Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-04-07 00:15:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
LibreChat/api/server
History
Danny Avila fdfcf26d8c fix: gate failFlow behind callback validation, propagate reusedStoredClient on join 
- OAuth callback: move failFlow call to after CSRF/session/active-flow
  validation so an attacker with only a leaked state parameter cannot
  force-fail a flow without passing the same integrity checks required
  for legitimate callbacks
- PENDING join path: propagate reusedStoredClient from flow metadata
  into the return object so joiners can trigger stale-client cleanup
  if the joined flow later fails with a client rejection
2026-04-03 19:28:52 -04:00
..
controllers 🔁 fix: Pass recursionLimit to OpenAI-Compatible Agents API Endpoint (#12510) 2026-04-01 21:13:07 -04:00
middleware 🏗️ refactor: Remove Redundant Caching, Migrate Config Services to TypeScript (#12466) 2026-03-30 16:49:48 -04:00
routes fix: gate failFlow behind callback validation, propagate reusedStoredClient on join 2026-04-03 19:28:52 -04:00
services 🎯 fix: MCP Tool Misclassification from Action Delimiter Collision (#12512) 2026-04-01 22:36:21 -04:00
utils 🏗️ refactor: Remove Redundant Caching, Migrate Config Services to TypeScript (#12466) 2026-03-30 16:49:48 -04:00
cleanup.js 🧹 refactor: Tighten Config Schema Typing and Remove Deprecated Fields (#12452) 2026-03-29 01:10:57 -04:00
experimental.js ⚖️ refactor: Split Config Route into Unauthenticated and Authenticated Paths (#12490) 2026-03-31 19:22:51 -04:00
index.js ⚖️ refactor: Split Config Route into Unauthenticated and Authenticated Paths (#12490) 2026-03-31 19:22:51 -04:00
index.spec.js 🚦 fix: 404 JSON Responses for Unmatched API Routes (#11976) 2026-02-27 22:49:54 -05:00
socialLogins.js 🔐 feat: Admin Auth Support for SAML and Social OAuth Providers (#12472) 2026-03-30 22:49:44 -04:00