@vellumai/assistant 0.3.15 → 0.3.18

package/src/__tests__/update-bulletin.test.ts

@@ -0,0 +1,323 @@
+import * as fs from 'node:fs';
+import { existsSync, mkdirSync, readdirSync, readFileSync, rmSync, writeFileSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+
+import { afterEach, beforeEach, describe, expect, it, mock, spyOn } from 'bun:test';
+
+// --- In-memory checkpoint store ---
+const store = new Map<string, string>();
+
+mock.module('../memory/checkpoints.js', () => ({
+  getMemoryCheckpoint: mock((key: string) => store.get(key) ?? null),
+  setMemoryCheckpoint: mock((key: string, value: string) => store.set(key, value)),
+}));
+
+// --- Temp directory for workspace paths ---
+let tempDir: string;
+
+// --- Temp directory for template files ---
+// Avoids mutating the real source-controlled UPDATES.md template, preventing
+// race conditions with parallel test execution and working tree corruption
+// if the test process crashes.
+let tempTemplateDir: string;
+
+// Mock platform to avoid env-registry transitive imports.
+// All needed exports are stubbed; getWorkspacePromptPath is the only one
+// exercised by update-bulletin.ts.
+mock.module('../util/platform.js', () => ({
+  getWorkspacePromptPath: mock((file: string) => join(tempDir, file)),
+  getWorkspaceDir: () => tempDir,
+  getRootDir: () => tempDir,
+  getDataDir: () => join(tempDir, 'data'),
+  getPlatformName: () => 'darwin',
+  isMacOS: () => false,
+  isLinux: () => false,
+  isWindows: () => false,
+  ensureDataDir: () => {},
+  getDbPath: () => '',
+  getLogPath: () => '',
+  getHistoryPath: () => '',
+  getHooksDir: () => '',
+  getSocketPath: () => '',
+  getSessionTokenPath: () => '',
+  getHttpTokenPath: () => '',
+  getPlatformTokenPath: () => '',
+  getPidPath: () => '',
+  getWorkspaceConfigPath: () => '',
+  getWorkspaceSkillsDir: () => '',
+  getWorkspaceHooksDir: () => '',
+  getIpcBlobDir: () => '',
+  getSandboxRootDir: () => '',
+  getSandboxWorkingDir: () => '',
+  getInterfacesDir: () => '',
+  getClipboardCommand: () => null,
+  readLockfile: () => null,
+  normalizeAssistantId: (id: string) => id,
+  writeLockfile: () => {},
+  readPlatformToken: () => null,
+  readSessionToken: () => null,
+  readHttpToken: () => null,
+  removeSocketFile: () => {},
+  getTCPPort: () => 8765,
+  isTCPEnabled: () => false,
+  getTCPHost: () => '127.0.0.1',
+  isIOSPairingEnabled: () => false,
+  migrateToDataLayout: () => {},
+  migratePath: () => {},
+  migrateToWorkspaceLayout: () => {},
+}));
+
+// Mock system-prompt to provide only stripCommentLines without pulling in
+// the rest of the system-prompt transitive dependency tree.
+mock.module('../config/system-prompt.js', () => {
+  // Inline a minimal implementation of stripCommentLines matching production behavior.
+  function stripCommentLines(content: string): string {
+    const normalized = content.replace(/\r\n/g, '\n');
+    let openFenceChar: string | null = null;
+    const filtered = normalized.split('\n').filter((line) => {
+      const fenceMatch = line.match(/^ {0,3}(`{3,}|~{3,})/);
+      if (fenceMatch) {
+        const char = fenceMatch[1][0];
+        if (!openFenceChar) {
+          openFenceChar = char;
+        } else if (char === openFenceChar) {
+          openFenceChar = null;
+        }
+      }
+      if (openFenceChar) return true;
+      return !line.trimStart().startsWith('_');
+    });
+    return filtered
+      .join('\n')
+      .replace(/\n{3,}/g, '\n\n')
+      .trim();
+  }
+  return { stripCommentLines };
+});
+
+mock.module('../version.js', () => ({
+  APP_VERSION: '1.0.0',
+}));
+
+// Mock the template path module so tests read from a temp directory instead
+// of the real source-controlled template file.
+mock.module('../config/update-bulletin-template-path.js', () => ({
+  getTemplatePath: () => join(tempTemplateDir, 'UPDATES.md'),
+}));
+
+const { syncUpdateBulletinOnStartup } = await import('../config/update-bulletin.js');
+
+const TEST_TEMPLATE = '## What\'s New\n\nTest release notes.\n';
+const COMMENT_ONLY_TEMPLATE = '_ This is a comment-only template.\n_ No real content here.\n';
+
+describe('syncUpdateBulletinOnStartup', () => {
