chore: prepare release (#2107)

willydouhard · web-flow · commit 361db539012b · 2025-04-14T15:08:23.000+02:00
* chore: prepare release

* fix: test
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,18 +4,25 @@ All notable changes to Chainlit will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
-## Unreleased
+## [2.5.5] - 2025-04-14
 
 ### Added
 
 - Avatars now support `.` in their name (will be replaced with `_`).
+- Typed session accessors for user session
+- Allow set attributes for the tags of the custom_js or custom_css
 - Hovering a past chat in the sidebar will display the full title of the chat in a tooltip
+- The `X-Chainlit-Session-id` header is now automatically set to facilitate sticky sessions with websockets
 - `cl.ErrorMessage` now have a different avatar
 - The copy button is now only displayed on the final message of a run, like feedback buttons
+- CopilotFunction is now usable in custom JS
+- Header link now have an optional `display_name` to display text next to the icon
+- The default .env file loaded by chainlit is now configurable with `CHAINLIT_ENV_FILE`
 
 ### Changed
 
-- **[breaking]**: `http_referer`, `http_cookie` and `languages` are no longer directly available in the session object. Instead, `environ` is available containing all of those plus other HTTP headers.
+- **[breaking]**: `http_referer`, `http_cookie` and `languages` are no longer directly available in the session object. Instead, `environ` is available containing all of those plus other HTTP headers
+- The scroll to the bottom animation is now smooth
 
 ## [2.4.400] - 2025-03-29
 
diff --git a/backend/chainlit/server.py b/backend/chainlit/server.py
@@ -717,28 +717,10 @@ async def get_user(current_user: UserParam) -> GenericUser:
 
 
 @router.post("/set-session-cookie")
-async def set_session_cookie(
-    request: Request, response: Response, current_user: UserParam
-):
+async def set_session_cookie(request: Request, response: Response):
     body = await request.json()
     session_id = body.get("session_id")
 
-    from chainlit.session import WebsocketSession
-
-    session = WebsocketSession.get_by_id(session_id)
-    if not session:
-        raise HTTPException(
-            status_code=404,
-            detail="Session not found",
-        )
-
-    if current_user:
-        if not session.user or session.user.identifier != current_user.identifier:
-            raise HTTPException(
-                status_code=401,
-                detail="You are not authorized to set a session cookie for this session",
-            )
-
     is_local = request.client and request.client.host in ["127.0.0.1", "localhost"]
 
     response.set_cookie(
diff --git a/backend/chainlit/version.py b/backend/chainlit/version.py
@@ -5,4 +5,4 @@
 except metadata.PackageNotFoundError:
     # Case where package metadata is not available, default to a 'non-outdated' version.
     # Ref: config.py::load_settings()
-    __version__ = "2.4.400"
+    __version__ = "2.5.5"
diff --git a/backend/pyproject.toml b/backend/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "chainlit"
-version = "2.4.400"
+version = "2.5.5"
 keywords = [
     'LLM',
     'Agents',
diff --git a/backend/tests/test_server.py b/backend/tests/test_server.py
@@ -687,93 +687,3 @@ def test_project_translations_file_path_traversal(
 
