v0.4.20: internal request, kb url fixes, docs styling#1703
Merged
icecrasher321 merged 5 commits intomainfrom Oct 21, 2025
Merged
v0.4.20: internal request, kb url fixes, docs styling#1703icecrasher321 merged 5 commits intomainfrom
icecrasher321 merged 5 commits intomainfrom
Conversation
* improvement(helm): added additional envvars to helm charts * updated docs
fix(internal-req): add internal token to server side
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Greptile Overview
Summary
This release (v0.4.20) includes critical bug fixes and infrastructure improvements across four key areas:
- Internal API Authentication: Added JWT-based authentication for server-side internal API calls to secure service-to-service communication (tools like Slack and Telegram send message)
- Knowledge Base URL Handling: Fixed relative URL resolution in KB document processing when called from trigger contexts without base URL
- Helm Chart Security: Added and documented three new environment variables (
INTERNAL_API_SECRET,CRON_SECRET,API_ENCRYPTION_KEY) for production security hardening - Documentation UI: Minor styling improvements to sidebar scrolling and search bar positioning
All changes align with the stated bug fixes and improvements. The internal authentication mechanism properly generates short-lived JWT tokens (5-minute expiration) for server-side requests, and the KB fix correctly handles the case where getBaseUrl() is needed for relative URLs.
Confidence Score: 4/5
- This PR is safe to merge with low risk - mostly bug fixes and documentation updates
- Score reflects well-tested bug fixes with proper error handling. Minor point deducted because the internal token implementation silently catches token generation errors (logs but doesn't fail), which could mask issues in production. Otherwise, changes are focused, well-documented, and address real bugs.
- No files require special attention - all changes are straightforward fixes
Important Files Changed
File Analysis
| Filename | Score | Overview |
|---|---|---|
| apps/sim/tools/index.ts | 4/5 | Added internal token authentication for server-side API calls to secure internal routes |
| apps/sim/lib/knowledge/documents/document-processor.ts | 5/5 | Fixed relative URL handling by adding base URL for KB fetches in trigger context |
| helm/sim/values.yaml | 5/5 | Added documentation for new environment variables: INTERNAL_API_SECRET, CRON_SECRET, API_ENCRYPTION_KEY |
| helm/sim/README.md | 5/5 | Updated security documentation with required and optional secrets for production deployments |
Sequence Diagram
sequenceDiagram
participant Tool as Tool Executor
participant Auth as Auth Module
participant API as Internal API
participant KB as KB Processor
participant OCR as OCR Service
Note over Tool,API: Internal Request Flow
Tool->>Tool: Detect internal route
Tool->>Auth: Request authentication
Auth->>Auth: Create JWT (5min)
Auth-->>Tool: Return JWT
Tool->>API: HTTP with JWT header
API->>API: Validate request
API-->>Tool: Response
Note over KB,OCR: URL Resolution
KB->>KB: Start parsing
KB->>KB: Check if relative path
KB->>KB: Import getBaseUrl utility
KB->>KB: Build absolute URL
KB->>OCR: HTTP request
OCR-->>KB: Parsed result
14 files reviewed, no comments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
fix(internal-req): add internal token to server side (#1700)
fix(kb): add base URL for KB fetches (#1701)
improvement(helm): added additional envvars to helm charts; updated docs (#1695)
fix(docs): made sidebar directories scrollable, stylistic changes (#1702)