* refactor: move endpoint initialization methods to typescript
* refactor: move agent init to packages/api
- Introduced `initialize.ts` for agent initialization, including file processing and tool loading.
- Updated `resources.ts` to allow optional appConfig parameter.
- Enhanced endpoint configuration handling in various initialization files to support model parameters.
- Added new artifacts and prompts for React component generation.
- Refactored existing code to improve type safety and maintainability.
* refactor: streamline endpoint initialization and enhance type safety
- Updated initialization functions across various endpoints to use a consistent request structure, replacing `unknown` types with `ServerResponse`.
- Simplified request handling by directly extracting keys from the request body.
- Improved type safety by ensuring user IDs are safely accessed with optional chaining.
- Removed unnecessary parameters and streamlined model options handling for better clarity and maintainability.
* refactor: moved ModelService and extractBaseURL to packages/api
- Added comprehensive tests for the models fetching functionality, covering scenarios for OpenAI, Anthropic, Google, and Ollama models.
- Updated existing endpoint index to include the new models module.
- Enhanced utility functions for URL extraction and model data processing.
- Improved type safety and error handling across the models fetching logic.
* refactor: consolidate utility functions and remove unused files
- Merged `deriveBaseURL` and `extractBaseURL` into the `@librechat/api` module for better organization.
- Removed redundant utility files and their associated tests to streamline the codebase.
- Updated imports across various client files to utilize the new consolidated functions.
- Enhanced overall maintainability by reducing the number of utility modules.
* refactor: replace ModelService references with direct imports from @librechat/api and remove ModelService file
* refactor: move encrypt/decrypt methods and key db methods to data-schemas, use `getProviderConfig` from `@librechat/api`
* chore: remove unused 'res' from options in AgentClient
* refactor: file model imports and methods
- Updated imports in various controllers and services to use the unified file model from '~/models' instead of '~/models/File'.
- Consolidated file-related methods into a new file methods module in the data-schemas package.
- Added comprehensive tests for file methods including creation, retrieval, updating, and deletion.
- Enhanced the initializeAgent function to accept dependency injection for file-related methods.
- Improved error handling and logging in file methods.
* refactor: streamline database method references in agent initialization
* refactor: enhance file method tests and update type references to IMongoFile
* refactor: consolidate database method imports in agent client and initialization
* chore: remove redundant import of initializeAgent from @librechat/api
* refactor: move checkUserKeyExpiry utility to @librechat/api and update references across endpoints
* refactor: move updateUserPlugins logic to user.ts and simplify UserController
* refactor: update imports for user key management and remove UserService
* refactor: remove unused Anthropics and Bedrock endpoint files and clean up imports
* refactor: consolidate and update encryption imports across various files to use @librechat/data-schemas
* chore: update file model mock to use unified import from '~/models'
* chore: import order
* refactor: remove migrated to TS agent.js file and its associated logic from the endpoints
* chore: add reusable function to extract imports from source code in unused-packages workflow
* chore: enhance unused-packages workflow to include @librechat/api dependencies and improve dependency extraction
* chore: improve dependency extraction in unused-packages workflow with enhanced error handling and debugging output
* chore: add detailed debugging output to unused-packages workflow for better visibility into unused dependencies and exclusion lists
* chore: refine subpath handling in unused-packages workflow to correctly process scoped and non-scoped package imports
* chore: clean up unused debug output in unused-packages workflow and reorganize type imports in initialize.ts
* feat: Add OpenID Connect federated provider token support
Implements support for passing federated provider tokens (Cognito, Azure AD, Auth0)
as variables in LibreChat's librechat.yaml configuration for both custom endpoints
and MCP servers.
Features:
- New LIBRECHAT_OPENID_* template variables for federated provider tokens
- JWT claims parsing from ID tokens without verification (for claim extraction)
- Token validation with expiration checking
- Support for multiple token storage locations (federatedTokens, openidTokens)
- Integration with existing template variable system
- Comprehensive test suite with Cognito-specific scenarios
- Provider-agnostic design supporting Cognito, Azure AD, Auth0, etc.
Security:
- Server-side only token processing
- Automatic token expiration validation
- Graceful fallbacks for missing/invalid tokens
- No client-side token exposure
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: Add federated token propagation to OIDC authentication strategies
Adds federatedTokens object to user during authentication to enable
federated provider token template variables in LibreChat configuration.
Changes:
- OpenID JWT Strategy: Extract raw JWT from Authorization header and
attach as federatedTokens.access_token to enable {{LIBRECHAT_OPENID_TOKEN}}
placeholder resolution
- OpenID Strategy: Attach tokenset tokens as federatedTokens object to
standardize token access across both authentication strategies
This enables proper token propagation for custom endpoints and MCP
servers that require federated provider tokens for authorization.
Resolves missing token issue reported by @ramden in PR #9931🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Denis Ramic <denis.ramic@nfon.com>
Co-Authored-By: Claude <noreply@anthropic.com>
* test: Add federatedTokens validation tests for OIDC strategies
Adds comprehensive test coverage for the federated token propagation
feature implemented in the authentication strategies.
Tests added:
- Verify federatedTokens object is attached to user with correct structure
(access_token, refresh_token, expires_at)
- Verify both tokenset and federatedTokens are present in user object
- Ensure tokens from OIDC provider are correctly propagated
Also fixes existing test suite by adding missing mocks:
- isEmailDomainAllowed function mock
- findOpenIDUser function mock
These tests validate the fix from commit 5874ba29f that enables
{{LIBRECHAT_OPENID_TOKEN}} template variable functionality.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* docs: Remove implementation documentation file
The PR description already contains all necessary implementation details.
This documentation file is redundant and was requested to be removed.
* fix: skip s256 check
* fix(openid): handle missing refresh token in Cognito token refresh response
When OPENID_REUSE_TOKENS=true, the token refresh flow was failing because
Cognito (and most OAuth providers) don't return a new refresh token in the
refresh grant response - they only return new access and ID tokens.
Changes:
- Modified setOpenIDAuthTokens() to accept optional existingRefreshToken parameter
- Updated validation to only require access_token (refresh_token now optional)
- Added logic to reuse existing refresh token when not provided in tokenset
- Updated refreshController to pass original refresh token as fallback
- Added comments explaining standard OAuth 2.0 refresh token behavior
This fixes the "Token is not present. User is not authenticated." error that
occurred during silent token refresh with Cognito as the OpenID provider.
Fixes: Authentication loop with OPENID_REUSE_TOKENS=true and AWS Cognito
* fix(openid): extract refresh token from cookies for template variable replacement
When OPENID_REUSE_TOKENS=true, the openIdJwtStrategy populates user.federatedTokens
to enable template variable replacement (e.g., {{LIBRECHAT_OPENID_ACCESS_TOKEN}}).
