Skip to content

v4.24.4

Choose a tag to compare

View all tags
@github-actions github-actions released this 12 May 17:49
· 151 commits to master since this release
v4.24.4
c481080

What's Changed

优化

  • 强化 Dashboard 登录与密码安全:首次启动生成强随机初始密码,密码存储升级为 PBKDF2,保留旧版 MD5 兼容升级流程,并在需要时引导用户完成安全升级。(#7338
  • 增强插件页面国际化能力,插件页面、扩展页和相关 Dashboard 文案可更好地按当前语言展示。(#7998
  • 新增 WebUI 指标开关配置 disable_metrics,可在 Dashboard 中关闭指标统计。(#7946
  • 新增控制台自动滚动开关持久化,刷新页面后保留用户选择。(#8024
  • 新增思考内容与最终回复之间的视觉分隔,提升消息阅读体验。(#8059
  • 优化插件安装、备份恢复与路径冲突处理,增加自愈逻辑并减少临时目录残留和错误追踪误报。(#7737, #8148
  • 优化 Windows 更新器 zip 根目录归一化与 Python 工具编码处理,提升 Windows 环境兼容性。(#8019
  • 优化 CUA 文件上传逻辑,改用原生文件接口处理上传。(#8069
  • 优化 CUA 空闲沙盒会话过期能力,并在 Dashboard 暴露 CUA idle timeout 配置。(#8074, #8075
  • 优化 Gemini Provider,使其使用受管理的 httpx client。(#8112
  • 优化 Dashboard 移动端布局、控制台日志级别对齐,以及列表项操作按钮显示逻辑。(#7988, #8081

修复

  • 修复知识库在空 prompt 下仍触发检索的问题。(#8073
  • 修复 Discord 命令同步达到配额时会影响平台启动的问题。(#8061
  • 修复 GitHub fallback 下载 URL 中资源文件名错误的问题。(#8046
  • 修复文件夹重命名后父级关系丢失的问题。(#7974
  • 修复配置缺失 websearch_firecrawl_key,以及百度搜索关闭时仍显示 key 字段的问题。(#8012, #7992
  • 修复 T2I 模板内容未校验可能导致 Jinja2 SSTI 注入的问题。(#8077
  • 修复贡献者图片数量上限、API Key 文档示例、插件发布 16MB 限制说明、README 徽章和多处插件开发文档错误。(#8000, #7977, #8108, #8079, #7979, #8001, #8129, #8166

What's Changed (EN)

New Features

  • Added plugin changelogs and a plugin update system, allowing plugin detail pages to show version update information and supporting a more complete plugin update flow.
  • Enhanced plugin page internationalization so plugin pages, extension views, and related Dashboard copy can better follow the current language. (#7998)
  • Added the disable_metrics WebUI config option to disable metrics collection from the Dashboard. (#7946)
  • Added persisted console auto-scroll preference. (#8024)
  • Added a visual separator between thinking content and the final response. (#8059)
  • Added idle expiration for CUA sandbox sessions and exposed the CUA idle timeout setting in the Dashboard. (#8074, #8075)

Improvements

  • Strengthened Dashboard authentication and password security: initial passwords are generated randomly, password storage is upgraded to PBKDF2, legacy MD5 compatibility is preserved for upgrades, and users are guided through security upgrades when required. (#7338)
  • Improved plugin installation, backup restore, and path-conflict handling with self-healing behavior and fewer temporary-directory leftovers or false error reports. (#7737, #8148)
  • Improved Windows updater zip-root normalization and Python tool encoding handling for better Windows compatibility. (#8019)
  • Improved CUA uploads by using native file interfaces. (#8069)
  • Improved the Gemini Provider to use a managed httpx client. (#8112)
  • Improved Dashboard mobile layout, console log-level alignment, and list-item action-button visibility. (#7988, #8081)

