Open
Conversation
…low-ai#11968) (langflow-ai#11975) * feat: add runtime port validation for Kubernetes service discovery * test: add unit tests for runtime port validation in Settings * fix: improve runtime port validation to handle exceptions and edge cases Co-authored-by: Gabriel Luiz Freitas Almeida <gabriel@logspace.ai>
* feat: add documentation link to Guardrails component * [autofix.ci] apply automated fixes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
* feat: traces v0 v0 for traces includes: - filters: status, token usage range and datatime - accordian rows per trace Could add: - more filter options. Ecamples: session_id, trace_id and latency range * fix: token range * feat: create sidebar buttons for logs and trace add sidebar buttons for logs and trace remove lods canvas control * fix: fix duplicate trace ID insertion hopefully fix duplicate trace ID insertion on windows * fix: update tests and alembic tables for uts update tests and alembic tables for uts * chore: add session_id * chore: allo grouping by session_id and flow_id * chore: update race input output * chore: change run name to flow_name - flow_id was flow_name - trace_id now flow_name - flow_id * facelift * clean up and add testcases * clean up and add testcases * merge Alembic detected multiple heads * [autofix.ci] apply automated fixes * improve testcases * remodel files * chore: address gabriel simple changes address gabriel simple changes in traces.py and native.py * clean up and testcases * chore: address OTel and PG status comments langflow-ai#11689 (comment) langflow-ai#11689 (comment) * chore: OTel span naming convention model name is now set using name = f"{operation} {model_name}" if model_name else operation * add traces * feat: use uv sources for CPU-only PyTorch (langflow-ai#11884) * feat: use uv sources for CPU-only PyTorch Configure [tool.uv.sources] with pytorch-cpu index to avoid ~6GB CUDA dependencies in Docker images. This replaces hardcoded wheel URLs with a cleaner index-based approach. - Add pytorch-cpu index with explicit = true - Add torch/torchvision to [tool.uv.sources] - Add explicit torch/torchvision deps to trigger source override - Regenerate lockfile without nvidia/cuda/triton packages - Add required-environments for multi-platform support * fix: update regex to only replace name in [project] section The previous regex matched all lines starting with `name = "..."`, which incorrectly renamed the UV index `pytorch-cpu` to `langflow-nightly` during nightly builds. This caused `uv lock` to fail with: "Package torch references an undeclared index: pytorch-cpu" The new regex specifically targets the name field within the [project] section only, avoiding unintended replacements in other sections like [[tool.uv.index]]. * style: fix ruff quote style * fix: remove required-environments to fix Python 3.13 macOS x86_64 CI The required-environments setting was causing hard failures when packages like torch didn't have wheels for specific platform/Python combinations. Without this setting, uv resolves optimistically and handles missing wheels gracefully at runtime instead of failing during resolution. --------- * LE-270: Hydration and Console Log error (langflow-ai#11628) * LE-270: add fix hydration issues * LE-270: fix disable field on max token on language model --------- * test: add wait for selector in mcp server tests (langflow-ai#11883) * Add wait for selector in mcp server tests * [autofix.ci] apply automated fixes * Add more awit for selectors * [autofix.ci] apply automated fixes --------- * fix: reduce visual lag in frontend (langflow-ai#11686) * Reduce lag in frontend by batching react events and reducing minimval visual build time * Cleanup * [autofix.ci] apply automated fixes * add tests and improve code read * [autofix.ci] apply automated fixes * Remove debug log --------- * feat: lazy load imports for language model component (langflow-ai#11737) * Lazy load imports for language model component Ensures that only the necessary dependencies are required. For example, if OpenAI provider is used, it will now only import langchain_openai, rather than requiring langchain_anthropic, langchain_ibm, etc. * Add backwards-compat functions * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * Add exception handling * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * comp index * docs: azure default temperature (langflow-ai#11829) * change-azure-openai-default-temperature-to-1.0 * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * [autofix.ci] apply automated fixes (attempt 3/3) * [autofix.ci] apply automated fixes --------- * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * fix unit test? * add no-group dev to docker builds * [autofix.ci] apply automated fixes --------- * feat: generate requirements.txt from dependencies (langflow-ai#11810) * Base script to generate requirements Dymanically picks dependency for LanguageM Comp. Requires separate change to remove eager loading. * Lazy load imports for language model component Ensures that only the necessary dependencies are required. For example, if OpenAI provider is used, it will now only import langchain_openai, rather than requiring langchain_anthropic, langchain_ibm, etc. * Add backwards-compat functions * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * Add exception handling * Add CLI command to create reqs * correctly exclude langchain imports * Add versions to reqs * dynamically resolve provider imports for language model comp * Lazy load imports for reqs, some ruff fixes * Add dynamic resolves for embedding model comp * Add install hints * Add missing provider tests; add warnings in reqs script * Add a few warnings and fix install hint * update comments add logging * Package hints, warnings, comments, tests * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * [autofix.ci] apply automated fixes (attempt 3/3) * Add alias for watsonx * Fix anthropic for basic prompt, azure mapping * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * ruff * [autofix.ci] apply automated fixes * test formatting * ruff * [autofix.ci] apply automated fixes --------- * fix: add handle to file input to be able to receive text (langflow-ai#11825) * changed base file and file components to support muitiple files and files from messages * update component index * update input file component to clear value and show placeholder * updated starter projects * [autofix.ci] apply automated fixes * updated base file, file and video file to share robust file verification method * updated component index * updated templates * fix whitespaces * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * add file upload test for files fed through the handle * [autofix.ci] apply automated fixes * added tests and fixed things pointed out by revies * update component index * fixed test * ruff fixes * Update component_index.json * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * [autofix.ci] apply automated fixes (attempt 3/3) * updated component index * updated component index * removed handle from file input * Added functionality to use multiple files on the File Path, and to allow files on the langflow file system. * [autofix.ci] apply automated fixes * fixed lfx test * build component index --------- * docs: Add AGENTS.md development guide (langflow-ai#11922) * add AGENTS.md rule to project * change to agents-example * remove agents.md * add example description * chore: address cris I1 comment address cris I1 comment * chore: address cris I5 address cris I5 * chore: address cris I6 address cris I6 * chore: address cris R7 address cris R7 * fix testcase * chore: address cris R2 address cris R2 * restructure insight page into sidenav * added header and total run node * restructing branch * chore: address gab otel model changes address gab otel model changes will need no migration tables * chore: update alembic migration tables update alembic migration tables after model changes * add empty state for gropu sessions * remove invalid mock * test: update and add backend tests update and add backend tests * chore: address backend code rabbit comments address backend code rabbit comments * chore: address code rabbit frontend comments address code rabbit frontend comments * chore: test_native_tracer minor fix address c1 test_native_tracer minor fix address c1 * chore: address C2 + C3 address C2 + C3 * chore: address H1-H5 address H1-H5 * test: update test_native_tracer update test_native_tracer * fixes * chore: address M2 address m2 * chore: address M1 address M1 * dry changes, factorization * chore: fix 422 spam and clean comments fix 422 spam and clean comments * chore: address M12 address M12 * chore: address M3 address M3 * chore: address M4 address M4 * chore: address M5 address M5 * chore: clean up for M7, M9, M11 clean up for M7, M9, M11 * chore: address L2,L4,L5,L6 + any test address L2,L4,L5 and L6 + any test * chore: alembic + comment clean up alembic + comment clean up * chore: remove depricated test_traces file remove depricated test_traces file. test have all been moved to test_traces_api.py * fix datetime * chore: fix test_trace_api ge=0 is allowed now fix test_trace_api ge=0 is allowed now * chore: remove unused traces cost flow remove unused traces cost flow * fix traces test * fix traces test * fix traces test * fix traces test * fix traces test * chore: address gabriels otel coment address gabriels otel coment latest --------- Co-authored-by: Olayinka Adelakun <olayinkaadelakun@Olayinkas-MacBook-Pro.local> Co-authored-by: Olayinka Adelakun <olayinkaadelakun@mac.war.can.ibm.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Ram Gopal Srikar Katakam <44802869+RamGopalSrikar@users.noreply.github.com> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: olayinkaadelakun <olayinka.adelakun@ibm.com> Co-authored-by: Jordan Frazier <122494242+jordanrfrazier@users.noreply.github.com> Co-authored-by: cristhianzl <cristhian.lousa@gmail.com> Co-authored-by: Hamza Rashid <74062092+HzaRashid@users.noreply.github.com> Co-authored-by: Mendon Kissling <59585235+mendonk@users.noreply.github.com> Co-authored-by: Lucas Oliveira <62335616+lucaseduoli@users.noreply.github.com> Co-authored-by: Edwin Jose <edwin.jose@datastax.com> Co-authored-by: Himavarsha <40851462+HimavarshaVS@users.noreply.github.com>
langflow-ai#11982) fix(test): Fix superuser timeout test errors by replacing heavy client fixture (langflow-ai#11972) * fix super user timeout test error * fix fixture db test * remove canary test * [autofix.ci] apply automated fixes * flaky test --------- Co-authored-by: Cristhian Zanforlin Lousa <cristhian.lousa@gmail.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
…ics module (langflow-ai#11974) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
…ngflow-ai#12002) * fix: add ondelete=CASCADE to TraceBase.flow_id to match migration The migration file creates the trace table's flow_id foreign key with ondelete="CASCADE", but the model was missing this parameter. This mismatch caused the migration validator to block startup. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: add defensive migration to ensure trace.flow_id has CASCADE Adds a migration that ensures the trace.flow_id foreign key has ondelete=CASCADE. While the original migration already creates it with CASCADE, this provides a safety net for any databases that may have gotten into an inconsistent state. * fix: dynamically find FK constraint name in migration The original migration did not name the FK constraint, so it gets an auto-generated name that varies by database. This fix queries the database to find the actual constraint name before dropping it. --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
…mprove button functionality (langflow-ai#12000) * fix: Update ButtonSendWrapper to handle building state and improve button functionality * fix(frontend): rename stop button title to avoid Playwright selector conflict The "Stop building" title caused getByRole('button', { name: 'Stop' }) to match two elements, breaking Playwright tests in shards 19, 20, 22, 25. Renamed to "Cancel" to avoid the collision with the no-input stop button.
