feat: add back recoil

- Remove 104 unused type exports from packages/client/src/common/index.ts
- Keep only 7 actually used exports (93% reduction)
- Add cleanup script with enhanced import pattern detection
- Support both named imports and namespace imports (* as t)
- Create automatic backups and comprehensive documentation
- Maintain type safety with build verification
- No breaking changes to existing code

Kept exports:
- TShowToast, Option, OptionWithIcon, DropdownValueSetter
- MentionOption, NotificationSeverity, MenuItemProps

Scripts: cleanup-common-types-safe.js, README-CLEANUP.md

.env.example

@@ -142,10 +142,10 @@ GOOGLE_KEY=user_provided
 # GOOGLE_AUTH_HEADER=true
 
 # Gemini API (AI Studio)
-# GOOGLE_MODELS=gemini-2.5-pro,gemini-2.5-flash,gemini-2.5-flash-lite-preview-06-17,gemini-2.0-flash,gemini-2.0-flash-lite
+# GOOGLE_MODELS=gemini-2.5-pro-preview-05-06,gemini-2.5-flash-preview-04-17,gemini-2.0-flash-001,gemini-2.0-flash-exp,gemini-2.0-flash-lite-001,gemini-1.5-pro-002,gemini-1.5-flash-002
 
 # Vertex AI
-# GOOGLE_MODELS=gemini-2.5-pro,gemini-2.5-flash,gemini-2.5-flash-lite-preview-06-17,gemini-2.0-flash-001,gemini-2.0-flash-lite-001
+# GOOGLE_MODELS=gemini-2.5-pro-preview-05-06,gemini-2.5-flash-preview-04-17,gemini-2.0-flash-001,gemini-2.0-flash-exp,gemini-2.0-flash-lite-001,gemini-1.5-pro-002,gemini-1.5-flash-002
 
 # GOOGLE_TITLE_MODEL=gemini-2.0-flash-lite-001
 
@@ -349,11 +349,6 @@ REGISTRATION_VIOLATION_SCORE=1
 CONCURRENT_VIOLATION_SCORE=1
 MESSAGE_VIOLATION_SCORE=1
 NON_BROWSER_VIOLATION_SCORE=20
-TTS_VIOLATION_SCORE=0
-STT_VIOLATION_SCORE=0
-FORK_VIOLATION_SCORE=0
-IMPORT_VIOLATION_SCORE=0
-FILE_UPLOAD_VIOLATION_SCORE=0
 
 LOGIN_MAX=7
 LOGIN_WINDOW=5
@@ -458,8 +453,8 @@ OPENID_REUSE_TOKENS=
 OPENID_JWKS_URL_CACHE_ENABLED=
 OPENID_JWKS_URL_CACHE_TIME= # 600000 ms eq to 10 minutes leave empty to disable caching
 #Set to true to trigger token exchange flow to acquire access token for the userinfo endpoint.
-OPENID_ON_BEHALF_FLOW_FOR_USERINFO_REQUIRED=
-OPENID_ON_BEHALF_FLOW_USERINFO_SCOPE="user.read" # example for Scope Needed for Microsoft Graph API
+OPENID_ON_BEHALF_FLOW_FOR_USERINFRO_REQUIRED=
+OPENID_ON_BEHALF_FLOW_USERINFRO_SCOPE = "user.read" # example for Scope Needed for Microsoft Graph API
 # Set to true to use the OpenID Connect end session endpoint for logout
 OPENID_USE_END_SESSION_ENDPOINT=
 
@@ -662,4 +657,4 @@ OPENWEATHER_API_KEY=
 # Reranker (Required)
 # JINA_API_KEY=your_jina_api_key
 # or
-# COHERE_API_KEY=your_cohere_api_key
+# COHERE_API_KEY=your_cohere_api_key

Dockerfile

@@ -1,4 +1,4 @@
-# v0.7.9-rc1
+# v0.7.8
 
 # Base node image
 FROM node:20-alpine AS node

Dockerfile.multi

@@ -1,5 +1,5 @@
 # Dockerfile.multi
-# v0.7.9-rc1
+# v0.7.8
 
 # Base for all builds
 FROM node:20-alpine AS base-min

README.md

@@ -52,7 +52,7 @@
 - 🖥️ **UI & Experience** inspired by ChatGPT with enhanced design and features
 
 - 🤖 **AI Model Selection**:  
-  - Anthropic (Claude), AWS Bedrock, OpenAI, Azure OpenAI, Google, Vertex AI, OpenAI Responses API (incl. Azure)
+  - Anthropic (Claude), AWS Bedrock, OpenAI, Azure OpenAI, Google, Vertex AI, OpenAI Assistants API (incl. Azure)
   - [Custom Endpoints](https://www.librechat.ai/docs/quick_start/custom_endpoints): Use any OpenAI-compatible API with LibreChat, no proxy required
   - Compatible with [Local & Remote AI Providers](https://www.librechat.ai/docs/configuration/librechat_yaml/ai_endpoints):
     - Ollama, groq, Cohere, Mistral AI, Apple MLX, koboldcpp, together.ai,
@@ -66,9 +66,10 @@
 - 🔦 **Agents & Tools Integration**:  
   - **[LibreChat Agents](https://www.librechat.ai/docs/features/agents)**:
     - No-Code Custom Assistants: Build specialized, AI-driven helpers without coding  
-    - Flexible & Extensible: Use MCP Servers, tools, file search, code execution, and more  
-    - Compatible with Custom Endpoints, OpenAI, Azure, Anthropic, AWS Bedrock, Google, Vertex AI, Responses API, and more
+    - Flexible & Extensible: Attach tools like DALL-E-3, file search, code execution, and more  
+    - Compatible with Custom Endpoints, OpenAI, Azure, Anthropic, AWS Bedrock, and more
     - [Model Context Protocol (MCP) Support](https://modelcontextprotocol.io/clients#librechat) for Tools
+  - Use LibreChat Agents and OpenAI Assistants with Files, Code Interpreter, Tools, and API Actions
 
 - 🔍 **Web Search**:  
   - Search the internet and retrieve relevant information to enhance your AI context

api/app/clients/BaseClient.js

@@ -13,6 +13,7 @@ const {
 const { getMessages, saveMessage, updateMessage, saveConvo, getConvo } = require('~/models');
 const { checkBalance } = require('~/models/balanceMethods');
 const { truncateToolCallOutputs } = require('./prompts');
+const { addSpaceIfNeeded } = require('~/server/utils');
 const { getFiles } = require('~/models/File');
 const TextStream = require('./TextStream');
 const { logger } = require('~/config');
@@ -571,7 +572,7 @@ class BaseClient {
       });
     }
 
-    const { editedContent } = opts;
+    const { generation = '' } = opts;
 
     // It's not necessary to push to currentMessages
     // depending on subclass implementation of handling messages
@@ -586,21 +587,11 @@ class BaseClient {
           isCreatedByUser: false,
           model: this.modelOptions?.model ?? this.model,
           sender: this.sender,
+          text: generation,
         };
         this.currentMessages.push(userMessage, latestMessage);
-      } else if (editedContent != null) {
-        // Handle editedContent for content parts
-        if (editedContent && latestMessage.content && Array.isArray(latestMessage.content)) {
-          const { index, text, type } = editedContent;
-          if (index >= 0 && index < latestMessage.content.length) {
-            const contentPart = latestMessage.content[index];
-            if (type === ContentTypes.THINK && contentPart.type === ContentTypes.THINK) {
-              contentPart[ContentTypes.THINK] = text;
-            } else if (type === ContentTypes.TEXT && contentPart.type === ContentTypes.TEXT) {
-              contentPart[ContentTypes.TEXT] = text;
-            }
-          }
-        }
+      } else {
+        latestMessage.text = generation;
       }
       this.continued = true;
     } else {
@@ -681,32 +672,16 @@ class BaseClient {
     };
 
     if (typeof completion === 'string') {
-      responseMessage.text = completion;
+      responseMessage.text = addSpaceIfNeeded(generation) + completion;
     } else if (
       Array.isArray(completion) &&
       (this.clientName === EModelEndpoint.agents ||
         isParamEndpoint(this.options.endpoint, this.options.endpointType))
     ) {
       responseMessage.text = '';
-
-      if (!opts.editedContent || this.currentMessages.length === 0) {
-        responseMessage.content = completion;
-      } else {
-        const latestMessage = this.currentMessages[this.currentMessages.length - 1];
-        if (!latestMessage?.content) {
-          responseMessage.content = completion;
-        } else {
-          const existingContent = [...latestMessage.content];
-          const { type: editedType } = opts.editedContent;
-          responseMessage.content = this.mergeEditedContent(
-            existingContent,
-            completion,
-            editedType,
-          );
-        }
-      }
+      responseMessage.content = completion;
     } else if (Array.isArray(completion)) {
-      responseMessage.text = completion.join('');
+      responseMessage.text = addSpaceIfNeeded(generation) + completion.join('');
     }
 
     if (
@@ -1120,50 +1095,6 @@ class BaseClient {
     return numTokens;
   }
 
-  /**
-   * Merges completion content with existing content when editing TEXT or THINK types
-   * @param {Array} existingContent - The existing content array
-   * @param {Array} newCompletion - The new completion content
-   * @param {string} editedType - The type of content being edited
-   * @returns {Array} The merged content array
-   */
-  mergeEditedContent(existingContent, newCompletion, editedType) {
-    if (!newCompletion.length) {
-      return existingContent.concat(newCompletion);
-    }
-
-    if (editedType !== ContentTypes.TEXT && editedType !== ContentTypes.THINK) {
-      return existingContent.concat(newCompletion);
-    }
-
-    const lastIndex = existingContent.length - 1;
-    const lastExisting = existingContent[lastIndex];
-    const firstNew = newCompletion[0];
-
-    if (lastExisting?.type !== firstNew?.type || firstNew?.type !== editedType) {
-      return existingContent.concat(newCompletion);
-    }
-
-    const mergedContent = [...existingContent];
-    if (editedType === ContentTypes.TEXT) {
-      mergedContent[lastIndex] = {
-        ...mergedContent[lastIndex],
-        [ContentTypes.TEXT]:
-          (mergedContent[lastIndex][ContentTypes.TEXT] || '') + (firstNew[ContentTypes.TEXT] || ''),
-      };
-    } else {
-      mergedContent[lastIndex] = {
-        ...mergedContent[lastIndex],
-        [ContentTypes.THINK]:
-          (mergedContent[lastIndex][ContentTypes.THINK] || '') +
-          (firstNew[ContentTypes.THINK] || ''),
-      };
-    }
-
-    // Add remaining completion items
-    return mergedContent.concat(newCompletion.slice(1));
-  }
-
   async sendPayload(payload, opts = {}) {
     if (opts && typeof opts === 'object') {
       this.setOptions(opts);

api/app/clients/GoogleClient.js

@@ -1,7 +1,7 @@
 const { google } = require('googleapis');
+const { Tokenizer } = require('@librechat/api');
 const { concat } = require('@langchain/core/utils/stream');
 const { ChatVertexAI } = require('@langchain/google-vertexai');
-const { Tokenizer, getSafetySettings } = require('@librechat/api');
 const { ChatGoogleGenerativeAI } = require('@langchain/google-genai');
 const { GoogleGenerativeAI: GenAI } = require('@google/generative-ai');
 const { HumanMessage, SystemMessage } = require('@langchain/core/messages');
@@ -12,13 +12,13 @@ const {
   endpointSettings,
   parseTextParts,
   EModelEndpoint,
-  googleSettings,
   ContentTypes,
   VisionModes,
   ErrorTypes,
   Constants,
   AuthKeys,
 } = require('librechat-data-provider');
+const { getSafetySettings } = require('~/server/services/Endpoints/google/llm');
 const { encodeAndFormat } = require('~/server/services/Files/images');
 const { spendTokens } = require('~/models/spendTokens');
 const { getModelMaxTokens } = require('~/utils');
@@ -166,16 +166,6 @@ class GoogleClient extends BaseClient {
       );
     }
 
-    // Add thinking configuration
-    this.modelOptions.thinkingConfig = {
-      thinkingBudget:
-        (this.modelOptions.thinking ?? googleSettings.thinking.default)
-          ? this.modelOptions.thinkingBudget
-          : 0,
-    };
-    delete this.modelOptions.thinking;
-    delete this.modelOptions.thinkingBudget;
-
     this.sender =
       this.options.sender ??
       getResponseSender({

api/app/clients/prompts/createContextHandlers.js

@@ -1,7 +1,6 @@
 const axios = require('axios');
-const { isEnabled } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
-const { generateShortLivedToken } = require('~/server/services/AuthService');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const footer = `Use the context as your learned knowledge to better answer the user.
 
@@ -19,7 +18,7 @@ function createContextHandlers(req, userMessageContent) {
   const queryPromises = [];
   const processedFiles = [];
   const processedIds = new Set();
-  const jwtToken = generateShortLivedToken(req.user.id);
+  const jwtToken = req.headers.authorization.split(' ')[1];
   const useFullContext = isEnabled(process.env.RAG_USE_FULL_CONTEXT);
 
   const query = async (file) => {

api/app/clients/tools/util/fileSearch.js

@@ -1,10 +1,9 @@
 const { z } = require('zod');
 const axios = require('axios');
 const { tool } = require('@langchain/core/tools');
-const { logger } = require('@librechat/data-schemas');
 const { Tools, EToolResources } = require('librechat-data-provider');
-const { generateShortLivedToken } = require('~/server/services/AuthService');
 const { getFiles } = require('~/models/File');
+const { logger } = require('~/config');
 
 /**
  *
@@ -60,7 +59,7 @@ const createFileSearchTool = async ({ req, files, entity_id }) => {
       if (files.length === 0) {
         return 'No files to search. Instruct the user to add files for the search.';
       }
-      const jwtToken = generateShortLivedToken(req.user.id);
+      const jwtToken = req.headers.authorization.split(' ')[1];
       if (!jwtToken) {
         return 'There was an error authenticating the file search request.';
       }

api/cache/banViolation.js

@@ -1,8 +1,7 @@
 const { logger } = require('@librechat/data-schemas');
-const { isEnabled, math } = require('@librechat/api');
 const { ViolationTypes } = require('librechat-data-provider');
+const { isEnabled, math, removePorts } = require('~/server/utils');
 const { deleteAllUserSessions } = require('~/models');
-const { removePorts } = require('~/server/utils');
 const getLogStores = require('./getLogStores');
 
 const { BAN_VIOLATIONS, BAN_INTERVAL } = process.env ?? {};

api/cache/getLogStores.js

@@ -1,7 +1,7 @@
 const { Keyv } = require('keyv');
-const { isEnabled, math } = require('@librechat/api');
 const { CacheKeys, ViolationTypes, Time } = require('librechat-data-provider');
 const { logFile, violationFile } = require('./keyvFiles');
+const { isEnabled, math } = require('~/server/utils');
 const keyvRedis = require('./keyvRedis');
 const keyvMongo = require('./keyvMongo');
 

api/cache/logViolation.js

@@ -9,7 +9,7 @@ const banViolation = require('./banViolation');
  * @param {Object} res - Express response object.
  * @param {string} type - The type of violation.
  * @param {Object} errorMessage - The error message to log.
- * @param {number | string} [score=1] - The severity of the violation. Defaults to 1
+ * @param {number} [score=1] - The severity of the violation. Defaults to 1
  */
 const logViolation = async (req, res, type, errorMessage, score = 1) => {
   const userId = req.user?.id ?? req.user?._id;

api/models/Agent.js

@@ -90,7 +90,7 @@ const loadEphemeralAgent = async ({ req, agent_id, endpoint, model_parameters: _
   }
 
   const instructions = req.body.promptPrefix;
-  const result = {
+  return {
     id: agent_id,
     instructions,
     provider: endpoint,
@@ -98,11 +98,6 @@ const loadEphemeralAgent = async ({ req, agent_id, endpoint, model_parameters: _
     model,
     tools,
   };
-
-  if (ephemeralAgent?.artifacts != null && ephemeralAgent.artifacts) {
-    result.artifacts = ephemeralAgent.artifacts;
-  }
-  return result;
 };
 
 /**

api/models/Conversation.js

@@ -1,6 +1,4 @@
 const { logger } = require('@librechat/data-schemas');
-const { createTempChatExpirationDate } = require('@librechat/api');
-const getCustomConfig = require('~/server/services/Config/getCustomConfig');
 const { getMessages, deleteMessages } = require('./Message');
 const { Conversation } = require('~/db/models');
 
@@ -100,15 +98,10 @@ module.exports = {
         update.conversationId = newConversationId;
       }
 
-      if (req?.body?.isTemporary) {
-        try {
-          const customConfig = await getCustomConfig();
-          update.expiredAt = createTempChatExpirationDate(customConfig);
-        } catch (err) {
-          logger.error('Error creating temporary chat expiration date:', err);
-          logger.info(`---\`saveConvo\` context: ${metadata?.context}`);
-          update.expiredAt = null;
-        }
+      if (req.body.isTemporary) {
+        const expiredAt = new Date();
+        expiredAt.setDate(expiredAt.getDate() + 30);
+        update.expiredAt = expiredAt;
       } else {
         update.expiredAt = null;
       }

api/models/Message.js

@@ -1,7 +1,5 @@
 const { z } = require('zod');
 const { logger } = require('@librechat/data-schemas');
-const { createTempChatExpirationDate } = require('@librechat/api');
-const getCustomConfig = require('~/server/services/Config/getCustomConfig');
 const { Message } = require('~/db/models');
 
 const idSchema = z.string().uuid();
@@ -56,14 +54,9 @@ async function saveMessage(req, params, metadata) {
     };
 
     if (req?.body?.isTemporary) {
-      try {
-        const customConfig = await getCustomConfig();
-        update.expiredAt = createTempChatExpirationDate(customConfig);
-      } catch (err) {
-        logger.error('Error creating temporary chat expiration date:', err);
-        logger.info(`---\`saveMessage\` context: ${metadata?.context}`);
-        update.expiredAt = null;
-      }
+      const expiredAt = new Date();
+      expiredAt.setDate(expiredAt.getDate() + 30);
+      update.expiredAt = expiredAt;
     } else {
       update.expiredAt = null;
     }

api/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@librechat/backend",
-  "version": "v0.7.9-rc1",
+  "version": "v0.7.8",
   "description": "",
   "scripts": {
     "start": "echo 'please run this from the root directory'",
@@ -48,7 +48,7 @@
     "@langchain/google-genai": "^0.2.13",
     "@langchain/google-vertexai": "^0.2.13",
     "@langchain/textsplitters": "^0.1.0",
-    "@librechat/agents": "^2.4.56",
+    "@librechat/agents": "^2.4.42",
     "@librechat/api": "*",
     "@librechat/data-schemas": "*",
     "@node-saml/passport-saml": "^5.0.0",

api/server/controllers/AuthController.js

@@ -1,17 +1,17 @@
 const cookies = require('cookie');
 const jwt = require('jsonwebtoken');
 const openIdClient = require('openid-client');
-const { isEnabled } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
 const {
-  requestPasswordReset,
-  setOpenIDAuthTokens,
+  registerUser,
   resetPassword,
   setAuthTokens,
-  registerUser,
+  requestPasswordReset,
+  setOpenIDAuthTokens,
 } = require('~/server/services/AuthService');
 const { findUser, getUserById, deleteAllUserSessions, findSession } = require('~/models');
 const { getOpenIdConfig } = require('~/strategies');
+const { isEnabled } = require('~/server/utils');
 
 const registrationController = async (req, res) => {
   try {

api/server/controllers/EditController.js

@@ -1,5 +1,3 @@
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const { getResponseSender } = require('librechat-data-provider');
 const {
   handleAbortError,
@@ -12,8 +10,9 @@ const {
   clientRegistry,
   requestDataMap,
 } = require('~/server/cleanup');
-const { createOnProgress } = require('~/server/utils');
+const { sendMessage, createOnProgress } = require('~/server/utils');
 const { saveMessage } = require('~/models');
+const { logger } = require('~/config');
 
 const EditController = async (req, res, next, initializeClient) => {
   let {
@@ -199,7 +198,7 @@ const EditController = async (req, res, next, initializeClient) => {
       const finalUserMessage = reqDataContext.userMessage;
       const finalResponseMessage = { ...response };
 
-      sendEvent(res, {
+      sendMessage(res, {
         final: true,
         conversation,
         title: conversation.title,

api/server/controllers/ErrorController.js

@@ -24,23 +24,17 @@ const handleValidationError = (err, res) => {
   }
 };
 
-module.exports = (err, _req, res, _next) => {
+// eslint-disable-next-line no-unused-vars
+module.exports = (err, req, res, next) => {
   try {
     if (err.name === 'ValidationError') {
-      return handleValidationError(err, res);
+      return (err = handleValidationError(err, res));
     }
     if (err.code && err.code == 11000) {
-      return handleDuplicateKeyError(err, res);
+      return (err = handleDuplicateKeyError(err, res));
     }
-    // Special handling for errors like SyntaxError
-    if (err.statusCode && err.body) {
-      return res.status(err.statusCode).send(err.body);
-    }
-
-    logger.error('ErrorController => error', err);
-    return res.status(500).send('An unknown error occurred.');
   } catch (err) {
-    logger.error('ErrorController => processing error', err);
-    return res.status(500).send('Processing error in ErrorController.');
+    logger.error('ErrorController => error', err);
+    res.status(500).send('An unknown error occurred.');
   }
 };

api/server/controllers/ErrorController.spec.js

@@ -1,241 +0,0 @@
-const errorController = require('./ErrorController');
-const { logger } = require('~/config');
-
-// Mock the logger
-jest.mock('~/config', () => ({
-  logger: {
-    error: jest.fn(),
-  },
-}));
-
-describe('ErrorController', () => {
-  let mockReq, mockRes, mockNext;
-
-  beforeEach(() => {
-    mockReq = {};
-    mockRes = {
-      status: jest.fn().mockReturnThis(),
-      send: jest.fn(),
-    };
-    mockNext = jest.fn();
-    logger.error.mockClear();
-  });
-
-  describe('ValidationError handling', () => {
-    it('should handle ValidationError with single error', () => {
-      const validationError = {
-        name: 'ValidationError',
-        errors: {
-          email: { message: 'Email is required', path: 'email' },
-        },
-      };
-
-      errorController(validationError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: '["Email is required"]',
-        fields: '["email"]',
-      });
-      expect(logger.error).toHaveBeenCalledWith('Validation error:', validationError.errors);
-    });
-
-    it('should handle ValidationError with multiple errors', () => {
-      const validationError = {
-        name: 'ValidationError',
-        errors: {
-          email: { message: 'Email is required', path: 'email' },
-          password: { message: 'Password is required', path: 'password' },
-        },
-      };
-
-      errorController(validationError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: '"Email is required Password is required"',
-        fields: '["email","password"]',
-      });
-      expect(logger.error).toHaveBeenCalledWith('Validation error:', validationError.errors);
-    });
-
-    it('should handle ValidationError with empty errors object', () => {
-      const validationError = {
-        name: 'ValidationError',
-        errors: {},
-      };
-
-      errorController(validationError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: '[]',
-        fields: '[]',
-      });
-    });
-  });
-
-  describe('Duplicate key error handling', () => {
-    it('should handle duplicate key error (code 11000)', () => {
-      const duplicateKeyError = {
-        code: 11000,
-        keyValue: { email: 'test@example.com' },
-      };
-
-      errorController(duplicateKeyError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(409);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: 'An document with that ["email"] already exists.',
-        fields: '["email"]',
-      });
-      expect(logger.error).toHaveBeenCalledWith('Duplicate key error:', duplicateKeyError.keyValue);
-    });
-
-    it('should handle duplicate key error with multiple fields', () => {
-      const duplicateKeyError = {
-        code: 11000,
-        keyValue: { email: 'test@example.com', username: 'testuser' },
-      };
-
-      errorController(duplicateKeyError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(409);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: 'An document with that ["email","username"] already exists.',
-        fields: '["email","username"]',
-      });
-      expect(logger.error).toHaveBeenCalledWith('Duplicate key error:', duplicateKeyError.keyValue);
-    });
-
-    it('should handle error with code 11000 as string', () => {
-      const duplicateKeyError = {
-        code: '11000',
-        keyValue: { email: 'test@example.com' },
-      };
-
-      errorController(duplicateKeyError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(409);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: 'An document with that ["email"] already exists.',
-        fields: '["email"]',
-      });
-    });
-  });
-
-  describe('SyntaxError handling', () => {
-    it('should handle errors with statusCode and body', () => {
-      const syntaxError = {
-        statusCode: 400,
-        body: 'Invalid JSON syntax',
-      };
-
-      errorController(syntaxError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.send).toHaveBeenCalledWith('Invalid JSON syntax');
-    });
-
-    it('should handle errors with different statusCode and body', () => {
-      const customError = {
-        statusCode: 422,
-        body: { error: 'Unprocessable entity' },
-      };
-
-      errorController(customError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(422);
-      expect(mockRes.send).toHaveBeenCalledWith({ error: 'Unprocessable entity' });
-    });
-
-    it('should handle error with statusCode but no body', () => {
-      const partialError = {
-        statusCode: 400,
-      };
-
-      errorController(partialError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('An unknown error occurred.');
-    });
-
-    it('should handle error with body but no statusCode', () => {
-      const partialError = {
-        body: 'Some error message',
-      };
-
-      errorController(partialError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('An unknown error occurred.');
-    });
-  });
-
-  describe('Unknown error handling', () => {
-    it('should handle unknown errors', () => {
-      const unknownError = new Error('Some unknown error');
-
-      errorController(unknownError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('An unknown error occurred.');
-      expect(logger.error).toHaveBeenCalledWith('ErrorController => error', unknownError);
-    });
-
-    it('should handle errors with code other than 11000', () => {
-      const mongoError = {
-        code: 11100,
-        message: 'Some MongoDB error',
-      };
-
-      errorController(mongoError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('An unknown error occurred.');
-      expect(logger.error).toHaveBeenCalledWith('ErrorController => error', mongoError);
-    });
-
-    it('should handle null/undefined errors', () => {
-      errorController(null, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('Processing error in ErrorController.');
-      expect(logger.error).toHaveBeenCalledWith(
-        'ErrorController => processing error',
-        expect.any(Error),
-      );
-    });
-  });
-
-  describe('Catch block handling', () => {
-    beforeEach(() => {
-      // Restore logger mock to normal behavior for these tests
-      logger.error.mockRestore();
-      logger.error = jest.fn();
-    });
-
-    it('should handle errors when logger.error throws', () => {
-      // Create fresh mocks for this test
-      const freshMockRes = {
-        status: jest.fn().mockReturnThis(),
-        send: jest.fn(),
-      };
-
-      // Mock logger to throw on the first call, succeed on the second
-      logger.error
-        .mockImplementationOnce(() => {
-          throw new Error('Logger error');
-        })
-        .mockImplementation(() => {});
-
-      const testError = new Error('Test error');
-
-      errorController(testError, mockReq, freshMockRes, mockNext);
-
-      expect(freshMockRes.status).toHaveBeenCalledWith(500);
-      expect(freshMockRes.send).toHaveBeenCalledWith('Processing error in ErrorController.');
-      expect(logger.error).toHaveBeenCalledTimes(2);
-    });
-  });
-});

