action: update Unreleased changelog

* refactor: Move draft-related utilities to a new `drafts.ts` file

* refactor: auto-save draft logic to use new get/set functions

* fix: Ensure `getDraft` properly decodes stored draft values

* fix: Handle edge case where stream is cancelled before any response, which creates a blank page

.env.example

@@ -349,6 +349,11 @@ REGISTRATION_VIOLATION_SCORE=1
 CONCURRENT_VIOLATION_SCORE=1
 MESSAGE_VIOLATION_SCORE=1
 NON_BROWSER_VIOLATION_SCORE=20
+TTS_VIOLATION_SCORE=0
+STT_VIOLATION_SCORE=0
+FORK_VIOLATION_SCORE=0
+IMPORT_VIOLATION_SCORE=0
+FILE_UPLOAD_VIOLATION_SCORE=0
 
 LOGIN_MAX=7
 LOGIN_WINDOW=5
@@ -575,6 +580,10 @@ ALLOW_SHARED_LINKS_PUBLIC=true
 # If you have another service in front of your LibreChat doing compression, disable express based compression here
 # DISABLE_COMPRESSION=true
 
+# If you have gzipped version of uploaded image images in the same folder, this will enable gzip scan and serving of these images
+# Note: The images folder will be scanned on startup and a ma kept in memory. Be careful for large number of images.
+# ENABLE_IMAGE_OUTPUT_GZIP_SCAN=true
+
 #===================================================#
 #                        UI                         #
 #===================================================#
@@ -592,11 +601,31 @@ HELP_AND_FAQ_URL=https://librechat.ai
 # REDIS Options #
 #===============#
 
-# REDIS_URI=10.10.10.10:6379
+# Enable Redis for caching and session storage
 # USE_REDIS=true
 
-# USE_REDIS_CLUSTER=true
-# REDIS_CA=/path/to/ca.crt
+# Single Redis instance
+# REDIS_URI=redis://127.0.0.1:6379
+
+# Redis cluster (multiple nodes)
+# REDIS_URI=redis://127.0.0.1:7001,redis://127.0.0.1:7002,redis://127.0.0.1:7003
+
+# Redis with TLS/SSL encryption and CA certificate
+# REDIS_URI=rediss://127.0.0.1:6380
+# REDIS_CA=/path/to/ca-cert.pem
+
+# Redis authentication (if required)
+# REDIS_USERNAME=your_redis_username
+# REDIS_PASSWORD=your_redis_password
+
+# Redis key prefix configuration
+# Use environment variable name for dynamic prefix (recommended for cloud deployments)
+# REDIS_KEY_PREFIX_VAR=K_REVISION
+# Or use static prefix directly
+# REDIS_KEY_PREFIX=librechat
+
+# Redis connection limits
+# REDIS_MAX_LISTENERS=40
 
 #==================================================#
 #                      Others                      #

.github/workflows/client.yml

@@ -0,0 +1,32 @@
+name: Publish `@librechat/client` to NPM
+
+on:
+  workflow_dispatch:
+    inputs:
+      reason:
+        description: 'Reason for manual trigger'
+        required: false
+        default: 'Manual publish requested'
+
+jobs:
+  build-and-publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Use Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '18.x'
+          
+      - name: Check if client package exists
+        run: |
+          if [ -d "packages/client" ]; then
+            echo "Client package directory found"
+          else
+            echo "Client package directory not found - workflow ready for future use"
+            exit 0
+          fi
+          
+      - name: Placeholder for future publishing
+        run: echo "Client package publishing workflow is ready" 

.gitignore

@@ -125,3 +125,12 @@ helm/**/.values.yaml
 
 # SAML Idp cert
 *.cert
+
+# AI Assistants
+/.claude/
+/.cursor/
+/.copilot/
+/.aider/
+/.openai/
+/.tabnine/
+/.codeium

CHANGELOG.md

@@ -7,49 +7,8 @@ All notable changes to this project will be documented in this file.
 
 
 
-## [Unreleased]
 
-### ✨ New Features
-
-- ✨ feat: implement search parameter updates by **@mawburn** in [#7151](https://github.com/danny-avila/LibreChat/pull/7151)
-- 🎏 feat: Add MCP support for Streamable HTTP Transport by **@benverhees** in [#7353](https://github.com/danny-avila/LibreChat/pull/7353)
-- 🔒 feat: Add Content Security Policy using Helmet middleware by **@rubentalstra** in [#7377](https://github.com/danny-avila/LibreChat/pull/7377)
-- ✨ feat: Add Normalization for MCP Server Names by **@danny-avila** in [#7421](https://github.com/danny-avila/LibreChat/pull/7421)
-- 📊 feat: Improve Helm Chart by **@hofq** in [#3638](https://github.com/danny-avila/LibreChat/pull/3638)
-- 🦾 feat: Claude-4 Support by **@danny-avila** in [#7509](https://github.com/danny-avila/LibreChat/pull/7509)
-- 🪨 feat: Bedrock Support for Claude-4 Reasoning by **@danny-avila** in [#7517](https://github.com/danny-avila/LibreChat/pull/7517)
-
-### 🌍 Internationalization
-
-- 🌍 i18n: Add `Danish` and `Czech` and `Catalan` localization support by **@rubentalstra** in [#7373](https://github.com/danny-avila/LibreChat/pull/7373)
-- 🌍 i18n: Update translation.json with latest translations by **@github-actions[bot]** in [#7375](https://github.com/danny-avila/LibreChat/pull/7375)
-- 🌍 i18n: Update translation.json with latest translations by **@github-actions[bot]** in [#7468](https://github.com/danny-avila/LibreChat/pull/7468)
-
-### 🔧 Fixes
-
-- 💬 fix: update aria-label for accessibility in ConvoLink component by **@berry-13** in [#7320](https://github.com/danny-avila/LibreChat/pull/7320)
-- 🔑 fix: use `apiKey` instead of `openAIApiKey` in OpenAI-like Config by **@danny-avila** in [#7337](https://github.com/danny-avila/LibreChat/pull/7337)
-- 🔄 fix: update navigation logic in `useFocusChatEffect` to ensure correct search parameters are used by **@mawburn** in [#7340](https://github.com/danny-avila/LibreChat/pull/7340)
-- 🔄 fix: Improve MCP Connection Cleanup by **@danny-avila** in [#7400](https://github.com/danny-avila/LibreChat/pull/7400)
-- 🛡️ fix: Preset and Validation Logic for URL Query Params by **@danny-avila** in [#7407](https://github.com/danny-avila/LibreChat/pull/7407)
-- 🌘 fix: artifact of preview text is illegible in dark mode by **@nhtruong** in [#7405](https://github.com/danny-avila/LibreChat/pull/7405)
-- 🛡️ fix: Temporarily Remove CSP until Configurable by **@danny-avila** in [#7419](https://github.com/danny-avila/LibreChat/pull/7419)
-- 💽 fix: Exclude index page `/` from static cache settings by **@sbruel** in [#7382](https://github.com/danny-avila/LibreChat/pull/7382)
-
-### ⚙️ Other Changes
-
-- 📜 docs: CHANGELOG for release v0.7.8 by **@github-actions[bot]** in [#7290](https://github.com/danny-avila/LibreChat/pull/7290)
-- 📦 chore: Update API Package Dependencies by **@danny-avila** in [#7359](https://github.com/danny-avila/LibreChat/pull/7359)
-- 📜 docs: Unreleased Changelog by **@github-actions[bot]** in [#7321](https://github.com/danny-avila/LibreChat/pull/7321)
-- 📜 docs: Unreleased Changelog by **@github-actions[bot]** in [#7434](https://github.com/danny-avila/LibreChat/pull/7434)
-- 🛡️ chore: `multer` v2.0.0 for CVE-2025-47935 and CVE-2025-47944 by **@danny-avila** in [#7454](https://github.com/danny-avila/LibreChat/pull/7454)
-- 📂 refactor: Improve `FileAttachment` & File Form Deletion by **@danny-avila** in [#7471](https://github.com/danny-avila/LibreChat/pull/7471)
-- 📊 chore: Remove Old Helm Chart by **@hofq** in [#7512](https://github.com/danny-avila/LibreChat/pull/7512)
-- 🪖 chore: bump helm app version to v0.7.8 by **@austin-barrington** in [#7524](https://github.com/danny-avila/LibreChat/pull/7524)
-
-
-
----
+- no changes
 ## [v0.7.8] - 
 
 Changes from v0.7.8-rc1 to v0.7.8.
@@ -91,6 +50,7 @@ Changes from v0.7.8-rc1 to v0.7.8.
 
 ---
 ## [v0.7.8-rc1] - 
+## [v0.7.8-rc1] - 
 
 Changes from v0.7.7 to v0.7.8-rc1.
 

api/app/clients/BaseClient.js

@@ -108,12 +108,15 @@ class BaseClient {
   /**
    * Abstract method to record token usage. Subclasses must implement this method.
    * If a correction to the token usage is needed, the method should return an object with the corrected token counts.
+   * Should only be used if `recordCollectedUsage` was not used instead.
+   * @param {string} [model]
    * @param {number} promptTokens
    * @param {number} completionTokens
    * @returns {Promise<void>}
    */
-  async recordTokenUsage({ promptTokens, completionTokens }) {
+  async recordTokenUsage({ model, promptTokens, completionTokens }) {
     logger.debug('[BaseClient] `recordTokenUsage` not implemented.', {
+      model,
       promptTokens,
       completionTokens,
     });
@@ -197,6 +200,10 @@ class BaseClient {
       this.currentMessages[this.currentMessages.length - 1].messageId = head;
     }
 
+    if (opts.isRegenerate && responseMessageId.endsWith('_')) {
+      responseMessageId = crypto.randomUUID();
+    }
+
     this.responseMessageId = responseMessageId;
 
     return {
@@ -737,9 +744,13 @@ class BaseClient {
       } else {
         responseMessage.tokenCount = this.getTokenCountForResponse(responseMessage);
         completionTokens = responseMessage.tokenCount;
+        await this.recordTokenUsage({
+          usage,
+          promptTokens,
+          completionTokens,
+          model: responseMessage.model,
+        });
       }
-
-      await this.recordTokenUsage({ promptTokens, completionTokens, usage });
     }
 
     if (userMessagePromise) {

api/app/clients/prompts/formatMessages.js

@@ -237,41 +237,9 @@ const formatAgentMessages = (payload) => {
   return messages;
 };
 
-/**
- * Formats an array of messages for LangChain, making sure all content fields are strings
- * @param {Array<(HumanMessage|AIMessage|SystemMessage|ToolMessage)>} payload - The array of messages to format.
- * @returns {Array<(HumanMessage|AIMessage|SystemMessage|ToolMessage)>} - The array of formatted LangChain messages, including ToolMessages for tool calls.
- */
-const formatContentStrings = (payload) => {
-  const messages = [];
-
-  for (const message of payload) {
-    if (typeof message.content === 'string') {
-      continue;
-    }
-
-    if (!Array.isArray(message.content)) {
-      continue;
-    }
-
-    // Reduce text types to a single string, ignore all other types
-    const content = message.content.reduce((acc, curr) => {
-      if (curr.type === ContentTypes.TEXT) {
-        return `${acc}${curr[ContentTypes.TEXT]}\n`;
-      }
-      return acc;
-    }, '');
-
-    message.content = content.trim();
-  }
-
-  return messages;
-};
-
 module.exports = {
   formatMessage,
   formatFromLangChain,
   formatAgentMessages,
-  formatContentStrings,
   formatLangChainMessages,
 };

api/app/clients/specs/BaseClient.test.js

@@ -422,6 +422,46 @@ describe('BaseClient', () => {
       expect(response).toEqual(expectedResult);
     });
 
+    test('should replace responseMessageId with new UUID when isRegenerate is true and messageId ends with underscore', async () => {
+      const mockCrypto = require('crypto');
+      const newUUID = 'new-uuid-1234';
+      jest.spyOn(mockCrypto, 'randomUUID').mockReturnValue(newUUID);
+
+      const opts = {
+        isRegenerate: true,
+        responseMessageId: 'existing-message-id_',
+      };
+
+      await TestClient.setMessageOptions(opts);
+
+      expect(TestClient.responseMessageId).toBe(newUUID);
+      expect(TestClient.responseMessageId).not.toBe('existing-message-id_');
+
+      mockCrypto.randomUUID.mockRestore();
+    });
+
+    test('should not replace responseMessageId when isRegenerate is false', async () => {
+      const opts = {
+        isRegenerate: false,
+        responseMessageId: 'existing-message-id_',
+      };
+
+      await TestClient.setMessageOptions(opts);
+
+      expect(TestClient.responseMessageId).toBe('existing-message-id_');
+    });
+
+    test('should not replace responseMessageId when it does not end with underscore', async () => {
+      const opts = {
+        isRegenerate: true,
+        responseMessageId: 'existing-message-id',
+      };
+
+      await TestClient.setMessageOptions(opts);
+
+      expect(TestClient.responseMessageId).toBe('existing-message-id');
+    });
+
     test('sendMessage should work with provided conversationId and parentMessageId', async () => {
       const userMessage = 'Second message in the conversation';
       const opts = {

api/app/clients/tools/util/fileSearch.js

@@ -11,17 +11,25 @@ const { getFiles } = require('~/models/File');
  * @param {Object} options
  * @param {ServerRequest} options.req
  * @param {Agent['tool_resources']} options.tool_resources
+ * @param {string} [options.agentId] - The agent ID for file access control
  * @returns {Promise<{
  *   files: Array<{ file_id: string; filename: string }>,
  *   toolContext: string
  * }>}
  */
 const primeFiles = async (options) => {
-  const { tool_resources } = options;
+  const { tool_resources, req, agentId } = options;
   const file_ids = tool_resources?.[EToolResources.file_search]?.file_ids ?? [];
   const agentResourceIds = new Set(file_ids);
   const resourceFiles = tool_resources?.[EToolResources.file_search]?.files ?? [];
-  const dbFiles = ((await getFiles({ file_id: { $in: file_ids } })) ?? []).concat(resourceFiles);
+  const dbFiles = (
+    (await getFiles(
+      { file_id: { $in: file_ids } },
+      null,
+      { text: 0 },
+      { userId: req?.user?.id, agentId },
+    )) ?? []
+  ).concat(resourceFiles);
 
   let toolContext = `- Note: Semantic search is available through the ${Tools.file_search} tool but no files are currently loaded. Request the user to upload documents to search through.`;
 

api/app/clients/tools/util/handleTools.js

@@ -1,14 +1,9 @@
-const { mcpToolPattern } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
 const { SerpAPI } = require('@langchain/community/tools/serpapi');
 const { Calculator } = require('@langchain/community/tools/calculator');
+const { mcpToolPattern, loadWebSearchAuth } = require('@librechat/api');
 const { EnvVar, createCodeExecutionTool, createSearchTool } = require('@librechat/agents');
-const {
-  Tools,
-  EToolResources,
-  loadWebSearchAuth,
-  replaceSpecialVars,
-} = require('librechat-data-provider');
+const { Tools, EToolResources, replaceSpecialVars } = require('librechat-data-provider');
 const {
   availableTools,
   manifestToolMap,
@@ -245,7 +240,13 @@ const loadTools = async ({
           authFields: [EnvVar.CODE_API_KEY],
         });
         const codeApiKey = authValues[EnvVar.CODE_API_KEY];
-        const { files, toolContext } = await primeCodeFiles(options, codeApiKey);
+        const { files, toolContext } = await primeCodeFiles(
+          {
+            ...options,
+            agentId: agent?.id,
+          },
+          codeApiKey,
+        );
         if (toolContext) {
           toolContextMap[tool] = toolContext;
         }
@@ -260,7 +261,10 @@ const loadTools = async ({
       continue;
     } else if (tool === Tools.file_search) {
       requestedTools[tool] = async () => {
-        const { files, toolContext } = await primeSearchFiles(options);
+        const { files, toolContext } = await primeSearchFiles({
+          ...options,
+          agentId: agent?.id,
+        });
         if (toolContext) {
           toolContextMap[tool] = toolContext;
         }

api/cache/cacheConfig.js

@@ -0,0 +1,33 @@
+const fs = require('fs');
+const { math, isEnabled } = require('@librechat/api');
+
+// To ensure that different deployments do not interfere with each other's cache, we use a prefix for the Redis keys.
+// This prefix is usually the deployment ID, which is often passed to the container or pod as an env var.
+// Set REDIS_KEY_PREFIX_VAR to the env var that contains the deployment ID.
+const REDIS_KEY_PREFIX_VAR = process.env.REDIS_KEY_PREFIX_VAR;
+const REDIS_KEY_PREFIX = process.env.REDIS_KEY_PREFIX;
+if (REDIS_KEY_PREFIX_VAR && REDIS_KEY_PREFIX) {
+  throw new Error('Only either REDIS_KEY_PREFIX_VAR or REDIS_KEY_PREFIX can be set.');
+}
+
+const USE_REDIS = isEnabled(process.env.USE_REDIS);
+if (USE_REDIS && !process.env.REDIS_URI) {
+  throw new Error('USE_REDIS is enabled but REDIS_URI is not set.');
+}
+
+const cacheConfig = {
+  USE_REDIS,
+  REDIS_URI: process.env.REDIS_URI,
+  REDIS_USERNAME: process.env.REDIS_USERNAME,
+  REDIS_PASSWORD: process.env.REDIS_PASSWORD,
+  REDIS_CA: process.env.REDIS_CA ? fs.readFileSync(process.env.REDIS_CA, 'utf8') : null,
+  REDIS_KEY_PREFIX: process.env[REDIS_KEY_PREFIX_VAR] || REDIS_KEY_PREFIX || '',
+  REDIS_MAX_LISTENERS: math(process.env.REDIS_MAX_LISTENERS, 40),
+
+  CI: isEnabled(process.env.CI),
+  DEBUG_MEMORY_CACHE: isEnabled(process.env.DEBUG_MEMORY_CACHE),
+
+  BAN_DURATION: math(process.env.BAN_DURATION, 7200000), // 2 hours
+};
+
+module.exports = { cacheConfig };

api/cache/cacheConfig.spec.js

@@ -0,0 +1,108 @@
+const fs = require('fs');
+
+describe('cacheConfig', () => {
+  let originalEnv;
+  let originalReadFileSync;
+
+  beforeEach(() => {
+    originalEnv = { ...process.env };
+    originalReadFileSync = fs.readFileSync;
+
+    // Clear all related env vars first
+    delete process.env.REDIS_URI;
+    delete process.env.REDIS_CA;
+    delete process.env.REDIS_KEY_PREFIX_VAR;
+    delete process.env.REDIS_KEY_PREFIX;
+    delete process.env.USE_REDIS;
+
+    // Clear require cache
+    jest.resetModules();
+  });
+
+  afterEach(() => {
+    process.env = originalEnv;
+    fs.readFileSync = originalReadFileSync;
+    jest.resetModules();
+  });
+
+  describe('REDIS_KEY_PREFIX validation and resolution', () => {
+    test('should throw error when both REDIS_KEY_PREFIX_VAR and REDIS_KEY_PREFIX are set', () => {
+      process.env.REDIS_KEY_PREFIX_VAR = 'DEPLOYMENT_ID';
+      process.env.REDIS_KEY_PREFIX = 'manual-prefix';
+
+      expect(() => {
+        require('./cacheConfig');
+      }).toThrow('Only either REDIS_KEY_PREFIX_VAR or REDIS_KEY_PREFIX can be set.');
+    });
+
+    test('should resolve REDIS_KEY_PREFIX from variable reference', () => {
+      process.env.REDIS_KEY_PREFIX_VAR = 'DEPLOYMENT_ID';
+      process.env.DEPLOYMENT_ID = 'test-deployment-123';
+
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('test-deployment-123');
+    });
+
+    test('should use direct REDIS_KEY_PREFIX value', () => {
+      process.env.REDIS_KEY_PREFIX = 'direct-prefix';
+
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('direct-prefix');
+    });
+
+    test('should default to empty string when no prefix is configured', () => {
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('');
+    });
+
+    test('should handle empty variable reference', () => {
+      process.env.REDIS_KEY_PREFIX_VAR = 'EMPTY_VAR';
+      process.env.EMPTY_VAR = '';
+
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('');
+    });
+
+    test('should handle undefined variable reference', () => {
+      process.env.REDIS_KEY_PREFIX_VAR = 'UNDEFINED_VAR';
+
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('');
+    });
+  });
+
+  describe('USE_REDIS and REDIS_URI validation', () => {
+    test('should throw error when USE_REDIS is enabled but REDIS_URI is not set', () => {
+      process.env.USE_REDIS = 'true';
+
+      expect(() => {
+        require('./cacheConfig');
+      }).toThrow('USE_REDIS is enabled but REDIS_URI is not set.');
+    });
+
+    test('should not throw error when USE_REDIS is enabled and REDIS_URI is set', () => {
+      process.env.USE_REDIS = 'true';
+      process.env.REDIS_URI = 'redis://localhost:6379';
+
+      expect(() => {
+        require('./cacheConfig');
+      }).not.toThrow();
+    });
+
+    test('should handle empty REDIS_URI when USE_REDIS is enabled', () => {
+      process.env.USE_REDIS = 'true';
+      process.env.REDIS_URI = '';
+
+      expect(() => {
+        require('./cacheConfig');
+      }).toThrow('USE_REDIS is enabled but REDIS_URI is not set.');
+    });
+  });
+
+  describe('REDIS_CA file reading', () => {
+    test('should be null when REDIS_CA is not set', () => {
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.REDIS_CA).toBeNull();
+    });
+  });
+});

api/cache/cacheFactory.js

@@ -0,0 +1,66 @@
+const KeyvRedis = require('@keyv/redis').default;
+const { Keyv } = require('keyv');
+const { cacheConfig } = require('./cacheConfig');
+const { keyvRedisClient, ioredisClient, GLOBAL_PREFIX_SEPARATOR } = require('./redisClients');
+const { Time } = require('librechat-data-provider');
+const { RedisStore: ConnectRedis } = require('connect-redis');
+const MemoryStore = require('memorystore')(require('express-session'));
+const { violationFile } = require('./keyvFiles');
+const { RedisStore } = require('rate-limit-redis');
+
+/**
+ * Creates a cache instance using Redis or a fallback store. Suitable for general caching needs.
+ * @param {string} namespace - The cache namespace.
+ * @param {number} [ttl] - Time to live for cache entries.
+ * @param {object} [fallbackStore] - Optional fallback store if Redis is not used.
+ * @returns {Keyv} Cache instance.
+ */
+const standardCache = (namespace, ttl = undefined, fallbackStore = undefined) => {
+  if (cacheConfig.USE_REDIS) {
+    const keyvRedis = new KeyvRedis(keyvRedisClient);
+    const cache = new Keyv(keyvRedis, { namespace, ttl });
+    keyvRedis.namespace = cacheConfig.REDIS_KEY_PREFIX;
+    keyvRedis.keyPrefixSeparator = GLOBAL_PREFIX_SEPARATOR;
+    return cache;
+  }
+  if (fallbackStore) return new Keyv({ store: fallbackStore, namespace, ttl });
+  return new Keyv({ namespace, ttl });
+};
+
+/**
+ * Creates a cache instance for storing violation data.
+ * Uses a file-based fallback store if Redis is not enabled.
+ * @param {string} namespace - The cache namespace for violations.
+ * @param {number} [ttl] - Time to live for cache entries.
+ * @returns {Keyv} Cache instance for violations.
+ */
+const violationCache = (namespace, ttl = undefined) => {
+  return standardCache(`violations:${namespace}`, ttl, violationFile);
+};
+
+/**
+ * Creates a session cache instance using Redis or in-memory store.
+ * @param {string} namespace - The session namespace.
+ * @param {number} [ttl] - Time to live for session entries.
+ * @returns {MemoryStore | ConnectRedis} Session store instance.
+ */
+const sessionCache = (namespace, ttl = undefined) => {
+  namespace = namespace.endsWith(':') ? namespace : `${namespace}:`;
+  if (!cacheConfig.USE_REDIS) return new MemoryStore({ ttl, checkPeriod: Time.ONE_DAY });
+  return new ConnectRedis({ client: ioredisClient, ttl, prefix: namespace });
+};
+
+/**
+ * Creates a rate limiter cache using Redis.
+ * @param {string} prefix - The key prefix for rate limiting.
+ * @returns {RedisStore|undefined} RedisStore instance or undefined if Redis is not used.
+ */
+const limiterCache = (prefix) => {
+  if (!prefix) throw new Error('prefix is required');
+  if (!cacheConfig.USE_REDIS) return undefined;
+  prefix = prefix.endsWith(':') ? prefix : `${prefix}:`;
+  return new RedisStore({ sendCommand, prefix });
+};
+const sendCommand = (...args) => ioredisClient?.call(...args);
+
+module.exports = { standardCache, sessionCache, violationCache, limiterCache };

api/cache/cacheFactory.spec.js

@@ -0,0 +1,270 @@
+const { Time } = require('librechat-data-provider');
+
+// Mock dependencies first
+const mockKeyvRedis = {
+  namespace: '',
+  keyPrefixSeparator: '',
+};
+
+const mockKeyv = jest.fn().mockReturnValue({ mock: 'keyv' });
+const mockConnectRedis = jest.fn().mockReturnValue({ mock: 'connectRedis' });
+const mockMemoryStore = jest.fn().mockReturnValue({ mock: 'memoryStore' });
+const mockRedisStore = jest.fn().mockReturnValue({ mock: 'redisStore' });
+
+const mockIoredisClient = {
+  call: jest.fn(),
+};
+
+const mockKeyvRedisClient = {};
+const mockViolationFile = {};
+
+// Mock modules before requiring the main module
+jest.mock('@keyv/redis', () => ({
+  default: jest.fn().mockImplementation(() => mockKeyvRedis),
+}));
+
+jest.mock('keyv', () => ({
+  Keyv: mockKeyv,
+}));
+
+jest.mock('./cacheConfig', () => ({
+  cacheConfig: {
+    USE_REDIS: false,
+    REDIS_KEY_PREFIX: 'test',
+  },
+}));
+
+jest.mock('./redisClients', () => ({
+  keyvRedisClient: mockKeyvRedisClient,
+  ioredisClient: mockIoredisClient,
+  GLOBAL_PREFIX_SEPARATOR: '::',
+}));
+
+jest.mock('./keyvFiles', () => ({
+  violationFile: mockViolationFile,
+}));
+
+jest.mock('connect-redis', () => ({ RedisStore: mockConnectRedis }));
+
+jest.mock('memorystore', () => jest.fn(() => mockMemoryStore));
+
+jest.mock('rate-limit-redis', () => ({
+  RedisStore: mockRedisStore,
+}));
+
+// Import after mocking
+const { standardCache, sessionCache, violationCache, limiterCache } = require('./cacheFactory');
+const { cacheConfig } = require('./cacheConfig');
+
+describe('cacheFactory', () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+
+    // Reset cache config mock
+    cacheConfig.USE_REDIS = false;
+    cacheConfig.REDIS_KEY_PREFIX = 'test';
+  });
+
+  describe('redisCache', () => {
+    it('should create Redis cache when USE_REDIS is true', () => {
+      cacheConfig.USE_REDIS = true;
+      const namespace = 'test-namespace';
+      const ttl = 3600;
+
+      standardCache(namespace, ttl);
+
+      expect(require('@keyv/redis').default).toHaveBeenCalledWith(mockKeyvRedisClient);
+      expect(mockKeyv).toHaveBeenCalledWith(mockKeyvRedis, { namespace, ttl });
+      expect(mockKeyvRedis.namespace).toBe(cacheConfig.REDIS_KEY_PREFIX);
+      expect(mockKeyvRedis.keyPrefixSeparator).toBe('::');
+    });
+
+    it('should create Redis cache with undefined ttl when not provided', () => {
+      cacheConfig.USE_REDIS = true;
+      const namespace = 'test-namespace';
+
+      standardCache(namespace);
+
+      expect(mockKeyv).toHaveBeenCalledWith(mockKeyvRedis, { namespace, ttl: undefined });
+    });
+
+    it('should use fallback store when USE_REDIS is false and fallbackStore is provided', () => {
+      cacheConfig.USE_REDIS = false;
+      const namespace = 'test-namespace';
+      const ttl = 3600;
+      const fallbackStore = { some: 'store' };
+
+      standardCache(namespace, ttl, fallbackStore);
+
+      expect(mockKeyv).toHaveBeenCalledWith({ store: fallbackStore, namespace, ttl });
+    });
+
+    it('should create default Keyv instance when USE_REDIS is false and no fallbackStore', () => {
+      cacheConfig.USE_REDIS = false;
+      const namespace = 'test-namespace';
+      const ttl = 3600;
+
+      standardCache(namespace, ttl);
+
+      expect(mockKeyv).toHaveBeenCalledWith({ namespace, ttl });
+    });
+
+    it('should handle namespace and ttl as undefined', () => {
+      cacheConfig.USE_REDIS = false;
+
+      standardCache();
+
+      expect(mockKeyv).toHaveBeenCalledWith({ namespace: undefined, ttl: undefined });
+    });
+  });
+
+  describe('violationCache', () => {
+    it('should create violation cache with prefixed namespace', () => {
+      const namespace = 'test-violations';
+      const ttl = 7200;
+
+      // We can't easily mock the internal redisCache call since it's in the same module
+      // But we can test that the function executes without throwing
+      expect(() => violationCache(namespace, ttl)).not.toThrow();
+    });
+
+    it('should create violation cache with undefined ttl', () => {
+      const namespace = 'test-violations';
+
+      violationCache(namespace);
+
+      // The function should call redisCache with violations: prefixed namespace
+      // Since we can't easily mock the internal redisCache call, we test the behavior
+      expect(() => violationCache(namespace)).not.toThrow();
+    });
+
+    it('should handle undefined namespace', () => {
+      expect(() => violationCache(undefined)).not.toThrow();
+    });
+  });
+
+  describe('sessionCache', () => {
+    it('should return MemoryStore when USE_REDIS is false', () => {
+      cacheConfig.USE_REDIS = false;
+      const namespace = 'sessions';
+      const ttl = 86400;
+
+      const result = sessionCache(namespace, ttl);
+
+      expect(mockMemoryStore).toHaveBeenCalledWith({ ttl, checkPeriod: Time.ONE_DAY });
+      expect(result).toBe(mockMemoryStore());
+    });
+
+    it('should return ConnectRedis when USE_REDIS is true', () => {
+      cacheConfig.USE_REDIS = true;
+      const namespace = 'sessions';
+      const ttl = 86400;
+
+      const result = sessionCache(namespace, ttl);
+
+      expect(mockConnectRedis).toHaveBeenCalledWith({
+        client: mockIoredisClient,
+        ttl,
+        prefix: `${namespace}:`,
+      });
+      expect(result).toBe(mockConnectRedis());
+    });
+
+    it('should add colon to namespace if not present', () => {
+      cacheConfig.USE_REDIS = true;
+      const namespace = 'sessions';
+
+      sessionCache(namespace);
+
+      expect(mockConnectRedis).toHaveBeenCalledWith({
+        client: mockIoredisClient,
+        ttl: undefined,
+        prefix: 'sessions:',
+      });
+    });
+
+    it('should not add colon to namespace if already present', () => {
+      cacheConfig.USE_REDIS = true;
+      const namespace = 'sessions:';
+
+      sessionCache(namespace);
+
+      expect(mockConnectRedis).toHaveBeenCalledWith({
+        client: mockIoredisClient,
+        ttl: undefined,
+        prefix: 'sessions:',
+      });
+    });
+
+    it('should handle undefined ttl', () => {
+      cacheConfig.USE_REDIS = false;
+      const namespace = 'sessions';
+
+      sessionCache(namespace);
+
+      expect(mockMemoryStore).toHaveBeenCalledWith({
+        ttl: undefined,
+        checkPeriod: Time.ONE_DAY,
+      });
+    });
+  });
+
+  describe('limiterCache', () => {
+    it('should return undefined when USE_REDIS is false', () => {
+      cacheConfig.USE_REDIS = false;
+      const result = limiterCache('prefix');
+
+      expect(result).toBeUndefined();
+    });
+
+    it('should return RedisStore when USE_REDIS is true', () => {
+      cacheConfig.USE_REDIS = true;
+      const result = limiterCache('rate-limit');
+
+      expect(mockRedisStore).toHaveBeenCalledWith({
+        sendCommand: expect.any(Function),
+        prefix: `rate-limit:`,
+      });
+      expect(result).toBe(mockRedisStore());
+    });
+
+    it('should add colon to prefix if not present', () => {
+      cacheConfig.USE_REDIS = true;
+      limiterCache('rate-limit');
+
+      expect(mockRedisStore).toHaveBeenCalledWith({
+        sendCommand: expect.any(Function),
+        prefix: 'rate-limit:',
+      });
+    });
+
+    it('should not add colon to prefix if already present', () => {
+      cacheConfig.USE_REDIS = true;
+      limiterCache('rate-limit:');
+
+      expect(mockRedisStore).toHaveBeenCalledWith({
+        sendCommand: expect.any(Function),
+        prefix: 'rate-limit:',
+      });
+    });
+
+    it('should pass sendCommand function that calls ioredisClient.call', () => {
+      cacheConfig.USE_REDIS = true;
+      limiterCache('rate-limit');
+
+      const sendCommandCall = mockRedisStore.mock.calls[0][0];
+      const sendCommand = sendCommandCall.sendCommand;
+
+      // Test that sendCommand properly delegates to ioredisClient.call
+      const args = ['GET', 'test-key'];
+      sendCommand(...args);
+
+      expect(mockIoredisClient.call).toHaveBeenCalledWith(...args);
+    });
+
+    it('should handle undefined prefix', () => {
+      cacheConfig.USE_REDIS = true;
+      expect(() => limiterCache()).toThrow('prefix is required');
+    });
+  });
+});

