From 5dc8a69a0be906f8f4b6e92e808ae54492636e54 Mon Sep 17 00:00:00 2001
From: Vikhyath Mondreti <vikhyath@simstudio.ai>
Date: Fri, 30 Jan 2026 10:02:04 -0800
Subject: [PATCH 1/5] improvement(docker): add internal api secret to docker
 compose

---
 docker-compose.local.yml | 2 ++
 docker-compose.prod.yml  | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/docker-compose.local.yml b/docker-compose.local.yml
index a2f768c301..ed82a2c97c 100644
--- a/docker-compose.local.yml
+++ b/docker-compose.local.yml
@@ -16,6 +16,7 @@ services:
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
       - ENCRYPTION_KEY=${ENCRYPTION_KEY:-your_encryption_key_here}
+      - INTERNAL_API_SECRET=${INTERNAL_API_SECRET:-dev-internal-api-secret-min-32-chars}
       - COPILOT_API_KEY=${COPILOT_API_KEY}
       - SIM_AGENT_API_URL=${SIM_AGENT_API_URL}
       - OLLAMA_URL=${OLLAMA_URL:-http://localhost:11434}
@@ -43,6 +44,7 @@ services:
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - BETTER_AUTH_URL=${BETTER_AUTH_URL:-http://localhost:3000}
       - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
+      - INTERNAL_API_SECRET=${INTERNAL_API_SECRET:-dev-internal-api-secret-min-32-chars}
     depends_on:
       db:
         condition: service_healthy
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index 74bdd67f8c..ba6b91269e 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -15,6 +15,7 @@ services:
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
       - ENCRYPTION_KEY=${ENCRYPTION_KEY:-your_encryption_key_here}
+      - INTERNAL_API_SECRET=${INTERNAL_API_SECRET}
       - COPILOT_API_KEY=${COPILOT_API_KEY}
       - SIM_AGENT_API_URL=${SIM_AGENT_API_URL}
       - OLLAMA_URL=${OLLAMA_URL:-http://localhost:11434}
@@ -48,6 +49,7 @@ services:
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - BETTER_AUTH_URL=${BETTER_AUTH_URL:-http://localhost:3000}
       - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
+      - INTERNAL_API_SECRET=${INTERNAL_API_SECRET}
     depends_on:
       db:
         condition: service_healthy

From d8839d3e971fc81914da62ae127ad7cb5acf8243 Mon Sep 17 00:00:00 2001
From: Vikhyath Mondreti <vikhyath@simstudio.ai>
Date: Fri, 30 Jan 2026 10:38:28 -0800
Subject: [PATCH 2/5] remove dead code

---
 .../workspace/providers/socket-provider.tsx   | 22 -----------------
 apps/sim/socket/rooms/memory-manager.ts       | 23 ------------------
 apps/sim/socket/rooms/redis-manager.ts        | 24 -------------------
 apps/sim/socket/rooms/types.ts                |  5 ----
 apps/sim/socket/routes/http.ts                | 14 -----------
 5 files changed, 88 deletions(-)

diff --git a/apps/sim/app/workspace/providers/socket-provider.tsx b/apps/sim/app/workspace/providers/socket-provider.tsx
index a637fa1b2b..a8442003bc 100644
--- a/apps/sim/app/workspace/providers/socket-provider.tsx
+++ b/apps/sim/app/workspace/providers/socket-provider.tsx
@@ -430,28 +430,6 @@ export function SocketProvider({ children, user }: SocketProviderProps) {
           return true
         }
 
-        socketInstance.on('copilot-workflow-edit', async (data) => {
-          logger.info(
-            `Copilot edited workflow ${data.workflowId} - rehydrating stores from database`
-          )
-
-          try {
-            const response = await fetch(`/api/workflows/${data.workflowId}`)
-            if (response.ok) {
-              const responseData = await response.json()
-              const workflowData = responseData.data
-
-              if (workflowData?.state) {
-                await rehydrateWorkflowStores(data.workflowId, workflowData.state, 'copilot')
-              }
-            } else {
-              logger.error('Failed to fetch fresh workflow state:', response.statusText)
-            }
-          } catch (error) {
-            logger.error('Failed to rehydrate stores after copilot edit:', error)
-          }
-        })
-
         socketInstance.on('operation-confirmed', (data) => {
           logger.debug('Operation confirmed', { operationId: data.operationId })
           eventHandlers.current.operationConfirmed?.(data)
diff --git a/apps/sim/socket/rooms/memory-manager.ts b/apps/sim/socket/rooms/memory-manager.ts
index 0aaf253bfc..4633bc775c 100644
--- a/apps/sim/socket/rooms/memory-manager.ts
+++ b/apps/sim/socket/rooms/memory-manager.ts
@@ -234,27 +234,4 @@ export class MemoryRoomManager implements IRoomManager {
 
