mirror of https://github.com/danny-avila/LibreChat.git synced 2026-03-21 23:26:34 +01:00

Enhanced ChatGPT Clone: Features Agents, MCP, DeepSeek, Anthropic, AWS, OpenAI, Responses API, Azure, Groq, o1, GPT-5, Mistral, OpenRouter, Vertex AI, Gemini, Artifacts, AI model switching, message search, Code Interpreter, langchain, DALL-E-3, OpenAPI Actions, Functions, Secure Multi-User Auth, Presets, open-source for self-hosting. Active. https://librechat.ai/

ai anthropic artifacts aws azure chatgpt chatgpt-clone claude clone deepseek gemini google gpt-5 librechat mcp o1 openai responses-api vision webui

Find a file

Danny Avila 1ecff83b20 🪦 fix: ACL-Safe User Account Deletion for Agents, Prompts, and MCP Servers (#12314 ) * fix: use ACL ownership for prompt group cleanup on user deletion deleteUserPrompts previously called getAllPromptGroups with only an author filter, which defaults to searchShared=true and drops the author filter for shared/global project entries. This caused any user deleting their account to strip shared prompt group associations and ACL entries for other users. Replace the author-based query with ACL-based ownership lookup: - Find prompt groups where the user has OWNER permission (DELETE bit) - Only delete groups where the user is the sole owner - Preserve multi-owned groups and their ACL entries for other owners * fix: use ACL ownership for agent cleanup on user deletion deleteUserAgents used the deprecated author field to find and delete agents, then unconditionally removed all ACL entries for those agents. This could destroy ACL entries for agents shared with or co-owned by other users. Replace the author-based query with ACL-based ownership lookup: - Find agents where the user has OWNER permission (DELETE bit) - Only delete agents where the user is the sole owner - Preserve multi-owned agents and their ACL entries for other owners - Also clean up handoff edges referencing deleted agents * fix: add MCP server cleanup on user deletion User deletion had no cleanup for MCP servers, leaving solely-owned servers orphaned in the database with dangling ACL entries for other users. Add deleteUserMcpServers that follows the same ACL ownership pattern as prompt groups and agents: find servers with OWNER permission, check for sole ownership, and only delete those with no other owners. * style: fix prettier formatting in Prompt.spec.js * refactor: extract getSoleOwnedResourceIds to PermissionService The ACL sole-ownership detection algorithm was duplicated across deleteUserPrompts, deleteUserAgents, and deleteUserMcpServers. Centralizes the three-step pattern (find owned entries, find other owners, compute sole-owned set) into a single reusable utility. * refactor: use getSoleOwnedResourceIds in all deletion functions - Replace inline ACL queries with the centralized utility - Remove vestigial _req parameter from deleteUserPrompts - Use Promise.all for parallel project removal instead of sequential awaits - Disconnect live MCP sessions and invalidate tool cache before deleting sole-owned MCP server documents - Export deleteUserMcpServers for testability * test: improve deletion test coverage and quality - Move deleteUserPrompts call to beforeAll to eliminate execution-order dependency between tests - Standardize on test() instead of it() for consistency in Prompt.spec.js - Add assertion for deleting user's own ACL entry preservation on multi-owned agents - Add deleteUserMcpServers integration test suite with 6 tests covering sole-owner deletion, multi-owner preservation, session disconnect, cache invalidation, model-not-registered guard, and missing MCPManager - Add PermissionService mock to existing deleteUser.spec.js to fix import chain * fix: add legacy author-based fallback for unmigrated resources Resources created before the ACL system have author set but no AclEntry records. The sole-ownership detection returns empty for these, causing deleteUserPrompts, deleteUserAgents, and deleteUserMcpServers to silently skip them — permanently orphaning data on user deletion. Add a fallback that identifies author-owned resources with zero ACL entries (truly unmigrated) and includes them in the deletion set. This preserves