mirror of
https://github.com/Mintplex-Labs/anything-llm.git
synced 2024-11-19 12:40:09 +01:00
Merge branch 'master' of github.com:Mintplex-Labs/anything-llm into render
This commit is contained in:
commit
4a806a95d4
4
.github/workflows/build-and-push-image.yaml
vendored
4
.github/workflows/build-and-push-image.yaml
vendored
@ -22,6 +22,7 @@ on:
|
|||||||
- '.github/ISSUE_TEMPLATE/**/*'
|
- '.github/ISSUE_TEMPLATE/**/*'
|
||||||
- 'embed/**/*' # Embed should be published to frontend (yarn build:publish) if any changes are introduced
|
- 'embed/**/*' # Embed should be published to frontend (yarn build:publish) if any changes are introduced
|
||||||
- 'server/utils/agents/aibitat/example/**/*' # Do not push new image for local dev testing of new aibitat images.
|
- 'server/utils/agents/aibitat/example/**/*' # Do not push new image for local dev testing of new aibitat images.
|
||||||
|
- 'docker/vex/*' # CVE exceptions we know are not in risk
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
push_multi_platform_to_registries:
|
push_multi_platform_to_registries:
|
||||||
@ -89,7 +90,8 @@ jobs:
|
|||||||
push: true
|
push: true
|
||||||
sbom: true
|
sbom: true
|
||||||
provenance: mode=max
|
provenance: mode=max
|
||||||
platforms: linux/amd64,linux/arm64
|
# platforms: linux/amd64,linux/arm64
|
||||||
|
platforms: linux/amd64
|
||||||
tags: ${{ steps.meta.outputs.tags }}
|
tags: ${{ steps.meta.outputs.tags }}
|
||||||
labels: ${{ steps.meta.outputs.labels }}
|
labels: ${{ steps.meta.outputs.labels }}
|
||||||
cache-from: type=gha
|
cache-from: type=gha
|
||||||
|
51
docker/vex/CVE-2024-37890.vex.json
Normal file
51
docker/vex/CVE-2024-37890.vex.json
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
{
|
||||||
|
"@context": "https://openvex.dev/ns/v0.2.0",
|
||||||
|
"@id": "https://openvex.dev/docs/public/vex-939548c125c5bfebd3fd91e64c1c53bffacbde06b3611b4474ea90fa58045004",
|
||||||
|
"author": "tim@mintplexlabs.com",
|
||||||
|
"timestamp": "2024-07-19T16:08:47.147169-07:00",
|
||||||
|
"version": 1,
|
||||||
|
"statements": [
|
||||||
|
{
|
||||||
|
"vulnerability": {
|
||||||
|
"name": "CVE-2024-37890"
|
||||||
|
},
|
||||||
|
"timestamp": "2024-07-19T16:08:47.147172-07:00",
|
||||||
|
"products": [
|
||||||
|
{
|
||||||
|
"@id": "pkg:docker/mintplexlabs/anythingllm@render",
|
||||||
|
"subcomponents": [
|
||||||
|
{
|
||||||
|
"@id": "pkg:npm/ws@8.14.2"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"@id": "pkg:docker/mintplexlabs/anythingllm@railway",
|
||||||
|
"subcomponents": [
|
||||||
|
{
|
||||||
|
"@id": "pkg:npm/ws@8.14.2"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"@id": "pkg:docker/mintplexlabs/anythingllm@latest",
|
||||||
|
"subcomponents": [
|
||||||
|
{
|
||||||
|
"@id": "pkg:npm/ws@8.14.2"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"@id": "pkg:docker/mintplexlabs/anythingllm@master",
|
||||||
|
"subcomponents": [
|
||||||
|
{
|
||||||
|
"@id": "pkg:npm/ws@8.14.2"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"status": "not_affected",
|
||||||
|
"justification": "vulnerable_code_cannot_be_controlled_by_adversary"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
@ -45,7 +45,7 @@ app.use(
|
|||||||
if (!!process.env.ENABLE_HTTPS) {
|
if (!!process.env.ENABLE_HTTPS) {
|
||||||
bootSSL(app, process.env.SERVER_PORT || 3001);
|
bootSSL(app, process.env.SERVER_PORT || 3001);
|
||||||
} else {
|
} else {
|
||||||
require("express-ws")(app); // load WebSockets in non-SSL mode.
|
require("@mintplex-labs/express-ws").default(app); // load WebSockets in non-SSL mode.
|
||||||
}
|
}
|
||||||
|
|
||||||
app.use("/api", apiRouter);
|
app.use("/api", apiRouter);
|
||||||
|
@ -33,6 +33,7 @@
|
|||||||
"@langchain/openai": "0.0.28",
|
"@langchain/openai": "0.0.28",
|
||||||
"@langchain/textsplitters": "0.0.0",
|
"@langchain/textsplitters": "0.0.0",
|
||||||
"@mintplex-labs/bree": "^9.2.5",
|
"@mintplex-labs/bree": "^9.2.5",
|
||||||
|
"@mintplex-labs/express-ws": "^5.0.7",
|
||||||
"@pinecone-database/pinecone": "^2.0.1",
|
"@pinecone-database/pinecone": "^2.0.1",
|
||||||
"@prisma/client": "5.3.1",
|
"@prisma/client": "5.3.1",
|
||||||
"@qdrant/js-client-rest": "^1.9.0",
|
"@qdrant/js-client-rest": "^1.9.0",
|
||||||
@ -49,7 +50,6 @@
|
|||||||
"dotenv": "^16.0.3",
|
"dotenv": "^16.0.3",
|
||||||
"elevenlabs": "^0.5.0",
|
"elevenlabs": "^0.5.0",
|
||||||
"express": "^4.18.2",
|
"express": "^4.18.2",
|
||||||
"express-ws": "^5.0.2",
|
|
||||||
"extract-json-from-string": "^1.0.1",
|
"extract-json-from-string": "^1.0.1",
|
||||||
"extract-zip": "^2.0.1",
|
"extract-zip": "^2.0.1",
|
||||||
"graphql": "^16.7.1",
|
"graphql": "^16.7.1",
|
||||||
|
@ -13,7 +13,7 @@ const {
|
|||||||
const path = require("path");
|
const path = require("path");
|
||||||
const port = 3000;
|
const port = 3000;
|
||||||
const app = express();
|
const app = express();
|
||||||
require("express-ws")(app);
|
require("@mintplex-labs/express-ws").default(app); // load WebSockets in non-SSL mode.
|
||||||
require("dotenv").config({ path: `../../../../../.env.development` });
|
require("dotenv").config({ path: `../../../../../.env.development` });
|
||||||
|
|
||||||
// Debugging echo function if this is working for you.
|
// Debugging echo function if this is working for you.
|
||||||
|
@ -13,7 +13,7 @@ const {
|
|||||||
const path = require("path");
|
const path = require("path");
|
||||||
const port = 3000;
|
const port = 3000;
|
||||||
const app = express();
|
const app = express();
|
||||||
require("express-ws")(app);
|
require("@mintplex-labs/express-ws").default(app); // load WebSockets in non-SSL mode.
|
||||||
require("dotenv").config({ path: `../../../../../.env.development` });
|
require("dotenv").config({ path: `../../../../../.env.development` });
|
||||||
|
|
||||||
// Debugging echo function if this is working for you.
|
// Debugging echo function if this is working for you.
|
||||||
|
@ -4,6 +4,15 @@ const { EncryptionManager } = require("../EncryptionManager");
|
|||||||
const { CommunicationKey } = require("../comKey");
|
const { CommunicationKey } = require("../comKey");
|
||||||
const setupTelemetry = require("../telemetry");
|
const setupTelemetry = require("../telemetry");
|
||||||
|
|
||||||
|
// Testing SSL? You can make a self signed certificate and point the ENVs to that location
|
||||||
|
// make a directory in server called 'sslcert' - cd into it
|
||||||
|
// - openssl genrsa -aes256 -passout pass:gsahdg -out server.pass.key 4096
|
||||||
|
// - openssl rsa -passin pass:gsahdg -in server.pass.key -out server.key
|
||||||
|
// - rm server.pass.key
|
||||||
|
// - openssl req -new -key server.key -out server.csr
|
||||||
|
// Update .env keys with the correct values and boot. These are temporary and not real SSL certs - only use for local.
