Comparing v0.7.18...v0.7.19 · simstudioai/sim · GitHub
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: simstudioai/sim
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.7.18
Choose a base ref
...
head repository: simstudioai/sim
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v0.7.19
Choose a head ref
  • 4 commits
  • 21 files changed
  • 1 contributor

Commits on Jul 1, 2026

  1. improvement(broadcast): white canvas, LinkedIn footer, hi-res logo (#…

    …5317)
    
    - Drop the #F8F8F8 canvas to a clean white background (body + outer wrapper).
    - Replace Discord with LinkedIn in the footer social row.
    - Swap the low-res header logo for the full-res sim logotype.
    waleedlatif1 authored Jul 1, 2026
    Configuration menu
    Copy the full SHA
    43ed80c View commit details
    Browse the repository at this point in the history
  2. feat(landing): reintroduce /contact page styled like /demo (#5315)

    * feat(landing): reintroduce /contact page styled like /demo
    
    - Restore the /contact page (removed in #5181) with a two-column layout
      mirroring /demo: value prop + trusted-by logos on the left, a message
      form card on the right, on the platform light tokens and chip components
    - Restore the contact contract, /api/contact route (rate-limit, honeypot,
      Turnstile, help-inbox notification + visitor confirmation), now fully
      contract-bound via parseRequest
    - Add a useSubmitContact React Query mutation hook
    - Link Contact from the footer Resources column and add it to the sitemap
    
    * fix(contact): server-authoritative captcha + review fixes
    
    - Make captcha server-authoritative: drop the client-trusted captchaUnavailable
      flag; a valid Turnstile token is the only way past the stricter fallback
      bucket, so callers can't opt out of the challenge
    - Re-execute the Turnstile widget on every submit (incl. after expiry) instead
      of falling into the no-captcha path once the token expires
    - Reset the pre-submit gate on mutation settle so rapid double-clicks can't fire
      a duplicate /api/contact request
    - Map only feature_request to its email type; every other topic resolves to a
      General Inquiry confirmation so support requests aren't labeled bug reports
    - Drop the confirmation-email promise from the success copy (it's best-effort)
    - Collapse the duplicated no-captcha rate-limit branch; hoist shared response
      constants; read the Turnstile site key as a module constant
    
    * fix(contact): drop redundant Turnstile hostname pin
    
    The Turnstile site key is already domain-bound in Cloudflare, so pinning
    expectedHostname to the marketing SITE_URL (www.sim.ai) only rejected valid
    tokens issued on self-hosted, preview, and apex-vs-www hosts. Remove the pin
    and rely on Cloudflare's own domain binding.
    
    * fix(contact): fail closed on the no-captcha rate-limit backstop
    
    checkRateLimitDirect fails open on limiter-storage errors so a limiter outage
    never takes down normal traffic. But the contact route's no-captcha bucket is
    the only throttle on token-less submits, so a fail-open there let uncaptcha'd
    requests reach the email path unthrottled during an outage.
    
    - Add an opt-in { failClosed } option to checkRateLimitDirect; default behavior
      (fail open) is unchanged
    - Use failClosed on the contact no-captcha backstop so an unenforceable limit
      rejects instead of admitting
    - Cover both fail-open and fail-closed paths with tests
    
    * refactor(contact): TSDoc over inline comments
    
    Move the captcha-design rationale into the route handler's TSDoc and drop the
    inline body/JSX comments, per the project's TSDoc-only comment convention.
    waleedlatif1 authored Jul 1, 2026
    Configuration menu
    Copy the full SHA
    af53eda View commit details
    Browse the repository at this point in the history
  3. feat(careers): careers page backed by the Ashby job board (#5316)

    * feat(careers): careers page backed by the Ashby job board
    
    * fix(careers): harden Ashby parsing and filter edge cases from review
    
    - validate jobUrl as http(s) only; drop postings with unsafe URLs
    - validate postings individually so one bad row can't empty the board
    - namespace the all-filter sentinel to avoid colliding with real values
    - dedupe the job metadata line (fixes duplicate React keys / Remote·Remote)
    - parse filters server-side so deep-linked views don't flash unfiltered
    
    * fix(careers): filter-aware empty state; drop inline comments
    
    - JobGroups owns its empty copy via a filtersActive flag, so the server
      fallback and client board render identical, correct empty messaging
      (no-open-roles vs no-matching-filters)
    - convert remaining inline comments to TSDoc
    waleedlatif1 authored Jul 1, 2026
    Configuration menu
    Copy the full SHA
    2393b72 View commit details
    Browse the repository at this point in the history
  4. Configuration menu
    Copy the full SHA
    6e426f8 View commit details
    Browse the repository at this point in the history
Loading