Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-03-16 20:56:35 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
LibreChat/api/server/controllers/agents
History
Danny Avila 6f87b49df8
🛂 fix: Enforce Actions Capability Gate Across All Event-Driven Tool Loading Paths (#12252) 
* fix: gate action tools by actions capability in all code paths

Extract resolveAgentCapabilities helper to eliminate 3x-duplicated
capability resolution. Apply early action-tool filtering in both
loadToolDefinitionsWrapper and loadAgentTools non-definitions path.
Gate loadActionToolsForExecution in loadToolsForExecution behind an
actionsEnabled parameter with a cache-based fallback. Replace the
late capability guard in loadAgentTools with a hasActionTools check
to avoid unnecessary loadActionSets DB calls and duplicate warnings.

* fix: thread actionsEnabled through InitializedAgent type

Add actionsEnabled to the loadTools callback return type,
InitializedAgent, and the initializeAgent destructuring/return
so callers can forward the resolved value to loadToolsForExecution
without redundant getEndpointsConfig cache lookups.

* fix: pass actionsEnabled from callers to loadToolsForExecution

Thread actionsEnabled through the agentToolContexts map in
initialize.js (primary and handoff agents) and through
primaryConfig in the openai.js and responses.js controllers,
avoiding per-tool-call capability re-resolution on the hot path.

* test: add regression tests for action capability gating

Test the real exported functions (resolveAgentCapabilities,
loadAgentTools, loadToolsForExecution) with mocked dependencies
instead of shadow re-implementations. Covers definition filtering,
execution gating, actionsEnabled param forwarding, and fallback
capability resolution.

* test: use Constants.EPHEMERAL_AGENT_ID in ephemeral fallback test

Replaces a string guess with the canonical constant to avoid
fragility if the ephemeral detection heuristic changes.

* fix: populate agentToolContexts for addedConvo parallel agents

After processAddedConvo returns, backfill agentToolContexts for
any agents in agentConfigs not already present, so ON_TOOL_EXECUTE
for added-convo agents receives actionsEnabled instead of falling
back to a per-call cache lookup.
2026-03-15 23:01:36 -04:00
..
__tests__ 🛡️ refactor: Scope Action Mutations by Parent Resource Ownership (#12237) 2026-03-15 10:19:29 -04:00
callbacks.js 🪆 refactor: Internalize Producer Event Handling into Agent Graph Context (#11816) 2026-02-17 00:53:22 -05:00
client.js refactor: Replace tiktoken with ai-tokenizer (#12175) 2026-03-10 23:14:52 -04:00
client.test.js 🪙 feat: Add messageId to Transactions (#11987) 2026-02-27 23:50:13 -05:00
errors.js 🛜 refactor: Streamline App Config Usage (#9234) 2025-08-26 12:10:18 -04:00
filterAuthorizedTools.spec.js 🔏 fix: Enforce MCP Server Authorization on Agent Tool Persistence (#12250) 2026-03-15 20:08:34 -04:00
openai.js 🛂 fix: Enforce Actions Capability Gate Across All Event-Driven Tool Loading Paths (#12252) 2026-03-15 23:01:36 -04:00
recordCollectedUsage.spec.js 🧮 refactor: Bulk Transactions & Balance Updates for Token Spending (#11996) 2026-03-01 12:26:36 -05:00
request.js 📌 fix: Populate userMessage.files Before First DB Save (#11939) 2026-02-26 09:16:45 -05:00
responses.js 🛂 fix: Enforce Actions Capability Gate Across All Event-Driven Tool Loading Paths (#12252) 2026-03-15 23:01:36 -04:00
v1.js 🔏 fix: Enforce MCP Server Authorization on Agent Tool Persistence (#12250) 2026-03-15 20:08:34 -04:00
v1.spec.js 🪪 fix: Enforce VIEW ACL on Agent Edge References at Write and Runtime (#12246) 2026-03-15 18:08:57 -04:00