LibreChat

mirror of https://github.com/danny-avila/LibreChat.git synced 2026-03-16 04:36:34 +01:00

History

Danny Avila 189cdf581d 🔐 fix: Add User Filter to Message Deletion (#12220 ) * fix: add user filter to message deletion to prevent IDOR * refactor: streamline DELETE request syntax in messages-delete test - Simplified the DELETE request syntax in the messages-delete.spec.js test file by combining multiple lines into a single line for improved readability. This change enhances the clarity of the test code without altering its functionality. * fix: address review findings for message deletion IDOR fix * fix: add user filter to message deletion in conversation tests - Included a user filter in the message deletion test to ensure proper handling of user-specific deletions, enhancing the accuracy of the test case and preventing potential IDOR vulnerabilities. * chore: lint		2026-03-13 23:42:37 -04:00
..
controllers	🪪 fix: MCP API Responses and OAuth Validation (#12217 )	2026-03-13 23:18:56 -04:00
middleware	🚦 fix: Add Rate Limiting to Conversation Duplicate Endpoint (#12218 )	2026-03-13 23:40:44 -04:00
routes	🔐 fix: Add User Filter to Message Deletion (#12220 )	2026-03-13 23:42:37 -04:00
services	🧪 chore: MCP Reconnect Storm Follow-Up Fixes and Integration Tests (#12172 )	2026-03-10 17:44:13 -04:00
utils	🚦 fix: Add Rate Limiting to Conversation Duplicate Endpoint (#12218 )	2026-03-13 23:40:44 -04:00
cleanup.js	🪣 fix: Prevent Memory Retention from AsyncLocalStorage Context Propagation (#11942 )	2026-02-25 17:41:23 -05:00
experimental.js	🚦 fix: 404 JSON Responses for Unmatched API Routes (#11976 )	2026-02-27 22:49:54 -05:00
index.js	🚦 fix: 404 JSON Responses for Unmatched API Routes (#11976 )	2026-02-27 22:49:54 -05:00
index.spec.js	🚦 fix: 404 JSON Responses for Unmatched API Routes (#11976 )	2026-02-27 22:49:54 -05:00
socialLogins.js	🔒 fix: Secure Cookie Localhost Bypass and OpenID Token Selection in AuthService (#11782 )	2026-02-13 10:35:51 -05:00