* feat: Add OpenID Connect federated provider token support
Implements support for passing federated provider tokens (Cognito, Azure AD, Auth0)
as variables in LibreChat's librechat.yaml configuration for both custom endpoints
and MCP servers.
Features:
- New LIBRECHAT_OPENID_* template variables for federated provider tokens
- JWT claims parsing from ID tokens without verification (for claim extraction)
- Token validation with expiration checking
- Support for multiple token storage locations (federatedTokens, openidTokens)
- Integration with existing template variable system
- Comprehensive test suite with Cognito-specific scenarios
- Provider-agnostic design supporting Cognito, Azure AD, Auth0, etc.
Security:
- Server-side only token processing
- Automatic token expiration validation
- Graceful fallbacks for missing/invalid tokens
- No client-side token exposure
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: Add federated token propagation to OIDC authentication strategies
Adds federatedTokens object to user during authentication to enable
federated provider token template variables in LibreChat configuration.
Changes:
- OpenID JWT Strategy: Extract raw JWT from Authorization header and
attach as federatedTokens.access_token to enable {{LIBRECHAT_OPENID_TOKEN}}
placeholder resolution
- OpenID Strategy: Attach tokenset tokens as federatedTokens object to
standardize token access across both authentication strategies
This enables proper token propagation for custom endpoints and MCP
servers that require federated provider tokens for authorization.
Resolves missing token issue reported by @ramden in PR #9931🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Denis Ramic <denis.ramic@nfon.com>
Co-Authored-By: Claude <noreply@anthropic.com>
* test: Add federatedTokens validation tests for OIDC strategies
Adds comprehensive test coverage for the federated token propagation
feature implemented in the authentication strategies.
Tests added:
- Verify federatedTokens object is attached to user with correct structure
(access_token, refresh_token, expires_at)
- Verify both tokenset and federatedTokens are present in user object
- Ensure tokens from OIDC provider are correctly propagated
Also fixes existing test suite by adding missing mocks:
- isEmailDomainAllowed function mock
- findOpenIDUser function mock
These tests validate the fix from commit 5874ba29f that enables
{{LIBRECHAT_OPENID_TOKEN}} template variable functionality.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* docs: Remove implementation documentation file
The PR description already contains all necessary implementation details.
This documentation file is redundant and was requested to be removed.
* fix: skip s256 check
* fix(openid): handle missing refresh token in Cognito token refresh response
When OPENID_REUSE_TOKENS=true, the token refresh flow was failing because
Cognito (and most OAuth providers) don't return a new refresh token in the
refresh grant response - they only return new access and ID tokens.
Changes:
- Modified setOpenIDAuthTokens() to accept optional existingRefreshToken parameter
- Updated validation to only require access_token (refresh_token now optional)
- Added logic to reuse existing refresh token when not provided in tokenset
- Updated refreshController to pass original refresh token as fallback
- Added comments explaining standard OAuth 2.0 refresh token behavior
This fixes the "Token is not present. User is not authenticated." error that
occurred during silent token refresh with Cognito as the OpenID provider.
Fixes: Authentication loop with OPENID_REUSE_TOKENS=true and AWS Cognito
* fix(openid): extract refresh token from cookies for template variable replacement
When OPENID_REUSE_TOKENS=true, the openIdJwtStrategy populates user.federatedTokens
to enable template variable replacement (e.g., {{LIBRECHAT_OPENID_ACCESS_TOKEN}}).
However, the refresh_token field was incorrectly sourced from payload.refresh_token,
which is always undefined because:
1. JWTs don't contain refresh tokens in their payload
2. The JWT itself IS the access token
3. Refresh tokens are separate opaque tokens stored in HTTP-only cookies
This caused extractOpenIDTokenInfo() to receive incomplete federatedTokens,
resulting in template variables remaining unreplaced in headers.
