furyhawk/deer-flow
1
0
Fork 0
mirror of https://github.com/bytedance/deer-flow.git synced 2026-05-21 15:36:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
4731605d99b861a591a9575d36e080e2c3ad392d
deer-flow/backend/app/gateway
T
History
Willem Jiang 4731605d99 fix(sandbox): add group/other read permissions to uploaded files for Docker sandbox (#3127) 
When using AIO sandbox with LocalContainerBackend, uploaded files are
  created with 0o600 (owner-only) permissions by the gateway process
  running as root. The sandbox process inside the Docker container runs
  as a non-root user and cannot read these bind-mounted files, causing
  a "Permission denied" error on read_file.

  Add `needs_upload_permission_adjustment` attribute to SandboxProvider
  (default True) to indicate that uploaded files need chmod adjustment.
  LocalSandboxProvider opts out (same user). A new `_make_file_sandbox_readable`
  function adds S_IRGRP | S_IROTH bits after files are written, changing
  permissions from 0o600 to 0o644 so the sandbox can read the uploads.

  fixes #3127
2026-05-21 17:51:56 +08:00
..
auth
fix(auth): persist auto-generated JWT secret to survive restarts (#2933)
2026-05-16 09:24:40 +08:00
routers
fix(sandbox): add group/other read permissions to uploaded files for Docker sandbox (#3127)
2026-05-21 17:51:56 +08:00
__init__.py
refactor: split backend into harness (deerflow.*) and app (app.*) (#1131)
2026-03-14 22:55:52 +08:00
app.py
docs: document auth design and user isolation (#2913)
2026-05-12 23:07:11 +08:00
auth_middleware.py
feat: implement process-local internal authentication for Gateway and enhance CSRF handling
2026-04-26 22:20:57 +08:00
authz.py
fix(security): harden auth system and fix run journal logic bug (#2593)
2026-04-28 11:34:07 +08:00
config.py
fix(nginx): defer CORS to gateway allowlist (#2861)
2026-05-11 17:38:37 +08:00
csrf_middleware.py
fix(nginx): defer CORS to gateway allowlist (#2861)
2026-05-11 17:38:37 +08:00
deps.py
refactor: thread release config through lead path (#2612)
2026-04-28 14:53:18 +08:00
internal_auth.py
feat: implement process-local internal authentication for Gateway and enhance CSRF handling
2026-04-26 22:20:57 +08:00
langgraph_auth.py
docs: clarify LangGraph compatibility entrypoints (#2914)
2026-05-12 23:15:11 +08:00
path_utils.py
feat(persistence): per-user filesystem isolation, run-scoped APIs, and state/history simplification (#2153)
2026-04-26 11:13:01 +08:00
services.py
feat(trace):LangGraph -> lead_agent and set custom agent_name to run_name (#3101)
2026-05-21 14:48:28 +08:00
utils.py
feat(persistence): add unified persistence layer with event store, token tracking, and feedback (#1930)
2026-04-26 11:05:47 +08:00