v0.5.93: NextJS config changes, MCP and Blocks whitelisting, copilot keyboard shortcuts, audit logs#3241
Merged
waleedlatif1 merged 10 commits intomainfrom Feb 18, 2026
Merged
v0.5.93: NextJS config changes, MCP and Blocks whitelisting, copilot keyboard shortcuts, audit logs#3241waleedlatif1 merged 10 commits intomainfrom
waleedlatif1 merged 10 commits intomainfrom
Conversation
* feat(mcp): add ALLOWED_MCP_DOMAINS env var for domain allowlist * ack PR comments * cleanup
* Allow outbound connections from locked blocks to be modified - Modified isEdgeProtected to only check target block protection - Outbound connections (from locked blocks) can now be added/removed - Inbound connections (to locked blocks) remain protected - Updated notification messages and comments to reflect the change Co-authored-by: Emir Karabeg <emir-karabeg@users.noreply.github.com> * update notif msg --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Emir Karabeg <emir-karabeg@users.noreply.github.com> Co-authored-by: waleed <walif6@gmail.com>
…d block restrictions (#3238) * feat(access-control): add ALLOWED_INTEGRATIONS env var for self-hosted block restrictions * fix(tests): add getAllowedIntegrationsFromEnv mock to agent-handler tests * fix(access-control): add auth to allowlist endpoint, fix loading state race, use accurate error message * fix(access-control): remove auth from allowed-integrations endpoint to match models endpoint pattern * fix(access-control): normalize blockType to lowercase before env allowlist check * fix(access-control): expose merged allowedIntegrations on config to prevent bypass via direct access * consolidate merging of allowed blocks so all callers have it by default * normalize to lower case * added tests * added tests, normalize to lower case * added safety incase userId is missing * fix failing tests
* fix: prevent copilot keyboard shortcuts from triggering when panel is inactive The OptionsSelector component was capturing keyboard events (1-9 number keys and Enter) globally on the document, causing accidental option selections when users were interacting with other parts of the application. This fix adds a check to only handle keyboard shortcuts when the copilot panel is the active tab, preventing the shortcuts from interfering with other workflows. Co-authored-by: Emir Karabeg <emir-karabeg@users.noreply.github.com> * lint --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Emir Karabeg <emir-karabeg@users.noreply.github.com> Co-authored-by: Waleed Latif <walif6@gmail.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
Contributor
Greptile SummaryThis release bundle (v0.5.93) introduces several features and fixes across the platform:
Confidence Score: 4/5
Important Files Changed
Flowchartflowchart TD
subgraph EnvConfig["Environment Configuration"]
ALLOWED_MCP["ALLOWED_MCP_DOMAINS env var"]
ALLOWED_INT["ALLOWED_INTEGRATIONS env var"]
end
subgraph MCPDomainEnforcement["MCP Domain Enforcement"]
ALLOWED_MCP --> FeatureFlags["getAllowedMcpDomainsFromEnv()"]
FeatureFlags --> DomainCheck["domain-check.ts"]
DomainCheck -->|"validateMcpDomain()"| ServerRoutes["MCP Server Routes\n(POST/PATCH/DELETE)"]
DomainCheck -->|"isMcpDomainAllowed()"| McpService["MCP Service\n(resolve/list/get)"]
DomainCheck -->|"isMcpDomainAllowed()"| ClientMCP["MCP Settings UI\n(domain warning)"]
FeatureFlags --> AllowedDomainsAPI["/api/settings/allowed-mcp-domains"]
AllowedDomainsAPI --> ClientMCP
end
subgraph IntegrationEnforcement["Integration Block Enforcement"]
ALLOWED_INT --> IntFeatureFlags["getAllowedIntegrationsFromEnv()"]
IntFeatureFlags --> PermCheck["permission-check.ts\nmergeEnvAllowlist()"]
IntFeatureFlags --> CopilotTools["Copilot Block Tools\n(5 server tools)"]
IntFeatureFlags --> ProcessContents["process-contents.ts"]
IntFeatureFlags --> AllowedIntAPI["/api/settings/allowed-integrations"]
AllowedIntAPI --> UsePermConfig["usePermissionConfig hook"]
UsePermConfig --> IntegrationsUI["Integrations Settings UI"]
UsePermConfig --> BlockToolbar["Block Toolbar Filter"]
end
subgraph AuditSystem["Audit Log System"]
AuditTable[("audit_log table")]
RecordAudit["recordAudit()\nfire-and-forget"]
RecordAudit -->|"async insert"| AuditTable
APIRoutes["~60 API Routes"] -->|"recordAudit()"| RecordAudit
AuthHooks["Auth Hooks\n(password reset)"] -->|"recordAudit()"| RecordAudit
end
Last reviewed commit: e396462 |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
...orkspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/mcp/mcp.tsx
Show resolved
Hide resolved
...orkspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/mcp/mcp.tsx
Show resolved
Hide resolved
Contributor
Additional Comments (1)
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
