Sabo/webui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
535 Commits 1 Branch 0 Tags
d5bea959a5e2e94e0ebac6f6d3417ac69b4832ea
Commit Graph

160 Commits

Author SHA1 Message Date
nesquena-hermes
a92e21553d docs: v0.42.0 release — German i18n, custom provider routing, phantom Custom group fix (564 tests) (#207) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-09 18:44:04 -07:00
nesquena-hermes
cb069794dd docs: v0.41.0 release — TLS, CSP, session memory leak, slow-client timeout, update checker, CLI file browser (561 tests) (#205) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-09 18:20:07 -07:00
nesquena-hermes
4d68fb31d4 docs: v0.40.2 release — approval UI, 547 tests (#188) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-08 20:17:14 -07:00
nesquena-hermes
012ac6f149 docs: v0.40.1 release — default locale fix (#186) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-08 19:35:41 -07:00
nesquena-hermes
a5b843d6f9 docs: v0.40.0 release — i18n, notifications, thinking display (#184) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-08 19:19:02 -07:00
Nathan Esquenazi
d919b584c6 docs: v0.39.1 release notes for ENV_LOCK deadlock fix 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-08 07:26:41 -07:00
nesquena-hermes
a064542df9 release: v0.39.0 — security hardening, 12 fixes (#171) 
* Security: harden auth, CSRF, SSRF, XSS, and env race conditions

Twelve fixes from a full security audit:

CRITICAL
- Add CSRF Origin/Referer validation on all POST endpoints
  (prevents cross-origin abuse of self-update, settings, file ops)

HIGH
- Unify password hashing: config.py now uses PBKDF2 (600k iters)
  instead of single-iteration SHA-256
- Add per-IP rate limiting on login (5 attempts/60s, 429 on excess)

MEDIUM
- Validate session IDs as hex-only before filesystem operations
  (prevents path traversal via crafted session ID)
- SSRF: resolve DNS before private-IP check in model fetching
  (prevents DNS rebinding to internal services)
- Warn loudly when binding non-loopback without password set
- SSE env var mutations: wrap sync chat + streaming restore in _ENV_LOCK
- Force Content-Disposition:attachment for HTML/XHTML/SVG uploads
  (prevents stored XSS via uploaded files)

LOW
- Extend HMAC session signature from 64 to 128 bits
- Add resolve()+relative_to() check on skills path construction
- Set Secure flag on session cookie when connection is HTTPS
- Sanitize exception messages to strip filesystem paths

No breaking changes. All fixes are backward-compatible.

* fix: use getattr for Secure cookie SSL detection

handler.request.getpeercert raises AttributeError on plain sockets
(non-SSL). Use getattr(..., None) to safely check for SSL.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* tests: add sprint 29 security hardening coverage (PR #171)

33 tests covering all 12 security fixes:
- CSRF origin/referer validation
- Login rate limiting (5 attempts/60s)
- Session ID hex validation (path traversal prevention)
- Error path sanitization (_sanitize_error)
- Secure cookie getattr safety
- HMAC signature length (64->128 bit)
- Skills path traversal prevention
- Content-Disposition for HTML/SVG/XHTML
- PBKDF2 password hashing verification
- Non-loopback startup warning
- SSRF DNS guard code presence
- _ENV_LOCK export from streaming module

* release: v0.39.0 — security hardening, 12 fixes (#171)

