@lobehub/chat 1.134.6 → 1.135.0

package/packages/model-runtime/src/providers/azureOpenai/index.ts

@@ -20,6 +20,7 @@ import { AgentRuntimeError } from '../../utils/createError';
 import { debugStream } from '../../utils/debugStream';
 import { convertImageUrlToFile, convertOpenAIMessages } from '../../utils/openaiHelpers';
 import { StreamingResponse } from '../../utils/response';
+import { sanitizeError } from '../../utils/sanitizeError';
 
 const azureImageLogger = debug('lobe-image:azure');
 export class LobeAzureOpenAI implements LobeRuntimeAI {
@@ -253,9 +254,12 @@ export class LobeAzureOpenAI implements LobeRuntimeAI {
       ? AgentRuntimeErrorType.ProviderBizError
       : AgentRuntimeErrorType.AgentRuntimeError;
 
+    // Sanitize error to remove sensitive information like API keys from headers
+    const sanitizedError = sanitizeError(error);
+
     throw AgentRuntimeError.chat({
       endpoint: this.maskSensitiveUrl(this.baseURL),
-      error,
+      error: sanitizedError,
       errorType,
       provider: ModelProvider.Azure,
     });

package/packages/model-runtime/src/providers/azureai/index.ts

@@ -12,6 +12,7 @@ import { AgentRuntimeErrorType } from '../../types/error';
 import { AgentRuntimeError } from '../../utils/createError';
 import { debugStream } from '../../utils/debugStream';
 import { StreamingResponse } from '../../utils/response';
+import { sanitizeError } from '../../utils/sanitizeError';
 
 interface AzureAIParams {
   apiKey?: string;
@@ -112,9 +113,12 @@ export class LobeAzureAI implements LobeRuntimeAI {
         ? AgentRuntimeErrorType.ProviderBizError
         : AgentRuntimeErrorType.AgentRuntimeError;
 
+      // Sanitize error to remove sensitive information like API keys from headers
+      const sanitizedError = sanitizeError(error);
+
       throw AgentRuntimeError.chat({
         endpoint: this.maskSensitiveUrl(this.baseURL),
-        error,
+        error: sanitizedError,
         errorType,
         provider: ModelProvider.Azure,
       });

package/packages/model-runtime/src/providers/fal/index.ts

@@ -33,6 +33,7 @@ export class LobeFalAI implements LobeRuntimeAI {
       ['cfg', 'guidance_scale'],
       ['imageUrl', 'image_url'],
       ['imageUrls', 'image_urls'],
+      ['size', 'image_size'],
     ]);
 
     const defaultInput: Record<string, unknown> = {
@@ -50,12 +51,16 @@ export class LobeFalAI implements LobeRuntimeAI {
     );
 
     if ('width' in userInput && 'height' in userInput) {
-      userInput.image_size = {
-        height: userInput.height,
-        width: userInput.width,
-      };
-      delete userInput.width;
-      delete userInput.height;
+      if (userInput.size) {
+        throw new Error('width/height and size are not supported at the same time');
+      } else {
+        userInput.image_size = {
+          height: userInput.height,
+          width: userInput.width,
+        };
+        delete userInput.width;
+        delete userInput.height;
+      }
     }
 
     const modelsAcceleratedByDefault = new Set<string>(['flux/krea']);
@@ -66,7 +71,7 @@ export class LobeFalAI implements LobeRuntimeAI {
     // Ensure model has fal-ai/ prefix
     let endpoint = model.startsWith('fal-ai/') ? model : `fal-ai/${model}`;
     const hasImageUrls = (params.imageUrls?.length ?? 0) > 0;
-    if (endpoint === 'fal-ai/bytedance/seedream/v4') {
+    if (['fal-ai/bytedance/seedream/v4', 'fal-ai/hunyuan-image/v3'].includes(endpoint)) {
       endpoint += hasImageUrls ? '/edit' : '/text-to-image';
     } else if (endpoint === 'fal-ai/nano-banana' && hasImageUrls) {
       endpoint += '/edit';

