This PR introduces a separate backend service for making LLM calls.
It exposes an HTTP interface that can be called by Zed clients. To call
these endpoints, the client must provide a `Bearer` token. These tokens
are issued/refreshed by the collab service over RPC.
We're adding this in a backwards-compatible way. Right now the access
tokens can only be minted for Zed staff, and calling this separate LLM
service is behind the `llm-service` feature flag (which is not
automatically enabled for Zed staff).
Release Notes:
- N/A
---------
Co-authored-by: Marshall <marshall@zed.dev>
Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
This PR makes it so any Stripe events we receive that occurred over an
hour ago are marked as processed.
We don't want to process an old event long after it occurred and
potentially overwrite more recent updates.
This also makes running collab locally a bit nicer, as we won't be
getting errors for a bunch of older events that will never get processed
successfully.
The period after time after which we consider an event "stale" can be
modified, as needed.
Release Notes:
- N/A
This is just a refactor that we're landing ahead of any functional
changes to make sure we haven't broken anything.
Release Notes:
- N/A
Co-authored-by: Marshall <marshall@zed.dev>
Co-authored-by: Jason <jason@zed.dev>
This PR changes how we report the `geoip_country_code` in the tracing
spans.
I wasn't seeing it come through in the logs, and I think it was because
we didn't declare the field on the initial span.
Release Notes:
- N/A
This PR fixes the `.env.toml` paths, since we inadvertently broke them
in https://github.com/zed-industries/zed/pull/15557.
There's likely a better way we can do this, but I wanted to restore the
previous behavior, for now.
Release Notes:
- N/A
This PR renames the links to the `zed.dev/settings` page to the
`zed.dev/account`.
Some of these spots will likely link out to a marketing page later.
Release Notes:
- N/A
This PR removes the primary/secondary distinction for
`CachedLspAdapter`s.
After #15624 we weren't relying on the `is_primary` field anywhere, so
we can remove it.
Release Notes:
- N/A
This PR increases the frequency at which we poll for Stripe events.
This decreases the amount of time we have to wait in order for changes
in Stripe to be reflected in our system.
We now poll for events every 5 seconds, down from every 5 minutes.
In order to avoid needlessly over-fetching data from Stripe, we put a
cap on the number of pages consisting entirely of already-processed
events that we can see before stopping. This is set to 4, so once we've
seen 4 pages of processed events (400 events in total), we'll stop
fetching subsequent pages.
Release Notes:
- N/A
English is hard.
In US English the forms of "cancel" are as follows:
- `cancel`
- `cancels`
- `canceling`
- `canceled`
- `cancellation`
Note that `cancellation` _does_ use the double `l`, which all the rest
of the forms do not.
Release Notes:
- N/A
This PR updates collab to pick the `zed.dev` URL based on the current
environment rather than always using `https://zed.dev`.
This means that when developing locally we'll use
`http://localhost:3000` to be taken to the locally-running version of
`zed.dev`.
Release Notes:
- N/A
This UI change is behind a `ZedPro` feature flag so that it won't be
visible until we're ready to launch that service.
Release Notes:
- N/A
---------
Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
Co-authored-by: Marshall <marshall@zed.dev>
This PR updates the rate limits to adapt based on the user's current
plan.
For the free plan rate limits I just took one-tenth of the existing rate
limits (which are now the Pro limits). We can adjust, as needed.
Release Notes:
- N/A
---------
Co-authored-by: Max <max@zed.dev>
This PR adds a new `GET /billing/subscriptions` endpoint to collab for
retrieving the subscriptions to display on the account settings page.
Release Notes:
- N/A
This PR updates the user menu to show the user's current plan.
Also adds a new RPC message to send this information down to the client
when Zed starts.
This is behind a feature flag.
Release Notes:
- N/A
---------
Co-authored-by: Max <max@zed.dev>
This PR reworks how we process Stripe events for reconciliation
purposes.
The previous approach in #15480 turns out to not be workable, on account
of the Stripe event IDs not being strictly in order. This meant that we
couldn't reliably compare two arbitrary event IDs and determine which
one was more recent.
This new approach leans on the guidance that Stripe provides for
webhooks events:
> Webhook endpoints might occasionally receive the same event more than
once. You can guard against duplicated event receipts by logging the
[event IDs](https://docs.stripe.com/api/events/object#event_object-id)
you’ve processed, and then not processing already-logged events.
