v0.7.36: mothership secrets resolution, SEO, service accounts for various providers, library updates, platform and solutions pages#5686
Conversation
waleedlatif1
commented
Jul 15, 2026
- improvement(chat): show resource-type icons on inline workspace resource links (improvement(chat): show resource-type icons on inline workspace resource links #5669)
- feat(billing): allow programmatic workflow execution on the free plan (feat(billing): allow programmatic workflow execution on the free plan #5678)
- fix(tools): resolve {{ENV_VAR}} references in user-only params for copilot tool executions (fix(tools): resolve {{ENV_VAR}} references in user-only params for copilot tool executions #5679)
- feat(landing): extend enterprise product-preview design to solutions and workflows pages (feat(landing): extend enterprise product-preview design to solutions and workflows pages #5672)
- improvement(landing): fix SEO redirects/schema, add FAQ content (improvement(landing): fix SEO redirects/schema, add FAQ content #5681)
- feat(credentials): token-paste service accounts for 12 providers (feat(credentials): token-paste service accounts for 12 providers #5682)
- feat(library): add Apache 2.0 vs fair-code licensing article (feat(library): add Apache 2.0 vs fair-code licensing article #5683)
- fix(library): correct unlimited-execution wording to acknowledge tunable admission defaults (fix(library): correct unlimited-execution wording in Apache 2.0 article #5685)
- feat(landing): compare footer column, sales solutions page, nav reshuffle, scheduled-tasks calendar hero (feat(landing): compare footer column, sales solutions page, nav reshuffle, scheduled-tasks calendar hero #5684)
…rce links (#5669) * improvement(chat): show resource-type icons on inline workspace resource links * fix(chat): derive wsres click title from markdown label, not DOM textContent * fix(chat): keep dashed-underline affordance for unmapped wsres link types * fix(chat): parse wsres links once, derive file icons from the VFS path
…#5678) * feat(billing): allow programmatic workflow execution on the free plan Remove the free-plan paywall on programmatic execution (API-key/public execute, MCP serve, generic webhooks, cross-origin chat embeds) added in #5036. The gate shipped dark behind FREE_API_DEPLOYMENT_GATE_ENABLED to curb bot abuse; with that abuse handled upstream, free workspaces can use the API again (still subject to the free-tier rate limits). - Delete isWorkspaceApiExecutionEntitled / api-access.ts and the FREE_API_DEPLOYMENT_GATE_ENABLED env flag - Ungate the execute, mcp/serve, and webhooks/trigger routes and the chat embed check (assertChatEmbedAllowed removed) - Remove the deploy-modal upgrade wall (DeployUpgradeGate) and the now unused useWorkspaceOwnerBilling client hook; the owner-billing endpoint stays as reusable billing infrastructure - Restore pre-gate upgrade-page copy (Pro feature line, free API endpoint rate-limit column) * chore(billing): drop orphaned owner-billing endpoint and dead chat logger Self-review follow-ups: the /api/workspaces/[id]/owner-billing route + contract existed solely for the deploy-modal gate's client hook (deleted here); host-context serves the same ownerBilling data server-side, so the standalone endpoint is dead HTTP surface. workspaceOwnerBillingSchema and the WorkspaceOwnerBilling type stay (embedded in workspaceHostContextSchema). Also removes the now-unused ChatAuthUtils logger. * style: biome formatting after gate removal
…pilot tool executions (#5679) * fix(tools): resolve {{ENV_VAR}} references in user-only params for copilot tool executions Chat-invoked integration tools with API-key auth have been broken since the mothership tool-dispatch rewrite (#4090) removed the orchestrator's env reference resolution. Agents pass {{VAR}} references (the VFS exposes env var names only), and the literal placeholder was sent to the provider, producing auth failures like Sentry's 401 Invalid token. Resolution is deliberately narrower than the removed deep resolver: only whole-value references on params declared visibility user-only, gated to copilot executions, resolving against the same personal+workspace env merge workflow runs use. LLM-writable params (urls, headers, bodies) never resolve, so references cannot be used to extract secrets. Missing variables fail fast with an actionable error instead of a provider-side 401. * refactor(tools): delegate copilot env reference resolution to the shared executor resolver Replaces the hand-rolled exact-match regex with resolveEnvVarReferences (allowEmbedded: false), the same resolver used by workflow runs, MCP config, and webhooks — one set of reference semantics instead of two that can drift. Behavior is identical; all existing tests pass unchanged. * fix(tools): fail fast on env references without user context, clarify personal-only scope errors Addresses review: a copilot execution missing userId now errors explicitly instead of forwarding the literal placeholder upstream, and a missing-variable error without a workspace context explains that only personal variables are in scope there (matching workflow-run resolution semantics).
…and workflows pages (#5672) * feat(landing): extend enterprise product-preview design to solutions and workflows pages Parametrize enterprise feature graphics with content props and retell each solutions page's feature blocs for its domain (engineering, it, compliance, finance, hr) plus the workflows platform page. Add five new graphics in the same visual vocabulary, animated platform-UI heroes with domain-specific loops on all six pages, hero category tags, container-query proportional tile scaling with wide/2x2 layout options, and a shared pre-footer CTA band. Enterprise page renders identically. Co-authored-by: Cursor <cursoragent@cursor.com> * feat(landing): surface Platform and Solutions menus in top nav Renders PLATFORM_MENU and SOLUTIONS_MENU alongside Resources (Platform, Solutions, Resources trigger order), drops the internal-only Mothership item, centers the five-item Platform panel's two-tile last row, and lets the mobile sheet scroll now that all three sections outgrow a phone viewport. Co-authored-by: Cursor <cursoragent@cursor.com> * feat(landing): add scheduled tasks page and nav item Adds the /scheduled-tasks landing page (SolutionsPage consumer with a chat-free schedule-trigger editor hero and enterprise feature tiles retold for recurring runs) and a sixth Scheduled Tasks item in the Platform menu, restoring the clean 3x2 grid. Co-authored-by: Cursor <cursoragent@cursor.com> * feat(landing): add knowledge, tables, files, and logs platform pages Completes the Platform nav dropdown — its knowledge, tables, files, and logs items previously 404'd. Each page is a SolutionsPage consumer with a product-UI hero loop, enterprise-style feature tiles, CTA band, and SEO metadata. Removes the dead platform-page component family (workflows was its last consumer) and adds the new routes to the sitemap. Co-authored-by: Cursor <cursoragent@cursor.com> * refactor(landing): consolidate hero-loop engine and code-window graphics, drop dead variant surface - Extract shared useDesignScale + useMotionSafeCycle hooks and a HeroLoopShell so all seven hero loops share one scale/reduced-motion clock engine - Merge workflows-editor-loop and scheduled-tasks-hero-loop into one parameterized shared EditorLoop (content-injection, same pattern as EnterpriseLoopContent) - Consolidate the four identical code-window feature graphics into one shared CodeWindowGraphic + single CSS module; pages keep thin data wrappers - Remove the unreachable 'split'/'standard'/align variant surface from SolutionsPage/SolutionsCardRow/SolutionsCard and trim unused barrel re-exports - Enterprise hero now consumes the shared PlatformHeroVisual instead of an inline byte-identical copy - Add /scheduled-tasks to the sitemap - a11y: closed mobile-nav sheet is now invisible (out of tab order) with aria-controls wiring; decorative tables-hero checkboxes are no longer keyboard-focusable - memo() the static EnterpriseSidebar; hoist per-render header arrays; remove comments that restated component TSDoc * fix(landing): highlight Scheduled tasks in the scheduled-tasks hero sidebar Thread activeNav through the shared EditorLoop content so the scheduled-tasks hero highlights its own module row, matching the other platform heroes. * chore(landing): drop spacing constants orphaned by the variant removal Remove the now-unconsumed cardRowHeaderStack/cardRowHeaderCtaGap/ cardTextToVisual/rowSubtitle constants, fix a stale cardVariant TSDoc reference, and restore import order in the workflows editor-loop wrapper. * chore(landing): single-source RESET_FADE_MS and drop the unused card frame size RESET_FADE_MS now lives only in the shared loop-engine hook module; the enterprise stage-data copy is removed. SolutionsVisualFrame loses its size prop and cardHeight constant - only the 16:9 hero preset remained in use after the split-variant removal. * fix(landing): make the knowledge-answer question bubble visible on light tiles The frameless vignette sits directly on the tile's --surface-3 fill, so the build tile's --surface-3 bubble treatment vanished. The question chip now uses the graphic family's white card chrome (--white fill, --border-1 hairline), matching its own source card. Also restores biome's import order in the workflows editor-loop wrapper (fixes the failing lint:check CI step). * chore(landing): share one ZipIcon across the files preview and files hero Extract the duplicated zip-archive SVG into components/shared/zip-icon and consume it from both the homepage files preview and the files hero loop. --------- Co-authored-by: andresdjasso <andresdjasso@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Waleed Latif <walif6@gmail.com>
* fix(docs): remove Ask AI widget * improvement(landing): add visible FAQ schema, fix SEO redirects and Organization schema - Move existing plain-markdown FAQ sections in 8 library posts + emcn blog into the faq frontmatter array so they emit FAQPage JSON-LD (previously visible text with zero structured data) - Add new, fact-checked FAQ content to the 8 posts with none: openai-vs-n8n-vs-sim, v0-5, enterprise, copilot, executor, multiplayer, mothership, series-a - Add sales ContactPoint to the site-wide Organization schema - Add 301 redirects for legitimate crawler/dead-link 404s (/$, /&, /Sim, /homepage, /logo, /en-US) surfaced by an external SEO audit; left out bot-noise paths, already-fixed OG image 404s (#5636), and *.sim.ai customer chat subdomains that need manual DB verification, not a blanket redirect * revert(docs): restore Ask AI widget Ask AI removal is a separate change, out of scope for this PR — restoring the component, chat panel, api/chat route, and its deps to their pre-existing state. * fix(content): correct stale/mislabeled competitor facts surfaced in FAQ audit - n8n's license is "fair-code" (n8n's own coined term), not "fair-use" — a different legal concept entirely; fixed 4 occurrences - Activepieces' integration count is 750+ per their live catalog, not the 280+ figure carried over from an older snapshot; fixed 4 occurrences across best-zapier-alternatives and n8n-alternatives