     # Should give error status
     assert response.status_code == 422
-
-
-def test_set_session_cookie_authorized(
-    test_client, mock_get_current_user, mock_session_get_by_id_patched
-):
-    """
-    Test that a valid session cookie is set when the current user is authorized.
-    Using the existing fixtures, the patched WebsocketSession returns a session
-    when the session_id is "test_session_id".
-    """
-    # Create an authorized user object.
-    authorized_user = type("User", (), {"identifier": "user123"})()
-    # Set the session's user to match the authorized user.
-    mock_session_get_by_id_patched.user = authorized_user
-    # Override current user dependency.
-    mock_get_current_user.return_value = authorized_user
-
-    response = test_client.post(
-        "/set-session-cookie", json={"session_id": "test_session_id"}
-    )
-    assert response.status_code == 200, response.text
-    data = response.json()
-    assert data.get("message") == "Session cookie set"
-
-    set_cookie = response.headers.get("set-cookie")
-    assert "X-Chainlit-Session-id=test_session_id" in set_cookie
-    assert "HttpOnly" in set_cookie
-    assert "Secure" in set_cookie
-    assert "SameSite=none" in set_cookie
-
-
-def test_set_session_cookie_session_not_found(test_client, mock_get_current_user):
-    """
-    Test that a POST with an unknown session_id returns a 404 error.
-    This is simulated by providing a session_id different from "test_session_id",
-    which the existing mock_session_get_by_id_patched fixture uses.
-    """
-    # Set a valid current user.
-    current_user = type("User", (), {"identifier": "user123"})()
-    mock_get_current_user.return_value = current_user
-
-    response = test_client.post(
-        "/set-session-cookie", json={"session_id": "invalid_session"}
-    )
-    assert response.status_code == 404
-
-
-def test_set_session_cookie_unauthorized(
-    test_client, mock_get_current_user, mock_session_get_by_id_patched
-):
-    """
-    Test that when the current user does not match the session's user,
-    a 401 error is returned.
-    """
-    # Create a session with a specific user.
-    session_user = type("User", (), {"identifier": "user123"})()
-    # Create a different (unauthorized) current user.
-    unauthorized_user = type("User", (), {"identifier": "different"})()
-    mock_session_get_by_id_patched.user = session_user
-    mock_get_current_user.return_value = unauthorized_user
-
-    response = test_client.post(
-        "/set-session-cookie", json={"session_id": "test_session_id"}
-    )
-    assert response.status_code == 401
-
-
-def test_set_session_cookie_no_current_user(
-    test_client, mock_get_current_user, mock_session_get_by_id_patched
-):
-    """
-    Test that if current_user is None (i.e. no user provided), the authorization check is skipped,
-    and the cookie is set.
-    """
-    # Set the session's user to any value.
-    session_user = type("User", (), {"identifier": "user123"})()
-    mock_session_get_by_id_patched.user = session_user
-    # Simulate absence of a current user.
-    mock_get_current_user.return_value = None
-
-    response = test_client.post(
-        "/set-session-cookie", json={"session_id": "test_session_id"}
-    )
-    assert response.status_code == 200, response.text
-    data = response.json()
-    assert data.get("message") == "Session cookie set"
-    set_cookie = response.headers.get("set-cookie")
-    assert "X-Chainlit-Session-id=test_session_id" in set_cookie
-    assert "Secure" in set_cookie
-    assert "SameSite=none" in set_cookie
diff --git a/frontend/src/components/LeftSidebar/ThreadList.tsx b/frontend/src/components/LeftSidebar/ThreadList.tsx
@@ -47,7 +47,6 @@ import {
   SidebarMenuButton,
   SidebarMenuItem
 } from '@/components/ui/sidebar';
-
 import {
   Tooltip,
   TooltipContent,
@@ -284,61 +283,68 @@ export function ThreadList({
         </DialogContent>
       </Dialog>
       <TooltipProvider delayDuration={300}>
-      {sortedTimeGroupKeys.map((group) => {
-        const items = threadHistory!.timeGroupedThreads![group];
-        return (
-          <SidebarGroup key={group}>
-            <SidebarGroupLabel>{getTimeGroupLabel(group)}</SidebarGroupLabel>
-            <SidebarGroupContent>
-              <SidebarMenu>
-                {items.map((thread) => {
-                  const isResumed =
-                    idToResume === thread.id && !threadHistory!.currentThreadId;
-                  const isSelected =
-                    isResumed || threadHistory!.currentThreadId === thread.id;
-                  return (
-                    <SidebarMenuItem key={thread.id} id={`thread-${thread.id}`}>
-                      <Tooltip>
+        {sortedTimeGroupKeys.map((group) => {
+          const items = threadHistory!.timeGroupedThreads![group];
+          return (
+            <SidebarGroup key={group}>
+              <SidebarGroupLabel>{getTimeGroupLabel(group)}</SidebarGroupLabel>
+              <SidebarGroupContent>
+                <SidebarMenu>
+                  {items.map((thread) => {
+                    const isResumed =
+                      idToResume === thread.id &&
+                      !threadHistory!.currentThreadId;
+                    const isSelected =
+                      isResumed || threadHistory!.currentThreadId === thread.id;
+                    return (
+                      <SidebarMenuItem
+                        key={thread.id}
+                        id={`thread-${thread.id}`}
+                      >
+                        <Tooltip>
                           <TooltipTrigger asChild>
-                      <Link to={isResumed ? '' : `/thread/${thread.id}`}>
-                        <SidebarMenuButton
-                          isActive={isSelected}
-                          className="relative truncate h-9 group/thread"
-                        >
-                          {thread.name || (
-                            <Translator path="threadHistory.thread.untitled" />
-                          )}
-                          <div
-                            className={cn(
-                              'absolute w-10 bottom-0 top-0 right-0 bg-gradient-to-l from-[hsl(var(--sidebar-background))] to-transparent'
-                            )}
-                          />
-                          <ThreadOptions
-                            onDelete={() => setThreadIdToDelete(thread.id)}
-                            onRename={() => {
-                              setThreadIdToRename(thread.id);
-                              setThreadNewName(thread.name);
-                            }}
-                            className={cn(
-                              'absolute z-20 bottom-0 top-0 right-0 bg-sidebar-accent hover:bg-sidebar-accent hover:text-primary flex opacity-0 group-hover/thread:opacity-100',
-                              isSelected && 'bg-sidebar-accent opacity-100'
-                            )}
-                          />
-                        </SidebarMenuButton>
-                      </Link>
-                      </TooltipTrigger>
-                      <TooltipContent side="right" align="center">
+                            <Link to={isResumed ? '' : `/thread/${thread.id}`}>
+                              <SidebarMenuButton
+                                isActive={isSelected}
+                                className="relative truncate h-9 group/thread"
+                              >
+                                {thread.name || (
+                                  <Translator path="threadHistory.thread.untitled" />
+                                )}
+                                <div
+                                  className={cn(
+                                    'absolute w-10 bottom-0 top-0 right-0 bg-gradient-to-l from-[hsl(var(--sidebar-background))] to-transparent'
+                                  )}
+                                />
+                                <ThreadOptions
+                                  onDelete={() =>
+                                    setThreadIdToDelete(thread.id)
+                                  }
+                                  onRename={() => {
+                                    setThreadIdToRename(thread.id);
+                                    setThreadNewName(thread.name);
+                                  }}
+                                  className={cn(
+                                    'absolute z-20 bottom-0 top-0 right-0 bg-sidebar-accent hover:bg-sidebar-accent hover:text-primary flex opacity-0 group-hover/thread:opacity-100',
+                                    isSelected &&
+                                      'bg-sidebar-accent opacity-100'
+                                  )}
+                                />
+                              </SidebarMenuButton>
+                            </Link>
+                          </TooltipTrigger>
+                          <TooltipContent side="right" align="center">
                             <p>{thread.name}</p>
                           </TooltipContent>
-                      </Tooltip>
-                    </SidebarMenuItem>
-                  );
-                })}
-              </SidebarMenu>
-            </SidebarGroupContent>
-          </SidebarGroup>
-        );
-      })}
+                        </Tooltip>
+                      </SidebarMenuItem>
+                    );
+                  })}
+                </SidebarMenu>
+              </SidebarGroupContent>
+            </SidebarGroup>
+          );
+        })}
       </TooltipProvider>
       {isLoadingMore ? (
         <div className="flex items-center justify-center p-2">
diff --git a/libs/react-client/src/api/index.tsx b/libs/react-client/src/api/index.tsx
@@ -184,6 +184,13 @@ export class ChainlitAPI extends APIBase {
     return res.json();
   }
 
