Salastil/odysseus
1
0
Fork 0
mirror of https://github.com/pewdiepie-archdaemon/odysseus.git synced 2026-06-15 17:25:26 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
095c74b98520266a4d3511ff5283f822207ef3a0
odysseus/routes
T
History
Giuseppe Castelluccio 095c74b985 fix(security): fail closed in /api/models auth gate on unexpected errors (#3489) 
GET /api/models swallowed any non-HTTPException raised while checking
whether the caller is authenticated (bare except Exception: pass), so a
broken auth_manager or an exception from get_current_user silently
granted the full model list to an anonymous caller instead of rejecting
the request. Now any unexpected exception logs and returns HTTP 500.

Split out of #2360 per reviewer request to keep the deny-list and the
auth-gate fix as separate, single-purpose PRs.

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-08 20:23:39 +02:00
..
__init__.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
admin_wipe_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
api_token_routes.py
fix(api-tokens): preserve scopes on a partial token update (#3407)
2026-06-08 19:37:31 +02:00
assistant_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
auth_routes.py
fix: avoid double bcrypt on login by using create_session_trusted (#3236)
2026-06-07 15:10:53 +02:00
backup_routes.py
fix: restore backup import after skills migration (#2980)
2026-06-06 21:46:32 +01:00
calendar_routes.py
fix(notes): handle time-first due_date phrases in parse_due_for_user (#3319)
2026-06-07 19:15:38 +02:00
chat_helpers.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
chat_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
chatgpt_subscription_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
cleanup_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
codex_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
compare_routes.py
fix(endpoint): scope secondary endpoint lookups by owner
2026-06-08 11:51:55 +01:00
contacts_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
cookbook_helpers.py
fix(platform): Improve WSL SSH remote compatibility (#3316)
2026-06-08 00:33:50 +02:00
cookbook_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
copilot_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
device_flow.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
diagnostics_routes.py
Fix email-thread HTML injection, attachment path traversal, and missing authz (#475)
2026-06-01 22:20:17 +09:00
document_helpers.py
fix: _resolve_user_upload_path crashes on a non-dict resolve_upload result (#1715)
2026-06-03 13:34:33 +09:00
document_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
editor_draft_routes.py
Ignore invalid editor draft payloads (#1533)
2026-06-03 14:07:03 +09:00
email_helpers.py
docs(email): clarify Outlook password auth failures
2026-06-08 15:32:16 +01:00
email_pollers.py
fix: quote IMAP mailbox arguments (#2170)
2026-06-05 16:00:20 +02:00
email_routes.py
docs(email): clarify Outlook password auth failures
2026-06-08 15:32:16 +01:00
embedding_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
emoji_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
font_routes.py
Keep compact font family names together (#1263)
2026-06-03 14:24:30 +09:00
gallery_helpers.py
fix: gallery records raw instead of display dimensions for EXIF-rotated photos (#1667)
2026-06-03 14:23:04 +09:00
gallery_routes.py
fix(endpoint): scope secondary endpoint lookups by owner
2026-06-08 11:51:55 +01:00
history_routes.py
Scope model helper endpoint resolution (#3007)
2026-06-07 12:40:23 +02:00
hwfit_routes.py
Merge remote-tracking branch 'origin/main' into visual-pr-playground
2026-06-03 16:49:10 +09:00
mcp_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
memory_routes.py
Scope vision model resolution by owner (#3009)
2026-06-07 12:39:02 +02:00
model_routes.py
fix(security): fail closed in /api/models auth gate on unexpected errors (#3489)
2026-06-08 20:23:39 +02:00
note_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
personal_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
prefs_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
preset_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
research_routes.py
fix(endpoint): scope secondary endpoint lookups by owner
2026-06-08 11:51:55 +01:00
search_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
session_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
shell_routes.py
fix(cookbook): don't 500 the packages panel when an optional package crashes on import (#2618)
2026-06-07 18:14:43 +02:00
signature_routes.py
Constrain signature uploads to PNG data (#2844)
2026-06-05 13:17:43 +02:00
skills_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
stt_routes.py
fix(uploads): bound direct upload reads
2026-06-04 00:32:50 +01:00
task_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
tts_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
upload_routes.py
Scope vision model resolution by owner (#3009)
2026-06-07 12:39:02 +02:00
vault_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
webhook_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
workspace_routes.py
feat: Add workspace: confine agent tools to a folder (#1103)
2026-06-05 00:06:37 +02:00