However, the refresh_token field was incorrectly sourced from payload.refresh_token,
which is always undefined because:
1. JWTs don't contain refresh tokens in their payload
2. The JWT itself IS the access token
3. Refresh tokens are separate opaque tokens stored in HTTP-only cookies
This caused extractOpenIDTokenInfo() to receive incomplete federatedTokens,
resulting in template variables remaining unreplaced in headers.
**Root Cause:**
- Line 90: `refresh_token: payload.refresh_token` (always undefined)
- JWTs only contain access token data in their claims
- Refresh tokens are separate, stored securely in cookies
**Solution:**
- Import `cookie` module to parse cookies from request
- Extract refresh token from `refreshToken` cookie
- Populate federatedTokens with both access token (JWT) and refresh token (from cookie)
**Impact:**
- Template variables like {{LIBRECHAT_OPENID_ACCESS_TOKEN}} now work correctly
- Headers in librechat.yaml are properly replaced with actual tokens
- MCP server authentication with federated tokens now functional
**Technical Details:**
- passReqToCallback=true in JWT strategy provides req object access
- Refresh token extracted via cookies.parse(req.headers.cookie).refreshToken
- Falls back gracefully if cookie header or refreshToken is missing
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: re-resolve headers on each request to pick up fresh federatedTokens
- OpenAIClient now re-resolves headers in chatCompletion() before each API call
- This ensures template variables like {{LIBRECHAT_OPENID_TOKEN}} are replaced
with actual token values from req.user.federatedTokens
- initialize.js now stores original template headers instead of pre-resolved ones
- Fixes template variable replacement when OPENID_REUSE_TOKENS=true
The issue was that headers were only resolved once during client initialization,
before openIdJwtStrategy had populated user.federatedTokens. Now headers are
re-resolved on every request with the current user's fresh tokens.
* debug: add logging to track header resolution in OpenAIClient
* debug: log tokenset structure after refresh to diagnose missing access_token
* fix: set federatedTokens on user object after OAuth refresh
- After successful OAuth token refresh, the user object was not being
updated with federatedTokens
- This caused template variable resolution to fail on subsequent requests
- Now sets user.federatedTokens with access_token, id_token, refresh_token
and expires_at from the refreshed tokenset
- Fixes template variables like {{LIBRECHAT_OPENID_TOKEN}} not being
replaced after token refresh
- Related to PR #9931 (OpenID federated token support)
* fix(openid): pass user object through agent chain for template variable resolution
Root cause: buildAgentContext in agents/run.ts called resolveHeaders without
the user parameter, preventing OpenID federated token template variables from
being resolved in agent runtime parameters.
Changes:
- packages/api/src/agents/run.ts: Add user parameter to createRun signature
- packages/api/src/agents/run.ts: Pass user to resolveHeaders in buildAgentContext
- api/server/controllers/agents/client.js: Pass user when calling createRun
- api/server/services/Endpoints/bedrock/options.js: Add resolveHeaders call with debug logging
- api/server/services/Endpoints/custom/initialize.js: Add debug logging
- packages/api/src/utils/env.ts: Add comprehensive debug logging and stack traces
- packages/api/src/utils/oidc.ts: Fix eslint errors (unused type, explicit any)
This ensures template variables like {{LIBRECHAT_OPENID_TOKEN}} and
{{LIBRECHAT_USER_OPENIDID}} are properly resolved in both custom endpoint
headers and Bedrock AgentCore runtime parameters.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* refactor: remove debug logging from OpenID token template feature
Removed excessive debug logging that was added during development to make
the PR more suitable for upstream review:
- Removed 7 debug statements from OpenAIClient.js
- Removed all console.log statements from packages/api/src/utils/env.ts
- Removed debug logging from bedrock/options.js
- Removed debug logging from custom/initialize.js
- Removed debug statement from AuthController.js
This reduces the changeset by ~50 lines while maintaining full functionality
of the OpenID federated token template variable feature.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(openid): add comprehensive unit tests for template variable substitution
- Add 34 unit tests for OIDC token utilities (oidc.spec.ts)
- Test coverage for token extraction, validation, and placeholder processing
- Integration tests for full OpenID token flow
- All tests pass with comprehensive edge case coverage
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
* test: fix OpenID federated tokens test failures
- Add serverMetadata() mock to openid-client mock configuration
* Fixes TypeError in openIdJwtStrategy.js where serverMetadata() was being called
* Mock now returns jwks_uri and end_session_endpoint as expected by the code
- Update outdated initialize.spec.js test
* Remove test expecting resolveHeaders call during initialization
* Header resolution was refactored to be deferred until LLM request time
* Update test to verify options are returned correctly with useLegacyContent flag
Fixes#9931 CI failures for backend unit tests
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* chore: fix package-lock.json conflict
* chore: sync package-log with upstream
* chore: cleanup
* fix: use createSafeUser
* fix: fix createSafeUser signature
* chore: remove comments
* chore: purge comments
* fix: update Jest testPathPattern to testPathPatterns for Jest 30+ compatibility
---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Denis Ramic <denis.ramic@nfon.com>
Co-authored-by: kristjanaapro <kristjana@apro.is>
chore: import order and add back JSDoc for OpenID JWT callback
* chore: update @librechat/agents dependency to version 3.0.18
* refactor: add optional metadata field to message schema and types
* chore: update @librechat/agents to v3.0.19
* refactor: update return type of sendCompletion method to include metadata
* chore: linting
* chore: update @librechat/agents dependency to v3.0.20
* refactor: implement agent labeling for conversation history in multi-agent scenarios
* refactor: improve error handling for capturing agent ID map in AgentClient
* refactor: clear agentIdMap and related properties during client disposal to prevent memory leaks
* chore: update sendCompletion method for FakeClient to return an object with completion and metadata fields
* feat: Add error handling for model refusal and update translations
* refactor: error handling in AgentClient to improve logging and cleanup process
* refactor: Update error message for response refusal to improve clarity
* feat: add filterFilesByEndpointConfig to filter disabled file processing by provider
* chore: explicit define of endpointFileConfig for better debugging
* refactor: move `normalizeEndpointName` to data-provider as used app-wide
* chore: remove overrideEndpoint from useFileHandling
* refactor: improve endpoint file config selection
* refactor: update filterFilesByEndpointConfig to accept structured parameters and improve endpoint file config handling
* refactor: replace defaultFileConfig with getEndpointFileConfig for improved file configuration handling across components
* test: add comprehensive unit tests for getEndpointFileConfig to validate endpoint configuration handling
* refactor: streamline agent endpoint assignment and improve file filtering logic
* feat: add error handling for disabled file uploads in endpoint configuration
* refactor: update encodeAndFormat functions to accept structured parameters for provider and endpoint
* refactor: streamline requestFiles handling in initializeAgent function
* fix: getEndpointFileConfig partial config merging scenarios
