Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-04-03 14:27:20 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
LibreChat/packages/data-provider/package.json

82 lines
2.3 KiB
JSON
Raw Normal View History

chore: add back data-provider
2023-07-30 10:37:25 -04:00
{
"name": "librechat-data-provider",
🚫 refactor: Remove Interface Config from Override Processing (#12473) Add INTERFACE_PERMISSION_FIELDS set defining the interface fields that seed role permissions at startup (prompts, agents, marketplace, etc.). These fields are now stripped from DB config overrides in the merge layer because updateInterfacePermissions() only runs at boot — DB overrides for these fields create a client/server permission mismatch. Pure UI fields (endpointsMenu, modelSelect, parameters, presets, sidePanel, customWelcome, etc.) continue to work in overrides as before. YAML startup path is completely unaffected.
2026-03-31 11:07:31 -04:00
"version": "0.8.406",
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"description": "data services for librechat apps",
"main": "dist/index.js",
"module": "dist/index.es.js",
fix(librechat-data-provider): Update types paths in package.json (#1333) * fix(librechat-data-provider): Update types paths in package.json * chore: bump version * fix(librechat-data-provider): Update types paths in react-query/package.json
2023-12-12 09:16:29 -05:00
"types": "./dist/types/index.d.ts",
📁 refactor: Prompts UI (#11570) * style: enhance prompts UI with new components and improved structure; add CreatePromptButton and AutoSendPrompt; refactor GroupSidePanel and PromptsAccordion * refactor(Prompts): move button components to buttons/ subdirectory * refactor(Prompts): move dialog components to dialogs/ subdirectory * refactor(Prompts): move display components to display/ subdirectory * refactor(Prompts): move editor components to editor/ subdirectory * refactor(Prompts): move field components to fields/ subdirectory * refactor(Prompts): move form components to forms/ subdirectory * refactor(Prompts): move layout components to layouts/ subdirectory * refactor(Prompts): move list components to lists/ subdirectory * refactor(Prompts): move sidebar components to sidebar/ subdirectory * refactor(Prompts): move utility components to utils/ subdirectory * refactor(Prompts): update main exports and external imports * refactor(Prompts): fix class name typo in AutoSendPrompt * refactor(Prompts): reorganize exports and imports order across components * refactor(Prompts): reorder exports for better organization and clarity * refactor(Buttons): enhance prompts accessibility with aria-labels and update translations * refactor(AdminSettings): reorganize imports and improve form structure for clarity * refactor(Dialogs): reorganize imports for consistency and clarity across DeleteVersion, SharePrompt, and VariableDialog components * refactor(Dialogs): enhance prompts accessibility with aria-labels * refactor(Display): enhance prompt components and accessibility features * refactor(.gitignore): add Playwright MCP directory * refactor(Preview): enhance prompt components, improve layout, and add accessibility features * refactor(Prompts): enhance variable handling, improve accessibility, and update UI components * refactor(Prompts): enhance loading state handling and improve accessibility in PromptName component * refactor(Prompts): streamline special variable handling, improve icon management, and enhance UI components * refactor(Prompts): update AdvancedSwitch component to use Radio for mode selection, enhance PromptName with tooltips, and improve layout in PromptForm * refactor(Prompts): enhance VersionCard and VersionBadge components for improved UI and accessibility, update loading state handling in VersionsPanel * refactor(Prompts): improve layout and styling of VersionCard component for better visual alignment and clarity * refactor(DeleteVersion): update text color for confirmation prompt in DeleteConfirmDialog * refactor(Prompts): add configurations for always make production and auto-send prompts, update localization strings for clarity * refactor(Prompts): enhance layout and styling in CategorySelector, CreatePromptForm, and List components for improved responsiveness and clarity * refactor(Prompts): enhance PromptDetailHeader and ChatGroupItem components, add shared prompt indication, and remove unused PromptMetadata component * refactor(Prompts): implement prompt group usage tracking, update sorting logic, and enhance related components * fix(Prompts): security, performance, and pagination fixes - Fix cursor pagination skipping/duplicating items by including numberOfGenerations in cursor condition to match sort order - Close NoSQL injection vector via otherFilters rest spread in GET /all, GET /groups, and buildPromptGroupFilter - Validate groupId as ObjectId before passing to query (GET /) - Add prompt body validation in addPromptToGroup (type + text) - Return 404 instead of 500 for missing group in POST /use - Combine data + count into single $facet aggregation - Add compound index {numberOfGenerations, updatedAt, _id} - Add index on prompt.author for deleteUserPrompts - Update useRecordPromptUsage to refresh client caches - Replace console.error with logger.error * refactor(PromptForm): remove console warning for unselected prompt in VersionsPanel * refactor(Prompts): improve error handling for groupId and streamline usage tracking * refactor(.gitignore): add CLAUDE.md to ignore list * refactor(Prompts): streamline prompt components by removing unused variables and enhancing props structure * refactor(Prompts): fix sort stability, keyboard handling, and remove dead code Add _id tiebreaker to prompt group sort pipelines for deterministic pagination ordering. Prevent default browser scroll on Space key in PromptEditor preview mode. Remove unused blurTimeoutRef and its onMutate callback from DashGroupItem. * refactor(Prompts): enhance groupId validation and improve prompt group aggregation handling * fix: aria-hidden, API fixes, accessibility improvements * fix: ACL author filter, mobile guard, semantic HTML, and add useFocusTrap hook - Remove author filter from patchPromptGroup so ACL-granted editors can update prompt groups (aligns with deletePromptGroupController) - Add missing group guard to mobile HeaderActions in PromptForm - Replace div with article in DashGroupItem, remove redundant stopPropagation and onClick on outer container - Add useFocusTrap hook for keyboard focus management - Add numberOfGenerations to default projection - Deduplicate ObjectId validation, remove console.warn, fix aria-labelledby, localize search announcements * refactor(Prompts): adjust UI and improve a11y * refactor(Prompts): reorder imports for consistency and clarity * refactor(Prompts): implement updateFieldsInPlace for efficient data updates and add related tests * refactor(Prompts): reorder imports to include updateFieldsInPlace for better organization * refactor(Prompts): enhance DashGroupItem with toast notifications for prompt updates and add click-to-edit functionality in PromptEditor * style: use self-closing TooltipAnchor in CreatePromptButton Replace ></TooltipAnchor> with /> for consistency with the rest of the Prompts directory. * fix(i18n): replace placeholder text for com_ui_global_group translation key The value was left as 'something needs to go here. was empty' which would be visible to users as an aria-label in DashGroupItem. * fix(DashGroupItem): sync rename input with group.name on external changes nameInputValue was initialized via useState(group.name) but never synced when group.name changed from a background refetch. Added useEffect that updates the input when the dialog is closed. * perf(useFocusTrap): store onEscape in ref to avoid listener churn onEscape was in the useEffect dependency array, causing the keydown listener to be torn down and re-attached on every render when callers passed an inline function. Now stored in a ref so the effect only re-runs when active or containerRef changes. * fix(a11y): replace role=button div with layered button overlay in ListCard The card used role='button' on a div that contained nested Button elements — an invalid ARIA pattern. Replaced with a hidden button at z-0 for the card action while child interactive elements sit at z-10, eliminating nested interactive element violations. * fix(PromptForm): reset selectionIndex on route change, guard auto-save, and fix a11y - Reset selectionIndex to 0 and isEditing to false when promptId changes, preventing out-of-bounds index when navigating between groups with different version counts. - Track selectedPrompt in a ref so the auto-save effect doesn't fire against a stale prompt when the selection changed mid-edit. - Stabilize useFocusTrap onEscape via useCallback to avoid unnecessary listener re-attachment. - Conditionally render mobile overlay instead of always-present button with aria-hidden/pointer-events toggling. * refactor: extract isValidObjectIdString to shared utility in data-schemas The same regex helper was duplicated in api/server/routes/prompts.js and packages/data-schemas/src/methods/prompt.ts. Moved