…oute instrumentation (#3242) * feat(audit-log): add persistent audit log system with comprehensive route instrumentation * fix(audit-log): address PR review — nullable workspaceId, enum usage, remove redundant queries - Make audit_log.workspace_id nullable with ON DELETE SET NULL (logs survive workspace/user deletion) - Make audit_log.actor_id nullable with ON DELETE SET NULL - Replace all 53 routes' string literal action/resourceType with AuditAction.X and AuditResourceType.X enums - Fix empty workspaceId ('') → null for OAuth, form, and org routes to avoid FK violations - Remove redundant DB queries in chat manage route (use checkChatAccess return data) - Fix organization routes to pass workspaceId: null instead of organizationId * fix(audit-log): replace remaining workspaceId '' fallbacks with null * fix(audit-log): credential-set org IDs, workspace deletion FK, actorId fallback, string literal action * reran migrations * fix(mcp,audit): tighten env var domain bypass, add post-resolution check, form workspaceId - Only bypass MCP domain check when env var is in hostname/authority, not path/query - Add post-resolution validateMcpDomain call in test-connection endpoint - Match client-side isDomainAllowed to same hostname-only bypass logic - Return workspaceId from checkFormAccess, use in form audit logs - Add 49 comprehensive domain-check tests covering all edge cases * fix(mcp): stateful regex lastIndex bug, RFC 3986 authority parsing - Remove /g flag from module-level ENV_VAR_PATTERN to avoid lastIndex state - Create fresh regex instances per call in server-side hasEnvVarInHostname - Fix authority extraction to terminate at /, ?, or # per RFC 3986 - Prevents bypass via https://evil.com?token={{SECRET}} (no path) - Add test cases for query-only and fragment-only env var URLs (53 total) * fix(audit-log): try/catch for never-throw contract, accept null actorName/Email, fix misleading action - Wrap recordAudit body in try/catch so nanoid() or header extraction can't throw - Accept string | null for actorName and actorEmail (session.user.name can be null) - Normalize null -> undefined before insert to match DB column types - Fix org members route: ORG_MEMBER_ADDED -> ORG_INVITATION_CREATED (sends invite, not adds member) * improvement(audit-log): add resource names and specific invitation actions * fix(audit-log): use validated chat record, add mock sync tests
…, env, deployments, passwords (#3246) * feat(audit-log): add audit events for templates, billing, credentials, env, deployments, passwords * improvement(audit-log): add actorName/actorEmail to all recordAudit calls * fix(audit-log): resolve user for password reset, add CREDENTIAL_SET_INVITATION_RESENT action * fix(audit-log): add workspaceId to deployment activation audit * improvement(audit-log): use better-auth callback for password reset audit, remove cast - Move password reset audit to onPasswordReset callback in auth config instead of coupling to better-auth's verification table internals - Remove ugly double-cast on workflowData.workspaceId in deployment activation * fix(audit-log): add missing actorName/actorEmail to workflow duplicate * improvement(audit-log): add resourceName to credential set invitation accept
Collaborator
Author
|
@greptile |
Collaborator
Author
|
@cursor review |
waleedlatif1
changed the title
…non-admin) (#3243) - Add isEnterpriseMember and canViewUsageInfo flags to subscription permissions - Hide UsageHeader, CreditBalance, billing date, and usage notifications from enterprise members - Show only plan name in subscription tab for enterprise members (non-admin) - Hide usage indicator details (amount, progress pills) from enterprise members - Team tab already hidden via requiresTeam check in settings modal Closes #6882 Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Emir Karabeg <emir-karabeg@users.noreply.github.com>
...eId]/w/components/sidebar/components/settings-modal/components/integrations/integrations.tsx
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
| resourceId: credentialSetId, | ||
| description: `Left credential set`, | ||
| request: req, | ||
| }) |
There was a problem hiding this comment.
Inconsistent resource names in audit logs
Low Severity
Some recordAudit calls omit resourceName while similar operations include it, creating inconsistent audit log completeness. For credential set operations, memberships/route.ts doesn't include the credential set name, while [id]/members/route.ts does via result.set.name. Similarly, billing and environment audit calls lack resource names that would improve traceability. This reduces audit log usefulness since users can't easily identify which specific resource was affected without cross-referencing IDs.
Additional Locations (2)
| return createMcpErrorResponse(e, e.message, 403) | ||
| } | ||
| throw e | ||
| } |
There was a problem hiding this comment.
Domain validation runs on optional URLs
Medium Severity
Domain validation executes unconditionally on body.url even when undefined, causing the creation endpoint to reject servers without URLs when an MCP domain allowlist is configured. This contradicts the deliberate design choice to allow creating servers without URLs (evidenced by line 86 generating random UUIDs when URL is missing), and creates inconsistency with the PATCH endpoint which only validates domains when a URL is actually provided.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.