Merge branch 'master' into fix/app-business-reviews-sdk-v2

Author: Shubhank-Jonnada

.env.example

@@ -66,3 +66,7 @@
 # -- Gong --
 # GONG_ACCESS_KEY=
 # GONG_ACCESS_KEY_SECRET=
+# -- Supadata --
+# SUPADATA_API_KEY=
+# -- LinkedIn --
+# LINKEDIN_ACCESS_TOKEN=

.github/workflows/validate-integration-comment.yml

@@ -0,0 +1,109 @@
+name: Validate Integration Comment
+
+# Posts the validation-results comment to the PR.
+#
+# Why a separate workflow?
+# ------------------------
+# When a pull request is opened from a fork, GitHub deliberately downgrades
+# the GITHUB_TOKEN provided to `pull_request`-triggered workflows to
+# read-only — even if the workflow declares `permissions: pull-requests:
+# write`. That means the validation workflow can't post a sticky comment
+# directly on fork PRs.
+#
+# This companion workflow runs on `workflow_run` (which executes in the
+# base repository's context with normal token permissions) and posts the
+# comment using the artifact uploaded by validate-integration.yml.
+#
+# See: https://docs.github.com/actions/security-guides/automatic-token-authentication
+
+on:
+  workflow_run:
+    workflows: ['Validate Integration (Tooling)']
+    types: [completed]
+
+jobs:
+  comment:
+    runs-on: ubuntu-latest
+    if: github.event.workflow_run.event == 'pull_request'
+    permissions:
+      pull-requests: write
+      actions: read
+    steps:
+      - name: Resolve PR number
+        id: pr
+        shell: bash
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          REPO: ${{ github.repository }}
+          HEAD_SHA: ${{ github.event.workflow_run.head_sha }}
+          # workflow_run.pull_requests is populated for same-repo PRs but
+          # is empty for fork PRs (the head SHA is in a different repo).
+          INLINE_PR: ${{ github.event.workflow_run.pull_requests[0].number }}
+          # head_repository / head_branch are populated for both same-repo
+          # and fork PRs and come from the workflow_run event payload, so
+          # they're trustworthy (not influenceable by runner code).
+          HEAD_REPO: ${{ github.event.workflow_run.head_repository.full_name }}
+          HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }}
+        run: |
+          set -euo pipefail
+          # All inputs below come from the workflow_run event payload —
+          # they cannot be influenced by code that ran on the original
+          # runner. Never read the PR number from the artifact: the
+          # validation job executes fork-controlled code (pytest,
+          # imported integration modules), so any file it produces must
+          # be treated as untrusted.
+          PR="$INLINE_PR"
+          if [ -z "$PR" ] || [ "$PR" = "null" ]; then
+            # Fork PR: pull_requests array is empty (the head SHA lives
+            # in a different repo, and /commits/{sha}/pulls doesn't
+            # index fork commits). Look up the open PR by its head
+            # (user:branch) — this pair uniquely identifies an open PR
+            # in this repo.
+            HEAD_USER="${HEAD_REPO%%/*}"
+            PR=$(gh api "repos/$REPO/pulls?state=open&head=$HEAD_USER:$HEAD_BRANCH&per_page=10" \
+                  --jq ".[] | select(.head.repo.full_name == \"$HEAD_REPO\" and .head.ref == \"$HEAD_BRANCH\") | .number" \
+                  | head -1)
+          fi
+          if [ -z "$PR" ]; then
+            echo "::error::Could not resolve PR for $HEAD_REPO:$HEAD_BRANCH (head SHA $HEAD_SHA)"
+            exit 1
+          fi
+          echo "number=$PR" >> "$GITHUB_OUTPUT"
+
+      - name: Download comment artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: validation-comment
+          run-id: ${{ github.event.workflow_run.id }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          path: validation-artifact
+
+      - name: Determine action
+        id: meta
+        shell: bash
+        run: |
+          set -euo pipefail
+          if [ -f validation-artifact/delete.marker ]; then
+            echo "action=delete" >> "$GITHUB_OUTPUT"
+          elif [ -f validation-artifact/comment.md ]; then
+            echo "action=post" >> "$GITHUB_OUTPUT"
+          else
+            echo "::error::Artifact missing both comment.md and delete.marker"
+            exit 1
+          fi
+
+      - name: Delete stale comment
+        if: steps.meta.outputs.action == 'delete'
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          number: ${{ steps.pr.outputs.number }}
+          header: validation-results
+          delete: true
+
+      - name: Post sticky comment
+        if: steps.meta.outputs.action == 'post'
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          number: ${{ steps.pr.outputs.number }}
+          header: validation-results
+          path: validation-artifact/comment.md