api/server/controllers/agents/__tests__/v1.spec.js

@@ -1,195 +0,0 @@
-const { duplicateAgent } = require('../v1');
-const { getAgent, createAgent } = require('~/models/Agent');
-const { getActions } = require('~/models/Action');
-const { nanoid } = require('nanoid');
-
-jest.mock('~/models/Agent');
-jest.mock('~/models/Action');
-jest.mock('nanoid');
-
-describe('duplicateAgent', () => {
-  let req, res;
-
-  beforeEach(() => {
-    req = {
-      params: { id: 'agent_123' },
-      user: { id: 'user_456' },
-    };
-    res = {
-      status: jest.fn().mockReturnThis(),
-      json: jest.fn(),
-    };
-    jest.clearAllMocks();
-  });
-
-  it('should duplicate an agent successfully', async () => {
-    const mockAgent = {
-      id: 'agent_123',
-      name: 'Test Agent',
-      description: 'Test Description',
-      instructions: 'Test Instructions',
-      provider: 'openai',
-      model: 'gpt-4',
-      tools: ['file_search'],
-      actions: [],
-      author: 'user_789',
-      versions: [{ name: 'Test Agent', version: 1 }],
-      __v: 0,
-    };
-
-    const mockNewAgent = {
-      id: 'agent_new_123',
-      name: 'Test Agent (1/2/23, 12:34)',
-      description: 'Test Description',
-      instructions: 'Test Instructions',
-      provider: 'openai',
-      model: 'gpt-4',
-      tools: ['file_search'],
-      actions: [],
-      author: 'user_456',
-      versions: [
-        {
-          name: 'Test Agent (1/2/23, 12:34)',
-          description: 'Test Description',
-          instructions: 'Test Instructions',
-          provider: 'openai',
-          model: 'gpt-4',
-          tools: ['file_search'],
-          actions: [],
-          createdAt: new Date(),
-          updatedAt: new Date(),
-        },
-      ],
-    };
-
-    getAgent.mockResolvedValue(mockAgent);
-    getActions.mockResolvedValue([]);
-    nanoid.mockReturnValue('new_123');
-    createAgent.mockResolvedValue(mockNewAgent);
-
-    await duplicateAgent(req, res);
-
-    expect(getAgent).toHaveBeenCalledWith({ id: 'agent_123' });
-    expect(getActions).toHaveBeenCalledWith({ agent_id: 'agent_123' }, true);
-    expect(createAgent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        id: 'agent_new_123',
-        author: 'user_456',
-        name: expect.stringContaining('Test Agent ('),
-        description: 'Test Description',
-        instructions: 'Test Instructions',
-        provider: 'openai',
-        model: 'gpt-4',
-        tools: ['file_search'],
-        actions: [],
-      }),
-    );
-
-    expect(createAgent).toHaveBeenCalledWith(
-      expect.not.objectContaining({
-        versions: expect.anything(),
-        __v: expect.anything(),
-      }),
-    );
-
-    expect(res.status).toHaveBeenCalledWith(201);
-    expect(res.json).toHaveBeenCalledWith({
-      agent: mockNewAgent,
-      actions: [],
-    });
-  });
-
-  it('should ensure duplicated agent has clean versions array without nested fields', async () => {
-    const mockAgent = {
-      id: 'agent_123',
-      name: 'Test Agent',
-      description: 'Test Description',
-      versions: [
-        {
-          name: 'Test Agent',
-          versions: [{ name: 'Nested' }],
-          __v: 1,
-        },
-      ],
-      __v: 2,
-    };
-
-    const mockNewAgent = {
-      id: 'agent_new_123',
-      name: 'Test Agent (1/2/23, 12:34)',
-      description: 'Test Description',
-      versions: [
-        {
-          name: 'Test Agent (1/2/23, 12:34)',
-          description: 'Test Description',
-          createdAt: new Date(),
-          updatedAt: new Date(),
-        },
-      ],
-    };
-
-    getAgent.mockResolvedValue(mockAgent);
-    getActions.mockResolvedValue([]);
-    nanoid.mockReturnValue('new_123');
-    createAgent.mockResolvedValue(mockNewAgent);
-
-    await duplicateAgent(req, res);
-
-    expect(mockNewAgent.versions).toHaveLength(1);
-
-    const firstVersion = mockNewAgent.versions[0];
-    expect(firstVersion).not.toHaveProperty('versions');
-    expect(firstVersion).not.toHaveProperty('__v');
-
-    expect(mockNewAgent).not.toHaveProperty('__v');
-
-    expect(res.status).toHaveBeenCalledWith(201);
-  });
-
-  it('should return 404 if agent not found', async () => {
-    getAgent.mockResolvedValue(null);
-
-    await duplicateAgent(req, res);
-
-    expect(res.status).toHaveBeenCalledWith(404);
-    expect(res.json).toHaveBeenCalledWith({
-      error: 'Agent not found',
-      status: 'error',
-    });
-  });
-
-  it('should handle tool_resources.ocr correctly', async () => {
-    const mockAgent = {
-      id: 'agent_123',
-      name: 'Test Agent',
-      tool_resources: {
-        ocr: { enabled: true, config: 'test' },
-        other: { should: 'not be copied' },
-      },
-    };
-
-    getAgent.mockResolvedValue(mockAgent);
-    getActions.mockResolvedValue([]);
-    nanoid.mockReturnValue('new_123');
-    createAgent.mockResolvedValue({ id: 'agent_new_123' });
-
-    await duplicateAgent(req, res);
-
-    expect(createAgent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        tool_resources: {
-          ocr: { enabled: true, config: 'test' },
-        },
-      }),
-    );
-  });
-
-  it('should handle errors gracefully', async () => {
-    getAgent.mockRejectedValue(new Error('Database error'));
-
-    await duplicateAgent(req, res);
-
-    expect(res.status).toHaveBeenCalledWith(500);
-    expect(res.json).toHaveBeenCalledWith({ error: 'Database error' });
-  });
-});

api/server/controllers/agents/client.js

@@ -4,7 +4,6 @@ const {
   sendEvent,
   createRun,
   Tokenizer,
-  checkAccess,
   memoryInstructions,
   createMemoryProcessor,
 } = require('@librechat/api');
@@ -40,22 +39,11 @@ const { spendTokens, spendStructuredTokens } = require('~/models/spendTokens');
 const { getFormattedMemories, deleteMemory, setMemory } = require('~/models');
 const { encodeAndFormat } = require('~/server/services/Files/images/encode');
 const { getProviderConfig } = require('~/server/services/Endpoints');
+const { checkAccess } = require('~/server/middleware/roles/access');
 const BaseClient = require('~/app/clients/BaseClient');
-const { getRoleByName } = require('~/models/Role');
 const { loadAgent } = require('~/models/Agent');
 const { getMCPManager } = require('~/config');
 
-const omitTitleOptions = new Set([
-  'stream',
-  'thinking',
-  'streaming',
-  'clientOptions',
-  'thinkingConfig',
-  'thinkingBudget',
-  'includeThoughts',
-  'maxOutputTokens',
-]);
-
 /**
  * @param {ServerRequest} req
  * @param {Agent} agent
@@ -402,12 +390,7 @@ class AgentClient extends BaseClient {
     if (user.personalization?.memories === false) {
       return;
     }
-    const hasAccess = await checkAccess({
-      user,
-      permissionType: PermissionTypes.MEMORIES,
-      permissions: [Permissions.USE],
-      getRoleByName,
-    });
+    const hasAccess = await checkAccess(user, PermissionTypes.MEMORIES, [Permissions.USE]);
 
     if (!hasAccess) {
       logger.debug(
@@ -525,10 +508,7 @@ class AgentClient extends BaseClient {
           messagesToProcess = [...messages.slice(-messageWindowSize)];
         }
       }
-
-      const bufferString = getBufferString(messagesToProcess);
-      const bufferMessage = new HumanMessage(`# Current Chat:\n\n${bufferString}`);
-      return await this.processMemory([bufferMessage]);
+      return await this.processMemory(messagesToProcess);
     } catch (error) {
       logger.error('Memory Agent failed to process memory', error);
     }
@@ -1058,16 +1038,6 @@ class AgentClient extends BaseClient {
       delete clientOptions.maxTokens;
     }
 
-    clientOptions = Object.assign(
-      Object.fromEntries(
-        Object.entries(clientOptions).filter(([key]) => !omitTitleOptions.has(key)),
-      ),
-    );
-
-    if (provider === Providers.GOOGLE) {
-      clientOptions.json = true;
-    }
-
     try {
       const titleResult = await this.run.generateTitle({
         provider,

api/server/controllers/agents/errors.js

@@ -1,10 +1,10 @@
 // errorHandler.js
-const { logger } = require('@librechat/data-schemas');
+const { logger } = require('~/config');
+const getLogStores = require('~/cache/getLogStores');
 const { CacheKeys, ViolationTypes } = require('librechat-data-provider');
-const { sendResponse } = require('~/server/middleware/error');
 const { recordUsage } = require('~/server/services/Threads');
 const { getConvo } = require('~/models/Conversation');
-const getLogStores = require('~/cache/getLogStores');
+const { sendResponse } = require('~/server/utils');
 
 /**
  * @typedef {Object} ErrorHandlerContext
@@ -75,7 +75,7 @@ const createErrorHandler = ({ req, res, getContext, originPath = '/assistants/ch
     } else if (/Files.*are invalid/.test(error.message)) {
       const errorMessage = `Files are invalid, or may not have uploaded yet.${
         endpoint === 'azureAssistants'
-          ? " If using Azure OpenAI, files are only available in the region of the assistant's model at the time of upload."
+          ? ' If using Azure OpenAI, files are only available in the region of the assistant\'s model at the time of upload.'
           : ''
       }`;
       return sendResponse(req, res, messageData, errorMessage);

api/server/controllers/agents/request.js

@@ -1,5 +1,3 @@
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const { Constants } = require('librechat-data-provider');
 const {
   handleAbortError,
@@ -7,18 +5,17 @@ const {
   cleanupAbortController,
 } = require('~/server/middleware');
 const { disposeClient, clientRegistry, requestDataMap } = require('~/server/cleanup');
+const { sendMessage } = require('~/server/utils');
 const { saveMessage } = require('~/models');
+const { logger } = require('~/config');
 
 const AgentController = async (req, res, next, initializeClient, addTitle) => {
   let {
     text,
     endpointOption,
     conversationId,
-    isContinued = false,
-    editedContent = null,
     parentMessageId = null,
     overrideParentMessageId = null,
-    responseMessageId: editedResponseMessageId = null,
   } = req.body;
 
   let sender;
@@ -70,7 +67,7 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
             handler();
           }
         } catch (e) {
-          logger.error('[AgentController] Error in cleanup handler', e);
+          // Ignore cleanup errors
         }
       }
     }
@@ -158,7 +155,7 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
       try {
         res.removeListener('close', closeHandler);
       } catch (e) {
-        logger.error('[AgentController] Error removing close listener', e);
+        // Ignore
       }
     });
 
@@ -166,14 +163,10 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
       user: userId,
       onStart,
       getReqData,
-      isContinued,
-      editedContent,
       conversationId,
       parentMessageId,
       abortController,
       overrideParentMessageId,
-      isEdited: !!editedContent,
-      responseMessageId: editedResponseMessageId,
       progressOptions: {
         res,
       },
@@ -213,7 +206,7 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
       // Create a new response object with minimal copies
       const finalResponse = { ...response };
 
-      sendEvent(res, {
+      sendMessage(res, {
         final: true,
         conversation,
         title: conversation.title,

api/server/controllers/agents/v1.js

@@ -1,8 +1,6 @@
-const { z } = require('zod');
 const fs = require('fs').promises;
 const { nanoid } = require('nanoid');
 const { logger } = require('@librechat/data-schemas');
-const { agentCreateSchema, agentUpdateSchema } = require('@librechat/api');
 const {
   Tools,
   Constants,
@@ -10,7 +8,6 @@ const {
   SystemRoles,
   EToolResources,
   actionDelimiter,
-  removeNullishValues,
 } = require('librechat-data-provider');
 const {
   getAgent,
@@ -33,7 +30,6 @@ const { deleteFileByFilter } = require('~/models/File');
 const systemTools = {
   [Tools.execute_code]: true,
   [Tools.file_search]: true,
-  [Tools.web_search]: true,
 };
 
 /**
@@ -46,13 +42,9 @@ const systemTools = {
  */
 const createAgentHandler = async (req, res) => {
   try {
-    const validatedData = agentCreateSchema.parse(req.body);
-    const { tools = [], ...agentData } = removeNullishValues(validatedData);
-
+    const { tools = [], provider, name, description, instructions, model, ...agentData } = req.body;
     const { id: userId } = req.user;
 
-    agentData.id = `agent_${nanoid()}`;
-    agentData.author = userId;
     agentData.tools = [];
 
     const availableTools = await getCachedTools({ includeGlobal: true });
@@ -66,13 +58,19 @@ const createAgentHandler = async (req, res) => {
       }
     }
 
+    Object.assign(agentData, {
+      author: userId,
+      name,
+      description,
+      instructions,
+      provider,
+      model,
+    });
+
+    agentData.id = `agent_${nanoid()}`;
     const agent = await createAgent(agentData);
     res.status(201).json(agent);
   } catch (error) {
-    if (error instanceof z.ZodError) {
-      logger.error('[/Agents] Validation error', error.errors);
-      return res.status(400).json({ error: 'Invalid request data', details: error.errors });
-    }
     logger.error('[/Agents] Error creating agent', error);
     res.status(500).json({ error: error.message });
   }
@@ -156,16 +154,14 @@ const getAgentHandler = async (req, res) => {
 const updateAgentHandler = async (req, res) => {
   try {
     const id = req.params.id;
-    const validatedData = agentUpdateSchema.parse(req.body);
-    const { projectIds, removeProjectIds, ...updateData } = removeNullishValues(validatedData);
+    const { projectIds, removeProjectIds, ...updateData } = req.body;
     const isAdmin = req.user.role === SystemRoles.ADMIN;
     const existingAgent = await getAgent({ id });
+    const isAuthor = existingAgent.author.toString() === req.user.id;
 
     if (!existingAgent) {
       return res.status(404).json({ error: 'Agent not found' });
     }
-
-    const isAuthor = existingAgent.author.toString() === req.user.id;
     const hasEditPermission = existingAgent.isCollaborative || isAdmin || isAuthor;
 
     if (!hasEditPermission) {
@@ -204,11 +200,6 @@ const updateAgentHandler = async (req, res) => {
 
     return res.json(updatedAgent);
   } catch (error) {
-    if (error instanceof z.ZodError) {
-      logger.error('[/Agents/:id] Validation error', error.errors);
-      return res.status(400).json({ error: 'Invalid request data', details: error.errors });
-    }
-
     logger.error('[/Agents/:id] Error updating Agent', error);
 
     if (error.statusCode === 409) {
@@ -251,8 +242,6 @@ const duplicateAgentHandler = async (req, res) => {
       createdAt: _createdAt,
       updatedAt: _updatedAt,
       tool_resources: _tool_resources = {},
-      versions: _versions,
-      __v: _v,
       ...cloneData
     } = agent;
     cloneData.name = `${agent.name} (${new Date().toLocaleString('en-US', {

api/server/controllers/agents/v1.spec.js

@@ -1,659 +0,0 @@
-const mongoose = require('mongoose');
-const { v4: uuidv4 } = require('uuid');
-const { MongoMemoryServer } = require('mongodb-memory-server');
-const { agentSchema } = require('@librechat/data-schemas');
-
-// Only mock the dependencies that are not database-related
-jest.mock('~/server/services/Config', () => ({
-  getCachedTools: jest.fn().mockResolvedValue({
-    web_search: true,
-    execute_code: true,
-    file_search: true,
-  }),
-}));
-
-jest.mock('~/models/Project', () => ({
-  getProjectByName: jest.fn().mockResolvedValue(null),
-}));
-
-jest.mock('~/server/services/Files/strategies', () => ({
-  getStrategyFunctions: jest.fn(),
-}));
-
-jest.mock('~/server/services/Files/images/avatar', () => ({
-  resizeAvatar: jest.fn(),
-}));
-
-jest.mock('~/server/services/Files/S3/crud', () => ({
-  refreshS3Url: jest.fn(),
-}));
-
-jest.mock('~/server/services/Files/process', () => ({
-  filterFile: jest.fn(),
-}));
-
-jest.mock('~/models/Action', () => ({
-  updateAction: jest.fn(),
-  getActions: jest.fn().mockResolvedValue([]),
-}));
-
-jest.mock('~/models/File', () => ({
-  deleteFileByFilter: jest.fn(),
-}));
-
-const { createAgent: createAgentHandler, updateAgent: updateAgentHandler } = require('./v1');
-
-/**
- * @type {import('mongoose').Model<import('@librechat/data-schemas').IAgent>}
- */
-let Agent;
-
-describe('Agent Controllers - Mass Assignment Protection', () => {
-  let mongoServer;
-  let mockReq;
-  let mockRes;
-
-  beforeAll(async () => {
-    mongoServer = await MongoMemoryServer.create();
-    const mongoUri = mongoServer.getUri();
-    await mongoose.connect(mongoUri);
-    Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
-  }, 20000);
-
-  afterAll(async () => {
-    await mongoose.disconnect();
-    await mongoServer.stop();
-  });
-
-  beforeEach(async () => {
-    await Agent.deleteMany({});
-
-    // Reset all mocks
-    jest.clearAllMocks();
-
-    // Setup mock request and response objects
-    mockReq = {
-      user: {
-        id: new mongoose.Types.ObjectId().toString(),
-        role: 'USER',
-      },
-      body: {},
-      params: {},
-      app: {
-        locals: {
-          fileStrategy: 'local',
-        },
-      },
-    };
-
-    mockRes = {
-      status: jest.fn().mockReturnThis(),
-      json: jest.fn().mockReturnThis(),
-    };
-  });
-
-  describe('createAgentHandler', () => {
-    test('should create agent with allowed fields only', async () => {
-      const validData = {
-        name: 'Test Agent',
-        description: 'A test agent',
-        instructions: 'Be helpful',
-        provider: 'openai',
-        model: 'gpt-4',
-        tools: ['web_search'],
-        model_parameters: { temperature: 0.7 },
-        tool_resources: {
-          file_search: { file_ids: ['file1', 'file2'] },
-        },
-      };
-
-      mockReq.body = validData;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-      expect(createdAgent.name).toBe('Test Agent');
-      expect(createdAgent.description).toBe('A test agent');
-      expect(createdAgent.provider).toBe('openai');
-      expect(createdAgent.model).toBe('gpt-4');
-      expect(createdAgent.author.toString()).toBe(mockReq.user.id);
-      expect(createdAgent.tools).toContain('web_search');
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb).toBeDefined();
-      expect(agentInDb.name).toBe('Test Agent');
-      expect(agentInDb.author.toString()).toBe(mockReq.user.id);
-    });
-
-    test('should reject creation with unauthorized fields (mass assignment protection)', async () => {
-      const maliciousData = {
-        // Required fields
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Malicious Agent',
-
-        // Unauthorized fields that should be stripped
-        author: new mongoose.Types.ObjectId().toString(), // Should not be able to set author
-        authorName: 'Hacker', // Should be stripped
-        isCollaborative: true, // Should be stripped on creation
-        versions: [], // Should be stripped
-        _id: new mongoose.Types.ObjectId(), // Should be stripped
-        id: 'custom_agent_id', // Should be overridden
-        createdAt: new Date('2020-01-01'), // Should be stripped
-        updatedAt: new Date('2020-01-01'), // Should be stripped
-      };
-
-      mockReq.body = maliciousData;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-
-      // Verify unauthorized fields were not set
-      expect(createdAgent.author.toString()).toBe(mockReq.user.id); // Should be the request user, not the malicious value
-      expect(createdAgent.authorName).toBeUndefined();
-      expect(createdAgent.isCollaborative).toBeFalsy();
-      expect(createdAgent.versions).toHaveLength(1); // Should have exactly 1 version from creation
-      expect(createdAgent.id).not.toBe('custom_agent_id'); // Should have generated ID
-      expect(createdAgent.id).toMatch(/^agent_/); // Should have proper prefix
-
-      // Verify timestamps are recent (not the malicious dates)
-      const createdTime = new Date(createdAgent.createdAt).getTime();
-      const now = Date.now();
-      expect(now - createdTime).toBeLessThan(5000); // Created within last 5 seconds
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb.author.toString()).toBe(mockReq.user.id);
-      expect(agentInDb.authorName).toBeUndefined();
-    });
-
-    test('should validate required fields', async () => {
-      const invalidData = {
-        name: 'Missing Required Fields',
-        // Missing provider and model
-      };
-
-      mockReq.body = invalidData;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.json).toHaveBeenCalledWith(
-        expect.objectContaining({
-          error: 'Invalid request data',
-          details: expect.any(Array),
-        }),
-      );
-
-      // Verify nothing was created in database
-      const count = await Agent.countDocuments();
-      expect(count).toBe(0);
-    });
-
-    test('should handle tool_resources validation', async () => {
-      const dataWithInvalidToolResources = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Agent with Tool Resources',
-        tool_resources: {
-          // Valid resources
-          file_search: {
-            file_ids: ['file1', 'file2'],
-            vector_store_ids: ['vs1'],
-          },
-          execute_code: {
-            file_ids: ['file3'],
-          },
-          // Invalid resource (should be stripped by schema)
-          invalid_resource: {
-            file_ids: ['file4'],
-          },
-        },
-      };
-
-      mockReq.body = dataWithInvalidToolResources;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-      expect(createdAgent.tool_resources).toBeDefined();
-      expect(createdAgent.tool_resources.file_search).toBeDefined();
-      expect(createdAgent.tool_resources.execute_code).toBeDefined();
-      expect(createdAgent.tool_resources.invalid_resource).toBeUndefined(); // Should be stripped
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb.tool_resources.invalid_resource).toBeUndefined();
-    });
-
-    test('should handle avatar validation', async () => {
-      const dataWithAvatar = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Agent with Avatar',
-        avatar: {
-          filepath: 'https://example.com/avatar.png',
-          source: 's3',
-        },
-      };
-
-      mockReq.body = dataWithAvatar;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-      expect(createdAgent.avatar).toEqual({
-        filepath: 'https://example.com/avatar.png',
-        source: 's3',
-      });
-    });
-
-    test('should handle invalid avatar format', async () => {
-      const dataWithInvalidAvatar = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Agent with Invalid Avatar',
-        avatar: 'just-a-string', // Invalid format
-      };
-
-      mockReq.body = dataWithInvalidAvatar;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.json).toHaveBeenCalledWith(
-        expect.objectContaining({
-          error: 'Invalid request data',
-        }),
-      );
-    });
-  });
-
-  describe('updateAgentHandler', () => {
-    let existingAgentId;
-    let existingAgentAuthorId;
-
-    beforeEach(async () => {
-      // Create an existing agent for update tests
-      existingAgentAuthorId = new mongoose.Types.ObjectId();
-      const agent = await Agent.create({
-        id: `agent_${uuidv4()}`,
-        name: 'Original Agent',
-        provider: 'openai',
-        model: 'gpt-3.5-turbo',
-        author: existingAgentAuthorId,
-        description: 'Original description',
-        isCollaborative: false,
-        versions: [
-          {
-            name: 'Original Agent',
-            provider: 'openai',
-            model: 'gpt-3.5-turbo',
-            description: 'Original description',
-            createdAt: new Date(),
-            updatedAt: new Date(),
-          },
-        ],
-      });
-      existingAgentId = agent.id;
-    });
-
-    test('should update agent with allowed fields only', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString(); // Set as author
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Updated Agent',
-        description: 'Updated description',
-        model: 'gpt-4',
-        isCollaborative: true, // This IS allowed in updates
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).not.toHaveBeenCalledWith(400);
-      expect(mockRes.status).not.toHaveBeenCalledWith(403);
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent.name).toBe('Updated Agent');
-      expect(updatedAgent.description).toBe('Updated description');
-      expect(updatedAgent.model).toBe('gpt-4');
-      expect(updatedAgent.isCollaborative).toBe(true);
-      expect(updatedAgent.author).toBe(existingAgentAuthorId.toString());
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: existingAgentId });
-      expect(agentInDb.name).toBe('Updated Agent');
-      expect(agentInDb.isCollaborative).toBe(true);
-    });
-
-    test('should reject update with unauthorized fields (mass assignment protection)', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Updated Name',
-
-        // Unauthorized fields that should be stripped
-        author: new mongoose.Types.ObjectId().toString(), // Should not be able to change author
-        authorName: 'Hacker', // Should be stripped
-        id: 'different_agent_id', // Should be stripped
-        _id: new mongoose.Types.ObjectId(), // Should be stripped
-        versions: [], // Should be stripped
-        createdAt: new Date('2020-01-01'), // Should be stripped
-        updatedAt: new Date('2020-01-01'), // Should be stripped
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-
-      // Verify unauthorized fields were not changed
-      expect(updatedAgent.author).toBe(existingAgentAuthorId.toString()); // Should not have changed
-      expect(updatedAgent.authorName).toBeUndefined();
-      expect(updatedAgent.id).toBe(existingAgentId); // Should not have changed
-      expect(updatedAgent.name).toBe('Updated Name'); // Only this should have changed
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: existingAgentId });
-      expect(agentInDb.author.toString()).toBe(existingAgentAuthorId.toString());
-      expect(agentInDb.id).toBe(existingAgentId);
-    });
-
-    test('should reject update from non-author when not collaborative', async () => {
-      const differentUserId = new mongoose.Types.ObjectId().toString();
-      mockReq.user.id = differentUserId; // Different user
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Unauthorized Update',
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(403);
-      expect(mockRes.json).toHaveBeenCalledWith({
-        error: 'You do not have permission to modify this non-collaborative agent',
-      });
-
-      // Verify agent was not modified in database
-      const agentInDb = await Agent.findOne({ id: existingAgentId });
-      expect(agentInDb.name).toBe('Original Agent');
-    });
-
-    test('should allow update from non-author when collaborative', async () => {
-      // First make the agent collaborative
-      await Agent.updateOne({ id: existingAgentId }, { isCollaborative: true });
-
-      const differentUserId = new mongoose.Types.ObjectId().toString();
-      mockReq.user.id = differentUserId; // Different user
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Collaborative Update',
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).not.toHaveBeenCalledWith(403);
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent.name).toBe('Collaborative Update');
-      // Author field should be removed for non-author
-      expect(updatedAgent.author).toBeUndefined();
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: existingAgentId });
-      expect(agentInDb.name).toBe('Collaborative Update');
-    });
-
-    test('should allow admin to update any agent', async () => {
-      const adminUserId = new mongoose.Types.ObjectId().toString();
-      mockReq.user.id = adminUserId;
-      mockReq.user.role = 'ADMIN'; // Set as admin
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Admin Update',
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).not.toHaveBeenCalledWith(403);
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent.name).toBe('Admin Update');
-    });
-
-    test('should handle projectIds updates', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = existingAgentId;
-
-      const projectId1 = new mongoose.Types.ObjectId().toString();
-      const projectId2 = new mongoose.Types.ObjectId().toString();
-
-      mockReq.body = {
-        projectIds: [projectId1, projectId2],
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent).toBeDefined();
-      // Note: updateAgentProjects requires more setup, so we just verify the handler doesn't crash
-    });
-
-    test('should validate tool_resources in updates', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        tool_resources: {
-          ocr: {
-            file_ids: ['ocr1', 'ocr2'],
-          },
-          execute_code: {
-            file_ids: ['img1'],
-          },
-          // Invalid tool resource
-          invalid_tool: {
-            file_ids: ['invalid'],
-          },
-        },
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent.tool_resources).toBeDefined();
-      expect(updatedAgent.tool_resources.ocr).toBeDefined();
-      expect(updatedAgent.tool_resources.execute_code).toBeDefined();
-      expect(updatedAgent.tool_resources.invalid_tool).toBeUndefined();
-    });
-
-    test('should return 404 for non-existent agent', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = `agent_${uuidv4()}`; // Non-existent ID
-      mockReq.body = {
-        name: 'Update Non-existent',
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(404);
-      expect(mockRes.json).toHaveBeenCalledWith({ error: 'Agent not found' });
-    });
-
-    test('should handle validation errors properly', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        model_parameters: 'invalid-not-an-object', // Should be an object
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.json).toHaveBeenCalledWith(
-        expect.objectContaining({
-          error: 'Invalid request data',
-          details: expect.any(Array),
-        }),
-      );
-    });
-  });
-
-  describe('Mass Assignment Attack Scenarios', () => {
-    test('should prevent setting system fields during creation', async () => {
-      const systemFields = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'System Fields Test',
-
-        // System fields that should never be settable by users
-        __v: 99,
-        _id: new mongoose.Types.ObjectId(),
-        versions: [
-          {
-            name: 'Fake Version',
-            provider: 'fake',
-            model: 'fake-model',
-          },
-        ],
-      };
-
-      mockReq.body = systemFields;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-
-      // Verify system fields were not affected
-      expect(createdAgent.__v).not.toBe(99);
-      expect(createdAgent.versions).toHaveLength(1); // Should only have the auto-created version
-      expect(createdAgent.versions[0].name).toBe('System Fields Test'); // From actual creation
-      expect(createdAgent.versions[0].provider).toBe('openai'); // From actual creation
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb.__v).not.toBe(99);
-    });
-
-    test('should prevent privilege escalation through isCollaborative', async () => {
-      // Create a non-collaborative agent
-      const authorId = new mongoose.Types.ObjectId();
-      const agent = await Agent.create({
-        id: `agent_${uuidv4()}`,
-        name: 'Private Agent',
-        provider: 'openai',
-        model: 'gpt-4',
-        author: authorId,
-        isCollaborative: false,
-        versions: [
-          {
-            name: 'Private Agent',
-            provider: 'openai',
-            model: 'gpt-4',
-            createdAt: new Date(),
-            updatedAt: new Date(),
-          },
-        ],
-      });
-
-      // Try to make it collaborative as a different user
-      const attackerId = new mongoose.Types.ObjectId().toString();
-      mockReq.user.id = attackerId;
-      mockReq.params.id = agent.id;
-      mockReq.body = {
-        isCollaborative: true, // Trying to escalate privileges
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      // Should be rejected
-      expect(mockRes.status).toHaveBeenCalledWith(403);
-
-      // Verify in database that it's still not collaborative
-      const agentInDb = await Agent.findOne({ id: agent.id });
-      expect(agentInDb.isCollaborative).toBe(false);
-    });
-
-    test('should prevent author hijacking', async () => {
-      const originalAuthorId = new mongoose.Types.ObjectId();
-      const attackerId = new mongoose.Types.ObjectId();
-
-      // Admin creates an agent
-      mockReq.user.id = originalAuthorId.toString();
-      mockReq.user.role = 'ADMIN';
-      mockReq.body = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Admin Agent',
-        author: attackerId.toString(), // Trying to set different author
-      };
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-
-      // Author should be the actual user, not the attempted value
-      expect(createdAgent.author.toString()).toBe(originalAuthorId.toString());
-      expect(createdAgent.author.toString()).not.toBe(attackerId.toString());
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb.author.toString()).toBe(originalAuthorId.toString());
-    });
-
-    test('should strip unknown fields to prevent future vulnerabilities', async () => {
-      mockReq.body = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Future Proof Test',
-
-        // Unknown fields that might be added in future
-        superAdminAccess: true,
-        bypassAllChecks: true,
-        internalFlag: 'secret',
-        futureFeature: 'exploit',
-      };
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-
-      // Verify unknown fields were stripped
-      expect(createdAgent.superAdminAccess).toBeUndefined();
-      expect(createdAgent.bypassAllChecks).toBeUndefined();
-      expect(createdAgent.internalFlag).toBeUndefined();
-      expect(createdAgent.futureFeature).toBeUndefined();
-
-      // Also check in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id }).lean();
-      expect(agentInDb.superAdminAccess).toBeUndefined();
-      expect(agentInDb.bypassAllChecks).toBeUndefined();
-      expect(agentInDb.internalFlag).toBeUndefined();
-      expect(agentInDb.futureFeature).toBeUndefined();
-    });
-  });
-});

