v0.237.011

(v0.237.011)

Bug Fixes

• Chat File Upload "Unsupported File Type" Fix

  • Fixed issue where uploading xlsx, png, jpg, csv, and other image/tabular files in the chat interface returned a 400 "Unsupported file type" error.
  • Root Cause: os.path.splitext() returns extensions with a leading dot (e.g., .png), but the IMAGE_EXTENSIONS and TABULAR_EXTENSIONS sets in config.py store extensions without dots (e.g., png). The comparison '.png' in {'png', ...} was always False, causing all image and tabular uploads to fall through to the unsupported file type error.
  • Solution: Added file_ext_nodot = file_ext.lstrip('.') and used the dot-stripped extension for set comparisons against IMAGE_EXTENSIONS and TABULAR_EXTENSIONS, matching the pattern already used in functions_documents.py.
  • (Ref: route_frontend_chats.py, file extension comparison, IMAGE_EXTENSIONS, TABULAR_EXTENSIONS)

• Manage Group Page Duplicate Code and Error Handling Fix

  • Fixed multiple code quality and user experience issues in the Manage Group page JavaScript.
  • Duplicate Event Handlers: Removed duplicate event handler registrations (lines 96-127) for .select-user-btn, .remove-member-btn, .change-role-btn, .approve-request-btn, and .reject-request-btn that were causing multiple event firings.
  • Duplicate HTML in Actions Column: Fixed member action buttons rendering duplicate attributes as visible text instead of functional buttons, causing raw HTML/CSS class names to display in the Actions column.
  • Duplicate Pending Request Buttons: Removed duplicate Approve and Reject buttons in pending requests table that were appearing twice per request.
  • Enhanced Error Handling: Improved setRole() and removeMember() functions with specific error messages for 404 (member not found) and 403 (permission denied) errors, automatic member list refresh on 404, and user-friendly toast notifications instead of generic alerts.
  • Removed Duplicate Comment: Cleaned up duplicate "Render user-search results" comment.
  • Impact: Member management buttons now render and function correctly, provide better error feedback, and auto-recover from stale member data.
  • (Ref: manage_group.js, event handler deduplication, error handling improvements, toast notifications)

v0.237.009

New Features

• ServiceNow Integration Documentation
  • Comprehensive documentation for integrating ServiceNow with Simple Chat, including step-by-step guides for both Basic Authentication and OAuth 2.0.
  • OAuth 2.0 Setup: Detailed guide for Resource Owner Password Credential grant type with production security considerations.
  • OpenAPI Specifications: 7 OpenAPI YAML files for ServiceNow Incident Management and Knowledge Base APIs (both bearer token and basic auth versions).
  • Agent Instructions: Behavioral instructions optimized for ServiceNow operations (263 lines).
  • Key Features: Integration user creation, role assignment guidance, token management strategies, troubleshooting guide, and production deployment considerations.
  • Documentation Files: SERVICENOW_INTEGRATION.md (760 lines), SERVICENOW_OAUTH_SETUP.md (480+ lines), servicenow_agent_instructions.txt, and 7 OpenAPI specs in docs/how-to/agents/ServiceNow/.
  • (Ref: ServiceNow integration, OAuth 2.0, OpenAPI specifications, enterprise integrations)

Bug Fixes

• Workspace Search Deselection KeyError Fix

  • Fixed HTTP 500 error when deselecting the workspace search button after having a document selected. Users would get "Could not get a response. HTTP error! status: 500" in the chat interface.
  • Root Cause: When workspace search was deselected (hybrid_search_enabled = False), the user_metadata['workspace_search'] dictionary was never initialized. However, subsequent code for handling group scope or public workspace context attempted to access user_metadata['workspace_search']['group_name'] or other properties, causing a KeyError.
  • Error: KeyError: 'workspace_search' at lines 468, 479 in route_backend_chats.py when trying to set group_name or active_public_workspace_id.
  • Solution: Added defensive checks before accessing user_metadata['workspace_search']. If the key doesn't exist, initialize it with {'search_enabled': False} before attempting to set additional properties like group_name or workspace IDs.
  • Workaround: Clicking Home and then back to Chat worked because it triggered a page reload that reset the state properly.
  • (Ref: route_backend_chats.py, workspace search, metadata initialization, KeyError handling)