* refactor: enhance mergeWithDefault function to support document-supported providers with comprehensive MIME types
* refactor: user-configured default file config in getEndpointFileConfig
* fix: prevent file handling when endpoint is disabled and file is dragged to chat
* refactor: move `getEndpointField` to `data-provider` and update usage across components and hooks
* fix: prioritize endpointType based on agent.endpoint in file filtering logic
* fix: prioritize agent.endpoint in file filtering logic and remove unnecessary endpointType defaulting
* feat: Add support for agent handoffs with edges in agent forms and schemas
chore: Mark `agent_ids` field as deprecated in favor of edges across various schemas and types
chore: Update dependencies for @langchain/core and @librechat/agents to latest versions
chore: Update peer dependency for @librechat/agents to version 3.0.0-rc2 in package.json
chore: Update @librechat/agents dependency to version 3.0.0-rc3 in package.json and package-lock.json
feat: first pass, multi-agent handoffs
fix: update output type to ToolMessage in memory handling functions
fix: improve type checking for graphConfig in createRun function
refactor: remove unused content filtering logic in AgentClient
chore: update @librechat/agents dependency to version 3.0.0-rc4 in package.json and package-lock.json
fix: update @langchain/core peer dependency version to ^0.3.72 in package.json and package-lock.json
fix: update @librechat/agents dependency to version 3.0.0-rc6 in package.json and package-lock.json; refactor stream rate handling in various endpoints
feat: Agent handoff UI
chore: update @librechat/agents dependency to version 3.0.0-rc8 in package.json and package-lock.json
fix: improve hasInfo condition and adjust UI element classes in AgentHandoff component
refactor: remove current fixed agent display from AgentHandoffs component due to redundancy
feat: enhance AgentHandoffs UI with localized beta label and improved layout
chore: update @librechat/agents dependency to version 3.0.0-rc10 in package.json and package-lock.json
feat: add `createSequentialChainEdges` function to add back agent chaining via multi-agents
feat: update `createSequentialChainEdges` call to only provide conversation context between agents
feat: deprecate Agent Chain functionality and update related methods for improved clarity
* chore: update @librechat/agents dependency to version 3.0.0-rc11 in package.json and package-lock.json
* refactor: remove unused addCacheControl function and related imports and import from @librechat/agents
* chore: remove unused i18n keys
* refactor: remove unused format export from index.ts
* chore: update @librechat/agents to v3.0.0-rc13
* chore: remove BEDROCK_LEGACY provider from Providers enum
* chore: update @librechat/agents to version 3.0.2 in package.json
* fix: Sanitize LLM titles by stripping <think> tags and fix modal overflow
* chore: linting
* chore: Simplify title sanitization by removing unnecessary variable assignment and import order
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
* 📦 feat: `@librechat/agents` v2.4.87 for LangFuse Support
* 📦 chore: update @librechat/agents to v2.4.88 in package.json and package-lock.json
* 📦 chore: update @librechat/agents to v2.4.89
* feat: Add runName configuration to AgentClient and Memory agent for improved tracing
- problem: `addImageUrls` had a side effect that was being leveraged before to populate both the `ocr` message field, now `fileContext`, and `client.options.attachments`, which would record the user's uploaded message attachments to the user message when saved to the database and returned at the end of the request lifecycle
- solution: created dedicated handling for file context, and made sure to populate `allFiles` with non-provider attachments
* 📎 feat: Direct Provider Attachment Support for Multimodal Content
* 📑 feat: Anthropic Direct Provider Upload (#9072)
* feat: implement Anthropic native PDF support with document preservation
- Add comprehensive debug logging throughout PDF processing pipeline
- Refactor attachment processing to separate image and document handling
- Create distinct addImageURLs(), addDocuments(), and processAttachments() methods
- Fix critical bugs in stream handling and parameter passing
- Add streamToBuffer utility for proper stream-to-buffer conversion
- Remove api/agents submodule from repository
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* chore: remove out of scope formatting changes
* fix: stop duplication of file in chat on end of response stream
* chore: bring back file search and ocr options
* chore: localize upload to provider string in file menu
* refactor: change createMenuItems args to fit new pattern introduced by anthropic-native-pdf-support
* feat: add cache point for pdfs processed by anthropic endpoint since they are unlikely to change and should benefit from caching
* feat: combine Upload Image into Upload to Provider since they both perform direct upload and change provider upload icon to reflect multimodal upload
* feat: add citations support according to docs
* refactor: remove redundant 'document' check since documents are handled properly by formatMessage in the agents repo now
* refactor: change upload logic so anthropic endpoint isn't exempted from normal upload path using Agents for consistency with the rest of the upload logic
* fix: include width and height in return from uploadLocalFile so images are correctly identified when going through an AgentUpload in addImageURLs
* chore: remove client specific handling since the direct provider stuff is handled by the agent client
* feat: handle documents in AgentClient so no need for change to agents repo
* chore: removed unused changes
* chore: remove auto generated comments from OG commit
* feat: add logic for agents to use direct to provider uploads if supported (currently just anthropic)
* fix: reintroduce role check to fix render error because of undefined value for Content Part
* fix: actually fix render bug by using proper isCreatedByUser check and making sure our mutation of formattedMessage.content is consistent
---------
Co-authored-by: Andres Restrepo <andres@thelinuxkid.com>
Co-authored-by: Claude <noreply@anthropic.com>
📁 feat: Send Attachments Directly to Provider (OpenAI) (#9098)
* refactor: change references from direct upload to direct attach to better reflect functionality
since we are just using base64 encoding strategy now rather than Files/File API for sending our attachments directly to the provider, the upload nomenclature no longer makes sense. direct_attach better describes the different methods of sending attachments to providers anyways even if we later introduce direct upload support
* feat: add upload to provider option for openai (and agent) ui
* chore: move anthropic pdf validator over to packages/api
* feat: simple pdf validation according to openai docs
* feat: add provider agnostic validatePdf logic to start handling multiple endpoints
* feat: add handling for openai specific documentPart formatting
* refactor: move require statement to proper place at top of file
* chore: add in openAI endpoint for the rest of the document handling logic
* feat: add direct attach support for azureOpenAI endpoint and agents
* feat: add pdf validation for azureOpenAI endpoint
* refactor: unify all the endpoint checks with isDocumentSupportedEndpoint
* refactor: consolidate Upload to Provider vs Upload image logic for clarity
* refactor: remove anthropic from anthropic_multimodal fileType since we support multiple providers now
🗂️ feat: Send Attachments Directly to Provider (Google) (#9100)
* feat: add validation for google PDFs and add google endpoint as a document supporting endpoint
* feat: add proper pdf formatting for google endpoints (requires PR #14 in agents)
