Release/v0.2.3 (#355)

* feat(web): add PageEmpty component

* feat(web): add PageTabs component

* feat(web): add PageEmpty component

* feat(web): add PageTabs component

* feat(prompt): add history tracking for prompt releases

* feat(web): add prompt menu

* refactor: The PageScrollList component supports two generic parameters

* feat(web): BodyWrapper compoent update PageLoading

* feat(web): add Ontology menu

* feat(web): memory management add scene

* feat(tasks): add celery task configuration for periodic jobs

- Add ignore_result=True to prevent storing results for periodic tasks
- Set max_retries=0 to skip failed periodic tasks without retry attempts
- Configure acks_late=False for immediate acknowledgment in beat tasks
- Add time_limit and soft_time_limit to regenerate_memory_cache task (3600s/3300s)
- Add time_limit and soft_time_limit to workspace_reflection_task (300s/240s)
- Add time_limit and soft_time_limit to run_forgetting_cycle_task (7200s/7000s)
- Improve task reliability and resource management for scheduled jobs

* feat(sandbox): add Node.js code execution support to sandbox

* Release/v0.2.2 (#260)

* [modify] migration script

* [add] migration script

* fix(web): change form message

* fix(web): the memoryContent field is compatible with numbers and strings

* feat(web): code node hidden

* fix(model):
1. create a basic model to check if the name and provider are duplicated.
2. The result shows error models because the provider created API Keys for all matching models.

---------

Co-authored-by: Mark <zhuwenhui5566@163.com>
Co-authored-by: zhaoying <yzhao96@best-inc.com>
Co-authored-by: yingzhao <zhaoyingyz@126.com>
Co-authored-by: Timebomb2018 <18868801967@163.com>

* Feature/ontology class clean (#249)

* [add] Complete ontology engineering feature implementation

* [add] Add ontology feature integration and validation utilities

* [add] Add OWL validator and validation utilities

* [fix] Add missing render_ontology_extraction_prompt function

* [fix]Add dependencies, fix functionality

* [add] migration script

* feat(celery): add dedicated periodic tasks worker and queue (#261)

* fix(web): conflict resolve

* Fix/v022 bug (#263)

* [fix]Fix the issue of inconsistent language in explicit and episodic memory.

* [fix]Fix the issue of inconsistent language in explicit and episodic memory.

* [add]Add scene_id

* [fix]Based on the AI review to fix the code

* Fix/develop memory reflex (#265)

* 遗漏的历史映射

* 遗漏的历史映射

* 反思后台报错处理

* [add] migration script

* fix: chat conversation_id add node_start

* feat(web): show code node

* fix(web): Restructure the CustomSelect component, repair the interface that is called multiple times when the form is updated

* feat(web): RadioGroupCard support block mode

* feat(web): create space add icon

* feat(app and model): token consumption statistics

* Add/develop memory (#264)

* 遗漏的历史映射

* 遗漏的历史映射

* 遗漏的历史映射

* 遗漏的历史映射

* 遗漏的历史映射

* 遗漏的历史映射

* 遗漏的历史映射

* 遗漏的历史映射

* 遗漏的历史映射

* 新增长期记忆功能

* 新增长期记忆功能

* 新增长期记忆功能

* 知识库检索多余字段

* 长期

* feat(app and model): token consumption statistics of the cluster

* memory_BUG_fix

* fix(web): prompt history remove pageLoading

* fix(prompt): remove hard-coded import of prompt file paths (#279)

* Fix/develop memory bug (#274)

* 遗漏的历史映射

* 遗漏的历史映射

* fix_timeline_memories

* fix(web): update retrieve_type key

* Fix/develop memory bug (#276)

* 遗漏的历史映射

* 遗漏的历史映射

* fix_timeline_memories

* fix_timeline_memories

* write_gragp/bug_fix

* write_gragp/bug_fix

* write_gragp/bug_fix

* chore(celery): disable periodic task scheduling

* fix(prompt): remove hard-coded import of prompt file paths

---------

Co-authored-by: lixinyue11 <94037597+lixinyue11@users.noreply.github.com>
Co-authored-by: zhaoying <yzhao96@best-inc.com>
Co-authored-by: yingzhao <zhaoyingyz@126.com>
Co-authored-by: Ke Sun <kesun5@illinois.edu>

