v0.5.86: server side copilot, copilot mcp, error notifications, jira outputs destructuring, slack trigger improvements #3178
Conversation
fix(notifications): throw notification on runtime errors, move predeploy checks to update in deploy modal
…word integration (#3174) * improvement(jsm): destructured outputs for jsm, jira, and added 1password integration * update 1password to support cloud & locally hosted * updated & tested 1pass * added an additional wandConfig for OnePassword & jira search issues * finished jira * removed unused route * updated types * restore old outputs * updated types
* v0 * v1 * Basic ss tes * Ss tests * Stuff * Add mcp * mcp v1 * Improvement * Fix * BROKEN * Checkpoint * Streaming * Fix abort * Things are broken * Streaming seems to work but copilot is dumb * Fix edge issue * LUAAAA * Fix stream buffer * Fix lint * Checkpoint * Initial temp state, in the middle of a refactor * Initial test shows diff store still working * Tool refactor * First cleanup pass complete - untested * Continued cleanup * Refactor * Refactor complete - no testing yet * Fix - cursor makes me sad * Fix mcp * Clean up mcp * Updated mcp * Add respond to subagents * Fix definitions * Add tools * Add tools * Add copilot mcp tracking * Fix lint * Fix mcp * Fix * Updates * Clean up mcp * Fix copilot mcp tool names to be sim prefixed * Add opus 4.6 * Fix discovery tool * Fix * Remove logs * Fix go side tool rendering * Update docs * Fix hydration * Fix tool call resolution * Fix * Fix lint * Fix superagent and autoallow integrations * Fix always allow * Update block * Remove plan docs * Fix hardcoded ff * Fix dropped provider * Fix lint * Fix tests * Fix dead messages array * Fix discovery * Fix run workflow * Fix run block * Fix run from block in copilot * Fix lint * Fix skip and mtb * Fix typing * Fix tool call * Bump api version * Fix bun lock * Nuke bad files
* fix(mcp): harden notification system against race conditions - Guard concurrent connect() calls in connection manager with connectingServers Set - Suppress post-disconnect notification handler firing in MCP client - Clean up Redis event listeners in pub/sub dispose() - Add tests for all three hardening fixes (11 new tests) * updated tests * plugged in new mcp event based system and create sse route to publish notifs * ack commetns * fix reconnect timer * cleanup when running onClose * fixed spacing on mcp settings tab * keep error listeners before quiet in redis
…3177) * improvement(preview): added trigger mode context for deploy preview * use existing helper * enhance disabled mode for subblocks * update * update all subblocks to allow scrolling in read only mode * updated short and long input to match others, reverted triggerutils change
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
|
Too many files changed for review. ( |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 6 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
| ...(contexts && contexts.length > 0 ? { context: contexts } : {}), | ||
| ...(chatId ? { chatId } : {}), | ||
| ...(processedFileContents.length > 0 ? { fileAttachments: processedFileContents } : {}), | ||
| ...(integrationTools.length > 0 ? { integrationTools } : {}), |
There was a problem hiding this comment.
Payload key renamed from tools to integrationTools
High Severity
The old code sent tool definitions to the Go backend under the key tools (via { tools: integrationTools }), but buildCopilotRequestPayload uses JavaScript shorthand property syntax { integrationTools }, which sends them under the key integrationTools instead. The chat route's logging still references requestPayload.tools (which will always be undefined), confirming this rename was unintentional. The Go copilot backend likely won't find any tools in the payload.
Additional Locations (1)
| ...(integrationTools.length > 0 ? { integrationTools } : {}), | ||
| ...(credentials ? { credentials } : {}), | ||
| ...(commands && commands.length > 0 ? { commands } : {}), | ||
| } |
There was a problem hiding this comment.
Missing conversationId in request payload breaks multi-turn chat
High Severity
The old code included conversationId in the payload sent to the Go backend (via ...(effectiveConversationId ? { conversationId: effectiveConversationId } : {})). The chat route still computes effectiveConversationId but never passes it to buildCopilotRequestPayload, and the function doesn't accept or include it. Without this, the Go backend can't resume prior conversation state on subsequent messages, breaking multi-turn chat continuity.