* feat(credentials): token-paste service accounts for 12 providers (HubSpot, Airtable, Notion, Asana, Attio, Linear, monday, Shopify, Webflow, Trello, Cal.com, Wealthbox)
* refactor(credentials): registry-dispatch service accounts + doc-verified validator hardening
- Migrate Google/Atlassian/Slack service-account branches to the same
registry pattern as token-paste providers (builder + resolver maps,
unified required-fields contract validation)
- Fix Shopify service-account store domain never reaching tool URL builders
- Linear: rate-limit 400s no longer mislabeled as invalid credentials;
validation header matches runtime header rule
- Trello: server API key rejection no longer blamed on customer token
- Fleet-wide: network errors and non-JSON provider bodies map to
provider_unavailable via shared fetchProvider/parseProviderJson
- HubSpot: drop regional-host displayName upgrade; Wealthbox: explicit 402;
monday: provider-side GraphQL errors mapped correctly; Attio: null-body guard
* polish(credentials): ship-gate fixes, setup-guide docs, and lint pass for token service accounts
- 12 setup-guide docs pages (docs.sim.ai/integrations/<provider>-service-account)
incl. the Trello authorize-link flow the integration depends on
- Attio: HTTP 400 on /v2/self maps to invalid_credentials (live-verified)
- monday: scan all GraphQL errors for provider-side codes; no empty audit ids
- Compile-time descriptor/validator lockstep (typed registry) and
prototype-safe provider-id guard (Object.hasOwn)
- Shared errors.test.ts pinning fetchProvider/parseProviderJson/
throwForProviderResponse guarantees for all validators
- Stale TSDoc updated after the registry migration; biome organizeImports pass
* docs(credentials): vendor-doc accuracy pass on service-account setup guides
34 corrections from a 12-agent audit against live official vendor docs:
current HubSpot Development-area nav, Notion connections rename, monday
Developer Center paths, Shopify legacy-vs-Dev-Dashboard token flows, and
hedged wording for claims vendors do not document (expiry, limits)
* improvement(credentials): vendor-accurate credential nouns on connect surfaces
'Add service account' only where the vendor actually has service accounts
(Google, Atlassian); token-paste providers now use their own vocabulary via a
connectNoun descriptor field — 'Add private app token' (HubSpot), 'Add API key'
(Attio/Linear/Cal.com), 'Add personal access token' (Airtable), etc. Docs page
titles updated to match; slugs and internal provider ids unchanged
* fix(credentials): classify auth-shaped Shopify GraphQL errors as invalid credentials
Shopify can reject invalid or revoked shpat_ tokens with HTTP 200 and a
GraphQL error body instead of a 401; those now map to invalid_credentials
instead of a provider-outage message
* fix(credentials): empirically-grounded HubSpot token verification
Live probing showed the documented access-token-info route returns a bare
404 for unrecognized tokens (ambiguous with a missing route), so 404/400
now falls back to the Account Information API, which answers with a JSON
401 for rejected tokens and 200/403 for live ones — verified against the
real endpoints
* fix(credentials): review-round-2 fixes for service-account edge cases
- Shopify tools prefer the credential-validated store domain over the
block's auto-detected shopDomain (a store-bound token must hit its own store)
- Unknown non-empty service-account providerIds are rejected instead of
silently persisting as google-service-account (empty stays the legacy
Google fallback)
- Shopify/modal domain normalization strips URL paths ('https://x.myshopify.com/admin')
- monday: warning-class GraphQL errors no longer reject a token whose me
data proves it authenticated
* chore(credentials): format shopify validator test
* fix(credentials): cold-review hardening pass
- Object.hasOwn guards on all provider-id registry lookups (crafted
'__proto__'/'constructor' providerIds now 400 instead of 500) + regression test
- fetchProvider gets a 10s AbortSignal.timeout so a hung provider can't pin
the create/reconnect request
- HubSpot: unexpected 403 on the token-info route defers to the account-info
fallback instead of blaming the token
- Linear selector routes use the SDK apiKey option for lin_api_ keys (bare
header parity with the tools sweep)
- Docs: UI steps aligned to the vendor-noun connect labels; HubSpot
scope-propagation claims softened; Trello in-product-link promise corrected
…ble admission defaults (#5685)
…ffle, scheduled-tasks calendar hero (#5684)
|
Too many files changed for review. ( Bypass the limit by tagging |
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
PR SummaryLow Risk Overview Landing marketing consolidates platform routes onto Enterprise / hero loops accept injectable sidebar and chat content, share scaling/cycle hooks ( SEO: site JSON-LD gains a sales Reviewed by Cursor Bugbot for commit 64280c9. Configure here. |