>
> https://docs.stripe.com/webhooks#handle-duplicate-events
We now record processed Stripe events in the `processed_stripe_events`
table and use this to filter out events that have already been
processed, so we do not process them again.
When retrieving events from the Stripe events API we now buffer the
unprocessed events so that we can sort them by their `created` timestamp
and process them in (roughly) the order they occurred.
Release Notes:
- N/A
We also eliminate the `completion` crate and moved its logic into
`LanguageModelRegistry`.
Release Notes:
- N/A
---------
Co-authored-by: Nathan <nathan@zed.dev>
This PR improves our Stripe event handling by keeping track of the last
event we've seen for each record.
The `billing_customers` and `billing_subscriptions` tables both have a
new `last_stripe_event_id` column. When we apply an event to one of
these records, we store the event ID that was applied.
Then, when we are going through events we can ignore any event that has
an ID that came before the `last_stripe_event_id` (based on the
lexicographical ordering of the IDs).
Release Notes:
- N/A
This PR lays the initial groundwork for using the Stripe events API to
reconcile the data in our system with what's in Stripe.
We're using the events API over webhooks so that we don't need to stand
up the associated infrastructure needed to handle webhooks effectively
(namely an asynchronous job queue).
Since we haven't configured the Stripe API keys yet, we won't actually
spawn the reconciliation background task yet, so this is currently a
no-op.
Release Notes:
- N/A
This PR adds a new `billing_customers` table to hold the billing
customers.
Previously we were storing both the `stripe_customer_id` and
`stripe_subscription_id` in the `billable_subscriptions` table. However,
this creates problems when we need to correlate subscription events back
to the subscription record, as we don't know the user that the Stripe
event corresponds to.
By moving the `stripe_customer_id` to a separate table we can create the
Stripe customer earlier in the flow—before we create the Stripe Checkout
session—and associate that customer with a user. This way when we
receive events down the line we can use the Stripe customer ID to
correlate it back to the user.
We're doing some destructive actions to the `billing_subscriptions`
table, but this is fine, as we haven't started using them yet.
Release Notes:
- N/A
This PR adds a new `POST /billing/subscriptions/manage` endpoint that
can be used to manage a billing subscription.
The endpoint accepts a `github_user_id` to identify the user, as well as
an optional `subscription_id` for managing a specific subscription. If
`subscription_id` is not provided, it try and use the active
subscription, if there is only one.
Right now the endpoint only supports cancelling an active subscription.
This is done by passing `"intent": "cancel"` in the request body.
The endpoint will return the URL to a Stripe customer portal session,
which the caller can redirect the user to.
Here's an example of how to call it:
```sh
curl -X POST "http://localhost:8080/billing/subscriptions/manage" \
-H "Authorization: <ADMIN_TOKEN>" \
-H "Content-Type: application/json" \
-d '{"github_user_id": 12345, "intent": "cancel"}'
```
Release Notes:
- N/A
This PR adds a new `POST /billing/subscriptions` endpoint that can be
used to initiate a billing subscription.
The endpoint will use the provided `github_user_id` to look up a user,
generate a Stripe Checkout session, and then return the URL.
The caller would then redirect the user to the URL to initiate the
checkout flow.
Here's an example of how to call it:
```sh
curl -X POST "http://localhost:8080/billing/subscriptions" \
-H "Authorization: <ADMIN_TOKEN>" \
-H "Content-Type: application/json" \
-d '{"github_user_id": 12345}'
```
Release Notes:
- N/A
This PR adds a new `billing_subscriptions` table to the database, as
well as some accompanying models/queries.
In this table we store a minimal amount of data from Stripe:
- The Stripe customer ID
- The Stripe subscription ID
- The status of the Stripe subscription
This should be enough for interactions with the Stripe API (e.g., to
[create a customer portal
session](https://docs.stripe.com/api/customer_portal/sessions/create)),
as well as determine whether a subscription is active (based on the
`status`).
Release Notes:
- N/A
This changes the workspace/session serialization to also persist the
order of windows across restarts.
