feat: valkey support#3
Open
MatthiasHowellYopp wants to merge 545 commits into
Open
Conversation
MatthiasHowellYopp
force-pushed
the
feature/mh/valkey-component
branch
from
00cc552 to
02f9e2f
Compare
daric93
reviewed
Apr 2, 2026
daric93
reviewed
Apr 2, 2026
MatthiasHowellYopp
force-pushed
the
feature/mh/valkey-component
branch
12 times, most recently
from
25688aa to
077d486
Compare
| metal = ["metal_sdk==2.5.1"] | ||
| markup = ["MarkupSafe==3.0.2"] | ||
| aws = ["boto3>=1.34.162,<2.0.0", "langchain-aws~=1.1.0"] | ||
| aws = ["boto3>=1.34.162,<2.0.0", "langchain-aws>=1.4.0,<2.0.0"] |
There was a problem hiding this comment.
This changed from ~=1.1.0 to >=1.4.0,<2.0.0 — a major version jump that affects everyone using langflow-base[aws], not just Valkey users. Is this bump required for non-Valkey AWS functionality, or could the Valkey extra pull in its own version constraint independently?
MatthiasHowellYopp
force-pushed
the
feature/mh/valkey-component
branch
11 times, most recently
from
5cc9537 to
9fbf4cf
Compare
…ai#13514) DB2VectorStoreComponent.search_documents() returned early when no search query was provided, before calling build_vector_store() — which is what ingests ingest_data. As a result, ingestion only ran when a search query was also supplied. Build (and ingest into) the vector store first, then skip only the search when no query is present, matching LCVectorStoreComponent. Adds a regression test asserting ingestion runs with no query.
* feat(lfx): synchronize LFX onto Langflow major.minor version line (Phase 1) - Bump src/lfx/pyproject.toml from 0.5.0 to 1.10.0 - Tighten langflow-base lfx pin: ~=0.5.0 → ~=1.10.0 - Fix release.yml pre-release boundary from next-major to next-minor (<X.(Y+1).dev0) - Add minor-parity soft check to scripts/release-lfx.sh - Extend make patch to sync lfx version alongside langflow/base/frontend - Document LFX compatibility contract in RELEASE.md Contract: LFX X.Y.N is compatible with any Flow from Langflow X.Y.M. * feat(lfx/upgrade): add compatibility checker (Phase 2) * fix(lfx/upgrade): fix registry_code guard and types order-sensitivity in checker * feat(lfx/upgrade): implement safe-upgrade applier (Phase 2) * feat(lfx): add lfx upgrade command (Phase 2) * feat(lfx/run): add --upgrade-flow option (Phase 2) * feat(lfx/serve): add --upgrade-flow option (Phase 2) * update lfx pyproject version * [autofix.ci] apply automated fixes * test(lfx/upgrade): add v1.9.0 starter flow fixtures for upgrade integration tests * test(lfx/upgrade): add v1.9.0 starter flow fixtures and real-flow integration tests * [autofix.ci] apply automated fixes * fix(lfx/upgrade): use alias-aware registry lookup so renamed components are not falsely blocked * fix(lfx/upgrade): handle outer flow envelope and file-path inputs in upgrade checks * fix(lfx/upgrade): fail-fast on upgrade_flow errors; add regression tests for Bugs 1-3 * chore(tests): remove bug-number labels from test comments * [autofix.ci] apply automated fixes * fix(lfx/upgrade): address PR review comments - Reject .py files early in serve --upgrade-flow with a clear error message - Preserve outer flow envelope metadata (name, description, etc.) when lfx upgrade --write rewrites a file - Move Mapping import under TYPE_CHECKING to satisfy Ruff TC003 - Assert fixture flows and registry are non-empty so parametrized tests cannot pass vacuously - Remove unused capsys arg and replace print with sys.stderr.write (Ruff T201/ARG001) - Add upgrade_flow param to run command docstring * fix(lfx/upgrade): preserve envelope on run, apply nested upgrades (langflow-ai#13200) * fix(lfx/upgrade): preserve envelope on run, apply nested upgrades Three follow-ups on top of the upgrade tooling: - run --upgrade-flow: re-attach the inner graph to the outer envelope before handing the flow to aload_flow_from_json. Previously the upgrade path unwrapped {"data": ...