     logger.info(`Notified ${room.users.size} users about workflow update: ${workflowId}`)
   }
-
-  async handleCopilotWorkflowEdit(workflowId: string, description?: string): Promise<void> {
-    logger.info(`Handling copilot workflow edit notification for ${workflowId}`)
-
-    const room = this.workflowRooms.get(workflowId)
-    if (!room) {
-      logger.debug(`No active room found for copilot workflow edit ${workflowId}`)
-      return
-    }
-
-    const timestamp = Date.now()
-
-    this._io.to(workflowId).emit('copilot-workflow-edit', {
-      workflowId,
-      description,
-      message: 'Copilot has edited the workflow - rehydrating from database',
-      timestamp,
-    })
-
-    room.lastModified = timestamp
-
-    logger.info(`Notified ${room.users.size} users about copilot workflow edit: ${workflowId}`)
-  }
 }
diff --git a/apps/sim/socket/rooms/redis-manager.ts b/apps/sim/socket/rooms/redis-manager.ts
index 51b22819b0..38dde216f3 100644
--- a/apps/sim/socket/rooms/redis-manager.ts
+++ b/apps/sim/socket/rooms/redis-manager.ts
@@ -407,28 +407,4 @@ export class RedisRoomManager implements IRoomManager {
     const userCount = await this.getUniqueUserCount(workflowId)
     logger.info(`Notified ${userCount} users about workflow update: ${workflowId}`)
   }
-
-  async handleCopilotWorkflowEdit(workflowId: string, description?: string): Promise<void> {
-    logger.info(`Handling copilot workflow edit notification for ${workflowId}`)
-
-    const hasRoom = await this.hasWorkflowRoom(workflowId)
-    if (!hasRoom) {
-      logger.debug(`No active room found for copilot workflow edit ${workflowId}`)
-      return
-    }
-
-    const timestamp = Date.now()
-
-    this._io.to(workflowId).emit('copilot-workflow-edit', {
-      workflowId,
-      description,
-      message: 'Copilot has edited the workflow - rehydrating from database',
-      timestamp,
-    })
-
-    await this.updateRoomLastModified(workflowId)
-
-    const userCount = await this.getUniqueUserCount(workflowId)
-    logger.info(`Notified ${userCount} users about copilot workflow edit: ${workflowId}`)
-  }
 }
diff --git a/apps/sim/socket/rooms/types.ts b/apps/sim/socket/rooms/types.ts
index 6a5edb5e66..4e3fc56b9e 100644
--- a/apps/sim/socket/rooms/types.ts
+++ b/apps/sim/socket/rooms/types.ts
@@ -132,9 +132,4 @@ export interface IRoomManager {
    * Handle workflow update - notify users
    */
   handleWorkflowUpdate(workflowId: string): Promise<void>
-
-  /**
-   * Handle copilot workflow edit - notify users to rehydrate
-   */
-  handleCopilotWorkflowEdit(workflowId: string, description?: string): Promise<void>
 }
diff --git a/apps/sim/socket/routes/http.ts b/apps/sim/socket/routes/http.ts
index b068b94ab1..afd5946c53 100644
--- a/apps/sim/socket/routes/http.ts
+++ b/apps/sim/socket/routes/http.ts
@@ -115,20 +115,6 @@ export function createHttpHandler(roomManager: IRoomManager, logger: Logger) {
       return
     }
 
-    // Handle copilot workflow edit notifications from the main API
-    if (req.method === 'POST' && req.url === '/api/copilot-workflow-edit') {
-      try {
-        const body = await readRequestBody(req)
-        const { workflowId, description } = JSON.parse(body)
-        await roomManager.handleCopilotWorkflowEdit(workflowId, description)
-        sendSuccess(res)
-      } catch (error) {
-        logger.error('Error handling copilot workflow edit notification:', error)
-        sendError(res, 'Failed to process copilot edit notification')
-      }
-      return
-    }
-
     // Handle workflow revert notifications from the main API
     if (req.method === 'POST' && req.url === '/api/workflow-reverted') {
       try {

