Breaking Change in v0.6.41:
- knowledge.data column (containing {file_ids: [...]}) was REMOVED
- New knowledge_file junction table created with FK relationships
- Migration 3e0e00844bb0 handles data migration automatically

Impact on Prune Script:
- Old code accessed kb.data['file_ids'] which no longer exists
- This broke get_active_file_ids() function
- Orphaned file detection would fail completely

Fix Implementation:
- Use existing Knowledges.get_files_by_id(kb_id) API method
- This queries the new knowledge_file table via JOIN
- Memory-safe: process KBs incrementally, extract only file IDs
- Delete file list after processing each KB to help GC
- Error handling per KB to prevent cascading failures

Compatibility:
- Works with v0.6.41+ (new schema)
- Automatically handled by migration if upgrading from older versions
- No manual intervention required

Related Changes:
- User table changes (api_key, oauth) have NO impact (CASCADE deletes)

Translations of the new items added in the latest version.

)

* Update pyproject.toml

* Update requirements.txt

…dding (open-webui#19748)

* Add enable_async parameter to embedding function

* Add enable_async parameter to RAG configuration

* cleanup: remove very outdated kubernetes configs

* chore: remove INSTALLATION.md that references k8s manifests

* chore: remove kubernetes/ from .prettierignore

### UPD: i18n es-ES Translation v.0.6.41

Added new strings

Co-authored-by: Tim Baek <[email protected]>

…i#19780)

* Update requirements.txt

* Update requirements-min.txt

* Update pyproject.toml

* Update pymilvus version to 2.6.5

* Update pyproject.toml

* feat: new config AUTH0_AUDIENCE

* feat: OAUTH_AUDIENCE config

…webui#19791)

### FIX: Pipeline save settings - Handle undefined valves property

When a Pipeline valve have a null value the settings isn't saved.
The error occurs because the code tries to call `.split()` on a `null` value when saving pipeline valves.
This happens when you set a valve to "None" (null) and then click save.

This PR Fix this issue.

Co-Authored-By: Classic298 <[email protected]>

open-webui#20010

…n-webui#20072)

* sequential

* consolidate logic and fix for web add

* Update WebSearch.svelte

* Update retrieval.py

* Update retrieval.py

* Update WebSearch.svelte

…g semaphore (open-webui#20070)

* sequential

* zero default

* fix

…ui#20074)

* sequential

* zero default

* fix

* fix: preserve absolute paths in sqlite+sqlcipher URLs

Previously, the connection logic incorrectly stripped the leading slash
from `sqlite+sqlcipher` paths, forcibly converting absolute paths
(e.g., `sqlite+sqlcipher:////app/data.db`) into relative paths
(which became `app/data.db`). This caused database initialization failures
when using absolute paths, such as with Docker volume mounts.
This change removes the slash-stripping logic, ensuring that absolute
path conventions (starting with `/`) are respected while maintaining
support for relative paths (which do not start with `/`).

…bui#20076)

* sequential

* zero default

* fix

* fix: preserve absolute paths in sqlite+sqlcipher URLs

Previously, the connection logic incorrectly stripped the leading slash
from `sqlite+sqlcipher` paths, forcibly converting absolute paths
(e.g., `sqlite+sqlcipher:////app/data.db`) into relative paths
(which became `app/data.db`). This caused database initialization failures
when using absolute paths, such as with Docker volume mounts.
This change removes the slash-stripping logic, ensuring that absolute
path conventions (starting with `/`) are respected while maintaining
support for relative paths (which do not start with `/`).

* fix: MCP OAuth 2.1 token exchange and multi-node propagation

Fix two MCP OAuth 2.1 bugs affecting tool server authentication:

1. Token exchange failing with duplicate credentials (open-webui#19823)
   - Removed explicit client_id/client_secret passing in handle_callback()
   - Authlib already has credentials configured during add_client(),
     passing them again caused concatenation (e.g., "ID1,ID1") and 401 errors
   - Added token validation to detect missing access_token and provide
     clear error messages instead of cryptic database constraint errors

2. OAuth clients not propagating across multi-node setups (open-webui#19901)
   - Updated get_client() and get_client_info() to auto-lazy-load
     OAuth clients from the Redis-synced TOOL_SERVER_CONNECTIONS config
   - Clients are now instantiated on-demand on any node that needs them

Fixes open-webui#19823, open-webui#19901

* Update db.py

* Update wrappers.py

* Update pyproject.toml

* Update requirements-min.txt

* Update requirements.txt

Co-Authored-By: Classic298 <[email protected]>

…mpat-01CmvhyZP2q3Gxje53uUNYoi

Adapt prune script to handle v0.6.41+ chat_file table changes:
- Import ChatFile model from chats module
- Scan chat_file table for file references in addition to chat.chat JSON
- Memory-safe incremental processing with streaming queries
- Backwards compatible with older databases (graceful fallback if table doesn't exist)

Similar to the knowledge_file migration fix, this ensures the prune script
finds file references stored in both:
  1. Legacy chat.chat JSON (old format)
  2. New chat_file junction table (v0.6.41+)

Note: channel_file table also exists but channels are not currently
scanned by the prune script.

Critical bug fix for incorrect vector collection cleanup that was deleting
active KB collections.

ROOT CAUSE:
The mismatch between active_kb_ids and active_file_ids filtering logic
caused vector collections to be incorrectly marked as orphaned:

1. active_kb_ids = only KBs owned by active users
2. active_file_ids = files from ALL KBs (including deleted/inactive users)
3. Vector cleanup logic expected both to be consistent

Example scenario that triggered the bug:
- User account deleted (or made inactive)
- Their KBs remain in DB (no FK cascade on knowledge.user_id)
- Prune script runs:
  * active_kb_ids excludes deleted user's KBs ✓
  * active_file_ids includes files from deleted user's KBs ✗
  * Vector cleanup sees:
    - File collections expected (files in active_file_ids) → kept
    - KB collections NOT expected (KB not in active_kb_ids) → DELETED! ✗
- Result: Active KB vector collections deleted → retrieval breaks

AFFECTED USERS:
- Psy (Qdrant + PostgreSQL): Reported 2 orphaned vectors after creating
  only 1 KB, retrieval stopped working after prune
- rdariolemes (PGVector + PostgreSQL): Preview showed 1 orphaned vector,
  but deletion failed silently (0 deleted)

THE FIX:
Modified get_active_file_ids() to respect the same user filtering as
active_kb_ids:

1. Added active_user_ids parameter to get_active_file_ids()
2. Skip KBs owned by inactive/deleted users when collecting file IDs
3. Updated all 6 call sites to pass active_user_ids
4. Reordered variable initialization where needed

This ensures active_file_ids and active_kb_ids use consistent user
filtering, preventing the false positive detection.

FILES CHANGED:
- prune_operations.py: Updated get_active_file_ids() signature and logic
- prune_cli_interactive.py: Updated 3 call sites (preview + 2 execution)
- standalone_prune.py: Updated 3 call sites (preview + 2 execution)

BACKWARDS COMPATIBILITY:
The active_user_ids parameter is optional (defaults to None), maintaining
backwards compatibility while fixing the bug when provided.

…nto claude/v0641-schema-compat-01CmvhyZP2q3Gxje53uUNYoi