…w-ai#11987) pydantic fail because output is list, instead of a dict Co-authored-by: Olayinka Adelakun <olayinkaadelakun@Olayinkas-MacBook-Pro.local>
* Update guardrails.py Changing the heuristic threshold icons. The field was using the default icons. I added icons related to the security theme. * [autofix.ci] apply automated fixes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Viktor Avelino <64113566+viktoravelino@users.noreply.github.com>
…langflow-ai#12028) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
fix reset button Co-authored-by: Olayinka Adelakun <olayinkaadelakun@Olayinkas-MacBook-Pro.local>
* fix: Handle message inputs when ingesting knowledge * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * [autofix.ci] apply automated fixes (attempt 3/3) * Update test_ingestion.py * [autofix.ci] apply automated fixes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
…on (langflow-ai#11985) * fix(ui): add error handling for invalid JSON uploads via upload button * feat(frontend): added new test for file upload * feat(frontend): added new test for file upload
* fix: LM span is now properly parent of ChatOpenAI Before LM span and ChatOpenAI span where both considered parents so they where being counted twice in token counts and other sumations Now LM span is properly the parent of ChatOpenAI span so they are not accidently counted twice * chore: clean up comments clean up comments * chore: incase -> incase incase -> incase
* fix: LM span is now properly parent of ChatOpenAI Before LM span and ChatOpenAI span where both considered parents so they where being counted twice in token counts and other sumations Now LM span is properly the parent of ChatOpenAI span so they are not accidently counted twice * chore: clean up comments clean up comments * chore: incase -> incase incase -> incase * design fix * fix testcases * fix header * fix testcase --------- Co-authored-by: Adam Aghili <Adam.Aghili@ibm.com> Co-authored-by: Olayinka Adelakun <olayinkaadelakun@Olayinkas-MacBook-Pro.local> Co-authored-by: Olayinka Adelakun <olayinkaadelakun@mac.war.can.ibm.com>
* fix: update layout and variant for file previews in chat messages * fix: update background color to 'bg-muted' in chat header and input wrapper components * refactor(CanvasControls): remove unused inspection panel logic and clean up code * fix: remove 'bg-muted' class from chat header and add 'bg-primary-foreground' to chat sidebar * fix: add Escape key functionality to close sidebar
langflow-ai#12040) fix: playground does not scroll down to the latest user message upon sending (Regression) (langflow-ai#12006) * fixes scroll is on input message * feat: re-engage Safari sticky scroll mode when user sends message Add custom event 'langflow-scroll-to-bottom' to force SafariScrollFix back into sticky mode when user sends a new message. This ensures the chat scrolls to bottom even if user had scrolled up, fixing behavior where Safari's scroll fix would remain disengaged after manual scrolling. Co-authored-by: Deon Sanchez <69873175+deon-sanchez@users.noreply.github.com>
langflow-ai#12039) fix: knowledge Base Table — Row Icon Appears Clipped/Cut for Some Entries (langflow-ai#12009) * removed book and added file. makes more sense * feat: add accent-blue color to design system and update knowledge base file icon - Add accent-blue color variables to light and dark themes in CSS - Register accent-blue in Tailwind config with DEFAULT and foreground variants - Update knowledge base file icon fallback color from hardcoded text-blue-500 to text-accent-blue-foreground Co-authored-by: Deon Sanchez <69873175+deon-sanchez@users.noreply.github.com>
…2038) * fixes to the mcp modal for style * style: convert double quotes to single quotes in baseModal component * style: convert double quotes to single quotes in addMcpServerModal component Co-authored-by: Deon Sanchez <69873175+deon-sanchez@users.noreply.github.com>
* fix: change loop description (langflow-ai#12018) * docs: simplify Loop component description in starter project and component index * [autofix.ci] apply automated fixes * style: format Loop component description to comply with line length limits * fixed component index * [autofix.ci] apply automated fixes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * [autofix.ci] apply automated fixes --------- Co-authored-by: Deon Sanchez <69873175+deon-sanchez@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
…langflow-ai#12036) * feat: add mutual exclusivity between ChatInput and Webhook components * [autofix.ci] apply automated fixes * refactor: address PR feedback - add comprehensive tests and constants * [autofix.ci] apply automated fixes * refactor: address PR feedback - add comprehensive tests and constants * [autofix.ci] apply automated fixes --------- Co-authored-by: Janardan S Kavia <janardanskavia@Janardans-MacBook-Pro.local> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
* Only process dict template fields In json_schema_from_flow, guard access to template field properties by checking isinstance(field_data, dict) before calling .get(). This replaces the previous comparison to the string "Component" and prevents attribute errors when template entries are non-dict values, ensuring only dict-type fields with show=True and not advanced are included in the generated schema. * Check and handle MCP server URL changes When skipping creation of an existing MCP server for a user's starter projects, first compute the expected project URL and compare it to URLs found in the existing config args. If the URL matches, keep skipping and log that the server is correctly configured; if the URL differs (e.g., port changed on restart), log the difference and allow the flow to update the server configuration. Adds URL extraction and improved debug messages to support automatic updates when server endpoints change. --------- Co-authored-by: Ram Gopal Srikar Katakam <44802869+RamGopalSrikar@users.noreply.github.com>
…ngflow-ai#12044) Langflow breaks when we click on the last level of the chain. Co-authored-by: Olayinka Adelakun <olayinkaadelakun@mac.war.can.ibm.com>
langflow-ai#12051) fix: standardize "README" title and update API key configuration notes in 3 main flow templates (langflow-ai#12005) * updated for README * chore: update secrets baseline with new line numbers * fixed test Co-authored-by: Deon Sanchez <69873175+deon-sanchez@users.noreply.github.com>
…8.0 (langflow-ai#12052) * fix: improve knowledge base UI consistency and pagination handling - Change quote style from double to single quotes throughout knowledge base components - Update "Hide Sources" button label to "Hide Configuration" for clarity - Restructure SourceChunksPage layout to use xl:container for consistent spacing - Add controlled page input state with validation on blur and Enter key - Synchronize page input field with pagination controls to prevent state drift - Reset page input to "1" when changing page * refactor: extract page input commit logic into reusable function Extract page input validation and commit logic from handlePageInputBlur and handlePageInputKeyDown into a shared commitPageInput function to eliminate code duplication.
…angflow-ai#12043) * fix(ui): ensure session deletion properly clears backend and cache * fix: resolved PR comments and add new regression test * fix: resolved PR comments and add new regression test * [autofix.ci] apply automated fixes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
langflow-ai#12724) * fix(frontend): filter duplicate draft/live connections in deploy modal Connections with same app_id can exist as both draft and live, causing both to appear selected simultaneously. Filter to draft-only and add environment badge for clarity. LFOSS-3373 * fix: remove connection environment badge (cherry picked from commit 899f82d)
* test(deployments): add comprehensive test coverage for WXO deployment schemas, hooks, and components Frontend (11 new/expanded test files, ~170 tests): - use-connection-panel-state: tests for all handlers, ID sanitization, env var management - step-review: tests for summary display, flows, connections, masking, edit mode - global variable hooks: tests for useGetGlobalVariables auth guard and Zustand hydration - use-patch-deployment: fix incorrect spec field assertion, test URL/body destructuring - deployment-expanded-row, deployment-info-grid, deployment-flow-list: component tests - flow-list-panel, version-panel, connection-search-list: panel component tests - deployment-stepper-payload-builders: tests for buildConnectionPayloads, buildDeploymentUpdatePayload, buildDeploymentPayload, buildProviderAccountPayload Backend (2 expanded test files, ~21 new tests): - test_deployments_response_mapping: tests for update/list/execution/config response shapes - test_deployment_schemas: tests for pagination constraints, execution schemas, snapshot schemas * Fix nested button issue; remove more unnecessary tests * update fe tests * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * [autofix.ci] apply automated fixes * fix tests; filter sql warnings * ruff --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Viktor Avelino <64113566+viktoravelino@users.noreply.github.com> (cherry picked from commit 3fb40f3)
* chore: update wxo adk (2.8.0) * make sure all sites use the helper * revert tests * remove thin helper and use adk directly (cherry picked from commit b4f0870)
…vider=true (langflow-ai#12745) * feat(deployments): filter WXO list to drafts and expose environments as a list When `load_from_provider=true` on `GET /deployments`, restrict watsonx Orchestrate results to draft agents only and surface their environment metadata as `environments: list[str]` on both the list and status responses. - Add `BaseDeploymentMapper.resolve_load_from_provider_deployment_list_params` as an extension point; override in the WXO mapper to always inject `{"environment": "draft"}` when listing from the provider. - In the WXO adapter's `list`, pop `environment` from `provider_params` before building the WXO query (it is not a native WXO query param) and apply it as a client-side membership filter. - Skip forwarding `deployment_type` from the endpoint on the `load_from_provider` path; WXO only exposes agent deployments today and other list logic does not rely on it. - Replace the single `environment` string with `environments: list[str]` in list and status `provider_data`. This is a breaking change to the provider-backed shape, accepted because the feature is still behind a flag. - Introduce `get_agent_environments` with fail-fast access (no silent fallbacks/normalization) so WXO contract breaks surface immediately, and drop the now-unused `derive_agent_environment` categorizer. Tests updated to cover the new filter, the list shape, the status shape, and the fail-fast semantics of the helper. * [autofix.ci] apply automated fixes --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> (cherry picked from commit ab70449)
…emini 3 (langflow-ai#12797) * feat(google): refresh Gemini model list and enable tool calling for Gemini 3 Updates the Google Generative AI model metadata to reflect the current Gemini API lineup and langchain-google-genai 4.1.3 capabilities: - Enable tool_calling for all Gemini 3 preview models (supported by langchain-google-genai 4.1.3, which handles Gemini 3 thought signatures) - Remove gemini-3-pro-preview (shut down March 9, 2026; replaced by gemini-3.1-pro-preview which is already listed) - Add gemini-3.1-flash-lite-preview (Gemini 3.1 Flash Lite) - Add gemini-3.1-flash-image-preview (Nano Banana 2) - Drop the stale TODO now that Gemini 3 tool calling is wired up * [autofix.ci] apply automated fixes * fix(models): flatten list-shaped AIMessage content so Gemini 3 works Gemini 3 models (via langchain-google-genai >=4.1.0) return AIMessage.content as a list of content blocks, e.g. [{"type": "text", "text": "...", "thought_signature": "..."}] Message(text=...) only accepts strings/iterators, so building the Language Model component with gemini-3.1-pro-preview (or any other Gemini 3 model) raised a pydantic ValidationError with three "text.*" errors. Add _normalize_message_content() which concatenates text blocks and drops non-text blocks, and run every AIMessage through it in _get_chat_result and _handle_stream before constructing the Message. Includes unit tests covering the Gemini 3 shape, multiple text blocks, mixed non-text blocks, and defensive cases (None, empty list, missing text). * fix(models): hide and clear api_key for providers without one (e.g. Ollama) handle_model_input_update unconditionally forced api_key.show=True at the end of the update cycle. For providers whose metadata doesn't map a variable to api_key (Ollama is the only one today), this left a stale cross-provider credential like OPENAI_API_KEY sitting behind a field that should not be visible at all. apply_provider_variable_config_to_build_config already sets show=True for providers whose metadata DOES map api_key, so the force-show was redundant for every other provider. Drop it, and when api_key is hidden by the provider config step, also clear its value and load_from_db flag so switching back to an api_key provider triggers the normal auto-populate path via the stale cross-provider variable detection. Updates the existing default-state test (which encoded the bug) and adds two new regression tests: one for Ollama (hidden + cleared) and one for OpenAI (visible stays visible). --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> (cherry picked from commit 7372799)
