* feat(turnstile): conditionally added CF turnstile to signup
* feat(auth): add execute-on-submit Turnstile, conditional harmony, and feature flag
- Switch Turnstile to execution: 'execute' mode so challenge runs on
form submit (fresh token every time, no expiry issues)
- Make emailHarmony conditional via SIGNUP_EMAIL_VALIDATION_ENABLED
feature flag so self-hosted users can opt out
- Add isSignupEmailValidationEnabled to feature-flags.ts following
existing pattern
- Add better-auth-harmony to Next.js transpilePackages (required for
validator.js ESM compatibility)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* refactor(validation): remove dead validateEmail and checkMXRecord
Server-side disposable email blocking is now handled by
better-auth-harmony. The async validateEmail (with MX check) had no
remaining callers. Only quickValidateEmail remains for client-side
form feedback.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(auth): add 15s timeout to Turnstile captcha promise
Prevents form from hanging indefinitely if Turnstile never fires
onSuccess/onError (e.g. script fails to load, network drop).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* chore(helm): add Turnstile and harmony env vars to values.yaml
Adds TURNSTILE_SECRET_KEY, NEXT_PUBLIC_TURNSTILE_SITE_KEY, and
SIGNUP_EMAIL_VALIDATION_ENABLED to the helm chart so self-hosted
deployments can configure captcha and disposable email blocking.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(auth): reject captcha promise on token expiry
onExpire now rejects the pending promise so the form doesn't hang
if the Turnstile token expires mid-challenge.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* refactor(login): replace useEffect keydown listener with form onSubmit
The forgot-password modal used a global window keydown listener in a
useEffect to handle Enter key — a "you might not need an effect"
anti-pattern with a stale closure risk. Replaced with a native
<form onSubmit> wrapper which handles Enter natively, eliminating
the useEffect, the global listener, and the stale closure.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(auth): clear dangling timeout after captcha promise settles
Use .finally(() => clearTimeout(timeoutId)) to clean up the 15s
timeout timer when the captcha resolves before the deadline.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* refactor(auth): use getResponsePromise() for Turnstile token retrieval
Replace the manual Promise + refs + timeout pattern with the
documented getResponsePromise(timeout) API from @marsidev/react-turnstile.
This eliminates captchaToken state, captchaResolveRef, captchaRejectRef,
and all callback wiring on the Turnstile component.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix(auth): show captcha errors as form-level message, not password error
Captcha failures were misleadingly displayed under the password field.
Added a dedicated formError state that renders above the submit button,
making it clear the issue is with verification, not the password.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Add DISABLE_PUBLIC_API / NEXT_PUBLIC_DISABLE_PUBLIC_API environment variables
and disablePublicApi permission group config option to allow self-hosted
deployments and enterprise admins to globally disable the public API toggle.
When disabled: the Access toggle is hidden in the Edit API Info modal,
the execute route blocks unauthenticated public access (401), and the
public-api PATCH route rejects enabling public API (403).
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat(access-control): add ALLOWED_INTEGRATIONS env var for self-hosted block restrictions
* fix(tests): add getAllowedIntegrationsFromEnv mock to agent-handler tests
* fix(access-control): add auth to allowlist endpoint, fix loading state race, use accurate error message
* fix(access-control): remove auth from allowed-integrations endpoint to match models endpoint pattern
* fix(access-control): normalize blockType to lowercase before env allowlist check
* fix(access-control): expose merged allowedIntegrations on config to prevent bypass via direct access
* consolidate merging of allowed blocks so all callers have it by default
* normalize to lower case
* added tests
* added tests, normalize to lower case
* added safety incase userId is missing
* fix failing tests
* fix(docs): update requirements to be more accurate for deploying the app
* updated kb to support 1536 dimension vectors for models other than text embedding 3 small
* fix(storage): support Azure connection string for presigned URLs
* fix(kb): update test for embedding dimensions parameter
* fix(storage): align credential source ordering for consistency
* improvement(helm): add internal ingress support and same-host path consolidation
* improvement(helm): clean up ingress template comments
Simplify verbose inline Helm comments and section dividers to match the
minimal style used in services.yaml.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(helm): add missing copilot path consolidation for realtime host
When copilot.host equals realtime.host but differs from app.host,
copilot paths were not being routed. Added logic to consolidate
copilot paths into the realtime rule for this scenario.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* improvement(helm): follow ingress best practices
- Remove orphan comments that appeared when services were disabled
- Add documentation about path ordering requirements
- Paths rendered in order: realtime, copilot, app (specific before catch-all)
- Clean template output matching industry Helm chart standards
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(og): add opengraph images for templates, blogs, and updated existing opengraph image for all other pages
* added to workspace templates page as well
* ack PR comments
* Add helm for copilot
* Remove otel and log level
* Change repo name
* improvement(helm): enhance copilot chart with HA support and validation
* refactor(helm): consolidate copilot secrets and fix postgres volume mount
* improvement(code-structure): move db into separate package
* make db separate package
* remake bun lock
* update imports to not maintain two separate ones
* fix CI for tests by adding dummy url
* vercel build fix attempt
* update bun lock
* regenerate bun lock
* fix mocks
* remove db commands from apps/sim package json
* feat(whitelabel): add in the ability to whitelabel via envvars
* restore site.webmanifest
* fix(dynamic): remove force-dynamic from routes that don't need it (#888)
* Reinstall dependencies
* Update docs