**Root Cause:**
- Line 90: `refresh_token: payload.refresh_token` (always undefined)
- JWTs only contain access token data in their claims
- Refresh tokens are separate, stored securely in cookies
**Solution:**
- Import `cookie` module to parse cookies from request
- Extract refresh token from `refreshToken` cookie
- Populate federatedTokens with both access token (JWT) and refresh token (from cookie)
**Impact:**
- Template variables like {{LIBRECHAT_OPENID_ACCESS_TOKEN}} now work correctly
- Headers in librechat.yaml are properly replaced with actual tokens
- MCP server authentication with federated tokens now functional
**Technical Details:**
- passReqToCallback=true in JWT strategy provides req object access
- Refresh token extracted via cookies.parse(req.headers.cookie).refreshToken
- Falls back gracefully if cookie header or refreshToken is missing
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: re-resolve headers on each request to pick up fresh federatedTokens
- OpenAIClient now re-resolves headers in chatCompletion() before each API call
- This ensures template variables like {{LIBRECHAT_OPENID_TOKEN}} are replaced
with actual token values from req.user.federatedTokens
- initialize.js now stores original template headers instead of pre-resolved ones
- Fixes template variable replacement when OPENID_REUSE_TOKENS=true
The issue was that headers were only resolved once during client initialization,
before openIdJwtStrategy had populated user.federatedTokens. Now headers are
re-resolved on every request with the current user's fresh tokens.
* debug: add logging to track header resolution in OpenAIClient
* debug: log tokenset structure after refresh to diagnose missing access_token
* fix: set federatedTokens on user object after OAuth refresh
- After successful OAuth token refresh, the user object was not being
updated with federatedTokens
- This caused template variable resolution to fail on subsequent requests
- Now sets user.federatedTokens with access_token, id_token, refresh_token
and expires_at from the refreshed tokenset
- Fixes template variables like {{LIBRECHAT_OPENID_TOKEN}} not being
replaced after token refresh
- Related to PR #9931 (OpenID federated token support)
* fix(openid): pass user object through agent chain for template variable resolution
Root cause: buildAgentContext in agents/run.ts called resolveHeaders without
the user parameter, preventing OpenID federated token template variables from
being resolved in agent runtime parameters.
Changes:
- packages/api/src/agents/run.ts: Add user parameter to createRun signature
- packages/api/src/agents/run.ts: Pass user to resolveHeaders in buildAgentContext
- api/server/controllers/agents/client.js: Pass user when calling createRun
- api/server/services/Endpoints/bedrock/options.js: Add resolveHeaders call with debug logging
- api/server/services/Endpoints/custom/initialize.js: Add debug logging
- packages/api/src/utils/env.ts: Add comprehensive debug logging and stack traces
- packages/api/src/utils/oidc.ts: Fix eslint errors (unused type, explicit any)
This ensures template variables like {{LIBRECHAT_OPENID_TOKEN}} and
{{LIBRECHAT_USER_OPENIDID}} are properly resolved in both custom endpoint
headers and Bedrock AgentCore runtime parameters.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* refactor: remove debug logging from OpenID token template feature
Removed excessive debug logging that was added during development to make
the PR more suitable for upstream review:
- Removed 7 debug statements from OpenAIClient.js
- Removed all console.log statements from packages/api/src/utils/env.ts
- Removed debug logging from bedrock/options.js
- Removed debug logging from custom/initialize.js
- Removed debug statement from AuthController.js
This reduces the changeset by ~50 lines while maintaining full functionality
of the OpenID federated token template variable feature.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(openid): add comprehensive unit tests for template variable substitution
- Add 34 unit tests for OIDC token utilities (oidc.spec.ts)
- Test coverage for token extraction, validation, and placeholder processing
- Integration tests for full OpenID token flow
- All tests pass with comprehensive edge case coverage
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
* test: fix OpenID federated tokens test failures
- Add serverMetadata() mock to openid-client mock configuration
* Fixes TypeError in openIdJwtStrategy.js where serverMetadata() was being called
* Mock now returns jwks_uri and end_session_endpoint as expected by the code
- Update outdated initialize.spec.js test
* Remove test expecting resolveHeaders call during initialization
* Header resolution was refactored to be deferred until LLM request time
* Update test to verify options are returned correctly with useLegacyContent flag
Fixes#9931 CI failures for backend unit tests
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* chore: fix package-lock.json conflict
* chore: sync package-log with upstream
* chore: cleanup
* fix: use createSafeUser
* fix: fix createSafeUser signature
* chore: remove comments
* chore: purge comments
* fix: update Jest testPathPattern to testPathPatterns for Jest 30+ compatibility
---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Denis Ramic <denis.ramic@nfon.com>
Co-authored-by: kristjanaapro <kristjana@apro.is>
chore: import order and add back JSDoc for OpenID JWT callback
* chore: remove `@langchain/community` dependency
* refactor: remove SerpAPI integration and update related imports
* chore: remove legacy code with unnecessary dependencies
* chore: cleanup packages
* chore: cleanup packages
* chore: update openai dependency version to 5.10.1
* chore: add back @librechat/agents dependency
* chore: downgrade openai dependency from 5.10.1 to 5.8.2
* Remove dependency on @librechat/agents from the API package
* chore: add @librechat/agents dependency to the API package
* fix: add useLegacyContent property to RunAgent type and propagate it in createRun function
* chore: remove openai dependency version 5.10.1 from package.json
Remove deprecated OpenAI models and add latest GPT-5, o3/o4, and GPT-4.1 series models based on current API offerings as of October 2025.
