π¬ refactor: Prevent Automatic MCP Server UI Deselection#10588
Merged
danny-avila merged 2 commits intodevfrom Nov 19, 2025
Merged
π¬ refactor: Prevent Automatic MCP Server UI Deselection#10588danny-avila merged 2 commits intodevfrom
danny-avila merged 2 commits intodevfrom
Conversation
* Introduced a new backend script (`experimental.js`) to manage a clustered server environment with Redis cache flushing on startup. * Updated `package.json` to include a new script command for the experimental backend. * This setup aims to enhance scalability and performance for production environments.
jcotillo
added a commit
to eko-ventures/LibreChat
that referenced
this pull request
Nov 20, 2025
* βΏ fix: `createFileSearchTool` to return tuples for error messages (danny-avila#10547) * β³ fix: Async Model End Events, Await Tool Call and Dispatch Handling (danny-avila#10552) * π€ refactor: Improve Agent Handoff Context Tracking (danny-avila#10553) * chore: update @librechat/agents dependency to version 3.0.18 * refactor: add optional metadata field to message schema and types * chore: update @librechat/agents to v3.0.19 * refactor: update return type of sendCompletion method to include metadata * chore: linting * chore: update @librechat/agents dependency to v3.0.20 * refactor: implement agent labeling for conversation history in multi-agent scenarios * refactor: improve error handling for capturing agent ID map in AgentClient * refactor: clear agentIdMap and related properties during client disposal to prevent memory leaks * chore: update sendCompletion method for FakeClient to return an object with completion and metadata fields * π€ feat: Agent Avatar Removal and Decouple upload/reset from Agent Updates (danny-avila#10527) * β¨ feat: Enhance agent avatar management with upload and reset functionality * β¨ feat: Refactor AvatarMenu to use DropdownPopup for improved UI and functionality * β¨ feat: Improve avatar upload handling in AgentPanel to suppress misleading "no changes" toast * β¨ feat: Refactor toast message handling and payload composition in AgentPanel for improved clarity and functionality * β¨ feat: Enhance agent avatar functionality with upload, reset, and validation improvements * β¨ feat: Refactor agent avatar upload handling and enhance related components for improved functionality and user experience * feat(agents): tighten ACL, harden GETs/search, and sanitize action metadata stop persisting refreshed S3 URLs on GET; compute per-response only enforce ACL EDIT on revert route; remove legacy admin/author/collab checks sanitize action metadata before persisting during duplication (api_key, oauth_client_id, oauth_client_secret) escape user search input, cap length (100), and use Set for public flag mapping add explicit req.file guard in avatar upload; fix empty catch lint; remove unused imports * feat: Remove outdated avatar-related translation keys * feat: Improve error logging for avatar updates and streamline file input handling * feat(agents): implement caching for S3 avatar refresh in agent list responses * fix: replace unconventional 'void e' with explicit comment to clarify intentionally ignored error Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * feat(agents): enhance avatar handling and improve search functionality * fix: clarify intentionally ignored error in agent list handler --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * π§ refactor: Update Avatar component to improve file selection handling (danny-avila#10555) * Refactored `openFileDialog` to use `useCallback` for better performance. * Introduced `handleSelectFileClick` to manage file selection click events, enhancing user interaction. * π§ fix: Catch Errors in ToolEndHandler and Pass Logger (danny-avila#10565) * π¦ chore: Bump `@librechat/agents` to v3.0.22 * π fix: Error Handling in MCP Tool List Controller (danny-avila#10570) * π§ fix: Handle errors when fetching server tools and log missing tools in MCP tools controller, to prevent all MCP tools from not getting listed * π§ fix: Remove trailing colons from error messages in MCPConnection class * chore: Update test command patterns in package.json for cache integration tests * π¨ feat: Pass Custom Headers to Model Discovery (`v1/models`) (danny-avila#10564) * π© feat: Add `--provider` flag to create-user script (danny-avila#10572) As we're using google authentication without automatic sign-up, we need a way to pass the provider to the user creation. * π‘οΈ chore: Enhance Agents Error Handling via `@librechat/agents@v3.0.25` (danny-avila#10577) * π§ fix: Enhance error handling for agents system in uncaughtException logger * Added specific logging for errors originating from the agents system to improve debugging and maintain application stability. * π¦ chore: Update dependencies for `@librechat/agents` and related packages to v3.0.25 and improve version consistency across modules * π€ feat: Gemini 3 Support (danny-avila#10584) * feat: Add support for model in token configurations and tests * chore: Update @librechat/agents to version 3.0.26 in package.json and package-lock.json * π’ fix: Resolved Screen Reader Issues with `TooltipAnchor` (danny-avila#10580) TooltipAnchor was automatically adding an `aria-describedby` tag which often duplicated the labeling already present inside of the