+  beforeEach(() => {
+    store.clear();
+    tempDir = join(tmpdir(), `update-bulletin-test-${Date.now()}-${Math.random().toString(36).slice(2)}`);
+    mkdirSync(tempDir, { recursive: true });
+    tempTemplateDir = join(tmpdir(), `update-bulletin-tpl-${Date.now()}-${Math.random().toString(36).slice(2)}`);
+    mkdirSync(tempTemplateDir, { recursive: true });
+    // Write a test template with real content so materialization proceeds
+    writeFileSync(join(tempTemplateDir, 'UPDATES.md'), TEST_TEMPLATE, 'utf-8');
+  });
+
+  afterEach(() => {
+    rmSync(tempDir, { recursive: true, force: true });
+    rmSync(tempTemplateDir, { recursive: true, force: true });
+  });
+
+  it('creates workspace file on first eligible run', () => {
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    expect(existsSync(workspacePath)).toBe(false);
+
+    syncUpdateBulletinOnStartup();
+
+    expect(existsSync(workspacePath)).toBe(true);
+    const content = readFileSync(workspacePath, 'utf-8');
+    expect(content).toContain('<!-- vellum-update-release:1.0.0 -->');
+    expect(content).toContain("What's New");
+  });
+
+  it('appends release block when workspace file exists without current marker', () => {
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    const preExisting = '<!-- vellum-update-release:0.9.0 -->\nOld release notes.\n';
+    writeFileSync(workspacePath, preExisting, 'utf-8');
+
+    syncUpdateBulletinOnStartup();
+
+    const content = readFileSync(workspacePath, 'utf-8');
+    expect(content).toContain('<!-- vellum-update-release:0.9.0 -->');
+    expect(content).toContain('<!-- vellum-update-release:1.0.0 -->');
+    expect(content).toContain('Old release notes.');
+  });
+
+  it('does not duplicate same marker on repeated runs', () => {
+    syncUpdateBulletinOnStartup();
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    const afterFirst = readFileSync(workspacePath, 'utf-8');
+
+    syncUpdateBulletinOnStartup();
+    const afterSecond = readFileSync(workspacePath, 'utf-8');
+
+    expect(afterSecond).toBe(afterFirst);
+  });
+
+  it('skips completed release', () => {
+    store.set('updates:completed_releases', JSON.stringify(['1.0.0']));
+    const workspacePath = join(tempDir, 'UPDATES.md');
+
+    syncUpdateBulletinOnStartup();
+
+    expect(existsSync(workspacePath)).toBe(false);
+  });
+
+  it('adds current release to active set', () => {
+    syncUpdateBulletinOnStartup();
+
+    const raw = store.get('updates:active_releases');
+    expect(raw).toBeDefined();
+    const active: string[] = JSON.parse(raw!);
+    expect(active).toContain('1.0.0');
+  });
+
+  it('marks active releases as completed when UPDATES.md is deleted', () => {
+    // Pre-populate active releases in the store
+    store.set('updates:active_releases', JSON.stringify(['0.8.0', '0.9.0']));
+
+    // Workspace file does not exist — simulates the assistant having deleted it
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    expect(existsSync(workspacePath)).toBe(false);
+
+    syncUpdateBulletinOnStartup();
+
+    // Active set should be cleared (except for the newly-added current release)
+    const activeRaw = store.get('updates:active_releases');
+    expect(activeRaw).toBeDefined();
+    const active: string[] = JSON.parse(activeRaw!);
+    // The old releases should not be in the active set
+    expect(active).not.toContain('0.8.0');
+    expect(active).not.toContain('0.9.0');
+
+    // The old releases should now be completed
+    const completedRaw = store.get('updates:completed_releases');
+    expect(completedRaw).toBeDefined();
+    const completed: string[] = JSON.parse(completedRaw!);
+    expect(completed).toContain('0.8.0');
+    expect(completed).toContain('0.9.0');
+  });
+
+  it('does not recreate completed release after deletion', () => {
+    // First run — creates the workspace file and marks 1.0.0 active
+    syncUpdateBulletinOnStartup();
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    expect(existsSync(workspacePath)).toBe(true);
+
+    // Simulate assistant deleting the file to signal completion
+    rmSync(workspacePath);