* update e2e tests * fix(watsonx): harden existing-resource create flow and rollback journaling - move the direct Watsonx adapter E2E runner to `scripts/e2e_deployment_tests/watsonx_orchestrate/adapter.py` (rename-only) so deployment E2E assets are consolidated under one folder - add `scripts/e2e_deployment_tests/watsonx_orchestrate/api.py` with a full `/api/v1/deployments` matrix covering create/update happy paths, validation rejections, attachment patching, rollback/error paths, concurrency races, large payload tiers, and failpoint scenarios with owned-resource cleanup - clarify existing-resource create behavior in `src/backend/base/langflow/api/v1/deployments.py`: DB-only onboarding keeps `created_*` fields empty unless provider mutation operations are requested - add `util_create_result_from_existing_resource` in `src/backend/base/langflow/api/v1/mappers/deployments/watsonx_orchestrate/mapper.py` to normalize non-mutating onboard responses into a create-style result with empty `app_ids` and `tools_with_refs` - extend `src/backend/base/langflow/services/adapters/deployment/watsonx_orchestrate/core/config.py` to accept `created_app_ids_journal` and append app ids immediately after successful provider connection creation for rollback safety - update shared connection orchestration in `src/backend/base/langflow/services/adapters/deployment/watsonx_orchestrate/core/shared.py` to normalize provider app ids via `RawConnectionCreatePlan.__post_init__`, propagate `created_app_ids_journal`, dedupe rollback ids, and wrap validation-stage failures as `ConnectionCreateBatchError` with rollback metadata - wire journaling into create/update rollback flows in `src/backend/base/langflow/services/adapters/deployment/watsonx_orchestrate/core/create.py` and `src/backend/base/langflow/services/adapters/deployment/watsonx_orchestrate/core/update.py` so partial provider-side connection creation is always captured for cleanup - add mapper coverage in `src/backend/tests/unit/api/v1/test_deployment_mapper_watsonx.py` for existing-resource create-result normalization - expand `src/backend/tests/unit/services/deployment/test_watsonx_orchestrate.py` with coverage for provider app-id normalization, validation-failure rollback metadata, and create/update rollback when failures occur after provider connection creation; update mocks/monkeypatch targets to match the shared connection entrypoint signature * simplify create result logic (improves error friendliness (cherry picked from commit 9f42c9e)
…ents (langflow-ai#12813) * fix(custom): honor asname in `from X import Y as Z` for custom components `_handle_module_attributes` was keying `exec_globals` on `alias.name`, so `from pkg import Foo as Bar` bound `Foo` instead of `Bar` in a custom component's exec scope. Any reference to `Bar` then raised NameError and the component failed to load. Use `alias.asname or alias.name`, matching the `import X as Y` branch in the same file and standard Python import semantics. Adds regression tests against `prepare_global_scope` and end-to-end through `create_class`. * fix: Make sdk env flag idempotent (release-1.9.1) (langflow-ai#12815) fix: Make sdk env flag idempotent Refactor pytest_addoption to register CLI options via a loop with contextlib.suppress(ValueError), allowing langflow-sdk and lfx to coexist without plugin registration conflicts. Add test_pytest_addoption_is_idempotent to verify behavior. (cherry picked from commit cae2bdf)
…angflow-ai#12818) * fix(mcp): close path traversal + cross-user disclosure in MCP endpoint (PVR0754098) Path-containment on the storage service was only enforced in save_file; get_file/get_file_stream/delete_file/get_file_size all resolved user-supplied names directly, letting an authenticated user read arbitrary files via the MCP resources/read handler. resources/list and tools/list additionally returned every user's flows regardless of ownership. - storage/local.py: extract path-containment into shared _validated_path() and call it from every read/write/delete entry point (langflow + lfx). - mcp_utils.handle_read_resource: reject filenames containing ../, /, \ at the handler layer; require a current user and verify flow ownership (or self-owned user bucket) before dispatching to storage. - mcp_utils.handle_read_resource: accept optional project_id so project servers can't read resources outside the project's flows. - mcp_projects: pass project_id into handle_read_resource. - mcp_utils.handle_list_resources / handle_list_tools: scope flow queries to the authenticated user on the global server. Regression tests cover traversal rejection on every read path, cross-user flow access denial, project-scope enforcement, and unauthenticated list queries returning empty. * fix(mcp): drop user-bucket files from project-scoped resources/list Project-scoped handle_list_resources still appended every UserFile owned by the caller, so a project MCP client could enumerate user-level files unrelated to the project. User files have no project association, so skip them entirely when project_id is set. Adds a regression test proving that project-scoped resources/list returns only files from flows in the project. (cherry picked from commit f0fd436)
* checkout api handlers
* add missing table
* update to use "version" terminology for flows instead of outdated "history" verbage
* Fix provider account id mapping
* recover a little todo comment
* Add flow version migration and minor exception handling, etc
1. deployments.py — Added AuthenticationError import + handling (401) in all 9 error handler blocks. Added update_deployment_db import + call to persist name changes to local DB after adapter update succeeds.
2. flow_version/exceptions.py — Added FlowVersionDeployedError for blocking deletion of deployed versions.
3. flow_version/crud.py —
- Added has_deployment_attachments() helper that checks if a flow version has any deployment attachments
- delete_flow_version_entry() now raises FlowVersionDeployedError if the version is attached to deployments
- Pruning now excludes deployed versions via a NOT IN subquery on FlowVersionDeplottachment, preventing provider-side snapshot orphaning
4. flow_version/__init__.py — Exports FlowVersionDeployedError
5. flow_version.py (API route) — Imported FlowVersionDeployedError, added it to _translate_version_error as 409 Conflict
6. models/__init__.py — Registered FlowVersionDeploymentAttachment for alembic/SQLModel metadata detection
7. Migration c0d2ce43b315 — Creates flow_version_deployment_attachment table with all columns, FKs (CASCADE), and indexes. Single head, chains off fc7f696a57bf.
* [autofix.ci] apply automated fixes
* address bugs and inconsistencies
* rename column to "provider_snapshot_id"
* harden deployment API: fail loudly on invalid state instead of silently passing
Replace silent fallbacks, warning logs, and dropped values with hard
failures (422/500/502) across the deployment orchestration layer. Adds
logging to bare exception handlers and wraps materialize_snapshots in
the adapter error handler.
* [autofix.ci] apply automated fixes
* add materialize_snapshots to deployment service protocol
Promotes materialize_snapshots from duck-typed getattr usage to a
first-class method on DeploymentServiceProtocol, BaseDeploymentService,
and the no-op DeploymentService stub. Introduces MaterializeSnapshotsResult
schema for typed return values.
Updates deployments.py to call the method through the protocol instead of
getattr, giving static analysis coverage over the contract.
Documents the snapshot abstraction across BaseFlowArtifact, SnapshotItem,
MaterializeSnapshotsResult, and FlowVersionDeploymentAttachment.provider_snapshot_id
— explaining that snapshots are immutable, provider-owned copies of flow data
with opaque provider-assigned identifiers (e.g. wxO tool ID, K8s ConfigMap
name, S3 key).
* deployment sync: extract helpers, server-side type filter, orphan detection
- Extract _fetch_provider_resource_keys helper for provider validation
- Rename _sync_page_with_provider → _list_deployments_synced
- Match resource keys by provider ID only (not name)
- Restore server-side deployment_type filter with guard against
false deletions (skip rows whose type doesn't match the filter
instead of deleting them)
- Add orphan/divergence logging for post-create, post-update,
post-duplicate DB write failures
- Return 422 on invalid UUID in update remove list (was silently ignored)
- Handle NotImplementedError → 501 from provider adapters
- Convert attachment IntegrityError to ValueError with descriptive message
- Add tests for sync helpers (15 cases)
* rebase on release-1.9.0 and align with lfx/services
* refactor(deployments): align provider mapper routing and WXO update payload mapping
Align deployment mapper resolution with adapter-type/provider-key routing and
refactor PATCH update handling to use mapper resolve/shape contracts end-to-end.
Map Langflow flow_version_id references at the API boundary into provider update
operations for Watsonx bind/unbind/remove paths, with expanded mapper tests.
* patch down-revision
* first pass with formalized boundary rules
* fix(deployments): harden watsonx payload boundary contracts
Enforce fail-fast payload slot parsing for required adapter results, split execution create/status slot contracts, and route execution-create mapping through deployment mappers.
Require watsonx flow artifact source_ref and move update reconciliation output to provider_result to keep mapper/adapter boundaries explicit and typed.
* refactor(deployments): modularize watsonx orchestrate create/update flow
Extract create/update logic into dedicated core modules with shared helpers to tighten deployment boundary contracts.
Align backend/lfx payload schema mapping and expand e2e/unit coverage for response mapping and update schema behavior.
* api impl for wxo-specific create payload
* further refactoring. add rollback of existing tools (undo new app bindings) in the create path
* add todo in execution.py
* refactor(deployments): replace snapshot_id/reference_id with source_ref-correlated tool refs
Introduce WatsonxToolRefBinding to correlate source_ref (flow version id)
with provider tool_id across all operation types. This replaces the prior
reference_id and snapshot_id fields with a unified structure that carries
provenance through create, bind, unbind, and remove_tool operations.
Key changes:
- Flatten API operation payloads: hoist flow_version_id onto operations,
remove nested WatsonxApiUpdateToolReference wrapper
- Replace tools.existing_ids with inline tool_id_with_ref on bind operations
- Rename WatsonxCreateSnapshotBinding to WatsonxToolRefBinding (input) and
WatsonxResultToolRefBinding (output, with created flag)
- Add created_app_ids to update results for connection tracking
- Raise HTTPException on contract violations in _to_api_tool_app_bindings
instead of silently dropping unmappable bindings
- Add schema-level validation for conflicting source_ref on same tool_id
- E2E: cache tool_id→source_ref from create results, use helpers to build
refs with distinct source_ref vs tool_id values
* Enforce DeploymentType enum and add description column
Make deployment_type a required column backed by a SQLAlchemy
TypeDecorator that validates on write (rejects None and invalid strings)
and coerces to DeploymentType on read. Add nullable description column
to the deployment model and surface it through the API.
Key changes:
- Add _DeploymentTypeColumn TypeDecorator for enum round-trip fidelity
- Make deployment_type non-optional in Deployment model, DeploymentRead,
CRUD functions, and API layer
- Add description (Text, nullable) to Deployment model and fold its
migration into the existing c0d2ce43b315 revision
- Remove _resolve_deployment_type helper — TypeDecorator handles coercion
- Remove DeploymentType fallbacks and backward-compat shims from API
endpoints, base mapper, and watsonx orchestrate mapper
- Document cross-package coupling: DeploymentType is owned by lfx but
persisted by langflow; member values must never be removed
- Fix pre-existing bug: provider_account_id → deployment_provider_account_id
in get_deployment_status endpoint
Note: deployment_type is nullable=True at the DB level to satisfy the
EXPAND-phase migration validator; NOT NULL is enforced at the application
layer by the _DeploymentTypeColumn TypeDecorator.
