Danny Avila c20266c4f9 fix: address review findings — tests, types, normalization, docs ... - Add deleteTokens method to InMemoryTokenStore matching TokenMethods contract; update test call site from deleteToken to deleteTokens - Add MCPConnectionFactory test: returnOnOAuth flow fails with invalid_client → clearStaleClientIfRejected invoked automatically - Add mcp.spec.js tests: OAuth error with CSRF → failFlow called; OAuth error without cookies → failFlow NOT called (DoS prevention) - Add JSDoc to isClientRejection with RFC 6749 and vendor attribution - Add inline comment explaining findToken/deleteTokens coupling guard - Normalize issuer comparison: strip trailing slashes to prevent spurious re-registrations from URL formatting differences - Fix dead-code: use local reusedStoredClient variable in PENDING join return instead of re-reading flowMeta		2026-04-03 21:43:02 -04:00
..
api	fix: address review findings — tests, types, normalization, docs	2026-04-03 21:43:02 -04:00
client	🗣️ fix: Prevent @librechat/client useLocalize from Overwriting Host App Language State (#12515)	2026-04-03 15:01:39 -04:00
data-provider	🔨 fix: Custom Role Permissions (#12528)	2026-04-03 13:24:11 -04:00
data-schemas	🔎 fix: Specify Explicit Primary Key for Meilisearch Document Operations (#12542)	2026-04-03 18:01:06 -04:00