} and passed the inner dict to the loader, which raised KeyError: 'data'. Adds happy-path tests for envelope and flat file inputs. - applier: recurse into one level of nested flow nodes (node.data.node.flow.data.nodes), matching the checker. Without this, outdated_safe nodes inside grouped components were reported but never written. Adds a regression test. - upgrade --write test: assert the envelope is preserved (name, description, endpoint_name, etc.) instead of the previous unwrapped-output expectation, so the test matches the actual fix in this PR. - Drive-by ruff cleanup: D417 docstring, SIM103, SIM108, E501, RUF059. * [autofix.ci] apply automated fixes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix(lfx/upgrade): fix loader KeyError, outer-envelope checker gap, and nested-node applier Three bugs from ogabrielluiz's PR review: 1. run/base.py loader KeyError: file-path branch unwrapped the outer envelope for the checker but passed the inner dict to aload_flow_from_json, which does flow_graph["data"] unconditionally. Re-wrap as {"data": flow_dict} before the loader call. Applied consistently to all three input paths (--flow-json, --stdin, file-path). 2. run/base.py zero-node checker for --flow-json/--stdin: those paths stored the raw parsed JSON without unwrapping, so a caller passing an exported flow {"name":..., "data":{...}} caused the checker to see zero nodes and silently pass. Now unwrap with raw.get("data", raw) matching the file-path branch. 3. applier.py nested flows never upgraded: the early `continue` on top-level nodes not in safe_ids prevented the nested-node loop from running. Restructured so the nested check fires unconditionally for every top-level node, mirroring checker.py:160-165. * fix(lfx/run): unify outer-envelope unwrap across all --upgrade-flow input paths File-path reads now call raw.get("data", raw) matching --flow-json and --stdin, so the upgrade checker always sees the inner graph. This also removes the has_envelope/re-wrap machinery that was double-wrapping outer-envelope files when passing to aload_flow_from_json. Fix two test assertions that described the old double-wrapped shape. * fix(lfx/upgrade): inject registry into upgrade_command; fix Makefile lfx pin regex - upgrade_command now accepts an optional registry parameter so tests can pass the dict directly instead of mocking load_registry_from_index - Makefile sed regex broadened from \"lfx~=.*\" to match both ~= and >= forms so make patch works after release.yml rewrites the pin - Echo label changed to LFX (synced) to clarify the variable is the shared Langflow version, not a separate LFX-specific value * fix(make/patch): fix langflow-base sed regex and validation grep The dependency in pyproject.toml is "langflow-base[complete]>=X.Y.Z", not the "langflow-base==X" form the original regex expected, so make patch silently left the pin unchanged and the validation step always failed. The sed pattern now matches any extras/operator combination and rewrites to the canonical [complete]>= form; the grep uses -F so the [complete] brackets are treated literally. * test(lfx): add patch regex tests and symmetric safe-mode envelope tests test_patch_regexes.py — 15 tests covering the Python regexes embedded in the Makefile patch target. Exercises all three substitutions (langflow-base pin, lfx pin, version field) against every realistic pin format including the >=X.Y.Z,<dev0 form that release.yml writes. Would have caught the langflow-base==.* vs [complete]>= mismatch before manual testing. test_base.py — two new TestUpgradeFlowOption tests: test_upgrade_flow_safe_envelope_inline_json_loads_successfully test_upgrade_flow_safe_envelope_stdin_loads_successfully Symmetric to the existing file-path envelope test; verifies that --flow-json and --stdin with an outer-envelope flow also pass {"data": inner} to the loader after safe upgrades, not a double-wrapped {"data": outer_envelope}. * fix(lfx/upgrade): address review: compat checker, shared gate, fail-fast registry Checker correctness: - _outputs_are_compatible: drop cosmetic display_name from the breaking check; treat widened output types as safe (flow types must be a subset of registry types), only narrowing breaks downstream edges. - _input_types_contained: stop flagging widened input_types as breaking; keep narrowing as the only breaking case; fix misleading comments. - check_flow_compatibility