* Graphql revamp
* Added query params
* Passing hasdatasource to the sanitize functions
* Design fix
* Fix for right side border for key input
* Resolving the comment
* Added pending items for mongo db and mssql
* SSL Bug fix
* Bump version to 3.20.123-lts across all components
---------
Co-authored-by: gsmithun4 <gsmithun4@gmail.com>
* hotfix for converting ssl toggle to boolean
* ssl toggle autofill fix for pgsql
* Fix for enable save button for pgsql
* removed validation for SSH
---------
Co-authored-by: Siddharthpl <siddharthpundir73@gmail.com>
* GUI mode abstraction and GUI mode for postgresql
* CSS Issue and Query response fixes
* GUI mode postgresql and abstracted components enhancement
* Bug fix on delete operation retuns undefined as ouput and big fixes
* Refactor code structure for improved readability and maintainability
* Refactor code structure for improved readability and maintainability
* Bump version to 3.20.117-lts across all components
* PgSQL ssh implementations and other improvements
* Updated the package.json
* Mongo db ssh implementation and improvements
* Updated the helper text and database label
* Updated the helper text for password
* Fixing the autofetch for the mongo
* Fixing autofetch for the pgsql
* Updated the ssl toggle title
* Updated the common toggle logic
* Bump version to 3.20.114-lts across all components
---------
Co-authored-by: gsmithun4 <gsmithun4@gmail.com>
* feat: implement SSRF protection with URL validation across plugins
* refactor SSRF protection to focus on cloud metadata endpoints and improve configuration options
* remove legacy whitelist functionality and streamline SSRF validation process
* enhance SSRF protection by adding configurable blocked schemes and validation checks
* enhance SSRF protection by integrating configurable options across services
* replace dns.lookup with dns.lookup from dns module for improved clarity
* refactor: enhance SSRF protection by merging request options and improving IP format normalization
* Fix: update comments for clarity and enhance IP normalization in SSRF protection
* enhance SSRF protection by validating URL and applying protection options in GraphqlQueryService
* enhance SSRF protection with detailed validation for redirects and URL schemes
* fix(grpcv2): use loadSync for filesystem proto loading to prevent server crash
protobufjs has an unfixed bug (protobufjs/protobuf.js#1098) where
async Root.load() calls resolveAll() outside its try-catch in the
finish() callback. When resolveAll() throws (e.g. unresolvable types),
the error becomes an uncaught exception that crashes the Node.js
process — the Promise never resolves/rejects.
Switch from protoLoader.load() to protoLoader.loadSync() for all
filesystem-based proto loading. With loadSync, resolveAll() errors
propagate as normal synchronous throws caught by existing try-catch
blocks. This is consistent with loadProtoFromRemoteUrl() which
already uses loadSync.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(grpcv2): add filesystem proto discovery with lightweight scanning
Add discoverServiceNames and discoverMethodsForServices to support
two-phase service discovery from filesystem proto files. Uses
protobufjs.parse() for lightweight name scanning (~30KB/file) and
only loads full gRPC definitions for selected services, preventing
OOM on large proto directories.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat(DynamicSelector): add multi-select and autoFetch for grpcv2 filesystem services
Add isMulti and autoFetch props to DynamicSelector. autoFetch triggers
service discovery on mount without requiring a manual button click,
and skips cache persistence to avoid false "Unsaved Changes" prompts.
Multi-select renders services as chips with custom styles.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(data-sources): handle non-array elements in resolveKeyValuePair
resolveKeyValuePair assumed all array option elements are sub-arrays
(like metadata key-value pairs). Options like selected_services contain
plain strings, causing arr.map crash during test connection. Guard with
Array.isArray check and fall back to resolveValue for scalar elements.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(grpcv2): require service selection for filesystem mode in query manager
Filesystem mode without selected services would fall back to full
proto discovery (loading every file), defeating the purpose of the
two-phase discovery. Now shows an error asking the user to select
services in the datasource config instead.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(grpcv2): require selected services for filesystem test connection
Test connection in filesystem mode now validates that at least one
service is selected and uses a selected service for the connectivity
check instead of picking an arbitrary one from the proto directory.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(grpcv2): simplify filesystem test connection to validate proto parsing
Test connection for filesystem mode now just validates that proto files
can be parsed and services discovered — no service selection required.
