chore: integrate current open pull requests#8310
Conversation
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523 # Conflicts: # astrbot/core/computer/tools/shell.py
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523 # Conflicts: # runtime_bootstrap.py
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523
…l-open-prs-master-20260523 # Conflicts: # astrbot/core/agent/runners/tool_loop_agent_runner.py # astrbot/core/exceptions.py
…l-open-prs-master-20260523 # Conflicts: # astrbot/core/cron/events.py
…l-open-prs-master-20260523 # Conflicts: # dashboard/src/views/CronJobPage.vue
…l-open-prs-master-20260523 # Conflicts: # astrbot/core/provider/sources/openai_source.py
# Conflicts: # astrbot/builtin_stars/astrbot/main.py
…l-open-prs-master-20260523 # Conflicts: # astrbot/core/agent/mcp_client.py # astrbot/core/astr_main_agent_resources.py # astrbot/core/config/default.py # astrbot/core/pipeline/process_stage/method/agent_sub_stages/internal.py # astrbot/core/provider/func_tool_manager.py # astrbot/core/provider/sources/anthropic_source.py # astrbot/core/provider/sources/gsvi_tts_source.py # astrbot/dashboard/routes/chat.py # astrbot/dashboard/routes/open_api.py # dashboard/src/components/chat/StandaloneChat.vue # dashboard/src/composables/useMessages.ts # dashboard/src/stores/auth.ts # dashboard/src/views/dashboards/default/DefaultDashboard.vue # dashboard/src/views/dashboards/default/components/MemoryUsage.vue # dashboard/src/views/dashboards/default/components/MessageStat.vue # dashboard/src/views/dashboards/default/components/OnlinePlatform.vue # dashboard/src/views/dashboards/default/components/OnlineTime.vue # dashboard/src/views/dashboards/default/components/RunningTime.vue # docs/en/use/mcp.md # docs/zh/use/mcp.md
…l-open-prs-master-20260523 # Conflicts: # astrbot/core/agent/mcp_client.py
…l-open-prs-master-20260523 # Conflicts: # astrbot/core/astr_main_agent.py
…l-open-prs-master-20260523 # Conflicts: # astrbot/core/provider/sources/openai_source.py
…l-open-prs-master-20260523 # Conflicts: # astrbot/dashboard/routes/config.py # dashboard/src/components/chat/LiveMode.vue # dashboard/src/i18n/locales/en-US/features/config.json # dashboard/src/i18n/locales/zh-CN/features/config.json # docs/en/platform/aiocqhttp/napcat.md # docs/scripts/upload_doc_images_to_r2.py # docs/zh/platform/aiocqhttp/napcat.md
…l-open-prs-master-20260523 # Conflicts: # astrbot/core/astr_main_agent.py # tests/unit/test_astr_main_agent.py
dosubot
Bot
added
the
size:XL
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| messageId, | ||
| parts, | ||
| }: CreateLocalExchangeOptions) { | ||
| function createLocalExchange({ sessionId, messageId, parts }: CreateLocalExchangeOptions) { |
| logObject.uuid = "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, (c) => { | ||
| const r = (Math.random() * 16) | 0, | ||
| v = c === "x" ? r : (r & 0x3) | 0x8; | ||
| return v.toString(16); | ||
| }); |
| } | ||
|
|
||
| // 设置最终值 | ||
| current[keys[keys.length - 1]] = value | ||
| if (current && typeof current === "object") { | ||
| (current as Record<string, unknown>)[keys[keys.length - 1]] = value; |
| if (source[key] && typeof source[key] === 'object' && !Array.isArray(source[key])) { | ||
| if (!(key in target) || typeof target[key] !== 'object') { | ||
| if (source[key] && typeof source[key] === "object" && !Array.isArray(source[key])) { | ||
| if (!(key in target) || typeof target[key] !== "object") { |
|
|
||
|
|
||
| def get_github_api_auth_header(url: str): | ||
| if not url.startswith("https://api.github.com"): |
| c in "0123456789abcdefABCDEF" for c in stored_hash | ||
| ): | ||
| candidate_sha256 = hashlib.sha256( | ||
| candidate_password.encode("utf-8"), |
| ) | ||
| payload = f"{encode_data}{noise}{expiry_date}{apikey}" | ||
| signature = hmac.new( | ||
| apikey.encode("utf-8"), payload.encode("utf-8"), hashlib.sha256 |
|
|
||
| payload = f"{data}{noise}{expiry_date}{apikey}" | ||
| computed = hmac.new( | ||
| apikey.encode("utf-8"), payload.encode("utf-8"), hashlib.sha256 |
| logger.debug(f"请求 URL: {self.api_base}") | ||
| logger.debug(f"请求体: {json.dumps(payload, ensure_ascii=False)[:100]}...") | ||
| logger.debug( | ||
| f"请求体: {json.dumps(loggable_payload, ensure_ascii=False)[:100]}...", |
| conv.conversation_id, | ||
| conv.user_id, | ||
| before_tokens, | ||
| after_tokens, |
| conv.conversation_id, | ||
| conv.user_id, | ||
| before_tokens, | ||
| after_tokens, |
| "LLM request has high estimated input tokens. provider=%s, model=%s, estimated_input_tokens=%s", | ||
