Wendong-Fan
b949bc13b9
remove unused model type file
2026-01-13 21:32:29 +08:00
Sun Tao
3f13d49c7a
update
2026-01-13 19:22:57 +08:00
Sun Tao
5d6692bb9b
update
2026-01-13 18:16:04 +08:00
Cole Murray
102a864d43
fix(security): prevent arbitrary code execution in CI workflow
...
SECURITY FIX: The previous CI workflow was vulnerable to arbitrary code
execution from fork PRs due to using `pull_request_target` with checkout
of untrusted PR code.
Attack vector:
- Attacker forks repo and adds malicious node_modules/.bin/markdownlint-cli
- Opens PR to trigger CI workflow
- npx executes attacker's script with repository write permissions
- Attacker can exfiltrate credentials, comment on PRs, or push code
Fix:
- Split workflow into two separate files
- ci.yml: Uses pull_request_target for commenting (no code checkout)
- lint-markdown.yml: Uses pull_request for linting (safe to checkout)
The pull_request trigger runs fork PRs with read-only permissions and
no access to repository secrets, making it safe to checkout and execute
PR code.
Additional improvements:
- Updated actions to latest versions (checkout@v4, github-script@v7, paths-filter@v3)
- Pin markdownlint-cli version to prevent supply chain attacks
- Added security comments explaining the rationale
Reference: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
2026-01-12 23:10:48 -08:00
Guohao Li
a1efe01a58
I don't care ( #835 )
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
CodeQL Advanced / Analyze (python) (push) Waiting to run
2026-01-13 07:47:38 +01:00
Guohao Li
04224b0d8e
I don't care
2026-01-13 06:47:10 +00:00
Guohao Li
836c0c7ba4
Revise Eigent description to highlight open source aspect ( #833 )
2026-01-13 05:38:07 +01:00
Guohao Li
12265434b0
Revise Eigent description to highlight open source aspect
...
Updated the README to reflect Eigent as an open source cowork desktop application.
2026-01-13 04:31:20 +00:00
Wendong-Fan
04ae6d773e
update camel version to 0283a5 with updated workforce prompt and task fail setting
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
CodeQL Advanced / Analyze (python) (push) Waiting to run
2026-01-10 04:27:21 +08:00
Wendong-Fan
18a3bc86ca
Update WeChat QR code via QR Code Updater
...
🤖 Automated update
2026-01-09 09:32:55 +00:00
Wendong-Fan
a8da8b4aaa
fix: stream output
2026-01-09 03:25:05 +08:00
Wendong-Fan
6fcb328d11
update camel version
2026-01-08 23:27:54 +08:00
罗鹏铖
afd76e6fe1
feat: add gpt-5.2 ( #820 )
2026-01-07 15:56:13 +08:00
Sun Tao
1626d877fe
update
2026-01-07 13:44:37 +08:00
Wendong-Fan
da61c586b4
release: 0.0.77
2026-01-03 07:53:24 +08:00
Wendong-Fan
6fbc2e8823
update camel version to 0.2.83a1
2026-01-03 07:28:59 +08:00
Wendong-Fan
8d871745d5
minor fix
2026-01-03 04:36:02 +08:00
Wendong-Fan
53c74cd6fd
sync login ui with backend ( #815 )
2026-01-02 20:28:58 +00:00
Wendong-Fan
d599429f98
Merge branch 'main' into feat/update-email-login-ui
2026-01-02 20:28:51 +00:00
Wendong-Fan
2b07354c28
release: 0075
2026-01-03 03:48:09 +08:00
Wendong-Fan
0375d7aa66
update cicd setting in workflows
2026-01-03 03:13:40 +08:00
Wendong-Fan
cc3cc9c297
release 0074
2026-01-03 03:02:01 +08:00
Wendong-Fan
c6b2b01d6b
fix/terminal tool call ( #816 )
2026-01-02 18:45:02 +00:00
Wendong-Fan
a7e1ed87f3
Merge branch 'main' into fix/terminal_tool_call
2026-01-02 18:44:15 +00:00
Wendong-Fan
877506c7c6
minor fix
2026-01-03 02:43:33 +08:00
Wendong-Fan
af16271dda
Update WeChat QR code via QR Code Updater
...
🤖 Automated update
2026-01-02 17:17:24 +00:00
puzhen
1673b4215c
remove redundent
2026-01-02 01:51:54 +00:00
puzhen
0fb1c3df38
check tool is sync or async before tool.async_call()
2026-01-02 01:39:19 +00:00
puzhen
e82fd03221
remove send_message_to_user
2026-01-02 00:27:03 +00:00
puzhen
064b7e866a
fix/terminal tool call
2026-01-01 21:40:18 +00:00
LuoPengcheng
3bfdcdb646
sync login ui with backend
2025-12-31 03:34:13 +08:00
Wendong-Fan
8955dbb725
enhance: tool info stream UI ( #812 )
2025-12-30 13:42:40 +00:00
Wendong-Fan
fdd651f773
Improve streaming task splitting UI display
2025-12-30 12:57:21 +08:00
Sun Tao
1917fa38e1
Merge branch 'main' into fix_tool_info
2025-12-30 12:18:06 +08:00
Sun Tao
d18aa6f219
Merge branch 'main' into fix_tool_info
2025-12-30 12:15:14 +08:00
Tao Sun
a845fe1436
feat: Stream mode task splitting ( reopen #767 ) ( #793 )
2025-12-29 23:15:50 +08:00
Tao Sun
47084a9ec5
Merge branch 'main' into stream_mode
2025-12-29 16:26:32 +08:00
Sun Tao
96322180a9
Update agent.py
2025-12-29 11:44:17 +08:00
Wendong-Fan
597dd4b4d0
bump up camel version to 0283a0 ( #809 )
2025-12-29 01:20:02 +00:00
Wendong-Fan
01a898d10d
bump up camel version to 0283a0
2025-12-29 09:19:48 +08:00
Sun Tao
e1b4ef87db
Merge branch 'main' into stream_mode
2025-12-28 21:48:33 +08:00
Sun Tao
1d39b30d46
Update chatStore.ts
2025-12-18 22:12:21 +08:00
Wendong-Fan
1e9b49fce5
chore: update camel version to 0.2.82 ( #794 )
CodeQL Advanced / Analyze (actions) (push) Has been cancelled
CodeQL Advanced / Analyze (javascript-typescript) (push) Has been cancelled
CodeQL Advanced / Analyze (python) (push) Has been cancelled
2025-12-18 09:38:30 +08:00
Wendong-Fan
c443dfbd6c
chore: update camel version to 0.2.82
2025-12-18 09:38:08 +08:00
Wendong-Fan
24de6ec892
Reapply "feat: Stream mode task spliting ( #767 )"
...
This reverts commit 7d9e14185d
2025-12-18 07:14:44 +08:00
Wendong-Fan
7d9e14185d
Revert "feat: Stream mode task spliting ( #767 )"
...
This reverts commit 16ac0d86fc4ce792627c
2025-12-18 07:13:24 +08:00
Wendong-Fan
16ac0d86fc
feat: Stream mode task spliting ( #767 )
2025-12-18 06:36:33 +08:00
Wendong-Fan
788e3e8bc7
enhance: Stream mode task spliting PR767 ( #791 )
2025-12-18 06:36:09 +08:00
Wendong-Fan
6cb68177f5
enhance: Stream mode task spliting PR767
2025-12-18 06:35:16 +08:00
Wendong-Fan
9e40e979be
Merge branch 'main' into stream_mode
2025-12-18 06:18:54 +08:00
