@vellumai/assistant 0.3.16 → 0.3.19

package/src/__tests__/guardian-action-grant-mint-consume.test.ts

@@ -0,0 +1,511 @@
+/**
+ * Integration test: guardian-action answer resolution mints a scoped grant
+ * that the voice consumer can consume exactly once.
+ *
+ * Exercises the original voice bug scenario end-to-end:
+ *   1. Voice ASK_GUARDIAN fires -> guardian action request created with tool metadata
+ *   2. Guardian answers via desktop/Telegram -> request resolved
+ *   3. tryMintGuardianActionGrant mints a tool_signature grant
+ *   4. Voice consumer can consume the grant for the same tool+input
+ *   5. Second consume attempt is denied (one-time use)
+ *   6. Grant for a different assistantId is not consumable
+ */
+
+import { mkdtempSync, rmSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+
+import { afterAll, beforeEach, describe, expect, mock, test } from 'bun:test';
+
+const testDir = mkdtempSync(join(tmpdir(), 'guardian-action-grant-e2e-'));
+
+// ── Platform + logger mocks ─────────────────────────────────────────
+
+mock.module('../util/platform.js', () => ({
+  getDataDir: () => testDir,
+  isMacOS: () => process.platform === 'darwin',
+  isLinux: () => process.platform === 'linux',
+  isWindows: () => process.platform === 'win32',
+  getSocketPath: () => join(testDir, 'test.sock'),
+  getPidPath: () => join(testDir, 'test.pid'),
+  getDbPath: () => join(testDir, 'test.db'),
+  getLogPath: () => join(testDir, 'test.log'),
+  ensureDataDir: () => {},
+  migrateToDataLayout: () => {},
+  migrateToWorkspaceLayout: () => {},
+}));
+
+mock.module('../util/logger.js', () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
+  isDebug: () => false,
+  truncateForLog: (value: string) => value,
+}));
+
+// ── Imports (after mocks) ───────────────────────────────────────────
+
+import {
+  createGuardianActionRequest,
+  resolveGuardianActionRequest,
+} from '../memory/guardian-action-store.js';
+import {
+  consumeScopedApprovalGrantByToolSignature,
+  type CreateScopedApprovalGrantParams,
+  createScopedApprovalGrant,
+} from '../memory/scoped-approval-grants.js';
+import { getDb, initializeDb, resetDb } from '../memory/db.js';
+import { conversations, scopedApprovalGrants } from '../memory/schema.js';
+import { computeToolApprovalDigest } from '../security/tool-approval-digest.js';
+import { tryMintGuardianActionGrant } from '../runtime/guardian-action-grant-minter.js';
+import { createCallSession, createPendingQuestion } from '../calls/call-store.js';
+
+initializeDb();
+
+afterAll(() => {
+  resetDb();
+  try {
+    rmSync(testDir, { recursive: true });
+  } catch {
+    /* best effort */
+  }
+});
+
+// ── Constants ───────────────────────────────────────────────────────
+
+const ASSISTANT_ID = 'self';
+const TOOL_NAME = 'execute_shell';
+const TOOL_INPUT = { command: 'rm -rf /tmp/test' };
+const CONVERSATION_ID = 'conv-e2e';
+
+// Mutable references populated by ensureFkParents()
+let CALL_SESSION_ID = '';
+let PENDING_QUESTION_IDS: string[] = [];
+let pqIndex = 0;
+
+function ensureConversation(id: string): void {
+  const db = getDb();
+  const now = Date.now();
+  db.insert(conversations).values({
+    id,
+    title: `Conversation ${id}`,
+    createdAt: now,
+    updatedAt: now,
+  }).run();
+}
+
+/** Create the FK parent rows required by guardian_action_requests. */
+function ensureFkParents(): void {
+  ensureConversation(CONVERSATION_ID);
+  const session = createCallSession({
+    conversationId: CONVERSATION_ID,
+    provider: 'twilio',
+    fromNumber: '+15550001111',
+    toNumber: '+15550002222',
+  });
+  CALL_SESSION_ID = session.id;
+
+  // Pre-create enough pending questions for all tests in a suite run
+  PENDING_QUESTION_IDS = [];
+  pqIndex = 0;
+  for (let i = 0; i < 10; i++) {
+    const pq = createPendingQuestion(session.id, `Question ${i}`);