* refactor(deployments): extract route helpers, harden sync and error handling
Move bulk of deployment route logic into mappers/helpers layer to slim
down deployments.py and enforce clearer boundary between routes, mappers,
and adapters (documented in DEPLOYMENT_BOUNDARY_RULES.md).
Key changes:
- Extract ~700 lines from deployments.py into helpers.py (pagination,
adapter/mapper resolution, attachment management, snapshot sync,
rollback, response shaping)
- Add read-path snapshot-level sync: get_deployment and
list_deployments_synced verify provider_snapshot_ids against the
provider and prune stale attachments, with graceful fallback on error
- Add compensating rollback for create (rollback_provider_create) and
update (rollback_provider_update) when DB commit fails after provider
mutation, using mapper-driven payload reconstruction
- Introduce handle_adapter_errors() context manager centralising
DeploymentServiceError → HTTP status mapping via
http_status_for_deployment_error; sanitise 500 detail to avoid
leaking internals
- Add DeploymentNotConfiguredError → 503 mapping
- Add util_snapshot_ids_to_verify and resolve_rollback_update to base
mapper with WxO overrides for provider-specific snapshot ID extraction
and put_tools-based rollback payloads
- Add put_tools field to WatsonxDeploymentUpdatePayload for full tool
list replacement; early-return in build_provider_update_plan and
validate_operation_references when put_tools is set
- Extract verify_tools_by_ids into core/tools.py helper
- Harden resource_name_prefix with strip_whitespace + min_length=1
- Deduplicate snapshot_ids before provider calls
- Add deterministic order_by(created_at) to attachment CRUD queries
- Add exc_info=True to all best-effort rollback/compensate error logs
- Add session.rollback() in get_deployment snapshot sync error path
- Warn when list_snapshots receives both deployment_ids and snapshot_ids
- Add E2E scenarios for empty snapshot list, mixed snapshot IDs, tools
endpoint, and deployment re-list after update
Tests:
- Add test_deployment_route_handlers.py covering stale-row delete +
commit, non-404 adapter errors, handle_adapter_errors wiring,
snapshot sync (happy path, skip, error fallback), project-scoped
flow version validation for create and update
- Expand test_deployment_sync.py with snapshot-phase tests, rollback
tests, pagination guard, and project-scoped validation
- Add deployment_type assertion to response mapping test
- Add DeploymentNotConfiguredError and bare DeploymentServiceError cases
to exception mapping tests
- Add put_tools schema and update plan tests
* remove pompous performance commentary
* fix(deployments): remove upsert behavior and fail fast on duplicate name
The create_deployment endpoint previously performed a
get_deployment_by_resource_key lookup before inserting the DB row,
silently tolerating duplicates. Since the provider adapter returns a
fresh resource ID on every create, this lookup could never legitimately
match — and if it did, it would mask a data inconsistency bug.
Changes:
- Remove the get-or-create (upsert) pattern; go straight to
create_deployment_db and let the unique constraint surface conflicts.
- Add deployment_name_exists CRUD function and an early 409 guard so
duplicate names are rejected before any provider call, avoiding
costly provider-side rollback for a locally-checkable condition.
- Update existing route-handler tests to reflect the removed lookup.
- Add tests for deployment_name_exists and the 409 duplicate-name path.
* feat: convert provider_key and deployment_type columns to DB-level enums
Replace plain string columns with SQLAlchemy Enum types backed by
Postgres/SQLite enum constraints, enforcing valid values at the DB
layer rather than only in application code.
Migration follows expand-contract pattern (add enum column, backfill,
drop old string column, rename) with index ops outside batch context
to avoid SQLite column-lookup issues. Upgrade and downgrade are fully
atomic.
- Add DeploymentProviderKey enum as single source of truth for
provider identifiers; remove magic strings and _DeploymentTypeColumn
TypeDecorator
- Make provider_key immutable after creation (remove from update
request schema and API handler)
- Fix pre-existing test gap: add missing deployment_type argument to
all TestDeploymentCRUD create_deployment() calls
* feat(flow-versions): add deployment awareness and sync-on-read
Add is_deployed field to flow version responses and provider-verified
sync to the list/get read paths, matching the existing deployment
endpoint sync pattern.
API changes:
- list_flow_versions returns is_deployed per entry and accepts optional
deployment_ids filter to scope by specific deployments
- get_single_flow_version returns is_deployed on the full response
- Both endpoints now use write sessions and run best-effort
snapshot-level sync before returning results
Sync-on-read (helpers.sync_flow_version_attachments):
- Queries all attachments for a flow's versions joined with deployment
and provider account info in a single query
- Groups by provider, resolves adapter/mapper per group, verifies
provider_snapshot_ids via list_snapshots, and prunes stale attachment
rows through the existing sync_attachment_snapshot_ids helper
- Per-provider error handling so one provider outage doesn't block the
response
New CRUD: list_attachments_for_flow_with_provider_info joins
FlowVersionDeploymentAttachment -> Deployment -> DeploymentProviderAccount
to avoid N+1 queries during sync grouping.
Tests: 50 passing (11 new) covering is_deployed indicator, deployment_ids
filtering, stale attachment pruning on list/get, and sync failure
resilience.
* Add user id authentication to a few missing endpoints
* [autofix.ci] apply automated fixes
* Update tests
Removes some mock tests that did nothing
Adds sqlite for true testing of db accessors
Reduces Mock objects usage
* refactor(deployments): enforce ownership boundaries on execution responses
Move provider-owned execution identifiers (execution_id, agent_id,
status, timestamps, errors) out of the top-level API response and into
provider_data, keeping only Langflow-owned fields (deployment_id) at the
top level. This prevents future collisions if Langflow introduces its
own execution tracking.
Key changes:
- Remove execution_id from _ExecutionResponseBase; provider's opaque
run identifier now lives exclusively inside provider_data
- Rename WatsonxExecutionResultData → WatsonxAgentExecutionResultData
(adapter layer) and split the API-layer class into a private base
(_WatsonxApiAgentExecutionResultBase) with dedicated
WatsonxApiAgentExecutionCreateResultData and
WatsonxApiAgentExecutionStatusResultData subclasses
- Translate WXO run_id → execution_id at the adapter boundary
(create_agent_run_result / get_agent_run).
- Collapse util_execution_id + util_execution_deployment_resource_key
into a single util_resource_key_from_execution that trusts the
adapter-provided result.deployment_id directly
- Remove build_orchestrate_runs_query and extra payload fields
(thread_id, llm_params, guardrails, etc.) unused in MVP
- Simplify WxOClient.post_run signature (drop query_suffix)
- Exclude provider_data from flow tool artifact to avoid unexpected
top-level keys in the WxO tool runtime
- Document ownership boundary rules in DEPLOYMENT_BOUNDARY_RULES.md §14
- Add E2E polling for terminal execution status, input format variants,
and missing-deployment negative test
- Expand unit tests for renamed schemas, field mapping, passthrough
validation, and simplified payload builder
* feat: add name column to deployment_provider_account
Add a required, user-chosen display name to provider accounts
(e.g. "staging", "prod") that is unique within a given provider_key.
Includes model, CRUD, API schema/route, mapper, migration with
backfill, and tests.
* fix: replace hand-written migration with Alembic-generated revision
Replace the manually authored migration (b4e6f8a2c1d3) with an
Alembic-generated one (8255e9fc18d9) for the deployment_provider_account
name column.
Fix SQLite compatibility: sa.func.concat() generates a concat() function
call which does not exist in SQLite. Use sa.literal().concat() instead,
which produces the || operator and works on both PostgreSQL and SQLite.
* remove bogus unverified math from migration file
* feat: verify provider credentials before account creation
Add a verify_credentials step to the provider account creation flow
that validates API keys against the provider before persisting them.
This prevents storing invalid or revoked credentials and gives users
immediate feedback.
Key changes:
- Add verify_credentials to the deployment adapter interface (base,
service, protocol) with WXO implementation that obtains a token
via the IBM authenticator
- Add SSRF-hardened URL validation for provider_url (HTTPS-only,
private IP blocklist, localhost rejection, normalization)
- Introduce ValidatedUrl/ValidatedUrlOptional annotated types in
the API schema layer
- Refactor raise_for_status_and_detail to accept an optional cause
parameter for explicit exception chain control
- Use ResourceNotFoundError (parent) instead of DeploymentNotFoundError
in raise_for_status_and_detail for provider-agnostic 404 mapping
- Narrow get_authenticator return type to concrete union
* use whitelist only for valid urls
* feat: BREAKING: move credentials into provider_data and centralize update logic in mapper
- Replace top-level `api_key: SecretStr` with opaque `provider_data: dict` in API schemas;
mapper extracts credentials via `resolve_credential_fields` for DB storage
- Add `resolve_provider_account_update` to base mapper so routes delegate
full update-kwargs assembly (including cross-field logic) to the mapper
- WXO mapper override re-derives `provider_tenant_id` when `provider_url` changes
- Add tenant extraction utilities and `validate_tenant_url_consistency` in
`deployment_provider_account/utils.py` as single source of truth
- Add `model_validator` on `DeploymentProviderAccount` for defense-in-depth
tenant/URL consistency checks
- Rename `DEPLOYMENT_BOUNDARY_RULES.md` → `RULES.md`; document DB-direction
mapper contract, credential flow, and update assembly
- Update all tests for new `provider_data` shape, mapper update methods,
tenant extraction, and model-level consistency validation
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* fix(deployments): Harden provider account validation and WXO rollback
Use provider_url when resolving WXO credentials and scope provider account names per user within each provider. Re-verify provider account updates before persisting them and return 4xx responses for account conflicts instead of surfacing 500s.
Block deleting provider accounts that still own deployments and extend create rollback so failed WXO writes clean up provider-side resources. Add route, schema, mapper, sync, CRUD, and WXO tests to cover the new behavior.
* [autofix.ci] apply automated fixes
* update url validator docs; remove outdated reference to private url blacklist logic
* fix(deployments): Isolate snapshot sync writes
Use nested transactions around best-effort snapshot cleanup so provider sync failures cannot leak partial attachment deletes into the outer request transaction.
Persist explicit description clears during deployment PATCH requests, and add regression tests for both deployment sync paths and the route handler update flow.
* fix(deployments): Harden delete cleanup and wxO create tests
Treat missing provider agents as stale local cleanup so delete can
finish instead of leaving orphaned deployment rows behind.