* fix(web): remove delete confirm content

* refactor(workflow): relocate template directory into workflow

* feat(memory): add long-term storage task routing and batching

* fix(web): PageScrollList loading update

* fix(web): PageScrollList loading update

* Ontology v1 bug (#291)

* [changes]Add 'id' as the secondary sorting key, and 'scene_id' now returns a UUID object

* [fix]Fix the "end_user" return to be sorted by update time.

* [fix]Set the default values of the memory configuration model based on the spatial model.

* [fix]Remove the entity extraction check combination model, read the configuration list, and add the return of scene_id

* [fix]Fix the "end_user" return to be sorted by update time.

* [fix]

* fix(memory): add Redis session validation

- Add macOS fork() safety configuration in celery_app.py to prevent initialization issues
- Add null/False checks for Redis session queries in term_memory_save to handle missing sessions gracefully
- Add null/False checks in memory_long_term_storage to prevent processing empty Redis results
- Add null/False checks in aggregate_judgment before format_parsing to avoid errors on missing data
- Initialize redis_messages variable in window_dialogue for consistency
- Add debug logging when no existing session found in Redis for better troubleshooting
- Add TODO comments for magic numbers (scope=6, time=5) to be extracted as constants
- Improve error handling when Redis returns False or empty results instead of crashing

* fix(web): PageScrollList style update

* fix(workflow): fix argument passing in code execution nodes

* fix(web): prompt add disabled

* fix(web): space icon required

* feat(app): modify the key of the token

* fix(fix the key of the app's token):

* fix(workflow): switch code input encoding to base64+URL encoding

* [add]The main project adds multi-API Key load balancing.

* [changes]Attribute security access, secure numerical conversion, unified use of local variables

* fix(web): save add session update

* fix(web): language editor support paste

* [changes]Active status filtering logic, API Key selection strategy

* memory_BUG

* memory_BUG_long_term

* [changes]

* memory_BUG_long_term

* memory_BUG_long_term

* Fix/release memory bug (#306)

* memory_BUG_fix

* memory_BUG

* memory_BUG_long_term

* memory_BUG_long_term

* memory_BUG_long_term

* knowledge_retrieval/bug/fix

* knowledge_retrieval/bug/fix

* knowledge_retrieval/bug/fix

* [fix]1.The "read_all_config" interface returns "scene_name";2.Memory configuration for lightweight query ontology scenarios

* fix(web): replace code editor

* [changes]Modify the description of the time for the recent event

* [changes]Modify the code based on the AI review

* feat(web): update memory config ontology api

* fix(web): ui update

* knowledge_retrieval/bug/fix

* knowledge_retrieval/bug/fix

* knowledge_retrieval/bug/fix

* feat(workflow): add token usage statistics for question classifier and parameter extraction

* feat(web): move prompt menu

* Multiple independent transactions - single transaction

* Multiple independent transactions - single transaction

* Multiple independent transactions - single transaction

* Multiple independent transactions - single transaction

* Write Missing None (#321)

* Write Missing None

* Write Missing None

* Write Missing None

* Apply suggestion from @sourcery-ai[bot]

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Write Missing None

---------

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Fix/release memory bug (#324)

* Write Missing None

* Write Missing None

* Write Missing None

* Apply suggestion from @sourcery-ai[bot]

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Write Missing None

* redis update

* redis update

* redis update

* redis update

---------

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Fix/writer memory bug (#326)

* [fix]Fix the bug

* [fix]Fix the bug

* [fix]Correct the direction indication.