+    expect(existsSync(workspacePath)).toBe(false);
+
+    // Second run — deletion-completion should mark 1.0.0 completed
+    syncUpdateBulletinOnStartup();
+
+    // The file should NOT be recreated since the release is now completed
+    expect(existsSync(workspacePath)).toBe(false);
+  });
+
+  it('merges pending old block with new release block', () => {
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    // Pre-create workspace file with an old release block
+    const oldContent =
+      '<!-- vellum-update-release:0.9.0 -->\nOld release notes for 0.9.0.\n<!-- /vellum-update-release:0.9.0 -->\n';
+    writeFileSync(workspacePath, oldContent, 'utf-8');
+
+    syncUpdateBulletinOnStartup();
+
+    const content = readFileSync(workspacePath, 'utf-8');
+    // Both old and new release blocks should be present
+    expect(content).toContain('<!-- vellum-update-release:0.9.0 -->');
+    expect(content).toContain('Old release notes for 0.9.0.');
+    expect(content).toContain('<!-- vellum-update-release:1.0.0 -->');
+  });
+
+  it('idempotent on repeated sync calls', () => {
+    // First call
+    syncUpdateBulletinOnStartup();
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    const afterFirst = readFileSync(workspacePath, 'utf-8');
+
+    // Second call
+    syncUpdateBulletinOnStartup();
+    const afterSecond = readFileSync(workspacePath, 'utf-8');
+
+    expect(afterSecond).toBe(afterFirst);
+
+    // Third call for good measure
+    syncUpdateBulletinOnStartup();
+    const afterThird = readFileSync(workspacePath, 'utf-8');
+
+    expect(afterThird).toBe(afterFirst);
+  });
+
+  it('write path produces valid UTF-8 with trailing newline', () => {
+    syncUpdateBulletinOnStartup();
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    const content = readFileSync(workspacePath, 'utf-8');
+
+    expect(content.length).toBeGreaterThan(0);
+    expect(content.endsWith('\n')).toBe(true);
+
+    // Verify round-trip through Buffer produces identical content (valid UTF-8)
+    const roundTripped = Buffer.from(content, 'utf-8').toString('utf-8');
+    expect(roundTripped).toBe(content);
+  });
+
+  it('no temp file leftovers after successful write', () => {
+    syncUpdateBulletinOnStartup();
+
+    const entries = readdirSync(tempDir);
+    const tmpFiles = entries.filter((e) => e.includes('.tmp.'));
+    expect(tmpFiles).toHaveLength(0);
+  });
+
+  it('skips materialization when template is comment-only', () => {
+    // Write a comment-only template fixture (no real content after stripping)
+    writeFileSync(join(tempTemplateDir, 'UPDATES.md'), COMMENT_ONLY_TEMPLATE, 'utf-8');
+
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    syncUpdateBulletinOnStartup();
+
+    expect(existsSync(workspacePath)).toBe(false);
+  });
+
+  it('preserves existing file when atomic write fails', () => {
+    const workspacePath = join(tempDir, 'UPDATES.md');
+    const originalContent = '<!-- vellum-update-release:0.9.0 -->\nOriginal content.\n';
+    writeFileSync(workspacePath, originalContent, 'utf-8');
+
+    // Mock writeFileSync to throw when writing the temp file, simulating a
+    // disk-full or permission error deterministically (chmod-based approaches
+    // are unreliable when running as root or with CAP_DAC_OVERRIDE).
+    const originalWriteFileSync = fs.writeFileSync;
+    const spy = spyOn(fs, 'writeFileSync').mockImplementation((...args: Parameters<typeof fs.writeFileSync>) => {
+      if (typeof args[0] === 'string' && args[0].includes('.tmp.')) {
+        throw new Error('Simulated write failure');
+      }
+      return originalWriteFileSync(...args);
+    });
+    try {
+      expect(() => syncUpdateBulletinOnStartup()).toThrow('Simulated write failure');
+    } finally {
+      spy.mockRestore();
+    }
+
+    // Original content should be preserved (atomic write never renamed over it)
+    const content = readFileSync(workspacePath, 'utf-8');
+    expect(content).toBe(originalContent);
+
+    // No temp file leftovers
+    const entries = readdirSync(tempDir);
+    const tmpFiles = entries.filter((e: string) => e.includes('.tmp.'));
+    expect(tmpFiles).toHaveLength(0);
+  });
+});

