* ✨ v0.8.0
* 🔧 chore: Update config version to 1.3.0
* 🔧 chore: Bump @librechat/api version to 1.4.1
* 🔧 chore: Update @librechat/client version to 0.3.1
* 🔧 chore: Bump librechat-data-provider version to 0.8.020
* 🔧 chore: Bump @librechat/data-schemas version to 0.0.23
* Add support for extra secrets and config maps in helm deployment template
* expose single env field in values field instead of extra secret and config map fields
* a small fix
* initialize servers sequentially
* adjust for exported properties that are not nullable anymore
* use underscore separator
* mock with set
* customize init timeout via env var
* feat: Add new Claude models to sharedAnthropicModels list
* chore: use correct claude aliases for default list
* chore: update deepseek model rates for accuracy
* chore: update @librechat/agents dependency to version 2.4.82
* chore: move domain related functions to `packages/api`
* fix: isEmailDomainAllowed for case-insensitive domain matching
- Added tests to validate case-insensitive matching for email domains in various scenarios.
- Updated isEmailDomainAllowed function to convert email domains to lowercase for consistent comparison.
- Improved handling of null/undefined entries in allowedDomains.
* ci: Mock isEmailDomainAllowed in samlStrategy tests
- Added a mock implementation for isEmailDomainAllowed to return true in samlStrategy tests, ensuring consistent behavior during test execution.
* ci: Update import of isEmailDomainAllowed in ldapStrategy tests
- Changed the import of isEmailDomainAllowed from the domains service to the api package for consistency and to reflect recent refactoring.
* fix: Prevent MCPSelect from rendering when not pinned and no values are available
* fix: Exclude 'pinned' keys from timestamped storage cleanup logic
* fix: Safeguard MCPSelect rendering by adding optional chaining for mcpValues
Add ability to configure hostAliases in Helm chart to redirect traffic to proxy servers or custom endpoints via /etc/hosts entries.
Co-authored-by: Feng Lu <feng.lu@kindredgroup.com>
* refactor: move `loadOCRConfig` from `packages/data-provider` to `packages/api` and return `undefined` if not explicitly configured
* fix: loadOCRConfig import from @librechat/api
* refactor: update defaultTextMimeTypes to support virtually all file types for text parsing
* fix: improve OCR capability check and error message for unsupported file types
* ci: remove unnecessary ocr expectation from AppService test
* 🌐 feat: OpenRouter Web Search
- Added tests for handling web_search parameter with OpenRouter in various scenarios.
- Implemented logic to manage web_search in modelOptions and addParams/dropParams.
- Ensured correct configuration of llmConfig and modelKwargs for OpenRouter, including handling of plugins.
- Improved overall integration of OpenRouter with OpenAI API, ensuring expected behavior across different configurations.
* chore: bump @librechat/agents to v2.4.81
- Added tests to validate behavior of web_search parameter in getOpenAIConfig function.
- Implemented logic to handle web_search in addParams and dropParams, ensuring correct precedence and behavior.
- Ensured web_search does not appear in modelKwargs or llmConfig when not applicable.
- Improved overall configuration management for OpenAI API integration.
- Fixed a bug in reinitMCPServer where a user connection was created for an app-level server whenever this server is reinitialized
- Made MCPManager.getUserConnection to return an error if the connection is app-level
- Add MCPManager.getConnection to return either an app connection or a user connection based on the serverName
- Made MCPManager.appConnections public to avoid unnecessary wrapper methods.
* 🕵️ feat: Enhance Index Sync and MeiliSearch filtering for User Field
- Implemented `ensureFilterableAttributes` function to configure MeiliSearch indexes for messages and conversations to filter by user.
- Updated sync logic to trigger a full re-sync if the user field is missing or index settings are modified.
- Adjusted search queries in Conversation and Message models to include user filtering.
- Ensured 'user' field is marked as filterable in MongoDB schema for both messages and conversations.
This update improves data integrity and search capabilities by ensuring user-related data is properly indexed and retrievable.
