@vellumai/assistant 0.3.18 → 0.3.20

package/src/calls/call-domain.ts

@@ -13,6 +13,7 @@ import { getTwilioStatusCallbackUrl,getTwilioVoiceWebhookUrl } from '../inbound/
 import { getOrCreateConversation } from '../memory/conversation-key-store.js';
 import { queueGenerateConversationTitle } from '../memory/conversation-title-service.js';
 import { upsertBinding } from '../memory/external-conversation-store.js';
+import { revokeScopedApprovalGrantsForContext } from '../memory/scoped-approval-grants.js';
 import { isGuardian } from '../runtime/channel-guardian-service.js';
 import { getSecureKey } from '../security/secure-keys.js';
 import { getLogger } from '../util/logger.js';
@@ -71,6 +72,8 @@ export type CancelCallInput = {
 export type AnswerCallInput = {
   callSessionId: string;
   answer: string;
+  /** When provided, the answer is matched to this specific pending question/consultation. */
+  pendingQuestionId?: string;
 };
 
 export type RelayInstructionInput = {
@@ -489,6 +492,17 @@ export async function cancelCall(input: CancelCallInput): Promise<{ ok: true; se
   // Expire any pending questions so they don't linger
   expirePendingQuestions(callSessionId);
 
+  // Revoke any scoped approval grants bound to this call session.
+  // Revoke by both callSessionId and conversationId because the
+  // guardian-approval-interception minting path sets callSessionId: null
+  // but always sets conversationId.
+  try {
+    revokeScopedApprovalGrantsForContext({ callSessionId });
+    revokeScopedApprovalGrantsForContext({ conversationId: session.conversationId });
+  } catch (err) {
+    log.warn({ err, callSessionId }, 'Failed to revoke scoped grants on call cancel');
+  }
+
   // Re-check final status: a concurrent transition (e.g. Twilio callback) may have
   // moved the session to a terminal state before our update, causing it to be skipped.
   const updated = getCallSession(callSessionId);
@@ -504,30 +518,66 @@ export async function cancelCall(input: CancelCallInput): Promise<{ ok: true; se
 
 /**
  * Answer a pending question for an active call.
+ *
+ * When `pendingQuestionId` is provided, the answer is matched to that specific
+ * pending question/consultation rather than relying on transient controller
+ * state. This allows answers to arrive while the call is active and not paused,
+ * as long as the referenced question is still pending.
  */
 export async function answerCall(input: AnswerCallInput): Promise<{ ok: true; questionId: string } | CallError> {
-  const { callSessionId, answer } = input;
+  const { callSessionId, answer, pendingQuestionId } = input;
 
   if (!answer || typeof answer !== 'string') {
     return { ok: false, error: 'Missing answer', status: 400 };
   }
 
+  const controller = getCallController(callSessionId);
+  if (!controller) {
+    log.warn({ callSessionId }, 'answerCall: no active controller for call session');
+    return { ok: false, error: 'No active controller for this call', status: 409 };
+  }
+
+  // When a specific question is targeted, validate it matches the active
+  // consultation. This prevents stale or duplicate answers from being
+  // applied to the wrong consultation.
+  if (pendingQuestionId) {
+    const activeQuestionId = controller.getPendingConsultationQuestionId();
+    if (!activeQuestionId) {
+      log.warn(
+        { callSessionId, pendingQuestionId },
+        'answerCall: pendingQuestionId provided but no consultation is active',
+      );
+      return { ok: false, error: 'Referenced question is no longer pending', status: 409 };
+    }
+    if (activeQuestionId !== pendingQuestionId) {
+      log.warn(
+        { callSessionId, pendingQuestionId, activeQuestionId },
+        'answerCall: pendingQuestionId does not match active consultation',
+      );
+      return { ok: false, error: 'Referenced question is stale — a newer consultation has superseded it', status: 409 };
+    }
+  }
+
+  // Look up the pending question in the store for record-keeping
   const question = getPendingQuestion(callSessionId);
   if (!question) {
     return { ok: false, error: 'No pending question found', status: 404 };
   }
 
