* feat(confluence): add get user by account ID tool
* feat(confluence): add missing tools for tasks, blog posts, spaces, descendants, permissions, and properties
Add 16 new Confluence operations: list/get/update tasks, update/delete blog posts,
create/update/delete spaces, get page descendants, list space permissions,
list/create/delete space properties. Includes API routes, tool definitions,
block config wiring, OAuth scopes, and generated docs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(confluence): add missing OAuth scopes to auth.ts provider config
The OAuth authorization flow uses scopes from auth.ts, not oauth.ts.
The 9 new scopes were only added to oauth.ts and the block config but
not to the actual provider config in auth.ts, causing re-auth to still
return tokens without the new scopes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* lint
* fix(confluence): fix truncated get_user tool description in docs
Remove apostrophe from description that caused MDX generation to
truncate at the escape character.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(confluence): address PR review feedback
- Move get_user from GET to POST to avoid exposing access token in URL
- Add 400 validation for missing params in space-properties create/delete
- Add null check for blog post version before update to prevent TypeError
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(confluence): add missing response fields for descendants and tasks
- Add type and depth fields to page descendants (from Confluence API)
- Add body field (storage format) to task list/get/update responses
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* lint
* fix(confluence): use validatePathSegment for Atlassian account IDs
validateAlphanumericId rejects valid Atlassian account IDs that contain
colons (e.g. 557058:6b9c9931-4693-49c1-8b3a-931f1af98134). Use
validatePathSegment with a custom pattern allowing colons instead.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* ran lint
* update mock
* upgrade turborepo
* fix(confluence): reject empty update body for space PUT
Return 400 when neither name nor description is provided for space
update, instead of sending an empty body to the Confluence API.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(confluence): remove spaceId requirement for create_space and fix list_tasks pagination
- Remove create_space from spaceId condition array since creating a space
doesn't require a space ID input
- Remove list_tasks from generic supportsCursor array so it uses its
dedicated handler that correctly passes assignedTo and status filters
during pagination
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* ran lint
* fixed type errors
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix(api): add configurable request retries
The API block docs described automatic retries, but the block didn't expose any retry controls and requests were executed only once.
This adds tool-level retry support with exponential backoff (including Retry-After support) for timeouts, 429s, and 5xx responses, exposes retry settings in the API block and http_request tool, and updates the docs to match.
Fixes#3225
* remove unnecessary helpers, cleanup
* update desc
* ack comments
* ack comment
* ack
* handle timeouts
---------
Co-authored-by: Jay Prajapati <79649559+jayy-77@users.noreply.github.com>
* fix(attio): use code subblock type for JSON input fields
* fix(attio): correct people name attribute format in wand prompt example
* fix(attio): improve wand prompt with correct attribute formats for all field types
* fix(attio): use array format with full_name for personal-name attribute in wand prompt
* fix(attio): use loose null checks to prevent sending null params to API
* fix(attio): add offset param and make pagination fields advanced mode
* fix(attio): remove redundant (optional) from placeholders
* fix(attio): always send required workspace_access and workspace_member_access in create list
* fix(attio): always send api_slug in create list, auto-generate from name if not provided
* fix(attio): update api slug placeholder text
* fix(tools): manage lifecycle for attio tools
* updated docs
* fix(attio): remove incorrect save button reference from setup instructions
* fix(attio): log debug message when signature verification is skipped
* feat(attio): add Attio CRM integration with 40 tools and 18 webhook triggers
* update docs
* fix(attio): use timestamp generationType for date wandConfig fields
Add DISABLE_PUBLIC_API / NEXT_PUBLIC_DISABLE_PUBLIC_API environment variables
and disablePublicApi permission group config option to allow self-hosted
deployments and enterprise admins to globally disable the public API toggle.
When disabled: the Access toggle is hidden in the Edit API Info modal,
the execute route blocks unauthenticated public access (401), and the
public-api PATCH route rejects enabling public API (403).
