* chore(store/families): linting
* refactor: Update `createChatSearchParams` to use `tQueryParamsSchema` for allowed parameters and add `modelLabel` to schema
* refactor: Enhance `useQueryParams` to streamline parameter processing and improve submission handling
* chore: linting
* fix: Add `disableParams` option to conversation handling and related schemas to prevent search params from updating due to use of default preset
* fix: Update `createChatSearchParams` to correctly ignore `agent_id` when it matches `EPHEMERAL_AGENT_ID`
* chore: revert modelLabel addition to query params, as no longer necessary due to `disableParams`
* fix: Refine logic for `disableParams` to ensure correct handling of active preset comparison
* fix: Add `disableParams` option to `NewConversationParams` and update related hooks for preset handling
* fix: Refactor validation logic in `validateSettingDefinitions` to improve handling of `includeInput` and update conversation schema
* fix: Bump version of `librechat-data-provider` to 0.7.83
* 🔒 feat: Add Content Security Policy using Helmet middleware
* 🔒 feat: Set trust proxy and refine Content Security Policy directives
* 🎨 feat: add `copy-tex` to improve copying KaTeX (#7308)
When selecting equations and using copy paste, uses the correct latex code.
Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com>
* 🔃 refactor: `AgentFooter` to conditionally render buttons based on `activePanel` (#7306)
* 🚀 feat: Add `Cloudflare Turnstile` support (#5987)
* 🚀 feat: Add @marsidev/react-turnstile dependency to package.json and package-lock.json
* 🚀 feat: Integrate Cloudflare Turnstile configuration support in AppService and add schema validation
* 🚀 feat: Implemented Cloudflare Turnstile integration in Login and Registration forms
* 🚀 feat: Enhance AppService tests with additional mocks and configuration setups
* 🚀 feat: Comment out outdated config version warning tests in AppService.spec.js
* 🚀 feat: Remove outdated warning tests and add new checks for environment variables and API health
* 🔧 test: Update AppService.spec.js to use expect.anything() for paths validation
* 🔧 test: Refactor AppService.spec.js to streamline mocks and enhance clarity
* 🔧 chore: removed not needed test
* Potential fix for code scanning alert no. 5638: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Potential fix for code scanning alert no. 5629: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Potential fix for code scanning alert no. 5642: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Update turnstile.js
* Potential fix for code scanning alert no. 5634: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Potential fix for code scanning alert no. 5646: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Potential fix for code scanning alert no. 5647: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---------
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* 🔒 feat: Refactor Content Security Policy setup to use Helmet middleware with custom directives
* 🔒 feat: Enhance Content Security Policy to include Sandpack Bundler URL
* 🔒 feat: Update Content Security Policy and integrate Turnstile captcha support
---------
Co-authored-by: andresgit <9771158+andresgit@users.noreply.github.com>
Co-authored-by: matt burnett <mawburn@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* chore: linting for mcp related modules
* fix: update `isConnected` method to return a Promise and handle connection state asynchronously to properly handle/cleanup disconnected user connections
* 🚀 feat: Add @marsidev/react-turnstile dependency to package.json and package-lock.json
* 🚀 feat: Integrate Cloudflare Turnstile configuration support in AppService and add schema validation
* 🚀 feat: Implemented Cloudflare Turnstile integration in Login and Registration forms
* 🚀 feat: Enhance AppService tests with additional mocks and configuration setups
* 🚀 feat: Comment out outdated config version warning tests in AppService.spec.js
* 🚀 feat: Remove outdated warning tests and add new checks for environment variables and API health
* 🔧 test: Update AppService.spec.js to use expect.anything() for paths validation
* 🔧 test: Refactor AppService.spec.js to streamline mocks and enhance clarity
* 🔧 chore: removed not needed test
* Potential fix for code scanning alert no. 5638: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Potential fix for code scanning alert no. 5629: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Potential fix for code scanning alert no. 5642: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Update turnstile.js
* Potential fix for code scanning alert no. 5634: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Potential fix for code scanning alert no. 5646: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Potential fix for code scanning alert no. 5647: Ensure code is properly formatted, use insertion, deletion, or replacement to obtain desired formatting.
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---------
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* 🌍 i18n: Add Danish and Czech localization support
* 🌍 i18n: Correct Czech language code from 'sc-CZ' to 'cs-CZ'
* 🌍 i18n: Add Catalan localization support
* chore: temporarily remove @librechat/agents
* chore: bump @langchain/google-genai to v0.2.8
* chore: bump @langchain/google-vertexai to v0.2.8
* chore: bump @langchain/core to v0.3.55
* chore: bump @librechat/agents to v2.4.316
* chore: bump @librechat/agents to v2.4.317
* chore: update title for Unreleased Changelog PR to include documentation emoji
* chore: add workflow_dispatch trigger and update Pull Request title for changelog
* ✨ v0.7.8
* chore: bump data-provider to v0.7.82
* chore: update CONFIG_VERSION to 1.2.5
* chore: bump librechat-mcp version to 1.2.2
* chore: bump @librechat/data-schemas version to 0.0.7
Without this, it's not possible to run any MCPs that use python, only node.