| self.provider.provider_config.get("id", ""), | ||
| self.provider.get_model(), | ||
| estimated_input_tokens, |
| "LLM request preflight. provider=%s, model=%s, estimated_input_tokens=%s, image_count=%s", | ||
| self.provider.provider_config.get("id", ""), | ||
| self.provider.get_model(), | ||
| estimated_input_tokens, |
| if token_count_before is None: | ||
| token_count_before = ( | ||
| prev_tokens |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a comprehensive AstrBot SDK, featuring a CLI for plugin management, various capability clients (LLM, Database, HTTP, Memory), and a standardized protocol for cross-process communication. It also significantly updates project documentation, Docker configurations, and development workflows. Feedback focuses on critical operational issues: removing an automatic git pull from .envrc to prevent unexpected repository state changes, correcting a Python version inconsistency in the main Dockerfile, and addressing potential SQLite parameter limits in the memory backend. Additionally, improvements are suggested for preserving file permissions during plugin builds and enforcing route validation in the HTTP client to prevent endpoint conflicts.
| git pull | ||
| git status |
There was a problem hiding this comment.
Automatically running git pull in an .envrc file is highly discouraged. .envrc is typically executed by tools like direnv whenever a user enters the directory or opens a subshell. Performing network operations and potentially changing the repository state (including merge conflicts) without explicit user intent can lead to a poor developer experience and unexpected side effects.
git status
| && uv export --format requirements.txt --output-file requirements.txt --frozen \ | ||
| && uv pip install -r requirements.txt --no-cache-dir --system \ | ||
| && uv pip install socksio uv pilk --no-cache-dir --system | ||
| && echo "3.11" > .python-version |
There was a problem hiding this comment.
There is a version inconsistency here. The rest of the project (including .python-version, AGENTS.md, and the newly added Dockerfile.cn and Dockerfile.minimal) specifies Python 3.12. Downgrading to 3.11 in this Dockerfile might lead to runtime issues if features specific to 3.12 are used.
&& echo "3.12" > .python-version
| if not affected_rows: | ||
| return 0 | ||
|
|
||
| pair_placeholders = ", ".join("(?, ?)" for _ in affected_rows) |
There was a problem hiding this comment.
This query uses a large number of placeholders in an IN clause. SQLite has a default limit for the number of host parameters (SQLITE_MAX_VARIABLE_NUMBER), which is typically 999. Since each row in affected_rows contributes 2 parameters, this operation will fail if more than 499 rows are being deleted. Consider chunking the deletion into smaller batches.
| archive_name = f"{_sanitize_build_part(plugin.name)}-{version}.zip" | ||
| archive_path = build_dir / archive_name | ||
|
|
||
| with zipfile.ZipFile( |
There was a problem hiding this comment.
The zipfile module does not preserve file permissions (such as the executable bit) by default when creating an archive. This can cause issues for plugins that include scripts or binaries intended to be executed. To preserve permissions, you should manually set the external_attr on ZipInfo objects.
| ) -> None: | ||
| """注册 Web API 端点。 | ||
|
|
||
| Args: |
There was a problem hiding this comment.
The register_api method does not validate that the route parameter follows the documented constraint of starting with /{plugin_id}. Without this validation in the SDK (or enforcement in the Core), plugins could potentially register routes that conflict with other plugins or system endpoints.
|
合影 |
|
Closing per maintainer request; validation will continue locally only. |
8 participants
Summary
xxlin title/head/author.vue-json-prettyrequired bySpanDetail.vueduring Vite dev dependency scanning.Verification
open_total=244,skipped_xxl=0,merged_ancestor=244,unmerged=0.origin/masteris an ancestor of this branch.git diff --name-only --diff-filter=Uempty;git diff --checkpassed.uv run ruff format --check .,uv run ruff check ., anduv run pytest tests/test_code_quality_typing.py -vpassed.uv run pytest ./tests -q --tb=short -xpassed with4256 passed, 30 skipped, 25 xfailed, 8 xpassed.npx pnpm@10.28.2 -C dashboard install --frozen-lockfile,lint:check,build, and post-buildlint:checkpassed.GET /returned HTTP 200 with HTML length 450702; dashboard Vite devGET /returned HTTP 200 with HTML length 1120.Notes