langgenius/dify 1.11.1

v1.11.1

on GitHub

This release is all about tightening up security, boosting performance, and squashing those pesky bugs. Let's dive into what's changed:

🛠️ Fixes and Improvements

• React and Next.js Security Upgrades: We've bumped up react and react-dom to 19.2.3 to fix some CVE vulnerabilities. Next.js also got a security update, courtesy of @douxc (PRs #29532 and #29545).

• Credential Management: If you've been seeing empty available_credentials, that's sorted out now (thanks to @fatelei in #29521).

• Description Length Limitation: Autogenerated descriptions will now be truncated to avoid the 400-character limit error, ensuring smoother submissions by @shua-chen in #28681.

• Content Type Charset: Response content types now include charsets to keep your data formats consistent, by @Pleasurecruise in #29534.

• Flask-Restx Attribute Error: The pesky AttributeError caused by validate=True in flask-restx is no more (fixed by @Mairuis in #29552).

• Document Handling: Optimized the save_document_with_dataset_id function for better performance by @fatelei in #29550. Plus, we fixed an issue where external images in DOCX files were causing extraction failures (@JohnJyong in #29558).

• Token Retrieval: No more errors when access_token is empty; it now gracefully returns None by @kashira2339 in #29516.

• Hit-Test Failures: Resolved the hit-test failure when an attachment ID doesn’t exist by @JohnJyong in #29563.

🚀 New Features

• Amplitude Integration: We’ve integrated the Amplitude API key into our layout and provider components for enhanced analytics. Big thanks to @CodingOnStar in #29546.

🧪 Testing

• Container Integration Tests: Added integration tests for triggers to make sure everything runs smoothly in container environments by @Stream29 in #29527.

⚡ Performance Enhancements

• Excel Extractor: We've optimized the performance and memory usage of the Excel extractor, making it faster and more efficient, by @NieRonghua in #29551.

Thanks to everyone who contributed to this release! Your feedback and contributions make all the difference. As always, happy coding! 🌟

Upgrade Guide

Docker Compose Deployments

1. Back up your customized docker-compose YAML file (optional)

   cd docker
   cp docker-compose.yaml docker-compose.yaml.$(date +%s).bak

2. Get the latest code from the main branch

   git checkout main
   git pull origin main

3. Stop the service. Please execute in the docker directory

   docker compose down

4. Back up data

   tar -cvf volumes-$(date +%s).tgz volumes

5. Upgrade services

   docker compose up -d

2025/11/26 11:37:57 /app/internal/db/pg/pg.go:30
[error] failed to initialize database, got error failed to connect to `host=db_postgres user=postgres database=dify_plugin`: hostname resolving error (lookup db_postgres on 127.0.0.11:53: server misbehaving)

2025/11/26 11:37:57 /app/internal/db/pg/pg.go:34
[error] failed to initialize database, got error failed to connect to `host=db_postgres user=postgres database=postgres`: hostname > resolving error (lookup db_postgres on 127.0.0.11:53: server misbehaving)
2025/11/26 11:37:57 init.go:99: [PANIC]failed to init dify plugin db: failed to connect to `host=db_postgres user=postgres database=postgres`: hostname resolving error (lookup db_postgres on 127.0.0.11:53: server misbehaving)
panic: [PANIC]failed to init dify plugin db: failed to connect to `host=db_postgres user=postgres database=postgres`: hostname resolving error (lookup db_postgres on 127.0.0.11:53: server misbehaving)

docker compose --profile postgresql up -d

Source Code Deployments

1. Stop the API server, Worker, and Web frontend Server.

2. Get the latest code from the release branch:

   git checkout 1.11.1

3. Update Python dependencies:

   cd api
   uv sync

4. Then, let's run the migration script:

   uv run flask db upgrade

5. Finally, run the API server, Worker, and Web frontend Server again.

What's Changed

• fix: upgrade react and react-dom to 19.2.3,fix cve errors by @douxc in #29532
• fix: fix available_credentials is empty by @fatelei in #29521
• fix: nextjs security update by @douxc in #29545
• fix: truncate auto-populated description to prevent 400-char limit error by @shua-chen in #28681
• test(trigger): add container integration tests for trigger by @Stream29 in #29527
• feat: integrate Amplitude API key into layout and provider components by @CodingOnStar in #29546
• fix: set response content type with charset in helper by @Pleasurecruise in #29534
• fix: remove validate=True to fix flask-restx AttributeError by @Mairuis in #29552
• perf(core/rag): optimize Excel extractor performance and memory usage by @NieRonghua in #29551
• perf: optimize save_document_with_dataset_id by @fatelei in #29550
• fix: docx extractor external image failed by @JohnJyong in #29558
• fix: hit-test failed when attachment id is not exist by @JohnJyong in #29563
• fix: return None from retrieve_tokens when access_token is empty by @kashira2339 in #29516
• chore: Bump version references to 1.11.1 by @laipz8200 in #29568

New Contributors

• @shua-chen made their first contribution in #28681
• @Pleasurecruise made their first contribution in #29534
• @kashira2339 made their first contribution in #29516

Full Changelog: 1.11.0...1.11.1