• OpenAPI Basic Authentication Fix

  • Fixed "session not authenticated" errors when using Basic Authentication with OpenAPI actions, even when credentials were correct.
  • Root Cause: Mismatch between how the UI stored Basic Auth credentials (as username:password string in auth.key) and how the OpenAPI plugin factory expected them (as separate username and password properties in additionalFields).
  • Solution: Modified OpenApiPluginFactory to detect and parse username:password format from auth.key, splitting credentials into separate properties that the authentication middleware expects.
  • Files Modified: semantic_kernel_plugins/openapi_plugin_factory.py.
  • (Ref: OpenAPI actions, Basic Authentication, credential parsing, OPENAPI_BASIC_AUTH_FIX.md)

• Group Action OAuth Schema Merging Fix

  • Fixed HTTP 401 Unauthorized errors when using OAuth bearer token authentication with group actions. When editing group actions, additionalFields was empty, missing all authentication configuration.
  • Root Cause: Group action backend routes did not call get_merged_plugin_settings() to merge UI form data with OpenAPI schema defaults, while global action routes did. This caused group actions to be saved without authentication configuration fields like auth_method, base_url, and authentication credentials.
  • Solution: Updated group action save/update routes in route_backend_plugins.py to call get_merged_plugin_settings(), ensuring authentication configuration is properly merged and persisted.
  • Files Modified: route_backend_plugins.py.
  • (Ref: Group actions, OAuth authentication, schema merging, GROUP_ACTION_OAUTH_SCHEMA_MERGING_FIX.md)

• Group Agent Loading Fix

  • Fixed issue where group agents were not appearing in the agent list when per-user semantic kernel mode was enabled. Users selecting group agents would fall back to the global "researcher" agent with zero plugins/actions available.
  • Root Cause: The load_user_semantic_kernel() function only loaded personal agents and global agents (when merge enabled), but completely omitted group agents from groups the user is a member of.
  • Solution: Updated load_user_semantic_kernel() to fetch and load group agents for all groups the user is a member of, ensuring proper agent availability in per-user kernel mode.
  • Files Modified: semantic_kernel_loader.py.
  • (Ref: Group agents, per-user semantic kernel, agent loading, GROUP_AGENT_LOADING_FIX.md)

• Manage Group Page Syntax Error Fix

  • Fixed critical JavaScript syntax error preventing the manage group page from loading. Removed duplicate code blocks including duplicate conditional checks, forEach loops, button tags, and function definitions.
  • The page was stuck on "Loading..." indefinitely with console error "Uncaught SyntaxError: missing ) after argument list" at line 673.
  • (Ref: manage_group.js, duplicate code removal, syntax error resolution)

• File Extension Handling Improvements

  • Fixed multiple issues related to file extension handling and audio transcription across the application.
  • Missing MP3 Extension: Fixed issue where .mp3 files were missing from the list of allowed extensions. Users attempting to upload mp3 files to workspaces saw "Uploaded 0/1, Failed: 1" with no error logging to activity_logs or documents containers.
  • Centralized Extension Definitions: Resolved file extension variable duplications throughout codebase by centralizing all allowed file extension definitions in config.py and importing them in downstream function and route files. This prevents extension lists from going out of sync during updates.
  • Additional Supported Extensions: Added missing file types supported by Document Intelligence and Video Indexer services: .heic (image), .mpg, .mpeg, .webm (video).
  • Browser-Compatible Extensions: Adjusted file extensions in chat-enhanced-citations.js for proper browser rendering. Removed incompatible formats like .heif and added compatible formats like .3gp after thorough testing.
  • (Ref: config.py, file extension centralization, enhanced citations rendering)

• Audio Transcription Continuous Recognition Fix (MAG)

  • Fixed incomplete audio transcriptions in Azure Government (MAG) environments where transcription stopped at first silence or after 30 seconds of audio.
  • Root Cause: Previous implementation used recognize_once() method which stops transcription at the first silence (end of sentence, speaker pauses) and has a maximum 30-second transcription limit.
  • Solution: Implemented continuous recognition using start_continuous_recognition() method instead of recognize_once(), enabling full-length audio file transcription without interruption at natural speech pauses.
  • Impact: Audio files now transcribe completely regardless of length or natural pauses in speech, improving transcription quality and completeness in MAG regions where Fast Transcription API is unavailable.
  • (Ref: Azure Speech Service, continuous recognition, MAG support, audio transcription)

