Aquileo | Release v0.8.4-rc1 · danny-avila/LibreChat

https://www.librechat.ai/changelog/v0.8.4-rc1

Click to expand Release Notes

What's Changed

🐛 Fixes

⛈️ MCP Reconnection Storm Prevention with Circuit Breaker, Backoff, and Tool Stubs by @mawburn in #12162
🛤️ Base URL Fallback for Path-based OAuth Discovery in Token Refresh by @oreonl in #12164
🛂 MCP OAuth Race Conditions, CSRF Fallback, and Token Expiry Handling by @danny-avila in #12171
🫙 Force MeiliSearch Full Sync on Empty Index State by @danny-avila in #12202
🔏 MCP Server URL Schema Validation by @danny-avila in #12204
🪪 MCP API Responses and OAuth Validation by @danny-avila in #12217
🚦 Add Rate Limiting to Conversation Duplicate Endpoint by @danny-avila in #12218
🔐 Add User Filter to Message Deletion by @danny-avila in #12220
🔑 Require OTP Verification for 2FA Re-Enrollment and Backup Code Regeneration by @danny-avila in #12223
🛡️ Agent Permission Check on Image Upload Route by @danny-avila in #12219
🧹 Sanitize Artifact Filenames in Code Execution Output by @danny-avila in #12222
🌊 Prevent Buffered Event Duplication on SSE Resume Connections by @danny-avila in #12225
📎 Respect fileConfig.disabled for Agents Endpoint Upload Button by @danny-avila in #12238
📎 Enforce File Count and Size Limits Across All Attachment Paths by @danny-avila in #12239
🛰️ Cross-Replica Created Event Delivery by @danny-avila in #12231
🛡️ Cover full fe80::/10 link-local range in IPv6 check by @danny-avila in #12244
🪤 Fail-Closed MCP Domain Validation for Unparseable URLs by @danny-avila in #12245
🛡️ Enforce MULTI_CONVO and agent ACL checks on addedConvo by @danny-avila in #12243
🛡️ Validate User-provided URLs for Web Search by @danny-avila in #12247
🪪 Enforce VIEW ACL on Agent Edge References at Write and Runtime by @danny-avila in #12246
📑 Sanitize Markdown Artifacts by @danny-avila in #12249
🫷 Validate User-Provided Base URL in Endpoint Init by @danny-avila in #12248
🔏 Scope Agent-Author File Access to Attached Files Only by @danny-avila in #12251
🪙 Resolve Azure AD Group Overage via OBO Token Exchange for OpenID by @Airamhh in #12187
🔏 Enforce MCP Server Authorization on Agent Tool Persistence by @danny-avila in #12250
🛂 Enforce Actions Capability Gate Across All Event-Driven Tool Loading Paths by @danny-avila in #12252
🧱 Enforce Agent Access Control on Context and OCR File Loading by @danny-avila in #12253
🗝️ Exempt Admin-Trusted Domains from MCP OAuth Validation by @danny-avila in #12255
🧯 Prevent Env-Variable Exfil. via Placeholder Injection by @danny-avila in #12260
🪪 Enforce Conversation Ownership Checks in Remote Agent Controllers by @danny-avila in #12263
🔏 Remove Federated Tokens from OpenID Refresh Response by @danny-avila in #12264
🪝 MCP Refresh token on OAuth Discovery Failure by @danny-avila in #12266
🪢 Action Domain Encoding Collision for HTTPS URLs by @danny-avila in #12271
🏷️ Clear Model Spec Fields When Navigating with Non-spec Query Params by @danny-avila in #12274
🧯 Add Pre-Parse File Size Guard to Document Parser by @danny-avila in #12275
🛂 Validate types Query Param in People Picker Access Middleware by @danny-avila in #12276

🔧 Refactoring

🔄 OAuth Metadata Discovery with Origin Fallback by @danny-avila in #12170
⚡ Replace tiktoken with ai-tokenizer by @danny-avila in #12175
📏 Add File Size Limits to Conversation Imports by @danny-avila in #12221
💁 Better Config UX for MCP STDIO with customUserVars by @danny-avila in #12226
🛡️ Scope Action Mutations by Parent Resource Ownership by @danny-avila in #12237
🐍 Normalize Non-Standard Browser MIME Type Aliases in inferMimeType by @danny-avila in #12240
🔧 Proper MCP Menu Dismissal by @dustinhealy in #12256

⚙️ Other Changes

🧪 MCP Reconnect Storm Follow-Up Fixes and Integration Tests by @danny-avila in #12172
📦 Bump NPM Audit Packages by @danny-avila in #12227
📦 Bump @librechat/agents to v3.1.56 by @danny-avila in #12258

🌍 Internationalization

🌍 i18n: Update translation.json with latest translations by @github-actions[bot] in #12176, #12203, #12259

New Contributors

@oreonl made their first contribution in #12164

Full Changelog: v0.8.3...v0.8.4-rc1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

v0.8.4-rc1

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Click to expand Release Notes

What's Changed

🐛 Fixes

🔧 Refactoring

⚙️ Other Changes

🌍 Internationalization

New Contributors

Uh oh!