fix: prevent relocation to root directories #6547
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![ellipsis-dev[bot]](https://avatars.githubusercontent.com/in/64358?s=60&v=4){kind=small}
There was a problem hiding this comment.
Caution
Changes requested ❌
Reviewed everything up to 53e00ca in 2 minutes and 17 seconds. Click for details.
- Reviewed
147lines of code in8files - Skipped
0files when reviewing. - Skipped posting
5draft comments. View those below. - Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.
1. web-app/src/utils/path.ts:12
- Draft comment:
Ensure that IS_WINDOWS is imported or defined; it's referenced here without declaration. - Reason this comment was not posted:
Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 10% vs. threshold = 50% This is a new file being added, and the code won't compile without IS_WINDOWS being defined. However, this kind of issue would be immediately caught by TypeScript compilation and the build process. According to the rules, we should not comment on issues that would be obviously caught by the build. The missing import could indicate a larger architectural issue about how environment detection is handled in the codebase. Maybe this deserves discussion? No, the rules are clear that we should not comment on issues that would be caught by the build, and a missing import/undefined variable is exactly that kind of issue. Delete this comment as it points out an issue that would be immediately caught by TypeScript compilation and the build process.
2. web-app/src/utils/path.ts:13
- Draft comment:
Verify that the regex /^[a-zA-Z]:\?$/ handles all Windows drive-root formats (with/without trailing slashes) as expected. - Reason this comment was not posted:
Comment did not seem useful. Confidence is useful =0%<= threshold50%The comment is asking the PR author to verify the behavior of a regex pattern, which falls under the rule of not asking the author to confirm or ensure behavior. It doesn't provide a specific suggestion or point out a clear issue with the code.
3. web-app/src/routes/settings/general.tsx:78
- Draft comment:
Using 'janDataFolder ?? "/"' defaults undefined to '/', which may trigger a false positive root check. Ensure janDataFolder is reliably set. - Reason this comment was not posted:
Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 10% vs. threshold = 50% The comment has a point - if janDataFolder is undefined, it will default to '/' which would trigger the root directory check. However, looking at the code more carefully, this appears to be intentional defensive programming. We want to prevent resetting if we can't determine the data folder location, so defaulting to '/' and blocking the reset in that case is actually good practice. The comment seems to misunderstand that this is an intentional safety check. The comment could be right that this creates false positives, but what if those "false positives" are actually desired behavior for safety? After considering the safety implications, defaulting to '/' when the folder is undefined appears to be intentional defensive programming to prevent dangerous operations when the data folder location is unknown. The comment should be deleted because it misunderstands that the null coalescing to '/' is intentional defensive programming, not a bug.
4. web-app/src/routes/settings/general.tsx:127
- Draft comment:
Consider handling the relocation delay more robustly instead of using a hardcoded 1000ms setTimeout. - Reason this comment was not posted:
Comment was not on a location in the diff, so it can't be submitted as a review comment.
5. web-app/src/locales/zh-TW/settings.json:207
- Draft comment:
Typographical issue: The term "資料檔案夾" is used, whereas the consistent term in the file is "資料夾". Please update to "資料夾". - Reason this comment was not posted:
Marked as duplicate.
Workflow ID: wflow_gBw84ntVa5ycRJBH
You can customize 
Barecheck - Code coverage reportTotal: 30.54%Your code coverage diff: -0.02% ▾ |
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
urmauur
approved these changes
Sep 22, 2025
dinhlongviolin1
added a commit
that referenced
this pull request
Sep 23, 2025
* fix: avoid error validate nested dom * fix: correct context shift flag handling in LlamaCPP extension (#6404) (#6431) * fix: correct context shift flag handling in LlamaCPP extension The previous implementation added the `--no-context-shift` flag when `cfg.ctx_shift` was disabled, which conflicted with the llama.cpp CLI where the presence of `--context-shift` enables the feature. The logic is updated to push `--context-shift` only when `cfg.ctx_shift` is true, ensuring the extension passes the correct argument and behaves as expected. * feat: detect model out of context during generation --------- Co-authored-by: Dinh Long Nguyen <[email protected]> * chore: add install-rust-targets step for macOS universal builds * fix: make install-rust-targets a dependency * enhancement: copy MCP permission * chore: make action mutton capitalize * Update web-app/src/locales/en/tool-approval.json Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com> * chore: simplify macos workflow * fix: KVCache size calculation and refactor (#6438) - Removed the unused `getKVCachePerToken` helper and replaced it with a unified `estimateKVCache` that returns both total size and per‑token size. - Fixed the KV cache size calculation to account for all layers, correcting previous