* feat: add multimodal support for google endpoint attachments
* feat: add audio file svg
* fix: refactor attachments logic so multi-attachment messages work properly
* feat: add video file svg
* fix: allows for followup questions of uploaded multimodal attachments
* fix: remove incorrect final message filtering that was breaking Attachment component rendering
fix: manualy rename 'documents' to 'Documents' in git since it wasn't picked up due to case insensitivity in dir name
fix: add logic so filepicker for a google agent has proper filetype filtering
🛫 refactor: Move Encoding Logic to packages/api (#9182)
* refactor: move audio encode over to TS
* refactor: audio encoding now functional in LC again
* refactor: move video encode over to TS
* refactor: move document encode over to TS
* refactor: video encoding now functional in LC again
* refactor: document encoding now functional in LC again
* fix: extend file type options in AttachFileMenu to include 'google_multimodal' and update dependency array to include agent?.provider
* feat: only accept pdfs if responses api is enabled for openai convos
chore: address ESLint comments
chore: add missing audio mimetype
* fix: type safety for message content parts and improve null handling
* chore: reorder AttachFileMenuProps for consistency and clarity
* chore: import order in AttachFileMenu
* fix: improve null handling for text parts in parseTextParts function
* fix: remove no longer used unsupported capability error message for file uploads
* fix: OpenAI Direct File Attachment Format
* fix: update encodeAndFormatDocuments to support OpenAI responses API and enhance document result types
* refactor: broaden providers supported for documents
* feat: enhance DragDrop context and modal to support document uploads based on provider capabilities
* fix: reorder import statements for consistency in video encoding module
---------
Co-authored-by: Dustin Healy <54083382+dustinhealy@users.noreply.github.com>
* ⚙️ chore: Resolve Build Warning and `keyvMongo` types
* 🔄 chore: Update mongodb version to ^6.14.2 in package.json and package-lock.json
* chore: remove @langchain/openai dep
* 🔄 refactor: Change log level from warn to debug for missing endpoint config
* 🔄 refactor: Improve temp chat expiration date calculation in tests and implementation
* refactor: modularize openai llm config logic into new getOpenAILLMConfig function (#9412)
* ✈️ refactor: Migrate Anthropic's getLLMConfig to TypeScript (#9413)
* refactor: move tokens.js over to packages/api and update imports
* refactor: port tokens.js to typescript
* refactor: move helpers.js over to packages/api and update imports
* refactor: port helpers.js to typescript
* refactor: move anthropic/llm.js over to packages/api and update imports
* refactor: port anthropic/llm.js to typescript with supporting types in types/anthropic.ts and updated tests in llm.spec.js
* refactor: move llm.spec.js over to packages/api and update import
* refactor: port llm.spec.js over to typescript
* 📝 Add Prompt Parameter Support for Anthropic Custom Endpoints (#9414)
feat: add anthropic llm config support for openai-like (custom) endpoints
* fix: missed compiler / type issues from addition of getAnthropicLLMConfig
* refactor: update tokens.ts to export constants and functions, enhance type definitions, and adjust default values
* WIP: first pass, decouple `llmConfig` from `configOptions`
* chore: update import path for OpenAI configuration from 'llm' to 'config'
* refactor: enhance type definitions for ThinkingConfig and update modelOptions in AnthropicConfigOptions
* refactor: cleanup type, introduce openai transform from alt provider
* chore: integrate removeNullishValues in Google llmConfig and update OpenAI exports
* chore: bump version of @librechat/api to 1.3.5 in package.json and package-lock.json
* refactor: update customParams type in OpenAIConfigOptions to use TConfig['customParams']
* refactor: enhance transformToOpenAIConfig to include fromEndpoint and improve config extraction
* refactor: conform userId field for anthropic/openai, cleanup anthropic typing
* ci: add backward compatibility tests for getOpenAIConfig with various endpoints and configurations
* ci: replace userId with user in clientOptions for getLLMConfig
* test: add Azure OpenAI endpoint tests for various configurations in getOpenAIConfig
* refactor: defaultHeaders retrieval for prompt caching for anthropic-based custom endpoint (litellm)
* test: add unit tests for getOpenAIConfig with various Anthropic model configurations
* test: enhance Anthropic compatibility tests with addParams and dropParams handling
* chore: update @librechat/agents dependency to version 2.4.78 in package.json and package-lock.json
* chore: update @librechat/agents dependency to version 2.4.79 in package.json and package-lock.json
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
* refactor: resolve request-based headers for custom endpoints right before LLM request
* ci: clarify request-based header resolution in initializeClient test
* WIP: app.locals refactoring
WIP: appConfig
fix: update memory configuration retrieval to use getAppConfig based on user role
fix: update comment for AppConfig interface to clarify purpose
🏷️ refactor: Update tests to use getAppConfig for endpoint configurations
ci: Update AppService tests to initialize app config instead of app.locals
ci: Integrate getAppConfig into remaining tests
refactor: Update multer storage destination to use promise-based getAppConfig and improve error handling in tests
refactor: Rename initializeAppConfig to setAppConfig and update related tests
ci: Mock getAppConfig in various tests to provide default configurations
refactor: Update convertMCPToolsToPlugins to use mcpManager for server configuration and adjust related tests
chore: rename `Config/getAppConfig` -> `Config/app`
fix: streamline OpenAI image tools configuration by removing direct appConfig dependency and using function parameters
chore: correct parameter documentation for imageOutputType in ToolService.js
refactor: remove `getCustomConfig` dependency in config route
refactor: update domain validation to use appConfig for allowed domains
refactor: use appConfig registration property
chore: remove app parameter from AppService invocation
refactor: update AppConfig interface to correct registration and turnstile configurations
refactor: remove getCustomConfig dependency and use getAppConfig in PluginController, multer, and MCP services
refactor: replace getCustomConfig with getAppConfig in STTService, TTSService, and related files
refactor: replace getCustomConfig with getAppConfig in Conversation and Message models, update tempChatRetention functions to use AppConfig type
refactor: update getAppConfig calls in Conversation and Message models to include user role for temporary chat expiration
ci: update related tests
refactor: update getAppConfig call in getCustomConfigSpeech to include user role
fix: update appConfig usage to access allowedDomains from actions instead of registration
refactor: enhance AppConfig to include fileStrategies and update related file strategy logic
refactor: update imports to use normalizeEndpointName from @librechat/api and remove redundant definitions
chore: remove deprecated unused RunManager
refactor: get balance config primarily from appConfig
refactor: remove customConfig dependency for appConfig and streamline loadConfigModels logic
refactor: remove getCustomConfig usage and use app config in file citations
refactor: consolidate endpoint loading logic into loadEndpoints function
refactor: update appConfig access to use endpoints structure across various services
refactor: implement custom endpoints configuration and streamline endpoint loading logic
refactor: update getAppConfig call to include user role parameter
refactor: streamline endpoint configuration and enhance appConfig usage across services
