Merge branch 'master' into update-frontend-1.32.10

2025-12-17 01:52:59 +08:00 · 2025-11-30 22:50:44 -08:00 · 2025-11-30 22:50:44 -08:00 · 7b9343c08c
commit 7b9343c08c
parent d2b5aa4938 f8b981ae9a
25 changed files with 3194 additions and 608 deletions
--- a/.ci/windows_amd_base_files/README_VERY_IMPORTANT.txt
+++ b/.ci/windows_amd_base_files/README_VERY_IMPORTANT.txt
@ -1,5 +1,5 @@
-As of the time of writing this you need this preview driver for best results:
+As of the time of writing this you need this driver for best results:
-https://www.amd.com/en/resources/support-articles/release-notes/RN-AMDGPU-WINDOWS-PYTORCH-PREVIEW.html
+https://www.amd.com/en/resources/support-articles/release-notes/RN-AMDGPU-WINDOWS-PYTORCH-7-1-1.html
 HOW TO RUN:
@ -25,3 +25,4 @@ In the ComfyUI directory you will find a file: extra_model_paths.yaml.example
 Rename this file to: extra_model_paths.yaml and edit it with your favorite text editor.
--- a/.github/workflows/release-stable-all.yml
+++ b/.github/workflows/release-stable-all.yml
@ -65,11 +65,11 @@ jobs:
      contents: "write"
      packages: "write"
      pull-requests: "read"
-    name: "Release AMD ROCm 6.4.4"
+    name: "Release AMD ROCm 7.1.1"
    uses: ./.github/workflows/stable-release.yml
    with:
      git_tag: ${{ inputs.git_tag }}
-      cache_tag: "rocm644"
+      cache_tag: "rocm711"
      python_minor: "12"
      python_patch: "10"
      rel_name: "amd"
--- a/app/user_manager.py
+++ b/app/user_manager.py
@ -59,6 +59,9 @@ class UserManager():
        user = "default"
        if args.multi_user and "comfy-user" in request.headers:
            user = request.headers["comfy-user"]
            # Block System Users (use same error message to prevent probing)
            if user.startswith(folder_paths.SYSTEM_USER_PREFIX):
                raise KeyError("Unknown user: " + user)
        if user not in self.users:
            raise KeyError("Unknown user: " + user)
@ -66,15 +69,16 @@ class UserManager():
        return user
    def get_request_user_filepath(self, request, file, type="userdata", create_dir=True):
        user_directory = folder_paths.get_user_directory()
        if type == "userdata":
-            root_dir = user_directory
+            root_dir = folder_paths.get_user_directory()
        else:
            raise KeyError("Unknown filepath type:" + type)
        user = self.get_request_user_id(request)
-        path = user_root = os.path.abspath(os.path.join(root_dir, user))
+        user_root = folder_paths.get_public_user_directory(user)
        if user_root is None:
            return None
        path = user_root
        # prevent leaving /{type}
        if os.path.commonpath((root_dir, user_root)) != root_dir:
@ -101,7 +105,11 @@ class UserManager():
        name = name.strip()
        if not name:
            raise ValueError("username not provided")
        if name.startswith(folder_paths.SYSTEM_USER_PREFIX):
            raise ValueError("System User prefix not allowed")
        user_id = re.sub("[^a-zA-Z0-9-_]+", '-', name)
        if user_id.startswith(folder_paths.SYSTEM_USER_PREFIX):
            raise ValueError("System User prefix not allowed")
        user_id = user_id + "_" + str(uuid.uuid4())
        self.users[user_id] = name
@ -132,7 +140,10 @@ class UserManager():
            if username in self.users.values():
                return web.json_response({"error": "Duplicate username."}, status=400)
            try:
                user_id = self.add_user(username)
            except ValueError as e:
                return web.json_response({"error": str(e)}, status=400)
            return web.json_response(user_id)
        @routes.get("/userdata")
@ -424,7 +435,7 @@ class UserManager():
                return source
            dest = get_user_data_path(request, check_exists=False, param="dest")
-            if not isinstance(source, str):
+            if not isinstance(dest, str):
                return dest
            overwrite = request.query.get("overwrite", 'true') != "false"
--- a/comfy/cli_args.py
+++ b/comfy/cli_args.py
@ -131,7 +131,8 @@ vram_group.add_argument("--cpu", action="store_true", help="To use the CPU for e
 parser.add_argument("--reserve-vram", type=float, default=None, help="Set the amount of vram in GB you want to reserve for use by your OS/other software. By default some amount is reserved depending on your OS.")
-parser.add_argument("--async-offload", action="store_true", help="Use async weight offloading.")
+parser.add_argument("--async-offload", nargs='?', const=2, type=int, default=None, metavar="NUM_STREAMS", help="Use async weight offloading. An optional argument controls the amount of offload streams. Default is 2. Enabled by default on Nvidia.")
 parser.add_argument("--disable-async-offload", action="store_true", help="Disable async weight offloading.")
 parser.add_argument("--force-non-blocking", action="store_true", help="Force ComfyUI to use non-blocking operations for all applicable tensors. This may improve performance on some non-Nvidia systems but can cause issues with some workflows.")
--- a/comfy/latent_formats.py
+++ b/comfy/latent_formats.py
@ -431,6 +431,7 @@ class HunyuanVideo(LatentFormat):
    ]
    latent_rgb_factors_bias = [ 0.0259, -0.0192, -0.0761]
    taesd_decoder_name = "taehv"
 class Cosmos1CV8x8x8(LatentFormat):
    latent_channels = 16
@ -494,7 +495,7 @@ class Wan21(LatentFormat):
        ]).view(1, self.latent_channels, 1, 1, 1)
-        self.taesd_decoder_name = None #TODO
+        self.taesd_decoder_name = "lighttaew2_1"
    def process_in(self, latent):
        latents_mean = self.latents_mean.to(latent.device, latent.dtype)
@ -565,6 +566,7 @@ class Wan22(Wan21):
    def __init__(self):
        self.scale_factor = 1.0
        self.taesd_decoder_name = "lighttaew2_2"
        self.latents_mean = torch.tensor([
                -0.2289, -0.0052, -0.1323, -0.2339, -0.2799, 0.0174, 0.1838, 0.1557,
                -0.1382, 0.0542, 0.2813, 0.0891, 0.1570, -0.0098, 0.0375, -0.1825,
@ -719,6 +721,7 @@ class HunyuanVideo15(LatentFormat):
    latent_channels = 32
    latent_dimensions = 3
    scale_factor = 1.03682
    taesd_decoder_name = "lighttaehy1_5"
 class Hunyuan3Dv2(LatentFormat):
    latent_channels = 64
--- a/comfy/ldm/flux/model.py
+++ b/comfy/ldm/flux/model.py
@ -171,7 +171,10 @@ class Flux(nn.Module):
            pe = None
        blocks_replace = patches_replace.get("dit", {})
        transformer_options["total_blocks"] = len(self.double_blocks)
        transformer_options["block_type"] = "double"
        for i, block in enumerate(self.double_blocks):
            transformer_options["block_index"] = i
            if ("double_block", i) in blocks_replace:
                def block_wrap(args):
                    out = {}
@ -215,7 +218,10 @@ class Flux(nn.Module):
        if self.params.global_modulation:
            vec, _ = self.single_stream_modulation(vec_orig)
        transformer_options["total_blocks"] = len(self.single_blocks)
        transformer_options["block_type"] = "single"
        for i, block in enumerate(self.single_blocks):
            transformer_options["block_index"] = i
            if ("single_block", i) in blocks_replace:
                def block_wrap(args):
                    out = {}
--- a/comfy/ldm/lumina/model.py
+++ b/comfy/ldm/lumina/model.py
@ -509,7 +509,7 @@ class NextDiT(nn.Module):
        if self.pad_tokens_multiple is not None:
            pad_extra = (-cap_feats.shape[1]) % self.pad_tokens_multiple
-            cap_feats = torch.cat((cap_feats, self.cap_pad_token.to(device=cap_feats.device, dtype=cap_feats.dtype).unsqueeze(0).repeat(cap_feats.shape[0], pad_extra, 1)), dim=1)
+            cap_feats = torch.cat((cap_feats, self.cap_pad_token.to(device=cap_feats.device, dtype=cap_feats.dtype, copy=True).unsqueeze(0).repeat(cap_feats.shape[0], pad_extra, 1)), dim=1)
        cap_pos_ids = torch.zeros(bsz, cap_feats.shape[1], 3, dtype=torch.float32, device=device)
        cap_pos_ids[:, :, 0] = torch.arange(cap_feats.shape[1], dtype=torch.float32, device=device) + 1.0
@ -517,15 +517,27 @@ class NextDiT(nn.Module):
        B, C, H, W = x.shape
        x = self.x_embedder(x.view(B, C, H // pH, pH, W // pW, pW).permute(0, 2, 4, 3, 5, 1).flatten(3).flatten(1, 2))
        rope_options = transformer_options.get("rope_options", None)
        h_scale = 1.0
        w_scale = 1.0
        h_start = 0
        w_start = 0
        if rope_options is not None:
            h_scale = rope_options.get("scale_y", 1.0)
            w_scale = rope_options.get("scale_x", 1.0)
            h_start = rope_options.get("shift_y", 0.0)
            w_start = rope_options.get("shift_x", 0.0)
        H_tokens, W_tokens = H // pH, W // pW
        x_pos_ids = torch.zeros((bsz, x.shape[1], 3), dtype=torch.float32, device=device)
        x_pos_ids[:, :, 0] = cap_feats.shape[1] + 1
-        x_pos_ids[:, :, 1] = torch.arange(H_tokens, dtype=torch.float32, device=device).view(-1, 1).repeat(1, W_tokens).flatten()
+        x_pos_ids[:, :, 1] = (torch.arange(H_tokens, dtype=torch.float32, device=device) * h_scale + h_start).view(-1, 1).repeat(1, W_tokens).flatten()
-        x_pos_ids[:, :, 2] = torch.arange(W_tokens, dtype=torch.float32, device=device).view(1, -1).repeat(H_tokens, 1).flatten()
+        x_pos_ids[:, :, 2] = (torch.arange(W_tokens, dtype=torch.float32, device=device) * w_scale + w_start).view(1, -1).repeat(H_tokens, 1).flatten()
        if self.pad_tokens_multiple is not None:
            pad_extra = (-x.shape[1]) % self.pad_tokens_multiple
-            x = torch.cat((x, self.x_pad_token.to(device=x.device, dtype=x.dtype).unsqueeze(0).repeat(x.shape[0], pad_extra, 1)), dim=1)
+            x = torch.cat((x, self.x_pad_token.to(device=x.device, dtype=x.dtype, copy=True).unsqueeze(0).repeat(x.shape[0], pad_extra, 1)), dim=1)
            x_pos_ids = torch.nn.functional.pad(x_pos_ids, (0, 0, 0, pad_extra))
        freqs_cis = self.rope_embedder(torch.cat((cap_pos_ids, x_pos_ids), dim=1)).movedim(1, 2)
--- a/comfy/lora.py
+++ b/comfy/lora.py
@ -313,6 +313,15 @@ def model_lora_keys_unet(model, key_map={}):
                key_map["transformer.{}".format(key_lora)] = k
                key_map["lycoris_{}".format(key_lora.replace(".", "_"))] = k #SimpleTuner lycoris format
    if isinstance(model, comfy.model_base.Lumina2):
        diffusers_keys = comfy.utils.z_image_to_diffusers(model.model_config.unet_config, output_prefix="diffusion_model.")