Commit local delete operations eagerly, retry once on commit failure,
and move wxO create-path tests toward fake client objects so the real
service logic is exercised without external calls.
* new head
* fix(deployments): stop prefixing wxo raw connection app_ids
Preserve caller app_ids for newly created wxo connections while keeping lf_ prefixing for tool/deployment naming, centralize resource_name_prefix validation, and update mapper/service schema tests and docs to reflect the new behavior.
* fix(deployments): Harden provider account cleanup
Reconcile stale deployment rows before provider-account deletion so
out-of-band provider removals do not leave account cleanup blocked.
* fix: restore py310 compatibility and align payload slot tests
Import Self from typing_extensions in the deployment provider account model to keep backend imports working on Python 3.10, and update payload formalization tests to assert strict rejection of cross-model BaseModel inputs.
* fix(deployments): resolve mypy typing regressions across deployment flows
Normalize SQLModel query expressions for typed SQL operators, make deployment-related model IDs non-nullable where appropriate, and tighten provider mapper/update typing guards. Update deployment tests to align with stricter type contracts.
* fix(deployments): restore py310 test compatibility and migration idempotency
Replace Python 3.11-only UTC imports with timezone.utc in deployment-related tests and the watsonx e2e helper, and make the provider-account name migration safe to re-run when the column and unique constraint are created in separate steps.
* fix(deployments): restore provider account route ownership helpers
Reuse the shared provider-account lookup in update/delete routes so route tests keep the expected ownership path, and use the explicit-field helper when deciding whether to reverify credentials.
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
* fix(deployments): enforce deployment guard constraints with clean API errors
Add DB trigger guards to block deleting deployed flow versions, deleting projects with deployments, and moving deployed flows across projects. Translate trigger violations to HTTP 409 with sanitized details, add best-effort pre-operation deployment/snapshot sync to reduce stale-state false positives, and cover guard parsing/delete flush behavior with tests.
* checkout latest crud and helpers files
* make helper for try catch sync logic
* add gaurd to prevent moving deployments across projects
* prevent moving deployments across provider accounts
* add live sqlite tests
* recover lost changes
* recover feature flag setup from release-1.9.0
* fix: address review findings for deployment guard branch
- Add comment in delete_user explaining why best-effort provider sync
is intentionally skipped (too expensive; DB trigger is authoritative)
- Add docstring to _clean_guard_detail for maintainability
- Add happy-path trigger tests verifying operations succeed when no
deployment conflicts exist (flow version delete, project delete,
flow move, deployment rename)
- Fix list_attachments_for_flow_with_provider_info callers still using
the old flow_id= parameter (now flow_ids=)
- Fix pre-existing broken test fixture (missing name in
DeploymentProviderAccount)
* feat: add cross-project attachment guard and harden test suite
Add a new DB trigger (prevent_cross_project_attachment) that blocks
attaching a flow version to a deployment in a different project, for
both PostgreSQL and SQLite.
Refactor trigger tests into a unified dual-dialect test file
(test_deployment_guard_triggers.py) that runs against both SQLite
(always) and PostgreSQL (when TEST_DEPLOYMENT_GUARD_PG_URL is set).
Validated with both asyncpg and psycopg drivers.
Additional improvements:
- test_downgrade_removes_triggers now asserts the guard is active
before downgrade, preventing false-positive passes
- Endpoint test uses statement inspection instead of fragile
call-count gating
- Add exception parser coverage for CROSS_PROJECT_ATTACHMENT,
implicit __context__ chains, and cyclic exception chains
- Add endpoint tests for cascade_delete_flow, update_flow,
delete_multiple_flows, and global exception handler
* fix(deployments): make provider account identity immutable
Add DB deployment guard triggers to prevent updating provider account identity fields
(provider_key, provider_tenant_id, provider_url) once created, and preserve guard
error translation in the provider-account PATCH route. Extend trigger and route
tests to cover blocked updates and same-value no-op updates.
* refactor: extract sync logic into dedicated module and fix sync correctness issues
- Move deployment/attachment sync functions from helpers.py to new sync.py
module, reducing helpers.py size and improving separation of concerns
- Fix fetch_provider_resource_keys to use deployment_ids instead of
provider_params (pre-existing bug: wrong adapter parameter)
- Add empty-list guard to fetch_provider_resource_keys to avoid
unnecessary provider calls
- Wrap snapshot sync in savepoint for proper fault isolation
- Update imports across flows.py, projects.py, flow_version.py,
deployments.py to reference new sync module
- Update unit tests to target refactored module paths and add coverage
for bug fixes
* refactor: implement binding-aware deployment sync and optimistic guard retries
Add provider binding contract and mapper extraction path:
- add ProviderSnapshotBinding in deployments/contracts.py
- add BaseDeploymentMapper.extract_snapshot_bindings() default no-op
- implement Watsonx mapper extract_snapshot_bindings() with strict provider_data parsing via PayloadSlot (snapshot_ids required)
Replace attachment snapshot verification loop with binding-aware set-based cleanup:
- add delete_unbound_attachments(user_id, deployment_ids, bindings) in flow_version_deployment_attachment/crud.py
- uses CTE/anti-join to delete local attachments not present in provider bindings
- when bindings are empty, delete all attachments for provided deployment_ids
- add count_attachments_by_deployment_ids() grouped recount helper
- update list_deployments_synced() in deployments/helpers.py to:
- collect bindings from fetch_provider_resource_keys() provider_view during batch sync
- run one savepoint-wrapped delete_unbound_attachments() for accepted deployments
- run one grouped recount and patch attached_count from DB
- remove list_attachments_by_deployment_ids + snapshot-provider phase
- enforce two sync rounds max (initial pass + one refill)
Consolidate provider-side sync plumbing:
- change fetch_provider_resource_keys() in deployments/sync.py to return (known_resource_keys, provider_view)
- document tuple contents in function docstring
- remove now-unused sync_provider_attachment_snapshots() helper
- keep fetch_provider_snapshot_keys()/sync_attachment_snapshot_ids() for single-deployment read path
Scope read sync by provider account and conditionally expose deployment status:
- update deployment CRUD listing helpers to accept provider_account_id filter
- in flow_version API, add deployment_provider_account_id query param
- only perform deployment sync/is_deployed calculation when provider id is explicitly passed
- make FlowVersion.is_deployed optional (default None) so field can be omitted when not requested
Switch mutating APIs to optimistic catch-sync-retry pattern:
- add _retry_on_deployment_guard() in flows.py and projects.py
- replace pre-sync mutation flow with guarded retry on DeploymentGuardError
- for project create/update, retry only guarded flow-move DB operations
- preserve side-effect safety and improve stale-state recovery behavior
Tests:
- add unit tests for deployment guard retry helper (test_deployment_guard_retry.py)
- add unit tests for delete_unbound_attachments behavior, including empty bindings delete-all case (test_flow_version_deployment_attachment_crud.py)
- update deployment sync tests for tuple return, binding extraction, consolidated phase-2 cleanup/recount, and two-round refill behavior
- update flow_version tests for provider-scoped sync and conditional is_deployed field presence
* fix: extract tool_ids from provider data
* dont use stale rolled-back OORM Flow instance
* refactor(deployment): demote delete triggers and standardize guard handling
- Edit the existing deployment guard migration to remove DB delete triggers for flow version and project deletion in both PostgreSQL and SQLite.
- Keep core DB invariants (flow move, deployment project move, deployment provider account move, provider account identity immutability, and cross-project attachment).
- Add a new DB invariant trigger to enforce deployment.resource_key immutability.
- Rewrite trigger error text to technical/operator-focused language and remove ambiguous “detach” wording.
- Add migration comments documenting the current global provider identity guard and the future provider-specific migration path.
- Add app-level guard helpers in deployment/guards.py:
- check_flow_has_deployed_versions
- check_project_has_deployments
- Wire check_flow_has_deployed_versions into cascade_delete_flow before destructive deletes.
- Wire check_project_has_deployments into delete_project before deleting the folder row.
- Keep explicit DeploymentGuardError passthrough in cascade_delete_flow and retain parse fallback for non-guard exceptions.
- Refactor DeploymentGuardError to carry:
- code
- technical_detail
- detail (API-friendly message)
- Add friendly guard-detail mapping by guard code.
- Update parse_deployment_guard_error to parse DEPLOYMENT_GUARD:<CODE>:<DETAIL> and preserve raw technical detail from chained exceptions.
- Simplify delete_user to DB-cascade delete + flush only.
- Remove deployment guard translation/parsing logic from delete_user.
- Keep an explicit endpoint comment documenting the intentional no-provider-teardown trade-off.
- Update flow_version deletion message to: “Remove its deployment attachment rows first.”
- Update tests to match the new guard contract and behavior:
- Remove stale delete_user guard-translation endpoint test.
- Update delete endpoint tests to assert app-level guard behavior and new friendly details.
- Update trigger tests to reflect removed delete triggers and added resource_key trigger coverage.
- Update trigger downgrade assertions for the revised trigger set.
- Expand exception tests for code mapping, technical-detail preservation, unknown-code fallback, and new guard codes.
- Add unit tests for deployment guard helper functions.
* surface better msg when project deletion attempted
* refactor(deployment): rename flow guard code and align guard messages
Rename FLOW_VERSION_DEPLOYED to FLOW_HAS_DEPLOYED_VERSIONS across deployment guard checks, project-level remapping, and tests.
Update friendly guard wording for flow/project/move/cross-project cases, and convert pytest match patterns to raw escaped regex strings to satisfy Ruff.
* add docs to migration file
* update docs in migration
* update docs
* refactor(flow-version): scope deployment status to list endpoint
Keep deployment status provider-scoped on version listing only, remove single-version sync/status behavior, and omit is_deployed from snapshot creation responses while aligning docs and tests.
* refactor(deployment): centralize guard retry helpers and align sync error handling
Move flow/project deployment-guard retry wrappers into deployment sync helpers while preserving upstream route logic, and align provider sync error mapping with deployment domain exceptions. Tighten wxo snapshot binding validation and update docs/tests for guard messaging and sync behavior.