api/server/controllers/assistants/chatV1.js

@@ -1,7 +1,4 @@
 const { v4 } = require('uuid');
-const { sleep } = require('@librechat/agents');
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const {
   Time,
   Constants,
@@ -22,20 +19,20 @@ const {
   addThreadMetadata,
   saveAssistantMessage,
 } = require('~/server/services/Threads');
+const { sendResponse, sendMessage, sleep, countTokens } = require('~/server/utils');
 const { runAssistant, createOnTextProgress } = require('~/server/services/AssistantService');
 const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
 const { formatMessage, createVisionPrompt } = require('~/app/clients/prompts');
 const { createRun, StreamRunManager } = require('~/server/services/Runs');
 const { addTitle } = require('~/server/services/Endpoints/assistants');
 const { createRunBody } = require('~/server/services/createRunBody');
-const { sendResponse } = require('~/server/middleware/error');
 const { getTransactions } = require('~/models/Transaction');
 const { checkBalance } = require('~/models/balanceMethods');
 const { getConvo } = require('~/models/Conversation');
 const getLogStores = require('~/cache/getLogStores');
-const { countTokens } = require('~/server/utils');
 const { getModelMaxTokens } = require('~/utils');
 const { getOpenAIClient } = require('./helpers');
+const { logger } = require('~/config');
 
 /**
  * @route POST /
@@ -474,7 +471,7 @@ const chatV1 = async (req, res) => {
     await Promise.all(promises);
 
     const sendInitialResponse = () => {
-      sendEvent(res, {
+      sendMessage(res, {
         sync: true,
         conversationId,
         // messages: previousMessages,
@@ -590,7 +587,7 @@ const chatV1 = async (req, res) => {
       iconURL: endpointOption.iconURL,
     };
 
-    sendEvent(res, {
+    sendMessage(res, {
       final: true,
       conversation,
       requestMessage: {

api/server/controllers/assistants/chatV2.js

@@ -1,7 +1,4 @@
 const { v4 } = require('uuid');
-const { sleep } = require('@librechat/agents');
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const {
   Time,
   Constants,
@@ -25,14 +22,15 @@ const { createErrorHandler } = require('~/server/controllers/assistants/errors')
 const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
 const { createRun, StreamRunManager } = require('~/server/services/Runs');
 const { addTitle } = require('~/server/services/Endpoints/assistants');
+const { sendMessage, sleep, countTokens } = require('~/server/utils');
 const { createRunBody } = require('~/server/services/createRunBody');
 const { getTransactions } = require('~/models/Transaction');
 const { checkBalance } = require('~/models/balanceMethods');
 const { getConvo } = require('~/models/Conversation');
 const getLogStores = require('~/cache/getLogStores');
-const { countTokens } = require('~/server/utils');
 const { getModelMaxTokens } = require('~/utils');
 const { getOpenAIClient } = require('./helpers');
+const { logger } = require('~/config');
 
 /**
  * @route POST /
@@ -311,7 +309,7 @@ const chatV2 = async (req, res) => {
     await Promise.all(promises);
 
     const sendInitialResponse = () => {
-      sendEvent(res, {
+      sendMessage(res, {
         sync: true,
         conversationId,
         // messages: previousMessages,
@@ -434,7 +432,7 @@ const chatV2 = async (req, res) => {
       iconURL: endpointOption.iconURL,
     };
 
-    sendEvent(res, {
+    sendMessage(res, {
       final: true,
       conversation,
       requestMessage: {

api/server/controllers/assistants/errors.js

@@ -1,10 +1,10 @@
 // errorHandler.js
-const { logger } = require('@librechat/data-schemas');
-const { CacheKeys, ViolationTypes, ContentTypes } = require('librechat-data-provider');
-const { recordUsage, checkMessageGaps } = require('~/server/services/Threads');
-const { sendResponse } = require('~/server/middleware/error');
-const { getConvo } = require('~/models/Conversation');
+const { sendResponse } = require('~/server/utils');
+const { logger } = require('~/config');
 const getLogStores = require('~/cache/getLogStores');
+const { CacheKeys, ViolationTypes, ContentTypes } = require('librechat-data-provider');
+const { getConvo } = require('~/models/Conversation');
+const { recordUsage, checkMessageGaps } = require('~/server/services/Threads');
 
 /**
  * @typedef {Object} ErrorHandlerContext
@@ -78,7 +78,7 @@ const createErrorHandler = ({ req, res, getContext, originPath = '/assistants/ch
     } else if (/Files.*are invalid/.test(error.message)) {
       const errorMessage = `Files are invalid, or may not have uploaded yet.${
         endpoint === 'azureAssistants'
-          ? " If using Azure OpenAI, files are only available in the region of the assistant's model at the time of upload."
+          ? ' If using Azure OpenAI, files are only available in the region of the assistant\'s model at the time of upload.'
           : ''
       }`;
       return sendResponse(req, res, messageData, errorMessage);

api/server/controllers/tools.js

@@ -1,7 +1,5 @@
 const { nanoid } = require('nanoid');
 const { EnvVar } = require('@librechat/agents');
-const { checkAccess } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const {
   Tools,
   AuthType,
@@ -15,8 +13,9 @@ const { processCodeOutput } = require('~/server/services/Files/Code/process');
 const { createToolCall, getToolCallsByConvo } = require('~/models/ToolCall');
 const { loadAuthValues } = require('~/server/services/Tools/credentials');
 const { loadTools } = require('~/app/clients/tools/util');
-const { getRoleByName } = require('~/models/Role');
+const { checkAccess } = require('~/server/middleware');
 const { getMessage } = require('~/models/Message');
+const { logger } = require('~/config');
 
 const fieldsMap = {
   [Tools.execute_code]: [EnvVar.CODE_API_KEY],
@@ -80,7 +79,6 @@ const verifyToolAuth = async (req, res) => {
         throwError: false,
       });
     } catch (error) {
-      logger.error('Error loading auth values', error);
       res.status(200).json({ authenticated: false, message: AuthType.USER_PROVIDED });
       return;
     }
@@ -134,12 +132,7 @@ const callTool = async (req, res) => {
     logger.debug(`[${toolId}/call] User: ${req.user.id}`);
     let hasAccess = true;
     if (toolAccessPermType[toolId]) {
-      hasAccess = await checkAccess({
-        user: req.user,
-        permissionType: toolAccessPermType[toolId],
-        permissions: [Permissions.USE],
-        getRoleByName,
-      });
+      hasAccess = await checkAccess(req.user, toolAccessPermType[toolId], [Permissions.USE]);
     }
     if (!hasAccess) {
       logger.warn(

api/server/index.js

@@ -55,6 +55,7 @@ const startServer = async () => {
 
   /* Middleware */
   app.use(noIndex);
+  app.use(errorController);
   app.use(express.json({ limit: '3mb' }));
   app.use(express.urlencoded({ extended: true, limit: '3mb' }));
   app.use(mongoSanitize());
@@ -120,9 +121,6 @@ const startServer = async () => {
   app.use('/api/tags', routes.tags);
   app.use('/api/mcp', routes.mcp);
 
-  // Add the error controller one more time after all routes
-  app.use(errorController);
-
   app.use((req, res) => {
     res.set({
       'Cache-Control': process.env.INDEX_CACHE_CONTROL || 'no-cache, no-store, must-revalidate',

api/server/index.spec.js

@@ -1,4 +1,5 @@
 const fs = require('fs');
+const path = require('path');
 const request = require('supertest');
 const { MongoMemoryServer } = require('mongodb-memory-server');
 const mongoose = require('mongoose');
@@ -58,30 +59,6 @@ describe('Server Configuration', () => {
     expect(response.headers['pragma']).toBe('no-cache');
     expect(response.headers['expires']).toBe('0');
   });
-
-  it('should return 500 for unknown errors via ErrorController', async () => {
-    // Testing the error handling here on top of unit tests to ensure the middleware is correctly integrated
-
-    // Mock MongoDB operations to fail
-    const originalFindOne = mongoose.models.User.findOne;
-    const mockError = new Error('MongoDB operation failed');
-    mongoose.models.User.findOne = jest.fn().mockImplementation(() => {
-      throw mockError;
-    });
-
-    try {
-      const response = await request(app).post('/api/auth/login').send({
-        email: 'test@example.com',
-        password: 'password123',
-      });
-
-      expect(response.status).toBe(500);
-      expect(response.text).toBe('An unknown error occurred.');
-    } finally {
-      // Restore original function
-      mongoose.models.User.findOne = originalFindOne;
-    }
-  });
 });
 
 // Polls the /health endpoint every 30ms for up to 10 seconds to wait for the server to start completely

api/server/middleware/abortMiddleware.js

@@ -1,13 +1,13 @@
-const { logger } = require('@librechat/data-schemas');
-const { countTokens, isEnabled, sendEvent } = require('@librechat/api');
+// abortMiddleware.js
 const { isAssistantsEndpoint, ErrorTypes } = require('librechat-data-provider');
+const { sendMessage, sendError, countTokens, isEnabled } = require('~/server/utils');
 const { truncateText, smartTruncateText } = require('~/app/clients/prompts');
 const clearPendingReq = require('~/cache/clearPendingReq');
-const { sendError } = require('~/server/middleware/error');
 const { spendTokens } = require('~/models/spendTokens');
 const abortControllers = require('./abortControllers');
 const { saveMessage, getConvo } = require('~/models');
 const { abortRun } = require('./abortRun');
+const { logger } = require('~/config');
 
 const abortDataMap = new WeakMap();
 
@@ -101,7 +101,7 @@ async function abortMessage(req, res) {
   cleanupAbortController(abortKey);
 
   if (res.headersSent && finalEvent) {
-    return sendEvent(res, finalEvent);
+    return sendMessage(res, finalEvent);
   }
 
   res.setHeader('Content-Type', 'application/json');
@@ -174,7 +174,7 @@ const createAbortController = (req, res, getAbortData, getReqData) => {
    * @param {string} responseMessageId
    */
   const onStart = (userMessage, responseMessageId) => {
-    sendEvent(res, { message: userMessage, created: true });
+    sendMessage(res, { message: userMessage, created: true });
 
     const abortKey = userMessage?.conversationId ?? req.user.id;
     getReqData({ abortKey });

api/server/middleware/abortRun.js

@@ -1,11 +1,11 @@
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const { CacheKeys, RunStatus, isUUID } = require('librechat-data-provider');
 const { initializeClient } = require('~/server/services/Endpoints/assistants');
 const { checkMessageGaps, recordUsage } = require('~/server/services/Threads');
 const { deleteMessages } = require('~/models/Message');
 const { getConvo } = require('~/models/Conversation');
 const getLogStores = require('~/cache/getLogStores');
+const { sendMessage } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const three_minutes = 1000 * 60 * 3;
 
@@ -34,7 +34,7 @@ async function abortRun(req, res) {
   const [thread_id, run_id] = runValues.split(':');
 
   if (!run_id) {
-    logger.warn("[abortRun] Couldn't find run for cancel request", { thread_id });
+    logger.warn('[abortRun] Couldn\'t find run for cancel request', { thread_id });
     return res.status(204).send({ message: 'Run not found' });
   } else if (run_id === 'cancelled') {
     logger.warn('[abortRun] Run already cancelled', { thread_id });
@@ -93,7 +93,7 @@ async function abortRun(req, res) {
   };
 
   if (res.headersSent && finalEvent) {
-    return sendEvent(res, finalEvent);
+    return sendMessage(res, finalEvent);
   }
 
   res.json(finalEvent);

api/server/middleware/checkBan.js

@@ -18,6 +18,7 @@ const message = 'Your account has been temporarily banned due to violations of o
  * @function
  * @param {Object} req - Express Request object.
  * @param {Object} res - Express Response object.
+ * @param {String} errorMessage - Error message to be displayed in case of /api/ask or /api/edit request.
  *
  * @returns {Promise<Object>} - Returns a Promise which when resolved sends a response status of 403 with a specific message if request is not of api/ask or api/edit types. If it is, calls `denyRequest()` function.
  */
@@ -134,7 +135,6 @@ const checkBan = async (req, res, next = () => {}) => {
     return await banResponse(req, res);
   } catch (error) {
     logger.error('Error in checkBan middleware:', error);
-    return next(error);
   }
 };
 

api/server/middleware/denyRequest.js

@@ -1,7 +1,6 @@
 const crypto = require('crypto');
-const { sendEvent } = require('@librechat/api');
 const { getResponseSender, Constants } = require('librechat-data-provider');
-const { sendError } = require('~/server/middleware/error');
+const { sendMessage, sendError } = require('~/server/utils');
 const { saveMessage } = require('~/models');
 
 /**
@@ -37,7 +36,7 @@ const denyRequest = async (req, res, errorMessage) => {
     isCreatedByUser: true,
     text,
   };
-  sendEvent(res, { message: userMessage, created: true });
+  sendMessage(res, { message: userMessage, created: true });
 
   const shouldSaveMessage = _convoId && parentMessageId && parentMessageId !== Constants.NO_PARENT;
 

api/server/middleware/limiters/forkLimiters.js

@@ -1,95 +0,0 @@
-const rateLimit = require('express-rate-limit');
-const { isEnabled } = require('@librechat/api');
-const { RedisStore } = require('rate-limit-redis');
-const { logger } = require('@librechat/data-schemas');
-const { ViolationTypes } = require('librechat-data-provider');
-const ioredisClient = require('~/cache/ioredisClient');
-const logViolation = require('~/cache/logViolation');
-
-const getEnvironmentVariables = () => {
-  const FORK_IP_MAX = parseInt(process.env.FORK_IP_MAX) || 30;
-  const FORK_IP_WINDOW = parseInt(process.env.FORK_IP_WINDOW) || 1;
-  const FORK_USER_MAX = parseInt(process.env.FORK_USER_MAX) || 7;
-  const FORK_USER_WINDOW = parseInt(process.env.FORK_USER_WINDOW) || 1;
-  const FORK_VIOLATION_SCORE = process.env.FORK_VIOLATION_SCORE;
-
-  const forkIpWindowMs = FORK_IP_WINDOW * 60 * 1000;
-  const forkIpMax = FORK_IP_MAX;
-  const forkIpWindowInMinutes = forkIpWindowMs / 60000;
-
-  const forkUserWindowMs = FORK_USER_WINDOW * 60 * 1000;
-  const forkUserMax = FORK_USER_MAX;
-  const forkUserWindowInMinutes = forkUserWindowMs / 60000;
-
-  return {
-    forkIpWindowMs,
-    forkIpMax,
-    forkIpWindowInMinutes,
-    forkUserWindowMs,
-    forkUserMax,
-    forkUserWindowInMinutes,
-    forkViolationScore: FORK_VIOLATION_SCORE,
-  };
-};
-
-const createForkHandler = (ip = true) => {
-  const {
-    forkIpMax,
-    forkUserMax,
-    forkViolationScore,
-    forkIpWindowInMinutes,
-    forkUserWindowInMinutes,
-  } = getEnvironmentVariables();
-
-  return async (req, res) => {
-    const type = ViolationTypes.FILE_UPLOAD_LIMIT;
-    const errorMessage = {
-      type,
-      max: ip ? forkIpMax : forkUserMax,
-      limiter: ip ? 'ip' : 'user',
-      windowInMinutes: ip ? forkIpWindowInMinutes : forkUserWindowInMinutes,
-    };
-
-    await logViolation(req, res, type, errorMessage, forkViolationScore);
-    res.status(429).json({ message: 'Too many conversation fork requests. Try again later' });
-  };
-};
-
-const createForkLimiters = () => {
-  const { forkIpWindowMs, forkIpMax, forkUserWindowMs, forkUserMax } = getEnvironmentVariables();
-
-  const ipLimiterOptions = {
-    windowMs: forkIpWindowMs,
-    max: forkIpMax,
-    handler: createForkHandler(),
-  };
-  const userLimiterOptions = {
-    windowMs: forkUserWindowMs,
-    max: forkUserMax,
-    handler: createForkHandler(false),
-    keyGenerator: function (req) {
-      return req.user?.id;
-    },
-  };
-
-  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-    logger.debug('Using Redis for fork rate limiters.');
-    const sendCommand = (...args) => ioredisClient.call(...args);
-    const ipStore = new RedisStore({
-      sendCommand,
-      prefix: 'fork_ip_limiter:',
-    });
-    const userStore = new RedisStore({
-      sendCommand,
-      prefix: 'fork_user_limiter:',
-    });
-    ipLimiterOptions.store = ipStore;
-    userLimiterOptions.store = userStore;
-  }
-
-  const forkIpLimiter = rateLimit(ipLimiterOptions);
-  const forkUserLimiter = rateLimit(userLimiterOptions);
-  return { forkIpLimiter, forkUserLimiter };
-};
-
-module.exports = { createForkLimiters };

api/server/middleware/limiters/importLimiters.js

@@ -1,17 +1,16 @@
 const rateLimit = require('express-rate-limit');
-const { isEnabled } = require('@librechat/api');
 const { RedisStore } = require('rate-limit-redis');
-const { logger } = require('@librechat/data-schemas');
 const { ViolationTypes } = require('librechat-data-provider');
 const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const IMPORT_IP_MAX = parseInt(process.env.IMPORT_IP_MAX) || 100;
   const IMPORT_IP_WINDOW = parseInt(process.env.IMPORT_IP_WINDOW) || 15;
   const IMPORT_USER_MAX = parseInt(process.env.IMPORT_USER_MAX) || 50;
   const IMPORT_USER_WINDOW = parseInt(process.env.IMPORT_USER_WINDOW) || 15;
-  const IMPORT_VIOLATION_SCORE = process.env.IMPORT_VIOLATION_SCORE;
 
   const importIpWindowMs = IMPORT_IP_WINDOW * 60 * 1000;
   const importIpMax = IMPORT_IP_MAX;
@@ -28,18 +27,12 @@ const getEnvironmentVariables = () => {
     importUserWindowMs,
     importUserMax,
     importUserWindowInMinutes,
-    importViolationScore: IMPORT_VIOLATION_SCORE,
   };
 };
 
 const createImportHandler = (ip = true) => {
-  const {
-    importIpMax,
-    importUserMax,
-    importViolationScore,
-    importIpWindowInMinutes,
-    importUserWindowInMinutes,
-  } = getEnvironmentVariables();
+  const { importIpMax, importIpWindowInMinutes, importUserMax, importUserWindowInMinutes } =
+    getEnvironmentVariables();
 
   return async (req, res) => {
     const type = ViolationTypes.FILE_UPLOAD_LIMIT;
@@ -50,7 +43,7 @@ const createImportHandler = (ip = true) => {
       windowInMinutes: ip ? importIpWindowInMinutes : importUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, importViolationScore);
+    await logViolation(req, res, type, errorMessage);
     res.status(429).json({ message: 'Too many conversation import requests. Try again later' });
   };
 };

api/server/middleware/limiters/index.js

@@ -4,7 +4,6 @@ const createSTTLimiters = require('./sttLimiters');
 const loginLimiter = require('./loginLimiter');
 const importLimiters = require('./importLimiters');
 const uploadLimiters = require('./uploadLimiters');
-const forkLimiters = require('./forkLimiters');
 const registerLimiter = require('./registerLimiter');
 const toolCallLimiter = require('./toolCallLimiter');
 const messageLimiters = require('./messageLimiters');
@@ -15,7 +14,6 @@ module.exports = {
   ...uploadLimiters,
   ...importLimiters,
   ...messageLimiters,
-  ...forkLimiters,
   loginLimiter,
   registerLimiter,
   toolCallLimiter,

api/server/middleware/limiters/messageLimiters.js

@@ -11,7 +11,6 @@ const {
   MESSAGE_IP_WINDOW = 1,
   MESSAGE_USER_MAX = 40,
   MESSAGE_USER_WINDOW = 1,
-  MESSAGE_VIOLATION_SCORE: score,
 } = process.env;
 
 const ipWindowMs = MESSAGE_IP_WINDOW * 60 * 1000;
@@ -40,7 +39,7 @@ const createHandler = (ip = true) => {
       windowInMinutes: ip ? ipWindowInMinutes : userWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, score);
+    await logViolation(req, res, type, errorMessage);
     return await denyRequest(req, res, errorMessage);
   };
 };

api/server/middleware/limiters/sttLimiters.js

@@ -11,7 +11,6 @@ const getEnvironmentVariables = () => {
   const STT_IP_WINDOW = parseInt(process.env.STT_IP_WINDOW) || 1;
   const STT_USER_MAX = parseInt(process.env.STT_USER_MAX) || 50;
   const STT_USER_WINDOW = parseInt(process.env.STT_USER_WINDOW) || 1;
-  const STT_VIOLATION_SCORE = process.env.STT_VIOLATION_SCORE;
 
   const sttIpWindowMs = STT_IP_WINDOW * 60 * 1000;
   const sttIpMax = STT_IP_MAX;
@@ -28,12 +27,11 @@ const getEnvironmentVariables = () => {
     sttUserWindowMs,
     sttUserMax,
     sttUserWindowInMinutes,
-    sttViolationScore: STT_VIOLATION_SCORE,
   };
 };
 
 const createSTTHandler = (ip = true) => {
-  const { sttIpMax, sttIpWindowInMinutes, sttUserMax, sttUserWindowInMinutes, sttViolationScore } =
+  const { sttIpMax, sttIpWindowInMinutes, sttUserMax, sttUserWindowInMinutes } =
     getEnvironmentVariables();
 
   return async (req, res) => {
@@ -45,7 +43,7 @@ const createSTTHandler = (ip = true) => {
       windowInMinutes: ip ? sttIpWindowInMinutes : sttUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, sttViolationScore);
+    await logViolation(req, res, type, errorMessage);
     res.status(429).json({ message: 'Too many STT requests. Try again later' });
   };
 };

api/server/middleware/limiters/toolCallLimiter.js

@@ -6,8 +6,6 @@ const logViolation = require('~/cache/logViolation');
 const { isEnabled } = require('~/server/utils');
 const { logger } = require('~/config');
 
