Skip to content

SillyTavern

LLM Frameworks

A locally‑installed, extensible UI for interacting with many LLM, image generation, and TTS APIs.

Track releases GitHub Website
JavaScript Latest 1.18.0 · 1mo ago Security brief →

Features

  • Unified interface for numerous LLM APIs (OpenAI, Claude, Mistral, etc.)
  • Mobile‑friendly layout with Visual Novel Mode
  • Integrated Automatic1111 & ComfyUI API image generation
  • Text‑to‑Speech support and WorldInfo lorebooks

Recent releases

View all 3 releases →
1.18.0 Breaking risk
⚠ Upgrade required
  • Run `npm run init` after upgrading to migrate configuration if the post‑install script was previously used.
  • HTTP keep‑alive is disabled by default; enable via config if needed.
  • New config options allow selecting headers for forwarded IP detection and configuring private address/IP whitelists.
Breaking changes
  • Removed post‑install script; config migration must be performed manually with `npm run init` or through the application.
Security fixes
  • Added rate limiting to basic authentication flow.
  • Implemented PKCE challenge in OpenRouter OAuth flow for secure key exchange.
  • Added private address whitelist and SSO IP whitelist to prevent SSRF/authentication bypass.
Full changelog

SillyTavern 1.18.0

Important news

Read the maintainers statement regarding a recent security incident involving the "Bot Browser" third-party extension and learn how to stay safe: https://github.com/SillyTavern/SillyTavern/discussions/5592

Backends

  • Added Cloudflare Workers AI and MiniMax as Chat Completion sources.
  • KoboldCpp: Grammar state will be preserved when using a "Continue" option.
  • KoboldCpp: Added forwarding of reasoning effort when running as a Custom Chat Completion source.
  • Tool Calling: Added a configurable tool calling recursion limit; enabled interleaved thinking for Custom sources.
  • Text Completion: Impersonation requests use a "Last User Message" prefix at the end of the prompt (if configured).
  • Text Generation WebUI: Added Adaptive-P controls.
  • NanoGPT: Added provider selection and model sorting.
  • Added ability to view remaining balance for OpenRouter and NanoGPT.
  • Enhanced support for new models: DeepSeek v4, GPT 5.4 and 5.5, Gemma 4, GLM-5V-Turbo, Claude Opus 4.7.

Server & Security

  • Removed post-install script, config migration is now handled by the app or a dedicated npm run init command.
  • Added npm configuration to prevent execution of package scripts during installation.
  • Moved HTTP error pages and user.css file from /public to /data to support immutable setups.
  • Disabled HTTP keep-alive by default to restore old Node 18 behavior, can be enabled with config.
  • Added rate limiting to the basic authentication flow to mitigate brute-force attacks.
  • Added configuration options to choose which headers can be used for forwarded IP detection to prevent spoofing.
  • Added a private address whitelist to prevent SSRF attacks. See the documentation on how to enable and configure: Private Address Whitelist.
  • Added an IP whitelist for SSO trusted proxies to prevent authentication bypass.
  • Added invalidation of session cookies on password change to prevent session hijacking.
  • Increased the length of password reset code to 6 characters to guard against brute-force attacks.
  • Implemented PKCE challenge in OpenRouter OAuth flow for more secure key exchange.

UI/UX

  • Improved swipe picker: mobile requires a long press on swipe counter to open; added buttons to expand or copy the swipe text.
  • "Click to Edit" mode now also applied to reasoning blocks.
  • Welcome Screen: Number of recent chats can be configured.
  • Streamed requests now can show an error message in the console if the request fails.

STscript

  • Added commands for persona management: /persona-create, /persona-update, /persona-delete, /persona-duplicate, and /persona-get.
  • Added a command to force update the Prompt Manager's prompt list: /pm-render.
  • Added a command to get the state of the regex script: /regex-state.
  • Added a command to set fallback expression: /expression-fallback.
  • Added a command to generate a streamed response with a connection profile: /profile-genstream.

Extensions

  • Assets list now groups extensions by "Official" or "Community" categories.
  • Added an additional confirmation prompt when installing third-party extensions (can be disabled).
  • Supported extensions can use a secret-id from connection profiles when making an LLM request.
  • Extensions list now shows the extension's author name resolved from the git remote URL.
  • Vector Storage: Added Workers AI source; added a toggle to keep vectors for hidden messages; added retry logic to summary generation.
  • Image Generation: Added Workers AI source; generation can now be cancelled by pressing a button in the status toast.
  • Image Captioning: Added support for macros in the caption prompt.
  • TTS: "Skip code blocks" no longer ignores lines that start with 4 spaces (legacy code block syntax); "disabled" voice now shows a toast only once per character.