the multi-owner safety of the ACL path while ensuring pre-ACL resources are still cleaned up regardless of migration status. * style: fix prettier formatting across all changed files * test: add resource type coverage guard for user deletion Ensures every ResourceType in the ACL system has a corresponding cleanup handler wired into deleteUserController. When a new ResourceType is added (e.g. WORKFLOW), this test fails immediately, preventing silent data orphaning on user account deletion. * style: fix import order in PermissionService destructure * test: add opt-out set and fix test lifecycle in coverage guard Add NO_USER_CLEANUP_NEEDED set for resource types that legitimately require no per-user deletion. Move fs.readFileSync into beforeAll so path errors surface as clean test failures instead of unhandled crashes.		2026-03-19 17:46:14 -04:00
.devcontainer	🪦 refactor: Remove Legacy Code (#10533 )	2025-12-11 16:36:12 -05:00
.github	⚡ refactor: Parallelize CI Workflows with Isolated Caching and Fan-Out Test Jobs (#12088 )	2026-03-05 13:56:07 -05:00
.husky	⚡ refactor: Latest Message Tracking with Robust Text Key Generation (#10059 )	2025-10-10 04:22:16 -04:00
.vscode	🔐 feat: Granular Role-based Permissions + Entra ID Group Discovery (#7804 )	2025-08-13 16:24:17 -04:00
api	🪦 fix: ACL-Safe User Account Deletion for Agents, Prompts, and MCP Servers (#12314 )	2026-03-19 17:46:14 -04:00
client	📦 chore: Bump `@dicebear` dependencies to v9.4.1 (#12315 )	2026-03-19 16:44:38 -04:00
config	🏷️ chore: Remove Docker Images by Named Tag in `deployed-update.js` (#12138 )	2026-03-08 21:48:22 -04:00
e2e	✨ v0.8.4-rc1 (#12285 )	2026-03-17 16:08:48 -04:00
helm	✨ v0.8.4-rc1 (#12285 )	2026-03-17 16:08:48 -04:00
packages	📦 chore: Bump `@dicebear` dependencies to v9.4.1 (#12315 )	2026-03-19 16:44:38 -04:00
redis-config	🔄 refactor: Migrate Cache Logic to TypeScript (#9771 )	2025-10-02 09:33:58 -04:00
src/tests	🆔 feat: Add OpenID Connect Federated Provider Token Support (#9931 )	2025-11-21 09:51:11 -05:00
utils	🐳 chore: Update image registry references in Docker/Helm configurations (#12026 )	2026-03-02 22:14:50 -05:00
.dockerignore	🐳 : Further Docker build Cleanup & Docs Update (#1502 )	2024-01-06 11:59:08 -05:00
.env.example	🛂 fix: MCP OAuth Race Conditions, CSRF Fallback, and Token Expiry Handling (#12171 )	2026-03-10 21:15:01 -04:00
.gitignore	🏎️ feat: Smart Reinstall with Turborepo Caching for Better DX (#11785 )	2026-02-13 14:25:26 -05:00
.prettierrc	🧹 chore: Migrate to Flat ESLint Config & Update Prettier Settings (#5737 )	2025-02-09 12:15:20 -05:00
AGENTS.md	🧪 chore: MCP Reconnect Storm Follow-Up Fixes and Integration Tests (#12172 )	2026-03-10 17:44:13 -04:00
bun.lock	✨ v0.8.4-rc1 (#12285 )	2026-03-17 16:08:48 -04:00
CLAUDE.md	✳️ docs: Point CLAUDE.md to AGENTS.md (#11886 )	2026-02-20 16:23:33 -05:00
deploy-compose.yml	🐳 chore: Update image registry references in Docker/Helm configurations (#12026 )	2026-03-02 22:14:50 -05:00
docker-compose.override.yml.example	🐳 chore: Update image registry references in Docker/Helm configurations (#12026 )	2026-03-02 22:14:50 -05:00
docker-compose.yml	🐳 chore: Update image registry references in Docker/Helm configurations (#12026 )	2026-03-02 22:14:50 -05:00
Dockerfile	🐳 chore: Upgrade Alpine packages in Dockerfiles (#12316 )	2026-03-19 17:07:08 -04:00
Dockerfile.multi	🐳 chore: Upgrade Alpine packages in Dockerfiles (#12316 )	2026-03-19 17:07:08 -04:00
eslint.config.mjs	🧩 chore: Extract Agent Client Utilities to `/packages/api` (#11789 )	2026-02-13 23:17:53 -05:00
librechat.example.yaml	✨ v0.8.3 (#12161 )	2026-03-09 15:19:57 -04:00
LICENSE	⚖️ docs: Update LICENSE.md Year: 2024 -> 2025 (#5915 )	2025-02-17 10:39:46 -05:00
package-lock.json	📦 chore: Bump `@dicebear` dependencies to v9.4.1 (#12315 )	2026-03-19 16:44:38 -04:00
package.json	📦 chore: NPM audit packages (#12286 )	2026-03-17 17:04:18 -04:00
rag.yml	🐳 chore: Update image registry references in Docker/Helm configurations (#12026 )	2026-03-02 22:14:50 -05:00
README.md	🚅 docs: update Railway template link (#11966 )	2026-02-26 17:24:02 -05:00
turbo.json	🏎️ feat: Smart Reinstall with Turborepo Caching for Better DX (#11785 )	2026-02-13 14:25:26 -05:00