.github/workflows/validate-integration.yml

@@ -10,14 +10,53 @@ jobs:
     name: Validate Integration
     permissions:
       contents: read
-      pull-requests: write
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Validate
+        id: validate
         uses: autohive-ai/autohive-integrations-tooling@v2
         with:
           base_ref: origin/${{ github.base_ref }}
+          # Don't post directly: pull_request workflows triggered from forks
+          # run with a read-only GITHUB_TOKEN, so the comment would 403 and
+          # the job would go red even when validation passed. Instead we
+          # upload the rendered comment as an artifact and let
+          # validate-integration-comment.yml post it from base-repo context.
+          post_comment: 'false'
+
+      - name: Stage comment artifact
+        if: always()
+        shell: bash
+        env:
+          COMMENT_PATH: ${{ steps.validate.outputs.comment_path }}
+        run: |
+          set -euo pipefail
+          mkdir -p validation-artifact
+          # Note: the PR number is intentionally NOT written to the artifact.
+          # This step runs after the validation pipeline has executed fork
+          # tests / fork-imported code on the runner, so anything written
+          # here must be considered untrusted by the companion workflow.
+          # The companion derives the target PR from the trusted
+          # workflow_run event payload (and a GitHub API lookup as the
+          # fork-PR fallback) instead of trusting an artifact value.
+          if [ -n "$COMMENT_PATH" ] && [ -f "$COMMENT_PATH" ]; then
+            cp "$COMMENT_PATH" validation-artifact/comment.md
+          else
+            # No integration directories changed (or the action bailed out
+            # before rendering). Tell the companion workflow to clear any
+            # stale comment instead of posting a new one.
+            : > validation-artifact/delete.marker
+          fi
+
+      - name: Upload comment artifact
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: validation-comment
+          path: validation-artifact/
+          if-no-files-found: error
+          retention-days: 1

README.md

@@ -77,7 +77,7 @@ Supports basic HTTP authentication and Bearer token authentication via the SDK.
 
 ### ElevenLabs
 
-[elevenlabs](elevenlabs): Text-to-speech integration with ElevenLabs API for voice generation and audio management. Supports converting text to realistic speech with customizable voice settings, browsing and filtering available voices by category and use case, accessing voice metadata and settings, tracking generation history, downloading previously generated audio files, and monitoring subscription usage and credits. Features 7 actions (1 paid, 6 free), API key authentication, multiple output formats (MP3, PCM), voice customization controls (stability, similarity, style), and base64-encoded audio file outputs. Includes 20 premade professional voices with various accents. Ideal for content creation, audiobook narration, voiceovers, and automated audio generation workflows.
+[elevenlabs](elevenlabs): Text-to-speech and speech-to-text integration with ElevenLabs API for voice generation, audio transcription, and audio management. Supports converting text to realistic speech with customizable voice settings, transcribing audio/video files using ElevenLabs Scribe with word-level timestamps and speaker diarization, browsing voices, managing transcripts, and monitoring subscription usage. Features 10 actions (1 paid, 9 free) covering text-to-speech, speech-to-text, voice management, history, and account. Uses API key authentication. Ideal for content creation, audiobook narration, voiceovers, meeting transcription, and automated audio/transcription workflows.
 
 ### Fergus
 

doc-maker/config.json

@@ -1,6 +1,6 @@
 {
     "name": "Doc Maker",
-    "version": "1.0.0",
+    "version": "2.0.0",
     "description": "Word document automation integration using python-docx with markdown-first content creation. AI agents should use markdown syntax for most content creation - headings (#), paragraphs, lists (- or 1.), formatting (**bold**, *italic*), tables, blockquotes (>), and code blocks. Only use non-markdown actions for images, page breaks, or when you need direct table creation with structured data arrays.",
     "entry_point": "doc_maker.py",
     "actions": {
@@ -92,10 +92,6 @@
                             "name",
                             "contentType"
                         ]
-                    },
-                    "error": {
-                        "type": "string",
-                        "description": "Error message if file streaming failed"
                     }
                 },
                 "required": [
@@ -195,10 +191,6 @@
                             "name",
                             "contentType"
                         ]
-                    },
-                    "error": {
-                        "type": "string",
-                        "description": "Error message if file streaming failed"
                     }
                 },
                 "required": [
@@ -311,10 +303,6 @@
                             "name",
                             "contentType"
                         ]
-                    },
-                    "error": {
-                        "type": "string",
-                        "description": "Error message if file streaming failed"
                     }
                 },
                 "required": [
@@ -413,10 +401,6 @@
                             "name",
                             "contentType"
                         ]
-                    },
-                    "error": {
-                        "type": "string",
-                        "description": "Error message if file streaming failed"
                     }
                 },
                 "required": [
@@ -502,10 +486,6 @@
                             "name",
                             "contentType"
                         ]
-                    },
-                    "error": {
-                        "type": "string",
-                        "description": "Error message if file streaming failed"
                     }
                 },
                 "required": [
@@ -1117,10 +1097,6 @@
                             "name",
                             "contentType"
                         ]
-                    },
-                    "error": {
-                        "type": "string",
-                        "description": "Error message if save failed"
                     }
                 },
                 "required": [