-const { TOOL_CALL_VIOLATION_SCORE: score } = process.env;
-
 const handler = async (req, res) => {
   const type = ViolationTypes.TOOL_CALL_LIMIT;
   const errorMessage = {
@@ -17,7 +15,7 @@ const handler = async (req, res) => {
     windowInMinutes: 1,
   };
 
-  await logViolation(req, res, type, errorMessage, score);
+  await logViolation(req, res, type, errorMessage, 0);
   res.status(429).json({ message: 'Too many tool call requests. Try again later' });
 };
 

api/server/middleware/limiters/ttsLimiters.js

@@ -11,7 +11,6 @@ const getEnvironmentVariables = () => {
   const TTS_IP_WINDOW = parseInt(process.env.TTS_IP_WINDOW) || 1;
   const TTS_USER_MAX = parseInt(process.env.TTS_USER_MAX) || 50;
   const TTS_USER_WINDOW = parseInt(process.env.TTS_USER_WINDOW) || 1;
-  const TTS_VIOLATION_SCORE = process.env.TTS_VIOLATION_SCORE;
 
   const ttsIpWindowMs = TTS_IP_WINDOW * 60 * 1000;
   const ttsIpMax = TTS_IP_MAX;
@@ -28,12 +27,11 @@ const getEnvironmentVariables = () => {
     ttsUserWindowMs,
     ttsUserMax,
     ttsUserWindowInMinutes,
-    ttsViolationScore: TTS_VIOLATION_SCORE,
   };
 };
 
 const createTTSHandler = (ip = true) => {
-  const { ttsIpMax, ttsIpWindowInMinutes, ttsUserMax, ttsUserWindowInMinutes, ttsViolationScore } =
+  const { ttsIpMax, ttsIpWindowInMinutes, ttsUserMax, ttsUserWindowInMinutes } =
     getEnvironmentVariables();
 
   return async (req, res) => {
@@ -45,7 +43,7 @@ const createTTSHandler = (ip = true) => {
       windowInMinutes: ip ? ttsIpWindowInMinutes : ttsUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, ttsViolationScore);
+    await logViolation(req, res, type, errorMessage);
     res.status(429).json({ message: 'Too many TTS requests. Try again later' });
   };
 };

api/server/middleware/limiters/uploadLimiters.js

@@ -11,7 +11,6 @@ const getEnvironmentVariables = () => {
   const FILE_UPLOAD_IP_WINDOW = parseInt(process.env.FILE_UPLOAD_IP_WINDOW) || 15;
   const FILE_UPLOAD_USER_MAX = parseInt(process.env.FILE_UPLOAD_USER_MAX) || 50;
   const FILE_UPLOAD_USER_WINDOW = parseInt(process.env.FILE_UPLOAD_USER_WINDOW) || 15;
-  const FILE_UPLOAD_VIOLATION_SCORE = process.env.FILE_UPLOAD_VIOLATION_SCORE;
 
   const fileUploadIpWindowMs = FILE_UPLOAD_IP_WINDOW * 60 * 1000;
   const fileUploadIpMax = FILE_UPLOAD_IP_MAX;
@@ -28,7 +27,6 @@ const getEnvironmentVariables = () => {
     fileUploadUserWindowMs,
     fileUploadUserMax,
     fileUploadUserWindowInMinutes,
-    fileUploadViolationScore: FILE_UPLOAD_VIOLATION_SCORE,
   };
 };
 
@@ -38,7 +36,6 @@ const createFileUploadHandler = (ip = true) => {
     fileUploadIpWindowInMinutes,
     fileUploadUserMax,
     fileUploadUserWindowInMinutes,
-    fileUploadViolationScore,
   } = getEnvironmentVariables();
 
   return async (req, res) => {
@@ -50,7 +47,7 @@ const createFileUploadHandler = (ip = true) => {
       windowInMinutes: ip ? fileUploadIpWindowInMinutes : fileUploadUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, fileUploadViolationScore);
+    await logViolation(req, res, type, errorMessage);
     res.status(429).json({ message: 'Too many file upload requests. Try again later' });
   };
 };

api/server/middleware/roles/access.js

@@ -0,0 +1,78 @@
+const { getRoleByName } = require('~/models/Role');
+const { logger } = require('~/config');
+
+/**
+ * Core function to check if a user has one or more required permissions
+ *
+ * @param {object} user - The user object
+ * @param {PermissionTypes} permissionType - The type of permission to check
+ * @param {Permissions[]} permissions - The list of specific permissions to check
+ * @param {Record<Permissions, string[]>} [bodyProps] - An optional object where keys are permissions and values are arrays of properties to check
+ * @param {object} [checkObject] - The object to check properties against
+ * @returns {Promise<boolean>} Whether the user has the required permissions
+ */
+const checkAccess = async (user, permissionType, permissions, bodyProps = {}, checkObject = {}) => {
+  if (!user) {
+    return false;
+  }
+
+  const role = await getRoleByName(user.role);
+  if (role && role.permissions && role.permissions[permissionType]) {
+    const hasAnyPermission = permissions.some((permission) => {
+      if (role.permissions[permissionType][permission]) {
+        return true;
+      }
+
+      if (bodyProps[permission] && checkObject) {
+        return bodyProps[permission].some((prop) =>
+          Object.prototype.hasOwnProperty.call(checkObject, prop),
+        );
+      }
+
+      return false;
+    });
+
+    return hasAnyPermission;
+  }
+
+  return false;
+};
+
+/**
+ * Middleware to check if a user has one or more required permissions, optionally based on `req.body` properties.
+ *
+ * @param {PermissionTypes} permissionType - The type of permission to check.
+ * @param {Permissions[]} permissions - The list of specific permissions to check.
+ * @param {Record<Permissions, string[]>} [bodyProps] - An optional object where keys are permissions and values are arrays of `req.body` properties to check.
+ * @returns {(req: ServerRequest, res: ServerResponse, next: NextFunction) => Promise<void>} Express middleware function.
+ */
+const generateCheckAccess = (permissionType, permissions, bodyProps = {}) => {
+  return async (req, res, next) => {
+    try {
+      const hasAccess = await checkAccess(
+        req.user,
+        permissionType,
+        permissions,
+        bodyProps,
+        req.body,
+      );
+
+      if (hasAccess) {
+        return next();
+      }
+
+      logger.warn(
+        `[${permissionType}] Forbidden: Insufficient permissions for User ${req.user.id}: ${permissions.join(', ')}`,
+      );
+      return res.status(403).json({ message: 'Forbidden: Insufficient permissions' });
+    } catch (error) {
+      logger.error(error);
+      return res.status(500).json({ message: `Server error: ${error.message}` });
+    }
+  };
+};
+
+module.exports = {
+  checkAccess,
+  generateCheckAccess,
+};

api/server/middleware/roles/index.js

@@ -1,5 +1,8 @@
 const checkAdmin = require('./admin');
+const { checkAccess, generateCheckAccess } = require('./access');
 
 module.exports = {
   checkAdmin,
+  checkAccess,
+  generateCheckAccess,
 };

api/server/routes/agents/actions.js

@@ -1,28 +1,14 @@
 const express = require('express');
 const { nanoid } = require('nanoid');
-const { logger } = require('@librechat/data-schemas');
-const { generateCheckAccess } = require('@librechat/api');
-const {
-  SystemRoles,
-  Permissions,
-  PermissionTypes,
-  actionDelimiter,
-  removeNullishValues,
-} = require('librechat-data-provider');
+const { actionDelimiter, SystemRoles, removeNullishValues } = require('librechat-data-provider');
 const { encryptMetadata, domainParser } = require('~/server/services/ActionService');
 const { updateAction, getActions, deleteAction } = require('~/models/Action');
 const { isActionDomainAllowed } = require('~/server/services/domains');
 const { getAgent, updateAgent } = require('~/models/Agent');
-const { getRoleByName } = require('~/models/Role');
+const { logger } = require('~/config');
 
 const router = express.Router();
 
-const checkAgentCreate = generateCheckAccess({
-  permissionType: PermissionTypes.AGENTS,
-  permissions: [Permissions.USE, Permissions.CREATE],
-  getRoleByName,
-});
-
 // If the user has ADMIN role
 // then action edition is possible even if not owner of the assistant
 const isAdmin = (req) => {
@@ -55,7 +41,7 @@ router.get('/', async (req, res) => {
  * @param {ActionMetadata} req.body.metadata - Metadata for the action.
  * @returns {Object} 200 - success response - application/json
  */
-router.post('/:agent_id', checkAgentCreate, async (req, res) => {
+router.post('/:agent_id', async (req, res) => {
   try {
     const { agent_id } = req.params;
 
@@ -163,7 +149,7 @@ router.post('/:agent_id', checkAgentCreate, async (req, res) => {
  * @param {string} req.params.action_id - The ID of the action to delete.
  * @returns {Object} 200 - success response - application/json
  */
-router.delete('/:agent_id/:action_id', checkAgentCreate, async (req, res) => {
+router.delete('/:agent_id/:action_id', async (req, res) => {
   try {
     const { agent_id, action_id } = req.params;
     const admin = isAdmin(req);

api/server/routes/agents/chat.js

@@ -1,28 +1,22 @@
 const express = require('express');
-const { generateCheckAccess, skipAgentCheck } = require('@librechat/api');
 const { PermissionTypes, Permissions } = require('librechat-data-provider');
 const {
   setHeaders,
   moderateText,
   // validateModel,
+  generateCheckAccess,
   validateConvoAccess,
   buildEndpointOption,
 } = require('~/server/middleware');
 const { initializeClient } = require('~/server/services/Endpoints/agents');
 const AgentController = require('~/server/controllers/agents/request');
 const addTitle = require('~/server/services/Endpoints/agents/title');
-const { getRoleByName } = require('~/models/Role');
 
 const router = express.Router();
 
 router.use(moderateText);
 
-const checkAgentAccess = generateCheckAccess({
-  permissionType: PermissionTypes.AGENTS,
-  permissions: [Permissions.USE],
-  skipCheck: skipAgentCheck,
-  getRoleByName,
-});
+const checkAgentAccess = generateCheckAccess(PermissionTypes.AGENTS, [Permissions.USE]);
 
 router.use(checkAgentAccess);
 router.use(validateConvoAccess);

api/server/routes/agents/v1.js

@@ -1,36 +1,29 @@
 const express = require('express');
-const { generateCheckAccess } = require('@librechat/api');
 const { PermissionTypes, Permissions } = require('librechat-data-provider');
-const { requireJwtAuth } = require('~/server/middleware');
+const { requireJwtAuth, generateCheckAccess } = require('~/server/middleware');
 const v1 = require('~/server/controllers/agents/v1');
-const { getRoleByName } = require('~/models/Role');
 const actions = require('./actions');
 const tools = require('./tools');
 
 const router = express.Router();
 const avatar = express.Router();
 
-const checkAgentAccess = generateCheckAccess({
-  permissionType: PermissionTypes.AGENTS,
-  permissions: [Permissions.USE],
-  getRoleByName,
-});
-const checkAgentCreate = generateCheckAccess({
-  permissionType: PermissionTypes.AGENTS,
-  permissions: [Permissions.USE, Permissions.CREATE],
-  getRoleByName,
-});
+const checkAgentAccess = generateCheckAccess(PermissionTypes.AGENTS, [Permissions.USE]);
+const checkAgentCreate = generateCheckAccess(PermissionTypes.AGENTS, [
+  Permissions.USE,
+  Permissions.CREATE,
+]);
 
-const checkGlobalAgentShare = generateCheckAccess({
-  permissionType: PermissionTypes.AGENTS,
-  permissions: [Permissions.USE, Permissions.CREATE],
-  bodyProps: {
+const checkGlobalAgentShare = generateCheckAccess(
+  PermissionTypes.AGENTS,
+  [Permissions.USE, Permissions.CREATE],
+  {
     [Permissions.SHARED_GLOBAL]: ['projectIds', 'removeProjectIds'],
   },
-  getRoleByName,
-});
+);
 
 router.use(requireJwtAuth);
+router.use(checkAgentAccess);
 
 /**
  * Agent actions route.

api/server/routes/convos.js

@@ -1,17 +1,16 @@
 const multer = require('multer');
 const express = require('express');
-const { sleep } = require('@librechat/agents');
-const { isEnabled } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const { CacheKeys, EModelEndpoint } = require('librechat-data-provider');
 const { getConvosByCursor, deleteConvos, getConvo, saveConvo } = require('~/models/Conversation');
 const { forkConversation, duplicateConversation } = require('~/server/utils/import/fork');
-const { createImportLimiters, createForkLimiters } = require('~/server/middleware');
 const { storage, importFileFilter } = require('~/server/routes/files/multer');
 const requireJwtAuth = require('~/server/middleware/requireJwtAuth');
 const { importConversations } = require('~/server/utils/import');
+const { createImportLimiters } = require('~/server/middleware');
 const { deleteToolCalls } = require('~/models/ToolCall');
+const { isEnabled, sleep } = require('~/server/utils');
 const getLogStores = require('~/cache/getLogStores');
+const { logger } = require('~/config');
 
 const assistantClients = {
   [EModelEndpoint.azureAssistants]: require('~/server/services/Endpoints/azureAssistants'),
@@ -44,7 +43,6 @@ router.get('/', async (req, res) => {
     });
     res.status(200).json(result);
   } catch (error) {
-    logger.error('Error fetching conversations', error);
     res.status(500).json({ error: 'Error fetching conversations' });
   }
 });
@@ -158,7 +156,6 @@ router.post('/update', async (req, res) => {
 });
 
 const { importIpLimiter, importUserLimiter } = createImportLimiters();
-const { forkIpLimiter, forkUserLimiter } = createForkLimiters();
 const upload = multer({ storage: storage, fileFilter: importFileFilter });
 
 /**
@@ -192,7 +189,7 @@ router.post(
  * @param {express.Response<TForkConvoResponse>} res - Express response object.
  * @returns {Promise<void>} - The response after forking the conversation.
  */
-router.post('/fork', forkIpLimiter, forkUserLimiter, async (req, res) => {
+router.post('/fork', async (req, res) => {
   try {
     /** @type {TForkConvoRequest} */
     const { conversationId, messageId, option, splitAtTarget, latestMessageId } = req.body;

api/server/routes/files/multer.spec.js

@@ -477,9 +477,7 @@ describe('Multer Configuration', () => {
         done(new Error('Expected mkdirSync to throw an error but no error was thrown'));
       } catch (error) {
         // This is the expected behavior - mkdirSync throws synchronously for invalid paths
-        // On Linux, this typically returns EACCES (permission denied)
-        // On macOS/Darwin, this returns ENOENT (no such file or directory)
-        expect(['EACCES', 'ENOENT']).toContain(error.code);
+        expect(error.code).toBe('EACCES');
         done();
       }
     });

api/server/routes/memories.js

@@ -1,43 +1,37 @@
 const express = require('express');
-const { Tokenizer, generateCheckAccess } = require('@librechat/api');
+const { Tokenizer } = require('@librechat/api');
 const { PermissionTypes, Permissions } = require('librechat-data-provider');
 const {
   getAllUserMemories,
   toggleUserMemories,
   createMemory,
-  deleteMemory,
   setMemory,
+  deleteMemory,
 } = require('~/models');
-const { requireJwtAuth } = require('~/server/middleware');
-const { getRoleByName } = require('~/models/Role');
+const { requireJwtAuth, generateCheckAccess } = require('~/server/middleware');
 
 const router = express.Router();
 
-const checkMemoryRead = generateCheckAccess({
-  permissionType: PermissionTypes.MEMORIES,
-  permissions: [Permissions.USE, Permissions.READ],
-  getRoleByName,
-});
-const checkMemoryCreate = generateCheckAccess({
-  permissionType: PermissionTypes.MEMORIES,
-  permissions: [Permissions.USE, Permissions.CREATE],
-  getRoleByName,
-});
-const checkMemoryUpdate = generateCheckAccess({
-  permissionType: PermissionTypes.MEMORIES,
-  permissions: [Permissions.USE, Permissions.UPDATE],
-  getRoleByName,
-});
-const checkMemoryDelete = generateCheckAccess({
-  permissionType: PermissionTypes.MEMORIES,
-  permissions: [Permissions.USE, Permissions.UPDATE],
-  getRoleByName,
-});
-const checkMemoryOptOut = generateCheckAccess({
-  permissionType: PermissionTypes.MEMORIES,
-  permissions: [Permissions.USE, Permissions.OPT_OUT],
-  getRoleByName,
-});
+const checkMemoryRead = generateCheckAccess(PermissionTypes.MEMORIES, [
+  Permissions.USE,
+  Permissions.READ,
+]);
+const checkMemoryCreate = generateCheckAccess(PermissionTypes.MEMORIES, [
+  Permissions.USE,
+  Permissions.CREATE,
+]);
+const checkMemoryUpdate = generateCheckAccess(PermissionTypes.MEMORIES, [
+  Permissions.USE,
+  Permissions.UPDATE,
+]);
+const checkMemoryDelete = generateCheckAccess(PermissionTypes.MEMORIES, [
+  Permissions.USE,
+  Permissions.UPDATE,
+]);
+const checkMemoryOptOut = generateCheckAccess(PermissionTypes.MEMORIES, [
+  Permissions.USE,
+  Permissions.OPT_OUT,
+]);
 
 router.use(requireJwtAuth);
 
@@ -172,68 +166,40 @@ router.patch('/preferences', checkMemoryOptOut, async (req, res) => {
 /**
  * PATCH /memories/:key
  * Updates the value of an existing memory entry for the authenticated user.
- * Body: { key?: string, value: string }
+ * Body: { value: string }
  * Returns 200 and { updated: true, memory: <updatedDoc> } when successful.
  */
 router.patch('/:key', checkMemoryUpdate, async (req, res) => {
-  const { key: urlKey } = req.params;
-  const { key: bodyKey, value } = req.body || {};
+  const { key } = req.params;
+  const { value } = req.body || {};
 
   if (typeof value !== 'string' || value.trim() === '') {
     return res.status(400).json({ error: 'Value is required and must be a non-empty string.' });
   }
 
-  // Use the key from the body if provided, otherwise use the key from the URL
-  const newKey = bodyKey || urlKey;
-
   try {
     const tokenCount = Tokenizer.getTokenCount(value, 'o200k_base');
 
     const memories = await getAllUserMemories(req.user.id);
-    const existingMemory = memories.find((m) => m.key === urlKey);
+    const existingMemory = memories.find((m) => m.key === key);
 
     if (!existingMemory) {
       return res.status(404).json({ error: 'Memory not found.' });
     }
 
-    // If the key is changing, we need to handle it specially
-    if (newKey !== urlKey) {
-      const keyExists = memories.find((m) => m.key === newKey);
-      if (keyExists) {
-        return res.status(409).json({ error: 'Memory with this key already exists.' });
-      }
+    const result = await setMemory({
+      userId: req.user.id,
+      key,
+      value,
+      tokenCount,
+    });
 
-      const createResult = await createMemory({
-        userId: req.user.id,
-        key: newKey,
-        value,
-        tokenCount,
-      });
-
-      if (!createResult.ok) {
-        return res.status(500).json({ error: 'Failed to create new memory.' });
-      }
-
-      const deleteResult = await deleteMemory({ userId: req.user.id, key: urlKey });
-      if (!deleteResult.ok) {
-        return res.status(500).json({ error: 'Failed to delete old memory.' });
-      }
-    } else {
-      // Key is not changing, just update the value
-      const result = await setMemory({
-        userId: req.user.id,
-        key: newKey,
-        value,
-        tokenCount,
-      });
-
-      if (!result.ok) {
-        return res.status(500).json({ error: 'Failed to update memory.' });
-      }
+    if (!result.ok) {
+      return res.status(500).json({ error: 'Failed to update memory.' });
     }
 
     const updatedMemories = await getAllUserMemories(req.user.id);
-    const updatedMemory = updatedMemories.find((m) => m.key === newKey);
+    const updatedMemory = updatedMemories.find((m) => m.key === key);
 
     res.json({ updated: true, memory: updatedMemory });
   } catch (error) {

api/server/routes/messages.js

@@ -235,13 +235,12 @@ router.put('/:conversationId/:messageId', validateMessageReq, async (req, res) =
       return res.status(400).json({ error: 'Content part not found' });
     }
 
-    const currentPartType = updatedContent[index].type;
-    if (currentPartType !== ContentTypes.TEXT && currentPartType !== ContentTypes.THINK) {
+    if (updatedContent[index].type !== ContentTypes.TEXT) {
       return res.status(400).json({ error: 'Cannot update non-text content' });
     }
 
-    const oldText = updatedContent[index][currentPartType];
-    updatedContent[index] = { type: currentPartType, [currentPartType]: text };
+    const oldText = updatedContent[index].text;
+    updatedContent[index] = { type: ContentTypes.TEXT, text };
 
     let tokenCount = message.tokenCount;
     if (tokenCount !== undefined) {

api/server/routes/prompts.js

@@ -1,7 +1,5 @@
 const express = require('express');
-const { logger } = require('@librechat/data-schemas');
-const { generateCheckAccess } = require('@librechat/api');
-const { Permissions, SystemRoles, PermissionTypes } = require('librechat-data-provider');
+const { PermissionTypes, Permissions, SystemRoles } = require('librechat-data-provider');
 const {
   getPrompt,
   getPrompts,
@@ -17,31 +15,23 @@ const {
   makePromptProduction,
 } = require('~/models/Prompt');
 const { requireJwtAuth, generateCheckAccess } = require('~/server/middleware');
-const { getUserById, updateUser } = require('~/models');
-const { getRoleByName } = require('~/models/Role');
 const { logger } = require('~/config');
 
 const router = express.Router();
 
-const checkPromptAccess = generateCheckAccess({
-  permissionType: PermissionTypes.PROMPTS,
-  permissions: [Permissions.USE],
-  getRoleByName,
-});
-const checkPromptCreate = generateCheckAccess({
-  permissionType: PermissionTypes.PROMPTS,
-  permissions: [Permissions.USE, Permissions.CREATE],
-  getRoleByName,
-});
+const checkPromptAccess = generateCheckAccess(PermissionTypes.PROMPTS, [Permissions.USE]);
+const checkPromptCreate = generateCheckAccess(PermissionTypes.PROMPTS, [
+  Permissions.USE,
+  Permissions.CREATE,
+]);
 
-const checkGlobalPromptShare = generateCheckAccess({
-  permissionType: PermissionTypes.PROMPTS,
-  permissions: [Permissions.USE, Permissions.CREATE],
-  bodyProps: {
+const checkGlobalPromptShare = generateCheckAccess(
+  PermissionTypes.PROMPTS,
+  [Permissions.USE, Permissions.CREATE],
+  {
     [Permissions.SHARED_GLOBAL]: ['projectIds', 'removeProjectIds'],
   },
-  getRoleByName,
-});
+);
 
 router.use(requireJwtAuth);
 router.use(checkPromptAccess);
@@ -183,28 +173,6 @@ router.patch('/:promptId/tags/production', checkPromptCreate, async (req, res) =
   }
 });
 
