@vellumai/assistant 0.3.19 → 0.3.21

package/src/__tests__/channel-invite-transport.test.ts

@@ -0,0 +1,264 @@
+import { beforeEach, describe, expect, mock, test } from 'bun:test';
+
+// Mock the credential metadata store so the Telegram adapter can resolve
+// the bot username without touching the filesystem.
+let mockBotUsername: string | undefined = 'test_invite_bot';
+mock.module('../tools/credentials/metadata-store.js', () => ({
+  getCredentialMetadata: (service: string, field: string) => {
+    if (service === 'telegram' && field === 'bot_token' && mockBotUsername) {
+      return { accountInfo: mockBotUsername };
+    }
+    return undefined;
+  },
+  upsertCredentialMetadata: () => {},
+  deleteCredentialMetadata: () => {},
+  listCredentialMetadata: () => [],
+}));
+
+import {
+  _resetRegistry,
+  type ChannelInviteTransport,
+  getTransport,
+  registerTransport,
+} from '../runtime/channel-invite-transport.js';
+// Importing the Telegram module auto-registers the transport
+import { telegramInviteTransport } from '../runtime/channel-invite-transports/telegram.js';
+
+describe('channel-invite-transport', () => {
+  beforeEach(() => {
+    _resetRegistry();
+    mockBotUsername = 'test_invite_bot';
+    // Re-register after reset so Telegram tests work
+    registerTransport(telegramInviteTransport);
+  });
+
+  // =========================================================================
+  // Registry
+  // =========================================================================
+
+  describe('registry', () => {
+    test('returns the Telegram transport for telegram channel', () => {
+      const transport = getTransport('telegram');
+      expect(transport).toBeDefined();
+      expect(transport!.channel).toBe('telegram');
+    });
+
+    test('returns undefined for an unregistered channel', () => {
+      const transport = getTransport('sms');
+      expect(transport).toBeUndefined();
+    });
+
+    test('overwrites a previously registered transport for the same channel', () => {
+      const custom: ChannelInviteTransport = {
+        channel: 'telegram',
+        buildShareableInvite: () => ({ url: 'custom', displayText: 'custom' }),
+        extractInboundToken: () => undefined,
+      };
+      registerTransport(custom);
+      const transport = getTransport('telegram');
+      expect(transport!.buildShareableInvite({ rawToken: 'x', sourceChannel: 'telegram' }).url).toBe('custom');
+    });
+
+    test('_resetRegistry clears all transports', () => {
+      _resetRegistry();
+      expect(getTransport('telegram')).toBeUndefined();
+    });
+  });
+
+  // =========================================================================
+  // Telegram adapter — buildShareableInvite
+  // =========================================================================
+
+  describe('telegram buildShareableInvite', () => {
+    test('produces a valid Telegram deep link', () => {
+      const result = telegramInviteTransport.buildShareableInvite({
+        rawToken: 'abc123_test-token',
+        sourceChannel: 'telegram',
+      });
+
+      expect(result.url).toBe('https://t.me/test_invite_bot?start=iv_abc123_test-token');
+      expect(result.displayText).toContain('https://t.me/test_invite_bot?start=iv_abc123_test-token');
+    });
+
+    test('deep link is deterministic for the same token', () => {
+      const a = telegramInviteTransport.buildShareableInvite({ rawToken: 'tok1', sourceChannel: 'telegram' });
+      const b = telegramInviteTransport.buildShareableInvite({ rawToken: 'tok1', sourceChannel: 'telegram' });
+      expect(a.url).toBe(b.url);
+      expect(a.displayText).toBe(b.displayText);
+    });
+
+    test('uses the configured bot username', () => {
+      mockBotUsername = 'my_custom_bot';
+      const result = telegramInviteTransport.buildShareableInvite({
+        rawToken: 'token',
+        sourceChannel: 'telegram',
+      });
+      expect(result.url).toBe('https://t.me/my_custom_bot?start=iv_token');
+    });
+
+    test('throws when bot username is not configured', () => {
+      mockBotUsername = undefined;
+      // Also clear the env var to ensure no fallback
+      const prev = process.env.TELEGRAM_BOT_USERNAME;
+      delete process.env.TELEGRAM_BOT_USERNAME;
+      try {
+        expect(() =>
+          telegramInviteTransport.buildShareableInvite({
+            rawToken: 'token',
+            sourceChannel: 'telegram',
+          }),
+        ).toThrow('bot username is not configured');
+      } finally {
+        if (prev !== undefined) process.env.TELEGRAM_BOT_USERNAME = prev;
+      }
+    });
+
+    test('falls back to TELEGRAM_BOT_USERNAME env var', () => {
+      mockBotUsername = undefined;
+      const prev = process.env.TELEGRAM_BOT_USERNAME;
+      process.env.TELEGRAM_BOT_USERNAME = 'env_bot';
+      try {
+        const result = telegramInviteTransport.buildShareableInvite({
+          rawToken: 'token',
+          sourceChannel: 'telegram',
+        });
+        expect(result.url).toBe('https://t.me/env_bot?start=iv_token');
+      } finally {
+        if (prev !== undefined) {
+          process.env.TELEGRAM_BOT_USERNAME = prev;
+        } else {
+          delete process.env.TELEGRAM_BOT_USERNAME;
+        }
+      }
+    });
+  });
+
+  // =========================================================================
+  // Telegram adapter — extractInboundToken
+  // =========================================================================
+
+  describe('telegram extractInboundToken', () => {
+    test('extracts token from structured commandIntent', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'start', payload: 'iv_abc123' },
+        content: '/start iv_abc123',
+      });
+      expect(token).toBe('abc123');
+    });
+
+    test('extracts base64url token from commandIntent', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'start', payload: 'iv_YWJjMTIz-_test' },
+        content: '/start iv_YWJjMTIz-_test',
+      });
+      expect(token).toBe('YWJjMTIz-_test');
+    });
+
+    test('returns undefined when commandIntent has no payload', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'start' },
+        content: '/start',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('returns undefined when commandIntent payload has wrong prefix (gv_)', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'start', payload: 'gv_abc123' },
+        content: '/start gv_abc123',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('returns undefined when commandIntent payload has no prefix', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'start', payload: 'abc123' },
+        content: '/start abc123',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('returns undefined when commandIntent type is not start', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'help', payload: 'iv_abc123' },
+        content: '/help iv_abc123',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('returns undefined when commandIntent payload is iv_ with empty token', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'start', payload: 'iv_' },
+        content: '/start iv_',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('returns undefined when commandIntent payload is iv_ with whitespace-only token', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'start', payload: 'iv_   ' },
+        content: '/start iv_   ',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('extracts token from raw content fallback', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        content: '/start iv_abc123',
+      });
+      expect(token).toBe('abc123');
+    });
+
+    test('extracts token from raw content with extra whitespace', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        content: '/start   iv_token123',
+      });
+      expect(token).toBe('token123');
+    });
+
+    test('returns undefined for empty content', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        content: '',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('returns undefined for content without /start', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        content: 'hello world',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('returns undefined for /start without iv_ prefix in content', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        content: '/start gv_abc123',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('returns undefined for malformed /start with only iv_ in content', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        content: '/start iv_',
+      });
+      expect(token).toBeUndefined();
+    });
+
+    test('prefers commandIntent over raw content', () => {
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'start', payload: 'iv_from_intent' },
+        content: '/start iv_from_content',
+      });
+      expect(token).toBe('from_intent');
+    });
+
+    test('returns undefined when commandIntent rejects, even if content has token', () => {
+      // commandIntent present but payload has wrong prefix
+      const token = telegramInviteTransport.extractInboundToken({
+        commandIntent: { type: 'start', payload: 'gv_abc123' },
+        content: '/start iv_valid_token',
+      });
+      expect(token).toBeUndefined();
+    });
+  });
+});

