ragflow

mirror of https://github.com/infiniflow/ragflow.git synced 2025-12-08 20:42:30 +08:00

Author	SHA1	Message	Date
Yongteng Lei	3671d20e43	Fix: illegal variable name in Jinja2 (#8348 ) ### What problem does this PR solve? Fix illegal variable name in Jinja2. #8316. ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	2025-06-18 16:02:36 +08:00
TeslaZY	1239f5afc8	Fix: bad escape \P at position 374 (line 18, column 23) when using th… (#7909 ) …e graph feature (#1727) ### What problem does this PR solve? ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	2025-05-28 19:16:31 +08:00
liu an	20ab6aad4a	Fix: patch SSTI vulnerability in template rendering (#7905 ) ### What problem does this PR solve? [[Critical] RagFlow has a SSTI, which can lead to Remote Code Execution (RCE).](https://github.com/infiniflow/ragflow/security/advisories/GHSA-mrf5-7w8r-8x88#event-463508) ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	2025-05-28 11:47:22 +08:00
Richard	d869e4d43f	Fix: Preserve quotes while handling variable substitution withTemplate component. (#6410 ) ###Address Problem: The original implementation used re.sub(r"(\\\"\|\")", "", content) which stripped all quotes from the processed content. While this worked for simple Jinja2-rendered templates, it caused formatting issues when : -Quotes were required in the final output (e.g., JSON, Python Code strings) ###Solution: 1. Selective JSON Serialization. 2. Removed Global Quote Removal ### What problem does this PR solve? This PR addresses an issue in template processing where all quotation marks (" and \") were being removed from content, potentially corrupting string formatting in rendered outputs. In fact, extra quotes is generated by json.dumps(v, ensure_ascii=False). ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	2025-03-21 19:44:03 +08:00
Kevin Hu	b754bd523a	Fix: let quot stay. (#6377 ) ### What problem does this PR solve? #6337 ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	2025-03-21 11:47:42 +08:00
davidche	bf5f6ec262	Fix spelling errors (#5224 ) ### What problem does this PR solve? ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	2025-02-21 15:47:27 +08:00
Kevin Hu	f64ae9dc33	Inner prompt parameter setting. (#4806 ) ### What problem does this PR solve? #4764 ### Type of change - [x] New Feature (non-breaking change which adds functionality)	2025-02-08 18:09:02 +08:00
WANGRUI-ZB	bbc1d02c96	Template conversion adds Jinjia2 syntax support (#4545 ) ### What problem does this PR solve? Template conversion adds Jinjia2 syntax support ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: wangrui <wangrui@haima.me> Co-authored-by: Yingfeng <yingfeng.zhang@gmail.com> Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com>	2025-01-23 17:11:14 +08:00
Zhichang Yu	0d68a6cd1b	Fix errors detected by Ruff (#3918 ) ### What problem does this PR solve? Fix errors detected by Ruff ### Type of change - [x] Refactoring	2024-12-08 14:21:12 +08:00
Kevin Hu	cc219ff648	Fix agent session API (#3589 ) ### What problem does this PR solve? #3585 ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)	2024-11-22 16:19:00 +08:00
Kevin Hu	ee50f78d99	Add component 'Template' (#3562 ) ### What problem does this PR solve? #3560 ### Type of change - [x] New Feature (non-breaking change which adds functionality)	2024-11-21 18:26:22 +08:00
Kevin Hu	30f111edb3	Fixs for translation agent (#3557 ) ### What problem does this PR solve? #3556 ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue) - [x] New Feature (non-breaking change which adds functionality)	2024-11-21 16:22:25 +08:00

12 Commits