now recurses fully into nested grouped components (symmetric with the applier) and accepts a pre-built registry lookup. CLI/run/serve: - New lfx.upgrade.cli_gate (UpgradeFlowMode enum, UpgradeFlowError, apply_upgrade_gate) shared by run_flow and serve_command so the two --upgrade-flow paths can't diverge. - run_flow: extract _materialize_flow_dict and route gating through the shared helper. - run/serve --upgrade-flow options typed as UpgradeFlowMode (check|safe choices). - lfx upgrade: load_registry_from_index fails fast when the bundled registry is empty/missing instead of silently marking every node blocked; ASCII-only report output; new --strict flag; build the registry lookup once and reuse it. Docs/tests: - RELEASE.md: migration note for the lfx 0.5.0 -> 1.10.0 version jump. - Regression tests for the checker fixes, the shared gate, fail-fast registry, --strict, and serve --upgrade-flow parity. * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * fix(lfx): consolidate flow-envelope handling and fix version-ceiling regex Extract the outer-envelope unwrap/rewrap logic (previously hand-rolled as raw.get("data", raw) with subtly different rules across serve, run, and upgrade) into a single lfx.utils.flow_envelope module with split/merge helpers. This fixes a serve bug where an enveloped flow had its inner graph written bare to the temp file, making the loader's flow_graph["data"] raise KeyError. Also fix release.yml's major.minor extraction: the greedy sed grabbed the upper bound from a range pin (>=1.10.0,<1.11.dev0), drifting the version ceiling up one minor each release cycle. Anchor to the first version instead. * fix(lfx): upgrade-flow gate reads bundled component index, not empty cache The --upgrade-flow=check|safe gate on lfx run and lfx serve rejected every flow as 'blocked'. Both call sites passed component_cache.all_types_dict to apply_upgrade_gate, but that cache is populated lazily after services start, so at gate time it is empty -- an empty registry classifies every node as blocked. The standalone lfx upgrade command was unaffected because it reads the bundled _assets/component_index.json instead. Make the gate own registry loading: apply_upgrade_gate now defaults all_types_dict to None and loads the bundled index (the same source lfx upgrade uses) via a new _load_bundled_registry helper, raising UpgradeFlowError on a missing/empty index so a broken install fails loudly instead of silently blocking every component. Both call sites pass mode= and let the gate load the registry. Existing gate tests mocked component_cache with a populated registry, which is exactly what hid the bug; repoint them at the new _load_bundled_registry seam and add regression tests that do not mock the registry, including an end-to-end run_flow check against a real clean v1.9.0 starter flow. --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Gabriel Luiz Freitas Almeida <gabriel@logspace.ai>
…nt (langflow-ai#13516) The LFX 0.5.0 -> 1.10.0 realignment (langflow-ai#13176) left every src/bundles/* package and the port_bundle.py generator flooring lfx>=0.5.0. That silently permits resolving against the now-dead 0.5.x line: a bundle built against 1.10.0's BUNDLE_API would ImportError there, and the BUNDLE_API_VERSION check (both "1") would not catch it. RELEASE.md flags exactly this — the jump "affects downstream pins, and neither pip nor uv will flag it." - Bump the 4 bundle pyprojects (arxiv, docling, duckduckgo, ibm) to "lfx>=1.10.0,<2.0.0": floored at the current major.minor line, capped below the next lfx major. Fine-grained API compat stays enforced via extension.json's lfx.compat against BUNDLE_API_VERSION, not the cap. - Add scripts/ci/sync_bundle_lfx_pin.py and call it from `make patch` so future releases keep bundle floors in step. Idempotent: a no-op on patch releases, moves the floor on minor/major bumps. Leaves docling self-refs and the nightly lfx-nightly== form untouched. - port_bundle.py now derives the floor from src/lfx/pyproject.toml, so newly-ported bundles are born at the current line. - Update src/bundles/PORTING.md and add test_bundle_lfx_pin.py (20 tests).
