github FlowiseAI/Flowise flowise@3.1.0
on GitHub

9 hours ago

⚠️ Breaking Changes

HTTP security checks enabled by default

Flowise now enables HTTP security validation by default to prevent requests to unsafe or internal domains.

A built-in deny list blocks potentially dangerous domains (for example localhost, 127.0.0.1, and other internal addresses) to mitigate SSRF and similar attacks.

Two new environment variables control this behavior: 

# Enable/disable built-in security checks (default: true)
HTTP_SECURITY_CHECK=true

# Additional domains to block
HTTP_DENY_LIST=localhost,127.0.0.1,internal.company.com

  • HTTP_SECURITY_CHECK
    Enables the built-in domain security checks. It is enabled by default and can be disabled by setting it to false.

  • HTTP_DENY_LIST
    Allows you to specify an additional custom list of domains to block. This list is empty by default.

⚠️ If your Flowise deployment previously accessed internal services or localhost endpoints, you may need to:

  • disable the check (HTTP_SECURITY_CHECK=false), or
  • adjust your configuration accordingly.

What's Changed

🚀 Core

  • Reasoning support, LangChain v1 migration, and AI SDK/model upgrades (#5893)
  • Add Azure Blob Storage support and storage refactor (#5604)
  • Add AWS STS AssumeRole support for AWS credentials (#5731)
  • Add Bearer Token Authentication and SSL certificate support for JIRA (#5674)
  • Add Google Docs option to include tab content in get actions (#5883)
  • Add nvmrc and Node engine support (#5770)
  • Update environment and initialization logic (#5683)

🤖 AgentFlow

New Features

  • Initial implementation of @flowiseai/agentflow SDK (#5733)
  • Add ConditionBuilder with dynamic output ports (#5957)
  • Add MessagesInput, StructuredOutputBuilder, ExpandTextDialog (#5965)
  • Add async data fetching infrastructure (#5937)
  • Add async input handlers (#5956)
  • Add array input component (#5887)
  • Add field visibility engine with conditional show/hide (#5890)
  • Add requestInterceptor prop for API customization (#5936)

UI / Editor Improvements

  • Improve node palette drawer and typography (#5806)
  • Improve canvas node drag & drop behavior (#5774)
  • Add node editing functionality (#5786)
  • Improve flow date change & save handling (#5833)

Refactors

  • Rename package to @flowiseai/agentflow (#5825)
  • Simplify ReactFlow and context state synchronization (#5827)
  • Strip server-only metadata from node data (#5966)
  • Improve validation feedback system (#5915)
  • Use design tokens for validation colors (#5934)

Testing / Tooling

  • Add test infrastructure and unit tests (#5749)
  • Improve test coverage and ESLint configuration (#5866)
  • Remove console warnings in tests (#5878)
  • Bump agentflow version to 0.0.0-dev.2 / dev.3 (#5920, #5952)

Bug Fixes

  • Fix duplicate node and drag behavior (#5850)
  • Fix duplicate node handling and tests (#5840)
  • Fix async multi-rendering issues (#5964)
  • Fix ConditionAgent silent failure (#5760)
  • Fix streaming field default in chat model configs (#5856)
  • Fix AgentFlow variable interpolation issue (#5818)
  • Fix package.json sideEffects configuration (#5899)

🔌 Nodes

  • Fix missing regex handler in Condition node (#5651)
  • Improve form value resolution in executeNode (#5762)
  • Extract loadNodesFromDir() from NodesPool for reuse (#5904)

🔒 Security

Major security hardening across the platform:

  • Create default HTTP deny list (#5702)
  • Always include default deny list values (#5708)
  • Allow deny list configuration via environment variable (#5862)
  • Enforce HTTPS for user-provided URLs (#5728)
  • Remove ability to use unprotected HTTP modules (#5727)
  • Implement proprietary path guardrails (#5703)
  • Validate filepaths and path traversal protections (#5729, #5842)
  • Sanitize code executed in Pyodide (#5701, #5836)
  • Prevent LLM-generated code from adding imports (#5879)
  • Sanitize DOM image URLs (#5779)
  • Remove user-supplied values from responses (#5780)
  • Add permissions check for generate-tool-desc route (#5837)
  • Prevent IDOR takeover of DocumentStores (#5914)
  • Fix mass assignment in account registration (#5689)
  • Fix sensitive cookie transmission (#5809)
  • Fix string escaping/encoding vulnerabilities (#5772)
  • Fix regex vulnerabilities on user-controlled data (#5857)
  • Fix unvalidated dynamic method call issue (#5746)

🐛 Bug Fixes

  • Fix CORS handling for public chatflow requests (#5706)
  • Fix hardcoded STT audio extension validation (#5737)
  • Fix MySQLRecordManager type handling for indexes (#5726)
  • Fix invalid workspaceId in TTS (#5917)
  • Fix 401 error messaging for invalid API keys (#5808)
  • Fix login method reading (#5805)
  • Fix mime type validation when updating chatflow config (#5768)
  • Fix Windows build command with --mode flag (#5841)
  • Fix cross-env handling for Windows compatibility (#5835)
  • Fix test coverage failures (#5839)
  • Stop Axios throwing errors on non-2xx responses (#5832)

🧰 CI / Build / DevOps

  • Add GitHub Actions workflow for publishing AgentFlow SDK (#5908)
  • Use AWS OIDC to push images to ECR (#5784)
  • Upgrade GitHub Actions for Node 24 compatibility (#5911)
  • Upgrade GitHub Actions to latest versions (#5912)
  • Fix workspace protocol error in AgentFlow publish workflow (#5946)
  • Build AgentFlow without source maps in production (#5787)
  • Fix Husky pre-commit hook executable issue (#5788)
  • Improve Jest server test structure (#5909)

📚 Documentation & Policy

  • Update security policy (#5781)

New Contributors

Full Changelog: https://github.com/FlowiseAI/Flowise/compare/flowise@3.0.13...flowise@3.1.0

Check out latest releases or
releases around FlowiseAI/Flowise flowise@3.1.0

Don't miss a new Flowise release

NewReleases is sending notifications on new releases.

Get notifications