Danny Avila 8be0047a80 🔒 fix: Access Check for User-Specific Job Metadata in Streaming Endpoint (#11487) ...

* Implemented a check to ensure that only the user associated with a job can access its chat stream, returning a 403 Unauthorized response for mismatched user IDs.
* This enhancement improves security by preventing unauthorized access to user-specific job data.

2026-01-23 09:06:48 -05:00

..

__tests__

🔒 fix: Restrict MCP Stdio Transport via API (#11184)

2026-01-03 12:47:11 -05:00

agents

🔒 fix: Access Check for User-Specific Job Metadata in Streaming Endpoint (#11487)

2026-01-23 09:06:48 -05:00

assistants

📦 chore: Bump Express.js to v5 (#10671)

2025-12-11 16:36:15 -05:00

files

🔀 refactor: Endpoint Check for File Uploads in Images Route (#11352)

2026-01-14 14:07:58 -05:00

types

…

accessPermissions.js

🪪 fix: Misleading MCP Server Lookup Method Name (#11315)

2026-01-12 21:04:25 -05:00

accessPermissions.test.js

🪪 fix: Misleading MCP Server Lookup Method Name (#11315)

2026-01-12 21:04:25 -05:00

actions.js

♻️ fix: use DOMAIN_CLIENT for MCP OAuth Redirects (#11057)

2025-12-25 12:24:01 -05:00

auth.js

…

balance.js

…

banner.js

…

categories.js

…

config.js

🧩 refactor: Decouple MCP Config from Startup Config (#10689)

2025-12-11 16:36:34 -05:00

convos.js

🔧 fix: Sorting and Pagination logic for Conversations (#11242)

2026-01-07 09:44:45 -05:00

endpoints.js

…

index.js

🪦 refactor: Remove Legacy Code (#10533)

2025-12-11 16:36:12 -05:00

keys.js

🧵 refactor: Migrate Endpoint Initialization to TypeScript (#10794)

2025-12-11 16:37:16 -05:00

mcp.js

♻️ fix: use DOMAIN_CLIENT for MCP OAuth Redirects (#11057)

2025-12-25 12:24:01 -05:00

memories.js

…

messages.js

🔧 fix: Sorting and Pagination logic for Conversations (#11242)

2026-01-07 09:44:45 -05:00

models.js

…

oauth.js

🍪 refactor: Move OpenID Tokens from Cookies to Server-Side Sessions (#11236)

2026-01-06 15:22:10 -05:00

presets.js

🧹 chore: Cleanup Logger and Utility Imports (#9935)

2025-10-01 23:30:47 -04:00

prompts.js

🔧 refactor: Permission handling for Resource Sharing (#11283)

2026-01-10 14:02:56 -05:00

prompts.test.js

🔧 refactor: Permission handling for Resource Sharing (#11283)

2026-01-10 14:02:56 -05:00

roles.js

🏗️ feat: Dynamic MCP Server Infrastructure with Access Control (#10787)

2025-12-11 16:38:37 -05:00

search.js

🧹 chore: Cleanup Logger and Utility Imports (#9935)

2025-10-01 23:30:47 -04:00

settings.js

📌 feat: Pin Agents and Models in the Sidebar (#10634)

2025-12-11 16:38:20 -05:00

share.js

🔗 fix: Add branch-specific shared links (targetMessageId) (#10016)

2025-10-10 08:42:05 -04:00

static.js

🧹 chore: Cleanup Logger and Utility Imports (#9935)

2025-10-01 23:30:47 -04:00

tags.js

…

user.js

📌 feat: Pin Agents and Models in the Sidebar (#10634)

2025-12-11 16:38:20 -05:00