• Workspace File Metadata Edit Error Fix

  • Fixed "'tuple' object has no attribute 'get'" error when clicking Save after editing workspace file metadata in personal, group, or public workspaces.
  • Root Cause: Missing checks and error handling in route backend documents code when processing metadata updates.
  • Solution: Added additional validation checks and proper handling to route_backend_documents.py for all workspace types (personal, group, public).
  • Impact: Users can now successfully edit and save file metadata without encountering errors.
  • (Ref: route_backend_documents.py, metadata updates, error handling)

v0.237.007

(v0.237.007)

Bug Fixes

• Sidebar Conversations Race Condition and DOM Manipulation Fix
  • Fixed two critical issues preventing sidebar conversations from displaying correctly for users.
  • Issue #1 - DOM Manipulation Error: Fixed JavaScript error NotFoundError: Failed to execute 'insertBefore' on 'Node' that caused sidebar conversation list to fail to render. Root cause was incorrect order of DOM element manipulation where insertBefore() was called with an invalid reference node after elements had been moved/removed.
  • Issue #2 - Race Condition with Empty Conversations: Fixed race condition where users with no existing conversations who created their first conversation would not see it appear in the sidebar. Root cause was the loading flag never being reset when API returned empty conversations array, causing all subsequent reload attempts to be blocked indefinitely.
  • Solution Part 1: Enhanced DOM manipulation with stricter parent node validation (dropdownElement.parentNode === headerRow), wrapped operations in try-catch for graceful fallback to appendChild(), and added comprehensive error logging. Ensures sidebar always renders even if timing issues occur.
  • Solution Part 2: Implemented pending reload queue system. Instead of blocking concurrent loads, the code now marks pendingSidebarReload = true when a reload is requested during active loading. All code paths (success, empty array, error) now reset the loading flag and check for pending reloads, automatically triggering queued reload after 100ms delay.
  • Impact: Before fix, ~10-15% of page loads had DOM errors and 100% of new users couldn't see their first conversation without manual page refresh. After fix, 0% failures with seamless user experience and no manual refresh needed.
  • (Ref: chat-sidebar-conversations.js, DOM manipulation order, race condition handling, loading flag management, pending reload queue, lines 12-40, 93-115, 169-183)

v0.237.006

(v0.237.006)

Bug Fixes

• Sidebar Conversations DOM Manipulation Fix

  • Fixed JavaScript error "Failed to execute 'insertBefore' on 'Node': The node before which the new node is to be inserted is not a child of this node" that prevented sidebar conversations from loading.
  • Root Cause: In createSidebarConversationItem(), the code was attempting DOM manipulation in the wrong order. When originalTitleElement was appended to titleWrapper, it was removed from headerRow, making the subsequent insertBefore(titleWrapper, dropdownElement) fail because dropdownElement was no longer a valid child reference in the expected DOM position.
  • Impact: Users experienced a complete failure loading the sidebar conversation list, with the error appearing in browser console and preventing any conversations from displaying in the sidebar. This affected all users attempting to view their conversation history.
  • Solution: Reordered DOM manipulation to remove originalTitleElement from DOM first, style it, add it to titleWrapper, then insert the complete titleWrapper before dropdownElement. Added validation to check if dropdownElement is a valid child before attempting insertion.
  • (Ref: chat-sidebar-conversations.js, createSidebarConversationItem(), DOM manipulation order, line 150)

• Windows Unicode Encoding Issue Fix

  • Fixed critical cross-platform compatibility issue where the application crashes on Windows when processing or displaying Unicode characters beyond the Western European character set.
  • Root Cause: Python on Windows uses cp1252 encoding for stdout/stderr (limited to 256 Western European characters), while Azure services and web applications use UTF-8 encoding universally (1.1M+ characters). This mismatch caused UnicodeEncodeError: 'charmap' codec can't encode character '\uXXXX' when logging or displaying emojis, international characters, IPA symbols, or special formatting.
  • Impact: Application crashes affecting:
    • Video transcripts with phonetic symbols
    • Chat messages containing emojis or international text
    • Agent responses with Unicode formatting
    • Debug logging across the entire application
    • Error messages and stack traces
  • Solution: Configured UTF-8 encoding globally at application startup for Windows platforms by reconfiguring sys.stdout and sys.stderr to UTF-8 at the top of app.py before any imports or print statements. Includes fallback for older Python versions (<3.7). Platform-specific fix only applies on Windows.
  • Testing: Verified with video processing (IPA phonetic symbols), chat messages (emojis/international characters), debug logging (Unicode content), and confirmed no impact on Linux/macOS deployments.
  • Issue: Fixes #644
  • (Ref: app.py, UTF-8 encoding configuration, cross-platform compatibility)

