feat(platform/blocks): implement ConcatenateListsBlock

[PratyushSingh2002]

Summary

This pull request introduces the ConcatenateListsBlock, a new block that merges multiple lists into a single flattened list. The implementation uses itertools.chain for efficient concatenation and includes input validation to ensure the input structure is correct.

Changes Included
Added concatenate_lists.py under backend/backend/blocks/
Added unit tests under backend/test/blocks/
Tests cover normal list merging, empty list handling, and invalid input cases

Test Plan

The block was validated using the included unit tests. All unit tests were executed locally under Python 3.12 in a virtual environment using pytest -q.

[github-actions]

This PR targets the master branch but does not come from dev or a hotfix/* branch.

Automatically setting the base branch to dev.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-merge-pro]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 5 🔵🔵🔵🔵🔵

🧪 PR contains tests

🔒 Security concerns CORS configuration: New build_cors_params and regex support add complexity. In production, localhost is blocked (literal and regex), with tests covering this. Validate that all middleware instantiations consistently use build_cors_params and that no other entry points bypass it. Admin analytics endpoint: The new admin endpoint invokes LLMs using an internal API key and bypasses feature flags via skip_feature_flag=True. Ensure this endpoint remains admin-protected (it uses requires_admin_user) and that rate limiting and logging do not leak sensitive content. WebSocket notifications: A new notification bus delivers arbitrary payloads to users. Confirm payload sanitization on the frontend if any content could be user-generated to avoid UI injection risks. No direct XSS concerns are evident; messages are JSON-only. No other obvious credential exposure or injection risks found.

⚡ Recommended focus areas for review Possible Issue The tool map key was changed from setup_agent to schedule_agent, but the actual tool implementation file is still named setup_agent.py. Verify that callers use the new name and that the backend and frontend agree on tool names to avoid 404/unknown tool errors. "find_agent": find_agent_tool, "get_agent_details": get_agent_details_tool, "get_required_setup_info": get_required_setup_info_tool, "schedule_agent": setup_agent_tool, "run_agent": run_agent_tool, API Change Risk connect_socket and disconnect_socket now require user_id. Ensure all call sites were updated; missing updates could break WS connections. There are updated usages in tests and ws_api, but double-check other imports/usages not shown in the diff. async def connect_socket(self, websocket: WebSocket, *, user_id: str): await websocket.accept() self.active_connections.add(websocket) if user_id not in self.user_connections: self.user_connections[user_id] = set() self.user_connections[user_id].add(websocket) def disconnect_socket(self, websocket: WebSocket, *, user_id: str): self.active_connections.discard(websocket) for subscribers in self.subscriptions.values(): subscribers.discard(websocket) user_conns = self.user_connections.get(user_id) if user_conns is not None: user_conns.discard(websocket) if not user_conns: self.user_connections.pop(user_id, None) Validation Edge Cases CORS origin validation now accepts regex entries and auto-completes localhost/127.0.0.1 ports. Confirm no duplicates or ordering issues occur and that invalid but tricky patterns are correctly rejected across environments. backend_cors_allow_origins: List[str] = Field( default=["http://localhost:3000"], description="Allowed Origins for CORS. Supports exact URLs (http/https) or entries prefixed with " '"regex:" to match via regular expression.', ) @field_validator("backend_cors_allow_origins") @classmethod def validate_cors_allow_origins(cls, v: List[str]) -> List[str]: validated: List[str] = [] localhost_ports: set[str] = set() ip127_ports: set[str] = set() for raw_origin in v: origin = raw_origin.strip() if origin.startswith("regex:"): pattern = origin[len("regex:") :] if not pattern: raise ValueError("Invalid regex pattern: pattern cannot be empty") try: re.compile(pattern) except re.error as exc: raise ValueError( f"Invalid regex pattern '{pattern}': {exc}" ) from exc validated.append(origin) continue if origin.startswith(("http://", "https://")): if "localhost" in origin: try: port = origin.split(":")[2] localhost_ports.add(port) except IndexError as exc: raise ValueError( "localhost origins must include an explicit port, e.g. http://localhost:3000" ) from exc if "127.0.0.1" in origin: try: port = origin.split(":")[2] ip127_ports.add(port) except IndexError as exc: raise ValueError( "127.0.0.1 origins must include an explicit port, e.g. http://127.0.0.1:3000" ) from exc validated.append(origin) continue raise ValueError(f"Invalid URL or regex origin: {origin}") for port in ip127_ports - localhost_ports: validated.append(f"http://localhost:{port}") for port in localhost_ports - ip127_ports: validated.append(f"http://127.0.0.1:{port}") return validated

[deepsource-io]

Here's the code health analysis summary for commits c3a6235..15b2123. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
JavaScript	✅ Success		View Check ↗
Python	✅ Success	❗ 3 occurences introduced	View Check ↗

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[netlify]

✅ Deploy Preview for auto-gpt-docs ready!

Name	Link
🔨 Latest commit	15b2123
🔍 Latest deploy log	https://app.netlify.com/projects/auto-gpt-docs/deploys/69132a54ee650900080ce771
😎 Deploy Preview	https://deploy-preview-11360--auto-gpt-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[AutoGPT-Agent]

Thanks for contributing the new ConcatenateListsBlock! The implementation looks good and includes proper tests.

However, your PR description is missing the required checklist section from our PR template. Please update your PR description to include the complete checklist section and make sure all applicable items are checked off.

Specifically, your PR should include:

• The standard checklist for code changes
• Confirmation that you've tested your changes according to the test plan

The code itself looks solid - I appreciate the clean implementation using itertools.chain and the thorough test coverage for both valid and invalid inputs. Once you update the PR description with the required checklist, this should be ready for review.

[AutoGPT-Agent]

Thank you for implementing the ConcatenateListsBlock! The code implementation looks good with proper error handling and the tests cover the important cases.

However, our PR process requires using the standard PR template with a completed checklist. Could you please update your PR description to include the checklist from our template and check off the appropriate items?

Specifically, please:

1. Include the standard checklist section
2. Check off items confirming you've tested your changes
3. Add any specific test steps you performed

The code itself looks ready to merge once the description is updated with the required checklist format.

[AutoGPT-Agent]

Thank you for implementing the ConcatenateListsBlock! The implementation looks clean and includes appropriate error handling and tests.

However, before we can merge this PR, please update your PR description to include the required checklist from our PR template. The checklist needs to be filled out completely since this PR involves code changes.

Please make sure to:

1. Include the complete checklist section
2. Check all applicable boxes
3. Add your specific test plan in the designated area

The code implementation itself looks good - I like the use of itertools.chain for efficient concatenation and the error handling approach.