        for k in diffusers_keys:
            if k.endswith(".weight"):
                to = diffusers_keys[k]
                key_lora = k[:-len(".weight")]
                key_map["diffusion_model.{}".format(key_lora)] = to
                key_map["lycoris_{}".format(key_lora.replace(".", "_"))] = to
    return key_map
--- a/comfy/model_management.py
+++ b/comfy/model_management.py
@ -689,7 +689,7 @@ def load_models_gpu(models, memory_required=0, force_patch_weights=False, minimu
            loaded_memory = loaded_model.model_loaded_memory()
            current_free_mem = get_free_memory(torch_dev) + loaded_memory
-            lowvram_model_memory = max(128 * 1024 * 1024, (current_free_mem - minimum_memory_required), min(current_free_mem * MIN_WEIGHT_MEMORY_RATIO, current_free_mem - minimum_inference_memory()))
+            lowvram_model_memory = max(0, (current_free_mem - minimum_memory_required), min(current_free_mem * MIN_WEIGHT_MEMORY_RATIO, current_free_mem - minimum_inference_memory()))
            lowvram_model_memory = lowvram_model_memory - loaded_memory
            if lowvram_model_memory == 0:
@ -1012,9 +1012,18 @@ def force_channels_last():
 STREAMS = {}
-NUM_STREAMS = 1
+NUM_STREAMS = 0
-if args.async_offload:
+if args.async_offload is not None:
    NUM_STREAMS = args.async_offload
 else:
    #  Enable by default on Nvidia
    if is_nvidia():
        NUM_STREAMS = 2
 if args.disable_async_offload:
    NUM_STREAMS = 0
 if NUM_STREAMS > 0:
    logging.info("Using async weight offloading with {} streams".format(NUM_STREAMS))
 def current_stream(device):
@ -1030,7 +1039,10 @@ def current_stream(device):
 stream_counters = {}
 def get_offload_stream(device):
    stream_counter = stream_counters.get(device, 0)
-    if NUM_STREAMS <= 1:
+    if NUM_STREAMS == 0:
        return None
    if torch.compiler.is_compiling():
        return None
    if device in STREAMS:
@ -1043,7 +1055,9 @@ def get_offload_stream(device):
    elif is_device_cuda(device):
        ss = []
        for k in range(NUM_STREAMS):
-            ss.append(torch.cuda.Stream(device=device, priority=0))
+            s1 = torch.cuda.Stream(device=device, priority=0)
            s1.as_context = torch.cuda.stream
            ss.append(s1)
        STREAMS[device] = ss
        s = ss[stream_counter]
        stream_counters[device] = stream_counter
@ -1051,7 +1065,9 @@ def get_offload_stream(device):
    elif is_device_xpu(device):
        ss = []
        for k in range(NUM_STREAMS):
-            ss.append(torch.xpu.Stream(device=device, priority=0))
+            s1 = torch.xpu.Stream(device=device, priority=0)
            s1.as_context = torch.xpu.stream
            ss.append(s1)
        STREAMS[device] = ss
        s = ss[stream_counter]
        stream_counters[device] = stream_counter
@ -1069,12 +1085,19 @@ def cast_to(weight, dtype=None, device=None, non_blocking=False, copy=False, str
            if dtype is None or weight.dtype == dtype:
                return weight
        if stream is not None:
-            with stream:
+            wf_context = stream
            if hasattr(wf_context, "as_context"):
                wf_context = wf_context.as_context(stream)
            with wf_context:
                return weight.to(dtype=dtype, copy=copy)
        return weight.to(dtype=dtype, copy=copy)
    if stream is not None:
-        with stream:
+        wf_context = stream
        if hasattr(wf_context, "as_context"):
            wf_context = wf_context.as_context(stream)
        with wf_context:
            r = torch.empty_like(weight, dtype=dtype, device=device)
            r.copy_(weight, non_blocking=non_blocking)
    else:
--- a/comfy/model_patcher.py
+++ b/comfy/model_patcher.py
@ -148,6 +148,15 @@ class LowVramPatch:
        else:
            return out
 #The above patch logic may cast up the weight to fp32, and do math. Go with fp32 x 3
 LOWVRAM_PATCH_ESTIMATE_MATH_FACTOR = 3
 def low_vram_patch_estimate_vram(model, key):
    weight, set_func, convert_func = get_key_weight(model, key)
    if weight is None:
        return 0
    return weight.numel() * torch.float32.itemsize * LOWVRAM_PATCH_ESTIMATE_MATH_FACTOR
 def get_key_weight(model, key):
    set_func = None
    convert_func = None
@ -269,6 +278,9 @@ class ModelPatcher:
        if not hasattr(self.model, 'current_weight_patches_uuid'):
            self.model.current_weight_patches_uuid = None
        if not hasattr(self.model, 'model_offload_buffer_memory'):
            self.model.model_offload_buffer_memory = 0
    def model_size(self):
        if self.size > 0:
            return self.size
@ -662,7 +674,16 @@ class ModelPatcher:
                    skip = True # skip random weights in non leaf modules
                    break
            if not skip and (hasattr(m, "comfy_cast_weights") or len(params) > 0):
-                loading.append((comfy.model_management.module_size(m), n, m, params))
+                module_mem = comfy.model_management.module_size(m)
                module_offload_mem = module_mem
                if hasattr(m, "comfy_cast_weights"):
                    weight_key = "{}.weight".format(n)
                    bias_key = "{}.bias".format(n)
                    if weight_key in self.patches:
                        module_offload_mem += low_vram_patch_estimate_vram(self.model, weight_key)
                    if bias_key in self.patches:
                        module_offload_mem += low_vram_patch_estimate_vram(self.model, bias_key)
                loading.append((module_offload_mem, module_mem, n, m, params))
        return loading
    def load(self, device_to=None, lowvram_model_memory=0, force_patch_weights=False, full_load=False):
@ -676,20 +697,22 @@ class ModelPatcher:
            load_completely = []
            offloaded = []
            offload_buffer = 0
            loading.sort(reverse=True)
            for x in loading:
-                n = x[1]
+                module_offload_mem, module_mem, n, m, params = x
                m = x[2]
                params = x[3]
                module_mem = x[0]
                lowvram_weight = False
                potential_offload = max(offload_buffer, module_offload_mem * (comfy.model_management.NUM_STREAMS + 1))
                lowvram_fits = mem_counter + module_mem + potential_offload < lowvram_model_memory
                weight_key = "{}.weight".format(n)
                bias_key = "{}.bias".format(n)
                if not full_load and hasattr(m, "comfy_cast_weights"):
-                    if mem_counter + module_mem >= lowvram_model_memory:
+                    if not lowvram_fits:
                        offload_buffer = potential_offload
                        lowvram_weight = True
                        lowvram_counter += 1
                        lowvram_mem_counter += module_mem
@ -723,9 +746,11 @@ class ModelPatcher:
                    if hasattr(m, "comfy_cast_weights"):
                        wipe_lowvram_weight(m)
-                    if full_load or mem_counter + module_mem < lowvram_model_memory:
+                    if full_load or lowvram_fits:
                        mem_counter += module_mem
                        load_completely.append((module_mem, n, m, params))
                    else:
                        offload_buffer = potential_offload
                if cast_weight and hasattr(m, "comfy_cast_weights"):
                    m.prev_comfy_cast_weights = m.comfy_cast_weights
@ -766,7 +791,7 @@ class ModelPatcher:
                    self.pin_weight_to_device("{}.{}".format(n, param))
            if lowvram_counter > 0:
-                logging.info("loaded partially; {:.2f} MB usable, {:.2f} MB loaded, {:.2f} MB offloaded, lowvram patches: {}".format(lowvram_model_memory / (1024 * 1024), mem_counter / (1024 * 1024), lowvram_mem_counter / (1024 * 1024), patch_counter))
+                logging.info("loaded partially; {:.2f} MB usable, {:.2f} MB loaded, {:.2f} MB offloaded, {:.2f} MB buffer reserved, lowvram patches: {}".format(lowvram_model_memory / (1024 * 1024), mem_counter / (1024 * 1024), lowvram_mem_counter / (1024 * 1024), offload_buffer / (1024 * 1024), patch_counter))
                self.model.model_lowvram = True
            else:
                logging.info("loaded completely; {:.2f} MB usable, {:.2f} MB loaded, full load: {}".format(lowvram_model_memory / (1024 * 1024), mem_counter / (1024 * 1024), full_load))
@ -778,6 +803,7 @@ class ModelPatcher:
            self.model.lowvram_patch_counter += patch_counter
            self.model.device = device_to
            self.model.model_loaded_weight_memory = mem_counter
            self.model.model_offload_buffer_memory = offload_buffer
            self.model.current_weight_patches_uuid = self.patches_uuid
