chainlit 1.1.404__py3-none-any.whl → 1.2.0__py3-none-any.whl

chainlit/frontend/dist/index.html

@@ -21,7 +21,7 @@
     <script>
       const global = globalThis;
     </script>
-    <script type="module" crossorigin src="/assets/index-30df9b2b.js"></script>
+    <script type="module" crossorigin src="/assets/index-cf48bedd.js"></script>
     <link rel="stylesheet" href="/assets/index-aaf974a9.css">
   </head>
   <body>

chainlit/langchain/callbacks.py

@@ -587,12 +587,17 @@ class LangchainTracer(BaseTracer, GenerationHelper, FinalStreamHelper):
         outputs = run.outputs or {}
         output_keys = list(outputs.keys())
         output = outputs
+
         if output_keys:
             output = outputs.get(output_keys[0], outputs)
 
         if current_step:
             current_step.output = (
-                output[0] if isinstance(output, Sequence) and len(output) else output
+                output[0]
+                if isinstance(output, Sequence)
+                and not isinstance(output, str)
+                and len(output)
+                else output
             )
             current_step.end = utc_now()
             self._run_sync(current_step.update())

chainlit/llama_index/callbacks.py

@@ -8,6 +8,7 @@ from literalai.helper import utc_now
 from llama_index.core.callbacks import TokenCountingHandler
 from llama_index.core.callbacks.schema import CBEventType, EventPayload
 from llama_index.core.llms import ChatMessage, ChatResponse, CompletionResponse
+from llama_index.core.tools.types import ToolMetadata
 
 DEFAULT_IGNORE = [
     CBEventType.CHUNKING,
@@ -54,7 +55,16 @@ class LlamaIndexCallbackHandler(TokenCountingHandler):
     ) -> str:
         """Run when an event starts and return id of event."""
         step_type: StepType = "undefined"
-        if event_type == CBEventType.RETRIEVE:
+        step_name: str = event_type.value
+        step_input: Optional[Dict[str, Any]] = payload
+        if event_type == CBEventType.FUNCTION_CALL:
+            step_type = "tool"
+            if payload:
+                metadata: Optional[ToolMetadata] = payload.get(EventPayload.TOOL)
+                if metadata:
+                    step_name = getattr(metadata, "name", step_name)
+                step_input = payload.get(EventPayload.FUNCTION_CALL)
+        elif event_type == CBEventType.RETRIEVE:
             step_type = "tool"
         elif event_type == CBEventType.QUERY:
             step_type = "tool"
@@ -64,7 +74,7 @@ class LlamaIndexCallbackHandler(TokenCountingHandler):
             return event_id
 
         step = Step(
-            name=event_type.value,
+            name=step_name,
             type=step_type,
             parent_id=self._get_parent_id(parent_id),
             id=event_id,
@@ -72,7 +82,7 @@ class LlamaIndexCallbackHandler(TokenCountingHandler):
 
         self.steps[event_id] = step
         step.start = utc_now()
-        step.input = payload or {}
+        step.input = step_input or {}
         context_var.get().loop.create_task(step.send())
         return event_id
 
@@ -91,7 +101,13 @@ class LlamaIndexCallbackHandler(TokenCountingHandler):
 
         step.end = utc_now()
 
-        if event_type == CBEventType.QUERY:
+        if event_type == CBEventType.FUNCTION_CALL:
+            response = payload.get(EventPayload.FUNCTION_OUTPUT)
+            if response:
+                step.output = f"{response}"
+                context_var.get().loop.create_task(step.update())
+
+        elif event_type == CBEventType.QUERY:
             response = payload.get(EventPayload.RESPONSE)
             source_nodes = getattr(response, "source_nodes", None)
             if source_nodes:

chainlit/markdown.py

@@ -1,7 +1,11 @@
 import os
+from pathlib import Path
+from typing import Optional
 
 from chainlit.logger import logger
 
+from ._utils import is_path_inside
+
 # Default chainlit.md file created if none exists
 DEFAULT_MARKDOWN_STR = """# Welcome to Chainlit! 🚀🤖
 