api/cache/getLogStores.js

@@ -1,113 +1,52 @@
+const { cacheConfig } = require('./cacheConfig');
 const { Keyv } = require('keyv');
-const { isEnabled, math } = require('@librechat/api');
 const { CacheKeys, ViolationTypes, Time } = require('librechat-data-provider');
-const { logFile, violationFile } = require('./keyvFiles');
-const keyvRedis = require('./keyvRedis');
+const { logFile } = require('./keyvFiles');
 const keyvMongo = require('./keyvMongo');
-
-const { BAN_DURATION, USE_REDIS, DEBUG_MEMORY_CACHE, CI } = process.env ?? {};
-
-const duration = math(BAN_DURATION, 7200000);
-const isRedisEnabled = isEnabled(USE_REDIS);
-const debugMemoryCache = isEnabled(DEBUG_MEMORY_CACHE);
-
-const createViolationInstance = (namespace) => {
-  const config = isRedisEnabled ? { store: keyvRedis } : { store: violationFile, namespace };
-  return new Keyv(config);
-};
-
-// Serve cache from memory so no need to clear it on startup/exit
-const pending_req = isRedisEnabled
-  ? new Keyv({ store: keyvRedis })
-  : new Keyv({ namespace: CacheKeys.PENDING_REQ });
-
-const config = isRedisEnabled
-  ? new Keyv({ store: keyvRedis })
-  : new Keyv({ namespace: CacheKeys.CONFIG_STORE });
-
-const roles = isRedisEnabled
-  ? new Keyv({ store: keyvRedis })
-  : new Keyv({ namespace: CacheKeys.ROLES });
-
-const mcpTools = isRedisEnabled
-  ? new Keyv({ store: keyvRedis })
-  : new Keyv({ namespace: CacheKeys.MCP_TOOLS });
-
-const audioRuns = isRedisEnabled
-  ? new Keyv({ store: keyvRedis, ttl: Time.TEN_MINUTES })
-  : new Keyv({ namespace: CacheKeys.AUDIO_RUNS, ttl: Time.TEN_MINUTES });
-
-const messages = isRedisEnabled
-  ? new Keyv({ store: keyvRedis, ttl: Time.ONE_MINUTE })
-  : new Keyv({ namespace: CacheKeys.MESSAGES, ttl: Time.ONE_MINUTE });
-
-const flows = isRedisEnabled
-  ? new Keyv({ store: keyvRedis, ttl: Time.TWO_MINUTES })
-  : new Keyv({ namespace: CacheKeys.FLOWS, ttl: Time.ONE_MINUTE * 3 });
-
-const tokenConfig = isRedisEnabled
-  ? new Keyv({ store: keyvRedis, ttl: Time.THIRTY_MINUTES })
-  : new Keyv({ namespace: CacheKeys.TOKEN_CONFIG, ttl: Time.THIRTY_MINUTES });
-
-const genTitle = isRedisEnabled
-  ? new Keyv({ store: keyvRedis, ttl: Time.TWO_MINUTES })
-  : new Keyv({ namespace: CacheKeys.GEN_TITLE, ttl: Time.TWO_MINUTES });
-
-const s3ExpiryInterval = isRedisEnabled
-  ? new Keyv({ store: keyvRedis, ttl: Time.THIRTY_MINUTES })
-  : new Keyv({ namespace: CacheKeys.S3_EXPIRY_INTERVAL, ttl: Time.THIRTY_MINUTES });
-
-const modelQueries = isEnabled(process.env.USE_REDIS)
-  ? new Keyv({ store: keyvRedis })
-  : new Keyv({ namespace: CacheKeys.MODEL_QUERIES });
-
-const abortKeys = isRedisEnabled
-  ? new Keyv({ store: keyvRedis })
-  : new Keyv({ namespace: CacheKeys.ABORT_KEYS, ttl: Time.TEN_MINUTES });
-
-const openIdExchangedTokensCache = isRedisEnabled
-  ? new Keyv({ store: keyvRedis, ttl: Time.TEN_MINUTES })
-  : new Keyv({ namespace: CacheKeys.OPENID_EXCHANGED_TOKENS, ttl: Time.TEN_MINUTES });
+const { standardCache, sessionCache, violationCache } = require('./cacheFactory');
 
 const namespaces = {
-  [CacheKeys.ROLES]: roles,
-  [CacheKeys.MCP_TOOLS]: mcpTools,
-  [CacheKeys.CONFIG_STORE]: config,
-  [CacheKeys.PENDING_REQ]: pending_req,
-  [ViolationTypes.BAN]: new Keyv({ store: keyvMongo, namespace: CacheKeys.BANS, ttl: duration }),
-  [CacheKeys.ENCODED_DOMAINS]: new Keyv({
+  [ViolationTypes.GENERAL]: new Keyv({ store: logFile, namespace: 'violations' }),
+  [ViolationTypes.LOGINS]: violationCache(ViolationTypes.LOGINS),
+  [ViolationTypes.CONCURRENT]: violationCache(ViolationTypes.CONCURRENT),
+  [ViolationTypes.NON_BROWSER]: violationCache(ViolationTypes.NON_BROWSER),
+  [ViolationTypes.MESSAGE_LIMIT]: violationCache(ViolationTypes.MESSAGE_LIMIT),
+  [ViolationTypes.REGISTRATIONS]: violationCache(ViolationTypes.REGISTRATIONS),
+  [ViolationTypes.TOKEN_BALANCE]: violationCache(ViolationTypes.TOKEN_BALANCE),
+  [ViolationTypes.TTS_LIMIT]: violationCache(ViolationTypes.TTS_LIMIT),
+  [ViolationTypes.STT_LIMIT]: violationCache(ViolationTypes.STT_LIMIT),
+  [ViolationTypes.CONVO_ACCESS]: violationCache(ViolationTypes.CONVO_ACCESS),
+  [ViolationTypes.TOOL_CALL_LIMIT]: violationCache(ViolationTypes.TOOL_CALL_LIMIT),
+  [ViolationTypes.FILE_UPLOAD_LIMIT]: violationCache(ViolationTypes.FILE_UPLOAD_LIMIT),
+  [ViolationTypes.VERIFY_EMAIL_LIMIT]: violationCache(ViolationTypes.VERIFY_EMAIL_LIMIT),
+  [ViolationTypes.RESET_PASSWORD_LIMIT]: violationCache(ViolationTypes.RESET_PASSWORD_LIMIT),
+  [ViolationTypes.ILLEGAL_MODEL_REQUEST]: violationCache(ViolationTypes.ILLEGAL_MODEL_REQUEST),
+  [ViolationTypes.BAN]: new Keyv({
     store: keyvMongo,
-    namespace: CacheKeys.ENCODED_DOMAINS,
-    ttl: 0,
+    namespace: CacheKeys.BANS,
+    ttl: cacheConfig.BAN_DURATION,
   }),
-  general: new Keyv({ store: logFile, namespace: 'violations' }),
-  concurrent: createViolationInstance('concurrent'),
-  non_browser: createViolationInstance('non_browser'),
-  message_limit: createViolationInstance('message_limit'),
-  token_balance: createViolationInstance(ViolationTypes.TOKEN_BALANCE),
-  registrations: createViolationInstance('registrations'),
-  [ViolationTypes.TTS_LIMIT]: createViolationInstance(ViolationTypes.TTS_LIMIT),
-  [ViolationTypes.STT_LIMIT]: createViolationInstance(ViolationTypes.STT_LIMIT),
-  [ViolationTypes.CONVO_ACCESS]: createViolationInstance(ViolationTypes.CONVO_ACCESS),
-  [ViolationTypes.TOOL_CALL_LIMIT]: createViolationInstance(ViolationTypes.TOOL_CALL_LIMIT),
-  [ViolationTypes.FILE_UPLOAD_LIMIT]: createViolationInstance(ViolationTypes.FILE_UPLOAD_LIMIT),
-  [ViolationTypes.VERIFY_EMAIL_LIMIT]: createViolationInstance(ViolationTypes.VERIFY_EMAIL_LIMIT),
-  [ViolationTypes.RESET_PASSWORD_LIMIT]: createViolationInstance(
-    ViolationTypes.RESET_PASSWORD_LIMIT,
+
+  [CacheKeys.OPENID_SESSION]: sessionCache(CacheKeys.OPENID_SESSION),
+  [CacheKeys.SAML_SESSION]: sessionCache(CacheKeys.SAML_SESSION),
+
+  [CacheKeys.ROLES]: standardCache(CacheKeys.ROLES),
+  [CacheKeys.MCP_TOOLS]: standardCache(CacheKeys.MCP_TOOLS),
+  [CacheKeys.CONFIG_STORE]: standardCache(CacheKeys.CONFIG_STORE),
+  [CacheKeys.PENDING_REQ]: standardCache(CacheKeys.PENDING_REQ),
+  [CacheKeys.ENCODED_DOMAINS]: new Keyv({ store: keyvMongo, namespace: CacheKeys.ENCODED_DOMAINS }),
+  [CacheKeys.ABORT_KEYS]: standardCache(CacheKeys.ABORT_KEYS, Time.TEN_MINUTES),
+  [CacheKeys.TOKEN_CONFIG]: standardCache(CacheKeys.TOKEN_CONFIG, Time.THIRTY_MINUTES),
+  [CacheKeys.GEN_TITLE]: standardCache(CacheKeys.GEN_TITLE, Time.TWO_MINUTES),
+  [CacheKeys.S3_EXPIRY_INTERVAL]: standardCache(CacheKeys.S3_EXPIRY_INTERVAL, Time.THIRTY_MINUTES),
+  [CacheKeys.MODEL_QUERIES]: standardCache(CacheKeys.MODEL_QUERIES),
+  [CacheKeys.AUDIO_RUNS]: standardCache(CacheKeys.AUDIO_RUNS, Time.TEN_MINUTES),
+  [CacheKeys.MESSAGES]: standardCache(CacheKeys.MESSAGES, Time.ONE_MINUTE),
+  [CacheKeys.FLOWS]: standardCache(CacheKeys.FLOWS, Time.ONE_MINUTE * 3),
+  [CacheKeys.OPENID_EXCHANGED_TOKENS]: standardCache(
+    CacheKeys.OPENID_EXCHANGED_TOKENS,
+    Time.TEN_MINUTES,
   ),
-  [ViolationTypes.ILLEGAL_MODEL_REQUEST]: createViolationInstance(
-    ViolationTypes.ILLEGAL_MODEL_REQUEST,
-  ),
-  logins: createViolationInstance('logins'),
-  [CacheKeys.ABORT_KEYS]: abortKeys,
-  [CacheKeys.TOKEN_CONFIG]: tokenConfig,
-  [CacheKeys.GEN_TITLE]: genTitle,
-  [CacheKeys.S3_EXPIRY_INTERVAL]: s3ExpiryInterval,
-  [CacheKeys.MODEL_QUERIES]: modelQueries,
-  [CacheKeys.AUDIO_RUNS]: audioRuns,
-  [CacheKeys.MESSAGES]: messages,
-  [CacheKeys.FLOWS]: flows,
-  [CacheKeys.OPENID_EXCHANGED_TOKENS]: openIdExchangedTokensCache,
 };
 
 /**
@@ -116,7 +55,10 @@ const namespaces = {
  */
 function getTTLStores() {
   return Object.values(namespaces).filter(
-    (store) => store instanceof Keyv && typeof store.opts?.ttl === 'number' && store.opts.ttl > 0,
+    (store) =>
+      store instanceof Keyv &&
+      parseInt(store.opts?.ttl ?? '0') > 0 &&
+      !store.opts?.store?.constructor?.name?.includes('Redis'), // Only include non-Redis stores
   );
 }
 
@@ -152,18 +94,18 @@ async function clearExpiredFromCache(cache) {
       if (data?.expires && data.expires <= expiryTime) {
         const deleted = await cache.opts.store.delete(key);
         if (!deleted) {
-          debugMemoryCache &&
+          cacheConfig.DEBUG_MEMORY_CACHE &&
             console.warn(`[Cache] Error deleting entry: ${key} from ${cache.opts.namespace}`);
           continue;
         }
         cleared++;
       }
     } catch (error) {
-      debugMemoryCache &&
+      cacheConfig.DEBUG_MEMORY_CACHE &&
         console.log(`[Cache] Error processing entry from ${cache.opts.namespace}:`, error);
       const deleted = await cache.opts.store.delete(key);
       if (!deleted) {
-        debugMemoryCache &&
+        cacheConfig.DEBUG_MEMORY_CACHE &&
           console.warn(`[Cache] Error deleting entry: ${key} from ${cache.opts.namespace}`);
         continue;
       }
@@ -172,7 +114,7 @@ async function clearExpiredFromCache(cache) {
   }
 
   if (cleared > 0) {
-    debugMemoryCache &&
+    cacheConfig.DEBUG_MEMORY_CACHE &&
       console.log(
         `[Cache] Cleared ${cleared} entries older than ${ttl}ms from ${cache.opts.namespace}`,
       );
@@ -213,7 +155,7 @@ async function clearAllExpiredFromCache() {
   }
 }
 
-if (!isRedisEnabled && !isEnabled(CI)) {
+if (!cacheConfig.USE_REDIS && !cacheConfig.CI) {
   /** @type {Set<NodeJS.Timeout>} */
   const cleanupIntervals = new Set();
 
@@ -224,7 +166,7 @@ if (!isRedisEnabled && !isEnabled(CI)) {
 
   cleanupIntervals.add(cleanup);
 
-  if (debugMemoryCache) {
+  if (cacheConfig.DEBUG_MEMORY_CACHE) {
     const monitor = setInterval(() => {
       const ttlStores = getTTLStores();
       const memory = process.memoryUsage();
@@ -245,13 +187,13 @@ if (!isRedisEnabled && !isEnabled(CI)) {
   }
 
   const dispose = () => {
-    debugMemoryCache && console.log('[Cache] Cleaning up and shutting down...');
+    cacheConfig.DEBUG_MEMORY_CACHE && console.log('[Cache] Cleaning up and shutting down...');
     cleanupIntervals.forEach((interval) => clearInterval(interval));
     cleanupIntervals.clear();
 
     // One final cleanup before exit
     clearAllExpiredFromCache().then(() => {
-      debugMemoryCache && console.log('[Cache] Final cleanup completed');
+      cacheConfig.DEBUG_MEMORY_CACHE && console.log('[Cache] Final cleanup completed');
       process.exit(0);
     });
   };

api/cache/ioredisClient.js

@@ -1,92 +0,0 @@
-const fs = require('fs');
-const Redis = require('ioredis');
-const { isEnabled } = require('~/server/utils');
-const logger = require('~/config/winston');
-
-const { REDIS_URI, USE_REDIS, USE_REDIS_CLUSTER, REDIS_CA, REDIS_MAX_LISTENERS } = process.env;
-
-/** @type {import('ioredis').Redis | import('ioredis').Cluster} */
-let ioredisClient;
-const redis_max_listeners = Number(REDIS_MAX_LISTENERS) || 40;
-
-function mapURI(uri) {
-  const regex =
-    /^(?:(?<scheme>\w+):\/\/)?(?:(?<user>[^:@]+)(?::(?<password>[^@]+))?@)?(?<host>[\w.-]+)(?::(?<port>\d{1,5}))?$/;
-  const match = uri.match(regex);
-
-  if (match) {
-    const { scheme, user, password, host, port } = match.groups;
-
-    return {
-      scheme: scheme || 'none',
-      user: user || null,
-      password: password || null,
-      host: host || null,
-      port: port || null,
-    };
-  } else {
-    const parts = uri.split(':');
-    if (parts.length === 2) {
-      return {
-        scheme: 'none',
-        user: null,
-        password: null,
-        host: parts[0],
-        port: parts[1],
-      };
-    }
-
-    return {
-      scheme: 'none',
-      user: null,
-      password: null,
-      host: uri,
-      port: null,
-    };
-  }
-}
-
-if (REDIS_URI && isEnabled(USE_REDIS)) {
-  let redisOptions = null;
-
-  if (REDIS_CA) {
-    const ca = fs.readFileSync(REDIS_CA);
-    redisOptions = { tls: { ca } };
-  }
-
-  if (isEnabled(USE_REDIS_CLUSTER)) {
-    const hosts = REDIS_URI.split(',').map((item) => {
-      var value = mapURI(item);
-
-      return {
-        host: value.host,
-        port: value.port,
-      };
-    });
-    ioredisClient = new Redis.Cluster(hosts, { redisOptions });
-  } else {
-    ioredisClient = new Redis(REDIS_URI, redisOptions);
-  }
-
-  ioredisClient.on('ready', () => {
-    logger.info('IoRedis connection ready');
-  });
-  ioredisClient.on('reconnecting', () => {
-    logger.info('IoRedis connection reconnecting');
-  });
-  ioredisClient.on('end', () => {
-    logger.info('IoRedis connection ended');
-  });
-  ioredisClient.on('close', () => {
-    logger.info('IoRedis connection closed');
-  });
-  ioredisClient.on('error', (err) => logger.error('IoRedis connection error:', err));
-  ioredisClient.setMaxListeners(redis_max_listeners);
-  logger.info(
-    '[Optional] IoRedis initialized for rate limiters. If you have issues, disable Redis or restart the server.',
-  );
-} else {
-  logger.info('[Optional] IoRedis not initialized for rate limiters.');
-}
-
-module.exports = ioredisClient;

api/cache/keyvRedis.js

@@ -1,109 +0,0 @@
-const fs = require('fs');
-const ioredis = require('ioredis');
-const KeyvRedis = require('@keyv/redis').default;
-const { isEnabled } = require('~/server/utils');
-const logger = require('~/config/winston');
-
-const { REDIS_URI, USE_REDIS, USE_REDIS_CLUSTER, REDIS_CA, REDIS_KEY_PREFIX, REDIS_MAX_LISTENERS } =
-  process.env;
-
-let keyvRedis;
-const redis_prefix = REDIS_KEY_PREFIX || '';
-const redis_max_listeners = Number(REDIS_MAX_LISTENERS) || 40;
-
-function mapURI(uri) {
-  const regex =
-    /^(?:(?<scheme>\w+):\/\/)?(?:(?<user>[^:@]+)(?::(?<password>[^@]+))?@)?(?<host>[\w.-]+)(?::(?<port>\d{1,5}))?$/;
-  const match = uri.match(regex);
-
-  if (match) {
-    const { scheme, user, password, host, port } = match.groups;
-
-    return {
-      scheme: scheme || 'none',
-      user: user || null,
-      password: password || null,
-      host: host || null,
-      port: port || null,
-    };
-  } else {
-    const parts = uri.split(':');
-    if (parts.length === 2) {
-      return {
-        scheme: 'none',
-        user: null,
-        password: null,
-        host: parts[0],
-        port: parts[1],
-      };
-    }
-
-    return {
-      scheme: 'none',
-      user: null,
-      password: null,
-      host: uri,
-      port: null,
-    };
-  }
-}
-
-if (REDIS_URI && isEnabled(USE_REDIS)) {
-  let redisOptions = null;
-  /** @type {import('@keyv/redis').KeyvRedisOptions} */
-  let keyvOpts = {
-    useRedisSets: false,
-    keyPrefix: redis_prefix,
-  };
-
-  if (REDIS_CA) {
-    const ca = fs.readFileSync(REDIS_CA);
-    redisOptions = { tls: { ca } };
-  }
-
-  if (isEnabled(USE_REDIS_CLUSTER)) {
-    const hosts = REDIS_URI.split(',').map((item) => {
-      var value = mapURI(item);
-
-      return {
-        host: value.host,
-        port: value.port,
-      };
-    });
-    const cluster = new ioredis.Cluster(hosts, { redisOptions });
-    keyvRedis = new KeyvRedis(cluster, keyvOpts);
-  } else {
-    keyvRedis = new KeyvRedis(REDIS_URI, keyvOpts);
-  }
-
-  const pingInterval = setInterval(
-    () => {
-      logger.debug('KeyvRedis ping');
-      keyvRedis.client.ping().catch((err) => logger.error('Redis keep-alive ping failed:', err));
-    },
-    5 * 60 * 1000,
-  );
-
-  keyvRedis.on('ready', () => {
-    logger.info('KeyvRedis connection ready');
-  });
-  keyvRedis.on('reconnecting', () => {
-    logger.info('KeyvRedis connection reconnecting');
-  });
-  keyvRedis.on('end', () => {
-    logger.info('KeyvRedis connection ended');
-  });
-  keyvRedis.on('close', () => {
-    clearInterval(pingInterval);
-    logger.info('KeyvRedis connection closed');
-  });
-  keyvRedis.on('error', (err) => logger.error('KeyvRedis connection error:', err));
-  keyvRedis.setMaxListeners(redis_max_listeners);
-  logger.info(
-    '[Optional] Redis initialized. If you have issues, or seeing older values, disable it or flush cache to refresh values.',
-  );
-} else {
-  logger.info('[Optional] Redis not initialized.');
-}
-
-module.exports = keyvRedis;

api/cache/logViolation.js

@@ -1,4 +1,5 @@
 const { isEnabled } = require('~/server/utils');
+const { ViolationTypes } = require('librechat-data-provider');
 const getLogStores = require('./getLogStores');
 const banViolation = require('./banViolation');
 
@@ -9,14 +10,14 @@ const banViolation = require('./banViolation');
  * @param {Object} res - Express response object.
  * @param {string} type - The type of violation.
  * @param {Object} errorMessage - The error message to log.
- * @param {number} [score=1] - The severity of the violation. Defaults to 1
+ * @param {number | string} [score=1] - The severity of the violation. Defaults to 1
  */
 const logViolation = async (req, res, type, errorMessage, score = 1) => {
   const userId = req.user?.id ?? req.user?._id;
   if (!userId) {
     return;
   }
-  const logs = getLogStores('general');
+  const logs = getLogStores(ViolationTypes.GENERAL);
   const violationLogs = getLogStores(type);
   const key = isEnabled(process.env.USE_REDIS) ? `${type}:${userId}` : userId;
 

api/cache/redisClients.js

@@ -0,0 +1,57 @@
+const IoRedis = require('ioredis');
+const { cacheConfig } = require('./cacheConfig');
+const { createClient, createCluster } = require('@keyv/redis');
+
+const GLOBAL_PREFIX_SEPARATOR = '::';
+
+const urls = cacheConfig.REDIS_URI?.split(',').map((uri) => new URL(uri));
+const username = urls?.[0].username || cacheConfig.REDIS_USERNAME;
+const password = urls?.[0].password || cacheConfig.REDIS_PASSWORD;
+const ca = cacheConfig.REDIS_CA;
+
+/** @type {import('ioredis').Redis | import('ioredis').Cluster | null} */
+let ioredisClient = null;
+if (cacheConfig.USE_REDIS) {
+  const redisOptions = {
+    username: username,
+    password: password,
+    tls: ca ? { ca } : undefined,
+    keyPrefix: `${cacheConfig.REDIS_KEY_PREFIX}${GLOBAL_PREFIX_SEPARATOR}`,
+    maxListeners: cacheConfig.REDIS_MAX_LISTENERS,
+  };
+
+  ioredisClient =
+    urls.length === 1
+      ? new IoRedis(cacheConfig.REDIS_URI, redisOptions)
+      : new IoRedis.Cluster(cacheConfig.REDIS_URI, { redisOptions });
+
+  // Pinging the Redis server every 5 minutes to keep the connection alive
+  const pingInterval = setInterval(() => ioredisClient.ping(), 5 * 60 * 1000);
+  ioredisClient.on('close', () => clearInterval(pingInterval));
+  ioredisClient.on('end', () => clearInterval(pingInterval));
+}
+
+/** @type {import('@keyv/redis').RedisClient | import('@keyv/redis').RedisCluster | null} */
+let keyvRedisClient = null;
+if (cacheConfig.USE_REDIS) {
+  // ** WARNING ** Keyv Redis client does not support Prefix like ioredis above.
+  // The prefix feature will be handled by the Keyv-Redis store in cacheFactory.js
+  const redisOptions = { username, password, socket: { tls: ca != null, ca } };
+
+  keyvRedisClient =
+    urls.length === 1
+      ? createClient({ url: cacheConfig.REDIS_URI, ...redisOptions })
+      : createCluster({
+          rootNodes: cacheConfig.REDIS_URI.split(',').map((url) => ({ url })),
+          defaults: redisOptions,
+        });
+
+  keyvRedisClient.setMaxListeners(cacheConfig.REDIS_MAX_LISTENERS);
+
+  // Pinging the Redis server every 5 minutes to keep the connection alive
+  const keyvPingInterval = setInterval(() => keyvRedisClient.ping(), 5 * 60 * 1000);
+  keyvRedisClient.on('disconnect', () => clearInterval(keyvPingInterval));
+  keyvRedisClient.on('end', () => clearInterval(keyvPingInterval));
+}
+
+module.exports = { ioredisClient, keyvRedisClient, GLOBAL_PREFIX_SEPARATOR };

api/models/Conversation.js

@@ -1,6 +1,6 @@
 const { logger } = require('@librechat/data-schemas');
 const { createTempChatExpirationDate } = require('@librechat/api');
-const getCustomConfig = require('~/server/services/Config/loadCustomConfig');
+const getCustomConfig = require('~/server/services/Config/getCustomConfig');
 const { getMessages, deleteMessages } = require('./Message');
 const { Conversation } = require('~/db/models');
 

api/models/File.js

@@ -1,5 +1,7 @@
 const { logger } = require('@librechat/data-schemas');
-const { EToolResources, FileContext } = require('librechat-data-provider');
+const { EToolResources, FileContext, Constants } = require('librechat-data-provider');
+const { getProjectByName } = require('./Project');
+const { getAgent } = require('./Agent');
 const { File } = require('~/db/models');
 
 /**
@@ -12,17 +14,124 @@ const findFileById = async (file_id, options = {}) => {
   return await File.findOne({ file_id, ...options }).lean();
 };
 
