Pull Request Explorer

Summary

Add executionData store for per-execution state

This refactor introduces a dedicated Pinia store to manage execution-specific state, improving modularity and testability of the editor UI. It also adds injection keys and expands test coverage, ensuring reliable state handling across concurrent executions.

Health Assessment

• • The PR had a long cycle time of 172 hours but received a quick initial review, indicating efficient review but extensive rework.
• • Multiple AI-assisted review comments and numerous commits suggest significant refactoring effort and potential integration complexity.

Summary

Bump fast-uri override to 3.1.2

Updates the fast-uri dependency to 3.1.2 to address a missing release in ajv, ensuring compatibility and stability.

Health Assessment

• • Quick dependency bump with AI review, minimal changes, fast merge.

Summary

Track n8n Connect credential toggle in telemetry

Adds a telemetry event when users switch between n8n Connect and their own credentials in the node credential selector, improving usage analytics.

Health Assessment

• • Quick review with no issues, minimal rework, straightforward test addition.

Summary

Preserve AxiosHeaders instance for OpenAI vendor defaults

Fixes header handling in Axios requests to OpenAI, ensuring caller headers are preserved and preventing downstream failures. This backport ensures stable behavior in the 2.21.x release.

Health Assessment

• • Quick review and merge within 2 hours, minimal rework, indicating a straightforward bug fix.

Summary

chore: Improve code health and catalog refs

Improved code health by fixing catalog-violations rule and swapping hardcoded versions to catalog refs, reducing baseline violations from 122 to 82.

Health Assessment

• • The PR had a fast cycle time of 1.7 hours and received a quick review.
• • The changes were thoroughly tested, and the PR includes a detailed description of the changes and their impact.

Summary

Enable cleanup of deprecated release candidate branches

Fixes CI workflow to correctly remove stale release candidate branches, improving repository hygiene and reducing manual cleanup. This ensures automated branch pruning and prevents accumulation of unused branches.

Health Assessment

• • The change was reviewed immediately with no issues, but the overall cycle time was long due to merge scheduling. The PR was straightforward and required minimal rework.

Summary

Migrate sbom attestation workflow to new actions package

Update CI workflow to use the new actions/attest package, eliminating deprecation warnings and ensuring compliance with updated SBOM attestation standards.

Health Assessment

• • Quick merge with minimal changes and AI review, indicating low complexity and high confidence.

Summary

Sanitize workflow during sub-workflow conversion

This fix sanitizes workflows created during sub-workflow conversion, preventing failures caused by missing connections. It ensures reliable workflow execution for users.

Health Assessment

• • The PR was reviewed and approved within 24 hours, with minimal changes and no significant rework, indicating a straightforward bug fix with low risk.

Summary

Add origin-only fallback to MCP OAuth discovery

Restores compatibility for servers that only expose OAuth metadata at the origin, ensuring MCP OAuth credentials can connect even when the server URL includes a path.

Health Assessment

• • Fast review and single commit indicate a straightforward bug fix with minimal risk.

Summary

Skip quality checks on Bot PRs

Reduces noise by skipping quality checks for bot-generated PRs, improving developer workflow.

Health Assessment

• • Fast review and merge with minimal changes, indicating low complexity and risk.

Summary

Add encrypted secureArtifacts slot to IExecutionContext

Adds an optional secureArtifacts slot to the execution context, enabling encrypted storage of trigger values for future use. This change lays the groundwork for secure-trigger functionality without affecting current behavior.

Health Assessment

• • Fast review and minimal rework; the change was straightforward and well-tested, leading to a smooth merge.

Summary

Add observational memory runtime and builder

Enables agents to persist and observe thread memory, improving state management and reducing duplicate work.

Health Assessment

• • Long cycle time and multiple commits after review indicate significant rework; large code changes across many files suggest high risk.

Summary

Update Instance AI evaluator for pinned subnodes and MCP tools

Improves AI evaluation accuracy by adding missing pinned subnodes and enabling all MCP tools, ensuring more reliable automated workflows.

Health Assessment

• • Fast cycle time and single review indicate low friction; minimal code changes reduce risk.

Summary

Add code-health and janitor checks to PR gate

Enables automated static analysis checks for code quality and dependency drift, ensuring PRs meet quality gates before merge.

Health Assessment

• • PR required multiple baseline refreshes and had a long review cycle, indicating complexity in integrating static analysis into CI.

Summary

Fix member role read permissions for insights

Corrects an accidental permission grant, ensuring member role does not have read access to insights, maintaining proper access control.

Health Assessment

• • Quick fix with minimal code change, no security impact, and fast review cycle.

Summary

Preserve AxiosHeaders instance for OpenAI defaults

Ensures HTTP requests to OpenAI retain caller headers, preventing interceptor failures and improving reliability.

