Merge/upstream v0.8.1 onto main #78
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…la#9719) * bug: updating so text doesn't delete * fix: preserve user input when typing during AI response Previously, form.reset() would clear any text the user started typing while waiting for AI response. Now checks if textarea has new content before resetting, preventing text loss and improving UX. * chore: revert useSubmitMessage changes * fix: reduce debounce time for input handling in auto-save * fix: improve debounce handling for auto-save input to enhance user experience --------- Co-authored-by: Megan Greenberg <mgreenberg@networkninja.com>
…#9726) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* chore: Update documentation for formatToolContent function, remove JSDoc types and duplicate comments * chore: fix type errors due to attachment.filename in Attachment component
…danny-avila#9737) * fix: increment tag counters when forking/duplicating conversations - Add bulkIncrementTagCounts to update existing tag counts in bulk - Integrate tag count updates into importBatchBuilder.saveBatch() using Promise.all - Update frontend mutations to directly update cache instead of invalidating queries - Optimize bulkIncrementTagCounts to skip unnecessary database queries Fixes issue where forked/duplicated conversations with bookmarks would not increment tag counters, leading to negative counts when bookmarks were later removed. * chore: reorder import statements for clarity in fork.spec.js
* 🎨 refactor: Improve Mermaid Artifacts Styling * refactor: Replace ArtifactMarkdown with MermaidMarkdown
* fix: axios response logging for text parsing, remove console logging, remove jsdoc * refactor: error logging in logAxiosError function to handle various error types with type guards * refactor: enhance text parsing with improved error handling and async file reading * refactor: replace synchronous file reading with asynchronous methods for improved performance and memory management * ci: update tests
🔄 refactor: Optimize MCP Tool Initialization fix: update tool caching to use separated mcp logic refactor: Replace `req.user` with `userId` in MCP handling functions refactor: Replace `req` parameter with `userId` in file search tool functions fix: Update user connection parameter to use object format in reinitMCPServer refactor: Simplify MCP tool creation logic and improve handling of tool configurations to avoid capturing too much in closures refactor: ensure MCP available tools are fetched from cache only when needed
🧬 refactor: Optimize MCP Tool Queries with Server-Centric Architecture refactor: optimize mcp tool queries by removing redundancy, making server-centric structure, enabling query only when expected, minimize looping/transforming query data, eliminating unused/compute-heavy methods ci: MCP Server Tools Mocking in Agent Tests
…ng (danny-avila#9752) * refactor: Implement gradual backoff polling for oauth connection status with timeout handling * refactor: Enhance OAuth polling with gradual backoff and timeout handling; update reconnection tracking * refactor: reconnection timeout behavior in OAuthReconnectionManager and OAuthReconnectionTracker - Implement tests to verify reconnection timeout handling, including tracking of reconnection states and cleanup of timed-out entries. - Enhance existing methods in OAuthReconnectionManager and OAuthReconnectionTracker to support timeout checks and cleanup logic. - Ensure proper handling of multiple servers with different timeout periods and edge cases for active states. * chore: remove comment * refactor: Enforce strict 3-minute OAuth timeout with updated polling intervals and improved timeout handling * refactor: Remove unused polling logic and prevent duplicate polling for servers in MCP server manager * refactor: Update localization key for no memories message in MemoryViewer * refactor: Improve MCP tool initialization by handling server failures - Introduced a mechanism to track failed MCP servers, preventing retries for unavailable servers. - Added logging for failed tool creation attempts to enhance debugging and monitoring. * refactor: Update reconnection timeout to enforce a strict 3-minute limit * ci: Update reconnection timeout tests to reflect a strict 3-minute limit * ci: Update reconnection timeout tests to enforce a strict 3-minute limit * chore: Remove unused MCP connection timeout message
…#9759) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* chore: Improve logging format for initial flow state creation * refactor: MCP Tool Management with Improved Auth Handling and State Management - Updated `CustomUserVarsSection` to include optional localization for placeholder text. - Refactored `MCPToolSelectDialog` to streamline tool addition and management, including improved handling of authentication data. - Introduced a new `addToolsToForm` function to encapsulate logic for adding tools to the form state. - Enhanced `useRemoveMCPTool` hook to simplify tool removal logic and ensure proper state updates. - Added loading state management for custom variable saving to improve user experience. * refactor: Enhance MCP Tool Removal Logic and Integrate Toast Notifications - Updated `MCPToolSelectDialog` to utilize the new `removeTool` function from the `useRemoveMCPTool` hook for improved tool removal handling. - Refactored `useRemoveMCPTool` to accept options for toast notifications, allowing for more flexible user feedback during tool removal. - Removed the previous inline tool removal logic to streamline the component's code and improve maintainability. * refactor: Enhance user plugins mutation to invalidate MCP auth values on uninstall * refactor: Replace refetchQueries with invalidateQueries for improved cache management * chore: remove unused i18n key