to packages/data-schemas/src/utils/objectId.ts and imported from both consumers. Also removed a duplicate router.use block introduced during the extraction. * perf(updateFieldsInPlace): replace JSON deep clone with targeted spread Instead of JSON.parse(JSON.stringify(data)) which serializes the entire paginated data structure, use targeted immutable spreads that only copy the affected page and collection array. Returns the original data reference unchanged when the item is not found. * perf(VariablesDropdown): memoize items array and stabilize handleAddVariable The items array containing JSX elements was rebuilt on every render. Wrapped in useMemo keyed on usedVariables and localize. Also wrapped handleAddVariable in useCallback and memoized usedCount to avoid redundant array filtering. * perf(DashGroupItem): stabilize mutation callbacks via refs handleSaveRename and handleDelete had updateGroup/deleteGroup mutation objects in their useCallback dependency arrays. Since mutation objects are new references each render, the callbacks were recreated every render, defeating memoization. Now store mutation objects in refs and call via ref.current in the callbacks. * fix(security): validate groupId in incrementPromptGroupUsage The data-schema method passed the groupId string directly to findByIdAndUpdate without validation. If called from a different entrypoint without the route-level check, Mongoose would throw a CastError. Now validates with isValidObjectIdString before the DB call and throws a clean 'Invalid groupId' error. * fix(security): add rate limiter to prompt usage tracking endpoint POST /groups/:groupId/use had no rate limiting — a user could spam it to inflate numberOfGenerations, which controls sort order for all users. Added promptUsageLimiter (30 req/user/min) following the same pattern as toolCallLimiter. Also handle 'Invalid groupId' error from the data layer in the route error handler. * fix(updateFieldsInPlace): guard against undefined identifier value If updatedItem[identifierField] is null/undefined, findIndex could match unintended items where that field is also undefined. Added early return when the identifier value is nullish. * fix(a11y): use React useId for stable unique IDs in ListCard aria-describedby/id values were derived from prompt name which can contain spaces and special characters, producing invalid HTML IDs and potential collisions. Now uses React.useId() for guaranteed unique, valid IDs per component instance. * fix: Align prompts panel styling with other sidebar panels and fix test - Match FilterPrompts first row to Memory/Bookmark pattern (items-center gap-2) - Remove items-stretch override from PromptsAccordion - Add missing promptUsageLimiter mock to prompts route test * fix: Address code review findings for prompts refactor PR - Fix #5: Gate DeletePrompt in HeaderActions behind canDelete permission - Fix #8: BackToChat navigates to last conversation instead of /c/new - Fix #7: Restore useLiveAnnouncer for screen reader feedback on delete/rename - Fix #1: Use isPublic (set by API) instead of deprecated projectIds for globe icon - Fix #4: Optimistic cache update in useRecordPromptUsage instead of full invalidation - Fix #6: Add migration to drop superseded { createdAt, updatedAt } compound index - Fix #9: Single-pass reduce in PromptVariables instead of triple filter - Fix #10: Rename PromptLabelsForm internal component to avoid collision with PromptForm - Fix #14: Remove redundant aria-label from aria-hidden Checkbox in AutoSendPrompt * fix: Align prompts panel filter row element sizes with other panels - Override Dropdown trigger to size-9 (36px) to match FilterInput height - Set CreatePromptButton to size-9 shrink-0 bg-transparent matching Memory/Bookmark panel button pattern * fix(prompts): Shared Prompts filter ignores direct shares, only returns PUBLIC Folds fix from PR #11882 into the refactored codebase. Bug A: filterAccessibleIdsBySharedLogic now accepts ownedPromptGroupIds: - MY_PROMPTS: accessible intersect owned - SHARED_PROMPTS: (accessible union public) minus owned - ALL: accessible union public (deduplicated) Legacy fallback preserved when ownedPromptGroupIds is omitted. Bug B: getPromptGroup uses $lookup aggregation to populate productionPrompt, fixing empty text on direct URL navigation to shared prompts. Also adds getOwnedPromptGroupIds to data-schemas methods and passes it from both /all and /groups route handlers. * fix: Add missing canDelete to mobile HeaderActions, remove dead instanceProjectId prop - Pass canDelete to mobile HeaderActions row (was only on desktop) - Remove instanceProjectId prop from ChatGroupItem and DashGroupItem since global check now uses group.isPublic - Remove useGetStartupConfig from List.tsx (no longer needed) * fix: Use runtime ObjectId instead of type-only Types.ObjectId, fix i18next interpolation - getPromptGroup and getOwnedPromptGroupIds were using Types.ObjectId (imported as type-only), which is erased at compile time. Use the runtime ObjectId from mongoose.Types (already destructured at line 20). This fixes the 404s in PATCH /groups/:groupId tests. - Fix com_ui_prompt_deleted_group translation to use {{0}} (i18next double-brace syntax) instead of {0}. * chore: Fix translation key ordering, add sideEffects: false to data-provider - Reorder new translation keys to maintain alphabetical order: com_ui_click_to_edit, com_ui_labels, com_ui_live, com_ui_prompt_delete_confirm, com_ui_prompt_deleted_group, com_ui_prompt_details, com_ui_prompt_renamed, com_ui_prompt_update_error, com_ui_prompt_variables_list - Add "sideEffects": false to librechat-data-provider package.json to enable tree-shaking of unused exports (types, constants, pure functions) * fix: Reduce prompts panel spacing, align memory toggle with checkbox pattern - Remove unnecessary wrapper div around AutoSendPrompt in PromptsAccordion, reducing vertical space between the toggle and the first prompt item - Replace Memory panel's Switch toggle with Checkbox+Button pattern matching the prompts panel's AutoSendPrompt for visual consistency * fix: Reduce gap between AutoSendPrompt and first prompt item Change ChatGroupItem margin from my-2 to mb-2 to eliminate the doubled spacing (gap-2 from parent + top margin from first item). Restore wrapper div around AutoSendPrompt for right-alignment. * fix: Restore prompt name on empty save, remove dead bodyProps from checkGlobalPromptShare - PromptName: reset newName to name when save is cancelled due to empty or unchanged input, preventing blank title in read mode - checkGlobalPromptShare: remove dead bodyProps config — Permissions.SHARE was not in the permissions array so the bodyProps rule was never evaluated. Per-resource share checks are handled by canAccessPromptGroupResource. --------- Co-authored-by: Danny Avila <danny@librechat.ai>
2026-03-22 21:56:22 +01:00
"sideEffects": false,
refactor: Use `librechat-data-provider` app-wide 🔄 (#1326) * chore: bump vite, vitejs/plugin-react, mark client package as esm, move react-query as a peer dep in data-provider * chore: import changes due to new data-provider export strategy, also fix type imports where applicable * chore: export react-query services as separate to avoid react dependencies in /api/ * chore: suppress sourcemap warnings and polyfill node:path which is used by filenamify TODO: replace filenamify with an alternative and REMOVE polyfill * chore: /api/ changes to support `librechat-data-provider` * refactor: rewrite Dockerfile.multi in light of /api/ changes to support `librechat-data-provider` * chore: remove volume mapping to node_modules directories in default compose file * chore: remove schemas from /api/ as is no longer needed with use of `librechat-data-provider` * fix(ci): jest `librechat-data-provider/react-query` module resolution
2023-12-11 14:48:40 -05:00
"exports": {
".": {
"import": "./dist/index.es.js",
"require": "./dist/index.js",
fix(librechat-data-provider): Update types paths in package.json (#1333) * fix(librechat-data-provider): Update types paths in package.json * chore: bump version * fix(librechat-data-provider): Update types paths in react-query/package.json
2023-12-12 09:16:29 -05:00
"types": "./dist/types/index.d.ts"
refactor: Use `librechat-data-provider` app-wide 🔄 (#1326) * chore: bump vite, vitejs/plugin-react, mark client package as esm, move react-query as a peer dep in data-provider * chore: import changes due to new data-provider export strategy, also fix type imports where applicable * chore: export react-query services as separate to avoid react dependencies in /api/ * chore: suppress sourcemap warnings and polyfill node:path which is used by filenamify TODO: replace filenamify with an alternative and REMOVE polyfill * chore: /api/ changes to support `librechat-data-provider` * refactor: rewrite Dockerfile.multi in light of /api/ changes to support `librechat-data-provider` * chore: remove volume mapping to node_modules directories in default compose file * chore: remove schemas from /api/ as is no longer needed with use of `librechat-data-provider` * fix(ci): jest `librechat-data-provider/react-query` module resolution
