Merge branch 'main' into july24

.github/workflows/ci.yml

@@ -66,7 +66,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: luizm/action-sh-checker@v0.8.0
+      - uses: luizm/action-sh-checker@v0.9.0
         env:
           SHFMT_OPTS: "-s"
           SHELLCHECK_OPTS: "-P scripts/ -e SC1091"

Dockerfile

@@ -19,7 +19,7 @@ RUN npm run build
 FROM python:3.11-slim-bookworm as release
 
 # Set ENV
-ENV NODE_ENV='development'
+ENV NODE_ENV='production'
 ENV TZ=Etc/UTC
 WORKDIR /usr/src/app
 

README.md

@@ -130,4 +130,29 @@ git clone https://github.com/serge-chat/serge.git
 cd serge/
 docker compose -f docker-compose.dev.yml up --build
 ```
-The project will wait for a python debugger session to connect on port 5678. The webui will remain unreponsive until connected.
+
+The solution will accept a python debugger session on port 5678. Example launch.json for VSCode:
+
+```json
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Remote Debug",
+            "type": "python",
+            "request": "attach",
+            "connect": {
+                "host": "localhost",
+                "port": 5678
+            },
+            "pathMappings": [
+                {
+                    "localRoot": "${workspaceFolder}/api",
+                    "remoteRoot": "/usr/src/app/api/"
+                }
+            ],
+            "justMyCode": false
+        }
+    ]
+}
+```

api/pyproject.toml

@@ -24,27 +24,26 @@ build-backend = "poetry.core.masonry.api"
 python=">=3.10,<4.0"
 asyncio = "^3.4.3"
 packaging = "^24.1"
-pydantic = "^1.10.17"
+pydantic = "^1.10.18"
 sse-starlette = "^1.8.2"
 starlette = "^0.26.1"
 typing-extensions = "^4.12.2"
-urllib3 = "^2.2.2"
+urllib3 = "^2.2.3"
 fastapi = "^0.95.1"
-huggingface-hub = "^0.24.2"
+huggingface-hub = "^0.25.0"
 requests = "^2.32.3"
 langchain = "^0.0.180"
 loguru = "^0.7.2"
-redis = {extras = ["hiredis"], version = "^5.0.7"}
-pytest = "^8.3.2"
+redis = {extras = ["hiredis"], version = "^5.0.8"}
+pytest = "^8.3.3"
 hypercorn = {extras = ["trio"], version = "^0.17.3"}
 
-pyjwt = "^2.8.0"
-passlib = {extras = ["bcrypt"], version = "^1.7.4"}
+pyjwt = "^2.9.0"
 python-jose = {extras = ["cryptography"], version = "^3.3.0"}
-aiofiles = "^23.2.1"
+aiofiles = "^24.1.0"
 python-multipart = "^0.0.9"
-debugpy = "^1.8.1"
-sqlalchemy = "^2.0.30"
+debugpy = "^1.8.5"
+sqlalchemy = "^2.0.35"
 [tool.ruff]
 # Enable pycodestyle (`E`) and Pyflakes (`F`) codes by default.
 select = ["E", "F"]

api/src/serge/utils/security.py

@@ -1,9 +1,12 @@
+import base64
+import hashlib
+import os
+
 from datetime import datetime, timedelta
 from typing import Optional
 
 from fastapi import HTTPException, status
 from jose import JWTError, jwt
-from passlib.context import CryptContext
 from serge.models.settings import Settings
 
 ALGORITHM = "HS256"
@@ -15,15 +18,20 @@
     headers={"WWW-Authenticate": "Bearer"},
 )
 
-pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
-
 
-def verify_password(plain_password, hashed_password):
-    return pwd_context.verify(plain_password, hashed_password)
+def verify_password(plain_password: str, hashed_password: str) -> bool:
+    salt_and_hash = base64.b64decode(hashed_password.encode("utf-8"))
+    salt = salt_and_hash[:16]
+    stored_password = salt_and_hash[16:]
+    new_hashed_password = hashlib.scrypt(plain_password.encode("utf-8"), salt=salt, n=8192, r=8, p=1, dklen=64)
+    return new_hashed_password == stored_password
 
 
-def get_password_hash(password):
-    return pwd_context.hash(password)
+def get_password_hash(password: str) -> str:
+    salt = os.urandom(16)
+    hashed_password = hashlib.scrypt(password.encode("utf-8"), salt=salt, n=8192, r=8, p=1, dklen=64)
+    salt_and_hash = salt + hashed_password
+    return base64.b64encode(salt_and_hash).decode("utf-8")
 
 
 def create_access_token(data: dict, expires_delta: Optional[timedelta] = None):

docker-compose.dev.yml

@@ -13,7 +13,7 @@ services:
     ports:
       - 8008:8008
       - 9124:9124
-
+      - 5678:5678
 volumes:
   datadb:
   weights:

scripts/dev.sh

@@ -57,13 +57,15 @@ redis-server /etc/redis/redis.conf &
 cd /usr/src/app/web || exit 1
 npm run dev -- --host 0.0.0.0 --port 8008 &
 
+python -m pip install debugpy -t /tmp
+
 # Start the API
 cd /usr/src/app/api || exit 1
-hypercorn_cmd="hypercorn src.serge.main:api_app --reload --bind 0.0.0.0:9124"
+hypercorn_cmd="python /tmp/debugpy --listen 0.0.0.0:5678 -m hypercorn src.serge.main:api_app --reload --bind 0.0.0.0:9124"
 if [ "$SERGE_ENABLE_IPV6" = true ] && [ "$SERGE_ENABLE_IPV4" != true ]; then
-	hypercorn_cmd="hypercorn src.serge.main:api_app --reload --bind [::]:9124"
+	hypercorn_cmd="python /tmp/debugpy --listen 0.0.0.0:5678 -m hypercorn src.serge.main:api_app --reload --bind [::]:9124"
 elif [ "$SERGE_ENABLE_IPV4" = true ] && [ "$SERGE_ENABLE_IPV6" = true ]; then
-	hypercorn_cmd="hypercorn src.serge.main:api_app --reload --bind 0.0.0.0:9124 --bind [::]:9124"
+	hypercorn_cmd="python /tmp/debugpy --listen 0.0.0.0:5678 -m hypercorn src.serge.main:api_app --reload --bind 0.0.0.0:9124 --bind [::]:9124"
 fi
 
 $hypercorn_cmd || {

scripts/serge.env

@@ -1,3 +1,3 @@
-LLAMA_PYTHON_VERSION=0.2.87
+LLAMA_PYTHON_VERSION=0.2.90
 SERGE_ENABLE_IPV4=true
 SERGE_ENABLE_IPV6=false