mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-05-13 16:07:30 +00:00
181d705579
* 🧹 fix: Prune Orphaned File References on File Deletion Deleting a file via the Manage Files tab left its file_id in every agent's tool_resources.*.file_ids. Stubs accumulate until the frontend dedupe keys them as duplicates and blocks all new uploads (issue #12776). - Add removeAgentResourceFilesFromAllAgents in packages/data-schemas: a single updateMany/$pullAll across every EToolResources category. - Invoke it from processDeleteRequest after db.deleteFiles so every referencing agent is cleaned up, not just the one passed in req.body. - Wrap the cleanup in try/catch so a stale agent update cannot mask a successful file deletion. * 🧼 fix: Prune Orphaned File References on Agent Update Already-affected agents would stay broken even after the delete-time fix: the stubs sit on the agent document until something strips them. Heal them on the next save (issue #12776). - Add collectToolResourceFileIds + stripFileIdsFromToolResources helpers in @librechat/api — centralizing the tool_resources traversal used by the controller and the follow-up migration script. - In updateAgentHandler, check the effective tool_resources against the files collection. When orphans are found, either strip them from the incoming tool_resources (if the update sets them) or run the bulk cleanup (if the update leaves tool_resources untouched). * 🧰 chore: Add Migration to Clean Up Orphaned Agent File References Complements the delete-time and save-time fixes by healing agents that already accumulated orphan stubs before the upgrade (issue #12776). The script is idempotent — re-running it on a clean database is a no-op. - Add config/migrate-orphaned-agent-files.js following the existing migrate-*.js convention: --dry-run by default omitted (writes by default) and --batch-size= tuning knob. Streams agents via cursor. - Register migrate:orphaned-agent-files and :dry-run npm scripts. - Reuse collectToolResourceFileIds from @librechat/api so migration and runtime share the same traversal logic. * 🩹 fix: Address Codex/Copilot Review on Orphaned Agent File Cleanup Refines the #12776 fix series based on automated review feedback. - Scope save-time pruning to the current agent only. When a PATCH carries tool_resources, strip orphans from the incoming payload and pay the DB round-trip only then. Removes the collection-wide updateMany previously triggered when tool_resources was absent (Codex P2 / Copilot). - Wrap the orphan check in try/catch so a transient db.getFiles failure can't turn a good save into a 500 (comprehensive review #1). - Replace Object.values(EToolResources) casts with an explicit list of agent-side categories in both orphans.ts and agent.ts. code_interpreter belongs to the Assistants API and isn't a key of AgentToolResources — including it was a type lie and generated dead MongoDB clauses (comprehensive review #3, #8). - Export TOOL_RESOURCE_KEYS from @librechat/api and consume it in the migration script, dropping one duplicated definition (#4). - Cap migration results.details at 50 sample entries so the memory footprint stays bounded on deployments with thousands of corrupted agents (Codex P3). - Add migrate:orphaned-agent-files:batch npm script to match the convention set by migrate-agent-permissions / migrate-prompt-permissions (#7). - Add controller-level tests covering the three orphan-pruning paths: strip from incoming tool_resources, leave alone when tool_resources is absent, swallow db.getFiles errors and still save (#6). - Back pre-existing "should validate tool_resources in updates" test's file_ids with real File docs — the new pruning would otherwise strip them, and that test is about OCR conversion / schema filtering, not file existence. Register the File model in beforeAll so the fixture works. * 🩹 fix: Tighten TOOL_RESOURCE_KEYS Type and Align Migration Sample Output Two follow-ups from the second review pass. - Type