package/src/__tests__/update-template-contract.test.ts

@@ -0,0 +1,24 @@
+/**
+ * Contract test: ensures the bundled UPDATES.md template exists and is readable.
+ *
+ * The template may be comment-only (no real content) for no-op releases —
+ * the bulletin system treats an empty-after-stripping template as a skip signal.
+ */
+
+import { existsSync, readFileSync } from 'node:fs';
+import { join } from 'node:path';
+
+import { describe, expect, test } from 'bun:test';
+
+const TEMPLATE_PATH = join(import.meta.dirname, '..', 'config', 'templates', 'UPDATES.md');
+
+describe('UPDATES.md template contract', () => {
+  test('template file exists', () => {
+    expect(existsSync(TEMPLATE_PATH)).toBe(true);
+  });
+
+  test('template is a readable UTF-8 file', () => {
+    const content = readFileSync(TEMPLATE_PATH, 'utf-8');
+    expect(typeof content).toBe('string');
+  });
+});

package/src/__tests__/voice-session-bridge.test.ts

@@ -8,6 +8,18 @@ import type { ServerMessage } from '../daemon/ipc-protocol.js';
 import type { Session } from '../daemon/session.js';
 
 const testDir = mkdtempSync(join(tmpdir(), 'voice-bridge-test-'));
+let mockedConfig: {
+  secretDetection: { enabled: boolean };
+  calls: { disclosure: { enabled: boolean; text: string } };
+} = {
+  secretDetection: { enabled: false },
+  calls: {
+    disclosure: {
+      enabled: false,
+      text: '',
+    },
+  },
+};
 
 mock.module('../util/platform.js', () => ({
   getRootDir: () => testDir,
@@ -29,15 +41,7 @@ mock.module('../util/logger.js', () => ({
 }));
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({
-    secretDetection: { enabled: false },
-    calls: {
-      disclosure: {
-        enabled: false,
-        text: '',
-      },
-    },
-  }),
+  getConfig: () => mockedConfig,
 }));
 
 import { setVoiceBridgeDeps, startVoiceTurn } from '../calls/voice-session-bridge.js';
@@ -85,6 +89,15 @@ function injectDeps(sessionFactory: () => Session): void {
 
 describe('voice-session-bridge', () => {
   beforeEach(() => {
+    mockedConfig = {
+      secretDetection: { enabled: false },
+      calls: {
+        disclosure: {
+          enabled: false,
+          text: '',
+        },
+      },
+    };
     const db = getDb();
     db.run('DELETE FROM messages');
     db.run('DELETE FROM conversations');
@@ -415,6 +428,93 @@ describe('voice-session-bridge', () => {
     expect(capturedGuardianContext).toEqual(guardianCtx);
   });
 