2023-12-11 14:48:40 -05:00
},
"./react-query": {
"import": "./dist/react-query/index.es.js",
"require": "./dist/react-query/index.js",
fix(librechat-data-provider): Update types paths in package.json (#1333) * fix(librechat-data-provider): Update types paths in package.json * chore: bump version * fix(librechat-data-provider): Update types paths in react-query/package.json
2023-12-12 09:16:29 -05:00
"types": "./dist/types/react-query/index.d.ts"
refactor: Use `librechat-data-provider` app-wide 🔄 (#1326) * chore: bump vite, vitejs/plugin-react, mark client package as esm, move react-query as a peer dep in data-provider * chore: import changes due to new data-provider export strategy, also fix type imports where applicable * chore: export react-query services as separate to avoid react dependencies in /api/ * chore: suppress sourcemap warnings and polyfill node:path which is used by filenamify TODO: replace filenamify with an alternative and REMOVE polyfill * chore: /api/ changes to support `librechat-data-provider` * refactor: rewrite Dockerfile.multi in light of /api/ changes to support `librechat-data-provider` * chore: remove volume mapping to node_modules directories in default compose file * chore: remove schemas from /api/ as is no longer needed with use of `librechat-data-provider` * fix(ci): jest `librechat-data-provider/react-query` module resolution
2023-12-11 14:48:40 -05:00
}
},
🎛️ feat: DB-Backed Per-Principal Config System (#12354) * ✨ feat: Add Config schema, model, and methods for role-based DB config overrides Add the database foundation for principal-based configuration overrides (user, group, role) in data-schemas. Includes schema with tenantId and tenant isolation, CRUD methods, and barrel exports. * 🔧 fix: Add shebang and enforce LF line endings for git hooks The pre-commit hook was missing #!/bin/sh, and core.autocrlf=true was converting it to CRLF, both causing "Exec format error" on Windows. Add .gitattributes to force LF for .husky/* and *.sh files. * ✨ feat: Add admin config API routes with section-level capability checks Add /api/admin/config endpoints for managing per-principal config overrides (user, group, role). Handlers in @librechat/api use DI pattern with section-level hasConfigCapability checks for granular access control. Supports full overrides replacement, per-field PATCH via dot-paths, field deletion, toggle active, and listing. * 🐛 fix: Move deleteConfigField fieldPath from URL param to request body The path-to-regexp wildcard syntax (:fieldPath(*)) is not supported by the version used in Express. Send fieldPath in the DELETE request body instead, which also avoids URL-encoding issues with dotted paths. * ✨ feat: Wire config resolution into getAppConfig with override caching Add mergeConfigOverrides utility in data-schemas for deep-merging DB config overrides into base AppConfig by priority order. Update getAppConfig to query DB for applicable configs when role/userId is provided, with short-TTL caching and a hasAnyConfigs feature flag for zero-cost when no DB configs exist. Also: add unique compound index on Config schema, pass userId from config middleware, and signal config changes from admin API handlers. * 🔄 refactor: Extract getAppConfig logic into packages/api as TS service Move override resolution, caching strategy, and signalConfigChange from api/server/services/Config/app.js into packages/api/src/app/appConfigService.ts using the DI factory pattern (createAppConfigService). The JS file becomes a thin wiring layer injecting loadBaseConfig, cache, and DB dependencies. * 🧹 chore: Rename configResolution.ts to resolution.ts * ✨ feat: Move admin types & capabilities to librechat-data-provider Move SystemCapabilities, CapabilityImplications, and utility functions (hasImpliedCapability, expandImplications) from data-schemas to data-provider so they are available to external consumers like the admin panel without a data-schemas dependency. Add API-friendly admin types: TAdminConfig, TAdminSystemGrant, TAdminAuditLogEntry, TAdminGroup, TAdminMember, TAdminUserSearchResult, TCapabilityCategory, and CAPABILITY_CATEGORIES. data-schemas re-exports these from data-provider and extends with config-schema-derived types (ConfigSection, SystemCapability union). Bump version to 0.8.500. * feat: Add JSON-serializable admin config API response types to data-schemas Add AdminConfig, AdminConfigListResponse, AdminConfigResponse, and AdminConfigDeleteResponse types so both LibreChat API handlers and the admin panel can share the same response contract. Bump version to 0.0.41. * refactor: Move admin capabilities & types from data-provider to data-schemas SystemCapabilities, CapabilityImplications, utility functions, CAPABILITY_CATEGORIES, and admin API response types should not be in data-provider as it gets compiled into the frontend bundle, exposing the capability surface. Moved everything to data-schemas (server-only). All consumers already import from @librechat/data-schemas, so no import changes needed elsewhere. Consolidated duplicate AdminConfig type (was in both config.ts and admin.ts). * chore: Bump @librechat/data-schemas to 0.0.42 * refactor: Reorganize admin capabilities into admin/ and types/admin.ts Split systemCapabilities.ts following data-schemas conventions: - Types (BaseSystemCapability, SystemCapability, AdminConfig, etc.) → src/types/admin.ts - Runtime code (SystemCapabilities, CapabilityImplications, utilities) → src/admin/capabilities.ts Revert data-provider version to 0.8.401 (no longer modified). * chore: Fix import ordering, rename appConfigService to service - Rename app/appConfigService.ts → app/service.ts (directory provides context) - Fix import order in admin/config.ts, types/admin.ts, types/config.ts - Add naming convention to AGENTS.md * feat: Add DB base config support (role/__base__) - Add BASE_CONFIG_PRINCIPAL_ID constant for reserved base config doc - getApplicableConfigs always includes __base__ in queries - getAppConfig queries DB even without role/userId when DB configs exist - Bump @librechat/data-schemas to 0.0.43 * fix: Address PR review issues for admin config - Add listAllConfigs method; listConfigs endpoint returns all active configs instead of only __base__ - Normalize principalId to string in all config methods to prevent ObjectId vs string mismatch on user/group lookups - Block __proto__ and all dunder-prefixed segments in field path validation to prevent prototype pollution - Fix configVersion off-by-one: default to 0, guard pre('save') with !isNew, use $inc on findOneAndUpdate - Remove unused getApplicableConfigs from admin handler deps * fix: Enable tree-shaking for data-schemas, bump packages - Switch data-schemas Rollup output to preserveModules so each source file becomes its own chunk; consumers (admin panel) can now import just the modules they need without pulling in winston/mongoose/etc. - Add sideEffects: false to data-schemas package.json - Bump data-schemas to 0.0.44, data-provider to 0.8.402 * feat: add capabilities subpath export to data-schemas Adds `@librechat/data-schemas/capabilities` subpath export so browser consumers can import BASE_CONFIG_PRINCIPAL_ID and capability constants without pulling in Node.js-only modules (winston, async_hooks, etc.). Bump version to 0.0.45. * fix: include dist/ in data-provider npm package Add explicit files field so npm includes dist/types/ in the published package. Without this, the root .gitignore exclusion of dist/ causes npm to omit type declarations, breaking TypeScript consumers. * chore: bump librechat-data-provider to 0.8.403 * feat: add GET /api/admin/config/base for raw AppConfig Returns the full AppConfig (YAML + DB base merged) so the admin panel can display actual config field values and structure. The startup config endpoint (/api/config) returns TStartupConfig which is a different shape meant for the frontend app. * chore: imports order * fix: address code review findings for admin config Critical: - Fix clearAppConfigCache: was deleting from wrong cache store (CONFIG_STORE instead of APP_CONFIG), now clears BASE and HAS_DB_CONFIGS keys - Eliminate race condition: patchConfigField and deleteConfigField now use atomic MongoDB $set/$unset with dot-path notation instead of read-modify-write cycles, removing the lost-update bug entirely - Add patchConfigFields and unsetConfigField atomic DB methods Major: - Reorder cache check before principal resolution in getAppConfig so getUserPrincipals DB query only fires on cache miss - Replace '' as ConfigSection with typed BROAD_CONFIG_ACCESS constant - Parallelize capability checks with Promise.all instead of sequential awaits in for loops - Use loose equality (== null) for cache miss check to handle both null and undefined returns from cache implementations - Set HAS_DB_CONFIGS_KEY to true on successful config fetch Minor: - Remove dead pre('save') hook from config schema (all writes use findOneAndUpdate which bypasses document hooks) - Consolidate duplicate type imports in resolution.ts - Remove dead deepGet/deepSet/deepUnset functions (replaced by atomic ops) - Add .sort({ priority: 1 }) to getApplicableConfigs query - Rename _impliedBy