Removed deprecated models:
- gpt-4.5-preview (deprecated July 2025)
- o1-preview, o1-mini (deprecated July/October 2025)
- gpt-4-vision-preview (shut down December 2024)
- Dated GPT-3.5 and GPT-4 variants (consolidated into base versions)
Added new flagship models:
- GPT-5 series: gpt-5, gpt-5-mini, gpt-5-nano
- o3/o4 reasoning models: o3, o4-mini, o3-pro, o3-mini
- GPT-4.1 series: gpt-4.1, gpt-4.1-mini, gpt-4.1-nano
Reorganized list with newest models first for better discoverability.
References:
- https://platform.openai.com/docs/models
- https://platform.openai.com/docs/deprecations
* feat: Add support for users to be admins when logging in using OpenID
* fix: Linting issues
* fix: whitespace
* chore: add unit tests for OIDC_ADMIN_ROLE
* refactor: Replace custom property retrieval function with lodash's get for improved readability and maintainability
* feat: Enhance OpenID role extraction and error handling in setupOpenId function
- Improved role validation to check for both array and string types.
- Added detailed error messages for missing or invalid role paths in tokens.
- Expanded unit tests to cover various scenarios for nested role extraction and error handling.
* fix: Improve error handling for role extraction in OpenID strategy
- Enhanced validation to check for invalid role types (array or string).
- Updated error messages for clarity when roles are missing or of incorrect type.
- Added unit tests to cover scenarios where roles return invalid types (object, number).
* feat: Implement user role demotion in OpenID strategy when admin role is absent from token
- Added logic to demote users from 'ADMIN' to 'USER' if the admin role is not present in the token.
- Enhanced logging to capture role changes for better traceability.
- Introduced unit tests to verify the demotion behavior and ensure correct handling when admin role environment variables are not configured.
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
* Check file size of conversation being imported against a configured max size to prevent bringing down the application by uploading a large file
chore: remove non-english localization as needs to be added via locize
* feat: Implement file size validation for conversation imports to prevent oversized uploads
---------
Co-authored-by: Marc Amick <MarcAmick@jhu.edu>
Co-authored-by: Danny Avila <danny@librechat.ai>
* Remove unused STATIC_CONFIG and LIBRECHAT_YAML_CONFIG cache keys.
These cache keys were identified as dead code - they were being written to but never read from anywhere in the codebase after a recent refactor:
- STATIC_CONFIG was used as a cache namespace that stored configuration data
- LIBRECHAT_YAML_CONFIG was the key used within that namespace to store parsed YAML config
- The cache.set() operation in loadCustomConfig.js stored the config but no cache.get() operations retrieved it
- Configuration data is already handled through other mechanisms without caching
* # removed tests regarding cache
- Added support for a minimum password length defined by the MIN_PASSWORD_LENGTH environment variable.
- Updated login, registration, and reset password forms to utilize the configured minimum length.
- Enhanced validation schemas to reflect the new minimum password length requirement.
- Included tests to ensure the minimum password length functionality works as expected.
* added REDIS_USE_ALTERNATIVE_DNS_LOOKUP env variable to modify redis connection by adding dnsLookup
this is required when connecting to elasticache for ioredis
see "Special Note: Aws Elasticache Clusters with TLS" on this webpage: https://www.npmjs.com/package/ioredis
* added REDIS_USE_ALTERNATIVE_DNS_LOOKUP env variable to modify redis connection by adding dnsLookup
this is required when connecting to elasticache for ioredis
see "Special Note: Aws Elasticache Clusters with TLS" on this webpage: https://www.npmjs.com/package/ioredis
---------
Co-authored-by: Marc Amick <MarcAmick@jhu.edu>
WIP: pre-granular-permissions commit
feat: Add category and support contact fields to Agent schema and UI components
Revert "feat: Add category and support contact fields to Agent schema and UI components"
This reverts commit c43a52b4c9.