package/src/__tests__/cli.test.ts

@@ -1,6 +1,10 @@
 import { describe, expect,test } from 'bun:test';
 
-import { sanitizeUrlForDisplay } from '../cli.js';
+import {
+  formatConfirmationCommandPreview,
+  formatConfirmationInputLines,
+  sanitizeUrlForDisplay,
+} from '../cli.js';
 
 describe('sanitizeUrlForDisplay', () => {
   test('removes userinfo from absolute URLs', () => {
@@ -25,3 +29,40 @@ describe('sanitizeUrlForDisplay', () => {
     expect(sanitizeUrlForDisplay(rawValue)).toBe('not-a-url //[REDACTED]@example.com');
   });
 });
+
+describe('formatConfirmationInputLines', () => {
+  test('preserves full old_string and new_string values without truncation', () => {
+    const oldString = 'old '.repeat(120);
+    const newString = 'new '.repeat(120);
+    const lines = formatConfirmationInputLines({
+      old_string: oldString,
+      new_string: newString,
+    });
+
+    expect(lines).toContain(`old_string: ${oldString}`);
+    expect(lines).toContain(`new_string: ${newString}`);
+    expect(lines.some((line) => line.includes('...'))).toBe(false);
+  });
+
+  test('preserves multiline values', () => {
+    const lines = formatConfirmationInputLines({
+      old_string: 'line1\nline2\nline3',
+    });
+
+    expect(lines).toEqual([
+      'old_string: line1',
+      '  line2',
+      '  line3',
+    ]);
+  });
+});
+
+describe('formatConfirmationCommandPreview', () => {
+  test('shows concise file_edit preview', () => {
+    const preview = formatConfirmationCommandPreview({
+      toolName: 'file_edit',
+      input: { path: '/tmp/sample.txt' },
+    });
+    expect(preview).toBe('edit /tmp/sample.txt');
+  });
+});