-  const controller = getCallController(callSessionId);
-  if (!controller) {
-    log.warn({ callSessionId }, 'answerCall: no active controller for call session');
-    return { ok: false, error: 'No active controller for this call', status: 409 };
+  // When pendingQuestionId is given, double-check it matches the store record
+  if (pendingQuestionId && question.id !== pendingQuestionId) {
+    log.warn(
+      { callSessionId, pendingQuestionId, storeQuestionId: question.id },
+      'answerCall: store pending question does not match requested pendingQuestionId',
+    );
+    return { ok: false, error: 'Referenced question is stale', status: 409 };
   }
 
   const accepted = await controller.handleUserAnswer(answer);
   if (!accepted) {
     log.warn(
       { callSessionId },
-      'answerCall: controller rejected the answer (not in waiting_on_user state)',
+      'answerCall: controller rejected the answer (no pending consultation)',
     );
     return { ok: false, error: 'Controller is not waiting for an answer', status: 409 };
   }

package/src/calls/guardian-dispatch.ts

@@ -12,6 +12,7 @@ import {
   countPendingRequestsByCallSessionId,
   createGuardianActionDelivery,
   createGuardianActionRequest,
+  getGuardianConversationIdForCallSession,
   updateDeliveryStatus,
 } from '../memory/guardian-action-store.js';
 import { emitNotificationSignal } from '../notifications/emit-signal.js';
@@ -22,11 +23,20 @@ import type { CallPendingQuestion } from './types.js';
 
 const log = getLogger('guardian-dispatch');
 
+// Per-callSessionId serialization lock. Ensures that concurrent dispatches for
+// the same call session are serialized so the second dispatch always sees the
+// delivery row (and thus the guardian conversation ID) persisted by the first.
+const pendingDispatches = new Map<string, Promise<void>>();
+
 export interface GuardianDispatchParams {
   callSessionId: string;
   conversationId: string;
   assistantId: string;
   pendingQuestion: CallPendingQuestion;
+  /** Tool identity for tool-approval requests (absent for informational ASK_GUARDIAN). */
+  toolName?: string;
+  /** Canonical SHA-256 digest of tool input for tool-approval requests. */
+  inputDigest?: string;
 }
 
 function applyDeliveryStatus(deliveryId: string, result: NotificationDeliveryResult): void {
@@ -43,11 +53,38 @@ function applyDeliveryStatus(deliveryId: string, result: NotificationDeliveryRes
  * Fire-and-forget: errors are logged but do not propagate.
  */
 export async function dispatchGuardianQuestion(params: GuardianDispatchParams): Promise<void> {
+  const { callSessionId } = params;
+
+  // Serialize concurrent dispatches for the same call session so the second
+  // dispatch always sees the guardian conversation ID persisted by the first.
+  const preceding = pendingDispatches.get(callSessionId);
+  const current = (preceding ?? Promise.resolve()).then(() =>
+    dispatchGuardianQuestionInner(params),
+  );
+  // Store a suppressed-error variant so the chain never rejects, and keep
+  // a stable reference for the cleanup identity check below.
+  const suppressed = current.catch(() => {});
+  pendingDispatches.set(callSessionId, suppressed);
+
+  try {
+    await current;
+  } finally {
+    // Clean up the map entry only if it still points to our promise, to avoid
+    // removing a later dispatch's entry.
+    if (pendingDispatches.get(callSessionId) === suppressed) {
+      pendingDispatches.delete(callSessionId);
+    }
+  }
+}
+
+async function dispatchGuardianQuestionInner(params: GuardianDispatchParams): Promise<void> {
   const {
     callSessionId,
     conversationId,
     assistantId,
     pendingQuestion,
+    toolName,
+    inputDigest,
   } = params;
 
   try {
@@ -63,6 +100,8 @@ export async function dispatchGuardianQuestion(params: GuardianDispatchParams):
       pendingQuestionId: pendingQuestion.id,
       questionText: pendingQuestion.questionText,
       expiresAt,
+      toolName,
+      inputDigest,
     });
 
     log.info(
@@ -76,6 +115,22 @@ export async function dispatchGuardianQuestion(params: GuardianDispatchParams):
     // in the same call session.
     const activeGuardianRequestCount = countPendingRequestsByCallSessionId(callSessionId);
 