Bug Fixes

  • Fixed text edit flow in Firefox on mobile.
  • Fixed welcome screen chat pins not updating on chat renaming.
  • Fixed character list filters being stuck on app initialization.
  • Fixed application of instruct formatting to /genraw requests.
  • Fixed model routing to sd.cpp API in Image Generation logic.
  • Fixed validation of image URLs generated with Z.AI API.
  • Fixed vectors deletion for KoboldCpp when a message is deleted.
  • Fixed "Show More Messages" button triggering edit in "Click to Edit" mode.
  • Fixed max height of select-multiple elements in mobile layout.
  • Fixed server crash on empty messages when applying cache control parameters.

Community updates

  • Fix npm audit in /tests by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5370
  • CI: Update node to 24, run ci without scripts by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5376
  • Backmerge release into staging by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5377
  • feat(secrets): update readSecret function to accept optional secret ID by @dylenyedc in https://github.com/SillyTavern/SillyTavern/pull/5356
  • fix: return Error objects from invokeFunctionTool and create error invocations by @xz-dev in https://github.com/SillyTavern/SillyTavern/pull/5351
  • Add opt-in toggle to keep hidden messages in chat vector index by @Copilot in https://github.com/SillyTavern/SillyTavern/pull/5378
  • feat: swipe picker expand/collapse, copy button, and left-align text by @Copilot in https://github.com/SillyTavern/SillyTavern/pull/5380
  • Fix /genraw user instruct format not applied and unwanted system newline by @Claude in https://github.com/SillyTavern/SillyTavern/pull/5372
  • fix: require long press to open swipe picker on phones by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5382
  • Save chat before emitting event for user message by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5389
  • Use custom init script instead of postinstall by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5384
  • glm-5v-turbo by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5393
  • Add VSCode settings for TypeScript SDK configuration by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5394
  • Add Gemma 4 instruct, context, and reasoning presets by @LumiWasTaken in https://github.com/SillyTavern/SillyTavern/pull/5403
  • Immutable public and global content management by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5390
  • Skip TTS for voices explicitly set to disabled (fixes #4970) by @tgies in https://github.com/SillyTavern/SillyTavern/pull/5367
  • Add unit tests for prompt-converters.js by @tgies in https://github.com/SillyTavern/SillyTavern/pull/5364
  • Add unit tests for TavernCardValidator by @tgies in https://github.com/SillyTavern/SillyTavern/pull/5366
  • Add tests for Cache, MemoryLimitedMap, and other util.js coverage gaps by @tgies in https://github.com/SillyTavern/SillyTavern/pull/5365
  • Add IP whitelist for SSO authentication headers by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5404
  • fix: improve streaming error propagation and forwarded response logging by @dz114879 in https://github.com/SillyTavern/SillyTavern/pull/5317
  • feat: add Cloudflare Workers AI provider by @tgies in https://github.com/SillyTavern/SillyTavern/pull/5385
  • fix npm audit in src/electron by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5405
  • Add Entry Preview to World Info Deletion Confirmation Dialog by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5423
  • refactor(tts): remove redundant 4-space codeblock filter by @bumprat in https://github.com/SillyTavern/SillyTavern/pull/5406
  • feat: add Workers AI text embeddings and multimodal captioning by @tgies in https://github.com/SillyTavern/SillyTavern/pull/5414
  • Fix: Remove COMFY_RUNPOD from secrets input map — invalid element reference by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5432
  • Fix: Suppress false "Unsupported language" console warnings for English locale variants by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5431
  • Fix: Skip Pseudo-Elements When Generating Dynamic Focus Styles by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5430
  • Add Arguments Logging to Deprecated MacrosParser Method Warnings for Better Debugging Context by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5429
  • Fix stable-diffusion.cpp model routing and URL path handling by @V13Axel in https://github.com/SillyTavern/SillyTavern/pull/5427
  • Add /regex-state slash command to check regex script status by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5428
  • Migrate built-in extensions to use manifest-based activate hooks by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5435
  • Refactor repetitive vectorization model loading into a generic data-driven function by @Copilot in https://github.com/SillyTavern/SillyTavern/pull/5425
  • Add configurable welcome screen recent chats, fix pin loss on rename, and add popup number input validation by @Copilot in https://github.com/SillyTavern/SillyTavern/pull/5436
  • Gemma 4 reasoning: drop newline there by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5433
  • Chore: Add persona lifecycle events (PERSONA_CREATED, PERSONA_UPDATED, PERSONA_RENAMED, PERSONA_DELETED) by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5443
  • chore: Add getExtensionManifest() to the extension context API by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5442
  • Add disabled property support to all popup custom input types by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5441
  • Fix: Missing signature and toolSignatures fields in ChatCompletionService streaming state by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5439
  • Allow grammar to keep place during continue by @Reithan in https://github.com/SillyTavern/SillyTavern/pull/5444
  • Add clean extension lifecycle hook for optional data cleanup by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5449
  • Emit PERSONA_CREATED event on persona duplication by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5448
  • fix: missing closing bracket in jQuery selector in setInContextMessages() by @Copilot in https://github.com/SillyTavern/SillyTavern/pull/5451
  • Add Streaming Display Utility and New Generation Slash Commands (/genstream, /reasoning-format) by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5438
  • Integrate Cloudflare Workers AI text-to-image into SD extension by @Copilot in https://github.com/SillyTavern/SillyTavern/pull/5434
  • Use 'Last User Prefix' for Last Prompt Line When Sending TC Impersonation Requests by @CasualAutopsy in https://github.com/SillyTavern/SillyTavern/pull/5456
  • Enable interleaved tool reasoning for custom OpenAI-compat endpoints by @Reithan in https://github.com/SillyTavern/SillyTavern/pull/5445
  • Improve OpenRouter model lists in extensions by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5459
  • Enhanced /persona-sync Command with Range, Name Filter, and Quiet Mode by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5460
