github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2026-03-22 05:37:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,321 Commits 1,216 Branches 123 Tags
dependabot/github_actions/peter-evans/find-comment-4
Commit Graph

352 Commits

Author SHA1 Message Date
Rohit Malhotra
63956c3292 Fix FastAPI Query parameter validation: lte -> le (#13502) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-19 20:27:10 -04:00
chuckbutkus
f75141af3e fix: prevent secrets deletion across organizations when storing secrets (#13500) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-19 19:34:12 -04:00
chuckbutkus
2224127ac3 Fix when budgets are None (#13482) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-19 10:14:48 -05:00
aivong-openhands
2d1e9fa35b Fix CVE-2026-33123: Update pypdf to 6.9.1 (#13473) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-19 11:05:30 -04:00
Hiep Le
e02dbb8974 fix(backend): validate API key org_id during authorization to prevent cross-org access (org project) (#13468) 2026-03-19 16:09:37 +07:00
Saurya Velagapudi
a96760eea7 fix: ensure LiteLLM user exists before generating API keys (#12667) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-18 17:16:43 -07:00
aivong-openhands
2879e58781 Fix CVE-2026-30922: Update pyasn1 to 0.6.3 (#13452) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-18 16:00:06 -04:00
Rohit Malhotra
1d1ffc2be0 feat(enterprise): Add service API for automation API key creation (#13467) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-18 19:07:36 +00:00
Hiep Le
db41148396 feat(backend): expose API key org_id via new GET /api/keys/current endpoint (org project) (#13469) 2026-03-19 01:46:23 +07:00
dependabot[bot]
26fa1185a4 chore(deps): bump mcp from 1.25.0 to 1.26.0 in the mcp-packages group (#13314) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
Co-authored-by: aivong-openhands <ai.vong@openhands.dev>
 2026-03-17 17:44:35 -05:00
aivong-openhands
855ef7ba5f PLTF-309: disable budget enforcement when ENABLE_BILLING=false (#13440) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-17 14:26:13 -05:00
Saurya Velagapudi
b68c75252d Add architecture diagrams explaining system components and WebSocket flow (#12542) 
Co-authored-by: openhands <openhands@all-hands.dev>
Co-authored-by: Saurya <saurya@openhands.dev>
Co-authored-by: Ray Myers <ray.myers@gmail.com>
 2026-03-17 08:52:40 -07:00
aivong-openhands
d58e12ad74 Fix CVE-2026-27962: Update authlib to 1.6.9 (#13439) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
Co-authored-by: OpenHands Bot <contact@all-hands.dev>
 2026-03-17 10:13:08 -05:00
Kooltek68
8a7779068a docs: fix typo in README.md (#13444) 2026-03-17 10:16:31 -04:00
Xingyao Wang
75c823c486 feat: expose_secrets param on /users/me + sandbox-scoped secrets API (#13383) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-17 12:54:57 +00:00
Hiep Le
238cab4d08 fix(frontend): prevent chat message loss during websocket disconnections or page refresh (#13380) 2026-03-16 22:25:44 +07:00
Tim O'Farrell
d591b140c8 feat: Add configurable sandbox reuse with grouping strategies (#11922) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-16 05:19:31 -06:00
Rohit Malhotra
4dfcd68153 (Hotfix): followup messages for slack conversations (#13411) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-15 14:23:06 -04:00
aivong-openhands
f7ca32126f Fix CVE-2026-32597: Update pyjwt to 2.12.0 (#13405) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-14 09:35:56 -05:00
John-Mason P. Shackelford
0c51089ab6 Upgrade the SDK to 1.14.0 (#13398) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-13 21:07:20 -04:00
chuckbutkus
b7e5c9d25b Use a flag to indicate if new users should use V1 (#13393) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-13 22:39:07 +00:00
chuckbutkus
f5d0af15d9 Add default initial budget for teams/users (#13389) 
Co-authored-by: OpenHands Bot <contact@all-hands.dev>
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-13 16:57:03 -04:00
chuckbutkus
922e3a2431 Add AwsSharedEventService for shared conversations (#13141) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-13 14:32:58 -04:00
Tim O'Farrell