            for callback in self.get_all_callbacks(CallbacksMP.ON_LOAD):
@ -831,6 +857,7 @@ class ModelPatcher:
                self.model.to(device_to)
                self.model.device = device_to
            self.model.model_loaded_weight_memory = 0
            self.model.model_offload_buffer_memory = 0
            for m in self.model.modules():
                if hasattr(m, "comfy_patched_weights"):
@ -849,13 +876,14 @@ class ModelPatcher:
            patch_counter = 0
            unload_list = self._load_list()
            unload_list.sort()
            offload_buffer = self.model.model_offload_buffer_memory
            for unload in unload_list:
-                if memory_to_free < memory_freed:
+                if memory_to_free + offload_buffer - self.model.model_offload_buffer_memory < memory_freed:
                    break
-                module_mem = unload[0]
+                module_offload_mem, module_mem, n, m, params = unload
-                n = unload[1]
+
-                m = unload[2]
+                potential_offload = (comfy.model_management.NUM_STREAMS + 1) * module_offload_mem
                params = unload[3]
                lowvram_possible = hasattr(m, "comfy_cast_weights")
                if hasattr(m, "comfy_patched_weights") and m.comfy_patched_weights == True:
@ -906,15 +934,18 @@ class ModelPatcher:
                            m.comfy_cast_weights = True
                        m.comfy_patched_weights = False
                        memory_freed += module_mem
                        offload_buffer = max(offload_buffer, potential_offload)
                        logging.debug("freed {}".format(n))
                        for param in params:
                            self.pin_weight_to_device("{}.{}".format(n, param))
            self.model.model_lowvram = True
            self.model.lowvram_patch_counter += patch_counter
            self.model.model_loaded_weight_memory -= memory_freed
-            logging.info("loaded partially: {:.2f} MB loaded, lowvram patches: {}".format(self.model.model_loaded_weight_memory / (1024 * 1024), self.model.lowvram_patch_counter))
+            self.model.model_offload_buffer_memory = offload_buffer
            logging.info("Unloaded partially: {:.2f} MB freed, {:.2f} MB remains loaded, {:.2f} MB buffer reserved, lowvram patches: {}".format(memory_freed / (1024 * 1024), self.model.model_loaded_weight_memory / (1024 * 1024), offload_buffer / (1024 * 1024), self.model.lowvram_patch_counter))
            return memory_freed
    def partially_load(self, device_to, extra_memory=0, force_patch_weights=False):
--- a/comfy/ops.py
+++ b/comfy/ops.py
@ -95,6 +95,8 @@ def cast_bias_weight(s, input=None, dtype=None, device=None, bias_dtype=None, of
    if offload_stream is not None:
        wf_context = offload_stream
        if hasattr(wf_context, "as_context"):
            wf_context = wf_context.as_context(offload_stream)
    else:
        wf_context = contextlib.nullcontext()
--- a/comfy/quant_ops.py
+++ b/comfy/quant_ops.py
@ -235,8 +235,8 @@ class QuantizedTensor(torch.Tensor):
    def is_pinned(self):
        return self._qdata.is_pinned()
-    def is_contiguous(self):
+    def is_contiguous(self, *arg, **kwargs):
-        return self._qdata.is_contiguous()
+        return self._qdata.is_contiguous(*arg, **kwargs)
 # ==============================================================================
 # Generic Utilities (Layout-Agnostic Operations)
@ -425,7 +425,8 @@ class TensorCoreFP8Layout(QuantizedLayout):
    @staticmethod
    def dequantize(qdata, scale, orig_dtype, **kwargs):
        plain_tensor = torch.ops.aten._to_copy.default(qdata, dtype=orig_dtype)
-        return plain_tensor * scale
+        plain_tensor.mul_(scale)
        return plain_tensor
    @classmethod
    def get_plain_tensors(cls, qtensor):
--- a/comfy/sd.py
+++ b/comfy/sd.py
@ -60,6 +60,8 @@ import comfy.lora_convert
 import comfy.hooks
 import comfy.t2i_adapter.adapter
 import comfy.taesd.taesd
 import comfy.taesd.taehv
 import comfy.latent_formats
 import comfy.ldm.flux.redux
@ -508,13 +510,14 @@ class VAE:
                    self.memory_used_encode = lambda shape, dtype: 3300 * shape[3] * shape[4] * model_management.dtype_size(dtype)
                    self.memory_used_decode = lambda shape, dtype: 8000 * shape[3] * shape[4] * (16 * 16) * model_management.dtype_size(dtype)
                else:  # Wan 2.1 VAE
                    dim = sd["decoder.head.0.gamma"].shape[0]
                    self.upscale_ratio = (lambda a: max(0, a * 4 - 3), 8, 8)
                    self.upscale_index_formula = (4, 8, 8)
                    self.downscale_ratio = (lambda a: max(0, math.floor((a + 3) / 4)), 8, 8)
                    self.downscale_index_formula = (4, 8, 8)
                    self.latent_dim = 3
                    self.latent_channels = 16
-                    ddconfig = {"dim": 96, "z_dim": self.latent_channels, "dim_mult": [1, 2, 4, 4], "num_res_blocks": 2, "attn_scales": [], "temperal_downsample": [False, True, True], "dropout": 0.0}
+                    ddconfig = {"dim": dim, "z_dim": self.latent_channels, "dim_mult": [1, 2, 4, 4], "num_res_blocks": 2, "attn_scales": [], "temperal_downsample": [False, True, True], "dropout": 0.0}
                    self.first_stage_model = comfy.ldm.wan.vae.WanVAE(**ddconfig)
                    self.working_dtypes = [torch.bfloat16, torch.float16, torch.float32]
                    self.memory_used_encode = lambda shape, dtype: 6000 * shape[3] * shape[4] * model_management.dtype_size(dtype)
@ -584,6 +587,35 @@ class VAE:
                self.process_input = lambda audio: audio
                self.working_dtypes = [torch.float32]
                self.crop_input = False
            elif "decoder.22.bias" in sd: # taehv, taew and lighttae
                self.latent_channels = sd["decoder.1.weight"].shape[1]
                self.latent_dim = 3
                self.upscale_ratio = (lambda a: max(0, a * 4 - 3), 16, 16)
                self.upscale_index_formula = (4, 16, 16)
                self.downscale_ratio = (lambda a: max(0, math.floor((a + 3) / 4)), 16, 16)
                self.downscale_index_formula = (4, 16, 16)
                if self.latent_channels == 48: # Wan 2.2
                    self.first_stage_model = comfy.taesd.taehv.TAEHV(latent_channels=self.latent_channels, latent_format=None) # taehv doesn't need scaling
                    self.process_input = lambda image: (_ for _ in ()).throw(NotImplementedError("This light tae doesn't support encoding currently"))
                    self.process_output = lambda image: image
                    self.memory_used_decode = lambda shape, dtype: (1800 * (max(1, (shape[-3] ** 0.7 * 0.1)) * shape[-2] * shape[-1] * 16 * 16) * model_management.dtype_size(dtype))
                elif self.latent_channels == 32 and sd["decoder.22.bias"].shape[0] == 12: # lighttae_hv15
                    self.first_stage_model = comfy.taesd.taehv.TAEHV(latent_channels=self.latent_channels, latent_format=comfy.latent_formats.HunyuanVideo15)
                    self.process_input = lambda image: (_ for _ in ()).throw(NotImplementedError("This light tae doesn't support encoding currently"))
                    self.memory_used_decode = lambda shape, dtype: (1200 * (max(1, (shape[-3] ** 0.7 * 0.05)) * shape[-2] * shape[-1] * 32 * 32) * model_management.dtype_size(dtype))
                else:
                    if sd["decoder.1.weight"].dtype == torch.float16: # taehv currently only available in float16, so assume it's not lighttaew2_1 as otherwise state dicts are identical
                        latent_format=comfy.latent_formats.HunyuanVideo
                    else:
                        latent_format=None # lighttaew2_1 doesn't need scaling
                    self.first_stage_model = comfy.taesd.taehv.TAEHV(latent_channels=self.latent_channels, latent_format=latent_format)
                    self.process_input = self.process_output = lambda image: image
                    self.upscale_ratio = (lambda a: max(0, a * 4 - 3), 8, 8)
                    self.upscale_index_formula = (4, 8, 8)
                    self.downscale_ratio = (lambda a: max(0, math.floor((a + 3) / 4)), 8, 8)
                    self.downscale_index_formula = (4, 8, 8)
                    self.memory_used_encode = lambda shape, dtype: (700 * (max(1, (shape[-3] ** 0.66 * 0.11)) * shape[-2] * shape[-1]) * model_management.dtype_size(dtype))
                    self.memory_used_decode = lambda shape, dtype: (50 * (max(1, (shape[-3] ** 0.65 * 0.26)) * shape[-2] * shape[-1] * 32 * 32) * model_management.dtype_size(dtype))
            else:
                logging.warning("WARNING: No VAE weights detected, VAE not initalized.")