From dbac8f8039db811c400b58cc54706623fd662226 Mon Sep 17 00:00:00 2001
From: Vikhyath Mondreti <vikhyath@simstudio.ai>
Date: Fri, 30 Jan 2026 11:44:45 -0800
Subject: [PATCH 3/5] remove more dead code

---
 apps/sim/app/workspace/providers/socket-provider.tsx | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/apps/sim/app/workspace/providers/socket-provider.tsx b/apps/sim/app/workspace/providers/socket-provider.tsx
index a8442003bc..0b4c5d0172 100644
--- a/apps/sim/app/workspace/providers/socket-provider.tsx
+++ b/apps/sim/app/workspace/providers/socket-provider.tsx
@@ -368,11 +368,7 @@ export function SocketProvider({ children, user }: SocketProviderProps) {
           eventHandlers.current.workflowReverted?.(data)
         })
 
-        const rehydrateWorkflowStores = async (
-          workflowId: string,
-          workflowState: any,
-          source: 'copilot' | 'workflow-state'
-        ) => {
+        const rehydrateWorkflowStores = async (workflowId: string, workflowState: any) => {
           const [
             { useOperationQueueStore },
             { useWorkflowRegistry },
@@ -397,7 +393,7 @@ export function SocketProvider({ children, user }: SocketProviderProps) {
             .getState()
             .operations.some((op: any) => op.workflowId === workflowId && op.status !== 'confirmed')
           if (hasPending) {
-            logger.info(`Skipping ${source} rehydration due to pending operations in queue`)
+            logger.info('Skipping rehydration due to pending operations in queue')
             return false
           }
 
@@ -426,7 +422,7 @@ export function SocketProvider({ children, user }: SocketProviderProps) {
             },
           }))
 
-          logger.info(`Successfully rehydrated stores from ${source}`)
+          logger.info('Successfully rehydrated workflow stores')
           return true
         }
 
@@ -500,7 +496,7 @@ export function SocketProvider({ children, user }: SocketProviderProps) {
 
           if (workflowData?.state) {
             try {
-              await rehydrateWorkflowStores(workflowData.id, workflowData.state, 'workflow-state')
+              await rehydrateWorkflowStores(workflowData.id, workflowData.state)
             } catch (error) {
               logger.error('Error rehydrating workflow state:', error)
             }

From e196d080ec3331e548f2f99b8506c4a16259094c Mon Sep 17 00:00:00 2001
From: Vikhyath Mondreti <vikhyath@simstudio.ai>
Date: Fri, 30 Jan 2026 11:59:19 -0800
Subject: [PATCH 4/5] add api encryption key to this too

---
 docker-compose.local.yml | 1 +
 docker-compose.prod.yml  | 1 +
 2 files changed, 2 insertions(+)

diff --git a/docker-compose.local.yml b/docker-compose.local.yml
index ed82a2c97c..b6c7b42bcb 100644
--- a/docker-compose.local.yml
+++ b/docker-compose.local.yml
@@ -16,6 +16,7 @@ services:
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
       - ENCRYPTION_KEY=${ENCRYPTION_KEY:-your_encryption_key_here}
+      - API_ENCRYPTION_KEY=${API_ENCRYPTION_KEY:-}
       - INTERNAL_API_SECRET=${INTERNAL_API_SECRET:-dev-internal-api-secret-min-32-chars}
       - COPILOT_API_KEY=${COPILOT_API_KEY}
       - SIM_AGENT_API_URL=${SIM_AGENT_API_URL}
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index ba6b91269e..59a93b7195 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -15,6 +15,7 @@ services:
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
       - ENCRYPTION_KEY=${ENCRYPTION_KEY:-your_encryption_key_here}
+      - API_ENCRYPTION_KEY=${API_ENCRYPTION_KEY:-}
       - INTERNAL_API_SECRET=${INTERNAL_API_SECRET}
       - COPILOT_API_KEY=${COPILOT_API_KEY}
       - SIM_AGENT_API_URL=${SIM_AGENT_API_URL}