data-schemas' TOOL_RESOURCE_KEYS as ReadonlyArray<keyof AgentToolResources> instead of readonly string[]. Data-schemas depends on data-provider, so the import is clean. Catches typos and aligns with the matching export in @librechat/api — doesn't guarantee exhaustiveness, but that's a TypeScript limitation, not a workspace one. - Align the migration's console output with DETAIL_SAMPLE_LIMIT: print every collected detail (up to 50) and, when more agents were affected than the sample size allowed, show a truncation notice. The old hard cap of 25 meant affected agents in the 26-50 range were collected but never shown. * ✅ test: Add Integration Coverage for Orphan Cleanup Paths (#12776) Exercise the delete-time and migration paths end-to-end against a real in-memory Mongo. Catches integration bugs the isolated unit tests on each layer couldn't. - api/server/services/Files/process.integration.spec.js — the primary repro: seed an Agent + File, call processDeleteRequest, assert the file_id disappears from every referencing agent's tool_resources while unrelated agents stay untouched. Also covers the no-op case and confirms a failure in the new cleanup step cannot roll back the file deletion itself. - api/test/migrate-orphaned-agent-files.spec.js — drives the migration module: --dry-run reports without writing, apply mode prunes across every tool_resource category, re-running is idempotent, and DETAIL_SAMPLE_LIMIT caps the in-memory sample on wide corruption. Mocks only the connect helper (the spec owns the mongoose instance) so the real migration code path — cursor, $pullAll, reduce — runs. * 🔒 fix: Run Orphan Cleanup Migration in System Tenant Context Codex P2 catch: under TENANT_ISOLATION_STRICT=true, the migration throws on the very first Agent.countDocuments() because the tenant isolation plugin fail-closes on queries without tenant context — which makes migrate:orphaned-agent-files unusable on the exact deployments most likely to have accumulated corruption. - Wrap the scan/prune body in runAsSystem so queries bypass the tenant filter (SYSTEM_TENANT_ID sentinel). The migration legitimately needs cross-tenant visibility — this is the same pattern seedDatabase and the S3 refresh job already use. - Add a regression test that spies on Agent.countDocuments() and asserts the active tenantStorage context is SYSTEM_TENANT_ID during the call. Pins the wrap against future regressions without the brittleness of toggling the strict-mode env var (which caches on first read). Note: the delete-time and save-time paths already run inside an authenticated HTTP request where tenantStorage.run is set by auth middleware, so the cleanup naturally scopes to the current tenant — which is the correct behavior there since file ownership is tenant-scoped. * 🧹 chore: Drop Unused path Import From Process Integration Spec Leftover from an earlier iteration that resolved the migration path via path.resolve before I switched to a relative require. The import does nothing now — removing it.
192 lines
8.7 KiB
JSON
192 lines
8.7 KiB
JSON
{
|
|
"name": "LibreChat",
|
|
"version": "v0.8.5-rc1",
|
|
"description": "",
|
|
"packageManager": "npm@11.10.0",
|
|
"workspaces": [
|
|
"api",
|
|
"client",
|
|
"packages/*"
|
|
],
|
|
"scripts": {
|
|
"update": "node config/update.js",
|
|
"add-balance": "node config/add-balance.js",
|
|
"set-balance": "node config/set-balance.js",
|
|
"list-balances": "node config/list-balances.js",
|
|
"user-stats": "node config/user-stats.js",
|
|
"rebuild:package-lock": "node config/packages",
|
|
"reinstall": "node config/update.js -l -g",
|
|
"smart-reinstall": "node config/smart-reinstall.js",
|
|
"b:reinstall": "bun config/update.js -b -l -g",
|
|
"reinstall:docker": "node config/update.js -d -g",
|
|
"update:local": "node config/update.js -l",
|
|
"update:docker": "node config/update.js -d",
|
|
"update:single": "node config/update.js -s",
|
|
"update:sudo": "node config/update.js --sudo",
|
|
"update:deployed": "node config/deployed-update.js",