anchor. E.g., the screen reader might say "New Chat, New Chat, button" instead of just "New Chat, button." I've removed the TooltipAnchor's automatic `aria-describedby` and worked to make sure that anyone using TooltipAnchor properly defines its labeling. * π¬ refactor: Prevent Automatic MCP Server UI Deselection (danny-avila#10588) * chore: Add experimental backend server for multi-pod simulation * Introduced a new backend script (`experimental.js`) to manage a clustered server environment with Redis cache flushing on startup. * Updated `package.json` to include a new script command for the experimental backend. * This setup aims to enhance scalability and performance for production environments. * refactor: Remove server disconnection handling logic from useMCPServerManager * π feat: Enhance Actions SSRF Protection with Comprehensive IP and Domain Validation (danny-avila#10583) * π feat: Enhance SSRF Protection with Comprehensive IP and Domain Validation * Added extensive tests for validating IP addresses and domains to prevent SSRF attacks, including checks for internal, private, and link-local addresses. * Improved domain validation logic to handle various edge cases, ensuring only legitimate requests are processed. * Implemented security measures against common cloud provider metadata access and internal service exploitation. * Updated existing tests to reflect changes in validation logic and ensure robust security coverage. * chore: cleanup comments * π feat: Improve Domain Validation Logic for Enhanced Security * Added logic to extract and normalize hostnames from client-provided domains, including handling of URLs and IP addresses. * Implemented checks using Node.js's net module to validate IP addresses, ensuring robust domain validation. * Updated existing validation conditions to enhance security against potential SSRF attacks. * feat: Additional Protocol Checks and IPv6 Support * Added tests to reject unsupported protocols (FTP, WebSocket, file) in client domains to strengthen SSRF protection. * Improved domain extraction logic to preserve brackets for IPv6 addresses, ensuring correct URL formatting. * Updated validation logic to handle various edge cases for client-provided domains, enhancing overall security. * feat: Expand Domain Validation Tests for Enhanced SSRF Protection * Added comprehensive tests for handling various URL formats, including IPv6 addresses, authentication credentials, and special characters in paths. * Implemented additional validation scenarios for client domains, covering edge cases such as malformed URLs, empty strings, and unsupported protocols. * Enhanced handling of internationalized domain names and localhost variations to ensure robust domain extraction and validation. * π feat: Implement Cross-Platform IP Validation Functionality * Added a new `isIP` function for validating IP addresses in both Node.js and browser environments, replacing the previous reliance on the Node.js `net` module. * Updated domain extraction and validation logic to utilize the new `isIP` function, ensuring consistent IP validation across the application. * Enhanced handling of IPv4 and IPv6 addresses, including proper formatting for URLs. * π· fix: Use 'media' type for Google multimodal attachments (danny-avila#10586) * fix: change google multimodal attachments to use type: 'media' * chore: Update @librechat/agents to version 3.0.27 in package.json and package-lock.json --------- Co-authored-by: Danny Avila <danny@librechat.ai> --------- Co-authored-by: Danny Avila <danny@librechat.ai> Co-authored-by: Marco Beretta <81851188+berry-13@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Joseph Licata <54822374+usnavy13@users.noreply.github.com> Co-authored-by: Anthony QuΓ©rΓ© <47711333+Anthony-Jhoiro@users.noreply.github.com> Co-authored-by: Linus Gasser <linus.gasser@epfl.ch> Co-authored-by: Daniel Lew <dlew@users.noreply.github.com> Co-authored-by: Dustin Healy <54083382+dustinhealy@users.noreply.github.com>
paychex-inder
added a commit
to paychex/LibreChat
that referenced
this pull request
Dec 17, 2025
Removes the useEffect that filtered disconnected servers from selection. This logic had a race condition where servers would get deselected during user selection due to temporarily stale connection status data. The filtering was not essential because: 1. Server connection status is shown via UI icons 2. toggleServerSelection already gates selection to connected servers 3. The API handles disconnected servers gracefully with error feedback This matches upstream fix danny-avila#10588 'Prevent Automatic MCP Server UI Deselection'
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
I refactored the MCP server manager hook and introduced a backend configuration to simulate multi-pod environments for testing distributed system behaviors.
backend:experimentalto run the clustered backend configurationNote: There are still pending UX issues that may require users to reinitialize MCP servers every time if they are not selected, but at least now they will no longer be automatically toggled off.
Change Type
Testing
I tested the changes in a local development environment with Redis enabled and multiple worker processes.
Test Configuration:
Testing Steps:
npm run backend:experimentalto start the clustered backendChecklist