-/**
- * Route to get user's prompt preferences (favorites and rankings)
- * GET /preferences
- */
-router.get('/preferences', async (req, res) => {
-  try {
-    const user = await getUserById(req.user.id);
-
-    if (!user) {
-      return res.status(404).json({ message: 'User not found' });
-    }
-
-    res.json({
-      favorites: user.promptFavorites || [],
-      rankings: user.promptRanking || [],
-    });
-  } catch (error) {
-    logger.error('Error getting user preferences', error);
-    res.status(500).json({ message: 'Error getting user preferences' });
-  }
-});
-
 router.get('/:promptId', async (req, res) => {
   const { promptId } = req.params;
   const author = req.user.id;
@@ -275,79 +243,4 @@ const deletePromptGroupController = async (req, res) => {
 router.delete('/:promptId', checkPromptCreate, deletePromptController);
 router.delete('/groups/:groupId', checkPromptCreate, deletePromptGroupController);
 
-/**
- * Route to toggle favorite status for a prompt group
- * POST /favorites/:groupId
- */
-router.post('/favorites/:groupId', async (req, res) => {
-  try {
-    const { groupId } = req.params;
-
-    const user = await getUserById(req.user.id);
-
-    if (!user) {
-      return res.status(404).json({ message: 'User not found' });
-    }
-
-    const favorites = user.promptFavorites || [];
-    const isFavorite = favorites.some((id) => id.toString() === groupId.toString());
-
-    let updatedFavorites;
-    if (isFavorite) {
-      updatedFavorites = favorites.filter((id) => id.toString() !== groupId.toString());
-    } else {
-      updatedFavorites = [...favorites, groupId];
-    }
-
-    await updateUser(req.user.id, { promptFavorites: updatedFavorites });
-
-    const response = {
-      promptGroupId: groupId,
-      isFavorite: !isFavorite,
-    };
-
-    res.json(response);
-  } catch (error) {
-    logger.error('Error toggling favorite status', error);
-    res.status(500).json({ message: 'Error updating favorite status' });
-  }
-});
-
-/**
- * Route to update prompt group rankings
- * PUT /rankings
- */
-router.put('/rankings', async (req, res) => {
-  try {
-    const { rankings } = req.body;
-
-    if (!Array.isArray(rankings)) {
-      return res.status(400).json({ message: 'Rankings must be an array' });
-    }
-
-    const user = await getUserById(req.user.id);
-
-    if (!user) {
-      return res.status(404).json({ message: 'User not found' });
-    }
-
-    const promptRanking = rankings
-      .filter(({ promptGroupId, order }) => promptGroupId && !isNaN(parseInt(order, 10)))
-      .map(({ promptGroupId, order }) => ({
-        promptGroupId,
-        order: parseInt(order, 10),
-      }));
-
-    const updatedUser = await updateUser(req.user.id, { promptRanking });
-
-    res.json({
-      message: 'Rankings updated successfully',
-      rankings: updatedUser?.promptRanking || [],
-    });
-  } catch (error) {
-    logger.error('Error updating rankings', error);
-    res.status(500).json({ message: 'Error updating rankings' });
-  }
-});
-
 module.exports = router;

api/server/routes/tags.js

@@ -1,24 +1,18 @@
 const express = require('express');
-const { logger } = require('@librechat/data-schemas');
-const { generateCheckAccess } = require('@librechat/api');
 const { PermissionTypes, Permissions } = require('librechat-data-provider');
 const {
-  updateTagsForConversation,
+  getConversationTags,
   updateConversationTag,
   createConversationTag,
   deleteConversationTag,
-  getConversationTags,
+  updateTagsForConversation,
 } = require('~/models/ConversationTag');
-const { requireJwtAuth } = require('~/server/middleware');
-const { getRoleByName } = require('~/models/Role');
+const { requireJwtAuth, generateCheckAccess } = require('~/server/middleware');
+const { logger } = require('~/config');
 
 const router = express.Router();
 
-const checkBookmarkAccess = generateCheckAccess({
-  permissionType: PermissionTypes.BOOKMARKS,
-  permissions: [Permissions.USE],
-  getRoleByName,
-});
+const checkBookmarkAccess = generateCheckAccess(PermissionTypes.BOOKMARKS, [Permissions.USE]);
 
 router.use(requireJwtAuth);
 router.use(checkBookmarkAccess);

api/server/services/AppService.spec.js

@@ -152,14 +152,12 @@ describe('AppService', () => {
       filteredTools: undefined,
       includedTools: undefined,
       webSearch: {
-        safeSearch: 1,
-        jinaApiKey: '${JINA_API_KEY}',
         cohereApiKey: '${COHERE_API_KEY}',
-        serperApiKey: '${SERPER_API_KEY}',
-        searxngApiKey: '${SEARXNG_API_KEY}',
         firecrawlApiKey: '${FIRECRAWL_API_KEY}',
         firecrawlApiUrl: '${FIRECRAWL_API_URL}',
-        searxngInstanceUrl: '${SEARXNG_INSTANCE_URL}',
+        jinaApiKey: '${JINA_API_KEY}',
+        safeSearch: 1,
+        serperApiKey: '${SERPER_API_KEY}',
       },
       memory: undefined,
       agents: {

api/server/services/AssistantService.js

@@ -1,7 +1,4 @@
 const { klona } = require('klona');
-const { sleep } = require('@librechat/agents');
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const {
   StepTypes,
   RunStatus,
@@ -14,10 +11,11 @@ const {
 } = require('librechat-data-provider');
 const { retrieveAndProcessFile } = require('~/server/services/Files/process');
 const { processRequiredActions } = require('~/server/services/ToolService');
+const { createOnProgress, sendMessage, sleep } = require('~/server/utils');
 const { RunManager, waitForRun } = require('~/server/services/Runs');
 const { processMessages } = require('~/server/services/Threads');
-const { createOnProgress } = require('~/server/utils');
 const { TextStream } = require('~/app/clients');
+const { logger } = require('~/config');
 
 /**
  * Sorts, processes, and flattens messages to a single string.
@@ -66,7 +64,7 @@ async function createOnTextProgress({
     };
 
     logger.debug('Content data:', contentData);
-    sendEvent(openai.res, contentData);
+    sendMessage(openai.res, contentData);
   };
 }
 

api/server/services/AuthService.js

@@ -1,5 +1,4 @@
 const bcrypt = require('bcryptjs');
-const jwt = require('jsonwebtoken');
 const { webcrypto } = require('node:crypto');
 const { isEnabled } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
@@ -500,18 +499,6 @@ const resendVerificationEmail = async (req) => {
     };
   }
 };
-/**
- * Generate a short-lived JWT token
- * @param {String} userId - The ID of the user
- * @param {String} [expireIn='5m'] - The expiration time for the token (default is 5 minutes)
- * @returns {String} - The generated JWT token
- */
-const generateShortLivedToken = (userId, expireIn = '5m') => {
-  return jwt.sign({ id: userId }, process.env.JWT_SECRET, {
-    expiresIn: expireIn,
-    algorithm: 'HS256',
-  });
-};
 
 module.exports = {
   logoutUser,
@@ -519,8 +506,7 @@ module.exports = {
   registerUser,
   setAuthTokens,
   resetPassword,
-  setOpenIDAuthTokens,
   requestPasswordReset,
   resendVerificationEmail,
-  generateShortLivedToken,
+  setOpenIDAuthTokens,
 };

api/server/services/Config/EndpointService.js

@@ -1,6 +1,5 @@
-const { isUserProvided } = require('@librechat/api');
 const { EModelEndpoint } = require('librechat-data-provider');
-const { generateConfig } = require('~/server/utils/handleText');
+const { isUserProvided, generateConfig } = require('~/server/utils');
 
 const {
   OPENAI_API_KEY: openAIApiKey,

api/server/services/Config/getEndpointsConfig.js

@@ -1,10 +1,4 @@
-const {
-  CacheKeys,
-  EModelEndpoint,
-  isAgentsEndpoint,
-  orderEndpointsConfig,
-  defaultAgentCapabilities,
-} = require('librechat-data-provider');
+const { CacheKeys, EModelEndpoint, orderEndpointsConfig } = require('librechat-data-provider');
 const loadDefaultEndpointsConfig = require('./loadDefaultEConfig');
 const loadConfigEndpoints = require('./loadConfigEndpoints');
 const getLogStores = require('~/cache/getLogStores');
@@ -86,12 +80,8 @@ async function getEndpointsConfig(req) {
  * @returns {Promise<boolean>}
  */
 const checkCapability = async (req, capability) => {
-  const isAgents = isAgentsEndpoint(req.body?.original_endpoint || req.body?.endpoint);
   const endpointsConfig = await getEndpointsConfig(req);
-  const capabilities =
-    isAgents || endpointsConfig?.[EModelEndpoint.agents]?.capabilities != null
-      ? (endpointsConfig?.[EModelEndpoint.agents]?.capabilities ?? [])
-      : defaultAgentCapabilities;
+  const capabilities = endpointsConfig?.[EModelEndpoint.agents]?.capabilities ?? [];
   return capabilities.includes(capability);
 };
 

api/server/services/Config/loadAsyncEndpoints.js

@@ -1,7 +1,5 @@
-const path = require('path');
-const { logger } = require('@librechat/data-schemas');
-const { loadServiceKey, isUserProvided } = require('@librechat/api');
 const { EModelEndpoint } = require('librechat-data-provider');
+const { isUserProvided } = require('~/server/utils');
 const { config } = require('./EndpointService');
 
 const { openAIApiKey, azureOpenAIApiKey, useAzurePlugins, userProvidedOpenAI, googleKey } = config;
@@ -11,41 +9,37 @@ const { openAIApiKey, azureOpenAIApiKey, useAzurePlugins, userProvidedOpenAI, go
  * @param {Express.Request} req - The request object
  */
 async function loadAsyncEndpoints(req) {
+  let i = 0;
   let serviceKey, googleUserProvides;
-
-  /** Check if GOOGLE_KEY is provided at all(including 'user_provided') */
-  const isGoogleKeyProvided = googleKey && googleKey.trim() !== '';
-
-  if (isGoogleKeyProvided) {
-    /** If GOOGLE_KEY is provided, check if it's user_provided */
-    googleUserProvides = isUserProvided(googleKey);
-  } else {
-    /** Only attempt to load service key if GOOGLE_KEY is not provided */
-    const serviceKeyPath =
-      process.env.GOOGLE_SERVICE_KEY_FILE || path.join(__dirname, '../../..', 'data', 'auth.json');
-
-    try {
-      serviceKey = await loadServiceKey(serviceKeyPath);
-    } catch (error) {
-      logger.error('Error loading service key', error);
-      serviceKey = null;
+  try {
+    serviceKey = require('~/data/auth.json');
+  } catch (e) {
+    if (i === 0) {
+      i++;
     }
   }
 
-  const google = serviceKey || isGoogleKeyProvided ? { userProvide: googleUserProvides } : false;
+  if (isUserProvided(googleKey)) {
+    googleUserProvides = true;
+    if (i <= 1) {
+      i++;
+    }
+  }
+
+  const google = serviceKey || googleKey ? { userProvide: googleUserProvides } : false;
 
   const useAzure = req.app.locals[EModelEndpoint.azureOpenAI]?.plugins;
   const gptPlugins =
     useAzure || openAIApiKey || azureOpenAIApiKey
       ? {
-          availableAgents: ['classic', 'functions'],
-          userProvide: useAzure ? false : userProvidedOpenAI,
-          userProvideURL: useAzure
-            ? false
-            : config[EModelEndpoint.openAI]?.userProvideURL ||
+        availableAgents: ['classic', 'functions'],
+        userProvide: useAzure ? false : userProvidedOpenAI,
+        userProvideURL: useAzure
+          ? false
+          : config[EModelEndpoint.openAI]?.userProvideURL ||
               config[EModelEndpoint.azureOpenAI]?.userProvideURL,
-          azure: useAzurePlugins || useAzure,
-        }
+        azure: useAzurePlugins || useAzure,
+      }
       : false;
 
   return { google, gptPlugins };

api/server/services/Config/loadCustomConfig.js

@@ -1,18 +1,18 @@
 const path = require('path');
-const axios = require('axios');
-const yaml = require('js-yaml');
-const keyBy = require('lodash/keyBy');
-const { loadYaml } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const {
   CacheKeys,
   configSchema,
-  paramSettings,
   EImageOutputType,
-  agentParamSettings,
   validateSettingDefinitions,
+  agentParamSettings,
+  paramSettings,
 } = require('librechat-data-provider');
 const getLogStores = require('~/cache/getLogStores');
+const loadYaml = require('~/utils/loadYaml');
+const { logger } = require('~/config');
+const axios = require('axios');
+const yaml = require('js-yaml');
+const keyBy = require('lodash/keyBy');
 
 const projectRoot = path.resolve(__dirname, '..', '..', '..', '..');
 const defaultConfigPath = path.resolve(projectRoot, 'librechat.yaml');

api/server/services/Config/loadCustomConfig.spec.js

@@ -1,9 +1,6 @@
 jest.mock('axios');
 jest.mock('~/cache/getLogStores');
-jest.mock('@librechat/api', () => ({
-  ...jest.requireActual('@librechat/api'),
-  loadYaml: jest.fn(),
-}));
+jest.mock('~/utils/loadYaml');
 jest.mock('librechat-data-provider', () => {
   const actual = jest.requireActual('librechat-data-provider');
   return {
@@ -33,22 +30,11 @@ jest.mock('librechat-data-provider', () => {
   };
 });
 
-jest.mock('@librechat/data-schemas', () => {
-  return {
-    logger: {
-      info: jest.fn(),
-      warn: jest.fn(),
-      debug: jest.fn(),
-      error: jest.fn(),
-    },
-  };
-});
-
 const axios = require('axios');
-const { loadYaml } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const loadCustomConfig = require('./loadCustomConfig');
 const getLogStores = require('~/cache/getLogStores');
+const loadYaml = require('~/utils/loadYaml');
+const { logger } = require('~/config');
 
 describe('loadCustomConfig', () => {
   const mockSet = jest.fn();

api/server/services/Endpoints/agents/agent.js

@@ -85,7 +85,7 @@ const initializeAgent = async ({
   });
 
   const provider = agent.provider;
-  const { tools: structuredTools, toolContextMap } =
+  const { tools, toolContextMap } =
     (await loadTools?.({
       req,
       res,
@@ -140,24 +140,6 @@ const initializeAgent = async ({
     agent.provider = options.provider;
   }
 
-  /** @type {import('@librechat/agents').GenericTool[]} */
-  let tools = options.tools?.length ? options.tools : structuredTools;
-  if (
-    (agent.provider === Providers.GOOGLE || agent.provider === Providers.VERTEXAI) &&
-    options.tools?.length &&
-    structuredTools?.length
-  ) {
-    throw new Error(`{ "type": "${ErrorTypes.GOOGLE_TOOL_CONFLICT}"}`);
-  } else if (
-    (agent.provider === Providers.OPENAI ||
-      agent.provider === Providers.AZURE ||
-      agent.provider === Providers.ANTHROPIC) &&
-    options.tools?.length &&
-    structuredTools?.length
-  ) {
-    tools = structuredTools.concat(options.tools);
-  }
-
   /** @type {import('@librechat/agents').ClientOptions} */
   agent.model_parameters = { ...options.llmConfig };
   if (options.configOptions) {
@@ -180,10 +162,10 @@ const initializeAgent = async ({
 
   return {
     ...agent,
+    tools,
     attachments,
     resendFiles,
     toolContextMap,
-    tools,
     maxContextTokens: (agentMaxContextTokens - maxTokens) * 0.9,
   };
 };

api/server/services/Endpoints/anthropic/llm.js

@@ -78,17 +78,7 @@ function getLLMConfig(apiKey, options = {}) {
     requestOptions.anthropicApiUrl = options.reverseProxyUrl;
   }
 
-  const tools = [];
-
-  if (mergedOptions.web_search) {
-    tools.push({
-      type: 'web_search_20250305',
-      name: 'web_search',
-    });
-  }
-
   return {
-    tools,
     /** @type {AnthropicClientOptions} */
     llmConfig: removeNullishValues(requestOptions),
   };

api/server/services/Endpoints/custom/initialize.spec.js

@@ -1,93 +0,0 @@
-const initializeClient = require('./initialize');
-
-jest.mock('@librechat/api', () => ({
-  resolveHeaders: jest.fn(),
-  getOpenAIConfig: jest.fn(),
-  createHandleLLMNewToken: jest.fn(),
-}));
-
-jest.mock('librechat-data-provider', () => ({
-  CacheKeys: { TOKEN_CONFIG: 'token_config' },
-  ErrorTypes: { NO_USER_KEY: 'NO_USER_KEY', NO_BASE_URL: 'NO_BASE_URL' },
-  envVarRegex: /\$\{([^}]+)\}/,
-  FetchTokenConfig: {},
-  extractEnvVariable: jest.fn((value) => value),
-}));
-
-jest.mock('@librechat/agents', () => ({
-  Providers: { OLLAMA: 'ollama' },
-}));
-
-jest.mock('~/server/services/UserService', () => ({
-  getUserKeyValues: jest.fn(),
-  checkUserKeyExpiry: jest.fn(),
-}));
-
-jest.mock('~/server/services/Config', () => ({
-  getCustomEndpointConfig: jest.fn().mockResolvedValue({
-    apiKey: 'test-key',
-    baseURL: 'https://test.com',
-    headers: { 'x-user': '{{LIBRECHAT_USER_ID}}', 'x-email': '{{LIBRECHAT_USER_EMAIL}}' },
-    models: { default: ['test-model'] },
-  }),
-}));
-
-jest.mock('~/server/services/ModelService', () => ({
-  fetchModels: jest.fn(),
-}));
-
-jest.mock('~/app/clients/OpenAIClient', () => {
-  return jest.fn().mockImplementation(() => ({
-    options: {},
-  }));
-});
-
-jest.mock('~/server/utils', () => ({
-  isUserProvided: jest.fn().mockReturnValue(false),
-}));
-
-jest.mock('~/cache/getLogStores', () =>
-  jest.fn().mockReturnValue({
-    get: jest.fn(),
-  }),
-);
-
-describe('custom/initializeClient', () => {
-  const mockRequest = {
-    body: { endpoint: 'test-endpoint' },
-    user: { id: 'user-123', email: 'test@example.com' },
-    app: { locals: {} },
-  };
-  const mockResponse = {};
-
-  beforeEach(() => {
-    jest.clearAllMocks();
-  });
-
-  it('calls resolveHeaders with headers and user', async () => {
-    const { resolveHeaders } = require('@librechat/api');
-    await initializeClient({ req: mockRequest, res: mockResponse, optionsOnly: true });
-    expect(resolveHeaders).toHaveBeenCalledWith(
-      { 'x-user': '{{LIBRECHAT_USER_ID}}', 'x-email': '{{LIBRECHAT_USER_EMAIL}}' },
-      { id: 'user-123', email: 'test@example.com' },
-    );
-  });
-
-  it('throws if endpoint config is missing', async () => {
-    const { getCustomEndpointConfig } = require('~/server/services/Config');
-    getCustomEndpointConfig.mockResolvedValueOnce(null);
-    await expect(
-      initializeClient({ req: mockRequest, res: mockResponse, optionsOnly: true }),
-    ).rejects.toThrow('Config not found for the test-endpoint custom endpoint.');
-  });
-
-  it('throws if user is missing', async () => {
-    await expect(
-      initializeClient({
-        req: { ...mockRequest, user: undefined },
-        res: mockResponse,
-        optionsOnly: true,
-      }),
-    ).rejects.toThrow("Cannot read properties of undefined (reading 'id')");
-  });
-});

api/server/services/Endpoints/google/initialize.js

@@ -1,7 +1,7 @@
-const path = require('path');
 const { EModelEndpoint, AuthKeys } = require('librechat-data-provider');
-const { getGoogleConfig, isEnabled, loadServiceKey } = require('@librechat/api');
 const { getUserKey, checkUserKeyExpiry } = require('~/server/services/UserService');
+const { getLLMConfig } = require('~/server/services/Endpoints/google/llm');
+const { isEnabled } = require('~/server/utils');
 const { GoogleClient } = require('~/app');
 
 const initializeClient = async ({ req, res, endpointOption, overrideModel, optionsOnly }) => {
@@ -16,25 +16,10 @@ const initializeClient = async ({ req, res, endpointOption, overrideModel, optio
   }
 
   let serviceKey = {};
-
-  /** Check if GOOGLE_KEY is provided at all (including 'user_provided') */
-  const isGoogleKeyProvided =
-    (GOOGLE_KEY && GOOGLE_KEY.trim() !== '') || (isUserProvided && userKey != null);
-
-  if (!isGoogleKeyProvided) {
-    /** Only attempt to load service key if GOOGLE_KEY is not provided */
-    try {
-      const serviceKeyPath =
-        process.env.GOOGLE_SERVICE_KEY_FILE ||
-        path.join(__dirname, '../../../..', 'data', 'auth.json');
-      serviceKey = await loadServiceKey(serviceKeyPath);
-      if (!serviceKey) {
-        serviceKey = {};
-      }
-    } catch (_e) {
-      // Service key loading failed, but that's okay if not required
-      serviceKey = {};
-    }
+  try {
+    serviceKey = require('~/data/auth.json');
+  } catch (_e) {
+    // Do nothing
   }
 
   const credentials = isUserProvided
@@ -80,7 +65,7 @@ const initializeClient = async ({ req, res, endpointOption, overrideModel, optio
     if (overrideModel) {
       clientOptions.modelOptions.model = overrideModel;
     }
-    return getGoogleConfig(credentials, clientOptions);
+    return getLLMConfig(credentials, clientOptions);
   }
 
   const client = new GoogleClient(credentials, clientOptions);

api/server/services/Endpoints/google/llm.js

@@ -1,16 +1,13 @@
-import { Providers } from '@librechat/agents';
-import { googleSettings, AuthKeys } from 'librechat-data-provider';
-import type { GoogleClientOptions, VertexAIClientOptions } from '@librechat/agents';
-import type { GoogleAIToolType } from '@langchain/google-common';
-import type * as t from '~/types';
-import { isEnabled } from '~/utils';
+const { Providers } = require('@librechat/agents');
+const { AuthKeys } = require('librechat-data-provider');
+const { isEnabled } = require('~/server/utils');
 
-function getThresholdMapping(model: string) {
+function getThresholdMapping(model) {
   const gemini1Pattern = /gemini-(1\.0|1\.5|pro$|1\.0-pro|1\.5-pro|1\.5-flash-001)/;
   const restrictedPattern = /(gemini-(1\.5-flash-8b|2\.0|exp)|learnlm)/;
 
   if (gemini1Pattern.test(model)) {
-    return (value: string) => {
+    return (value) => {
       if (value === 'OFF') {
         return 'BLOCK_NONE';
       }
@@ -19,7 +16,7 @@ function getThresholdMapping(model: string) {
   }
 
   if (restrictedPattern.test(model)) {
-    return (value: string) => {
+    return (value) => {
       if (value === 'OFF' || value === 'HARM_BLOCK_THRESHOLD_UNSPECIFIED') {
         return 'BLOCK_NONE';
       }
@@ -27,16 +24,19 @@ function getThresholdMapping(model: string) {
     };
   }
 
-  return (value: string) => value;
+  return (value) => value;
 }
 
-export function getSafetySettings(
-  model?: string,
-): Array<{ category: string; threshold: string }> | undefined {
+/**
+ *
+ * @param {string} model
+ * @returns {Array<{category: string, threshold: string}> | undefined}
+ */
+function getSafetySettings(model) {
   if (isEnabled(process.env.GOOGLE_EXCLUDE_SAFETY_SETTINGS)) {
     return undefined;
   }
-  const mapThreshold = getThresholdMapping(model ?? '');
+  const mapThreshold = getThresholdMapping(model);
 
   return [
     {
@@ -74,47 +74,37 @@ export function getSafetySettings(
  * Replicates core logic from GoogleClient's constructor and setOptions, plus client determination.
  * Returns an object with the provider label and the final options that would be passed to createLLM.
  *
- * @param credentials - Either a JSON string or an object containing Google keys
- * @param options - The same shape as the "GoogleClient" constructor options
+ * @param {string | object} credentials - Either a JSON string or an object containing Google keys
+ * @param {object} [options={}]         - The same shape as the "GoogleClient" constructor options
  */
 
-export function getGoogleConfig(
-  credentials: string | t.GoogleCredentials | undefined,
-  options: t.GoogleConfigOptions = {},
-) {
-  let creds: t.GoogleCredentials = {};
+function getLLMConfig(credentials, options = {}) {
+  // 1. Parse credentials
+  let creds = {};
   if (typeof credentials === 'string') {
     try {
       creds = JSON.parse(credentials);
-    } catch (err: unknown) {
-      throw new Error(
-        `Error parsing string credentials: ${err instanceof Error ? err.message : 'Unknown error'}`,
-      );
+    } catch (err) {
+      throw new Error(`Error parsing string credentials: ${err.message}`);
     }
   } else if (credentials && typeof credentials === 'object') {
     creds = credentials;
   }
 
+  // Extract from credentials
   const serviceKeyRaw = creds[AuthKeys.GOOGLE_SERVICE_KEY] ?? {};
   const serviceKey =
     typeof serviceKeyRaw === 'string' ? JSON.parse(serviceKeyRaw) : (serviceKeyRaw ?? {});
 
+  const project_id = serviceKey?.project_id ?? null;
   const apiKey = creds[AuthKeys.GOOGLE_API_KEY] ?? null;
-  const project_id = !apiKey ? (serviceKey?.project_id ?? null) : null;
 
   const reverseProxyUrl = options.reverseProxyUrl;
   const authHeader = options.authHeader;
 
-  const {
-    web_search,
-    thinking = googleSettings.thinking.default,
-    thinkingBudget = googleSettings.thinkingBudget.default,
-    ...modelOptions
-  } = options.modelOptions || {};
-
-  const llmConfig: GoogleClientOptions | VertexAIClientOptions = {
-    ...(modelOptions || {}),
-    model: modelOptions?.model ?? '',
+  /** @type {GoogleClientOptions | VertexAIClientOptions} */
+  let llmConfig = {
+    ...(options.modelOptions || {}),
     maxRetries: 2,
   };
 