* fix: message processing in Search component to use linear list and not tree
* feat: Implement user filtering in MeiliSearch for shared links
* refactor: Optimize message search retrieval by batching database calls
* chore: Update MeiliSearch parameters type to use SearchParams for improved type safety
* add use of immutable claims to identify user object
* fix semicolons
* update email attribute on change
* replace ternary expressions
* fix semicolon
* chore: add typing
* chore: reorder fields in `findOpenIDUser`
* refactor: optimize user lookup logic in `findOpenIDUser` function to minimize database roundtrips
* refactor: integrate findOpenIDUser for improved user retrieval in refreshController
* refactor: improve error logging for invalid refresh tokens in refreshController
* ci: mock findUser correctly in openidStrategy tests
* test: add unit tests for findOpenIDUser function to enhance user retrieval logic
---------
Co-authored-by: Joachim Keltsch <joachim.keltsch@daimlertruck.com>
This PR adds DNS configuration support to the LibreChat Helm chart, enabling users to redirect traffic to proxy servers or use custom DNS settings.
## What's Changed
- Added dnsPolicy and dnsConfig fields to deployment.yaml template
- Added DNS configuration options to values.yaml with comprehensive examples
- Created documentation and example configurations
## Use Cases
- Redirect AI service traffic (AWS Bedrock, OpenAI, etc.) to proxy servers
- Use corporate DNS servers for name resolution
- Control traffic routing through custom DNS configurations
- Enforce traffic through security gateways
## Configuration Example
```yaml
dnsPolicy: "None"
dnsConfig:
nameservers:
- "10.0.0.10" # Custom DNS server for redirections
searches:
- "svc.cluster.local"
options:
- name: ndots
value: "2"
```
## Testing Results
✅ Successfully tested with Docker Compose environment
✅ DNS resolution correctly redirects to configured IPs
✅ HTTP requests properly routed to proxy servers
✅ Tested with multiple domains (AWS Bedrock, OpenAI, SageMaker)
Test output:
- bedrock-runtime.us-east-1.amazonaws.com -> 172.25.0.10 ✓
- api.openai.com -> 172.25.0.10 ✓
- sagemaker-runtime.us-east-1.amazonaws.com -> 172.25.0.10 ✓
All DNS redirects working correctly with proxy server receiving traffic.
## Documentation
- Added comprehensive DNS_CONFIGURATION.md guide
- Included examples for common use cases
- Provided troubleshooting steps
## Backward Compatibility
This change is fully backward compatible. If dnsPolicy and dnsConfig are not specified, the default Kubernetes DNS behavior is maintained.
Fixes #[issue_number]
Co-authored-by: LibreChat User <user@example.com>
* feat: support multiple roles in OPENID_REQUIRED_ROLE
- Allow comma-separated roles in OPENID_REQUIRED_ROLE environment variable
- User needs ANY of the specified roles to login (OR logic)
- Maintain backward compatibility with single role configuration
- Add comprehensive test coverage for multiple role scenarios
* Add tests
* Fix linter
* Add missing closing brace
* Add new line
* Simplify tests
* Refresh OpenID verify callback in tests
* Fix OpenID spec and resolve linting errors
* test: Add backward compatibility test for single required role in OpenID strategy
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
- Update MongoDB chart dependency from v16.3.0 to v16.5.45
- Add explicit containerPort configuration with fallback to service.port
- Standardize port references in health probes to use explicit port numbers
- Add targetPort and containerPort fields to service configuration
- Include service type options as inline comment for better clarity
These changes improve the Helm chart's port management flexibility and
bring the MongoDB dependency up to date with the latest stable version.
Co-authored-by: Jerum Hubbert <jerum.hubbert@scientificgames.com>
* refactor: Remove unused imports and consolidate ephemeral agent logic
* refactor: Side Panel agent handling to account for ephemeral agents for UI
* refactor: Replace Constants.EPHEMERAL_AGENT_ID checks with isEphemeralAgent utility for consistency
* ci: AgentPanel tests with additional mock configurations and utility functions
* chore: Improve logging format for initial flow state creation
* refactor: MCP Tool Management with Improved Auth Handling and State Management
- Updated `CustomUserVarsSection` to include optional localization for placeholder text.
- Refactored `MCPToolSelectDialog` to streamline tool addition and management, including improved handling of authentication data.
- Introduced a new `addToolsToForm` function to encapsulate logic for adding tools to the form state.
- Enhanced `useRemoveMCPTool` hook to simplify tool removal logic and ensure proper state updates.
- Added loading state management for custom variable saving to improve user experience.
* refactor: Enhance MCP Tool Removal Logic and Integrate Toast Notifications
- Updated `MCPToolSelectDialog` to utilize the new `removeTool` function from the `useRemoveMCPTool` hook for improved tool removal handling.