  • implemented emit events for itemized-prompts.js by @Enerccio in https://github.com/SillyTavern/SillyTavern/pull/5461
  • Fix incorrect translation of "New" button in World Info module by @awaae001 in https://github.com/SillyTavern/SillyTavern/pull/5463
  • Increase Top K max value from 200 to 500 for text generation WebU by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5474
  • add claude-opus-4-7 by @ashishch432 in https://github.com/SillyTavern/SillyTavern/pull/5465
  • Fix group chat reasoning "mind reading" — only include reasoning from the currently generating character by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5473
  • fix: limit max-height of select[multiple] on mobile to prevent Chrome 145+ full-screen rendering by @octo-patch in https://github.com/SillyTavern/SillyTavern/pull/5467
  • fix: correct typo in cacheScores debug log and add JSDoc to filterDataByState by @octo-patch in https://github.com/SillyTavern/SillyTavern/pull/5468
  • Bulk extension field updates via merge-attributes with UNSET_VALUE sentinel by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5471
  • Add 'pm-render' command to refresh prompt manager content by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5483
  • fix: enhance URL validation for Z.AI image generation by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5482
  • Refactor: Replace SD image generation indicator with ActionLoader system by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5472
  • Fix: Prevent "Show More Messages" Button from Triggering Message Edit Mode by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5486
  • Add Click-to-Edit Support for Reasoning Blocks by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5487
  • Add Persona CRUD Slash Commands with Shared Avatar Utilities by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5466
  • Enhance Vectorize All process with error handling, retries and minor improvements by @TanJeeSchuan in https://github.com/SillyTavern/SillyTavern/pull/5479
  • Add Slug Parameter to Action Loader for Programmatic Identification by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5490
  • feat: add Adaptive-P controls for oobabooga by @yuaiccc in https://github.com/SillyTavern/SillyTavern/pull/5502
  • Sync OpenRouter providers list by @cloak1505 in https://github.com/SillyTavern/SillyTavern/pull/5503
  • feat: add getWorldInfoNames() to getContext() for WorldInfo enumeration. by @Therosin in https://github.com/SillyTavern/SillyTavern/pull/5505
  • Fix KoboldCpp vector hash deletion by @yuaiccc in https://github.com/SillyTavern/SillyTavern/pull/5508
  • Display OpenRouter credit balance in UI by @Stagnating in https://github.com/SillyTavern/SillyTavern/pull/5513
  • feat: add MiniMax as a chat completion provider by @octo-patch in https://github.com/SillyTavern/SillyTavern/pull/5452
  • feat: add DeepSeek V4 model support with thinking mode and reasoning effort by @Dclef in https://github.com/SillyTavern/SillyTavern/pull/5522
  • fix: add config toggle to disable HTTP keepAlive (Node 18 behavior) by @DeathStalker471 in https://github.com/SillyTavern/SillyTavern/pull/5519
  • fix: Don't apply layout hack in Firefox Mobile while editing text by @Christoph-D in https://github.com/SillyTavern/SillyTavern/pull/5531
  • add macro support for image caption extension prompt (multimodal) by @f-eg in https://github.com/SillyTavern/SillyTavern/pull/5527
  • Add Tool Call Recurse Limit slider to Chat Completion settings by @Copilot in https://github.com/SillyTavern/SillyTavern/pull/5518
  • OpenAI: Add gpt-5.5, gpt-5.4-mini/nano, gpt-image-2 by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5529
  • feat: add gemma 4 for AI studio by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5493
  • feat: pass koboldcpp reasoning effort by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5491
  • fix: remove legacy filter state restoration by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5535
  • Implement S256 challenge in OpenRouter OAuth flow by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5501
  • Chat Completion: common model sorting and grouping settings, improved NanoGPT model list by @DeathStalker471 in https://github.com/SillyTavern/SillyTavern/pull/5536
  • feat: Add NanoGPT credit stats UI by @DeathStalker471 in https://github.com/SillyTavern/SillyTavern/pull/5537
  • Fix missing filename sanitization on V2 JSON character import + harden getPngName as safety nee by @Wolfsblvt in https://github.com/SillyTavern/SillyTavern/pull/5538
  • Implement private IP range request host validator by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5497
  • Fix: Prevent crash in cachingAtDepthForOpenRouterClaude on empty content from trailing tool calls by @crsp6447 in https://github.com/SillyTavern/SillyTavern/pull/5541
  • Better SVG for Kobold/KoboldCpp by @bubfix in https://github.com/SillyTavern/SillyTavern/pull/5543
  • fix: improve sanitation of toasts that bypass HTML escaping by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5540
  • fix: update backup archive to ignore migration secrets files by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5548
  • Backmerge release into staging by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5549
  • Minor adjustments to the SVG icons. by @bubfix in https://github.com/SillyTavern/SillyTavern/pull/5546
  • fix: (AI Studio) temperature -> maxTemperature by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5554
  • Extension management improvements by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5552
  • Fix json schema use for openAI compat CUSTOM endpoints in several use paths by @Reithan in https://github.com/SillyTavern/SillyTavern/pull/5561
  • Feat - Add expression-set-fallback slash command by @leandrojofre in https://github.com/SillyTavern/SillyTavern/pull/5551
  • feat: add nanogpt provider selection by @DeathStalker471 in https://github.com/SillyTavern/SillyTavern/pull/5544
  • Add rate limit to basic auth middleware by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5504
  • Update/Turn expression-set-fallback into expression-fallback by @leandrojofre in https://github.com/SillyTavern/SillyTavern/pull/5564
  • Add account version tags to cookies by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5563
  • Extension clone improvements (part 2) by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5571
  • fix: npm audit package dependencies by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5572
  • Add option to return malformed JSON string from extractJsonFromData by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5578
  • Refactor extension management and assets download menu by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5583
  • Tabby: Prevent unwanted BOS token being added to all tokenizations. by @Ph0rk0z in https://github.com/SillyTavern/SillyTavern/pull/5589
  • Update release version number by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5590
  • Staging by @Cohee1207 in https://github.com/SillyTavern/SillyTavern/pull/5591