package/packages/model-runtime/src/providers/newapi/index.test.ts

@@ -563,7 +563,22 @@ describe('NewAPI Runtime - 100% Branch Coverage', () => {
 
           if (inputPrice !== undefined) {
             const outputPrice = inputPrice * (pricing.completion_ratio || 1);
-            enhancedModel.pricing = { input: inputPrice, output: outputPrice };
+            enhancedModel.pricing = {
+              units: [
+                {
+                  name: 'textInput',
+                  unit: 'millionTokens',
+                  strategy: 'fixed',
+                  rate: inputPrice,
+                },
+                {
+                  name: 'textOutput',
+                  unit: 'millionTokens',
+                  strategy: 'fixed',
+                  rate: outputPrice,
+                },
+              ],
+            };
           }
         }
 
@@ -582,8 +597,18 @@ describe('NewAPI Runtime - 100% Branch Coverage', () => {
       });
 
       // Verify pricing results
-      expect(enrichedModels[0].pricing).toEqual({ input: 40, output: 120 }); // model_price * 2, input * completion_ratio
-      expect(enrichedModels[1].pricing).toEqual({ input: 10, output: 10 }); // model_ratio * 2, input * 1 (default)
+      expect(enrichedModels[0].pricing).toEqual({
+        units: [
+          { name: 'textInput', unit: 'millionTokens', strategy: 'fixed', rate: 40 },
+          { name: 'textOutput', unit: 'millionTokens', strategy: 'fixed', rate: 120 },
+        ],
+      }); // model_price * 2, input * completion_ratio
+      expect(enrichedModels[1].pricing).toEqual({
+        units: [
+          { name: 'textInput', unit: 'millionTokens', strategy: 'fixed', rate: 10 },
+          { name: 'textOutput', unit: 'millionTokens', strategy: 'fixed', rate: 10 },
+        ],
+      }); // model_ratio * 2, input * 1 (default)
       expect(enrichedModels[2].pricing).toBeUndefined(); // quota_type = 1, skipped
 
       // Verify provider detection

package/packages/model-runtime/src/providers/newapi/index.ts

@@ -20,41 +20,21 @@ export interface NewAPIPricing {
   model_name: string;
   model_price?: number;
   model_ratio?: number;
-  quota_type: number; // 0: 按量计费, 1: 按次计费
+  /** 0: Pay-per-token, 1: Pay-per-call */
+  quota_type: number;
   supported_endpoint_types?: string[];
 }
 
 const handlePayload = (payload: ChatStreamPayload) => {
-  // 处理 OpenAI responses API 模式
+  // Handle OpenAI responses API mode
   if (
     responsesAPIModels.has(payload.model) ||
     payload.model.includes('gpt-') ||
     /^o\d/.test(payload.model)
   ) {
-    return { ...payload, apiMode: 'responses' } as any;
+    return { ...payload, apiMode: 'responses' };
   }
-  return payload as any;
-};
-
-// 根据 owned_by 字段判断提供商（基于 NewAPI 的 channel name）
-const getProviderFromOwnedBy = (ownedBy: string): string => {
-  const normalizedOwnedBy = ownedBy.toLowerCase();
-
-  if (normalizedOwnedBy.includes('claude') || normalizedOwnedBy.includes('anthropic')) {
-    return 'anthropic';
-  }
-  if (normalizedOwnedBy.includes('google') || normalizedOwnedBy.includes('gemini')) {
-    return 'google';
-  }
-  if (normalizedOwnedBy.includes('xai') || normalizedOwnedBy.includes('grok')) {
-    return 'xai';
-  }
-  if (normalizedOwnedBy.includes('ali') || normalizedOwnedBy.includes('qwen')) {
-    return 'qwen';
-  }
-
-  // 默认为 openai
-  return 'openai';
+  return payload;
 };
 
 export const LobeNewAPIAI = createRouterRuntime({
@@ -66,16 +46,16 @@ export const LobeNewAPIAI = createRouterRuntime({
   },
   id: ModelProvider.NewAPI,
   models: async ({ client: openAIClient }) => {
-    // 获取基础 URL（移除末尾的 API 版本路径如 /v1、/v1beta 等）
+    // Get base URL (remove trailing API version paths like /v1, /v1beta, etc.)
     const baseURL = openAIClient.baseURL.replace(/\/v\d+[a-z]*\/?$/, '');
 
     const modelsPage = (await openAIClient.models.list()) as any;
     const modelList: NewAPIModelCard[] = modelsPage.data || [];
 
