Refactor WebSocket architecture and enhance onboarding experience#9
Draft
drzo wants to merge 216 commits intoReZorg:devfrom
Draft
Refactor WebSocket architecture and enhance onboarding experience#9drzo wants to merge 216 commits intoReZorg:devfrom
drzo wants to merge 216 commits intoReZorg:devfrom
Conversation
…ation - Add WsHandler base class, WsManager (connection tracking / event routing / buffering), WsResult - Extract network.py (is_loopback_address) and context_utils.py (use_context) to eliminate duplication - Migrate three handlers to api/ following the ws_* py naming convention - Simplify run_ui.py WebSocket init from ~170 lines to ~10 - Update import paths in api.py, plugins.py, state_monitor.py
- websocket.js: addHandlers, _handlers Set, auth callback, envelope validation, exponential backoff, 50 MB cap - Three store components: namespace /webui → /ws, wire up addHandlers - Fix websocket-test-store.js detach) accidentally killing syncStore event listeners
- Fixes 500 error when uploading images with non-ASCII filenames via /api/image_get - Improves file path handling to support both development and Docker environments - Adds exception handling to gracefully fall back to Docker path logic if path correction fails - Ensures robust error handling so path issues do not crash the entire endpoint
…ch unification - Fix Memory Leaks: Resolved SID retention in _known_sids after disconnection and cleaned up unreferenced broadcast tasks in _schedule_lifecycle_broadcast. - Unify Dispatching Paths: Unified client and server event dispatching through the process_client_event() method to ensure diagnostic consistency. - Optimization & Cleanup: Expanded the _OPTION_KEYS whitelist, removed dead code (iter_event_types), and deleted unused websocket exports. - Robustness: Added handling for None responses in process_client_event to prevent cluttering responses with empty results. - Testing: Added test cases to verify SID TTL expiration and stale SID cleanup on disconnect.
reuse /banners for composer missing-key status polish onboarding ui; add chat composer API key banner drop dedicated status backend endpoint
ux: onboarding flow for missing API key
1. Extract _collect_results method — Deduplicated ~30 lines of identical result processing from route_event and process_client_event (Exception→error / WsResult→as_result / dict→wrap / None→strategy branch) into a private method with a skip_none parameter.
* route_event calls _collect_results(skip_none=False) — None becomes ok=True (server-initiated, callers expect a result for every handler)
* process_client_event calls _collect_results(skip_none=True) — None is skipped (client-initiated, matching legacy _dispatch fire-and-forget semantics)
2. Document None semantics difference — Added # NOTE: comment at the route_event call site explaining why skip_none=False differs from process_client_event.
3. Unify _timestamp() usage — Replaced inline timestamp formatting in _wrap_envelope and handle_connect with self._timestamp() method reuse.#
- move _ws_contexts snapshot inside _contexts_lock critical section, add ctx is None skip logic to prevent security check bypass during concurrent disconnects
- Fix two error returns in ws_dev_test.py using non-standard {"_error": True, ...} format, which _collect_results misidentifies as a success response and wraps as ok=True, sending a false-success to the client
- Switch to WsResult.error(code=..., message=...) standard API, consistent with all other handlers
- Fix 5 occurrences of process_event → process in documentation examples
- Remove non-existent HANDLER_ID and HANDLED_EVENTS class attribute examples from docs
- Fix validate_event_types (plural) → validate_event_type (singular) in docs
….py bug - Consolidate ConnectionIdentity, _ws_debug_enabled(), ws_debug() into ws.py as single-source exports, removing duplicate definitions in ws_manager.py and state_monitor.py - Make send_data() optional args keyword-only to prevent positional argument confusion with the instance method signature - Fix clear_plugin_cache in plugins.py: wrong parameter name (event_name → event_type) and stale namespace (/webui → /ws)
…ail.html Rebase README links and images to correct GitHub blob/raw paths
- Add model switcher component for chat input with progress display - Enhance model config store with active preset/model retrieval - Show agent progress as ghost text in chat input placeholder - Add agent artifact patterns to .gitignore
Remove the scan queue mechanism that serialized plugin scans. Each scan now runs in its own temporary chat context immediately upon request, allowing multiple scans to execute in parallel. Update UI to reflect that scans are no longer queued and remove the "queued" state tracking from store and API.
