v0.8.4
Pre-release
Pre-release
https://www.librechat.ai/changelog/v0.8.4
🏞️ Highlights
This release of LibreChat is primarily focused on security and stability improvements.
- Security Hardening
- 30+ security fixes: Strongly recommended update for all deployments.
- MCP Improvements
- Reconnection storm prevention with circuit breaker and backoff, OAuth race condition fixes, fail-closed domain validation, better STDIO UX with
customUserVars.
- Reconnection storm prevention with circuit breaker and backoff, OAuth race condition fixes, fail-closed domain validation, better STDIO UX with
- Replaced
tiktokenwithai-tokenizer- Lighter, faster tokenization dependency.
- Artifact Rendering
- Replaced React Markdown renderer with static HTML for more reliable artifact display.
- Accessibility
- Screen reader improvements for conversation headings and date groups.
Click to expand Release Notes
For detailed changes in the release candidate, see:
Changes Since v0.8.4-rc1
✨ Features
- 📖 Add Native ODT Document Parser Support by @pol9061 in #12303
- 📡 Support Unauthenticated SMTP Relays by @mfish911 in #12322
🐛 Fixes
- 🎭 Set Explicit Permission Defaults for USER Role in roleDefaults by @danny-avila in #12308
- 🧯 Remove Revoked Agents from User Favorites by @danny-avila in #12296
- 🖼️ Correct ToolMessage Response Format for Agent-Mode Image Tools by @danny-avila in #12310
- 🔌 Isolate Code-Server HTTP Agents to Prevent Socket Pool Contamination by @danny-avila in #12311
- 🛂 Reject OpenID Email Fallback When Stored
openidIdMismatches Token Sub by @danny-avila in #12312 - 🛡️ Prevent loop in ChatGPT import on Cyclic Parent Graphs by @danny-avila in #12313
- 🪦 ACL-Safe User Account Deletion for Agents, Prompts, and MCP Servers by @danny-avila in #12314
- 🚦 ERR_ERL_INVALID_IP_ADDRESS and IPv6 Key Collisions in IP Rate Limiters by @bprussell in #12319
- 💣 Harden against falsified ZIP metadata in ODT parsing by @danny-avila in #12320
- 🪂 Automatic
logout_hintFallback for Oversized OpenID Token URLs by @Airamhh in #12326 - ♾️ Permanent Ban Cache and Expired Ban Cleanup Defects by @JooyoungChoi14 in #12324
- 🪤 Avoid express-rate-limit v8 ERR_ERL_KEY_GEN_IPV6 False Positive by @danny-avila in #12333
- ⛓️💥 Replace React Markdown Artifact Renderer with Static HTML by @danny-avila in #12337
- 🛂 Gate MCP Queries Behind USE Permission to Prevent 403 Spam by @danny-avila in #12345
🔧 Refactoring
- 🫧 Clear Drafts and Surface Error on Expired SSE Stream by @danny-avila in #12309
- 🩺 Surface Descriptive OCR Error Messages to Client by @danny-avila in #12344
♿ Accessibility
- 🗣️ Add Screen Reader Context to Conversation Date Group Headings by @danny-avila in #12340
- 🗣️ Distinguish Conversation Headings for Screen Readers by @danny-avila in #12341
📦 Dependencies & Chores
- 📦 Bump
@dicebeardependencies to v9.4.1 by @danny-avila in #12315 - 🐳 Upgrade Alpine packages in Dockerfiles by @danny-avila in #12316
- 📦 Update
fast-xml-parserto v5.5.7 by @danny-avila in #12317 - 🧹 Resolve correct memory directory in
.gitignoreby @ethanlaj in #12330
🌍 Internationalization
- 🌍 i18n: Update translation.json with latest translations by @github-actions[bot] in #12338
New Contributors
- @pol9061 made their first contribution in #12303
- @bprussell made their first contribution in #12319
- @JooyoungChoi14 made their first contribution in #12324
- @mfish911 made their first contribution in #12322
- @JasonYeYuhe made their first contribution in #12323
Full Changelog: v0.8.3...v0.8.4