+/**
+ * Checks if a user has access to multiple files through a shared agent (batch operation)
+ * @param {string} userId - The user ID to check access for
+ * @param {string[]} fileIds - Array of file IDs to check
+ * @param {string} agentId - The agent ID that might grant access
+ * @returns {Promise<Map<string, boolean>>} Map of fileId to access status
+ */
+const hasAccessToFilesViaAgent = async (userId, fileIds, agentId, checkCollaborative = true) => {
+  const accessMap = new Map();
+
+  // Initialize all files as no access
+  fileIds.forEach((fileId) => accessMap.set(fileId, false));
+
+  try {
+    const agent = await getAgent({ id: agentId });
+
+    if (!agent) {
+      return accessMap;
+    }
+
+    // Check if user is the author - if so, grant access to all files
+    if (agent.author.toString() === userId) {
+      fileIds.forEach((fileId) => accessMap.set(fileId, true));
+      return accessMap;
+    }
+
+    // Check if agent is shared with the user via projects
+    if (!agent.projectIds || agent.projectIds.length === 0) {
+      return accessMap;
+    }
+
+    // Check if agent is in global project
+    const globalProject = await getProjectByName(Constants.GLOBAL_PROJECT_NAME, '_id');
+    if (
+      !globalProject ||
+      !agent.projectIds.some((pid) => pid.toString() === globalProject._id.toString())
+    ) {
+      return accessMap;
+    }
+
+    // Agent is globally shared - check if it's collaborative
+    if (checkCollaborative && !agent.isCollaborative) {
+      return accessMap;
+    }
+
+    // Check which files are actually attached
+    const attachedFileIds = new Set();
+    if (agent.tool_resources) {
+      for (const [_resourceType, resource] of Object.entries(agent.tool_resources)) {
+        if (resource?.file_ids && Array.isArray(resource.file_ids)) {
+          resource.file_ids.forEach((fileId) => attachedFileIds.add(fileId));
+        }
+      }
+    }
+
+    // Grant access only to files that are attached to this agent
+    fileIds.forEach((fileId) => {
+      if (attachedFileIds.has(fileId)) {
+        accessMap.set(fileId, true);
+      }
+    });
+
+    return accessMap;
+  } catch (error) {
+    logger.error('[hasAccessToFilesViaAgent] Error checking file access:', error);
+    return accessMap;
+  }
+};
+
 /**
  * Retrieves files matching a given filter, sorted by the most recently updated.
  * @param {Object} filter - The filter criteria to apply.
  * @param {Object} [_sortOptions] - Optional sort parameters.
  * @param {Object|String} [selectFields={ text: 0 }] - Fields to include/exclude in the query results.
  *                                                   Default excludes the 'text' field.
+ * @param {Object} [options] - Additional options
+ * @param {string} [options.userId] - User ID for access control
+ * @param {string} [options.agentId] - Agent ID that might grant access to files
  * @returns {Promise<Array<MongoFile>>} A promise that resolves to an array of file documents.
  */
-const getFiles = async (filter, _sortOptions, selectFields = { text: 0 }) => {
+const getFiles = async (filter, _sortOptions, selectFields = { text: 0 }, options = {}) => {
   const sortOptions = { updatedAt: -1, ..._sortOptions };
-  return await File.find(filter).select(selectFields).sort(sortOptions).lean();
+  const files = await File.find(filter).select(selectFields).sort(sortOptions).lean();
+
+  // If userId and agentId are provided, filter files based on access
+  if (options.userId && options.agentId) {
+    // Collect file IDs that need access check
+    const filesToCheck = [];
+    const ownedFiles = [];
+
+    for (const file of files) {
+      if (file.user && file.user.toString() === options.userId) {
+        ownedFiles.push(file);
+      } else {
+        filesToCheck.push(file);
+      }
+    }
+
+    if (filesToCheck.length === 0) {
+      return ownedFiles;
+    }
+
+    // Batch check access for all non-owned files
+    const fileIds = filesToCheck.map((f) => f.file_id);
+    const accessMap = await hasAccessToFilesViaAgent(
+      options.userId,
+      fileIds,
+      options.agentId,
+      false,
+    );
+
+    // Filter files based on access
+    const accessibleFiles = filesToCheck.filter((file) => accessMap.get(file.file_id));
+
+    return [...ownedFiles, ...accessibleFiles];
+  }
+
+  return files;
 };
 
 /**
@@ -176,4 +285,5 @@ module.exports = {
   deleteFiles,
   deleteFileByFilter,
   batchUpdateFiles,
+  hasAccessToFilesViaAgent,
 };

api/models/File.spec.js

@@ -0,0 +1,264 @@
+const mongoose = require('mongoose');
+const { v4: uuidv4 } = require('uuid');
+const { fileSchema } = require('@librechat/data-schemas');
+const { agentSchema } = require('@librechat/data-schemas');
+const { projectSchema } = require('@librechat/data-schemas');
+const { MongoMemoryServer } = require('mongodb-memory-server');
+const { GLOBAL_PROJECT_NAME } = require('librechat-data-provider').Constants;
+const { getFiles, createFile } = require('./File');
+const { getProjectByName } = require('./Project');
+const { createAgent } = require('./Agent');
+
+let File;
+let Agent;
+let Project;
+
+describe('File Access Control', () => {
+  let mongoServer;
+
+  beforeAll(async () => {
+    mongoServer = await MongoMemoryServer.create();
+    const mongoUri = mongoServer.getUri();
+    File = mongoose.models.File || mongoose.model('File', fileSchema);
+    Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
+    Project = mongoose.models.Project || mongoose.model('Project', projectSchema);
+    await mongoose.connect(mongoUri);
+  });
+
+  afterAll(async () => {
+    await mongoose.disconnect();
+    await mongoServer.stop();
+  });
+
+  beforeEach(async () => {
+    await File.deleteMany({});
+    await Agent.deleteMany({});
+    await Project.deleteMany({});
+  });
+
+  describe('hasAccessToFilesViaAgent', () => {
+    it('should efficiently check access for multiple files at once', async () => {
+      const userId = new mongoose.Types.ObjectId().toString();
+      const authorId = new mongoose.Types.ObjectId().toString();
+      const agentId = uuidv4();
+      const fileIds = [uuidv4(), uuidv4(), uuidv4(), uuidv4()];
+
+      // Create files
+      for (const fileId of fileIds) {
+        await createFile({
+          user: authorId,
+          file_id: fileId,
+          filename: `file-${fileId}.txt`,
+          filepath: `/uploads/${fileId}`,
+        });
+      }
+
+      // Create agent with only first two files attached
+      await createAgent({
+        id: agentId,
+        name: 'Test Agent',
+        author: authorId,
+        model: 'gpt-4',
+        provider: 'openai',
+        isCollaborative: true,
+        tool_resources: {
+          file_search: {
+            file_ids: [fileIds[0], fileIds[1]],
+          },
+        },
+      });
+
+      // Get or create global project
+      const globalProject = await getProjectByName(GLOBAL_PROJECT_NAME, '_id');
+
+      // Share agent globally
+      await Agent.updateOne({ id: agentId }, { $push: { projectIds: globalProject._id } });
+
+      // Check access for all files
+      const { hasAccessToFilesViaAgent } = require('./File');
+      const accessMap = await hasAccessToFilesViaAgent(userId, fileIds, agentId);
+
+      // Should have access only to the first two files
+      expect(accessMap.get(fileIds[0])).toBe(true);
+      expect(accessMap.get(fileIds[1])).toBe(true);
+      expect(accessMap.get(fileIds[2])).toBe(false);
+      expect(accessMap.get(fileIds[3])).toBe(false);
+    });
+
+    it('should grant access to all files when user is the agent author', async () => {
+      const authorId = new mongoose.Types.ObjectId().toString();
+      const agentId = uuidv4();
+      const fileIds = [uuidv4(), uuidv4(), uuidv4()];
+
+      // Create agent
+      await createAgent({
+        id: agentId,
+        name: 'Test Agent',
+        author: authorId,
+        model: 'gpt-4',
+        provider: 'openai',
+        tool_resources: {
+          file_search: {
+            file_ids: [fileIds[0]], // Only one file attached
+          },
+        },
+      });
+
+      // Check access as the author
+      const { hasAccessToFilesViaAgent } = require('./File');
+      const accessMap = await hasAccessToFilesViaAgent(authorId, fileIds, agentId);
+
+      // Author should have access to all files
+      expect(accessMap.get(fileIds[0])).toBe(true);
+      expect(accessMap.get(fileIds[1])).toBe(true);
+      expect(accessMap.get(fileIds[2])).toBe(true);
+    });
+
+    it('should handle non-existent agent gracefully', async () => {
+      const userId = new mongoose.Types.ObjectId().toString();
+      const fileIds = [uuidv4(), uuidv4()];
+
+      const { hasAccessToFilesViaAgent } = require('./File');
+      const accessMap = await hasAccessToFilesViaAgent(userId, fileIds, 'non-existent-agent');
+
+      // Should have no access to any files
+      expect(accessMap.get(fileIds[0])).toBe(false);
+      expect(accessMap.get(fileIds[1])).toBe(false);
+    });
+
+    it('should deny access when agent is not collaborative', async () => {
+      const userId = new mongoose.Types.ObjectId().toString();
+      const authorId = new mongoose.Types.ObjectId().toString();
+      const agentId = uuidv4();
+      const fileIds = [uuidv4(), uuidv4()];
+
+      // Create agent with files but isCollaborative: false
+      await createAgent({
+        id: agentId,
+        name: 'Non-Collaborative Agent',
+        author: authorId,
+        model: 'gpt-4',
+        provider: 'openai',
+        isCollaborative: false,
+        tool_resources: {
+          file_search: {
+            file_ids: fileIds,
+          },
+        },
+      });
+
+      // Get or create global project
+      const globalProject = await getProjectByName(GLOBAL_PROJECT_NAME, '_id');
+
+      // Share agent globally
+      await Agent.updateOne({ id: agentId }, { $push: { projectIds: globalProject._id } });
+
+      // Check access for files
+      const { hasAccessToFilesViaAgent } = require('./File');
+      const accessMap = await hasAccessToFilesViaAgent(userId, fileIds, agentId);
+
+      // Should have no access to any files when isCollaborative is false
+      expect(accessMap.get(fileIds[0])).toBe(false);
+      expect(accessMap.get(fileIds[1])).toBe(false);
+    });
+  });
+
+  describe('getFiles with agent access control', () => {
+    test('should return files owned by user and files accessible through agent', async () => {
+      const authorId = new mongoose.Types.ObjectId();
+      const userId = new mongoose.Types.ObjectId();
+      const agentId = `agent_${uuidv4()}`;
+      const ownedFileId = `file_${uuidv4()}`;
+      const sharedFileId = `file_${uuidv4()}`;
+      const inaccessibleFileId = `file_${uuidv4()}`;
+
+      // Create/get global project using getProjectByName which will upsert
+      const globalProject = await getProjectByName(GLOBAL_PROJECT_NAME);
+
+      // Create agent with shared file
+      await createAgent({
+        id: agentId,
+        name: 'Shared Agent',
+        provider: 'test',
+        model: 'test-model',
+        author: authorId,
+        projectIds: [globalProject._id],
+        isCollaborative: true,
+        tool_resources: {
+          file_search: {
+            file_ids: [sharedFileId],
+          },
+        },
+      });
+
+      // Create files
+      await createFile({
+        file_id: ownedFileId,
+        user: userId,
+        filename: 'owned.txt',
+        filepath: '/uploads/owned.txt',
+        type: 'text/plain',
+        bytes: 100,
+      });
+
+      await createFile({
+        file_id: sharedFileId,
+        user: authorId,
+        filename: 'shared.txt',
+        filepath: '/uploads/shared.txt',
+        type: 'text/plain',
+        bytes: 200,
+        embedded: true,
+      });
+
+      await createFile({
+        file_id: inaccessibleFileId,
+        user: authorId,
+        filename: 'inaccessible.txt',
+        filepath: '/uploads/inaccessible.txt',
+        type: 'text/plain',
+        bytes: 300,
+      });
+
+      // Get files with access control
+      const files = await getFiles(
+        { file_id: { $in: [ownedFileId, sharedFileId, inaccessibleFileId] } },
+        null,
+        { text: 0 },
+        { userId: userId.toString(), agentId },
+      );
+
+      expect(files).toHaveLength(2);
+      expect(files.map((f) => f.file_id)).toContain(ownedFileId);
+      expect(files.map((f) => f.file_id)).toContain(sharedFileId);
+      expect(files.map((f) => f.file_id)).not.toContain(inaccessibleFileId);
+    });
+
+    test('should return all files when no userId/agentId provided', async () => {
+      const userId = new mongoose.Types.ObjectId();
+      const fileId1 = `file_${uuidv4()}`;
+      const fileId2 = `file_${uuidv4()}`;
+
+      await createFile({
+        file_id: fileId1,
+        user: userId,
+        filename: 'file1.txt',
+        filepath: '/uploads/file1.txt',
+        type: 'text/plain',
+        bytes: 100,
+      });
+
+      await createFile({
+        file_id: fileId2,
+        user: new mongoose.Types.ObjectId(),
+        filename: 'file2.txt',
+        filepath: '/uploads/file2.txt',
+        type: 'text/plain',
+        bytes: 200,
+      });
+
+      const files = await getFiles({ file_id: { $in: [fileId1, fileId2] } });
+      expect(files).toHaveLength(2);
+    });
+  });
+});

api/models/Message.js

@@ -1,7 +1,7 @@
 const { z } = require('zod');
 const { logger } = require('@librechat/data-schemas');
 const { createTempChatExpirationDate } = require('@librechat/api');
-const getCustomConfig = require('~/server/services/Config/loadCustomConfig');
+const getCustomConfig = require('~/server/services/Config/getCustomConfig');
 const { Message } = require('~/db/models');
 
 const idSchema = z.string().uuid();

api/models/tx.js

@@ -135,10 +135,11 @@ const tokenValues = Object.assign(
     'grok-2-1212': { prompt: 2.0, completion: 10.0 },
     'grok-2-latest': { prompt: 2.0, completion: 10.0 },
     'grok-2': { prompt: 2.0, completion: 10.0 },
-    'grok-3-mini-fast': { prompt: 0.4, completion: 4 },
+    'grok-3-mini-fast': { prompt: 0.6, completion: 4 },
     'grok-3-mini': { prompt: 0.3, completion: 0.5 },
     'grok-3-fast': { prompt: 5.0, completion: 25.0 },
     'grok-3': { prompt: 3.0, completion: 15.0 },
+    'grok-4': { prompt: 3.0, completion: 15.0 },
     'grok-beta': { prompt: 5.0, completion: 15.0 },
     'mistral-large': { prompt: 2.0, completion: 6.0 },
     'pixtral-large': { prompt: 2.0, completion: 6.0 },

api/models/tx.spec.js

@@ -636,6 +636,15 @@ describe('Grok Model Tests - Pricing', () => {
       );
     });
 
+    test('should return correct prompt and completion rates for Grok 4 model', () => {
+      expect(getMultiplier({ model: 'grok-4-0709', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-4'].prompt,
+      );
+      expect(getMultiplier({ model: 'grok-4-0709', tokenType: 'completion' })).toBe(
+        tokenValues['grok-4'].completion,
+      );
+    });
+
     test('should return correct prompt and completion rates for Grok 3 models with prefixes', () => {
       expect(getMultiplier({ model: 'xai/grok-3', tokenType: 'prompt' })).toBe(
         tokenValues['grok-3'].prompt,
@@ -662,6 +671,15 @@ describe('Grok Model Tests - Pricing', () => {
         tokenValues['grok-3-mini-fast'].completion,
       );
     });
+
+    test('should return correct prompt and completion rates for Grok 4 model with prefixes', () => {
+      expect(getMultiplier({ model: 'xai/grok-4-0709', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-4'].prompt,
+      );
+      expect(getMultiplier({ model: 'xai/grok-4-0709', tokenType: 'completion' })).toBe(
+        tokenValues['grok-4'].completion,
+      );
+    });
   });
 });
 

api/package.json

@@ -44,19 +44,20 @@
     "@googleapis/youtube": "^20.0.0",
     "@keyv/redis": "^4.3.3",
     "@langchain/community": "^0.3.47",
-    "@langchain/core": "^0.3.60",
+    "@langchain/core": "^0.3.62",
     "@langchain/google-genai": "^0.2.13",
     "@langchain/google-vertexai": "^0.2.13",
+    "@langchain/openai": "^0.5.18",
     "@langchain/textsplitters": "^0.1.0",
-    "@librechat/agents": "^2.4.56",
+    "@librechat/agents": "^2.4.63",
     "@librechat/api": "*",
     "@librechat/data-schemas": "*",
     "@node-saml/passport-saml": "^5.0.0",
     "@waylaidwanderer/fetch-event-source": "^3.0.1",
     "axios": "^1.8.2",
     "bcryptjs": "^2.4.3",
-    "compression": "^1.7.4",
-    "connect-redis": "^7.1.0",
+    "compression": "^1.8.1",
+    "connect-redis": "^8.1.0",
     "cookie": "^0.7.2",
     "cookie-parser": "^1.4.7",
     "cors": "^2.8.5",
@@ -66,7 +67,7 @@
     "express": "^4.21.2",
     "express-mongo-sanitize": "^2.2.0",
     "express-rate-limit": "^7.4.1",
-    "express-session": "^1.18.1",
+    "express-session": "^1.18.2",
     "express-static-gzip": "^2.2.0",
     "file-type": "^18.7.0",
     "firebase": "^11.0.2",
@@ -87,7 +88,7 @@
     "mime": "^3.0.0",
     "module-alias": "^2.2.3",
     "mongoose": "^8.12.1",
-    "multer": "^2.0.1",
+    "multer": "^2.0.2",
     "nanoid": "^3.3.7",
     "node-fetch": "^2.7.0",
     "nodemailer": "^6.9.15",

api/server/controllers/PluginController.js

@@ -1,11 +1,10 @@
 const { logger } = require('@librechat/data-schemas');
-const { CacheKeys, AuthType } = require('librechat-data-provider');
+const { CacheKeys, AuthType, Constants } = require('librechat-data-provider');
 const { getCustomConfig, getCachedTools } = require('~/server/services/Config');
 const { getToolkitKey } = require('~/server/services/ToolService');
 const { getMCPManager, getFlowStateManager } = require('~/config');
 const { availableTools } = require('~/app/clients/tools');
 const { getLogStores } = require('~/cache');
-const { Constants } = require('librechat-data-provider');
 
 /**
  * Filters out duplicate plugins from the list of plugins.
@@ -140,9 +139,9 @@ function createGetServerTools() {
 const getAvailableTools = async (req, res) => {
   try {
     const cache = getLogStores(CacheKeys.CONFIG_STORE);
-    const cachedTools = await cache.get(CacheKeys.TOOLS);
-    if (cachedTools) {
-      res.status(200).json(cachedTools);
+    const cachedToolsArray = await cache.get(CacheKeys.TOOLS);
+    if (cachedToolsArray) {
+      res.status(200).json(cachedToolsArray);
       return;
     }
 
@@ -173,7 +172,7 @@ const getAvailableTools = async (req, res) => {
       }
     });
 
-    const toolDefinitions = await getCachedTools({ includeGlobal: true });
+    const toolDefinitions = (await getCachedTools({ includeGlobal: true })) || {};
 
     const toolsOutput = [];
     for (const plugin of authenticatedPlugins) {

api/server/controllers/UserController.js

@@ -1,11 +1,5 @@
-const {
-  Tools,
-  Constants,
-  FileSources,
-  webSearchKeys,
-  extractWebSearchEnvVars,
-} = require('librechat-data-provider');
 const { logger } = require('@librechat/data-schemas');
+const { webSearchKeys, extractWebSearchEnvVars } = require('@librechat/api');
 const {
   getFiles,
   updateUser,
@@ -20,6 +14,7 @@ const { updateUserPluginAuth, deleteUserPluginAuth } = require('~/server/service
 const { updateUserPluginsService, deleteUserKey } = require('~/server/services/UserService');
 const { verifyEmail, resendVerificationEmail } = require('~/server/services/AuthService');
 const { needsRefresh, getNewS3URL } = require('~/server/services/Files/S3/crud');
+const { Tools, Constants, FileSources } = require('librechat-data-provider');
 const { processDeleteRequest } = require('~/server/services/Files/process');
 const { Transaction, Balance, User } = require('~/db/models');
 const { deleteToolCalls } = require('~/models/ToolCall');

api/server/controllers/agents/client.js

@@ -1,11 +1,14 @@
 require('events').EventEmitter.defaultMaxListeners = 100;
 const { logger } = require('@librechat/data-schemas');
+const { DynamicStructuredTool } = require('@langchain/core/tools');
+const { getBufferString, HumanMessage } = require('@langchain/core/messages');
 const {
   sendEvent,
   createRun,
   Tokenizer,
   checkAccess,
   memoryInstructions,
+  formatContentStrings,
   createMemoryProcessor,
 } = require('@librechat/api');
 const {
@@ -14,7 +17,6 @@ const {
   GraphEvents,
   formatMessage,
   formatAgentMessages,
-  formatContentStrings,
   getTokenCountForMessage,
   createMetadataAggregator,
 } = require('@librechat/agents');
@@ -24,20 +26,22 @@ const {
   VisionModes,
   ContentTypes,
   EModelEndpoint,
-  KnownEndpoints,
   PermissionTypes,
   isAgentsEndpoint,
   AgentCapabilities,
   bedrockInputSchema,
   removeNullishValues,
 } = require('librechat-data-provider');
-const { DynamicStructuredTool } = require('@langchain/core/tools');
-const { getBufferString, HumanMessage } = require('@langchain/core/messages');
-const { createGetMCPAuthMap, checkCapability } = require('~/server/services/Config');
+const {
+  findPluginAuthsByKeys,
+  getFormattedMemories,
+  deleteMemory,
+  setMemory,
+} = require('~/models');
+const { getMCPAuthMap, checkCapability, hasCustomUserVars } = require('~/server/services/Config');
 const { addCacheControl, createContextHandlers } = require('~/app/clients/prompts');
 const { initializeAgent } = require('~/server/services/Endpoints/agents/agent');
 const { spendTokens, spendStructuredTokens } = require('~/models/spendTokens');
-const { getFormattedMemories, deleteMemory, setMemory } = require('~/models');
 const { encodeAndFormat } = require('~/server/services/Files/images/encode');
 const { getProviderConfig } = require('~/server/services/Endpoints');
 const BaseClient = require('~/app/clients/BaseClient');
@@ -54,6 +58,7 @@ const omitTitleOptions = new Set([
   'thinkingBudget',
   'includeThoughts',
   'maxOutputTokens',
+  'additionalModelRequestFields',
 ]);
 
 /**
@@ -70,8 +75,6 @@ const payloadParser = ({ req, agent, endpoint }) => {
   return req.body.endpointOption.model_parameters;
 };
 
-const legacyContentEndpoints = new Set([KnownEndpoints.groq, KnownEndpoints.deepseek]);
-
 const noSystemModelRegex = [/\b(o1-preview|o1-mini|amazon\.titan-text)\b/gi];
 
 function createTokenCounter(encoding) {
@@ -452,6 +455,12 @@ class AgentClient extends BaseClient {
       res: this.options.res,
       agent: prelimAgent,
       allowedProviders,
+      endpointOption: {
+        endpoint:
+          prelimAgent.id !== Constants.EPHEMERAL_AGENT_ID
+            ? EModelEndpoint.agents
+            : memoryConfig.agent?.provider,
+      },
     });
 
     if (!agent) {
@@ -700,17 +709,12 @@ class AgentClient extends BaseClient {
         version: 'v2',
       };
 
-      const getUserMCPAuthMap = await createGetMCPAuthMap();
-
       const toolSet = new Set((this.options.agent.tools ?? []).map((tool) => tool && tool.name));
       let { messages: initialMessages, indexTokenCountMap } = formatAgentMessages(
         payload,
         this.indexTokenCountMap,
         toolSet,
       );
-      if (legacyContentEndpoints.has(this.options.agent.endpoint?.toLowerCase())) {
-        initialMessages = formatContentStrings(initialMessages);
-      }
 
       /**
        *
@@ -774,6 +778,9 @@ class AgentClient extends BaseClient {
         }
 
         let messages = _messages;
+        if (agent.useLegacyContent === true) {
+          messages = formatContentStrings(messages);
+        }
         if (
           agent.model_parameters?.clientOptions?.defaultHeaders?.['anthropic-beta']?.includes(
             'prompt-caching',
@@ -822,10 +829,11 @@ class AgentClient extends BaseClient {
         }
 
         try {
-          if (getUserMCPAuthMap) {
-            config.configurable.userMCPAuthMap = await getUserMCPAuthMap({
+          if (await hasCustomUserVars()) {
+            config.configurable.userMCPAuthMap = await getMCPAuthMap({
               tools: agent.tools,
               userId: this.options.req.user.id,
+              findPluginAuthsByKeys,
             });
           }
         } catch (err) {
@@ -1043,6 +1051,12 @@ class AgentClient extends BaseClient {
       options.llmConfig?.azureOpenAIApiInstanceName == null
     ) {
       provider = Providers.OPENAI;
+    } else if (
+      endpoint === EModelEndpoint.azureOpenAI &&
+      options.llmConfig?.azureOpenAIApiInstanceName != null &&
+      provider !== Providers.AZURE
+    ) {
+      provider = Providers.AZURE;
     }
 
     /** @type {import('@librechat/agents').ClientOptions} */
@@ -1121,8 +1135,52 @@ class AgentClient extends BaseClient {
     }
   }
 
-  /** Silent method, as `recordCollectedUsage` is used instead */
-  async recordTokenUsage() {}
+  /**
+   * @param {object} params
+   * @param {number} params.promptTokens
+   * @param {number} params.completionTokens
+   * @param {OpenAIUsageMetadata} [params.usage]
+   * @param {string} [params.model]
+   * @param {string} [params.context='message']
+   * @returns {Promise<void>}
+   */
+  async recordTokenUsage({ model, promptTokens, completionTokens, usage, context = 'message' }) {
+    try {
+      await spendTokens(
+        {
+          model,
+          context,
+          conversationId: this.conversationId,
+          user: this.user ?? this.options.req.user?.id,
+          endpointTokenConfig: this.options.endpointTokenConfig,
+        },
+        { promptTokens, completionTokens },
+      );
+
+      if (
+        usage &&
+        typeof usage === 'object' &&
+        'reasoning_tokens' in usage &&
+        typeof usage.reasoning_tokens === 'number'
+      ) {
+        await spendTokens(
+          {
+            model,
+            context: 'reasoning',
+            conversationId: this.conversationId,
+            user: this.user ?? this.options.req.user?.id,
+            endpointTokenConfig: this.options.endpointTokenConfig,
+          },
+          { completionTokens: usage.reasoning_tokens },
+        );
+      }
+    } catch (error) {
+      logger.error(
+        '[api/server/controllers/agents/client.js #recordTokenUsage] Error recording token usage',
+        error,
+      );
+    }
+  }
 
   getEncoding() {
     return 'o200k_base';

api/server/controllers/agents/request.js

@@ -12,6 +12,7 @@ const { saveMessage } = require('~/models');
 const AgentController = async (req, res, next, initializeClient, addTitle) => {
   let {
     text,
+    isRegenerate,
     endpointOption,
     conversationId,
     isContinued = false,
@@ -167,6 +168,7 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
       onStart,
       getReqData,
       isContinued,
+      isRegenerate,
       editedContent,
       conversationId,
       parentMessageId,

api/server/controllers/agents/v1.js

@@ -391,6 +391,22 @@ const uploadAgentAvatarHandler = async (req, res) => {
       return res.status(400).json({ message: 'Agent ID is required' });
     }
 
+    const isAdmin = req.user.role === SystemRoles.ADMIN;
+    const existingAgent = await getAgent({ id: agent_id });
+
+    if (!existingAgent) {
+      return res.status(404).json({ error: 'Agent not found' });
+    }
+
+    const isAuthor = existingAgent.author.toString() === req.user.id;
+    const hasEditPermission = existingAgent.isCollaborative || isAdmin || isAuthor;
+
+    if (!hasEditPermission) {
+      return res.status(403).json({
+        error: 'You do not have permission to modify this non-collaborative agent',
+      });
+    }
+
     const buffer = await fs.readFile(req.file.path);
 
     const fileStrategy = req.app.locals.fileStrategy;
@@ -413,14 +429,7 @@ const uploadAgentAvatarHandler = async (req, res) => {
       source: fileStrategy,
     };
 
-    let _avatar;
-    try {
-      const agent = await getAgent({ id: agent_id });
-      _avatar = agent.avatar;
-    } catch (error) {
-      logger.error('[/:agent_id/avatar] Error fetching agent', error);
-      _avatar = {};
-    }
+    let _avatar = existingAgent.avatar;
 
     if (_avatar && _avatar.source) {
       const { deleteFile } = getStrategyFunctions(_avatar.source);
@@ -442,7 +451,7 @@ const uploadAgentAvatarHandler = async (req, res) => {
     };
 
     promises.push(
-      await updateAgent({ id: agent_id, author: req.user.id }, data, {
+      await updateAgent({ id: agent_id }, data, {
         updatingUserId: req.user.id,
       }),
     );

api/server/controllers/tools.js

@@ -1,14 +1,13 @@
 const { nanoid } = require('nanoid');
 const { EnvVar } = require('@librechat/agents');
-const { checkAccess } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
+const { checkAccess, loadWebSearchAuth } = require('@librechat/api');
 const {
   Tools,
   AuthType,
   Permissions,
   ToolCallTypes,
   PermissionTypes,
-  loadWebSearchAuth,
 } = require('librechat-data-provider');
 const { processFileURL, uploadImageBuffer } = require('~/server/services/Files/process');
 const { processCodeOutput } = require('~/server/services/Files/Code/process');

api/server/middleware/buildEndpointOption.js

@@ -1,3 +1,4 @@
+const { handleError } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
 const {
   EndpointURLs,
@@ -14,7 +15,6 @@ const openAI = require('~/server/services/Endpoints/openAI');
 const agents = require('~/server/services/Endpoints/agents');
 const custom = require('~/server/services/Endpoints/custom');
 const google = require('~/server/services/Endpoints/google');
-const { handleError } = require('~/server/utils');
 
 const buildFunction = {
   [EModelEndpoint.openAI]: openAI.buildOptions,

api/server/middleware/concurrentLimiter.js

@@ -1,4 +1,4 @@
-const { Time, CacheKeys } = require('librechat-data-provider');
+const { Time, CacheKeys, ViolationTypes } = require('librechat-data-provider');
 const clearPendingReq = require('~/cache/clearPendingReq');
 const { logViolation, getLogStores } = require('~/cache');
 const { isEnabled } = require('~/server/utils');
@@ -37,7 +37,7 @@ const concurrentLimiter = async (req, res, next) => {
 
   const userId = req.user?.id ?? req.user?._id ?? '';
   const limit = Math.max(CONCURRENT_MESSAGE_MAX, 1);
-  const type = 'concurrent';
+  const type = ViolationTypes.CONCURRENT;
 
   const key = `${isEnabled(USE_REDIS) ? namespace : ''}:${userId}`;
   const pendingRequests = +((await cache.get(key)) ?? 0);

api/server/middleware/limiters/forkLimiters.js

@@ -1,9 +1,6 @@
 const rateLimit = require('express-rate-limit');
-const { isEnabled } = require('@librechat/api');
-const { RedisStore } = require('rate-limit-redis');
-const { logger } = require('@librechat/data-schemas');
 const { ViolationTypes } = require('librechat-data-provider');
-const ioredisClient = require('~/cache/ioredisClient');
+const { limiterCache } = require('~/cache/cacheFactory');
 const logViolation = require('~/cache/logViolation');
 
 const getEnvironmentVariables = () => {
@@ -11,6 +8,7 @@ const getEnvironmentVariables = () => {
   const FORK_IP_WINDOW = parseInt(process.env.FORK_IP_WINDOW) || 1;
   const FORK_USER_MAX = parseInt(process.env.FORK_USER_MAX) || 7;
   const FORK_USER_WINDOW = parseInt(process.env.FORK_USER_WINDOW) || 1;
+  const FORK_VIOLATION_SCORE = process.env.FORK_VIOLATION_SCORE;
 
   const forkIpWindowMs = FORK_IP_WINDOW * 60 * 1000;
   const forkIpMax = FORK_IP_MAX;
@@ -27,12 +25,18 @@ const getEnvironmentVariables = () => {
     forkUserWindowMs,
     forkUserMax,
     forkUserWindowInMinutes,
+    forkViolationScore: FORK_VIOLATION_SCORE,
   };
 };
 
 const createForkHandler = (ip = true) => {
-  const { forkIpMax, forkIpWindowInMinutes, forkUserMax, forkUserWindowInMinutes } =
-    getEnvironmentVariables();
+  const {
+    forkIpMax,
+    forkUserMax,
+    forkViolationScore,
+    forkIpWindowInMinutes,
+    forkUserWindowInMinutes,
+  } = getEnvironmentVariables();
 
   return async (req, res) => {
     const type = ViolationTypes.FILE_UPLOAD_LIMIT;
@@ -43,7 +47,7 @@ const createForkHandler = (ip = true) => {
       windowInMinutes: ip ? forkIpWindowInMinutes : forkUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage);
+    await logViolation(req, res, type, errorMessage, forkViolationScore);
     res.status(429).json({ message: 'Too many conversation fork requests. Try again later' });
   };
 };
@@ -55,6 +59,7 @@ const createForkLimiters = () => {
     windowMs: forkIpWindowMs,
     max: forkIpMax,
     handler: createForkHandler(),
+    store: limiterCache('fork_ip_limiter'),
   };
   const userLimiterOptions = {
     windowMs: forkUserWindowMs,
@@ -63,23 +68,9 @@ const createForkLimiters = () => {
     keyGenerator: function (req) {
       return req.user?.id;
     },
+    store: limiterCache('fork_user_limiter'),
   };
 
