LibreChat

mirror of https://github.com/danny-avila/LibreChat.git synced 2026-03-22 07:36:33 +01:00

History

Danny Avila 594d9470d5 🪤 fix: Avoid express-rate-limit v8 ERR_ERL_KEY_GEN_IPV6 False Positive (#12333 ) * fix: avoid express-rate-limit v8 ERR_ERL_KEY_GEN_IPV6 false positive express-rate-limit v8 calls keyGenerator.toString() and throws ERR_ERL_KEY_GEN_IPV6 if the source contains the literal substring "req.ip" without "ipKeyGenerator". When packages/api compiles req?.ip to older JS targets, the output contains "req.ip", triggering the heuristic. Bracket notation (req?.['ip']) produces identical runtime behavior but never emits the literal "req.ip" substring regardless of compilation target. Closes #12321 * fix: add toString regression test and clean up redundant annotation Add a test that verifies removePorts.toString() does not contain "req.ip", guarding against reintroduction of the ERR_ERL_KEY_GEN_IPV6 false positive. Fix a misleading test description and remove a redundant type annotation on a trivially-inferred local.		2026-03-20 12:32:55 -04:00
..
acl	🏗️ feat: Dynamic MCP Server Infrastructure with Access Control (#10787 )	2025-12-11 16:38:37 -05:00
agents	🪪 fix: Enforce Conversation Ownership Checks in Remote Agent Controllers (#12263 )	2026-03-16 09:19:48 -04:00
apiKeys	🛸 feat: Remote Agent Access with External API Support (#11503 )	2026-01-28 17:44:33 -05:00
app	🎭 fix: Set Explicit Permission Defaults for USER Role in roleDefaults (#12308 )	2026-03-19 14:52:06 -04:00
auth	🛂 fix: Reject OpenID Email Fallback When Stored `openidId` Mismatches Token Sub (#12312 )	2026-03-19 16:42:57 -04:00
cache	⚛️ refactor: Redis Scalability Improvements for High-Throughput Deployments (#11840 )	2026-02-18 00:04:33 -05:00
cdn	🪣 fix: S3 path-style URL support for MinIO, R2, and custom endpoints (#11894 )	2026-02-21 18:36:48 -05:00
cluster	🪪 fix: MCP API Responses and OAuth Validation (#12217 )	2026-03-13 23:18:56 -04:00
crypto	🧵 refactor: Migrate Endpoint Initialization to TypeScript (#10794 )	2025-12-11 16:37:16 -05:00
db	🔧 refactor: Centralize Collection Checks for Permissions Migration (#9565 )	2025-09-10 20:40:58 -04:00
endpoints	🫷 fix: Validate User-Provided Base URL in Endpoint Init (#12248 )	2026-03-15 18:41:59 -04:00
files	💣 fix: Harden against falsified ZIP metadata in ODT parsing (#12320 )	2026-03-19 22:13:40 -04:00
flow	🛂 fix: MCP OAuth Race Conditions, CSRF Fallback, and Token Expiry Handling (#12171 )	2026-03-10 21:15:01 -04:00
mcp	🪝 fix: MCP Refresh token on OAuth Discovery Failure (#12266 )	2026-03-16 09:31:01 -04:00
memory	🛂 feat: Payload limits and Validation for User-created Memories (#8974 )	2025-08-10 14:46:16 -04:00
middleware	🚦 fix: 404 JSON Responses for Unmatched API Routes (#11976 )	2026-02-27 22:49:54 -05:00
oauth	🔒 fix: Secure Cookie Localhost Bypass and OpenID Token Selection in AuthService (#11782 )	2026-02-13 10:35:51 -05:00
prompts	🧵 refactor: Migrate Endpoint Initialization to TypeScript (#10794 )	2025-12-11 16:37:16 -05:00
stream	🛰️ fix: Cross-Replica Created Event Delivery (#12231 )	2026-03-15 11:11:10 -04:00
tools	🧩 fix: Expand Toolkit Definitions to Include Child Tools in Event-Driven Mode (#12066 )	2026-03-04 09:28:20 -05:00
types	🛰️ fix: Cross-Replica Created Event Delivery (#12231 )	2026-03-15 11:11:10 -04:00
utils	🪤 fix: Avoid express-rate-limit v8 ERR_ERL_KEY_GEN_IPV6 False Positive (#12333 )	2026-03-20 12:32:55 -04:00
web	🛡️ fix: Validate User-provided URLs for Web Search (#12247 )	2026-03-15 18:05:08 -04:00
index.ts	⚡ refactor: Replace `tiktoken` with `ai-tokenizer` (#12175 )	2026-03-10 23:14:52 -04:00