Additional Locations (1)
| fileAttachments, | ||
| commands, | ||
| chatId, | ||
| } = params |
There was a problem hiding this comment.
Accepted implicitFeedback parameter silently dropped from payload
Medium Severity
buildCopilotRequestPayload accepts implicitFeedback in its BuildPayloadParams interface but never destructures or uses it. The old code injected implicit feedback as a system message into the conversation. Now, any implicit feedback provided by the client is silently ignored, potentially degrading response quality without any error.
| ...(integrationTools.length > 0 ? { integrationTools } : {}), | ||
| ...(credentials ? { credentials } : {}), | ||
| ...(commands && commands.length > 0 ? { commands } : {}), | ||
| } |
There was a problem hiding this comment.
Missing stream flag in main orchestrator payload
Medium Severity
The old payload included stream: true and streamToolCalls: true when sending to the Go backend. buildCopilotRequestPayload omits both fields. Notably, orchestrateSubagentStream explicitly adds stream: true to its payload, but the main orchestrateCopilotStream does not. If the Go backend checks this field to decide its response format, the SSE parser in runStreamLoop will fail on a non-streaming response.
| provider: 'vertex', | ||
| model: envModel, | ||
| apiKey: env.COPILOT_API_KEY, | ||
| vertexProject: env.VERTEX_PROJECT, |
There was a problem hiding this comment.
Title generation race can push to closed stream
Medium Severity
The generateChatTitle promise fires asynchronously (.then(...)) and calls pushEvent after the title resolves. However, if the orchestrator finishes and the finally block calls controller.close() before the title promise resolves, the pushEvent call will attempt to enqueue on a closed controller. The old code had a try-catch around controller.enqueue, but pushEvent's catch only sets clientDisconnected — the controller.close() in finally no longer has a try-catch wrapper either, compounding this race.
| headless: true, | ||
| chatId, | ||
| source: 'mcp', | ||
| } |
There was a problem hiding this comment.
MCP build bypasses tool/credential loading for Go backend
Medium Severity
The handleBuildToolCall in the MCP copilot route constructs a request payload for orchestrateCopilotStream without including integration tool definitions or user credentials. The main chat route uses buildCopilotRequestPayload which fetches OAuth tokens and tool schemas for build mode. The MCP build path skips this entirely, so the Go backend won't have access to available tool schemas or user credentials needed to execute integration tools.
Adds the AgentSkillsIcon to trace spans in logs when displaying the load_skill tool. Previously, skills appeared with a default gray color. Now they display with the proper skill icon and a purple (#8B5CF6) background color, consistent with the skills icon used in the settings modal and skill input components. Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Emir Karabeg <emir-karabeg@users.noreply.github.com>
…imeouts improvement(timeouts): files/base64 should use max timeouts + auth centralization
* improvement(schema): centralize derivation of block schemas * address bugbot comments * remove unused code * address greptile comments * merge conflict resolution * fix * update tests * address greptile comments * make evaluator metrics only * return base and metrics for evaluator
* Copilot enterprise models * Fix azure anthropic * Fix * Consolidation * Cleanup * Clean up code * Fix lint * cleanup * Fix greptile
…le files, fix UI issues in settings modal, fix org and workspace invitations when bundled (#3182) * improvement(mcp): improved mcp sse events notifs, update jira to handle files, fix UI issues in settings modal, fix org and workspace invitations when bundled * added back useMcpToolsEvents for event-driven discovery * ack PR comments * updated placeholder * updated colors, error throwing in mcp modal * ack comments * updated error msg
…orkflow bleed (#3183) * fix(execution): scope execution state per workflow to prevent cross-workflow bleed * fix(execution): use validated workflowId param instead of non-null assertion in handleRunUntilBlock * improvement(execution): use individual selectors to avoid unnecessary re-renders from unselectored store hook * improvement(execution): use useShallow selector in workflow.tsx to avoid re-renders from lastRunPath/lastRunEdges changes
…ody streaming (#3187) * fix(posthog): replace proxy rewrite with route handler for reliable body streaming * fix posthog
* fix(logs): surface handled errors as info in logs * pr comments
* fix(triggers): add copilot as a trigger type * update color
4 participants
Uh oh!
There was an error while loading. Please reload this page.