|
|
"rebase:deployed": "node config/deployed-update.js --rebase",
|
|
"start:deployed": "docker compose -f ./deploy-compose.yml up -d || docker-compose -f ./deploy-compose.yml up -d",
|
|
"stop:deployed": "docker compose -f ./deploy-compose.yml down || docker-compose -f ./deploy-compose.yml down",
|
|
"upgrade": "node config/upgrade.js",
|
|
"create-user": "node config/create-user.js",
|
|
"invite-user": "node config/invite-user.js",
|
|
"list-users": "node config/list-users.js",
|
|
"reset-password": "node config/reset-password.js",
|
|
"ban-user": "node config/ban-user.js",
|
|
"delete-user": "node config/delete-user.js",
|
|
"reset-meili-sync": "node config/reset-meili-sync.js",
|
|
"update-banner": "node config/update-banner.js",
|
|
"delete-banner": "node config/delete-banner.js",
|
|
"backend": "cross-env NODE_ENV=production node api/server/index.js",
|
|
"backend:inspect": "cross-env NODE_ENV=production node --inspect --expose-gc api/server/index.js",
|
|
"backend:dev": "cross-env NODE_ENV=development npx nodemon api/server/index.js",
|
|
"backend:experimental": "cross-env NODE_ENV=production node api/server/experimental.js",
|
|
"backend:stop": "node config/stop-backend.js",
|
|
"build:data-provider": "cd packages/data-provider && npm run build",
|
|
"build:api": "cd packages/api && npm run build",
|
|
"build:data-schemas": "cd packages/data-schemas && npm run build",
|
|
"build:client": "cd client && npm run build",
|
|
"build:client-package": "cd packages/client && npm run build",
|
|
"build:packages": "npm run build:data-provider && npm run build:data-schemas && npm run build:api && npm run build:client-package",
|
|
"build": "npx turbo run build",
|
|
"build:safe": "npx turbo run build --no-daemon",
|
|
"frontend": "npm run build:data-provider && npm run build:data-schemas && npm run build:api && npm run build:client-package && cd client && npm run build",
|
|
"frontend:ci": "npm run build:data-provider && npm run build:client-package && cd client && npm run build:ci",
|
|
"frontend:dev": "cd client && npm run dev",
|
|
"e2e": "playwright test --config=e2e/playwright.config.local.ts",
|
|
"e2e:headed": "playwright test --config=e2e/playwright.config.local.ts --headed",
|
|
"e2e:a11y": "playwright test --config=e2e/playwright.config.a11y.ts --headed",
|
|
"e2e:ci": "playwright test --config=e2e/playwright.config.ts",
|
|
"e2e:debug": "cross-env PWDEBUG=1 playwright test --config=e2e/playwright.config.local.ts",
|
|
"e2e:codegen": "npx playwright codegen --load-storage=e2e/storageState.json http://localhost:3080/c/new",
|
|
"e2e:login": "npx playwright codegen --save-storage=e2e/auth.json http://localhost:3080/login",
|
|
"e2e:github": "act -W .github/workflows/playwright.yml --secret-file my.secrets",
|
|
"test:client": "cd client && npm run test:ci",
|
|
"test:api": "cd api && npm run test:ci",
|
|
"test:packages:api": "cd packages/api && npm run test:ci",
|
|
"test:packages:data-provider": "cd packages/data-provider && npm run test:ci",
|
|
"test:packages:data-schemas": "cd packages/data-schemas && npm run test:ci",
|
|
"test:all": "npm run test:client && npm run test:api && npm run test:packages:api && npm run test:packages:data-provider && npm run test:packages:data-schemas",
|
|
"e2e:update": "playwright test --config=e2e/playwright.config.js --update-snapshots",
|
|
"e2e:report": "npx playwright show-report e2e/playwright-report",
|
|
"lint:fix": "eslint --fix \"{,!(node_modules|venv)/**/}*.{js,jsx,ts,tsx}\"",
|
|
"lint": "eslint \"{,!(node_modules|venv)/**/}*.{js,jsx,ts,tsx}\"",
|
|
"format": "npx prettier --write \"{,!(node_modules|venv)/**/}*.{js,jsx,ts,tsx}\"",
|
|
"b:api": "NODE_ENV=production bun run api/server/index.js",
|
|
"b:api-inspect": "NODE_ENV=production bun --inspect run api/server/index.js",
|
|
"b:api:dev": "NODE_ENV=production bun run --watch api/server/index.js",
|
|
"b:data": "cd packages/data-provider && bun run b:build",
|
|