Fix: Update import for renderHook in useAgentCategories.spec.tsx
fix: Update icon rendering in AgentCategoryDisplay tests to use empty spans
refactor: Improve category synchronization logic and clean up AgentConfig component
refactor: Remove unused UI flow translations from translation.json
feat: agent marketplace features
🔐 feat: Granular Role-based Permissions + Entra ID Group Discovery (#7804)
* ✨ feat: Add OpenID audience parameter support in authorization requests
* Updated .env.example to include OPENID_AUDIENCE variable for configuration.
* Enhanced openidStrategy to set the audience parameter in authorization requests if specified, improving OpenID integration.
* Update .env.example
* Update openidStrategy.js
---------
Co-authored-by: Danny Avila <danacordially@gmail.com>
* ✨ feat: Add support for forced in-memory cache keys configuration
* refactor: Update cache keys to use uppercase constants and moved cache for `librechat.yaml` into its own cache namespace (STATIC_CONFIG) and with a more descriptive key (LIBRECHAT_YAML_CONFIG)
* Fix scanning of the uploaded images folder on startup
* Re-write tests to pass linting
* Disable image output gzip scan by default
* Add `ENABLE_IMAGE_OUTPUT_GZIP_SCAN` to `.env.example`
- Introduced new violation scores for TTS, STT, Fork, Import, and File Upload actions in the .env.example file.
- Updated logViolation function to accept a score parameter, allowing for dynamic severity levels based on the action type.
- Modified limiters for Fork, Import, Message, STT, TTS, Tool Call, and File Upload to utilize the new violation scores when logging violations.
* 🔧 refactor: move `processMCPEnv` from `librechat-data-provider` and move to `@librechat/api`
* 🔧 refactor: Update resolveHeaders import paths
* 🔧 refactor: Enhance resolveHeaders to support user and custom variables
- Updated resolveHeaders function to accept user and custom user variables for placeholder replacement.
- Modified header resolution in multiple client and controller files to utilize the enhanced resolveHeaders functionality.
- Added comprehensive tests for resolveHeaders to ensure correct processing of user and custom variables.
* 🔧 fix: Update user ID placeholder processing in env.ts
* 🔧 fix: Remove arguments passing this.user rather than req.user
- Updated multiple client and controller files to call resolveHeaders without the user parameter
* 🔧 refactor: Enhance processUserPlaceholders to be more readable / less nested
* 🔧 refactor: Update processUserPlaceholders to pass all tests in mpc.spec.ts and env.spec.ts
* chore: remove legacy ChatGPTClient
* chore: remove LLM initialization code
* chore: initial deprecation removal of `gptPlugins`
* chore: remove cohere-ai dependency from package.json and package-lock.json
* chore: update brace-expansion to version 2.0.2 and add license information
* chore: remove PluginsClient test file
* chore: remove legacy
* ci: remove deprecated sendMessage/getCompletion/chatCompletion tests
---------
Co-authored-by: Dustin Healy <54083382+dustinhealy@users.noreply.github.com>
* fix: add undefined password check in local user authentication
* fix: edge case - issue deleting user when no conversations in deleteUserController
* feat: Integrate Mailgun API for email sending functionality
* fix: undefined SESSION_EXPIRY handling and add tests
* fix: update import path for isEnabled utility in azureUtils.js to resolve circular dep.
* 🔧 chore: Add missing optional `scraperTimeout` to webSearchSchema
* chore: Add missing optional `scraperTimeout` to web search authentication result
* chore: linting
* feat: Integrate attachment handling and citation processing in message components
- Added `useAttachments` hook to manage message attachments and search results.
- Updated `MessageParts`, `ContentParts`, and `ContentRender` components to utilize the new hook for improved attachment handling.
- Enhanced `useCopyToClipboard` to format citations correctly, including support for composite citations and deduplication.
- Introduced utility functions for citation processing and cleanup.
- Added tests for the new `useCopyToClipboard` functionality to ensure proper citation formatting and handling.
* feat: Add configuration for LibreChat Code Interpreter API and Web Search variables
* fix: Update searchResults type to use SearchResultData for better type safety
* feat: Add web search configuration validation and logging
- Introduced `checkWebSearchConfig` function to validate web search configuration values, ensuring they are environment variable references.
- Added logging for proper configuration and warnings for incorrect values.
