v0.5.96: sim oauth provider, slack ephemeral message tool and blockkit support

[waleedlatif1]

• feat(auth): add OAuth 2.1 provider for MCP connector support (feat(auth): add OAuth 2.1 provider for MCP connector support #3274)
• feat(slack): added ephemeral message send tool, updated ci, updated docs (feat(slack): added ephemeral message send tool, updated ci, updated docs #3278)
• fix(logs): replace initialData with placeholderData to fix stale log details (fix(logs): replace initialData with placeholderData to fix stale log details #3279)
• fix(trigger): handle Slack reaction_added/reaction_removed event payloads (fix(trigger): handle Slack reaction_added/reaction_removed event payloads #3280)
• fix(copilot): handle negated operation conditions in block config extraction (fix(copilot): handle negated operation conditions in block config extraction #3282)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Feb 21, 2026 2:09am

[greptile-apps]

Greptile Summary

This release (v0.5.96) adds OAuth 2.1 provider support for MCP connectors, Slack ephemeral messages with Block Kit support, and fixes for log data staleness and Slack reaction event handling.

OAuth 2.1 Provider Implementation

• Full OAuth 2.1 provider with PKCE requirement (S256 only, no plain text)
• New database tables: oauth_application, oauth_access_token, oauth_consent, jwks
• Consent UI with account switching capability
• MCP tool annotations (readOnly, destructive, idempotent, openWorld hints)
• Trusted origins include claude.ai and claude.com

Slack Enhancements

• New ephemeral message tool (visible only to specific user in channel)
• Block Kit support added to send, update, and ephemeral message tools
• AI wand integration for generating Block Kit layouts
• Message format selector (Plain Text vs Block Kit)

Bug Fixes

• Replaced initialData with placeholderData in log queries to prevent stale data display
• Added isPlaceholderData checks before rendering execution snapshots
• Reaction events now properly extract channel/ts from nested item object
• Reaction events fetch original message text via reactions.get API

Infrastructure Updates

• Updated CI workflows and Docker build configurations
• Documentation updates for Slack and Jira tools

Confidence Score: 5/5

• This PR is safe to merge with proper OAuth 2.1 security and well-tested functionality
• All changes follow security best practices: OAuth uses required PKCE with S256, proper token expiry validation, session checks, and cascade deletes. The code is well-structured with comprehensive error handling, proper TypeScript types, and validates all inputs. The React Query fix properly addresses stale data with placeholderData. No security vulnerabilities or critical issues found.
• No files require special attention - all changes are well-implemented

Important Files Changed

Filename	Overview
packages/db/schema.ts	Added OAuth 2.1 database tables with proper foreign keys and indexes
apps/sim/lib/auth/auth.ts	Added JWT and OIDC provider plugins with required PKCE and proper scopes
apps/sim/lib/auth/oauth-token.ts	Token validation with proper expiry checks and error handling
apps/sim/app/(auth)/oauth/consent/page.tsx	OAuth consent UI with account switching and scope display
apps/sim/tools/slack/ephemeral_message.ts	New ephemeral message tool with blocks support and proper parameter visibility
apps/sim/blocks/blocks/slack.ts	Added ephemeral operation, message format selector, blocks field with AI wand, complex conditional logic for field visibility
apps/sim/hooks/queries/logs.ts	Replaced initialData with placeholderData to fix stale log details issue
apps/sim/lib/webhooks/utils.server.ts	Added reaction event handling with message text fetching via reactions.get API

Sequence Diagram

sequenceDiagram
    participant Client as MCP Client
    participant Auth as OAuth 2.1 Provider
    participant DB as Database
    participant Consent as Consent Page
    participant User as End User
    
    Client->>Auth: GET /.well-known/oauth-authorization-server
    Auth-->>Client: OAuth metadata (authorize, token, jwks endpoints)
    
    Client->>Auth: POST /oauth2/authorize (PKCE challenge)
    Auth->>DB: Store verification code + params
    Auth->>Consent: Redirect to consent page
    
    User->>Consent: View scope permissions
    Consent->>Auth: POST /oauth2/consent (accept/deny)
    Auth->>DB: Create oauth_consent record
    Auth->>DB: Create oauth_access_token + refresh_token
    Auth-->>Client: Redirect with authorization code
    
    Client->>Auth: POST /oauth2/token (code + PKCE verifier)
    Auth->>DB: Validate code, exchange for tokens
    Auth-->>Client: access_token + refresh_token
    
    Client->>Auth: API request with Bearer token
    Auth->>DB: Validate access_token (not expired)
    Auth-->>Client: Authorized response

Loading

_{Last reviewed commit: 765a481}

[greptile-apps]

_{35 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}