Add a shared safe markdown pipeline for plugin READMEs and docs. - vendor DOMPurify and introduce a shared safe-markdown helper - centralize GitHub README link/image rebasing, including repo routes like `releases` - sanitize rendered HTML before all plugin-related x-html sinks - apply the shared renderer to Plugin Hub README, installed plugin README, and markdown modal docs - preserve target/rel handling for external links
fix plugin README image rebasing and sanitize rendered markdown
Add model config presets and ignore agent artifacts
progress-bar-right css hotfix
Development
…t store into mixins, unify API key lifecycle
…ved via Configure Models
…ight of chat area
feat(ui): reposition chat nav buttons as floating overlay in bottom-right of chat area
feat(browser): multi-tab awareness + modifier-key click
Render Browser tool Screenshot KVPs as clickable live thumbnails that open the Browser canvas while preserving the existing lower-row Browser action.\n\nAdd a lightweight websocket snapshot endpoint for existing browser runtimes and keep preview frame memory bounded with revocable object URLs.
Fix annotation panel stacking so draft popovers render above the annotations recap.\n\nAllow the annotations recap tray to float within the browser stage by dragging its header, with bounded positioning and cleanup when annotations are cleared or the browser surface unmounts.
Expose extension deletion from the Browser internal settings page and keep the compact Browser dropdown focused on quick enable/install actions.\n\nAdd a guarded uninstall API that only deletes Browser-managed extension folders, updates enabled extension paths, refreshes the settings UI, and covers managed versus external paths with regression tests.
Add a Time Travel entry directly under Files in the sidebar dropdown and route it through the existing modal. Stop Time Travel from registering or mounting a right-canvas surface, and keep modal refresh tied to the modal state.
Bridge copy, cut, paste, and common edit shortcuts from the Browser modal and canvas screenshot surface into the Playwright runtime while preserving native clipboard behavior for Agent Zero UI fields. Add websocket and runtime clipboard handling with regression coverage for frontend shortcut routing, paste fallback, and viewer input dispatch.
Move Remote Link and Space Agent into the sidebar dropdown while removing their right-canvas rail actions. Rename Scheduler-facing UI to Tasks and collapse Chat Actions behind a persisted dropdown accordion.
Make the Desktop iframe explicitly focusable and re-arm Xpra keyboard capture on load and click so typed input reaches the remote session reliably.\n\nAdd regression assertions for the Xpra keyboard bridge contract.
Make the embedded Xpra Desktop use the browser cursor as the only visible cursor by suppressing the shadow pointer overlay and pointer-position renderer without blocking pointer input. Prefer the active Office host iframe when choosing the Desktop frame, then force resize recovery during modal-to-canvas docking so the Xpra desktop, window, and canvas refill the canvas after handoff.
Route binary Office documents through the persistent Desktop surface while keeping Markdown in the custom tabbed editor. Harden Xpra clipboard bridging and explicit clipboard flags so host paste can reach the desktop session. Align XFCE and LibreOffice profile paths with Agent Zero locations: downloads for wallpapers, configured workdir for default saves and the Workdir shortcut, and trusted metadata for generated launchers.
Route DOCX, spreadsheets, and presentations exclusively through the Xpra desktop LibreOffice session. Keep the custom canvas path focused on Markdown source editing, remove the old dashboard/preview/native LibreOfficeKit code, and update tests and runtime package declarations to match the new Office surface.
Expose a directory-only Download ZIP action in the file browser menu and make folder downloads use a stable .zip filename from the existing download endpoint.
Add a pencil action beside Save that reuses the existing file browser rename modal for open Office documents. Preserve document metadata after filesystem renames, retarget active LibreOffice desktop sessions to the new path, and cover the rename flow in Office regression tests.
Adds a branded file-browser toolbar with current-folder search, visible selection, and selection status. Introduces bulk copy paths, ZIP download, and delete actions backed by dedicated API handlers so selected files are processed as one browser operation.