Release Notes:
- Improved restoring of windows across restarts: the order of the
windows is now also restored. That means windows that were in the
foreground when Zed was quit will be in the foreground after restart.
(Right now only supported on Linux/X11, not on Linux/Wayland.)
Demo:
https://github.com/user-attachments/assets/0b8162f8-f06d-43df-88d3-c45d8460fb68
In this pull request, we change the zed.dev protocol so that we pass the
raw JSON for the specified provider directly to our server. This avoids
the need to define a protobuf message that's a superset of all these
formats.
@bennetbo: We also changed the settings for available_models under
zed.dev to be a flat format, because the nesting seemed too confusing.
Can you help us upgrade the local provider configuration to be
consistent with this? We do whatever we need to do when parsing the
settings to make this simple for users, even if it's a bit more complex
on our end. We want to use versioning to avoid breaking existing users,
but need to keep making progress.
```json
"zed.dev": {
"available_models": [
{
"provider": "anthropic",
"name": "some-newly-released-model-we-havent-added",
"max_tokens": 200000
}
]
}
```
Release Notes:
- N/A
---------
Co-authored-by: Nathan <nathan@zed.dev>
This PR adds the `renovate[bot]` user to the `GET /contributor` endpoint
so that it passes the CLA check.
I patched this temporarily by adding a case into the `zed.dev` endpoint
the fronts this one, but I think long-term it will be better for collab
to be the source of truth.
Release Notes:
- N/A
This PR upgrades `async-tungstenite` to v17.0.3.
We previously attempted upgrading `async-tungstenite` in #15039, but
broke authentication with collab in the process.
Upon further investigation, I determined that the root cause is due to
this change in `tungstenite` v0.17.0:
> Overhaul of the client's request generation process. Now the users are
able to pass the constructed `http::Request` "as is" to
`tungstenite-rs`, letting the library to check the correctness of the
request and specifying their own headers (including its own key if
necessary). No changes for those ones who used the client in a normal
way by connecting using a URL/URI (most common use-case).
We _were_ relying on passing an `http::Request` directly to
`tungstenite`, meaning we did not benefit from the changes to the common
path (of passing a URL/URI).
This meant that—due to changes in `tungstenite`—we were now missing the
`Sec-WebSocket-Key` header that `tungstenite` would otherwise set for
us.
Since we were only passing a custom `http::Request` to set headers, our
approach has been adjusted to construct the initial WebSocket request
using `tungstenite`'s `IntoClientRequest::into_client_request` and then
modifying the request to set our additional desired headers.
Release Notes:
- N/A
This PR adds support for a new encryption format for exchanging access
tokens during the authentication flow.
The new format uses Optimal Asymmetric Encryption Padding (OAEP) instead
of PKCS#1 v1.5, which is known to be vulnerable to side-channel attacks.
**Note: We are not yet encrypting access tokens using the new format, as
this is a breaking change between the client and the server. This PR
only adds support for it, and makes it so the client and server can
decrypt either format moving forward.**
This required bumping the RSA key size from 1024 bits to 2048 bits. This
is necessary to be able to encode the access token into the ciphertext
when using OAEP.
This also follows OWASP recommendations:
> If ECC is not available and RSA must be used, then ensure that the key
is at least 2048 bits.
>
> —
[source](https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#algorithms)
Release Notes:
- N/A
Fixes#4822
- [x] Release note
- [ ] Surface formatting errors via a toast
- [x] Doc updates
- [x] Have "language-server" accept an optional name of the server.
Release Notes:
- `format` and `format_on_save` now accept an array of formatting
actions to run.
- `language_server` formatter option now accepts the name of a language
server to use (e.g. `{"language_server": {"name: "ruff"}}`); when not
specified, a primary language server is used.
---------
Co-authored-by: Thorsten <thorsten@zed.dev>
<img width="624" alt="image"
src="https://github.com/user-attachments/assets/f492b0bd-14c3-49e2-b2ff-dc78e52b0815">
- [x] Correctly set custom model token count
- [x] How to count tokens for Gemini models?
- [x] Feature flag zed.dev provider
- [x] Figure out how to configure custom models
- [ ] Update docs
Release Notes:
- Added support for quickly switching between multiple language model
providers in the assistant panel
---------
Co-authored-by: Antonio <antonio@zed.dev>