@@ -130,33 +120,15 @@ export function getGoogleConfig(
   }
 
   // If we have a GCP project => Vertex AI
-  if (provider === Providers.VERTEXAI) {
-    (llmConfig as VertexAIClientOptions).authOptions = {
+  if (project_id && provider === Providers.VERTEXAI) {
+    /** @type {VertexAIClientOptions['authOptions']} */
+    llmConfig.authOptions = {
       credentials: { ...serviceKey },
       projectId: project_id,
     };
-    (llmConfig as VertexAIClientOptions).location = process.env.GOOGLE_LOC || 'us-central1';
+    llmConfig.location = process.env.GOOGLE_LOC || 'us-central1';
   } else if (apiKey && provider === Providers.GOOGLE) {
     llmConfig.apiKey = apiKey;
-  } else {
-    throw new Error(
-      `Invalid credentials provided. Please provide either a valid API key or service account credentials for Google Cloud.`,
-    );
-  }
-
-  const shouldEnableThinking =
-    thinking && thinkingBudget != null && (thinkingBudget > 0 || thinkingBudget === -1);
-
-  if (shouldEnableThinking && provider === Providers.GOOGLE) {
-    (llmConfig as GoogleClientOptions).thinkingConfig = {
-      thinkingBudget: thinking ? thinkingBudget : googleSettings.thinkingBudget.default,
-      includeThoughts: Boolean(thinking),
-    };
-  } else if (shouldEnableThinking && provider === Providers.VERTEXAI) {
-    (llmConfig as VertexAIClientOptions).thinkingBudget = thinking
-      ? thinkingBudget
-      : googleSettings.thinkingBudget.default;
-    (llmConfig as VertexAIClientOptions).includeThoughts = Boolean(thinking);
   }
 
   /*
@@ -180,28 +152,25 @@ export function getGoogleConfig(
   */
 
   if (reverseProxyUrl) {
-    (llmConfig as GoogleClientOptions).baseUrl = reverseProxyUrl;
+    llmConfig.baseUrl = reverseProxyUrl;
   }
 
   if (authHeader) {
-    (llmConfig as GoogleClientOptions).customHeaders = {
+    llmConfig.customHeaders = {
       Authorization: `Bearer ${apiKey}`,
     };
   }
 
-  const tools: GoogleAIToolType[] = [];
-
-  if (web_search) {
-    tools.push({ googleSearch: {} });
-  }
-
   // Return the final shape
   return {
-    /** @type {GoogleAIToolType[]} */
-    tools,
     /** @type {Providers.GOOGLE | Providers.VERTEXAI} */
     provider,
     /** @type {GoogleClientOptions | VertexAIClientOptions} */
     llmConfig,
   };
 }
+
+module.exports = {
+  getLLMConfig,
+  getSafetySettings,
+};

api/server/services/Endpoints/index.js

@@ -7,16 +7,6 @@ const initCustom = require('~/server/services/Endpoints/custom/initialize');
 const initGoogle = require('~/server/services/Endpoints/google/initialize');
 const { getCustomEndpointConfig } = require('~/server/services/Config');
 
-/** Check if the provider is a known custom provider
- * @param {string | undefined} [provider] - The provider string
- * @returns {boolean} - True if the provider is a known custom provider, false otherwise
- */
-function isKnownCustomProvider(provider) {
-  return [Providers.XAI, Providers.OLLAMA, Providers.DEEPSEEK, Providers.OPENROUTER].includes(
-    provider?.toLowerCase() || '',
-  );
-}
-
 const providerConfigMap = {
   [Providers.XAI]: initCustom,
   [Providers.OLLAMA]: initCustom,
@@ -56,13 +46,6 @@ async function getProviderConfig(provider) {
     overrideProvider = Providers.OPENAI;
   }
 
-  if (isKnownCustomProvider(overrideProvider || provider) && !customEndpointConfig) {
-    customEndpointConfig = await getCustomEndpointConfig(provider);
-    if (!customEndpointConfig) {
-      throw new Error(`Provider ${provider} not supported`);
-    }
-  }
-
   return {
     getOptions,
     overrideProvider,

api/server/services/Files/Local/crud.js

@@ -1,11 +1,10 @@
 const fs = require('fs');
 const path = require('path');
 const axios = require('axios');
-const { logger } = require('@librechat/data-schemas');
 const { EModelEndpoint } = require('librechat-data-provider');
-const { generateShortLivedToken } = require('~/server/services/AuthService');
 const { getBufferMetadata } = require('~/server/utils');
 const paths = require('~/config/paths');
+const { logger } = require('~/config');
 
 /**
  * Saves a file to a specified output path with a new filename.
@@ -207,7 +206,7 @@ const deleteLocalFile = async (req, file) => {
   const cleanFilepath = file.filepath.split('?')[0];
 
   if (file.embedded && process.env.RAG_API_URL) {
-    const jwtToken = generateShortLivedToken(req.user.id);
+    const jwtToken = req.headers.authorization.split(' ')[1];
     axios.delete(`${process.env.RAG_API_URL}/documents`, {
       headers: {
         Authorization: `Bearer ${jwtToken}`,

api/server/services/Files/VectorDB/crud.js

@@ -4,7 +4,6 @@ const FormData = require('form-data');
 const { logAxiosError } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
 const { FileSources } = require('librechat-data-provider');
-const { generateShortLivedToken } = require('~/server/services/AuthService');
 
 /**
  * Deletes a file from the vector database. This function takes a file object, constructs the full path, and
@@ -24,8 +23,7 @@ const deleteVectors = async (req, file) => {
     return;
   }
   try {
-    const jwtToken = generateShortLivedToken(req.user.id);
-
+    const jwtToken = req.headers.authorization.split(' ')[1];
     return await axios.delete(`${process.env.RAG_API_URL}/documents`, {
       headers: {
         Authorization: `Bearer ${jwtToken}`,
@@ -72,7 +70,7 @@ async function uploadVectors({ req, file, file_id, entity_id }) {
   }
 
   try {
-    const jwtToken = generateShortLivedToken(req.user.id);
+    const jwtToken = req.headers.authorization.split(' ')[1];
     const formData = new FormData();
     formData.append('file_id', file_id);
     formData.append('file', fs.createReadStream(file.path));

api/server/services/Files/process.js

@@ -55,9 +55,7 @@ const processFiles = async (files, fileIds) => {
   }
 
   if (!fileIds) {
-    const results = await Promise.all(promises);
-    // Filter out null results from failed updateFileUsage calls
-    return results.filter((result) => result != null);
+    return await Promise.all(promises);
   }
 
   for (let file_id of fileIds) {
@@ -69,9 +67,7 @@ const processFiles = async (files, fileIds) => {
   }
 
   // TODO: calculate token cost when image is first uploaded
-  const results = await Promise.all(promises);
-  // Filter out null results from failed updateFileUsage calls
-  return results.filter((result) => result != null);
+  return await Promise.all(promises);
 };
 
 /**

api/server/services/Files/processFiles.test.js

@@ -1,208 +0,0 @@
-// Mock the updateFileUsage function before importing the actual processFiles
-jest.mock('~/models/File', () => ({
-  updateFileUsage: jest.fn(),
-}));
-
-// Mock winston and logger configuration to avoid dependency issues
-jest.mock('~/config', () => ({
-  logger: {
-    info: jest.fn(),
-    warn: jest.fn(),
-    debug: jest.fn(),
-    error: jest.fn(),
-  },
-}));
-
-// Mock all other dependencies that might cause issues
-jest.mock('librechat-data-provider', () => ({
-  isUUID: { parse: jest.fn() },
-  megabyte: 1024 * 1024,
-  FileContext: { message_attachment: 'message_attachment' },
-  FileSources: { local: 'local' },
-  EModelEndpoint: { assistants: 'assistants' },
-  EToolResources: { file_search: 'file_search' },
-  mergeFileConfig: jest.fn(),
-  removeNullishValues: jest.fn((obj) => obj),
-  isAssistantsEndpoint: jest.fn(),
-}));
-
-jest.mock('~/server/services/Files/images', () => ({
-  convertImage: jest.fn(),
-  resizeAndConvert: jest.fn(),
-  resizeImageBuffer: jest.fn(),
-}));
-
-jest.mock('~/server/controllers/assistants/v2', () => ({
-  addResourceFileId: jest.fn(),
-  deleteResourceFileId: jest.fn(),
-}));
-
-jest.mock('~/models/Agent', () => ({
-  addAgentResourceFile: jest.fn(),
-  removeAgentResourceFiles: jest.fn(),
-}));
-
-jest.mock('~/server/controllers/assistants/helpers', () => ({
-  getOpenAIClient: jest.fn(),
-}));
-
-jest.mock('~/server/services/Tools/credentials', () => ({
-  loadAuthValues: jest.fn(),
-}));
-
-jest.mock('~/server/services/Config', () => ({
-  checkCapability: jest.fn(),
-}));
-
-jest.mock('~/server/utils/queue', () => ({
-  LB_QueueAsyncCall: jest.fn(),
-}));
-
-jest.mock('./strategies', () => ({
-  getStrategyFunctions: jest.fn(),
-}));
-
-jest.mock('~/server/utils', () => ({
-  determineFileType: jest.fn(),
-}));
-
-// Import the actual processFiles function after all mocks are set up
-const { processFiles } = require('./process');
-const { updateFileUsage } = require('~/models/File');
-
-describe('processFiles', () => {
-  beforeEach(() => {
-    jest.clearAllMocks();
-  });
-
-  describe('null filtering functionality', () => {
-    it('should filter out null results from updateFileUsage when files do not exist', async () => {
-      const mockFiles = [
-        { file_id: 'existing-file-1' },
-        { file_id: 'non-existent-file' },
-        { file_id: 'existing-file-2' },
-      ];
-
-      // Mock updateFileUsage to return null for non-existent files
-      updateFileUsage.mockImplementation(({ file_id }) => {
-        if (file_id === 'non-existent-file') {
-          return Promise.resolve(null); // Simulate file not found in the database
-        }
-        return Promise.resolve({ file_id, usage: 1 });
-      });
-
-      const result = await processFiles(mockFiles);
-
-      expect(updateFileUsage).toHaveBeenCalledTimes(3);
-      expect(result).toEqual([
-        { file_id: 'existing-file-1', usage: 1 },
-        { file_id: 'existing-file-2', usage: 1 },
-      ]);
-
-      // Critical test - ensure no null values in result
-      expect(result).not.toContain(null);
-      expect(result).not.toContain(undefined);
-      expect(result.length).toBe(2); // Only valid files should be returned
-    });
-
-    it('should return empty array when all updateFileUsage calls return null', async () => {
-      const mockFiles = [{ file_id: 'non-existent-1' }, { file_id: 'non-existent-2' }];
-
-      // All updateFileUsage calls return null
-      updateFileUsage.mockResolvedValue(null);
-
-      const result = await processFiles(mockFiles);
-
-      expect(updateFileUsage).toHaveBeenCalledTimes(2);
-      expect(result).toEqual([]);
-      expect(result).not.toContain(null);
-      expect(result.length).toBe(0);
-    });
-
-    it('should work correctly when all files exist', async () => {
-      const mockFiles = [{ file_id: 'file-1' }, { file_id: 'file-2' }];
-
-      updateFileUsage.mockImplementation(({ file_id }) => {
-        return Promise.resolve({ file_id, usage: 1 });
-      });
-
-      const result = await processFiles(mockFiles);
-
-      expect(result).toEqual([
-        { file_id: 'file-1', usage: 1 },
-        { file_id: 'file-2', usage: 1 },
-      ]);
-      expect(result).not.toContain(null);
-      expect(result.length).toBe(2);
-    });
-
-    it('should handle fileIds parameter and filter nulls correctly', async () => {
-      const mockFiles = [{ file_id: 'file-1' }];
-      const mockFileIds = ['file-2', 'non-existent-file'];
-
-      updateFileUsage.mockImplementation(({ file_id }) => {
-        if (file_id === 'non-existent-file') {
-          return Promise.resolve(null);
-        }
-        return Promise.resolve({ file_id, usage: 1 });
-      });
-
-      const result = await processFiles(mockFiles, mockFileIds);
-
-      expect(result).toEqual([
-        { file_id: 'file-1', usage: 1 },
-        { file_id: 'file-2', usage: 1 },
-      ]);
-      expect(result).not.toContain(null);
-      expect(result).not.toContain(undefined);
-      expect(result.length).toBe(2);
-    });
-
-    it('should handle duplicate file_ids correctly', async () => {
-      const mockFiles = [
-        { file_id: 'duplicate-file' },
-        { file_id: 'duplicate-file' }, // Duplicate should be ignored
-        { file_id: 'unique-file' },
-      ];
-
-      updateFileUsage.mockImplementation(({ file_id }) => {
-        return Promise.resolve({ file_id, usage: 1 });
-      });
-
-      const result = await processFiles(mockFiles);
-
-      // Should only call updateFileUsage twice (duplicate ignored)
-      expect(updateFileUsage).toHaveBeenCalledTimes(2);
-      expect(result).toEqual([
-        { file_id: 'duplicate-file', usage: 1 },
-        { file_id: 'unique-file', usage: 1 },
-      ]);
-      expect(result.length).toBe(2);
-    });
-  });
-
-  describe('edge cases', () => {
-    it('should handle empty files array', async () => {
-      const result = await processFiles([]);
-      expect(result).toEqual([]);
-      expect(updateFileUsage).not.toHaveBeenCalled();
-    });
-
-    it('should handle mixed null and undefined returns from updateFileUsage', async () => {
-      const mockFiles = [{ file_id: 'file-1' }, { file_id: 'file-2' }, { file_id: 'file-3' }];
-
-      updateFileUsage.mockImplementation(({ file_id }) => {
-        if (file_id === 'file-1') return Promise.resolve(null);
-        if (file_id === 'file-2') return Promise.resolve(undefined);
-        return Promise.resolve({ file_id, usage: 1 });
-      });
-
-      const result = await processFiles(mockFiles);
-
-      expect(result).toEqual([{ file_id: 'file-3', usage: 1 }]);
-      expect(result).not.toContain(null);
-      expect(result).not.toContain(undefined);
-      expect(result.length).toBe(1);
-    });
-  });
-});

api/server/services/Files/strategies.js

@@ -1,9 +1,5 @@
 const { FileSources } = require('librechat-data-provider');
-const {
-  uploadMistralOCR,
-  uploadAzureMistralOCR,
-  uploadGoogleVertexMistralOCR,
-} = require('@librechat/api');
+const { uploadMistralOCR, uploadAzureMistralOCR } = require('@librechat/api');
 const {
   getFirebaseURL,
   prepareImageURL,
@@ -226,26 +222,6 @@ const azureMistralOCRStrategy = () => ({
   handleFileUpload: uploadAzureMistralOCR,
 });
 
-const vertexMistralOCRStrategy = () => ({
-  /** @type {typeof saveFileFromURL | null} */
-  saveURL: null,
-  /** @type {typeof getLocalFileURL | null} */
-  getFileURL: null,
-  /** @type {typeof saveLocalBuffer | null} */
-  saveBuffer: null,
-  /** @type {typeof processLocalAvatar | null} */
-  processAvatar: null,
-  /** @type {typeof uploadLocalImage | null} */
-  handleImageUpload: null,
-  /** @type {typeof prepareImagesLocal | null} */
-  prepareImagePayload: null,
-  /** @type {typeof deleteLocalFile | null} */
-  deleteFile: null,
-  /** @type {typeof getLocalFileStream | null} */
-  getDownloadStream: null,
-  handleFileUpload: uploadGoogleVertexMistralOCR,
-});
-
 // Strategy Selector
 const getStrategyFunctions = (fileSource) => {
   if (fileSource === FileSources.firebase) {
@@ -268,8 +244,6 @@ const getStrategyFunctions = (fileSource) => {
     return mistralOCRStrategy();
   } else if (fileSource === FileSources.azure_mistral_ocr) {
     return azureMistralOCRStrategy();
-  } else if (fileSource === FileSources.vertexai_mistral_ocr) {
-    return vertexMistralOCRStrategy();
   } else {
     throw new Error('Invalid file source');
   }

api/server/services/Runs/StreamRunManager.js

@@ -1,6 +1,3 @@
-const { sleep } = require('@librechat/agents');
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const {
   Constants,
   StepTypes,
@@ -11,8 +8,9 @@ const {
 } = require('librechat-data-provider');
 const { retrieveAndProcessFile } = require('~/server/services/Files/process');
 const { processRequiredActions } = require('~/server/services/ToolService');
+const { createOnProgress, sendMessage, sleep } = require('~/server/utils');
 const { processMessages } = require('~/server/services/Threads');
-const { createOnProgress } = require('~/server/utils');
+const { logger } = require('~/config');
 
 /**
  * Implements the StreamRunManager functionality for managing the streaming
@@ -128,7 +126,7 @@ class StreamRunManager {
       conversationId: this.finalMessage.conversationId,
     };
 
-    sendEvent(this.res, contentData);
+    sendMessage(this.res, contentData);
   }
 
   /* <------------------ Misc. Helpers ------------------> */
@@ -304,7 +302,7 @@ class StreamRunManager {
 
           for (const d of delta[key]) {
             if (typeof d === 'object' && !Object.prototype.hasOwnProperty.call(d, 'index')) {
-              logger.warn("Expected an object with an 'index' for array updates but got:", d);
+              logger.warn('Expected an object with an \'index\' for array updates but got:', d);
               continue;
             }
 

api/server/utils/handleText.js

@@ -7,9 +7,9 @@ const {
   defaultAssistantsVersion,
   defaultAgentCapabilities,
 } = require('librechat-data-provider');
-const { sendEvent } = require('@librechat/api');
 const { Providers } = require('@librechat/agents');
 const partialRight = require('lodash/partialRight');
+const { sendMessage } = require('./streamResponse');
 
 /** Helper function to escape special characters in regex
  * @param {string} string - The string to escape.
@@ -37,7 +37,7 @@ const createOnProgress = (
     basePayload.text = basePayload.text + chunk;
 
     const payload = Object.assign({}, basePayload, rest);
-    sendEvent(res, payload);
+    sendMessage(res, payload);
     if (_onProgress) {
       _onProgress(payload);
     }
@@ -50,7 +50,7 @@ const createOnProgress = (
   const sendIntermediateMessage = (res, payload, extraTokens = '') => {
     basePayload.text = basePayload.text + extraTokens;
     const message = Object.assign({}, basePayload, payload);
-    sendEvent(res, message);
+    sendMessage(res, message);
     if (i === 0) {
       basePayload.initial = false;
     }

api/server/utils/import/importers-timestamp.spec.js

@@ -1,280 +0,0 @@
-const { Constants } = require('librechat-data-provider');
-const { ImportBatchBuilder } = require('./importBatchBuilder');
-const { getImporter } = require('./importers');
-
-// Mock the database methods
-jest.mock('~/models/Conversation', () => ({
-  bulkSaveConvos: jest.fn(),
-}));
-jest.mock('~/models/Message', () => ({
-  bulkSaveMessages: jest.fn(),
-}));
-jest.mock('~/cache/getLogStores');
-const getLogStores = require('~/cache/getLogStores');
-const mockedCacheGet = jest.fn();
-getLogStores.mockImplementation(() => ({
-  get: mockedCacheGet,
-}));
-
-describe('Import Timestamp Ordering', () => {
-  beforeEach(() => {
-    jest.clearAllMocks();
-    mockedCacheGet.mockResolvedValue(null);
-  });
-
-  describe('LibreChat Import - Timestamp Issues', () => {
-    test('should maintain proper timestamp order between parent and child messages', async () => {
-      // Create a LibreChat export with out-of-order timestamps
-      const jsonData = {
-        conversationId: 'test-convo-123',
-        title: 'Test Conversation',
-        messages: [
-          {
-            messageId: 'parent-1',
-            parentMessageId: Constants.NO_PARENT,
-            text: 'Parent Message',
-            sender: 'user',
-            isCreatedByUser: true,
-            createdAt: '2023-01-01T00:02:00Z', // Parent created AFTER child
-          },
-          {
-            messageId: 'child-1',
-            parentMessageId: 'parent-1',
-            text: 'Child Message',
-            sender: 'assistant',
-            isCreatedByUser: false,
-            createdAt: '2023-01-01T00:01:00Z', // Child created BEFORE parent
-          },
-          {
-            messageId: 'grandchild-1',
-            parentMessageId: 'child-1',
-            text: 'Grandchild Message',
-            sender: 'user',
-            isCreatedByUser: true,
-            createdAt: '2023-01-01T00:00:30Z', // Even earlier
-          },
-        ],
-      };
-
-      const requestUserId = 'user-123';
-      const importBatchBuilder = new ImportBatchBuilder(requestUserId);
-      jest.spyOn(importBatchBuilder, 'saveMessage');
-
-      const importer = getImporter(jsonData);
-      await importer(jsonData, requestUserId, () => importBatchBuilder);
-
-      // Check the actual messages stored in the builder
-      const savedMessages = importBatchBuilder.messages;
-
-      const parent = savedMessages.find((msg) => msg.text === 'Parent Message');
-      const child = savedMessages.find((msg) => msg.text === 'Child Message');
-      const grandchild = savedMessages.find((msg) => msg.text === 'Grandchild Message');
-
-      // Verify all messages were found
-      expect(parent).toBeDefined();
-      expect(child).toBeDefined();
-      expect(grandchild).toBeDefined();
-
-      // FIXED behavior: timestamps ARE corrected
-      expect(new Date(child.createdAt).getTime()).toBeGreaterThan(
-        new Date(parent.createdAt).getTime(),
-      );
-      expect(new Date(grandchild.createdAt).getTime()).toBeGreaterThan(
-        new Date(child.createdAt).getTime(),
-      );
-    });
-
-    test('should handle complex multi-branch scenario with out-of-order timestamps', async () => {
-      const jsonData = {
-        conversationId: 'complex-test-123',
-        title: 'Complex Test',
-        messages: [
-          // Branch 1: Root -> A -> B with reversed timestamps
-          {
-            messageId: 'root-1',
-            parentMessageId: Constants.NO_PARENT,
-            text: 'Root 1',
-            sender: 'user',
-            isCreatedByUser: true,
-            createdAt: '2023-01-01T00:03:00Z',
-          },
-          {
-            messageId: 'a-1',
-            parentMessageId: 'root-1',
-            text: 'A1',
-            sender: 'assistant',
-            isCreatedByUser: false,
-            createdAt: '2023-01-01T00:02:00Z', // Before parent
-          },
-          {
-            messageId: 'b-1',
-            parentMessageId: 'a-1',
-            text: 'B1',
-            sender: 'user',
-            isCreatedByUser: true,
-            createdAt: '2023-01-01T00:01:00Z', // Before grandparent
-          },
-          // Branch 2: Root -> C -> D with mixed timestamps
-          {
-            messageId: 'root-2',
-            parentMessageId: Constants.NO_PARENT,
-            text: 'Root 2',
-            sender: 'user',
-            isCreatedByUser: true,
-            createdAt: '2023-01-01T00:00:30Z', // Earlier than branch 1
-          },
-          {
-            messageId: 'c-2',
-            parentMessageId: 'root-2',
-            text: 'C2',
-            sender: 'assistant',
-            isCreatedByUser: false,
-            createdAt: '2023-01-01T00:04:00Z', // Much later
-          },
-          {
-            messageId: 'd-2',
-            parentMessageId: 'c-2',
-            text: 'D2',
-            sender: 'user',
-            isCreatedByUser: true,
-            createdAt: '2023-01-01T00:02:30Z', // Between root and parent
-          },
-        ],
-      };
-
-      const requestUserId = 'user-123';
-      const importBatchBuilder = new ImportBatchBuilder(requestUserId);
-      jest.spyOn(importBatchBuilder, 'saveMessage');
-
-      const importer = getImporter(jsonData);
-      await importer(jsonData, requestUserId, () => importBatchBuilder);
-
-      const savedMessages = importBatchBuilder.messages;
-
-      // Verify that timestamps are preserved as-is (not corrected)
-      const root1 = savedMessages.find((msg) => msg.text === 'Root 1');
-      const a1 = savedMessages.find((msg) => msg.text === 'A1');
-      const b1 = savedMessages.find((msg) => msg.text === 'B1');
-      const root2 = savedMessages.find((msg) => msg.text === 'Root 2');
-      const c2 = savedMessages.find((msg) => msg.text === 'C2');
-      const d2 = savedMessages.find((msg) => msg.text === 'D2');
-
-      // Branch 1: timestamps should now be in correct order
-      expect(new Date(a1.createdAt).getTime()).toBeGreaterThan(new Date(root1.createdAt).getTime());
-      expect(new Date(b1.createdAt).getTime()).toBeGreaterThan(new Date(a1.createdAt).getTime());
-
-      // Branch 2: all timestamps should be properly ordered
-      expect(new Date(c2.createdAt).getTime()).toBeGreaterThan(new Date(root2.createdAt).getTime());
-      expect(new Date(d2.createdAt).getTime()).toBeGreaterThan(new Date(c2.createdAt).getTime());
-    });
-
-    test('recursive format should NOW have timestamp protection', async () => {
-      // Create a recursive LibreChat export with out-of-order timestamps
-      const jsonData = {
-        conversationId: 'recursive-test-123',
-        title: 'Recursive Test',
-        recursive: true,
-        messages: [
-          {
-            messageId: 'parent-1',
-            parentMessageId: Constants.NO_PARENT,
-            text: 'Parent Message',
-            sender: 'User',
-            isCreatedByUser: true,
-            createdAt: '2023-01-01T00:02:00Z', // Parent created AFTER child
-            children: [
-              {
-                messageId: 'child-1',
-                parentMessageId: 'parent-1',
-                text: 'Child Message',
-                sender: 'Assistant',
-                isCreatedByUser: false,
-                createdAt: '2023-01-01T00:01:00Z', // Child created BEFORE parent
-                children: [
-                  {
-                    messageId: 'grandchild-1',
-                    parentMessageId: 'child-1',
-                    text: 'Grandchild Message',
-                    sender: 'User',
-                    isCreatedByUser: true,
-                    createdAt: '2023-01-01T00:00:30Z', // Even earlier
-                    children: [],
-                  },
-                ],
-              },
-            ],
-          },
-        ],
-      };
-
-      const requestUserId = 'user-123';
-      const importBatchBuilder = new ImportBatchBuilder(requestUserId);
-
-      const importer = getImporter(jsonData);
-      await importer(jsonData, requestUserId, () => importBatchBuilder);
-
-      const savedMessages = importBatchBuilder.messages;
-
-      // Messages should be saved
-      expect(savedMessages).toHaveLength(3);
-
-      // In recursive format, timestamps are NOT included in the saved messages
-      // The saveMessage method doesn't receive createdAt for recursive imports
-      const parent = savedMessages.find((msg) => msg.text === 'Parent Message');
-      const child = savedMessages.find((msg) => msg.text === 'Child Message');
-      const grandchild = savedMessages.find((msg) => msg.text === 'Grandchild Message');
-
-      expect(parent).toBeDefined();
-      expect(child).toBeDefined();
-      expect(grandchild).toBeDefined();
-
-      // Recursive imports NOW preserve and correct timestamps
-      expect(parent.createdAt).toBeDefined();
-      expect(child.createdAt).toBeDefined();
-      expect(grandchild.createdAt).toBeDefined();
-
-      // Timestamps should be corrected to maintain proper order
-      expect(new Date(child.createdAt).getTime()).toBeGreaterThan(
-        new Date(parent.createdAt).getTime(),
-      );
-      expect(new Date(grandchild.createdAt).getTime()).toBeGreaterThan(
-        new Date(child.createdAt).getTime(),
-      );
-    });
-  });
-
-  describe('Comparison with Fork Functionality', () => {
-    test('fork functionality correctly handles timestamp issues (for comparison)', async () => {
-      const { cloneMessagesWithTimestamps } = require('./fork');
-
-      const messagesToClone = [
-        {
-          messageId: 'parent',
-          parentMessageId: Constants.NO_PARENT,
-          text: 'Parent Message',
-          createdAt: '2023-01-01T00:02:00Z', // Parent created AFTER child
-        },
-        {
-          messageId: 'child',
-          parentMessageId: 'parent',
-          text: 'Child Message',
-          createdAt: '2023-01-01T00:01:00Z', // Child created BEFORE parent
-        },
-      ];
-
-      const importBatchBuilder = new ImportBatchBuilder('user-123');
-      jest.spyOn(importBatchBuilder, 'saveMessage');
-
-      cloneMessagesWithTimestamps(messagesToClone, importBatchBuilder);
-
-      const savedMessages = importBatchBuilder.messages;
-      const parent = savedMessages.find((msg) => msg.text === 'Parent Message');
-      const child = savedMessages.find((msg) => msg.text === 'Child Message');
-
-      // Fork functionality DOES correct the timestamps
-      expect(new Date(child.createdAt).getTime()).toBeGreaterThan(
-        new Date(parent.createdAt).getTime(),
-      );
-    });
-  });
-});

api/server/utils/import/importers.js

@@ -1,7 +1,6 @@
 const { v4: uuidv4 } = require('uuid');
 const { EModelEndpoint, Constants, openAISettings, CacheKeys } = require('librechat-data-provider');
 const { createImportBatchBuilder } = require('./importBatchBuilder');
-const { cloneMessagesWithTimestamps } = require('./fork');
 const getLogStores = require('~/cache/getLogStores');
 const logger = require('~/config/winston');
 