"b:build:client-package": "cd packages/client && bun run b:build",
|
|
"b:data-schemas": "cd packages/data-schemas && bun run b:build",
|
|
"b:build:api": "cd packages/api && bun run b:build",
|
|
"b:build:client": "cd client && bun --bun run b:build",
|
|
"b:client": "bun --bun run b:data && bun --bun run b:data-schemas && bun --bun run b:build:api && bun --bun run b:build:client-package && bun --bun run b:build:client",
|
|
"b:client:dev": "cd client && bun run b:dev",
|
|
"b:test:client": "cd client && bun run b:test",
|
|
"b:test:api": "cd api && bun run b:test",
|
|
"b:balance": "bun config/add-balance.js",
|
|
"b:list-balances": "bun config/list-balances.js",
|
|
"reset-terms": "node config/reset-terms.js",
|
|
"flush-cache": "node config/flush-cache.js",
|
|
"migrate:agent-permissions:dry-run": "node config/migrate-agent-permissions.js --dry-run",
|
|
"migrate:agent-permissions": "node config/migrate-agent-permissions.js",
|
|
"migrate:agent-permissions:batch": "node config/migrate-agent-permissions.js --batch-size=50",
|
|
"migrate:prompt-permissions:dry-run": "node config/migrate-prompt-permissions.js --dry-run",
|
|
"migrate:prompt-permissions": "node config/migrate-prompt-permissions.js",
|
|
"migrate:prompt-permissions:batch": "node config/migrate-prompt-permissions.js --batch-size=50",
|
|
"migrate:orphaned-agent-files:dry-run": "node config/migrate-orphaned-agent-files.js --dry-run",
|
|
"migrate:orphaned-agent-files": "node config/migrate-orphaned-agent-files.js",
|
|
"migrate:orphaned-agent-files:batch": "node config/migrate-orphaned-agent-files.js --batch-size=50"
|
|
},
|
|
"repository": {
|
|
"type": "git",
|
|
"url": "git+https://github.com/danny-avila/LibreChat.git"
|
|
},
|
|
"author": "",
|
|
"license": "ISC",
|
|
"bugs": {
|
|
"url": "https://github.com/danny-avila/LibreChat/issues"
|
|
},
|
|
"homepage": "https://librechat.ai/",
|
|
"devDependencies": {
|
|
"@axe-core/playwright": "^4.10.1",
|
|
"@eslint/compat": "^1.2.6",
|
|
"@eslint/eslintrc": "^3.3.4",
|
|
"@eslint/js": "^9.20.0",
|
|
"@playwright/test": "^1.56.1",
|
|
"@types/react-virtualized": "^9.22.0",
|
|
"caniuse-lite": "^1.0.30001741",
|
|
"cross-env": "^7.0.3",
|
|
"elliptic": "^6.6.1",
|
|
"eslint": "^9.39.1",
|
|
"eslint-config-prettier": "^10.0.1",
|
|
"eslint-import-resolver-typescript": "^3.7.0",
|
|
"eslint-plugin-i18next": "^6.1.1",
|
|
"eslint-plugin-import": "^2.31.0",
|
|
"eslint-plugin-jest": "^29.1.0",
|
|
"eslint-plugin-jsx-a11y": "^6.10.2",
|
|
"eslint-plugin-prettier": "^5.2.3",
|
|
"eslint-plugin-react": "^7.37.4",
|
|
"eslint-plugin-react-hooks": "^5.1.0",
|
|
"eslint-plugin-simple-import-sort": "^12.1.1",
|
|
"globals": "^15.14.0",
|
|
"husky": "^9.1.7",
|
|
"jest": "^30.2.0",
|
|
"lint-staged": "^15.4.3",
|
|
"prettier": "^3.5.0",
|
|
"prettier-plugin-tailwindcss": "^0.6.11",
|
|
"turbo": "^2.8.12",
|
|
"typescript-eslint": "^8.24.0"
|
|
},
|
|
"overrides": {
|
|
"@anthropic-ai/sdk": "0.73.0",
|
|
"@librechat/agents": {
|
|
"@langchain/anthropic": {
|
|
"@anthropic-ai/sdk": "0.73.0",
|
|
"fast-xml-parser": "5.6.0"
|
|
},
|
|
"@anthropic-ai/sdk": "0.73.0",
|
|
"fast-xml-parser": "5.6.0"
|
|
},
|
|
"elliptic": "^6.6.1",
|
|
"fast-xml-parser": "5.6.0",
|
|
"form-data": "^4.0.4",
|
|
"tslib": "^2.8.1",
|
|
"mdast-util-gfm-autolink-literal": "2.0.0",
|
|
"remark-gfm": {
|
|
"mdast-util-gfm-autolink-literal": "2.0.0"
|
|
},
|
|
"mdast-util-gfm": {
|
|
"mdast-util-gfm-autolink-literal": "2.0.0"
|
|
},
|
|
"katex": "^0.16.21",
|
|
"rehype-katex": {
|
|
"katex": "^0.16.21"
|
|
},
|
|
"remark-math": {
|
|
"micromark-extension-math": {
|
|
"katex": "^0.16.21"
|
|
}
|
|
},
|
|
"langsmith": "0.4.12",
|
|
"eslint": {
|
|
"ajv": "6.14.0"
|
|
},
|
|
"underscore": "1.13.8",
|
|
"hono": "^4.12.4",
|
|
"@hono/node-server": "^1.19.10",
|
|
"monaco-editor": {
|
|
"dompurify": "3.4.0"
|
|
},
|
|
"svgo": "^2.8.2"
|
|
},
|
|
"nodemonConfig": {
|
|
"ignore": [
|
|
"api/data/",
|
|
"data/",
|
|
"client/",
|
|
"admin/",
|
|
"packages/"
|
|
]
|
|
}
|
|
}
|