package/src/__tests__/config-schema.test.ts

@@ -52,7 +52,6 @@ mock.module('../util/platform.js', () => ({
 }));
 
 import { buildElevenLabsVoiceSpec, resolveVoiceQualityProfile } from '../calls/voice-quality.js';
-import { DEFAULT_CONFIG } from '../config/defaults.js';
 import { invalidateConfigCache,loadConfig } from '../config/loader.js';
 import { AssistantConfigSchema } from '../config/schema.js';
 import { _setStorePath } from '../security/encrypted-store.js';
@@ -96,15 +95,6 @@ describe('AssistantConfigSchema', () => {
     });
     expect(result.sandbox).toEqual({
       enabled: true,
-      backend: 'docker',
-      docker: {
-        image: 'vellum-sandbox:latest',
-        shell: 'bash',
-        cpus: 1,
-        memoryMb: 512,
-        pidsLimit: 256,
-        network: 'none',
-      },
     });
     expect(result.rateLimit).toEqual({ maxRequestsPerMinute: 0, maxTokensPerSession: 0 });
     expect(result.secretDetection).toEqual({ enabled: true, action: 'redact', entropyThreshold: 4.0, allowOneTimeSend: false, blockIngress: true });
@@ -393,113 +383,22 @@ describe('AssistantConfigSchema', () => {
     }
   });
 
-  // SANDBOX M11 cutover: Docker is now the default backend for stronger
-  // container-level isolation. Native is available as opt-in fallback.
-  test('default sandbox backend is docker', () => {
-    const result = AssistantConfigSchema.parse({});
-    expect(result.sandbox.backend).toBe('docker');
-  });
-
-  test('DEFAULT_CONFIG sandbox backend is docker', () => {
-    expect(DEFAULT_CONFIG.sandbox.backend).toBe('docker');
-  });
-
-  test('backward compatibility: sandbox with only enabled still parses', () => {
+  test('sandbox with only enabled still parses', () => {
     const result = AssistantConfigSchema.parse({ sandbox: { enabled: false } });
     expect(result.sandbox.enabled).toBe(false);
-    expect(result.sandbox.backend).toBe('docker');
-    expect(result.sandbox.docker.memoryMb).toBe(512);
   });
 
-  test('accepts docker backend with custom limits', () => {
-    const result = AssistantConfigSchema.parse({
-      sandbox: {
-        enabled: true,
-        backend: 'docker',
-        docker: {
-          image: 'ubuntu:22.04',
-          cpus: 2,
-          memoryMb: 1024,
-          pidsLimit: 512,
-          network: 'bridge',
-        },
-      },
-    });
-    expect(result.sandbox.backend).toBe('docker');
-    expect(result.sandbox.docker.image).toBe('ubuntu:22.04');
-    expect(result.sandbox.docker.cpus).toBe(2);
-    expect(result.sandbox.docker.memoryMb).toBe(1024);
-    expect(result.sandbox.docker.pidsLimit).toBe(512);
-    expect(result.sandbox.docker.network).toBe('bridge');
-  });
-
-  test('applies docker defaults when backend is docker but docker config omitted', () => {
-    const result = AssistantConfigSchema.parse({
-      sandbox: { backend: 'docker' },
-    });
-    expect(result.sandbox.backend).toBe('docker');
-    expect(result.sandbox.docker.cpus).toBe(1);
-    expect(result.sandbox.docker.memoryMb).toBe(512);
-    expect(result.sandbox.docker.pidsLimit).toBe(256);
-    expect(result.sandbox.docker.network).toBe('none');
-  });
-
-  test('accepts partial docker config with defaults for missing fields', () => {
-    const result = AssistantConfigSchema.parse({
-      sandbox: {
-        backend: 'docker',
-        docker: { memoryMb: 2048 },
-      },
-    });
-    expect(result.sandbox.docker.memoryMb).toBe(2048);
-    expect(result.sandbox.docker.cpus).toBe(1);
-    expect(result.sandbox.docker.pidsLimit).toBe(256);
-    expect(result.sandbox.docker.network).toBe('none');
-  });
-
-  test('rejects invalid sandbox.backend', () => {
+  test('rejects unknown sandbox fields', () => {
     const result = AssistantConfigSchema.safeParse({
-      sandbox: { backend: 'podman' },
-    });
-    expect(result.success).toBe(false);
-    if (!result.success) {
-      const msgs = result.error.issues.map(i => i.message);
-      expect(msgs.some(m => m.includes('sandbox.backend'))).toBe(true);
-    }
-  });
-
-  test('rejects invalid docker.network', () => {
-    const result = AssistantConfigSchema.safeParse({
-      sandbox: { docker: { network: 'host' } },
+      sandbox: { backend: 'docker' },
     });
-    expect(result.success).toBe(false);
-    if (!result.success) {
-      const msgs = result.error.issues.map(i => i.message);
-      expect(msgs.some(m => m.includes('sandbox.docker.network'))).toBe(true);
+    // Unknown keys are stripped by Zod passthrough/strip, so parse should still succeed
+    // but the unknown field should not appear in the output
+    if (result.success) {
+      expect((result.data.sandbox as Record<string, unknown>)['backend']).toBeUndefined();
     }
   });
 