From 64d87704a601feaad75742295826c079b695c379 Mon Sep 17 00:00:00 2001
From: Vikhyath Mondreti <vikhyath@simstudio.ai>
Date: Fri, 30 Jan 2026 12:01:43 -0800
Subject: [PATCH 5/5] update

---
 docker-compose.local.yml | 10 +++++++---
 docker-compose.prod.yml  | 11 +++++++----
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/docker-compose.local.yml b/docker-compose.local.yml
index b6c7b42bcb..f47643ad00 100644
--- a/docker-compose.local.yml
+++ b/docker-compose.local.yml
@@ -14,13 +14,15 @@ services:
       - DATABASE_URL=postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-postgres}@db:5432/${POSTGRES_DB:-simstudio}
       - BETTER_AUTH_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
-      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
-      - ENCRYPTION_KEY=${ENCRYPTION_KEY:-your_encryption_key_here}
+      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-dev-secret-at-least-32-characters-long}
+      - ENCRYPTION_KEY=${ENCRYPTION_KEY:-dev-encryption-key-at-least-32-chars}
       - API_ENCRYPTION_KEY=${API_ENCRYPTION_KEY:-}
       - INTERNAL_API_SECRET=${INTERNAL_API_SECRET:-dev-internal-api-secret-min-32-chars}
+      - REDIS_URL=${REDIS_URL:-}
       - COPILOT_API_KEY=${COPILOT_API_KEY}
       - SIM_AGENT_API_URL=${SIM_AGENT_API_URL}
       - OLLAMA_URL=${OLLAMA_URL:-http://localhost:11434}
+      - SOCKET_SERVER_URL=${SOCKET_SERVER_URL:-http://realtime:3002}
       - NEXT_PUBLIC_SOCKET_URL=${NEXT_PUBLIC_SOCKET_URL:-http://localhost:3002}
     depends_on:
       db:
@@ -41,11 +43,13 @@ services:
       context: .
       dockerfile: docker/realtime.Dockerfile
     environment:
+      - NODE_ENV=development
       - DATABASE_URL=postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-postgres}@db:5432/${POSTGRES_DB:-simstudio}
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - BETTER_AUTH_URL=${BETTER_AUTH_URL:-http://localhost:3000}
-      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
+      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-dev-secret-at-least-32-characters-long}
       - INTERNAL_API_SECRET=${INTERNAL_API_SECRET:-dev-internal-api-secret-min-32-chars}
+      - REDIS_URL=${REDIS_URL:-}
     depends_on:
       db:
         condition: service_healthy
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index 59a93b7195..527c8d86b3 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -13,14 +13,15 @@ services:
       - DATABASE_URL=postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-postgres}@db:5432/${POSTGRES_DB:-simstudio}
       - BETTER_AUTH_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
-      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
-      - ENCRYPTION_KEY=${ENCRYPTION_KEY:-your_encryption_key_here}
+      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET}
+      - ENCRYPTION_KEY=${ENCRYPTION_KEY}
       - API_ENCRYPTION_KEY=${API_ENCRYPTION_KEY:-}
       - INTERNAL_API_SECRET=${INTERNAL_API_SECRET}
+      - REDIS_URL=${REDIS_URL:-}
       - COPILOT_API_KEY=${COPILOT_API_KEY}
       - SIM_AGENT_API_URL=${SIM_AGENT_API_URL}
       - OLLAMA_URL=${OLLAMA_URL:-http://localhost:11434}
-      - SOCKET_SERVER_URL=${SOCKET_SERVER_URL:-http://localhost:3002}
+      - SOCKET_SERVER_URL=${SOCKET_SERVER_URL:-http://realtime:3002}
       - NEXT_PUBLIC_SOCKET_URL=${NEXT_PUBLIC_SOCKET_URL:-http://localhost:3002}
     depends_on:
       db:
@@ -46,11 +47,13 @@ services:
         limits:
           memory: 1G
     environment:
+      - NODE_ENV=production
       - DATABASE_URL=postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-postgres}@db:5432/${POSTGRES_DB:-simstudio}
       - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
       - BETTER_AUTH_URL=${BETTER_AUTH_URL:-http://localhost:3000}
-      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET:-your_auth_secret_here}
+      - BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET}
       - INTERNAL_API_SECRET=${INTERNAL_API_SECRET}
+      - REDIS_URL=${REDIS_URL:-}
     depends_on:
       db:
         condition: service_healthy