- Created unit tests for `checkWebSearchConfig` to cover various scenarios, including valid and invalid configurations.
* docs: Update README to include Web Search feature details
- Added a section for the Web Search feature, highlighting its capabilities to search the internet and enhance AI context.
- Included links for further information on the Web Search functionality.
* ci: Add mock for checkWebSearchConfig in AppService tests
* chore: linting
* feat: Enhance Shared Messages with Web Search UI by adding searchResults prop to SearchContent and MinimalHoverButtons components
* chore: linting
* refactor: remove Meilisearch index sync from importConversations function
* feat: update safeSearch implementation to use SafeSearchTypes enum
* refactor: remove commented-out code in loadTools function
* fix: ensure responseMessageId handles latestMessage ID correctly
* feat: enhance Vite configuration for improved chunking and caching
- Added additional globIgnores for map files in Workbox configuration.
- Implemented high-impact chunking for various large libraries to optimize performance.
- Increased chunkSizeWarningLimit from 1200 to 1500 for better handling of larger chunks.
* refactor: move health check hook to Root, fix bad setState for Temporary state
- Enhanced the `useHealthCheck` hook to initiate health checks only when the user is authenticated.
- Added logic for managing health check intervals and handling window focus events.
- Introduced a new test suite for `useHealthCheck` to cover various scenarios including authentication state changes and error handling.
- Removed the health check invocation from `ChatRoute` and added it to `Root` for global health monitoring.
* fix: update font alias in Vite configuration for correct path resolution
* feat: integrate OpenID Connect support with token reuse
- Added `jwks-rsa` and `new-openid-client` dependencies for OpenID Connect functionality.
- Implemented OpenID token refresh logic in `AuthController`.
- Enhanced `LogoutController` to handle OpenID logout and session termination.
- Updated JWT authentication middleware to support OpenID token provider.
- Modified OAuth routes to accommodate OpenID authentication and token management.
- Created `setOpenIDAuthTokens` function to manage OpenID tokens in cookies.
- Upgraded OpenID strategy with user info fetching and token exchange protocol.
- Introduced `openIdJwtLogin` strategy for handling OpenID JWT tokens.
- Added caching mechanism for exchanged OpenID tokens.
- Updated configuration to include OpenID exchanged tokens cache key.
- updated .env.example to include the new env variables needed for the feature.
* fix: update return type in downloadImage documentation for clarity and fixed openIdJwtLogin env variables
* fix: update Jest configuration and tests for OpenID strategy integration
* fix: update OpenID strategy to include callback URL in setup
* fix: fix optionalJwtAuth middleware to support OpenID token reuse and improve currentUrl method in CustomOpenIDStrategy to override the dynamic host issue related to proxy (e.g. cloudfront)
* fix: fixed code formatting
* Fix: Add mocks for openid-client and passport strategy in Jest configuration to fix unit tests
* fix eslint errors: Format mock file openid-client.
* ✨ feat: Add PKCE support for OpenID and default handling in strategy setup
---------
Co-authored-by: Atef Bellaaj <slalom.bellaaj@external.daimlertruck.com>
Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com>
* refactor: Update AnthropicClient to support Claude model naming changes
* Renamed `isClaude3` to `isClaudeLatest` to accommodate newer Claude models.
* Updated logic to determine if the model is part of the Claude family.
* Adjusted `useMessages` property to reflect the new model naming convention.
* Cleaned up client properties during disposal to match the updated naming.
* feat: Claude-4 Support
* feat: Add Thinking and Prompt caching support for Claude 4
* chore: Update ANTHROPIC_MODELS in .env.example for latest model versions
This pull request updates the GOOGLE_MODELS and GOOGLE_TITLE_MODEL examples in the .env.example file to reflect the currently available models on Google AI Studio (Gemini API) and Vertex AI.
Many of the models previously listed in the example file have since been deprecated or are no longer the primary recommended versions. This discrepancy could lead to confusion for new users setting up the project, potentially causing them to select non-functional or outdated model identifiers, resulting in errors or suboptimal performance.
The changes in this PR ensure that:
- The model lists for both Gemini API (AI Studio) and Vertex AI are synchronized with the current offerings.
- New users have a more accurate and reliable starting point when configuring their environment.
- The likelihood of encountering issues due to deprecated model names during initial setup is significantly reduced.
