Skip to content

Update to version v4.0.0#219

Merged
tabdunabi merged 1 commit intodevelopfrom
feature/v4.0.0
Nov 21, 2025
Merged

Update to version v4.0.0#219
tabdunabi merged 1 commit intodevelopfrom
feature/v4.0.0

Conversation

@ihmaws
Copy link
Member

@ihmaws ihmaws commented Nov 21, 2025

[4.0.0] - 2025-11-20

Added

  • Multi-Agent workflow orchestration to address complex tasks with multiple coordinated agents.
  • Agent Builder use case for configuring, deploying, and managing AI Agents from the Management Dashboard.
  • MCP Server deployment using images, Lambda functions, OpenAPI specs, or Smitty files.
  • Multimodal input capabilities for Agent Builder and workflow use cases.
  • AWS Lambda provisioned concurrency support for text and bedrock agent use cases to improve performance and reduce cold starts.

Security

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 21, 2025
View reviewed changes
source/infrastructure/lib/utils/constants.ts
];
// Pattern that allows safe file names while preventing path traversal attacks
// Must end with a supported file extension and cannot contain path separators (/ or \)
export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\.(${SUPPORTED_MULTIMODAL_FILE_EXTENSIONS.join('|')})$`;

Check failure

Code scanning / CodeQL

Useless regular-expression character escape High

The escape sequence '.' is equivalent to just '.', so the sequence may still represent a meta-character when it is used in a
regular expression
Loading
.

Copilot Autofix

AI 3 months ago

To address this issue, we need to ensure that the pattern string being used to build the RegExp has the correct escaped backslash. In a JS string, to represent the regex \. (a literal dot), you must write \\. so the string passed to the RegExp engine is \.. Therefore, in the file source/infrastructure/lib/utils/constants.ts on line 410, we should change *\.( to *\\.(. Only this line needs to be changed. No new imports or methods are needed, just fix the escape in the pattern string.

Suggested changeset 1
source/infrastructure/lib/utils/constants.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/source/infrastructure/lib/utils/constants.ts b/source/infrastructure/lib/utils/constants.ts
--- a/source/infrastructure/lib/utils/constants.ts
+++ b/source/infrastructure/lib/utils/constants.ts
@@ -407,5 +407,5 @@
 ];
 // Pattern that allows safe file names while preventing path traversal attacks
 // Must end with a supported file extension and cannot contain path separators (/ or \)
-export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\.(${SUPPORTED_MULTIMODAL_FILE_EXTENSIONS.join('|')})$`;
+export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\\.(${SUPPORTED_MULTIMODAL_FILE_EXTENSIONS.join('|')})$`;
 export const MULTIMODAL_FILE_EXPIRATION_DAYS = 2;
EOF
@@ -407,5 +407,5 @@
];
// Pattern that allows safe file names while preventing path traversal attacks
// Must end with a supported file extension and cannot contain path separators (/ or \)
export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\.(${SUPPORTED_MULTIMODAL_FILE_EXTENSIONS.join('|')})$`;
export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\\.(${SUPPORTED_MULTIMODAL_FILE_EXTENSIONS.join('|')})$`;
export const MULTIMODAL_FILE_EXPIRATION_DAYS = 2;
Copilot is powered by AI and may make mistakes. Always verify output.
source/ui-chat/src/utils/constants.ts
...MULTIMODAL_SUPPORTED_DOCUMENT_FORMATS
];

export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\.(${MULTIMODAL_SUPPORTED_FILE_FORMATS.join('|')})$`;

Check failure

Code scanning / CodeQL

Useless regular-expression character escape High

The escape sequence '.' is equivalent to just '.', so the sequence may still represent a meta-character when it is used in a
regular expression
Loading
.

Copilot Autofix

AI 3 months ago

To fix this problem, change the pattern in line 78 from \. to \\. so that the RegExp parser receives the correct escape. This should only affect the string in the definition of MULTIMODAL_FILENAME_PATTERN, in source/ui-chat/src/utils/constants.ts. No extra imports or support are needed; it's a simple string literal change.

Suggested changeset 1
source/ui-chat/src/utils/constants.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/source/ui-chat/src/utils/constants.ts b/source/ui-chat/src/utils/constants.ts
--- a/source/ui-chat/src/utils/constants.ts
+++ b/source/ui-chat/src/utils/constants.ts
@@ -75,7 +75,7 @@
     ...MULTIMODAL_SUPPORTED_DOCUMENT_FORMATS
 ];
 
-export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\.(${MULTIMODAL_SUPPORTED_FILE_FORMATS.join('|')})$`;
+export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\\.${MULTIMODAL_SUPPORTED_FILE_FORMATS.join('|')}$`;
 
 //model provider
 export const MODEL_PROVIDER = {
EOF
@@ -75,7 +75,7 @@
...MULTIMODAL_SUPPORTED_DOCUMENT_FORMATS
];

export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\.(${MULTIMODAL_SUPPORTED_FILE_FORMATS.join('|')})$`;
export const MULTIMODAL_FILENAME_PATTERN = `^[a-zA-Z0-9](?:[a-zA-Z0-9_-]|[\x20](?=[a-zA-Z0-9_-]))*\\.${MULTIMODAL_SUPPORTED_FILE_FORMATS.join('|')}$`;

//model provider
export const MODEL_PROVIDER = {
Copilot is powered by AI and may make mistakes. Always verify output.
tabdunabi
tabdunabi approved these changes Nov 21, 2025
View reviewed changes
Copy link
Member

@tabdunabi tabdunabi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tabdunabi tabdunabi merged commit 0af6f3c into develop Nov 21, 2025
4 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tabdunabi tabdunabi tabdunabi approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ihmaws @tabdunabi