README.md

LibreChat

✨ Features

🖥️ UI & Experience inspired by ChatGPT with enhanced design and features
🤖 AI Model Selection:
- Anthropic (Claude), AWS Bedrock, OpenAI, Azure OpenAI, Google, Vertex AI, OpenAI Responses API (incl. Azure)
- Custom Endpoints: Use any OpenAI-compatible API with LibreChat, no proxy required
- Compatible with Local & Remote AI Providers:
  - Ollama, groq, Cohere, Mistral AI, Apple MLX, koboldcpp, together.ai,
  - OpenRouter, Helicone, Perplexity, ShuttleAI, Deepseek, Qwen, and more
🔧 Code Interpreter API:
- Secure, Sandboxed Execution in Python, Node.js (JS/TS), Go, C/C++, Java, PHP, Rust, and Fortran
- Seamless File Handling: Upload, process, and download files directly
- No Privacy Concerns: Fully isolated and secure execution
🔦 Agents & Tools Integration:
- LibreChat Agents:
  - No-Code Custom Assistants: Build specialized, AI-driven helpers
  - Agent Marketplace: Discover and deploy community-built agents
  - Collaborative Sharing: Share agents with specific users and groups
  - Flexible & Extensible: Use MCP Servers, tools, file search, code execution, and more
  - Compatible with Custom Endpoints, OpenAI, Azure, Anthropic, AWS Bedrock, Google, Vertex AI, Responses API, and more
  - Model Context Protocol (MCP) Support for Tools
🔍 Web Search:
- Search the internet and retrieve relevant information to enhance your AI context
- Combines search providers, content scrapers, and result rerankers for optimal results
- Customizable Jina Reranking: Configure custom Jina API URLs for reranking services
- Learn More →
🪄 Generative UI with Code Artifacts:
- Code Artifacts allow creation of React, HTML, and Mermaid diagrams directly in chat
🎨 Image Generation & Editing
- Text-to-image and image-to-image with GPT-Image-1
- Text-to-image with DALL-E (3/2), Stable Diffusion, Flux, or any MCP server
- Produce stunning visuals from prompts or refine existing images with a single instruction
💾 Presets & Context Management:
- Create, Save, & Share Custom Presets
- Switch between AI Endpoints and Presets mid-chat
- Edit, Resubmit, and Continue Messages with Conversation branching
- Create and share prompts with specific users and groups
- Fork Messages & Conversations for Advanced Context control
💬 Multimodal & File Interactions:
- Upload and analyze images with Claude 3, GPT-4.5, GPT-4o, o1, Llama-Vision, and Gemini 📸
- Chat with Files using Custom Endpoints, OpenAI, Azure, Anthropic, AWS Bedrock, & Google 🗃️
🌎 Multilingual UI:
- English, 中文 (简体), 中文 (繁體), العربية, Deutsch, Español, Français, Italiano
- Polski, Português (PT), Português (BR), Русский, 日本語, Svenska, 한국어, Tiếng Việt
- Türkçe, Nederlands, עברית, Català, Čeština, Dansk, Eesti, فارسی
- Suomi, Magyar, Հայերեն, Bahasa Indonesia, ქართული, Latviešu, ไทย, ئۇيغۇرچە
🧠 Reasoning UI:
- Dynamic Reasoning UI for Chain-of-Thought/Reasoning AI models like DeepSeek-R1
🎨 Customizable Interface:
- Customizable Dropdown & Interface that adapts to both power users and newcomers
🌊 Resumable Streams:
- Never lose a response: AI responses automatically reconnect and resume if your connection drops
- Multi-Tab & Multi-Device Sync: Open the same chat in multiple tabs or pick up on another device
- Production-Ready: Works from single-server setups to horizontally scaled deployments with Redis
🗣️ Speech & Audio:
- Chat hands-free with Speech-to-Text and Text-to-Speech
- Automatically send and play Audio
- Supports OpenAI, Azure OpenAI, and Elevenlabs
📥 Import & Export Conversations:
- Import Conversations from LibreChat, ChatGPT, Chatbot UI
- Export conversations as screenshots, markdown, text, json
🔍 Search & Discovery:
- Search all messages/conversations
👥 Multi-User & Secure Access:
- Multi-User, Secure Authentication with OAuth2, LDAP, & Email Login Support
- Built-in Moderation, and Token spend tools
⚙️ Configuration & Deployment:
- Configure Proxy, Reverse Proxy, Docker, & many Deployment options
- Use completely local or deploy on the cloud
📖 Open-Source & Community:
- Completely Open-Source & Built in Public
- Community-driven development, support, and feedback

For a thorough review of our features, see our docs here 📚

🪶 All-In-One AI Conversations with LibreChat

LibreChat is a self-hosted AI chat platform that unifies all major AI providers in a single, privacy-focused interface.

Beyond chat, LibreChat provides AI Agents, Model Context Protocol (MCP) support, Artifacts, Code Interpreter, custom actions, conversation search, and enterprise-ready multi-user authentication.

Open source, actively developed, and built for anyone who values control over their AI infrastructure.

🌐 Resources

GitHub Repo:

RAG API: github.com/danny-avila/rag_api
Website: github.com/LibreChat-AI/librechat.ai

Other:

Website: librechat.ai
Documentation: librechat.ai/docs
Blog: librechat.ai/blog

📝 Changelog

Keep up with the latest updates by visiting the releases page and notes:

⚠️ Please consult the changelog for breaking changes before updating.

⭐ Star History

✨ Contributions

Contributions, suggestions, bug reports and fixes are welcome!

For new features, components, or extensions, please open an issue and discuss before sending a PR.

If you'd like to help translate LibreChat into your language, we'd love your contribution! Improving our translations not only makes LibreChat more accessible to users around the world but also enhances the overall user experience. Please check out our Translation Guide.

💖 This project exists in its current state thanks to all the people who contribute

🎉 Special Thanks

We thank Locize for their translation management tools that support multiple languages in LibreChat.