…13509) * fix: prevent X-Forwarded-For bypass of login rate limit * fix: update drift-guard test to include forwarded_allow_ips key --------- Co-authored-by: Janardan S Kavia <janardanskavia@Janardans-MacBook-Pro.local>
…ow-ai#13503) * fix(i18n): translate missing frontend strings found in QA - API Keys page: replace hardcoded "Never" with t("settings.apiKeys.never") - New Flow screen: migrate all WELCOME_* string constants in flow-builder-welcome.tsx to t() calls; remove string constants from flow-builder-welcome.constants.ts (keep WELCOME_MAX_INPUT_LENGTH) - Get Started sidebar card: add useTranslation and replace 5 hardcoded strings (All Set, Get started, Star repo, Join the community, Create a flow) with existing sidebar.* i18n keys - en.json: add settings.apiKeys.never + 10 flowBuilderWelcome.* keys - All non-English locale files (ja, fr, es, de, pt, zh-Hans) updated via GP upload/download * fix(i18n): translate additional QA-identified untranslated strings - Translate canvas assistant banner ("Try the new Langflow Assistant!", "New" pill) - Translate search placeholder flow type name (was showing raw "flows"/"mcp" in mixed-language) - Translate UNNAMED tool badge in ToolsComponent and ToolsTable - Extract all 61 flow default descriptions to i18n keys (flow.defaultDescription.0-60) so new flows get a localized random description instead of always English - Fix backend ja.json: "Vector Store RAG" → "ベクターストア RAG" for consistency with the frontend welcome screen translation - Run GP upload+download to populate fr, ja, es, de, pt, zh-Hans locales * [autofix.ci] apply automated fixes * fix(i18n): fix CI failures — Biome import order and updated test constants - Fix Biome import sort in flow-builder-welcome.tsx (lucide-react after react) - Update flow-builder-welcome test to use inline English strings instead of importing the deleted WELCOME_* constants from flow-builder-welcome.constants * fix(i18n): truncate long checklist labels with tooltip in get-started sidebar Long translations (e.g. Japanese) were wrapping to two lines in the narrow sidebar. Now each label truncates with ellipsis and shows the full text in a tooltip on hover. Icons also get shrink-0 to stay fixed-size. * [autofix.ci] apply automated fixes * fix(i18n): align assistant banner translation with panel title in ja, es, pt GP inconsistently kept "Assistant" in English in the banner string while translating it natively in the panel title. Patched directly: - ja: "Assistant" → "アシスタント" - es: "Assistant" → "Asistente" - pt: "Assistant" → "Assistente" fr, de, zh-Hans were already consistent. --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
* fix: add ssrf protection to url component add ssrf protection to url component * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * [autofix.ci] apply automated fixes (attempt 3/3) * chore: address ruff errors * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * chore: update starter projects and component_index * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * fix: url component sync and async * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * [autofix.ci] apply automated fixes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Eric Hare <ericrhare@gmail.com>
* docs-add-readmes-from-outdated-branch * docs-add-sessionid-value * add-example-from-support * peer-review
…ngflow-ai#13515) * fix: commit slider value before node selection consumes the interaction Sliders inside React Flow nodes (e.g. the URL component's Depth field) lost the value the user set when the node was not yet selected. React Flow selects a node on click and pans/drags it on pointer down, while Radix drives the slider with the same pointer events. The interactive SliderPrimitive.Root had no React Flow isolation, so the first interaction on an unselected node was consumed by node selection: the slider reacted visually but the chosen value reverted or snapped to wherever the pointer landed. Stop pointer/click propagation on the slider root and add React Flow's nodrag/nopan/noflow/nowheel opt-out classes (matching the slider's value-text input). Radix composes the handlers, so value setting is unaffected. Adds a regression test asserting slider pointer-down/click do not bubble to the node wrapper while unrelated children still do. * Update src/frontend/src/components/core/parameterRenderComponent/components/sliderComponent/__tests__/slider-node-selection.test.tsx Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * [autofix.ci] apply automated fixes --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
…ngflow-ai#13441) * fix(canvas): anchor new note bottom-center to cursor on placement * improve notes component * [autofix.ci] apply automated fixes * improve testcases --------- Co-authored-by: Olayinka Adelakun <olayinkaadelakun@Olayinkas-MacBook-Pro.local> Co-authored-by: Olayinka Adelakun <olayinkaadelakun@mac.war.can.ibm.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