* fix(web): markdown table ui update

* Fix/release memory bug (#332)

* Write Missing None

* Write Missing None

* Write Missing None

* Apply suggestion from @sourcery-ai[bot]

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Write Missing None

* redis update

* redis update

* redis update

* redis update

* writer_dup_bug/fix

---------

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Fix/fact summary (#333)

* [fix]Disable the contents related to fact_summary

* [fix]Disable the contents related to fact_summary

* [fix]Modify the code based on the AI review

* Fix/release memory bug (#335)

* Write Missing None

* Write Missing None

* Write Missing None

* Apply suggestion from @sourcery-ai[bot]

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Write Missing None

* redis update

* redis update

* redis update

* redis update

* writer_dup_bug/fix

* writer_graph_bug/fix

* writer_graph_bug/fix

---------

Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

* Revert "feat(web): move prompt menu"

This reverts commit 9e6e8f50f8.

* fix(web): ui update

* fix(web): update text

* fix(web): ui update

* fix(model): change the "vl" model type of dashscope to "chat"

* fix(model): change the "vl" model type of dashscope to "chat"

---------

Co-authored-by: zhaoying <yzhao96@best-inc.com>
Co-authored-by: Eternity <1533512157@qq.com>
Co-authored-by: Mark <zhuwenhui5566@163.com>
Co-authored-by: yingzhao <zhaoyingyz@126.com>
Co-authored-by: Timebomb2018 <18868801967@163.com>
Co-authored-by: 乐力齐 <162269739+lanceyq@users.noreply.github.com>
Co-authored-by: lixinyue11 <94037597+lixinyue11@users.noreply.github.com>
Co-authored-by: lixinyue <2569494688@qq.com>
Co-authored-by: Eternity <61316157+myhMARS@users.noreply.github.com>
Co-authored-by: lanceyq <1982376970@qq.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>