…y-avila#9763) * refactor: Remove unused imports and consolidate ephemeral agent logic * refactor: Side Panel agent handling to account for ephemeral agents for UI * refactor: Replace Constants.EPHEMERAL_AGENT_ID checks with isEphemeralAgent utility for consistency * ci: AgentPanel tests with additional mock configurations and utility functions
…#9764) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…thod (danny-avila#9773) * set supported endpoint auth method when token_url exists * persist tokens immediately * add token storage validation tests
) - Update MongoDB chart dependency from v16.3.0 to v16.5.45 - Add explicit containerPort configuration with fallback to service.port - Standardize port references in health probes to use explicit port numbers - Add targetPort and containerPort fields to service configuration - Include service type options as inline comment for better clarity These changes improve the Helm chart's port management flexibility and bring the MongoDB dependency up to date with the latest stable version. Co-authored-by: Jerum Hubbert <jerum.hubbert@scientificgames.com>
…#9171) * feat: support multiple roles in OPENID_REQUIRED_ROLE - Allow comma-separated roles in OPENID_REQUIRED_ROLE environment variable - User needs ANY of the specified roles to login (OR logic) - Maintain backward compatibility with single role configuration - Add comprehensive test coverage for multiple role scenarios * Add tests * Fix linter * Add missing closing brace * Add new line * Simplify tests * Refresh OpenID verify callback in tests * Fix OpenID spec and resolve linting errors * test: Add backward compatibility test for single required role in OpenID strategy --------- Co-authored-by: Danny Avila <danny@librechat.ai>
…-avila#9785) This PR adds DNS configuration support to the LibreChat Helm chart, enabling users to redirect traffic to proxy servers or use custom DNS settings. ## What's Changed - Added dnsPolicy and dnsConfig fields to deployment.yaml template - Added DNS configuration options to values.yaml with comprehensive examples - Created documentation and example configurations ## Use Cases - Redirect AI service traffic (AWS Bedrock, OpenAI, etc.) to proxy servers - Use corporate DNS servers for name resolution - Control traffic routing through custom DNS configurations - Enforce traffic through security gateways ## Configuration Example ```yaml dnsPolicy: "None" dnsConfig: nameservers: - "10.0.0.10" # Custom DNS server for redirections searches: - "svc.cluster.local" options: - name: ndots value: "2" ``` ## Testing Results ✅ Successfully tested with Docker Compose environment ✅ DNS resolution correctly redirects to configured IPs ✅ HTTP requests properly routed to proxy servers ✅ Tested with multiple domains (AWS Bedrock, OpenAI, SageMaker) Test output: - bedrock-runtime.us-east-1.amazonaws.com -> 172.25.0.10 ✓ - api.openai.com -> 172.25.0.10 ✓ - sagemaker-runtime.us-east-1.amazonaws.com -> 172.25.0.10 ✓ All DNS redirects working correctly with proxy server receiving traffic. ## Documentation - Added comprehensive DNS_CONFIGURATION.md guide - Included examples for common use cases - Provided troubleshooting steps ## Backward Compatibility This change is fully backward compatible. If dnsPolicy and dnsConfig are not specified, the default Kubernetes DNS behavior is maintained. Fixes #[issue_number] Co-authored-by: LibreChat User <user@example.com>
) * add use of immutable claims to identify user object * fix semicolons * update email attribute on change * replace ternary expressions * fix semicolon * chore: add typing * chore: reorder fields in `findOpenIDUser` * refactor: optimize user lookup logic in `findOpenIDUser` function to minimize database roundtrips * refactor: integrate findOpenIDUser for improved user retrieval in refreshController * refactor: improve error logging for invalid refresh tokens in refreshController * ci: mock findUser correctly in openidStrategy tests * test: add unit tests for findOpenIDUser function to enhance user retrieval logic --------- Co-authored-by: Joachim Keltsch <joachim.keltsch@daimlertruck.com>
…#9789) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* 🕵️ feat: Enhance Index Sync and MeiliSearch filtering for User Field - Implemented `ensureFilterableAttributes` function to configure MeiliSearch indexes for messages and conversations to filter by user. - Updated sync logic to trigger a full re-sync if the user field is missing or index settings are modified. - Adjusted search queries in Conversation and Message models to include user filtering. - Ensured 'user' field is marked as filterable in MongoDB schema for both messages and conversations. This update improves data integrity and search capabilities by ensuring user-related data is properly indexed and retrievable. * fix: message processing in Search component to use linear list and not tree * feat: Implement user filtering in MeiliSearch for shared links * refactor: Optimize message search retrieval by batching database calls * chore: Update MeiliSearch parameters type to use SearchParams for improved type safety
- Fixed a bug in reinitMCPServer where a user connection was created for an app-level server whenever this server is reinitialized - Made MCPManager.getUserConnection to return an error if the connection is app-level - Add MCPManager.getConnection to return either an app connection or a user connection based on the serverName - Made MCPManager.appConnections public to avoid unnecessary wrapper methods.