…ilds (langflow-ai#13126) * perf(telemetry): batched off-pool writer for transactions + vertex_builds Adds TelemetryWriterService that buffers transaction and vertex_build rows in memory and drains them in batched INSERTs via a dedicated AsyncEngine (pool_size=1 for SQLite, 2 for Postgres, max_overflow=0). Retention is amortized in a 60s sweeper instead of running on every insert. Producers (log_transaction, log_vertex_build) enqueue instead of opening a DB session, so telemetry traffic no longer competes with the request-handling pool. Falls back to the legacy direct-write path via LANGFLOW_TELEMETRY_WRITER_ENABLED=false. Durability: in-flight rows spill to a diskcache.Deque per PID on shutdown and are restored on next startup; orphan PID directories left by crashed workers are adopted. * perf(telemetry): tighten error handling and add coverage Review feedback from pr-review-toolkit + silent-failure-hunter: - Retention sweep snapshots the dirty-flow sets before commit and only clears them after it lands; a crashed sweep no longer drops the flows on the floor, so per-flow caps cannot drift unboundedly. - Producer fall-through is no longer silent. transaction_service and log_vertex_build each log a one-shot WARNING when telemetry_writer_enabled is True but the writer is not running. - Lifespan startup failure now logs ERROR instead of WARNING — if the user opted into the writer and it didn't come up, that's an error. - Shutdown drain timeout no longer suppressed silently: logs a WARNING with pending row count + a hint to raise telemetry_writer_shutdown_drain_s. - Writer's flush loop catches asyncio.CancelledError separately and re-prepends the in-flight batch to the buffer so teardown's disk spill catches it. - After 6 consecutive batch failures the writer emits a loud ERROR with buffer depths so operators see sustained data-loss risk. Added tests: - test_sanitization_survives_writer_round_trip - test_retention_failure_preserves_dirty_flows - test_in_flight_batch_returned_on_cancel * perf(telemetry): address copilot review - _restore_from_disk + _adopt_orphan_outboxes now route through _enqueue so a large disk-spilled or orphan outbox can't bypass telemetry_writer_max_queue and OOM the process. Oldest rows are dropped and counted via the existing dropped_transactions / dropped_vertex_builds counters. - chmod 0o700 the outbox root + per-PID directory so sanitized-but-still- sensitive payloads aren't exposed cross-user on multi-tenant hosts. Suppressed on platforms where chmod is a no-op (Windows). - Added test_adopt_orphan_outboxes_honors_max_queue. The remaining two copilot notes (private API access to DatabaseService and diskcache.Cache.close) were also flagged by the in-tree review; tracking separately. The "diskcache not declared" note is a false positive — the dependency is at src/backend/base/pyproject.toml:76. * perf(telemetry): address coderabbit review - Sweeper hands off dirty sets via capture-and-clear so concurrent flushes during a retention pass aren't wiped by the post-commit subtract; failure path restores the snapshot. - Stress README uses a concrete Postgres DSN matching the docker example instead of an unset env var. - Test PID-probe loops bounded via a shared helper with pytest.fail fallback. * perf(telemetry): swap diskcache outbox for stdlib sqlite (CVE-2025-69872) Replaces the diskcache.Deque-backed spill outbox with a stdlib sqlite3 outbox (WAL mode, JSON payloads in TEXT). diskcache 5.6.3 has CVE-2025-69872 (pickle deserialization RCE for an attacker with write access to the cache dir), no fixed version released, and was never declared as a dependency — import failed on Python 3.10. The replacement is encapsulated in a small _Outbox helper that owns the connection, schema, JSON codec, and lifecycle. The codec uses tagged wrappers for datetime and UUID so SQLAlchemy's typed columns accept restored payloads on the way back out. Hardening informed by a survey of OTel collector, Fluent Bit, Vector, Prometheus remote_write, Datadog agent, Logstash, and Filebeat: - Per-PID outbox dirs now stamp an owner.json (hostname + Linux boot_id or time()-monotonic() proxy). Adoption only proceeds when host+boot match; cross-host or pre-owner-file dirs are logged and skipped so a recycled PID after a container restart cannot pull in a stranger's spill data. - PRAGMA synchronous=FULL on the spill connection so the shutdown commit hits the platter (NORMAL only fsyncs on WAL checkpoint, which may never run if the process exits immediately after commit). - Spill honors telemetry_writer_max_queue with drop-oldest, matching the producer-side overflow policy so a backlogged buffer at shutdown can neither stall teardown nor fill disk. - append_all encodes payloads up front and only clears the deque after the transaction commits — no more partial-drain on mid-flight SQLite failure. drain collapses to a single DELETE FROM outbox after the SELECT. - Exception handlers at the spill/restore/adopt boundaries narrowed to (sqlite3.Error, OSError) so genuinely unexpected exceptions propagate rather than being silently logged. Tests cover: cross-host orphan skipped, missing-owner orphan skipped, spill cap drops oldest, and a realistic UUID+datetime payload surviving spill → restore → SQLAlchemy INSERT. * [autofix.ci] apply automated fixes * fix(telemetry): name wait_for inner tasks so pyleak can filter Integration tests using @pyleak_marker were flagging an inner asyncio task created by the telemetry writer's `wait_for(Event.wait(), ...)` loops. The wrapper task is auto-named (Task-N) and lands mid-await across the test boundary, so pyleak counts it as leaked. The writer itself shuts down cleanly via teardown; the "leak" is a pattern mismatch with pyleak's per-test snapshot model, not a real lifecycle bug. Wrap Event.wait() in an explicitly named task (`telemetry-writer-tick`, `telemetry-writer-backoff`, `telemetry-sweeper-tick`) via a small _wait_or_shutdown helper, and extend pyleak_marker with a task_name_filter that excludes `telemetry-*` from leak detection. CI was green on earlier commits in this branch only because the diskcache import error prevented the writer from starting at all — fixing the import surfaced this latent pyleak collision. * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * test(telemetry): disable writer in tests so reads see writes synchronously * perf(telemetry): age out cross-host orphan outboxes on shared volumes A pod on a shared PV (NFS/RWX) cannot adopt rows