deerflow2

History

Hinotobi 2b0e62f679 [security] fix(auth): reject cross-site auth POSTs (#2740 ) * fix(security): reject cross-site auth posts * fix(auth): align secure cookie proxy scheme handling --------- Co-authored-by: Willem Jiang <willem.jiang@gmail.com>		2026-05-07 07:58:06 +08:00
..
auth	fix(security): harden auth system and fix run journal logic bug (#2593 )	2026-04-28 11:34:07 +08:00
routers	feat(agent): add custom-agent self-updates with user isolation (#2713 )	2026-05-05 23:17:42 +08:00
__init__.py	refactor: split backend into harness (deerflow.) and app (app.) (#1131 )	2026-03-14 22:55:52 +08:00
app.py	fix(config): unify log_level from config.yaml across Gateway and debug entry points (#2601 )	2026-04-30 22:27:14 +08:00
auth_middleware.py	feat: implement process-local internal authentication for Gateway and enhance CSRF handling	2026-04-26 22:20:57 +08:00
authz.py	fix(security): harden auth system and fix run journal logic bug (#2593 )	2026-04-28 11:34:07 +08:00
config.py	fix(security): allow disabling API docs in production via GATEWAY_ENABLE_DOCS (#2651 )	2026-04-30 10:58:32 +08:00
csrf_middleware.py	[security] fix(auth): reject cross-site auth POSTs (#2740 )	2026-05-07 07:58:06 +08:00
deps.py	refactor: thread release config through lead path (#2612 )	2026-04-28 14:53:18 +08:00
internal_auth.py	feat: implement process-local internal authentication for Gateway and enhance CSRF handling	2026-04-26 22:20:57 +08:00
langgraph_auth.py	fix(security): harden auth system and fix run journal logic bug (#2593 )	2026-04-28 11:34:07 +08:00
path_utils.py	feat(persistence): per-user filesystem isolation, run-scoped APIs, and state/history simplification (#2153 )	2026-04-26 11:13:01 +08:00
services.py	fix(agents): propagate agent_name into ToolRuntime.context for setup_agent (#2679 )	2026-05-01 16:00:11 +08:00
utils.py	feat(persistence): add unified persistence layer with event store, token tracking, and feedback (#1930 )	2026-04-26 11:05:47 +08:00