-    // 尝试获取 pricing 信息以补充模型详细信息
+    // Try to get pricing information to enrich model details
     let pricingMap: Map<string, NewAPIPricing> = new Map();
     try {
-      // 使用保存的 baseURL
+      // Use saved baseURL
       const pricingResponse = await fetch(`${baseURL}/api/pricing`, {
         headers: {
           Authorization: `Bearer ${openAIClient.apiKey}`,
@@ -99,22 +79,22 @@ export const LobeNewAPIAI = createRouterRuntime({
     const enrichedModelList = modelList.map((model) => {
       let enhancedModel: any = { ...model };
 
-      // 1. 添加 pricing 信息
+      // add pricing info
       const pricing = pricingMap.get(model.id);
       if (pricing) {
-        // NewAPI 的价格计算逻辑：
-        // - quota_type: 0 表示按量计费（按 token），1 表示按次计费
-        // - model_ratio: 相对于基础价格的倍率（基础价格 = $0.002/1K tokens）
-        // - model_price: 直接指定的价格（优先使用）
-        // - completion_ratio: 输出价格相对于输入价格的倍率
+        // NewAPI pricing calculation logic:
+        // - quota_type: 0 means pay-per-token, 1 means pay-per-call
+        // - model_ratio: multiplier relative to base price (base price = $0.002/1K tokens)
+        // - model_price: directly specified price (takes priority)
+        // - completion_ratio: output price multiplier relative to input price
         //
-        // LobeChat 需要的格式：美元/百万 token
+        // LobeChat required format: USD per million tokens
 
         let inputPrice: number | undefined;
         let outputPrice: number | undefined;
 
         if (pricing.quota_type === 0) {
-          // 按量计费
+          // Pay-per-token
           if (pricing.model_price && pricing.model_price > 0) {
             // model_price is a direct price value; need to confirm its unit.
             // Assumption: model_price is the price per 1,000 tokens (i.e., $/1K tokens).
@@ -124,62 +104,38 @@ export const LobeNewAPIAI = createRouterRuntime({
             inputPrice = pricing.model_price * 2;
           } else if (pricing.model_ratio) {
             // model_ratio × $0.002/1K = model_ratio × $2/1M
-            inputPrice = pricing.model_ratio * 2; // 转换为 $/1M tokens
+            inputPrice = pricing.model_ratio * 2; // Convert to $/1M tokens
           }
 
           if (inputPrice !== undefined) {
-            // 计算输出价格
+            // Calculate output price
             outputPrice = inputPrice * (pricing.completion_ratio || 1);
 
             enhancedModel.pricing = {
-              input: inputPrice,
-              output: outputPrice,
+              units: [
+                {
+                  name: 'textInput',
+                  rate: inputPrice,
+                  strategy: 'fixed',
+                  unit: 'millionTokens',
+                },
+                {
+                  name: 'textOutput',
+                  rate: outputPrice,
+                  strategy: 'fixed',
+                  unit: 'millionTokens',
+                },
+              ],
             };
           }
         }
-        // quota_type === 1 按次计费暂不支持
-      }
-
-      // 2. 根据优先级处理 provider 信息并缓存路由
-      let detectedProvider = 'openai'; // 默认
-
-      // 优先级1：使用 supported_endpoint_types
-      if (model.supported_endpoint_types && model.supported_endpoint_types.length > 0) {
-        if (model.supported_endpoint_types.includes('anthropic')) {
-          detectedProvider = 'anthropic';
-        } else if (model.supported_endpoint_types.includes('gemini')) {
-          detectedProvider = 'google';
-        } else if (model.supported_endpoint_types.includes('xai')) {
-          detectedProvider = 'xai';
-        } else if (model.supported_endpoint_types.includes('qwen')) {
-          detectedProvider = 'qwen';
-        }
-      }
-      // 优先级2：使用 owned_by 字段
-      else if (model.owned_by) {
-        detectedProvider = getProviderFromOwnedBy(model.owned_by);
-      }
-      // 优先级3：基于模型名称检测
-      else {
-        detectedProvider = detectModelProvider(model.id);
+        // quota_type === 1 pay-per-call is not currently supported
       }
 
