The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Apr 5, 2026 6:17pm

PR Summary

Medium Risk
Broad, cross-cutting refactor touching many API routes and ID/token generation paths; while intended to be behavior-preserving, any mismatch in ID format/uniqueness or missing import could impact persistence, locking, or auth flows.

Overview
Standardizes ID creation across the codebase by introducing @/lib/core/utils/uuid (generateId, generateShortId, isValidUuid) to avoid crypto.randomUUID() secure-context crashes and replace direct usage of uuid/nanoid.

Updates a large set of API routes to use the new helpers for record IDs, request IDs, tokens, lock values, and message/run/execution IDs, and adjusts tests/mocks plus developer guidelines (AGENTS.md, CLAUDE.md, and editor rules) to enforce the new convention.

^{Reviewed by Cursor Bugbot for commit 7be21d2. Configure here.}

@greptile

@cursor review

Greptile Summary

This PR consolidates all ID generation to a central @/lib/core/utils/uuid module, replacing crypto.randomUUID(), nanoid, and the uuid package across ~320 files. The core motivation — crypto.randomUUID() is unavailable in non-secure (HTTP) browser contexts, causing white-screen crashes on self-hosted deployments — is correctly addressed by the new generateId() utility, which falls back to crypto.getRandomValues() (universally available).

Key changes:

• New generateId() (UUID v4, secure-context-safe), generateShortId() (nanoid replacement, 64-char alphabet, & 63 mask — correct), and isValidUuid() (replaces uuid.validate) in apps/sim/lib/core/utils/uuid.ts
• Mass migration of all call sites to use the new utilities via absolute imports
• nanoid removed from apps/sim/package.json and packages/testing/package.json
• Browser polyfill script removed from layout.tsx
• packages/testing/src/mocks/uuid.mock.ts emptied to a comment (deprecated vi.doMock-based helpers removed), directing tests to use vi.hoisted() + vi.mock() directly
• Test files updated to mock @/lib/core/utils/uuid using the correct pattern

Issue found: The uuid package (^11.1.0) is still declared as a production dependency in apps/sim/package.json (line 193) even though no file imports from it after this change — an incomplete cleanup alongside the nanoid removal.

Confidence Score: 4/5

PR is safe to merge with one cleanup item: the orphaned uuid dependency in package.json should be removed before merging.

The core fix is correct and well-implemented. The UUID v4 fallback logic is mathematically sound, the nanoid-compatible alphabet is exact, and test mocks follow project conventions. One P1 remains: the uuid package is still declared as a production dependency despite having zero consumers — a straightforward line deletion that prevents dead dependency bloat.

apps/sim/package.json line 193 — remove the orphaned uuid dependency.

Important Files Changed

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["ID generation call site"] --> B{"generateId() or generateShortId()"}
    B --> C["apps/sim/lib/core/utils/uuid.ts"]
    C --> D{"crypto.randomUUID\navailable?"}
    D -->|"Yes (HTTPS or\nNode.js 20+)"| E["crypto.randomUUID()\n→ UUID v4"]
    D -->|"No (HTTP browser,\nnon-secure context)"| F["crypto.getRandomValues()\n→ manual UUID v4"]
    C --> G{"generateShortId()"}
    G --> H["crypto.getRandomValues()\n→ 64-char alphabet"]
    E --> I["UUID string"]
    F --> I
    H --> J["Short URL-safe ID"]
    style C fill:#4ade80,stroke:#16a34a
    style D fill:#fbbf24,stroke:#d97706

_{Reviews (2): Last reviewed commit: "fix(core): remove deprecated uuid mock h..." | Re-trigger Greptile}

@greptile

@cursor review