@@ -30,12 +34,16 @@ def init_markdown(root: str):
             logger.info(f"Created default chainlit markdown file at {chainlit_md_file}")
 
 
-def get_markdown_str(root: str, language: str):
+def get_markdown_str(root: str, language: str) -> Optional[str]:
     """Get the chainlit.md file as a string."""
-    translated_chainlit_md_path = os.path.join(root, f"chainlit_{language}.md")
-    default_chainlit_md_path = os.path.join(root, "chainlit.md")
-
-    if os.path.exists(translated_chainlit_md_path):
+    root_path = Path(root)
+    translated_chainlit_md_path = root_path / f"chainlit_{language}.md"
+    default_chainlit_md_path = root_path / "chainlit.md"
+
+    if (
+        is_path_inside(translated_chainlit_md_path, root_path)
+        and translated_chainlit_md_path.is_file()
+    ):
         chainlit_md_path = translated_chainlit_md_path
     else:
         chainlit_md_path = default_chainlit_md_path
@@ -43,9 +51,7 @@ def get_markdown_str(root: str, language: str):
             f"Translated markdown file for {language} not found. Defaulting to chainlit.md."
         )
 
-    if os.path.exists(chainlit_md_path):
-        with open(chainlit_md_path, "r", encoding="utf-8") as f:
-            chainlit_md = f.read()
-            return chainlit_md
+    if chainlit_md_path.is_file():
+        return chainlit_md_path.read_text(encoding="utf-8")
     else:
         return None

chainlit/message.py

@@ -82,7 +82,6 @@ class MessageBase(ABC):
             "output": self.content,
             "name": self.author,
             "type": self.type,
-            "createdAt": self.created_at,
             "language": self.language,
             "streaming": self.streaming,
             "isError": self.is_error,

chainlit/server.py

@@ -1,22 +1,15 @@
+import asyncio
 import glob
 import json
 import mimetypes
+import os
 import re
 import shutil
 import urllib.parse
-from typing import Any, Optional, Union
-
-from chainlit.oauth_providers import get_oauth_provider
-from chainlit.secret import random_secret
-
-mimetypes.add_type("application/javascript", ".js")
-mimetypes.add_type("text/css", ".css")
-
-import asyncio
-import os
 import webbrowser
 from contextlib import asynccontextmanager
 from pathlib import Path
+from typing import Any, Optional, Union
 
 import socketio
 from chainlit.auth import create_jwt, get_configuration, get_current_user
@@ -34,6 +27,8 @@ from chainlit.data import get_data_layer
 from chainlit.data.acl import is_thread_author
 from chainlit.logger import logger
 from chainlit.markdown import get_markdown_str
+from chainlit.oauth_providers import get_oauth_provider
+from chainlit.secret import random_secret
 from chainlit.types import (
     DeleteFeedbackRequest,
     DeleteThreadRequest,
@@ -62,12 +57,20 @@ from starlette.middleware.cors import CORSMiddleware
 from typing_extensions import Annotated
 from watchfiles import awatch
 
+from ._utils import is_path_inside
+
+mimetypes.add_type("application/javascript", ".js")
+mimetypes.add_type("text/css", ".css")
+
 ROOT_PATH = os.environ.get("CHAINLIT_ROOT_PATH", "")
 IS_SUBMOUNT = os.environ.get("CHAINLIT_SUBMOUNT", "") == "true"
+# If the app is a submount, no need to set the prefix
+PREFIX = ROOT_PATH if ROOT_PATH and not IS_SUBMOUNT else ""
 
 
 @asynccontextmanager
 async def lifespan(app: FastAPI):
+    """Context manager to handle app start and shutdown."""
     host = config.run.host
     port = config.run.port
 