* wip: OpenAI Image Generation Tool with customizable options
* WIP: First pass OpenAI Image Generation Tool and integrate into existing tools
* 🔀 fix: Comment out unused validation for image generation tool parameters
* 🔀 refactor: Update primeResources function parameters for better destructuring
* feat: Add image_edit resource to EToolResources and update AgentToolResources interface
* feat: Enhance file retrieval with tool resource filtering for image editing
* refactor: add OpenAI Image Tools for generation and editing, refactor related components, pass current request image attachments as tool resources for editing
* refactor: Remove commented-out code and clean up API key retrieval in createOpenAIImageTools function
* fix: show message attachments in shared links
* fix: Correct parent message retrieval logic for regenerated messages in useChatFunctions
* fix: Update primeResources to utilize requestFileSet for image file processing
* refactor: Improve description for image generation tool and clarify usage conditions, only provide edit tool if there are images available to edit
* chore: Update OpenAI Image Tools icon to use local asset
* refactor: Update image generation tool description and logic to prioritize editing tool when files are uploaded
* refactor: Enhance image tool descriptions to clarify usage conditions and note potential unavailability of uploaded images
* refactor: Update useAttachmentHandler to accept queryClient to update query cache with newly created file
* refactor: Add customizable descriptions and prompts for OpenAI image generation and editing tools
* chore: Update comments to use JSDoc style for better clarity and consistency
* refactor: Rename config variable to clientConfig for clarity and update signal handling in image generation
* refactor: Update axios request configuration to include derived signal and baseURL for improved request handling
* refactor: Update baseURL environment variable for OpenAI image generation tool configuration
* refactor: Enhance axios request configuration with conditional headers and improved clientConfig setup
* chore: Update comments for clarity and remove unnecessary lines in OpenAI image tools
* refactor: Update description for image generation without files to clarify user instructions
* refactor: Simplify target parent message logic for regeneration and resubmission cases
* chore: Remove backticks from error messages in image generation and editing functions
* refactor: Rename toolResources to toolResourceSet for clarity in file retrieval functions
* chore: Remove redundant comments and clean up TODOs in OpenAI image tools
* refactor: Rename fileStrategy to appFileStrategy for clarity and improve error handling in image processing
* chore: Update react-resizable-panels to version 2.1.8 in package.json and package-lock.json
* chore: Ensure required validation for logs and Code of Conduct agreement in bug report template
* fix: Update ArtifactPreview to use startupConfig and currentCode from memoized props to prevent unnecessary re-renders
* fix: improve robustness of `save & submit` when used from a user-message with existing attachments
* fix: add null check for artifact index in CodeEditor to prevent errors, trigger re-render on artifact ID change
* fix: standardize default values for artifact properties in Artifact component, avoiding prematurely setting an "empty/default" artifact
* fix: reset current artifact ID before setting a new one in ArtifactButton to ensure correct state management
* chore: rename `setArtifactId` variable to `setCurrentArtifactId` for consistency
* chore: update type annotations in File and S3 CRUD functions for consistency
* refactor: improve image handling in OpenAI tools by using image_id references and enhance tool context for image editing
* fix: update image_ids schema in image_edit_oai to enforce presence and provide clear guidelines for usage
* fix: enhance file fetching logic to ensure user-specific and dimension-validated results
* chore: add details on image generation and editing capabilities with various models
* 🚀 feat: Add automatic refill settings to balance schema
* 🚀 feat: Refactor balance feature to use global interface configuration
* 🚀 feat: Implement auto-refill functionality for balance management
* 🚀 feat: Enhance auto-refill logic and configuration for balance management
* 🚀 chore: Bump version to 0.7.74 in package.json and package-lock.json
* 🚀 chore: Bump version to 0.0.5 in package.json and package-lock.json
* 🚀 docs: Update comment for balance settings in librechat.example.yaml
* chore: space in `.env.example`
* 🚀 feat: Implement balance configuration loading and refactor related components
* 🚀 test: Refactor tests to use custom config for balance feature
* 🚀 fix: Update balance response handling in Transaction.js to use Balance model