to impliedByMap * fix: self-referencing BROAD_CONFIG_ACCESS constant * fix: replace type-cast sentinel with proper null parameter Update hasConfigCapability to accept ConfigSection | null where null means broad access check (MANAGE_CONFIGS or READ_CONFIGS only). Removes the '' as ConfigSection type lie from admin config handlers. * fix: remaining review findings + add tests - listAllConfigs accepts optional { isActive } filter so admin listing can show inactive configs (#9) - Standardize session application to .session(session ?? null) across all config DB methods (#15) - Export isValidFieldPath and getTopLevelSection for testability - Add 38 tests across 3 spec files: - config.spec.ts (api): path validation, prototype pollution rejection - resolution.spec.ts: deep merge, priority ordering, array replacement - config.spec.ts (data-schemas): full CRUD, ObjectId normalization, atomic $set/$unset, configVersion increment, toggle, __base__ query * fix: address second code review findings - Fix cross-user cache contamination: overrideCacheKey now handles userId-without-role case with its own cache key (#1) - Add broad capability check before DB lookup in getConfig to prevent config existence enumeration (#2/#3) - Move deleteConfigField fieldPath from request body to query parameter for proxy/load balancer compatibility (#5) - Derive BaseSystemCapability from SystemCapabilities const instead of manual string union (#6) - Return 201 on upsert creation, 200 on update (#11) - Remove inline narration comments per AGENTS.md (#12) - Type overrides as Partial<TCustomConfig> in DB methods and handler deps (#13) - Replace double as-unknown-as casts in resolution.ts with generic deepMerge<T> (#14) - Make override cache TTL injectable via AppConfigServiceDeps (#16) - Add exhaustive never check in principalModel switch (#17) * fix: remaining review findings — tests, rename, semantics - Rename signalConfigChange → markConfigsDirty with JSDoc documenting the stale-window tradeoff and overrideCacheTtl knob - Fix DEFAULT_OVERRIDE_CACHE_TTL naming convention - Add createAppConfigService tests (14 cases): cache behavior, feature flag, cross-user key isolation, fallback on error, markConfigsDirty - Add admin handler integration tests (13 cases): auth ordering, 201/200 on create/update, fieldPath from query param, markConfigsDirty calls, capability checks * fix: global flag corruption + empty overrides auth bypass - Remove HAS_DB_CONFIGS_KEY=false optimization: a scoped query returning no configs does not mean no configs exist globally. Setting the flag false from a per-principal query short-circuited all subsequent users. - Add broad manage capability check before section checks in upsertConfigOverrides: empty overrides {} no longer bypasses auth. * test: add regression and invariant tests for config system Regression tests: - Bug 1: User A's empty result does not short-circuit User B's overrides - Bug 2: Empty overrides {} returns 403 without MANAGE_CONFIGS Invariant tests (applied across ALL handlers): - All 5 mutation handlers call markConfigsDirty on success - All 5 mutation handlers return 401 without auth - All 5 mutation handlers return 403 without capability - All 3 read handlers return 403 without capability * fix: third review pass — all findings addressed Service (service.ts): - Restore HAS_DB_CONFIGS=false for base-only queries (no role/userId) so deployments with zero DB configs skip DB queries (#1) - Resolve cache once at factory init instead of per-invocation (#8) - Use BASE_CONFIG_PRINCIPAL_ID constant in overrideCacheKey (#10) - Add JSDoc to clearAppConfigCache documenting stale-window (#4) - Fix log message to not say "from YAML" (#14) Admin handlers (config.ts): - Use configVersion===1 for 201 vs 200, eliminating TOCTOU race (#2) - Add Array.isArray guard on overrides body (#5) - Import CapabilityUser from capabilities.ts, remove duplicate (#6) - Replace as-unknown-as cast with targeted type assertion (#7) - Add MAX_PATCH_ENTRIES=100 cap on entries array (#15) - Reorder deleteConfigField to validate principalType first (#12) - Export CapabilityUser from middleware/capabilities.ts DB methods (config.ts): - Remove isActive:true from patchConfigFields to prevent silent reactivation of disabled configs (#3) Schema (config.ts): - Change principalId from Schema.Types.Mixed to String (#11) Tests: - Add patchConfigField unsafe fieldPath rejection test (#9) - Add base-only HAS_DB_CONFIGS=false test (#1) - Update 201/200 tests to use configVersion instead of findConfig (#2) * fix: add read handler 401 invariant tests + document flag behavior - Add invariant: all 3 read handlers return 401 without auth - Document on markConfigsDirty that HAS_DB_CONFIGS stays true after all configs are deleted until clearAppConfigCache or restart * fix: remove HAS_DB_CONFIGS false optimization entirely getApplicableConfigs([]) only queries for __base__, not all configs. A deployment with role/group configs but no __base__ doc gets the flag poisoned to false by a base-only query, silently ignoring all scoped overrides. The optimization is not safe without a comprehensive Config.exists() check, which adds its own DB cost. Removed entirely. The flag is now write-once-true (set when configs are found or by markConfigsDirty) and only cleared by clearAppConfigCache/restart. * chore: reorder import statements in app.js for clarity * refactor: remove HAS_DB_CONFIGS_KEY machinery entirely The three-state flag (false/null/true) was the source of multiple bugs across review rounds. Every attempt to safely set it to false was defeated by getApplicableConfigs querying only a subset of principals. Removed: HAS_DB_CONFIGS_KEY constant, all reads/writes of the flag, markConfigsDirty (now a no-op concept), notifyChange wrapper, and all tests that seeded false manually. The per-user/role TTL cache (overrideCacheTtl, default 60s) is the sole caching mechanism. On cache miss, getApplicableConfigs queries the DB. This is one indexed query per user per TTL window — acceptable for the config override use case. * docs: rewrite admin panel remaining work with current state * perf: cache empty override results to avoid repeated DB queries When getApplicableConfigs returns no configs for a principal, cache baseConfig under their override key with TTL. Without this, every user with no per-principal overrides hits MongoDB on every request after the 60s cache window expires. * fix: add tenantId to cache keys + reject PUBLIC principal type - Include tenantId in override cache keys to prevent cross-tenant config contamination. Single-tenant deployments (tenantId undefined) use '_' as placeholder — no behavior change for them. - Reject PrincipalType.PUBLIC in admin config validation — PUBLIC has no PrincipalModel and is never resolved by getApplicableConfigs, so config docs for it would be dead data. - Config middleware passes req.user.tenantId to getAppConfig. * fix: fourth review pass findings DB methods (config.ts): - findConfigByPrincipal accepts { includeInactive } option so admin GET can retrieve inactive configs (#5) - upsertConfig catches E11000 duplicate key on concurrent upserts and retries without upsert flag (#2) - unsetConfigField no longer filters isActive:true, consistent with patchConfigFields (#11) - Typed filter objects replace Record<string, unknown> (#12) Admin handlers (config.ts): - patchConfigField: serial broad capability check before Promise.all to pre-warm ALS principal cache, preventing N parallel DB calls (#3) - isValidFieldPath rejects leading/trailing dots and consecutive dots (#7) - Duplicate fieldPaths in patch entries return 400 (#8) - DEFAULT_PRIORITY named constant replaces hardcoded 10 (#14) - Admin getConfig and patchConfigField pass includeInactive to findConfigByPrincipal (#5) - Route import uses barrel instead of direct file path (#13) Resolution (resolution.ts): - deepMerge has MAX_MERGE_DEPTH=10 guard to prevent stack overflow from crafted deeply nested configs (#4) * fix: final review cleanup - Remove ADMIN_PANEL_REMAINING.md (local dev notes with Windows paths) - Add empty-result caching regression test - Add tenantId to AdminConfigDeps.getAppConfig type - Restore exhaustive never check in principalModel switch - Standardize toggleConfigActive session handling to options pattern * fix: validate priority in patchConfigField handler Add the same non-negative number validation for priority that upsertConfigOverrides already has. Without this, invalid priority values could be stored via PATCH and corrupt merge ordering. * chore: remove planning doc from PR * fix: correct stale cache key strings in service tests * fix: clean up service tests and harden tenant sentinel - Remove no-op cache delete lines from regression tests - Change no-tenant sentinel from '_' to '__default__' to avoid collision with a real tenant ID when multi-tenancy is enabled - Remove unused CONFIG_STORE from AppConfigServiceDeps * chore: bump @librechat/data-schemas to 0.0.46 * fix: block prototype-poisoning keys in deepMerge Skip __proto__, constructor, and prototype keys during config merge to prevent prototype pollution via PUT /api/admin/config overrides.