---------

Co-authored-by: betamod <matthew.sloly@gmail.com>
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-07 22:26:03 -07:00
nesquena-hermes
ab6147fba9 release: v0.38.6 — insights message count fix (#165) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-06 22:56:54 -07:00
nesquena-hermes
4d2887531d release: v0.38.5 — custom endpoint URL, custom_providers, .env key fix (#161) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-06 14:39:37 -07:00
nesquena-hermes
76241bc255 release: v0.38.4 — exclude ambient gh token from provider detection (#159) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-06 14:35:52 -07:00
nesquena-hermes
027e7314f0 release: v0.38.3 — model dropdown uses hermes auth (#156) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-06 14:29:33 -07:00
nesquena-hermes
01896d67f3 release: v0.38.2 — tool cards properly render on page reload (#154) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-06 14:23:54 -07:00
nesquena-hermes
d71daad002 release: v0.38.1 — model selector duplicate + stale label fixes (#152) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-06 14:16:26 -07:00
nesquena-hermes
cd598c896a docs: v0.37.0 release notes, version bump, test count (465 tests) (#144) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-06 11:19:19 -07:00
Nathan Esquenazi
863dc4e938 docs: update CHANGELOG with v0.36.3 configurable bot name 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-06 08:14:40 -07:00
nesquena-hermes
c6017f461b docs: v0.36.2 release notes and version bump 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-05 13:59:45 -07:00
nesquena-hermes
1777cf7bfe docs: v0.36.1 release notes and version bump 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-05 12:46:58 -07:00
nesquena-hermes
3ca7f08b59 docs: sweep markdown for v0.36 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-05 10:00:45 -07:00
Nathan Esquenazi
27706367b7 docs: v0.36 release notes, version bump for self-update checker 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-05 09:27:27 -07:00
nesquena-hermes
257092d107 docs: v0.35.1 release notes and version bump 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-05 08:31:15 -07:00
nesquena-hermes
0119365bd8 docs: v0.35 release notes and version bump 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-04 22:27:04 -07:00
nesquena-hermes
cf3ccb0666 docs: v0.34.3 release notes and version bump 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-04 22:12:37 -07:00
nesquena-hermes
0ed2981205 docs: v0.34.2 release notes and version bump 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-04 22:00:15 -07:00
nesquena-hermes
3294e54e00 docs: v0.34.1 release notes and version bump 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-04 21:45:23 -07:00
Nathan Esquenazi
82a942a2b1 docs: v0.34 release — themes CHANGELOG, README, add light to picker 
- CHANGELOG: v0.34 Sprint 26 entry (6 themes, /theme command, settings UX)
- README: themes section, updated slash commands, THEMES.md in docs list
- THEMES.md: added Slate to theme table, matches actual CSS/dropdown
- commands.js: added 'light' to /theme valid list, updated description
- index.html: added Light option to theme dropdown, version v0.34
- SPRINTS/CHANGELOG footers updated to v0.34 / 433 tests

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-04 21:13:01 -07:00
nesquena-hermes
6d4c258d90 docs: v0.33 release notes and version bump 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-04 20:09:59 -07:00
Nathan Esquenazi
4a6769ec08 docs: v0.32 release notes, version bump for auto-compaction handling 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-04 19:00:02 -07:00
nesquena-hermes
2e7ce0a341 docs: v0.31.2 release notes and version bump 
* docs: v0.31.1 release notes and version bump

* docs: v0.31.2 release notes and version bump

---------

Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-04 17:40:08 -07:00
Nathan Esquenazi
1e6746c66b docs: v0.31 — update all markdown for Sprint 24 features 
README: added rAF-throttled streaming, context usage indicator, git
detection badge, collapsible date groups. Updated architecture line
counts to current values.

ROADMAP: v0.29 -> v0.31, marked streaming perf, git detection,
collapsible groups, and context indicator as done (Sprint 24).

SPRINTS: v0.30.1 -> v0.31 in header and footer.

CHANGELOG: footer updated to v0.31.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-04 14:29:57 -07:00
nesquena-hermes
1a773597ac docs: v0.31 release -- UI polish + deployment hardening (#74) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-04 11:30:51 -07:00
Nathan Esquenazi
d3b693524f docs: v0.30.1 release — CLI bridge fixes, README update 
CHANGELOG: add v0.30.1 entry covering PRs #57-#61 (CLI session bridge
fixes: sidebar rendering, profile-aware state.db path, silent SQL error,
show/hide toggle in Settings.

README: add CLI session bridge, token/cost display, subagent cards,
/usage command, skills linked files, show CLI sessions toggle.

Version label: v0.30 -> v0.30.1 in index.html, SPRINTS, CHANGELOG footer.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
EOF
)
 2026-04-03 21:11:52 -07:00
nesquena-hermes
10a1e57c9b docs: fix test count in v0.30 CHANGELOG (424 not 426) (#57) 
Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-03 20:44:58 -07:00
Nathan Esquenazi
f8ea02c14d merge: resolve conflicts with master (v0.29), bump to v0.30 
Resolved CHANGELOG.md and SPRINTS.md conflicts: master added v0.29
(Sprint 23: Agentic Transparency), CLI bridge becomes v0.30.
Updated all version references to v0.30.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 20:42:11 -07:00
Nathan Esquenazi
122fe955b6 docs: v0.29 release notes for CLI session bridge, version bump 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 20:39:27 -07:00
nesquena-hermes
33fca2383c docs: v0.29 release notes + roadmap/sprint plan updates 
- CHANGELOG.md: add v0.29 entry covering all Sprint 23 deliverables
  (token/cost display, subagent cards, skill picker, linked files viewer,
  workspace tree persistence, timestamp fixes, XSS + security fixes)
- ROADMAP.md: update to v0.29, add Sprint 23 to history table, check off
  token/cost, skill linked files, skill picker in cron (3 items closed)
- TESTING.md: update automated test count 415 -> 424
- SPRINTS.md: add Sprint 24 (web polish bug fix pass) and Sprint 25
  (macOS native desktop app) forward plans; remove stale stub entries

Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
 2026-04-03 19:36:18 -07:00
Nathan Esquenazi
4a4af209ad docs: update all markdown to v0.28.1 state 
- README: add GHCR pre-built images to Docker section, update line counts
  and test count (426 tests, 22 files), add CI/CD to architecture tree
- ROADMAP: update header to v0.28.1/426 tests, mark all user-requested
  features as shipped, collapse completed Waves 3-7 into summary table,
  update architecture line counts, add CI/CD row
- CHANGELOG: add v0.28.1 entry for CI pipeline + multi-arch Docker builds,
  update footer version
- SPRINTS: update header and footer to v0.28.1

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 14:18:50 -07:00
Nathan Esquenazi
94b080fa1e docs: v0.27 release notes, version bump for profile creation fallback 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 14:00:46 -07:00
Nathan Esquenazi
5c9edfc7bf docs: v0.26 release notes, remove planning artifact, update versions 
- Add v0.26 CHANGELOG entry (10 post-Sprint-23 fixes)
- Remove SPRINT_23_PLAN.md (planning artifact, not runtime docs)
- Bump version label to v0.26 in index.html
- Update SPRINTS header and footer to v0.26 / 426 tests
- Update CHANGELOG footer to v0.26 / 426 tests

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 13:44:06 -07:00
Nathan Esquenazi
30529e0002 docs: fix SPRINTS header and CHANGELOG footer to v0.25 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 12:10:29 -07:00
Nathan Esquenazi
3520fa5643 feat: Sprint 23 -- profile/workspace/model coherence 
Fix five coherence bugs in profile switching:
1. Model picker ignored profile default (localStorage stale key)
2. Workspace list was global (not profile-scoped)
3. DEFAULT_WORKSPACE was a boot-time singleton
4. Session list showed all profiles (no filtering)
5. switchToProfile() didn't refresh workspaces or sessions

Backend: workspace storage is now profile-local for named profiles,
switch_profile() returns default_model and default_workspace.
Frontend: switchToProfile() clears stale model pref, refreshes
workspace list and session list, sessions.js filters by active profile
with 'Show N from other profiles' toggle.

8 new tests. 400 pass / 23 fail (identical to baseline).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 11:46:15 -07:00
Nathan Esquenazi
4bec7c082e docs: fix SPRINTS header and CHANGELOG footer to v0.24 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 11:10:28 -07:00
Nathan Esquenazi
d2b27f6f1e feat: multi-profile support -- create, switch, delete profiles from web UI (Issue #28) 
Add full profile management to the web UI, matching the hermes-agent CLI
profile system. Profiles are isolated HERMES_HOME instances with their own
config, skills, memory, cron, and API keys.

Backend: new api/profiles.py wrapping hermes_cli.profiles, dynamic config
reloading, 5 new API endpoints, profile-aware path resolution, HERMES_HOME
env save/restore in streaming, module-level cache patching for skills_tool
and cron/jobs.

