- Increased maximum file upload limit from 10 to 50 to improve user experience.
- Implemented batch processing for document uploads to avoid proxy timeouts, splitting files into manageable chunks.
- Enhanced garbage collection in chat streaming functions to prevent memory leaks and improve performance.
- Added memory delta tracking in system snapshots for better monitoring of resource usage.
- Updated LLM router and service configurations to prevent unbounded internal accumulation and improve efficiency.
- Improved in-memory rate limiting by evicting timestamps outside the current window and cleaning up empty keys.
- Updated LLM router service to cache context profiles and avoid redundant computations.
- Introduced cache eviction logic for MCP tools and sandbox instances to manage memory usage effectively.
- Added garbage collection triggers in chat streaming functions to reclaim resources promptly.
- Introduced RequestPerfMiddleware to log request performance metrics, including slow request thresholds.
- Updated various services and retrievers to utilize the new performance logging utility for better tracking of execution times.
- Enhanced existing methods with detailed performance logs for operations such as embedding, searching, and indexing.
- Removed deprecated logging setup in stream_new_chat and replaced it with the new performance logger.
- Introduced slow callback logging in FastAPI to identify blocking calls.
- Added performance logging for agent creation and tool loading processes.
- Implemented caching for MCP tools to reduce redundant server calls.
- Enhanced sandbox management with in-process caching for improved efficiency.
- Refactored several functions for better readability and performance tracking.
- Updated tests to ensure proper functionality of new features and optimizations.
- Introduced a health check endpoint to monitor API responsiveness.
- Updated SlowAPI limiter to increase default rate limits and added in-memory fallback for Redis unavailability.
- Implemented a timeout for seeding Surfsense documentation to prevent startup delays.
- Added a new endpoint `/auth/google/authorize-redirect` to handle OAuth authorization via server-side redirect, addressing CSRF cookie issues in Firefox/Safari.
- Updated the `GoogleLoginButton` component to use the new redirect endpoint instead of the previous JSON-based authorization method.
- Enhanced CSRF cookie handling by explicitly setting the cookie domain and ensuring compatibility with cross-origin requests.
- Added support for SameSite attribute in CSRF cookies to handle cross-origin requests.
- Set SameSite to 'none' for secure contexts and 'lax' for local development.
- Updated CORS middleware to allow specific origins based on NEXT_FRONTEND_URL.
- Added support for localhost origins for local development.
- Ensured compatibility with both www and non-www variants of the frontend URL.
- Added BACKEND_URL to .env.example for optional OAuth callback configuration when behind a reverse proxy with HTTPS.
- Updated fastapi-users dependency to version 15.0.3 in pyproject.toml.
- Updated argon2-cffi and email-validator versions in uv.lock.
- Enhanced Google OAuth integration in app.py to handle secure contexts for CSRF cookies.
- Updated GoogleLoginButton component to include credentials in fetch requests.
- Updated documentation to reflect the new BACKEND_URL variable in both docker and manual installation guides.
- Integrated ProxyHeadersMiddleware to ensure FastAPI correctly handles HTTPS in redirects when deployed behind a proxy, such as Cloudflare.
- This addition enhances security and proper URL handling in the application.
- Introduced BACKEND_URL in the configuration to allow overriding the HTTP to HTTPS in the OAuth redirect URI.
- Updated the Google OAuth router to conditionally use the BACKEND_URL for the redirect URI when specified.
