hermes-agent

mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-06-09 08:21:50 +00:00

History

kshitijk4poor d6ed35d047 feat(security): add global toggle to allow private/internal URL resolution Adds security.allow_private_urls / HERMES_ALLOW_PRIVATE_URLS toggle so users on OpenWrt routers, TUN-mode proxies (Clash/Mihomo/Sing-box), corporate split-tunnel VPNs, and Tailscale networks — where DNS resolves public domains to 198.18.0.0/15 or 100.64.0.0/10 — can use web_extract, browser, vision URL fetching, and gateway media downloads. Single toggle in tools/url_safety.py; all 23 is_safe_url() call sites inherit automatically. Cached for process lifetime. Cloud metadata endpoints stay ALWAYS blocked regardless of the toggle: 169.254.169.254 (AWS/GCP/Azure/DO/Oracle), 169.254.170.2 (AWS ECS task IAM creds), 169.254.169.253 (Azure IMDS wire server), 100.100.100.200 (Alibaba), fd00:ec2::254 (AWS IPv6), the entire 169.254.0.0/16 link-local range, and the metadata.google.internal / metadata.goog hostnames (checked pre-DNS so they can't be bypassed on networks where those names resolve to local IPs). Supersedes #3779 (narrower HERMES_ALLOW_RFC2544 for the same class of users). Co-authored-by: kshitijk4poor <82637225+kshitijk4poor@users.noreply.github.com>		2026-04-22 14:38:59 -07:00
..
__init__.py
auth.py	feat: add Step Plan provider support (salvage #6005 )	2026-04-22 02:59:58 -07:00
auth_commands.py	fix(auth): unify credential source removal — every source sticks (#13427 )	2026-04-21 01:52:49 -07:00
backup.py
banner.py
callbacks.py
claw.py
cli_output.py
clipboard.py
codex_models.py
colors.py
commands.py	fix(tui): @folder: only yields directories, @file: only yields files	2026-04-21 14:31:48 -05:00
completion.py
config.py	feat(security): add global toggle to allow private/internal URL resolution	2026-04-22 14:38:59 -07:00
copilot_auth.py
cron.py
curses_ui.py
debug.py	refactor(debug): remove dead _read_log_tail/_read_full_log wrappers	2026-04-22 11:59:39 -07:00
default_soul.py
dingtalk_auth.py
doctor.py	feat: add Step Plan provider support (salvage #6005 )	2026-04-22 02:59:58 -07:00
dump.py
env_loader.py	fix(cli): ensure project .env is sanitized before loading	2026-04-22 05:51:44 -07:00
gateway.py	refactor(qqbot): migrate qr onboard flow to sync + consolidate into onboard.py	2026-04-22 05:50:21 -07:00
hooks.py	feat: shell hooks — wire shell scripts as Hermes hook callbacks	2026-04-20 20:53:51 -07:00
logs.py
main.py	feat: add Step Plan provider support (salvage #6005 )	2026-04-22 02:59:58 -07:00
mcp_config.py
memory_setup.py
model_normalize.py	fix(copilot): normalize vendor-prefixed and dash-notation model IDs (#6879 ) (#11561 )	2026-04-17 04:19:36 -07:00
model_switch.py	feat: add Step Plan provider support (salvage #6005 )	2026-04-22 02:59:58 -07:00
models.py	feat: add Step Plan provider support (salvage #6005 )	2026-04-22 02:59:58 -07:00
nous_subscription.py	fix(fal): extend whitespace-only FAL_KEY handling to all call sites	2026-04-21 02:04:21 -07:00
pairing.py
platforms.py
plugins.py	fix(plugins+nous): auto-coerce memory plugins; actionable Nous 401 diagnostic (#14005 )	2026-04-22 05:54:11 -07:00
plugins_cmd.py
profiles.py
providers.py	feat: add Step Plan provider support (salvage #6005 )	2026-04-22 02:59:58 -07:00
runtime_provider.py	fix(kimi-coding): add KIMI_CODING_API_KEY fallback + api_mode detection for /coding endpoint	2026-04-21 19:48:39 -07:00
setup.py	feat: add Step Plan provider support (salvage #6005 )	2026-04-22 02:59:58 -07:00
skills_config.py
skills_hub.py
skin_engine.py	fix(skins): don't inherit status_bar_* into light-mode skins	2026-04-22 13:20:02 -07:00
status.py	feat: add Step Plan provider support (salvage #6005 )	2026-04-22 02:59:58 -07:00
timeouts.py
tips.py	feat(delegate): orchestrator role and configurable spawn depth (default flat)	2026-04-21 14:23:45 -07:00
tools_config.py	feat(plugins): pluggable image_gen backends + OpenAI provider (#13799 )	2026-04-21 21:30:10 -07:00
uninstall.py
web_server.py	feat(dashboard): track real API call count per session	2026-04-22 05:51:58 -07:00
webhook.py