* wip
* update
* add download logic
* add decompress. support delete file
* download backend upon selecting setting
* add some logging and nootes
* add note on race condition
* remove then catch
* default to none backend. only download if it's not installed
* merge version and backend. fetch version from GH
* restrict scope of output_dir
* add note on unpack
This commit introduces API key generation for the Llama.cpp extension. The API key is now generated on the server side using HMAC-SHA256 and a secret key to ensure security and uniqueness. The frontend now passes the model ID and API secret to the server to generate the key. This addresses the requirement for secure model access and authorization.
* add pull and abortPull
* add model import (download only)
* write model.yaml. support local model import
* remove cortex-related command
* add TODO
* remove cortex-related command
* feat: implement retry mechanism for MCP server activation with exponential backoff
feat: enhance MCP server activation with configurable retry attempts
feat: implement MCP server restart monitoring and cleanup functionality
feat: enhance MCP server restart logic with improved monitoring and configuration handling
feat: add manual deactivation for MCP servers to prevent automatic restarts
* feat: enhance MCP server startup with initial attempt tracking and health monitoring
- Add filtering logic to proxy server for GET /models requests
- Keep only models with status "downloaded" in response
- Remove Content-Length header to prevent mismatch after filtering
- Support both ListModelsResponseDto and direct array formats
- Add comprehensive tests for filtering functionality
- Fix Content-Length header conflict causing empty responses
Fixes issue where all models were returned regardless of download status.
* chore: simple onboarding local model
* chore: update new model and improve flow e2e onboarding local model
* fix: default tool support models
---------
Co-authored-by: Louis <louis@jan.ai>
* fix(server): enhance CORS handling for local API network access
- Fix CORS preflight validation to use Host header for target validation
- Use Origin header correctly for CORS response headers
- Improve host validation to support both host:port and host-only formats
- Filter upstream CORS headers to prevent duplicate Access-Control-Allow-Origin
- Add CORS headers to all error responses for consistent behavior
- Fix host matching logic to handle trusted hosts with and without ports
- Ensure single Access-Control-Allow-Origin header per response
This resolves CORS preflight failures that were blocking cross-origin
requests to the local API server, enabling proper network access from
web applications and external tools.
Fixes: OPTIONS requests being rejected due to incorrect host validation
Resolves: "access control allow origin cannot contain more than one origin" error
* fix(proxy): bypass host and authorization checks for root path in CORS preflight
* fix(proxy): bypass host and authorization checks for whitelisted paths
* feat: Jan API Server should have API Key setting
* chore: reveal api key icon
* Update src-tauri/src/core/server.rs
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
* chore: add validation apiKey
---------
Co-authored-by: Faisal Amir <urmauur@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