So, add these to enable using things that use `uvx` similar to what
the documentation already talks about for `npx`.
* fix: Update Gemini 2.5 Pro Preview Model Name in Token Values
* refactor: Update DeleteButton to close menu when deletion is successful
* refactor: Add unmountOnHide prop to DropdownPopup in multiple components
* chore: linting
* chore: linting
* feat: Add `chatMenu` option for MCP Servers to control visibility in MCPSelect dropdown
* refactor: Update loadManifestTools to return combined tool manifest with MCP tools first
* chore: remove deprecated openapi plugins
* chore: linting
* chore(AgentClient): linting, remove unnecessary `checkVisionRequest` logger
* refactor(AuthService): change logoutUser logging from error to debug level
* chore: new Gemini models token values and rates
* chore(AskController): linting
* 🔄 fix: Include usage in stream options for OpenAI and Azure endpoints
* fix: Agents support for Azure serverless endpoints
* fix: Refactor condition for assistants and azureAssistants endpoint handling
* AWS Titan via Bedrock: model doesn't support system messages, Closes#6456
* fix: Add EndpointSchemaKey type to endpoint parameters in buildDefaultConvo and ensure assistantId is always defined
* fix: Handle new conversation state for assistants endpoint in finalHandler
* fix: Add spec and iconURL parameters to `saveAssistantMessage` to persist modelSpec fields
* fix: Handle assistant unlinking even if no valid files to delete
* chore: move type definitions from callbacks.js to typedefs.js
* chore: Add StandardGraph typedef to typedefs.js
* chore: Update parameter type for graph in ModelEndHandler to StandardGraph
---------
Co-authored-by: Andres Restrepo <andres@enric.ai>
This pull request updates the GOOGLE_MODELS and GOOGLE_TITLE_MODEL examples in the .env.example file to reflect the currently available models on Google AI Studio (Gemini API) and Vertex AI.
Many of the models previously listed in the example file have since been deprecated or are no longer the primary recommended versions. This discrepancy could lead to confusion for new users setting up the project, potentially causing them to select non-functional or outdated model identifiers, resulting in errors or suboptimal performance.
The changes in this PR ensure that:
- The model lists for both Gemini API (AI Studio) and Vertex AI are synchronized with the current offerings.
- New users have a more accurate and reliable starting point when configuring their environment.
- The likelihood of encountering issues due to deprecated model names during initial setup is significantly reduced.
* feat: expose additional Tavily API parameters for tool
The following parameters are part of Tavily API but were previously not exposed for agents to use via the tool. Now they are. The source documentation is here: https://docs.tavily.com/documentation/api-reference/endpoint/search
include_raw_content - returns the full text of found web pages (default is false)
include_domains - limit search to this list of domains (default is none)
exclude_domains - exclude this list of domains form search (default is none)
topic - enum of "general", "news", or "finance" (default is "general")
time_range - enum of "day", "week", "month", or "year" (default unlimited)
days - number of days to search (default is 7, but only applicable to topic == "news")
include_image_descriptions - include a description of the image in the search results (default is false)
It is a little odd that they have both time_range and days, but there it is.
I have noticed that this change requires a little bit of care in prompting to make sure that it doesn't use "news" when you wanted "general". I've attemtped to hint that in the tool description.
* correct lint error
* more lint
---------
Co-authored-by: Michael Natkin <michaeln@glowforge.com>
* Fix: Prevent side effects in `processMCPEnv` by deep cloning MCPOptions
The `processMCPEnv` function was modifying the original `MCPOptions` object, leading to unintended side effects where `LIBRECHAT_USER_ID` could be incorrectly shared across different users. This commit addresses this issue by performing a deep clone of the `MCPOptions` object before processing, ensuring that modifications are isolated and do not affect other users.