8e6d05fc3a Add sandbox_id__eq filter parameter to search/count conversation methods (#13385) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-13 15:30:16 +00:00
Tim O'Farrell
c1328f512d Upgrade the SDK to 1.13.0 (#13365) 2026-03-12 13:28:19 -06:00
aivong-openhands
127e611706 Fix GHSA-78cv-mqj4-43f7: Update tornado to 6.5.5 (#13362) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-12 13:22:39 -05:00
Hiep Le
a176a135da fix: sdk conversations not appearing in cloud ui (#13296) 2026-03-12 22:23:08 +07:00
dependabot[bot]
7e66304746 chore(deps): bump pypdf from 6.7.5 to 6.8.0 (#13348) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-11 12:09:09 -05:00
Graham Neubig
a8b12e8eb8 Remove Common Room sync scripts (#13347) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-11 10:48:37 -04:00
Tim O'Farrell
db40eb1e94 Using the web_url where it is configured rather than the request.url (#13319) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-10 13:11:33 -06:00
Hiep Le
debbaae385 fix(backend): inherit organization llm settings for new members (#13330) 2026-03-11 01:28:46 +07:00
Hiep Le
bc72b38d6e fix(backend): propagate LLM settings to all org members when admin saves settings (#13326) 2026-03-10 22:52:01 +07:00
Rohit Malhotra
e12dd924ce feat(slack): implement repo selection with external_select for pagination (#13273) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-09 16:04:49 -04:00
Tim O'Farrell
c8fe39b176 Upgrading SDK to 1.12.0 (#13248) 2026-03-09 21:06:12 +07:00
Ray Myers
8c46df6b59 fix: asyncpg, device key timestamp without timezone, error reporting (#13301) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-08 12:56:59 -05:00
Tim O'Farrell
3ec999e88a Fix LiteLLM key management and user migration SQL queries (#13279) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-06 21:48:19 -07:00
Jamie Chicago
d1c2185d99 [fix] update welcome email to new cloud sign ups (#13254) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-06 15:24:55 -06:00
Joe Laverty
ede203add3 feat(enterprise): Bitbucket Data Center Integration (#13228) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-06 10:49:20 -06:00
Tim O'Farrell
6186685ebc Refactor user authorization: Replace domain blocklist with flexible whitelist/blacklist pattern matching (#13207) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-06 09:10:59 -07:00
Rohit Malhotra
6c394cc415 Add rate limiting to verification emails during OAuth flow (#13255) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-05 19:10:25 -05:00
Rohit Malhotra
4c380e5a58 feat: Add timeout handling for Slack repo query (#13249) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-06 00:02:04 +00:00
aivong-openhands
42b0a89366 Fix CVE-2026-28802: Update authlib to 1.6.7 (#13229) 
Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
 2026-03-05 08:56:47 -06:00
Rohit Malhotra
bf769d1744 Handle deleted GitHub issues (410 error) gracefully (#13217) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-04 15:50:37 -05:00
Tim O'Farrell
15e9435b35 Remove ExperimentManager concept from codebase (#13215) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-04 13:41:18 -07:00
Rohit Malhotra
3e15b849a3 Downgrade solvability disabled log from warning to info (#13216) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-04 15:26:21 -05:00
Rohit Malhotra
c32934ed2f Improve budget exceeded error handling in V1 callback processors (#13219) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-04 15:25:46 -05:00
Hiep Le
eeac9f14a3 fix(backend): allow deleting an organization after recent changes (#13200) 2026-03-05 01:52:33 +07:00
Rohit Malhotra
039e208167 Fix enterprise mypy type checking to catch type mismatches (#13140) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-04 13:43:46 -05:00
Rohit Malhotra
6e9e906946 Remove dead test code for non-existent update_common_room_signal function (#13211) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-04 13:20:25 -05:00
Rohit Malhotra
30245dedef Fix mypy type errors in enterprise/integrations/github/github_manager.py (#13208) 
Co-authored-by: openhands <openhands@all-hands.dev>
 2026-03-04 13:19:48 -05:00