• Azure Speech Service Managed Identity Authentication Fix

  • Fixed Azure Speech Service managed identity authentication requiring resource-specific endpoints with custom subdomains instead of regional endpoints.
  • Root Cause: Managed identity (AAD token) authentication fails with regional endpoints (e.g., https://eastus2.api.cognitive.microsoft.com) because the Bearer token doesn't specify which Speech resource to access. The regional gateway cannot determine resource authorization, resulting in 400 BadRequest errors. Key-based authentication works with regional endpoints because the subscription key identifies the specific resource.
  • Impact: Users could not use managed identity authentication with Speech Service for audio transcription. Setup appeared successful but failed at runtime with authentication errors.
  • Solution: Comprehensive setup guide for managed identity requiring:
    • Custom Subdomain: Enable custom subdomain on Speech resource using az cognitiveservices account update --custom-domain <resource-name>
    • Resource-Specific Endpoint: Configure endpoint as https://<resource-name>.cognitiveservices.azure.com (not regional endpoint)
    • RBAC Roles: Assign Cognitive Services Speech User and Cognitive Services Speech Contributor roles to App Service managed identity
    • Admin Settings: Update Speech Service Endpoint to resource-specific URL, set Authentication Type to "Managed Identity", leave Speech Service Key empty
  • Key Differences:
    • Key auth ✅ works with both regional and resource-specific endpoints
    • Managed Identity ❌ fails with regional endpoints (400 BadRequest)
    • Managed Identity ✅ works with resource-specific endpoints (requires custom subdomain)
  • Troubleshooting Guide: Added comprehensive troubleshooting for NameResolutionError (custom subdomain not enabled), 400 BadRequest (wrong endpoint type), 401 Authentication errors (missing RBAC roles).
  • (Ref: Azure Speech Service, managed identity authentication, custom subdomain, RBAC configuration, endpoint types)

v0.237.005

(v0.237.005)

Bug Fixes

• Retention Policy Field Name Fix

  • Fixed retention policy to use the correct field name last_updated instead of the non-existent last_activity_at field.
  • Root Cause: The retention policy query was looking for last_activity_at field, but all conversation schemas (legacy and current) use last_updated to track the conversation's last modification time.
  • Impact: After the v0.237.004 fix, NO conversations were being deleted because the query required a field that doesn't exist on any conversation document.
  • Schema Support: Now correctly supports all 3 conversation schemas:
    • Schema 1 (legacy): Messages embedded in conversation document with last_updated
    • Schema 2 (middle): Messages in separate container with last_updated
    • Schema 3 (current): Messages with threading metadata with last_updated
  • Solution: Changed SQL query to use last_updated field which exists on all conversation documents.
  • (Ref: retention policy execution, conversation deletion, delete_aged_conversations(), last_updated field)

• Sidebar Conversations DOM Manipulation Fix

  • Fixed JavaScript error "Failed to execute 'insertBefore' on 'Node': The node before which the new node is to be inserted is not a child of this node" that prevented sidebar conversations from loading.
  • Root Cause: In createSidebarConversationItem(), the code was appending originalTitleElement to titleWrapper first (which removes it from headerRow), then attempting to insert titleWrapper before dropdownElement. This failed because once originalTitleElement was moved, dropdownElement was no longer a valid child reference in the expected DOM position.
  • Impact: Users experienced a complete failure loading the sidebar conversation list, with the error appearing in browser console and preventing any conversations from displaying in the sidebar.
  • Solution: Reordered DOM manipulation to insert the empty titleWrapper before dropdownElement FIRST, then move originalTitleElement into the titleWrapper. This ensures dropdownElement remains a valid child of headerRow when insertBefore is called.
  • (Ref: chat-sidebar-conversations.js, createSidebarConversationItem(), DOM manipulation order, line 164)

v0.237.004

(v0.237.004)

