v0.7.19: newsletter, contact, careers#5318
Conversation
waleedlatif1
commented
Jul 1, 2026
- improvement(broadcast): white canvas, LinkedIn footer, hi-res logo (improvement(broadcast): white canvas, LinkedIn footer, hi-res logo #5317)
- feat(landing): reintroduce /contact page styled like /demo (feat(landing): reintroduce /contact page styled like /demo #5315)
- feat(careers): careers page backed by the Ashby job board (feat(careers): careers page backed by the Ashby job board #5316)
…5317) - Drop the #F8F8F8 canvas to a clean white background (body + outer wrapper). - Replace Discord with LinkedIn in the footer social row. - Swap the low-res header logo for the full-res sim logotype.
* feat(landing): reintroduce /contact page styled like /demo - Restore the /contact page (removed in #5181) with a two-column layout mirroring /demo: value prop + trusted-by logos on the left, a message form card on the right, on the platform light tokens and chip components - Restore the contact contract, /api/contact route (rate-limit, honeypot, Turnstile, help-inbox notification + visitor confirmation), now fully contract-bound via parseRequest - Add a useSubmitContact React Query mutation hook - Link Contact from the footer Resources column and add it to the sitemap * fix(contact): server-authoritative captcha + review fixes - Make captcha server-authoritative: drop the client-trusted captchaUnavailable flag; a valid Turnstile token is the only way past the stricter fallback bucket, so callers can't opt out of the challenge - Re-execute the Turnstile widget on every submit (incl. after expiry) instead of falling into the no-captcha path once the token expires - Reset the pre-submit gate on mutation settle so rapid double-clicks can't fire a duplicate /api/contact request - Map only feature_request to its email type; every other topic resolves to a General Inquiry confirmation so support requests aren't labeled bug reports - Drop the confirmation-email promise from the success copy (it's best-effort) - Collapse the duplicated no-captcha rate-limit branch; hoist shared response constants; read the Turnstile site key as a module constant * fix(contact): drop redundant Turnstile hostname pin The Turnstile site key is already domain-bound in Cloudflare, so pinning expectedHostname to the marketing SITE_URL (www.sim.ai) only rejected valid tokens issued on self-hosted, preview, and apex-vs-www hosts. Remove the pin and rely on Cloudflare's own domain binding. * fix(contact): fail closed on the no-captcha rate-limit backstop checkRateLimitDirect fails open on limiter-storage errors so a limiter outage never takes down normal traffic. But the contact route's no-captcha bucket is the only throttle on token-less submits, so a fail-open there let uncaptcha'd requests reach the email path unthrottled during an outage. - Add an opt-in { failClosed } option to checkRateLimitDirect; default behavior (fail open) is unchanged - Use failClosed on the contact no-captcha backstop so an unenforceable limit rejects instead of admitting - Cover both fail-open and fail-closed paths with tests * refactor(contact): TSDoc over inline comments Move the captcha-design rationale into the route handler's TSDoc and drop the inline body/JSX comments, per the project's TSDoc-only comment convention.
* feat(careers): careers page backed by the Ashby job board * fix(careers): harden Ashby parsing and filter edge cases from review - validate jobUrl as http(s) only; drop postings with unsafe URLs - validate postings individually so one bad row can't empty the board - namespace the all-filter sentinel to avoid colliding with real values - dedupe the job metadata line (fixes duplicate React keys / Remote·Remote) - parse filters server-side so deep-linked views don't flash unfiltered * fix(careers): filter-aware empty state; drop inline comments - JobGroups owns its empty copy via a filtersActive flag, so the server fallback and client board render identical, correct empty messaging (no-open-roles vs no-matching-filters) - convert remaining inline comments to TSDoc
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
PR SummaryMedium Risk Overview Careers loads open roles from Ashby’s public API ( Contact mirrors the demo layout: chip form, client validation via shared Zod contract, invisible Turnstile, honeypot, and The July broadcast email template switches to a white canvas and replaces the footer Discord link with LinkedIn. Reviewed by Cursor Bugbot for commit 2393b72. Configure here. |
Greptile SummaryThis PR adds new public landing surfaces and updates the newsletter. The main changes are:
Confidence Score: 5/5This looks safe to merge after checking the optional Ashby row-handling cleanup.
apps/sim/lib/ashby/jobs.ts Important Files Changed
|