-  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-    logger.debug('Using Redis for fork rate limiters.');
-    const sendCommand = (...args) => ioredisClient.call(...args);
-    const ipStore = new RedisStore({
-      sendCommand,
-      prefix: 'fork_ip_limiter:',
-    });
-    const userStore = new RedisStore({
-      sendCommand,
-      prefix: 'fork_user_limiter:',
-    });
-    ipLimiterOptions.store = ipStore;
-    userLimiterOptions.store = userStore;
-  }
-
   const forkIpLimiter = rateLimit(ipLimiterOptions);
   const forkUserLimiter = rateLimit(userLimiterOptions);
   return { forkIpLimiter, forkUserLimiter };

api/server/middleware/limiters/importLimiters.js

@@ -1,9 +1,6 @@
 const rateLimit = require('express-rate-limit');
-const { isEnabled } = require('@librechat/api');
-const { RedisStore } = require('rate-limit-redis');
-const { logger } = require('@librechat/data-schemas');
 const { ViolationTypes } = require('librechat-data-provider');
-const ioredisClient = require('~/cache/ioredisClient');
+const { limiterCache } = require('~/cache/cacheFactory');
 const logViolation = require('~/cache/logViolation');
 
 const getEnvironmentVariables = () => {
@@ -11,6 +8,7 @@ const getEnvironmentVariables = () => {
   const IMPORT_IP_WINDOW = parseInt(process.env.IMPORT_IP_WINDOW) || 15;
   const IMPORT_USER_MAX = parseInt(process.env.IMPORT_USER_MAX) || 50;
   const IMPORT_USER_WINDOW = parseInt(process.env.IMPORT_USER_WINDOW) || 15;
+  const IMPORT_VIOLATION_SCORE = process.env.IMPORT_VIOLATION_SCORE;
 
   const importIpWindowMs = IMPORT_IP_WINDOW * 60 * 1000;
   const importIpMax = IMPORT_IP_MAX;
@@ -27,12 +25,18 @@ const getEnvironmentVariables = () => {
     importUserWindowMs,
     importUserMax,
     importUserWindowInMinutes,
+    importViolationScore: IMPORT_VIOLATION_SCORE,
   };
 };
 
 const createImportHandler = (ip = true) => {
-  const { importIpMax, importIpWindowInMinutes, importUserMax, importUserWindowInMinutes } =
-    getEnvironmentVariables();
+  const {
+    importIpMax,
+    importUserMax,
+    importViolationScore,
+    importIpWindowInMinutes,
+    importUserWindowInMinutes,
+  } = getEnvironmentVariables();
 
   return async (req, res) => {
     const type = ViolationTypes.FILE_UPLOAD_LIMIT;
@@ -43,7 +47,7 @@ const createImportHandler = (ip = true) => {
       windowInMinutes: ip ? importIpWindowInMinutes : importUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage);
+    await logViolation(req, res, type, errorMessage, importViolationScore);
     res.status(429).json({ message: 'Too many conversation import requests. Try again later' });
   };
 };
@@ -56,6 +60,7 @@ const createImportLimiters = () => {
     windowMs: importIpWindowMs,
     max: importIpMax,
     handler: createImportHandler(),
+    store: limiterCache('import_ip_limiter'),
   };
   const userLimiterOptions = {
     windowMs: importUserWindowMs,
@@ -64,23 +69,9 @@ const createImportLimiters = () => {
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
+    store: limiterCache('import_user_limiter'),
   };
 
-  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-    logger.debug('Using Redis for import rate limiters.');
-    const sendCommand = (...args) => ioredisClient.call(...args);
-    const ipStore = new RedisStore({
-      sendCommand,
-      prefix: 'import_ip_limiter:',
-    });
-    const userStore = new RedisStore({
-      sendCommand,
-      prefix: 'import_user_limiter:',
-    });
-    ipLimiterOptions.store = ipStore;
-    userLimiterOptions.store = userStore;
-  }
-
   const importIpLimiter = rateLimit(ipLimiterOptions);
   const importUserLimiter = rateLimit(userLimiterOptions);
   return { importIpLimiter, importUserLimiter };

api/server/middleware/limiters/loginLimiter.js

@@ -1,9 +1,8 @@
 const rateLimit = require('express-rate-limit');
-const { RedisStore } = require('rate-limit-redis');
-const { removePorts, isEnabled } = require('~/server/utils');
-const ioredisClient = require('~/cache/ioredisClient');
+const { ViolationTypes } = require('librechat-data-provider');
+const { removePorts } = require('~/server/utils');
+const { limiterCache } = require('~/cache/cacheFactory');
 const { logViolation } = require('~/cache');
-const { logger } = require('~/config');
 
 const { LOGIN_WINDOW = 5, LOGIN_MAX = 7, LOGIN_VIOLATION_SCORE: score } = process.env;
 const windowMs = LOGIN_WINDOW * 60 * 1000;
@@ -12,7 +11,7 @@ const windowInMinutes = windowMs / 60000;
 const message = `Too many login attempts, please try again after ${windowInMinutes} minutes.`;
 
 const handler = async (req, res) => {
-  const type = 'logins';
+  const type = ViolationTypes.LOGINS;
   const errorMessage = {
     type,
     max,
@@ -28,17 +27,9 @@ const limiterOptions = {
   max,
   handler,
   keyGenerator: removePorts,
+  store: limiterCache('login_limiter'),
 };
 
-if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-  logger.debug('Using Redis for login rate limiter.');
-  const store = new RedisStore({
-    sendCommand: (...args) => ioredisClient.call(...args),
-    prefix: 'login_limiter:',
-  });
-  limiterOptions.store = store;
-}
-
 const loginLimiter = rateLimit(limiterOptions);
 
 module.exports = loginLimiter;

api/server/middleware/limiters/messageLimiters.js

@@ -1,16 +1,15 @@
 const rateLimit = require('express-rate-limit');
-const { RedisStore } = require('rate-limit-redis');
+const { ViolationTypes } = require('librechat-data-provider');
 const denyRequest = require('~/server/middleware/denyRequest');
-const ioredisClient = require('~/cache/ioredisClient');
-const { isEnabled } = require('~/server/utils');
+const { limiterCache } = require('~/cache/cacheFactory');
 const { logViolation } = require('~/cache');
-const { logger } = require('~/config');
 
 const {
   MESSAGE_IP_MAX = 40,
   MESSAGE_IP_WINDOW = 1,
   MESSAGE_USER_MAX = 40,
   MESSAGE_USER_WINDOW = 1,
+  MESSAGE_VIOLATION_SCORE: score,
 } = process.env;
 
 const ipWindowMs = MESSAGE_IP_WINDOW * 60 * 1000;
@@ -31,7 +30,7 @@ const userWindowInMinutes = userWindowMs / 60000;
  */
 const createHandler = (ip = true) => {
   return async (req, res) => {
-    const type = 'message_limit';
+    const type = ViolationTypes.MESSAGE_LIMIT;
     const errorMessage = {
       type,
       max: ip ? ipMax : userMax,
@@ -39,7 +38,7 @@ const createHandler = (ip = true) => {
       windowInMinutes: ip ? ipWindowInMinutes : userWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage);
+    await logViolation(req, res, type, errorMessage, score);
     return await denyRequest(req, res, errorMessage);
   };
 };
@@ -51,6 +50,7 @@ const ipLimiterOptions = {
   windowMs: ipWindowMs,
   max: ipMax,
   handler: createHandler(),
+  store: limiterCache('message_ip_limiter'),
 };
 
 const userLimiterOptions = {
@@ -60,23 +60,9 @@ const userLimiterOptions = {
   keyGenerator: function (req) {
     return req.user?.id; // Use the user ID or NULL if not available
   },
+  store: limiterCache('message_user_limiter'),
 };
 
-if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-  logger.debug('Using Redis for message rate limiters.');
-  const sendCommand = (...args) => ioredisClient.call(...args);
-  const ipStore = new RedisStore({
-    sendCommand,
-    prefix: 'message_ip_limiter:',
-  });
-  const userStore = new RedisStore({
-    sendCommand,
-    prefix: 'message_user_limiter:',
-  });
-  ipLimiterOptions.store = ipStore;
-  userLimiterOptions.store = userStore;
-}
-
 /**
  * Message request rate limiter by IP
  */

api/server/middleware/limiters/registerLimiter.js

@@ -1,9 +1,8 @@
 const rateLimit = require('express-rate-limit');
-const { RedisStore } = require('rate-limit-redis');
-const { removePorts, isEnabled } = require('~/server/utils');
-const ioredisClient = require('~/cache/ioredisClient');
+const { ViolationTypes } = require('librechat-data-provider');
+const { removePorts } = require('~/server/utils');
+const { limiterCache } = require('~/cache/cacheFactory');
 const { logViolation } = require('~/cache');
-const { logger } = require('~/config');
 
 const { REGISTER_WINDOW = 60, REGISTER_MAX = 5, REGISTRATION_VIOLATION_SCORE: score } = process.env;
 const windowMs = REGISTER_WINDOW * 60 * 1000;
@@ -12,7 +11,7 @@ const windowInMinutes = windowMs / 60000;
 const message = `Too many accounts created, please try again after ${windowInMinutes} minutes`;
 
 const handler = async (req, res) => {
-  const type = 'registrations';
+  const type = ViolationTypes.REGISTRATIONS;
   const errorMessage = {
     type,
     max,
@@ -28,17 +27,9 @@ const limiterOptions = {
   max,
   handler,
   keyGenerator: removePorts,
+  store: limiterCache('register_limiter'),
 };
 
-if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-  logger.debug('Using Redis for register rate limiter.');
-  const store = new RedisStore({
-    sendCommand: (...args) => ioredisClient.call(...args),
-    prefix: 'register_limiter:',
-  });
-  limiterOptions.store = store;
-}
-
 const registerLimiter = rateLimit(limiterOptions);
 
 module.exports = registerLimiter;

api/server/middleware/limiters/resetPasswordLimiter.js

@@ -1,10 +1,8 @@
 const rateLimit = require('express-rate-limit');
-const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { removePorts, isEnabled } = require('~/server/utils');
-const ioredisClient = require('~/cache/ioredisClient');
+const { removePorts } = require('~/server/utils');
+const { limiterCache } = require('~/cache/cacheFactory');
 const { logViolation } = require('~/cache');
-const { logger } = require('~/config');
 
 const {
   RESET_PASSWORD_WINDOW = 2,
@@ -33,17 +31,9 @@ const limiterOptions = {
   max,
   handler,
   keyGenerator: removePorts,
+  store: limiterCache('reset_password_limiter'),
 };
 
-if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-  logger.debug('Using Redis for reset password rate limiter.');
-  const store = new RedisStore({
-    sendCommand: (...args) => ioredisClient.call(...args),
-    prefix: 'reset_password_limiter:',
-  });
-  limiterOptions.store = store;
-}
-
 const resetPasswordLimiter = rateLimit(limiterOptions);
 
 module.exports = resetPasswordLimiter;

api/server/middleware/limiters/sttLimiters.js

@@ -1,16 +1,14 @@
 const rateLimit = require('express-rate-limit');
-const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const ioredisClient = require('~/cache/ioredisClient');
+const { limiterCache } = require('~/cache/cacheFactory');
 const logViolation = require('~/cache/logViolation');
-const { isEnabled } = require('~/server/utils');
-const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const STT_IP_MAX = parseInt(process.env.STT_IP_MAX) || 100;
   const STT_IP_WINDOW = parseInt(process.env.STT_IP_WINDOW) || 1;
   const STT_USER_MAX = parseInt(process.env.STT_USER_MAX) || 50;
   const STT_USER_WINDOW = parseInt(process.env.STT_USER_WINDOW) || 1;
+  const STT_VIOLATION_SCORE = process.env.STT_VIOLATION_SCORE;
 
   const sttIpWindowMs = STT_IP_WINDOW * 60 * 1000;
   const sttIpMax = STT_IP_MAX;
@@ -27,11 +25,12 @@ const getEnvironmentVariables = () => {
     sttUserWindowMs,
     sttUserMax,
     sttUserWindowInMinutes,
+    sttViolationScore: STT_VIOLATION_SCORE,
   };
 };
 
 const createSTTHandler = (ip = true) => {
-  const { sttIpMax, sttIpWindowInMinutes, sttUserMax, sttUserWindowInMinutes } =
+  const { sttIpMax, sttIpWindowInMinutes, sttUserMax, sttUserWindowInMinutes, sttViolationScore } =
     getEnvironmentVariables();
 
   return async (req, res) => {
@@ -43,7 +42,7 @@ const createSTTHandler = (ip = true) => {
       windowInMinutes: ip ? sttIpWindowInMinutes : sttUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage);
+    await logViolation(req, res, type, errorMessage, sttViolationScore);
     res.status(429).json({ message: 'Too many STT requests. Try again later' });
   };
 };
@@ -55,6 +54,7 @@ const createSTTLimiters = () => {
     windowMs: sttIpWindowMs,
     max: sttIpMax,
     handler: createSTTHandler(),
+    store: limiterCache('stt_ip_limiter'),
   };
 
   const userLimiterOptions = {
@@ -64,23 +64,9 @@ const createSTTLimiters = () => {
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
+    store: limiterCache('stt_user_limiter'),
   };
 
-  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-    logger.debug('Using Redis for STT rate limiters.');
-    const sendCommand = (...args) => ioredisClient.call(...args);
-    const ipStore = new RedisStore({
-      sendCommand,
-      prefix: 'stt_ip_limiter:',
-    });
-    const userStore = new RedisStore({
-      sendCommand,
-      prefix: 'stt_user_limiter:',
-    });
-    ipLimiterOptions.store = ipStore;
-    userLimiterOptions.store = userStore;
-  }
-
   const sttIpLimiter = rateLimit(ipLimiterOptions);
   const sttUserLimiter = rateLimit(userLimiterOptions);
 

api/server/middleware/limiters/toolCallLimiter.js

@@ -1,10 +1,9 @@
 const rateLimit = require('express-rate-limit');
-const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const ioredisClient = require('~/cache/ioredisClient');
+const { limiterCache } = require('~/cache/cacheFactory');
 const logViolation = require('~/cache/logViolation');
-const { isEnabled } = require('~/server/utils');
-const { logger } = require('~/config');
+
+const { TOOL_CALL_VIOLATION_SCORE: score } = process.env;
 
 const handler = async (req, res) => {
   const type = ViolationTypes.TOOL_CALL_LIMIT;
@@ -15,7 +14,7 @@ const handler = async (req, res) => {
     windowInMinutes: 1,
   };
 
-  await logViolation(req, res, type, errorMessage, 0);
+  await logViolation(req, res, type, errorMessage, score);
   res.status(429).json({ message: 'Too many tool call requests. Try again later' });
 };
 
@@ -26,17 +25,9 @@ const limiterOptions = {
   keyGenerator: function (req) {
     return req.user?.id;
   },
+  store: limiterCache('tool_call_limiter'),
 };
 
-if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-  logger.debug('Using Redis for tool call rate limiter.');
-  const store = new RedisStore({
-    sendCommand: (...args) => ioredisClient.call(...args),
-    prefix: 'tool_call_limiter:',
-  });
-  limiterOptions.store = store;
-}
-
 const toolCallLimiter = rateLimit(limiterOptions);
 
 module.exports = toolCallLimiter;

api/server/middleware/limiters/ttsLimiters.js

@@ -1,16 +1,14 @@
 const rateLimit = require('express-rate-limit');
-const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
-const { isEnabled } = require('~/server/utils');
-const { logger } = require('~/config');
+const { limiterCache } = require('~/cache/cacheFactory');
 
 const getEnvironmentVariables = () => {
   const TTS_IP_MAX = parseInt(process.env.TTS_IP_MAX) || 100;
   const TTS_IP_WINDOW = parseInt(process.env.TTS_IP_WINDOW) || 1;
   const TTS_USER_MAX = parseInt(process.env.TTS_USER_MAX) || 50;
   const TTS_USER_WINDOW = parseInt(process.env.TTS_USER_WINDOW) || 1;
+  const TTS_VIOLATION_SCORE = process.env.TTS_VIOLATION_SCORE;
 
   const ttsIpWindowMs = TTS_IP_WINDOW * 60 * 1000;
   const ttsIpMax = TTS_IP_MAX;
@@ -27,11 +25,12 @@ const getEnvironmentVariables = () => {
     ttsUserWindowMs,
     ttsUserMax,
     ttsUserWindowInMinutes,
+    ttsViolationScore: TTS_VIOLATION_SCORE,
   };
 };
 
 const createTTSHandler = (ip = true) => {
-  const { ttsIpMax, ttsIpWindowInMinutes, ttsUserMax, ttsUserWindowInMinutes } =
+  const { ttsIpMax, ttsIpWindowInMinutes, ttsUserMax, ttsUserWindowInMinutes, ttsViolationScore } =
     getEnvironmentVariables();
 
   return async (req, res) => {
@@ -43,7 +42,7 @@ const createTTSHandler = (ip = true) => {
       windowInMinutes: ip ? ttsIpWindowInMinutes : ttsUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage);
+    await logViolation(req, res, type, errorMessage, ttsViolationScore);
     res.status(429).json({ message: 'Too many TTS requests. Try again later' });
   };
 };
@@ -55,32 +54,19 @@ const createTTSLimiters = () => {
     windowMs: ttsIpWindowMs,
     max: ttsIpMax,
     handler: createTTSHandler(),
+    store: limiterCache('tts_ip_limiter'),
   };
 
   const userLimiterOptions = {
     windowMs: ttsUserWindowMs,
     max: ttsUserMax,
     handler: createTTSHandler(false),
+    store: limiterCache('tts_user_limiter'),
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
   };
 
-  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-    logger.debug('Using Redis for TTS rate limiters.');
-    const sendCommand = (...args) => ioredisClient.call(...args);
-    const ipStore = new RedisStore({
-      sendCommand,
-      prefix: 'tts_ip_limiter:',
-    });
-    const userStore = new RedisStore({
-      sendCommand,
-      prefix: 'tts_user_limiter:',
-    });
-    ipLimiterOptions.store = ipStore;
-    userLimiterOptions.store = userStore;
-  }
-
   const ttsIpLimiter = rateLimit(ipLimiterOptions);
   const ttsUserLimiter = rateLimit(userLimiterOptions);
 

api/server/middleware/limiters/uploadLimiters.js

@@ -1,16 +1,14 @@
 const rateLimit = require('express-rate-limit');
-const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const ioredisClient = require('~/cache/ioredisClient');
+const { limiterCache } = require('~/cache/cacheFactory');
 const logViolation = require('~/cache/logViolation');
-const { isEnabled } = require('~/server/utils');
-const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const FILE_UPLOAD_IP_MAX = parseInt(process.env.FILE_UPLOAD_IP_MAX) || 100;
   const FILE_UPLOAD_IP_WINDOW = parseInt(process.env.FILE_UPLOAD_IP_WINDOW) || 15;
   const FILE_UPLOAD_USER_MAX = parseInt(process.env.FILE_UPLOAD_USER_MAX) || 50;
   const FILE_UPLOAD_USER_WINDOW = parseInt(process.env.FILE_UPLOAD_USER_WINDOW) || 15;
+  const FILE_UPLOAD_VIOLATION_SCORE = process.env.FILE_UPLOAD_VIOLATION_SCORE;
 
   const fileUploadIpWindowMs = FILE_UPLOAD_IP_WINDOW * 60 * 1000;
   const fileUploadIpMax = FILE_UPLOAD_IP_MAX;
@@ -27,6 +25,7 @@ const getEnvironmentVariables = () => {
     fileUploadUserWindowMs,
     fileUploadUserMax,
     fileUploadUserWindowInMinutes,
+    fileUploadViolationScore: FILE_UPLOAD_VIOLATION_SCORE,
   };
 };
 
@@ -36,6 +35,7 @@ const createFileUploadHandler = (ip = true) => {
     fileUploadIpWindowInMinutes,
     fileUploadUserMax,
     fileUploadUserWindowInMinutes,
+    fileUploadViolationScore,
   } = getEnvironmentVariables();
 
   return async (req, res) => {
@@ -47,7 +47,7 @@ const createFileUploadHandler = (ip = true) => {
       windowInMinutes: ip ? fileUploadIpWindowInMinutes : fileUploadUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage);
+    await logViolation(req, res, type, errorMessage, fileUploadViolationScore);
     res.status(429).json({ message: 'Too many file upload requests. Try again later' });
   };
 };
@@ -60,6 +60,7 @@ const createFileLimiters = () => {
     windowMs: fileUploadIpWindowMs,
     max: fileUploadIpMax,
     handler: createFileUploadHandler(),
+    store: limiterCache('file_upload_ip_limiter'),
   };
 
   const userLimiterOptions = {
@@ -69,23 +70,9 @@ const createFileLimiters = () => {
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
+    store: limiterCache('file_upload_user_limiter'),
   };
 
-  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-    logger.debug('Using Redis for file upload rate limiters.');
-    const sendCommand = (...args) => ioredisClient.call(...args);
-    const ipStore = new RedisStore({
-      sendCommand,
-      prefix: 'file_upload_ip_limiter:',
-    });
-    const userStore = new RedisStore({
-      sendCommand,
-      prefix: 'file_upload_user_limiter:',
-    });
-    ipLimiterOptions.store = ipStore;
-    userLimiterOptions.store = userStore;
-  }
-
   const fileUploadIpLimiter = rateLimit(ipLimiterOptions);
   const fileUploadUserLimiter = rateLimit(userLimiterOptions);
 

api/server/middleware/limiters/verifyEmailLimiter.js

@@ -1,10 +1,8 @@
 const rateLimit = require('express-rate-limit');
-const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { removePorts, isEnabled } = require('~/server/utils');
-const ioredisClient = require('~/cache/ioredisClient');
+const { removePorts } = require('~/server/utils');
+const { limiterCache } = require('~/cache/cacheFactory');
 const { logViolation } = require('~/cache');
-const { logger } = require('~/config');
 
 const {
   VERIFY_EMAIL_WINDOW = 2,
@@ -33,17 +31,9 @@ const limiterOptions = {
   max,
   handler,
   keyGenerator: removePorts,
+  store: limiterCache('verify_email_limiter'),
 };
 
-if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
-  logger.debug('Using Redis for verify email rate limiter.');
-  const store = new RedisStore({
-    sendCommand: (...args) => ioredisClient.call(...args),
-    prefix: 'verify_email_limiter:',
-  });
-  limiterOptions.store = store;
-}
-
 const verifyEmailLimiter = rateLimit(limiterOptions);
 
 module.exports = verifyEmailLimiter;

api/server/middleware/uaParser.js

@@ -1,5 +1,6 @@
 const uap = require('ua-parser-js');
-const { handleError } = require('../utils');
+const { ViolationTypes } = require('librechat-data-provider');
+const { handleError } = require('@librechat/api');
 const { logViolation } = require('../../cache');
 
 /**
@@ -21,7 +22,7 @@ async function uaParser(req, res, next) {
   const ua = uap(req.headers['user-agent']);
 
   if (!ua.browser.name) {
-    const type = 'non_browser';
+    const type = ViolationTypes.NON_BROWSER;
     await logViolation(req, res, type, { type }, score);
     return handleError(res, { message: 'Illegal request' });
   }

api/server/middleware/validateEndpoint.js

@@ -1,4 +1,4 @@
-const { handleError } = require('../utils');
+const { handleError } = require('@librechat/api');
 
 function validateEndpoint(req, res, next) {
   const { endpoint: _endpoint, endpointType } = req.body;

api/server/middleware/validateModel.js

@@ -1,6 +1,6 @@
+const { handleError } = require('@librechat/api');
 const { ViolationTypes } = require('librechat-data-provider');
 const { getModelsConfig } = require('~/server/controllers/ModelController');
-const { handleError } = require('~/server/utils');
 const { logViolation } = require('~/cache');
 /**
  * Validates the model of the request.

api/server/routes/__tests__/static.spec.js

@@ -0,0 +1,162 @@
+const fs = require('fs');
+const path = require('path');
+const express = require('express');
+const request = require('supertest');
+const zlib = require('zlib');
+
+// Create test setup
+const mockTestDir = path.join(__dirname, 'test-static-route');
+
+// Mock the paths module to point to our test directory
+jest.mock('~/config/paths', () => ({
+  imageOutput: mockTestDir,
+}));
+
+describe('Static Route Integration', () => {
+  let app;
+  let staticRoute;
+  let testDir;
+  let testImagePath;
+
+  beforeAll(() => {
+    // Create a test directory and files
+    testDir = mockTestDir;
+    testImagePath = path.join(testDir, 'test-image.jpg');
+
+    if (!fs.existsSync(testDir)) {
+      fs.mkdirSync(testDir, { recursive: true });
+    }
+
+    // Create a test image file
+    fs.writeFileSync(testImagePath, 'fake-image-data');
+
+    // Create a gzipped version of the test image (for gzip scanning tests)
+    fs.writeFileSync(testImagePath + '.gz', zlib.gzipSync('fake-image-data'));
+  });
+
+  afterAll(() => {
+    // Clean up test files
+    if (fs.existsSync(testDir)) {
+      fs.rmSync(testDir, { recursive: true, force: true });
+    }
+  });
+
+  // Helper function to set up static route with specific config
+  const setupStaticRoute = (skipGzipScan = false) => {
+    if (skipGzipScan) {
+      delete process.env.ENABLE_IMAGE_OUTPUT_GZIP_SCAN;
+    } else {
+      process.env.ENABLE_IMAGE_OUTPUT_GZIP_SCAN = 'true';
+    }
+
+    staticRoute = require('../static');
+    app.use('/images', staticRoute);
+  };
+
+  beforeEach(() => {
+    // Clear the module cache to get fresh imports
+    jest.resetModules();
+
+    app = express();
+
+    // Clear environment variables
+    delete process.env.ENABLE_IMAGE_OUTPUT_GZIP_SCAN;
+    delete process.env.NODE_ENV;
+  });
+
+  describe('route functionality', () => {
+    it('should serve static image files', async () => {
+      process.env.NODE_ENV = 'production';
+      setupStaticRoute();
+
+      const response = await request(app).get('/images/test-image.jpg').expect(200);
+
+      expect(response.body.toString()).toBe('fake-image-data');
+    });
+
+    it('should return 404 for non-existent files', async () => {
+      setupStaticRoute();
+
+      const response = await request(app).get('/images/nonexistent.jpg');
+      expect(response.status).toBe(404);
+    });
+  });
+
+  describe('cache behavior', () => {
+    it('should set cache headers for images in production', async () => {
+      process.env.NODE_ENV = 'production';
+      setupStaticRoute();
+
+      const response = await request(app).get('/images/test-image.jpg').expect(200);
+
+      expect(response.headers['cache-control']).toBe('public, max-age=172800, s-maxage=86400');
+    });
+
+    it('should not set cache headers in development', async () => {
+      process.env.NODE_ENV = 'development';
+      setupStaticRoute();
+
+      const response = await request(app).get('/images/test-image.jpg').expect(200);
+
+      // Our middleware should not set the production cache-control header in development
+      expect(response.headers['cache-control']).not.toBe('public, max-age=172800, s-maxage=86400');
+    });
+  });
+
+  describe('gzip compression behavior', () => {
+    beforeEach(() => {
+      process.env.NODE_ENV = 'production';
+    });
+
+    it('should serve gzipped files when gzip scanning is enabled', async () => {
+      setupStaticRoute(false); // Enable gzip scanning
+
+      const response = await request(app)
+        .get('/images/test-image.jpg')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      expect(response.headers['content-encoding']).toBe('gzip');
+      expect(response.body.toString()).toBe('fake-image-data');
+    });
+
+    it('should not serve gzipped files when gzip scanning is disabled', async () => {
+      setupStaticRoute(true); // Disable gzip scanning
+
+      const response = await request(app)
+        .get('/images/test-image.jpg')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      expect(response.headers['content-encoding']).toBeUndefined();
+      expect(response.body.toString()).toBe('fake-image-data');
+    });
+  });
+
+  describe('path configuration', () => {
+    it('should use the configured imageOutput path', async () => {
+      setupStaticRoute();
+
+      const response = await request(app).get('/images/test-image.jpg').expect(200);
+
+      expect(response.body.toString()).toBe('fake-image-data');
+    });
+
+    it('should serve from subdirectories', async () => {
+      // Create a subdirectory with a file
+      const subDir = path.join(testDir, 'thumbs');
+      fs.mkdirSync(subDir, { recursive: true });
+      const thumbPath = path.join(subDir, 'thumb.jpg');
+      fs.writeFileSync(thumbPath, 'thumbnail-data');
+
+      setupStaticRoute();
+
+      const response = await request(app).get('/images/thumbs/thumb.jpg').expect(200);
+
+      expect(response.body.toString()).toBe('thumbnail-data');
+
+      // Clean up
+      fs.rmSync(subDir, { recursive: true, force: true });
+    });
+  });
+});

