mirror of
https://github.com/simstudioai/sim.git
synced 2026-04-28 03:00:29 -04:00
3d6660ba4d
* fix(security): resolve ReDoS vulnerability in function execute tag pattern Simplified regex to eliminate overlapping quantifiers that caused exponential backtracking on malformed input without closing delimiter. * feat(jira): support raw ADF document objects in description and environment fields Add toAdf() helper that passes through ADF objects as-is or wraps plain text in a single-paragraph ADF doc. Update write and update routes to use it, replacing inline ADF wrapping. Update Zod schema to accept string or object for description. Fully backward compatible — plain text still works, but callers can now pass rich ADF with expand nodes, tables, code blocks, etc. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix(jira): handle partial ADF nodes and non-ADF objects in toAdf() Wrap partial ADF nodes (type + content but not doc) in a doc envelope. Fall back to JSON.stringify for non-ADF objects instead of String() which produces [object Object]. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * lint * fix(jira): handle JSON-stringified ADF in toAdf() for variable resolution The executor's formatValueForBlock() JSON.stringify's object values when resolving <Block.output> references. This means an ADF object from an upstream Agent block arrives at the route as a JSON string. toAdf() now detects JSON strings containing valid ADF documents or nodes and parses them back, ensuring rich formatting is preserved through the pipeline. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * lint changes * fix(jira): update environment Zod schema to accept ADF objects Match the description field schema change — environment also passes through toAdf() so its Zod schema must accept objects too. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * updated lobkc --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>