-      // 将检测到的 provider 信息附加到模型上
-      enhancedModel._detectedProvider = detectedProvider;
-
       return enhancedModel;
     });
 
-    // 使用 processMultiProviderModelList 处理模型能力
-    const processedModels = await processMultiProviderModelList(enrichedModelList, 'newapi');
-
-    // 清理临时字段
-    return processedModels.map((model: any) => {
-      if (model._detectedProvider) {
-        delete model._detectedProvider;
-      }
-      return model;
-    });
+    return processMultiProviderModelList(enrichedModelList, 'newapi');
   },
   routers: (options) => {
     const userBaseURL = options.baseURL?.replace(/\/v\d+[a-z]*\/?$/, '') || '';
@@ -215,16 +171,6 @@ export const LobeNewAPIAI = createRouterRuntime({
           baseURL: urlJoin(userBaseURL, '/v1'),
         },
       },
-      {
-        apiType: 'qwen',
-        models: LOBE_DEFAULT_MODEL_LIST.map((m) => m.id).filter(
-          (id) => detectModelProvider(id) === 'qwen',
-        ),
-        options: {
-          ...options,
-          baseURL: urlJoin(userBaseURL, '/v1'),
-        },
-      },
       {
         apiType: 'openai',
         options: {

package/packages/model-runtime/src/types/index.ts

@@ -8,4 +8,3 @@ export * from './textToImage';
 export * from './toolsCalling';
 export * from './tts';
 export * from './type';
-export * from './usage';

package/packages/model-runtime/src/utils/sanitizeError.test.ts

@@ -0,0 +1,109 @@
+import { describe, expect, it } from 'vitest';
+
+import { sanitizeError } from './sanitizeError';
+
+describe('sanitizeError', () => {
+  it('should remove sensitive request headers', () => {
+    const errorWithHeaders = {
+      message: 'API Error',
+      code: 401,
+      request: {
+        headers: {
+          authorization: 'Bearer sk-1234567890',
+          'content-type': 'application/json',
+          'ocp-apim-subscription-key': 'azure-key-123',
+        },
+        url: 'https://api.example.com',
+      },
+    };
+
+    const sanitized = sanitizeError(errorWithHeaders);
+
+    expect(sanitized).toEqual({
+      message: 'API Error',
+      code: 401,
+    });
+    expect(sanitized.request).toBeUndefined();
+  });
+
+  it('should remove sensitive fields at any level', () => {
+    const errorWithNestedSensitive = {
+      message: 'Error',
+      data: {
+        config: {
+          apikey: 'secret-key',
+          headers: {
+            authorization: 'Bearer token',
+          },
+        },
+        response: {
+          status: 401,
+          data: 'Unauthorized',
+        },
+      },
+    };
+
+    const sanitized = sanitizeError(errorWithNestedSensitive);
+
+    expect(sanitized).toEqual({
+      message: 'Error',
+      data: {
+        response: {
+          status: 401,
+          data: 'Unauthorized',
+        },
+      },
+    });
+    expect(sanitized.data.config).toBeUndefined();
+  });
+
+  it('should handle primitive values', () => {
+    expect(sanitizeError('string')).toBe('string');
+    expect(sanitizeError(123)).toBe(123);
+    expect(sanitizeError(true)).toBe(true);
+    expect(sanitizeError(null)).toBe(null);
+    expect(sanitizeError(undefined)).toBe(undefined);
+  });
+
+  it('should handle arrays', () => {
+    const errorArray = [
+      { message: 'Error 1', apikey: 'secret' },
+      { message: 'Error 2', status: 500 },
+    ];
+
+    const sanitized = sanitizeError(errorArray);
+
+    expect(sanitized).toEqual([{ message: 'Error 1' }, { message: 'Error 2', status: 500 }]);
+  });
+
+  it('should be case insensitive for sensitive field detection', () => {
+    const errorWithMixedCase = {
+      message: 'Error',
+      Authorization: 'Bearer token',
+      'API-KEY': 'secret',
+      Headers: { token: 'secret' },
+    };
+
+    const sanitized = sanitizeError(errorWithMixedCase);
+
+    expect(sanitized).toEqual({
+      message: 'Error',
+    });
+  });
+
+  it('should preserve safe nested structures', () => {
+    const errorWithSafeNested = {
+      message: 'Error occurred',
+      status: 401,
+      details: {
+        code: 'UNAUTHORIZED',
+        timestamp: '2024-01-01T00:00:00Z',
+        path: '/api/chat',
+      },
+    };
+
+    const sanitized = sanitizeError(errorWithSafeNested);
+
+    expect(sanitized).toEqual(errorWithSafeNested);
+  });
+});