* ci: Add tests for processMCPEnv to ensure deep cloning, user ID isolation and environment variable processing
---------
Co-authored-by: Alex C <viennadd@users.noreply.github.com>
* refactor: add custom to as workaround to include custom headers to the initial connection request
* chore: bump MCP client version to 1.2.1 in package-lock and package.json for librechat-mcp
* fix: no system message only for o1-preview and o1-mini
* chore(OpenAIClient): linting
* fix: update regex to include o1-preview and o1-mini in noSystemModelRegex
* refactor: rename variable for consistency with AgentClient
---------
Co-authored-by: Andres <9771158+andresgit@users.noreply.github.com>
* refactor: Enhance initial conversation query condition for better state management and prevent unused network requests
* ifx: Add Prettier plugin to ESLint configuration
* chore: linting and typing in convos.spec.ts
* fix: add back fresh data fetching and improve error handling for conversation navigation
* fix: set conversation only with conversation state change intent, to prevent double queries for messages
* 🔄 chore: Update @langchain/google-vertexai to version 0.2.5 in package.json and package-lock.json
* chore: temp remove agents
* 🔄 chore: Update @langchain/google-genai to version 0.2.5 in package.json and package-lock.json
* 🔄 chore: Update @langchain/community to version 0.3.42 in package.json and package-lock.json
* 🔄 chore: Add license information for @langchain/textsplitters in package-lock.json
* 🔄 chore: Update @langchain/core to version 0.3.51 in package.json and package-lock.json
* 🔄 chore: Update openai dependency to version 4.96.2 in package.json and package-lock.json
* chore: @librechat/agents to v2.4.30
* fix: streaming condition in ModelEndHandler to account for boundModel `disableStreaming` setting
* fix: update regex for noSystemModel and refactor message handling in AgentClient
* feat: Google Gemma models
* chore: remove unnecessary empty JSX fragment in PopoverButtons component
* 🔄 chore: bump supertest to 7.1.0, resolves CVE-2025-46653
* 🔄 chore: update vite to version 6.3.4 and add fdir, picomatch, and tinyglobby as dev dependencies
* 🔄 chore: npm audit fix: remove unused dependencies fdir, picomatch, and tinyglobby from package-lock.json
* fix: Reset artifacts on unmount and remove useIdChangeEffect hook
* feat: Replace SVG icons with Lucide icons for improved consistency
* fix: Refactor artifact reset logic on unmount and conversation change
* refactor: Rename artifactsVisible to artifactsVisibility for consistency
* feat: Replace custom SVG icons with Lucide icons for improved consistency
* feat: Add visibleArtifacts atom for managing visibility state
* feat: Implement debounced visibility state management for artifacts
* refactor: Add useIdChangeEffect hook to reset visible artifacts on conversation ID change
* refactor: Remove unnecessary dependency from useMemo in TextPart component
* refactor: Enhance artifact visibility management by incorporating location checks for search path
* refactor: Improve transition effects for artifact visibility in Artifacts component
* chore: Remove preprocessCodeArtifacts function and related tests
* fix: Update regex for detecting enclosed artifacts in latest message
* refactor: Update artifact visibility checks to be more generic (not just search)
* chore: Enhance artifact visibility logging
* refactor: Extract closeArtifacts function to improve button click handling
* refactor: remove nested logic from use artifacts effect
* refactor: Update regex for detecting enclosed artifacts to handle new line variations
* refactor: Replace Popover with Ariakit components for improved accessibility and UX
* wip: first pass, fork a11y
* feat(i18n): Add localization for fork options and related UI elements
* fix: Ensure Dropdown component has correct z-index for proper layering
* style: Update Fork PopoverButton styles and remove unused sideOffset prop
* style: Update text colors and spacing in Fork component for improved readability
* style: Enhance Fork component's UI by adding select-none class to prevent text selection
* chore: Remove unused Checkbox import from Fork component
* fix: Add sr-only span for accessibility in SplitText component
* chore: Reorder imports in Fork component for better organization
* refactor: Update schema conversion to allow nullable optional fields
* feat: Add support for 'Deepseek' model in response sender logic
* fix: Normalize endpoint case for legacy content handling in AgentClient (fixes `deepseek-chat` followup issues)
* wip: Add Instructions component for agent configuration
* ✨ feat: Implement DropdownPopup for variable insertion in instructions
* refactor: Enhance variable handling by exporting specialVariables and updating Markdown components
* feat: Add special variable support for current date and user in Instructions component
* refactor: Update handleAddVariable to include localized label
* feat: replace special variables in instructions presets
* chore: update parameter type for user in getListAgents function
* refactor: integrate dayjs for date handling and move replaceSpecialVars function to data-provider
* feat: enhance replaceSpecialVars to include day number in current date format
* feat: integrate replaceSpecialVars for processing agent instructions
* feat: add support for current date & time in replaceSpecialVars function
* feat: add iso_datetime support in replaceSpecialVars function
* fix: enforce text parameter to be a required field in replaceSpecialVars function
* feat: add ISO datetime support in translation file
* fix: disable eslint warning for autoFocus in TextareaAutosize component
* feat: add VariablesDropdown component and integrate it into CreatePromptForm and PromptEditor; update translation for special variables
* fix: CategorySelector and related localizations
* fix: add z-index class to LanguageSTTDropdown for proper stacking context
* fix: add max-height and overflow styles to OGDialogContent in VariableDialog and PreviewPrompt components
* fix: update variable detection logic to exclude special variables and improve regex matching
* fix: improve accessibility text for actions menu in ChatGroupItem component
* fix: adjust max-width and height styles for dialog components and improve markdown rendering for light vs. dark, height/widths, etc.
* fix: remove commented-out code for better readability in PromptVariableGfm component
* fix: handle undefined input parameter in setParams function call
* fix: update variable label types to use TSpecialVarLabel for consistency
* fix: remove outdated information from special variables description in translation file
* fix: enhance unused i18next keys detection for special variable keys
* fix: update color classes for consistency/a11y in category and prompt variable components
* fix: update PromptVariableGfm component and special variable styles for consistency
* fix: improve variable highlighting logic in VariableForm component
* fix: update background color classes for consistency in VariableForm component
* fix: add missing ref parameter to Dialog component in OriginalDialog
* refactor: move navigate call for new conversation to after setConversation update
* refactor: move message query hook to client workspace; fix: handle edge case for navigation from finalHandler creating race condition for response message DB save
* chore: bump librechat-data-provider to 0.7.793
* ci: add unit tests for replaceSpecialVars function
* fix: implement getToolkitKey function for image_gen_oai toolkit filtering/including
* ci: enhance dayjs mock for consistent date/time values in tests
* fix: MCP stdio server fail to start when passing env property
* fix: use optional chaining for clientRef dereferencing in AskController and EditController
feat: add context to saveMessage call in streamResponse utility
* fix: only save error messages if the userMessageId was initialized
* refactor: add isNotAppendable check to disable inputs in ChatForm and useTextarea
* feat: enhance error handling in useEventHandlers and update conversation state in useNewConvo
* refactor: prepend underscore to conversationId in newConversation template
* feat: log aborted conversations with minimal messages and use consistent conversationId generation
---------
Co-authored-by: Olivier Schiavo <olivier.schiavo@wengo.com>
Co-authored-by: aka012 <aka012@neowiz.com>
Co-authored-by: jiasheng <jiashengguo@outlook.com>
* chore: fix logging for illegal target endpoints in getEndpointFromSetup
* fix: prevent querying agent by ID for ephemeral agents
* refactor: reorder variable declarations in MessagesView for clarity
* fix: localize 'nothing found' message in MessagesView
* refactor: streamline navigation logic and enhance loading spinner component in ChatView
* refactor: simplify loading spinner logic in ChatView component
* fix: ensure message queries are invalidated after new conversation creation in HeaderNewChat, MobileNav, and NewChat components
* 🐛 First run dev mode will have error occur.
🐛 First run dev mode will have error occur.
* fix font-size localstorage presist bug
* Don't ping meilisearch if the search is disabled via env var
* simplify logic in search/enable endpoint
* refactor: simplify enable endpoint condition check
* feat: add useIdChangeEffect hook and integrate it into ChatRoute
---------
Co-authored-by: Ne0 <20765145+zeeklog@users.noreply.github.com>
Co-authored-by: TinyTin <garychangcn@hotmail.com>
Co-authored-by: Denis Palnitsky <denis.palnitsky@zendesk.com>
* refactor: improve ChatView layout by keeping ChatForm mounted
* feat: implement focusChat functionality for new conversations and navigations
* refactor: reset artifacts when navigating to prevent any from rendering in a conversation when none exist; edge case, artifacts get created by search route (TODO: use a different artifact renderer for Search markdown)
* chore: remove redundancy of useSetRecoilState and useRecoilValue with useRecoilState in SearchBar
* refactor: remove unnecessary focus effect on text area in ChatForm
* refactor: improve searchbar and clear search button accessibility
* fix: add tabIndex to Conversations component for improved accessibility, moves focus directly conversation items
* style: adjust margin in Header component for improved layout symmetry with Nav
* chore: imports order
* refactor: streamline model preset handling in conversation setup
* refactor: integrate navigation and location hooks in chat functions and event handlers, prevent cache from fetching on final event handling
* fix: prevent adding code interpreter non-image output to file list on message attachment event, fix all unhandled edge cases when this is done (treating the file download as an image attachment, undefined fields, message tokenCount issues, use of `startsWith` on undefined "text") although it is now prevent altogether
* chore: remove unused jailbreak prop from MinimalIcon component in EndpointIcon
* feat: add new SVG icons (MobileSidebar, Sidebar, XAIcon), fix: xAI styling in dark vs. light modes, adjust styling of Landing icons
* fix: open conversation in new tab on navigation with ctrl/meta key
* refactor: update Nav & Header to use close/open sidebar buttons, as well as redesign "New Chat"/"Bookmarks" buttons to the top of the Nav, matching the latest design of ChatGPT for simplicity and to free up space
* chore: remove unused isToggleHovering state and simplify opacity logic in Nav component
* style: match mobile nav to mobile header
