The default path for `image_directory` was previously a relative path (`./data/images`), which could lead to issues depending on the working directory from which the application is run.
This change modifies the default value to be an absolute path derived from the plugin's file location (`Path(__file__).parent / "images"`). This ensures that the image directory path is always correct and robust, regardless of the execution context.
Eliminated support for manually and temporarily adding skip patterns in CommandSkipListManager and related command handling. The skip list now only manages system and plugin patterns, simplifying the skip pattern management logic and user interface.
Moved statistics update to only occur when the anti-injector system is enabled. Enhanced statistics reporting to handle disabled state and improved uptime calculation to use session start time. Updated status command to provide clearer feedback when the anti-injector system is disabled or when errors occur. Also fixed a docstring in prompt_builder.py for clarity.
Replaced manual string validation with Python's Literal type for 'client_type' in APIProvider and 'search_strategy' in WebSearchConfig. This simplifies validation and improves type safety by restricting allowed values at the type level.
Enabled strict type checking in ValidatedConfigBase to fully disable type coercion. Updated MessageReceiveConfig and MemoryConfig fields from set/tuple to list types for compatibility with strict validation.
Added detailed debug logs for text extraction and LLM detection input in the anti-injector module. Refactored message processing to only use user-added content for detection, avoiding duplicate text. Fixed import paths for command_skip_list in plugin manager and anti_injector_manager to reflect new module structure.
Split the anti-prompt-injector module into core, processors, management, and decision submodules for better maintainability and separation of concerns. Moved and refactored detection, shielding, statistics, user ban, message processing, and counter-attack logic into dedicated files. Updated imports and initialization in __init__.py and anti_injector.py to use the new structure. No functional changes to detection logic, but code organization is significantly improved.
Updated logic in heartFC_chat.py and relationship_manager.py to prioritize 'chat_info_platform', then 'user_platform', and finally a default when determining platform information. Added a fallback to 'unknown' in get_person_id if platform is None, improving robustness when platform data is missing.
Co-Authored-By: tt-P607 <68868379+tt-P607@users.noreply.github.com>
Added 'aiohttp_gemini' to allowed client types in APIProvider. Updated TaskConfig defaults: max_tokens to 800, temperature to 0.7, and concurrency_count to 1 for improved default behavior.
Introduces methods to dynamically determine talk frequency and expression learning settings based on current time and chat stream ID. Adds helper functions for parsing stream config strings, handling both global and stream-specific overrides for chat and expression configurations.
Refactored configuration classes to inherit from a new ValidatedConfigBase using Pydantic for robust validation and error reporting. Updated api_ada_configs.py, config.py, config_base.py, and official_configs.py to replace dataclasses with Pydantic models, add field validation, and improve error messages. This change enhances configuration reliability and developer feedback for misconfigurations. Also includes minor code cleanups and removal of unused variables in other modules.
Cleaned up various files by removing unused or redundant import statements to improve code readability and reduce potential confusion. No functional changes were made.
Replaces the L2 cache layer's SQLite implementation with an async SQLAlchemy-based database model (CacheEntries). Updates cache_manager.py to use db_query and db_save for cache operations, adds semantic cache handling with ChromaDB, and introduces async cache clearing and expiration cleaning methods. Adds the CacheEntries model and integrates it into the database API.
Extended the list of dangerous keywords in the _partially_shield_content method to cover more attack vectors, including system commands, privilege escalation, information leakage, and social engineering. This enhances the robustness of the message shielding mechanism against prompt injection and related attacks.
Enhanced the default_patterns list in PromptInjectionDetector with more comprehensive and specific regular expressions to improve detection of prompt injection attempts, including new patterns for admin commands, system prompts, privilege escalation, and sensitive information leakage. This update aims to strengthen the robustness of the anti-prompt-injection mechanism.
Introduced a ProcessResult enum to standardize anti-injector message processing outcomes. Updated anti_injector.py to return ProcessResult values instead of booleans, and refactored bot.py to handle these results with improved logging and clearer control flow. This change improves code clarity and maintainability for anti-prompt injection logic.