danny-avila#9852) - Added tests to validate behavior of web_search parameter in getOpenAIConfig function. - Implemented logic to handle web_search in addParams and dropParams, ensuring correct precedence and behavior. - Ensured web_search does not appear in modelKwargs or llmConfig when not applicable. - Improved overall configuration management for OpenAI API integration.
* 📐 refactor: Exclude Params from OAI Reasoning Models - Introduced a new test suite for `getOpenAILLMConfig` covering various model configurations, including basic settings, reasoning models, and web search functionality. - Validated parameter handling for different models, ensuring correct exclusions and conversions, particularly for temperature and max_tokens. - Enhanced tests for default and additional parameters, drop parameters, and verbosity handling, ensuring robust coverage of the configuration logic. * ci: Update OpenAI model version in configuration tests - Changed model references from 'gpt-5' to 'gpt-4' across multiple test cases in the `getOpenAIConfig` function. - Adjusted related parameter handling to ensure compatibility with the updated model version, including maxTokens and temperature settings. - Enhanced test coverage for model options and their expected configurations.
danny-avila#10751) * 🔧 fix: Handle null content parts in message processing - Added checks to filter out null content parts in various message handling functions, ensuring robustness against undefined values. - Updated the `extractMessageContent`, `useContentHandler`, `useEventHandlers`, and `useStepHandler` hooks to prevent errors caused by null parts. - Enhanced the `getAllContentText` utility to only include valid content types, improving overall message integrity. * 🔧 fix: Enhance error handling in event and SSE handlers - Wrapped critical sections in try-catch blocks within `useEventHandlers` and `useSSE` hooks to improve error management and prevent application crashes. - Added console error logging for better debugging and tracking of issues during message processing and conversation aborting. - Ensured that UI states like `setIsSubmitting` and `setShowStopButton` are correctly updated in case of errors, maintaining a consistent user experience. * 🔧 fix: Filter out null and empty content in message export - Enhanced the `useExportConversation` hook to filter out null content parts and empty strings during message processing, ensuring only valid content is included in the export. - This change improves the integrity of exported conversations by preventing unnecessary empty entries in the output.
…danny-avila#10752) * 🔧 chore: Update @librechat/agents to version 3.0.35 * ✨ feat: Add DeepSeek Model Pricing and Token Handling - Introduced pricing and token limits for 'deepseek-chat' and 'deepseek-reasoner' models, including prompt and completion rates. - Enhanced tests to validate pricing and token limits for DeepSeek models, ensuring correct handling of model variations and provider prefixes. - Updated cache multipliers for DeepSeek models to reflect new pricing structure. - Improved max output token handling for DeepSeek models, ensuring consistency across different endpoints.
* 🔒 fix: `iconURL` in conversation parsing - Updated the `buildEndpointOption` middleware to derive `iconURL` from model specs when not provided by the client, improving security by preventing malicious URLs. - Modified the `parseCompactConvo` function to strip `iconURL` from conversation inputs, ensuring it is only set server-side. - Added comprehensive tests to validate the stripping of `iconURL` across various endpoint types, enhancing overall input sanitization. * ✨ feat: Add ESLint rule for unused variables - Introduced a new ESLint rule to warn about unused variables, allowing for better code quality and maintainability. - Configured the rule to ignore variables and arguments that start with an underscore, accommodating common coding practices.