+    // Look up the vellum conversation used for the first guardian question
+    // in this call session. When found, pass it as an affinity hint so the
+    // notification pipeline deterministically routes to the same conversation
+    // instead of letting the LLM choose a different thread.
+    const existingGuardianConversationId = getGuardianConversationIdForCallSession(callSessionId);
+    const conversationAffinityHint = existingGuardianConversationId
+      ? { vellum: existingGuardianConversationId }
+      : undefined;
+
+    if (existingGuardianConversationId) {
+      log.info(
+        { callSessionId, existingGuardianConversationId },
+        'Found existing guardian conversation for call session — enforcing thread affinity',
+      );
+    }
+
     // Route through the canonical notification pipeline. The paired vellum
     // conversation from this pipeline is the canonical guardian thread.
     let vellumDeliveryId: string | null = null;
@@ -99,6 +154,7 @@ export async function dispatchGuardianQuestion(params: GuardianDispatchParams):
         pendingQuestionId: pendingQuestion.id,
         activeGuardianRequestCount,
       },
+      conversationAffinityHint,
       dedupeKey: `guardian:${request.id}`,
       onThreadCreated: (info) => {
         if (info.sourceEventName !== 'guardian.question' || vellumDeliveryId) return;

package/src/calls/relay-server.ts

@@ -12,6 +12,7 @@ import type { ServerWebSocket } from 'bun';
 
 import { getConfig } from '../config/loader.js';
 import * as conversationStore from '../memory/conversation-store.js';
+import { revokeScopedApprovalGrantsForContext } from '../memory/scoped-approval-grants.js';
 import {
   getPendingChallenge,
   validateAndConsumeChallenge,
@@ -351,6 +352,18 @@ export class RelayConnection {
     }
 
     expirePendingQuestions(this.callSessionId);
+
+    // Revoke any scoped approval grants bound to this call session.
+    // Revoke by both callSessionId and conversationId because the
+    // guardian-approval-interception minting path sets callSessionId: null
+    // but always sets conversationId.
+    try {
+      revokeScopedApprovalGrantsForContext({ callSessionId: this.callSessionId });
+      revokeScopedApprovalGrantsForContext({ conversationId: session.conversationId });
+    } catch (err) {
+      log.warn({ err, callSessionId: this.callSessionId }, 'Failed to revoke scoped grants on transport close');
+    }
+
     persistCallCompletionMessage(session.conversationId, this.callSessionId).catch((err) => {
       log.error({ err, conversationId: session.conversationId, callSessionId: this.callSessionId }, 'Failed to persist call completion message');
     });

package/src/calls/types.ts

@@ -1,5 +1,5 @@
 export type CallStatus = 'initiated' | 'ringing' | 'in_progress' | 'waiting_on_user' | 'completed' | 'failed' | 'cancelled';
-export type CallEventType = 'call_started' | 'call_connected' | 'caller_spoke' | 'assistant_spoke' | 'user_question_asked' | 'user_answered' | 'user_instruction_relayed' | 'call_ended' | 'call_failed' | 'callee_verification_started' | 'callee_verification_succeeded' | 'callee_verification_failed' | 'guardian_voice_verification_started' | 'guardian_voice_verification_succeeded' | 'guardian_voice_verification_failed' | 'outbound_guardian_voice_verification_started' | 'outbound_guardian_voice_verification_succeeded' | 'outbound_guardian_voice_verification_failed' | 'guardian_consultation_timed_out' | 'guardian_unavailable_skipped';
+export type CallEventType = 'call_started' | 'call_connected' | 'caller_spoke' | 'assistant_spoke' | 'user_question_asked' | 'user_answered' | 'user_instruction_relayed' | 'call_ended' | 'call_failed' | 'callee_verification_started' | 'callee_verification_succeeded' | 'callee_verification_failed' | 'guardian_voice_verification_started' | 'guardian_voice_verification_succeeded' | 'guardian_voice_verification_failed' | 'outbound_guardian_voice_verification_started' | 'outbound_guardian_voice_verification_succeeded' | 'outbound_guardian_voice_verification_failed' | 'guardian_consultation_timed_out' | 'guardian_unavailable_skipped' | 'guardian_consult_deferred' | 'guardian_consult_coalesced';
 export type PendingQuestionStatus = 'pending' | 'answered' | 'expired' | 'cancelled';
 
