feat(rest-countries): REST Countries integration#4603
Conversation
…ership workflow edits via sockets, ui improvements
…ng improvements, posthog, secrets mutations
…ration, signup method feature flags, SSO improvements
* feat(posthog): Add tracking on mothership abort (simstudioai#4023) Co-authored-by: Theodore Li <theo@sim.ai> * fix(login): fix captcha headers for manual login (simstudioai#4025) * fix(signup): fix turnstile key loading * fix(login): fix captcha header passing * Catch user already exists, remove login form captcha
…nts, secrets performance, polling refactors, drag resources in mothership
…y invalidation, HITL docs
…endar triggers, docs updates, integrations/models pages improvements
…ions, jira forms endpoints
…mat, logs performance improvements fix(csp): add missing analytics domains, remove unsafe-eval, fix workspace CSP gap (simstudioai#4179) fix(landing): return 404 for invalid dynamic route slugs (simstudioai#4182) improvement(seo): optimize sitemaps, robots.txt, and core web vitals across sim and docs (simstudioai#4170) fix(gemini): support structured output with tools on Gemini 3 models (simstudioai#4184) feat(brightdata): add Bright Data integration with 8 tools (simstudioai#4183) fix(mothership): fix superagent credentials (simstudioai#4185) fix(logs): close sidebar when selected log disappears from filtered list; cleanup (simstudioai#4186)
v0.6.46: mothership streaming fixes, brightdata integration
…m integration, atlassian triggers
…rizations, mothership positional table row insertion, CI improvements, org-external users, file viewer improvements
v0.6.62: fix new copilot chat creation and selection on refresh
…ixes, db query optimizations, contract boundaries code hygiene, CORS, toast improvements, tables infinite query, executor robustness, reranker support
…tion blocks/connectors updates
…ogs block, parallel-in-loop wall clock, gpt-image-2
…s, logs panel width, tables UI/DB decoupling v0.6.67: VFS upload fix, posthog/copilot correlation, exa date filters, logs panel width, tables UI/DB decoupling
…ering upgrades, data drains, security hardening, paginated dropdowns
…ntegrations, robots.txt update, workday hardening
v0.6.72: billing pool contention fix
…personation fixes, md rendering, doc/pdf/pptx generation improvements
…pentelemetry updates, data drains to snowflake, blob, datadog, bigquery
…ip md polish v0.6.75: scheduler claim-budget drain, helm chart hardening, mothership md polish
v0.6.78: file block get
|
@mesrefoglu is attempting to deploy a commit to the Sim Team on Vercel. A member of the Team first needs to authorize it. |
PR SummaryMedium Risk Overview Wires the integration into the UI/discovery layers via new Reviewed by Cursor Bugbot for commit f886470. Bugbot is set up for automated code reviews on this repo. Configure here. |
Greptile SummaryThis PR adds a REST Countries integration with five tools (search by name, get by code, list by region, list by currency, list by language), all backed by the public
Confidence Score: 3/5The REST Countries tools themselves are safe to merge, but integrations.json contains an unrelated modification to an existing workspace-files integration that should not ship in this PR without its own review. The accidentally included workspace-files change in integrations.json modifies a shipped integration's operation list and count without any corresponding tool or block change in this PR, so it cannot be validated in this context. The REST Countries implementation itself is well-structured and low-risk. apps/sim/app/(landing)/integrations/data/integrations.json — contains an unrelated workspace-files operation change that warrants a separate review before merging. Important Files Changed
Sequence DiagramsequenceDiagram
participant U as User / LLM
participant B as RestCountriesBlock
participant T as Tool (search/get/list)
participant API as restcountries.com/v3.1
U->>B: Select operation + params
B->>T: Route via tool config switch
T->>T: buildRestCountriesUrl(path, query)
T->>API: "GET /{endpoint}/{value}?fields=..."
alt HTTP 2xx
API-->>T: JSON array of countries
T->>T: transformRestCountriesResponse()
T-->>B: "{ countries[], count, firstCountry }"
B-->>U: Output
else HTTP 4xx/5xx
API-->>T: Error body
T-->>B: throw Error(status + body)
B-->>U: Error propagated
end
|
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| { | ||
| id: 'region', | ||
| title: 'Region', | ||
| type: 'dropdown', | ||
| options: [ | ||
| { label: 'Africa', id: 'Africa' }, | ||
| { label: 'Americas', id: 'Americas' }, | ||
| { label: 'Asia', id: 'Asia' }, | ||
| { label: 'Europe', id: 'Europe' }, | ||
| { label: 'Oceania', id: 'Oceania' }, | ||
| ], | ||
| value: () => 'Europe', | ||
| condition: { field: 'operation', value: 'restcountries_list_by_region' }, | ||
| required: { field: 'operation', value: 'restcountries_list_by_region' }, | ||
| }, |
There was a problem hiding this comment.
The REST Countries v3.1 API recognises six regions: Africa, Americas, Antarctic, Asia, Europe, and Oceania. The region dropdown only exposes five — "Antarctic" is missing. A user who picks "List by Region" will never be able to query Antarctic territories, and LLM-driven workflows may generate calls that return empty results. Adding { label: 'Antarctic', id: 'Antarctic' } to the options array (and the docs table) would close the gap.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit f886470. Configure here.
| ): Promise<RestCountriesResponse> { | ||
| if (!response.ok) { | ||
| const errorText = await response.text() | ||
| throw new Error(`REST Countries API error: ${response.status} - ${errorText}`) |
There was a problem hiding this comment.
404 "not found" throws instead of returning empty results
High Severity
The REST Countries API returns HTTP 404 when no countries match a query (e.g., searching for "Wakanda"). transformRestCountriesResponse treats all non-OK responses as errors and throws, so any search with zero results will crash instead of gracefully returning { countries: [], count: 0, firstCountry: null }. Other tools in the codebase (e.g., peopledatalabs/company_search.ts) handle 404 specifically by returning an empty result set. The 404 case needs to be checked before the generic !response.ok branch.
Reviewed by Cursor Bugbot for commit f886470. Configure here.
|
| GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
|---|---|---|---|---|---|
| 29606901 | Triggered | Generic High Entropy Secret | a54dcbe | apps/sim/providers/utils.test.ts | View secret |
| 32763747 | Triggered | Generic Password | 3e9849b | helm/sim/tests/validators_test.yaml | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
5 participants
Summary
Type of Change
Testing
Tested on dev mode
Checklist