Removes the meaningless waitForReady check which only tested TCP
connectivity without validating anything about the proto definitions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor(grpcv2): remove filesystem branch from discoverServices
Filesystem mode never flows through discoverServices — it uses the
two-phase discoverServiceNames + discoverMethodsForServices path.
Remove the dead branch and add a comment documenting the filesystem
flow for clarity.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs(grpcv2): add comment documenting test connection behavior per mode
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(grpcv2): add TCP connectivity check for filesystem mode test connection
Filesystem mode now falls through to checkFirstServiceConnection (waitForReady)
like reflection and URL modes, instead of returning early after proto parsing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* cleanup(DynamicForm): remove unused snake_case prop aliases for isMulti and autoFetch
No plugin manifest uses is_multi or auto_fetch — the gRPC v2 manifest
(the only consumer of these props) uses camelCase exclusively, and there
is no transformation layer in the pipeline.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(DynamicSelector): suppress noAccessError flash during loading
The no-access warning and red border briefly flashed on page reload
because validateSelectedValue ran with an empty array before the
fetch completed. Gate both on !isLoading so they only appear after
data is actually loaded.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(DynamicSelector): skip cache validation for autoFetch on unrelated prop changes
When autoFetch is enabled, cache is never persisted to options (to avoid
"Unsaved Changes"). So every time selectedDataSource changes for
unrelated reasons (e.g. title edit), the cache-checking useEffect finds
no cache and calls validateSelectedValue([]), falsely triggering the
no-access warning. Skip this effect for autoFetch since it has its own
dedicated fetch/validation lifecycle.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(grpcv2): remove QueryResult wrapping from plugin invokeMethod returns
grpcv2 plugin methods (discoverServiceNames, discoverMethodsForServices)
were returning QueryResult-wrapped responses which got double-wrapped by
DataSourcesService.invokeMethod, causing GRPCv2Component to crash with
"servicesData.services.map is not a function" when opening filesystem
proto queries.
Plugin invokeMethod now returns raw data (arrays) instead of QueryResult
objects. The server's invokeMethod always wraps with { status: 'ok', data }
consistently. DynamicSelector adds an Array.isArray guard for plugins
that return raw arrays vs { data: [...] }.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(DynamicSelector): skip access validation for autoFetch fields
autoFetch fields (e.g. gRPC services) are discovered from proto files,
not OAuth-scoped resources — "no access" warnings don't apply.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor(grpcv2): unify service discovery into single getServiceDefinitions entry point
Consolidate discoverServices, discoverServiceNames, and discoverMethodsForServices
into two clear methods: listServices (lightweight name scan for DS config) and
getServiceDefinitions (full method discovery for query editor, all modes).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(grpcv2): prevent OOM on filesystem test connection and query fallback
Filesystem test connection no longer parses proto files — just counts
them with fast-glob and checks TCP connectivity via a raw gRPC client.
Query execution fallback after server restart now uses the lightweight
protobufjs.parse() scanner instead of the heavy protoLoader.loadSync()
path. Removes two dead functions (discoverServicesIndividually,
discoverServicesUsingFilesystem).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: update version to 3.20.95-lts across all components
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: gsmithun4 <gsmithun4@gmail.com>
* chore: update bcrypt to version 6.0.0 in package.json
* chore: remove unused devDependencies from package.json
* Refactor code structure for improved readability and maintainability
* Refactor code structure for improved readability and maintainability
* chore: update bcrypt to version 6.0.0 in package.json
* chore: remove unused devDependencies from package.json
* Implement feature X to enhance user experience and optimize performance
* refactor: failsafe gRPC service discovery with file loads
* refactor: search only service names
---------
Co-authored-by: gsmithun4 <gsmithun4@gmail.com>
* MongoDB connection with srv support
* design changes and migration
* changes in design
* fix password field is coming disabled.