 /**

package/src/calls/voice-session-bridge.ts

@@ -10,6 +10,7 @@
  * dependencies at startup via `setVoiceBridgeDeps()`.
  */
 
+import { consumeGrantForInvocation } from '../approvals/approval-primitive.js';
 import type { ChannelId } from '../channels/types.js';
 import { getConfig } from '../config/loader.js';
 import type { ServerMessage } from '../daemon/ipc-protocol.js';
@@ -19,6 +20,7 @@ import { resolveChannelCapabilities } from '../daemon/session-runtime-assembly.j
 import { buildAssistantEvent } from '../runtime/assistant-event.js';
 import { assistantEventHub } from '../runtime/assistant-event-hub.js';
 import { checkIngressForSecrets } from '../security/secret-ingress.js';
+import { computeToolApprovalDigest } from '../security/tool-approval-digest.js';
 import { IngressBlockedError } from '../util/errors.js';
 import { getLogger } from '../util/logger.js';
 
@@ -81,6 +83,8 @@ export interface VoiceRunEventSink {
 export interface VoiceTurnOptions {
   /** The conversation ID for this voice call's session. */
   conversationId: string;
+  /** The call session ID for scoped grant matching. */
+  callSessionId?: string;
   /** The transcribed caller utterance or synthetic marker. */
   content: string;
   /** Assistant scope for multi-assistant channels. */
@@ -147,7 +151,12 @@ function buildVoiceCallControlPrompt(opts: {
     '1. Be concise — keep responses to 1-3 sentences. Phone conversations should be brief and natural.',
     ...(opts.isCallerGuardian
       ? ['2. You are speaking directly with your guardian (your user). Do NOT use [ASK_GUARDIAN:]. If you need permission, information, or confirmation, ask them directly in the conversation. They can answer you right now.']
-      : ['2. You can consult your guardian at any time by including [ASK_GUARDIAN: your question here] in your response. When you do, add a natural hold message like "Let me check on that for you."']
+      : [[
+          '2. You can consult your guardian in two ways:',
+          '   - For general questions or information: [ASK_GUARDIAN: your question here]',
+          '   - For tool/action permission requests: [ASK_GUARDIAN_APPROVAL: {"question":"Describe what you need permission for","toolName":"the_tool_name","input":{...tool input object...}}]',
+          '   Use ASK_GUARDIAN_APPROVAL when you need permission to execute a specific tool or action. Use ASK_GUARDIAN for everything else (general questions, advice, information). When you use either marker, add a natural hold message like "Let me check on that for you."',
+        ].join('\n')]
     ),
   );
 
@@ -194,7 +203,7 @@ function buildVoiceCallControlPrompt(opts: {
 
   lines.push(
     '9. After the opening greeting turn, treat the Task field as background context only — do not re-execute its instructions on subsequent turns.',
-    '10. Do not make up information. If you are unsure, use [ASK_GUARDIAN: your question] to consult your guardian.',
+    '10. Do not make up information. If you are unsure, use [ASK_GUARDIAN: your question] to consult your guardian. For tool permission requests, use [ASK_GUARDIAN_APPROVAL: {"question":"...","toolName":"...","input":{...}}].',
     '</voice_call_control>',
   );
 
