The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Apr 12, 2026 11:39pm

PR Summary

Medium Risk
Medium risk because it introduces a new external API integration (CrowdStrike) and changes Trello OAuth + WhatsApp webhook authentication/normalization, which can break auth or webhook ingestion if misconfigured.

Overview
Adds CrowdStrike Identity Protection as a first-class integration: new docs page, icons/mappings, landing-page integration metadata, a new /api/tools/crowdstrike/query route (with Zod validation + response normalization), and three new tools (crowdstrike_query_sensors, crowdstrike_get_sensor_details, crowdstrike_get_sensor_aggregates) wired into the tool registry and a new CrowdStrikeBlock.

Hardens and aligns existing integrations. Trello auth/storage/routes and block params are tightened (canonical scopes, callback handling, stricter request parsing/validation, richer inputs like labelIds/paging, and safer board parsing). Shopify block + tools are updated for list pagination (first), order cancellation semantics (restock required + refundMethod), stricter trimming/validation, and updated GraphQL mutations/typing. WhatsApp webhook handling now verifies x-hub-signature-256, generates idempotency keys for batched payloads, and flattens message/status batches into richer trigger outputs; the send block adds previewUrl and exposes additional response fields.

^{Reviewed by Cursor Bugbot for commit 7aa14ad. Configure here.}

Greptile Summary

This PR adds three CrowdStrike Identity Protection tools (query sensors, get sensor details, get sensor aggregates) along with the corresponding block and docs, and fixes/validates the WhatsApp, Shopify, and Trello integrations. The CrowdStrike route correctly implements the two-step query-then-entities fetch pattern, the WhatsApp webhook provider gains HMAC signature verification and a richer formatInput, and the Shopify block gets cancel-order options and consistent boolean/number parsing using the new parseOptionalBooleanInput/parseOptionalNumberInput utilities in blocks/utils.ts.

Confidence Score: 5/5

Safe to merge — all previously flagged P1 concerns are addressed and the only remaining finding is a P2 style cleanup.

CrowdStrike tools are correctly scoped to identity-protection endpoints and all operations are covered by tests. The WhatsApp, Shopify, and Trello fixes are solid. The single remaining comment is about a redundant payload variable that has no correctness impact.

No files require special attention.

Important Files Changed

Sequence Diagram

sequenceDiagram
    participant UI as Sim Block UI
    participant Route as /api/tools/crowdstrike/query
    participant CS as CrowdStrike API

    UI->>Route: POST {operation, clientId, clientSecret, cloud, filter?, limit?, offset?}
    Route->>CS: POST /oauth2/token (client_credentials)
    CS-->>Route: access_token

    alt crowdstrike_query_sensors
        Route->>CS: GET /identity-protection/queries/devices/v1
        CS-->>Route: {resources: [id1, id2, ...]}
        Route->>CS: POST /identity-protection/entities/devices/GET/v1 {ids}
        CS-->>Route: {resources: [{device objects}]}
        Route-->>UI: {sensors, count, pagination}
    else crowdstrike_get_sensor_details
        Route->>CS: POST /identity-protection/entities/devices/GET/v1 {ids}
        CS-->>Route: {resources: [{device objects}]}
        Route-->>UI: {sensors, count}
    else crowdstrike_get_sensor_aggregates
        Route->>CS: POST /identity-protection/aggregates/devices/GET/v1 {aggregateQuery}
        CS-->>Route: {resources: [{buckets,...}]}
        Route-->>UI: {aggregates, count}
    end

_{Reviews (3): Last reviewed commit: "fix build" | Re-trigger Greptile}

@greptile

bugbot run

@greptile

bugbot run

bugbot run

@greptile