package/packages/model-runtime/src/utils/sanitizeError.ts

@@ -0,0 +1,59 @@
+/**
+ * Sanitizes error objects by removing sensitive information that could expose API keys or other credentials.
+ * This is particularly important for errors from Azure/OpenAI SDKs that may include request headers.
+ */
+export function sanitizeError(error: any): any {
+  if (!error || typeof error !== 'object') {
+    return error;
+  }
+
+  // Handle array of errors
+  if (Array.isArray(error)) {
+    return error.map(sanitizeError);
+  }
+
+  // Create a sanitized copy
+  const sanitized: any = {};
+
+  // List of sensitive fields that should be removed or masked
+  const sensitiveFields = [
+    'request',
+    'headers',
+    'authorization',
+    'apikey',
+    'api-key',
+    'ocp-apim-subscription-key',
+    'x-api-key',
+    'bearer',
+    'token',
+    'auth',
+    'credential',
+    'key',
+    'secret',
+    'password',
+    'config',
+    'options',
+  ];
+
+  // Copy safe fields and recursively sanitize nested objects
+  for (const key in error) {
+    if (error.hasOwnProperty(key)) {
+      const value = error[key];
+      const lowerKey = key.toLowerCase();
+      
+      // Skip sensitive fields entirely
+      if (sensitiveFields.indexOf(lowerKey) !== -1) {
+        continue;
+      }
+
+      // Recursively sanitize nested objects
+      if (value && typeof value === 'object') {
+        sanitized[key] = sanitizeError(value);
+      } else {
+        sanitized[key] = value;
+      }
+    }
+  }
+
+  return sanitized;
+}

package/packages/types/src/message/base.ts

@@ -61,6 +61,7 @@ export interface ModelTokensUsage {
   rejectedPredictionTokens?: number;
 
   // Total tokens
+  // TODO: make all following fields required
   totalInputTokens?: number;
   totalOutputTokens?: number;
   totalTokens?: number;

package/packages/utils/package.json

@@ -5,7 +5,8 @@
   "exports": {
     ".": "./src/index.ts",
     "./server": "./src/server/index.ts",
-    "./client": "./src/client/index.ts"
+    "./client": "./src/client/index.ts",
+    "./object": "./src/object.ts"
   },
   "scripts": {
     "test": "vitest",

package/src/app/[variants]/(main)/image/@menu/components/SizeSelect/index.tsx

@@ -1,6 +1,6 @@
 'use client';
 
-import { Block, Grid, GridProps, Text } from '@lobehub/ui';
+import { Block, Grid, GridProps, Select, Text } from '@lobehub/ui';
 import { useTheme } from 'antd-style';
 import { ReactNode, memo } from 'react';
 import { Center } from 'react-layout-kit';
@@ -13,6 +13,19 @@ export interface SizeSelectProps extends Omit<GridProps, 'children' | 'onChange'
   value?: 'auto' | string;
 }
 
