merge: sync v3.7.1 + local enhancements#909
Open
theanhbk081-max wants to merge 16 commits intonextlevelbuilder:devfrom
Open
merge: sync v3.7.1 + local enhancements#909theanhbk081-max wants to merge 16 commits intonextlevelbuilder:devfrom
theanhbk081-max wants to merge 16 commits intonextlevelbuilder:devfrom
Conversation
…l, stealth, and live view - Add container pool engine (Docker) with configurable memory/CPU limits and network isolation - Implement browser fingerprint randomization and stealth mode (WebDriver, WebGL, navigator spoofing) - Add proxy management with encrypted credential storage and rotation support - Add extension management system with per-tenant browser extension loading - Add audit logging for browser actions with PostgreSQL-backed store - Add screencast/live view with WebSocket streaming and shareable session tokens - Add browser profile storage manager for persistent sessions across restarts - Implement cookie, localStorage/sessionStorage, and JS error capture APIs - Add web UI: browser management page, live view modal, config section, i18n (en/vi/zh) - Add config hot-reload for browser settings via pub/sub - Support multiple modes: host (local Chrome), remote (CDP URL), docker (container pool), k8s - Add PostgreSQL migration 000031 for browser_proxies, browser_extensions, browser_audit, screencast_sessions - Add comprehensive unit and integration tests for engine, stealth, storage, and extended tools
- Add BrowserSettingsForm with public_url configuration for live view share links - Add image preset selector (basic/stealth/custom) to browser runtime config section - Make config page tabs URL-driven via optional :section route param - Add i18n strings for browser settings and image presets (en/vi/zh)
- Add HTTP API for browser proxy CRUD (list/create/delete/toggle/health-check) - Add proxy-profile sticky assignment store and migration (000032) - Add per-agent browser_use_proxy opt-in via other_config JSONB - Add proxy URL validation to prevent injection via malformed URLs - Add proxy pool UI page with i18n support (en/vi/zh) - Add browser proxy config section in agent advanced settings - Fix agent cache invalidation to handle tenant-scoped keys - Wire proxy manager with assignment store in gateway startup - Add is_enabled column support for proxy enable/disable toggling
- Added BridgeTraceRegistry to manage trace context for CLI tool calls. - Enhanced gateway setup to include built-in tool store and bridge trace registry. - Updated agent loop to register and unregister trace context during CLI Chat/ChatStream. - Modified MCP bridge server to emit tool spans for CLI executed tools. - Introduced new tracing methods to handle tool call and result spans. - Enhanced CLI provider to support tool call tracing and logging. - Updated tool registry to allow retrieval of disabled tools for MCP bridge. - Added sanitization for media paths to prevent leakage of sensitive information.
feat: add import/export, subagent persistence, reasoning resolution, and browser automation - Add agent/team/capabilities import and export with SSE progress tracking - Add subagent task persistence and roster management (migration 034) - Add reasoning capability detection and resolution for provider compatibility - Add browser tables and proxy assignment migrations (035, 036) - Add knowledge graph FTS, dedup, and similarity scoring (migration 031) - Add secure CLI user credentials management (migration 032) - Add cron payload columns for enhanced scheduling (migration 033) - Add Codex pool activity tracking and provider pool UI improvements - Add composable Docker setup with prepare-compose.sh and compose options - Refactor agent loop: extract media input, MCP user, tool filter, team reminders - Refactor team tasks: split creation, lifecycle, and workspace auto-share - Refactor consumer handlers: extract post-turn logic and dependency injection - Add Telegram subagent commands and enhanced channel formatting - Add comprehensive test coverage across store, agent, provider, and tool layers - Update web and desktop UI with import/export pages, KG dedup dialog, and i18n
- Align RequiredSchemaVersion with latest migration files
- Strip credentials from proxy URLs passed to Chrome's --proxy-server flag (which doesn't support userinfo in URLs) - Intercept 407 Proxy-Auth-Required via CDP Fetch domain to provide credentials at the protocol level - Add FormatURLAndCreds to ProxyManager returning URL and creds separately - Propagate proxy auth creds through context and container pool entries - Inject per-agent use_proxy config flag from gateway bridge middleware
Merge browser automation features from nhokboo branch onto clean origin/dev. Conflicts resolved favoring nhokboo (browser engine abstraction). Re-exported timezone-utils for backward compat. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Accept upstream for all conflicts. Browser automation commits deferred. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
fix(security): cross-group session leak + auto-inject scoping + vault graph + UI fixes
Release: vault enrich filter, stop bug, graph, tests, security fixes
Merged features: - Tenant-scoped allowed_paths for filesystem tools - Web search provider chain (Exa, Tavily, Brave, DuckDuckGo) - TTS settings with auto-apply modes - Shell deny groups injection in MCP bridge - LocalKey field in bridge context for session isolation - Tenant override UI for builtin tool settings Preserved local features: - Browser use_proxy flag per agent - Browser settings form - AgentKey in bridge context Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Bridge context: - Add SharedMemory/SharedKG flags for per-user scoping control - Add LocalKey for forum topic routing MCP/providers: - Propagate shared memory/KG headers through bridge - Include localKey in bridge context headers Agent pipeline: - Enhanced pipeline callbacks for shared context Telegram: - Media handling improvements - Factory config updates UI: - Add VAULT, BACKUP_RESTORE routes - Add proxyPool query keys Cleanup: - Remove WIP browser/proxy migration files (not yet ready) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add ForceGraph3DContainer using react-force-graph-3d + Three.js - Add graphology-to-force-graph adapter for data conversion - Add ForceGraph3DSearch for 3D-aware node search with camera zoom - Add 2D/3D toggle to VaultGraphView and KGGraphView - Filter by node type works in both 2D and 3D modes - Lazy load 3D components to reduce initial bundle size Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Changes from v3.7.1
allowed_pathsfor filesystem toolsLocal enhancements
SharedMemory/SharedKGflags in bridge context for per-user scoping controlLocalKeyfield for forum topic routinguse_proxyflag per agent🤖 Generated with Claude Code