fix: prevent cache sharing across different user API keys in Fireworks models endpoint

Replace next.revalidate with cache: 'no-store' to prevent Next.js data cache from serving one user's API key response to another user. The data cache keys by URL only, not headers, so different BYOK keys would incorrectly share cached responses.

Author: cursoragent

apps/sim/app/api/providers/fireworks/models/route.ts

@@ -53,7 +53,7 @@ export async function GET(request: NextRequest) {
         Authorization: `Bearer ${apiKey}`,
         'Content-Type': 'application/json',
       },
-      next: { revalidate: 300 },
+      cache: 'no-store',
     })
 
     if (!response.ok) {