sandbox/lib/seccomp_redbear/src/lib.rs

@@ -0,0 +1,224 @@
+#[cfg(all(feature = "python3", feature = "nodejs"))]
+compile_error!("Only one feature can be enabled: either python3 or nodejs, not both!");
+
+#[cfg(not(any(feature = "python3", feature = "nodejs")))]
+compile_error!("You must enable one feature: either python3 or nodejs");
+
+#[cfg(feature = "python3")]
+mod python_syscalls;
+#[cfg(feature = "python3")]
+use crate::python_syscalls::*;
+
+#[cfg(feature = "nodejs")]
+mod nodejs_syscalls;
+#[cfg(feature = "nodejs")]
+use crate::nodejs_syscalls::*;
+
+use libc::{c_char, c_int, chdir, chroot, gid_t, uid_t};
+use libseccomp_sys::*;
+use std::env;
+use std::ffi::CString;
+use std::str::FromStr;
+
+/*
+ * get_allowed_syscalls - retrieve allowed syscalls for the sandbox
+ * @enable_network: enable network-related syscalls if non-zero
+ *
+ * Syscall selection order:
+ *   1. ALLOWED_SYSCALLS environment variable
+ *   2. Built-in default allowlist
+ *   3. Optional network syscall extension
+ *
+ * Returns:
+ *   (allowed_syscalls, allowed_not_kill_syscalls)
+ *     allowed_syscalls: syscalls fully allowed
+ *     allowed_not_kill_syscalls: syscalls returning EPERM
+ */
+pub fn get_allowed_syscalls(enable_network: bool) -> (Vec<i32>, Vec<i32>) {
+    let mut allowed_syscalls = Vec::new();
+    let mut allowed_not_kill_syscalls = Vec::new();
+
+    /* Syscalls that return error instead of killing */
+    allowed_not_kill_syscalls.extend(ALLOW_ERROR_SYSCALLS);
+
+    /* Load from environment variable ALLOWED_SYSCALLS */
+    if let Ok(env_val) = env::var("ALLOWED_SYSCALLS") {
+        if !env_val.is_empty() {
+            for s in env_val.split(',') {
+                if let Ok(sc) = i32::from_str(s) {
+                    allowed_syscalls.push(sc);
+                }
+            }
+        }
+    }
+
+    /* Fallback to default syscalls if env not set */
+    if allowed_syscalls.is_empty() {
+        allowed_syscalls.extend(ALLOW_SYSCALLS);
+        if enable_network {
+            allowed_syscalls.extend(ALLOW_NETWORK_SYSCALLS);
+        }
+    }
+
+    (allowed_syscalls, allowed_not_kill_syscalls)
+}
+
+/*
+ * setup_root - setup restricted filesystem root
+ *
+ * Perform chroot(".") and change working directory to "/".
+ *
+ * Return:
+ *   0 on success
+ *   negative error code on failure
+ */
+fn setup_root() -> Result<(), c_int> {
+    let root = CString::new(".").unwrap();
+    if unsafe { chroot(root.as_ptr()) } != 0 {
+        return Err(-1);
+    }
+
+    let root_dir = CString::new("/").unwrap();
+    if unsafe { chdir(root_dir.as_ptr()) } != 0 {
+        return Err(-2);
+    }
+
+    Ok(())
+}
+
+/*
+ * set_no_new_privs - enable PR_SET_NO_NEW_PRIVS
+ *
+ * Prevent privilege escalation via execve.
+ *
+ * Return:
+ *   0 on success
+ *   negative error code on failure
+ */
+fn set_no_new_privs() -> Result<(), c_int> {
+    if unsafe { libc::prctl(libc::PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) } != 0 {
+        return Err(-3);
+    }
+    Ok(())
+}
+
+/*
+ * drop_privileges - drop process privileges
+ * @uid: target user ID
+ * @gid: target group ID
+ *
+ * Permanently reduce process privileges.
+ *
+ * Return:
+ *   0 on success
+ *   negative error code on failure
+ */
+fn drop_privileges(uid: uid_t, gid: gid_t) -> Result<(), c_int> {
+    if unsafe { libc::setgid(gid) } != 0 {
+        return Err(-4);
+    }
+    if unsafe { libc::setuid(uid) } != 0 {
+        return Err(-5);
+    }
+    Ok(())
+}
+
+/*
+ * install_seccomp - install seccomp filter
+ * @enable_network: enable network-related syscalls if non-zero
+ *
+ * Default action is SCMP_ACT_KILL_PROCESS.
+ * Allowed syscalls are explicitly whitelisted.
+ *
+ * Return:
+ *   0 on success
+ *   negative error code on failure
+ */
+fn install_seccomp(enable_network: bool) -> Result<(), c_int> {
+    unsafe {
+        let ctx = seccomp_init(SCMP_ACT_KILL_PROCESS);
+        if ctx.is_null() {
+            return Err(-6); /* failed to init seccomp context */
+        }
+
+        let (allowed_syscalls, allowed_not_kill_syscalls) = get_allowed_syscalls(enable_network);
+
+        /* add fully allowed syscalls */
+        for &sc in &allowed_syscalls {
+            if seccomp_rule_add(ctx, SCMP_ACT_ALLOW, sc, 0) != 0 {
+                seccomp_release(ctx);
+                return Err(-7);
+            }
+        }
+
+        /* add syscalls returning EPERM */
+        for &sc in &allowed_not_kill_syscalls {
+            if seccomp_rule_add(ctx, SCMP_ACT_ERRNO(libc::EPERM as u16), sc, 0) != 0 {
+                seccomp_release(ctx);
+                return Err(-8);
+            }
+        }
+
+        if seccomp_load(ctx) != 0 {
+            seccomp_release(ctx);
+            return Err(-9);
+        }
+
+        seccomp_release(ctx);
+        Ok(())
+    }
+}
+
+/*
+ * init_seccomp - initialize seccomp sandbox
+ * @uid: target user ID
+ * @gid: target group ID
+ * @enable_network: enable network syscalls if non-zero
+ *
+ * Initialize the sandbox and apply privilege restrictions
+ * in the following order:
+ *   1. setup_root()
+ *   2. set_no_new_privs()
+ *   3. drop_privileges()
+ *   4. install_seccomp()
+ *
+ * This function must be called before executing any untrusted code.
+ * It is not thread-safe and must be invoked once per process.
+ *
+ * Return:
+ *   0 on success
+ *   negative error code on failure
+ */
+#[unsafe(no_mangle)]
+pub unsafe extern "C" fn init_seccomp(uid: uid_t, gid: gid_t, enable_network: i32) -> c_int {
+    if let Err(code) = setup_root() {
+        return code;
+    }
+    if let Err(code) = set_no_new_privs() {
+        return code;
+    }
+    if let Err(code) = drop_privileges(uid, gid) {
+        return code;
+    }
+    match install_seccomp(enable_network != 0) {
+        Ok(_) => 0,
+        Err(code) => code,
+    }
+}
+
+#[unsafe(no_mangle)]
+pub unsafe extern "C" fn get_lib_version_static() -> *const c_char {
+    concat!(env!("CARGO_PKG_VERSION"), "\0").as_ptr() as *const c_char
+}
+
+#[unsafe(no_mangle)]
+pub unsafe extern "C" fn get_lib_feature_static() -> *const c_char {
+    #[cfg(feature = "python3")]
+    let s = b"python3\0";
+    #[cfg(feature = "nodejs")]
+    let s = b"nodejs\0";
+    #[cfg(not(any(feature = "python3", feature = "nodejs")))]
+    let s = b"none\0";
+
+    s.as_ptr() as *const c_char
+}