                self.first_stage_model = None
--- a/comfy/taesd/taehv.py
+++ b/comfy/taesd/taehv.py
@ -0,0 +1,171 @@
 # Tiny AutoEncoder for HunyuanVideo and WanVideo https://github.com/madebyollin/taehv
 import torch
 import torch.nn as nn
 import torch.nn.functional as F
 from tqdm.auto import tqdm
 from collections import namedtuple, deque
 import comfy.ops
 operations=comfy.ops.disable_weight_init
 DecoderResult = namedtuple("DecoderResult", ("frame", "memory"))
 TWorkItem = namedtuple("TWorkItem", ("input_tensor", "block_index"))
 def conv(n_in, n_out, **kwargs):
    return operations.Conv2d(n_in, n_out, 3, padding=1, **kwargs)
 class Clamp(nn.Module):
    def forward(self, x):
        return torch.tanh(x / 3) * 3
 class MemBlock(nn.Module):
    def __init__(self, n_in, n_out, act_func):
        super().__init__()
        self.conv = nn.Sequential(conv(n_in * 2, n_out), act_func, conv(n_out, n_out), act_func, conv(n_out, n_out))
        self.skip = operations.Conv2d(n_in, n_out, 1, bias=False) if n_in != n_out else nn.Identity()
        self.act = act_func
    def forward(self, x, past):
        return self.act(self.conv(torch.cat([x, past], 1)) + self.skip(x))
 class TPool(nn.Module):
    def __init__(self, n_f, stride):
        super().__init__()
        self.stride = stride
        self.conv = operations.Conv2d(n_f*stride,n_f, 1, bias=False)
    def forward(self, x):
        _NT, C, H, W = x.shape
        return self.conv(x.reshape(-1, self.stride * C, H, W))
 class TGrow(nn.Module):
    def __init__(self, n_f, stride):
        super().__init__()
        self.stride = stride
        self.conv = operations.Conv2d(n_f, n_f*stride, 1, bias=False)
    def forward(self, x):
        _NT, C, H, W = x.shape
        x = self.conv(x)
        return x.reshape(-1, C, H, W)
 def apply_model_with_memblocks(model, x, parallel, show_progress_bar):
    B, T, C, H, W = x.shape
    if parallel:
        x = x.reshape(B*T, C, H, W)
        # parallel over input timesteps, iterate over blocks
        for b in tqdm(model, disable=not show_progress_bar):
            if isinstance(b, MemBlock):
                BT, C, H, W = x.shape
                T = BT // B
                _x = x.reshape(B, T, C, H, W)
                mem = F.pad(_x, (0,0,0,0,0,0,1,0), value=0)[:,:T].reshape(x.shape)
                x = b(x, mem)
            else:
                x = b(x)
        BT, C, H, W = x.shape
        T = BT // B
        x = x.view(B, T, C, H, W)
    else:
        out = []
        work_queue = deque([TWorkItem(xt, 0) for t, xt in enumerate(x.reshape(B, T * C, H, W).chunk(T, dim=1))])
        progress_bar = tqdm(range(T), disable=not show_progress_bar)
        mem = [None] * len(model)
        while work_queue:
            xt, i = work_queue.popleft()
            if i == 0:
                progress_bar.update(1)
            if i == len(model):
                out.append(xt)
                del xt
            else:
                b = model[i]
                if isinstance(b, MemBlock):
                    if mem[i] is None:
                        xt_new = b(xt, xt * 0)
                        mem[i] = xt.detach().clone()
                    else:
                        xt_new = b(xt, mem[i])
                        mem[i] = xt.detach().clone()
                    del xt
                    work_queue.appendleft(TWorkItem(xt_new, i+1))
                elif isinstance(b, TPool):
                    if mem[i] is None:
                        mem[i] = []
                    mem[i].append(xt.detach().clone())
                    if len(mem[i]) == b.stride:
                        B, C, H, W = xt.shape
                        xt = b(torch.cat(mem[i], 1).view(B*b.stride, C, H, W))
                        mem[i] = []
                        work_queue.appendleft(TWorkItem(xt, i+1))
                elif isinstance(b, TGrow):
                    xt = b(xt)
                    NT, C, H, W = xt.shape
                    for xt_next in reversed(xt.view(B, b.stride*C, H, W).chunk(b.stride, 1)):
                        work_queue.appendleft(TWorkItem(xt_next, i+1))
                    del xt
                else:
                    xt = b(xt)
                    work_queue.appendleft(TWorkItem(xt, i+1))
        progress_bar.close()
        x = torch.stack(out, 1)
    return x
 class TAEHV(nn.Module):
    def __init__(self, latent_channels, parallel=False, decoder_time_upscale=(True, True), decoder_space_upscale=(True, True, True), latent_format=None, show_progress_bar=True):
        super().__init__()
        self.image_channels = 3
        self.patch_size = 1
        self.latent_channels = latent_channels
        self.parallel = parallel
        self.latent_format = latent_format
        self.show_progress_bar = show_progress_bar
        self.process_in = latent_format().process_in if latent_format is not None else (lambda x: x)
        self.process_out = latent_format().process_out if latent_format is not None else (lambda x: x)
        if self.latent_channels in [48, 32]: # Wan 2.2 and HunyuanVideo1.5
            self.patch_size = 2
        if self.latent_channels == 32: # HunyuanVideo1.5
            act_func = nn.LeakyReLU(0.2, inplace=True)
        else: # HunyuanVideo, Wan 2.1
            act_func = nn.ReLU(inplace=True)
        self.encoder = nn.Sequential(
            conv(self.image_channels*self.patch_size**2, 64), act_func,
            TPool(64, 2), conv(64, 64, stride=2, bias=False), MemBlock(64, 64, act_func), MemBlock(64, 64, act_func), MemBlock(64, 64, act_func),
            TPool(64, 2), conv(64, 64, stride=2, bias=False), MemBlock(64, 64, act_func), MemBlock(64, 64, act_func), MemBlock(64, 64, act_func),
            TPool(64, 1), conv(64, 64, stride=2, bias=False), MemBlock(64, 64, act_func), MemBlock(64, 64, act_func), MemBlock(64, 64, act_func),
            conv(64, self.latent_channels),
        )
        n_f = [256, 128, 64, 64]
        self.frames_to_trim = 2**sum(decoder_time_upscale) - 1
        self.decoder = nn.Sequential(
            Clamp(), conv(self.latent_channels, n_f[0]), act_func,
            MemBlock(n_f[0], n_f[0], act_func), MemBlock(n_f[0], n_f[0], act_func), MemBlock(n_f[0], n_f[0], act_func), nn.Upsample(scale_factor=2 if decoder_space_upscale[0] else 1), TGrow(n_f[0], 1), conv(n_f[0], n_f[1], bias=False),
            MemBlock(n_f[1], n_f[1], act_func), MemBlock(n_f[1], n_f[1], act_func), MemBlock(n_f[1], n_f[1], act_func), nn.Upsample(scale_factor=2 if decoder_space_upscale[1] else 1), TGrow(n_f[1], 2 if decoder_time_upscale[0] else 1), conv(n_f[1], n_f[2], bias=False),
            MemBlock(n_f[2], n_f[2], act_func), MemBlock(n_f[2], n_f[2], act_func), MemBlock(n_f[2], n_f[2], act_func), nn.Upsample(scale_factor=2 if decoder_space_upscale[2] else 1), TGrow(n_f[2], 2 if decoder_time_upscale[1] else 1), conv(n_f[2], n_f[3], bias=False),
            act_func, conv(n_f[3], self.image_channels*self.patch_size**2),
        )
        @property
        def show_progress_bar(self):
            return self._show_progress_bar
        @show_progress_bar.setter
        def show_progress_bar(self, value):
            self._show_progress_bar = value
    def encode(self, x, **kwargs):
        if self.patch_size > 1: x = F.pixel_unshuffle(x, self.patch_size)
        x = x.movedim(2, 1)  # [B, C, T, H, W] -> [B, T, C, H, W]
        if x.shape[1] % 4 != 0:
            # pad at end to multiple of 4
            n_pad = 4 - x.shape[1] % 4
            padding = x[:, -1:].repeat_interleave(n_pad, dim=1)
            x = torch.cat([x, padding], 1)
        x = apply_model_with_memblocks(self.encoder, x, self.parallel, self.show_progress_bar).movedim(2, 1)
        return self.process_out(x)
    def decode(self, x, **kwargs):
        x = self.process_in(x).movedim(2, 1)  # [B, C, T, H, W] -> [B, T, C, H, W]
        x = apply_model_with_memblocks(self.decoder, x, self.parallel, self.show_progress_bar)
        if self.patch_size > 1: x = F.pixel_shuffle(x, self.patch_size)
        return x[:, self.frames_to_trim:].movedim(2, 1)
--- a/comfy/utils.py
+++ b/comfy/utils.py
@ -675,6 +675,72 @@ def flux_to_diffusers(mmdit_config, output_prefix=""):
    return key_map
 def z_image_to_diffusers(mmdit_config, output_prefix=""):
    n_layers = mmdit_config.get("n_layers", 0)
    hidden_size = mmdit_config.get("dim", 0)
    n_context_refiner = mmdit_config.get("n_refiner_layers", 2)
    n_noise_refiner = mmdit_config.get("n_refiner_layers", 2)
    key_map = {}
    def add_block_keys(prefix_from, prefix_to, has_adaln=True):
        for end in ("weight", "bias"):
            k = "{}.attention.".format(prefix_from)
            qkv = "{}.attention.qkv.{}".format(prefix_to, end)
            key_map["{}to_q.{}".format(k, end)] = (qkv, (0, 0, hidden_size))
            key_map["{}to_k.{}".format(k, end)] = (qkv, (0, hidden_size, hidden_size))
            key_map["{}to_v.{}".format(k, end)] = (qkv, (0, hidden_size * 2, hidden_size))
        block_map = {
            "attention.norm_q.weight": "attention.q_norm.weight",
            "attention.norm_k.weight": "attention.k_norm.weight",
            "attention.to_out.0.weight": "attention.out.weight",
            "attention.to_out.0.bias": "attention.out.bias",
            "attention_norm1.weight": "attention_norm1.weight",
            "attention_norm2.weight": "attention_norm2.weight",
            "feed_forward.w1.weight": "feed_forward.w1.weight",
            "feed_forward.w2.weight": "feed_forward.w2.weight",
            "feed_forward.w3.weight": "feed_forward.w3.weight",
            "ffn_norm1.weight": "ffn_norm1.weight",
            "ffn_norm2.weight": "ffn_norm2.weight",
        }
        if has_adaln:
            block_map["adaLN_modulation.0.weight"] = "adaLN_modulation.0.weight"
            block_map["adaLN_modulation.0.bias"] = "adaLN_modulation.0.bias"