refactor: replace getMCPAuthMap with getUserMCPAuthMap and remove unused getCustomConfig file
refactor: add type annotation for loadedEndpoints in loadEndpoints function
refactor: move /services/Files/images/parse to TS API
chore: add missing FILE_CITATIONS permission to IRole interface
refactor: restructure toolkits to TS API
refactor: separate manifest logic into its own module
refactor: consolidate tool loading logic into a new tools module for startup logic
refactor: move interface config logic to TS API
refactor: migrate checkEmailConfig to TypeScript and update imports
refactor: add FunctionTool interface and availableTools to AppConfig
refactor: decouple caching and DB operations from AppService, make part of consolidated `getAppConfig`
WIP: fix tests
* fix: rebase conflicts
* refactor: remove app.locals references
* refactor: replace getBalanceConfig with getAppConfig in various strategies and middleware
* refactor: replace appConfig?.balance with getBalanceConfig in various controllers and clients
* test: add balance configuration to titleConvo method in AgentClient tests
* chore: remove unused `openai-chat-tokens` package
* chore: remove unused imports in initializeMCPs.js
* refactor: update balance configuration to use getAppConfig instead of getBalanceConfig
* refactor: integrate configMiddleware for centralized configuration handling
* refactor: optimize email domain validation by removing unnecessary async calls
* refactor: simplify multer storage configuration by removing async calls
* refactor: reorder imports for better readability in user.js
* refactor: replace getAppConfig calls with req.config for improved performance
* chore: replace getAppConfig calls with req.config in tests for centralized configuration handling
* chore: remove unused override config
* refactor: add configMiddleware to endpoint route and replace getAppConfig with req.config
* chore: remove customConfig parameter from TTSService constructor
* refactor: pass appConfig from request to processFileCitations for improved configuration handling
* refactor: remove configMiddleware from endpoint route and retrieve appConfig directly in getEndpointsConfig if not in `req.config`
* test: add mockAppConfig to processFileCitations tests for improved configuration handling
* fix: pass req.config to hasCustomUserVars and call without await after synchronous refactor
* fix: type safety in useExportConversation
* refactor: retrieve appConfig using getAppConfig in PluginController and remove configMiddleware from plugins route, to avoid always retrieving when plugins are cached
* chore: change `MongoUser` typedef to `IUser`
* fix: Add `user` and `config` fields to ServerRequest and update JSDoc type annotations from Express.Request to ServerRequest
* fix: remove unused setAppConfig mock from Server configuration tests
* feat: Add conversation ID support to custom endpoint headers
- Add LIBRECHAT_CONVERSATION_ID to customUserVars when provided
- Pass conversation ID to header resolution for dynamic headers
- Add comprehensive test coverage
Enables custom endpoints to access conversation context using {{LIBRECHAT_CONVERSATION_ID}} placeholder.
* fix: filter out unresolved placeholders from headers (thanks @MrunmayS)
* feat: add support for request body placeholders in custom endpoint headers
- Add {{LIBRECHAT_BODY_*}} placeholders for conversationId, parentMessageId, messageId
- Update tests to reflect new body placeholder functionality
* refactor resolveHeaders
* style: minor styling cleanup
* fix: type error in unit test
* feat: add body to other endpoints
* feat: add body for mcp tool calls
* chore: remove changes that unnecessarily increase scope after clarification of requirements
* refactor: move http.ts to packages/api and have RequestBody intersect with Express request body
* refactor: processMCPEnv now uses single object argument pattern
* refactor: update processMCPEnv to use 'options' parameter and align types across MCP connection classes
* feat: enhance MCP connection handling with dynamic request headers to pass request body fields
---------
Co-authored-by: Gopal Sharma <gopalsharma@gopal.sharma1>
Co-authored-by: s10gopal <36487439+s10gopal@users.noreply.github.com>
Co-authored-by: Dustin Healy <dustinhealy1@gmail.com>
* 🛣️ fix: Remove Title Tokens Limit for GPT-5 Models
* 🛣️ fix: Remove max_completion_tokens from modelKwargs when maxTokens is disabled
* chore: Add test-image* to .gitignore for CI/CD data
* WIP: Verbosity OpenAI Parameter
* 🔧 chore: remove unused import of extractEnvVariable from parsers.ts
* ✨ feat: add comprehensive tests for getOpenAIConfig and enhance verbosity handling
* fix: Handling for maxTokens in GPT-5+ models and add corresponding tests
* feat: Implement GPT-5+ model handling in processMemory function
* refactor: prefer `agent.model` (user-facing value) over `agent.model_parameters.model` to ensure Azure mapping
* chore: update @librechat/agents to version 2.4.68 to use new default title prompt for completion title method
* 🏗️ refactor: Extract reasoning key logic into separate function
* refactor: Ensure `overrideProvider` is always defined in `getProviderConfig` result, and only used in `initializeAgent` if different from `agent.provider`
* feat: new title configuration options across services
- titlePrompt
- titleEndpoint
- titlePromptTemplate
- new "completion" titleMethod (new default)
* chore: update @librechat/agents and conform openai version to prevent SDK errors
* chore: add form-data package as a dependency and override to v4.0.4 to address CVE-2025-7783
* feat: add support for 'all' endpoint configuration in AppService and corresponding tests
* refactor: replace HttpsProxyAgent with ProxyAgent from undici for improved proxy handling in assistant initialization
* chore: update frontend review workflow to limit package paths to data-provider
* chore: update backend review workflow to include all package paths
* wip: first pass content strings
* 📦 chore: update @langchain/core to v0.3.62 for data-provider dev dep.
* 📦 chore: bump @langchain/core to v0.3.62 for api dep.
* 📦 chore: move @langchain/core to peerDependencies in package.json and package-lock.json
* fix: update formatContentStrings to create HumanMessage directly from formatted content
* chore: import order
* 🕒 refactor: Use Legacy Content for Custom Endpoints to Improve Compatibility
- Also applies to Azure serverless endpoints from AI Foundry
* chore: move useLegacyContent condition before early return
* fix: Ensure useLegacyContent is set only when options are available
* refactor: access control logic to TypeScript
* chore: Change EndpointURLs to a constant object for improved type safety
* 🐛 fix: Enhance agent access control by adding skipAgentCheck functionality
* 🐛 fix: Add endpointFileConfig prop to AttachFileMenu and update file handling logic
* 🐛 fix: Update tool handling logic to support optional groupedTools and improve null checks, add dedicated tool dialog for Assistants
* chore: Export Accordion component from UI index for improved modularity
* feat: Add ActivePanelContext for managing active panel state across components
* chore: Replace string IDs with EModelEndpoint constants for assistants and agents in useSideNavLinks
* fix: Integrate access checks for agent creation and deletion routes in actions.js
* feat: support thinking budget parameter for Gemini 2.5 series (#6949, #7542)
https://ai.google.dev/gemini-api/docs/thinking#set-budget
* refactor: update thinking budget minimum value to -1 for dynamic thinking
- see: https://ai.google.dev/gemini-api/docs/thinking#set-budget
* chore: bump @librechat/agents to v2.4.43
* refactor: rename LLMConfigOptions to OpenAIConfigOptions for clarity and consistency
- Updated type definitions and references in initialize.ts, llm.ts, and openai.ts to reflect the new naming convention.