from a dead pod on a different host because the dead pod's hostname doesn't match. Without a janitor those directories accumulate forever. Add an owner-file mtime heartbeat from the sweeper plus a prune pass that deletes cross-host outboxes whose owner file hasn't been touched within telemetry_writer_orphan_max_age_s (default 1h). Same-host orphans still flow through the existing adoption path. * perf(telemetry): add byte-aware flush + drop strategy Today the writer bounds memory by row count only, so a worker logging fat vertex_build artifacts can hold tens of MB per row and silently dwarf the configured max_queue. Add a size_strategy switch ('count' | 'bytes' | 'either', default 'count' for parity) with two byte thresholds: - batch_size_bytes (256KB) caps per-flush INSERT size when bytes apply - max_queue_bytes (200MB) drops oldest by bytes when bytes apply Parallel sizes deques mirror the payload buffers so accounting stays consistent across drain, spill, restore, and the cancel/retry rollback. Single rows above the byte budget are still emitted (no row is refused); operators get dropped_*_bytes counters alongside dropped_*. * test(telemetry): tighten byte-strategy assertions and cover end-to-end paths Address gaps in the byte-aware strategy tests: - pin exact dropped counts and remaining buffer state for the drop-by-bytes case (was 'greater than zero') - compute exact drain count from encoded size (was a 1-4 range) - round-trip bytes through spill+restore to verify size deque is rebuilt - round-trip bytes through orphan adoption for the same reason - exercise the sweeper loop end-to-end to confirm heartbeat + prune are wired in (previously only unit-tested in isolation) Clarify in the settings docs that the byte caps measure encoded JSON size, not Python in-memory footprint. * ref: updates to telemetry writer PR (langflow-ai#13294) * fix(telemetry-writer): harden error handling and add missing test coverage Critical: - teardown() now re-raises CancelledError after awaiting the writer task so the asyncio cancellation chain propagates correctly on lifespan task kill - suppress(OSError) on owner file write replaced with explicit error log so operators know when disk-spilled rows will not be recoverable on restart High / important: - Escalation threshold check changed from == to >= so the error log fires on every failure past the threshold, not just the 6th - Dead `except OSError` on time.time() - time.monotonic() changed to `except Exception` since time functions cannot raise OSError - Removed redundant `from uuid import UUID` inside _run_retention_pass (already imported at module top) - Orphan directory cleanup: replaced blanket suppress(OSError) with per-child suppress so ENOTEMPTY on an individual rmdir doesn't abort the whole loop and leave the parent directory leaking silently; outer failure now logs at debug Tests (3 new): - test_retention_sweep_caps_vertex_builds_per_vertex: inserts 8 builds for a single vertex with max_per_vertex=3 so the per-vertex DELETE subquery actually executes (previous test used 8 distinct vertex IDs, bypassing it) - test_either_strategy_trips_on_bytes_first: verifies bytes can be the first trigger under 'either' strategy (previous test only covered the count-first path) - test_writer_retries_on_batch_failure: injects 2 flush failures then success; confirms failed_batches increments, rows are preserved in the buffer, and flushed_rows reflects the final successful write * ci: add stress-tests job to nightly build pipeline Wires the stress-tests workflow into nightly so telemetry write stress tests run automatically. Also gates release-nightly-build and slack-notification on stress-tests result so a stress regression blocks the nightly release and surfaces in Slack. * ci: run stress tests in nightly without blocking release Stress tests are informational for now — a failure is visible in the workflow run and Slack but does not gate the nightly release or build. * fix(telemetry-writer): address PR review on cancelled teardown and nightly stress tests - Add the stress-tests.yml reusable workflow (was untracked, so the nightly stress-tests job could never resolve) - Notify Slack on stress-tests failure (add to slack-notification gate and FAILED_JOB detection as non-blocking) - Run sweeper cancel, disk spill, and engine dispose in a finally so a cancelled teardown() still persists the in-memory buffer - Add tests for the cancelled-teardown spill path and the >= escalation threshold; drop the misleading wait-loop in the retry test --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Jordan Frazier <122494242+jordanrfrazier@users.noreply.github.com>
* docs-add-gunicorn-config * docs-env-vars-gunicorn-configuration * align-links-with-title * fix-links * mismatched-timeout-values * Apply suggestions from code review Co-authored-by: April I. Murphy <36110273+aimurphy@users.noreply.github.com> * peer-review --------- Co-authored-by: April I. Murphy <36110273+aimurphy@users.noreply.github.com>
…dcn tokens (langflow-ai#13520) fix: use shadcn canvas colors for playground code blocks and chat-bg for the container Standardize the playground tool-call surfaces on shadcn theme tokens so they swap correctly between light and dark mode: - Code blocks (SimplifiedCodeTabComponent) use bg-canvas: light grey (#F4F4F5) / dark black (#000) so they stand out as the code surface. - The 'Called tool' container (ContentBlockDisplay) uses bg-background so it matches the chat background in both themes instead of inverting to solid black in dark mode (it was bg-primary-foreground). Previously the container and code blocks were both bg-primary-foreground, which rendered the whole section black in dark mode with no contrast.
