vrr/open-notebook
2
0
Fork 0
mirror of https://github.com/lfnovo/open-notebook.git synced 2026-05-02 13:20:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
open-notebook/api/routers
History
Luis Novo 2f75c5978c fix: harden path validation to prevent sibling directory bypass 
Append os.sep to the directory path before startswith() check so that
paths like /app/data/uploads_evil/ cannot bypass the uploads directory
validation.
2026-04-09 12:05:38 -03:00
..
__init__.py Api podcast migration (#93) 2025-07-17 08:36:11 -03:00
auth.py feat: credential-based API key management (#477) (#540) 2026-02-10 08:30:22 -03:00
chat.py fix: complete SqliteSaver async compatibility in chat routers (#525) 2026-02-06 15:55:05 -03:00
commands.py Feat/localization tests docker (#371) 2026-01-15 13:51:05 -03:00
config.py Feat/localization tests docker (#371) 2026-01-15 13:51:05 -03:00
context.py Feat/localization tests docker (#371) 2026-01-15 13:51:05 -03:00
credentials.py fix: persist source asset, preserve custom titles, cascade-delete credential models 2026-04-06 07:38:37 -03:00
embedding.py feat: content-type aware chunking and unified embedding (#444) 2026-01-21 23:49:08 -03:00
embedding_rebuild.py Fix re-embedding issues and improve retry strategy (#515) 2026-01-31 18:55:01 -03:00
episode_profiles.py feat(podcasts): model registry integration, credential passthrough & new features (#632) 2026-02-27 11:06:47 -03:00
insights.py Feat/localization tests docker (#371) 2026-01-15 13:51:05 -03:00
languages.py feat(podcasts): model registry integration, credential passthrough & new features (#632) 2026-02-27 11:06:47 -03:00
models.py feat: add DashScope (Qwen) and MiniMax provider support 2026-04-06 10:54:37 -03:00
notebooks.py fix: prevent SurrealDB injection via order_by and unparameterized queries 2026-04-07 07:58:54 -03:00
notes.py fix: word-wrap overflow in source cards, note editor, and inline edit 2026-02-16 14:53:30 -03:00
podcasts.py fix: podcast failure recovery and retry (1.7.3) (#595) 2026-02-17 21:24:57 -03:00
search.py feat: improve error clarity for LLM provider failures (#506) 2026-02-16 16:15:46 -03:00
settings.py Feat/localization tests docker (#371) 2026-01-15 13:51:05 -03:00
source_chat.py fix: prevent SurrealDB injection via order_by and unparameterized queries 2026-04-07 07:58:54 -03:00
sources.py fix: harden path validation to prevent sibling directory bypass 2026-04-09 12:05:38 -03:00
speaker_profiles.py feat(podcasts): model registry integration, credential passthrough & new features (#632) 2026-02-27 11:06:47 -03:00
transformations.py feat: improve error clarity for LLM provider failures (#506) 2026-02-16 16:15:46 -03:00