+  async stickyCookie(sessionId: string) {
+    const res = await this.fetch('POST', '/set-session-cookie', {
+      session_id: sessionId
+    });
+    return res.json();
+  }
+
   async passwordAuth(data: FormData) {
     const res = await this.post(`/login`, data);
     return res.json();
diff --git a/libs/react-client/src/types/config.ts b/libs/react-client/src/types/config.ts
@@ -44,7 +44,12 @@ export interface IChainlitConfig {
     login_page_image_filter?: string;
     login_page_image_dark_filter?: string;
     custom_meta_image_url?: string;
-    header_links?: { name: string; display_name: string; icon_url: string; url: string }[];
+    header_links?: {
+      name: string;
+      display_name: string;
+      icon_url: string;
+      url: string;
+    }[];
   };
   features: {
     spontaneous_file_upload?: {
diff --git a/libs/react-client/src/useChatSession.ts b/libs/react-client/src/useChatSession.ts
@@ -94,7 +94,7 @@ const useChatSession = () => {
   }, [currentThreadId]);
 
   const _connect = useCallback(
-    ({
+    async ({
       transports,
       userEnv
     }: {
@@ -108,6 +108,12 @@ const useChatSession = () => {
           ? `${pathname}/ws/socket.io`
           : '/ws/socket.io';
 
+      try {
+        await client.stickyCookie(sessionId);
+      } catch (err) {
+        console.error(`Failed to set sticky session cookie: ${err}`);
+      }
+
       const socket = io(uri, {
         path,
         withCredentials: true,
@@ -129,24 +135,6 @@ const useChatSession = () => {
       });
 
       socket.on('connect', () => {
-        fetch(`${uri}/set-session-cookie`, {
-          method: 'POST',
-          credentials: 'include',
-          headers: {
-            'Content-Type': 'application/json'
-          },
-          body: JSON.stringify({ session_id: sessionId })
-        })
-          .then((response) => {
-            if (!response.ok) {
-              console.error('Failed to set session cookie');
-            } else {
-              console.log('Session cookie set successfully');
-            }
-          })
-          .catch((error) => {
-            console.error('Error setting session cookie:', error);
-          });
         socket.emit('connection_successful');
         setSession((s) => ({ ...s!, error: false }));
         setMcps((prev) =>