…nny-avila#10757) * 🗨️ fix: Safe Validation for Prompt Updates - Added `safeValidatePromptGroupUpdate` function to validate and sanitize prompt group update requests, ensuring only allowed fields are processed and sensitive fields are stripped. - Updated the `patchPromptGroup` route to utilize the new validation function, returning appropriate error messages for invalid requests. - Introduced comprehensive tests for the validation logic, covering various scenarios including allowed and disallowed fields, enhancing overall request integrity and security. - Created a new schema file for prompt group updates, defining validation rules and types for better maintainability. * 🔒 feat: Add JSON parse error handling middleware
* refactor: Add back user variable descriptions for MCP under input and not as Tooltips - Integrated DOMPurify to sanitize HTML content in user variable descriptions, ensuring safe rendering of links and formatting. - Updated the AuthField component to display sanitized descriptions, enhancing security and user experience. - Removed TooltipAnchor in favor of direct label rendering for improved clarity. * 📦 chore: Update `dompurify` to v3.3.0 in package dependencies - Added `dompurify` version 3.3.0 to `package.json` and `package-lock.json` for improved HTML sanitization. - Updated existing references to `dompurify` to ensure consistency across the project. * refactor: Update tooltip styles for sanitized description in AuthField component
* 🖥️ feat: Add Proxy Support for Tavily API Tool - Integrated ProxyAgent from undici to enable proxy support for API requests in TavilySearch and TavilySearchResults. - Updated fetch options to conditionally include the proxy configuration based on the environment variable, enhancing flexibility for network requests. * ci: TavilySearchResults with Proxy Support Tests - Added tests to verify the integration of ProxyAgent for API requests in TavilySearchResults. - Implemented conditional logic to check for the PROXY environment variable, ensuring correct usage of ProxyAgent based on its presence. - Updated test setup to clear mocks before each test for improved isolation and reliability.
- Updated `useChatFunctions` to derive `iconURL` from conversation data before parsing - Modified `parseCompactConvo` to explicitly omit `iconURL` from parsed conversations, reinforcing security measures around URL handling.
* refactor: Token Limit Processing with Enhanced Efficiency - Added a new test suite for `processTextWithTokenLimit`, ensuring comprehensive coverage of various scenarios including under, at, and exceeding token limits. - Refactored the `processTextWithTokenLimit` function to utilize a ratio-based estimation method, significantly reducing the number of token counting function calls compared to the previous binary search approach. - Improved handling of edge cases and variable token density, ensuring accurate truncation and performance across diverse text inputs. - Included direct comparisons with the old implementation to validate correctness and efficiency improvements. * refactor: Remove Tokenizer Route and Related References - Deleted the tokenizer route from the server and removed its references from the routes index and server files, streamlining the API structure. - This change simplifies the routing configuration by eliminating unused endpoints. * refactor: Migrate countTokens Utility to API Module - Removed the local countTokens utility and integrated it into the @librechat/api module for centralized access. - Updated various files to reference the new countTokens import from the API module, ensuring consistent usage across the application. - Cleaned up unused references and imports related to the previous countTokens implementation. * refactor: Centralize escapeRegExp Utility in API Module - Moved the escapeRegExp function from local utility files to the @librechat/api module for consistent usage across the application. - Updated imports in various files to reference the new centralized escapeRegExp function, ensuring cleaner code and reducing redundancy. - Removed duplicate implementations of escapeRegExp from multiple files, streamlining the codebase. * refactor: Enhance Token Counting Flexibility in Text Processing - Updated the `processTextWithTokenLimit` function to accept both synchronous and asynchronous token counting functions, improving its versatility. - Introduced a new `TokenCountFn` type to define the token counting function signature. - Added comprehensive tests to validate the behavior of `processTextWithTokenLimit` with both sync and async token counting functions, ensuring consistent results. - Implemented a wrapper to track call counts for the `countTokens` function, optimizing performance and reducing unnecessary calls. - Enhanced existing tests to compare the performance of the new implementation against the old one, demonstrating significant improvements in efficiency. * chore: documentation for Truncation Safety Buffer in Token Processing - Added a safety buffer multiplier to the character position estimates during text truncation to prevent overshooting token limits. - Updated the `processTextWithTokenLimit` function to utilize the new `TRUNCATION_SAFETY_BUFFER` constant, enhancing the accuracy of token limit processing. - Improved documentation to clarify the rationale behind the buffer and its impact on performance and efficiency in token counting.
