mirror of
https://github.com/Comfy-Org/ComfyUI-Manager.git
synced 2026-06-23 08:19:20 +08:00
16ba874566
Add two boolean config.ini [default] flags — allow_git_url_install and allow_pip_install (both default false) — that fully REPLACE the security_level term on the legacy install surfaces: - POST /v2/customnode/install/git_url (S-A) and POST /v2/customnode/install/pip (S-B) are now gated solely by their dedicated flag AND the retained network-position invariant (loopback listener OR network_mode=personal_cloud). security_level no longer affects these two surfaces in either direction. - The batch unknown-URL branch (S-C) routes through the same predicate; the unknown-pip branch stays unconditionally blocked; the general middle+ batch entry gate is unchanged. - New pure predicate is_dedicated_install_allowed() in common/manager_security.py (config-import-free; callers pass values from their own reader). Both config readers (glob + legacy) register the keys in read/write/fallback paths. - Denial logs and frontend copy name the responsible flag instead of the misleading security_level guidance. Public listeners remain denied regardless of the flags (no exposure widening). - README security policy updated: config keys documented, git-url/pip removed from the security_level risky table, and a dedicated-flags subsection (REPLACE semantics, network rule, batch behavior, restart-only activation, weak/normal- opt-in migration note). - Migration: existing weak/normal- users must opt in via the new flags (CHANGELOG note; deliberate no auto-seed). Includes the unit/config/guard test suites (88 tests): predicate truth table, dual-reader config contract (missing/malformed keys read false, round-trip, cache staleness), security_level-matrix freeze guards, and suite-order-independent test stubs. |
||
|---|---|---|
| .. | ||
| cm-api.js | ||
| comfyui-gui-builder.js | ||
| comfyui-manager.js | ||
| comfyui-share-common.js | ||
| comfyui-share-copus.js | ||
| comfyui-share-openart.js | ||
| comfyui-share-youml.js | ||
| common.js | ||
| custom-nodes-manager.css | ||
| custom-nodes-manager.js | ||
| model-manager.css | ||
| model-manager.js | ||
| node_fixer.js | ||
| popover-helper.js | ||
| README.md | ||
| snapshot.css | ||
| snapshot.js | ||
| turbogrid.esm.js | ||
| workflow-metadata.js | ||
ComfyUI-Manager: Frontend (js)
This directory contains the JavaScript frontend implementation for ComfyUI-Manager, providing the user interface components that interact with the backend API.
Core Components
- comfyui-manager.js: Main entry point that initializes the manager UI and integrates with ComfyUI.
- custom-nodes-manager.js: Implements the UI for browsing, installing, and managing custom nodes.
- model-manager.js: Handles the model management interface for downloading and organizing AI models.
- components-manager.js: Manages reusable workflow components system.
- snapshot.js: Implements the snapshot system for backing up and restoring installations.
Sharing Components
- comfyui-share-common.js: Base functionality for workflow sharing features.
- comfyui-share-copus.js: Integration with the ComfyUI Copus sharing platform.
- comfyui-share-openart.js: Integration with the OpenArt sharing platform.
- comfyui-share-youml.js: Integration with the YouML sharing platform.
Utility Components
- cm-api.js: Client-side API wrapper for communication with the backend.
- common.js: Shared utilities and helper functions used across the frontend.
- node_fixer.js: Utilities for fixing disconnected links and repairing malformed nodes by recreating them while preserving connections.
- popover-helper.js: UI component for popup tooltips and contextual information.
- turbogrid.esm.js: Grid component library - https://github.com/cenfun/turbogrid
- workflow-metadata.js: Handles workflow metadata parsing, validation and cross-repository compatibility including versioning, dependencies tracking, and resource management.
Architecture
The frontend follows a modular component-based architecture:
- Integration Layer: Connects with ComfyUI's existing UI system
- Manager Components: Individual functional UI components (node manager, model manager, etc.)
- Sharing Components: Platform-specific sharing implementations
- Utility Layer: Reusable UI components and helpers
Implementation Details
- The frontend integrates directly with ComfyUI's UI system through
app.js - Dialog-based UI for most manager functions to avoid cluttering the main interface
- Asynchronous API calls to handle backend operations without blocking the UI
Styling
CSS files are included for specific components:
- custom-nodes-manager.css: Styling for the node management UI
- model-manager.css: Styling for the model management UI
This frontend implementation provides a comprehensive yet user-friendly interface for managing the ComfyUI ecosystem.