-
Notifications
You must be signed in to change notification settings - Fork 3.7k
Comparing changes
Open a pull request
base repository: simstudioai/sim
base: main
head repository: simstudioai/sim
compare: worktree-google-vault-audit
- 10 commits
- 54 files changed
- 1 contributor
Commits on Jul 7, 2026
-
fix(google-vault): validate integration against live API docs, add ma…
…tter/hold/saved-query CRUD coverage - Fix critical bug: create_matters_export sent the deprecated Query.searchMethod field (deprecated 2019, support ended 2020) instead of method, silently breaking account/org-unit scoped exports - Fix duplicate matterId subBlock id (two definitions collided across operations) - Add matter lifecycle: update, close, reopen, delete, undelete - Add matter collaborator management: add/remove permissions - Add export delete - Add hold update, delete, add/remove held accounts - Add saved query create/list/delete - Bump tool versions to 1.0.0 to match repo convention - Fix docsLink to point at docs.sim.ai instead of the vendor site - All new endpoints are covered by the existing ediscovery + devstorage.read_only OAuth scopes (no new scopes requested)
Configuration menu - View commit details
-
Copy full SHA for db366e1 - Browse repository at this point
Copy the full SHA db366e1View commit details -
fix(google-vault): pageToken should be user-or-llm visibility, not hi…
…dden Greptile review: hidden is reserved for framework-injected tokens; pageToken in list_saved_queries.ts should be user-or-llm so an agent/user can pass it, matching the pattern used elsewhere for tool-supplied pagination cursors.
Configuration menu - View commit details
-
Copy full SHA for 68508ee - Browse repository at this point
Copy the full SHA 68508eeView commit details -
fix(google-vault): fail loudly instead of silently clearing hold scop…
…e on update Cursor Bugbot: PUT holds/{id} replaces the full resource — a name/query-only update with no accountEmails/orgUnitId would silently drop the hold's custodian coverage. Now throws a clear error directing callers to resend the scope or use add_held_accounts/remove_held_accounts for incremental changes.Configuration menu - View commit details
-
Copy full SHA for f391e86 - Browse repository at this point
Copy the full SHA f391e86View commit details -
fix(google-vault): reject unscoped exports/saved-queries for non-MAIL…
… corpus Independent audit (parallel doc-verification pass): create_matters_export and create_saved_query resolved Query.method to undefined when corpus wasn't MAIL and no accountEmails/orgUnitId was given, silently sending an invalid request (method is a required Query field) instead of a clear error. Now throws with an actionable message before the request is sent.
Configuration menu - View commit details
-
Copy full SHA for ef15c0c - Browse repository at this point
Copy the full SHA ef15c0cView commit details -
fix(google-vault): document full-replace semantics on hold update que…
…ry filters Cursor Bugbot: update_matters_holds only sets query.mailQuery/groupsQuery/ driveQuery when terms/date/shared-drive fields are provided, but the PUT replaces the whole hold — omitting a previously-set filter clears it, not leaves it unchanged. Filters are legitimately optional (a hold may have none), so this can't be hard-required like scope; instead the tool and field descriptions now explicitly state the full-replace behavior and direct callers to resupply current values via Vault List Holds first.
Configuration menu - View commit details
-
Copy full SHA for 89021f5 - Browse repository at this point
Copy the full SHA 89021f5View commit details -
fix(google-vault): isolate stale-value-prone subblocks per operation
Cursor Bugbot: consolidating shared subblocks across operations left two cross-contamination risks since a stale value from one operation stays in block state until overwritten: - accountEmails/orgUnitId are checked emails-first with silent either/or priority; sharing them across update_matters_holds and create_saved_query meant a leftover value from a different operation could silently override the intended scope. Gave both operations dedicated fields (updateHoldAccountEmails/updateHoldOrgUnitId, savedQueryAccountEmails/ savedQueryOrgUnitId), remapped in tools.config.params. - matterId presence alone switches google_vault_list_matters between list-all and single-get. Sharing it with every other operation meant a leftover matterId could silently turn "List Matters" into a single-matter fetch. Gave list_matters its own optional listMatterId field. create_matters_holds/create_matters_export keep sharing accountEmails/ orgUnitId as before this PR (pre-existing behavior, not introduced here).
Configuration menu - View commit details
-
Copy full SHA for aefd69d - Browse repository at this point
Copy the full SHA aefd69dView commit details -
fix(google-vault): isolate list-optional-id fields from required-else…
…where counterparts Cursor Bugbot: exportId/holdId/savedQueryId were shared between their respective list operation (optional filter) and update/delete/held-account operations (required). A stale ID left over from a delete/update on the same block instance would silently narrow the corresponding list operation to a single-resource get instead of listing the collection. Gave each list operation its own dedicated optional field (listExportId, listHoldId, listSavedQueryId), remapped in tools.config.params — same pattern already used for listMatterId.
Configuration menu - View commit details
-
Copy full SHA for efdfc68 - Browse repository at this point
Copy the full SHA efdfc68View commit details -
fix(google-vault): defensively order mutually-exclusive scope spreads
Greptile: savedQueryAccountEmails/savedQueryOrgUnitId spread after their updateHold* counterparts, so if both were ever truthy at once the wrong one would silently win. In practice they're mutually exclusive (each only populated while its own single 'operation' value is selected, so at most one pair is ever truthy), but reordering costs nothing and removes any doubt about precedence.
Configuration menu - View commit details
-
Copy full SHA for afbd071 - Browse repository at this point
Copy the full SHA afbd071View commit details -
docs: regenerate integration docs
Reruns scripts/generate-docs.ts against the current block/tool/trigger registry. Picks up google_vault's new operations plus everything else that had landed on staging without a docs regen (bigquery, google_calendar, google_maps, onedrive, microsoft_teams, gitlab, github, discord, dropbox, and others), plus icon and integrations.json updates.
Configuration menu - View commit details
-
Copy full SHA for 0a96355 - Browse repository at this point
Copy the full SHA 0a96355View commit details -
fix(google-vault): add success flag to delete_matters output for cons…
…istency Greptile: delete_matters was the only delete/remove tool outputting { matter } without a success flag, unlike its siblings (delete_matters_export, delete_matters_holds, delete_saved_query, remove_matters_permissions), which all output { success: true }. Matter is kept since the API may return the matter's post-delete state, but success is now included too for a consistent signal regardless of whether the API returns a body.Configuration menu - View commit details
-
Copy full SHA for e61e498 - Browse repository at this point
Copy the full SHA e61e498View commit details
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff main...worktree-google-vault-audit