* 🚀 test: Update AppService tests to include balance configuration in mock setup
* 🚀 test: Enhance AppService tests with complete balance configuration scenarios
* 🚀 refactor: Rename balanceConfig to balance and update related tests for clarity
* 🚀 refactor: Remove loadDefaultBalance and update balance handling in AppService
* 🚀 test: Update AppService tests to reflect new balance structure and defaults
* 🚀 test: Mock getCustomConfig in BaseClient tests to control balance configuration
* 🚀 test: Add get method to mockCache in OpenAIClient tests for improved cache handling
* 🚀 test: Mock getCustomConfig in OpenAIClient tests to control balance configuration
* 🚀 test: Remove mock for getCustomConfig in OpenAIClient tests to streamline configuration handling
* 🚀 fix: Update balance configuration reference in config.js for consistency
* refactor: Add getBalanceConfig function to retrieve balance configuration
* chore: Comment out example balance settings in librechat.example.yaml
* refactor: Replace getCustomConfig with getBalanceConfig for balance handling
* fix: tests
* refactor: Replace getBalanceConfig call with balance from request locals
* refactor: Update balance handling to use environment variables for configuration
* refactor: Replace getBalanceConfig calls with balance from request locals
* refactor: Simplify balance configuration logic in getBalanceConfig
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
* 🚀 feat: Integrate Azure Blob Storage for file handling and image uploads
* 🐼 refactor: Correct module import case for Azure in strategies.js
* 🚀 feat: Add Azure support in SourceIcon component
* 🚀 feat: Enhance Azure Blob Service initialization with Managed Identity support
* 🐼 refactor: Remove unused Azure dependencies from package.json and package-lock.json
* 🐼 refactor: Remove unused Azure dependencies from package.json and package-lock.json
* 🐼 refactor: Remove unused Azure dependencies from package.json and package-lock.json
* 🚀 feat: Add Azure SDK dependencies for identity and storage blob
* 🔧 fix: Reorganize imports in strategies.js for better clarity
* 🔧 fix: Correct comment formatting in strategies.js for consistency
* 🔧 fix: Improve comment formatting in strategies.js for consistency
* French Translation Update
* French Translation Update
* test
* Add fileStrategy S3 Config
* update s3 crud.js
* 🔧 chore: downgrade dotenv to version 16.0.3 and add aws-sdk to package-lock.json
* 🔧 chore: remove aws-sdk from package.json
* 🚀 feat: Integrate AWS SDK for S3 with enhanced upload and retrieval functionalities
* 🚀 feat: Implement S3 integration for file upload and retrieval functionalities
* 🚀 feat: Enhance S3 initialization to support default credentials and improved error handling
---------
Co-authored-by: Gael Martins <gael.martins@acolad.com>
* 🔧 fix: Log warning for aborted operations in AgentClient
* ci: Remove unused saveMessageToDatabase mock in FakeClient initialization
* ci: test actual implementation of saveMessageToDatabase
* refactor: Change log level from warning to error for aborted operations in AgentClient
* refactor: Add className prop to Image component for customizable styling, use theme selectors
* feat: FLUX Image Generation tool
* 🔧 refactor: Update settings to use 'as const' for improved type safety and make gpt-4o-mini default model (cheapest)
* 📖 docs: Update README to reflect support for GPT-4.5 in image analysis feature
* 🔧 refactor: Update model handling to use default settings and improve encoding logic
* 🔧 refactor: Enhance model version extraction logic for improved compatibility with future GPT and omni models
* feat: GPT-4.5 tx/token update, vision support
* fix: $ref resolution logic in OpenAPI handling
* feat: add new 'anthropic-beta' header for Claude 3.7 to include token-efficient tools; ref: https://docs.anthropic.com/en/docs/build-with-claude/tool-use/token-efficient-tool-use
* chore: include all assets for service worker, remove unused tsconfig.node.json, eslint ignore vite config
* chore: exclude image files from service worker caching
* refactor: simplify googleSchema transformation and error handling
* fix: max output tokens cap for 3.7 models
* fix: skip index fixing in CI, development, and test environments
* ci: add maxOutputTokens handling tests for Claude models
* refactor: drop top_k and top_p parameters for claude-3.7 in AnthropicClient and add tests for new behavior
* refactor: conditionally include top_k and top_p parameters for non-claude-3.7 models
* ci: add unit tests for getLLMConfig function with various model options
* chore: remove all OPENROUTER_API_KEY legacy logic
* refactor: optimize stream chunk handling
* feat: reset model parameters button
* refactor: remove unused examples field from convoSchema and presetSchema
* chore: update librechat-data-provider version to 0.7.6993
