Merge branch 'main' into main

Author: simpletrontdip

.gitattributes

@@ -2,4 +2,5 @@
 # Only affects text files and ignores other file types.
 # For more info see: https://www.aleksandrhovhannisyan.com/blog/crlf-vs-lf-normalizing-line-endings-in-git/
 * text=auto
-docker/** text eol=lf
+docker/** text eol=lf
+tests/test_model_probe/stripped_models/** filter=lfs diff=lfs merge=lfs -text

.github/workflows/frontend-checks.yml

@@ -44,7 +44,12 @@ jobs:
       - name: check for changed frontend files
         if: ${{ inputs.always_run != true }}
         id: changed-files
-        uses: tj-actions/changed-files@v42
+        # Pinned to the _hash_ for v45.0.9 to prevent supply-chain attacks.
+        # See:
+        # - CVE-2025-30066
+        # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
+        # - https://github.com/tj-actions/changed-files/issues/2463
+        uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8
         with:
           files_yaml: |
             frontend:

.github/workflows/frontend-tests.yml

@@ -44,7 +44,12 @@ jobs:
       - name: check for changed frontend files
         if: ${{ inputs.always_run != true }}
         id: changed-files
-        uses: tj-actions/changed-files@v42
+        # Pinned to the _hash_ for v45.0.9 to prevent supply-chain attacks.
+        # See:
+        # - CVE-2025-30066
+        # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
+        # - https://github.com/tj-actions/changed-files/issues/2463
+        uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8
         with:
           files_yaml: |
             frontend:

.github/workflows/python-checks.yml

@@ -43,7 +43,12 @@ jobs:
       - name: check for changed python files
         if: ${{ inputs.always_run != true }}
         id: changed-files
-        uses: tj-actions/changed-files@v42
+        # Pinned to the _hash_ for v45.0.9 to prevent supply-chain attacks.
+        # See:
+        # - CVE-2025-30066
+        # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
+        # - https://github.com/tj-actions/changed-files/issues/2463
+        uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8
         with:
           files_yaml: |
             python:

.github/workflows/python-tests.yml

@@ -72,12 +72,18 @@ jobs:
       PIP_USE_PEP517: '1'
     steps:
       - name: checkout
-        uses: actions/checkout@v4
+        # https://github.com/nschloe/action-cached-lfs-checkout
+        uses: nschloe/action-cached-lfs-checkout@f46300cd8952454b9f0a21a3d133d4bd5684cfc2
 
       - name: check for changed python files
         if: ${{ inputs.always_run != true }}
         id: changed-files
-        uses: tj-actions/changed-files@v42
+        # Pinned to the _hash_ for v45.0.9 to prevent supply-chain attacks.
+        # See:
+        # - CVE-2025-30066
+        # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
+        # - https://github.com/tj-actions/changed-files/issues/2463
+        uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8
         with:
           files_yaml: |
             python:

.github/workflows/typegen-checks.yml

@@ -42,7 +42,12 @@ jobs:
       - name: check for changed files
         if: ${{ inputs.always_run != true }}
         id: changed-files
-        uses: tj-actions/changed-files@v42
+        # Pinned to the _hash_ for v45.0.9 to prevent supply-chain attacks.
+        # See:
+        # - CVE-2025-30066
+        # - https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
+        # - https://github.com/tj-actions/changed-files/issues/2463
+        uses: tj-actions/changed-files@a284dc1814e3fd07f2e34267fc8f81227ed29fb8
         with:
           files_yaml: |
             src:

docs/contributing/dev-environment.md

@@ -18,9 +18,19 @@ If you just want to use Invoke, you should use the [launcher][launcher link].
 
 2. [Fork and clone][forking link] the [InvokeAI repo][repo link].
 
-3. Create an directory for user data (images, models, db, etc). This is typically at `~/invokeai`, but if you already have a non-dev install, you may want to create a separate directory for the dev install.
-
-4. Follow the [manual install][manual install link] guide, with some modifications to the install command:
+3. This repository uses Git LFS to manage large files. To ensure all assets are downloaded:
+      - Install git-lfs → [Download here](https://git-lfs.com/)
+      - Enable automatic LFS fetching for this repository:
+        ```shell
+        git config lfs.fetchinclude "*"
+        ```
+        - Fetch files from LFS (only needs to be done once; subsequent `git pull` will fetch changes automatically):
+        ```
+        git lfs pull
+        ```
+4. Create an directory for user data (images, models, db, etc). This is typically at `~/invokeai`, but if you already have a non-dev install, you may want to create a separate directory for the dev install.
+
+5. Follow the [manual install][manual install link] guide, with some modifications to the install command:
 
       - Use `.` instead of `invokeai` to install from the current directory. You don't need to specify the version.
 
@@ -34,27 +44,27 @@ If you just want to use Invoke, you should use the [launcher][launcher link].
       uv pip install -e ".[dev,test,docs,xformers]" --python 3.11 --python-preference only-managed --index=https://download.pytorch.org/whl/cu124 --reinstall
       ```
 
-5. At this point, you should have Invoke installed, a venv set up and activated, and the server running. But you will see a warning in the terminal that no UI was found. If you go to the URL for the server, you won't get a UI.
+6. At this point, you should have Invoke installed, a venv set up and activated, and the server running. But you will see a warning in the terminal that no UI was found. If you go to the URL for the server, you won't get a UI.
 
       This is because the UI build is not distributed with the source code. You need to build it manually. End the running server instance.
 
       If you only want to edit the docs, you can stop here and skip to the **Documentation** section below.
 
-6. Install the frontend dev toolchain:
+7. Install the frontend dev toolchain:
 
       - [`nodejs`](https://nodejs.org/) (v20+)
 
       - [`pnpm`](https://pnpm.io/8.x/installation) (must be v8 - not v9!)
 