@@ -150,7 +153,18 @@ async def lifespan(app: FastAPI):
         os._exit(0)
 
 
-def get_build_dir(local_target: str, packaged_target: str):
+def get_build_dir(local_target: str, packaged_target: str) -> str:
+    """
+    Get the build directory based on the UI build strategy.
+
+    Args:
+        local_target (str): The local target directory.
+        packaged_target (str): The packaged target directory.
+
+    Returns:
+        str: The build directory
+    """
+
     local_build_dir = os.path.join(PACKAGE_ROOT, local_target, "dist")
     packaged_build_dir = os.path.join(BACKEND_ROOT, packaged_target, "dist")
 
@@ -171,18 +185,14 @@ copilot_build_dir = get_build_dir(os.path.join("libs", "copilot"), "copilot")
 
 app = FastAPI(lifespan=lifespan)
 
-sio = socketio.AsyncServer(
-    cors_allowed_origins=[], async_mode="asgi"
-)
-
-sio_mount_location = f"{ROOT_PATH}/ws" if ROOT_PATH else "ws"
+sio = socketio.AsyncServer(cors_allowed_origins=[], async_mode="asgi")
 
 asgi_app = socketio.ASGIApp(
     socketio_server=sio,
-    socketio_path=f"{sio_mount_location}/socket.io",
+    socketio_path="",
 )
 
-app.mount(f"/{sio_mount_location}", asgi_app)
+app.mount(f"{PREFIX}/ws/socket.io", asgi_app)
 
 app.add_middleware(
     CORSMiddleware,
@@ -192,16 +202,16 @@ app.add_middleware(
     allow_headers=["*"],
 )
 
-router = APIRouter(prefix=ROOT_PATH)
+router = APIRouter(prefix=PREFIX)
 
 app.mount(
-    f"{ROOT_PATH}/public",
+    f"{PREFIX}/public",
     StaticFiles(directory="public", check_dir=False),
     name="public",
 )
 
 app.mount(
-    f"{ROOT_PATH}/assets",
+    f"{PREFIX}/assets",
     StaticFiles(
         packages=[("chainlit", os.path.join(build_dir, "assets"))],
         follow_symlink=config.project.follow_symlink,
@@ -210,7 +220,7 @@ app.mount(
 )
 
 app.mount(
-    f"{ROOT_PATH}/copilot",
+    f"{PREFIX}/copilot",
     StaticFiles(
         packages=[("chainlit", copilot_build_dir)],
         follow_symlink=config.project.follow_symlink,
@@ -253,12 +263,19 @@ if os.environ.get("TEAMS_APP_ID") and os.environ.get("TEAMS_APP_PASSWORD"):
 # -------------------------------------------------------------------------------
 
 
-def replace_between_tags(text: str, start_tag: str, end_tag: str, replacement: str):
+def replace_between_tags(
+    text: str, start_tag: str, end_tag: str, replacement: str
+) -> str:
+    """Replace text between two tags in a string."""
+
     pattern = start_tag + ".*?" + end_tag
     return re.sub(pattern, start_tag + replacement + end_tag, text, flags=re.DOTALL)
 
 
 def get_html_template():
+    """
+    Get HTML template for the index view.
+    """
     PLACEHOLDER = "<!-- TAG INJECTION PLACEHOLDER -->"
     JS_PLACEHOLDER = "<!-- JS INJECTION PLACEHOLDER -->"
     CSS_PLACEHOLDER = "<!-- CSS INJECTION PLACEHOLDER -->"
@@ -345,6 +362,9 @@ async def auth(request: Request):
 
 @router.post("/login")
 async def login(form_data: OAuth2PasswordRequestForm = Depends()):
+    """
+    Login a user using the password auth callback.
+    """
     if not config.code.password_auth_callback:
         raise HTTPException(
             status_code=status.HTTP_400_BAD_REQUEST, detail="No auth_callback defined"
@@ -374,6 +394,7 @@ async def login(form_data: OAuth2PasswordRequestForm = Depends()):
 
