LibreChat

mirror of https://github.com/danny-avila/LibreChat.git synced 2026-04-07 00:15:23 +02:00

History

Danny Avila 978ce2b4eb fix: validate auth server identity and target cleanup to reused clients - Gate client reuse on authorization server identity: compare stored issuer against freshly discovered metadata before reusing, preventing wrong-client reuse when the MCP server switches auth providers - Add reusedStoredClient flag to MCPOAuthFlowMetadata so cleanup only runs when the failed flow actually reused a stored registration, not on unrelated failures (timeouts, user-denied consent, etc.) - Add cleanup in returnOnOAuth path: when a prior flow that reused a stored client is detected as failed, clear the stale registration before re-initiating - Add tests for issuer mismatch and reusedStoredClient flag assertions		2026-04-03 19:28:52 -04:00
..
api	fix: validate auth server identity and target cleanup to reused clients	2026-04-03 19:28:52 -04:00
client	🗣️ fix: Prevent `@librechat/client` useLocalize from Overwriting Host App Language State (#12515 )	2026-04-03 15:01:39 -04:00
data-provider	🔨 fix: Custom Role Permissions (#12528 )	2026-04-03 13:24:11 -04:00
data-schemas	🔎 fix: Specify Explicit Primary Key for Meilisearch Document Operations (#12542 )	2026-04-03 18:01:06 -04:00