2026-03-25 19:39:29 -04:00
"files": [
"dist"
],
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"scripts": {
"clean": "rimraf dist",
"build": "npm run clean && rollup -c --silent --bundleConfigAsCjs",
"build:watch": "rollup -c -w",
🔄 refactor: Consolidate Ask/Edit Controllers (#1365) * refactor(Ask/Edit): consolidate ask/edit controllers between the main modules and openAI controllers to reduce repetition of code and increase reusability * fix(winston/logger): circular dependency issue * fix(config/scripts): fix script imports * refactor(indexSync): make not configured message an info log message * chore: create a rollup script for api/server/index.js to check circular dependencies * chore: bump @keyv/redis
2023-12-15 15:47:40 -05:00
"rollup:api": "npx rollup -c server-rollup.config.js --bundleConfigAsCjs",
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"test": "jest --coverage --watch",
💾 feat: Add Memory Configuration Options for CI unit tests (#10567) * 💾 feat: Add Memory Configuration Options for CI unit tests - configured GitHub Actions workflows with configurable Node.js heap allocation, defaults to 6144 MiB - added heap usage logging for memory monitoring and debugging - increased Docker frontend build memory allocation to ensure consistent memory limits - optimized Jest timeout for tokenSplit test * 💾 feat: Add Memory Configuration Options for CI unit tests - responding to PR feedback from Copilot
2025-12-25 16:17:17 -05:00
"test:ci": "jest --coverage --ci --logHeapUsage",
feat: bun support 🥟 (#907) * feat: bun 🥟 * check if playwright/linux workflow is fixed * fix: backend issues exposed by bun * feat: update scripts for bun
2023-09-10 16:04:08 -04:00
"verify": "npm run test:ci",
"b:clean": "bun run rimraf dist",
"b:build": "bun run b:clean && bun run rollup -c --silent --bundleConfigAsCjs"
chore: add back data-provider
2023-07-30 10:37:25 -04:00
},
"repository": {
"type": "git",
✨ v0.8.1 (#10882) * v0.8.1 * fix: GitHub workflows for OIDC trusted publishing - Added permissions for OIDC trusted publishing in client, data-provider, and data-schemas workflows. - Updated npm installation to support OIDC in all workflows. - Changed npm publish commands to include `--provenance` for better package integrity. - Updated repository URLs in package.json files for client, data-provider, and data-schemas to remove `git+` prefix.
2025-12-10 09:06:01 -05:00
"url": "https://github.com/danny-avila/LibreChat"
chore: add back data-provider
2023-07-30 10:37:25 -04:00
},
"author": "",
"license": "ISC",
"bugs": {
feat(data-provider): add GitHub Actions workflow for building and publishing package chore(data-provider): update package version to 0.1.2 chore(data-provider): update repository URL in package.json
2023-07-30 11:37:03 -04:00
"url": "https://github.com/danny-avila/LibreChat/issues"
chore: add back data-provider
2023-07-30 10:37:25 -04:00
},
🔗 chore: Add Stable Discord and Homepage Links (#1835)
2024-02-19 09:42:57 -05:00
"homepage": "https://librechat.ai",
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"dependencies": {
📦 chore: Bump `@librechat/agents` & `axios`, Bedrock Prompt Caching fix (#11723) * 🔧 chore: Update @librechat/agents to version 3.1.39 in package.json and package-lock.json * 🔧 chore: Update axios to version 1.13.5 in package.json and package-lock.json across multiple packages
2026-02-10 20:03:17 -05:00
"axios": "^1.13.5",
🗓️ feat: Add Special Variables for Prompts & Agents, Prompt UI Improvements (#7123) * wip: Add Instructions component for agent configuration * ✨ feat: Implement DropdownPopup for variable insertion in instructions * refactor: Enhance variable handling by exporting specialVariables and updating Markdown components * feat: Add special variable support for current date and user in Instructions component * refactor: Update handleAddVariable to include localized label * feat: replace special variables in instructions presets * chore: update parameter type for user in getListAgents function * refactor: integrate dayjs for date handling and move replaceSpecialVars function to data-provider * feat: enhance replaceSpecialVars to include day number in current date format * feat: integrate replaceSpecialVars for processing agent instructions * feat: add support for current date & time in replaceSpecialVars function * feat: add iso_datetime support in replaceSpecialVars function * fix: enforce text parameter to be a required field in replaceSpecialVars function * feat: add ISO datetime support in translation file * fix: disable eslint warning for autoFocus in TextareaAutosize component * feat: add VariablesDropdown component and integrate it into CreatePromptForm and PromptEditor; update translation for special variables * fix: CategorySelector and related localizations * fix: add z-index class to LanguageSTTDropdown for proper stacking context * fix: add max-height and overflow styles to OGDialogContent in VariableDialog and PreviewPrompt components * fix: update variable detection logic to exclude special variables and improve regex matching * fix: improve accessibility text for actions menu in ChatGroupItem component * fix: adjust max-width and height styles for dialog components and improve markdown rendering for light vs. dark, height/widths, etc. * fix: remove commented-out code for better readability in PromptVariableGfm component * fix: handle undefined input parameter in setParams function call * fix: update variable label types to use TSpecialVarLabel for consistency * fix: remove outdated information from special variables description in translation file * fix: enhance unused i18next keys detection for special variable keys * fix: update color classes for consistency/a11y in category and prompt variable components * fix: update PromptVariableGfm component and special variable styles for consistency * fix: improve variable highlighting logic in VariableForm component * fix: update background color classes for consistency in VariableForm component * fix: add missing ref parameter to Dialog component in OriginalDialog * refactor: move navigate call for new conversation to after setConversation update * refactor: move message query hook to client workspace; fix: handle edge case for navigation from finalHandler creating race condition for response message DB save * chore: bump librechat-data-provider to 0.7.793 * ci: add unit tests for replaceSpecialVars function * fix: implement getToolkitKey function for image_gen_oai toolkit filtering/including * ci: enhance dayjs mock for consistent date/time values in tests * fix: MCP stdio server fail to start when passing env property * fix: use optional chaining for clientRef dereferencing in AskController and EditController feat: add context to saveMessage call in streamResponse utility * fix: only save error messages if the userMessageId was initialized * refactor: add isNotAppendable check to disable inputs in ChatForm and useTextarea * feat: enhance error handling in useEventHandlers and update conversation state in useNewConvo * refactor: prepend underscore to conversationId in newConversation template * feat: log aborted conversations with minimal messages and use consistent conversationId generation --------- Co-authored-by: Olivier Schiavo <olivier.schiavo@wengo.com> Co-authored-by: aka012 <aka012@neowiz.com> Co-authored-by: jiasheng <jiashengguo@outlook.com>
2025-04-29 03:49:02 -04:00
"dayjs": "^1.11.13",
📦 chore: Jest & Eslint Package Updates (#10536) * chore: update js-yaml to v4.1.1 * chore: update eslint to v9.39.1 in package.json and package-lock.json * chore: update prettier-eslint to v16.4.2 in package.json and package-lock.json * chore: update @eslint/eslintrc to v3.3.1 in package.json and package-lock.json * chore: update ts-jest to v29.4.5 in package.json and package-lock.json * chore: update jest to version 30.2.0 across multiple packages and update related dependencies
2025-11-16 11:55:18 -05:00
"js-yaml": "^4.1.1",
