Ulysses — a hardened fork of Odysseus AI. Self-hosted AI model management for the Helm home server.
Find a file
Max Hsu 30dd789351
fix(chat): strip executed email tool fences from the live stream (#3993) (#4275)
* fix(chat): strip executed email tool fences from the live stream (#3993)

The backend strips every fenced tool block from persisted text (the regex in
src/tool_parsing.py is built from the full TOOL_TAGS set, which includes the
email tools), so a reloaded session renders cleanly. The live frontend path
uses a separate hardcoded EXEC_FENCE_RE in static/js/chatRenderer.js that only
listed web_search/read_file/write_file/create_document/edit_document/
update_document — so executed email tool fences (list_emails, etc.) lingered as
raw code blocks in the live assistant bubble until the user reloaded.

Add the nine email tool tags to EXEC_FENCE_RE so the live render settles into
the same clean layout as the history reload. bash/python stay excluded on
purpose: those are languages a user may legitimately have asked the model to
show as code, not tool invocations.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* refactor(chat): single-source live exec-fence tool list from TOOL_TAGS (#3993)

Per review: EXEC_FENCE_RE was a second, hand-maintained copy of the
executable-tool list, so any tool not in it — and every future tool added to
TOOL_TAGS — would leave its executed fence lingering in the live bubble until
reload (the original #3993 bug, recurring one tool at a time).

EXEC_FENCE_RE is now built from an explicit EXEC_TOOL_TAGS list that mirrors
TOOL_TAGS (src/agent_tools/__init__.py) minus bash/python, which stay excluded
as legitimate code-example languages. A new regression test
(test_exec_fence_re_covers_all_executable_tools) extracts both lists from
source and fails if they drift, so the whole class is caught in CI instead of
by a user — the "minimum acceptable middle ground" from the review, made exact
(set equality, not just coverage).

Verified: pytest tests/test_live_strip_email_tool_fences.py (5 passed);
node --check static/js/chatRenderer.js; and a node run of the built regex
confirms email/generate_image/manage_memory/ls fences strip while
bash/python/sh are preserved.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* refactor(chat): build live exec-fence list from /api/tools at runtime (#3993)

Make TOOL_TAGS the single source for live exec-fence stripping. chatRenderer.js
no longer hard-codes a tool list; it fetches the backend's authoritative set
once from GET /api/tools (sorted(TOOL_TAGS)) and builds EXEC_FENCE_RE from it at
load, minus bash/python. No second list to drift, and a future tool added to
TOOL_TAGS is covered automatically — without touching the streaming path.

Until the fetch resolves EXEC_FENCE_RE is null and exec fences aren't stripped
(a sub-second window before the first stream); the backend already strips
persisted history, so a reload always renders clean.

Drop test_exec_fence_re_covers_all_executable_tools (no hand-maintained list to
guard) and add source-level guards: the frontend keeps no hard-coded list and
fetches /api/tools, and the endpoint serves the full sorted(TOOL_TAGS).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01CVCKth4g8pWh7pwFDVm4iL

* fix(chat): warn on /api/tools fetch failure instead of swallowing it (#3993)

A fresh-context review flagged that loadExecFenceRegex's catch silently
discarded errors: if the one-shot fetch fails, EXEC_FENCE_RE stays null for the
whole session and live exec fences go unstripped until reload, with zero signal.
console.warn it, and correct the comment to describe the failure mode honestly
(was understated as just a sub-second startup window).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01CVCKth4g8pWh7pwFDVm4iL