* change with save button
* changes in the save button and encrypt
* Changes for mongoDb SRV after Code Review
* migration script
* Changes in the UI
* fixed the db issue in connection
* changes comment removed
* SSl issue resolved
* Review changes made
* editing connection string affects only individual fields
* fixed dataSource Saving in imported apps
* fixed imported apps ds save
---------
Co-authored-by: Pratush <pratush@Pratushs-MacBook-Pro.local>
* Added option to send Sender's Name
* change made to Sender Name
* bump version to 3.20.46-lts in all relevant files
---------
Co-authored-by: Pratush <pratush@Pratushs-MacBook-Pro.local>
Co-authored-by: gsmithun4 <gsmithun4@gmail.com>
* POstgresql query level timeout implementation
* for query without parameters query level timeout has been updated
* Query level timeout at Run Query endpoint
* label for timeout is updated
* Timeout is applied at run query level
* Method name has been modified
* ref updated
* Error message modified
* Abort controller is abstracted
---------
Co-authored-by: gsmithun4 <gsmithun4@gmail.com>
* Add cypress test cases for enterprise user groups and permissions
* update constants
* update user groups test cases
* update spec
* update groups cases
* update lock.json
* update custom group cases
* update docker file
* update first user onboarding and platform commands
* add case for UI promote and release permission
* working on google sheet service account flow
* service account flow logic added
* for service account flow skip the Oauth error flow
* added datamigration to backfill the authentication option for GoogleSheets
* added default credential chain flow
* Bump version to 3.20.5-lts across all components and add tag-and-push script for releases
---------
Co-authored-by: gsmithun4 <gsmithun4@gmail.com>
* refactor: use service descriptor retrieval and pass callOptions
* refactor: remove redundant comments
* refactor: use sdk methods to get appropriate proto definition on reflection
* fix: changes not save immediately
* fix: improve loading state handling in GRPCv2 component
* feat: add filesystem support for loading proto files
* feat: implement fuzzy search and debounce functionality
- Updated `AbilityGuard` to utilize `TransactionLogger` for logging execution time and errors.
- Enhanced `ResponseInterceptor` to include transaction metadata in logs.
- Modified `QueryAuthGuard`, `ValidateQueryAppGuard`, and `ValidateQuerySourceGuard` to log completion times and transaction IDs.
- Introduced `TransactionLogger` service for structured logging with transaction context.
- Added transaction ID and route information to request context in `RequestContextMiddleware`.
- Updated `JwtStrategy` to log validation completion times.
- Refactored logging configuration in `AppModuleLoader` to support pretty printing in non-production environments.
- Removed console logs in favor of structured logging for better traceability.
* ee commit
* merge commit
* feat: updated openapi operation component
* updated query operation sepctype
* fix: updated query dropdown style
* feat: config dropdown update
* feat: add Gmail plugin with API integration and initial setup
* refactor: enhance type definitions
* refactor: clean up code and refactor variable names
* fix: update Gmail OAuth scope to allow full access to Gmail
* feat: standardize error handling for Gmail plugin
* fix: include oauth_type handling in Gmail plugin for cloud environment
* fix: update spec_url for Gmail operations
* refactor: remove unused fields in gmail manifest.json
* fix: update Content-Type header to application/x-www-form-urlencoded for token requests
* feat: add environment variable prefix for Gmail in OAuth handling
* fix: remove encryption requirement for client_id in Gmail manifest
* fix: update Gmail plugin to use form data for token requests and simplify response handling
* fix: add Gmail to OAuth data sources in DataSourceManager
* fix: encode path parameters in Gmail plugin URL construction
* fix: add back margin to Client ID label in CommonOAuthFields component
* fix: adjust width of input field in RenderParameterFields for better alignment
* fix: set response type to 'json' in requestOptions for Gmail service
---------
Co-authored-by: Devanshu Gupta <devanshuguptaknp@gmail.com>
* feat: Add new gRPC v2 plugin
- Enhanced DataSourcesController to support invoking methods on data sources.
- Introduced InvokeDataSourceMethodDto for method invocation requests.
- Added WhitelistPluginGuard to restrict method invocation based on data source kind.
- Updated IDataSourcesController and IDataSourcesService interfaces to include invoke method functionality.
- Implemented invokeMethod in DataSourcesService to handle method calls for gRPC v2.
- Added method whitelisting for gRPC v2 in the service layer.
* refactor: invokeMethod to use method dispatch pattern
* fix: improve error handling in testConnection method
* Apply suggestion from @Copilot
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Apply suggestion from @Copilot
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Apply suggestion from @Copilot
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* refactor: update types and interface
* fix: remove unnecessary border styles for improved UI consistency
* refactor: simplify error handling
- Introduced a new SCSS file for styling the gRPC v2 query editor components.