+    PENDING_QUESTION_IDS.push(pq.id);
+  }
+}
+
+function nextPendingQuestionId(): string {
+  return PENDING_QUESTION_IDS[pqIndex++];
+}
+
+function clearTables(): void {
+  const db = getDb();
+  try {
+    db.run('DELETE FROM scoped_approval_grants');
+  } catch {
+    /* table may not exist */
+  }
+  try {
+    db.run('DELETE FROM guardian_action_deliveries');
+  } catch {
+    /* table may not exist */
+  }
+  try {
+    db.run('DELETE FROM guardian_action_requests');
+  } catch {
+    /* table may not exist */
+  }
+  try {
+    db.run('DELETE FROM call_pending_questions');
+  } catch {
+    /* table may not exist */
+  }
+  try {
+    db.run('DELETE FROM call_events');
+  } catch {
+    /* table may not exist */
+  }
+  try {
+    db.run('DELETE FROM call_sessions');
+  } catch {
+    /* table may not exist */
+  }
+  try {
+    db.run('DELETE FROM conversations');
+  } catch {
+    /* table may not exist */
+  }
+}
+
+// ── Tests ───────────────────────────────────────────────────────────
+
+describe('guardian-action grant mint -> voice consume integration', () => {
+  beforeEach(() => {
+    clearTables();
+    ensureFkParents();
+  });
+
+  test('full flow: resolve guardian action with tool metadata -> mint grant -> voice consume succeeds once', () => {
+    const inputDigest = computeToolApprovalDigest(TOOL_NAME, TOOL_INPUT);
+
+    // Step 1: Create a guardian action request with tool metadata
+    // (simulates the voice ASK_GUARDIAN path)
+    const request = createGuardianActionRequest({
+      assistantId: ASSISTANT_ID,
+      kind: 'ask_guardian',
+      sourceChannel: 'voice',
+      sourceConversationId: CONVERSATION_ID,
+      callSessionId: CALL_SESSION_ID,
+      pendingQuestionId: nextPendingQuestionId(),
+      questionText: 'Can I run rm -rf /tmp/test?',
+      expiresAt: Date.now() + 60_000,
+      toolName: TOOL_NAME,
+      inputDigest,
+    });
+
+    expect(request.toolName).toBe(TOOL_NAME);
+    expect(request.inputDigest).toBe(inputDigest);
+    expect(request.status).toBe('pending');
+
+    // Step 2: Guardian answers -> resolve the request
+    const resolved = resolveGuardianActionRequest(
+      request.id,
+      'yes',
+      'telegram',
+      'guardian-user-123',
+    );
+    expect(resolved).not.toBeNull();
+    expect(resolved!.status).toBe('answered');
+
+    // Step 3: Mint a scoped grant from the resolved request
+    tryMintGuardianActionGrant({
+      resolvedRequest: resolved!,
+      answerText: 'yes',
+      decisionChannel: 'telegram',
+      guardianExternalUserId: 'guardian-user-123',
+    });
+
+    // Verify the grant was created
+    const db = getDb();
+    const grants = db
+      .select()
+      .from(scopedApprovalGrants)
+      .all();
+    expect(grants.length).toBe(1);
+    expect(grants[0].toolName).toBe(TOOL_NAME);
+    expect(grants[0].inputDigest).toBe(inputDigest);
+    expect(grants[0].scopeMode).toBe('tool_signature');
+    expect(grants[0].status).toBe('active');
+    expect(grants[0].assistantId).toBe(ASSISTANT_ID);
+    expect(grants[0].callSessionId).toBe(CALL_SESSION_ID);
+
+    // Step 4: Voice consumer consumes the grant
+    const consumeResult = consumeScopedApprovalGrantByToolSignature({
+      toolName: TOOL_NAME,
+      inputDigest,
+      consumingRequestId: 'voice-req-1',
+      assistantId: ASSISTANT_ID,
+      executionChannel: 'voice',
+      callSessionId: CALL_SESSION_ID,
+      conversationId: CONVERSATION_ID,
+    });
+    expect(consumeResult.ok).toBe(true);
+    expect(consumeResult.grant).not.toBeNull();
+    expect(consumeResult.grant!.status).toBe('consumed');
+    expect(consumeResult.grant!.consumedByRequestId).toBe('voice-req-1');
+
+    // Step 5: Second consume attempt fails (one-time use)
+    const secondConsume = consumeScopedApprovalGrantByToolSignature({