        for k, v in block_map.items():
            key_map["{}.{}".format(prefix_from, k)] = "{}.{}".format(prefix_to, v)
    for i in range(n_layers):
        add_block_keys("layers.{}".format(i), "{}layers.{}".format(output_prefix, i))
    for i in range(n_context_refiner):
        add_block_keys("context_refiner.{}".format(i), "{}context_refiner.{}".format(output_prefix, i))
    for i in range(n_noise_refiner):
        add_block_keys("noise_refiner.{}".format(i), "{}noise_refiner.{}".format(output_prefix, i))
    MAP_BASIC = [
        ("final_layer.linear.weight", "all_final_layer.2-1.linear.weight"),
        ("final_layer.linear.bias", "all_final_layer.2-1.linear.bias"),
        ("final_layer.adaLN_modulation.1.weight", "all_final_layer.2-1.adaLN_modulation.1.weight"),
        ("final_layer.adaLN_modulation.1.bias", "all_final_layer.2-1.adaLN_modulation.1.bias"),
        ("x_embedder.weight", "all_x_embedder.2-1.weight"),
        ("x_embedder.bias", "all_x_embedder.2-1.bias"),
        ("x_pad_token", "x_pad_token"),
        ("cap_embedder.0.weight", "cap_embedder.0.weight"),
        ("cap_embedder.1.weight", "cap_embedder.1.weight"),
        ("cap_embedder.1.bias", "cap_embedder.1.bias"),
        ("cap_pad_token", "cap_pad_token"),
        ("t_embedder.mlp.0.weight", "t_embedder.mlp.0.weight"),
        ("t_embedder.mlp.0.bias", "t_embedder.mlp.0.bias"),
        ("t_embedder.mlp.2.weight", "t_embedder.mlp.2.weight"),
        ("t_embedder.mlp.2.bias", "t_embedder.mlp.2.bias"),
    ]
    for c, diffusers in MAP_BASIC:
        key_map[diffusers] = "{}{}".format(output_prefix, c)
    return key_map
 def repeat_to_batch_size(tensor, batch_size, dim=0):
    if tensor.shape[dim] > batch_size:
        return tensor.narrow(dim, 0, batch_size)
--- a/comfy_api_nodes/nodes_kling.py
+++ b/comfy_api_nodes/nodes_kling.py
@ -4,8 +4,6 @@ For source of truth on the allowed permutations of request fields, please refere
 - [Compatibility Table](https://app.klingai.com/global/dev/document-api/apiReference/model/skillsMap)
 """
 from __future__ import annotations
 from typing import Optional, TypeVar
 import math
 import logging
@ -66,9 +64,7 @@ from comfy_api_nodes.util import (
    poll_op,
 )
 from comfy_api.input_impl import VideoFromFile
-from comfy_api.input.basic_types import AudioInput
+from comfy_api.latest import ComfyExtension, IO, Input
 from comfy_api.input.video_types import VideoInput
 from comfy_api.latest import ComfyExtension, IO
 KLING_API_VERSION = "v1"
 PATH_TEXT_TO_VIDEO = f"/proxy/kling/{KLING_API_VERSION}/videos/text2video"
@ -94,8 +90,6 @@ AVERAGE_DURATION_IMAGE_GEN = 32
 AVERAGE_DURATION_VIDEO_EFFECTS = 320
 AVERAGE_DURATION_VIDEO_EXTEND = 320
 R = TypeVar("R")
 MODE_TEXT2VIDEO = {
    "standard mode / 5s duration / kling-v1": ("std", "5", "kling-v1"),
@ -130,6 +124,8 @@ MODE_START_END_FRAME = {
    "pro mode / 10s duration / kling-v1-6": ("pro", "10", "kling-v1-6"),
    "pro mode / 5s duration / kling-v2-1": ("pro", "5", "kling-v2-1"),
    "pro mode / 10s duration / kling-v2-1": ("pro", "10", "kling-v2-1"),
    "pro mode / 5s duration / kling-v2-5-turbo": ("pro", "5", "kling-v2-5-turbo"),
    "pro mode / 10s duration / kling-v2-5-turbo": ("pro", "10", "kling-v2-5-turbo"),
 }
 """
 Returns a mapping of mode strings to their corresponding (mode, duration, model_name) tuples.
@ -296,7 +292,7 @@ def get_video_from_response(response) -> KlingVideoResult:
    return video
-def get_video_url_from_response(response) -> Optional[str]:
+def get_video_url_from_response(response) -> str | None:
    """Returns the first video url from the Kling video generation task result.
    Will not raise an error if the response is not valid.
    """
@ -315,7 +311,7 @@ def get_images_from_response(response) -> list[KlingImageResult]:
    return images
-def get_images_urls_from_response(response) -> Optional[str]:
+def get_images_urls_from_response(response) -> str | None:
    """Returns the list of image urls from the Kling image generation task result.
    Will not raise an error if the response is not valid. If there is only one image, returns the url as a string. If there are multiple images, returns a list of urls.
    """
@ -349,7 +345,7 @@ async def execute_text2video(
    model_mode: str,
    duration: str,
    aspect_ratio: str,
-    camera_control: Optional[KlingCameraControl] = None,
+    camera_control: KlingCameraControl | None = None,
 ) -> IO.NodeOutput:
    validate_prompts(prompt, negative_prompt, MAX_PROMPT_LENGTH_T2V)
    task_creation_response = await sync_op(
@ -394,8 +390,8 @@ async def execute_image2video(
    model_mode: str,
    aspect_ratio: str,
    duration: str,
-    camera_control: Optional[KlingCameraControl] = None,
+    camera_control: KlingCameraControl | None = None,
-    end_frame: Optional[torch.Tensor] = None,
+    end_frame: torch.Tensor | None = None,
 ) -> IO.NodeOutput:
    validate_prompts(prompt, negative_prompt, MAX_PROMPT_LENGTH_I2V)
    validate_input_image(start_frame)
@ -451,8 +447,8 @@ async def execute_video_effect(
    model_name: str,
    duration: KlingVideoGenDuration,
    image_1: torch.Tensor,
-    image_2: Optional[torch.Tensor] = None,
+    image_2: torch.Tensor | None = None,
-    model_mode: Optional[KlingVideoGenMode] = None,
+    model_mode: KlingVideoGenMode | None = None,
 ) -> tuple[VideoFromFile, str, str]:
    if dual_character:
        request_input_field = KlingDualCharacterEffectInput(
@ -499,13 +495,13 @@ async def execute_video_effect(
 async def execute_lipsync(
    cls: type[IO.ComfyNode],
-    video: VideoInput,
+    video: Input.Video,
-    audio: Optional[AudioInput] = None,
+    audio: Input.Audio | None = None,
-    voice_language: Optional[str] = None,
+    voice_language: str | None = None,
-    model_mode: Optional[str] = None,
+    model_mode: str | None = None,
-    text: Optional[str] = None,
+    text: str | None = None,
-    voice_speed: Optional[float] = None,
+    voice_speed: float | None = None,
-    voice_id: Optional[str] = None,
+    voice_id: str | None = None,
 ) -> IO.NodeOutput:
    if text:
        validate_string(text, field_name="Text", max_length=MAX_PROMPT_LENGTH_LIP_SYNC)
@ -787,7 +783,7 @@ class KlingCameraControlT2VNode(IO.ComfyNode):
        negative_prompt: str,
        cfg_scale: float,
        aspect_ratio: str,
-        camera_control: Optional[KlingCameraControl] = None,
+        camera_control: KlingCameraControl | None = None,
    ) -> IO.NodeOutput:
        return await execute_text2video(
            cls,
@ -854,8 +850,8 @@ class KlingImage2VideoNode(IO.ComfyNode):
        mode: str,
        aspect_ratio: str,
        duration: str,
-        camera_control: Optional[KlingCameraControl] = None,
+        camera_control: KlingCameraControl | None = None,
-        end_frame: Optional[torch.Tensor] = None,
+        end_frame: torch.Tensor | None = None,
    ) -> IO.NodeOutput:
        return await execute_image2video(
            cls,
@ -965,15 +961,11 @@ class KlingStartEndFrameNode(IO.ComfyNode):
                IO.String.Input("prompt", multiline=True, tooltip="Positive text prompt"),
                IO.String.Input("negative_prompt", multiline=True, tooltip="Negative text prompt"),
                IO.Float.Input("cfg_scale", default=0.5, min=0.0, max=1.0),
-                IO.Combo.Input(
+                IO.Combo.Input("aspect_ratio", options=["16:9", "9:16", "1:1"]),
                    "aspect_ratio",
                    options=[i.value for i in KlingVideoGenAspectRatio],
                    default="16:9",
                ),
                IO.Combo.Input(
                    "mode",
                    options=modes,
-                    default=modes[2],
+                    default=modes[8],
                    tooltip="The configuration to use for the video generation following the format: mode / duration / model_name.",
                ),
            ],
@ -1254,8 +1246,8 @@ class KlingLipSyncAudioToVideoNode(IO.ComfyNode):
    @classmethod
    async def execute(
        cls,
-        video: VideoInput,
+        video: Input.Video,
-        audio: AudioInput,
+        audio: Input.Audio,
        voice_language: str,
    ) -> IO.NodeOutput:
        return await execute_lipsync(
@ -1314,7 +1306,7 @@ class KlingLipSyncTextToVideoNode(IO.ComfyNode):
    @classmethod
    async def execute(
        cls,
-        video: VideoInput,
+        video: Input.Video,
        text: str,
        voice: str,
        voice_speed: float,
@ -1471,7 +1463,7 @@ class KlingImageGenerationNode(IO.ComfyNode):
        human_fidelity: float,
        n: int,
        aspect_ratio: KlingImageGenAspectRatio,
-        image: Optional[torch.Tensor] = None,
+        image: torch.Tensor | None = None,
    ) -> IO.NodeOutput:
        validate_string(prompt, field_name="prompt", min_length=1, max_length=MAX_PROMPT_LENGTH_IMAGE_GEN)
        validate_string(negative_prompt, field_name="negative_prompt", max_length=MAX_PROMPT_LENGTH_IMAGE_GEN)
--- a/comfy_extras/nodes_dataset.py
+++ b/comfy_extras/nodes_dataset.py
--- a/comfy_extras/nodes_train.py
+++ b/comfy_extras/nodes_train.py
--- a/folder_paths.py
+++ b/folder_paths.py
@ -137,6 +137,71 @@ def set_user_directory(user_dir: str) -> None:
    user_directory = user_dir
 # System User Protection - Protects system directories from HTTP endpoint access
 # System Users are internal-only users that cannot be accessed via HTTP endpoints.
 # They use the '__' prefix convention (similar to Python's private member convention).
 SYSTEM_USER_PREFIX = "__"
 def get_system_user_directory(name: str = "system") -> str:
    """
    Get the path to a System User directory.
    System User directories (prefixed with '__') are only accessible via internal API,
    not through HTTP endpoints. Use this for storing system-internal data that
    should not be exposed to users.