 @router.post("/logout")
 async def logout(request: Request, response: Response):
+    """Logout the user by calling the on_logout callback."""
     if config.code.on_logout:
         return await config.code.on_logout(request, response)
     return {"success": True}
@@ -381,6 +402,7 @@ async def logout(request: Request, response: Response):
 
 @router.post("/auth/header")
 async def header_auth(request: Request):
+    """Login a user using the header_auth_callback."""
     if not config.code.header_auth_callback:
         raise HTTPException(
             status_code=status.HTTP_400_BAD_REQUEST,
@@ -410,6 +432,7 @@ async def header_auth(request: Request):
 
 @router.get("/auth/oauth/{provider_id}")
 async def oauth_login(provider_id: str, request: Request):
+    """Redirect the user to the oauth provider login page."""
     if config.code.oauth_callback is None:
         raise HTTPException(
             status_code=status.HTTP_400_BAD_REQUEST,
@@ -436,7 +459,7 @@ async def oauth_login(provider_id: str, request: Request):
     response = RedirectResponse(
         url=f"{provider.authorize_url}?{params}",
     )
-    samesite = os.environ.get("CHAINLIT_COOKIE_SAMESITE", "lax")  # type: Any
+    samesite: Any = os.environ.get("CHAINLIT_COOKIE_SAMESITE", "lax")
     secure = samesite.lower() == "none"
     response.set_cookie(
         "oauth_state",
@@ -457,6 +480,8 @@ async def oauth_callback(
     code: Optional[str] = None,
     state: Optional[str] = None,
 ):
+    """Handle the oauth callback and login the user."""
+
     if config.code.oauth_callback is None:
         raise HTTPException(
             status_code=status.HTTP_400_BAD_REQUEST,
@@ -544,6 +569,8 @@ async def oauth_azure_hf_callback(
     code: Annotated[Optional[str], Form()] = None,
     id_token: Annotated[Optional[str], Form()] = None,
 ):
+    """Handle the azure ad hybrid flow callback and login the user."""
+
     provider_id = "azure-ad-hybrid"
     if config.code.oauth_callback is None:
         raise HTTPException(
@@ -617,9 +644,16 @@ async def oauth_azure_hf_callback(
     return response
 
 
+_language_pattern = (
+    "^[a-zA-Z]{2,3}(-[a-zA-Z]{2,3})?(-[a-zA-Z]{2,8})?(-x-[a-zA-Z0-9]{1,8})?$"
+)
+
+
 @router.get("/project/translations")
 async def project_translations(
-    language: str = Query(default="en-US", description="Language code"),
+    language: str = Query(
+        default="en-US", description="Language code", pattern=_language_pattern
+    ),
 ):
     """Return project translations."""
 
@@ -636,11 +670,14 @@ async def project_translations(
 @router.get("/project/settings")
 async def project_settings(
     current_user: Annotated[Union[User, PersistedUser], Depends(get_current_user)],
-    language: str = Query(default="en-US", description="Language code"),
+    language: str = Query(
+        default="en-US", description="Language code", pattern=_language_pattern
+    ),
 ):
     """Return project settings. This is called by the UI before the establishing the websocket connection."""
 