+      toolName: TOOL_NAME,
+      inputDigest,
+      consumingRequestId: 'voice-req-2',
+      assistantId: ASSISTANT_ID,
+      executionChannel: 'voice',
+      callSessionId: CALL_SESSION_ID,
+      conversationId: CONVERSATION_ID,
+    });
+    expect(secondConsume.ok).toBe(false);
+    expect(secondConsume.grant).toBeNull();
+  });
+
+  test('grant minted for one assistantId cannot be consumed by another', () => {
+    const inputDigest = computeToolApprovalDigest(TOOL_NAME, TOOL_INPUT);
+
+    const request = createGuardianActionRequest({
+      assistantId: ASSISTANT_ID,
+      kind: 'ask_guardian',
+      sourceChannel: 'voice',
+      sourceConversationId: CONVERSATION_ID,
+      callSessionId: CALL_SESSION_ID,
+      pendingQuestionId: nextPendingQuestionId(),
+      questionText: 'Can I run the command?',
+      expiresAt: Date.now() + 60_000,
+      toolName: TOOL_NAME,
+      inputDigest,
+    });
+
+    const resolved = resolveGuardianActionRequest(request.id, 'Yes', 'telegram');
+    expect(resolved).not.toBeNull();
+
+    tryMintGuardianActionGrant({
+      resolvedRequest: resolved!,
+      answerText: 'Yes',
+      decisionChannel: 'telegram',
+    });
+
+    // Attempt to consume with a different assistantId
+    const wrongAssistant = consumeScopedApprovalGrantByToolSignature({
+      toolName: TOOL_NAME,
+      inputDigest,
+      consumingRequestId: 'voice-req-wrong',
+      assistantId: 'other-assistant',
+      executionChannel: 'voice',
+      callSessionId: CALL_SESSION_ID,
+      conversationId: CONVERSATION_ID,
+    });
+    expect(wrongAssistant.ok).toBe(false);
+
+    // Correct assistantId succeeds
+    const correctAssistant = consumeScopedApprovalGrantByToolSignature({
+      toolName: TOOL_NAME,
+      inputDigest,
+      consumingRequestId: 'voice-req-correct',
+      assistantId: ASSISTANT_ID,
+      executionChannel: 'voice',
+      callSessionId: CALL_SESSION_ID,
+      conversationId: CONVERSATION_ID,
+    });
+    expect(correctAssistant.ok).toBe(true);
+  });
+
+  test('no grant minted when guardian action request lacks tool metadata', () => {
+    // Create a request without toolName/inputDigest (informational consult)
+    const request = createGuardianActionRequest({
+      assistantId: ASSISTANT_ID,
+      kind: 'ask_guardian',
+      sourceChannel: 'voice',
+      sourceConversationId: CONVERSATION_ID,
+      callSessionId: CALL_SESSION_ID,
+      pendingQuestionId: nextPendingQuestionId(),
+      questionText: 'What should I tell the caller?',
+      expiresAt: Date.now() + 60_000,
+      // No toolName or inputDigest
+    });
+
+    const resolved = resolveGuardianActionRequest(request.id, 'Tell them to call back', 'vellum');
+    expect(resolved).not.toBeNull();
+
+    tryMintGuardianActionGrant({
+      resolvedRequest: resolved!,
+      answerText: 'Tell them to call back',
+      decisionChannel: 'vellum',
+    });
+
+    // No grant should have been created
+    const db = getDb();
+    const grants = db
+      .select()
+      .from(scopedApprovalGrants)
+      .all();
+    expect(grants.length).toBe(0);
+  });
+
+  test('grant minted via desktop/vellum channel also consumable by voice', () => {
+    const inputDigest = computeToolApprovalDigest(TOOL_NAME, TOOL_INPUT);
+
+    const request = createGuardianActionRequest({
+      assistantId: ASSISTANT_ID,
+      kind: 'ask_guardian',
+      sourceChannel: 'voice',
+      sourceConversationId: CONVERSATION_ID,
+      callSessionId: CALL_SESSION_ID,
+      pendingQuestionId: nextPendingQuestionId(),
+      questionText: 'Permission to execute?',
+      expiresAt: Date.now() + 60_000,
+      toolName: TOOL_NAME,
+      inputDigest,
+    });
+
+    // Guardian answers via desktop (vellum channel)
