diff --git a/package.json b/package.json index c597e90d4bd..aa7f96c6fcf 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "flowise", - "version": "3.0.6", + "version": "3.0.7", "private": true, "homepage": "https://flowiseai.com", "workspaces": [ diff --git a/packages/components/models.json b/packages/components/models.json index 73a3c7bb7f2..fb3feb21948 100644 --- a/packages/components/models.json +++ b/packages/components/models.json @@ -396,6 +396,18 @@ "name": "gpt-4.5-preview", "input_cost": 0.000075, "output_cost": 0.00015 + }, + { + "label": "gpt-4.1-mini", + "name": "gpt-4.1-mini", + "input_cost": 0.0000004, + "output_cost": 0.0000016 + }, + { + "label": "gpt-5-chat-latest", + "name": "gpt-5-chat-latest", + "input_cost": 0.00000125, + "output_cost": 0.00001 } ] }, @@ -455,6 +467,18 @@ "name": "gpt-4-1106-preview", "input_cost": 0.00001, "output_cost": 0.00003 + }, + { + "label": "gpt-4.1-mini", + "name": "gpt-4.1-mini", + "input_cost": 0.0000004, + "output_cost": 0.0000016 + }, + { + "label": "gpt-5-chat-latest", + "name": "gpt-5-chat-latest", + "input_cost": 0.00000125, + "output_cost": 0.00001 } ] }, @@ -1682,6 +1706,18 @@ "name": "gpt-4-32k", "input_cost": 0.00006, "output_cost": 0.00012 + }, + { + "label": "gpt-4.1-mini", + "name": "gpt-4.1-mini", + "input_cost": 0.0000004, + "output_cost": 0.0000016 + }, + { + "label": "gpt-5-chat-latest", + "name": "gpt-5-chat-latest", + "input_cost": 0.00000125, + "output_cost": 0.00001 } ] }, diff --git a/packages/components/nodes/documentloaders/Folder/Folder.ts b/packages/components/nodes/documentloaders/Folder/Folder.ts index d567f64aaf7..e8aa16a5be8 100644 --- a/packages/components/nodes/documentloaders/Folder/Folder.ts +++ b/packages/components/nodes/documentloaders/Folder/Folder.ts @@ -10,6 +10,7 @@ import { DocxLoader } from '@langchain/community/document_loaders/fs/docx' import { LoadOfSheet } from '../MicrosoftExcel/ExcelLoader' import { PowerpointLoader } from '../MicrosoftPowerpoint/PowerpointLoader' import { handleEscapeCharacters } from '../../../src/utils' +import { isPathTraversal } from '../../../src/validator' class Folder_DocumentLoaders implements INode { label: string @@ -125,6 +126,14 @@ class Folder_DocumentLoaders implements INode { const _omitMetadataKeys = nodeData.inputs?.omitMetadataKeys as string const output = nodeData.outputs?.output as string + if (!folderPath) { + throw new Error('Folder path is required') + } + + if (isPathTraversal(folderPath)) { + throw new Error('Invalid folder path: Path traversal detected. Please provide a safe folder path.') + } + let omitMetadataKeys: string[] = [] if (_omitMetadataKeys) { omitMetadataKeys = _omitMetadataKeys.split(',').map((key) => key.trim()) diff --git a/packages/components/package.json b/packages/components/package.json index 5eecc02c801..72e03a5cc85 100644 --- a/packages/components/package.json +++ b/packages/components/package.json @@ -1,6 +1,6 @@ { "name": "flowise-components", - "version": "3.0.6", + "version": "3.0.7", "description": "Flowiseai Components", "main": "dist/src/index", "types": "dist/src/index.d.ts", diff --git a/packages/server/package.json b/packages/server/package.json index 9eb122e414f..bfd77607bbc 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -1,6 +1,6 @@ { "name": "flowise", - "version": "3.0.6", + "version": "3.0.7", "description": "Flowiseai Server", "main": "dist/index", "types": "dist/index.d.ts", diff --git a/packages/server/src/database/migrations/mariadb/1755748356008-AddChatFlowNameIndex.ts b/packages/server/src/database/migrations/mariadb/1755748356008-AddChatFlowNameIndex.ts