Skip to content

v0.7.37: impersonation fixes, instagram/tiktok, landing improvements, agent tools fix#5699

Merged
icecrasher321 merged 6 commits into
mainfrom
staging
Jul 15, 2026
Merged

v0.7.37: impersonation fixes, instagram/tiktok, landing improvements, agent tools fix#5699
icecrasher321 merged 6 commits into
mainfrom
staging

Conversation

@icecrasher321

@icecrasher321 icecrasher321 commented Jul 15, 2026

Copy link
Copy Markdown
Collaborator

fix(workspace): recover from stale sessions after impersonation; improve stale-session recovery and redirect handling (#5688)
improvement(landing): SEO copy and metadata rewrite across marketing pages; remove em dashes; update Knowledge Base H1 (#5689)
fix(settings): align recently-deleted icon colors with platform tokens (#5691)
feat(instagram): add Instagram integration (#5568)
fix(auth): recover cleanly when an impersonation session expires (#5692)
fix(agent): pass through billing attribution to tools (#5698)

waleedlatif1 and others added 5 commits July 15, 2026 10:24
…fter impersonation (#5688)

* fix(workspace): recover from stale sessions instead of blank loader after impersonation

* fix(workspace): gate stale-session recovery on auth state and surface failed sign-out

* fix(workspace): proceed with redirect when session query errors but cached identity exists
…pages (#5689)

* improvement(landing): SEO copy and metadata rewrite across marketing pages

* improvement(landing): remove em dashes from marketing copy

* fix(landing): name Sim in the knowledge base H1
* feat(instagram): add Instagram Login OAuth, tools, and block

* feat(instagram): add Gmail-style media uploads for publish ops

Resolve UserFiles to Meta-fetchable presigned HTTPS URLs (600s TTL) via
internal publish routes, and fix OAuth scope storage plus connect-draft
wiring so Instagram Login publishing is testable end-to-end.

Co-authored-by: Cursor <cursoragent@cursor.com>

* refactor(instagram): simplify messaging tools to direct requests, clean up types

* fix(instagram): parallelize carousel child polling, enforce 2-10 items, extend poll window and insights periods, use canonical user_id in OAuth callback

* fix(instagram): resolve user id from user_id only, accept numeric user_id

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(instagram): use form/query params for publish and comment endpoints, request message timestamps explicitly

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(instagram): normalize Graph ID outputs to strings so downstream .trim() calls are safe

Co-authored-by: Cursor <cursoragent@cursor.com>

* style(instagram): use brand gradient tile for the block icon

Match the official Instagram look by filling the tile with the orange–pink–purple radial gradient so the white camera glyph sits on a full-bleed brand background.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(instagram): tighten publish defaults and cloud-storage upload UX

Default Reel share-to-feed to Yes, drop unused media fields params, share publish transform helpers, and warn when cloud storage is missing for Meta-fetchable uploads.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(instagram): fail closed when cloud storage status is unknown

Treat loading/error as blocked for requiresCloudStorage uploads, show the warning once the check finishes, and disable selecting local workspace files Meta cannot fetch.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(instagram): proactively refresh long-lived tokens before expiry

Meta only allows refreshing still-valid Instagram tokens, so refresh within 14 days of expiry (after the 24h age gate) instead of waiting until after accessTokenExpiresAt.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(oauth): restore TikTok clientIdParamName JSDoc after merge

The staging merge dropped the opening /** on ProviderAuthConfig.clientIdParamName, which broke TypeScript parse in CI.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(api): Zod-contract storage-status and ratchet validation baseline

Wire /api/files/storage-status through a shared route contract so the
strict API validation audit stays at zero non-Zod routes after the new
Instagram cloud-storage check.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(instagram): match Gmail advanced media placeholders

Drop public-URL paste hints from advanced fields and the cloud-storage banner so the UI mirrors Gmail attachments.

Co-authored-by: Cursor <cursoragent@cursor.com>

* code review + hide from toolbar

* address comments

* fix(instagram): drop hidden Instagram from OAuth catalog pin test

Instagram is hideFromToolbar so it is excluded from integrations.json;
the pinned slug map must not expect it until the block is visible again.

Co-authored-by: Cursor <cursoragent@cursor.com>

* fix(instagram): validate client ID before creating connect draft

Avoid orphan pending credential drafts when INSTAGRAM_CLIENT_ID is missing,
matching the Shopify authorize ordering.

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Bill Leoutsakos <billleoutsakos@Bills-MacBook-Pro.local>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai>
* fix(auth): recover cleanly when an impersonation session expires

* fix(auth): share stale-session recovery and bypass cookie cache in impersonation poll
@greptile-apps

greptile-apps Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Too many files changed for review. (157 files found, 100 file limit)

Bypass the limit by tagging @greptile-apps to review.

@vercel

vercel Bot commented Jul 15, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
docs Error Error Jul 15, 2026 11:39pm

Request Review

@cursor

cursor Bot commented Jul 15, 2026

Copy link
Copy Markdown

PR Summary

High Risk
Touches OAuth token refresh, new third-party publish/download routes, and impersonation session teardown—areas where auth bugs or partial uploads have user-visible impact.

Overview
Adds a full Instagram path: dedicated OAuth authorize/callback (long-lived tokens, proactive refresh in shared OAuth utils), workspace connect drafts via shared createConnectDraft, publish APIs (image, video, reel, story, carousel), media download with carousel rollback, cloud storage status for Meta-facing URLs, and docs InstagramIcon. TikTok publish now streams chunks from storage (no full-file buffer), disables Direct Post until approval exists, and webhook ingress uses enqueueTikTokWebhookIngress instead of inline queue setup.

Marketing/SEO: landing and solutions pages share canonical seoDescription constants with meta/JSON-LD; Enterprise drops free-tier schema offers; footer product links point at on-site module pages; broad copy/title tweaks and em-dash cleanup.

Workspace/auth: starting/stopping impersonation clears client stores before redirect; new ImpersonationExpired runs stale-session recovery when an impersonation session disappears; recently-deleted list uses the same resource icons as Mothership (no per-folder colors).

Reviewed by Cursor Bugbot for commit bfe8386. Configure here.

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using default effort and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit bfe8386. Configure here.

Comment thread apps/docs/components/icons.tsx
* fix(agent): pass through billing attribution to tools

* tests

* fix formatting

* address comments
@icecrasher321 icecrasher321 requested a review from a team as a code owner July 15, 2026 23:36
@icecrasher321 icecrasher321 changed the title v0.7.37: impersonation fixes, instagram/tiktok, landing, agent tools fix v0.7.37: impersonation fixes, instagram/tiktok, landing improvements, agent tools fix Jul 15, 2026
@icecrasher321 icecrasher321 merged commit 9d23e25 into main Jul 15, 2026
28 of 29 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants