v0.5.71: ux, ci improvements, docs updates

* fix(subflows): tag dropdown + resolution logic (#2949)

* fix(subflows): tag dropdown + resolution logic

* fixes;

* revert parallel change

* chore(deps): bump posthog-js to 1.334.1 (#2948)

* fix(idempotency): add conflict target to atomicallyClaimDb query + remove redundant db namespace tracking (#2950)

* fix(idempotency): add conflict target to atomicallyClaimDb query

* delete needs to account for namespace

* simplify namespace filtering logic

* fix cleanup

* consistent target

* improvement(kb): add document filtering, select all, and React Query migration (#2951)

* improvement(kb): add document filtering, select all, and React Query migration

* test(kb): update tests for enabledFilter and removed userId params

* fix(kb): remove non-null assertion, add explicit guard

* improvement(logs): trace span, details (#2952)

* improvement(action-bar): ordering

* improvement(logs): details, trace span

* feat(blog): v0.5 release post (#2953)

* feat(blog): v0.5 post

* improvement(blog): simplify title and remove code block header

- Simplified blog title from Introducing Sim Studio v0.5 to Introducing Sim v0.5
- Removed language label header and copy button from code blocks for cleaner appearance

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* ack PR comments

* small styling improvements

* created system to create post-specific components

* updated componnet

* cache invalidation

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

* feat(admin): add credits endpoint to issue credits to users (#2954)

* feat(admin): add credits endpoint to issue credits to users

* fix(admin): use existing credit functions and handle enterprise seats

* fix(admin): reject NaN and Infinity in amount validation

* styling

* fix(admin): validate userId and email are strings

* improvement(copilot): fast mode, subagent tool responses and allow preferences (#2955)

* Improvements

* Fix actions mapping

* Remove console logs

* fix(billing): handle missing userStats and prevent crashes (#2956)

* fix(billing): handle missing userStats and prevent crashes

* fix(billing): correct import path for getFilledPillColor

* fix(billing): add Number.isFinite check to lastPeriodCost

* fix(logs): refresh logic to refresh logs details (#2958)

* fix(security): add authentication and input validation to API routes (#2959)

* fix(security): add authentication and input validation to API routes

* moved utils

* remove extraneous commetns

* removed unused dep

* improvement(helm): add internal ingress support and same-host path consolidation (#2960)

* improvement(helm): add internal ingress support and same-host path consolidation

* improvement(helm): clean up ingress template comments

Simplify verbose inline Helm comments and section dividers to match the
minimal style used in services.yaml.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* fix(helm): add missing copilot path consolidation for realtime host

When copilot.host equals realtime.host but differs from app.host,
copilot paths were not being routed. Added logic to consolidate
copilot paths into the realtime rule for this scenario.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* improvement(helm): follow ingress best practices

- Remove orphan comments that appeared when services were disabled
- Add documentation about path ordering requirements
- Paths rendered in order: realtime, copilot, app (specific before catch-all)
- Clean template output matching industry Helm chart standards

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

* feat(blog): enterprise post (#2961)

* feat(blog): enterprise post

* added more images, styling

* more content

* updated v0-5 post

* remove unused transition

---------

Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai>

* fix(envvars): resolution standardized (#2957)

* fix(envvars): resolution standardized

* remove comments

* address bugbot

* fix highlighting for env vars

* remove comments

* address greptile

* address bugbot

* fix(copilot): mask credentials fix (#2963)

* Fix copilot masking

* Clean up

* Lint

* improvement(webhooks): remove dead code (#2965)

* fix(webhooks): subscription recreation path

* improvement(webhooks): remove dead code

* fix tests

* address bugbot comments

* fix restoration edge case

* fix more edge cases

* address bugbot comments

* fix gmail polling

* add warnings for UI indication for credential sets

* fix(preview): subblock values (#2969)

* fix(child-workflow): nested spans handoff (#2966)

* fix(child-workflow): nested spans handoff

* remove overly defensive programming

* update type check

* type more code

* remove more dead code

* address bugbot comments

* fix(security): restrict API key access on internal-only routes (#2964)

* fix(security): restrict API key access on internal-only routes

* test(security): update function execute tests for checkInternalAuth

* updated agent handler

* move session check higher in checkSessionOrInternalAuth

* extracted duplicate code into helper for resolving user from jwt

* fix(copilot): update copilot chat title (#2968)

* fix(hitl): fix condition blocks after hitl (#2967)

* fix(notes): ghost edges (#2970)

* fix(notes): ghost edges

* fix deployed state fallback

* fallback

* remove UI level checks

* annotation missing from autoconnect source check

* improvement(docs): loop and parallel var reference syntax (#2975)

* fix(blog): slash actions description (#2976)

* improvement(docs): loop and parallel var reference syntax

* fix(blog): slash actions description

* fix(auth): copilot routes (#2977)

* Fix copilot auth

* Fix

* Fix

* Fix

* fix(copilot): fix edit summary for loops/parallels (#2978)

* fix(integrations): hide from tool bar (#2544)

* fix(landing): ui (#2979)

* fix(edge-validation): race condition on collaborative add (#2980)

* fix(variables): boolean type support and input improvements (#2981)

* fix(variables): boolean type support and input improvements

* fix formatting

---------

Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com>
Co-authored-by: Emir Karabeg <78010029+emir-karabeg@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Siddharth Ganesan <33737564+Sg312@users.noreply.github.com>
Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai>

apps/sim/lib/copilot/tools/server/workflow/edit-workflow.ts

@@ -2508,10 +2508,6 @@ async function validateWorkflowSelectorIds(
     for (const subBlockConfig of blockConfig.subBlocks) {
       if (!SELECTOR_TYPES.has(subBlockConfig.type)) continue
 