- Ensured that the OpenAI configuration options are consistently used across the relevant files.
* refactor: port Google LLM methods to TypeScript Package
* chore: update @librechat/agents version to 2.4.43 in package-lock.json and package.json
* refactor: update thinking budget description for clarity and adjust placeholder in parameter settings
* refactor: enhance googleSettings default value for thinking budget to support dynamic adjustment
* chore: update @librechat/agents to v2.4.44 for Vertex Dynamic Thinking workaround
* refactor: rename google config function, update `createRun` types, use `reasoning` as `reasoningKey` for Google
* refactor: simplify placeholder handling in DynamicInput component
* refactor: enhance thinking budget description for clarity and allow automatic decision by setting to "-1"
* refactor: update text styling in OptionHover component for improved readability
* chore: update @librechat/agents dependency to v2.4.46 in package.json and package-lock.json
* chore: update @librechat/api version to 1.2.5 in package.json and package-lock.json
* refactor: enhance `clientOptions` handling by filtering `omitTitleOptions`, add `json` field for Google models
---------
Co-authored-by: ciffelia <15273128+ciffelia@users.noreply.github.com>
* 🔧 fix: enhance client options handling in AgentClient and set default recursion limit
- Updated the recursion limit to default to 25 if not specified in agentsEConfig.
- Enhanced client options in AgentClient to include model parameters such as apiKey and anthropicApiUrl from agentModelParams.
- Updated requestOptions in the anthropic endpoint to use reverseProxyUrl as anthropicApiUrl.
* Enhance LLM configuration tests with edge case handling
* chore add return type annotation for getCustomEndpointConfig function
* fix: update modelOptions handling to use optional chaining and default to empty object in multiple endpoint initializations
* chore: update @librechat/agents to version 2.4.42
* refactor: streamline agent endpoint configuration and enhance client options handling for title generations
- Introduced a new `getProviderConfig` function to centralize provider configuration logic.
- Updated `AgentClient` to utilize the new provider configuration, improving clarity and maintainability.
- Removed redundant code related to endpoint initialization and model parameter handling.
- Enhanced error logging for missing endpoint configurations.
* fix: add abort handling for image generation and editing in OpenAIImageTools
* ci: enhance getLLMConfig tests to verify fetchOptions and dispatcher properties
* fix: use optional chaining for endpointOption properties in getOptions
* fix: increase title generation timeout from 25s to 45s, pass `endpointOption` to `getOptions`
* fix: update file filtering logic in getToolFilesByIds to ensure text field is properly checked
* fix: add error handling for empty OCR results in uploadMistralOCR and uploadAzureMistralOCR
* fix: enhance error handling in file upload to include 'No OCR result' message
* chore: update error messages in uploadMistralOCR and uploadAzureMistralOCR
* fix: enhance filtering logic in getToolFilesByIds to include context checks for OCR resources to only include files directly attached to agent
---------
Co-authored-by: Matt Burnett <matt.burnett@shopify.com>
* 🗝️ feat: Per-User Credentials for MCP Servers
chore: add aider to gitignore
feat: fill custom variables to MCP server
feat: replace placeholders with custom user MCP variables
feat: handle MCP install/uninstall (uses pluginauths)
feat: add MCP custom variables dialog to MCPSelect
feat: add MCP custom variables dialog to the side panel
feat: do not require to fill MCP credentials for in tools dialog
feat: add translations keys (en+cs) for custom MCP variables
fix: handle LIBRECHAT_USER_ID correctly during MCP var replacement
style: remove unused MCP translation keys
style: fix eslint for MCP custom vars
chore: move aider gitignore to AI section
* feat: Add Plugin Authentication Methods to data-schemas
* refactor: Replace PluginAuth model methods with new utility functions for improved code organization and maintainability
* refactor: Move IPluginAuth interface to types directory for better organization and update pluginAuth schema to use the new import
* refactor: Remove unused getUsersPluginsAuthValuesMap function and streamline PluginService.js; add new getPluginAuthMap function for improved plugin authentication handling
* chore: fix typing for optional tools property with GenericTool[] type
* chore: update librechat-data-provider version to 0.7.88
* refactor: optimize getUserMCPAuthMap function by reducing variable usage and improving server key collection logic
* refactor: streamline MCP tool creation by removing customUserVars parameter and enhancing user-specific authentication handling to avoid closure encapsulation
* refactor: extract processSingleValue function to streamline MCP environment variable processing and enhance readability
* refactor: enhance MCP tool processing logic by simplifying conditions and improving authentication handling for custom user variables
* ci: fix action tests
* chore: fix imports, remove comments
* chore: remove non-english translations
* fix: remove newline at end of translation.json file
---------
Co-authored-by: Aleš Kůtek <kutekales@gmail.com>
* 🧹 chore: Remove Comments and Cleanup base64 handling for Azure Mistral OCR
* chore: Remove unnecessary await from MCP instructions formatting in AgentClient
* ci: Update document_url regex in MistralOCR tests to support PDF format
* chore: linting in mcp.spec.ts
* chore: linting in mcp.ts
* feat(mcp): support dynamic user field placeholders in MCP environment variables
- Added user object handling in MCP options, allowing for dynamic user field processing in environment variables, headers, and URLs.
- Updated `processMCPEnv` to utilize user fields for more flexible configurations.
* chore: update backend review workflow to include unit tests for @librechat/data-schemas
* 🧠 feat: User Memories for Conversational Context
chore: mcp typing, use `t`
WIP: first pass, Memories UI
- Added MemoryViewer component for displaying, editing, and deleting user memories.
- Integrated data provider hooks for fetching, updating, and deleting memories.
- Implemented pagination and loading states for better user experience.
- Created unit tests for MemoryViewer to ensure functionality and interaction with data provider.
- Updated translation files to include new UI strings related to memories.
chore: move mcp-related files to own directory
chore: rename librechat-mcp to librechat-api
WIP: first pass, memory processing and data schemas
chore: linting in fileSearch.js query description
chore: rename librechat-api to @librechat/api across the project
WIP: first pass, functional memory agent
feat: add MemoryEditDialog and MemoryViewer components for managing user memories
- Introduced MemoryEditDialog for editing memory entries with validation and toast notifications.
- Updated MemoryViewer to support editing and deleting memories, including pagination and loading states.
- Enhanced data provider to handle memory updates with optional original key for better management.
- Added new localization strings for memory-related UI elements.
feat: add memory permissions management
- Implemented memory permissions in the backend, allowing roles to have specific permissions for using, creating, updating, and reading memories.
- Added new API endpoints for updating memory permissions associated with roles.
- Created a new AdminSettings component for managing memory permissions in the frontend.
- Integrated memory permissions into the existing roles and permissions schemas.
- Updated the interface to include memory settings and permissions.
- Enhanced the MemoryViewer component to conditionally render admin settings based on user roles.