feat: Accurate Token Usage Tracking & Optional Balance (#1018) * refactor(Chains/llms): allow passing callbacks * refactor(BaseClient): accurately count completion tokens as generation only * refactor(OpenAIClient): remove unused getTokenCountForResponse, pass streaming var and callbacks in initializeLLM * wip: summary prompt tokens * refactor(summarizeMessages): new cut-off strategy that generates a better summary by adding context from beginning, truncating the middle, and providing the end wip: draft out relevant providers and variables for token tracing * refactor(createLLM): make streaming prop false by default * chore: remove use of getTokenCountForResponse * refactor(agents): use BufferMemory as ConversationSummaryBufferMemory token usage not easy to trace * chore: remove passing of streaming prop, also console log useful vars for tracing * feat: formatFromLangChain helper function to count tokens for ChatModelStart * refactor(initializeLLM): add role for LLM tracing * chore(formatFromLangChain): update JSDoc * feat(formatMessages): formats langChain messages into OpenAI payload format * chore: install openai-chat-tokens * refactor(formatMessage): optimize conditional langChain logic fix(formatFromLangChain): fix destructuring * feat: accurate prompt tokens for ChatModelStart before generation * refactor(handleChatModelStart): move to callbacks dir, use factory function * refactor(initializeLLM): rename 'role' to 'context' * feat(Balance/Transaction): new schema/models for tracking token spend refactor(Key): factor out model export to separate file * refactor(initializeClient): add req,res objects to client options * feat: add-balance script to add to an existing users' token balance refactor(Transaction): use multiplier map/function, return balance update * refactor(Tx): update enum for tokenType, return 1 for multiplier if no map match * refactor(Tx): add fair fallback value multiplier incase the config result is undefined * refactor(Balance): rename 'tokens' to 'tokenCredits' * feat: balance check, add tx.js for new tx-related methods and tests * chore(summaryPrompts): update prompt token count * refactor(callbacks): pass req, res wip: check balance * refactor(Tx): make convoId a String type, fix(calculateTokenValue) * refactor(BaseClient): add conversationId as client prop when assigned * feat(RunManager): track LLM runs with manager, track token spend from LLM, refactor(OpenAIClient): use RunManager to create callbacks, pass user prop to langchain api calls * feat(spendTokens): helper to spend prompt/completion tokens * feat(checkBalance): add helper to check, log, deny request if balance doesn't have enough funds refactor(Balance): static check method to return object instead of boolean now wip(OpenAIClient): implement use of checkBalance * refactor(initializeLLM): add token buffer to assure summary isn't generated when subsequent payload is too large refactor(OpenAIClient): add checkBalance refactor(createStartHandler): add checkBalance * chore: remove prompt and completion token logging from route handler * chore(spendTokens): add JSDoc * feat(logTokenCost): record transactions for basic api calls * chore(ask/edit): invoke getResponseSender only once per API call * refactor(ask/edit): pass promptTokens to getIds and include in abort data * refactor(getIds -> getReqData): rename function * refactor(Tx): increase value if incomplete message * feat: record tokenUsage when message is aborted * refactor: subtract tokens when payload includes function_call * refactor: add namespace for token_balance * fix(spendTokens): only execute if corresponding token type amounts are defined * refactor(checkBalance): throws Error if not enough token credits * refactor(runTitleChain): pass and use signal, spread object props in create helpers, and use 'call' instead of 'run' * fix(abortMiddleware): circular dependency, and default to empty string for completionTokens * fix: properly cancel title requests when there isn't enough tokens to generate * feat(predictNewSummary): custom chain for summaries to allow signal passing refactor(summaryBuffer): use new custom chain * feat(RunManager): add getRunByConversationId method, refactor: remove run and throw llm error on handleLLMError * refactor(createStartHandler): if summary, add error details to runs * fix(OpenAIClient): support aborting from summarization & showing error to user refactor(summarizeMessages): remove unnecessary operations counting summaryPromptTokens and note for alternative, pass signal to summaryBuffer * refactor(logTokenCost -> recordTokenUsage): rename * refactor(checkBalance): include promptTokens in errorMessage * refactor(checkBalance/spendTokens): move to models dir * fix(createLanguageChain): correctly pass config * refactor(initializeLLM/title): add tokenBuffer of 150 for balance check * refactor(openAPIPlugin): pass signal and memory, filter functions by the one being called * refactor(createStartHandler): add error to run if context is plugins as well * refactor(RunManager/handleLLMError): throw error immediately if plugins, don't remove run * refactor(PluginsClient): pass memory and signal to tools, cleanup error handling logic * chore: use absolute equality for addTitle condition * refactor(checkBalance): move checkBalance to execute after userMessage and tokenCounts are saved, also make conditional * style: icon changes to match official * fix(BaseClient): getTokenCountForResponse -> getTokenCount * fix(formatLangChainMessages): add kwargs as fallback prop from lc_kwargs, update JSDoc * refactor(Tx.create): does not update balance if CHECK_BALANCE is not enabled * fix(e2e/cleanUp): cleanup new collections, import all model methods from index * fix(config/add-balance): add uncaughtException listener * fix: circular dependency * refactor(initializeLLM/checkBalance): append new generations to errorMessage if cost exceeds balance * fix(handleResponseMessage): only record token usage in this method if not error and completion is not skipped * fix(createStartHandler): correct condition for generations * chore: bump postcss due to moderate severity vulnerability * chore: bump zod due to low severity vulnerability * chore: bump openai & data-provider version * feat(types): OpenAI Message types * chore: update bun lockfile * refactor(CodeBlock): add error block formatting * refactor(utils/Plugin): factor out formatJSON and cn to separate files (json.ts and cn.ts), add extractJSON * chore(logViolation): delete user_id after error is logged * refactor(getMessageError -> Error): change to React.FC, add token_balance handling, use extractJSON to determine JSON instead of regex * fix(DALL-E): use latest openai SDK * chore: reorganize imports, fix type issue * feat(server): add balance route * fix(api/models): add auth * feat(data-provider): /api/balance query * feat: show balance if checking is enabled, refetch on final message or error * chore: update docs, .env.example with token_usage info, add balance script command * fix(Balance): fallback to empty obj for balance query * style: slight adjustment of balance element * docs(token_usage): add PR notes
2023-10-05 18:34:10 -04:00
"zod": "^3.22.4"
chore: add back data-provider
2023-07-30 10:37:25 -04:00
},
"devDependencies": {
"@babel/preset-env": "^7.21.5",
"@babel/preset-react": "^7.18.6",
"@babel/preset-typescript": "^7.21.0",
🔄 refactor: Consolidate Ask/Edit Controllers (#1365) * refactor(Ask/Edit): consolidate ask/edit controllers between the main modules and openAI controllers to reduce repetition of code and increase reusability * fix(winston/logger): circular dependency issue * fix(config/scripts): fix script imports * refactor(indexSync): make not configured message an info log message * chore: create a rollup script for api/server/index.js to check circular dependencies * chore: bump @keyv/redis
2023-12-15 15:47:40 -05:00
"@rollup/plugin-alias": "^5.1.0",