sandbox/lib/seccomp_redbear/src/nodejs_syscalls.rs

@@ -0,0 +1,74 @@
+// src/nodejs_syscalls.rs
+
+pub static ALLOW_SYSCALLS: &[i32] = &[
+    // File IO
+    libc::SYS_open as i32,
+    libc::SYS_write as i32,
+    libc::SYS_close as i32,
+    libc::SYS_read as i32,
+    libc::SYS_openat as i32,
+    libc::SYS_newfstatat as i32,
+    libc::SYS_ioctl as i32,
+    libc::SYS_lseek as i32,
+    libc::SYS_fstat as i32,
+    libc::SYS_readlink as i32,
+    libc::SYS_dup3 as i32,
+    libc::SYS_fcntl as i32,
+    libc::SYS_fsync as i32,
+    // Memory
+    libc::SYS_mprotect as i32,
+    libc::SYS_mmap as i32,
+    libc::SYS_munmap as i32,
+    libc::SYS_mremap as i32,
+    libc::SYS_brk as i32,
+    libc::SYS_madvise as i32,
+    // Signal
+    libc::SYS_rt_sigaction as i32,
+    libc::SYS_rt_sigprocmask as i32,
+    libc::SYS_sigaltstack as i32,
+    libc::SYS_rt_sigreturn as i32,
+    libc::SYS_tgkill as i32,
+    // Thread
+    libc::SYS_futex as i32,
+    libc::SYS_sched_yield as i32,
+    libc::SYS_set_robust_list as i32,
+    libc::SYS_rseq as i32,
+    // User / Group
+    libc::SYS_getuid as i32,
+    // Process
+    libc::SYS_getpid as i32,
+    libc::SYS_gettid as i32,
+    libc::SYS_exit as i32,
+    libc::SYS_exit_group as i32,
+    libc::SYS_sched_getaffinity as i32,
+    // Time
+    libc::SYS_clock_gettime as i32,
+    libc::SYS_gettimeofday as i32,
+    libc::SYS_nanosleep as i32,
+    libc::SYS_time as i32,
+    // Epoll / Event (I/O multiplexing)
+    libc::SYS_epoll_ctl as i32,
+    libc::SYS_epoll_pwait as i32,
+];
+
+pub static ALLOW_ERROR_SYSCALLS: &[i32] = &[libc::SYS_clone as i32, libc::SYS_clone3 as i32];
+
+pub static ALLOW_NETWORK_SYSCALLS: &[i32] = &[
+    libc::SYS_socket as i32,
+    libc::SYS_connect as i32,
+    libc::SYS_bind as i32,
+    libc::SYS_listen as i32,
+    libc::SYS_accept as i32,
+    libc::SYS_sendto as i32,
+    libc::SYS_recvfrom as i32,
+    libc::SYS_getsockname as i32,
+    libc::SYS_recvmsg as i32,
+    libc::SYS_getpeername as i32,
+    libc::SYS_setsockopt as i32,
+    libc::SYS_ppoll as i32,
+    libc::SYS_uname as i32,
+    libc::SYS_sendmsg as i32,
+    libc::SYS_getsockopt as i32,
+    libc::SYS_fcntl as i32,
+    libc::SYS_fstatfs as i32,
+];