Health Assessment

• • Fast turnaround with minimal rework; single review comment; quick merge.

Summary

Expose generated workflow IDs on LangSmith trace root metadata

Adds a deduped array of workflow IDs to the root metadata of Instance AI traces, enabling analytics to filter and aggregate traces by generated workflows without parsing nested tool outputs.

Health Assessment

• • PR merged within 14 hours with a single review and no rework, indicating a straightforward change with minimal risk.

Summary

Add computer-use evaluation harness

Internal tooling for evaluating computer-use feature with deterministic graders and HTML report

Health Assessment

• • Large PR with multiple commits and reviews, may indicate complex changes

Summary

Show friendly message for invalid connection token

Provides clear, actionable error guidance for users when the CLI starts with an expired or invalid token, improving usability and reducing support overhead.

Health Assessment

• • Fast cycle time and minimal rework indicate a straightforward bug fix with quick approval.

Summary

Preserve AxiosHeaders instance for OpenAI vendor defaults

Ensures OpenAI requests retain caller headers, preventing downstream failures. Backported to stabilize release candidate 2.19.x.

Health Assessment

• • Rapid review and merge with minimal changes indicates low complexity.

Summary

Revert to original CODEOWNERS mapping

Restores the original ownership configuration to resolve issues caused by recent changes, ensuring correct team assignments.

Health Assessment

• • Quick revert with minimal changes, AI review flagged issues, resolved promptly.

Summary

Improve MCP tools connection UX

Enhances user experience by simplifying connection prompts for dedicated MCP tools, removing redundant text and options.

Health Assessment

• • Quick review and minimal changes led to a smooth merge, improving the connection experience for users of dedicated MCP tools.

Summary

Add redaction enforcement feature-flag helpers

Provides typed helpers for a new environment feature flag to gate data redaction enforcement, enabling downstream tickets to use a single import and ensuring typo‑safe flag usage.

Health Assessment

• • Fast review and merge with no rework; minimal code changes focused on infrastructure helpers.

Summary

Scaffold inbound-secrets module

Adds an empty backend module for inbound secrets, registered but gated by a feature flag, with no runtime changes for users.

Health Assessment

• • Fast AI‑assisted review, minimal changes, no runtime impact, low risk.

Summary

Refactor insights pagination for performance

Optimizes database queries for insights, reducing load times and improving user analytics.

Health Assessment

• • Fast review with minimal changes indicates a low‑risk refactor.

Summary

Disable Agent editing UI for users without update permission

Provides a read‑only UI for agents when users lack the agent:update scope, preventing 403 errors and improving user experience.

Health Assessment

• • PR completed in under a day with a single review and minimal comments, indicating a straightforward implementation backed by comprehensive tests.

Summary

Move node guidance to per-node @builderHint

Centralizes node guidance into node definitions, cutting prompt size and improving maintainability.

Health Assessment

• • The PR involved extensive refactoring of node guidance, leading to a slow review cycle and multiple review rounds, but no post-review commits, indicating a thorough final approval.

Summary

Enable Daytona sandbox in Instance AI evals

Adds Daytona sandbox support to Instance AI evaluation CI, enabling sandbox mode in production for tests, adding mock credentials helper, and tightening log capture.

Health Assessment

• • PR involved extensive CI and backend changes, required multiple iterations and AI assistance, but was eventually approved after addressing review comments.

Summary

Add update_partial_workflow MCP tool

Introduces a lightweight partial workflow update tool that reduces token usage and improves performance for MCP agents, enabling efficient, atomic edits without full workflow rewrites.

Health Assessment

• • The PR had a long cycle time (~7 days) with multiple review rounds and a large code change, indicating significant review friction but ultimately delivered a high‑impact feature.

Summary

Preserve AxiosHeaders instance for OpenAI vendor defaults

Fixes a header handling bug in the OpenAI integration, ensuring AxiosHeaders instances are preserved so request interceptors work correctly and downstream requests succeed.

Health Assessment

• • The PR had a long overall cycle due to multiple master merges, but the review was quick and the fix required minimal rework, indicating a low‑risk, straightforward bug fix.

Summary

Set document title on agent pages

Fixes page title and updates empty agents page, improving user experience.

Health Assessment

• • Quick fix with single review, minimal changes, low risk

Summary

Release 2.21.0

This release delivers a wide range of bug fixes and feature enhancements, improving stability, security, and user experience across the platform.

Health Assessment

• • Fast merge with minimal review, indicating a straightforward release update.

Summary

Resolve global credentials for agents

Fixes agent credential resolution by switching to ID‑based references and enabling globally shared credentials, improving security and consistency across the platform.

Health Assessment

• • The PR was reviewed and merged within 19 hours, with AI assistance quickly identifying issues, resulting in a smooth, low‑friction process.