- Added localization support for memory permissions in the translation files.
feat: move AdminSettings component to a new position in MemoryViewer for better visibility
refactor: clean up commented code in MemoryViewer component
feat: enhance MemoryViewer with search functionality and improve MemoryEditDialog integration
- Added a search input to filter memories in the MemoryViewer component.
- Refactored MemoryEditDialog to accept children for better customization.
- Updated MemoryViewer to utilize the new EditMemoryButton and DeleteMemoryButton components for editing and deleting memories.
- Improved localization support by adding new strings for memory filtering and deletion confirmation.
refactor: optimize memory filtering in MemoryViewer using match-sorter
- Replaced manual filtering logic with match-sorter for improved search functionality.
- Enhanced performance and readability of the filteredMemories computation.
feat: enhance MemoryEditDialog with triggerRef and improve updateMemory mutation handling
feat: implement access control for MemoryEditDialog and MemoryViewer components
refactor: remove commented out code and create runMemory method
refactor: rename role based files
feat: implement access control for memory usage in AgentClient
refactor: simplify checkVisionRequest method in AgentClient by removing commented-out code
refactor: make `agents` dir in api package
refactor: migrate Azure utilities to TypeScript and consolidate imports
refactor: move sanitizeFilename function to a new file and update imports, add related tests
refactor: update LLM configuration types and consolidate Azure options in the API package
chore: linting
chore: import order
refactor: replace getLLMConfig with getOpenAIConfig and remove unused LLM configuration file
chore: update winston-daily-rotate-file to version 5.0.0 and add object-hash dependency in package-lock.json
refactor: move primeResources and optionalChainWithEmptyCheck functions to resources.ts and update imports
refactor: move createRun function to a new run.ts file and update related imports
fix: ensure safeAttachments is correctly typed as an array of TFile
chore: add node-fetch dependency and refactor fetch-related functions into packages/api/utils, removing the old generators file
refactor: enhance TEndpointOption type by using Pick to streamline endpoint fields and add new properties for model parameters and client options
feat: implement initializeOpenAIOptions function and update OpenAI types for enhanced configuration handling
fix: update types due to new TEndpointOption typing
fix: ensure safe access to group parameters in initializeOpenAIOptions function
fix: remove redundant API key validation comment in initializeOpenAIOptions function
refactor: rename initializeOpenAIOptions to initializeOpenAI for consistency and update related documentation
refactor: decouple req.body fields and tool loading from initializeAgentOptions
chore: linting
refactor: adjust column widths in MemoryViewer for improved layout
refactor: simplify agent initialization by creating loadAgent function and removing unused code
feat: add memory configuration loading and validation functions
WIP: first pass, memory processing with config
feat: implement memory callback and artifact handling
feat: implement memory artifacts display and processing updates
feat: add memory configuration options and schema validation for validKeys
fix: update MemoryEditDialog and MemoryViewer to handle memory state and display improvements
refactor: remove padding from BookmarkTable and MemoryViewer headers for consistent styling
WIP: initial tokenLimit config and move Tokenizer to @librechat/api
refactor: update mongoMeili plugin methods to use callback for better error handling
feat: enhance memory management with token tracking and usage metrics
- Added token counting for memory entries to enforce limits and provide usage statistics.
- Updated memory retrieval and update routes to include total token usage and limit.
- Enhanced MemoryEditDialog and MemoryViewer components to display memory usage and token information.
- Refactored memory processing functions to handle token limits and provide feedback on memory capacity.
feat: implement memory artifact handling in attachment handler
- Enhanced useAttachmentHandler to process memory artifacts when receiving updates.
- Introduced handleMemoryArtifact utility to manage memory updates and deletions.
- Updated query client to reflect changes in memory state based on incoming data.
refactor: restructure web search key extraction logic
- Moved the logic for extracting API keys from the webSearchAuth configuration into a dedicated function, getWebSearchKeys.
- Updated webSearchKeys to utilize the new function for improved clarity and maintainability.
- Prevents build time errors
feat: add personalization settings and memory preferences management
- Introduced a new Personalization tab in settings to manage user memory preferences.
- Implemented API endpoints and client-side logic for updating memory preferences.
- Enhanced user interface components to reflect personalization options and memory usage.
- Updated permissions to allow users to opt out of memory features.
- Added localization support for new settings and messages related to personalization.
style: personalization switch class
feat: add PersonalizationIcon and align Side Panel UI
feat: implement memory creation functionality
- Added a new API endpoint for creating memory entries, including validation for key and value.
- Introduced MemoryCreateDialog component for user interface to facilitate memory creation.
- Integrated token limit checks to prevent exceeding user memory capacity.
- Updated MemoryViewer to include a button for opening the memory creation dialog.
- Enhanced localization support for new messages related to memory creation.
feat: enhance message processing with configurable window size
- Updated AgentClient to use a configurable message window size for processing messages.
- Introduced messageWindowSize option in memory configuration schema with a default value of 5.
- Improved logic for selecting messages to process based on the configured window size.