index 62c74f167d5..1fe79f449f1 100644 --- a/packages/server/src/database/migrations/mariadb/1755748356008-AddChatFlowNameIndex.ts +++ b/packages/server/src/database/migrations/mariadb/1755748356008-AddChatFlowNameIndex.ts @@ -4,7 +4,7 @@ export class AddChatFlowNameIndex1755748356008 implements MigrationInterface { name = 'AddChatFlowNameIndex1755748356008' public async up(queryRunner: QueryRunner): Promise { - await queryRunner.query(`CREATE INDEX \`IDX_chatflow_name\` ON \`chat_flow\` (\`name\`)`) + await queryRunner.query(`CREATE INDEX \`IDX_chatflow_name\` ON \`chat_flow\` (LEFT(\`name\`, 255))`) } public async down(queryRunner: QueryRunner): Promise { diff --git a/packages/server/src/database/migrations/mysql/1755748356008-AddChatFlowNameIndex.ts b/packages/server/src/database/migrations/mysql/1755748356008-AddChatFlowNameIndex.ts index 62c74f167d5..1fe79f449f1 100644 --- a/packages/server/src/database/migrations/mysql/1755748356008-AddChatFlowNameIndex.ts +++ b/packages/server/src/database/migrations/mysql/1755748356008-AddChatFlowNameIndex.ts @@ -4,7 +4,7 @@ export class AddChatFlowNameIndex1755748356008 implements MigrationInterface { name = 'AddChatFlowNameIndex1755748356008' public async up(queryRunner: QueryRunner): Promise { - await queryRunner.query(`CREATE INDEX \`IDX_chatflow_name\` ON \`chat_flow\` (\`name\`)`) + await queryRunner.query(`CREATE INDEX \`IDX_chatflow_name\` ON \`chat_flow\` (LEFT(\`name\`, 255))`) } public async down(queryRunner: QueryRunner): Promise { diff --git a/packages/server/src/database/migrations/postgres/1755748356008-AddChatFlowNameIndex.ts b/packages/server/src/database/migrations/postgres/1755748356008-AddChatFlowNameIndex.ts index 75ebae63727..4adfabf1e41 100644 --- a/packages/server/src/database/migrations/postgres/1755748356008-AddChatFlowNameIndex.ts +++ b/packages/server/src/database/migrations/postgres/1755748356008-AddChatFlowNameIndex.ts @@ -4,7 +4,7 @@ export class AddChatFlowNameIndex1755748356008 implements MigrationInterface { name = 'AddChatFlowNameIndex1755748356008' public async up(queryRunner: QueryRunner): Promise { - await queryRunner.query(`CREATE INDEX "IDX_chatflow_name" ON "chat_flow" ("name")`) + await queryRunner.query(`CREATE INDEX "IDX_chatflow_name" ON "chat_flow" (substring("name" from 1 for 255))`) } public async down(queryRunner: QueryRunner): Promise { diff --git a/packages/server/src/database/migrations/sqlite/1755748356008-AddChatFlowNameIndex.ts b/packages/server/src/database/migrations/sqlite/1755748356008-AddChatFlowNameIndex.ts index 75ebae63727..9f6023caac6 100644 --- a/packages/server/src/database/migrations/sqlite/1755748356008-AddChatFlowNameIndex.ts +++ b/packages/server/src/database/migrations/sqlite/1755748356008-AddChatFlowNameIndex.ts @@ -4,7 +4,7 @@ export class AddChatFlowNameIndex1755748356008 implements MigrationInterface { name = 'AddChatFlowNameIndex1755748356008' public async up(queryRunner: QueryRunner): Promise { - await queryRunner.query(`CREATE INDEX "IDX_chatflow_name" ON "chat_flow" ("name")`) + await queryRunner.query(`CREATE INDEX "IDX_chatflow_name" ON "chat_flow" (substr("name", 1, 255))`) } public async down(queryRunner: QueryRunner): Promise { diff --git a/packages/ui/package.json b/packages/ui/package.json index 0a60dfb8bb9..c93b7794004 100644 --- a/packages/ui/package.json +++ b/packages/ui/package.json @@ -1,6 +1,6 @@ { "name": "flowise-ui", - "version": "3.0.6", + "version": "3.0.7", "license": "SEE LICENSE IN LICENSE.md", "homepage": "https://flowiseai.com", "author": {