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-23 14:12:32 +02:00
.github chore(deps): bump actions/checkout in the actions group (#4559) 2026-06-18 20:49:58 +02:00
companion fix(companion): require chat scope for model inventory (#4319) 2026-06-16 01:15:05 +02:00
config/searxng Generate SearXNG secret on first boot 2026-06-01 11:03:02 +09:00
core fix(security): redact credential-bearing URLs and PII from logs (#4750) 2026-06-22 23:12:39 +02:00
docker Merge origin/dev into main 2026-06-21 11:08:50 +00:00
docs docs(setup): note -BindHost flag for LAN access on native Windows (#4636) 2026-06-22 20:29:55 +02:00
integrations Add Codex and Claude document draft integration 2026-06-09 14:27:53 +09:00
licenses feat(a11y): add a Text size control and an OpenDyslexic font option (#4210) 2026-06-22 13:53:46 +02:00
mcp_servers fix(email): enforce MCP owner boundaries (#4335) 2026-06-16 04:31:24 +01:00
routes fix(security): redact credential-bearing URLs and PII from logs (#4750) 2026-06-22 23:12:39 +02:00
scripts Fix odysseus-calendar list dropping in-progress / multi-day events (#2065) 2026-06-16 14:04:56 +02:00
services fix(hwfit): repair remote Windows hardware scan over SSH (#4674) 2026-06-22 20:59:09 +02:00
specs docs(architecture): add Phase 0 runtime inventory document (#4148) 2026-06-16 04:57:24 +01:00
src fix: Images cannot be seen by model that is vision capable (#4726) 2026-06-23 10:32:57 +02:00
static fix(chat): strip executed email tool fences from the live stream (#3993) (#4275) 2026-06-23 14:12:32 +02:00
tests fix(chat): strip executed email tool fences from the live stream (#3993) (#4275) 2026-06-23 14:12:32 +02:00
.dockerignore fix(devops): harden docker config defaults (#4349) 2026-06-16 04:03:43 +01:00
.env.example Parameterize Docker Compose volume host paths (#3907) 2026-06-15 20:30:18 +09:00
.gitattributes Add native Windows compatibility layer 2026-06-01 15:09:47 +09:00
.gitignore pwa missing icons added (#428) 2026-06-15 16:00:13 +09:00
ACKNOWLEDGMENTS.md feat(a11y): add a Text size control and an OpenDyslexic font option (#4210) 2026-06-22 13:53:46 +02:00
app.py fix: use aware UTC in health timestamp (#4503) 2026-06-18 20:58:25 +02:00
build-macos-app.sh macOS app: force native arm64 uvicorn on Apple Silicon 2026-06-02 20:56:53 +09:00
build-windows-portable.ps1 feat(launcher): add portable windows launcher (#976) 2026-06-16 04:58:16 +01:00
CONTRIBUTING.md Change host from 0.0.0.0 to 127.0.0.1 in CONTRIBUTING.md (#4422) 2026-06-16 13:40:47 +00:00
docker-compose.gpu-amd.yml CI fixes for cookbook workflow sync 2026-06-22 02:08:25 +00:00
docker-compose.gpu-nvidia.yml CI fixes for cookbook workflow sync 2026-06-22 02:08:25 +00:00
docker-compose.yml Merge origin/dev into main 2026-06-21 11:08:50 +00:00
Dockerfile Docker compose: mount docker.sock + install Docker CLI so Cookbook can reach sibling containers 2026-06-19 00:32:47 +00:00
install-service.sh Odysseus v1.0 2026-05-31 23:58:26 +09:00
launch-windows.ps1 feat(launcher): add portable windows launcher (#976) 2026-06-16 04:58:16 +01:00
launcher.py feat(launcher): add portable windows launcher (#976) 2026-06-16 04:58:16 +01:00
LICENSE chore: backport main-only changes to dev AGPL relicense + Cookbook serve fix (#3704) 2026-06-09 23:20:34 +02:00
odysseus-ui.service fix: systemd service should serve on port 7000 to match Docker/setup/README (#1297) 2026-06-03 02:04:37 +09:00
Odysseus.spec feat(launcher): add portable windows launcher (#976) 2026-06-16 04:58:16 +01:00
package-lock.json chore(deps): remove unused @anthropic-ai/sdk dependency (#4566) 2026-06-19 09:40:35 +02:00
package.json chore(deps): remove unused @anthropic-ai/sdk dependency (#4566) 2026-06-19 09:40:35 +02:00
pyproject.toml test: add fast lane and duration visibility (#3659) 2026-06-09 20:11:47 +02:00
README.md Refresh README screenshot 2026-06-22 04:54:15 +00:00
requirements-optional.txt chore(deps): bump the python group with 3 updates (#3991) 2026-06-15 19:25:15 +09:00
requirements.txt chore(deps): bump the python group with 3 updates (#3991) 2026-06-15 19:25:15 +09:00
ROADMAP.md Fix typos in the ROADMAP intro (#1421) 2026-06-03 14:12:10 +09:00
SECURITY.md Clarify private deployment hardening docs 2026-06-02 13:01:12 +09:00
setup.py fix(auth): centralize password and username validation constants (#4120) 2026-06-16 09:52:15 +02:00
start-macos.sh fix(macos): rebuild incomplete venv instead of failing on re-run (#3106) 2026-06-15 16:12:19 +09:00
THREAT_MODEL.md docs: add THREAT_MODEL.md (#1111) 2026-06-02 22:40:37 +09:00
update_windows.bat Windows: add Docker update script 2026-06-02 20:45:32 +09:00

Odysseus

A self-hosted AI workspace for chat, agents, research, documents, email, notes, calendar, and local model workflows.

Quick Start · Setup Guide · Contributing · Roadmap

Packaging status

Odysseus interface


Quick Start

dev is the default branch and gets the newest changes first. Use main if you want the more curated branch.

git clone https://github.com/pewdiepie-archdaemon/odysseus.git
cd odysseus
cp .env.example .env
docker compose up -d --build

Open http://localhost:7000 when the containers are healthy. The first admin password is printed in docker compose logs odysseus.

Native installs, GPU notes, Windows/macOS instructions, HTTPS, and configuration live in the setup guide.

Features

  • Chat + Agents — local/API models, tools, MCP, files, shell, skills, and memory.
  • Cookbook — hardware-aware model recommendations, downloads, and serving.
  • Deep Research — multi-step web research with source reading and report generation.
  • Compare — blind side-by-side model testing and synthesis.
  • Documents — writing-first editor with AI edits, suggestions, Markdown, HTML, CSV, and syntax highlighting.
  • Email — IMAP/SMTP inbox with triage, tags, summaries, reminders, and reply drafts.
  • Notes, Tasks + Calendar — reminders, todos, scheduled agent tasks, and CalDAV sync.
  • Extras — gallery/image editor, themes, uploads, web search, presets, sessions, and 2FA.

Demo

A full hover-to-play tour lives on the landing page: docs/index.html.

Contributing

Help is welcome. The best entry points are fresh-install testing, provider setup bugs, mobile/editor polish, docs, and small focused refactors. See CONTRIBUTING.md and ROADMAP.md.

Security

Odysseus is a self-hosted workspace with powerful local tools. Keep auth enabled, keep private data out of Git, and do not expose raw model/service ports publicly. Deployment details are in the setup guide.

Star History

Star History Chart

License

AGPL-3.0-or-later -- see LICENSE and ACKNOWLEDGMENTS.md.