-  test('rejects non-positive docker.memoryMb', () => {
-    const result = AssistantConfigSchema.safeParse({
-      sandbox: { docker: { memoryMb: 0 } },
-    });
-    expect(result.success).toBe(false);
-  });
-
-  test('rejects non-integer docker.pidsLimit', () => {
-    const result = AssistantConfigSchema.safeParse({
-      sandbox: { docker: { pidsLimit: 3.5 } },
-    });
-    expect(result.success).toBe(false);
-  });
-
-  test('rejects negative docker.cpus', () => {
-    const result = AssistantConfigSchema.safeParse({
-      sandbox: { docker: { cpus: -1 } },
-    });
-    expect(result.success).toBe(false);
-  });
-
   test('defaults permissions.mode to workspace', () => {
     const result = AssistantConfigSchema.parse({});
     expect(result.permissions).toEqual({ mode: 'workspace' });
@@ -1277,28 +1176,13 @@ describe('loadConfig with schema validation', () => {
     writeConfig({ sandbox: { enabled: false } });
     const config = loadConfig();
     expect(config.sandbox.enabled).toBe(false);
-    expect(config.sandbox.backend).toBe('docker');
-    expect(config.sandbox.docker.memoryMb).toBe(512);
   });
 
-  test('loads sandbox docker backend config', () => {
-    writeConfig({
-      sandbox: {
-        backend: 'docker',
-        docker: { memoryMb: 2048, network: 'bridge' },
-      },
-    });
+  test('strips unknown sandbox fields', () => {
+    writeConfig({ sandbox: { enabled: true, backend: 'docker' } });
     const config = loadConfig();
-    expect(config.sandbox.backend).toBe('docker');
-    expect(config.sandbox.docker.memoryMb).toBe(2048);
-    expect(config.sandbox.docker.network).toBe('bridge');
-    expect(config.sandbox.docker.cpus).toBe(1);
-  });
-
-  test('falls back for invalid sandbox.backend', () => {
-    writeConfig({ sandbox: { backend: 'podman' } });
-    const config = loadConfig();
-    expect(config.sandbox.backend).toBe('docker');
+    expect(config.sandbox.enabled).toBe(true);
+    expect('backend' in config.sandbox).toBe(false);
   });
 
   test('falls back for invalid contextWindow relationship', () => {

package/src/__tests__/config-watcher.test.ts

@@ -193,14 +193,6 @@ describe('ConfigWatcher workspace file handlers', () => {
     expect(evictCallCount).toBe(1);
   });
 
-  test('LOOKS.md change triggers onSessionEvict', async () => {
-    watcher.start(onSessionEvict);
-    simulateFileChange(WORKSPACE_DIR, 'LOOKS.md');
-
-    await new Promise((r) => setTimeout(r, 300));
-    expect(evictCallCount).toBe(1);
-  });
-
   test('UPDATES.md change triggers onSessionEvict', async () => {
     watcher.start(onSessionEvict);
     simulateFileChange(WORKSPACE_DIR, 'UPDATES.md');

package/src/__tests__/daemon-lifecycle.test.ts

@@ -116,6 +116,7 @@ class MockSession {
   }
 
   async loadFromDb(): Promise<void> {}
+  async ensureActorScopedHistory(): Promise<void> {}
   updateClient(): void {}
   setSandboxOverride(): void {}
   isProcessing(): boolean { return this.processing; }