New Contributors

  • @dylenyedc made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5356
  • @dz114879 made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5317
  • @bumprat made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5406
  • @V13Axel made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5427
  • @Enerccio made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5461
  • @ashishch432 made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5465
  • @octo-patch made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5467
  • @TanJeeSchuan made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5479
  • @yuaiccc made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5502
  • @Stagnating made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5513
  • @Dclef made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5522
  • @DeathStalker471 made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5519
  • @f-eg made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5527
  • @crsp6447 made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5541
  • @bubfix made their first contribution in https://github.com/SillyTavern/SillyTavern/pull/5543

Full Changelog: https://github.com/SillyTavern/SillyTavern/compare/1.17.0...1.18.0

View release on GitHub
1.17.0 Breaking risk
Breaking changes
  • Requires Node.js 20 or higher
Notable features
  • Claude adaptive thinking support mapped from Reasoning Effort
  • New Swipe Picker interface for browsing and branching swipes
  • Macro engine enabled by default with new lifecycle hooks
View release on GitHub
1.16.0 Breaking risk
Security fixes
  • Path traversal vulnerability in server endpoints
  • CORS forwarding available without authentication
  • SSRF vulnerability in asset downloading
Notable features
  • Macros 2.0 with scoped syntax, variables, and conditionals
  • Audio inlining support for OpenAI and compatible endpoints
  • Adaptive-P sampler for Text Completion backends
View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
28,621
Forks
5,430
Languages
JavaScript HTML CSS
Downloads/week
2,170 ↑180%
NPM Maintainers
1
Contributors
100
View on GitHub View on npm Homepage Documentation

Install & Platforms

Platforms
windows macos linux arm64

Community & Support

Discord

Similar tools

Agenta
AdalFlow
Onyx Community Edition
chat-ui
ChatDev

Beta — feedback welcome: [email protected]