v0.5.96: sim oauth provider, slack ephemeral message tool and blockkit support

Author: waleedlatif1

.github/workflows/ci.yml

@@ -144,7 +144,6 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           provenance: false
           sbom: false
-          no-cache: true
 
   # Build ARM64 images for GHCR (main branch only, runs in parallel)
   build-ghcr-arm64:
@@ -205,7 +204,6 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           provenance: false
           sbom: false
-          no-cache: true
 
   # Create GHCR multi-arch manifests (only for main, after both builds)
   create-ghcr-manifests:

.github/workflows/images.yml

@@ -97,7 +97,6 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           provenance: false
           sbom: false
-          no-cache: true
 
   build-ghcr-arm64:
     name: Build ARM64 (GHCR Only)
@@ -144,11 +143,10 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           provenance: false
           sbom: false
-          no-cache: true
 
   create-ghcr-manifests:
     name: Create GHCR Manifests
-    runs-on: blacksmith-8vcpu-ubuntu-2404
+    runs-on: blacksmith-2vcpu-ubuntu-2404
     needs: [build-amd64, build-ghcr-arm64]
     if: github.ref == 'refs/heads/main'
     strategy:

.github/workflows/test-build.yml

@@ -110,7 +110,7 @@ jobs:
           RESEND_API_KEY: 'dummy_key_for_ci_only'
           AWS_REGION: 'us-west-2'
           ENCRYPTION_KEY: '7cf672e460e430c1fba707575c2b0e2ad5a99dddf9b7b7e3b5646e630861db1c' # dummy key for CI only
-        run: bun run build
+        run: bunx turbo run build --filter=sim
 
       - name: Upload coverage to Codecov
         uses: codecov/codecov-action@v5

apps/docs/content/docs/en/tools/jira_service_management.mdx

@@ -116,7 +116,7 @@ Create a new service request in Jira Service Management
 | `summary` | string | Yes | Summary/title for the service request |
 | `description` | string | No | Description for the service request |
 | `raiseOnBehalfOf` | string | No | Account ID of customer to raise request on behalf of |
-| `requestFieldValues` | json | No | Custom field values as key-value pairs \(overrides summary/description if provided\) |
+| `requestFieldValues` | json | No | Request field values as key-value pairs \(overrides summary/description if provided\) |
 | `requestParticipants` | string | No | Comma-separated account IDs to add as request participants |
 | `channel` | string | No | Channel the request originates from \(e.g., portal, email\) |
 

apps/docs/content/docs/en/tools/slack.mdx

@@ -1,6 +1,6 @@
 ---
 title: Slack
-description: Send, update, delete messages, add reactions in Slack or trigger workflows from Slack events
+description: Send, update, delete messages, send ephemeral messages, add reactions in Slack or trigger workflows from Slack events
 ---
 
 import { BlockInfoCard } from "@/components/ui/block-info-card"
@@ -59,7 +59,7 @@ If you encounter issues with the Slack integration, contact us at [help@sim.ai](
 
 ## Usage Instructions
 
-Integrate Slack into the workflow. Can send, update, and delete messages, create canvases, read messages, and add reactions. Requires Bot Token instead of OAuth in advanced mode. Can be used in trigger mode to trigger a workflow when a message is sent to a channel.
+Integrate Slack into the workflow. Can send, update, and delete messages, send ephemeral messages visible only to a specific user, create canvases, read messages, and add reactions. Requires Bot Token instead of OAuth in advanced mode. Can be used in trigger mode to trigger a workflow when a message is sent to a channel.
 
 
 
@@ -80,6 +80,7 @@ Send messages to Slack channels or direct messages. Supports Slack mrkdwn format
 | `dmUserId` | string | No | Slack user ID for direct messages \(e.g., U1234567890\) |
 | `text` | string | Yes | Message text to send \(supports Slack mrkdwn formatting\) |
 | `threadTs` | string | No | Thread timestamp to reply to \(creates thread reply\) |
+| `blocks` | json | No | Block Kit layout blocks as a JSON array. When provided, text becomes the fallback notification text. |
 | `files` | file[] | No | Files to attach to the message |
 
 #### Output
@@ -146,6 +147,29 @@ Send messages to Slack channels or direct messages. Supports Slack mrkdwn format
 | `fileCount` | number | Number of files uploaded \(when files are attached\) |
 | `files` | file[] | Files attached to the message |
 
+### `slack_ephemeral_message`
+
+Send an ephemeral message visible only to a specific user in a channel. Optionally reply in a thread. The message does not persist across sessions.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `authMethod` | string | No | Authentication method: oauth or bot_token |
+| `botToken` | string | No | Bot token for Custom Bot |
+| `channel` | string | Yes | Slack channel ID \(e.g., C1234567890\) |
+| `user` | string | Yes | User ID who will see the ephemeral message \(e.g., U1234567890\). Must be a member of the channel. |
+| `text` | string | Yes | Message text to send \(supports Slack mrkdwn formatting\) |
+| `threadTs` | string | No | Thread timestamp to reply in. When provided, the ephemeral message appears as a thread reply. |
+| `blocks` | json | No | Block Kit layout blocks as a JSON array. When provided, text becomes the fallback notification text. |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `messageTs` | string | Timestamp of the ephemeral message \(cannot be used with chat.update\) |
+| `channel` | string | Channel ID where the ephemeral message was sent |
+
 ### `slack_canvas`
 
 Create and share Slack canvases in channels. Canvases are collaborative documents within Slack.
@@ -682,6 +706,7 @@ Update a message previously sent by the bot in Slack
 | `channel` | string | Yes | Channel ID where the message was posted \(e.g., C1234567890\) |
 | `timestamp` | string | Yes | Timestamp of the message to update \(e.g., 1405894322.002768\) |
 | `text` | string | Yes | New message text \(supports Slack mrkdwn formatting\) |
+| `blocks` | json | No | Block Kit layout blocks as a JSON array. When provided, text becomes the fallback notification text. |
 
 #### Output
 

apps/sim/app/(auth)/oauth/consent/page.tsx

@@ -0,0 +1,275 @@
+'use client'
+
+import { useCallback, useEffect, useState } from 'react'
+import { ArrowLeftRight } from 'lucide-react'
+import Image from 'next/image'
+import { useRouter, useSearchParams } from 'next/navigation'
+import { Button } from '@/components/emcn'
+import { signOut, useSession } from '@/lib/auth/auth-client'
+import { inter } from '@/app/_styles/fonts/inter/inter'
+import { soehne } from '@/app/_styles/fonts/soehne/soehne'
+import { BrandedButton } from '@/app/(auth)/components/branded-button'
+
+const SCOPE_DESCRIPTIONS: Record<string, string> = {
+  openid: 'Verify your identity',
+  profile: 'Access your basic profile information',
+  email: 'View your email address',
+  offline_access: 'Maintain access when you are not actively using the app',
+  'mcp:tools': 'Use Sim workflows and tools on your behalf',
+} as const
+
+interface ClientInfo {
+  clientId: string
+  name: string
+  icon: string
+}
+
+export default function OAuthConsentPage() {
+  const router = useRouter()
+  const searchParams = useSearchParams()
+  const { data: session } = useSession()
+  const consentCode = searchParams.get('consent_code')
+  const clientId = searchParams.get('client_id')
+  const scope = searchParams.get('scope')
+
+  const [clientInfo, setClientInfo] = useState<ClientInfo | null>(null)
+  const [loading, setLoading] = useState(true)
+  const [submitting, setSubmitting] = useState(false)
+  const [error, setError] = useState<string | null>(null)
+
+  const scopes = scope?.split(' ').filter(Boolean) ?? []
+
+  useEffect(() => {
+    if (!clientId) {
+      setLoading(false)
+      setError('The authorization request is missing a required client identifier.')
+      return
+    }
+
+    fetch(`/api/auth/oauth2/client/${clientId}`, { credentials: 'include' })
+      .then(async (res) => {
+        if (!res.ok) return
+        const data = await res.json()
+        setClientInfo(data)
+      })
+      .catch(() => {})
+      .finally(() => {
+        setLoading(false)
+      })
+  }, [clientId])
+
+  const handleConsent = useCallback(
+    async (accept: boolean) => {
+      if (!consentCode) {
+        setError('The authorization request is missing a required consent code.')
+        return
+      }
+
+      setSubmitting(true)
+      try {
+        const res = await fetch('/api/auth/oauth2/consent', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          credentials: 'include',
+          body: JSON.stringify({ accept, consent_code: consentCode }),
+        })
+
+        if (!res.ok) {
+          const body = await res.json().catch(() => null)
+          setError(
+            (body as Record<string, string> | null)?.message ??
+              'The consent request could not be processed. Please try again.'
+          )
+          setSubmitting(false)
+          return
+        }
+
+        const data = (await res.json()) as { redirectURI?: string }
+        if (data.redirectURI) {
+          window.location.href = data.redirectURI
+        } else {
+          setError('The server did not return a redirect. Please try again.')
+          setSubmitting(false)
+        }
+      } catch {
+        setError('Something went wrong. Please try again.')
+        setSubmitting(false)
+      }
+    },
+    [consentCode]
+  )
+
+  const handleSwitchAccount = useCallback(async () => {
+    if (!consentCode) return
+
+    const res = await fetch(`/api/auth/oauth2/authorize-params?consent_code=${consentCode}`, {
+      credentials: 'include',
+    })
+    if (!res.ok) {
+      setError('Unable to switch accounts. Please re-initiate the connection.')
+      return
+    }
+
+    const params = (await res.json()) as Record<string, string | null>
+    const authorizeUrl = new URL('/api/auth/oauth2/authorize', window.location.origin)
+    for (const [key, value] of Object.entries(params)) {
+      if (value) authorizeUrl.searchParams.set(key, value)
+    }
+
+    await signOut({
+      fetchOptions: {
+        onSuccess: () => {
+          window.location.href = authorizeUrl.toString()
+        },
+      },
+    })
+  }, [consentCode])
+
+  if (loading) {
+    return (
+      <div className='flex flex-col items-center justify-center'>
+        <div className='space-y-1 text-center'>
+          <h1 className={`${soehne.className} font-medium text-[32px] text-black tracking-tight`}>