Frontend: profile chip in topbar with dropdown, Profiles sidebar panel with
CRUD UI, boot-time profile fetch, cascade refresh on switch.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 10:50:21 -07:00
Nathan Esquenazi
a92c251ef8 docs: Sprint 21 release notes, version v0.23, Docker localhost binding 
- CHANGELOG: add v0.23 Sprint 21 entry (mobile + Docker)
- SPRINTS: Sprint 21 marked COMPLETED, footer updated
- index.html: version label v0.22 -> v0.23
- docker-compose.yml: bind to 127.0.0.1 by default (SEC-1 fix)
- README: add security note about Docker port binding

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 10:28:47 -07:00
Nathan Esquenazi
f5c9f218c4 docs: rename test_sprint21 to test_sprint20b, update test counts to 415 
Sprint 20 combines voice input (20a) and send button polish (20b).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 07:22:13 -07:00
Nathan Esquenazi
df3de7a543 docs: Sprint 20 release notes, version v0.22, SPRINTS update 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 07:19:26 -07:00
Nathan Esquenazi
2dda99082f docs: fix test count 327->328 in CHANGELOG, TESTING.md, ROADMAP.md 
Sprint 19 added 10 new tests (not 9), bringing the total to 328 (not 327).
All 328 tests pass with 0 failures -- the "304 passing, 23 pre-existing
failures" note was stale from an earlier state of the test suite.

Files updated:
- CHANGELOG.md: v0.21 header, tests line, footer
- TESTING.md: automated tests header, footer
- ROADMAP.md: header note, Sprint History table
 2026-04-03 13:34:21 +00:00
Nathan Esquenazi
56526ce502 chore: update UI version to v0.21, CHANGELOG footer 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 06:22:29 -07:00
Nathan Esquenazi
66bd84accb docs: comprehensive update of all markdown files for v0.21 
ARCHITECTURE.md:
- 6→7 JS modules (added commands.js), updated all line counts
- Added api/auth.py to file inventory
- Added HERMES_WEBUI_PASSWORD env var
- Added projects.json to state directory listing
- Replaced PORTABILITY.md ref with BUGS.md
- Updated test file references (test_sprint1-19, 327 functions)

ROADMAP.md:
- Version Sprint 17/v0.19 → Sprint 19/v0.21, test count 294→327
- Added Sprint 18 + 19 rows to sprint history table
- Updated architecture table (api/ 2491 lines, JS 3148 lines)
- Added sections: Workspace, Slash Commands, Security, Thinking
- Added Sprint 20-24 to Advanced/Future (voice, mobile, multi-profile,
  desktop, extended commands)

SPRINTS.md:
- Header v0.20→v0.21, 318→327 tests
- "Where we are now" updated from v0.18 to v0.21
- Removed two stale/duplicate "Sprint 18" sections (Voice + Subagent)
- Added completed Sprint 18 (thinking + tree + preview fix)
- Added completed Sprint 19 (auth + security)
- Added planned Sprints 20-24 (voice, mobile, multi-profile, desktop, commands)
- Parity tables fully updated with current Done/Deferred status

CHANGELOG.md:
- Added v0.21 Sprint 19 entry (auth, security headers, 20MB limit)

TESTING.md:
- Header "through Sprint 2" → "through Sprint 19 (v0.21)"
- Added test count and pytest command to header
- Added 9 new manual test sections covering Sprints 11-19
- Updated footer with current stats

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 06:06:00 -07:00
Nathan Esquenazi
d0aef93372 fix: apply review fixes, update version to v0.20, add Sprint 18 changelog 
- Fix stale tree cache: clear _dirCache and _expandedDirs on root nav
- Fix clearPreview: prompt before discarding unsaved preview edits
- Update UI version label from v0.17.1 to v0.20
- Add Sprint 18 entry to CHANGELOG.md
- Update SPRINTS.md current state to v0.20

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 05:02:30 -07:00
Nathan Esquenazi
0c00dae15a docs: fix test count (294→318) and add Sprint 17 Tests section 
CHANGELOG.md and SPRINTS.md incorrectly stated 294 tests for v0.19.
Actual count is 318 (289 from v0.18.1 + 6 new Sprint 17 + 23 in
test_regressions.py). The Sprint 17 commit message miscounted as
'5 new' when test_sprint17.py contains 6 tests.

Also adds a Tests section to the Sprint 17 CHANGELOG entry listing
what the 6 tests cover, and notes the send_key enum validation.

Tests: 318 passed, 0 failed.
 2026-04-03 11:23:42 +00:00