-
Notifications
You must be signed in to change notification settings - Fork 3.7k
Comparing changes
Open a pull request
base repository: simstudioai/sim
base: v0.7.22
head repository: simstudioai/sim
compare: v0.7.23
- 17 commits
- 113 files changed
- 2 contributors
Commits on Jul 4, 2026
-
fix(compare): swap LangChain logo, fix comparison-table horizontal sc…
…roll (#5409) * fix(compare): swap LangChain logo, fix comparison-table horizontal scroll Replace LangChainIcon's path with the official brand mark (light-blue link icon) instead of the prior monochrome recreation. The comparison table's grid cells were missing min-w-0, so a grid item without it sizes to its content's max-content width instead of respecting its column's fr track, pushing the whole table wider than its container and forcing a horizontal scrollbar. Add min-w-0 to every grid cell/header, and size the row-label column to minmax(140px, max-content) instead of a guessed fr ratio, so it's exactly as wide as its longest label ("Vetted first-party integrations") needs and no wider, leaving the Sim/competitor value columns their full share. * fix(compare): stacked mobile layout for the comparison table Below sm (640px) a 3-column table has no room to be legible even with the sticky label column, so switch to the standard responsive-table pattern instead: each fact stacks as label -> Sim's value -> the competitor's value, each value tagged with its product name since the column headers are no longer directly above. Pure CSS (max-sm:/sm: variants), no JS, keeping this a zero-hydration server component. * fix(compare): fix SourceLink inline-anchor overflow, align table breakpoint Root cause of the persistent table-overflow/mobile-scroll issues: SourceLink renders a plain <a> with no explicit display, so it defaults to 'display: inline'. min-width and truncate are no-ops on inline elements, so any fact with a source (nearly all of them) ignored its flex/grid parent's width constraint and could force the whole row (and thus the whole table) wider than intended, regardless of any container-level min-w-0/max-content fix. Give the anchor 'block min-w-0' so width constraints and truncation actually cascade down to the wrapped value. Also aligns the table's mobile-stack breakpoint from an ad hoc sm (640px) to lg (1024px), matching this route group's own tablet-and-below convention (.claude/rules for the (landing) group), and fixes the stacked mobile cells to override the cell's base items-center with items-stretch so the name tag and value get a real full-width box to truncate within instead of shrinking to their own content size with no boundary. * fix(compare): add min-w-0 to ColumnHeader per Greptile review ColumnHeader (the Sim/competitor logo header cells in the two fr columns) still had default min-width: auto, so an unusually long competitor name could size the header to its min-content width and push the grid wider than its column allows, same root cause as the rows already fixed.
Configuration menu - View commit details
-
Copy full SHA for 0249516 - Browse repository at this point
Copy the full SHA 0249516View commit details -
fix(mothership): stop chat perf decay from permanently-animated strea…
…med messages (#5411) * fix(mothership): stop chat perf decay from permanently-animated streamed messages * fix(mothership): reset animation latches when a reused ChatContent gets replaced content * fix(mothership): keep streaming parser on settled messages to kill the drain-swap flash * fix(mothership): unify plain/special render branches to stop whole-message re-fade when options arrive * improvement(mothership): hold render-phase animation latches in useState per updated hook rules * fix(styling): translucent text-selection in form controls so field text stays readable * improvement(styling): one lighter translucent text-selection color everywhere, no forced text color * chore(styling): selection-muted tokens as 8-digit hex to match color token convention
Configuration menu - View commit details
-
Copy full SHA for 818fa00 - Browse repository at this point
Copy the full SHA 818fa00View commit details -
feat(custom-block): deploy a workflow as a reusable org-scoped block (#…