@@ -298,6 +307,7 @@ export async function startVoiceTurn(opts: VoiceTurnOptions): Promise<VoiceTurnH
     strictSideEffects,
   };
   session.setAssistantId(opts.assistantId ?? 'self');
+  session.callSessionId = opts.callSessionId;
   session.setGuardianContext(opts.guardianContext ?? null);
   session.setCommandIntent(null);
   session.setTurnChannelContext({
@@ -336,12 +346,56 @@ export async function startVoiceTurn(opts: VoiceTurnOptions): Promise<VoiceTurnH
   const autoDeny = !isGuardian;
   const autoAllow = isGuardian;
   let lastError: string | null = null;
-  session.updateClient((msg: ServerMessage) => {
+  session.updateClient(async (msg: ServerMessage) => {
     if (msg.type === 'confirmation_request') {
       if (autoDeny) {
+        // Non-guardian voice callers have no interactive approval UI.
+        // The pre-exec gate (tool-approval-handler.ts) handles grant
+        // consumption with retry for tool execution confirmations, but
+        // some confirmation_request events originate from proxy/network
+        // paths (e.g. PermissionPrompter in createProxyApprovalCallback)
+        // that bypass the pre-exec gate. We do a single sync lookup here
+        // (maxWaitMs: 0) since the primary retry path is in the pre-exec
+        // gate; this secondary path just needs a quick check.
+        try {
+          const inputDigest = computeToolApprovalDigest(msg.toolName, msg.input);
+          const consumeResult = await consumeGrantForInvocation({
+            requestId: msg.requestId,
+            toolName: msg.toolName,
+            inputDigest,
+            consumingRequestId: msg.requestId,
+            assistantId: opts.assistantId ?? 'self',
+            executionChannel: 'voice',
+            conversationId: opts.conversationId,
+            callSessionId: opts.callSessionId,
+            requesterExternalUserId: opts.guardianContext?.requesterExternalUserId,
+          }, { maxWaitMs: 0 });
+
+          if (consumeResult.ok) {
+            log.info(
+              { turnId, toolName: msg.toolName, grantId: consumeResult.grant.id },
+              'Consumed scoped grant — allowing non-guardian voice confirmation',
+            );
+            session.handleConfirmationResponse(
+              msg.requestId,
+              'allow',
+              undefined,
+              undefined,
+              `Permission approved for "${msg.toolName}": guardian pre-approved via scoped grant.`,
+            );
+            publishToHub(msg);
+            return;
+          }
+        } catch (err) {
+          log.error(
+            { err, turnId, toolName: msg.toolName },
+            'Error consuming grant in voice confirmation handler — falling through to deny',
+          );
+        }
+
         log.info(
           { turnId, toolName: msg.toolName },
-          'Auto-denying confirmation request for voice turn (forceStrictSideEffects)',
+          'Auto-denying confirmation request for non-guardian voice turn (no matching scoped grant)',
         );
         session.handleConfirmationResponse(
           msg.requestId,
@@ -390,6 +444,7 @@ export async function startVoiceTurn(opts: VoiceTurnOptions): Promise<VoiceTurnH
     session.setCommandIntent(null);
     session.setAssistantId('self');
     session.setVoiceCallControlPrompt(null);
+    session.callSessionId = undefined;
     // Reset the session's client callback to a no-op so the stale
     // closure doesn't intercept events from future turns on the same session.
     session.updateClient(() => {}, true);

package/src/cli/core-commands.ts

@@ -649,11 +649,7 @@ export function registerDoctorCommand(program: Command): void {
       const { runSandboxDiagnostics } = await import('../tools/terminal/sandbox-diagnostics.js');
       const sandbox = runSandboxDiagnostics();
       log.info(`\n  Sandbox:   ${sandbox.config.enabled ? 'enabled' : 'disabled'}`);
-      log.info(`  Backend:   ${sandbox.config.backend}`);
       log.info(`  Reason:    ${sandbox.activeBackendReason}`);
-      if (sandbox.config.backend === 'docker') {
-        log.info(`  Image:     ${sandbox.config.dockerImage}`);
-      }
       log.info('');
       for (const check of sandbox.checks) {
         if (check.ok) {

package/src/cli.ts

@@ -43,6 +43,72 @@ export function sanitizeUrlForDisplay(rawUrl: unknown): string {
   }
 }
 
+function stringifyConfirmationInputValue(value: unknown): string {
+  if (typeof value === 'string') return value;
+  if (typeof value === 'number' || typeof value === 'boolean') return String(value);
+  if (value == null) return 'null';
+  try {
+    return JSON.stringify(value);
+  } catch {
+    return String(value);
+  }
+}
+
+export function formatConfirmationInputLines(input: Record<string, unknown>): string[] {
+  const lines: string[] = [];
+  for (const key of Object.keys(input).sort()) {
+    const rawValue = input[key];
+    const value = key.toLowerCase().includes('url') && typeof rawValue === 'string'
+      ? sanitizeUrlForDisplay(rawValue)
+      : rawValue;
+    const rendered = stringifyConfirmationInputValue(value);
+    const renderedLines = rendered.split('\n');
+    if (renderedLines.length === 0) {
+      lines.push(`${key}:`);
+      continue;
+    }
+    lines.push(`${key}: ${renderedLines[0]}`);
+    for (const continuation of renderedLines.slice(1)) {
+      lines.push(`  ${continuation}`);
+    }
+  }
+  return lines;
+}
+
+export function formatConfirmationCommandPreview(req: Pick<ConfirmationRequest, 'toolName' | 'input'>): string {
+  if (req.toolName === 'bash' || req.toolName === 'host_bash') {
+    return String(req.input.command ?? '');
+  }
+  if (req.toolName === 'file_read' || req.toolName === 'host_file_read') {
+    return `read ${req.input.path ?? ''}`;
+  }
+  if (req.toolName === 'file_write' || req.toolName === 'host_file_write') {
+    return `write ${req.input.path ?? ''}`;
+  }
+  if (req.toolName === 'file_edit' || req.toolName === 'host_file_edit') {
+    return `edit ${req.input.path ?? ''}`;
+  }
+  if (req.toolName === 'web_fetch') {
+    return `fetch ${sanitizeUrlForDisplay(req.input.url ?? '')}`;
+  }
+  if (req.toolName === 'browser_navigate') {
+    return `navigate ${sanitizeUrlForDisplay(req.input.url ?? '')}`;
+  }
+  if (req.toolName === 'browser_close') {
+    return req.input.close_all_pages ? 'close all browser pages' : 'close browser page';
+  }
+  if (req.toolName === 'browser_click') {
+    return `click ${req.input.element_id ?? req.input.selector ?? ''}`;
+  }
+  if (req.toolName === 'browser_type') {
+    return `type into ${req.input.element_id ?? req.input.selector ?? ''}`;
+  }
+  if (req.toolName === 'browser_press_key') {
+    return `press "${req.input.key ?? ''}"`;
+  }
+  return req.toolName;
+}
+
 