- Styled request sections, server URL input, dropdown menus, and method buttons for better user experience.
refactor(grpcv2): enhance error handling and type safety
- Updated error handling in gRPC query service to use a new `toError` utility function for consistent error conversion.
- Improved type definitions for gRPC client and service methods to ensure better type safety.
- Refactored method existence validation and gRPC call execution to handle errors more gracefully.
fix(grpcv2): improve service discovery and proto file loading
- Enhanced service discovery logic to handle reflection and proto file clients more robustly.
- Added checks for valid service constructors and improved error messages for better debugging.
- Updated the `loadProtoFromRemoteUrl` function to handle HTTP errors more effectively.
chore(grpcv2): add utility functions for type checks
- Introduced utility functions `isRecord`, `hasProperty`, and `toError` for better type checking and error handling throughout the codebase.
* feat: add LegacyBanner component for gRPC legacy tag display
* fix: styling changes
* fix: correct text in LegacyBanner component
* feat: enhance GRPCv2 component with request handling and state management improvements
* refactor: update metadata handling in GRPCv2 component and service
* refactor: update GRPCv2 component to use raw_message instead of requestData
* fix: Styling issues and labels
* refactor: gRPC test connection checks for proto file and url
* fix: improve error handling in service discovery
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* apiendpoint component used for rendering openapi spec value are persisted
* Fix/stripe old component (#13737)
* fix: integrated old component
* removed log
---------
Co-authored-by: Devanshu Gupta <devanshuguptaknp@gmail.com>
* REST API changes from LTS and new changes
* Fix: Response, Request and Metadata coming out to be undefined on query failure and success inside Inspector
---------
Co-authored-by: devanshu052000 <devanshu.rastogi05@gmail.com>
* Feature: Prometheus plugin (#13161)
* prometheus plugin
* added existing props
* Host and database can be dynamically configured in query builder for PostgreSQL and MySQL data sources (#13163)
* Fix: Postgresql datasource tries to connect via ssl even when ssl toggle is off (#13167)
* The ability to provide a partition key for deleting items in CosmosDB datasource has been enabled (#13166)
* Feature: Ability to configure the database name in Redis datasource (#13165)
* Fix: Avoid setting Content-Type header for requests without body and configure different host for all environments in OpenAPI [PRE-RELEASE] (#13230)
* Send content-type only with body in request
* Persist OpenAPI parameters per operation only
* Configure different host
* Add disable styles to the select input
* Feat: New fields 'client id' and 'client secret' have been introduced in the Slack datasource configuration page in pre-release (#13162)
* Update slack frontend
* Update slack backend to handle custom creds
* Add backfill migrations
* Dynamically change dropdown according to versions
* Change migration file name
* Correctly access scope in chat:write logic
---------
Co-authored-by: Akshay Sasidharan <akshaysasidharan93@gmail.com>
Co-authored-by: Parth <108089718+parthy007@users.noreply.github.com>
Co-authored-by: Akshay <akshaysasidrn@gmail.com>
Fetch the auth code using correct method in request
Get the plugin object correctly for reloading
Fix woocommerce operation rendering
Resolve promise correctly
Pass plugin_id as prop
Resolve plugin saving issue with caching tokens
Add json-message in query correctly
Use auth code once without cache
* API backend setup for fetching decrypted options object
* Frontend setup to use and fetch decrypted options object
* Debounce validation and include encrypted fields
* Update banners and point back to inputs
* Remove ssl config from connection string in postgresql
* Add support for textarea design component
* Improve conditional requirement logic
* Fix validation banner bugs
* Change schema for airtable
* Change schema for bigquery
* Change schema for mongodb
* Change schema for mysql
* Change schema for mssql
* API backend setup for fetching decrypted options object
* Frontend setup to use and fetch decrypted options object
* Debounce validation and include encrypted fields
* Update banners and point back to inputs
* Remove ssl config from connection string in postgresql
* Add support for textarea design component
* Improve conditional requirement logic
* Fix validation banner bugs
* Change schema for airtable
* Change schema for bigquery
* Change schema for mongodb
