Skip to content

Comments

0.8.1#21346

Merged
tjbck merged 33 commits intomainfrom
dev
Feb 14, 2026
Merged

0.8.1#21346
tjbck merged 33 commits intomainfrom
dev

Conversation

@tjbck
Copy link
Contributor

@tjbck tjbck commented Feb 13, 2026

No description provided.

joaoback and others added 2 commits February 12, 2026 19:42
i18n: Update translation.json (pt-BR)
@Ithanil
Copy link
Contributor

Ithanil commented Feb 13, 2026

Hi, quick question: Are you planning to release 0.8.1 shortly, i.e. within this week?

silentoplayz and others added 27 commits February 13, 2026 11:18
…es (#21358)

The sharePublic prop in editor components (Knowledge, Tools, Skills,
Prompts, Models) incorrectly included an "|| edit" / "|| write_access"
condition, allowing users with write access to see and use the "Public"
sharing option regardless of their actual public sharing permission.
Additionally, all backend access/update endpoints only verified write
authorization but did not check the corresponding sharing.public_*
permission, allowing direct API calls to bypass frontend restrictions
entirely.
Frontend: removed the edit/write_access bypass from sharePublic in all
five editor components so visibility is gated solely by the user's
sharing.public_* permission or admin role.
Backend: added has_public_read_access_grant checks to the access/update
endpoints in knowledge.py, tools.py, prompts.py, skills.py, models.py,
and notes.py. Public grants are silently stripped when the user lacks
the corresponding permission.
Fixes #21356
* fix: rpi

* Update requirements-min.txt

* Update requirements.txt

* Update pyproject.toml
Co-Authored-By: Juan Calderon-Perez <[email protected]>
tjbck and others added 4 commits February 13, 2026 17:38
* Add v0.8.1 release section

* changelog: knowledge menu layout fix

* changelog: knowledge tooltip z-index fix

* changelog: sync modal community sharing fix

* changelog: postgresql distinct ordering fix

* changelog: security fix public sharing bypass

* changelog: add issue ref to postgresql fix

* changelog: fix postgresql skills json compatibility

* changelog: apply new format style to 0.8.1 entries

* changelog: web search result count fix

* changelog: metadata, document, crash fix

* changelog: add channel user active status performance entry

* changelog: add model and prompt list optimization entry

* changelog: batch access control queries, channel status, model list optimization

* changelog: user list, performance, deferred loading

* Update CHANGELOG.md for 0.8.1

* Add emoji variation to Added section

* Remove empty Changed section and finalize 0.8.1 changelog

* changelog: arm, torch compatibility fix

* changelog: update database migration warning format

* changelog: ollama cloud, model naming fix

* Add SCIM externalId entry and database migration warning to 0.8.1

* Fix: move web search to Added, restore 0.8.0 headers

* Fix: SCIM above translations, 0.8.0 restored

* Remove 0.8.1 migration warning, keep 0.8.0 original

* changelog: direct model access control fix

* changelog: add commit link to direct model access control fix

* Update CHANGELOG.md

* Update CHANGELOG.md

* Update CHANGELOG.md

* Update CHANGELOG.md

* Update CHANGELOG.md

* changelog: sqlite, cascade delete, database fix

* changelog: responses, api, model-routing

* Add PR and issue links to SCIM externalId changelog entry

* Add commit link to Responses API entry, remove PR link from translation entry

* changelog: reasoning traces, performance, browser

* changelog: password, validation, regex

* Update CHANGELOG.md
@tjbck tjbck marked this pull request as ready for review February 13, 2026 23:47
@Classic298
Copy link
Collaborator

@Ithanil yes

@Classic298
Copy link
Collaborator

Root of sudo, shell of bash,
Merge to main and do not crash.

@tjbck tjbck merged commit 883f1dd into main Feb 14, 2026
27 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

6 participants