@@ -108,47 +107,67 @@ async function importLibreChatConvo(
 
     if (jsonData.recursive) {
       /**
-       * Flatten the recursive message tree into a flat array
+       * Recursively traverse the messages tree and save each message to the database.
        * @param {TMessage[]} messages
        * @param {string} parentMessageId
-       * @param {TMessage[]} flatMessages
        */
-      const flattenMessages = (
-        messages,
-        parentMessageId = Constants.NO_PARENT,
-        flatMessages = [],
-      ) => {
+      const traverseMessages = async (messages, parentMessageId = null) => {
         for (const message of messages) {
           if (!message.text && !message.content) {
             continue;
           }
 
-          const flatMessage = {
-            ...message,
-            parentMessageId: parentMessageId,
-            children: undefined, // Remove children from flat structure
-          };
-          flatMessages.push(flatMessage);
+          let savedMessage;
+          if (message.sender?.toLowerCase() === 'user' || message.isCreatedByUser) {
+            savedMessage = await importBatchBuilder.saveMessage({
+              text: message.text,
+              content: message.content,
+              sender: 'user',
+              isCreatedByUser: true,
+              parentMessageId: parentMessageId,
+            });
+          } else {
+            savedMessage = await importBatchBuilder.saveMessage({
+              text: message.text,
+              content: message.content,
+              sender: message.sender,
+              isCreatedByUser: false,
+              model: options.model,
+              parentMessageId: parentMessageId,
+            });
+          }
 
           if (!firstMessageDate && message.createdAt) {
             firstMessageDate = new Date(message.createdAt);
           }
 
           if (message.children && message.children.length > 0) {
-            flattenMessages(message.children, message.messageId, flatMessages);
+            await traverseMessages(message.children, savedMessage.messageId);
           }
         }
-        return flatMessages;
       };
 
-      const flatMessages = flattenMessages(messagesToImport);
-      cloneMessagesWithTimestamps(flatMessages, importBatchBuilder);
+      await traverseMessages(messagesToImport);
     } else if (messagesToImport) {
-      cloneMessagesWithTimestamps(messagesToImport, importBatchBuilder);
+      const idMapping = new Map();
+
       for (const message of messagesToImport) {
         if (!firstMessageDate && message.createdAt) {
           firstMessageDate = new Date(message.createdAt);
         }
+        const newMessageId = uuidv4();
+        idMapping.set(message.messageId, newMessageId);
+
+        const clonedMessage = {
+          ...message,
+          messageId: newMessageId,
+          parentMessageId:
+            message.parentMessageId && message.parentMessageId !== Constants.NO_PARENT
+              ? idMapping.get(message.parentMessageId) || Constants.NO_PARENT
+              : Constants.NO_PARENT,
+        };
+
+        importBatchBuilder.saveMessage(clonedMessage);
       }
     } else {
       throw new Error('Invalid LibreChat file format');

api/server/utils/import/importers.spec.js

@@ -175,60 +175,36 @@ describe('importLibreChatConvo', () => {
     jest.spyOn(importBatchBuilder, 'saveMessage');
     jest.spyOn(importBatchBuilder, 'saveBatch');
 
+    // When
     const importer = getImporter(jsonData);
     await importer(jsonData, requestUserId, () => importBatchBuilder);
 
-    // Get the imported messages
-    const messages = importBatchBuilder.messages;
-    expect(messages.length).toBeGreaterThan(0);
-
-    // Build maps for verification
-    const textToMessageMap = new Map();
-    const messageIdToMessage = new Map();
-    messages.forEach((msg) => {
-      if (msg.text) {
-        // For recursive imports, text might be very long, so just use the first 100 chars as key
-        const textKey = msg.text.substring(0, 100);
-        textToMessageMap.set(textKey, msg);
-      }
-      messageIdToMessage.set(msg.messageId, msg);
+    // Create a map to track original message IDs to new UUIDs
+    const idToUUIDMap = new Map();
+    importBatchBuilder.saveMessage.mock.calls.forEach((call) => {
+      const message = call[0];
+      idToUUIDMap.set(message.originalMessageId, message.messageId);
     });
 
-    // Count expected messages from the tree
-    const countMessagesInTree = (nodes) => {
-      let count = 0;
-      nodes.forEach((node) => {
-        if (node.text || node.content) {
-          count++;
-        }
-        if (node.children && node.children.length > 0) {
-          count += countMessagesInTree(node.children);
+    const checkChildren = (children, parentId) => {
+      children.forEach((child) => {
+        const childUUID = idToUUIDMap.get(child.messageId);
+        const expectedParentId = idToUUIDMap.get(parentId) ?? null;
+        const messageCall = importBatchBuilder.saveMessage.mock.calls.find(
+          (call) => call[0].messageId === childUUID,
+        );
+
+        const actualParentId = messageCall[0].parentMessageId;
+        expect(actualParentId).toBe(expectedParentId);
+
+        if (child.children && child.children.length > 0) {
+          checkChildren(child.children, child.messageId);
         }
       });
-      return count;
     };
 
-    const expectedMessageCount = countMessagesInTree(jsonData.messages);
-    expect(messages.length).toBe(expectedMessageCount);
-
-    // Verify all messages have valid parent relationships
-    messages.forEach((msg) => {
-      if (msg.parentMessageId !== Constants.NO_PARENT) {
-        const parent = messageIdToMessage.get(msg.parentMessageId);
-        expect(parent).toBeDefined();
-
-        // Verify timestamp ordering
-        if (msg.createdAt && parent.createdAt) {
-          expect(new Date(msg.createdAt).getTime()).toBeGreaterThanOrEqual(
-            new Date(parent.createdAt).getTime(),
-          );
-        }
-      }
-    });
-
-    // Verify at least one root message exists
-    const rootMessages = messages.filter((msg) => msg.parentMessageId === Constants.NO_PARENT);
-    expect(rootMessages.length).toBeGreaterThan(0);
+    // Start hierarchy validation from root messages
+    checkChildren(jsonData.messages, null);
 
     expect(importBatchBuilder.saveBatch).toHaveBeenCalled();
   });

api/server/utils/index.js

@@ -1,9 +1,11 @@
+const streamResponse = require('./streamResponse');
 const removePorts = require('./removePorts');
 const countTokens = require('./countTokens');
 const handleText = require('./handleText');
 const sendEmail = require('./sendEmail');
 const queue = require('./queue');
 const files = require('./files');
+const math = require('./math');
 
 /**
  * Check if email configuration is set
@@ -26,6 +28,7 @@ function checkEmailConfig() {
 }
 
 module.exports = {
+  ...streamResponse,
   checkEmailConfig,
   ...handleText,
   countTokens,
@@ -33,4 +36,5 @@ module.exports = {
   sendEmail,
   ...files,
   ...queue,
+  math,
 };

api/server/utils/math.js

@@ -5,14 +5,14 @@
  * If the input is not a string or contains invalid characters, an error is thrown.
  * If the evaluated result is not a number, an error is thrown.
  *
- * @param str - The mathematical expression to evaluate, or a number.
- * @param fallbackValue - The default value to return if the input is not a string or number, or if the evaluated result is not a number.
+ * @param {string|number} str - The mathematical expression to evaluate, or a number.
+ * @param {number} [fallbackValue] - The default value to return if the input is not a string or number, or if the evaluated result is not a number.
  *
- * @returns The result of the evaluated expression or the input number.
+ * @returns {number} The result of the evaluated expression or the input number.
  *
- * @throws Throws an error if the input is not a string or number, contains invalid characters, or does not evaluate to a number.
+ * @throws {Error} Throws an error if the input is not a string or number, contains invalid characters, or does not evaluate to a number.
  */
-export function math(str: string | number, fallbackValue?: number): number {
+function math(str, fallbackValue) {
   const fallback = typeof fallbackValue !== 'undefined' && typeof fallbackValue === 'number';
   if (typeof str !== 'string' && typeof str === 'number') {
     return str;
@@ -43,3 +43,5 @@ export function math(str: string | number, fallbackValue?: number): number {
 
   return value;
 }
+
+module.exports = math;

api/server/utils/streamResponse.js

@@ -1,9 +1,31 @@
 const crypto = require('crypto');
-const { logger } = require('@librechat/data-schemas');
 const { parseConvo } = require('librechat-data-provider');
-const { sendEvent, handleError } = require('@librechat/api');
 const { saveMessage, getMessages } = require('~/models/Message');
 const { getConvo } = require('~/models/Conversation');
+const { logger } = require('~/config');
+
+/**
+ * Sends error data in Server Sent Events format and ends the response.
+ * @param {object} res - The server response.
+ * @param {string} message - The error message.
+ */
+const handleError = (res, message) => {
+  res.write(`event: error\ndata: ${JSON.stringify(message)}\n\n`);
+  res.end();
+};
+
+/**
+ * Sends message data in Server Sent Events format.
+ * @param {Express.Response} res - - The server response.
+ * @param {string | Object} message - The message to be sent.
+ * @param {'message' | 'error' | 'cancel'} event - [Optional] The type of event. Default is 'message'.
+ */
+const sendMessage = (res, message, event = 'message') => {
+  if (typeof message === 'string' && message.length === 0) {
+    return;
+  }
+  res.write(`event: ${event}\ndata: ${JSON.stringify(message)}\n\n`);
+};
 
 /**
  * Processes an error with provided options, saves the error message and sends a corresponding SSE response
@@ -69,7 +91,7 @@ const sendError = async (req, res, options, callback) => {
       convo = parseConvo(errorMessage);
     }
 
-    return sendEvent(res, {
+    return sendMessage(res, {
       final: true,
       requestMessage: query?.[0] ? query[0] : requestMessage,
       responseMessage: errorMessage,
@@ -98,10 +120,12 @@ const sendResponse = (req, res, data, errorMessage) => {
   if (errorMessage) {
     return sendError(req, res, { ...data, text: errorMessage });
   }
-  return sendEvent(res, data);
+  return sendMessage(res, data);
 };
 
 module.exports = {
-  sendError,
   sendResponse,
+  handleError,
+  sendMessage,
+  sendError,
 };

api/strategies/openIdJwtStrategy.js

@@ -1,5 +1,4 @@
 const { SystemRoles } = require('librechat-data-provider');
-const { HttpsProxyAgent } = require('https-proxy-agent');
 const { Strategy: JwtStrategy, ExtractJwt } = require('passport-jwt');
 const { updateUser, findUser } = require('~/models');
 const { logger } = require('~/config');
@@ -14,23 +13,17 @@ const { isEnabled } = require('~/server/utils');
  * The strategy extracts the JWT from the Authorization header as a Bearer token.
  * The JWT is then verified using the signing key, and the user is retrieved from the database.
  */
-const openIdJwtLogin = (openIdConfig) => {
-  let jwksRsaOptions = {
-    cache: isEnabled(process.env.OPENID_JWKS_URL_CACHE_ENABLED) || true,
-    cacheMaxAge: process.env.OPENID_JWKS_URL_CACHE_TIME
-      ? eval(process.env.OPENID_JWKS_URL_CACHE_TIME)
-      : 60000,
-    jwksUri: openIdConfig.serverMetadata().jwks_uri,
-  };
-
-  if (process.env.PROXY) {
-    jwksRsaOptions.requestAgent = new HttpsProxyAgent(process.env.PROXY);
-  }
-
-  return new JwtStrategy(
+const openIdJwtLogin = (openIdConfig) =>
+  new JwtStrategy(
     {
       jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
-      secretOrKeyProvider: jwksRsa.passportJwtSecret(jwksRsaOptions),
+      secretOrKeyProvider: jwksRsa.passportJwtSecret({
+        cache: isEnabled(process.env.OPENID_JWKS_URL_CACHE_ENABLED) || true,
+        cacheMaxAge: process.env.OPENID_JWKS_URL_CACHE_TIME
+          ? eval(process.env.OPENID_JWKS_URL_CACHE_TIME)
+          : 60000,
+        jwksUri: openIdConfig.serverMetadata().jwks_uri,
+      }),
     },
     async (payload, done) => {
       try {
@@ -55,6 +48,5 @@ const openIdJwtLogin = (openIdConfig) => {
       }
     },
   );
-};
 
 module.exports = openIdJwtLogin;

api/strategies/openidStrategy.js

@@ -49,7 +49,7 @@ async function customFetch(url, options) {
       logger.info(`[openidStrategy] proxy agent configured: ${process.env.PROXY}`);
       fetchOptions = {
         ...options,
-        dispatcher: new undici.ProxyAgent(process.env.PROXY),
+        dispatcher: new HttpsProxyAgent(process.env.PROXY),
       };
     }
 
@@ -118,7 +118,7 @@ class CustomOpenIDStrategy extends OpenIDStrategy {
  */
 const exchangeAccessTokenIfNeeded = async (config, accessToken, sub, fromCache = false) => {
   const tokensCache = getLogStores(CacheKeys.OPENID_EXCHANGED_TOKENS);
-  const onBehalfFlowRequired = isEnabled(process.env.OPENID_ON_BEHALF_FLOW_FOR_USERINFO_REQUIRED);
+  const onBehalfFlowRequired = isEnabled(process.env.OPENID_ON_BEHALF_FLOW_FOR_USERINFRO_REQUIRED);
   if (onBehalfFlowRequired) {
     if (fromCache) {
       const cachedToken = await tokensCache.get(sub);
@@ -130,7 +130,7 @@ const exchangeAccessTokenIfNeeded = async (config, accessToken, sub, fromCache =
       config,
       'urn:ietf:params:oauth:grant-type:jwt-bearer',
       {
-        scope: process.env.OPENID_ON_BEHALF_FLOW_USERINFO_SCOPE || 'user.read',
+        scope: process.env.OPENID_ON_BEHALF_FLOW_USERINFRO_SCOPE || 'user.read',
         assertion: accessToken,
         requested_token_use: 'on_behalf_of',
       },

api/utils/index.js

@@ -1,9 +1,11 @@
+const loadYaml = require('./loadYaml');
 const tokenHelpers = require('./tokens');
 const deriveBaseURL = require('./deriveBaseURL');
 const extractBaseURL = require('./extractBaseURL');
 const findMessageContent = require('./findMessageContent');
 
 module.exports = {
+  loadYaml,
   deriveBaseURL,
   extractBaseURL,
   ...tokenHelpers,

api/utils/loadYaml.js

@@ -0,0 +1,13 @@
+const fs = require('fs');
+const yaml = require('js-yaml');
+
+function loadYaml(filepath) {
+  try {
+    let fileContents = fs.readFileSync(filepath, 'utf8');
+    return yaml.load(fileContents);
+  } catch (e) {
+    return e;
+  }
+}
+
+module.exports = loadYaml;

client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@librechat/frontend",
-  "version": "v0.7.9-rc1",
+  "version": "v0.7.8",
   "description": "",
   "type": "module",
   "scripts": {
@@ -109,6 +109,9 @@
     "tailwindcss-radix": "^2.8.0",
     "zod": "^3.22.4"
   },
+  "peerDependencies": {
+    "jotai": "^2.12.5"
+  },
   "devDependencies": {
     "@babel/plugin-transform-runtime": "^7.22.15",
     "@babel/preset-env": "^7.22.15",

client/src/Providers/ActivePanelContext.tsx

@@ -1,37 +0,0 @@
-import { createContext, useContext, useState, ReactNode } from 'react';
-
-interface ActivePanelContextType {
-  active: string | undefined;
-  setActive: (id: string) => void;
-}
-
-const ActivePanelContext = createContext<ActivePanelContextType | undefined>(undefined);
-
-export function ActivePanelProvider({
-  children,
-  defaultActive,
-}: {
-  children: ReactNode;
-  defaultActive?: string;
-}) {
-  const [active, _setActive] = useState<string | undefined>(defaultActive);
-
-  const setActive = (id: string) => {
-    localStorage.setItem('side:active-panel', id);
-    _setActive(id);
-  };
-
-  return (
-    <ActivePanelContext.Provider value={{ active, setActive }}>
-      {children}
-    </ActivePanelContext.Provider>
-  );
-}
-
-export function useActivePanel() {
-  const context = useContext(ActivePanelContext);
-  if (context === undefined) {
-    throw new Error('useActivePanel must be used within an ActivePanelProvider');
-  }
-  return context;
-}

client/src/Providers/AgentPanelContext.tsx

@@ -1,9 +1,9 @@
 import React, { createContext, useContext, useState } from 'react';
 import { Constants, EModelEndpoint } from 'librechat-data-provider';
-import type { MCP, Action, TPlugin, AgentToolType } from 'librechat-data-provider';
+import type { TPlugin, AgentToolType, Action, MCP } from 'librechat-data-provider';
 import type { AgentPanelContextType } from '~/common';
 import { useAvailableToolsQuery, useGetActionsQuery } from '~/data-provider';
-import { useLocalize, useGetAgentsConfig } from '~/hooks';
+import { useLocalize } from '~/hooks';
 import { Panel } from '~/common';
 
 const AgentPanelContext = createContext<AgentPanelContextType | undefined>(undefined);
@@ -40,60 +40,57 @@ export function AgentPanelProvider({ children }: { children: React.ReactNode })
       agent_id: agent_id || '',
     })) || [];
 
-  const groupedTools = tools?.reduce(
-    (acc, tool) => {
-      if (tool.tool_id.includes(Constants.mcp_delimiter)) {
-        const [_toolName, serverName] = tool.tool_id.split(Constants.mcp_delimiter);
-        const groupKey = `${serverName.toLowerCase()}`;
-        if (!acc[groupKey]) {
-          acc[groupKey] = {
-            tool_id: groupKey,
-            metadata: {
-              name: `${serverName}`,
-              pluginKey: groupKey,
-              description: `${localize('com_ui_tool_collection_prefix')} ${serverName}`,
-              icon: tool.metadata.icon || '',
-            } as TPlugin,
+  const groupedTools =
+    tools?.reduce(
+      (acc, tool) => {
+        if (tool.tool_id.includes(Constants.mcp_delimiter)) {
+          const [_toolName, serverName] = tool.tool_id.split(Constants.mcp_delimiter);
+          const groupKey = `${serverName.toLowerCase()}`;
+          if (!acc[groupKey]) {
+            acc[groupKey] = {
+              tool_id: groupKey,
+              metadata: {
+                name: `${serverName}`,
+                pluginKey: groupKey,
+                description: `${localize('com_ui_tool_collection_prefix')} ${serverName}`,
+                icon: tool.metadata.icon || '',
+              } as TPlugin,
+              agent_id: agent_id || '',
+              tools: [],
+            };
+          }
+          acc[groupKey].tools?.push({
+            tool_id: tool.tool_id,
+            metadata: tool.metadata,
+            agent_id: agent_id || '',
+          });
+        } else {
+          acc[tool.tool_id] = {
+            tool_id: tool.tool_id,
+            metadata: tool.metadata,
             agent_id: agent_id || '',
-            tools: [],
           };
         }
-        acc[groupKey].tools?.push({
-          tool_id: tool.tool_id,
-          metadata: tool.metadata,
-          agent_id: agent_id || '',
-        });
-      } else {
-        acc[tool.tool_id] = {
-          tool_id: tool.tool_id,
-          metadata: tool.metadata,
-          agent_id: agent_id || '',
-        };
-      }
-      return acc;
-    },
-    {} as Record<string, AgentToolType & { tools?: AgentToolType[] }>,
-  );
+        return acc;
+      },
+      {} as Record<string, AgentToolType & { tools?: AgentToolType[] }>,
+    ) || {};
 
-  const { agentsConfig, endpointsConfig } = useGetAgentsConfig();
-
-  const value: AgentPanelContextType = {
-    mcp,
-    mcps,
-    /** Query data for actions and tools */
-    tools,
+  const value = {
     action,
-    setMcp,
-    actions,
-    setMcps,
-    agent_id,
     setAction,
+    mcp,
+    setMcp,
+    mcps,
+    setMcps,
     activePanel,
-    groupedTools,
-    agentsConfig,
     setActivePanel,
-    endpointsConfig,
     setCurrentAgentId,
+    agent_id,
+    groupedTools,
+    /** Query data for actions and tools */
+    actions,
+    tools,
   };
 
   return <AgentPanelContext.Provider value={value}>{children}</AgentPanelContext.Provider>;

client/src/Providers/BadgeRowContext.tsx

@@ -1,25 +1,14 @@
-import React, { createContext, useContext, useEffect, useRef } from 'react';
-import { useSetRecoilState } from 'recoil';
-import { Tools, Constants, LocalStorageKeys, AgentCapabilities } from 'librechat-data-provider';
-import type { TAgentsEndpoint } from 'librechat-data-provider';
-import {
-  useSearchApiKeyForm,
-  useGetAgentsConfig,
-  useCodeApiKeyForm,
-  useToolToggle,
-  useMCPSelect,
-} from '~/hooks';
+import React, { createContext, useContext } from 'react';
+import { Tools, LocalStorageKeys } from 'librechat-data-provider';
+import { useMCPSelect, useToolToggle, useCodeApiKeyForm, useSearchApiKeyForm } from '~/hooks';
 import { useGetStartupConfig } from '~/data-provider';
-import { ephemeralAgentByConvoId } from '~/store';
 
 interface BadgeRowContextType {
   conversationId?: string | null;
-  agentsConfig?: TAgentsEndpoint | null;
   mcpSelect: ReturnType<typeof useMCPSelect>;
   webSearch: ReturnType<typeof useToolToggle>;
-  artifacts: ReturnType<typeof useToolToggle>;
-  fileSearch: ReturnType<typeof useToolToggle>;
   codeInterpreter: ReturnType<typeof useToolToggle>;
+  fileSearch: ReturnType<typeof useToolToggle>;
   codeApiKeyForm: ReturnType<typeof useCodeApiKeyForm>;
   searchApiKeyForm: ReturnType<typeof useSearchApiKeyForm>;
   startupConfig: ReturnType<typeof useGetStartupConfig>['data'];
@@ -37,88 +26,10 @@ export function useBadgeRowContext() {
 
 interface BadgeRowProviderProps {
   children: React.ReactNode;
-  isSubmitting?: boolean;
   conversationId?: string | null;
 }
 