-      // Skip oauth-input - credentials are pre-validated before edit application
-      // This allows existing collaborator credentials to remain untouched
-      if (subBlockConfig.type === 'oauth-input') continue
-
       const subBlockValue = blockData.subBlocks?.[subBlockConfig.id]?.value
       if (!subBlockValue) continue
 
@@ -2577,105 +2573,6 @@ async function validateWorkflowSelectorIds(
   return errors
 }
 
-/**
- * Pre-validates oauth-input (credential) values in operations before they are applied.
- * Removes invalid credential inputs from operations so they are never applied.
- * Returns validation errors for any removed credentials.
- */
-async function preValidateCredentialInputs(
-  operations: EditWorkflowOperation[],
-  context: { userId: string }
-): Promise<{ filteredOperations: EditWorkflowOperation[]; errors: ValidationError[] }> {
-  const logger = createLogger('PreValidateCredentials')
-  const errors: ValidationError[] = []
-
-  // Collect all credential values from operations that need validation
-  const credentialInputs: Array<{
-    operationIndex: number
-    blockId: string
-    blockType: string
-    fieldName: string
-    value: string
-  }> = []
-
-  operations.forEach((op, opIndex) => {
-    if (!op.params?.inputs || !op.params?.type) return
-
-    const blockConfig = getBlock(op.params.type)
-    if (!blockConfig) return
-
-    // Find oauth-input subblocks in this block type
-    for (const subBlockConfig of blockConfig.subBlocks) {
-      if (subBlockConfig.type !== 'oauth-input') continue
-
-      const inputValue = op.params.inputs[subBlockConfig.id]
-      if (!inputValue || typeof inputValue !== 'string' || inputValue.trim() === '') continue
-
-      credentialInputs.push({
-        operationIndex: opIndex,
-        blockId: op.block_id,
-        blockType: op.params.type,
-        fieldName: subBlockConfig.id,
-        value: inputValue,
-      })
-    }
-  })
-
-  if (credentialInputs.length === 0) {
-    return { filteredOperations: operations, errors }
-  }
-
-  logger.info('Pre-validating credential inputs', {
-    credentialCount: credentialInputs.length,
-    userId: context.userId,
-  })
-
-  // Validate all credential IDs at once
-  const allCredentialIds = credentialInputs.map((c) => c.value)
-  const validationResult = await validateSelectorIds('oauth-input', allCredentialIds, context)
-  const invalidSet = new Set(validationResult.invalid)
-
-  if (invalidSet.size === 0) {
-    return { filteredOperations: operations, errors }
-  }
-
-  // Deep clone operations so we can modify them
-  const filteredOperations = JSON.parse(JSON.stringify(operations)) as EditWorkflowOperation[]
-
-  // Remove invalid credential inputs from operations
-  for (const credInput of credentialInputs) {
-    if (!invalidSet.has(credInput.value)) continue
-
-    // Remove this credential input from the operation
-    const op = filteredOperations[credInput.operationIndex]
-    if (op.params?.inputs?.[credInput.fieldName]) {
-      delete op.params.inputs[credInput.fieldName]
-      logger.info('Removed invalid credential from operation', {
-        blockId: credInput.blockId,
-        field: credInput.fieldName,
-        invalidValue: credInput.value,
-      })
-    }
-
-    // Add error for LLM feedback
-    const warningInfo = validationResult.warning ? `. ${validationResult.warning}` : ''
-    errors.push({
-      blockId: credInput.blockId,
-      blockType: credInput.blockType,
-      field: credInput.fieldName,
-      value: credInput.value,
-      error: `Invalid credential ID "${credInput.value}" - credential does not exist or user doesn't have access${warningInfo}`,
-    })
-  }
-
-  logger.warn('Filtered out invalid credentials from operations', {
-    invalidCount: invalidSet.size,
-    errors: errors.map((e) => ({ blockId: e.blockId, field: e.field })),
-  })
-
-  return { filteredOperations, errors }
-}
-
 async function getCurrentWorkflowStateFromDb(
   workflowId: string
 ): Promise<{ workflowState: any; subBlockValues: Record<string, Record<string, any>> }> {
@@ -2760,28 +2657,12 @@ export const editWorkflowServerTool: BaseServerTool<EditWorkflowParams, any> = {
     // Get permission config for the user
     const permissionConfig = context?.userId ? await getUserPermissionConfig(context.userId) : null
 
-    // Pre-validate credential inputs before applying operations
-    // This filters out invalid credentials so they never get applied
-    let operationsToApply = operations
-    const credentialErrors: ValidationError[] = []
-    if (context?.userId) {
-      const { filteredOperations, errors: credErrors } = await preValidateCredentialInputs(
-        operations,
-        { userId: context.userId }
-      )
-      operationsToApply = filteredOperations
-      credentialErrors.push(...credErrors)
-    }
-
     // Apply operations directly to the workflow state
     const {
       state: modifiedWorkflowState,
       validationErrors,
       skippedItems,
-    } = applyOperationsToWorkflowState(workflowState, operationsToApply, permissionConfig)
+    } = applyOperationsToWorkflowState(workflowState, operations, permissionConfig)
-
-    // Add credential validation errors
-    validationErrors.push(...credentialErrors)
 
     // Get workspaceId for selector validation
     let workspaceId: string | undefined