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat(gong): add Gong integration with 18 API tools
* fix(gong): make toDateTime optional for list_calls, add list_trackers to workspaceId condition
* chore(gong): regenerate docs
* fix(hex): update icon color and block bgColor
* refactor(vercel): mark optional fields as advanced mode
Move optional/power-user fields behind the advanced toggle:
- List Deployments: project filter, target, state
- Create Deployment: project ID override, redeploy from, target
- List Projects: search
- Create/Update Project: framework, build/output/install commands
- Env Vars: variable type
- Webhooks: project IDs filter
- Checks: path, details URL
- Team Members: role filter
- All operations: team ID scope
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* style(youtube): mark optional params as advanced mode
Hide pagination, sort order, and filter fields behind the advanced
toggle for a cleaner default UX across all YouTube operations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* added advanced fields for vercel and youtube, added cloudflare and dataverse block
* addded desc for dataverse
* add more tools
* ack comment
* more
* ops
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat(vercel): add complete Vercel integration with 42 API tools
Add Vercel platform management integration covering deployments, projects,
environment variables, domains, DNS records, aliases, edge configs, and
team/user management. All tools use API key authentication with Bearer tokens.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(vercel): add webhook and deployment check tools
Add 8 new Vercel API tools:
- Webhooks: list, create, delete
- Deployment Checks: create, get, list, update, rerequest
Brings total Vercel tools to 50.
* fix(vercel): expand all object and array output definitions
Expand unexpanded output types:
- get_deployment: meta and gitSource objects now have properties
- list_deployment_files: children array now has items definition
- get_team: teamRoles and teamPermissions arrays now have items
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* update icon size, update docs
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix: update i18n.lock
* feat(docs): enhance documentation with new sections on file handling, form deployment, quick reference, agent skills, and A2A integration
* feat(icons): add Airweave icon and update registry with Airweave block and tool
* feat(icons): add Airweave icon and update icon mapping and metadata
* fix(search): update API key header from Authorization to X-API-Key for Airweave search tool
* refactor(icon-mapping): reorder icon imports for consistency and formatting improvements; update airweave block retrieval strategy description formatting; add newline at end of meta.json
* refactor(search): update visibility settings for retrieval strategy and query options to allow access for both users and LLMs
* fix(linear): align tool outputs, queries, and pagination with API
* fix(linear): coerce first param to number, remove duplicate conditions, add null guard
* feat(canvas): added the ability to lock blocks
* unlock duplicates of locked blocks
* fix(duplicate): place duplicate outside locked container
When duplicating a block that's inside a locked loop/parallel,
the duplicate is now placed outside the container since nothing
should be added to a locked container.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(duplicate): unlock all blocks when duplicating workflow
- Server-side workflow duplication now sets locked: false for all blocks
- regenerateWorkflowStateIds also unlocks blocks for templates
- Client-side regenerateBlockIds already handled this (for paste/import)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix code block disabled state, allow unlock from editor
* fix(lock): address code review feedback
- Fix toggle enabled using first toggleable block, not first block
- Delete button now checks isParentLocked
- Lock button now has disabled state
- Editor lock icon distinguishes block vs parent lock state
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(lock): prevent unlocking blocks inside locked containers
- Editor: can't unlock block if parent container is locked
- Action bar: can't unlock block if parent container is locked
- Shows "Parent container is locked" tooltip in both cases
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(lock): ensure consistent behavior across all UIs
Block Menu, Editor, Action Bar now all have identical behavior:
- Enable/Disable: disabled when locked OR parent locked
- Flip Handles: disabled when locked OR parent locked
- Delete: disabled when locked OR parent locked
- Remove from Subflow: disabled when locked OR parent locked
- Lock: always available for admins
- Unlock: disabled when parent is locked (unlock parent first)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(enable): consistent behavior - can't enable if parent disabled
Same pattern as lock: must enable parent container first before
enabling children inside it.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* docs(quick-reference): add lock block action
Added documentation for the lock/unlock block feature (admin only).