     # Load the markdown file based on the provided language
+
     markdown = get_markdown_str(config.root, language)
 
     profiles = []
@@ -808,6 +845,8 @@ async def upload_file(
         Union[None, User, PersistedUser], Depends(get_current_user)
     ],
 ):
+    """Upload a file to the session files directory."""
+
     from chainlit.session import WebsocketSession
 
     session = WebsocketSession.get_by_id(session_id)
@@ -841,6 +880,8 @@ async def get_file(
     file_id: str,
     session_id: Optional[str] = None,
 ):
+    """Get a file from the session files directory."""
+
     from chainlit.session import WebsocketSession
 
     session = WebsocketSession.get_by_id(session_id) if session_id else None
@@ -863,11 +904,12 @@ async def serve_file(
     filename: str,
     current_user: Annotated[Union[User, PersistedUser], Depends(get_current_user)],
 ):
+    """Serve a file from the local filesystem."""
+
     base_path = Path(config.project.local_fs_path).resolve()
     file_path = (base_path / filename).resolve()
 
-    # Check if the base path is a parent of the file path
-    if base_path not in file_path.parents:
+    if not is_path_inside(file_path, base_path):
         raise HTTPException(status_code=400, detail="Invalid filename")
 
     if file_path.is_file():
@@ -878,6 +920,7 @@ async def serve_file(
 
 @router.get("/favicon")
 async def get_favicon():
+    """Get the favicon for the UI."""
     custom_favicon_path = os.path.join(APP_ROOT, "public", "favicon.*")
     files = glob.glob(custom_favicon_path)
 
@@ -893,6 +936,7 @@ async def get_favicon():
 
 @router.get("/logo")
 async def get_logo(theme: Optional[Theme] = Query(Theme.light)):
+    """Get the default logo for the UI."""
     theme_value = theme.value if theme else Theme.light.value
     logo_path = None
 
@@ -908,32 +952,42 @@ async def get_logo(theme: Optional[Theme] = Query(Theme.light)):
 
     if not logo_path:
         raise HTTPException(status_code=404, detail="Missing default logo")
+
     media_type, _ = mimetypes.guess_type(logo_path)
 
     return FileResponse(logo_path, media_type=media_type)
 
 
-@router.get("/avatars/{avatar_id}")
+@router.get("/avatars/{avatar_id:str}")
 async def get_avatar(avatar_id: str):
+    """Get the avatar for the user based on the avatar_id."""
+    if not re.match(r"^[a-zA-Z0-9_-]+$", avatar_id):
+        raise HTTPException(status_code=400, detail="Invalid avatar_id")
+
     if avatar_id == "default":
         avatar_id = config.ui.name
 
     avatar_id = avatar_id.strip().lower().replace(" ", "_")
 
-    avatar_path = os.path.join(APP_ROOT, "public", "avatars", f"{avatar_id}.*")
+    base_path = Path(APP_ROOT) / "public" / "avatars"
+    avatar_pattern = f"{avatar_id}.*"
 
-    files = glob.glob(avatar_path)
+    matching_files = base_path.glob(avatar_pattern)
+
+    if avatar_path := next(matching_files, None):
+        if not is_path_inside(avatar_path, base_path):
+            raise HTTPException(status_code=400, detail="Invalid filename")
+
+        media_type, _ = mimetypes.guess_type(str(avatar_path))
 
-    if files:
-        avatar_path = files[0]
-        media_type, _ = mimetypes.guess_type(avatar_path)
         return FileResponse(avatar_path, media_type=media_type)
-    else:
-        return await get_favicon()
+
+    return await get_favicon()
 
 
 @router.head("/")
 def status_check():
+    """Check if the site is operational."""
     return {"message": "Site is operational"}
 
 

chainlit/session.py

@@ -193,6 +193,9 @@ class HTTPSession(BaseSession):
             shutil.rmtree(self.files_dir)
 
 
+ThreadQueue = Deque[tuple[Callable, object, tuple, Dict]]
+
+
 class WebsocketSession(BaseSession):
     """Internal web socket session object.
 
@@ -250,7 +253,7 @@ class WebsocketSession(BaseSession):
 
         self.restored = False
 
-        self.thread_queues = {}  # type: Dict[str, Deque[Callable]]
+        self.thread_queues: Dict[str, ThreadQueue] = {}
 
         ws_sessions_id[self.id] = self
         ws_sessions_sid[socket_id] = self