under‑estimation. - Added proper clamping of user‑requested context lengths to the model’s maximum. - Refactored VRAM budgeting: introduced explicit reserves, fixed engine overhead, and separate multipliers for VRAM and system RAM based on memory mode. - Implemented a more robust planning flow with clear GPU, Hybrid, and CPU pathways, including fallback configurations when resources are insufficient. - Updated default context length handling and safety buffers to prevent OOM situations. - Adjusted usable memory percentage to 90 % and refined logging for easier debugging. * fix: detect allocation failures as out-of-memory errors (#6459) The Llama.cpp backend can emit the phrase “failed to allocate” when it runs out of memory. Adding this check ensures such messages are correctly classified as out‑of‑memory errors, providing more accurate error handling CPU backends. * fix: pathname file install BE * fix: set default memory mode and clean up unused import (#6463) Use fallback value 'high' for memory_util config and remove unused GgufMetadata import. * fix: auto update should not block popup * fix: remove log * fix: imporove edit message with attachment image * fix: imporove edit message with attachment image * fix: type imageurl * fix: immediate dropdown value update * fix: linter * fix/validate-mmproj-from-general-basename * fix/revalidate-model-gguf * fix: loader when importing * fix/mcp-json-validation * chore: update locale mcp json * fix: new extension settings aren't populated properly (#6476) * chore: embed webview2 bootstrapper in tauri windows * fix: validat type mcp json * chore: prevent click outside for edit dialog * feat: add qa checklist * chore: remove old checklist * chore: correct typo in checklist * fix: correct memory suitability checks in llamacpp extension (#6504) The previous implementation mixed model size and VRAM checks, leading to inaccurate status reporting (e.g., false RED results). - Simplified import statement for `readGgufMetadata`. - Fixed RAM/VRAM comparison by removing unnecessary parentheses. - Replaced ambiguous `modelSize > usableTotalMemory` check with a clear `totalRequired > usableTotalMemory` hard‑limit condition. - Refactored the status logic to explicitly handle the CPU‑GPU hybrid scenario, returning **YELLOW** when the total requirement fits combined memory but exceeds VRAM. - Updated comments for better readability and maintenance. * fix: thread rerender issue * chore: clean up console log * chore: uncomment irrelevant fix * fix: linter * chore: remove duplicated block * fix: tests * Merge pull request #6469 from menloresearch/fix/deeplink-not-work-on-windows fix: deeplink issue on Windows * fix: reduce unnessary rerender due to current thread retrieval * fix: reduce app layout rerender due to router state update * fix: avoid the entire app layout re render on route change * clean: unused import * Merge pull request #6514 from menloresearch/feat/web-gtag feat: Add GA Measurement and change keyboard bindings on web * chore: update build tauri commands * chore: remove unused task * fix: should not rerender thread message components when typing * fix re render issue * direct tokenspeed access * chore: sync latest * feat: Add Jan API server Swagger UI (#6502) * feat: Add Jan API server Swagger UI - Serve OpenAPI spec (`static/openapi.json`) directly from the proxy server. - Implement Swagger UI assets (`swagger-ui.css`, `swagger-ui-bundle.js`, `favicon.ico`) and a simple HTML wrapper under `/docs`. - Extend the proxy whitelist to include Swagger UI routes. - Add routing logic for `/openapi.json`, `/docs`, and Swagger UI static files. - Update whitelisted paths and integrate CORS handling for the new endpoints. * feat: serve Swagger UI at root path The Swagger UI endpoint previously lived under `/docs`. The route handling and exclusion list have been updated so the UI is now served directly at `/`. This simplifies access, aligns with the expected root URL in the Tauri frontend, and removes the now‑unused `/docs` path handling. * feat: add model loading state and translations for local API server Implemented a loading indicator for model startup, updated the start/stop button to reflect model loading and server starting states, and disabled interactions while pending. Added new translation keys (`loadingModel`, `startingServer`) across all supported locales (en, de, id, pl, vn, zh-CN, zh-TW) and integrated them into the UI. Included a small delay after model start to ensure backend state consistency. This improves user feedback and prevents race conditions during server initialization. * fix: tests * fix: linter * fix: build * docs: update changelog for v0.6.10 * fix(number-input): preserve '0.0x' format when typing (#6520) * docs: update url for gifs and videos * chore: update url for jan-v1 docs * fix: Typo in openapi JSON (#6528) * enhancement: toaster delete mcp server * Update 2025-09-18-auto-optimize-vision-imports.mdx * Merge pull request #6475 from menloresearch/feat/bump-tokenjs feat: fix remote provider vision capability * fix: prevent consecutive messages with same role (#6544) * fix: prevent consecutive messages with same role * fix: tests * fix: first message should not be assistant * fix: tests * feat: Prompt progress when streaming (#6503) * feat: Prompt progress when streaming - BE changes: - Add a `return_progress` flag to `chatCompletionRequest` and a corresponding `prompt_progress` payload in `chatCompletionChunk`. Introduce `chatCompletionPromptProgress` interface to capture cache, processed, time, and total token counts. - Update the Llamacpp extension to always request progress data when streaming, enabling UI components to display real‑time generation progress and leverage llama.cpp’s built‑in progress reporting. * Make return_progress optional * chore: update ui prompt progress before streaming content * chore: remove log * chore: remove progress when percentage >= 100 * chore: set timeout prompt progress * chore: move prompt progress outside streaming content * fix: tests --------- Co-authored-by: Faisal Amir <[email protected]> Co-authored-by: Louis <[email protected]> * chore: add ci for web stag (#6550) * feat: add getTokensCount method to compute token usage (#6467) * feat: add getTokensCount method to compute token usage Implemented a new async `getTokensCount` function in the LLaMA.cpp extension. The method validates the model session, checks process health, applies the request template, and tokenizes the resulting prompt to return the token count. Includes detailed error handling for crashed models and API failures, enabling callers to assess token usage before sending completions. * Fix: typos * chore: update ui token usage * chore: remove unused code * feat: add image token handling for multimodal LlamaCPP models Implemented support for counting image tokens when using vision-enabled models: - Extended `SessionInfo` with optional `mmprojPath` to store the multimodal project file. - Propagated `mmproj_path` from the Tauri plugin into the session info. - Added import of `chatCompletionRequestMessage` and enhanced token calculation logic in the LlamaCPP extension: - Detects image content in messages. - Reads GGUF metadata from `mmprojPath` to compute accurate image token counts. - Provides a fallback estimation if metadata reading fails. - Returns the sum of text and image tokens. - Introduced helper methods `calculateImageTokens` and `estimateImageTokensFallback`. - Minor clean‑ups such as comment capitalization and debug logging. * chore: update FE send params message include content type image_url * fix mmproj path from session info and num tokens calculation * fix: Correct image token estimation calculation in llamacpp extension This commit addresses an inaccurate token count for images in the llama.cpp extension. The previous logic incorrectly calculated the token count based on image patch size and dimensions. This has been replaced with a more precise method that uses the clip.vision.projection_dim value from the model metadata. Additionally, unnecessary debug logging was removed, and a new log was added to show the mmproj metadata for improved visibility. * fix per image calc * fix: crash due to force unwrap --------- Co-authored-by: Faisal Amir <[email protected]> Co-authored-by: Louis <[email protected]> * fix: custom fetch for all providers (#6538) * fix: custom fetch for all providers * fix: run in development should use built-in fetch * add full-width model names (#6350) * fix: prevent relocation to root directories (#6547) * fix: prevent relocation to root directories * Update web-app/src/locales/zh-TW/settings.json Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com> --------- Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com> * feat: web remote conversation (#6554) * feat: implement conversation endpoint * use conversation aware endpoint * fetch message correctly * preserve first message * fix logout * fix broadcast issue locally + auth not refreshing profile on other tabs+ clean up and sync messages * add is dev tag --------- Co-authored-by: Faisal Amir <[email protected]> Co-authored-by: Akarshan Biswas <[email protected]> Co-authored-by: Minh141120 <[email protected]> Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com> Co-authored-by: Nguyen Ngoc Minh <[email protected]> Co-authored-by: Louis <[email protected]> Co-authored-by: Bui Quang Huy <[email protected]> Co-authored-by: Roushan Singh <[email protected]> Co-authored-by: hiento09 <[email protected]> Co-authored-by: Alexey Haidamaka <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Describe Your Changes
Prevent relocation to root directories.
Disallows users from selecting root-level paths (e.g. C:, /, /mnt) as relocation targets to avoid permission issues, data loss risks, and unintended system-level operations.
This pull request adds safeguards to prevent users from relocating or resetting the data folder to a root directory, improving data safety and user experience. It introduces a utility function to detect root directories across platforms and updates UI messages in multiple languages to inform users of these restrictions.
Core functionality and validation:
isRootDirinweb-app/src/utils/path.tsto reliably detect root directories on Windows, Mac, and Linux systems.web-app/src/routes/settings/general.tsxto:isRootDirutility.Localization and user feedback:
Fixes Issues
Important
Prevents setting root directories as data folder locations, adding checks in
general.tsxandpath.ts, with localized error messages.general.tsxusingisRootDir().isRootDir()inpath.tsto check for root directories on Windows, Mac, and Linux.settings.jsonfor English, Indonesian, Polish, Vietnamese, Simplified Chinese, and Traditional Chinese.This description was created by
for 53e00ca. You can customize this summary. It will automatically update as commits are pushed.