Note: Image placeholder added, pending actual screenshot.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* remove prefix square brackets in error notif
* add lock block image
* fix(block-menu): paste should not be disabled for locked selection
Paste creates new blocks, doesn't modify selected ones. Changed from
disableEdit (includes lock state) to !userCanEdit (permission only),
matching the Duplicate action behavior.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor(workflow): extract block deletion protection into shared utility
Extract duplicated block protection logic from workflow.tsx into
a reusable filterProtectedBlocks helper in utils/block-protection-utils.ts.
This ensures consistent behavior between context menu delete and
keyboard delete operations.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor(workflow): extend block protection utilities for edge protection
Add isEdgeProtected, filterUnprotectedEdges, and hasProtectedBlocks
utilities. Refactor workflow.tsx to use these helpers for:
- onEdgesChange edge removal filtering
- onConnect connection prevention
- onNodeDragStart drag prevention
- Keyboard edge deletion
- Block menu disableEdit calculation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(lock): address review comments for lock feature
1. Store batchToggleEnabled now uses continue to skip locked blocks
entirely, matching database operation behavior
2. Copilot add operation now checks if parent container is locked
before adding nested nodes (defensive check for consistency)
3. Remove unused filterUnprotectedEdges function
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(copilot): add lock checks for insert and extract operations
- insert_into_subflow: Check if existing block being moved is locked
- extract_from_subflow: Check if block or parent subflow is locked
These operations now match the UI behavior where locked blocks
cannot be moved into/out of containers.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(lock): prevent duplicates inside locked containers via regenerateBlockIds
1. regenerateBlockIds now checks if existing parent is locked before
keeping the block inside it. If parent is locked, the duplicate
is placed outside (parentId cleared) instead of creating an
inconsistent state.
2. Remove unnecessary effectivePermissions.canAdmin and potentialParentId
from onNodeDragStart dependency array.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(lock): fix toggle locked target state and draggable check
1. BATCH_TOGGLE_LOCKED now uses first block from blocksToToggle set
instead of blockIds[0], matching BATCH_TOGGLE_ENABLED pattern.
Also added early exit if blocksToToggle is empty.
2. Blocks inside locked containers are now properly non-draggable.
Changed draggable check from !block.locked to use isBlockProtected()
which checks both block lock and parent container lock.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(copilot): check parent lock in edit and delete operations
Both edit and delete operations now check if the block's parent
container is locked, not just if the block itself is locked. This
ensures consistent behavior with the UI which uses isBlockProtected
utility that checks both direct lock and parent lock.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(socket): add server-side lock validation and admin-only permissions
1. BATCH_TOGGLE_LOCKED now requires admin role - non-admin users with
write role can no longer bypass UI restriction via direct socket
messages
2. BATCH_REMOVE_BLOCKS now validates lock status server-side - filters
out protected blocks (locked or inside locked parent) before deletion
3. Remove duplicate/outdated comment in regenerateBlockIds
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* test(socket): update permission test for admin-only lock toggle
batch-toggle-locked is now admin-only, so write role should be denied.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(undo-redo): use consistent target state for toggle redo
The redo logic for BATCH_TOGGLE_ENABLED and BATCH_TOGGLE_LOCKED was
incorrectly computing each block's new state as !previousStates[blockId].
However, the store's batchToggleEnabled/batchToggleLocked set ALL blocks
to the SAME target state based on the first block's previous state.