Bug Fixes

  • Fixed missing validation for T2I template content that could allow Jinja2 SSTI injection. (#8077)
  • Fixed knowledge base retrieval being triggered for blank prompts. (#8073)
  • Fixed Discord startup being interrupted by command quota handling. (#8061)
  • Fixed incorrect asset filenames in GitHub fallback download URLs. (#8046)
  • Fixed folder parent relationships being lost on rename. (#7974)
  • Fixed missing websearch_firecrawl_key in the default config and hidden Baidu web-search keys when disabled. (#8012, #7992)
  • Fixed contributor image limits, API Key examples, plugin publishing size-limit docs, README badges, and multiple plugin development guide issues. (#8000, #7977, #8108, #8079, #7979, #8001, #8129, #8166)

What's Changed

  • fix(docs): 修复文档中的多处错误,包括死链、拼写错误、步骤编号等 by @lingyun14beta in #7979
  • feat: enhance plugin page internationalization by @Soulter in #7998
  • fix: encoding issue in windows when using python tool by @elecvoid243 in #7995
  • fix: update contributors image max count to 300 by @Blueteemo in #8000
  • fix: resolve path conflicts and improve self-healing during backup restore and plugin installation by @SXP-Simon in #7737
  • fix: preserve folder parent and description on rename by @Fronut in #7974
  • fix(config): add missing websearch_firecrawl_key to DEFAULT_CONFIG by @Midwich in #8012
  • fix(config): hide Baidu web search key when disabled by @RhoninSeiei in #7992
  • Fix typo in API Key environment variable example by @168SDTH in #7977
  • feat: 增加 WebUI 配置选项禁用匿名使用统计 by @Blueteemo in #7946
  • feat(console): persist auto-scroll toggle state in localStorage by @RC-CHN in #8024
  • fix windows updater zip root path normalization by @zouyonghe in #8019
  • fix(core): use correct asset filename in GitHub fallback download URL by @RC-CHN in #8046
  • feat: add visual separator between thinking content and response by @Pleiades1726 in #8059
  • fix(cua): use native file interfaces for uploads by @zouyonghe in #8069
  • fix: skip KB retrieval for blank prompts by @he-yufeng in #8073
  • feat(cua): expire idle sandbox sessions by @zouyonghe in #8074
  • fix(config): expose cua idle timeout in dashboard by @zouyonghe in #8075
  • fix(t2i): validate template content to prevent Jinja2 SSTI injection by @RC-CHN in #8077
  • docs: update Trendshift badge to AstrBotDevs repo (#21369) for all README languages by @Pleiades1726 in #8079
  • Fix(ui): always show actions btn instead of on hover in OutlinedActionListItem by @M1LKT in #8081
  • docs: add 16MB size limit note for plugin publishing by @Pleiades1726 in #8108
  • chore(deps): bump pnpm/action-setup from 6.0.3 to 6.0.5 in the github-actions group by @dependabot[bot] in #8004
  • fix(docs):多份文档汉译英并整理 by @lingyun14beta in #8001
  • fix: fix console log level alignment and mobile layout issue by @lingyun14beta in #7988
  • fix(provider): force Gemini chat client to use managed httpx client by @zouyonghe in #8112
  • fix(star): 修复重复安装插件时临时目录未清理及错误追踪误报问题 by @NayukiChiba in #8148
  • Update API Key reference in knowledge-base.md by @jdjfjdsfj in #8129
  • chore(deps): bump pnpm/action-setup from 6.0.5 to 6.0.7 in the github-actions group by @dependabot[bot] in #8156
  • fix: keep Discord startup alive on command quota by @he-yufeng in #8061
  • fix(webui): enhance password crypto method by @Soulter in #7338
  • fix(docs): fix multiple errors in plugin development guides by @lingyun14beta in #8166

New Contributors

Full Changelog: v4.24.2...v4.24.4

Contributors

Midwich, dependabot, and 15 other contributors
Assets 3
Loading