* refactor(deployment): enforce snapshot ID invariants and improve delete error UX
- add shared non-empty string guard (`require_non_empty`) in database utils and use it in deployment attachment CRUD write paths
- enforce required `provider_snapshot_id` on attachment model and add Pydantic + SQLAlchemy validators as safety nets for non-CRUD writes
- introduce deployment attachment key schemas (`DeploymentAttachmentKey`, `DeploymentAttachmentKeyBatch`) with deduplication support
- add batch stale-row cleanup (`delete_deployment_attachments_by_keys`) using a VALUES CTE to delete exact deployment/flow-version pairs
- remove mapper-level `util_snapshot_ids_to_verify` hook from base + watsonx mapper and replace with sync utilities:
- `extract_verified_snapshot_ids`
- `extract_verified_provider_snapshot_ids`
- update sync and helper flows to use verified snapshot IDs, stricter provider ID validation, and safer corrected-count handling
- align provider ID handling so both deployment and snapshot sync paths reject blank provider IDs consistently
- tighten adapter/provider-key validation and enforce required snapshot binding during attach flow-version operations
- update deployment routes/helpers to new sync signatures and behavior
- remove legacy null/blank snapshot safety-net filters from attachment queries/delete-unbound reconciliation (intentional invariant enforcement)
- add broad backend test coverage for:
- rejecting empty/blank snapshot IDs on create/update
- exact-key batch deletion behavior
- cartesian cross-delete regression prevention
- updated route/sync expectations after helper refactor
- improve flow delete UX in the frontend list view by surfacing backend `detail` via `getAxiosErrorMessage` instead of a generic "Please try again"
* update logic and remove stale comment
* fix(deployment): handle orphaned deployment attachments and enforce SQLite FK constraints
Enable PRAGMA foreign_keys=ON for SQLite to enforce referential integrity
that was previously silently ignored, and add application-level cleanup for
orphaned FlowVersionDeploymentAttachment rows left behind by environments
where cascades never fired.
- Enable foreign_keys pragma in lfx SQLite settings
- Update deployment guards to detect and prune orphan attachments (missing
deployment parent) before blocking on live ones, with structured logging
- Update flow_version and deployment CRUD queries to join on Deployment so
is_deployed status and attachment counts reflect only live attachments
- Document has_deployment_attachments write side-effect (orphan pruning)
- Wrap pre-sync orphan cleanup in try/except so failures don't abort the
sync process
- Explicitly delete spans and traces in cascade_delete_flow to avoid FK
violations from the span.trace_id constraint (which lacks ON DELETE
CASCADE in the DDL)
- Add in-memory SQLite integration tests covering guard pruning, orphan
cleanup, version pruning, deployment counts, and is_deployed status
- Add unit tests for sync exception-handling paths
* refactor(deployment): replace DB trigger guards with ORM-layer preflight checks
Remove the unshipped trigger migration (97c9a98c9c01) and enforce
deployment invariants at the ORM/service layer instead:
- Add orm_guards.py with preflight checks for all six guard codes
(FLOW_DEPLOYED_IN_PROJECT, DEPLOYMENT_PROJECT_MOVE, DEPLOYMENT_TYPE_UPDATE,
DEPLOYMENT_RESOURCE_KEY_UPDATE, DEPLOYMENT_PROVIDER_ACCOUNT_MOVE,
DEPLOYMENT_PROVIDER_ACCOUNT_IDENTITY_UPDATE, CROSS_PROJECT_ATTACHMENT)
- Wire guards as pure prefix blocks into deployment, provider-account,
and attachment CRUD functions — existing write logic unchanged
- Add preflight validation before bulk update(Flow) statements in
projects.py and folder/utils.py — existing statements unchanged
- Add ensure_flow_move_allowed to flows_helpers.py for ORM-instance
update paths (_patch_flow, _update_existing_flow, _validate_and_assign_folder)
- Optimize batch flow-move guard to one query per source folder
- Simplify parse_deployment_guard_error to isinstance-only chain walk
now that guards are raised explicitly as DeploymentGuardError
- Document retry helper contract: operations must enforce guards internally
- Replace trigger-centric tests with ORM/service-level guard tests
- Add project API guard integration tests for flow-move blocking
* fix(deployment): prune attachment rows before deployment deletes
Explicitly delete flow-version deployment attachments before deployment row deletes
to prevent orphaned attachments when FK cascades are disabled (e.g. SQLite
foreign_keys=OFF). Keep delete-by-resource-key and delete-by-id behavior intact
while documenting guard None-scope behavior and adding coverage for missing-row
and FK-disabled cleanup paths.
* recover lost tests
* misc
* remove deployment guard error extraction from lfx session scope
* extract re-raise logic into a helper
* fix: stabilize deployment guard retries and guard diagnostics
- scope WxO provider-client ContextVar state to each deployment provider scope via provider_clients_memoization_scope
- compose WxO scope lifecycle into deployment_provider_scope and document forward multi-adapter dispatch options
- add successful provider resource-key sync debug logging and remove stray print-based sync error debug
- log DeploymentGuardError details during flow cascade delete and in deployment guard exception re-raise helper
- fix folder defaulting guard precheck query to use Flow.folder_id.is_(None) so NULL-folder flows are included
- deduplicate require_non_empty by importing from langflow.services.database.utils in deployment mappers
- remove deprecated duplicate helper module at api/v1/mappers/deployments/util.py and keep package export wired to canonical helper
- add regression test for default-folder guard precheck covering NULL-folder flow handling
* add tests for provider scope context
* fix: improve deployment guard logging and async guard handling
Log DeploymentGuardError directly in flow/project endpoint guard catch blocks with operation context, and use the async guard helper for generic exception paths that need guard parsing. Add tests for async guard helper logging and raise behavior.
* less verbose name for scope
* harden delete_unbound_attachments by passing provider account id to it to scope deletion
* fix: return dense deployment attachment counts and simplify snapshot sync
Make `count_attachments_by_deployment_ids` return a dense mapping for all
requested deployment ids, including zero for ids with no countable attachments.
Update deployment listing code to rely on direct key access for corrected counts,
remove redundant `verified_snapshot_ids` plumbing from snapshot sync call sites,
keep local snapshot id integrity checks in sync logic, and align backend tests
plus log messaging with the new count contract.
* guard context scope
* test: expand deployment guard and sync regression coverage
Add comprehensive regression coverage for deployment guard and deployment-sync behavior across database and API test suites.
- verify deployment deletes remove linked attachment rows
- cover batched move guards and immutable deployment/provider fields
- validate cascade flow deletion and user-scoped orphan cleanup behavior
- exercise retry helper edge cases for flow/project guard retries
- align sync helper tests with stricter provider-id/error handling and dedupe/early-return paths
- add API 409 guard-path tests for deployed flow/project delete and move scenarios
* fix: align flow-version list semantics with provider-scoped deployment status
- remove `deployment_ids` handling from `GET /flows/{flow_id}/versions/` and keep plain list mode as versions-only
- enforce provider-account ownership for `deployment_provider_id` via `get_owned_provider_account_or_404` (404 on unknown/foreign ids)
- add explicit feature-flag guard for provider-scoped mode:
`Cannot use deployment_provider_id: the wxo_deployments feature flag is disabled`
- remove `has_providers` / `count_provider_accounts` branching and drive behavior directly from request params
- replace `get_flow_version_list` with `get_flow_versions_with_provider_status` and scope `is_deployed` by:
`Deployment.deployment_provider_account_id == provider_account_id`
- keep best-effort `sync_flow_version_attachments` before provider-scoped reads
- update API tests:
- delete deployment_ids endpoint tests
- add provider-scoped status regression coverage (true under provider A, false under provider B)
- add provider-id feature-flag rejection test (400)
- add unknown and foreign provider-id ownership tests (404)
- simplify feature-disabled plain-list test to assert `is_deployed` remains omitted
- migrate CRUD/in-memory tests off removed `get_flow_version_list` to `get_flow_versions_with_provider_status`
- update stale flow export TODO comments referencing the removed function
* fix: batch stale deployment cleanup per provider sync group
Replace per-deployment stale deletes in deployment sync with a single batched delete per provider group.
Add a bulk deployment-delete CRUD helper and regression coverage for grouped stale-delete behavior plus multi-deployment attachment cleanup.
* test: expand deployment guard and provider account update coverage
Add direct ORM guard coverage for noop immutable updates and attachment project matching. Update in-memory deployment tests to cover provider account API key rotation and align stale fixtures with current model constraints.
* fix: make deployment GET sync binding-aware and harden guard/prune behavior
- Align SQLite defaults in `lfx/services/settings/base.py`:
- remove forced `foreign_keys=ON` pragma from default sqlite pragmas
- Replace deployment GET snapshot-id verification with binding-aware reconciliation in `api/v1/deployments.py`:
- resolve and use the concrete deployment mapper in GET
- call mapper-provided `extract_snapshot_bindings_for_get(...)`
- prune detached links via `delete_unbound_attachments(...)` inside `session.begin_nested()`
- fall back safely to unverified attachment counts when sync is unsupported or fails
- change provider_data response shaping to `mapper.shape_deployment_get_data(...)` to hide internal fields
- Extend mapper contracts in `api/v1/mappers/deployments/base.py`:
- add `extract_snapshot_bindings_for_get(...)` (explicitly raises `NotImplementedError` by default)
- add `shape_deployment_get_data(...)` (explicitly raises `NotImplementedError` by default)
- make GET sync/shaping behavior explicit per provider instead of accidental passthrough
- Implement wxO-specific GET sync/shaping in `watsonx_orchestrate/mapper.py`:
- parse/validate `provider_data.tool_ids` for binding extraction
- emit `ProviderSnapshotBinding(resource_key, snapshot_id)` for each tool id
- validate/shape GET `provider_data` to expose only `{"llm": ...}` to API clients
- raise clear 500/value errors for malformed adapter payload contracts
- Update wxO adapter GET payload in `watsonx_orchestrate/service.py`:
- always include `tool_ids` and derived `environment`
- include `llm` when available
- remove `or None` fallback so mapper receives consistent structure
- Harden flow-version pruning in `services/database/models/flow_version/crud.py`:
- resolve concrete version IDs to prune first
- delete `FlowVersionDeploymentAttachment` children before deleting `FlowVersion` rows
- prevent stale doubly-orphan attachment rows when SQLite runs with foreign keys disabled
- Simplify guard exception semantics in `deployment/exceptions.py`:
- stop walking chained exceptions; only treat explicit `DeploymentGuardError` instances as guard failures
- add optional remap hook to `araise_if_deployment_guard_error_or_skip(...)`
- add `remap_flow_guard_for_project_delete(...)` to convert flow guard code to project guard code where needed
- Remove duplicated per-route guard catch blocks and centralize behavior:
- `api/utils/flow_utils.py`, `api/v1/flows.py`, and `api/v1/projects.py` now rely on shared async guard helper
- project delete path now remaps `FLOW_HAS_DEPLOYED_VERSIONS` into `PROJECT_HAS_DEPLOYMENTS` via shared remap function
- Keep multi-delete flow route behavior consistent in `api/v1/flows.py`:
- run guard remap/log helper in broad exception path before generic logging and 500 handling
- Update deployment exception tests in `test_exceptions.py`:
- remove chain-parsing expectations
- validate direct guard-raise semantics
- add remap function coverage
- Expand flow version pruning tests:
- `test_crud.py`: verify delete ordering (attachments first, versions second) and no-op behavior when nothing is pruned
- `test_in_memory.py`: add broad regression class proving orphan attachment cleanup, live deployment preservation, cross-flow/user isolation, and repeated-cycle convergence
- Expand deployment API/mapper/sync test coverage:
- `test_deployment_mapper_base.py`: assert new base mapper GET shaper raises until implemented
- `test_deployment_route_handlers.py`: migrate assertions to binding-aware sync behavior, unsupported-provider fallback, sync-failure fallback, and provider_data sanitization
- `test_deployment_sync.py`: add wxO mapper tests for `extract_snapshot_bindings_for_get(...)` and GET data shaping requirements
- `test_watsonx_orchestrate.py`: validate wxO GET provider_data now includes `tool_ids`/`environment` defaults and feature-flag-scoped provider context behavior
* remove redunant description
* remove agent environment from payload for get()
* fix(deployment): prune orphan attachments before reading in flow guard
The cascade flow delete path called `check_flow_has_deployed_versions`,
which issued a SELECT before any write. On SQLite that left the
connection holding only a SHARED lock; the subsequent cascade DELETEs
then had to upgrade SHARED -> RESERVED, which doesn't busy-wait when
another connection already holds RESERVED, surfacing intermittently
in CI as `OperationalError: database is locked`.
