LibreChat

mirror of https://github.com/danny-avila/LibreChat.git synced 2026-04-03 14:27:20 +02:00

History

Dustin Healy 2451bf54cf 🛡️ fix: Restrict System Grants to Role Principals (#12491 ) * 🛡️ fix: restrict system grants to role principals only Narrows GrantPrincipalType to PrincipalType.ROLE, rejecting GROUP and USER with 400. Removes grant cascade cleanup from group/user deletion handlers and their route wiring since only roles can hold grants. * 🛡️ fix: address review findings for grants roles-only restriction Add missing GROUP rejection test for revokeGrant (symmetric with getPrincipalGrants and assignGrant coverage), add extensibility comment to GrantPrincipalType, and document the checkRoleExists guard.		2026-03-31 19:25:14 -04:00
..
controllers	💰 fix: Lazy-Initialize Balance Record at Check Time for Overrides (#12474 )	2026-03-30 22:51:07 -04:00
middleware	🏗️ refactor: Remove Redundant Caching, Migrate Config Services to TypeScript (#12466 )	2026-03-30 16:49:48 -04:00
routes	🛡️ fix: Restrict System Grants to Role Principals (#12491 )	2026-03-31 19:25:14 -04:00
services	🏗️ refactor: Remove Redundant Caching, Migrate Config Services to TypeScript (#12466 )	2026-03-30 16:49:48 -04:00
utils	🏗️ refactor: Remove Redundant Caching, Migrate Config Services to TypeScript (#12466 )	2026-03-30 16:49:48 -04:00
cleanup.js	🧹 refactor: Tighten Config Schema Typing and Remove Deprecated Fields (#12452 )	2026-03-29 01:10:57 -04:00
experimental.js	⚖️ refactor: Split Config Route into Unauthenticated and Authenticated Paths (#12490 )	2026-03-31 19:22:51 -04:00
index.js	⚖️ refactor: Split Config Route into Unauthenticated and Authenticated Paths (#12490 )	2026-03-31 19:22:51 -04:00
index.spec.js	🚦 fix: 404 JSON Responses for Unmatched API Routes (#11976 )	2026-02-27 22:49:54 -05:00
socialLogins.js	🔐 feat: Admin Auth Support for SAML and Social OAuth Providers (#12472 )	2026-03-30 22:49:44 -04:00