* refactor: move excludedKeys set to data-provider for better reusability
* feat: enhance saveMessageToDatabase to handle unset fields and fetched conversation state
* feat: add 'iconURL' and 'greeting' to excludedKeys in data provider config
* fix: add optional chaining to user ID retrieval in getConvo call
* fix: missing console color methods for admin scripts
* feat: Anthropic Claude 3.7 Sonnet Support
* feat: update eventsource to version 3.0.2 and upgrade @modelcontextprotocol/sdk to 1.4.1
* fix: update DynamicInput to handle number type and improve initial value logic
* feat: first pass Anthropic Reasoning (Claude 3.7)
* feat: implement streaming support in AnthropicClient with reasoning UI handling
* feat: add missing xAI (grok) models
* refactor: Improve MeiliSearch integration with environment-based configuration for running index sync
* chore: Remove Question issue template from GitHub repository
* feat: Enable indexing in MeiliSearch configuration and clean up error handling in indexSync
* feat: Update .env.example to include optional indexing configuration
* refactor: rename env var for disabling index sync to MEILI_NO_SYNC
* Added the option to change the default trusted proxy
* feat: Add TRUST_PROXY configuration to .env.example for reverse proxy settings
* feat: Enhance Redis support with cluster configuration and TLS options
* feat(redis): add cluster support, environment config and url mapping
- Add Redis cluster configuration with isEnabled flag
- Configure prefix and max listeners settings
- Improve code formatting and readability
- Fix URL vs host parameter handling
- Update environment variables and regex patterns
---------
Co-authored-by: Gil Assunção <gil.assuncao@parceiros.nos.pt>
Co-authored-by: Pedro Reis <pedro.malheiro@parceiros.nos.pt>
Co-authored-by: João Trigo Soares <joao.soares@parceiros.nos.pt>
* chore: bump https-proxy-agent and @librechat/agents
* refactor: Improve error logging in OllamaClient for API fetch failures
* feat: Add DeepSeek provider support and enhance provider name handling
* refactor: Use Providers.OLLAMA constant for model name check in fetchModels function
* feat: Enhance formatAgentMessages to handle reasoning content type
* feat: OpenRouter Agent Reasoning
* hard work and dedicationgit add .env.example :)
* fix: Handle Google social login with missing last name
Social login with Google was previously displaying 'undefined' when
a user's last name was empty or not provided.
Changes:
- Conditionally render last name only if it exists
- Prevent displaying 'undefined' when last name is missing
* fix: add missing file endings for developers yml,yaml and log
---------
Co-authored-by: Mohamed Al-Duraji <mbalduraji@college.harvard.edu>
Co-authored-by: Deepak Kendole <deepakdpk101@gmail.com>
Co-authored-by: Peter Rothlaender <peter.rothlaender@ginkgo.com>
* adding youtube tool
* refactor: use short `url` param instead of `videoUrl`
* refactor: move API key retrieval to a separate credentials module
* refactor: remove unnecessary `isEdited` message property
* refactor: remove unnecessary `isEdited` message property pt. 2
* refactor: YouTube Tool with new `tool()` generator, handle tools already created by new `tool` generator
* fix: only reset request data for multi-convo messages
* refactor: enhance YouTube tool by adding transcript parsing and returning structured JSON responses
* refactor: update transcript parsing to handle raw response and clean up text output
* feat: support toolkits and refactor YouTube tool as a toolkit for better LLM usage
* refactor: remove unused OpenAPI specs and streamline tools transformation in loadAsyncEndpoints
* refactor: implement manifestToolMap for better tool management and streamline authentication handling
* feat: support toolkits for assistants
* refactor: rename loadedTools to toolDefinitions for clarity in PluginController and assistant controllers
* feat: complete support of toolkits for assistants
---------
Co-authored-by: Danilo Pejakovic <danilo.pejakovic@leoninestudios.com>
* implemented Apple Auth login.
Closes: #3438
TODO:
- write config Doc
* removed some comments
* removed comment
* Add unit tests for Apple login strategy
Introduce comprehensive tests for the Apple login strategy, covering new user creation, existing user updates, and error handling scenarios during the authentication flow. Mocks implemented for external dependencies to ensure isolated testing.
* Remove unnecessary blank line in socialLogins.js
* chore: remove all bing code
* chore: remove bing code and auto-focus effects
* chore: add back escapeRegExp helper function for regex special character handling
* chore: remove deprecated fields from settings and conversation schema
* fix: ensure default endpoint is set correctly in conversation setup
* feat: add disableFocus option to newConversation for improved search behavior
