Danny Avila c39fffedf7 fix: restore early oauthError/code redirects, gate only failFlow behind CSRF ... The previous restructuring moved oauthError and missing-code checks behind CSRF validation, breaking tests that expect those redirects without cookies. The redirect itself is harmless (just shows an error page). Only the failFlow call needs CSRF gating to prevent DoS. Restructure: oauthError check stays early (redirects immediately), but failFlow inside it runs the full CSRF/session/active-flow validation before marking the flow as FAILED.		2026-04-03 19:35:14 -04:00
..
app	📎 fix: Route Unrecognized File Types via supportedMimeTypes Config (#12508)	2026-04-01 23:04:43 -04:00
cache	🚦 fix: ERR_ERL_INVALID_IP_ADDRESS and IPv6 Key Collisions in IP Rate Limiters (#12319)	2026-03-19 21:48:03 -04:00
config	🪵 fix: Standardize Logging Directory with Environment-Aware Resolution (#11000)	2025-12-16 18:00:06 -05:00
db	🐛 fix: Resolve MeiliSearch Startup Sync Failure from Model Loading Order (#12397)	2026-03-25 14:02:44 -04:00
models	🗑️ chore: Remove Action Test Suite and Update Mock Implementations (#12268)	2026-03-21 14:28:55 -04:00
server	fix: restore early oauthError/code redirects, gate only failFlow behind CSRF	2026-04-03 19:35:14 -04:00
strategies	🔐 feat: Admin Auth Support for SAML and Social OAuth Providers (#12472)	2026-03-30 22:49:44 -04:00
test	🗂️ refactor: Migrate S3 Storage to TypeScript in packages/api (#11947)	2026-03-21 14:28:55 -04:00
utils	🧹 chore: Remove Deprecated Gemini 2.0 Models & Fix Mistral-Large-3 Context Window (#12453)	2026-03-28 23:44:58 -04:00
jest.config.js	📏 refactor: Add File Size Limits to Conversation Imports (#12221)	2026-03-14 03:06:29 -04:00
jsconfig.json	feat(api): initial Redis support; fix(SearchBar): proper debounce (#1039)	2023-10-11 17:05:47 -04:00
package.json	📦 chore: Bump mongodb-memory-server to v11.0.1, mermaid to v11.14.0, npm audit (#12543)	2026-04-03 17:01:11 -04:00
typedefs.js	🪦 refactor: Remove Legacy Code (#10533)	2025-12-11 16:36:12 -05:00