feat: BYOM

[dartpain]

• What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)

• Why was this change needed? (You can also link to an open issue here)

• Other information:

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
nextra-docsgpt	Building	Preview, Comment	Apr 27, 2026 8:51pm
oss-docsgpt	Ready	Preview, Comment	Apr 27, 2026 8:51pm

[Copilot]

Pull request overview

Adds end-user BYOM (“Bring Your Own Model”) support by introducing per-user custom model records (DB + API + UI), threading model owner scope (model_user_id) through the LLM stack, and enforcing security constraints (SSRF hardening + capability gating) when dispatching to user-supplied OpenAI-compatible endpoints.

Changes:

• Add per-user custom model persistence (Postgres + repository + alembic) and a REST API for CRUD + connection testing.
• Extend model resolution to include a per-user registry layer, propagate model_user_id across dispatch/fallback/compression/workflows, and translate BYOM UUID → upstream model name at call time.
• Add frontend settings UI for managing custom models, including PATCH support, grouping in model selectors, and i18n strings.

Reviewed changes

Copilot reviewed 68 out of 68 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
tests/worker/test_agent_workers.py	Update monkeypatch signatures for new kwargs.
tests/test_retriever.py	Assert ClassicRAG forwards model scope to LLMCreator.
tests/test_asgi.py	Add CORS preflight test for PATCH.
tests/test_app_routes.py	Update expected CORS allow-methods to include PATCH.
tests/storage/db/repositories/test_user_custom_models.py	Integration tests for BYOM repository CRUD + crypto.
tests/llm/test_openai.py	Tests for capability enforcement at dispatch.
tests/llm/test_fallback.py	Tests for fallback scoping via model_user_id.
tests/llm/test_base.py	Update provider lookup monkeypatch signatures.
tests/llm/handlers/test_llm_handlers.py	Ensure compression uses owner scope for BYOM.
tests/core/test_registry_user_layer.py	Tests for per-user registry layer + invalidation.
tests/conftest.py	Align mock LLM fields with BYOM upstream model semantics.
tests/api/user/test_user_custom_models_routes.py	Route tests for BYOM CRUD + SSRF + key handling.
tests/api/answer/services/compression/test_orchestrator.py	Ensure compression threads user/model scope.
tests/agents/test_workflow_engine.py	Update capability/provider monkeypatch signatures.
frontend/src/settings/index.tsx	Add settings route/tab for Custom Models.
frontend/src/settings/CustomModels.tsx	Custom models list UI + edit/delete flows.
frontend/src/preferences/preferenceSlice.ts	Reconcile selectedModel when availableModels changes.
frontend/src/models/types.ts	Add BYOM types + source labeling.
frontend/src/modals/CustomModelModal.tsx	Create/edit modal + connection test UI.
frontend/src/locale/zh.json	Add Custom Models translations.
frontend/src/locale/zh-TW.json	Add Custom Models translations.
frontend/src/locale/ru.json	Add Custom Models translations.
frontend/src/locale/jp.json	Add Custom Models translations.
frontend/src/locale/es.json	Add Custom Models translations.
frontend/src/locale/en.json	Add Custom Models translations.
frontend/src/locale/de.json	Add Custom Models translations.
frontend/src/components/SettingsBar.tsx	Add Custom Models tab label.
frontend/src/components/MultiSelectPopup.tsx	Add grouped option rendering support.
frontend/src/components/DropdownModel.tsx	Refetch models on token change to show BYOM.
frontend/src/api/services/modelService.ts	Preserve model source from API.
frontend/src/api/services/customModelsService.ts	Add BYOM API client methods.
frontend/src/api/endpoints.ts	Add BYOM endpoints.
frontend/src/api/client.ts	Add PATCH helper.
frontend/src/agents/workflow/WorkflowBuilder.tsx	Fetch models with token + group in selector.
frontend/src/agents/NewAgent.tsx	Fetch models with token + grouped model selector.
application/worker.py	Resolve models/provider/doc budget under owner scope.
application/utils.py	Thread user_id into token limit/budget helpers.
application/storage/db/repositories/user_custom_models.py	Repository CRUD + encryption wrappers.
application/storage/db/models.py	Add user_custom_models table metadata.
application/security/safe_url.py	SSRF validation + pinned requests/httpx clients.
application/retriever/classic_rag.py	Forward model_id/model_user_id and use upstream model at gen.
application/llm/openai.py	Accept http_client + enforce capabilities for tools/structured/attachments.
application/llm/llm_creator.py	Resolve BYOM UUID → upstream id, pin httpx client, enforce key presence.
application/llm/handlers/base.py	Use owner scope for compression + use upstream model id for gen.
application/llm/base.py	Propagate model_user_id into fallback resolution and creation.
application/core/model_yaml.py	Add lenient attachment alias expansion helper.
application/core/model_utils.py	Add user_id to registry lookups and helpers.
application/core/model_settings.py	Add source + upstream_model_id to AvailableModel serialization.
application/core/model_registry.py	Implement per-user BYOM registry layer + cache invalidation.
application/asgi.py	Allow PATCH in CORS middleware.
application/app.py	Allow PATCH in dev Flask CORS headers.
application/api/v1/routes.py	Thread model_user_id into answer processing.
application/api/user/workflows/routes.py	Validate workflow capabilities using user_id scope.
application/api/user/models/routes.py	Add BYOM CRUD + connection test endpoints; merge user models into /api/models.
application/api/answer/services/stream_processor.py	Track model_user_id across dispatch/resume; scope registry lookups.
application/api/answer/services/conversation_service.py	Use upstream model id for title generation calls.
application/api/answer/services/compression/threshold_checker.py	Thread user_id into token limit lookups.
application/api/answer/services/compression/service.py	Use upstream model id for compression calls.
application/api/answer/services/compression/orchestrator.py	Thread model_user_id through compression path.
application/api/answer/routes/stream.py	Thread model_user_id into streaming path.
application/api/answer/routes/base.py	Persist/forward model_user_id; scope provider resolution.
application/alembic/versions/0003_user_custom_models.py	Create BYOM table + triggers/indexes.
application/agents/workflows/workflow_engine.py	Scope model/provider/capability resolution to owner.
application/agents/tools/internal_search.py	Propagate model_user_id into retriever config.
application/agents/research_agent.py	Use upstream model id for provider API calls.
application/agents/base.py	Store model_user_id and upstream_model_id; scope token limit checks.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[codecov]

Codecov Report

❌ Patch coverage is 88.11410% with 75 lines in your changes missing coverage. Please review.
✅ Project coverage is 91.39%. Comparing base (87fd1bd) to head (e0a8cc1).
⚠️ Report is 7 commits behind head on main.

Files with missing lines	Patch %	Lines
application/api/user/models/routes.py	77.54%	53 Missing ⚠️
application/security/safe_url.py	93.96%	7 Missing ⚠️
application/core/model_yaml.py	78.94%	4 Missing ⚠️
...tion/storage/db/repositories/user_custom_models.py	95.45%	3 Missing ⚠️
...pplication/api/answer/services/stream_processor.py	84.61%	2 Missing ⚠️
application/llm/llm_creator.py	90.90%	2 Missing ⚠️
application/llm/openai.py	88.88%	2 Missing ⚠️
...on/api/answer/services/compression/orchestrator.py	88.88%	1 Missing ⚠️
application/core/model_registry.py	98.75%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2433      +/-   ##
==========================================
+ Coverage   91.21%   91.39%   +0.17%     
==========================================
  Files         228      247      +19     
  Lines       19529    20470     +941     
==========================================
+ Hits        17814    18709     +895     
- Misses       1715     1761      +46     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.