api/server/routes/files/files.agents.test.js

@@ -0,0 +1,282 @@
+const express = require('express');
+const request = require('supertest');
+const mongoose = require('mongoose');
+const { v4: uuidv4 } = require('uuid');
+const { MongoMemoryServer } = require('mongodb-memory-server');
+const { GLOBAL_PROJECT_NAME } = require('librechat-data-provider').Constants;
+
+// Mock dependencies
+jest.mock('~/server/services/Files/process', () => ({
+  processDeleteRequest: jest.fn().mockResolvedValue({}),
+  filterFile: jest.fn(),
+  processFileUpload: jest.fn(),
+  processAgentFileUpload: jest.fn(),
+}));
+
+jest.mock('~/server/services/Files/strategies', () => ({
+  getStrategyFunctions: jest.fn(() => ({})),
+}));
+
+jest.mock('~/server/controllers/assistants/helpers', () => ({
+  getOpenAIClient: jest.fn(),
+}));
+
+jest.mock('~/server/services/Tools/credentials', () => ({
+  loadAuthValues: jest.fn(),
+}));
+
+jest.mock('~/server/services/Files/S3/crud', () => ({
+  refreshS3FileUrls: jest.fn(),
+}));
+
+jest.mock('~/cache', () => ({
+  getLogStores: jest.fn(() => ({
+    get: jest.fn(),
+    set: jest.fn(),
+  })),
+}));
+
+jest.mock('~/config', () => ({
+  logger: {
+    error: jest.fn(),
+    warn: jest.fn(),
+    debug: jest.fn(),
+  },
+}));
+
+const { createFile } = require('~/models/File');
+const { createAgent } = require('~/models/Agent');
+const { getProjectByName } = require('~/models/Project');
+
+// Import the router after mocks
+const router = require('./files');
+
+describe('File Routes - Agent Files Endpoint', () => {
+  let app;
+  let mongoServer;
+  let authorId;
+  let otherUserId;
+  let agentId;
+  let fileId1;
+  let fileId2;
+  let fileId3;
+
+  beforeAll(async () => {
+    mongoServer = await MongoMemoryServer.create();
+    await mongoose.connect(mongoServer.getUri());
+
+    // Initialize models
+    require('~/db/models');
+
+    app = express();
+    app.use(express.json());
+
+    // Mock authentication middleware
+    app.use((req, res, next) => {
+      req.user = { id: otherUserId || 'default-user' };
+      req.app = { locals: {} };
+      next();
+    });
+
+    app.use('/files', router);
+  });
+
+  afterAll(async () => {
+    await mongoose.disconnect();
+    await mongoServer.stop();
+  });
+
+  beforeEach(async () => {
+    jest.clearAllMocks();
+
+    // Clear database
+    const collections = mongoose.connection.collections;
+    for (const key in collections) {
+      await collections[key].deleteMany({});
+    }
+
+    authorId = new mongoose.Types.ObjectId().toString();
+    otherUserId = new mongoose.Types.ObjectId().toString();
+    agentId = uuidv4();
+    fileId1 = uuidv4();
+    fileId2 = uuidv4();
+    fileId3 = uuidv4();
+
+    // Create files
+    await createFile({
+      user: authorId,
+      file_id: fileId1,
+      filename: 'agent-file1.txt',
+      filepath: `/uploads/${authorId}/${fileId1}`,
+      bytes: 1024,
+      type: 'text/plain',
+    });
+
+    await createFile({
+      user: authorId,
+      file_id: fileId2,
+      filename: 'agent-file2.txt',
+      filepath: `/uploads/${authorId}/${fileId2}`,
+      bytes: 2048,
+      type: 'text/plain',
+    });
+
+    await createFile({
+      user: otherUserId,
+      file_id: fileId3,
+      filename: 'user-file.txt',
+      filepath: `/uploads/${otherUserId}/${fileId3}`,
+      bytes: 512,
+      type: 'text/plain',
+    });
+
+    // Create an agent with files attached
+    await createAgent({
+      id: agentId,
+      name: 'Test Agent',
+      author: authorId,
+      model: 'gpt-4',
+      provider: 'openai',
+      isCollaborative: true,
+      tool_resources: {
+        file_search: {
+          file_ids: [fileId1, fileId2],
+        },
+      },
+    });
+
+    // Share the agent globally
+    const globalProject = await getProjectByName(GLOBAL_PROJECT_NAME, '_id');
+    if (globalProject) {
+      const { updateAgent } = require('~/models/Agent');
+      await updateAgent({ id: agentId }, { projectIds: [globalProject._id] });
+    }
+  });
+
+  describe('GET /files/agent/:agent_id', () => {
+    it('should return files accessible through the agent for non-author', async () => {
+      const response = await request(app).get(`/files/agent/${agentId}`);
+
+      expect(response.status).toBe(200);
+      expect(response.body).toHaveLength(2); // Only agent files, not user-owned files
+
+      const fileIds = response.body.map((f) => f.file_id);
+      expect(fileIds).toContain(fileId1);
+      expect(fileIds).toContain(fileId2);
+      expect(fileIds).not.toContain(fileId3); // User's own file not included
+    });
+
+    it('should return 400 when agent_id is not provided', async () => {
+      const response = await request(app).get('/files/agent/');
+
+      expect(response.status).toBe(404); // Express returns 404 for missing route parameter
+    });
+
+    it('should return empty array for non-existent agent', async () => {
+      const response = await request(app).get('/files/agent/non-existent-agent');
+
+      expect(response.status).toBe(200);
+      expect(response.body).toEqual([]); // Empty array for non-existent agent
+    });
+
+    it('should return empty array when agent is not collaborative', async () => {
+      // Create a non-collaborative agent
+      const nonCollabAgentId = uuidv4();
+      await createAgent({
+        id: nonCollabAgentId,
+        name: 'Non-Collaborative Agent',
+        author: authorId,
+        model: 'gpt-4',
+        provider: 'openai',
+        isCollaborative: false,
+        tool_resources: {
+          file_search: {
+            file_ids: [fileId1],
+          },
+        },
+      });
+
+      // Share it globally
+      const globalProject = await getProjectByName(GLOBAL_PROJECT_NAME, '_id');
+      if (globalProject) {
+        const { updateAgent } = require('~/models/Agent');
+        await updateAgent({ id: nonCollabAgentId }, { projectIds: [globalProject._id] });
+      }
+
+      const response = await request(app).get(`/files/agent/${nonCollabAgentId}`);
+
+      expect(response.status).toBe(200);
+      expect(response.body).toEqual([]); // Empty array when not collaborative
+    });
+
+    it('should return agent files for agent author', async () => {
+      // Create a new app instance with author authentication
+      const authorApp = express();
+      authorApp.use(express.json());
+      authorApp.use((req, res, next) => {
+        req.user = { id: authorId };
+        req.app = { locals: {} };
+        next();
+      });
+      authorApp.use('/files', router);
+
+      const response = await request(authorApp).get(`/files/agent/${agentId}`);
+
+      expect(response.status).toBe(200);
+      expect(response.body).toHaveLength(2); // Agent files for author
+
+      const fileIds = response.body.map((f) => f.file_id);
+      expect(fileIds).toContain(fileId1);
+      expect(fileIds).toContain(fileId2);
+      expect(fileIds).not.toContain(fileId3); // User's own file not included
+    });
+
+    it('should return files uploaded by other users to shared agent for author', async () => {
+      // Create a file uploaded by another user
+      const otherUserFileId = uuidv4();
+      const anotherUserId = new mongoose.Types.ObjectId().toString();
+
+      await createFile({
+        user: anotherUserId,
+        file_id: otherUserFileId,
+        filename: 'other-user-file.txt',
+        filepath: `/uploads/${anotherUserId}/${otherUserFileId}`,
+        bytes: 4096,
+        type: 'text/plain',
+      });
+
+      // Update agent to include the file uploaded by another user
+      const { updateAgent } = require('~/models/Agent');
+      await updateAgent(
+        { id: agentId },
+        {
+          tool_resources: {
+            file_search: {
+              file_ids: [fileId1, fileId2, otherUserFileId],
+            },
+          },
+        },
+      );
+
+      // Create app instance with author authentication
+      const authorApp = express();
+      authorApp.use(express.json());
+      authorApp.use((req, res, next) => {
+        req.user = { id: authorId };
+        req.app = { locals: {} };
+        next();
+      });
+      authorApp.use('/files', router);
+
+      const response = await request(authorApp).get(`/files/agent/${agentId}`);
+
+      expect(response.status).toBe(200);
+      expect(response.body).toHaveLength(3); // Including file from another user
+
+      const fileIds = response.body.map((f) => f.file_id);
+      expect(fileIds).toContain(fileId1);
+      expect(fileIds).toContain(fileId2);
+      expect(fileIds).toContain(otherUserFileId); // File uploaded by another user
+    });
+  });
+});

api/server/routes/files/files.js

@@ -5,6 +5,7 @@ const {
   Time,
   isUUID,
   CacheKeys,
+  Constants,
   FileSources,
   EModelEndpoint,
   isAgentsEndpoint,
@@ -16,11 +17,12 @@ const {
   processDeleteRequest,
   processAgentFileUpload,
 } = require('~/server/services/Files/process');
+const { getFiles, batchUpdateFiles, hasAccessToFilesViaAgent } = require('~/models/File');
 const { getStrategyFunctions } = require('~/server/services/Files/strategies');
 const { getOpenAIClient } = require('~/server/controllers/assistants/helpers');
 const { loadAuthValues } = require('~/server/services/Tools/credentials');
 const { refreshS3FileUrls } = require('~/server/services/Files/S3/crud');
-const { getFiles, batchUpdateFiles } = require('~/models/File');
+const { getProjectByName } = require('~/models/Project');
 const { getAssistant } = require('~/models/Assistant');
 const { getAgent } = require('~/models/Agent');
 const { getLogStores } = require('~/cache');
@@ -50,6 +52,68 @@ router.get('/', async (req, res) => {
   }
 });
 
+/**
+ * Get files specific to an agent
+ * @route GET /files/agent/:agent_id
+ * @param {string} agent_id - The agent ID to get files for
+ * @returns {Promise<TFile[]>} Array of files attached to the agent
+ */
+router.get('/agent/:agent_id', async (req, res) => {
+  try {
+    const { agent_id } = req.params;
+    const userId = req.user.id;
+
+    if (!agent_id) {
+      return res.status(400).json({ error: 'Agent ID is required' });
+    }
+
+    // Get the agent to check ownership and attached files
+    const agent = await getAgent({ id: agent_id });
+
+    if (!agent) {
+      // No agent found, return empty array
+      return res.status(200).json([]);
+    }
+
+    // Check if user has access to the agent
+    if (agent.author.toString() !== userId) {
+      // Non-authors need the agent to be globally shared and collaborative
+      const globalProject = await getProjectByName(Constants.GLOBAL_PROJECT_NAME, '_id');
+
+      if (
+        !globalProject ||
+        !agent.projectIds.some((pid) => pid.toString() === globalProject._id.toString()) ||
+        !agent.isCollaborative
+      ) {
+        return res.status(200).json([]);
+      }
+    }
+
+    // Collect all file IDs from agent's tool resources
+    const agentFileIds = [];
+    if (agent.tool_resources) {
+      for (const [, resource] of Object.entries(agent.tool_resources)) {
+        if (resource?.file_ids && Array.isArray(resource.file_ids)) {
+          agentFileIds.push(...resource.file_ids);
+        }
+      }
+    }
+
+    // If no files attached to agent, return empty array
+    if (agentFileIds.length === 0) {
+      return res.status(200).json([]);
+    }
+
+    // Get only the files attached to this agent
+    const files = await getFiles({ file_id: { $in: agentFileIds } }, null, { text: 0 });
+
+    res.status(200).json(files);
+  } catch (error) {
+    logger.error('[/files/agent/:agent_id] Error fetching agent files:', error);
+    res.status(500).json({ error: 'Failed to fetch agent files' });
+  }
+});
+
 router.get('/config', async (req, res) => {
   try {
     res.status(200).json(req.app.locals.fileConfig);
@@ -86,11 +150,62 @@ router.delete('/', async (req, res) => {
 
     const fileIds = files.map((file) => file.file_id);
     const dbFiles = await getFiles({ file_id: { $in: fileIds } });
-    const unauthorizedFiles = dbFiles.filter((file) => file.user.toString() !== req.user.id);
+
+    const ownedFiles = [];
+    const nonOwnedFiles = [];
+    const fileMap = new Map();
+
+    for (const file of dbFiles) {
+      fileMap.set(file.file_id, file);
+      if (file.user.toString() === req.user.id) {
+        ownedFiles.push(file);
+      } else {
+        nonOwnedFiles.push(file);
+      }
+    }
+
+    // If all files are owned by the user, no need for further checks
+    if (nonOwnedFiles.length === 0) {
+      await processDeleteRequest({ req, files: ownedFiles });
+      logger.debug(
+        `[/files] Files deleted successfully: ${ownedFiles
+          .filter((f) => f.file_id)
+          .map((f) => f.file_id)
+          .join(', ')}`,
+      );
+      res.status(200).json({ message: 'Files deleted successfully' });
+      return;
+    }
+
+    // Check access for non-owned files
+    let authorizedFiles = [...ownedFiles];
+    let unauthorizedFiles = [];
+
+    if (req.body.agent_id && nonOwnedFiles.length > 0) {
+      // Batch check access for all non-owned files
+      const nonOwnedFileIds = nonOwnedFiles.map((f) => f.file_id);
+      const accessMap = await hasAccessToFilesViaAgent(
+        req.user.id,
+        nonOwnedFileIds,
+        req.body.agent_id,
+      );
+
+      // Separate authorized and unauthorized files
+      for (const file of nonOwnedFiles) {
+        if (accessMap.get(file.file_id)) {
+          authorizedFiles.push(file);
+        } else {
+          unauthorizedFiles.push(file);
+        }
+      }
+    } else {
+      // No agent context, all non-owned files are unauthorized
+      unauthorizedFiles = nonOwnedFiles;
+    }
 
     if (unauthorizedFiles.length > 0) {
       return res.status(403).json({
-        message: 'You can only delete your own files',
+        message: 'You can only delete files you have access to',
         unauthorizedFiles: unauthorizedFiles.map((f) => f.file_id),
       });
     }
@@ -131,10 +246,10 @@ router.delete('/', async (req, res) => {
         .json({ message: 'File associations removed successfully from Azure Assistant' });
     }
 
-    await processDeleteRequest({ req, files: dbFiles });
+    await processDeleteRequest({ req, files: authorizedFiles });
 
     logger.debug(
-      `[/files] Files deleted successfully: ${files
+      `[/files] Files deleted successfully: ${authorizedFiles
         .filter((f) => f.file_id)
         .map((f) => f.file_id)
         .join(', ')}`,

api/server/routes/files/files.test.js

@@ -0,0 +1,302 @@
+const express = require('express');
+const request = require('supertest');
+const mongoose = require('mongoose');
+const { v4: uuidv4 } = require('uuid');
+const { MongoMemoryServer } = require('mongodb-memory-server');
+const { GLOBAL_PROJECT_NAME } = require('librechat-data-provider').Constants;
+
+// Mock dependencies
+jest.mock('~/server/services/Files/process', () => ({
+  processDeleteRequest: jest.fn().mockResolvedValue({}),
+  filterFile: jest.fn(),
+  processFileUpload: jest.fn(),
+  processAgentFileUpload: jest.fn(),
+}));
+
+jest.mock('~/server/services/Files/strategies', () => ({
+  getStrategyFunctions: jest.fn(() => ({})),
+}));
+
+jest.mock('~/server/controllers/assistants/helpers', () => ({
+  getOpenAIClient: jest.fn(),
+}));
+
+jest.mock('~/server/services/Tools/credentials', () => ({
+  loadAuthValues: jest.fn(),
+}));
+
+jest.mock('~/server/services/Files/S3/crud', () => ({
+  refreshS3FileUrls: jest.fn(),
+}));
+
+jest.mock('~/cache', () => ({
+  getLogStores: jest.fn(() => ({
+    get: jest.fn(),
+    set: jest.fn(),
+  })),
+}));
+
+jest.mock('~/config', () => ({
+  logger: {
+    error: jest.fn(),
+    warn: jest.fn(),
+    debug: jest.fn(),
+  },
+}));
+
+const { createFile } = require('~/models/File');
+const { createAgent } = require('~/models/Agent');
+const { getProjectByName } = require('~/models/Project');
+const { processDeleteRequest } = require('~/server/services/Files/process');
+
+// Import the router after mocks
+const router = require('./files');
+
+describe('File Routes - Delete with Agent Access', () => {
+  let app;
+  let mongoServer;
+  let authorId;
+  let otherUserId;
+  let agentId;
+  let fileId;
+
+  beforeAll(async () => {
+    mongoServer = await MongoMemoryServer.create();
+    await mongoose.connect(mongoServer.getUri());
+
+    // Initialize models
+    require('~/db/models');
+
+    app = express();
+    app.use(express.json());
+
+    // Mock authentication middleware
+    app.use((req, res, next) => {
+      req.user = { id: otherUserId || 'default-user' };
+      req.app = { locals: {} };
+      next();
+    });
+
+    app.use('/files', router);
+  });
+
+  afterAll(async () => {
+    await mongoose.disconnect();
+    await mongoServer.stop();
+  });
+
+  beforeEach(async () => {
+    jest.clearAllMocks();
+
+    // Clear database
+    const collections = mongoose.connection.collections;
+    for (const key in collections) {
+      await collections[key].deleteMany({});
+    }
+
+    authorId = new mongoose.Types.ObjectId().toString();
+    otherUserId = new mongoose.Types.ObjectId().toString();
+    fileId = uuidv4();
+
+    // Create a file owned by the author
+    await createFile({
+      user: authorId,
+      file_id: fileId,
+      filename: 'test.txt',
+      filepath: `/uploads/${authorId}/${fileId}`,
+      bytes: 1024,
+      type: 'text/plain',
+    });
+
+    // Create an agent with the file attached
+    const agent = await createAgent({
+      id: uuidv4(),
+      name: 'Test Agent',
+      author: authorId,
+      model: 'gpt-4',
+      provider: 'openai',
+      isCollaborative: true,
+      tool_resources: {
+        file_search: {
+          file_ids: [fileId],
+        },
+      },
+    });
+    agentId = agent.id;
+
+    // Share the agent globally
+    const globalProject = await getProjectByName(GLOBAL_PROJECT_NAME, '_id');
+    if (globalProject) {
+      const { updateAgent } = require('~/models/Agent');
+      await updateAgent({ id: agentId }, { projectIds: [globalProject._id] });
+    }
+  });
+
+  describe('DELETE /files', () => {
+    it('should allow deleting files owned by the user', async () => {
+      // Create a file owned by the current user
+      const userFileId = uuidv4();
+      await createFile({
+        user: otherUserId,
+        file_id: userFileId,
+        filename: 'user-file.txt',
+        filepath: `/uploads/${otherUserId}/${userFileId}`,
+        bytes: 1024,
+        type: 'text/plain',
+      });
+
+      const response = await request(app)
+        .delete('/files')
+        .send({
+          files: [
+            {
+              file_id: userFileId,
+              filepath: `/uploads/${otherUserId}/${userFileId}`,
+            },
+          ],
+        });
+
+      expect(response.status).toBe(200);
+      expect(response.body.message).toBe('Files deleted successfully');
+      expect(processDeleteRequest).toHaveBeenCalled();
+    });
+
+    it('should prevent deleting files not owned by user without agent context', async () => {
+      const response = await request(app)
+        .delete('/files')
+        .send({
+          files: [
+            {
+              file_id: fileId,
+              filepath: `/uploads/${authorId}/${fileId}`,
+            },
+          ],
+        });
+
+      expect(response.status).toBe(403);
+      expect(response.body.message).toBe('You can only delete files you have access to');
+      expect(response.body.unauthorizedFiles).toContain(fileId);
+      expect(processDeleteRequest).not.toHaveBeenCalled();
+    });
+
+    it('should allow deleting files accessible through shared agent', async () => {
+      const response = await request(app)
+        .delete('/files')
+        .send({
+          agent_id: agentId,
+          files: [
+            {
+              file_id: fileId,
+              filepath: `/uploads/${authorId}/${fileId}`,
+            },
+          ],
+        });
+
+      expect(response.status).toBe(200);
+      expect(response.body.message).toBe('Files deleted successfully');
+      expect(processDeleteRequest).toHaveBeenCalled();
+    });
+
+    it('should prevent deleting files not attached to the specified agent', async () => {
+      // Create another file not attached to the agent
+      const unattachedFileId = uuidv4();
+      await createFile({
+        user: authorId,
+        file_id: unattachedFileId,
+        filename: 'unattached.txt',
+        filepath: `/uploads/${authorId}/${unattachedFileId}`,
+        bytes: 1024,
+        type: 'text/plain',
+      });
+
+      const response = await request(app)
+        .delete('/files')
+        .send({
+          agent_id: agentId,
+          files: [
+            {
+              file_id: unattachedFileId,
+              filepath: `/uploads/${authorId}/${unattachedFileId}`,
+            },
+          ],
+        });
+
+      expect(response.status).toBe(403);
+      expect(response.body.message).toBe('You can only delete files you have access to');
+      expect(response.body.unauthorizedFiles).toContain(unattachedFileId);
+    });
+
+    it('should handle mixed authorized and unauthorized files', async () => {
+      // Create a file owned by the current user
+      const userFileId = uuidv4();
+      await createFile({
+        user: otherUserId,
+        file_id: userFileId,
+        filename: 'user-file.txt',
+        filepath: `/uploads/${otherUserId}/${userFileId}`,
+        bytes: 1024,
+        type: 'text/plain',
+      });
+
+      // Create an unauthorized file
+      const unauthorizedFileId = uuidv4();
+      await createFile({
+        user: authorId,
+        file_id: unauthorizedFileId,
+        filename: 'unauthorized.txt',
+        filepath: `/uploads/${authorId}/${unauthorizedFileId}`,
+        bytes: 1024,
+        type: 'text/plain',
+      });
+
+      const response = await request(app)
+        .delete('/files')
+        .send({
+          agent_id: agentId,
+          files: [
+            {
+              file_id: fileId, // Authorized through agent
+              filepath: `/uploads/${authorId}/${fileId}`,
+            },
+            {
+              file_id: userFileId, // Owned by user
+              filepath: `/uploads/${otherUserId}/${userFileId}`,
+            },
+            {
+              file_id: unauthorizedFileId, // Not authorized
+              filepath: `/uploads/${authorId}/${unauthorizedFileId}`,
+            },
+          ],
+        });
+
+      expect(response.status).toBe(403);
+      expect(response.body.message).toBe('You can only delete files you have access to');
+      expect(response.body.unauthorizedFiles).toContain(unauthorizedFileId);
+      expect(response.body.unauthorizedFiles).not.toContain(fileId);
+      expect(response.body.unauthorizedFiles).not.toContain(userFileId);
+    });
+
+    it('should prevent deleting files when agent is not collaborative', async () => {
+      // Update the agent to be non-collaborative
+      const { updateAgent } = require('~/models/Agent');
+      await updateAgent({ id: agentId }, { isCollaborative: false });
+
+      const response = await request(app)
+        .delete('/files')
+        .send({
+          agent_id: agentId,
+          files: [
+            {
+              file_id: fileId,
+              filepath: `/uploads/${authorId}/${fileId}`,
+            },
+          ],
+        });
+
+      expect(response.status).toBe(403);
+      expect(response.body.message).toBe('You can only delete files you have access to');
+      expect(response.body.unauthorizedFiles).toContain(fileId);
+      expect(processDeleteRequest).not.toHaveBeenCalled();
+    });
+  });
+});

api/server/routes/memories.js

@@ -172,40 +172,68 @@ router.patch('/preferences', checkMemoryOptOut, async (req, res) => {
 /**
  * PATCH /memories/:key
  * Updates the value of an existing memory entry for the authenticated user.
- * Body: { value: string }
+ * Body: { key?: string, value: string }
  * Returns 200 and { updated: true, memory: <updatedDoc> } when successful.
  */
 router.patch('/:key', checkMemoryUpdate, async (req, res) => {
-  const { key } = req.params;
-  const { value } = req.body || {};
+  const { key: urlKey } = req.params;
+  const { key: bodyKey, value } = req.body || {};
 
   if (typeof value !== 'string' || value.trim() === '') {
     return res.status(400).json({ error: 'Value is required and must be a non-empty string.' });
   }
 
+  // Use the key from the body if provided, otherwise use the key from the URL
+  const newKey = bodyKey || urlKey;
+
   try {
     const tokenCount = Tokenizer.getTokenCount(value, 'o200k_base');
 
     const memories = await getAllUserMemories(req.user.id);
-    const existingMemory = memories.find((m) => m.key === key);
+    const existingMemory = memories.find((m) => m.key === urlKey);
 
     if (!existingMemory) {
       return res.status(404).json({ error: 'Memory not found.' });
     }
 
-    const result = await setMemory({
-      userId: req.user.id,
-      key,
-      value,
-      tokenCount,
-    });
+    // If the key is changing, we need to handle it specially
+    if (newKey !== urlKey) {
+      const keyExists = memories.find((m) => m.key === newKey);
+      if (keyExists) {
+        return res.status(409).json({ error: 'Memory with this key already exists.' });
+      }
 
-    if (!result.ok) {
-      return res.status(500).json({ error: 'Failed to update memory.' });
+      const createResult = await createMemory({
+        userId: req.user.id,
+        key: newKey,
+        value,
+        tokenCount,
+      });
+
+      if (!createResult.ok) {
+        return res.status(500).json({ error: 'Failed to create new memory.' });
+      }
+
+      const deleteResult = await deleteMemory({ userId: req.user.id, key: urlKey });
+      if (!deleteResult.ok) {
+        return res.status(500).json({ error: 'Failed to delete old memory.' });
+      }
+    } else {
+      // Key is not changing, just update the value
+      const result = await setMemory({
+        userId: req.user.id,
+        key: newKey,
+        value,
+        tokenCount,
+      });
+
+      if (!result.ok) {
+        return res.status(500).json({ error: 'Failed to update memory.' });
+      }
     }
 
     const updatedMemories = await getAllUserMemories(req.user.id);
-    const updatedMemory = updatedMemories.find((m) => m.key === key);
+    const updatedMemory = updatedMemories.find((m) => m.key === newKey);
 
     res.json({ updated: true, memory: updatedMemory });
   } catch (error) {

api/server/routes/static.js

@@ -1,8 +1,11 @@
 const express = require('express');
 const staticCache = require('../utils/staticCache');
 const paths = require('~/config/paths');
+const { isEnabled } = require('~/server/utils');
+
+const skipGzipScan = !isEnabled(process.env.ENABLE_IMAGE_OUTPUT_GZIP_SCAN);
 
 const router = express.Router();
-router.use(staticCache(paths.imageOutput));
+router.use(staticCache(paths.imageOutput, { skipGzipScan }));
 
 module.exports = router;

api/server/services/AppService.js

@@ -1,12 +1,11 @@
+const { agentsConfigSetup, loadWebSearchConfig } = require('@librechat/api');
 const {
   FileSources,
   loadOCRConfig,
   EModelEndpoint,
   loadMemoryConfig,
   getConfigDefaults,
-  loadWebSearchConfig,
 } = require('librechat-data-provider');
-const { agentsConfigSetup } = require('@librechat/api');
 const {
   checkHealth,
   checkConfig,

api/server/services/Config/getCustomConfig.js

@@ -1,10 +1,9 @@
 const { logger } = require('@librechat/data-schemas');
-const { getUserMCPAuthMap } = require('@librechat/api');
+const { isEnabled, getUserMCPAuthMap } = require('@librechat/api');
 const { CacheKeys, EModelEndpoint } = require('librechat-data-provider');
-const { normalizeEndpointName, isEnabled } = require('~/server/utils');
+const { normalizeEndpointName } = require('~/server/utils');
 const loadCustomConfig = require('./loadCustomConfig');
 const { getCachedTools } = require('./getCachedTools');
-const { findPluginAuthsByKeys } = require('~/models');
 const getLogStores = require('~/cache/getLogStores');
 
 /**
@@ -55,46 +54,48 @@ const getCustomEndpointConfig = async (endpoint) => {
   );
 };
 