📦 chore: Update Packages for Security & Remove Unnecessary (#10620) * 🗑️ chore: Remove @microsoft/eslint-formatter-sarif from dependencies and update ESLint CI workflow - Removed @microsoft/eslint-formatter-sarif from package.json and package-lock.json. - Updated ESLint CI workflow to eliminate SARIF upload logic and related environment variables. * chore: Remove ts-jest from dependencies in jest.config and package files * chore: Update package dependencies to latest versions - Upgraded @rollup/plugin-commonjs from 25.0.2 to 29.0.0 across multiple packages. - Updated rimraf from 5.0.1 to 6.1.2 in packages/api, client, data-provider, and data-schemas. - Added new dependencies: @isaacs/balanced-match and @isaacs/brace-expansion in package-lock.json. - Updated glob from 8.1.0 to 13.0.0 and adjusted related dependencies accordingly. * chore: remove prettier-eslint dependency from package.json * chore: npm audit fix * fix: correct `getBasePath` import
2025-11-21 14:53:58 -05:00
"@rollup/plugin-commonjs": "^29.0.0",
🔄 refactor: Consolidate Ask/Edit Controllers (#1365) * refactor(Ask/Edit): consolidate ask/edit controllers between the main modules and openAI controllers to reduce repetition of code and increase reusability * fix(winston/logger): circular dependency issue * fix(config/scripts): fix script imports * refactor(indexSync): make not configured message an info log message * chore: create a rollup script for api/server/index.js to check circular dependencies * chore: bump @keyv/redis
2023-12-15 15:47:40 -05:00
"@rollup/plugin-json": "^6.1.0",
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"@rollup/plugin-node-resolve": "^15.1.0",
refactor: Use `librechat-data-provider` app-wide 🔄 (#1326) * chore: bump vite, vitejs/plugin-react, mark client package as esm, move react-query as a peer dep in data-provider * chore: import changes due to new data-provider export strategy, also fix type imports where applicable * chore: export react-query services as separate to avoid react dependencies in /api/ * chore: suppress sourcemap warnings and polyfill node:path which is used by filenamify TODO: replace filenamify with an alternative and REMOVE polyfill * chore: /api/ changes to support `librechat-data-provider` * refactor: rewrite Dockerfile.multi in light of /api/ changes to support `librechat-data-provider` * chore: remove volume mapping to node_modules directories in default compose file * chore: remove schemas from /api/ as is no longer needed with use of `librechat-data-provider` * fix(ci): jest `librechat-data-provider/react-query` module resolution
2023-12-11 14:48:40 -05:00
"@rollup/plugin-replace": "^5.0.5",
📦 chore: bump dependabot packages (#12487) * chore: Update Handlebars and package versions in package-lock.json and package.json - Upgrade Handlebars from version 4.7.7 to 4.7.9 in both package-lock.json and package.json for improved performance and security. - Update librechat-data-provider version from 0.8.401 to 0.8.406 in package-lock.json. - Update @librechat/data-schemas version from 0.0.40 to 0.0.48 in package-lock.json. * chore: Upgrade @happy-dom/jest-environment and happy-dom versions in package-lock.json and package.json - Update @happy-dom/jest-environment from version 20.8.3 to 20.8.9 for improved compatibility. - Upgrade happy-dom from version 20.8.3 to 20.8.9 to ensure consistency across dependencies. * chore: Upgrade @rollup/plugin-terser to version 1.0.0 in package-lock.json and package.json - Update @rollup/plugin-terser from version 0.4.4 to 1.0.0 in both package-lock.json and package.json for improved performance and compatibility. - Reflect the new version in the dependencies of data-provider and data-schemas packages. * chore: Upgrade rollup-plugin-typescript2 to version 0.37.0 in package-lock.json and package.json - Update rollup-plugin-typescript2 from version 0.35.0 to 0.37.0 in package-lock.json and all relevant package.json files for improved compatibility and performance. - Adjust dependencies for semver and tslib to their latest versions in line with the rollup-plugin-typescript2 upgrade. * chore: Upgrade nodemailer to version 8.0.4 in package-lock.json and package.json - Update nodemailer from version 7.0.11 to 8.0.4 in both package-lock.json and package.json to enhance functionality and security. * chore: Upgrade picomatch, yaml, brace-expansion versions in package-lock.json - Update picomatch from version 4.0.3 to 4.0.4 across multiple dependencies for improved functionality. - Upgrade brace-expansion from version 2.0.2 to 2.0.3 and from 5.0.3 to 5.0.5 to enhance compatibility and performance. - Update yaml from version 1.10.2 to 1.10.3 for better stability.
2026-03-31 13:36:20 -04:00
"@rollup/plugin-terser": "^1.0.0",
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"@types/jest": "^29.5.2",
🔧 feat: Initial MCP Support (Tools) (#5015) * 📝 chore: Add comment to clarify purpose of check_updates.sh script * feat: mcp package * feat: add librechat-mcp package and update dependencies * feat: refactor MCPConnectionSingleton to handle transport initialization and connection management * feat: change private methods to public in MCPConnectionSingleton for improved accessibility * feat: filesystem demo * chore: everything demo and move everything under mcp workspace * chore: move ts-node to mcp workspace * feat: mcp examples * feat: working sse MCP example * refactor: rename MCPConnectionSingleton to MCPConnection for clarity * refactor: replace MCPConnectionSingleton with MCPConnection for consistency * refactor: manager/connections * refactor: update MCPConnection to use type definitions from mcp types * refactor: update MCPManager to use winston logger and enhance server initialization * refactor: share logger between connections and manager * refactor: add schema definitions and update MCPManager to accept logger parameter * feat: map available MCP tools * feat: load manifest tools * feat: add MCP tools delimiter constant and update plugin key generation * feat: call MCP tools * feat: update librechat-data-provider version to 0.7.63 and enhance StdioOptionsSchema with additional properties * refactor: simplify typing * chore: update types/packages * feat: MCP Tool Content parsing * chore: update dependencies and improve package configurations * feat: add 'mcp' directory to package and update configurations * refactor: return CONTENT_AND_ARTIFACT format for MCP callTool * chore: bump @librechat/agents * WIP: MCP artifacts * chore: bump @librechat/agents to v1.8.7 * fix: ensure filename has extension when saving base64 image * fix: move base64 buffer conversion before filename extension check * chore: update backend review workflow to install MCP package * fix: use correct `mime` method * fix: enhance file metadata with message and tool call IDs in image saving process * fix: refactor ToolCall component to handle MCP tool calls and improve domain extraction * fix: update ToolItem component for default isInstalled value and improve localization in ToolSelectDialog * fix: update ToolItem component to use consistent text color for tool description * style: add theming to ToolSelectDialog * fix: improve domain extraction logic in ToolCall component * refactor: conversation item theming, fix rename UI bug, optimize props, add missing types * feat: enhance MCP options schema with base options (iconPath to start) and make transport type optional, infer based on other option fields * fix: improve reconnection logic with parallel init and exponential backoff and enhance transport debug logging * refactor: improve logging format * refactor: improve logging of available tools by displaying tool names * refactor: improve reconnection/connection logic * feat: add MCP package build process to Dockerfile * feat: add fallback icon for tools without an image in ToolItem component * feat: Assistants Support for MCP Tools * fix(build): configure rollup to use output.dir for dynamic imports * chore: update @librechat/agents to version 1.8.8 and add @langchain/anthropic dependency * fix: update CONFIG_VERSION to 1.2.0
2024-12-17 13:12:57 -05:00
"@types/js-yaml": "^4.0.9",
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"@types/node": "^20.3.0",
chore(data-provider): update package.json to add @types/react dependency (#753) feat(data-provider): import React in types.ts file
2023-08-04 14:17:06 -04:00
"@types/react": "^18.2.18",
🔧 chore: Update data-provider dependencies for typing (#7533) - Updated dependencies to include @langchain/core and @types/winston in both package-lock.json and data-provider package.json.
