mirror of
https://github.com/simstudioai/sim.git
synced 2026-04-28 03:00:29 -04:00
64c6cd973f
* fix(triggers): apply webhook audit follow-ups Align the Greenhouse webhook matcher with provider conventions and clarify the Notion webhook secret setup text after the audit review. Made-with: Cursor * fix(webhooks): Salesforce provider handler, Zoom CRC and block wiring Add salesforce WebhookProviderHandler with required shared secret auth, matchEvent filtering, formatInput aligned to trigger outputs, and idempotency keys. Require webhook secret and document JSON-only Flow setup; enforce objectType when configured. Zoom: pass raw body into URL validation signature check, try all active webhooks on a path for secret match, add extractIdempotencyId, tighten event matching for specialized triggers. Wire Zoom triggers into the Zoom block. Extend handleChallenge with optional rawBody. Register Salesforce pending verification probes for pre-save URL checks. * fix(webhooks): harden Resend and Linear triggers (idempotency, auth, outputs) - Dedupe Resend deliveries via svix-id and Linear via Linear-Delivery in idempotency keys - Require Resend signing secret; validate createSubscription id and signing_secret - Single source for Resend event maps in triggers/utils; fail closed on unknown trigger IDs - Add raw event data to Resend trigger outputs and formatInput - Linear: remove body-based idempotency key; timestamp skew after HMAC verify; format url and actorType - Tighten isLinearEventMatch for unknown triggers; clarify generic webhook copy; fix header examples - Add focused tests for idempotency headers and Linear matchEvent * fix(webhooks): harden Vercel and Greenhouse trigger handlers Require Vercel signing secret and validate x-vercel-signature; add matchEvent with dynamic import, delivery idempotency, strict createSubscription trigger IDs, and formatInput aligned to string IDs. Greenhouse: dynamic import in matchEvent, strict unknown trigger IDs, Greenhouse-Event-ID idempotency header, body fallback keys, clearer optional secret copy. Update generic trigger wording and add tests. * fix(gong): JWT verification, trigger UX, alignment script - Optional RS256 verification when Gong JWT public key is configured (webhook_url + body_sha256 per Gong docs); URL secrecy when unset. - Document that Gong rules filter calls; payload has no event type; add eventType + callId outputs for discoverability. - Refactor Gong triggers to buildTriggerSubBlocks + shared JWT field; setup copy matches security model. - Add check-trigger-alignment.ts (Gong bundled; extend PROVIDER_CHECKS for others) and update add-trigger guidance paths. Made-with: Cursor * fix(notion): align webhook lifecycle and outputs Handle Notion verification requests safely, expose the documented webhook fields in the trigger contract, and update setup guidance so runtime data and user-facing configuration stay aligned. Made-with: Cursor * fix(webhooks): tighten remaining provider hardening Close the remaining pre-merge caveats by tightening Salesforce, Zoom, and Linear behavior, and follow through on the deferred provider and tooling cleanup for Vercel, Greenhouse, Gong, and Notion. Made-with: Cursor * refactor(webhooks): move subscription helpers out of providers Move provider subscription helpers alongside the subscription lifecycle module and add targeted TSDoc so the file placement matches the responsibility boundaries in the webhook architecture. Made-with: Cursor * fix(zoom): resolve env-backed secrets during validation Use the same env-aware secret resolution path for Zoom endpoint validation as regular delivery verification so URL validation works correctly when the secret token is stored via env references. Made-with: Cursor * fix build * consolidate tests * refactor(salesforce): share payload object type parsing Remove dead code in the Salesforce provider and move shared object-type extraction into a single helper so trigger matching and input shaping stay in sync. Made-with: Cursor * fix(webhooks): address remaining review follow-ups Loosen Linear's replay window to better tolerate delayed retries and make Notion event mismatches return false consistently with the rest of the hardened providers. Made-with: Cursor * test(webhooks): separate Zoom coverage and clean Notion output shape Move Zoom provider coverage into its own test file and strip undeclared Notion type fields from normalized output objects so the runtime shape better matches the trigger contract. Made-with: Cursor * feat(triggers): enrich Vercel and Greenhouse webhook output shapes Document and pass through Vercel links, regions, deployment.meta, and domain.delegated; add top-level Greenhouse applicationId, candidateId, and jobId aligned with webhook common attributes. Extend alignment checker for greenhouse, update provider docs, and add formatInput tests. Made-with: Cursor * feat(webhooks): enrich Resend trigger outputs; clarify Notion output docs - Resend: expose broadcast_id, template_id, tags, and data_created_at from payload data (per Resend webhook docs); keep alignment with formatInput. - Add resend entry to check-trigger-alignment and unit test for formatInput. - Notion: tighten output descriptions for authors, entity types, parent types, attempt_number, and accessible_by per Notion webhooks event reference. Made-with: Cursor * feat(webhooks): enrich Zoom and Gong trigger output schemas - Zoom: add formatInput passthrough, fix nested TriggerOutput shape (drop invalid `properties` wrappers), document host_email, join_url, agenda, status, meeting_type on recordings, participant duration, and alignment checker entry. - Gong: flatten topics/highlights from callData.content in formatInput, extend metaData and trigger outputs per API docs, tests and alignment keys updated. - Docs: add English webhook trigger sections for Zoom and Gong tools pages. * feat(triggers): enrich Salesforce and Linear webhook output schemas Salesforce: expose simEventType alongside eventType; pass OwnerId and SystemModstamp on record lifecycle inputs; add AccountId/OwnerId for Opportunity and AccountId/ContactId/OwnerId for Case. Align trigger output docs with Flow JSON payloads and formatInput. Linear: document actor email and profile url per official webhook payload; add Comment data.edited from Linear's sample payload. Tests: extend Salesforce formatInput coverage for new fields. * remove from mdx * chore(webhooks): expand trigger alignment coverage Extend the trigger alignment checker to cover additional webhook providers so output contracts are verified across more of the recently added trigger surface. Made-with: Cursor * updated skills * updated file naming semantics * rename file
The open-source platform to build AI agents and run your agentic workforce. Connect 1,000+ integrations and LLMs to orchestrate agentic workflows.