 export async function startCli(): Promise<void> {
   const socketPath = getSocketPath();
@@ -138,48 +204,24 @@ export async function startCli(): Promise<void> {
     return false;
   }
 
-  function formatCommandPreview(req: ConfirmationRequest): string {
-    if (req.toolName === 'bash') {
-      return String(req.input.command ?? '');
-    }
-    if (req.toolName === 'file_read') {
-      return `read ${req.input.path ?? ''}`;
-    }
-    if (req.toolName === 'file_write') {
-      return `write ${req.input.path ?? ''}`;
-    }
-    if (req.toolName === 'web_fetch') {
-      return `fetch ${sanitizeUrlForDisplay(req.input.url ?? '')}`;
-    }
-    if (req.toolName === 'browser_navigate') {
-      return `navigate ${sanitizeUrlForDisplay(req.input.url ?? '')}`;
-    }
-    if (req.toolName === 'browser_close') {
-      return req.input.close_all_pages ? 'close all browser pages' : 'close browser page';
-    }
-    if (req.toolName === 'browser_click') {
-      return `click ${req.input.element_id ?? req.input.selector ?? ''}`;
-    }
-    if (req.toolName === 'browser_type') {
-      return `type into ${req.input.element_id ?? req.input.selector ?? ''}`;
-    }
-    if (req.toolName === 'browser_press_key') {
-      return `press "${req.input.key ?? ''}"`;
-    }
-    return `${req.toolName}: ${truncate(JSON.stringify(req.input), 80)}`;
-  }
-
   function renderConfirmationPrompt(req: ConfirmationRequest): void {
-    const preview = formatCommandPreview(req);
+    const preview = formatConfirmationCommandPreview(req);
+    const inputLines = formatConfirmationInputLines(req.input);
     process.stdout.write('\n');
     process.stdout.write(`\u250C ${req.toolName}: ${preview}\n`);
     process.stdout.write(`\u2502 Risk: ${req.riskLevel}${req.sandboxed ? '  [sandboxed]' : ''}\n`);
     if (req.executionTarget) {
       process.stdout.write(`\u2502 Target: ${req.executionTarget}\n`);
     }
+    if (inputLines.length > 0) {
+      process.stdout.write(`\u2502\n`);
+      for (const line of inputLines) {
+        process.stdout.write(`\u2502 ${line}\n`);
+      }
+    }
     if (req.diff) {
       const diffOutput = req.diff.isNewFile
-        ? formatNewFileDiff(req.diff.newContent, req.diff.filePath)
+        ? formatNewFileDiff(req.diff.newContent, req.diff.filePath, null)
         : formatDiff(req.diff.oldContent, req.diff.newContent, req.diff.filePath);
       if (diffOutput) {
         process.stdout.write(`\u2502\n`);
@@ -506,7 +548,7 @@ export async function startCli(): Promise<void> {
         toolStreaming = false;
         if (msg.diff) {
           const diffOutput = msg.diff.isNewFile
-            ? formatNewFileDiff(msg.diff.newContent, msg.diff.filePath)
+            ? formatNewFileDiff(msg.diff.newContent, msg.diff.filePath, null)
             : formatDiff(msg.diff.oldContent, msg.diff.newContent, msg.diff.filePath);
           if (diffOutput) {
             process.stdout.write(diffOutput);