…5407) * feat(custom-block): deploy a workflow as a reusable org-scoped block * fix(custom-block): reseed deploy form, guard duplicate publish, run child deployed * test(custom-block): isolate custom-block rows fetch in execution-core test * fix(custom-block): allow cross-workspace exec, org-scope authority, keep field ids, hide disabled * feat(custom-block): run child under source owner's identity, workspace, and env * fix(custom-block): bind publish authz to the source workflow's workspace * fix(custom-block): gate edit/delete on source-workspace admin, not org admin * chore(custom-block): rebaseline route count to 887 after staging merge * fix(custom-block): sanitize failure output so it can't leak source workflow internals * fix(custom-block): derive inputs and curated outputs from deployed state, not draft * fix(custom-block): hide disabled blocks from the toolbar palette too * fix(custom-block): bill nested + failed-run hosted cost; expose real inputs to the agent * fix(custom-block): enforce enterprise + flag gate at every consumption path
Configuration menu - View commit details
-
Copy full SHA for 82eff54 - Browse repository at this point
Copy the full SHA 82eff54View commit details -
Configuration menu - View commit details
-
Copy full SHA for acf4afb - Browse repository at this point
Copy the full SHA acf4afbView commit details -
fix(copilot): validate credential-link URL scheme before rendering (#…
…5416) * fix(copilot): validate credential-link URL scheme before rendering Only render the credential connect link as a clickable anchor when its value resolves to an http(s) URL, reusing the isSafeHttpUrl helper already used for chat file links. * refactor(copilot): move isSafeHttpUrl to shared lib/core/utils/urls Per Greptile's convention feedback: isSafeHttpUrl was consumed by both chat and workspace/home but defined inside a feature-specific 'use client' component. Move it alongside getBrowserOrigin (which it already depends on) in lib/core/utils/urls.ts, matching this repo's shared-utility rule.
Configuration menu - View commit details
-
Copy full SHA for 04432b6 - Browse repository at this point
Copy the full SHA 04432b6View commit details -
fix(tools): bound download response size for drive/slack/onedrive (#5414
) Google Drive, Slack, and OneDrive download routes fetched provider file content without a response size cap, unlike the SharePoint download route. Add maxResponseBytes to each content fetch, reject Google Drive files whose metadata size already exceeds the cap before starting the download, and map the resulting size-limit error to a clean 413 response.
Configuration menu - View commit details
-
Copy full SHA for b98c7c4 - Browse repository at this point
Copy the full SHA b98c7c4View commit details -
fix(uploads): bound multipart body read in workspace-file and knowled…
…ge-document upload routes (#5413) * fix(uploads): bound multipart body read in workspace-file and knowledge-document upload routes * fix(uploads): avoid FormData-body stream race in bounded-read tests * fix(uploads): share MAX_MULTIPART_OVERHEAD_BYTES constant across upload routes
Configuration menu - View commit details
-
Copy full SHA for 1a371e5 - Browse repository at this point
Copy the full SHA 1a371e5View commit details -
fix(stt): bound audio download response size (#5412)
* fix(stt): bound audio download response size Cap the audioUrl download in the STT proxy route at the platform's standard 100MB file-size ceiling, matching the pattern already used by sharepoint/download-file and other external download routes. Classify size-limit rejections as a clean 413 instead of an unhandled 500. * fix(stt): avoid double isPayloadSizeLimitError call in error handling
Configuration menu - View commit details
-
Copy full SHA for a1fbb57 - Browse repository at this point
Copy the full SHA a1fbb57View commit details -
fix(webhooks): validate and pin EmailBison apiBaseUrl before outbound…
… requests (#5415) * fix(webhooks): validate and pin EmailBison apiBaseUrl before outbound requests Route Email Bison webhook create/delete requests through the shared DNS-validated, IP-pinned fetch used by the Teams and Slack webhook providers instead of a raw fetch to the user-configured instance URL. * fix(webhooks): restore NEXT_PUBLIC_APP_URL in emailbison tests, dedupe strict-delete warning log Test env var mutation was never restored, risking cross-file leakage in single-threaded vitest runs. Strict-mode deleteSubscription failures were logged twice (once at the throw site with context, once generically by the outer catch); the outer catch now skips its own log for errors already logged at the throw site.