Build Workflows with Ease
Design agent workflows visually on a canvas—connect agents, tools, and blocks, then run them instantly.
Supercharge with Copilot
Leverage Copilot to generate nodes, fix errors, and iterate on flows directly from natural language.
Integrate Vector Databases
Upload documents to a vector store and let agents answer questions grounded in your specific content.
Quickstart
Cloud-hosted: sim.ai
Self-hosted: NPM Package
npx simstudio
Note
Docker must be installed and running on your machine.
Options
| Flag | Description |
|---|---|
-p, --port <port> |
Port to run Sim on (default 3000) |
--no-pull |
Skip pulling latest Docker images |
Self-hosted: Docker Compose
git clone https://github.com/simstudioai/sim.git && cd sim
docker compose -f docker-compose.prod.yml up -d
Background worker note
The Docker Compose stack starts a dedicated worker container by default. If REDIS_URL is not configured, the worker will start, log that it is idle, and do no queue processing. This is expected. Queue-backed API, webhook, and schedule execution requires Redis; installs without Redis continue to use the inline execution path.
Sim also supports local models via Ollama and vLLM — see the Docker self-hosting docs for setup details.
Self-hosted: Manual Setup
Requirements: Bun, Node.js v20+, PostgreSQL 12+ with pgvector
- Clone and install:
git clone https://github.com/simstudioai/sim.git
cd sim
bun install
bun run prepare # Set up pre-commit hooks
- Set up PostgreSQL with pgvector:
docker run --name simstudio-db -e POSTGRES_PASSWORD=your_password -e POSTGRES_DB=simstudio -p 5432:5432 -d pgvector/pgvector:pg17
Or install manually via the pgvector guide.
- Configure environment:
cp apps/sim/.env.example apps/sim/.env
# Create your secrets
perl -i -pe "s/your_encryption_key/$(openssl rand -hex 32)/" apps/sim/.env
perl -i -pe "s/your_internal_api_secret/$(openssl rand -hex 32)/" apps/sim/.env
perl -i -pe "s/your_api_encryption_key/$(openssl rand -hex 32)/" apps/sim/.env
# DB configs for migration
cp packages/db/.env.example packages/db/.env
# Edit both .env files to set DATABASE_URL="postgresql://postgres:your_password@localhost:5432/simstudio"
- Run migrations:
cd packages/db && bun run db:migrate
- Start development servers:
bun run dev:full # Starts Next.js app, realtime socket server, and the BullMQ worker
If REDIS_URL is not configured, the worker will remain idle and execution continues inline.
Or run separately: bun run dev (Next.js), cd apps/sim && bun run dev:sockets (realtime), and cd apps/sim && bun run worker (BullMQ worker).
Copilot API Keys
Copilot is a Sim-managed service. To use Copilot on a self-hosted instance:
- Go to https://sim.ai → Settings → Copilot and generate a Copilot API key
- Set
COPILOT_API_KEYenvironment variable in your self-hosted apps/sim/.env file to that value
Environment Variables
See the environment variables reference for the full list, or apps/sim/.env.example for defaults.
Tech Stack
- Framework: Next.js (App Router)
- Runtime: Bun
- Database: PostgreSQL with Drizzle ORM
- Authentication: Better Auth
- UI: Shadcn, Tailwind CSS
- State Management: Zustand
- Flow Editor: ReactFlow
- Docs: Fumadocs
- Monorepo: Turborepo
- Realtime: Socket.io
- Background Jobs: Trigger.dev
- Remote Code Execution: E2B
Contributing
We welcome contributions! Please see our Contributing Guide for details.
License
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
Made with ❤️ by the Sim Team