package/src/__tests__/daemon-server-session-init.test.ts

@@ -41,6 +41,7 @@ class MockSession {
   public readonly conversationId: string;
   public memoryPolicy: MockMemoryPolicy;
   public updateClientCalls = 0;
+  public ensureActorScopedHistoryCalls = 0;
   public lastUpdateClientHasNoClient: boolean | undefined;
   public lastUpdateClientSender: ((msg: Record<string, unknown>) => void) | undefined;
   public lastRunAgentLoopOptions: { skipPreMessageRollback?: boolean; isInteractive?: boolean } | undefined;
@@ -69,6 +70,10 @@ class MockSession {
 
   async loadFromDb(): Promise<void> {}
 
+  async ensureActorScopedHistory(): Promise<void> {
+    this.ensureActorScopedHistoryCalls += 1;
+  }
+
   updateClient(sender?: (msg: Record<string, unknown>) => void, hasNoClient = false): void {
     this.updateClientCalls += 1;
     this.lastUpdateClientSender = sender;
@@ -165,8 +170,8 @@ class MockSession {
   }
 }
 
-// Mock child_process to prevent getScreenDimensions() from running Swift on Linux CI
-// where CoreGraphics is not available and the execSync call hangs for 10s.
+// Mock child_process to prevent getScreenDimensions() from running osascript on Linux CI
+// where AppKit/NSScreen is not available and the execSync call would fail.
 mock.module('node:child_process', () => ({
   execSync: () => '1920x1080',
   execFileSync: () => '',
@@ -634,6 +639,7 @@ describe('DaemonServer initial session hydration', () => {
     const session = internal.sessions.get(conversation.id);
     expect(session).toBeDefined();
     expect(session!.lastRunAgentLoopOptions?.isInteractive).toBe(true);
+    expect(session!.ensureActorScopedHistoryCalls).toBeGreaterThanOrEqual(1);
 
     // Verify the session was marked interactive during the loop, then restored.
     // updateClientHistory: [0] = initial no-socket creation (hasNoClient: true),

package/src/__tests__/diff.test.ts

@@ -91,6 +91,18 @@ describe('formatDiff', () => {
     expect(result).toContain('-old content');
     expect(result).toContain('-line 2');
   });
+
+  test('uses a full fallback diff for oversized files without truncation markers', () => {
+    const old = Array.from({ length: 6 }, (_, i) => `old-${i + 1}`).join('\n');
+    const updated = Array.from({ length: 6 }, (_, i) => (i === 3 ? 'new-4' : `old-${i + 1}`)).join('\n');
+    const result = stripAnsi(formatDiff(old, updated, 'oversized.ts', { maxExactLines: 2 }));
+
+    expect(result).toContain('--- a/oversized.ts');
+    expect(result).toContain('+++ b/oversized.ts');
+    expect(result).toContain('-old-4');
+    expect(result).toContain('+new-4');
+    expect(result).not.toContain('Diff too large to display');
+  });
 });
 
 describe('formatNewFileDiff', () => {
@@ -119,4 +131,14 @@ describe('formatNewFileDiff', () => {
     const result = stripAnsi(formatNewFileDiff(content, 'small.ts'));
     expect(result).not.toContain('more lines');
   });
+
+  test('allows unbounded output when maxLines is null', () => {
+    const lines = Array.from({ length: 50 }, (_, i) => `line${i + 1}`);
+    const content = lines.join('\n');
+    const result = stripAnsi(formatNewFileDiff(content, 'all-lines.ts', null));
+
+    expect(result).toContain('+line1');
+    expect(result).toContain('+line50');
+    expect(result).not.toContain('more lines');
+  });
 });

package/src/__tests__/guardian-action-copy-generator.test.ts

@@ -23,11 +23,16 @@ const ALL_SCENARIOS: GuardianActionMessageScenario[] = [
   'guardian_followup_failed',
   'guardian_followup_declined_ack',
   'guardian_followup_clarification',
+  'guardian_pending_disambiguation',
   'guardian_expired_disambiguation',
   'guardian_followup_disambiguation',
   'guardian_stale_answered',
   'guardian_stale_expired',
   'guardian_stale_followup',
+  'guardian_stale_superseded',
+  'guardian_superseded_remap',
+  'guardian_unknown_code',
+  'guardian_auto_matched',
   'outbound_message_copy',
   'followup_message_sent',
   'followup_call_started',