LibreChat

Andreas/LibreChat

Fork 0

mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-17 17:00:15 +01:00

Commit graph

Author	SHA1	Message	Date
Danny Avila	972402e029	🛡️ : Security Enhancements (#1681 ) * fix: sanitize HTTP params and do not send whole error objects backs * fix: prevent path traversal * fix: send custom error message for tokenizer route * chore: handle info exposure vector * chore(oauth): skip check due to false positive as oauth routes are rate-limited * chore(app): disable `x-powered-by` * chore: disable false positives or flagging of hardcoded secrets when they are fake values * chore: add path traversal safety check	2024-01-30 14:34:02 -05:00
Danny Avila	1378eb5097	fix: Allow Latin-based Special Characters in Username (#969 ) * fix: username validation * fix: add data-testid to fix e2e workflow	2023-09-18 16:57:12 -04:00
Danny Avila	b3afd562b9	chore: Remove Unused Dependencies 🧹 (#939 ) * chore: cleanup client depend 🧹 * chore: replace joi with zod and remove unused user validator * chore: move dep from root to api, cleanup other unused api deps * chore: remove unused dev dep * chore: update bun lockfile * fix: bun scripts * chore: add bun flag to update script * chore: remove legacy webpack + babel dev deps * chore: add back dev deps needed for frontend unit testing * fix(validators): make schemas as expected and more robust with a full test suite of edge cases * chore: remove axios from root package, remove path from api, update bun	2023-09-14 15:12:22 -04:00

Author

SHA1

Message

Date

Danny Avila

972402e029

🛡️ : Security Enhancements (#1681 )

* fix: sanitize HTTP params and do not send whole error objects backs

* fix: prevent path traversal

* fix: send custom error message for tokenizer route

* chore: handle info exposure vector

* chore(oauth): skip check due to false positive as oauth routes are rate-limited

* chore(app): disable `x-powered-by`

* chore: disable false positives or flagging of hardcoded secrets when they are fake values

* chore: add path traversal safety check

2024-01-30 14:34:02 -05:00

Danny Avila

1378eb5097

fix: Allow Latin-based Special Characters in Username (#969 )

* fix: username validation

* fix: add data-testid to fix e2e workflow

2023-09-18 16:57:12 -04:00

Danny Avila

b3afd562b9

chore: Remove Unused Dependencies 🧹 (#939 )

* chore: cleanup client depend 🧹

* chore: replace joi with zod and remove unused user validator

* chore: move dep from root to api, cleanup other unused api deps

* chore: remove unused dev dep

* chore: update bun lockfile

* fix: bun scripts

* chore: add bun flag to update script

* chore: remove legacy webpack + babel dev deps

* chore: add back dev deps needed for frontend unit testing

* fix(validators): make schemas as expected and more robust with a full test suite of edge cases

* chore: remove axios from root package, remove path from api, update bun

2023-09-14 15:12:22 -04:00

3 commits