Summary

Add artifact prefix to e2e runs

Prevents artifact naming clashes in CI, ensuring reliable e2e test runs.

Health Assessment

• • Quick fix with minimal changes, AI review confirmed no issues.

Summary

Add setNodeParameter operation to workflow updates

Introduces a new operation that sets a single nested parameter via JSON Pointer, improving efficiency and safety for workflow updates.

Health Assessment

• • PR merged after 86 hours with a single review cycle, indicating moderate review friction but no major back‑and‑forth. The addition of a new operation adds significant code and tests, yet the process remained straightforward.

Summary

Enrich agent execution telemetry

Adds telemetry metadata for AI Agent node executions, surfaces LLM token/cost data on LLM node spans, and improves error recording on workflow/node spans.

Health Assessment

• • The PR underwent a single review with three issues, requiring eight subsequent commits to address feedback, indicating moderate review friction. The large code change (~1,200 lines) suggests significant impact on telemetry and observability, but the single review cycle and moderate iteration count keep risk at medium.

Summary

Add proactive starter experiment to Instance AI

Provides a low‑friction first‑screen experience for new users by showing a synthetic assistant message, guiding them toward creating workflows.

Health Assessment

• • Quick turnaround with a single review and minimal rework indicates a well‑scoped, low‑risk feature addition.

Summary

Add webhook request verification

Adds optional HMAC‑SHA512 verification of incoming webhook requests in the Onfleet Trigger node, improving security while preserving existing workflows.

Health Assessment

• • The PR required over 12 days to merge, but only one review was needed, indicating a lengthy review cycle but straightforward implementation.

Summary

Add webhook request verification to Acuity Scheduling Trigger node

Enables secure webhook handling by validating incoming requests with HMAC SHA-256, reducing risk of unauthorized triggers and ensuring data integrity for users.

Health Assessment

• • The PR took over two weeks to merge, but had minimal review iterations and no major blockers, indicating a straightforward implementation with thorough testing.

Summary

Add webhook request verification

Adds verification of the X-Hook-Signature header for Asana webhook requests, rejecting tampered requests with 401 Unauthorized while preserving backward compatibility with existing workflows.

Health Assessment

• • The PR required 14 days to merge but had a quick review and no rework, indicating a stable change with minimal risk.

Summary

Fix 15 security issues in dependencies

This PR updates several Node.js packages to patch 15 CVEs, strengthening the platform’s security posture.

Health Assessment

• • Security-critical dependency updates were merged quickly with no rework, demonstrating efficient handling of vulnerability patches.

Summary

Fix 16 security issues in dependencies

Upgrade dependencies to resolve XML injection, path traversal, and URI normalization bypass vulnerabilities.

Health Assessment

• • Quick review and merge, low risk due to dependency upgrades

Summary

Add LangSmith OTel telemetry to agent builder

Enables optional LangSmith tracing for the agent builder, improving observability without runtime cost when disabled.

Health Assessment

• • Fast cycle time and minimal review comments indicate smooth integration; multiple commits after review suggest iterative refinement to address AI‑reviewed issues.

Summary

Defer credential setup during workflow builds

This PR defers credential resolution until after workflow build/verification, improving build safety and reducing errors.

Health Assessment

• • The PR was merged quickly with minimal review, indicating confidence in the changes, but the large code churn suggests significant refactoring of credential handling logic.

Summary

Fix agent workflow user ID handling

Ensures agents invoked from workflows have correct user context, preventing execution errors in production triggers.

Health Assessment

• • Quick fix with minimal changes and AI review, merged within 2 hours.

Summary

Gate agent node tools behind module

Prevents agents from enabling node tools when the supporting module is disabled, improving validation and system integrity.

Health Assessment

• • Quick review and single commit indicate a straightforward fix with minimal friction.

Summary

Restore Git Clone on simple-git 3.36+

Fixes Git node operations by enabling unsafe hooks path, restoring functionality for Cloud and self-hosted instances.

Health Assessment

• • Quick fix with minimal changes and a single review, indicating low complexity and high confidence.

Summary

Sync quarantine list and add instance-ai tests

Updates test quarantine list to reflect current failures and adds new instance-ai tests to improve CI reliability.

Health Assessment

• • Quick update with minimal changes, fast review and merge, no blockers.

Summary

Prevent proxy layer accumulation in ObservableObject

Fixes a stack overflow bug caused by repeated proxy wrapping in ObservableObject, improving stability for trigger executions.

Health Assessment

• • Long review time due to a single comment, but minimal code changes and no critical impact, resulting in low risk.

Summary

Move Instance AI runtime coverage

Separates runtime tests from store tests to keep store tests focused on instance-level behavior, improving test clarity and maintainability.

Health Assessment

• • Fast cycle time of 1.4 hours, single review with no issues, minimal changes, indicating low risk and high confidence.