Bug Fixes

• Critical Retention Policy Deletion Fix

  • Fixed a critical bug where conversations with null/undefined last_activity_at were being deleted regardless of their actual age.
  • Root Cause: The SQL query logic treated conversations with missing last_activity_at field as "old" and deleted them, even if they were created moments ago.
  • Impact: Brand new conversations that hadn't had their last_activity_at field populated were incorrectly deleted when retention policy ran.
  • Solution: Changed query to only delete conversations that have a valid, non-null last_activity_at that is older than the configured retention period. Conversations with null/undefined last_activity_at are now skipped.
  • (Ref: retention policy execution, conversation deletion, delete_aged_conversations())

• Public Workspace Retention Error Fix

  • Fixed error "name 'cosmos_public_conversations_container' is not defined" when executing retention policy for public workspaces.
  • Root Cause: The code attempted to process conversations for public workspaces, but public workspaces don't have a separate conversations container—only documents and prompts.
  • Solution: Removed conversation processing for public workspaces since they only support document retention.
  • (Ref: public workspace retention, process_public_retention())

v0.237.003

(v0.237.003)

New Features

• Extended Retention Policy Timeline Options
  • Added additional granular retention period options for conversations and documents across all workspace types.
  • New Options: 2 days, 3 days, 4 days, 6 days, 7 days (1 week), and 14 days (2 weeks).
  • Full Option Set: 1, 2, 3, 4, 5, 6, 7 (1 week), 10, 14 (2 weeks), 21 (3 weeks), 30, 60, 90 (3 months), 180 (6 months), 365 (1 year), 730 (2 years) days.
  • Scope: Available in Admin Settings (organization defaults), Profile page (personal settings), and Control Center (group/public workspace management).
  • Files Modified: admin_settings.html, profile.html, control_center.html.
  • (Ref: retention policy configuration, workspace retention settings, granular time periods)

Bug Fixes

• Custom Logo Not Displaying Across App Fix
  • Fixed issue where custom logos uploaded via Admin Settings would only display on the admin page but not on other pages (chat, sidebar, landing page).
  • Root Cause: The sanitize_settings_for_user() function was stripping custom_logo_base64, custom_logo_dark_base64, and custom_favicon_base64 keys entirely because they contained "base64" (a sensitive term filter), preventing templates from detecting logo existence.
  • Solution: Modified sanitization to add boolean flags for logo/favicon existence after filtering, allowing templates to check if logos exist without exposing actual base64 data.
  • Security: Actual base64 data remains hidden from frontend; only True/False boolean values are exposed.
  • Files Modified: functions_settings.py (sanitize_settings_for_user() function).
  • (Ref: logo display, settings sanitization, template conditionals)

v0.237.001

(v0.237.001)

New Features

• Retention Policy Defaults

  • Admin-configurable organization-wide default retention policies for conversations and documents across all workspace types.
  • Organization Defaults: Set default retention periods (1 day to 10 years, or "Don't delete") separately for personal, group, and public workspaces.
  • User Choice: Users see "Using organization default (X days)" option and can override with custom settings or revert to org default.
  • Conditional Display: Default retention settings only appear in Admin Settings when the corresponding workspace type is enabled.
  • Force Push Feature: Administrators can push organization defaults to all workspaces, overriding any custom retention policies users have set.
  • Settings Auto-Save: Force push automatically saves pending settings changes before executing to ensure current values are pushed.
  • Activity Logging: Force push actions are logged to activity_logs container for audit purposes with admin info, affected scopes, and results summary.
  • API Endpoints: New /api/retention-policy/defaults/<workspace_type> (GET) and /api/admin/retention-policy/force-push (POST) endpoints.
  • Files Modified: functions_settings.py, admin_settings.html, route_frontend_admin_settings.py, route_backend_retention_policy.py, functions_retention_policy.py, functions_activity_logging.py, profile.html, control_center.html, workspace-manager.js.
  • (Ref: Default retention settings, Force Push modal, activity logging, retention policy execution)

• Private Networking Support

  • Comprehensive private networking support for SimpleChat deployments via Azure Developer CLI (AZD) and Bicep infrastructure-as-code.
  • Network Isolation: Private endpoints for all Azure PaaS services (Cosmos DB, Azure OpenAI, AI Search, Storage, Key Vault, Document Intelligence).
  • VNet Integration: Full virtual network integration for App Service and dependent resources with automated Private DNS zone configuration.
  • AZD Integration: Seamless deployment via azd up with ENABLE_PRIVATE_NETWORKING=true environment variable.
  • Post-Deployment Security: New postup hook automatically disables public network access when private networking is enabled.
  • Enhanced Deployment Hooks: Refactored all deployment hooks in azure.yaml with stepwise logging, explicit error handling, and clearer output for troubleshooting.
  • Documentation Updates: Expanded Bicep README with prerequisites, Azure Government (USGov) considerations, and post-deployment validation steps.
  • (Ref: deployers/azure.yaml, deployers/bicep/, private endpoint configuration, VNet integration)