2025-05-24 10:40:13 -04:00
"@types/winston": "^2.4.4",
📦 chore: Jest & Eslint Package Updates (#10536) * chore: update js-yaml to v4.1.1 * chore: update eslint to v9.39.1 in package.json and package-lock.json * chore: update prettier-eslint to v16.4.2 in package.json and package-lock.json * chore: update @eslint/eslintrc to v3.3.1 in package.json and package-lock.json * chore: update ts-jest to v29.4.5 in package.json and package-lock.json * chore: update jest to version 30.2.0 across multiple packages and update related dependencies
2025-11-16 11:55:18 -05:00
"jest": "^30.2.0",
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"jest-junit": "^16.0.0",
🔧 feat: Initial MCP Support (Tools) (#5015) * 📝 chore: Add comment to clarify purpose of check_updates.sh script * feat: mcp package * feat: add librechat-mcp package and update dependencies * feat: refactor MCPConnectionSingleton to handle transport initialization and connection management * feat: change private methods to public in MCPConnectionSingleton for improved accessibility * feat: filesystem demo * chore: everything demo and move everything under mcp workspace * chore: move ts-node to mcp workspace * feat: mcp examples * feat: working sse MCP example * refactor: rename MCPConnectionSingleton to MCPConnection for clarity * refactor: replace MCPConnectionSingleton with MCPConnection for consistency * refactor: manager/connections * refactor: update MCPConnection to use type definitions from mcp types * refactor: update MCPManager to use winston logger and enhance server initialization * refactor: share logger between connections and manager * refactor: add schema definitions and update MCPManager to accept logger parameter * feat: map available MCP tools * feat: load manifest tools * feat: add MCP tools delimiter constant and update plugin key generation * feat: call MCP tools * feat: update librechat-data-provider version to 0.7.63 and enhance StdioOptionsSchema with additional properties * refactor: simplify typing * chore: update types/packages * feat: MCP Tool Content parsing * chore: update dependencies and improve package configurations * feat: add 'mcp' directory to package and update configurations * refactor: return CONTENT_AND_ARTIFACT format for MCP callTool * chore: bump @librechat/agents * WIP: MCP artifacts * chore: bump @librechat/agents to v1.8.7 * fix: ensure filename has extension when saving base64 image * fix: move base64 buffer conversion before filename extension check * chore: update backend review workflow to install MCP package * fix: use correct `mime` method * fix: enhance file metadata with message and tool call IDs in image saving process * fix: refactor ToolCall component to handle MCP tool calls and improve domain extraction * fix: update ToolItem component for default isInstalled value and improve localization in ToolSelectDialog * fix: update ToolItem component to use consistent text color for tool description * style: add theming to ToolSelectDialog * fix: improve domain extraction logic in ToolCall component * refactor: conversation item theming, fix rename UI bug, optimize props, add missing types * feat: enhance MCP options schema with base options (iconPath to start) and make transport type optional, infer based on other option fields * fix: improve reconnection logic with parallel init and exponential backoff and enhance transport debug logging * refactor: improve logging format * refactor: improve logging of available tools by displaying tool names * refactor: improve reconnection/connection logic * feat: add MCP package build process to Dockerfile * feat: add fallback icon for tools without an image in ToolItem component * feat: Assistants Support for MCP Tools * fix(build): configure rollup to use output.dir for dynamic imports * chore: update @librechat/agents to version 1.8.8 and add @langchain/anthropic dependency * fix: update CONFIG_VERSION to 1.2.0
2024-12-17 13:12:57 -05:00
"openapi-types": "^12.1.3",
📦 chore: bump `minimatch` due to ReDoS vulnerability, bump `rimraf`, `rollup` (#11963) * 🔧 chore: bump minimatch due to ReDoS vulnerability - Removed deprecated dependencies: @isaacs/balanced-match and @isaacs/brace-expansion. - Upgraded Rollup packages from version 4.37.0 to 4.59.0 for improved performance and stability across multiple platforms. * 🔧 chore: update Rollup version across multiple packages - Bumped Rollup dependency from various versions to 4.34.9 in package.json and package-lock.json files for improved performance and compatibility across the project. * 🔧 chore: update rimraf dependency to version 6.1.3 across multiple packages - Bumped rimraf version from 6.1.2 to 6.1.3 in package.json and package-lock.json files for improved performance and compatibility.
2026-02-26 16:10:33 -05:00
"rimraf": "^6.1.3",
"rollup": "^4.34.9",
refactor: Use `librechat-data-provider` app-wide 🔄 (#1326) * chore: bump vite, vitejs/plugin-react, mark client package as esm, move react-query as a peer dep in data-provider * chore: import changes due to new data-provider export strategy, also fix type imports where applicable * chore: export react-query services as separate to avoid react dependencies in /api/ * chore: suppress sourcemap warnings and polyfill node:path which is used by filenamify TODO: replace filenamify with an alternative and REMOVE polyfill * chore: /api/ changes to support `librechat-data-provider` * refactor: rewrite Dockerfile.multi in light of /api/ changes to support `librechat-data-provider` * chore: remove volume mapping to node_modules directories in default compose file * chore: remove schemas from /api/ as is no longer needed with use of `librechat-data-provider` * fix(ci): jest `librechat-data-provider/react-query` module resolution
2023-12-11 14:48:40 -05:00
"rollup-plugin-peer-deps-external": "^2.2.4",
📦 chore: bump dependabot packages (#12487) * chore: Update Handlebars and package versions in package-lock.json and package.json - Upgrade Handlebars from version 4.7.7 to 4.7.9 in both package-lock.json and package.json for improved performance and security. - Update librechat-data-provider version from 0.8.401 to 0.8.406 in package-lock.json. - Update @librechat/data-schemas version from 0.0.40 to 0.0.48 in package-lock.json. * chore: Upgrade @happy-dom/jest-environment and happy-dom versions in package-lock.json and package.json - Update @happy-dom/jest-environment from version 20.8.3 to 20.8.9 for improved compatibility. - Upgrade happy-dom from version 20.8.3 to 20.8.9 to ensure consistency across dependencies. * chore: Upgrade @rollup/plugin-terser to version 1.0.0 in package-lock.json and package.json - Update @rollup/plugin-terser from version 0.4.4 to 1.0.0 in both package-lock.json and package.json for improved performance and compatibility. - Reflect the new version in the dependencies of data-provider and data-schemas packages. * chore: Upgrade rollup-plugin-typescript2 to version 0.37.0 in package-lock.json and package.json - Update rollup-plugin-typescript2 from version 0.35.0 to 0.37.0 in package-lock.json and all relevant package.json files for improved compatibility and performance. - Adjust dependencies for semver and tslib to their latest versions in line with the rollup-plugin-typescript2 upgrade. * chore: Upgrade nodemailer to version 8.0.4 in package-lock.json and package.json - Update nodemailer from version 7.0.11 to 8.0.4 in both package-lock.json and package.json to enhance functionality and security. * chore: Upgrade picomatch, yaml, brace-expansion versions in package-lock.json - Update picomatch from version 4.0.3 to 4.0.4 across multiple dependencies for improved functionality. - Upgrade brace-expansion from version 2.0.2 to 2.0.3 and from 5.0.3 to 5.0.5 to enhance compatibility and performance. - Update yaml from version 1.10.2 to 1.10.3 for better stability.
2026-03-31 13:36:20 -04:00
"rollup-plugin-typescript2": "^0.37.0",
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"typescript": "^5.0.4"
},
refactor: Use `librechat-data-provider` app-wide 🔄 (#1326) * chore: bump vite, vitejs/plugin-react, mark client package as esm, move react-query as a peer dep in data-provider * chore: import changes due to new data-provider export strategy, also fix type imports where applicable * chore: export react-query services as separate to avoid react dependencies in /api/ * chore: suppress sourcemap warnings and polyfill node:path which is used by filenamify TODO: replace filenamify with an alternative and REMOVE polyfill * chore: /api/ changes to support `librechat-data-provider` * refactor: rewrite Dockerfile.multi in light of /api/ changes to support `librechat-data-provider` * chore: remove volume mapping to node_modules directories in default compose file * chore: remove schemas from /api/ as is no longer needed with use of `librechat-data-provider` * fix(ci): jest `librechat-data-provider/react-query` module resolution
2023-12-11 14:48:40 -05:00
"peerDependencies": {
"@tanstack/react-query": "^4.28.0"
},
chore: add back data-provider
2023-07-30 10:37:25 -04:00
"publishConfig": {
"registry": "https://registry.npmjs.org/"
}
}
Reference in a new issue Copy permalink