…e Support (danny-avila#10786) * feat: Add support for Google model endpoint in balance check * feat: Add portal prop to ThemeSelector and LangSelector in ShareView
…anny-avila#10792) * refactor: implement sanitizeFileForTransmit and sanitizeMessageForTransmit functions for smaller payload to client transmission * refactor: enhance sanitizeMessageForTransmit to preserve empty files array and avoid mutating original message * refactor: update sanitizeMessageForTransmit to ensure immutability of files array and improve test clarity
…la#10806) * 🔧 fix: Gemini as Custom Endpoint Auth. Error for OAI-compatible API * refactor: Google Compatibility in OpenAI Config - Added a test to ensure `googleSearch` is filtered out when `web_search` is only present in `modelOptions`, not in `addParams` or `defaultParams`. - Updated `transformToOpenAIConfig` to preserve `googleSearch` tools if `web_search` is explicitly enabled via `addParams` or `defaultParams`. - Refactored the filtering logic for Google-specific tools to accommodate the new behavior.
…vila#10807) - Introduced `inferMimeType` utility to improve MIME type detection for uploaded files, including support for HEIC and HEIF formats. - Updated DragDropModal to utilize the new inference logic for validating file types, ensuring compatibility with various document upload providers. - Added comprehensive tests for `inferMimeType` to cover various scenarios, including handling of unknown extensions and preserving browser-provided types.
- Created a new `bun.lock` file to manage project dependencies effectively. - Removed the obsolete `bun.lockb` file. - Updated `package.json` scripts to streamline the build process for the client and API, enhancing the overall development workflow. - Introduced new build commands for the client package to improve modularity and clarity in the build process.
…la#10858) * Improve prompt for better citation formatting * Provide format example Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * refactor: Simplify citation guidelines and response structure in tool loading --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Danny Avila <danny@librechat.ai>
* Fix TTS STT proxy * Add STT proxy env var * Add TTS proxy env var * chore: import order * chore: import order --------- Co-authored-by: Danny Avila <danacordially@gmail.com>
* 🔊 fix: Validate language format for OpenAI STT model * fix: Normalize input language model assignment in STTService * refactor: Enhance error logging and language validation in STT and TTS services * fix: Improve language validation in getValidatedLanguageCode function
…#10876) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* v0.8.1 * fix: GitHub workflows for OIDC trusted publishing - Added permissions for OIDC trusted publishing in client, data-provider, and data-schemas workflows. - Updated npm installation to support OIDC in all workflows. - Changed npm publish commands to include `--provenance` for better package integrity. - Updated repository URLs in package.json files for client, data-provider, and data-schemas to remove `git+` prefix.
- Updated @librechat/api to version 1.7.0 - Updated @librechat/client to version 0.4.1 - Updated librechat-data-provider to version 0.8.200 - Updated @librechat/data-schemas to version 0.0.31
…-avila#10888) * 🔖 refactor: citation handling with support for both literal and Unicode formats * refactor: file search messages for edge cases in documents * 🔧 refactor: Enhance citation handling with detailed regex patterns for literal and Unicode formats * 🔧 refactor: Simplify file search query handling by removing unnecessary parameters and improving result formatting * ✨ test: Add comprehensive integration tests for citation processing flow with support for literal and Unicode formats * 🔧 refactor: Improve regex match handling and add performance tests for citation processing
…a#10894) - Added try-catch blocks to handle errors during document deletion from the RAG API. - Implemented logging for 404 errors indicating that the document may have already been deleted. - Improved error logging for other deletion errors in both Firebase and Local file services.
…anny-avila#10917) Adds support for MCP servers like StackOverflow that use OAuth but don't provide standard discovery metadata at .well-known endpoints. Changes: - Add fallback OAuth endpoints (/authorize, /token, /register) when discoverAuthorizationServerMetadata returns undefined - Add POST fallback in OAuth detection when HEAD returns non-401 (StackOverflow returns 405 for HEAD, 401 for POST) - Detect OAuth requirement from WWW-Authenticate: Bearer header even without resource_metadata URL - Add fallback /token endpoint for token refresh when metadata discovery fails - Add registration_endpoint to OAuthMetadata type This mirrors the MCP SDK's behavior where it gracefully falls back to default OAuth endpoint paths when .well-known metadata isn't available. Tests: - Add unit tests for detectOAuth.ts (POST fallback, Bearer detection) - Add unit tests for handler.ts (fallback metadata, fallback refresh) - Add StackOverflow to integration test servers Fixes OAuth flow for servers that: - Return 405 for HEAD requests (only support POST) - Return 401 with simple "Bearer" in WWW-Authenticate - Don't have .well-known/oauth-authorization-server endpoint - Use standard /authorize, /token, /register paths
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull 0.8.1 version into main.