Reorder the guard to issue a single DELETE-with-scalar-subquery for
orphan attachments first, so the connection acquires the writer lock
up front. The live-attachment SELECT runs afterwards on the same
session. As a side benefit, orphan pruning now also runs when live
attachments coexist (previously the early raise short-circuited it,
though SAVEPOINT rollback in the retry wrapper still discards the
prune in that failure path).
Log the raw driver-reported `rowcount` verbatim on every prune for
debuggability, and update guard tests for the new DELETE-then-SELECT
ordering.
* add log that pruning might be rolled back
* fix(deployment): set provider scope when reconciling before provider-account delete
The DELETE /api/v1/deployments/providers/{id} handler called
list_deployments_synced without entering deployment_provider_scope, so the
WxO adapter raised CredentialResolutionError ("Deployment account context is
not available for adapter resolution"). Reconciliation was silently dropped
and the stale local count blocked every delete with a 409.
Wrap the reconciliation call in deployment_provider_scope(provider_account.id)
to match every other adapter call site in this module, so stale local
deployment rows can actually be pruned and the provider account can be
removed when the provider no longer owns any resources.
Add three regression tests in TestProviderAccountRoutes:
- assert deployment_provider_scope is active (with the right provider id)
during reconciliation, and that the context does not leak afterwards
- assert that a CredentialResolutionError from reconciliation falls back to
the local count and returns 409 without deleting the provider row
- assert that reconciliation is skipped entirely when no local deployments
exist for the provider
---------
Co-authored-by: Jordan Frazier <jordan.frazier@datastax.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
(cherry picked from commit 60bb53b)
* add-clarification-to-1.9-and-next * Apply suggestions from code review Co-authored-by: April I. Murphy <36110273+aimurphy@users.noreply.github.com> --------- Co-authored-by: April I. Murphy <36110273+aimurphy@users.noreply.github.com> (cherry picked from commit 7fd8469)
add-opensearch-multi-model (cherry picked from commit 15edfe1)
* deployment-sidebars-and-release-note * fix-sidebars-name * manage-deployments * add-requests * clarify-endpoint-difference * improve-anchors * Apply suggestions from code review Co-authored-by: April I. Murphy <36110273+aimurphy@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Mendon Kissling <59585235+mendonk@users.noreply.github.com> * clarify-menu * apply-changes-to-next-and-latest --------- Co-authored-by: April I. Murphy <36110273+aimurphy@users.noreply.github.com> (cherry picked from commit 4898aa8)
…flow-ai#12816) clarify-trace-storage-with-multiple-providers (cherry picked from commit f1863c5)
* refactor(wxo): remove forward-path retries; keep rollback retries only Forward create/update operations now fail fast so transient and non-transient errors surface immediately. Retry/backoff is preserved exclusively for rollback/cleanup paths. A consolidated TODO in retry.py tracks the future work to reintroduce retries for transient 5xx/timeout errors on the forward path. Frontend usePostDeployment hook also disables its mutation retry to match the backend fail-fast behavior. * Add retry false to patch deployment * add retry false on a few other paths * revert: restore wxo backend retry logic, keep frontend retry:false only (cherry picked from commit fd198d8)
langflow-ai#12820) SQLAlchemy was sending enum *names* (e.g. "OK", "CHAIN") while the PostgreSQL enums created in migration 3478f0bd6ccb use the enum *values* ("ok", "chain"), causing silent native-tracing failures with `invalid input value for enum spanstatus: "OK"` and friends on insert. Configure explicit sa_column=Column(SQLEnum(..., values_callable=...)) for status, span_type, and span_kind so the persisted label always matches the migration's enum labels. Also pin the PG enum names ("spanstatus", "spantype", "spankind") so a future auto-generated revision doesn't drift. Fixes langflow-ai#12817 (cherry picked from commit 682c614)
langflow-ai#12835) concat-and-merge-table-component (cherry picked from commit 919054f)
…angflow-ai#12831) * fix(security): require auth on deprecated /api/v1/upload/{flow_id} The deprecated upload endpoint at v1/endpoints.py::create_upload_file had no authentication dependency, allowing any unauthenticated caller to write arbitrary files into a flow's cache folder (folder name == supplied flow_id). Filename is a SHA-256 of contents, so this is primarily a disk-DoS / cross-user bucket-pollution vector rather than direct data exfiltration, but the endpoint is reachable in production (deprecated=True + include_in_schema=False only hides it from docs; the route is still live). Reuse the existing get_flow dependency from api/v1/files.py, which already provides authn (CurrentActiveUser) and authz (flow-ownership check, returning 404 for both missing flows and cross-user access to prevent info disclosure) for the non-deprecated twin at /api/v1/files/upload/{flow_id}. No new auth primitives needed -- get_flow is already the centralized pattern. Known downstream impact: the public SDK helper lfx.load.utils.upload() (re-exported as langflow.load.upload_file) hits this route without credentials. Callers will now receive 401/403 until the SDK is updated to pass auth headers and switch to the non-deprecated /api/v1/files/upload/{flow_id} route -- tracked as follow-up. Regression tests cover unauthenticated rejection and authenticated happy-path on the deprecated route. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(security): enforce size limit + unbreak SDK on deprecated upload Review feedback on langflow-ai#12831 surfaced two follow-ups to the initial auth fix: P1: the SDK helper in lfx/load/utils.py still POSTed to /api/v1/upload/{flow_id} with no credentials, so any caller of langflow.load.upload_file() would receive 401/403 immediately after the patched server ships. Thread an optional api_key through upload() and upload_file(), falling back to the LANGFLOW_API_KEY env var, so existing SDK consumers can keep working without rewriting against the non-deprecated /api/v1/files/upload/{flow_id} route. No arg reordering -- api_key is appended as an optional kwarg. P2: the deprecated endpoint dropped into save_uploaded_file without consulting max_file_size_upload. The non-deprecated twin at api/v1/files.py:85-91 enforces a 413 above the limit; mirror that here so an authenticated user can't fill disk through this route. Regression tests: - tests/unit/api/v1/test_endpoints.py::test_deprecated_upload_enforces_max_file_size asserts 413 when max_file_size_upload is monkey-patched to 1 MB and the body is 2 MB. - new src/lfx/tests/unit/load/test_upload.py covers: explicit api_key sends the x-api-key header, LANGFLOW_API_KEY env var fallback, explicit arg overrides env var, no-key sends no header (so server authn failure is the correct signal), upload_file forwards the key, and a server 401 surfaces as UploadError. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> (cherry picked from commit 99da6d0)
…2718) * fix(security): prevent XSS in chat messages with DOMPurify sanitization - Add DOMPurify sanitization to MarkdownField component - Sanitize all chat messages before rendering to prevent XSS attacks - Add comprehensive test suite (21 tests, all passing) - Block all major XSS vectors: scripts, event handlers, iframes, SVG attacks - Prevent session theft, cookie exfiltration, and DOM manipulation - Fixes stored XSS vulnerability in chat message rendering Security Impact: - Prevents execution of malicious JavaScript in chat messages - Protects user session cookies from theft - Blocks potential RCE chain via XSS vector - All user input is now sanitized before rendering Tests verify protection against: - Script injection (various casings) - Event handler exploitation (onclick, onerror, onload, onmouseover) - Iframe-based attacks (srcdoc, javascript: protocol) - SVG XSS vectors - Link-based XSS (javascript:, data: protocols) - Real-world attack scenarios (cookie theft, DOM manipulation, keyloggers) All 21 security tests passing ✓ * fix: address GitHub Copilot review feedback for XSS security - Optimize performance: Add useMemo to prevent repeated sanitization on re-renders - Preserve <think> tags: Implement marker replacement pattern to handle special tags - Fix playground chat: Apply same XSS protection to playground chat component - Improve tests: Rewrite tests to directly validate DOMPurify logic with 33 parameterized test cases - All tests passing (33/33) Addresses all feedback from GitHub Copilot code review Note: Pre-existing 'any' types in original code not modified * fix(frontend): add rehype-sanitize to prevent XSS attacks in chat messages - Added rehype-sanitize to markdown pipeline after rehypeRaw - Prevents stored XSS attacks from malicious HTML in chat messages - Added user-friendly warning banner when HTML content is sanitized - Preserves code blocks with HTML/JSX syntax - Updated tests to cover sanitization warning functionality - All 15 tests passing Addresses CVE-level XSS vulnerability while maintaining good UX * fix(frontend): remove any types from test mocks * feat: add warning message for sanitized content in chat - Add user-friendly warning when content is filtered by security sanitization - Detect empty rendered output after rehype-sanitize processing - Display warning: 'The response was filtered by security sanitization and cannot be displayed' - Fix sanitizeSchema to handle undefined defaultSchema in test environments - All 3818 frontend tests passing including 15 XSS security tests * fix: improve sanitization warning and allow media elements - Check for img, hr, video, audio elements in addition to text content - Prevents false warnings when response contains only media or layout elements - Move editedFlag outside warning conditional to preserve UI state - Add video and audio tags to sanitization allowlist with safe attributes - Only allow http/https protocols for media src attributes - Add test to verify media elements are in sanitization schema - Addresses code review feedback from Claude * refactor: extract shared SanitizedMarkdown component - Create reusable SanitizedMarkdown component to eliminate code duplication - Consolidate security-sensitive sanitization logic in one place - Both IOModal and Playground now use the same implementation - Reduces maintenance burden and ensures consistent security behavior - Removes 105 net lines of duplicated code - All 16 XSS security tests still passing - Addresses code review feedback about duplicated security logic * [autofix.ci] apply automated fixes --------- Co-authored-by: Janardan S Kavia <janardanskavia@Janardans-MacBook-Pro.local> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> (cherry picked from commit f4a2179)