+/**
+ * Check if a size value can be parsed as valid aspect ratio
+ */
+const canParseAsRatio = (value: string): boolean => {
+  if (value === 'auto') return true;
+
+  const parts = value.split('x');
+  if (parts.length !== 2) return false;
+
+  const [width, height] = parts.map(Number);
+  return !isNaN(width) && !isNaN(height) && width > 0 && height > 0;
+};
+
 const SizeSelect = memo<SizeSelectProps>(({ options, onChange, value, defaultValue, ...rest }) => {
   const theme = useTheme();
   const [active, setActive] = useMergeState('auto', {
@@ -20,6 +33,16 @@ const SizeSelect = memo<SizeSelectProps>(({ options, onChange, value, defaultVal
     onChange,
     value,
   });
+
+  // Check if all options can be parsed as valid ratios
+  const hasInvalidRatio = options?.some((item) => !canParseAsRatio(item.value));
+
+  // If any option cannot be parsed as ratio, fallback to regular Select
+  if (hasInvalidRatio) {
+    return (
+      <Select onChange={onChange} options={options} style={{ width: '100%' }} value={active} />
+    );
+  }
   return (
     <Block padding={4} variant={'filled'} {...rest}>
       <Grid gap={4} maxItemWidth={72} rows={16}>

package/src/server/modules/EdgeConfig/index.ts

@@ -3,22 +3,9 @@ import createDebug from 'debug';
 
 import { appEnv } from '@/envs/app';
 
-const debug = createDebug('lobe-server:edge-config');
+import { EdgeConfigData, EdgeConfigKeys } from './types';
 
-const EdgeConfigKeys = {
-  /**
-   * Assistant whitelist
-   */
-  AssistantBlacklist: 'assistant_blacklist',
-  /**
-   * Assistant whitelist
-   */
-  AssistantWhitelist: 'assistant_whitelist',
-  /**
-   * Feature flags configuration
-   */
-  FeatureFlags: 'feature_flags',
-};
+const debug = createDebug('lobe-server:edge-config');
 
 export class EdgeConfig {
   get client(): EdgeConfigClient {
@@ -38,29 +25,24 @@ export class EdgeConfig {
     return isEnabled;
   }
 
-  getAgentRestrictions = async () => {
-    const { assistant_blacklist: blacklist, assistant_whitelist: whitelist } =
-      await this.client.getAll([
-        EdgeConfigKeys.AssistantWhitelist,
-        EdgeConfigKeys.AssistantBlacklist,
-      ]);
+  private async getValue<K extends EdgeConfigKeys>(key: K) {
+    return this.client.get<EdgeConfigData[K]>(key);
+  }
 
-    return { blacklist, whitelist } as {
-      blacklist: string[] | undefined;
-      whitelist: string[] | undefined;
-    };
-  };
+  private async getValues<const K extends EdgeConfigKeys>(keys: K[]) {
+    return this.client.getAll<Pick<EdgeConfigData, K>>(keys);
+  }
 
-  getFlagByKey = async (key: string) => {
-    const value = await this.client.get(key);
-    return value;
+  getAgentRestrictions = async () => {
+    const { assistant_blacklist: blacklist, assistant_whitelist: whitelist } = await this.getValues(
+      ['assistant_blacklist', 'assistant_whitelist'],
+    );
+    return { blacklist, whitelist };
   };
 
   getFeatureFlags = async () => {
-    const featureFlags = await this.client.get(EdgeConfigKeys.FeatureFlags);
+    const featureFlags = await this.getValue('feature_flags');
     debug('Feature flags retrieved: %O', featureFlags);
-    return featureFlags as Record<string, boolean | string[]> | undefined;
+    return featureFlags;
   };
 }
-
-export { EdgeConfigKeys };

package/src/server/modules/EdgeConfig/types.ts

@@ -4,6 +4,19 @@
  * EdgeConfig 完整配置类型
  */
 export interface EdgeConfigData {
+  /**
+   * Assistant blacklist
+   */
   assistant_blacklist?: string[];
+  /**
+   * Assistant whitelist
+   */
   assistant_whitelist?: string[];
+
+  /**
+   * Feature flags configuration
+   */
+  feature_flags?: Record<string, boolean | string[]>;
 }
+
+export type EdgeConfigKeys = keyof EdgeConfigData;