geckon01/anything-llm
1
0
Fork 0
mirror of https://github.com/Mintplex-Labs/anything-llm.git synced 2026-06-15 23:20:32 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
6a492f038da195a5c9a239d5ca2e9f2151c25f8c
anything-llm/server/utils
History
Timothy Carambat 6a492f038d Fix potential Zip Slip path traversal in community plugin import 
Validate all ZIP entries before extraction in importCommunityItemFromUrl()
to prevent path traversal attacks (CWE-22). Malicious ZIP entries with
paths like "../../" could write files outside the intended plugin folder.

Requires admin privileges and explicit opt-in to unverified hub downloads.
GHSA-rh66-4w74-cf4m
2026-03-13 10:18:20 -07:00
..
agentFlows
Native Tool calling (#5071)
2026-02-26 13:37:56 -08:00
agents
Fix potential Zip Slip path traversal in community plugin import
2026-03-13 10:18:20 -07:00
AiProviders
Remove use_mlock from Ollama to solve WARN logs in ollama 0.17
2026-03-10 09:08:05 -07:00
BackgroundWorkers
Workspace Chat with documents overhaul (#4261)
2025-08-11 09:26:19 -07:00
boot
Web push notifications (#4942)
2026-02-02 10:56:58 -08:00
chats
Implement v2 chat layout designs (#5074)
2026-03-10 12:50:19 -07:00
collectorApi
add longer HTTP ttl on forward extension requests
2025-11-20 23:00:18 -08:00
comKey
[BETA] Live document sync (#1719)
2024-06-21 13:38:50 -07:00
database
Prune telemetry events
2025-04-29 13:54:00 -07:00
DocumentManager
Enable ability to do full-text query on documents (#758)
2024-02-21 13:15:45 -08:00
EmbeddingEngines
Add custom fetch to embedder for Ollama (#5180)
2026-03-09 11:47:00 -07:00
EmbeddingRerankers/native
chore: add ESLint to /server (#5126)
2026-03-05 16:32:45 -08:00
EncryptionManager
[BETA] Live document sync (#1719)
2024-06-21 13:38:50 -07:00
files
chore: add ESLint to /server (#5126)
2026-03-05 16:32:45 -08:00
helpers
Fix: Azure OpenAI model key collision (#5092)
2026-03-05 17:12:08 -08:00
http
chore: add ESLint to /server (#5126)
2026-03-05 16:32:45 -08:00
logger
patch logger for full logs
2024-07-19 18:35:41 -07:00
MCP
chore: add ESLint to /server (#5126)
2026-03-05 16:32:45 -08:00
middleware
Enforce user suspension check on browser extension API key path
2026-03-13 10:05:05 -07:00
PasswordRecovery
Merge commit from fork
2026-01-02 15:50:50 -08:00
prisma
Fix Typos in Comments and Documentation (#3987)
2025-06-12 13:59:38 -07:00
PushNotifications
Web push notifications (#4942)
2026-02-02 10:56:58 -08:00
telemetry
Prune telemetry events
2025-04-29 13:54:00 -07:00
TextSplitter
Native Embedder model selection (incl: Multilingual support) (#3835)
2025-07-22 10:07:20 -07:00
TextToSpeech
chore: add ESLint to /server (#5126)
2026-03-05 16:32:45 -08:00
vectorDbProviders
chore: add ESLint to /server (#5126)
2026-03-05 16:32:45 -08:00
vectorStore
PGvector vector database support (#3788)
2025-05-09 12:27:11 -07:00