+    const resolved = resolveGuardianActionRequest(request.id, 'approve', 'vellum');
+    expect(resolved).not.toBeNull();
+
+    // Mint with decisionChannel: 'vellum' (desktop path)
+    tryMintGuardianActionGrant({
+      resolvedRequest: resolved!,
+      answerText: 'approve',
+      decisionChannel: 'vellum',
+    });
+
+    // The grant should have executionChannel: null (wildcard), so voice can consume
+    const consumeResult = consumeScopedApprovalGrantByToolSignature({
+      toolName: TOOL_NAME,
+      inputDigest,
+      consumingRequestId: 'voice-req-desktop',
+      assistantId: ASSISTANT_ID,
+      executionChannel: 'voice',
+      callSessionId: CALL_SESSION_ID,
+      conversationId: CONVERSATION_ID,
+    });
+    expect(consumeResult.ok).toBe(true);
+  });
+
+  test('no grant minted when guardian answer is a denial', () => {
+    const inputDigest = computeToolApprovalDigest(TOOL_NAME, TOOL_INPUT);
+
+    const request = createGuardianActionRequest({
+      assistantId: ASSISTANT_ID,
+      kind: 'ask_guardian',
+      sourceChannel: 'voice',
+      sourceConversationId: CONVERSATION_ID,
+      callSessionId: CALL_SESSION_ID,
+      pendingQuestionId: nextPendingQuestionId(),
+      questionText: 'Can I run rm -rf /tmp/test?',
+      expiresAt: Date.now() + 60_000,
+      toolName: TOOL_NAME,
+      inputDigest,
+    });
+
+    // Guardian explicitly denies the action
+    const resolved = resolveGuardianActionRequest(request.id, 'No', 'telegram', 'guardian-user-456');
+    expect(resolved).not.toBeNull();
+
+    tryMintGuardianActionGrant({
+      resolvedRequest: resolved!,
+      answerText: 'No',
+      decisionChannel: 'telegram',
+      guardianExternalUserId: 'guardian-user-456',
+    });
+
+    // No grant should have been created for a denial
+    const db = getDb();
+    const grants = db
+      .select()
+      .from(scopedApprovalGrants)
+      .all();
+    expect(grants.length).toBe(0);
+  });
+
+  test.each(['no', 'reject', 'deny', 'cancel'])('no grant minted for denial keyword: %s', (denialWord) => {
+    const inputDigest = computeToolApprovalDigest(TOOL_NAME, TOOL_INPUT);
+
+    const request = createGuardianActionRequest({
+      assistantId: ASSISTANT_ID,
+      kind: 'ask_guardian',
+      sourceChannel: 'voice',
+      sourceConversationId: CONVERSATION_ID,
+      callSessionId: CALL_SESSION_ID,
+      pendingQuestionId: nextPendingQuestionId(),
+      questionText: 'Permission to execute?',
+      expiresAt: Date.now() + 60_000,
+      toolName: TOOL_NAME,
+      inputDigest,
+    });
+
+    const resolved = resolveGuardianActionRequest(request.id, denialWord, 'telegram');
+    expect(resolved).not.toBeNull();
+
+    tryMintGuardianActionGrant({
+      resolvedRequest: resolved!,
+      answerText: denialWord,
+      decisionChannel: 'telegram',
+    });
+
+    const db = getDb();
+    const grants = db
+      .select()
+      .from(scopedApprovalGrants)
+      .all();
+    expect(grants.length).toBe(0);
+  });
+
+  test('no grant minted for unrecognised free-form answer (fail-closed)', () => {
+    const inputDigest = computeToolApprovalDigest(TOOL_NAME, TOOL_INPUT);
+
+    const request = createGuardianActionRequest({
+      assistantId: ASSISTANT_ID,
+      kind: 'ask_guardian',
+      sourceChannel: 'voice',
+      sourceConversationId: CONVERSATION_ID,
+      callSessionId: CALL_SESSION_ID,
+      pendingQuestionId: nextPendingQuestionId(),
+      questionText: 'Can I run the command?',
+      expiresAt: Date.now() + 60_000,
+      toolName: TOOL_NAME,
+      inputDigest,
+    });
+
+    // Free-form text that doesn't match a known approval phrase
+    const resolved = resolveGuardianActionRequest(request.id, 'Sure, go ahead and run it', 'telegram');
+    expect(resolved).not.toBeNull();
+
+    tryMintGuardianActionGrant({
+      resolvedRequest: resolved!,