sandbox/lib/seccomp_redbear/src/python_syscalls.rs

@@ -0,0 +1,81 @@
+// src/python_syscalls.rs
+
+pub static ALLOW_SYSCALLS: &[i32] = &[
+    // File IO
+    libc::SYS_read as i32,
+    libc::SYS_write as i32,
+    libc::SYS_openat as i32,
+    libc::SYS_close as i32,
+    libc::SYS_newfstatat as i32,
+    libc::SYS_ioctl as i32,
+    libc::SYS_lseek as i32,
+    libc::SYS_getdents64 as i32,
+    libc::SYS_fstat as i32,
+    // Signal
+    libc::SYS_rt_sigreturn as i32,
+    libc::SYS_rt_sigaction as i32,
+    libc::SYS_rt_sigprocmask as i32,
+    libc::SYS_sigaltstack as i32,
+    libc::SYS_tgkill as i32,
+    // Thread
+    libc::SYS_futex as i32,
+    // Memory
+    libc::SYS_mmap as i32,
+    libc::SYS_brk as i32,
+    libc::SYS_mprotect as i32,
+    libc::SYS_munmap as i32,
+    libc::SYS_mremap as i32,
+    // User / Group
+    libc::SYS_getuid as i32,
+    // Process
+    libc::SYS_getpid as i32,
+    libc::SYS_getppid as i32,
+    libc::SYS_gettid as i32,
+    libc::SYS_exit as i32,
+    libc::SYS_exit_group as i32,
+    libc::SYS_sched_yield as i32,
+    libc::SYS_set_robust_list as i32,
+    libc::SYS_get_robust_list as i32,
+    libc::SYS_rseq as i32,
+    // Time
+    libc::SYS_clock_gettime as i32,
+    libc::SYS_gettimeofday as i32,
+    libc::SYS_time as i32,
+    libc::SYS_nanosleep as i32,
+    libc::SYS_clock_nanosleep as i32,
+    // Epoll / Event (I/O multiplexing)
+    libc::SYS_epoll_create1 as i32,
+    libc::SYS_epoll_ctl as i32,
+    libc::SYS_pselect6 as i32,
+    // Randomness
+    libc::SYS_getrandom as i32,
+];
+
+pub static ALLOW_ERROR_SYSCALLS: &[i32] = &[
+    libc::SYS_clone as i32,
+    libc::SYS_mkdirat as i32,
+    libc::SYS_mkdir as i32,
+];
+
+pub static ALLOW_NETWORK_SYSCALLS: &[i32] = &[
+    libc::SYS_socket as i32,
+    libc::SYS_connect as i32,
+    libc::SYS_bind as i32,
+    libc::SYS_listen as i32,
+    libc::SYS_accept as i32,
+    libc::SYS_sendto as i32,
+    libc::SYS_recvfrom as i32,
+    libc::SYS_getsockname as i32,
+    libc::SYS_recvmsg as i32,
+    libc::SYS_getpeername as i32,
+    libc::SYS_setsockopt as i32,
+    libc::SYS_ppoll as i32,
+    libc::SYS_uname as i32,
+    libc::SYS_sendmsg as i32,
+    libc::SYS_sendmmsg as i32,
+    libc::SYS_getsockopt as i32,
+    libc::SYS_fcntl as i32,
+    libc::SYS_fstatfs as i32,
+    libc::SYS_poll as i32,
+    libc::SYS_epoll_pwait as i32,
+];