    Args:
        name: System user name (e.g., "system", "cache"). Must be alphanumeric
              with underscores allowed, but cannot start with underscore.
    Returns:
        Absolute path to the system user directory.
    Raises:
        ValueError: If name is empty, invalid, or starts with underscore.
    Example:
        >>> get_system_user_directory("cache")
        '/path/to/user/__cache'
    """
    if not name or not isinstance(name, str):
        raise ValueError("System user name cannot be empty")
    if not name.replace("_", "").isalnum():
        raise ValueError(f"Invalid system user name: '{name}'")
    if name.startswith("_"):
        raise ValueError("System user name should not start with underscore")
    return os.path.join(get_user_directory(), f"{SYSTEM_USER_PREFIX}{name}")
 def get_public_user_directory(user_id: str) -> str | None:
    """
    Get the path to a Public User directory for HTTP endpoint access.
    This function provides structural security by returning None for any
    System User (prefixed with '__'). All HTTP endpoints should use this
    function instead of directly constructing user paths.
    Args:
        user_id: User identifier from HTTP request.
    Returns:
        Absolute path to the user directory, or None if user_id is invalid
        or refers to a System User.
    Example:
        >>> get_public_user_directory("default")
        '/path/to/user/default'
        >>> get_public_user_directory("__system")
        None
    """
    if not user_id or not isinstance(user_id, str):
        return None
    if user_id.startswith(SYSTEM_USER_PREFIX):
        return None
    return os.path.join(get_user_directory(), user_id)
 #NOTE: used in http server so don't put folders that should not be accessed remotely
 def get_directory_by_type(type_name: str) -> str | None:
    if type_name == "output":
--- a/latent_preview.py
+++ b/latent_preview.py
@ -2,17 +2,24 @@ import torch
 from PIL import Image
 from comfy.cli_args import args, LatentPreviewMethod
 from comfy.taesd.taesd import TAESD
 from comfy.sd import VAE
 import comfy.model_management
 import folder_paths
 import comfy.utils
 import logging
 MAX_PREVIEW_RESOLUTION = args.preview_size
 VIDEO_TAES = ["taehv", "lighttaew2_2", "lighttaew2_1", "lighttaehy1_5"]
-def preview_to_image(latent_image):
+def preview_to_image(latent_image, do_scale=True):
        if do_scale:
            latents_ubyte = (((latent_image + 1.0) / 2.0).clamp(0, 1)  # change scale from -1..1 to 0..1
                                .mul(0xFF)  # to 0..255
                                )
        else:
            latents_ubyte = (latent_image.clamp(0, 1)
                                .mul(0xFF)  # to 0..255
                                )
        if comfy.model_management.directml_enabled:
                latents_ubyte = latents_ubyte.to(dtype=torch.uint8)
        latents_ubyte = latents_ubyte.to(device="cpu", dtype=torch.uint8, non_blocking=comfy.model_management.device_supports_non_blocking(latent_image.device))
@ -35,6 +42,10 @@ class TAESDPreviewerImpl(LatentPreviewer):
        x_sample = self.taesd.decode(x0[:1])[0].movedim(0, 2)
        return preview_to_image(x_sample)
 class TAEHVPreviewerImpl(TAESDPreviewerImpl):
    def decode_latent_to_preview(self, x0):
        x_sample = self.taesd.decode(x0[:1, :, :1])[0][0]
        return preview_to_image(x_sample, do_scale=False)
 class Latent2RGBPreviewer(LatentPreviewer):
    def __init__(self, latent_rgb_factors, latent_rgb_factors_bias=None, latent_rgb_factors_reshape=None):
@ -81,6 +92,11 @@ def get_previewer(device, latent_format):
        if method == LatentPreviewMethod.TAESD:
            if taesd_decoder_path:
                if latent_format.taesd_decoder_name in VIDEO_TAES:
                    taesd = VAE(comfy.utils.load_torch_file(taesd_decoder_path))
                    taesd.first_stage_model.show_progress_bar = False
                    previewer = TAEHVPreviewerImpl(taesd)
                else:
                    taesd = TAESD(None, taesd_decoder_path, latent_channels=latent_format.latent_channels).to(device)
                    previewer = TAESDPreviewerImpl(taesd)
            else:
--- a/nodes.py
+++ b/nodes.py
@ -692,8 +692,10 @@ class LoraLoaderModelOnly(LoraLoader):
        return (self.load_lora(model, None, lora_name, strength_model, 0)[0],)
 class VAELoader:
    video_taes = ["taehv", "lighttaew2_2", "lighttaew2_1", "lighttaehy1_5"]
    image_taes = ["taesd", "taesdxl", "taesd3", "taef1"]
    @staticmethod
-    def vae_list():
+    def vae_list(s):
        vaes = folder_paths.get_filename_list("vae")
        approx_vaes = folder_paths.get_filename_list("vae_approx")
        sdxl_taesd_enc = False
@ -722,6 +724,11 @@ class VAELoader:
                f1_taesd_dec = True
            elif v.startswith("taef1_decoder."):
                f1_taesd_enc = True
            else:
                for tae in s.video_taes:
                    if v.startswith(tae):
                        vaes.append(v)
        if sd1_taesd_dec and sd1_taesd_enc:
            vaes.append("taesd")
        if sdxl_taesd_dec and sdxl_taesd_enc:
@ -765,7 +772,7 @@ class VAELoader:
    @classmethod
    def INPUT_TYPES(s):
-        return {"required": { "vae_name": (s.vae_list(), )}}
+        return {"required": { "vae_name": (s.vae_list(s), )}}
    RETURN_TYPES = ("VAE",)
    FUNCTION = "load_vae"
@ -776,8 +783,11 @@ class VAELoader:
        if vae_name == "pixel_space":
            sd = {}
            sd["pixel_space_vae"] = torch.tensor(1.0)
-        elif vae_name in ["taesd", "taesdxl", "taesd3", "taef1"]:
+        elif vae_name in self.image_taes:
            sd = self.load_taesd(vae_name)
        else:
            if os.path.splitext(vae_name)[0] in self.video_taes:
                vae_path = folder_paths.get_full_path_or_raise("vae_approx", vae_name)
            else:
                vae_path = folder_paths.get_full_path_or_raise("vae", vae_name)
            sd = comfy.utils.load_torch_file(vae_path)
@ -2278,6 +2288,7 @@ async def init_builtin_extra_nodes():
        "nodes_images.py",
        "nodes_video_model.py",
        "nodes_train.py",
        "nodes_dataset.py",
        "nodes_sag.py",
        "nodes_perpneg.py",
        "nodes_stable3d.py",
--- a/requirements.txt
+++ b/requirements.txt
@ -1,5 +1,5 @@
 comfyui-frontend-package==1.32.10
-comfyui-workflow-templates==0.7.20
+comfyui-workflow-templates==0.7.25
 comfyui-embedded-docs==0.3.1
 torch
 torchsde
--- a/tests-unit/app_test/user_manager_system_user_test.py
+++ b/tests-unit/app_test/user_manager_system_user_test.py
@ -0,0 +1,193 @@
 """Tests for System User Protection in user_manager.py
 Tests cover:
 - get_request_user_id(): 1st defense layer - blocks System Users from HTTP headers
 - get_request_user_filepath(): 2nd defense layer - structural blocking via get_public_user_directory()
 - add_user(): 3rd defense layer - prevents creation of System User names
 - Defense layers integration tests
 """
 import pytest
 from unittest.mock import MagicMock, patch
 import tempfile
 import folder_paths
 from app.user_manager import UserManager
@pytest.fixture
 def mock_user_directory():
    """Create a temporary user directory."""
    with tempfile.TemporaryDirectory() as temp_dir:
        original_dir = folder_paths.get_user_directory()
        folder_paths.set_user_directory(temp_dir)
        yield temp_dir
        folder_paths.set_user_directory(original_dir)
@pytest.fixture
 def user_manager(mock_user_directory):
    """Create a UserManager instance for testing."""
    with patch('app.user_manager.args') as mock_args:
        mock_args.multi_user = True
        manager = UserManager()
        # Add a default user for testing
        manager.users = {"default": "default", "test_user_123": "Test User"}
        yield manager
@pytest.fixture
 def mock_request():
    """Create a mock request object."""
    request = MagicMock()
    request.headers = {}
    return request
 class TestGetRequestUserId:
    """Tests for get_request_user_id() - 1st defense layer.
    Verifies:
    - System Users (__ prefix) in HTTP header are rejected with KeyError
    - Public Users pass through successfully
    """
    def test_system_user_raises_error(self, user_manager, mock_request):
        """Test System User in header raises KeyError."""
        mock_request.headers = {"comfy-user": "__system"}
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            with pytest.raises(KeyError, match="Unknown user"):
                user_manager.get_request_user_id(mock_request)
    def test_system_user_cache_raises_error(self, user_manager, mock_request):
        """Test System User cache raises KeyError."""
        mock_request.headers = {"comfy-user": "__cache"}
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            with pytest.raises(KeyError, match="Unknown user"):
                user_manager.get_request_user_id(mock_request)
    def test_normal_user_works(self, user_manager, mock_request):
        """Test normal user access works."""
        mock_request.headers = {"comfy-user": "default"}
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            user_id = user_manager.get_request_user_id(mock_request)
            assert user_id == "default"
    def test_unknown_user_raises_error(self, user_manager, mock_request):
        """Test unknown user raises KeyError."""
        mock_request.headers = {"comfy-user": "unknown_user"}
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            with pytest.raises(KeyError, match="Unknown user"):
                user_manager.get_request_user_id(mock_request)
 class TestGetRequestUserFilepath:
    """Tests for get_request_user_filepath() - 2nd defense layer.
    Verifies:
    - Returns None when get_public_user_directory() returns None (System User)
    - Acts as backup defense if 1st layer is bypassed
    """
    def test_system_user_returns_none(self, user_manager, mock_request, mock_user_directory):
        """Test System User returns None (structural blocking)."""