+      answerText: 'Sure, go ahead and run it',
+      decisionChannel: 'telegram',
+    });
+
+    // No grant — unrecognised text is not treated as approval (fail-closed)
+    const db = getDb();
+    const grants = db
+      .select()
+      .from(scopedApprovalGrants)
+      .all();
+    expect(grants.length).toBe(0);
+  });
+
+  test.each(['yes', 'approve', 'approve once', 'allow', 'go ahead'])('grant IS minted for approval keyword: %s', (approveWord) => {
+    const inputDigest = computeToolApprovalDigest(TOOL_NAME, TOOL_INPUT);
+
+    const request = createGuardianActionRequest({
+      assistantId: ASSISTANT_ID,
+      kind: 'ask_guardian',
+      sourceChannel: 'voice',
+      sourceConversationId: CONVERSATION_ID,
+      callSessionId: CALL_SESSION_ID,
+      pendingQuestionId: nextPendingQuestionId(),
+      questionText: 'Can I run the command?',
+      expiresAt: Date.now() + 60_000,
+      toolName: TOOL_NAME,
+      inputDigest,
+    });
+
+    const resolved = resolveGuardianActionRequest(request.id, approveWord, 'telegram');
+    expect(resolved).not.toBeNull();
+
+    tryMintGuardianActionGrant({
+      resolvedRequest: resolved!,
+      answerText: approveWord,
+      decisionChannel: 'telegram',
+    });
+
+    const db = getDb();
+    const grants = db
+      .select()
+      .from(scopedApprovalGrants)
+      .all();
+    expect(grants.length).toBe(1);
+    expect(grants[0].toolName).toBe(TOOL_NAME);
+  });
+});

package/src/__tests__/guardian-action-late-reply.test.ts

@@ -35,9 +35,12 @@ import {
   createGuardianActionDelivery,
   createGuardianActionRequest,
   expireGuardianActionRequest,
+  getExpiredDeliveriesByConversation,
   getExpiredDeliveriesByDestination,
   getExpiredDeliveryByConversation,
+  getFollowupDeliveriesByConversation,
   getGuardianActionRequest,
+  getPendingDeliveriesByConversation,
   resolveGuardianActionRequest,
   startFollowupFromExpiredRequest,
   updateDeliveryStatus,
@@ -291,4 +294,132 @@ describe('guardian-action-late-reply', () => {
 
     expect(text).toContain('expired');
   });
+
+  // ── Multiple deliveries in one conversation (disambiguation) ──────
+
+  describe('multi-delivery disambiguation in reused conversations', () => {
+    // Helper to create a pending request with delivery in a shared conversation
+    function createPendingInSharedConv(sourceConvId: string, sharedDeliveryConvId: string) {
+      ensureConversation(sourceConvId);
+      const session = createCallSession({
+        conversationId: sourceConvId,
+        provider: 'twilio',
+        fromNumber: '+15550001111',
+        toNumber: '+15550002222',
+      });
+      const pq = createPendingQuestion(session.id, `Question from ${sourceConvId}`);
+      const request = createGuardianActionRequest({
+        kind: 'ask_guardian',
+        sourceChannel: 'voice',
+        sourceConversationId: sourceConvId,
+        callSessionId: session.id,
+        pendingQuestionId: pq.id,
+        questionText: pq.questionText,
+        expiresAt: Date.now() + 60_000,
+      });
+      const delivery = createGuardianActionDelivery({
+        requestId: request.id,
+        destinationChannel: 'vellum',
+        destinationConversationId: sharedDeliveryConvId,
+      });
+      updateDeliveryStatus(delivery.id, 'sent');
+      return { request, delivery };
+    }
+
+    test('multiple pending deliveries in same conversation are returned by getPendingDeliveriesByConversation', () => {
+      const sharedConv = 'shared-reused-conv-pending';
+      ensureConversation(sharedConv);
+
+      const { request: req1 } = createPendingInSharedConv('src-p1', sharedConv);
+      const { request: req2 } = createPendingInSharedConv('src-p2', sharedConv);
+
+      const deliveries = getPendingDeliveriesByConversation(sharedConv);
+      expect(deliveries).toHaveLength(2);