Install a curated README into generated Agent Zero Desktop sessions so the Xfce workspace explains the habitat concept, credits the open-source foundations and Jan Tomášek, and gives users Terminal commands for popular agent CLIs. Keep the README as an _office plugin asset and copy it into the Desktop profile during launcher preparation.
Detect openable Chrome extension UI pages from manifests and expose resolved chrome-extension URLs to the Browser UI. Render an Open button in the compact Browser extension dropdown and cover manifest UI metadata with regression tests.
Show hidden files by default in Thunar-backed Desktop sessions while preserving existing file manager profile settings. Hide the default Xfce Mail Reader and Web Browser helper entries from the Applications menu through local XDG overrides, and cover the generated Desktop profile artifacts with targeted tests.
Allow users to disconnect their OpenAI account by clearing stored ChatGPT OAuth tokens while preserving unrelated auth data. Fetch and normalize Codex usage windows, then show remaining percentage and reset timing in the OAuth settings UI. Add focused tests for usage parsing and disconnect cleanup.
Remove dynamically loaded skills when they are deactivated from the Skills selector. Treat skill names and paths as aliases so scoped defaults, chat overrides, and loaded-skill state resolve consistently.
Force-add curated snapshot paths so workspace .gitignore rules cannot break Time Travel snapshots, while preserving Time Travel's own exclusions for secrets and generated files. Repair invalid shadow Git repositories by restoring HEAD when possible or quarantining and reinitializing unusable repos, and canonicalize workspace paths to avoid duplicate shadow histories for aliases. Add regression coverage for ignored paths, corrupt shadow HEAD recovery, and canonical workspace identity.
Configure the Docker image initializer to raise the container soft nofile limit to a safer default when Docker's hard limit allows it. Document the new-image behavior and optional A0_NOFILE_LIMIT override without requiring users to add Docker ulimit flags.
…lugin-config-ignored fix: always check project-level plugin config as fallback (fixes #1548)
Add local XDG overrides for the xfce4-mail-reader.desktop and xfce4-web-browser.desktop application IDs shipped by the current desktop runtime, while keeping the older exo-* IDs covered for compatibility. Update the desktop profile tests so future changes assert both generations of launcher IDs.
Route Office canvas renames through the document store so dirty or missing-on-disk Markdown sessions can be materialized at the new path without hitting the generic workdir filesystem rename endpoint. Add regression coverage for missing draft materialization, dirty markdown rename, and the custom rename hook contract.
…-provider feat: add Venice embedding provider
This reverts commit 7bd70fa.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces several improvements and additions across the codebase, focusing on developer experience, file handling security, agent streaming logic, and WebSocket infrastructure. Notably, it adds developer documentation, enhances file path security, refines agent tool request validation, and introduces new WebSocket handlers for development and UI synchronization.
Documentation and Developer Experience:
CONTRIBUTING.mdfile with clear contribution guidelines and references to detailed documentation, helping contributors understand the workflow and best practices.AGENTS.mdto include a new "Banners & Discovery" frontend deep dive and clarified the backend directory structure, especially regarding API and WebSocket handler locations. [1] [2]Security and File Handling:
resolve_download_pathinapi/download_work_dir_file.pyto securely resolve file paths and prevent directory traversal, ensuring downloads are restricted to the runtime base directory. [1] [2]api/image_get.pyby normalizing development file paths, handling Docker/local file resolution robustly, and URL-encoding filenames in response headers for better compatibility. [1] [2] [3] [4] [5]Agent Streaming and Tool Request Validation:
tool_args. [1] [2] [3] [4] [5] [6]WebSocket Infrastructure:
api/ws_dev_test.py, a new developer-only WebSocket handler for testing, diagnostics, and event broadcasting, improving the ability to debug and validate WebSocket flows during development.api/ws_hello.py, a simple echo WebSocket handler for foundational connectivity testing.python/websocket_handlers/webui_handler.pytoapi/ws_webui.py, updating it to the new handler base class for consistency and maintainability.Prompt and Documentation Refinements:
These changes collectively improve security, maintainability, developer onboarding, and the robustness of agent and WebSocket behaviors.