-7. Do a production build of the frontend:
+8. Do a production build of the frontend:
 
       ```sh
       cd <PATH_TO_INVOKEAI_REPO>/invokeai/frontend/web
       pnpm i
       pnpm build
       ```
 
-8. Restart the server and navigate to the URL. You should get a UI. After making changes to the python code, restart the server to see those changes.
+9. Restart the server and navigate to the URL. You should get a UI. After making changes to the python code, restart the server to see those changes.
 
 ## Updating the UI
 

invokeai/app/api/routers/workflows.py

@@ -105,6 +105,7 @@ async def list_workflows(
     categories: Optional[list[WorkflowCategory]] = Query(default=None, description="The categories of workflow to get"),
     tags: Optional[list[str]] = Query(default=None, description="The tags of workflow to get"),
     query: Optional[str] = Query(default=None, description="The text to query by (matches name and description)"),
+    has_been_opened: Optional[bool] = Query(default=None, description="Whether to include/exclude recent workflows"),
 ) -> PaginatedResults[WorkflowRecordListItemWithThumbnailDTO]:
     """Gets a page of workflows"""
     workflows_with_thumbnails: list[WorkflowRecordListItemWithThumbnailDTO] = []
@@ -116,6 +117,7 @@ async def list_workflows(
         query=query,
         categories=categories,
         tags=tags,
+        has_been_opened=has_been_opened,
     )
     for workflow in workflows.items:
         workflows_with_thumbnails.append(
@@ -221,14 +223,29 @@ async def get_workflow_thumbnail(
         raise HTTPException(status_code=404)
 
 
-@workflows_router.get("/counts", operation_id="get_counts")
-async def get_counts(
-    tags: Optional[list[str]] = Query(default=None, description="The tags to include"),
+@workflows_router.get("/counts_by_tag", operation_id="get_counts_by_tag")
+async def get_counts_by_tag(
+    tags: list[str] = Query(description="The tags to get counts for"),
     categories: Optional[list[WorkflowCategory]] = Query(default=None, description="The categories to include"),
-) -> int:
-    """Gets a the count of workflows that include the specified tags and categories"""
+    has_been_opened: Optional[bool] = Query(default=None, description="Whether to include/exclude recent workflows"),
+) -> dict[str, int]:
+    """Counts workflows by tag"""
 
-    return ApiDependencies.invoker.services.workflow_records.get_counts(tags=tags, categories=categories)
+    return ApiDependencies.invoker.services.workflow_records.counts_by_tag(
+        tags=tags, categories=categories, has_been_opened=has_been_opened
+    )
+
+
+@workflows_router.get("/counts_by_category", operation_id="counts_by_category")
+async def counts_by_category(
+    categories: list[WorkflowCategory] = Query(description="The categories to include"),
+    has_been_opened: Optional[bool] = Query(default=None, description="Whether to include/exclude recent workflows"),
+) -> dict[str, int]:
+    """Counts workflows by category"""
+
+    return ApiDependencies.invoker.services.workflow_records.counts_by_category(
+        categories=categories, has_been_opened=has_been_opened
+    )
 
 
 @workflows_router.put(

invokeai/app/invocations/compel.py

@@ -40,10 +40,10 @@
 
 @invocation(
     "compel",
-    title="Prompt",
+    title="Prompt - SD1.5",
     tags=["prompt", "compel"],
     category="conditioning",
-    version="1.2.0",
+    version="1.2.1",
 )
 class CompelInvocation(BaseInvocation):
     """Parse prompt using compel package to conditioning."""
@@ -233,10 +233,10 @@ def _lora_loader() -> Iterator[Tuple[ModelPatchRaw, float]]:
 
 @invocation(
     "sdxl_compel_prompt",
-    title="SDXL Prompt",
+    title="Prompt - SDXL",
     tags=["sdxl", "compel", "prompt"],
     category="conditioning",
-    version="1.2.0",
+    version="1.2.1",
 )
 class SDXLCompelPromptInvocation(BaseInvocation, SDXLPromptInvocationBase):
     """Parse prompt using compel package to conditioning."""
@@ -327,10 +327,10 @@ def invoke(self, context: InvocationContext) -> ConditioningOutput:
 
 @invocation(
     "sdxl_refiner_compel_prompt",
-    title="SDXL Refiner Prompt",
+    title="Prompt - SDXL Refiner",
     tags=["sdxl", "compel", "prompt"],
     category="conditioning",
-    version="1.1.1",
+    version="1.1.2",
 )
 class SDXLRefinerCompelPromptInvocation(BaseInvocation, SDXLPromptInvocationBase):
     """Parse prompt using compel package to conditioning."""
@@ -376,10 +376,10 @@ class CLIPSkipInvocationOutput(BaseInvocationOutput):
 
 @invocation(
     "clip_skip",
-    title="CLIP Skip",
+    title="Apply CLIP Skip - SD1.5, SDXL",
     tags=["clipskip", "clip", "skip"],
     category="conditioning",
-    version="1.1.0",
+    version="1.1.1",
 )
 class CLIPSkipInvocation(BaseInvocation):
     """Skip layers in clip text_encoder model."""

invokeai/app/invocations/controlnet_image_processors.py

@@ -87,7 +87,7 @@ class ControlOutput(BaseInvocationOutput):
     control: ControlField = OutputField(description=FieldDescriptions.control)
 
 
-@invocation("controlnet", title="ControlNet", tags=["controlnet"], category="controlnet", version="1.1.2")
+@invocation("controlnet", title="ControlNet - SD1.5, SDXL", tags=["controlnet"], category="controlnet", version="1.1.3")
 class ControlNetInvocation(BaseInvocation):
     """Collects ControlNet info to pass to other nodes"""