+
+      const requestIds = deliveries.map((d) => d.requestId);
+      expect(requestIds).toContain(req1.id);
+      expect(requestIds).toContain(req2.id);
+    });
+
+    test('request codes are unique across multiple requests in same conversation', () => {
+      const sharedConv = 'shared-reused-conv-codes';
+      ensureConversation(sharedConv);
+
+      const { request: req1 } = createPendingInSharedConv('src-code1', sharedConv);
+      const { request: req2 } = createPendingInSharedConv('src-code2', sharedConv);
+
+      expect(req1.requestCode).not.toBe(req2.requestCode);
+      expect(req1.requestCode).toHaveLength(6);
+      expect(req2.requestCode).toHaveLength(6);
+    });
+
+    test('multiple expired deliveries in same conversation are returned by getExpiredDeliveriesByConversation', () => {
+      const sharedConv = 'shared-reused-conv-expired';
+      ensureConversation(sharedConv);
+
+      const { request: req1 } = createPendingInSharedConv('src-e1', sharedConv);
+      const { request: req2 } = createPendingInSharedConv('src-e2', sharedConv);
+
+      expireGuardianActionRequest(req1.id, 'sweep_timeout');
+      expireGuardianActionRequest(req2.id, 'sweep_timeout');
+
+      const deliveries = getExpiredDeliveriesByConversation(sharedConv);
+      expect(deliveries).toHaveLength(2);
+
+      const requestIds = deliveries.map((d) => d.requestId);
+      expect(requestIds).toContain(req1.id);
+      expect(requestIds).toContain(req2.id);
+    });
+
+    test('multiple followup deliveries in same conversation are returned by getFollowupDeliveriesByConversation', () => {
+      const sharedConv = 'shared-reused-conv-followup';
+      ensureConversation(sharedConv);
+
+      const { request: req1 } = createPendingInSharedConv('src-fu1', sharedConv);
+      const { request: req2 } = createPendingInSharedConv('src-fu2', sharedConv);
+
+      expireGuardianActionRequest(req1.id, 'sweep_timeout');
+      expireGuardianActionRequest(req2.id, 'sweep_timeout');
+      startFollowupFromExpiredRequest(req1.id, 'late answer 1');
+      startFollowupFromExpiredRequest(req2.id, 'late answer 2');
+
+      const deliveries = getFollowupDeliveriesByConversation(sharedConv);
+      expect(deliveries).toHaveLength(2);
+
+      const requestIds = deliveries.map((d) => d.requestId);
+      expect(requestIds).toContain(req1.id);
+      expect(requestIds).toContain(req2.id);
+    });
+
+    test('resolving one pending request leaves the other still pending in shared conversation', () => {
+      const sharedConv = 'shared-reused-conv-resolve-one';
+      ensureConversation(sharedConv);
+
+      const { request: req1 } = createPendingInSharedConv('src-r1', sharedConv);
+      const { request: req2 } = createPendingInSharedConv('src-r2', sharedConv);
+
+      resolveGuardianActionRequest(req1.id, 'answer to first', 'vellum');
+
+      const remaining = getPendingDeliveriesByConversation(sharedConv);
+      expect(remaining).toHaveLength(1);
+      expect(remaining[0].requestId).toBe(req2.id);
+    });
+
+    test('request code prefix matching is case-insensitive', () => {
+      const sharedConv = 'shared-reused-conv-case';
+      ensureConversation(sharedConv);
+
+      const { request: req1 } = createPendingInSharedConv('src-case1', sharedConv);
+      const code = req1.requestCode; // e.g. "A1B2C3"
+
+      // Simulate case-insensitive prefix matching as done in session-process.ts
+      const userInput = `${code.toLowerCase()} the answer is 42`;
+      const matched = userInput.toUpperCase().startsWith(code);
+      expect(matched).toBe(true);
+
+      // After stripping the code prefix, the answer text is extracted
+      const answerText = userInput.slice(code.length).trim();
+      expect(answerText).toBe('the answer is 42');
+    });
+  });
 });