* refactor: remove getenvvar component and update locales * test: add test for GetEnvVar component removal and update component index --------- Co-authored-by: Janardan S Kavia <janardanskavia@Janardans-MacBook-Pro.local>
* initial-cherry-pick * docs-move-config-to-logging * update-logging paths-and-clarify-behavior * fix-other-relative-link * peer-review
* add-code-agents-and-file-ingestion-components * docs: add release note for code agents * Apply suggestions from code review Co-authored-by: April I. Murphy <36110273+aimurphy@users.noreply.github.com> --------- Co-authored-by: April I. Murphy <36110273+aimurphy@users.noreply.github.com>
remove aws scripts
…angflow-ai#13504) * fix: serialize DataFrames in tool mode to prevent pandas truncation When Memory Base or Knowledge components are wired as agent tools, the DataFrame result was returned directly without serialization. LangChain would then stringify this for the agent observation using pandas' default repr, which truncates all cells to 50 characters (display.max_colwidth=50), inserting "...". This breaks the F3 agent use case where agents need to reliably recall facts from memory. The agent receives truncated content and cannot see the full text. The fix serializes DataFrames through the existing serialize() function, which converts them to list[dict] format with full, untruncated content. This maintains consistency with how other result types (Message, Data, etc.) are handled in tool mode. - Affects: Memory Base and Knowledge components used as agent tools - Does not affect: Component-to-component wiring or normal (non-tool) execution - Testing: Added tests verifying DataFrames serialize to list[dict] with complete content Improved MB GUI component description * chore: auto-bake note keys and regenerate backend locales/en.json [skip ci] * [autofix.ci] apply automated fixes --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
* build-api * bump-version-to-1.10 * fix-broken-links
* docs-add-existing-changes * fix-combining-of-glyphs * docs-lfx-compatibility * peer-review
…lic flow builds (langflow-ai#13538) * fix(security): block code-execution components on unauthenticated public flow builds (H1-3754930) PythonCodeStructuredTool exec()'d its attacker-controlled `tool_code` field at flow-build time. Because a PUBLIC flow can be built with no authentication via POST /api/v1/build_public_tmp/{flow_id}/flow, that sink was reachable as an unauthenticated server-side RCE — and other components (Python Interpreter/REPL, Smart Transform) execute code on the same path, so removing one component alone would not close the gap. - Harden the public build path: build_public_tmp now rejects flows containing code-execution components via validate_public_flow_no_code_execution(). The check keys on the node `type`, so it holds regardless of the stored component `code`, and is enforced ONLY on the unauthenticated public path — authenticated /build is unchanged. - Neuter PythonCodeStructuredTool to a non-executable compatibility stub: all exec()/eval() sinks removed; build_tool returns a tool that raises a deprecation error. The component stays registered with identical display_name/inputs so saved flows still load and locale keys don't change. It will be fully removed in a future release. component_index.json (code_hash) is regenerated by autofix.ci. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * [autofix.ci] apply automated fixes * fix: validate_public_flow_no_code_execution --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
… floor for RC builds (langflow-ai#13542) * fix(bundles): bump lfx-* bundles to 0.1.1 to republish with corrected lfx pin The published 0.1.0 artifacts on PyPI carry stale lfx pins from before the lfx 0.5.0->1.10.0 version realignment: - lfx-arxiv, lfx-duckduckgo: lfx>=0.5.0,<0.6.0 (hard-broken; the <0.6.0 cap can never resolve lfx 1.10.0) - lfx-docling, lfx-ibm: lfx>=0.5.0 (uncapped floor/cap mismatch) The source pin was already corrected to lfx>=1.10.0,<2.0.0 in langflow-ai#13516, but the bundles were never re-published. PyPI versions are immutable, so shipping the fix requires a version bump. Bump all four to 0.1.1 so the Release Bundles workflow cuts fresh wheels