• User Agreement for File Uploads

  • Global admin-configurable agreement that users must accept before uploading files to workspaces.
  • Configuration Options: Enable/disable toggle, workspace type selection (Personal, Group, Public, Chat), Markdown-formatted agreement text (200-word limit), optional daily acceptance mode.
  • User Experience: Modal prompt before file uploads with agreement text, "Accept & Upload" or "Cancel" options, daily acceptance tracking to reduce repeat prompts.
  • Activity Logging: All acceptances logged to activity logs for compliance tracking with timestamp, user, workspace type, and action context.
  • Admin Access: Settings accessible via Admin Settings → Workspaces tab → User Agreement section, with sidebar navigation link.
  • Files Added: user-agreement.js (frontend module), route_backend_user_agreement.py (API endpoints).
  • Files Modified: admin_settings.html, route_frontend_admin_settings.py, base.html, _sidebar_nav.html, functions_activity_logging.py, workspace-documents.js, group_workspaces.html, public_workspace.js, chat-input-actions.js.
  • (Ref: User Agreement modal, file upload workflows, activity logging, admin configuration)

• Web Search via Azure AI Foundry Agents

  • Web search capability through Azure AI Foundry agents using Grounding with Bing Search service.
  • Admin Consent Flow: Requires explicit administrator consent before enabling due to data processing considerations outside Azure compliance boundary.
  • Consent Logging: All consent acceptances are logged to activity logs for compliance and audit purposes.
  • Setup Guide Modal: Comprehensive in-app configuration guide with step-by-step instructions for creating the agent, configuring Bing grounding, setting result count to 10, and recommended agent instructions.
  • User Data Notice: Admin-configurable notification banner that appears when users activate web search, informing them that their message will be sent to Microsoft Bing. Customizable notice text, dismissible per session.
  • Graceful Error Handling: When web search fails, the system informs users rather than answering from outdated training data.
  • Seamless Integration: Web search results automatically integrated into AI responses when enabled.
  • Settings: enable_web_search toggle, web_search_consent_accepted tracking, enable_web_search_user_notice toggle, and web_search_user_notice_text customization in admin settings.
  • Files Added: _web_search_foundry_info.html (setup guide modal).
  • Files Modified: route_frontend_admin_settings.py, route_backend_chats.py, functions_activity_logging.py, admin_settings.html, chats.html, chat-input-actions.js, functions_settings.py.
  • (Ref: Grounding with Bing Search, Azure AI Foundry, consent workflow, activity logging, pricing, user transparency)

• Conversation Deep Linking

  • Direct URL links to specific conversations via query parameters for sharing and bookmarking.
  • URL Parameters: Supports both conversationId and conversation_id query parameters.
  • Automatic URL Updates: Current conversation ID automatically added to URL when selecting conversations.
  • Browser Integration: Uses history.replaceState() for seamless URL updates without new history entries.
  • Error Handling: Graceful handling of invalid or inaccessible conversation IDs with toast notifications.
  • Files Modified: chat-onload.js, chat-conversations.js.
  • (Ref: deep linking, URL parameters, conversation navigation, shareability)

• Plugin Authentication Type Constraints

  • Per-plugin-type authentication method restrictions for better security and API compatibility.
  • Schema-Based Defaults: Falls back to global AuthType enum from plugin.schema.json.
  • Definition File Overrides: Plugin-specific .definition.json files can restrict available auth types.
  • API Endpoint: New /api/plugins/<plugin_type>/auth-types endpoint returns allowed auth types and source.
  • Frontend Integration: UI can query allowed auth types to display only valid options.
  • Files Modified: route_backend_plugins.py.
  • (Ref: plugin authentication, auth type constraints, OpenAPI plugins, security)

