Skip to content

v0.5.5

Choose a tag to compare

View all tags
@ffy6511 ffy6511 released this 12 Jun 11:33
· 26 commits to main since this release
v0.5.5
18e6401
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's New

本次发布主要聚焦 3 个方向:会话分享与频道协作、普通聊天文件引用能力、以及 Executor Manager 接口鉴权加固。

1. 会话分享与频道协作增强

  • 新增普通聊天分享能力,支持生成只读 share link,方便他人查看完整会话内容。
  • 登录用户可基于分享快照 fork 到自己的普通聊天中继续处理,分享与继续执行的边界更清晰。
  • 支持将普通聊天分享到频道,自动生成对应 thread / timeline,并将可发布文件同步到频道 Artifacts,便于团队协作、讨论和后续追踪。
  • 共享页补齐只读 transcript、Computer 回放、Artifacts 预览和侧边栏入口,分享后的阅读与承接体验更完整。

2. 普通聊天支持引用当前会话文件

  • 普通聊天输入框支持通过 # 引用当前会话中的文件。
  • 可引用的对象不仅包括当前上传附件,也包括历史输入文件,以及 agent 在当前会话 workspace 中生成的文件。
  • 历史消息和运行上下文会保留这些文件引用,消息展示优化为 inline file chip,便于回放、理解和继续编辑。
  • 对 workspace 文件引用保留原始 /workspace/... 语义,不会错误地退化成重新上传文件的流程。

3. Executor Manager 接口鉴权加固

  • 补齐 Executor Manager 非 health 接口的鉴权边界,降低仅凭端口可达和 URL 参数就操作 workspace、任务或执行器接口的风险。
  • 区分两类调用链路:
    • Backend / internal service 控制面调用使用 X-Internal-Token
    • executor 回调与工具代理调用使用 Authorization: Bearer <callback_token>
  • 保持前端仍通过 Backend 访问用户态 workspace / Artifacts,正常使用体验不变,同时提升整体服务边界的安全性。

This release mainly focuses on three directions: session sharing and channel collaboration, common chat file reference capabilities, and Executor Manager interface authentication reinforcement.

1. Conversation sharing and channel collaboration enhancements

  • Added the ability to share common chats and support the generation of read-only share links to facilitate others to view the complete conversation content.
  • Logged-in users can fork the shared snapshot into their own normal chat to continue processing, making the boundary between sharing and continued execution clearer.
  • Supports sharing ordinary chats to channels, automatically generating corresponding threads/timelines, and synchronizing publishable files to channel artifacts to facilitate team collaboration, discussion, and follow-up tracking.
  • The shared page is supplemented with read-only transcript, computer playback, artifacts preview and sidebar entry, making the reading and sharing experience more complete after sharing.

2. Ordinary chat supports referencing the current session file

  • The normal chat input box supports referencing files in the current session through #.
  • Referenceable objects include not only the currently uploaded attachments, but also historical input files, and files generated by the agent in the current session workspace.
  • Historical messages and running context will retain these file references, and message display is optimized as an inline file chip for easy playback, understanding, and continued editing.
  • Retains original /workspace/... semantics for workspace file references and does not erroneously degenerate into re-uploading files.

3. Executor Manager interface authentication hardening

  • Complete the authentication boundary of the non-health interface of the Executor Manager to reduce the risk of operating workspace, task or executor interfaces based only on port reachability and URL parameters.
  • Distinguish between two types of call links:
    • Backend / internal service control plane call uses X-Internal-Token
    • executor callbacks and tool proxy calls use Authorization: Bearer <callback_token>
  • Keep the front-end still accessing user-mode workspace/Artifacts through Backend, keeping the normal usage experience unchanged, while improving the security of the overall service boundary.

What's Changed

  • feat: 完善会话分享与频道导入 by @ffy6511 in #134
  • 加固 Executor Manager 接口鉴权 by @ffy6511 in #135
  • feat: 支持普通聊天引用当前会话文件 by @ffy6511 in #141
  • feat: 合并 dev 核心能力到 main(会话分享、会话文件引用、EM 鉴权加固) by @ffy6511 in #142

Full Changelog: v0.5.4...v0.5.5

Contributors

ffy6511
Assets 2
Loading