Configuration menu - View commit details
-
Copy full SHA for 41fb863 - Browse repository at this point
Copy the full SHA 41fb863View commit details -
refactor(uploads): hoist execution permission check out of upload loo…
Configuration menu - View commit details
-
Copy full SHA for 0d6994d - Browse repository at this point
Copy the full SHA 0d6994dView commit details -
fix(mcp): make SSRF-guarded fetch structurally mandatory in OAuth aut…
…h() calls (#5419) PR #5399 fixed the callback route forgetting to pass fetchFn into the SDK's auth(), but every call site (start + callback routes) still imported the raw SDK auth() directly and had to remember to pass fetchFn: createSsrfGuardedMcpFetch() by hand — the same omission was possible again at any future call site. Add mcpAuthGuarded() in lib/mcp/oauth/auth.ts, a thin wrapper around the SDK's auth() that always defaults fetchFn to the SSRF-guarded fetch (still overridable for tests). Both routes now import mcpAuthGuarded from @/lib/mcp/oauth instead of the raw SDK auth, so omitting the guard is no longer possible by omission.
Configuration menu - View commit details
-
Copy full SHA for 4b13398 - Browse repository at this point
Copy the full SHA 4b13398View commit details -
improvement(chat): smooth streaming — eased stick-to-bottom glide and…
… time-based reveal pacing (#5417) * improvement(chat): eased stick-to-bottom glide for streaming chat * improvement(chat): time-based word-at-a-time reveal pacing * improvement(chat): harden smooth-chase against reentrant kick/cancel during a step
Configuration menu - View commit details
-
Copy full SHA for f456ed9 - Browse repository at this point
Copy the full SHA f456ed9View commit details -
fix(mcp): correct fetchFn fallback order in mcpAuthGuarded (#5423)
Spread order previously let an explicit fetchFn (including fetchFn: undefined) in options silently disable the SSRF-guarded default. Fallback is now applied after the spread so the guard always wins unless a real override is passed. fix(tools): handle non-numeric Drive file size in early size check Guard the pre-download size check against a malformed metadata.size string so it's skipped explicitly instead of relying on an incidental NaN no-op; the streaming cap on the actual download still enforces the limit either way.
Configuration menu - View commit details
-
Copy full SHA for 3edaae3 - Browse repository at this point
Copy the full SHA 3edaae3View commit details -
improvement(compare): accuracy and consistency pass on comparison pag…
…es (#5422) * improvement(compare): accuracy and consistency pass on comparison pages Cross-checked facts across all comparison pages against live sources, corrected a few internal inconsistencies, and added one new fact category. No schema or rendering changes beyond a single new row. * fix(compare): align a parity check and a stale source citation * improvement(compare): cross-reference Sim's permission-groups system from rbac * improvement(compare): sharper bottom-line reasoning, minor emphasis fixes Reworded a few competitor headline claims to reflect genuine product positioning rather than a narrow feature, and gave a couple of Sim's own already-documented capabilities (model reach, integration count, live collaboration) more prominent placement. * improvement(compare): verify every cited source is live, fix a few dead links * fix(compare): correct mcpSupport boolean-icon misparse in power-automate.ts
Configuration menu - View commit details
-
Copy full SHA for ee1824c - Browse repository at this point
Copy the full SHA ee1824cView commit details
Commits on Jul 5, 2026
-
fix(404): use ChipLink for return-home CTA on root not-found page (#5424
Configuration menu - View commit details
-
Copy full SHA for 82eb6dc - Browse repository at this point
Copy the full SHA 82eb6dcView commit details -
fix(compare): render two already-populated fact rows that were missin…
…g from the table (#5425) dataTables and richTextEditor are required fact fields, already researched and filled in for Sim and every competitor, but neither was ever added to the row list the table actually renders.
Configuration menu - View commit details
-
Copy full SHA for 85f80fa - Browse repository at this point
Copy the full SHA 85f80faView commit details -
v0.7.23: mobile comparison table, security hardening, subflow & strea…
…ming improvements
Configuration menu - View commit details
-
Copy full SHA for 616a71d - Browse repository at this point
Copy the full SHA 616a71dView commit details
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v0.7.22...v0.7.23