Now redo computes targetState = !previousStates[firstBlockId] and applies
it to all blocks, matching the store's behavior.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(socket): add comprehensive lock validation across operations
Based on audit findings, adds lock validation to multiple operations:
1. BATCH_TOGGLE_HANDLES - now skips locked/protected blocks at:
- Store layer (batchToggleHandles)
- Collaborative hook (collaborativeBatchToggleBlockHandles)
- Server socket handler
2. BATCH_ADD_BLOCKS - server now filters blocks being added to
locked parent containers
3. BATCH_UPDATE_PARENT - server now:
- Skips protected blocks (locked or inside locked container)
- Prevents moving blocks into locked containers
All validations use consistent isProtected() helper that checks both
direct lock and parent container lock.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor(workflow): use pre-computed lock state from contextMenuBlocks
contextMenuBlocks already has locked and isParentLocked properties
computed in use-canvas-context-menu.ts, so there's no need to look
up blocks again via hasProtectedBlocks.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(lock): add lock validation to block rename operations
Defense-in-depth: although the UI disables rename for locked blocks,
the collaborative layer and server now also validate locks.
- collaborativeUpdateBlockName: checks if block is locked or inside
locked container before attempting rename
- UPDATE_NAME server handler: checks lock status and parent lock
before performing database update
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* added defense in depth for renaming locked blocks
* fix(socket): add server-side lock validation for edges and subblocks
Defense-in-depth: adds lock checks to server-side handlers that were
previously relying only on client-side validation.
Edge operations (ADD, REMOVE, BATCH_ADD, BATCH_REMOVE):
- Check if source or target blocks are protected before modifying edges
Subblock updates:
- Check if parent block is protected before updating subblock values
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(lock): fetch parent blocks for edge protection checks and consistent tooltip
- Fixed edge operations to fetch parent blocks before checking lock status
- Previously, isBlockProtected checked if parent was locked, but the parent
wasn't in blocksById because only source/target blocks were fetched
- Now fetches parent blocks for all four edge operations: ADD, REMOVE,
BATCH_ADD_EDGES, BATCH_REMOVE_EDGES
- Fixed tooltip inconsistency: changed "Run previous blocks first" to
"Run upstream blocks first" in action-bar to match workflow.tsx
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* updated tooltip text for run from block
* fix(lock): add lock check to duplicate button and clean up drag handler
- Added lock check to duplicate button in action bar to prevent
duplicating locked blocks (consistent with other edit operations)
- Removed ineffective early return in onNodeDragStart since the
`draggable` property on nodes already prevents dragging protected
blocks - the early return was misleading as it couldn't actually
stop a drag operation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(lock): use disableEdit for duplicate in block menu
Changed duplicate menu item to use disableEdit (which includes lock
check) instead of !userCanEdit for consistency with action bar and
other edit operations.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(tools): added calcom
* added more triggers, tested
* updated regex in script for release to be more lenient
* fix(tag-dropdown): performance improvements and scroll bug fixes
- Add flatTagIndexMap for O(1) tag lookups (replaces O(n²) findIndex calls)
- Memoize caret position calculation to avoid DOM manipulation on every render
- Use refs for inputValue/cursorPosition to keep handleTagSelect callback stable
- Change itemRefs from index-based to tag-based keys to prevent stale refs
- Fix scroll jump in nested folders by removing scroll reset from registerFolder
- Add onFolderEnter callback for scroll reset when entering folder via keyboard
- Disable keyboard navigation wrap-around at boundaries
- Simplify selection reset to single effect on flatTagList.length change
Also:
- Add safeCompare utility for timing-safe string comparison
- Refactor webhook signature validation to use safeCompare
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* updated types
* fix(calcom): simplify required field constraints for booking attendee
The condition field already restricts these to calcom_create_booking,
so simplified to required: true. Per Cal.com API docs, email is optional
while name and timeZone are required.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* added tests
* updated folder multi select, updated calcom and github tools and docs generator script
* updated drag, updated outputs for tools, regen docs with nested docs script
* updated setup instructions links, destructure trigger outputs, fix text subblock styling
* updated docs gen script
* updated docs script
* updated docs script
* updated script
* remove destructuring of stripe webhook
* expanded wand textarea, updated calcom tools
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