-async function createGetMCPAuthMap() {
+/**
+ * @param {Object} params
+ * @param {string} params.userId
+ * @param {GenericTool[]} [params.tools]
+ * @param {import('@librechat/data-schemas').PluginAuthMethods['findPluginAuthsByKeys']} params.findPluginAuthsByKeys
+ * @returns {Promise<Record<string, Record<string, string>> | undefined>}
+ */
+async function getMCPAuthMap({ userId, tools, findPluginAuthsByKeys }) {
+  try {
+    if (!tools || tools.length === 0) {
+      return;
+    }
+    const appTools = await getCachedTools({
+      userId,
+    });
+    return await getUserMCPAuthMap({
+      tools,
+      userId,
+      appTools,
+      findPluginAuthsByKeys,
+    });
+  } catch (err) {
+    logger.error(
+      `[api/server/controllers/agents/client.js #chatCompletion] Error getting custom user vars for agent`,
+      err,
+    );
+  }
+}
+
+/**
+ * @returns {Promise<boolean>}
+ */
+async function hasCustomUserVars() {
   const customConfig = await getCustomConfig();
   const mcpServers = customConfig?.mcpServers;
-  const hasCustomUserVars = Object.values(mcpServers ?? {}).some((server) => server.customUserVars);
-  if (!hasCustomUserVars) {
-    return;
-  }
-
-  /**
-   * @param {Object} params
-   * @param {GenericTool[]} [params.tools]
-   * @param {string} params.userId
-   * @returns {Promise<Record<string, Record<string, string>> | undefined>}
-   */
-  return async function ({ tools, userId }) {
-    try {
-      if (!tools || tools.length === 0) {
-        return;
-      }
-      const appTools = await getCachedTools({
-        userId,
-      });
-      return await getUserMCPAuthMap({
-        tools,
-        userId,
-        appTools,
-        findPluginAuthsByKeys,
-      });
-    } catch (err) {
-      logger.error(
-        `[api/server/controllers/agents/client.js #chatCompletion] Error getting custom user vars for agent`,
-        err,
-      );
-    }
-  };
+  return Object.values(mcpServers ?? {}).some((server) => server.customUserVars);
 }
 
 module.exports = {
+  getMCPAuthMap,
   getCustomConfig,
   getBalanceConfig,
-  createGetMCPAuthMap,
+  hasCustomUserVars,
   getCustomEndpointConfig,
 };

api/server/services/Config/loadAsyncEndpoints.js

@@ -22,8 +22,7 @@ async function loadAsyncEndpoints(req) {
   } else {
     /** Only attempt to load service key if GOOGLE_KEY is not provided */
     const serviceKeyPath =
-      process.env.GOOGLE_SERVICE_KEY_FILE_PATH ||
-      path.join(__dirname, '../../..', 'data', 'auth.json');
+      process.env.GOOGLE_SERVICE_KEY_FILE || path.join(__dirname, '../../..', 'data', 'auth.json');
 
     try {
       serviceKey = await loadServiceKey(serviceKeyPath);

api/server/services/Endpoints/agents/agent.js

@@ -8,11 +8,12 @@ const {
   ErrorTypes,
   EModelEndpoint,
   EToolResources,
+  isAgentsEndpoint,
   replaceSpecialVars,
   providerEndpointMap,
 } = require('librechat-data-provider');
-const { getProviderConfig } = require('~/server/services/Endpoints');
 const generateArtifactsPrompt = require('~/app/clients/prompts/artifacts');
+const { getProviderConfig } = require('~/server/services/Endpoints');
 const { processFiles } = require('~/server/services/Files/process');
 const { getFiles, getToolFilesByIds } = require('~/models/File');
 const { getConvoFiles } = require('~/models/Conversation');
@@ -42,7 +43,11 @@ const initializeAgent = async ({
   allowedProviders,
   isInitialAgent = false,
 }) => {
-  if (allowedProviders.size > 0 && !allowedProviders.has(agent.provider)) {
+  if (
+    isAgentsEndpoint(endpointOption?.endpoint) &&
+    allowedProviders.size > 0 &&
+    !allowedProviders.has(agent.provider)
+  ) {
     throw new Error(
       `{ "type": "${ErrorTypes.INVALID_AGENT_PROVIDER}", "info": "${agent.provider}" }`,
     );
@@ -82,6 +87,7 @@ const initializeAgent = async ({
     attachments: currentFiles,
     tool_resources: agent.tool_resources,
     requestFileSet: new Set(requestFiles?.map((file) => file.file_id)),
+    agentId: agent.id,
   });
 
   const provider = agent.provider;
@@ -180,10 +186,11 @@ const initializeAgent = async ({
 
   return {
     ...agent,
+    tools,
     attachments,
     resendFiles,
     toolContextMap,
-    tools,
+    useLegacyContent: !!options.useLegacyContent,
     maxContextTokens: (agentMaxContextTokens - maxTokens) * 0.9,
   };
 };

api/server/services/Endpoints/custom/initialize.js

@@ -139,6 +139,9 @@ const initializeClient = async ({ req, res, endpointOption, optionsOnly, overrid
       );
       clientOptions.modelOptions.user = req.user.id;
       const options = getOpenAIConfig(apiKey, clientOptions, endpoint);
+      if (options != null) {
+        options.useLegacyContent = true;
+      }
       if (!customOptions.streamRate) {
         return options;
       }
@@ -156,6 +159,7 @@ const initializeClient = async ({ req, res, endpointOption, optionsOnly, overrid
     }
 
     return {
+      useLegacyContent: true,
       llmConfig: modelOptions,
     };
   }

api/server/services/Endpoints/google/initialize.js

@@ -25,7 +25,7 @@ const initializeClient = async ({ req, res, endpointOption, overrideModel, optio
     /** Only attempt to load service key if GOOGLE_KEY is not provided */
     try {
       const serviceKeyPath =
-        process.env.GOOGLE_SERVICE_KEY_FILE_PATH ||
+        process.env.GOOGLE_SERVICE_KEY_FILE ||
         path.join(__dirname, '../../../..', 'data', 'auth.json');
       serviceKey = await loadServiceKey(serviceKeyPath);
       if (!serviceKey) {

api/server/services/Endpoints/openAI/initialize.js

@@ -65,19 +65,20 @@ const initializeClient = async ({
   const isAzureOpenAI = endpoint === EModelEndpoint.azureOpenAI;
   /** @type {false | TAzureConfig} */
   const azureConfig = isAzureOpenAI && req.app.locals[EModelEndpoint.azureOpenAI];
-
+  let serverless = false;
   if (isAzureOpenAI && azureConfig) {
     const { modelGroupMap, groupMap } = azureConfig;
     const {
       azureOptions,
       baseURL,
       headers = {},
-      serverless,
+      serverless: _serverless,
     } = mapModelToAzureConfig({
       modelName,
       modelGroupMap,
       groupMap,
     });
+    serverless = _serverless;
 
     clientOptions.reverseProxyUrl = baseURL ?? clientOptions.reverseProxyUrl;
     clientOptions.headers = resolveHeaders(
@@ -143,6 +144,9 @@ const initializeClient = async ({
     clientOptions = Object.assign({ modelOptions }, clientOptions);
     clientOptions.modelOptions.user = req.user.id;
     const options = getOpenAIConfig(apiKey, clientOptions);
+    if (options != null && serverless === true) {
+      options.useLegacyContent = true;
+    }
     const streamRate = clientOptions.streamRate;
     if (!streamRate) {
       return options;

api/server/services/Files/Code/process.js

@@ -152,6 +152,7 @@ async function getSessionInfo(fileIdentifier, apiKey) {
  * @param {Object} options
  * @param {ServerRequest} options.req
  * @param {Agent['tool_resources']} options.tool_resources
+ * @param {string} [options.agentId] - The agent ID for file access control
  * @param {string} apiKey
  * @returns {Promise<{
  * files: Array<{ id: string; session_id: string; name: string }>,
@@ -159,11 +160,18 @@ async function getSessionInfo(fileIdentifier, apiKey) {
  * }>}
  */
 const primeFiles = async (options, apiKey) => {
-  const { tool_resources } = options;
+  const { tool_resources, req, agentId } = options;
   const file_ids = tool_resources?.[EToolResources.execute_code]?.file_ids ?? [];
   const agentResourceIds = new Set(file_ids);
   const resourceFiles = tool_resources?.[EToolResources.execute_code]?.files ?? [];
-  const dbFiles = ((await getFiles({ file_id: { $in: file_ids } })) ?? []).concat(resourceFiles);
+  const dbFiles = (
+    (await getFiles(
+      { file_id: { $in: file_ids } },
+      null,
+      { text: 0 },
+      { userId: req?.user?.id, agentId },
+    )) ?? []
+  ).concat(resourceFiles);
 
   const files = [];
   const sessions = new Map();

api/server/services/MCP.js

@@ -2,16 +2,16 @@ const { z } = require('zod');
 const { tool } = require('@langchain/core/tools');
 const { logger } = require('@librechat/data-schemas');
 const { Time, CacheKeys, StepTypes } = require('librechat-data-provider');
-const { sendEvent, normalizeServerName, MCPOAuthHandler } = require('@librechat/api');
 const { Constants: AgentConstants, Providers, GraphEvents } = require('@librechat/agents');
+const { Constants, ContentTypes, isAssistantsEndpoint } = require('librechat-data-provider');
 const {
-  Constants,
-  ContentTypes,
-  isAssistantsEndpoint,
-  convertJsonSchemaToZod,
-} = require('librechat-data-provider');
-const { getMCPManager, getFlowStateManager } = require('~/config');
+  sendEvent,
+  MCPOAuthHandler,
+  normalizeServerName,
+  convertWithResolvedRefs,
+} = require('@librechat/api');
 const { findToken, createToken, updateToken } = require('~/models');
+const { getMCPManager, getFlowStateManager } = require('~/config');
 const { getCachedTools } = require('./Config');
 const { getLogStores } = require('~/cache');
 
@@ -113,7 +113,7 @@ async function createMCPTool({ req, res, toolKey, provider: _provider }) {
   /** @type {LCTool} */
   const { description, parameters } = toolDefinition;
   const isGoogle = _provider === Providers.VERTEXAI || _provider === Providers.GOOGLE;
-  let schema = convertJsonSchemaToZod(parameters, {
+  let schema = convertWithResolvedRefs(parameters, {
     allowEmptyObject: !isGoogle,
     transformOneOfAnyOf: true,
   });

api/server/services/initializeMCP.js

@@ -44,6 +44,9 @@ async function initializeMCP(app) {
     await mcpManager.mapAvailableTools(toolsCopy, flowManager);
     await setCachedTools(toolsCopy, { isGlobal: true });
 
+    const cache = getLogStores(CacheKeys.CONFIG_STORE);
+    await cache.delete(CacheKeys.TOOLS);
+    logger.debug('Cleared tools array cache after MCP initialization');
     logger.info('MCP servers initialized successfully');
   } catch (error) {
     logger.error('Failed to initialize MCP servers:', error);

api/server/services/start/checks.js

@@ -1,6 +1,6 @@
+const { webSearchKeys } = require('@librechat/api');
 const {
   Constants,
-  webSearchKeys,
   deprecatedAzureVariables,
   conflictingAzureVariables,
   extractVariableName,

api/server/socialLogins.js

@@ -1,8 +1,5 @@
-const { Keyv } = require('keyv');
 const passport = require('passport');
 const session = require('express-session');
-const MemoryStore = require('memorystore')(session);
-const RedisStore = require('connect-redis').default;
 const {
   setupOpenId,
   googleLogin,
@@ -14,8 +11,9 @@ const {
   openIdJwtLogin,
 } = require('~/strategies');
 const { isEnabled } = require('~/server/utils');
-const keyvRedis = require('~/cache/keyvRedis');
 const { logger } = require('~/config');
+const { getLogStores } = require('~/cache');
+const { CacheKeys } = require('librechat-data-provider');
 
 /**
  *
@@ -51,17 +49,8 @@ const configureSocialLogins = async (app) => {
       secret: process.env.OPENID_SESSION_SECRET,
       resave: false,
       saveUninitialized: false,
+      store: getLogStores(CacheKeys.OPENID_SESSION),
     };
-    if (isEnabled(process.env.USE_REDIS)) {
-      logger.debug('Using Redis for session storage in OpenID...');
-      const keyv = new Keyv({ store: keyvRedis });
-      const client = keyv.opts.store.client;
-      sessionOptions.store = new RedisStore({ client, prefix: 'openid_session' });
-    } else {
-      sessionOptions.store = new MemoryStore({
-        checkPeriod: 86400000, // prune expired entries every 24h
-      });
-    }
     app.use(session(sessionOptions));
     app.use(passport.session());
     const config = await setupOpenId();
@@ -82,17 +71,8 @@ const configureSocialLogins = async (app) => {
       secret: process.env.SAML_SESSION_SECRET,
       resave: false,
       saveUninitialized: false,
+      store: getLogStores(CacheKeys.SAML_SESSION),
     };
-    if (isEnabled(process.env.USE_REDIS)) {
-      logger.debug('Using Redis for session storage in SAML...');
-      const keyv = new Keyv({ store: keyvRedis });
-      const client = keyv.opts.store.client;
-      sessionOptions.store = new RedisStore({ client, prefix: 'saml_session' });
-    } else {
-      sessionOptions.store = new MemoryStore({
-        checkPeriod: 86400000, // prune expired entries every 24h
-      });
-    }
     app.use(session(sessionOptions));
     app.use(passport.session());
     setupSaml();

api/server/utils/__tests__/staticCache.spec.js

@@ -0,0 +1,407 @@
+const fs = require('fs');
+const path = require('path');
+const express = require('express');
+const request = require('supertest');
+const zlib = require('zlib');
+const staticCache = require('../staticCache');
+
+describe('staticCache', () => {
+  let app;
+  let testDir;
+  let testFile;
+  let indexFile;
+  let manifestFile;
+  let swFile;
+
+  beforeAll(() => {
+    // Create a test directory and files
+    testDir = path.join(__dirname, 'test-static');
+    if (!fs.existsSync(testDir)) {
+      fs.mkdirSync(testDir, { recursive: true });
+    }
+
+    // Create test files
+    testFile = path.join(testDir, 'test.js');
+    indexFile = path.join(testDir, 'index.html');
+    manifestFile = path.join(testDir, 'manifest.json');
+    swFile = path.join(testDir, 'sw.js');
+
+    const jsContent = 'console.log("test");';
+    const htmlContent = '<html><body>Test</body></html>';
+    const jsonContent = '{"name": "test"}';
+    const swContent = 'self.addEventListener("install", () => {});';
+
+    fs.writeFileSync(testFile, jsContent);
+    fs.writeFileSync(indexFile, htmlContent);
+    fs.writeFileSync(manifestFile, jsonContent);
+    fs.writeFileSync(swFile, swContent);
+
+    // Create gzipped versions of some files
+    fs.writeFileSync(testFile + '.gz', zlib.gzipSync(jsContent));
+    fs.writeFileSync(path.join(testDir, 'test.css'), 'body { color: red; }');
+    fs.writeFileSync(path.join(testDir, 'test.css.gz'), zlib.gzipSync('body { color: red; }'));
+
+    // Create a file that only exists in gzipped form
+    fs.writeFileSync(
+      path.join(testDir, 'only-gzipped.js.gz'),
+      zlib.gzipSync('console.log("only gzipped");'),
+    );
+
+    // Create a subdirectory for dist/images testing
+    const distImagesDir = path.join(testDir, 'dist', 'images');
+    fs.mkdirSync(distImagesDir, { recursive: true });
+    fs.writeFileSync(path.join(distImagesDir, 'logo.png'), 'fake-png-data');
+  });
+
+  afterAll(() => {
+    // Clean up test files
+    if (fs.existsSync(testDir)) {
+      fs.rmSync(testDir, { recursive: true, force: true });
+    }
+  });
+
+  beforeEach(() => {
+    app = express();
+
+    // Clear environment variables
+    delete process.env.NODE_ENV;
+    delete process.env.STATIC_CACHE_S_MAX_AGE;
+    delete process.env.STATIC_CACHE_MAX_AGE;
+  });
+  describe('cache headers in production', () => {
+    beforeEach(() => {
+      process.env.NODE_ENV = 'production';
+    });
+
+    it('should set standard cache headers for regular files', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/test.js').expect(200);
+
+      expect(response.headers['cache-control']).toBe('public, max-age=172800, s-maxage=86400');
+    });
+
+    it('should set no-cache headers for index.html', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/index.html').expect(200);
+
+      expect(response.headers['cache-control']).toBe('no-store, no-cache, must-revalidate');
+    });
+
+    it('should set no-cache headers for manifest.json', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/manifest.json').expect(200);
+
+      expect(response.headers['cache-control']).toBe('no-store, no-cache, must-revalidate');
+    });
+
+    it('should set no-cache headers for sw.js', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/sw.js').expect(200);
+
+      expect(response.headers['cache-control']).toBe('no-store, no-cache, must-revalidate');
+    });
+
+    it('should not set cache headers for /dist/images/ files', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/dist/images/logo.png').expect(200);
+
+      expect(response.headers['cache-control']).toBe('public, max-age=0');
+    });
+
+    it('should set no-cache headers when noCache option is true', async () => {
+      app.use(staticCache(testDir, { noCache: true }));
+
+      const response = await request(app).get('/test.js').expect(200);
+
+      expect(response.headers['cache-control']).toBe('no-store, no-cache, must-revalidate');
+    });
+  });
+
+  describe('cache headers in non-production', () => {
+    beforeEach(() => {
+      process.env.NODE_ENV = 'development';
+    });
+
+    it('should not set cache headers in development', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/test.js').expect(200);
+
+      // Our middleware should not set cache-control in non-production
+      // Express static might set its own default headers
+      const cacheControl = response.headers['cache-control'];
+      expect(cacheControl).toBe('public, max-age=0');
+    });
+  });
+
+  describe('environment variable configuration', () => {
+    beforeEach(() => {
+      process.env.NODE_ENV = 'production';
+    });
+
+    it('should use custom s-maxage from environment', async () => {
+      process.env.STATIC_CACHE_S_MAX_AGE = '3600';
+
+      // Need to re-require to pick up new env vars
+      jest.resetModules();
+      const freshStaticCache = require('../staticCache');
+
+      app.use(freshStaticCache(testDir));
+
+      const response = await request(app).get('/test.js').expect(200);
+
+      expect(response.headers['cache-control']).toBe('public, max-age=172800, s-maxage=3600');
+    });
+
+    it('should use custom max-age from environment', async () => {
+      process.env.STATIC_CACHE_MAX_AGE = '7200';
+
+      // Need to re-require to pick up new env vars
+      jest.resetModules();
+      const freshStaticCache = require('../staticCache');
+
+      app.use(freshStaticCache(testDir));
+
+      const response = await request(app).get('/test.js').expect(200);
+
+      expect(response.headers['cache-control']).toBe('public, max-age=7200, s-maxage=86400');
+    });
+
+    it('should use both custom values from environment', async () => {
+      process.env.STATIC_CACHE_S_MAX_AGE = '1800';
+      process.env.STATIC_CACHE_MAX_AGE = '3600';
+
+      // Need to re-require to pick up new env vars
+      jest.resetModules();
+      const freshStaticCache = require('../staticCache');
+
+      app.use(freshStaticCache(testDir));
+
+      const response = await request(app).get('/test.js').expect(200);
+
+      expect(response.headers['cache-control']).toBe('public, max-age=3600, s-maxage=1800');
+    });
+  });
+
+  describe('express-static-gzip behavior', () => {
+    beforeEach(() => {
+      process.env.NODE_ENV = 'production';
+    });
+
+    it('should serve gzipped files when client accepts gzip encoding', async () => {
+      app.use(staticCache(testDir, { skipGzipScan: false }));
+
+      const response = await request(app)
+        .get('/test.js')
+        .set('Accept-Encoding', 'gzip, deflate')
+        .expect(200);
+
+      expect(response.headers['content-encoding']).toBe('gzip');
+      expect(response.headers['content-type']).toMatch(/javascript/);
+      expect(response.headers['cache-control']).toBe('public, max-age=172800, s-maxage=86400');
+      // Content should be decompressed by supertest
+      expect(response.text).toBe('console.log("test");');
+    });
+
+    it('should fall back to uncompressed files when client does not accept gzip', async () => {
+      app.use(staticCache(testDir, { skipGzipScan: false }));
+
+      const response = await request(app)
+        .get('/test.js')
+        .set('Accept-Encoding', 'identity')
+        .expect(200);
+
+      expect(response.headers['content-encoding']).toBeUndefined();
+      expect(response.headers['content-type']).toMatch(/javascript/);
+      expect(response.text).toBe('console.log("test");');
+    });
+
+    it('should serve gzipped CSS files with correct content-type', async () => {
+      app.use(staticCache(testDir, { skipGzipScan: false }));
+
+      const response = await request(app)
+        .get('/test.css')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      expect(response.headers['content-encoding']).toBe('gzip');
+      expect(response.headers['content-type']).toMatch(/css/);
+      expect(response.text).toBe('body { color: red; }');
+    });
+
+    it('should serve uncompressed files when no gzipped version exists', async () => {
+      app.use(staticCache(testDir, { skipGzipScan: false }));
+
+      const response = await request(app)
+        .get('/manifest.json')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      expect(response.headers['content-encoding']).toBeUndefined();
+      expect(response.headers['content-type']).toMatch(/json/);
+      expect(response.text).toBe('{"name": "test"}');
+    });
+
+    it('should handle files that only exist in gzipped form', async () => {
+      app.use(staticCache(testDir, { skipGzipScan: false }));
+
+      const response = await request(app)
+        .get('/only-gzipped.js')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      expect(response.headers['content-encoding']).toBe('gzip');
+      expect(response.headers['content-type']).toMatch(/javascript/);
+      expect(response.text).toBe('console.log("only gzipped");');
+    });
+
+    it('should return 404 for gzip-only files when client does not accept gzip', async () => {
+      app.use(staticCache(testDir, { skipGzipScan: false }));
+
+      const response = await request(app)
+        .get('/only-gzipped.js')
+        .set('Accept-Encoding', 'identity');
+      expect(response.status).toBe(404);
+    });
+
+    it('should handle cache headers correctly for gzipped content', async () => {
+      app.use(staticCache(testDir, { skipGzipScan: false }));
+
+      const response = await request(app)
+        .get('/test.js')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      expect(response.headers['content-encoding']).toBe('gzip');
+      expect(response.headers['cache-control']).toBe('public, max-age=172800, s-maxage=86400');
+      expect(response.headers['content-type']).toMatch(/javascript/);
+    });
+
+    it('should preserve original MIME types for gzipped files', async () => {
+      app.use(staticCache(testDir, { skipGzipScan: false }));
+
+      const jsResponse = await request(app)
+        .get('/test.js')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      const cssResponse = await request(app)
+        .get('/test.css')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      expect(jsResponse.headers['content-type']).toMatch(/javascript/);
+      expect(cssResponse.headers['content-type']).toMatch(/css/);
+      expect(jsResponse.headers['content-encoding']).toBe('gzip');
+      expect(cssResponse.headers['content-encoding']).toBe('gzip');
+    });
+  });
+
+  describe('skipGzipScan option comparison', () => {
+    beforeEach(() => {
+      process.env.NODE_ENV = 'production';
+    });
+
+    it('should use express.static (no gzip) when skipGzipScan is true', async () => {
+      app.use(staticCache(testDir, { skipGzipScan: true }));
+
+      const response = await request(app)
+        .get('/test.js')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      // Should NOT serve gzipped version even though client accepts it
+      expect(response.headers['content-encoding']).toBeUndefined();
+      expect(response.headers['cache-control']).toBe('public, max-age=172800, s-maxage=86400');
+      expect(response.text).toBe('console.log("test");');
+    });
+
+    it('should use expressStaticGzip when skipGzipScan is false', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app)
+        .get('/test.js')
+        .set('Accept-Encoding', 'gzip')
+        .expect(200);
+
+      // Should serve gzipped version when client accepts it
+      expect(response.headers['content-encoding']).toBe('gzip');
+      expect(response.headers['cache-control']).toBe('public, max-age=172800, s-maxage=86400');
+      expect(response.text).toBe('console.log("test");');
+    });
+  });
+
+  describe('file serving', () => {
+    beforeEach(() => {
+      process.env.NODE_ENV = 'production';
+    });
+
+    it('should serve files correctly', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/test.js').expect(200);
+
+      expect(response.text).toBe('console.log("test");');
+      expect(response.headers['content-type']).toMatch(/javascript|text/);
+    });
+
+    it('should return 404 for non-existent files', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/nonexistent.js');
+      expect(response.status).toBe(404);
+    });
+
+    it('should serve HTML files', async () => {
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/index.html').expect(200);
+
+      expect(response.text).toBe('<html><body>Test</body></html>');
+      expect(response.headers['content-type']).toMatch(/html/);
+    });
+  });
+
+  describe('edge cases', () => {
+    beforeEach(() => {
+      process.env.NODE_ENV = 'production';
+    });
+
+    it('should handle webmanifest files', async () => {
+      // Create a webmanifest file
+      const webmanifestFile = path.join(testDir, 'site.webmanifest');
+      fs.writeFileSync(webmanifestFile, '{"name": "test app"}');
+
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/site.webmanifest').expect(200);
+
+      expect(response.headers['cache-control']).toBe('no-store, no-cache, must-revalidate');
+
+      // Clean up
+      fs.unlinkSync(webmanifestFile);
+    });
+
+    it('should handle files in subdirectories', async () => {
+      const subDir = path.join(testDir, 'subdir');
+      fs.mkdirSync(subDir, { recursive: true });
+      const subFile = path.join(subDir, 'nested.js');
+      fs.writeFileSync(subFile, 'console.log("nested");');
+
+      app.use(staticCache(testDir));
+
+      const response = await request(app).get('/subdir/nested.js').expect(200);
+
+      expect(response.headers['cache-control']).toBe('public, max-age=172800, s-maxage=86400');
+      expect(response.text).toBe('console.log("nested");');
+
+      // Clean up
+      fs.rmSync(subDir, { recursive: true, force: true });
+    });
+  });
+});

api/server/utils/staticCache.js

@@ -1,4 +1,5 @@
 const path = require('path');
+const express = require('express');
 const expressStaticGzip = require('express-static-gzip');
 
 const oneDayInSeconds = 24 * 60 * 60;
@@ -7,44 +8,55 @@ const sMaxAge = process.env.STATIC_CACHE_S_MAX_AGE || oneDayInSeconds;
 const maxAge = process.env.STATIC_CACHE_MAX_AGE || oneDayInSeconds * 2;
 
 /**
- * Creates an Express static middleware with gzip compression and configurable caching
+ * Creates an Express static middleware with optional gzip compression and configurable caching
  *
  * @param {string} staticPath - The file system path to serve static files from
  * @param {Object} [options={}] - Configuration options
  * @param {boolean} [options.noCache=false] - If true, disables caching entirely for all files
- * @returns {ReturnType<expressStaticGzip>} Express middleware function for serving static files
+ * @param {boolean} [options.skipGzipScan=false] - If true, skips expressStaticGzip middleware
+ * @returns {ReturnType<expressStaticGzip>|ReturnType<express.static>} Express middleware function for serving static files
  */
 function staticCache(staticPath, options = {}) {
-  const { noCache = false } = options;
-  return expressStaticGzip(staticPath, {
-    enableBrotli: false,
-    orderPreference: ['gz'],
-    setHeaders: (res, filePath) => {
-      if (process.env.NODE_ENV?.toLowerCase() !== 'production') {
-        return;
-      }
-      if (noCache) {
-        res.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate');
-        return;
-      }
-      if (filePath.includes('/dist/images/')) {
-        return;
-      }
-      const fileName = path.basename(filePath);
+  const { noCache = false, skipGzipScan = false } = options;
 
-      if (
-        fileName === 'index.html' ||
-        fileName.endsWith('.webmanifest') ||
-        fileName === 'manifest.json' ||
-        fileName === 'sw.js'
-      ) {
-        res.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate');
-      } else {
-        res.setHeader('Cache-Control', `public, max-age=${maxAge}, s-maxage=${sMaxAge}`);
-      }
-    },
-    index: false,
-  });
+  const setHeaders = (res, filePath) => {
+    if (process.env.NODE_ENV?.toLowerCase() !== 'production') {
+      return;
+    }
+    if (noCache) {
+      res.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate');
+      return;
+    }
+    if (filePath && filePath.includes('/dist/images/')) {
+      return;
+    }
+    const fileName = filePath ? path.basename(filePath) : '';
+
+    if (
+      fileName === 'index.html' ||
+      fileName.endsWith('.webmanifest') ||
+      fileName === 'manifest.json' ||
+      fileName === 'sw.js'
+    ) {
+      res.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate');
+    } else {
+      res.setHeader('Cache-Control', `public, max-age=${maxAge}, s-maxage=${sMaxAge}`);
+    }
+  };
+
+  if (skipGzipScan) {
+    return express.static(staticPath, {
+      setHeaders,
+      index: false,
+    });
+  } else {
+    return expressStaticGzip(staticPath, {
+      enableBrotli: false,
+      orderPreference: ['gz'],
+      setHeaders,
+      index: false,
+    });
+  }
 }
 
 module.exports = staticCache;

api/typedefs.js

@@ -1074,7 +1074,7 @@
 
 /**
  * @exports JsonSchemaType
- * @typedef {import('librechat-data-provider').JsonSchemaType} JsonSchemaType
+ * @typedef {import('@librechat/api').JsonSchemaType} JsonSchemaType
  * @memberof typedefs
  */
 

api/utils/tokens.js

@@ -223,6 +223,7 @@ const xAIModels = {
   'grok-3-fast': 131072,
   'grok-3-mini': 131072,
   'grok-3-mini-fast': 131072,
+  'grok-4': 256000, // 256K context
 };
 
 const aggregateModels = { ...openAIModels, ...googleModels, ...bedrockModels, ...xAIModels };

api/utils/tokens.spec.js

@@ -386,7 +386,7 @@ describe('matchModelName', () => {
   });
 
   it('should return the closest matching key for gpt-4-1106 partial matches', () => {
-    expect(matchModelName('something/gpt-4-1106')).toBe('gpt-4-1106');
+    expect(matchModelName('gpt-4-1106/something')).toBe('gpt-4-1106');
     expect(matchModelName('gpt-4-1106-preview')).toBe('gpt-4-1106');
     expect(matchModelName('gpt-4-1106-vision-preview')).toBe('gpt-4-1106');
   });
@@ -589,6 +589,10 @@ describe('Grok Model Tests - Tokens', () => {
       expect(getModelMaxTokens('grok-3-mini-fast')).toBe(131072);
     });
 
+    test('should return correct tokens for Grok 4 model', () => {
+      expect(getModelMaxTokens('grok-4-0709')).toBe(256000);
+    });
+
     test('should handle partial matches for Grok models with prefixes', () => {
       // Vision models should match before general models
       expect(getModelMaxTokens('xai/grok-2-vision-1212')).toBe(32768);
@@ -606,6 +610,8 @@ describe('Grok Model Tests - Tokens', () => {
       expect(getModelMaxTokens('xai/grok-3-fast')).toBe(131072);
       expect(getModelMaxTokens('xai/grok-3-mini')).toBe(131072);
       expect(getModelMaxTokens('xai/grok-3-mini-fast')).toBe(131072);
+      // Grok 4 model
+      expect(getModelMaxTokens('xai/grok-4-0709')).toBe(256000);
     });
   });
 
