature: added button to add empty link in web scraper tools
* feature: added custom executable file path as an input to puppeteer to fix issues when puppeteer can not find/launch the browser.
* feature: added new puppeteer features to playwright aswell.
* fixed review comments
* Fixes the lossy-replace when a new state assignment contains the {{ output }} variable
* Replaces replace with replaceAll
---------
Co-authored-by: Corentin <corentin.hoareau@sogeti.com>
* - Added support for built-in OpenAI tools including web search, code interpreter, and image generation.
- Enhanced file handling by extracting artifacts and file annotations from response metadata.
- Implemented download functionality for file annotations in the UI.
- Updated chat history management to include additional kwargs for artifacts, file annotations, and used tools.
- Improved UI components to display used tools and file annotations effectively.
* remove redundant currentContainerId
* update comment
- Updated `validateMCPServerSecurity` to only allow whitelisted commands, removing the extensive list of dangerous commands.
- Introduced `validateArgsForLocalFileAccess` to check for potential local file access patterns and null byte injections.
- Updated `Supergateway_MCP` to utilize the new argument validation function.
- Added a warning in `CustomMCP` regarding upcoming changes to Remote MCP support.
* - Implemented a validation function to check for banned commands and dangerous patterns.
- Added checks for potential shell injection attempts in command and arguments.
- Security validation is conditionally enabled based on environment variable CUSTOM_MCP_SECURITY_CHECK.
* Enhance security by implementing command and argument validation in SupergatewayMCP. Added checks for banned commands, dangerous patterns, and potential shell injection attempts. Security validation is conditionally enabled based on the CUSTOM_MCP_SECURITY_CHECK environment variable.
* add validateMCPServerSecurity
Ong Chung Yau
Henry
anatolii burtsev
Purshotam Bohra
Henry Heng
russelj1
Mewyii
Hung-Ruei Wu
corentin-hoareau
Ilango
kpj2006
Jake A. Smith
matekungl-byborg