carrying the correct pin. Root pyproject keeps its >=0.1.0 floors (satisfied by 0.1.1); only the bundle dist versions and their uv.lock stamps change. * fix(release): relax bundle lfx floor for pre-release builds + idempotent bundle publish The RC pre-release run builds lfx as 1.10.0rc0, but bundles floor lfx at >=1.10.0. Under PEP 440 a pre-release sorts below the final, so 1.10.0rc0 fails >=1.10.0 and the cross-platform install test cannot resolve the bundle wheels against the RC lfx wheel. build-base/build-main/build-lfx already rewrite their inter-package deps to the pre-release version when pre_release=true; build-bundles was the only release artifact missing that step. Add it: when pre_release=true, rewrite each bundle's lfx floor to the exact pre-release version, keeping the wide <2.0.0 BUNDLE_API cap. Stable source stays at >=1.10.0 -- only RC wheels are relaxed, at build time, so no source churn or re-tag. Also make publish-bundles tolerate 'already exists' duplicate wheels on rerun, matching release_bundles.yml.
…gflow-ai#13547) When ci.yml is called from release.yml (inputs.release == true), a Biome failure was blocking all downstream publish and docker jobs via needs.ci.result == 'success'. Biome was already excluded from the ci_success gate for PR merges, but the reusable CI workflow itself could still fail when the lint job errored. Add continue-on-error: ${{ inputs.release == true }} to lint-frontend so Biome failures are informational-only during release runs, while remaining visible (and blocking ci_success) on regular PRs.
…lls (langflow-ai#13547)" This reverts commit a1adb1a.
…rect implementation using allow-failure input) - Revert invalid continue-on-error syntax on reusable workflow uses: job - Add allow-failure input to ci.yml lint-frontend call - Define allow-failure input parameter in lint-js.yml workflow_call - Implement conditional exit-code swallow in lint-js.yml when allow-failure=true - When release=true, Biome errors are non-blocking for release pipeline - When release=false/unset, Biome failures block PR merge (existing ci_success gate)
* docs-lf-assistant-dot-selector * docs-add-lfx-matrix-to-1.10-version
…ent (langflow-ai#13560) * fix(security): remove the disabled Python Code Structured tool component Follow-up to langflow-ai#13538, which neutered PythonCodeStructuredTool to a non-executable stub "for one release cycle, full removal later." This completes that removal. - Delete the component and its registration in lfx.components.tools. - Drop its entry from the component index (num_components 355 -> 354, sha256 recomputed surgically) and from stable_hash_history.json. - Remove its 18 i18n keys from every locale file. - Replace the dedicated stub unit test with a removal test in test_dynamic_import_integration.py. - Add a regressions entry to regressions/1.10.x.yaml. The unauthenticated public-build RCE fix (report H1-3754930) is unaffected: PythonCodeStructuredTool stays in CODE_EXECUTION_COMPONENT_TYPES, so build_public_tmp still rejects any saved or crafted flow that carries the type. instantiate_class execs the node's stored `code` field regardless of whether the class still exists, so the type-name block -- not the class -- is what closes the path. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * docs: document removal * docs: typo * Apply suggestion from @mendonk Co-authored-by: Mendon Kissling <59585235+mendonk@users.noreply.github.com> --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Co-authored-by: Mendon Kissling <59585235+mendonk@users.noreply.github.com>
…rk end to end (langflow-ai#13454) The reference stack README pointed LANGFLOW_LOG_FILE and LANGFLOW_LOG_DIR at different directories, so following it produced an empty Grafana dashboard: Langflow wrote to one path while Promtail scraped another. It also documented a stdout-scrape alternative the shipped Promtail config does not implement. Make the two paths consistent, require an absolute log path, correct the stdout note, and add a no-Langflow smoke test that writes a sample record and confirms it reaches Loki.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Created Valkey component for vector storage and chat message storage