        # First, we need to mock get_request_user_id to return System User
        # But actually, get_request_user_id will raise KeyError first
        # So we test via get_public_user_directory returning None
        mock_request.headers = {"comfy-user": "default"}
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            # Patch get_public_user_directory to return None for testing
            with patch.object(folder_paths, 'get_public_user_directory', return_value=None):
                result = user_manager.get_request_user_filepath(mock_request, "test.txt")
                assert result is None
    def test_normal_user_gets_path(self, user_manager, mock_request, mock_user_directory):
        """Test normal user gets valid filepath."""
        mock_request.headers = {"comfy-user": "default"}
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            path = user_manager.get_request_user_filepath(mock_request, "test.txt")
            assert path is not None
            assert "default" in path
            assert path.endswith("test.txt")
 class TestAddUser:
    """Tests for add_user() - 3rd defense layer (creation-time blocking).
    Verifies:
    - System User name (__ prefix) creation is rejected with ValueError
    - Sanitized usernames that become System User are also rejected
    """
    def test_system_user_prefix_name_raises(self, user_manager):
        """Test System User prefix in name raises ValueError."""
        with pytest.raises(ValueError, match="System User prefix not allowed"):
            user_manager.add_user("__system")
    def test_system_user_prefix_cache_raises(self, user_manager):
        """Test System User cache prefix raises ValueError."""
        with pytest.raises(ValueError, match="System User prefix not allowed"):
            user_manager.add_user("__cache")
    def test_sanitized_system_user_prefix_raises(self, user_manager):
        """Test sanitized name becoming System User prefix raises ValueError (bypass prevention)."""
        # "__test" directly starts with System User prefix
        with pytest.raises(ValueError, match="System User prefix not allowed"):
            user_manager.add_user("__test")
    def test_normal_user_creation(self, user_manager, mock_user_directory):
        """Test normal user creation works."""
        user_id = user_manager.add_user("Normal User")
        assert user_id is not None
        assert not user_id.startswith("__")
        assert "Normal-User" in user_id or "Normal_User" in user_id
    def test_empty_name_raises(self, user_manager):
        """Test empty name raises ValueError."""
        with pytest.raises(ValueError, match="username not provided"):
            user_manager.add_user("")
    def test_whitespace_only_raises(self, user_manager):
        """Test whitespace-only name raises ValueError."""
        with pytest.raises(ValueError, match="username not provided"):
            user_manager.add_user("   ")
 class TestDefenseLayers:
    """Integration tests for all three defense layers.
    Verifies:
    - Each defense layer blocks System Users independently
    - System User bypass is impossible through any layer
    """
    def test_layer1_get_request_user_id(self, user_manager, mock_request):
        """Test 1st defense layer blocks System Users."""
        mock_request.headers = {"comfy-user": "__system"}
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            with pytest.raises(KeyError):
                user_manager.get_request_user_id(mock_request)
    def test_layer2_get_public_user_directory(self):
        """Test 2nd defense layer blocks System Users."""
        result = folder_paths.get_public_user_directory("__system")
        assert result is None
    def test_layer3_add_user(self, user_manager):
        """Test 3rd defense layer blocks System User creation."""
        with pytest.raises(ValueError):
            user_manager.add_user("__system")
--- a/tests-unit/folder_paths_test/system_user_test.py
+++ b/tests-unit/folder_paths_test/system_user_test.py
@ -0,0 +1,206 @@
 """Tests for System User Protection in folder_paths.py
 Tests cover:
 - get_system_user_directory(): Internal API for custom nodes to access System User directories
 - get_public_user_directory(): HTTP endpoint access with System User blocking
 - Backward compatibility: Existing APIs unchanged
 - Security: Path traversal and injection prevention
 """
 import pytest
 import os
 import tempfile
 from folder_paths import (
    get_system_user_directory,
    get_public_user_directory,
    get_user_directory,
    set_user_directory,
 )
@pytest.fixture(scope="module")
 def mock_user_directory():
    """Create a temporary user directory for testing."""
    with tempfile.TemporaryDirectory() as temp_dir:
        original_dir = get_user_directory()
        set_user_directory(temp_dir)
        yield temp_dir
        set_user_directory(original_dir)
 class TestGetSystemUserDirectory:
    """Tests for get_system_user_directory() - internal API for System User directories.
    Verifies:
    - Custom nodes can access System User directories via internal API
    - Input validation prevents path traversal attacks
    """
    def test_default_name(self, mock_user_directory):
        """Test default 'system' name."""
        path = get_system_user_directory()
        assert path.endswith("__system")
        assert mock_user_directory in path
    def test_custom_name(self, mock_user_directory):
        """Test custom system user name."""
        path = get_system_user_directory("cache")
        assert path.endswith("__cache")
        assert "__cache" in path
    def test_name_with_underscore(self, mock_user_directory):
        """Test name with underscore in middle."""
        path = get_system_user_directory("my_cache")
        assert "__my_cache" in path
    def test_empty_name_raises(self):
        """Test empty name raises ValueError."""
        with pytest.raises(ValueError, match="cannot be empty"):
            get_system_user_directory("")
    def test_none_name_raises(self):
        """Test None name raises ValueError."""
        with pytest.raises(ValueError, match="cannot be empty"):
            get_system_user_directory(None)
    def test_name_starting_with_underscore_raises(self):
        """Test name starting with underscore raises ValueError."""
        with pytest.raises(ValueError, match="should not start with underscore"):
            get_system_user_directory("_system")
    def test_path_traversal_raises(self):
        """Test path traversal attempt raises ValueError (security)."""
        with pytest.raises(ValueError, match="Invalid system user name"):
            get_system_user_directory("../escape")
    def test_path_traversal_middle_raises(self):
        """Test path traversal in middle raises ValueError (security)."""
        with pytest.raises(ValueError, match="Invalid system user name"):
            get_system_user_directory("system/../other")
    def test_special_chars_raise(self):
        """Test special characters raise ValueError (security)."""
        with pytest.raises(ValueError, match="Invalid system user name"):
            get_system_user_directory("system!")
    def test_returns_absolute_path(self, mock_user_directory):
        """Test returned path is absolute."""
        path = get_system_user_directory("test")
        assert os.path.isabs(path)
 class TestGetPublicUserDirectory:
    """Tests for get_public_user_directory() - HTTP endpoint access with System User blocking.
    Verifies:
    - System Users (__ prefix) return None, blocking HTTP access
    - Public Users get valid paths
    - New endpoints using this function are automatically protected
    """
    def test_normal_user(self, mock_user_directory):
        """Test normal user returns valid path."""
        path = get_public_user_directory("default")
        assert path is not None
        assert "default" in path
        assert mock_user_directory in path
    def test_system_user_returns_none(self):
        """Test System User (__ prefix) returns None - blocks HTTP access."""
        assert get_public_user_directory("__system") is None
    def test_system_user_cache_returns_none(self):
        """Test System User cache returns None."""
        assert get_public_user_directory("__cache") is None
    def test_empty_user_returns_none(self):
        """Test empty user returns None."""
        assert get_public_user_directory("") is None
    def test_none_user_returns_none(self):
        """Test None user returns None."""
        assert get_public_user_directory(None) is None
    def test_header_injection_returns_none(self):
        """Test header injection attempt returns None (security)."""
        assert get_public_user_directory("__system\r\nX-Injected: true") is None
    def test_null_byte_injection_returns_none(self):
        """Test null byte injection handling (security)."""
        # Note: startswith check happens before any path operations
        result = get_public_user_directory("user\x00__system")
        # This should return a path since it doesn't start with __
        # The actual security comes from the path not being __*
        assert result is not None or result is None  # Depends on validation
    def test_path_traversal_attempt(self, mock_user_directory):
        """Test path traversal attempt handling."""
        # This function doesn't validate paths, only reserved prefix
        # Path traversal should be handled by the caller
        path = get_public_user_directory("../../../etc/passwd")
        # Returns path but doesn't start with __, so not None
        # Actual path validation happens in user_manager
        assert path is not None or "__" not in "../../../etc/passwd"
    def test_returns_absolute_path(self, mock_user_directory):
        """Test returned path is absolute."""
        path = get_public_user_directory("testuser")
        assert path is not None
        assert os.path.isabs(path)
 class TestBackwardCompatibility:
    """Tests for backward compatibility with existing APIs.
    Verifies:
    - get_user_directory() API unchanged
    - Existing user data remains accessible
    """
    def test_get_user_directory_unchanged(self, mock_user_directory):
        """Test get_user_directory() still works as before."""
        user_dir = get_user_directory()
        assert user_dir is not None
        assert os.path.isabs(user_dir)
        assert user_dir == mock_user_directory
    def test_existing_user_accessible(self, mock_user_directory):
        """Test existing users can access their directories."""
        path = get_public_user_directory("default")
        assert path is not None
        assert "default" in path
 class TestEdgeCases:
    """Tests for edge cases in System User detection.
    Verifies:
    - Only __ prefix is blocked (not _, not middle __)
    - Bypass attempts are prevented
    """
    def test_prefix_only(self):
        """Test prefix-only string is blocked."""
        assert get_public_user_directory("__") is None
    def test_single_underscore_allowed(self):
        """Test single underscore prefix is allowed (not System User)."""
        path = get_public_user_directory("_system")
        assert path is not None
        assert "_system" in path
    def test_triple_underscore_blocked(self):
        """Test triple underscore is blocked (starts with __)."""
        assert get_public_user_directory("___system") is None
    def test_underscore_in_middle_allowed(self):
        """Test underscore in middle is allowed."""
        path = get_public_user_directory("my__system")
        assert path is not None
        assert "my__system" in path
    def test_leading_space_allowed(self):
        """Test leading space + prefix is allowed (doesn't start with __)."""
        path = get_public_user_directory(" __system")
        assert path is not None
--- a/tests-unit/prompt_server_test/system_user_endpoint_test.py
+++ b/tests-unit/prompt_server_test/system_user_endpoint_test.py
@ -0,0 +1,375 @@
 """E2E Tests for System User Protection HTTP Endpoints
 Tests cover:
 - HTTP endpoint blocking: System Users cannot access /userdata (GET, POST, DELETE, move)
 - User creation blocking: System User names cannot be created via POST /users
 - Backward compatibility: Public Users work as before
 - Custom node scenario: Internal API works while HTTP is blocked
 - Structural security: get_public_user_directory() provides automatic protection
 """
 import pytest
 import os
 from aiohttp import web
 from app.user_manager import UserManager
 from unittest.mock import patch
 import folder_paths
@pytest.fixture
 def mock_user_directory(tmp_path):
    """Create a temporary user directory."""
    original_dir = folder_paths.get_user_directory()
    folder_paths.set_user_directory(str(tmp_path))
    yield tmp_path
    folder_paths.set_user_directory(original_dir)
@pytest.fixture
 def user_manager_multi_user(mock_user_directory):
    """Create UserManager in multi-user mode."""
    with patch('app.user_manager.args') as mock_args:
        mock_args.multi_user = True
        um = UserManager()
        # Add test users
        um.users = {"default": "default", "test_user_123": "Test User"}
        yield um
@pytest.fixture
 def app_multi_user(user_manager_multi_user):
    """Create app with multi-user mode enabled."""
    app = web.Application()
    routes = web.RouteTableDef()
    user_manager_multi_user.add_routes(routes)
    app.add_routes(routes)
    return app
 class TestSystemUserEndpointBlocking:
    """E2E tests for System User blocking on all HTTP endpoints.