+            Authorize Application
+          </h1>
+          <p className={`${inter.className} font-[380] text-[16px] text-muted-foreground`}>
+            Loading application details...
+          </p>
+        </div>
+      </div>
+    )
+  }
+
+  if (error) {
+    return (
+      <div className='flex flex-col items-center justify-center'>
+        <div className='space-y-1 text-center'>
+          <h1 className={`${soehne.className} font-medium text-[32px] text-black tracking-tight`}>
+            Authorization Error
+          </h1>
+          <p className={`${inter.className} font-[380] text-[16px] text-muted-foreground`}>
+            {error}
+          </p>
+        </div>
+        <div className={`${inter.className} mt-8 w-full max-w-[410px] space-y-3`}>
+          <BrandedButton onClick={() => router.push('/')}>Return to Home</BrandedButton>
+        </div>
+      </div>
+    )
+  }
+
+  const clientName = clientInfo?.name ?? clientId
+
+  return (
+    <div className='flex flex-col items-center justify-center'>
+      <div className='mb-6 flex items-center gap-4'>
+        {clientInfo?.icon ? (
+          <Image
+            src={clientInfo.icon}
+            alt={clientName ?? 'Application'}
+            width={48}
+            height={48}
+            className='rounded-[10px]'
+            unoptimized
+          />
+        ) : (
+          <div className='flex h-12 w-12 items-center justify-center rounded-[10px] bg-muted font-medium text-[18px] text-muted-foreground'>
+            {(clientName ?? '?').charAt(0).toUpperCase()}
+          </div>
+        )}
+        <ArrowLeftRight className='h-5 w-5 text-muted-foreground' />
+        <Image
+          src='/new/logo/colorized-bg.svg'
+          alt='Sim'
+          width={48}
+          height={48}
+          className='rounded-[10px]'
+        />
+      </div>
+
+      <div className='space-y-1 text-center'>
+        <h1 className={`${soehne.className} font-medium text-[32px] text-black tracking-tight`}>
+          Authorize Application
+        </h1>
+        <p className={`${inter.className} font-[380] text-[16px] text-muted-foreground`}>
+          <span className='font-medium text-foreground'>{clientName}</span> is requesting access to
+          your account
+        </p>
+      </div>
+
+      {session?.user && (
+        <div
+          className={`${inter.className} mt-5 flex items-center gap-3 rounded-lg border px-4 py-3`}
+        >
+          {session.user.image ? (
+            <Image
+              src={session.user.image}
+              alt={session.user.name ?? 'User'}
+              width={32}
+              height={32}
+              className='rounded-full'
+              unoptimized
+            />
+          ) : (
+            <div className='flex h-8 w-8 items-center justify-center rounded-full bg-muted font-medium text-[13px] text-muted-foreground'>
+              {(session.user.name ?? session.user.email ?? '?').charAt(0).toUpperCase()}
+            </div>
+          )}
+          <div className='min-w-0'>
+            {session.user.name && (
+              <p className='truncate font-medium text-[14px]'>{session.user.name}</p>
+            )}
+            <p className='truncate text-[13px] text-muted-foreground'>{session.user.email}</p>
+          </div>
+          <button
+            type='button'
+            onClick={handleSwitchAccount}
+            className='ml-auto text-[13px] text-muted-foreground underline-offset-2 transition-colors hover:text-foreground hover:underline'
+          >
+            Switch
+          </button>
+        </div>
+      )}
+
+      {scopes.length > 0 && (
+        <div className={`${inter.className} mt-5 w-full max-w-[410px]`}>
+          <div className='rounded-lg border p-4'>
+            <p className='mb-3 font-medium text-[14px]'>This will allow the application to:</p>
+            <ul className='space-y-2'>
+              {scopes.map((s) => (
+                <li
+                  key={s}
+                  className='flex items-start gap-2 font-normal text-[13px] text-muted-foreground'
+                >
+                  <span className='mt-0.5 text-green-500'>&#10003;</span>
+                  <span>{SCOPE_DESCRIPTIONS[s] ?? s}</span>
+                </li>
+              ))}
+            </ul>
+          </div>
+        </div>
+      )}
+
+      <div className={`${inter.className} mt-6 flex w-full max-w-[410px] gap-3`}>
+        <Button
+          variant='outline'
+          size='md'
+          className='px-6 py-2'
+          disabled={submitting}
+          onClick={() => handleConsent(false)}
+        >
+          Deny
+        </Button>
+        <BrandedButton
+          fullWidth
+          showArrow={false}
+          loading={submitting}
+          loadingText='Authorizing'
+          onClick={() => handleConsent(true)}
+        >
+          Allow
+        </BrandedButton>
+      </div>
+    </div>
+  )
+}