- Refactored `useRemoveMCPTool` to accept options for toast notifications, allowing for more flexible user feedback during tool removal.
- Removed the previous inline tool removal logic to streamline the component's code and improve maintainability.
* refactor: Enhance user plugins mutation to invalidate MCP auth values on uninstall
* refactor: Replace refetchQueries with invalidateQueries for improved cache management
* chore: remove unused i18n key
* refactor: Implement gradual backoff polling for oauth connection status with timeout handling
* refactor: Enhance OAuth polling with gradual backoff and timeout handling; update reconnection tracking
* refactor: reconnection timeout behavior in OAuthReconnectionManager and OAuthReconnectionTracker
- Implement tests to verify reconnection timeout handling, including tracking of reconnection states and cleanup of timed-out entries.
- Enhance existing methods in OAuthReconnectionManager and OAuthReconnectionTracker to support timeout checks and cleanup logic.
- Ensure proper handling of multiple servers with different timeout periods and edge cases for active states.
* chore: remove comment
* refactor: Enforce strict 3-minute OAuth timeout with updated polling intervals and improved timeout handling
* refactor: Remove unused polling logic and prevent duplicate polling for servers in MCP server manager
* refactor: Update localization key for no memories message in MemoryViewer
* refactor: Improve MCP tool initialization by handling server failures
- Introduced a mechanism to track failed MCP servers, preventing retries for unavailable servers.
- Added logging for failed tool creation attempts to enhance debugging and monitoring.
* refactor: Update reconnection timeout to enforce a strict 3-minute limit
* ci: Update reconnection timeout tests to reflect a strict 3-minute limit
* ci: Update reconnection timeout tests to enforce a strict 3-minute limit
* chore: Remove unused MCP connection timeout message
🔄 refactor: Optimize MCP Tool Initialization
fix: update tool caching to use separated mcp logic
refactor: Replace `req.user` with `userId` in MCP handling functions
refactor: Replace `req` parameter with `userId` in file search tool functions
fix: Update user connection parameter to use object format in reinitMCPServer
refactor: Simplify MCP tool creation logic and improve handling of tool configurations to avoid capturing too much in closures
refactor: ensure MCP available tools are fetched from cache only when needed
* fix: axios response logging for text parsing, remove console logging, remove jsdoc
* refactor: error logging in logAxiosError function to handle various error types with type guards
* refactor: enhance text parsing with improved error handling and async file reading
* refactor: replace synchronous file reading with asynchronous methods for improved performance and memory management
* ci: update tests
* fix: increment tag counters when forking/duplicating conversations
- Add bulkIncrementTagCounts to update existing tag counts in bulk
- Integrate tag count updates into importBatchBuilder.saveBatch() using Promise.all
- Update frontend mutations to directly update cache instead of invalidating queries
- Optimize bulkIncrementTagCounts to skip unnecessary database queries
Fixes issue where forked/duplicated conversations with bookmarks would not increment
tag counters, leading to negative counts when bookmarks were later removed.
* chore: reorder import statements for clarity in fork.spec.js
* chore: Update documentation for formatToolContent function, remove JSDoc types and duplicate comments
* chore: fix type errors due to attachment.filename in Attachment component
* bug: updating so text doesn't delete
* fix: preserve user input when typing during AI response
Previously, form.reset() would clear any text the user started typing while waiting for AI response. Now checks if textarea has new content before resetting, preventing text loss and improving UX.
* chore: revert useSubmitMessage changes
* fix: reduce debounce time for input handling in auto-save
* fix: improve debounce handling for auto-save input to enhance user experience
---------
Co-authored-by: Megan Greenberg <mgreenberg@networkninja.com>
* fix: respect server's token endpoint auth methods for MCP OAuth refresh
Previously, LibreChat always used Basic Auth when refreshing OAuth tokens if a
client_secret was present. This caused issues with servers (like FastMCP) that
only support client_secret_post. Now properly checks and respects the server's
advertised token_endpoint_auth_methods_supported.
Fixes token refresh failures with error: "refresh_token.client_id: Field required"
* chore: remove MCP OAuth URL Logging
* fix: correctly build conversation template and preset for chats starting from marketplace
* test: enhance AgentDetail tests with additional localization and conversation mocks