chore: update librechat-data-provider version to 0.7.87 in package.json and package-lock.json
chore: remove OpenAPIPlugin and its associated tests
chore: remove MIGRATION_README.md as migration tasks are completed
ci: fix backend tests
chore: remove unused translation keys from localization file
chore: remove problematic test file and unused var in AgentClient
chore: remove unused import and import directly for JSDoc
* feat: add api package build stage in Dockerfile for improved modularity
* docs: reorder build steps in contributing guide for clarity
* WIP: search tool integration
* WIP: Add web search capabilities and API key management to agent actions
* WIP: web search capability to agent configuration and selection
* WIP: Add web search capability to backend agent configuration
* WIP: add web search option to default agent form values
* WIP: add attachments for web search
* feat: add plugin for processing web search citations
* WIP: first pass, Citation UI
* chore: remove console.log
* feat: Add AnimatedTabs component for tabbed UI functionality
* refactor: AnimatedTabs component with CSS animations and stable ID generation
* WIP example content
* feat: SearchContext for managing search results apart from MessageContext
* feat: Enhance AnimatedTabs with underline animation and state management
* WIP: first pass, Implement dynamic tab functionality in Sources component with search results integration
* fix: Update class names for improved styling in Sources and AnimatedTabs components
* feat: Improve styling and layout in Sources component with enhanced button and item designs
* feat: Refactor Sources component to integrate OGDialog for source display and improve layout
* style: Update background color in SourceItem and SourcesGroup components for improved visibility
* refactor: Sources component to enhance SourceItem structure and improve favicon handling
* style: Adjust font size of domain text in SourceItem for better readability
* feat: Add localization for citation source and details in CompositeCitation component
* style: add theming to Citation components
* feat: Enhance SourceItem component with dialog support and improved hovercard functionality
* feat: Add localization for sources tab and image alt text in Sources component
* style: Replace divs with spans for better semantic structure in CompositeCitation and Citation components
* refactor: Sources component to use useMemo for tab generation and improve performance
* chore: bump @librechat/agents to v2.4.318
* chore: update search result types
* fix: search results retrieval in ContentParts component, re-render attachments when expected
* feat: update sources style/types to use latest search result structure
* style: enhance Dialog (expanded) SourceItem component with link wrapping and improved styling
* style: update ImageItem component styling for improved title visibility
* refactor: remove SourceItemBase component and adjust SourceItem layout for improved styling
* chore: linting twcss order
* fix: prevent FileAttachment from rendering search attachments
* fix: append underscore to responseMessageId for unique identification to prevent mapping of previous latest message's attachments
* chore: remove unused parameter 'useSpecs' from loadTools function
* chore: twcss order
* WIP: WebSearch Tool UI
* refactor: add limit parameter to StackedFavicons for customizable source display
* refactor: optimize search results memoization by making more granular and separate conerns
* refactor: integrated StackedFavicons to WebSearch mid-run
* chore: bump @librechat/agents to expose handleToolCallChunks
* chore: use typedefs from dedicated file instead of defining them in AgentClient module
* WIP: first pass, search progress results
* refactor: move createOnSearchResults function to a dedicated search module
* chore: bump @librechat/agents to v2.4.320
* WIP: first pass, search results processed UX
* refactor: consolidate context variables in createOnSearchResults function
* chore: bump @librechat/agents to v2.4.321
* feat: add guidelines for web search tool response formatting in loadTools function
* feat: add isLast prop to Part component and update WebSearch logic for improved state handling
* style: update Hovercard styles for improved UI consistency
* feat: export FaviconImage component for improved accessibility in other modules
* refactor: export getCleanDomain function and use FaviconImage in Citation component for improved source representation
* refactor: implement SourceHovercard component for consistency and DRY compliance
* fix: replace <p> with <span> for snippet and title in SourceItem and SourceHovercard for consistency
* style: `not-prose`
* style: remove 'not-prose' class for consistency in SourceItem, Citation, and SourceHovercard components, adjust style classes
* refactor: `imageUrl` on hover and prevent duplicate sources
* refactor: enhance SourcesGroup dialog layout and improve source item presentation
* refactor: reorganize Web Components, save in same directory
* feat: add 'news' refType to refTypeMap for citation sources
* style: adjust Hovercard width for improved layout
* refactor: update tool usage guidelines for improved clarity and execution
* chore: linting
* feat: add Web Search badge with initial permissions and local storage logic
* feat: add webSearch support to interface and permissions schemas
* feat: implement Web Search API key management and localization updates
* feat: refactor Web Search API key handling and integrate new search API key form
* fix: remove unnecessary visibility state from FileAttachment component
* feat: update WebSearch component to use Globe icon and localized search label
* feat: enhance ApiKeyDialog with dropdown for reranker selection and update translations
* feat: implement dropdown menus for engine, scraper, and reranker selection in ApiKeyDialog
* chore: linting and add unknown instead of `any` type
* feat: refactor ApiKeyDialog and useAuthSearchTool for improved API key management
* refactor: update ocrSchema to use template literals for default apiKey and baseURL
* feat: add web search configuration and utility functions for environment variable extraction
* fix: ensure filepath is defined before checking its prefix in useAttachmentHandler
* feat: enhance web search functionality with improved configuration and environment variable extraction for authFields
* fix: update auth type in TPluginAction and TUpdateUserPlugins to use Partial<Record<string, string>>
* feat: implement web search authentication verification and enhance webSearchAuth structure
* feat: enhance ephemeral agent handling with new web search capability and type definition
* feat: enhance isEphemeralAgent function to include web search selection
* feat: refactor verifyWebSearchAuth to improve key handling and authentication checks
* feat: implement loadWebSearchAuth function for improved web search authentication handling
* feat: enhance web search authentication with new configuration options and refactor related types
* refactor: rename search engine to search provider and update related localization keys
* feat: update verifyWebSearchAuth to handle multiple authentication types and improve error handling
* feat: update ApiKeyDialog to accept authTypes prop and remove isUserProvided check
* feat: add tests for extractWebSearchEnvVars and loadWebSearchAuth functions
* feat: enhance loadWebSearchAuth to support specific service checks for providers, scrapers, and rerankers
* fix: update web search configuration key and adjust auth result handling in loadTools function
* feat: add new progress key for repeated web searching and update localization
* chore: bump @librechat/agents to 2.4.322
* feat: enhance loadTools function to include ISO time and improve search tool logging
* feat: update StackedFavicons to handle negative start index and improve citation attribution styling and text
* chore: update .gitignore to categorize AI-related files
* fix: mobile responsiveness of sources/citations hovercards
* feat: enhance source display with improved line clamping for better readability
* chore: bump @librechat/agents to v2.4.33
* feat: add handling for image sources in references mapping
* chore: bump librechat-data-provider version to 0.7.84
* chore: bump @librechat/agents version to 2.4.34
* fix: update auth handling to support multiple auth types in tools and allow key configuration in agent panel
* chore: remove redundant agent attribution text from search form
* fix: web search auth uninstall
* refactor: convert CheckboxButton to a forwardRef component and update setValue callback signature
* feat: add triggerRef prop to ApiKeyDialog components for improved dialog control
* feat: integrate triggerRef in CodeInterpreter and WebSearch components for enhanced dialog management
* feat: enhance ApiKeyDialog with additional links for Firecrawl and Jina API key guidance
* feat: implement web search configuration handling in ApiKeyDialog and add tests for dropdown visibility
* fix: update webSearchConfig reference in config route for correct payload assignment
* feat: update ApiKeyDialog to conditionally render sections based on authTypes and modify loadWebSearchAuth to correctly categorize authentication types
* feat: refactor ApiKeyDialog and related tests to use SearchCategories and RerankerTypes enums and remove nested ternaries
* refactor: move ThinkingButton rendering to improve layout consistency in ContentParts
* feat: integrate search context into Markdown component to conditionally include unicodeCitation plugin
* chore: bump @librechat/agents to v2.4.35
* chore: remove unused 18n key
* ci: add WEB_SEARCH permission testing and update AppService tests for new webSearch configuration
* ci: add more comprehensive tests for loadWebSearchAuth to validate authentication handling and authTypes structure
* chore: remove debugging console log from web.spec.ts to clean up test output
* fix: Update Gemini 2.5 Pro Preview Model Name in Token Values
* refactor: Update DeleteButton to close menu when deletion is successful
* refactor: Add unmountOnHide prop to DropdownPopup in multiple components
* chore: linting
* chore: linting
* feat: Add `chatMenu` option for MCP Servers to control visibility in MCPSelect dropdown
* refactor: Update loadManifestTools to return combined tool manifest with MCP tools first
* chore: remove deprecated openapi plugins
* chore: linting
* chore(AgentClient): linting, remove unnecessary `checkVisionRequest` logger
* refactor(AuthService): change logoutUser logging from error to debug level
* chore: new Gemini models token values and rates
* chore(AskController): linting