|
||||||
|
// Test with https://localhost:3001/api/ping
|
||||||
|
// build and copy frontend to server/public with correct API_BASE and start server in prod model and all should be ok
|
||||||
function bootSSL(app, port = 3001) {
|
function bootSSL(app, port = 3001) {
|
||||||
try {
|
try {
|
||||||
console.log(
|
console.log(
|
||||||
@ -26,7 +35,7 @@ function bootSSL(app, port = 3001) {
|
|||||||
})
|
})
|
||||||
.on("error", catchSigTerms);
|
.on("error", catchSigTerms);
|
||||||
|
|
||||||
require("express-ws")(app, server); // Apply same certificate + server for WSS connections
|
require("@mintplex-labs/express-ws").default(app, server);
|
||||||
return { app, server };
|
return { app, server };
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
console.error(
|
console.error(
|
||||||
|
@ -704,6 +704,13 @@
|
|||||||
p-wait-for "3"
|
p-wait-for "3"
|
||||||
safe-timers "^1.1.0"
|
safe-timers "^1.1.0"
|
||||||
|
|
||||||
|
"@mintplex-labs/express-ws@^5.0.7":
|
||||||
|
version "5.0.7"
|
||||||
|
resolved "https://registry.yarnpkg.com/@mintplex-labs/express-ws/-/express-ws-5.0.7.tgz#ef22a849e2c21a8ab93bd68adbe52e278db4d858"
|
||||||
|
integrity sha512-cwAvW1aB+/nu8QvkCDnLzav9UOAAlRz042PYHh/bS7z4xpucKP2c002+ZbrW6+flA8qIwoBn3FrSjLCHj7Pi2w==
|
||||||
|
dependencies:
|
||||||
|
ws "^7.5.10"
|
||||||
|
|
||||||
"@nodelib/fs.scandir@2.1.5":
|
"@nodelib/fs.scandir@2.1.5":
|
||||||
version "2.1.5"
|
version "2.1.5"
|
||||||
resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz#7619c2eb21b25483f6d167548b4cfd5a7488c3d5"
|
resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz#7619c2eb21b25483f6d167548b4cfd5a7488c3d5"
|
||||||
@ -2895,13 +2902,6 @@ expr-eval@^2.0.2:
|
|||||||
resolved "https://registry.yarnpkg.com/expr-eval/-/expr-eval-2.0.2.tgz#fa6f044a7b0c93fde830954eb9c5b0f7fbc7e201"
|
resolved "https://registry.yarnpkg.com/expr-eval/-/expr-eval-2.0.2.tgz#fa6f044a7b0c93fde830954eb9c5b0f7fbc7e201"
|
||||||
integrity sha512-4EMSHGOPSwAfBiibw3ndnP0AvjDWLsMvGOvWEZ2F96IGk0bIVdjQisOHxReSkE13mHcfbuCiXw+G4y0zv6N8Eg==
|
integrity sha512-4EMSHGOPSwAfBiibw3ndnP0AvjDWLsMvGOvWEZ2F96IGk0bIVdjQisOHxReSkE13mHcfbuCiXw+G4y0zv6N8Eg==
|
||||||
|
|
||||||
express-ws@^5.0.2:
|
|
||||||
version "5.0.2"
|
|
||||||
resolved "https://registry.yarnpkg.com/express-ws/-/express-ws-5.0.2.tgz#5b02d41b937d05199c6c266d7cc931c823bda8eb"
|
|
||||||
integrity sha512-0uvmuk61O9HXgLhGl3QhNSEtRsQevtmbL94/eILaliEADZBHZOQUAiHFrGPrgsjikohyrmSG5g+sCfASTt0lkQ==
|
|
||||||
dependencies:
|
|
||||||
ws "^7.4.6"
|
|
||||||
|
|
||||||
express@^4.18.2:
|
express@^4.18.2:
|
||||||
version "4.19.2"
|
version "4.19.2"
|
||||||
resolved "https://registry.yarnpkg.com/express/-/express-4.19.2.tgz#e25437827a3aa7f2a827bc8171bbbb664a356465"
|
resolved "https://registry.yarnpkg.com/express/-/express-4.19.2.tgz#e25437827a3aa7f2a827bc8171bbbb664a356465"
|
||||||
@ -6823,10 +6823,10 @@ wrappy@1:
|
|||||||
resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
|
resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
|
||||||
integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==
|
integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==
|
||||||
|
|
||||||
ws@^7.4.6:
|
ws@^7.5.10:
|
||||||
version "7.5.9"
|
version "7.5.10"
|
||||||
resolved "https://registry.yarnpkg.com/ws/-/ws-7.5.9.tgz#54fa7db29f4c7cec68b1ddd3a89de099942bb591"
|
resolved "https://registry.yarnpkg.com/ws/-/ws-7.5.10.tgz#58b5c20dc281633f6c19113f39b349bd8bd558d9"
|
||||||
integrity sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q==
|
integrity sha512-+dbF1tHwZpXcbOJdVOkzLDxZP1ailvSxM6ZweXTegylPny803bFhA+vqBYw4s31NSAk4S2Qz+AKXK9a4wkdjcQ==
|
||||||
|
|
||||||
xtend@^4.0.0:
|
xtend@^4.0.0:
|
||||||
version "4.0.2"
|
version "4.0.2"
|
||||||
|
Loading…
Reference in New Issue
Block a user