improvement(files): validations

[Sg312]

Summary

Use randombytes

Type of Change

• Bug fix

Testing

Manual

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		May 15, 2026 10:28pm

[greptile-apps]

Greptile Summary

This PR hardens several file-handling code paths: unique IDs for storage keys are switched from Math.random() to crypto.randomBytes (better entropy), the agent message-file hydration pipeline is simplified by removing now-redundant normalization steps, memory sanitization is broadened to preserve LLM tool-call fields alongside message content, and executionId on the execute-workflow API body is tightened to require UUID format.

• Entropy improvement: randomBytes(8).toString('hex') replaces Math.random().toString(36).substring(2, 9) in document-processor.ts, workspace-file-manager.ts, and storage-service.ts — improving collision resistance for storage keys.
• Memory sanitization broadened: sanitizeMessageForStorage now strips only files via destructuring, preserving tool_calls, function_call, and executionId in persisted memory; previously only role, content, and executionId were kept.
• API validation tightened: executionId in executeWorkflowBodySchema now enforces UUID format, which may break existing callers that supply non-UUID execution IDs.

Confidence Score: 3/5

Safe to merge with the UUID validation concern resolved — the entropy and simplification changes are straightforward improvements, but the tightened executionId format on the public execute endpoint warrants confirmation that no existing integrations send non-UUID IDs.

The executionId validation change narrows the accepted input on a public API endpoint from any string to UUID-only. Other schemas in the same file deliberately use z.string().min(1) without UUID constraints, and external callers who currently supply custom ID strings will receive 400 errors after this change with no migration path.

apps/sim/lib/api/contracts/workflows.ts deserves a second look to confirm the UUID constraint on executionId won't break existing callers of the workflow execution API.

Important Files Changed

Filename	Overview
apps/sim/executor/handlers/agent/agent-handler.ts	Simplifies hydrateMessageFilesForProvider by passing message.files (already typed UserFile[]) directly to hydrateUserFilesWithBase64, dropping redundant normalization/validation steps.
apps/sim/executor/handlers/agent/memory.ts	Broadens sanitizeMessageForStorage to strip only files, preserving tool_calls, function_call, and other Message fields in persisted memory instead of discarding everything except role, content, executionId.
apps/sim/executor/handlers/agent/memory.test.ts	Updates test assertion to reflect that tool_calls is now preserved after sanitization.
apps/sim/lib/api/contracts/workflows.ts	Tightens executionId in executeWorkflowBodySchema from z.string() to z.string().uuid() — a narrowing that may break external callers providing non-UUID execution IDs.
apps/sim/lib/knowledge/documents/document-processor.ts	Replaces Math.random() with randomBytes(8) for unique ID generation in two places — improves collision resistance and uses a CSPRNG.
apps/sim/lib/uploads/contexts/workspace/workspace-file-manager.ts	Replaces Math.random() with randomBytes(8) in generateWorkspaceFileKey; crypto import is placed after @sim package imports instead of at the top of the file.
apps/sim/lib/uploads/core/storage-service.ts	Replaces Math.random() with randomBytes(8) in generatePresignedUploadUrl; crypto import is placed after @sim/logger instead of at the top of the file.
apps/sim/lib/copilot/generated/tool-schemas-v1.ts	Stylistic-only: replaces computed property syntax ['key'] with shorthand key in object literals — no behavioral change.

Comments Outside Diff (1)

1. apps/sim/lib/api/contracts/workflows.ts, line 94 (link)

   Potentially breaking API contract change

   Tightening executionId from z.string() to z.string().uuid() on the public workflow-execute endpoint will return a 400 for any caller that supplies a non-UUID execution ID (e.g. a timestamp, a prefixed string like exec-20240101-abc). Other schemas in this file (z.string().min(1) on lines 355, 360, 365) deliberately omit the UUID constraint, suggesting non-UUID IDs are valid elsewhere in the system. Callers that explicitly set executionId to a custom string will silently break after this change. If the intent is to enforce UUIDs for new callers, consider an openapi-level note or a migration period rather than a hard validation.

_{Reviews (1): Last reviewed commit: "Fix" | Re-trigger Greptile}