v0.5.1
Breaking risk
⚠ Upgrade required
- Deprecation: `showWorkspaceContent` has been removed; update any related code paths.
- Config change: MinIO SSL can now be enabled/disabled via the environment variable `MINIO_SSL_ENABLED`.
Breaking changes
- Removed `showWorkspaceContent` feature
Security fixes
- Fix horizontal privilege vulnerability in API
- Prevent SQL injection in memory queries
- Remove unsafe `python_script.py` file
Notable features
- Add conversation retrieve API that returns a section ID field
- Support OpenAPI chat with non‑stream mode
- Implement NATS EventBus for event handling
Full changelog
Image Version
cozedev/coze-studio-server:0.5.1
cozedev/coze-studio-web:0.5.1
What's Changed
- feat: if .venv python not found ues system python by @fanlv in https://github.com/coze-dev/coze-studio/pull/2404
- feat: update readme for model managerment by @fanlv in https://github.com/coze-dev/coze-studio/pull/2405
- feat: add conversation retrieve api & return section id field in chat… by @junwen-lee in https://github.com/coze-dev/coze-studio/pull/2408
- feat: optimize embedding configuration to support omitting model dims by @fanlv in https://github.com/coze-dev/coze-studio/pull/2412
- feat: model configuration and embedding configuration optimization. by @fanlv in https://github.com/coze-dev/coze-studio/pull/2414
- feat: update code owner by @fanlv in https://github.com/coze-dev/coze-studio/pull/2417
- feat: remove showWorkspaceContent by @fanlv in https://github.com/coze-dev/coze-studio/pull/2420
- feat: add NATS EventBus implementation by @pozen in https://github.com/coze-dev/coze-studio/pull/2385
- feat: support openapi chat with non-stream by @junwen-lee in https://github.com/coze-dev/coze-studio/pull/2431
- fix: custom plugin validate by @yanwencheng in https://github.com/coze-dev/coze-studio/pull/2436
- fix: api horizontal privilege by @junwen-lee in https://github.com/coze-dev/coze-studio/pull/2434
- feat: support conversation isolation by @junwen-lee in https://github.com/coze-dev/coze-studio/pull/2443
- fix: ark ResponseFormat by @fanlv in https://github.com/coze-dev/coze-studio/pull/2446
- fix: ensure admin email check is case-insensitive by @fanlv in https://github.com/coze-dev/coze-studio/pull/2448
- fix: close io reader properly by @fanlv in https://github.com/coze-dev/coze-studio/pull/2464
- fix: pkg name by @junwen-lee in https://github.com/coze-dev/coze-studio/pull/2465
- fix: revert es relation type by @junwen-lee in https://github.com/coze-dev/coze-studio/pull/2463
- feat(plugin): set X-Aiplugin-Connector-Identifier header to 'CozeUID' in conversation flow by @DMIAOCHEN in https://github.com/coze-dev/coze-studio/pull/2477
- fix: change the configuration of ng default timeout by @junwen-lee in https://github.com/coze-dev/coze-studio/pull/2480
- feat: eyurtsev/pyodide-sandbox -> langchain/pyodide-sandbox by @fanlv in https://github.com/coze-dev/coze-studio/pull/2498
- fix: always select ID in GetAll pagination to prevent infinite loop by @zero4197 in https://github.com/coze-dev/coze-studio/pull/2497
- perf: optimize MySQL connection pool settings by @zero4197 in https://github.com/coze-dev/coze-studio/pull/2524
- perf: make MinIO SSL setting configurable via environment variable by @zero4197 in https://github.com/coze-dev/coze-studio/pull/2525
- fix: chatsdk bot add quest and input node by @tomasyu985 in https://github.com/coze-dev/coze-studio/pull/2540
- fix: memory sql injection by @N3kox in https://github.com/coze-dev/coze-studio/pull/2545
- feat: update helm by @fanlv in https://github.com/coze-dev/coze-studio/pull/2553
- fix(workflow): resolve batch node copy error by using clipboard service by @louisyoungx in https://github.com/coze-dev/coze-studio/pull/2555
- fix(model): input messages do not contain elements with the role of user by @fanlv in https://github.com/coze-dev/coze-studio/pull/2557
- feat: add knowledge openapi by @junwen-lee in https://github.com/coze-dev/coze-studio/pull/2562
- fix(backend): fixed the Workflow Icon URL expiration issue & workflow create conversation check permission by @zhuangjie1125 in https://github.com/coze-dev/coze-studio/pull/2563
- fix: remove unsafe file python_script.py by @fanlv in https://github.com/coze-dev/coze-studio/pull/2572
- feat: Add 'Client-Platform' header for server processing for PP-OCR and PP-Structure by @Bobholamovic in https://github.com/coze-dev/coze-studio/pull/2575
- fix(helm): shrink model_meta.json to avoid ConfigMap annotation limit by @fanlv in https://github.com/coze-dev/coze-studio/pull/2579
- docs: fix incorrect information in README.md by @axolo in https://github.com/coze-dev/coze-studio/pull/2583
- fix(passport): forbid cross-account password reset via email mismatch by @fanlv in https://github.com/coze-dev/coze-studio/pull/2594
- pref: Update .env file path in README.zh_CN.md by @axolo in https://github.com/coze-dev/coze-studio/pull/2584
New Contributors
- @pozen made their first contribution in https://github.com/coze-dev/coze-studio/pull/2385
- @DMIAOCHEN made their first contribution in https://github.com/coze-dev/coze-studio/pull/2477
- @zero4197 made their first contribution in https://github.com/coze-dev/coze-studio/pull/2497
- @louisyoungx made their first contribution in https://github.com/coze-dev/coze-studio/pull/2555
- @axolo made their first contribution in https://github.com/coze-dev/coze-studio/pull/2583
Full Changelog: https://github.com/coze-dev/coze-studio/compare/v0.5.0...v0.5.1