@@ -627,6 +633,8 @@ describe('Grok Model Tests - Tokens', () => {
       expect(matchModelName('grok-3-fast')).toBe('grok-3-fast');
       expect(matchModelName('grok-3-mini')).toBe('grok-3-mini');
       expect(matchModelName('grok-3-mini-fast')).toBe('grok-3-mini-fast');
+      // Grok 4 model
+      expect(matchModelName('grok-4-0709')).toBe('grok-4');
     });
 
     test('should match Grok model variations with prefixes', () => {
@@ -646,6 +654,8 @@ describe('Grok Model Tests - Tokens', () => {
       expect(matchModelName('xai/grok-3-fast')).toBe('grok-3-fast');
       expect(matchModelName('xai/grok-3-mini')).toBe('grok-3-mini');
       expect(matchModelName('xai/grok-3-mini-fast')).toBe('grok-3-mini-fast');
+      // Grok 4 model
+      expect(matchModelName('xai/grok-4-0709')).toBe('grok-4');
     });
   });
 });

client/src/Providers/SidePanelContext.tsx

@@ -0,0 +1,31 @@
+import React, { createContext, useContext, useMemo } from 'react';
+import type { EModelEndpoint } from 'librechat-data-provider';
+import { useChatContext } from './ChatContext';
+
+interface SidePanelContextValue {
+  endpoint?: EModelEndpoint | null;
+}
+
+const SidePanelContext = createContext<SidePanelContextValue | undefined>(undefined);
+
+export function SidePanelProvider({ children }: { children: React.ReactNode }) {
+  const { conversation } = useChatContext();
+
+  /** Context value only created when endpoint changes */
+  const contextValue = useMemo<SidePanelContextValue>(
+    () => ({
+      endpoint: conversation?.endpoint,
+    }),
+    [conversation?.endpoint],
+  );
+
+  return <SidePanelContext.Provider value={contextValue}>{children}</SidePanelContext.Provider>;
+}
+
+export function useSidePanelContext() {
+  const context = useContext(SidePanelContext);
+  if (!context) {
+    throw new Error('useSidePanelContext must be used within SidePanelProvider');
+  }
+  return context;
+}

client/src/Providers/index.ts

@@ -24,4 +24,5 @@ export * from './ToolCallsMapContext';
 export * from './SetConvoContext';
 export * from './SearchContext';
 export * from './BadgeRowContext';
+export * from './SidePanelContext';
 export { default as BadgeRowProvider } from './BadgeRowContext';

client/src/common/types.ts

@@ -345,9 +345,7 @@ export type TOptions = {
   isContinued?: boolean;
   isEdited?: boolean;
   overrideMessages?: t.TMessage[];
-  /** This value is only true when the user submits a message with "Save & Submit" for a user-created message */
-  isResubmission?: boolean;
-  /** Currently only utilized when `isResubmission === true`, uses that message's currently attached files */
+  /** Currently only utilized when resubmitting user-created message, uses that message's currently attached files */
   overrideFiles?: t.TMessage['files'];
 };
 

client/src/components/Chat/Input/Files/DragDropModal.tsx

@@ -1,10 +1,8 @@
 import React, { useMemo } from 'react';
-import { EModelEndpoint, EToolResources } from 'librechat-data-provider';
+import { EToolResources, defaultAgentCapabilities } from 'librechat-data-provider';
 import { FileSearch, ImageUpIcon, FileType2Icon, TerminalSquareIcon } from 'lucide-react';
-import OGDialogTemplate from '~/components/ui/OGDialogTemplate';
-import { useGetEndpointsQuery } from '~/data-provider';
-import useLocalize from '~/hooks/useLocalize';
-import { OGDialog } from '~/components/ui';
+import { useLocalize, useGetAgentsConfig, useAgentCapabilities } from '~/hooks';
+import { OGDialog, OGDialogTemplate } from '~/components/ui';
 
 interface DragDropModalProps {
   onOptionSelect: (option: EToolResources | undefined) => void;
@@ -22,12 +20,12 @@ interface FileOption {
 
 const DragDropModal = ({ onOptionSelect, setShowModal, files, isVisible }: DragDropModalProps) => {
   const localize = useLocalize();
-  const { data: endpointsConfig } = useGetEndpointsQuery();
-  const capabilities = useMemo(
-    () => endpointsConfig?.[EModelEndpoint.agents]?.capabilities ?? [],
-    [endpointsConfig],
-  );
-
+  const { agentsConfig } = useGetAgentsConfig();
+  /** TODO: Ephemeral Agent Capabilities
+   * Allow defining agent capabilities on a per-endpoint basis
+   * Use definition for agents endpoint for ephemeral agents
+   * */
+  const capabilities = useAgentCapabilities(agentsConfig?.capabilities ?? defaultAgentCapabilities);
   const options = useMemo(() => {
     const _options: FileOption[] = [
       {
@@ -37,26 +35,26 @@ const DragDropModal = ({ onOptionSelect, setShowModal, files, isVisible }: DragD
         condition: files.every((file) => file.type?.startsWith('image/')),
       },
     ];
-    for (const capability of capabilities) {
-      if (capability === EToolResources.file_search) {
-        _options.push({
-          label: localize('com_ui_upload_file_search'),
-          value: EToolResources.file_search,
-          icon: <FileSearch className="icon-md" />,
-        });
-      } else if (capability === EToolResources.execute_code) {
-        _options.push({
-          label: localize('com_ui_upload_code_files'),
-          value: EToolResources.execute_code,
-          icon: <TerminalSquareIcon className="icon-md" />,
-        });
-      } else if (capability === EToolResources.ocr) {
-        _options.push({
-          label: localize('com_ui_upload_ocr_text'),
-          value: EToolResources.ocr,
-          icon: <FileType2Icon className="icon-md" />,
-        });
-      }
+    if (capabilities.fileSearchEnabled) {
+      _options.push({
+        label: localize('com_ui_upload_file_search'),
+        value: EToolResources.file_search,
+        icon: <FileSearch className="icon-md" />,
+      });
+    }
+    if (capabilities.codeEnabled) {
+      _options.push({
+        label: localize('com_ui_upload_code_files'),
+        value: EToolResources.execute_code,
+        icon: <TerminalSquareIcon className="icon-md" />,
+      });
+    }
+    if (capabilities.ocrEnabled) {
+      _options.push({
+        label: localize('com_ui_upload_ocr_text'),
+        value: EToolResources.ocr,
+        icon: <FileType2Icon className="icon-md" />,
+      });
     }
 
     return _options;

client/src/components/Chat/Input/Files/FileRow.tsx

@@ -2,6 +2,8 @@ import { useEffect } from 'react';
 import { EToolResources } from 'librechat-data-provider';
 import type { ExtendedFile } from '~/common';
 import { useDeleteFilesMutation } from '~/data-provider';
+import { useToastContext } from '~/Providers';
+import { useLocalize } from '~/hooks';
 import { useFileDeletion } from '~/hooks/Files';
 import FileContainer from './FileContainer';
 import { logger } from '~/utils';
@@ -30,6 +32,8 @@ export default function FileRow({
   isRTL?: boolean;
   Wrapper?: React.FC<{ children: React.ReactNode }>;
 }) {
+  const localize = useLocalize();
+  const { showToast } = useToastContext();
   const files = Array.from(_files?.values() ?? []).filter((file) =>
     fileFilter ? fileFilter(file) : true,
   );
@@ -105,6 +109,10 @@ export default function FileRow({
           )
           .uniqueFiles.map((file: ExtendedFile, index: number) => {
             const handleDelete = () => {
+              showToast({
+                message: localize('com_ui_deleting_file'),
+                status: 'info',
+              });
               if (abortUpload && file.progress < 1) {
                 abortUpload();
               }

client/src/components/Chat/Messages/Content/EditMessage.tsx

@@ -60,7 +60,6 @@ const EditMessage = ({
           conversationId,
         },
         {
-          isResubmission: true,
           overrideFiles: message.files,
         },
       );

client/src/components/Chat/Messages/Content/Markdown.tsx

@@ -1,4 +1,4 @@
-import React, { memo, useMemo, useRef, useEffect } from 'react';
+import React, { memo, useMemo } from 'react';
 import remarkGfm from 'remark-gfm';
 import remarkMath from 'remark-math';
 import supersub from 'remark-supersub';
@@ -7,167 +7,16 @@ import { useRecoilValue } from 'recoil';
 import ReactMarkdown from 'react-markdown';
 import rehypeHighlight from 'rehype-highlight';
 import remarkDirective from 'remark-directive';
-import { PermissionTypes, Permissions } from 'librechat-data-provider';
 import type { Pluggable } from 'unified';
-import {
-  useToastContext,
-  ArtifactProvider,
-  CodeBlockProvider,
-  useCodeBlockContext,
-} from '~/Providers';
 import { Citation, CompositeCitation, HighlightedText } from '~/components/Web/Citation';
 import { Artifact, artifactPlugin } from '~/components/Artifacts/Artifact';
-import { langSubset, preprocessLaTeX, handleDoubleClick } from '~/utils';
-import CodeBlock from '~/components/Messages/Content/CodeBlock';
-import useHasAccess from '~/hooks/Roles/useHasAccess';
+import { ArtifactProvider, CodeBlockProvider } from '~/Providers';
+import MarkdownErrorBoundary from './MarkdownErrorBoundary';
+import { langSubset, preprocessLaTeX } from '~/utils';
 import { unicodeCitation } from '~/components/Web';
-import { useFileDownload } from '~/data-provider';
-import useLocalize from '~/hooks/useLocalize';
+import { code, a, p } from './MarkdownComponents';
 import store from '~/store';
 
-type TCodeProps = {
-  inline?: boolean;
-  className?: string;
-  children: React.ReactNode;
-};
-
-export const code: React.ElementType = memo(({ className, children }: TCodeProps) => {
-  const canRunCode = useHasAccess({
-    permissionType: PermissionTypes.RUN_CODE,
-    permission: Permissions.USE,
-  });
-  const match = /language-(\w+)/.exec(className ?? '');
-  const lang = match && match[1];
-  const isMath = lang === 'math';
-  const isSingleLine = typeof children === 'string' && children.split('\n').length === 1;
-
-  const { getNextIndex, resetCounter } = useCodeBlockContext();
-  const blockIndex = useRef(getNextIndex(isMath || isSingleLine)).current;
-
-  useEffect(() => {
-    resetCounter();
-  }, [children, resetCounter]);
-
-  if (isMath) {
-    return <>{children}</>;
-  } else if (isSingleLine) {
-    return (
-      <code onDoubleClick={handleDoubleClick} className={className}>
-        {children}
-      </code>
-    );
-  } else {
-    return (
-      <CodeBlock
-        lang={lang ?? 'text'}
-        codeChildren={children}
-        blockIndex={blockIndex}
-        allowExecution={canRunCode}
-      />
-    );
-  }
-});
-
-export const codeNoExecution: React.ElementType = memo(({ className, children }: TCodeProps) => {
-  const match = /language-(\w+)/.exec(className ?? '');
-  const lang = match && match[1];
-
-  if (lang === 'math') {
-    return children;
-  } else if (typeof children === 'string' && children.split('\n').length === 1) {
-    return (
-      <code onDoubleClick={handleDoubleClick} className={className}>
-        {children}
-      </code>
-    );
-  } else {
-    return <CodeBlock lang={lang ?? 'text'} codeChildren={children} allowExecution={false} />;
-  }
-});
-
-type TAnchorProps = {
-  href: string;
-  children: React.ReactNode;
-};
-
-export const a: React.ElementType = memo(({ href, children }: TAnchorProps) => {
-  const user = useRecoilValue(store.user);
-  const { showToast } = useToastContext();
-  const localize = useLocalize();
-
-  const {
-    file_id = '',
-    filename = '',
-    filepath,
-  } = useMemo(() => {
-    const pattern = new RegExp(`(?:files|outputs)/${user?.id}/([^\\s]+)`);
-    const match = href.match(pattern);
-    if (match && match[0]) {
-      const path = match[0];
-      const parts = path.split('/');
-      const name = parts.pop();
-      const file_id = parts.pop();
-      return { file_id, filename: name, filepath: path };
-    }
-    return { file_id: '', filename: '', filepath: '' };
-  }, [user?.id, href]);
-
-  const { refetch: downloadFile } = useFileDownload(user?.id ?? '', file_id);
-  const props: { target?: string; onClick?: React.MouseEventHandler } = { target: '_new' };
-
-  if (!file_id || !filename) {
-    return (
-      <a href={href} {...props}>
-        {children}
-      </a>
-    );
-  }
-
-  const handleDownload = async (event: React.MouseEvent<HTMLAnchorElement>) => {
-    event.preventDefault();
-    try {
-      const stream = await downloadFile();
-      if (stream.data == null || stream.data === '') {
-        console.error('Error downloading file: No data found');
-        showToast({
-          status: 'error',
-          message: localize('com_ui_download_error'),
-        });
-        return;
-      }
-      const link = document.createElement('a');
-      link.href = stream.data;
-      link.setAttribute('download', filename);
-      document.body.appendChild(link);
-      link.click();
-      document.body.removeChild(link);
-      window.URL.revokeObjectURL(stream.data);
-    } catch (error) {
-      console.error('Error downloading file:', error);
-    }
-  };
-
-  props.onClick = handleDownload;
-  props.target = '_blank';
-
-  return (
-    <a
-      href={filepath?.startsWith('files/') ? `/api/${filepath}` : `/api/files/${filepath}`}
-      {...props}
-    >
-      {children}
-    </a>
-  );
-});
-
-type TParagraphProps = {
-  children: React.ReactNode;
-};
-
-export const p: React.ElementType = memo(({ children }: TParagraphProps) => {
-  return <p className="mb-2 whitespace-pre-wrap">{children}</p>;
-});
-
 type TContentProps = {
   content: string;
   isLatestMessage: boolean;
@@ -219,31 +68,33 @@ const Markdown = memo(({ content = '', isLatestMessage }: TContentProps) => {
   }
 
   return (
-    <ArtifactProvider>
-      <CodeBlockProvider>
-        <ReactMarkdown
-          /** @ts-ignore */
-          remarkPlugins={remarkPlugins}
-          /* @ts-ignore */
-          rehypePlugins={rehypePlugins}
-          components={
-            {
-              code,
-              a,
-              p,
-              artifact: Artifact,
-              citation: Citation,
-              'highlighted-text': HighlightedText,
-              'composite-citation': CompositeCitation,
-            } as {
-              [nodeType: string]: React.ElementType;
+    <MarkdownErrorBoundary content={content} codeExecution={true}>
+      <ArtifactProvider>
+        <CodeBlockProvider>
+          <ReactMarkdown
+            /** @ts-ignore */
+            remarkPlugins={remarkPlugins}
+            /* @ts-ignore */
+            rehypePlugins={rehypePlugins}
+            components={
+              {
+                code,
+                a,
+                p,
+                artifact: Artifact,
+                citation: Citation,
+                'highlighted-text': HighlightedText,
+                'composite-citation': CompositeCitation,
+              } as {
+                [nodeType: string]: React.ElementType;
+              }
             }
-          }
-        >
-          {currentContent}
-        </ReactMarkdown>
-      </CodeBlockProvider>
-    </ArtifactProvider>
+          >
+            {currentContent}
+          </ReactMarkdown>
+        </CodeBlockProvider>
+      </ArtifactProvider>
+    </MarkdownErrorBoundary>
   );
 });
 

client/src/components/Chat/Messages/Content/MarkdownComponents.tsx

@@ -0,0 +1,153 @@
+import React, { memo, useMemo, useRef, useEffect } from 'react';
+import { useRecoilValue } from 'recoil';
+import { PermissionTypes, Permissions } from 'librechat-data-provider';
+import { useToastContext, useCodeBlockContext } from '~/Providers';
+import CodeBlock from '~/components/Messages/Content/CodeBlock';
+import useHasAccess from '~/hooks/Roles/useHasAccess';
+import { useFileDownload } from '~/data-provider';
+import useLocalize from '~/hooks/useLocalize';
+import { handleDoubleClick } from '~/utils';
+import store from '~/store';
+
+type TCodeProps = {
+  inline?: boolean;
+  className?: string;
+  children: React.ReactNode;
+};
+
+export const code: React.ElementType = memo(({ className, children }: TCodeProps) => {
+  const canRunCode = useHasAccess({
+    permissionType: PermissionTypes.RUN_CODE,
+    permission: Permissions.USE,
+  });
+  const match = /language-(\w+)/.exec(className ?? '');
+  const lang = match && match[1];
+  const isMath = lang === 'math';
+  const isSingleLine = typeof children === 'string' && children.split('\n').length === 1;
+
+  const { getNextIndex, resetCounter } = useCodeBlockContext();
+  const blockIndex = useRef(getNextIndex(isMath || isSingleLine)).current;
+
+  useEffect(() => {
+    resetCounter();
+  }, [children, resetCounter]);
+
+  if (isMath) {
+    return <>{children}</>;
+  } else if (isSingleLine) {
+    return (
+      <code onDoubleClick={handleDoubleClick} className={className}>
+        {children}
+      </code>
+    );
+  } else {
+    return (
+      <CodeBlock
+        lang={lang ?? 'text'}
+        codeChildren={children}
+        blockIndex={blockIndex}
+        allowExecution={canRunCode}
+      />
+    );
+  }
+});
+
+export const codeNoExecution: React.ElementType = memo(({ className, children }: TCodeProps) => {
+  const match = /language-(\w+)/.exec(className ?? '');
+  const lang = match && match[1];
+
+  if (lang === 'math') {
+    return children;
+  } else if (typeof children === 'string' && children.split('\n').length === 1) {
+    return (
+      <code onDoubleClick={handleDoubleClick} className={className}>
+        {children}
+      </code>
+    );
+  } else {
+    return <CodeBlock lang={lang ?? 'text'} codeChildren={children} allowExecution={false} />;
+  }
+});
+
+type TAnchorProps = {
+  href: string;
+  children: React.ReactNode;
+};
+
+export const a: React.ElementType = memo(({ href, children }: TAnchorProps) => {
+  const user = useRecoilValue(store.user);
+  const { showToast } = useToastContext();
+  const localize = useLocalize();
+
+  const {
+    file_id = '',
+    filename = '',
+    filepath,
+  } = useMemo(() => {
+    const pattern = new RegExp(`(?:files|outputs)/${user?.id}/([^\\s]+)`);
+    const match = href.match(pattern);
+    if (match && match[0]) {
+      const path = match[0];
+      const parts = path.split('/');
+      const name = parts.pop();
+      const file_id = parts.pop();
+      return { file_id, filename: name, filepath: path };
+    }
+    return { file_id: '', filename: '', filepath: '' };
+  }, [user?.id, href]);
+
+  const { refetch: downloadFile } = useFileDownload(user?.id ?? '', file_id);
+  const props: { target?: string; onClick?: React.MouseEventHandler } = { target: '_new' };
+
+  if (!file_id || !filename) {
+    return (
+      <a href={href} {...props}>
+        {children}
+      </a>
+    );
+  }
+
+  const handleDownload = async (event: React.MouseEvent<HTMLAnchorElement>) => {
+    event.preventDefault();
+    try {
+      const stream = await downloadFile();
+      if (stream.data == null || stream.data === '') {
+        console.error('Error downloading file: No data found');
+        showToast({
+          status: 'error',
+          message: localize('com_ui_download_error'),
+        });
+        return;
+      }
+      const link = document.createElement('a');
+      link.href = stream.data;
+      link.setAttribute('download', filename);
+      document.body.appendChild(link);
+      link.click();
+      document.body.removeChild(link);
+      window.URL.revokeObjectURL(stream.data);
+    } catch (error) {
+      console.error('Error downloading file:', error);
+    }
+  };
+
+  props.onClick = handleDownload;
+  props.target = '_blank';
+
+  return (
+    <a
+      href={filepath?.startsWith('files/') ? `/api/${filepath}` : `/api/files/${filepath}`}
+      {...props}
+    >
+      {children}
+    </a>
+  );
+});
+
+type TParagraphProps = {
+  children: React.ReactNode;
+};
+
+export const p: React.ElementType = memo(({ children }: TParagraphProps) => {
+  return <p className="mb-2 whitespace-pre-wrap">{children}</p>;
+});

client/src/components/Chat/Messages/Content/MarkdownErrorBoundary.tsx

@@ -0,0 +1,90 @@
+import React from 'react';
+import remarkGfm from 'remark-gfm';
+import supersub from 'remark-supersub';
+import ReactMarkdown from 'react-markdown';
+import rehypeHighlight from 'rehype-highlight';
+import type { PluggableList } from 'unified';
+import { code, codeNoExecution, a, p } from './MarkdownComponents';
+import { CodeBlockProvider } from '~/Providers';
+import { langSubset } from '~/utils';
+
+interface ErrorBoundaryState {
+  hasError: boolean;
+  error?: Error;
+}
+
+interface MarkdownErrorBoundaryProps {
+  children: React.ReactNode;
+  content: string;
+  codeExecution?: boolean;
+}
+
+class MarkdownErrorBoundary extends React.Component<
+  MarkdownErrorBoundaryProps,
+  ErrorBoundaryState
+> {
+  constructor(props: MarkdownErrorBoundaryProps) {
+    super(props);
+    this.state = { hasError: false };
+  }
+
+  static getDerivedStateFromError(error: Error): ErrorBoundaryState {
+    return { hasError: true, error };
+  }
+
+  componentDidCatch(error: Error, errorInfo: React.ErrorInfo) {
+    console.error('Markdown rendering error:', error, errorInfo);
+  }
+
+  componentDidUpdate(prevProps: MarkdownErrorBoundaryProps) {
+    if (prevProps.content !== this.props.content && this.state.hasError) {
+      this.setState({ hasError: false, error: undefined });
+    }
+  }
+
+  render() {
+    if (this.state.hasError) {
+      const { content, codeExecution = true } = this.props;
+
+      const rehypePlugins: PluggableList = [
+        [
+          rehypeHighlight,
+          {
+            detect: true,
+            ignoreMissing: true,
+            subset: langSubset,
+          },
+        ],
+      ];
+
+      return (
+        <CodeBlockProvider>
+          <ReactMarkdown
+            remarkPlugins={[
+              /** @ts-ignore */
+              supersub,
+              remarkGfm,
+            ]}
+            /** @ts-ignore */
+            rehypePlugins={rehypePlugins}
+            components={
+              {
+                code: codeExecution ? code : codeNoExecution,
+                a,
+                p,
+              } as {
+                [nodeType: string]: React.ElementType;
+              }
+            }
+          >
+            {content}
+          </ReactMarkdown>
+        </CodeBlockProvider>
+      );
+    }
+
+    return this.props.children;
+  }
+}
+
+export default MarkdownErrorBoundary;

client/src/components/Chat/Messages/Content/MarkdownLite.tsx

@@ -6,8 +6,9 @@ import supersub from 'remark-supersub';
 import ReactMarkdown from 'react-markdown';
 import rehypeHighlight from 'rehype-highlight';
 import type { PluggableList } from 'unified';
-import { code, codeNoExecution, a, p } from './Markdown';
+import { code, codeNoExecution, a, p } from './MarkdownComponents';
 import { CodeBlockProvider, ArtifactProvider } from '~/Providers';
+import MarkdownErrorBoundary from './MarkdownErrorBoundary';
 import { langSubset } from '~/utils';
 
 const MarkdownLite = memo(
@@ -25,32 +26,34 @@ const MarkdownLite = memo(
     ];
 
     return (
-      <ArtifactProvider>
-        <CodeBlockProvider>
-          <ReactMarkdown
-            remarkPlugins={[
+      <MarkdownErrorBoundary content={content} codeExecution={codeExecution}>
+        <ArtifactProvider>
+          <CodeBlockProvider>
+            <ReactMarkdown
+              remarkPlugins={[
+                /** @ts-ignore */
+                supersub,
+                remarkGfm,
+                [remarkMath, { singleDollarTextMath: false }],
+              ]}
               /** @ts-ignore */
-              supersub,
-              remarkGfm,
-              [remarkMath, { singleDollarTextMath: false }],
-            ]}
-            /** @ts-ignore */
-            rehypePlugins={rehypePlugins}
-            // linkTarget="_new"
-            components={
-              {
-                code: codeExecution ? code : codeNoExecution,
-                a,
-                p,
-              } as {
-                [nodeType: string]: React.ElementType;
+              rehypePlugins={rehypePlugins}
+              // linkTarget="_new"
+              components={
+                {
+                  code: codeExecution ? code : codeNoExecution,
+                  a,
+                  p,
+                } as {
+                  [nodeType: string]: React.ElementType;
+                }
               }
-            }
-          >
-            {content}
-          </ReactMarkdown>
-        </CodeBlockProvider>
-      </ArtifactProvider>
+            >
+              {content}
+            </ReactMarkdown>
+          </CodeBlockProvider>
+        </ArtifactProvider>
+      </MarkdownErrorBoundary>
     );
   },
 );

client/src/components/Chat/Messages/Content/MemoryArtifacts.tsx

@@ -13,14 +13,25 @@ export default function MemoryArtifacts({ attachments }: { attachments?: TAttach
   const [isAnimating, setIsAnimating] = useState(false);
   const prevShowInfoRef = useRef<boolean>(showInfo);
 
-  const memoryArtifacts = useMemo(() => {
+  const { hasErrors, memoryArtifacts } = useMemo(() => {
+    let hasErrors = false;
     const result: MemoryArtifact[] = [];
-    for (const attachment of attachments ?? []) {
+
+    if (!attachments || attachments.length === 0) {
+      return { hasErrors, memoryArtifacts: result };
+    }
+
+    for (const attachment of attachments) {
       if (attachment?.[Tools.memory] != null) {
         result.push(attachment[Tools.memory]);
+
+        if (!hasErrors && attachment[Tools.memory].type === 'error') {
+          hasErrors = true;
+        }
       }
     }
-    return result;
+
+    return { hasErrors, memoryArtifacts: result };
   }, [attachments]);
 
   useLayoutEffect(() => {
@@ -75,7 +86,12 @@ export default function MemoryArtifacts({ attachments }: { attachments?: TAttach
       <div className="flex items-center">
         <div className="inline-block">
           <button
-            className="outline-hidden my-1 flex items-center gap-1 text-sm font-semibold text-text-secondary-alt transition-colors hover:text-text-primary"
+            className={cn(
+              'outline-hidden my-1 flex items-center gap-1 text-sm font-semibold transition-colors',
+              hasErrors
+                ? 'text-red-500 hover:text-red-600 dark:text-red-400 dark:hover:text-red-500'
+                : 'text-text-secondary-alt hover:text-text-primary',
+            )}
             type="button"
             onClick={() => setShowInfo((prev) => !prev)}
             aria-expanded={showInfo}
@@ -102,7 +118,7 @@ export default function MemoryArtifacts({ attachments }: { attachments?: TAttach
                 fill="currentColor"
               />
             </svg>
-            {localize('com_ui_memory_updated')}
+            {hasErrors ? localize('com_ui_memory_error') : localize('com_ui_memory_updated')}
           </button>
         </div>
       </div>

client/src/components/Chat/Messages/Content/MemoryInfo.tsx

@@ -1,17 +1,47 @@
 import type { MemoryArtifact } from 'librechat-data-provider';
+import { useMemo } from 'react';
 import { useLocalize } from '~/hooks';
 
 export default function MemoryInfo({ memoryArtifacts }: { memoryArtifacts: MemoryArtifact[] }) {
   const localize = useLocalize();
+
+  const { updatedMemories, deletedMemories, errorMessages } = useMemo(() => {
+    const updated = memoryArtifacts.filter((art) => art.type === 'update');
+    const deleted = memoryArtifacts.filter((art) => art.type === 'delete');
+    const errors = memoryArtifacts.filter((art) => art.type === 'error');
+
+    const messages = errors.map((artifact) => {
+      try {
+        const errorData = JSON.parse(artifact.value as string);
+
+        if (errorData.errorType === 'already_exceeded') {
+          return localize('com_ui_memory_already_exceeded', {
+            tokens: errorData.tokenCount,
+          });
+        } else if (errorData.errorType === 'would_exceed') {
+          return localize('com_ui_memory_would_exceed', {
+            tokens: errorData.tokenCount,
+          });
+        } else {
+          return localize('com_ui_memory_error');
+        }
+      } catch {
+        return localize('com_ui_memory_error');
+      }
+    });
+
+    return {
+      updatedMemories: updated,
+      deletedMemories: deleted,
+      errorMessages: messages,
+    };
+  }, [memoryArtifacts, localize]);
+
   if (memoryArtifacts.length === 0) {
     return null;
   }
 
-  // Group artifacts by type
-  const updatedMemories = memoryArtifacts.filter((artifact) => artifact.type === 'update');
-  const deletedMemories = memoryArtifacts.filter((artifact) => artifact.type === 'delete');
-
-  if (updatedMemories.length === 0 && deletedMemories.length === 0) {
+  if (updatedMemories.length === 0 && deletedMemories.length === 0 && errorMessages.length === 0) {
     return null;
   }
 
@@ -23,8 +53,8 @@ export default function MemoryInfo({ memoryArtifacts }: { memoryArtifacts: Memor
             {localize('com_ui_memory_updated_items')}
           </h4>
           <div className="space-y-2">
-            {updatedMemories.map((artifact, index) => (
-              <div key={`update-${index}`} className="rounded-lg p-3">
+            {updatedMemories.map((artifact) => (
+              <div key={`update-${artifact.key}`} className="rounded-lg p-3">
                 <div className="mb-1 text-xs font-medium uppercase tracking-wide text-text-secondary">
                   {artifact.key}
                 </div>
@@ -43,8 +73,8 @@ export default function MemoryInfo({ memoryArtifacts }: { memoryArtifacts: Memor
             {localize('com_ui_memory_deleted_items')}
           </h4>
           <div className="space-y-2">
-            {deletedMemories.map((artifact, index) => (
-              <div key={`delete-${index}`} className="rounded-lg p-3 opacity-60">
+            {deletedMemories.map((artifact) => (
+              <div key={`delete-${artifact.key}`} className="rounded-lg p-3 opacity-60">
                 <div className="mb-1 text-xs font-medium uppercase tracking-wide text-text-secondary">
                   {artifact.key}
                 </div>
@@ -56,6 +86,24 @@ export default function MemoryInfo({ memoryArtifacts }: { memoryArtifacts: Memor
           </div>
         </div>
       )}
+
+      {errorMessages.length > 0 && (
+        <div>
+          <h4 className="mb-2 text-sm font-semibold text-red-500">
+            {localize('com_ui_memory_storage_full')}
+          </h4>
+          <div className="space-y-2">
+            {errorMessages.map((errorMessage) => (
+              <div
+                key={errorMessage}
+                className="rounded-md bg-red-50 p-3 text-sm text-red-800 dark:bg-red-900/20 dark:text-red-400"
+              >
+                {errorMessage}
+              </div>
+            ))}
+          </div>
+        </div>
+      )}
     </div>
   );
 }

client/src/components/Chat/Messages/Content/Part.tsx

@@ -85,7 +85,7 @@ const Part = memo(
 
       const isToolCall =
         'args' in toolCall && (!toolCall.type || toolCall.type === ToolCallTypes.TOOL_CALL);
-      if (isToolCall && toolCall.name === Tools.execute_code) {
+      if (isToolCall && toolCall.name === Tools.execute_code && toolCall.args) {
         return (
           <ExecuteCode
             args={typeof toolCall.args === 'string' ? toolCall.args : ''}

client/src/components/Chat/Messages/Content/Parts/ExecuteCode.tsx

@@ -10,23 +10,23 @@ import { cn } from '~/utils';
 import store from '~/store';
 
 interface ParsedArgs {
-  lang: string;
-  code: string;
+  lang?: string;
+  code?: string;
 }
 