…langflow-ai#12832) * fix(security): close IDOR in get_flow_by_id_or_endpoint_name (LE-639) The helper at helpers/flow.py::get_flow_by_id_or_endpoint_name had two symmetric holes that let an authenticated user resolve another user's flow by UUID or endpoint_name: 1. UUID branch called ``session.get(Flow, flow_id)`` with zero ownership check -- user_id was completely ignored when a UUID was supplied. 2. endpoint_name branch only applied the user_id filter when a truthy user_id was passed. FastAPI ``Depends(get_flow_by_id_or_endpoint_name)`` resolves user_id as a query parameter that no real caller sets, so the filter was silently skipped on every route using the Depends pattern. Reported exploit path (Jira LE-639): POST /api/v1/responses with the victim's flow UUID in the ``model`` field executes the victim's flow and returns the output. openai_responses.py and v2/workflow.py pass user_id explicitly, so fixing the helper auto-fixes those endpoints; the v1 /run* endpoints are defense-in-depth covered by check_flow_user_permission in _run_flow_internal, but now fail closed at the helper layer too. Fix normalizes user_id once at the top of the helper and enforces it on both branches. Cross-user lookups return None so the shared 404 path fires (matches api/v1/files.py::get_flow pattern), which avoids disclosing flow existence via a 403-vs-404 oracle. user_id=None preserves the existing no-scope behavior for webhooks and internal callers that legitimately need cross-user lookup. Tests: - 8 new unit tests on the helper covering same-user UUID, cross-user UUID (primary IDOR), UUID instance vs str user_id, no-user-scope, missing-flow, endpoint_name with and without user_id. - 1 new integration test reproducing the Jira PoC on /api/v1/responses: attacker with valid API key receives flow_not_found when supplying the victim's flow UUID. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(security): apply LE-639 scoping to the /run* Depends routes too Reviewer pointed out two gaps in the original helper-only fix: 1. Three /run* endpoints still used ``Depends(get_flow_by_id_or_endpoint_name)`` directly. FastAPI exposes ``user_id`` as a plain query parameter in that shape, which no real caller sets, so the helper stayed unscoped on those routes and ownership was only enforced later by check_flow_user_permission with a 403. That leaves a 403-vs-404 flow-existence oracle open. 2. Eager ``UUID(user_id)`` normalization in the helper turned a malformed query-string ``?user_id=foo`` into a raw 500. Fixes: - Add two auth-aware wrapper dependencies in endpoints.py: - get_flow_for_api_key_user: pulls the caller from api_key_security - get_flow_for_current_user: pulls the caller from CurrentActiveUser Both forward the authenticated user_id to the existing helper. - Swap the three bare dependencies to the wrappers: - /api/v1/run/{flow_id_or_name} - /api/v1/run/session/{flow_id_or_name} - /api/v1/run/advanced/{flow_id_or_name} The webhook and webhook-events routes keep the bare helper: webhook is intentionally public and webhook-events already does an explicit str(flow.user_id) != str(user.id) check before subscribing. - In helpers/flow.py, wrap the UUID(user_id) normalization and convert ValueError / AttributeError into the same 404 path used for missing flows. Keeps the fail-closed posture -- a caller whose identity we can't resolve never learns whether a flow exists. Tests: - Update the four existing cross-user tests (/run, /run with payload, /run with streaming, /run/advanced) from 403 to 404, and swap the "You do not have permission" substring check for a leak-safe "'permission' not in response.text.lower()" assertion. Also update test_permission_check_blocks_before_execution for the same reason. - Add test_user_cannot_run_other_users_flow_session_endpoint for the /run/session path (monkeypatches agentic_experience=True and logs in as a second local user via session auth). - Add test_run_rejects_malformed_user_id_query_param asserting that ``?user_id=<junk>`` never surfaces as 500 on the /run route. - Add three parametrized unit tests on the helper covering "not-a-uuid", "", and "12345-not-a-real-uuid" -- each must raise 404 without hitting the database. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> (cherry picked from commit 2c9f498)
* Set wxo ff to true by default * update test * [autofix.ci] apply automated fixes --------- Co-authored-by: Hamza Rashid <74062092+HzaRashid@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> (cherry picked from commit 0b5038c)
add-tip-about-running-large-models-locally (cherry picked from commit bc2bd31)
…rkflow (langflow-ai#12847) - Add tag format validation (must start with 'v') - Check for duplicate tags without 'v' prefix - Prevent release notes from using wrong base comparison - Add validate-tag-format job dependency to create_release Fixes tag duplication issue that caused v1.9.0 release notes to miss 58 commits. Root cause: Duplicate tags (1.8.3 vs v1.8.3) caused GitHub's generateReleaseNotes to pick the wrong base tag due to alphabetical sorting. This ensures future releases will: 1. Only accept tags with 'v' prefix (v1.2.3 format) 2. Detect and reject releases if duplicate tags exist 3. Generate correct release notes with proper commit history (cherry picked from commit a754961)
* fix(security): default WEBHOOK_AUTH_ENABLE to True (unauth webhook execution)
POST /api/v1/webhook/{flow_id} previously executed any user's flow
without authentication because WEBHOOK_AUTH_ENABLE defaulted to False.
Change the default to True so webhook endpoints require an API key and
validate that the caller owns the flow being executed. Operators who
need the prior behavior can explicitly opt in with
LANGFLOW_WEBHOOK_AUTH_ENABLE=False.
Docs updated to reflect the new secure-by-default behavior.
* test(security): add regression tests for WEBHOOK_AUTH_ENABLE default
Guard against a regression of the unauthenticated webhook execution fix:
one test pins the class-level default to True, the other confirms the
runtime config rejects an unauthenticated POST with 403 under defaults.
(cherry picked from commit cb6f750)
…2808) fix(lfx): route memory ops to stubs when DB service is noop lfx.memory bound to langflow.memory at import time whenever the langflow package was importable, even when the registered DB service was NoopDatabaseService. langflow.memory.aupdate_messages then called session.get() on a NoopSession (which unconditionally returns None) and raised spurious "Message with id X not found" errors mid-stream from the Agent component. Dispatch now happens at call time via has_langflow_db_backend(), which requires both langflow to be importable AND a non-noop DB service to be registered. Call-time evaluation is required because the DB service is typically registered after lfx.memory is first imported during component class loading. (cherry picked from commit 6453d66)
…angflow-ai#12854) Backend and frontend images (langflowai/langflow-backend and langflowai/langflow-frontend) are separate from the main image (langflowai/langflow), so they should not be skipped when the main version already exists on Docker Hub. This fixes the issue where backend/frontend builds for 1.9.0 were skipped because the main 1.9.0 image was already published, preventing these critical images from being available on Docker Hub. Fixes: Backend and frontend Docker images not published in 1.9.0 release (cherry picked from commit 5955870)
* chore: security patch security patch * chore: upgrade package-lock.json * chore: smolagents and transformer update * chore: redis upgrade * chore: litellm upgrade * fix: Pin click to avoid lower versions ## Root cause **litellm 1.83.5+** introduced an exact pin `click==8.1.8` in its `requires_dist` (upstream bug [BerriAI/litellm#26154](BerriAI/litellm#26154) — "Pinning exact dependency versions breaks downstream consumers"). When this branch bumped litellm to 1.83.11, uv was forced to downgrade click from 8.3.2 → 8.1.8. Click 8.2+ captures stderr separately by default; 8.1 merges it — hence `ValueError: stderr not separately captured`. ## Fix - [pyproject.toml:155](pyproject.toml:155) — added `"click>=8.3.0"` to `[tool.uv] override-dependencies` with comment linking the upstream issue. - [src/backend/base/pyproject.toml:112](src/backend/base/pyproject.toml:112) — same override so `langflow-base` Docker builds pick it up too. - Regenerated `uv.lock` (click: 8.1.8 → 8.3.3). - Patched the `click` entry in `src/backend/base/uv.lock` to 8.3.3 (that lockfile is used by `docker/build_and_push_base.Dockerfile` via `uv sync --frozen`; uv treats backend/base as a workspace member so I updated its click block directly — no other references to 8.1.8 remain). - Reverted [src/lfx/tests/unit/cli/test_run_real_flows.py](src/lfx/tests/unit/cli/test_run_real_flows.py) back to its original `result.stderr` usage — now passes cleanly with click 8.3.3. All 19 tests in the file pass. * Update build_and_push_backend.Dockerfile The `uv pip install` command doesn't read `[tool.uv] override-dependencies` from the target packages' pyproject.toml — those overrides only apply during `uv lock`/`uv sync`. The fix is to pass the overrides explicitly via `--overrides`. Now let me verify it works by running the same install locally. Resolution succeeded — click==8.3.3, aiohttp==3.13.5, litellm==1.83.11 all coexist. Let me also test without `--overrides` to confirm I reproduce the original failure. Reproduced the Docker failure locally. Now test with the overrides file: Fix verified — resolution succeeds with the overrides file, failing without. Let me clean up and show the final Dockerfile change. ## Summary **Root cause:** The Dockerfile uses `uv pip install ./src/...` which **does not read** `[tool.uv] override-dependencies` from the target packages' `pyproject.toml` — those overrides only apply during `uv lock`/`uv sync`. On Linux, `cuga>=0.2.20` requires `aiohttp>=3.13.5`, but `litellm==1.83.11` exact-pins `aiohttp==3.13.3` (same upstream bug as the click pin, [BerriAI/litellm#26154](BerriAI/litellm#26154)). Without an active override, resolution fails. **Fix:** Write a `/tmp/uv-overrides.txt` file mirroring the workspace's `override-dependencies` (litellm, python-dotenv, openai, aiohttp, click) and pass `--overrides /tmp/uv-overrides.txt` to `uv pip install`. Verified locally by reproducing the exact failure in an isolated tmp directory (to escape the workspace's pyproject.toml auto-apply), then confirming the overrides file resolves it: - aiohttp==3.13.5 ✓ - click==8.3.3 ✓ - litellm==1.83.11 ✓ - cuga==0.2.22 ✓ * Templates version update * Update .secrets.baseline * chore: update overrides * chore: bump version * chore: bump main version * chore: bump SDK version to 0.1.1 * chore: run uv lock and uv sync after SDK version bump * chore: read the overrides from a single source security patch * chore: add pip check toggle add pip check toggle * chore: litellm base uv.lock update * fix(chore): Pin litellm back to last working release * fix(chore): Pin to 1.83 and higher litellm * Update build_and_push_backend.Dockerfile * chore: update base uv.lock * fix: lazyload toolguard since its an optional extra * Update .secrets.baseline * Update component_index.json * Rebuild component index * Update component_index.json --------- Co-authored-by: Eric Hare <ericrhare@gmail.com> Co-authored-by: vijay kumar katuri <vijay.katuri@ibm.com> (cherry picked from commit 60a8f76)
(cherry picked from commit 981fe5f)
|
✅ Migration Validation Passed All migrations follow the Expand-Contract pattern correctly. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Created Valkey component for vector storage and chat message storage