    Verifies:
    - GET /userdata blocked for System Users
    - POST /userdata blocked for System Users
    - DELETE /userdata blocked for System Users
    - POST /userdata/.../move/... blocked for System Users
    """
    @pytest.mark.asyncio
    async def test_userdata_get_blocks_system_user(
        self, aiohttp_client, app_multi_user, mock_user_directory
    ):
        """
        GET /userdata with System User header should be blocked.
        """
        # Create test directory for System User (simulating internal creation)
        system_user_dir = mock_user_directory / "__system"
        system_user_dir.mkdir()
        (system_user_dir / "secret.txt").write_text("sensitive data")
        client = await aiohttp_client(app_multi_user)
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            # Attempt to access System User's data via HTTP
            resp = await client.get(
                "/userdata?dir=.",
                headers={"comfy-user": "__system"}
            )
        # Should be blocked (403 Forbidden or similar error)
        assert resp.status in [400, 403, 500], \
            f"System User access should be blocked, got {resp.status}"
    @pytest.mark.asyncio
    async def test_userdata_post_blocks_system_user(
        self, aiohttp_client, app_multi_user, mock_user_directory
    ):
        """
        POST /userdata with System User header should be blocked.
        """
        client = await aiohttp_client(app_multi_user)
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            resp = await client.post(
                "/userdata/test.txt",
                headers={"comfy-user": "__system"},
                data=b"malicious content"
            )
        assert resp.status in [400, 403, 500], \
            f"System User write should be blocked, got {resp.status}"
        # Verify no file was created
        assert not (mock_user_directory / "__system" / "test.txt").exists()
    @pytest.mark.asyncio
    async def test_userdata_delete_blocks_system_user(
        self, aiohttp_client, app_multi_user, mock_user_directory
    ):
        """
        DELETE /userdata with System User header should be blocked.
        """
        # Create a file in System User directory
        system_user_dir = mock_user_directory / "__system"
        system_user_dir.mkdir()
        secret_file = system_user_dir / "secret.txt"
        secret_file.write_text("do not delete")
        client = await aiohttp_client(app_multi_user)
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            resp = await client.delete(
                "/userdata/secret.txt",
                headers={"comfy-user": "__system"}
            )
        assert resp.status in [400, 403, 500], \
            f"System User delete should be blocked, got {resp.status}"
        # Verify file still exists
        assert secret_file.exists()
    @pytest.mark.asyncio
    async def test_v2_userdata_blocks_system_user(
        self, aiohttp_client, app_multi_user, mock_user_directory
    ):
        """
        GET /v2/userdata with System User header should be blocked.
        """
        client = await aiohttp_client(app_multi_user)
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            resp = await client.get(
                "/v2/userdata",
                headers={"comfy-user": "__system"}
            )
        assert resp.status in [400, 403, 500], \
            f"System User v2 access should be blocked, got {resp.status}"
    @pytest.mark.asyncio
    async def test_move_userdata_blocks_system_user(
        self, aiohttp_client, app_multi_user, mock_user_directory
    ):
        """
        POST /userdata/{file}/move/{dest} with System User header should be blocked.
        """
        system_user_dir = mock_user_directory / "__system"
        system_user_dir.mkdir()
        (system_user_dir / "source.txt").write_text("sensitive data")
        client = await aiohttp_client(app_multi_user)
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            resp = await client.post(
                "/userdata/source.txt/move/dest.txt",
                headers={"comfy-user": "__system"}
            )
        assert resp.status in [400, 403, 500], \
            f"System User move should be blocked, got {resp.status}"
        # Verify source file still exists (move was blocked)
        assert (system_user_dir / "source.txt").exists()
 class TestSystemUserCreationBlocking:
    """E2E tests for blocking System User name creation via POST /users.
    Verifies:
    - POST /users returns 400 for System User name (not 500)
    """
    @pytest.mark.asyncio
    async def test_post_users_blocks_system_user_name(
        self, aiohttp_client, app_multi_user
    ):
        """POST /users with System User name should return 400 Bad Request."""
        client = await aiohttp_client(app_multi_user)
        resp = await client.post(
            "/users",
            json={"username": "__system"}
        )
        assert resp.status == 400, \
            f"System User creation should return 400, got {resp.status}"
    @pytest.mark.asyncio
    async def test_post_users_blocks_system_user_prefix_variations(
        self, aiohttp_client, app_multi_user
    ):
        """POST /users with any System User prefix variation should return 400 Bad Request."""
        client = await aiohttp_client(app_multi_user)
        system_user_names = ["__system", "__cache", "__config", "__anything"]
        for name in system_user_names:
            resp = await client.post("/users", json={"username": name})
            assert resp.status == 400, \
                f"System User name '{name}' should return 400, got {resp.status}"
 class TestPublicUserStillWorks:
    """E2E tests for backward compatibility - Public Users should work as before.
    Verifies:
    - Public Users can access their data via HTTP
    - Public Users can create files via HTTP
    """
    @pytest.mark.asyncio
    async def test_public_user_can_access_userdata(
        self, aiohttp_client, app_multi_user, mock_user_directory
    ):
        """
        Public Users should still be able to access their data.
        """
        # Create test directory for Public User
        user_dir = mock_user_directory / "default"
        user_dir.mkdir()
        test_dir = user_dir / "workflows"
        test_dir.mkdir()
        (test_dir / "test.json").write_text('{"test": true}')
        client = await aiohttp_client(app_multi_user)
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            resp = await client.get(
                "/userdata?dir=workflows",
                headers={"comfy-user": "default"}
            )
        assert resp.status == 200
        data = await resp.json()
        assert "test.json" in data
    @pytest.mark.asyncio
    async def test_public_user_can_create_files(
        self, aiohttp_client, app_multi_user, mock_user_directory
    ):
        """
        Public Users should still be able to create files.
        """
        # Create user directory
        user_dir = mock_user_directory / "default"
        user_dir.mkdir()
        client = await aiohttp_client(app_multi_user)
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            resp = await client.post(
                "/userdata/newfile.txt",
                headers={"comfy-user": "default"},
                data=b"user content"
            )
        assert resp.status == 200
        assert (user_dir / "newfile.txt").exists()
 class TestCustomNodeScenario:
    """Tests for custom node use case: internal API access vs HTTP blocking.
    Verifies:
    - Internal API (get_system_user_directory) works for custom nodes
    - HTTP endpoint cannot access data created via internal API
    """
    def test_internal_api_can_access_system_user(self, mock_user_directory):
        """
        Internal API (get_system_user_directory) should work for custom nodes.
        """
        # Custom node uses internal API
        system_path = folder_paths.get_system_user_directory("mynode_config")
        assert system_path is not None
        assert "__mynode_config" in system_path
        # Can create and write to System User directory
        os.makedirs(system_path, exist_ok=True)
        config_file = os.path.join(system_path, "settings.json")
        with open(config_file, "w") as f:
            f.write('{"api_key": "secret"}')
        assert os.path.exists(config_file)
    @pytest.mark.asyncio
    async def test_http_cannot_access_internal_data(
        self, aiohttp_client, app_multi_user, mock_user_directory
    ):
        """
        HTTP endpoint cannot access data created via internal API.
        """
        # Custom node creates data via internal API
        system_path = folder_paths.get_system_user_directory("mynode_config")
        os.makedirs(system_path, exist_ok=True)
        with open(os.path.join(system_path, "secret.json"), "w") as f:
            f.write('{"api_key": "secret"}')
        client = await aiohttp_client(app_multi_user)
        # Attacker tries to access via HTTP
        with patch('app.user_manager.args') as mock_args:
            mock_args.multi_user = True
            resp = await client.get(
                "/userdata/secret.json",
                headers={"comfy-user": "__mynode_config"}
            )
        # Should be blocked
        assert resp.status in [400, 403, 500]
 class TestStructuralSecurity:
    """Tests for structural security pattern.
    Verifies:
    - get_public_user_directory() automatically blocks System Users
    - New endpoints using this function are automatically protected
    """
    def test_get_public_user_directory_blocks_system_user(self):
        """
        Any code using get_public_user_directory() is automatically protected.
        """
        # This is the structural security - any new endpoint using this function
        # will automatically block System Users
        assert folder_paths.get_public_user_directory("__system") is None
        assert folder_paths.get_public_user_directory("__cache") is None
        assert folder_paths.get_public_user_directory("__anything") is None
        # Public Users work
        assert folder_paths.get_public_user_directory("default") is not None
        assert folder_paths.get_public_user_directory("user123") is not None
    def test_structural_security_pattern(self, mock_user_directory):
        """
        Demonstrate the structural security pattern for new endpoints.
        Any new endpoint should follow this pattern:
        1. Get user from request
        2. Use get_public_user_directory() - automatically blocks System Users
        3. If None, return error
        """
        def new_endpoint_handler(user_id: str) -> str | None:
            """Example of how new endpoints should be implemented."""
            user_path = folder_paths.get_public_user_directory(user_id)
            if user_path is None:
                return None  # Blocked
            return user_path
        # System Users are automatically blocked
        assert new_endpoint_handler("__system") is None
        assert new_endpoint_handler("__secret") is None
        # Public Users work
        assert new_endpoint_handler("default") is not None