-export function useParseArgs(args: string): ParsedArgs {
+export function useParseArgs(args?: string): ParsedArgs | null {
   return useMemo(() => {
-    let parsedArgs: ParsedArgs | string = args;
+    let parsedArgs: ParsedArgs | string | undefined | null = args;
     try {
-      parsedArgs = JSON.parse(args);
+      parsedArgs = JSON.parse(args || '');
     } catch {
       // console.error('Failed to parse args:', e);
     }
     if (typeof parsedArgs === 'object') {
       return parsedArgs;
     }
-    const langMatch = args.match(/"lang"\s*:\s*"(\w+)"/);
-    const codeMatch = args.match(/"code"\s*:\s*"(.+?)(?="\s*,\s*"(session_id|args)"|"\s*})/s);
+    const langMatch = args?.match(/"lang"\s*:\s*"(\w+)"/);
+    const codeMatch = args?.match(/"code"\s*:\s*"(.+?)(?="\s*,\s*"(session_id|args)"|"\s*})/s);
 
     let code = '';
     if (codeMatch) {
@@ -51,7 +51,7 @@ export default function ExecuteCode({
   attachments,
 }: {
   initialProgress: number;
-  args: string;
+  args?: string;
   output?: string;
   attachments?: TAttachment[];
 }) {
@@ -65,7 +65,7 @@ export default function ExecuteCode({
   const outputRef = useRef<string>(output);
   const prevShowCodeRef = useRef<boolean>(showCode);
 
-  const { lang, code } = useParseArgs(args);
+  const { lang, code } = useParseArgs(args) ?? ({} as ParsedArgs);
   const progress = useProgress(initialProgress);
 
   useEffect(() => {
@@ -144,7 +144,7 @@ export default function ExecuteCode({
           onClick={() => setShowCode((prev) => !prev)}
           inProgressText={localize('com_ui_analyzing')}
           finishedText={localize('com_ui_analyzing_finished')}
-          hasInput={!!code.length}
+          hasInput={!!code?.length}
           isExpanded={showCode}
         />
       </div>

client/src/components/Chat/Messages/Content/__tests__/MemoryArtifacts.test.tsx

@@ -0,0 +1,197 @@
+import React from 'react';
+import { render, screen, fireEvent } from '@testing-library/react';
+import '@testing-library/jest-dom/extend-expect';
+import MemoryArtifacts from '../MemoryArtifacts';
+import type { TAttachment, MemoryArtifact } from 'librechat-data-provider';
+import { Tools } from 'librechat-data-provider';
+
+// Mock the localize hook
+jest.mock('~/hooks', () => ({
+  useLocalize: () => (key: string) => {
+    const translations: Record<string, string> = {
+      com_ui_memory_updated: 'Updated saved memory',
+      com_ui_memory_error: 'Memory Error',
+    };
+    return translations[key] || key;
+  },
+}));
+
+// Mock the MemoryInfo component
+jest.mock('../MemoryInfo', () => ({
+  __esModule: true,
+  default: ({ memoryArtifacts }: { memoryArtifacts: MemoryArtifact[] }) => (
+    <div data-testid="memory-info">
+      {memoryArtifacts.map((artifact, index) => (
+        <div key={index} data-testid={`memory-artifact-${artifact.type}`}>
+          {artifact.type}: {artifact.key}
+        </div>
+      ))}
+    </div>
+  ),
+}));
+
+describe('MemoryArtifacts', () => {
+  const createMemoryAttachment = (type: 'update' | 'delete' | 'error', key: string): TAttachment =>
+    ({
+      type: Tools.memory,
+      [Tools.memory]: {
+        type,
+        key,
+        value:
+          type === 'error'
+            ? JSON.stringify({ errorType: 'exceeded', tokenCount: 100 })
+            : 'test value',
+      } as MemoryArtifact,
+    }) as TAttachment;
+
+  describe('Error State Handling', () => {
+    test('displays error styling when memory artifacts contain errors', () => {
+      const attachments = [
+        createMemoryAttachment('error', 'system'),
+        createMemoryAttachment('update', 'memory1'),
+      ];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+
+      const button = screen.getByRole('button');
+      expect(button).toHaveClass('text-red-500');
+      expect(button).toHaveClass('hover:text-red-600');
+      expect(button).toHaveClass('dark:text-red-400');
+      expect(button).toHaveClass('dark:hover:text-red-500');
+    });
+
+    test('displays normal styling when no errors present', () => {
+      const attachments = [
+        createMemoryAttachment('update', 'memory1'),
+        createMemoryAttachment('delete', 'memory2'),
+      ];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+
+      const button = screen.getByRole('button');
+      expect(button).toHaveClass('text-text-secondary-alt');
+      expect(button).toHaveClass('hover:text-text-primary');
+      expect(button).not.toHaveClass('text-red-500');
+    });
+
+    test('displays error message when errors are present', () => {
+      const attachments = [createMemoryAttachment('error', 'system')];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+
+      expect(screen.getByText('Memory Error')).toBeInTheDocument();
+      expect(screen.queryByText('Updated saved memory')).not.toBeInTheDocument();
+    });
+
+    test('displays normal message when no errors are present', () => {
+      const attachments = [createMemoryAttachment('update', 'memory1')];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+
+      expect(screen.getByText('Updated saved memory')).toBeInTheDocument();
+      expect(screen.queryByText('Memory Error')).not.toBeInTheDocument();
+    });
+  });
+
+  describe('Memory Artifacts Filtering', () => {
+    test('filters and passes only memory-type attachments to MemoryInfo', () => {
+      const attachments = [
+        createMemoryAttachment('update', 'memory1'),
+        { type: 'file' } as TAttachment, // Non-memory attachment
+        createMemoryAttachment('error', 'system'),
+      ];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+
+      // Click to expand
+      fireEvent.click(screen.getByRole('button'));
+
+      // Check that only memory artifacts are passed to MemoryInfo
+      expect(screen.getByTestId('memory-artifact-update')).toBeInTheDocument();
+      expect(screen.getByTestId('memory-artifact-error')).toBeInTheDocument();
+    });
+
+    test('correctly identifies multiple error artifacts', () => {
+      const attachments = [
+        createMemoryAttachment('error', 'system1'),
+        createMemoryAttachment('error', 'system2'),
+        createMemoryAttachment('update', 'memory1'),
+      ];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+
+      const button = screen.getByRole('button');
+      expect(button).toHaveClass('text-red-500');
+      expect(screen.getByText('Memory Error')).toBeInTheDocument();
+    });
+  });
+
+  describe('Collapse/Expand Functionality', () => {
+    test('toggles memory info visibility on button click', () => {
+      const attachments = [createMemoryAttachment('update', 'memory1')];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+
+      // Initially collapsed
+      expect(screen.queryByTestId('memory-info')).not.toBeInTheDocument();
+
+      // Click to expand
+      fireEvent.click(screen.getByRole('button'));
+      expect(screen.getByTestId('memory-info')).toBeInTheDocument();
+
+      // Click to collapse
+      fireEvent.click(screen.getByRole('button'));
+      expect(screen.queryByTestId('memory-info')).not.toBeInTheDocument();
+    });
+
+    test('updates aria-expanded attribute correctly', () => {
+      const attachments = [createMemoryAttachment('update', 'memory1')];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+
+      const button = screen.getByRole('button');
+      expect(button).toHaveAttribute('aria-expanded', 'false');
+
+      fireEvent.click(button);
+      expect(button).toHaveAttribute('aria-expanded', 'true');
+    });
+  });
+
+  describe('Edge Cases', () => {
+    test('handles empty attachments array', () => {
+      render(<MemoryArtifacts attachments={[]} />);
+      expect(screen.queryByRole('button')).not.toBeInTheDocument();
+    });
+
+    test('handles undefined attachments', () => {
+      render(<MemoryArtifacts />);
+      expect(screen.queryByRole('button')).not.toBeInTheDocument();
+    });
+
+    test('handles attachments with no memory artifacts', () => {
+      const attachments = [{ type: 'file' } as TAttachment, { type: 'image' } as TAttachment];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+      expect(screen.queryByRole('button')).not.toBeInTheDocument();
+    });
+
+    test('handles malformed memory artifacts gracefully', () => {
+      const attachments = [
+        {
+          type: Tools.memory,
+          [Tools.memory]: {
+            type: 'error',
+            key: 'system',
+            // Missing value
+          },
+        } as TAttachment,
+      ];
+
+      render(<MemoryArtifacts attachments={attachments} />);
+
+      const button = screen.getByRole('button');
+      expect(button).toHaveClass('text-red-500');
+      expect(screen.getByText('Memory Error')).toBeInTheDocument();
+    });
+  });
+});

client/src/components/Chat/Messages/Content/__tests__/MemoryInfo.test.tsx

@@ -0,0 +1,267 @@
+import React from 'react';
+import { render, screen } from '@testing-library/react';
+import '@testing-library/jest-dom/extend-expect';
+import MemoryInfo from '../MemoryInfo';
+import type { MemoryArtifact } from 'librechat-data-provider';
+
+// Mock the localize hook
+jest.mock('~/hooks', () => ({
+  useLocalize: () => (key: string, params?: Record<string, any>) => {
+    const translations: Record<string, string> = {
+      com_ui_memory_updated_items: 'Updated Memories',
+      com_ui_memory_deleted_items: 'Deleted Memories',
+      com_ui_memory_already_exceeded: `Memory storage already full - exceeded by ${params?.tokens || 0} tokens. Delete existing memories before adding new ones.`,
+      com_ui_memory_would_exceed: `Cannot save - would exceed limit by ${params?.tokens || 0} tokens. Delete existing memories to make space.`,
+      com_ui_memory_deleted: 'This memory has been deleted',
+      com_ui_memory_storage_full: 'Memory Storage Full',
+      com_ui_memory_error: 'Memory Error',
+      com_ui_updated_successfully: 'Updated successfully',
+      com_ui_none_selected: 'None selected',
+    };
+    return translations[key] || key;
+  },
+}));
+
+describe('MemoryInfo', () => {
+  const createMemoryArtifact = (
+    type: 'update' | 'delete' | 'error',
+    key: string,
+    value?: string,
+  ): MemoryArtifact => ({
+    type,
+    key,
+    value: value || `test value for ${key}`,
+  });
+
+  describe('Error Memory Display', () => {
+    test('displays error section when memory is already exceeded', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        {
+          type: 'error',
+          key: 'system',
+          value: JSON.stringify({ errorType: 'already_exceeded', tokenCount: 150 }),
+        },
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      expect(screen.getByText('Memory Storage Full')).toBeInTheDocument();
+      expect(
+        screen.getByText(
+          'Memory storage already full - exceeded by 150 tokens. Delete existing memories before adding new ones.',
+        ),
+      ).toBeInTheDocument();
+    });
+
+    test('displays error when memory would exceed limit', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        {
+          type: 'error',
+          key: 'system',
+          value: JSON.stringify({ errorType: 'would_exceed', tokenCount: 50 }),
+        },
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      expect(screen.getByText('Memory Storage Full')).toBeInTheDocument();
+      expect(
+        screen.getByText(
+          'Cannot save - would exceed limit by 50 tokens. Delete existing memories to make space.',
+        ),
+      ).toBeInTheDocument();
+    });
+
+    test('displays multiple error messages', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        {
+          type: 'error',
+          key: 'system1',
+          value: JSON.stringify({ errorType: 'already_exceeded', tokenCount: 100 }),
+        },
+        {
+          type: 'error',
+          key: 'system2',
+          value: JSON.stringify({ errorType: 'would_exceed', tokenCount: 25 }),
+        },
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      expect(
+        screen.getByText(
+          'Memory storage already full - exceeded by 100 tokens. Delete existing memories before adding new ones.',
+        ),
+      ).toBeInTheDocument();
+      expect(
+        screen.getByText(
+          'Cannot save - would exceed limit by 25 tokens. Delete existing memories to make space.',
+        ),
+      ).toBeInTheDocument();
+    });
+
+    test('applies correct styling to error messages', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        {
+          type: 'error',
+          key: 'system',
+          value: JSON.stringify({ errorType: 'would_exceed', tokenCount: 50 }),
+        },
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      const errorMessage = screen.getByText(
+        'Cannot save - would exceed limit by 50 tokens. Delete existing memories to make space.',
+      );
+      const errorContainer = errorMessage.closest('div');
+
+      expect(errorContainer).toHaveClass('rounded-md');
+      expect(errorContainer).toHaveClass('bg-red-50');
+      expect(errorContainer).toHaveClass('p-3');
+      expect(errorContainer).toHaveClass('text-sm');
+      expect(errorContainer).toHaveClass('text-red-800');
+      expect(errorContainer).toHaveClass('dark:bg-red-900/20');
+      expect(errorContainer).toHaveClass('dark:text-red-400');
+    });
+  });
+
+  describe('Mixed Memory Types', () => {
+    test('displays all sections when different memory types are present', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        createMemoryArtifact('update', 'memory1', 'Updated content'),
+        createMemoryArtifact('delete', 'memory2'),
+        {
+          type: 'error',
+          key: 'system',
+          value: JSON.stringify({ errorType: 'would_exceed', tokenCount: 200 }),
+        },
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      // Check all sections are present
+      expect(screen.getByText('Updated Memories')).toBeInTheDocument();
+      expect(screen.getByText('Deleted Memories')).toBeInTheDocument();
+      expect(screen.getByText('Memory Storage Full')).toBeInTheDocument();
+
+      // Check content
+      expect(screen.getByText('memory1')).toBeInTheDocument();
+      expect(screen.getByText('Updated content')).toBeInTheDocument();
+      expect(screen.getByText('memory2')).toBeInTheDocument();
+      expect(
+        screen.getByText(
+          'Cannot save - would exceed limit by 200 tokens. Delete existing memories to make space.',
+        ),
+      ).toBeInTheDocument();
+    });
+
+    test('only displays sections with content', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        {
+          type: 'error',
+          key: 'system',
+          value: JSON.stringify({ errorType: 'already_exceeded', tokenCount: 10 }),
+        },
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      // Only error section should be present
+      expect(screen.getByText('Memory Storage Full')).toBeInTheDocument();
+      expect(screen.queryByText('Updated Memories')).not.toBeInTheDocument();
+      expect(screen.queryByText('Deleted Memories')).not.toBeInTheDocument();
+    });
+  });
+
+  describe('Edge Cases', () => {
+    test('handles empty memory artifacts array', () => {
+      const { container } = render(<MemoryInfo memoryArtifacts={[]} />);
+      expect(container.firstChild).toBeNull();
+    });
+
+    test('handles malformed error data gracefully', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        {
+          type: 'error',
+          key: 'system',
+          value: 'invalid json',
+        },
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      // Should render generic error message
+      expect(screen.getByText('Memory Storage Full')).toBeInTheDocument();
+      expect(screen.getByText('Memory Error')).toBeInTheDocument();
+    });
+
+    test('handles missing value in error artifact', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        {
+          type: 'error',
+          key: 'system',
+          // value is undefined
+        } as MemoryArtifact,
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      expect(screen.getByText('Memory Storage Full')).toBeInTheDocument();
+      expect(screen.getByText('Memory Error')).toBeInTheDocument();
+    });
+
+    test('handles unknown errorType gracefully', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        {
+          type: 'error',
+          key: 'system',
+          value: JSON.stringify({ errorType: 'unknown_type', tokenCount: 30 }),
+        },
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      // Should show generic error message for unknown types
+      expect(screen.getByText('Memory Storage Full')).toBeInTheDocument();
+      expect(screen.getByText('Memory Error')).toBeInTheDocument();
+    });
+
+    test('returns null when no memories of any type exist', () => {
+      const memoryArtifacts: MemoryArtifact[] = [{ type: 'unknown' as any, key: 'test' }];
+
+      const { container } = render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+      expect(container.firstChild).toBeNull();
+    });
+  });
+
+  describe('Update and Delete Memory Display', () => {
+    test('displays updated memories correctly', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        createMemoryArtifact('update', 'preferences', 'User prefers dark mode'),
+        createMemoryArtifact('update', 'location', 'Lives in San Francisco'),
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      expect(screen.getByText('Updated Memories')).toBeInTheDocument();
+      expect(screen.getByText('preferences')).toBeInTheDocument();
+      expect(screen.getByText('User prefers dark mode')).toBeInTheDocument();
+      expect(screen.getByText('location')).toBeInTheDocument();
+      expect(screen.getByText('Lives in San Francisco')).toBeInTheDocument();
+    });
+
+    test('displays deleted memories correctly', () => {
+      const memoryArtifacts: MemoryArtifact[] = [
+        createMemoryArtifact('delete', 'old_preference'),
+        createMemoryArtifact('delete', 'outdated_info'),
+      ];
+
+      render(<MemoryInfo memoryArtifacts={memoryArtifacts} />);
+
+      expect(screen.getByText('Deleted Memories')).toBeInTheDocument();
+      expect(screen.getByText('old_preference')).toBeInTheDocument();
+      expect(screen.getByText('outdated_info')).toBeInTheDocument();
+    });
+  });
+});

client/src/components/Chat/Presentation.tsx

@@ -4,10 +4,10 @@ import { FileSources, LocalStorageKeys } from 'librechat-data-provider';
 import type { ExtendedFile } from '~/common';
 import { useDeleteFilesMutation } from '~/data-provider';
 import DragDropWrapper from '~/components/Chat/Input/Files/DragDropWrapper';
+import { EditorProvider, SidePanelProvider } from '~/Providers';
 import Artifacts from '~/components/Artifacts/Artifacts';
 import { SidePanelGroup } from '~/components/SidePanel';
 import { useSetFilesToDelete } from '~/hooks';
-import { EditorProvider } from '~/Providers';
 import store from '~/store';
 
 export default function Presentation({ children }: { children: React.ReactNode }) {
@@ -59,22 +59,24 @@ export default function Presentation({ children }: { children: React.ReactNode }
 
   return (
     <DragDropWrapper className="relative flex w-full grow overflow-hidden bg-presentation">
-      <SidePanelGroup
-        defaultLayout={defaultLayout}
-        fullPanelCollapse={fullCollapse}
-        defaultCollapsed={defaultCollapsed}
-        artifacts={
-          artifactsVisibility === true && Object.keys(artifacts ?? {}).length > 0 ? (
-            <EditorProvider>
-              <Artifacts />
-            </EditorProvider>
-          ) : null
-        }
-      >
-        <main className="flex h-full flex-col overflow-y-auto" role="main">
-          {children}
-        </main>
-      </SidePanelGroup>
+      <SidePanelProvider>
+        <SidePanelGroup
+          defaultLayout={defaultLayout}
+          fullPanelCollapse={fullCollapse}
+          defaultCollapsed={defaultCollapsed}
+          artifacts={
+            artifactsVisibility === true && Object.keys(artifacts ?? {}).length > 0 ? (
+              <EditorProvider>
+                <Artifacts />
+              </EditorProvider>
+            ) : null
+          }
+        >
+          <main className="flex h-full flex-col overflow-y-auto" role="main">
+            {children}
+          </main>
+        </SidePanelGroup>
+      </SidePanelProvider>
     </DragDropWrapper>
   );
 }

client/src/components/Prompts/Groups/VariableForm.tsx

@@ -8,8 +8,8 @@ import rehypeHighlight from 'rehype-highlight';
 import { replaceSpecialVars } from 'librechat-data-provider';
 import { useForm, useFieldArray, Controller, useWatch } from 'react-hook-form';
 import type { TPromptGroup } from 'librechat-data-provider';
+import { codeNoExecution } from '~/components/Chat/Messages/Content/MarkdownComponents';
 import { cn, wrapVariable, defaultTextProps, extractVariableInfo } from '~/utils';
-import { codeNoExecution } from '~/components/Chat/Messages/Content/Markdown';
 import { TextareaAutosize, InputCombobox, Button } from '~/components/ui';
 import { useAuthContext, useLocalize, useSubmitMessage } from '~/hooks';
 import { PromptVariableGfm } from '../Markdown';

client/src/components/Prompts/PromptDetails.tsx

@@ -7,7 +7,7 @@ import supersub from 'remark-supersub';
 import rehypeHighlight from 'rehype-highlight';
 import { replaceSpecialVars } from 'librechat-data-provider';
 import type { TPromptGroup } from 'librechat-data-provider';
-import { codeNoExecution } from '~/components/Chat/Messages/Content/Markdown';
+import { codeNoExecution } from '~/components/Chat/Messages/Content/MarkdownComponents';
 import { useLocalize, useAuthContext } from '~/hooks';
 import CategoryIcon from './Groups/CategoryIcon';
 import PromptVariables from './PromptVariables';

client/src/components/Prompts/PromptEditor.tsx

@@ -9,7 +9,7 @@ import rehypeKatex from 'rehype-katex';
 import remarkMath from 'remark-math';
 import supersub from 'remark-supersub';
 import ReactMarkdown from 'react-markdown';
-import { codeNoExecution } from '~/components/Chat/Messages/Content/Markdown';
+import { codeNoExecution } from '~/components/Chat/Messages/Content/MarkdownComponents';
 import AlwaysMakeProd from '~/components/Prompts/Groups/AlwaysMakeProd';
 import { SaveIcon, CrossIcon } from '~/components/svg';
 import VariablesDropdown from './VariablesDropdown';

client/src/components/SidePanel/Agents/AgentConfig.tsx

@@ -7,6 +7,7 @@ import { useToastContext, useFileMapContext, useAgentPanelContext } from '~/Prov
 import useAgentCapabilities from '~/hooks/Agents/useAgentCapabilities';
 import Action from '~/components/SidePanel/Builder/Action';
 import { ToolSelectDialog } from '~/components/Tools';
+import { useGetAgentFiles } from '~/data-provider';
 import { icons } from '~/hooks/Endpoint/Icons';
 import { processAgentOption } from '~/utils';
 import Instructions from './Instructions';
@@ -49,6 +50,18 @@ export default function AgentConfig({ createMutation }: Pick<AgentPanelProps, 'c
   const tools = useWatch({ control, name: 'tools' });
   const agent_id = useWatch({ control, name: 'id' });
 
+  const { data: agentFiles = [] } = useGetAgentFiles(agent_id);
+
+  const mergedFileMap = useMemo(() => {
+    const newFileMap = { ...fileMap };
+    agentFiles.forEach((file) => {
+      if (file.file_id) {
+        newFileMap[file.file_id] = file;
+      }
+    });
+    return newFileMap;
+  }, [fileMap, agentFiles]);
+
   const {
     ocrEnabled,
     codeEnabled,
@@ -74,10 +87,10 @@ export default function AgentConfig({ createMutation }: Pick<AgentPanelProps, 'c
 
     const _agent = processAgentOption({
       agent,
-      fileMap,
+      fileMap: mergedFileMap,
     });
     return _agent.context_files ?? [];
-  }, [agent, agent_id, fileMap]);
+  }, [agent, agent_id, mergedFileMap]);
 
   const knowledge_files = useMemo(() => {
     if (typeof agent === 'string') {
@@ -94,10 +107,10 @@ export default function AgentConfig({ createMutation }: Pick<AgentPanelProps, 'c
 
     const _agent = processAgentOption({
       agent,
-      fileMap,
+      fileMap: mergedFileMap,
     });
     return _agent.knowledge_files ?? [];
-  }, [agent, agent_id, fileMap]);
+  }, [agent, agent_id, mergedFileMap]);
 
   const code_files = useMemo(() => {
     if (typeof agent === 'string') {
@@ -114,10 +127,10 @@ export default function AgentConfig({ createMutation }: Pick<AgentPanelProps, 'c
 
     const _agent = processAgentOption({
       agent,
-      fileMap,
+      fileMap: mergedFileMap,
     });
     return _agent.code_files ?? [];
-  }, [agent, agent_id, fileMap]);
+  }, [agent, agent_id, mergedFileMap]);
 
   const handleAddActions = useCallback(() => {
     if (!agent_id) {

client/src/components/SidePanel/Agents/ShareAgent.tsx

@@ -135,10 +135,9 @@ export default function ShareAgent({
             'btn btn-neutral border-token-border-light relative h-9 rounded-lg font-medium',
             removeFocusOutlines,
           )}
-          aria-label={localize(
-            'com_ui_share_var',
-            { 0: agentName != null && agentName !== '' ? `"${agentName}"` : localize('com_ui_agent') },
-          )}
+          aria-label={localize('com_ui_share_var', {
+            0: agentName != null && agentName !== '' ? `"${agentName}"` : localize('com_ui_agent'),
+          })}
           type="button"
         >
           <div className="flex items-center justify-center gap-2 text-blue-500">
@@ -148,10 +147,9 @@ export default function ShareAgent({
       </OGDialogTrigger>
       <OGDialogContent className="w-11/12 md:max-w-xl">
         <OGDialogTitle>
-          {localize(
-            'com_ui_share_var',
-            { 0: agentName != null && agentName !== '' ? `"${agentName}"` : localize('com_ui_agent') },
-          )}
+          {localize('com_ui_share_var', {
+            0: agentName != null && agentName !== '' ? `"${agentName}"` : localize('com_ui_agent'),
+          })}
         </OGDialogTitle>
         <form
           className="p-2"

client/src/components/SidePanel/Agents/Version/VersionContent.tsx

@@ -1,7 +1,7 @@
 import { Spinner } from '~/components/svg';
 import { useLocalize } from '~/hooks';
 import VersionItem from './VersionItem';
-import { VersionContext } from './VersionPanel';
+import type { VersionContext } from './types';
 
 type VersionContentProps = {
   selectedAgentId: string;

client/src/components/SidePanel/Agents/Version/VersionItem.tsx

@@ -1,5 +1,5 @@
 import { useLocalize } from '~/hooks';
-import { VersionRecord } from './VersionPanel';
+import type { VersionRecord } from './types';
 
 type VersionItemProps = {
   version: VersionRecord;

client/src/components/SidePanel/Agents/Version/VersionPanel.tsx

@@ -1,44 +1,13 @@
 import { ChevronLeft } from 'lucide-react';
 import { useCallback, useMemo } from 'react';
 import { useGetAgentByIdQuery, useRevertAgentVersionMutation } from '~/data-provider';
-import type { Agent } from 'librechat-data-provider';
+import type { AgentWithVersions, VersionContext } from './types';
 import { isActiveVersion } from './isActiveVersion';
 import { useAgentPanelContext } from '~/Providers';
 import { useLocalize, useToast } from '~/hooks';
 import VersionContent from './VersionContent';
 import { Panel } from '~/common';
 
-export type VersionRecord = Record<string, any>;
-
-export type AgentState = {
-  name: string | null;
-  description: string | null;
-  instructions: string | null;
-  artifacts?: string | null;
-  capabilities?: string[];
-  tools?: string[];
-} | null;
-
-export type VersionWithId = {
-  id: number;
-  originalIndex: number;
-  version: VersionRecord;
-  isActive: boolean;
-};
-
-export type VersionContext = {
-  versions: VersionRecord[];
-  versionIds: VersionWithId[];
-  currentAgent: AgentState;
-  selectedAgentId: string;
-  activeVersion: VersionRecord | null;
-};
-
-export interface AgentWithVersions extends Agent {
-  capabilities?: string[];
-  versions?: Array<VersionRecord>;
-}
-
 export default function VersionPanel() {
   const localize = useLocalize();
   const { showToast } = useToast();

client/src/components/SidePanel/Agents/Version/isActiveVersion.ts

@@ -1,4 +1,4 @@
-import { AgentState, VersionRecord } from './VersionPanel';
+import type { AgentState, VersionRecord } from './types';
 
 export const isActiveVersion = (
   version: VersionRecord,

client/src/components/SidePanel/Agents/Version/types.ts

@@ -0,0 +1,35 @@
+export type VersionRecord = Record<string, any>;
+
+export type AgentState = {
+  name: string | null;
+  description: string | null;
+  instructions: string | null;
+  artifacts?: string | null;
+  capabilities?: string[];
+  tools?: string[];
+} | null;
+
+export type VersionWithId = {
+  id: number;
+  originalIndex: number;
+  version: VersionRecord;
+  isActive: boolean;
+};
+
+export type VersionContext = {
+  versions: VersionRecord[];
+  versionIds: VersionWithId[];
+  currentAgent: AgentState;
+  selectedAgentId: string;
+  activeVersion: VersionRecord | null;
+};
+
+export interface AgentWithVersions {
+  name: string;
+  description: string | null;
+  instructions: string | null;
+  artifacts?: string | null;
+  capabilities?: string[];
+  tools?: string[];
+  versions?: Array<VersionRecord>;
+}

client/src/components/SidePanel/Memories/MemoryCreateDialog.tsx

@@ -52,6 +52,10 @@ export default function MemoryCreateDialog({
           if (axiosError.response?.status === 409 || errorMessage.includes('already exists')) {
             errorMessage = localize('com_ui_memory_key_exists');
           }
+          // Check for key validation error (lowercase and underscores only)
+          else if (errorMessage.includes('lowercase letters and underscores')) {
+            errorMessage = localize('com_ui_memory_key_validation');
+          }
         }
       } else if (error.message) {
         errorMessage = error.message;

client/src/components/SidePanel/Memories/MemoryEditDialog.tsx

@@ -44,9 +44,29 @@ export default function MemoryEditDialog({
         status: 'success',
       });
     },
-    onError: () => {
+    onError: (error: Error) => {
+      let errorMessage = localize('com_ui_error');
+
+      if (error && typeof error === 'object' && 'response' in error) {
+        const axiosError = error as any;
+        if (axiosError.response?.data?.error) {
+          errorMessage = axiosError.response.data.error;
+
+          // Check for duplicate key error
+          if (axiosError.response?.status === 409 || errorMessage.includes('already exists')) {
+            errorMessage = localize('com_ui_memory_key_exists');
+          }
+          // Check for key validation error (lowercase and underscores only)
+          else if (errorMessage.includes('lowercase letters and underscores')) {
+            errorMessage = localize('com_ui_memory_key_validation');
+          }
+        }
+      } else if (error.message) {
+        errorMessage = error.message;
+      }
+
       showToast({
-        message: localize('com_ui_error'),
+        message: errorMessage,
         status: 'error',
       });
     },

client/src/components/SidePanel/SidePanel.tsx

@@ -7,8 +7,8 @@ import { useMediaQuery, useLocalStorage, useLocalize } from '~/hooks';
 import useSideNavLinks from '~/hooks/Nav/useSideNavLinks';
 import { useGetEndpointsQuery } from '~/data-provider';
 import NavToggle from '~/components/Nav/NavToggle';
+import { useSidePanelContext } from '~/Providers';
 import { cn, getEndpointField } from '~/utils';
-import { useChatContext } from '~/Providers';
 import Nav from './Nav';
 
 const defaultMinSize = 20;
@@ -43,13 +43,13 @@ const SidePanel = ({
   interfaceConfig: TInterfaceConfig;
 }) => {
   const localize = useLocalize();
+  const { endpoint } = useSidePanelContext();
   const [isHovering, setIsHovering] = useState(false);
   const [newUser, setNewUser] = useLocalStorage('newUser', true);
   const { data: endpointsConfig = {} as TEndpointsConfig } = useGetEndpointsQuery();
 
   const isSmallScreen = useMediaQuery('(max-width: 767px)');
-  const { conversation } = useChatContext();
-  const { endpoint } = conversation ?? {};
+
   const { data: keyExpiry = { expiresAt: undefined } } = useUserKeyQuery(endpoint ?? '');
 
   const defaultActive = useMemo(() => {