What's new in v0.50.15
KaTeX math rendering (closes #347)
LaTeX math now renders in chat messages and workspace file previews.
| Syntax | Type | Example |
|---|---|---|
$...$
| Inline | $E = mc^2$
|
$$...$$
| Display (centered) | $$\int_0^1 x\,dx$$
|
\(...\)
| Inline | \(\alpha + \beta\)
|
\[...\]
| Display | \[\sum_{i=1}^n i\]
|
- False-positive protection:
$5and$10don't trigger math (space-after-dollar guard) throwOnError:false— invalid LaTeX degrades to<code>text, no crashtrust:false— KaTeX cannot execute unsafe commands- KaTeX JS lazy-loaded from CDN on first math block; CSS loaded eagerly to prevent layout shift
- Works in chat messages and workspace markdown file previews
Security fixes (closes #354)
- B324:
hashlib.md5(..., usedforsecurity=False)ingateway_watcher.py— FIPS-mode compatible - B310: URL scheme validation before
urllib.request.urlopeninconfig.pyandbootstrap.py— blocksfile://injection - B110: 40+ bare
except: passblocks replaced withlogger.debug()across 12 files — silent failures now visible in DEBUG logs QuietHTTPServer: suppressesConnectionResetError/BrokenPipeErrorlog spam from SSE clients that disconnect mid-stream
session_search now works in WebUI sessions (closes #351-area, PR #356)
The agent's session_search tool previously returned "Session database not available" for all WebUI chat sessions. The CLI and gateway code paths both inject a SessionDB instance into the agent, but the WebUI streaming path was missing this step. Fixed — session_search now works from the chat interface.
871 tests | Full changelog