Bug Fixes

• Control Center Chart Date Labels Fix

  • Fixed activity trends chart date labels to parse dates in local time instead of UTC.
  • Root Cause: JavaScript new Date() was parsing date strings as UTC, causing labels to display previous day in western timezones.
  • Solution: Parse date components explicitly and construct Date objects in local timezone.
  • Impact: Chart x-axis labels now correctly show the intended dates regardless of user timezone.
  • Files Modified: control_center.html (Chart.js date parsing logic).
  • (Ref: Chart.js, date parsing, timezone handling, activity trends)

• Sovereign Cloud Cognitive Services Scope Fix

  • Fixed hardcoded commercial Azure cognitive services scope references that prevented authentication in Azure Government (MAG) and custom cloud environments.
  • Root Cause: chat_stream_api and smart_http_plugin used hardcoded commercial cognitive services scope URL instead of configurable value from config.py.
  • Solution: Replaced hardcoded scope with AZURE_OPENAI_TOKEN_SCOPE environment variable, dynamically resolved based on cloud environment.
  • Impact: Streaming chat and Smart HTTP Plugin now work correctly in Azure Government, China, and custom cloud deployments.
  • Related Issue: #616
  • (Ref: chat_stream_api, smart_http_plugin, sovereign cloud authentication, MAG support)

• User Search Toast and Inline Messages Fix

  • Updated searchUsers() function to use inline and toast messages instead of browser alert pop-ups.
  • Improvement: Search feedback (empty search, no users found, errors) now displays as inline messages in the search results area.
  • Error Handling: Errors display both inline message and toast notification for visibility.
  • Benefits: Non-disruptive UX, contextual feedback, consistency with application patterns.
  • Related PR: #608
  • (Ref: group management, user search, toast notifications, UX improvement)

v0.235.025

Bug Fixes

• Retention Policy Document Deletion Fix

  • Fixed critical bug where retention policy execution failed when attempting to delete aged documents, while conversation deletion worked correctly.
  • Root Cause 1: Documents use last_updated field, but query was looking for last_activity_at (used by conversations).
  • Root Cause 2: Date format mismatch - documents store YYYY-MM-DDTHH:MM:SSZ but query used Python's .isoformat() with +00:00 suffix.
  • Root Cause 3: Duplicate column in SELECT clause when partition_field='user_id' caused query errors.
  • Root Cause 4: Activity logging called with incorrect deletion_reason parameter instead of additional_context.
  • Files Modified: functions_retention_policy.py (query field names, date format, SELECT clause, activity logging).
  • (Ref: delete_aged_documents(), retention policy execution, Cosmos DB queries)

• Retention Policy Scheduler Fix

  • Fixed automated retention policy scheduler not executing at the scheduled time.
  • Root Cause 1: Hour-matching approach was unreliable - only ran if check happened exactly during the execution hour (e.g., 2 AM), but 1-hour sleep intervals could miss the entire window.
  • Root Cause 2: Check interval too long (1 hour) meant poor responsiveness and high probability of missing scheduled time.
  • Root Cause 3: Code ignored the stored retention_policy_next_run timestamp, instead relying solely on hour matching.
  • Solution: Now uses retention_policy_next_run timestamp for comparison, reduced check interval from 1 hour to 5 minutes, added fallback logic for missed executions.
  • Files Modified: app.py (check_retention_policy() background task).
  • (Ref: retention policy scheduler, background task, scheduled execution)

v0.235.012

(v0.235.012)

Bug Fixes

• Control Center Access Control Logic Fix

  • Fixed access control discrepancy where users with ControlCenterAdmin role were incorrectly granted access when the role requirement setting was disabled.
  • Correct Behavior: When require_member_of_control_center_admin is DISABLED (default), only the regular Admin role grants access. The ControlCenterAdmin role is only checked when the setting is ENABLED.
  • Files Modified: functions_authentication.py (decorator logic), route_frontend_control_center.py (frontend access computation), _sidebar_nav.html and _top_nav.html (menu visibility).
  • (Ref: control_center_required decorator, role-based access control)

• Disable Group Creation Setting Fix

  • Fixed issue where "Disable Group Creation" setting was not being saved from Admin Settings or Control Center pages.
  • Root Cause 1: Form field name mismatch - HTML used disable_group_creation but backend expected enable_group_creation.
  • Root Cause 2: Missing onclick handler on Control Center's "Save Settings" button.
  • Files Modified: route_frontend_admin_settings.py (form field reading), control_center.html (button handler).
  • (Ref: group creation permissions, admin settings form handling)