-export default function BadgeRowProvider({
-  children,
-  isSubmitting,
-  conversationId,
-}: BadgeRowProviderProps) {
-  const hasInitializedRef = useRef(false);
-  const lastKeyRef = useRef<string>('');
-  const { agentsConfig } = useGetAgentsConfig();
-  const key = conversationId ?? Constants.NEW_CONVO;
-  const setEphemeralAgent = useSetRecoilState(ephemeralAgentByConvoId(key));
-
-  /** Initialize ephemeralAgent from localStorage on mount and when conversation changes */
-  useEffect(() => {
-    if (isSubmitting) {
-      return;
-    }
-    // Check if this is a new conversation or the first load
-    if (!hasInitializedRef.current || lastKeyRef.current !== key) {
-      hasInitializedRef.current = true;
-      lastKeyRef.current = key;
-
-      // Load all localStorage values
-      const codeToggleKey = `${LocalStorageKeys.LAST_CODE_TOGGLE_}${key}`;
-      const webSearchToggleKey = `${LocalStorageKeys.LAST_WEB_SEARCH_TOGGLE_}${key}`;
-      const fileSearchToggleKey = `${LocalStorageKeys.LAST_FILE_SEARCH_TOGGLE_}${key}`;
-      const artifactsToggleKey = `${LocalStorageKeys.LAST_ARTIFACTS_TOGGLE_}${key}`;
-
-      const codeToggleValue = localStorage.getItem(codeToggleKey);
-      const webSearchToggleValue = localStorage.getItem(webSearchToggleKey);
-      const fileSearchToggleValue = localStorage.getItem(fileSearchToggleKey);
-      const artifactsToggleValue = localStorage.getItem(artifactsToggleKey);
-
-      const initialValues: Record<string, any> = {};
-
-      if (codeToggleValue !== null) {
-        try {
-          initialValues[Tools.execute_code] = JSON.parse(codeToggleValue);
-        } catch (e) {
-          console.error('Failed to parse code toggle value:', e);
-        }
-      }
-
-      if (webSearchToggleValue !== null) {
-        try {
-          initialValues[Tools.web_search] = JSON.parse(webSearchToggleValue);
-        } catch (e) {
-          console.error('Failed to parse web search toggle value:', e);
-        }
-      }
-
-      if (fileSearchToggleValue !== null) {
-        try {
-          initialValues[Tools.file_search] = JSON.parse(fileSearchToggleValue);
-        } catch (e) {
-          console.error('Failed to parse file search toggle value:', e);
-        }
-      }
-
-      if (artifactsToggleValue !== null) {
-        try {
-          initialValues[AgentCapabilities.artifacts] = JSON.parse(artifactsToggleValue);
-        } catch (e) {
-          console.error('Failed to parse artifacts toggle value:', e);
-        }
-      }
-
-      // Always set values for all tools (use defaults if not in localStorage)
-      // If ephemeralAgent is null, create a new object with just our tool values
-      setEphemeralAgent((prev) => ({
-        ...(prev || {}),
-        [Tools.execute_code]: initialValues[Tools.execute_code] ?? false,
-        [Tools.web_search]: initialValues[Tools.web_search] ?? false,
-        [Tools.file_search]: initialValues[Tools.file_search] ?? false,
-        [AgentCapabilities.artifacts]: initialValues[AgentCapabilities.artifacts] ?? false,
-      }));
-    }
-  }, [key, isSubmitting, setEphemeralAgent]);
-
+export default function BadgeRowProvider({ children, conversationId }: BadgeRowProviderProps) {
   /** Startup config */
   const { data: startupConfig } = useGetStartupConfig();
 
@@ -163,20 +74,10 @@ export default function BadgeRowProvider({
     isAuthenticated: true,
   });
 
-  /** Artifacts hook - using a custom key since it's not a Tool but a capability */
-  const artifacts = useToolToggle({
-    conversationId,
-    toolKey: AgentCapabilities.artifacts,
-    localStorageKey: LocalStorageKeys.LAST_ARTIFACTS_TOGGLE_,
-    isAuthenticated: true,
-  });
-
   const value: BadgeRowContextType = {
     mcpSelect,
     webSearch,
-    artifacts,
     fileSearch,
-    agentsConfig,
     startupConfig,
     conversationId,
     codeApiKeyForm,

client/src/Providers/index.ts

@@ -1,7 +1,6 @@
 export { default as AssistantsProvider } from './AssistantsContext';
 export { default as AgentsProvider } from './AgentsContext';
 export { default as ToastProvider } from './ToastContext';
-export * from './ActivePanelContext';
 export * from './AgentPanelContext';
 export * from './ChatContext';
 export * from './ShareContext';

client/src/common/menus.ts

@@ -1,4 +1,3 @@
-/* eslint-disable @typescript-eslint/no-explicit-any */
 export type RenderProp<
   P = React.HTMLAttributes<any> & {
     ref?: React.Ref<any>;

client/src/common/types.ts

@@ -206,7 +206,9 @@ export type AgentPanelProps = {
   setActivePanel: React.Dispatch<React.SetStateAction<Panel>>;
   setMcp: React.Dispatch<React.SetStateAction<t.MCP | undefined>>;
   setAction: React.Dispatch<React.SetStateAction<t.Action | undefined>>;
+  endpointsConfig?: t.TEndpointsConfig;
   setCurrentAgentId: React.Dispatch<React.SetStateAction<string | undefined>>;
+  agentsConfig?: t.TAgentsEndpoint | null;
 };
 
 export type AgentPanelContextType = {
@@ -217,14 +219,12 @@ export type AgentPanelContextType = {
   mcps?: t.MCP[];
   setMcp: React.Dispatch<React.SetStateAction<t.MCP | undefined>>;
   setMcps: React.Dispatch<React.SetStateAction<t.MCP[] | undefined>>;
+  groupedTools: Record<string, t.AgentToolType & { tools?: t.AgentToolType[] }>;
   tools: t.AgentToolType[];
   activePanel?: string;
   setActivePanel: React.Dispatch<React.SetStateAction<Panel>>;
   setCurrentAgentId: React.Dispatch<React.SetStateAction<string | undefined>>;
-  groupedTools?: Record<string, t.AgentToolType & { tools?: t.AgentToolType[] }>;
   agent_id?: string;
-  agentsConfig?: t.TAgentsEndpoint | null;
-  endpointsConfig?: t.TEndpointsConfig | null;
 };
 
 export type AgentModelPanelProps = {
@@ -336,11 +336,6 @@ export type TAskProps = {
 export type TOptions = {
   editedMessageId?: string | null;
   editedText?: string | null;
-  editedContent?: {
-    index: number;
-    text: string;
-    type: 'text' | 'think';
-  };
   isRegenerate?: boolean;
   isContinued?: boolean;
   isEdited?: boolean;

client/src/components/Chat/Input/Artifacts.tsx

@@ -1,152 +0,0 @@
-import React, { memo, useState, useCallback, useMemo } from 'react';
-import * as Ariakit from '@ariakit/react';
-import { ArtifactModes } from 'librechat-data-provider';
-import { WandSparkles, ChevronDown } from 'lucide-react';
-import CheckboxButton from '~/components/ui/CheckboxButton';
-import { useBadgeRowContext } from '~/Providers';
-import { useLocalize } from '~/hooks';
-import { cn } from '~/utils';
-
-interface ArtifactsToggleState {
-  enabled: boolean;
-  mode: string;
-}
-
-function Artifacts() {
-  const localize = useLocalize();
-  const { artifacts } = useBadgeRowContext();
-  const { toggleState, debouncedChange, isPinned } = artifacts;
-
-  const [isPopoverOpen, setIsPopoverOpen] = useState(false);
-
-  const currentState = useMemo<ArtifactsToggleState>(() => {
-    if (typeof toggleState === 'string' && toggleState) {
-      return { enabled: true, mode: toggleState };
-    }
-    return { enabled: false, mode: '' };
-  }, [toggleState]);
-
-  const isEnabled = currentState.enabled;
-  const isShadcnEnabled = currentState.mode === ArtifactModes.SHADCNUI;
-  const isCustomEnabled = currentState.mode === ArtifactModes.CUSTOM;
-
-  const handleToggle = useCallback(() => {
-    if (isEnabled) {
-      debouncedChange({ value: '' });
-    } else {
-      debouncedChange({ value: ArtifactModes.DEFAULT });
-    }
-  }, [isEnabled, debouncedChange]);
-
-  const handleShadcnToggle = useCallback(() => {
-    if (isShadcnEnabled) {
-      debouncedChange({ value: ArtifactModes.DEFAULT });
-    } else {
-      debouncedChange({ value: ArtifactModes.SHADCNUI });
-    }
-  }, [isShadcnEnabled, debouncedChange]);
-
-  const handleCustomToggle = useCallback(() => {
-    if (isCustomEnabled) {
-      debouncedChange({ value: ArtifactModes.DEFAULT });
-    } else {
-      debouncedChange({ value: ArtifactModes.CUSTOM });
-    }
-  }, [isCustomEnabled, debouncedChange]);
-
-  if (!isEnabled && !isPinned) {
-    return null;
-  }
-
-  return (
-    <div className="flex">
-      <CheckboxButton
-        className={cn('max-w-fit', isEnabled && 'rounded-r-none border-r-0')}
-        checked={isEnabled}
-        setValue={handleToggle}
-        label={localize('com_ui_artifacts')}
-        isCheckedClassName="border-amber-600/40 bg-amber-500/10 hover:bg-amber-700/10"
-        icon={<WandSparkles className="icon-md" />}
-      />
-
-      {isEnabled && (
-        <Ariakit.MenuProvider open={isPopoverOpen} setOpen={setIsPopoverOpen}>
-          <Ariakit.MenuButton
-            className={cn(
-              'w-7 rounded-l-none rounded-r-full border-b border-l-0 border-r border-t border-border-light md:w-6',
-              'border-amber-600/40 bg-amber-500/10 hover:bg-amber-700/10',
-              'transition-colors',
-            )}
-            onClick={(e) => e.stopPropagation()}
-          >
-            <ChevronDown className="ml-1 h-4 w-4 text-text-secondary md:ml-0" />
-          </Ariakit.MenuButton>
-
-          <Ariakit.Menu
-            gutter={8}
-            className={cn(
-              'animate-popover z-50 flex max-h-[300px]',
-              'flex-col overflow-auto overscroll-contain rounded-xl',
-              'bg-surface-secondary px-1.5 py-1 text-text-primary shadow-lg',
-              'border border-border-light',
-              'min-w-[250px] outline-none',
-            )}
-            portal
-          >
-            <div className="px-2 py-1.5">
-              <div className="mb-2 text-xs font-medium text-text-secondary">
-                {localize('com_ui_artifacts_options')}
-              </div>
-
-              {/* Include shadcn/ui Option */}
-              <Ariakit.MenuItem
-                hideOnClick={false}
-                onClick={(event) => {
-                  event.preventDefault();
-                  event.stopPropagation();
-                  handleShadcnToggle();
-                }}
-                disabled={isCustomEnabled}
-                className={cn(
-                  'mb-1 flex items-center justify-between rounded-lg px-2 py-2',
-                  'cursor-pointer outline-none transition-colors',
-                  'hover:bg-black/[0.075] dark:hover:bg-white/10',
-                  'data-[active-item]:bg-black/[0.075] dark:data-[active-item]:bg-white/10',
-                  isCustomEnabled && 'cursor-not-allowed opacity-50',
-                )}
-              >
-                <div className="flex items-center gap-2">
-                  <Ariakit.MenuItemCheck checked={isShadcnEnabled} />
-                  <span className="text-sm">{localize('com_ui_include_shadcnui' as any)}</span>
-                </div>
-              </Ariakit.MenuItem>
-
-              {/* Custom Prompt Mode Option */}
-              <Ariakit.MenuItem
-                hideOnClick={false}
-                onClick={(event) => {
-                  event.preventDefault();
-                  event.stopPropagation();
-                  handleCustomToggle();
-                }}
-                className={cn(
-                  'flex items-center justify-between rounded-lg px-2 py-2',
-                  'cursor-pointer outline-none transition-colors',
-                  'hover:bg-black/[0.075] dark:hover:bg-white/10',
-                  'data-[active-item]:bg-black/[0.075] dark:data-[active-item]:bg-white/10',
-                )}
-              >
-                <div className="flex items-center gap-2">
-                  <Ariakit.MenuItemCheck checked={isCustomEnabled} />
-                  <span className="text-sm">{localize('com_ui_custom_prompt_mode' as any)}</span>
-                </div>
-              </Ariakit.MenuItem>
-            </div>
-          </Ariakit.Menu>
-        </Ariakit.MenuProvider>
-      )}
-    </div>
-  );
-}
-
-export default memo(Artifacts);

client/src/components/Chat/Input/ArtifactsSubMenu.tsx

@@ -1,147 +0,0 @@
-import React from 'react';
-import * as Ariakit from '@ariakit/react';
-import { ChevronRight, WandSparkles } from 'lucide-react';
-import { ArtifactModes } from 'librechat-data-provider';
-import { PinIcon } from '~/components/svg';
-import { useLocalize } from '~/hooks';
-import { cn } from '~/utils';
-
-interface ArtifactsSubMenuProps {
-  isArtifactsPinned: boolean;
-  setIsArtifactsPinned: (value: boolean) => void;
-  artifactsMode: string;
-  handleArtifactsToggle: () => void;
-  handleShadcnToggle: () => void;
-  handleCustomToggle: () => void;
-}
-
-const ArtifactsSubMenu = ({
-  isArtifactsPinned,
-  setIsArtifactsPinned,
-  artifactsMode,
-  handleArtifactsToggle,
-  handleShadcnToggle,
-  handleCustomToggle,
-  ...props
-}: ArtifactsSubMenuProps) => {
-  const localize = useLocalize();
-
-  const menuStore = Ariakit.useMenuStore({
-    focusLoop: true,
-    showTimeout: 100,
-    placement: 'right',
-  });
-
-  const isEnabled = artifactsMode !== '' && artifactsMode !== undefined;
-  const isShadcnEnabled = artifactsMode === ArtifactModes.SHADCNUI;
-  const isCustomEnabled = artifactsMode === ArtifactModes.CUSTOM;
-
-  return (
-    <Ariakit.MenuProvider store={menuStore}>
-      <Ariakit.MenuItem
-        {...props}
-        hideOnClick={false}
-        render={
-          <Ariakit.MenuButton
-            onClick={(e: React.MouseEvent<HTMLButtonElement>) => {
-              e.stopPropagation();
-              handleArtifactsToggle();
-            }}
-            onMouseEnter={() => {
-              if (isEnabled) {
-                menuStore.show();
-              }
-            }}
-            className="flex w-full cursor-pointer items-center justify-between rounded-lg p-2 hover:bg-surface-hover"
-          />
-        }
-      >
-        <div className="flex items-center gap-2">
-          <WandSparkles className="icon-md" />
-          <span>{localize('com_ui_artifacts')}</span>
-          {isEnabled && <ChevronRight className="ml-auto h-3 w-3" />}
-        </div>
-        <button
-          type="button"
-          onClick={(e) => {
-            e.stopPropagation();
-            setIsArtifactsPinned(!isArtifactsPinned);
-          }}
-          className={cn(
-            'rounded p-1 transition-all duration-200',
-            'hover:bg-surface-tertiary hover:shadow-sm',
-            !isArtifactsPinned && 'text-text-secondary hover:text-text-primary',
-          )}
-          aria-label={isArtifactsPinned ? 'Unpin' : 'Pin'}
-        >
-          <div className="h-4 w-4">
-            <PinIcon unpin={isArtifactsPinned} />
-          </div>
-        </button>
-      </Ariakit.MenuItem>
-
-      {isEnabled && (
-        <Ariakit.Menu
-          portal={true}
-          unmountOnHide={true}
-          className={cn(
-            'animate-popover-left z-50 ml-3 flex min-w-[250px] flex-col rounded-xl',
-            'border border-border-light bg-surface-secondary px-1.5 py-1 shadow-lg',
-          )}
-        >
-          <div className="px-2 py-1.5">
-            <div className="mb-2 text-xs font-medium text-text-secondary">
-              {localize('com_ui_artifacts_options')}
-            </div>
-
-            {/* Include shadcn/ui Option */}
-            <Ariakit.MenuItem
-              hideOnClick={false}
-              onClick={(event) => {
-                event.preventDefault();
-                event.stopPropagation();
-                handleShadcnToggle();
-              }}
-              disabled={isCustomEnabled}
-              className={cn(
-                'mb-1 flex items-center justify-between rounded-lg px-2 py-2',
-                'cursor-pointer text-text-primary outline-none transition-colors',
-                'hover:bg-black/[0.075] dark:hover:bg-white/10',
-                'data-[active-item]:bg-black/[0.075] dark:data-[active-item]:bg-white/10',
-                isCustomEnabled && 'cursor-not-allowed opacity-50',
-              )}
-            >
-              <div className="flex items-center gap-2">
-                <Ariakit.MenuItemCheck checked={isShadcnEnabled} />
-                <span className="text-sm">{localize('com_ui_include_shadcnui' as any)}</span>
-              </div>
-            </Ariakit.MenuItem>
-
-            {/* Custom Prompt Mode Option */}
-            <Ariakit.MenuItem
-              hideOnClick={false}
-              onClick={(event) => {
-                event.preventDefault();
-                event.stopPropagation();
-                handleCustomToggle();
-              }}
-              className={cn(
-                'flex items-center justify-between rounded-lg px-2 py-2',
-                'cursor-pointer text-text-primary outline-none transition-colors',
-                'hover:bg-black/[0.075] dark:hover:bg-white/10',
-                'data-[active-item]:bg-black/[0.075] dark:data-[active-item]:bg-white/10',
-              )}
-            >
-              <div className="flex items-center gap-2">
-                <Ariakit.MenuItemCheck checked={isCustomEnabled} />
-                <span className="text-sm">{localize('com_ui_custom_prompt_mode' as any)}</span>
-              </div>
-            </Ariakit.MenuItem>
-          </div>
-        </Ariakit.Menu>
-      )}
-    </Ariakit.MenuProvider>
-  );
-};
-
-export default React.memo(ArtifactsSubMenu);

client/src/components/Chat/Input/BadgeRow.tsx

@@ -18,7 +18,6 @@ import { useChatBadges } from '~/hooks';
 import { Badge } from '~/components/ui';
 import ToolDialogs from './ToolDialogs';
 import FileSearch from './FileSearch';
-import Artifacts from './Artifacts';
 import MCPSelect from './MCPSelect';
 import WebSearch from './WebSearch';
 import store from '~/store';
@@ -28,7 +27,6 @@ interface BadgeRowProps {
   onChange: (badges: Pick<BadgeItem, 'id'>[]) => void;
   onToggle?: (badgeId: string, currentActive: boolean) => void;
   conversationId?: string | null;
-  isSubmitting?: boolean;
   isInChat: boolean;
 }
 
@@ -142,7 +140,6 @@ const dragReducer = (state: DragState, action: DragAction): DragState => {
 function BadgeRow({
   showEphemeralBadges,
   conversationId,
-  isSubmitting,
   onChange,
   onToggle,
   isInChat,
@@ -320,7 +317,7 @@ function BadgeRow({
   }, [dragState.draggedBadge, handleMouseMove, handleMouseUp]);
 
   return (
-    <BadgeRowProvider conversationId={conversationId} isSubmitting={isSubmitting}>
+    <BadgeRowProvider conversationId={conversationId}>
       <div ref={containerRef} className="relative flex flex-wrap items-center gap-2">
         {showEphemeralBadges === true && <ToolsDropdown />}
         {tempBadges.map((badge, index) => (
@@ -367,7 +364,6 @@ function BadgeRow({
             <WebSearch />
             <CodeInterpreter />
             <FileSearch />
-            <Artifacts />
             <MCPSelect />
           </>
         )}

client/src/components/Chat/Input/ChatForm.tsx

@@ -305,7 +305,6 @@ const ChatForm = memo(({ index = 0 }: { index?: number }) => {
               </div>
               <BadgeRow
                 showEphemeralBadges={!isAgentsEndpoint(endpoint) && !isAssistantsEndpoint(endpoint)}
-                isSubmitting={isSubmitting || isSubmittingAdded}
                 conversationId={conversationId}
                 onChange={setBadges}
                 isInChat={

client/src/components/Chat/Input/Files/AttachFileChat.tsx

@@ -4,41 +4,34 @@ import {
   supportsFiles,
   mergeFileConfig,
   isAgentsEndpoint,
-  isAssistantsEndpoint,
+  EndpointFileConfig,
   fileConfig as defaultFileConfig,
 } from 'librechat-data-provider';
-import type { EndpointFileConfig } from 'librechat-data-provider';
 import { useGetFileConfig } from '~/data-provider';
 import AttachFileMenu from './AttachFileMenu';
 import { useChatContext } from '~/Providers';
-import AttachFile from './AttachFile';
 
 function AttachFileChat({ disableInputs }: { disableInputs: boolean }) {
   const { conversation } = useChatContext();
   const conversationId = conversation?.conversationId ?? Constants.NEW_CONVO;
-  const { endpoint, endpointType } = conversation ?? { endpoint: null };
-  const isAgents = useMemo(() => isAgentsEndpoint(endpoint), [endpoint]);
-  const isAssistants = useMemo(() => isAssistantsEndpoint(endpoint), [endpoint]);
+  const { endpoint: _endpoint, endpointType } = conversation ?? { endpoint: null };
+  const isAgents = useMemo(() => isAgentsEndpoint(_endpoint), [_endpoint]);
 
   const { data: fileConfig = defaultFileConfig } = useGetFileConfig({
     select: (data) => mergeFileConfig(data),
   });
 
-  const endpointFileConfig = fileConfig.endpoints[endpoint ?? ''] as EndpointFileConfig | undefined;
-  const endpointSupportsFiles: boolean = supportsFiles[endpointType ?? endpoint ?? ''] ?? false;
+  const endpointFileConfig = fileConfig.endpoints[_endpoint ?? ''] as
+    | EndpointFileConfig
+    | undefined;
+
+  const endpointSupportsFiles: boolean = supportsFiles[endpointType ?? _endpoint ?? ''] ?? false;
   const isUploadDisabled = (disableInputs || endpointFileConfig?.disabled) ?? false;
 
-  if (isAssistants && endpointSupportsFiles && !isUploadDisabled) {
-    return <AttachFile disabled={disableInputs} />;
-  } else if (isAgents || (endpointSupportsFiles && !isUploadDisabled)) {
-    return (
-      <AttachFileMenu
-        disabled={disableInputs}
-        conversationId={conversationId}
-        endpointFileConfig={endpointFileConfig}
-      />
-    );
+  if (isAgents || (endpointSupportsFiles && !isUploadDisabled)) {
+    return <AttachFileMenu disabled={disableInputs} conversationId={conversationId} />;
   }
+
   return null;
 }
 

client/src/components/Chat/Input/Files/AttachFileMenu.tsx

@@ -2,37 +2,38 @@ import { useSetRecoilState } from 'recoil';
 import * as Ariakit from '@ariakit/react';
 import React, { useRef, useState, useMemo } from 'react';
 import { FileSearch, ImageUpIcon, TerminalSquareIcon, FileType2Icon } from 'lucide-react';
-import { EToolResources, EModelEndpoint, defaultAgentCapabilities } from 'librechat-data-provider';
-import type { EndpointFileConfig } from 'librechat-data-provider';
-import { useLocalize, useGetAgentsConfig, useFileHandling, useAgentCapabilities } from '~/hooks';
 import { FileUpload, TooltipAnchor, DropdownPopup, AttachmentIcon } from '~/components';
+import { EToolResources, EModelEndpoint } from 'librechat-data-provider';
+import { useGetEndpointsQuery } from '~/data-provider';
+import { useLocalize, useFileHandling } from '~/hooks';
 import { ephemeralAgentByConvoId } from '~/store';
 import { cn } from '~/utils';
 
 interface AttachFileMenuProps {
   conversationId: string;
   disabled?: boolean | null;
-  endpointFileConfig?: EndpointFileConfig;
 }
 
-const AttachFileMenu = ({ disabled, conversationId, endpointFileConfig }: AttachFileMenuProps) => {
+const AttachFileMenu = ({ disabled, conversationId }: AttachFileMenuProps) => {
   const localize = useLocalize();
   const isUploadDisabled = disabled ?? false;
   const inputRef = useRef<HTMLInputElement>(null);
   const [isPopoverActive, setIsPopoverActive] = useState(false);
   const setEphemeralAgent = useSetRecoilState(ephemeralAgentByConvoId(conversationId));
   const [toolResource, setToolResource] = useState<EToolResources | undefined>();
+  const { data: endpointsConfig } = useGetEndpointsQuery();
   const { handleFileChange } = useFileHandling({
     overrideEndpoint: EModelEndpoint.agents,
-    overrideEndpointFileConfig: endpointFileConfig,
   });
 
-  const { agentsConfig } = useGetAgentsConfig();
   /** TODO: Ephemeral Agent Capabilities
    * Allow defining agent capabilities on a per-endpoint basis
    * Use definition for agents endpoint for ephemeral agents
    * */
-  const capabilities = useAgentCapabilities(agentsConfig?.capabilities ?? defaultAgentCapabilities);
+  const capabilities = useMemo(
+    () => endpointsConfig?.[EModelEndpoint.agents]?.capabilities ?? [],
+    [endpointsConfig],
+  );
 
   const handleUploadClick = (isImage?: boolean) => {
     if (!inputRef.current) {
@@ -56,7 +57,7 @@ const AttachFileMenu = ({ disabled, conversationId, endpointFileConfig }: Attach
       },
     ];
 
-    if (capabilities.ocrEnabled) {
+    if (capabilities.includes(EToolResources.ocr)) {
       items.push({
         label: localize('com_ui_upload_ocr_text'),
         onClick: () => {
@@ -67,7 +68,7 @@ const AttachFileMenu = ({ disabled, conversationId, endpointFileConfig }: Attach
       });
     }
 
-    if (capabilities.fileSearchEnabled) {
+    if (capabilities.includes(EToolResources.file_search)) {
       items.push({
         label: localize('com_ui_upload_file_search'),
         onClick: () => {
@@ -79,7 +80,7 @@ const AttachFileMenu = ({ disabled, conversationId, endpointFileConfig }: Attach
       });
     }
 
-    if (capabilities.codeEnabled) {
+    if (capabilities.includes(EToolResources.execute_code)) {
       items.push({
         label: localize('com_ui_upload_code_files'),
         onClick: () => {

client/src/components/Chat/Input/MCPConfigDialog.tsx

@@ -1,7 +1,6 @@
 import React, { useEffect } from 'react';
 import { useForm, Controller } from 'react-hook-form';
-import { Input, Label, OGDialog, Button } from '~/components/ui';
-import OGDialogTemplate from '~/components/ui/OGDialogTemplate';
+import { Button, Input, Label, OGDialog, OGDialogTemplate } from '~/components';
 import { useLocalize } from '~/hooks';
 
 export interface ConfigFieldDetail {