+  test('inbound non-guardian opener prompt uses pickup framing instead of outbound phrasing', async () => {
+    const conversation = createConversation('voice bridge inbound opener framing test');
+    const events: ServerMessage[] = [
+      { type: 'message_complete', sessionId: conversation.id },
+    ];
+
+    let capturedPrompt: string | null = null;
+    const session = {
+      ...makeStreamingSession(events),
+      setVoiceCallControlPrompt: (prompt: string | null) => {
+        if (prompt != null) capturedPrompt = prompt;
+      },
+    } as unknown as Session;
+
+    injectDeps(() => session);
+
+    await startVoiceTurn({
+      conversationId: conversation.id,
+      content: 'Hello there',
+      isInbound: true,
+      guardianContext: {
+        sourceChannel: 'voice',
+        actorRole: 'non-guardian',
+      },
+      onTextDelta: () => {},
+      onComplete: () => {},
+      onError: () => {},
+    });
+
+    await new Promise((r) => setTimeout(r, 50));
+    if (!capturedPrompt) throw new Error('Expected voice call control prompt to be set');
+    const prompt: string = capturedPrompt;
+
+    expect(prompt).toContain('this is an inbound call you are answering (not a call you initiated)');
+    expect(prompt).toContain('Introduce yourself once at the start using your assistant name if you know it');
+    expect(prompt).toContain('If your assistant name is not known, skip the name and just identify yourself as the guardian\'s assistant.');
+    expect(prompt).toContain('Do NOT say "I\'m calling" or "I\'m calling on behalf of".');
+  });
+
+  test('inbound disclosure guidance is rewritten for pickup context', async () => {
+    mockedConfig = {
+      secretDetection: { enabled: false },
+      calls: {
+        disclosure: {
+          enabled: true,
+          text: 'At the very beginning of the call, introduce yourself as an assistant calling on behalf of the person you represent.',
+        },
+      },
+    };
+
+    const conversation = createConversation('voice bridge inbound disclosure rewrite test');
+    const events: ServerMessage[] = [
+      { type: 'message_complete', sessionId: conversation.id },
+    ];
+
+    let capturedPrompt: string | null = null;
+    const session = {
+      ...makeStreamingSession(events),
+      setVoiceCallControlPrompt: (prompt: string | null) => {
+        if (prompt != null) capturedPrompt = prompt;
+      },
+    } as unknown as Session;
+
+    injectDeps(() => session);
+
+    await startVoiceTurn({
+      conversationId: conversation.id,
+      content: 'Hi',
+      isInbound: true,
+      guardianContext: {
+        sourceChannel: 'voice',
+        actorRole: 'non-guardian',
+      },
+      onTextDelta: () => {},
+      onComplete: () => {},
+      onError: () => {},
+    });
+
+    await new Promise((r) => setTimeout(r, 50));
+    if (!capturedPrompt) throw new Error('Expected voice call control prompt to be set');
+    const prompt: string = capturedPrompt;
+
+    expect(prompt).toContain('At the very beginning of the call, introduce yourself as an assistant calling on behalf of the person you represent.');
+    expect(prompt).toContain('rewrite any disclosure naturally for pickup context');
+    expect(prompt).toContain('Do NOT say "I\'m calling", "I called you", or "I\'m calling on behalf of".');
+  });
+
   test('auto-denies confirmation requests for non-guardian voice turns', async () => {
     const conversation = createConversation('voice bridge auto-deny non-guardian test');
 

package/src/agent/loop.ts

@@ -85,7 +85,7 @@ export class AgentLoop {
 
   async run(
     messages: Message[],
-    onEvent: (event: AgentEvent) => void,
+    onEvent: (event: AgentEvent) => void | Promise<void>,
     signal?: AbortSignal,
     requestId?: string,
     onCheckpoint?: (checkpoint: CheckpointInfo) => CheckpointDecision,
@@ -244,7 +244,7 @@ export class AgentLoop {
         };
         history.push(assistantMessage);
 
-        onEvent({ type: 'message_complete', message: assistantMessage });
+        await onEvent({ type: 'message_complete', message: assistantMessage });
 
         // Check for tool use
         toolUseBlocks = response.content.filter(

package/src/amazon/client.ts

@@ -50,7 +50,7 @@
 
 import type { ExtensionCommand, ExtensionResponse } from '../browser-extension-relay/protocol.js';
 import { extensionRelayServer } from '../browser-extension-relay/server.js';
-import { getRuntimeHttpPort } from '../config/env.js';
+import { getGatewayInternalBaseUrl } from '../config/env.js';
 import type { ExtractedCredential } from '../tools/browser/network-recording-types.js';
 import { readHttpToken } from '../util/platform.js';
 import {
@@ -81,8 +81,7 @@ export async function sendRelayCommand(command: Record<string, unknown>): Promis
     throw new Error('Browser extension relay is not connected and no HTTP token found. Is the daemon running?');
   }
 
-  const port = getRuntimeHttpPort() ?? 7821;
-  const resp = await fetch(`http://127.0.0.1:${port}/v1/browser-relay/command`, {
+  const resp = await fetch(`${getGatewayInternalBaseUrl()}/v1/browser-relay/command`, {
     method: 'POST',
     headers: {
       'Content-Type': 'application/json',