LibreChat/api/server/routes
Marco Beretta e764c983cf
fix: enforce forced retention on global tag rename and delete
Per-conversation tag writes already convert their conversation under
forced ephemeral retention, but global bookmark-tag renames and deletes
rewrite conversation rows via Conversation.updateMany without setting
isTemporary/expiredAt. A permanent chat tagged before the install
switched to ephemeral, touched only by a tag rename or delete, would
keep its retention fields unset and stay visible and non-expiring.

Add cascadeForcedRetentionByTag plus an applyForcedRetentionToTag method
that bulk-converts every conversation carrying a tag (and backfills its
messages and caps its shares) through the shared gap filter, so it never
extends a chat that already expires sooner. Load the interface config on
PUT /:tag and DELETE /:tag and route those writes through it.
2026-07-01 19:38:20 +02:00
..
__test-utils__ 🔗 feat: Add Granular Access Control to Shared Links via ACL System (#13051) 2026-06-03 14:17:17 -04:00
__tests__ fix: thread retention config through conversation pin route 2026-06-30 04:51:45 +02:00
admin 📒 feat: Audit Log Backend for SystemGrant Assign and Revoke Events (#13087) 2026-06-18 15:42:33 -04:00
agents fix: cap agent abort and disconnect partial saves to the parent expiry 2026-06-30 04:54:43 +02:00
assistants 🧭 fix: Tighten Action OAuth Endpoint Validation (#13142) 2026-05-15 14:53:41 -04:00
files 🗜️ fix: Support Windows ZIP MIME Uploads (#13794) 2026-06-16 11:19:06 -04:00
types WIP: Update UI to match Official Style; Vision and Assistants 👷🏽 (#1190) 2023-11-16 10:42:24 -05:00
accessPermissions.js 🔗 feat: Add Granular Access Control to Shared Links via ACL System (#13051) 2026-06-03 14:17:17 -04:00
accessPermissions.sharePolicy.test.js 🔗 feat: Add Granular Access Control to Shared Links via ACL System (#13051) 2026-06-03 14:17:17 -04:00
accessPermissions.test.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
actions.js fix: Extend and Decouple MCP OAuth Flow Timeouts (#13622) 2026-06-09 17:50:02 -04:00
apiKeys.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
auth.2fa-ratelimit.test.js 🪣 refactor: Rate-Limit Token Routes and Cap Remote File Downloads (#13978) 2026-06-26 12:19:03 -04:00
auth.cloudfront.test.js 🪣 refactor: Rate-Limit Token Routes and Cap Remote File Downloads (#13978) 2026-06-26 12:19:03 -04:00
auth.js 🪣 refactor: Rate-Limit Token Routes and Cap Remote File Downloads (#13978) 2026-06-26 12:19:03 -04:00
auth.reset-password-ratelimit.test.js 🪣 refactor: Rate-Limit Token Routes and Cap Remote File Downloads (#13978) 2026-06-26 12:19:03 -04:00
balance.js 🤫 chore: Quiet Repetitive Log Noise from Balance, CloudFront, and Capability Paths (#13461) 2026-06-01 20:40:16 -04:00
banner.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
categories.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
config.js 🔐 fix: Gate Shared Startup Config By Link Access (#13897) 2026-06-23 08:28:37 -04:00
convos.js fix: thread retention config through conversation pin route 2026-06-30 04:51:45 +02:00
endpoints.js ♻️ refactor: Compute Context Gauge Client-Side, Drop Projection Endpoint (#13953) 2026-06-25 15:29:31 -04:00
index.js 📒 feat: Audit Log Backend for SystemGrant Assign and Revoke Events (#13087) 2026-06-18 15:42:33 -04:00
keys.js 🔱 chore: Harden API Routes Against IDOR and DoS Attacks (#11760) 2026-02-12 18:08:24 -05:00
mcp.js 🔐 fix: Honor Admin-Panel MCP Allowlist Overrides Without Restart (#13814) 2026-06-17 20:14:53 -04:00
memories.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
messages.js fix: enforce forced retention on message edits, feedback, and error saves 2026-07-01 19:38:01 +02:00
models.js 🛠️ refactor: Model Loading and Custom Endpoint Error Handling (#1849) 2024-02-20 12:57:58 -05:00
oauth.js 🩻 refactor: Replace Opaque OAuth Errors with Structured Failure Diagnostics (#13471) 2026-06-02 15:06:42 -04:00
oauth.test.js feat: Immediate Conversation Title Generation (#13395) 2026-06-02 16:40:57 -04:00
presets.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
projects.js 🗂️ feat: Add Private Chat Projects (#13467) 2026-06-03 15:29:18 -04:00
prompts.js 📁 refactor: Prompts UI (#11570) 2026-03-22 16:56:22 -04:00
prompts.test.js 📁 refactor: Prompts UI (#11570) 2026-03-22 16:56:22 -04:00
roles.js 📜 feat: Skills UI + Initial E2E CRUD / Sharing (#12580) 2026-04-25 04:02:00 -04:00
rum.js 📈 fix: Isolate RUM Telemetry Proxy Auth from App Auth (#13765) 2026-06-15 12:49:44 -04:00
search.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
settings.js 🎚️ feat: Per-User Skill Active/Inactive Toggle with Ownership-Aware Defaults (#12692) 2026-04-25 04:02:00 -04:00
share.js 🔄 feat: Continue Shared Conversations as Personal Copies (#13714) 2026-06-24 16:27:01 -04:00
skills.js 🧬 feat: Add GitHub Skill Sync (#13293) 2026-06-10 21:05:54 -04:00
skills.tenant.test.js 🧵 fix: Preserve Upload Context Across Multipart Routes (#13072) 2026-05-11 15:46:48 -04:00
skills.test.js 🧬 feat: Add GitHub Skill Sync (#13293) 2026-06-10 21:05:54 -04:00
static.js 🧹 chore: Cleanup Logger and Utility Imports (#9935) 2025-10-01 23:30:47 -04:00
tags.js fix: enforce forced retention on global tag rename and delete 2026-07-01 19:38:20 +02:00
user.js 🪣 refactor: Rate-Limit Token Routes and Cap Remote File Downloads (#13978) 2026-06-26 12:19:03 -04:00
user.verify-ratelimit.test.js 🪣 refactor: Rate-Limit Token Routes and Cap Remote File Downloads (#13978) 2026-06-26 12:19:03 -04:00