@vellumai/assistant 0.3.2 → 0.3.3

package/src/memory/channel-guardian-store.ts

@@ -58,6 +58,7 @@ export interface GuardianApprovalRequest {
   id: string;
   runId: string;
   conversationId: string;
+  assistantId: string;
   channel: string;
   requesterExternalUserId: string;
   requesterChatId: string;
@@ -114,6 +115,7 @@ function rowToApprovalRequest(row: typeof channelGuardianApprovalRequests.$infer
     id: row.id,
     runId: row.runId,
     conversationId: row.conversationId,
+    assistantId: row.assistantId,
     channel: row.channel,
     requesterExternalUserId: row.requesterExternalUserId,
     requesterChatId: row.requesterChatId,
@@ -305,6 +307,7 @@ export function consumeChallenge(
 export function createApprovalRequest(params: {
   runId: string;
   conversationId: string;
+  assistantId?: string;
   channel: string;
   requesterExternalUserId: string;
   requesterChatId: string;
@@ -323,6 +326,7 @@ export function createApprovalRequest(params: {
     id,
     runId: params.runId,
     conversationId: params.conversationId,
+    assistantId: params.assistantId ?? 'self',
     channel: params.channel,
     requesterExternalUserId: params.requesterExternalUserId,
     requesterChatId: params.requesterChatId,
@@ -388,25 +392,32 @@ export function getUnresolvedApprovalForRun(runId: string): GuardianApprovalRequ
 /**
  * Find a pending guardian approval request by the guardian's chat ID.
  * Used when the guardian sends a decision from their chat.
+ *
+ * When `assistantId` is provided, the lookup is scoped to that assistant,
+ * preventing cross-assistant approval consumption in shared guardian chats.
  */
 export function getPendingApprovalByGuardianChat(
   channel: string,
   guardianChatId: string,
+  assistantId?: string,
 ): GuardianApprovalRequest | null {
   const db = getDb();
   const now = Date.now();
 
+  const conditions = [
+    eq(channelGuardianApprovalRequests.channel, channel),
+    eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
+    eq(channelGuardianApprovalRequests.status, 'pending'),
+    gt(channelGuardianApprovalRequests.expiresAt, now),
+  ];
+  if (assistantId) {
+    conditions.push(eq(channelGuardianApprovalRequests.assistantId, assistantId));
+  }
+
   const row = db
     .select()
     .from(channelGuardianApprovalRequests)
-    .where(
-      and(
-        eq(channelGuardianApprovalRequests.channel, channel),
-        eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
-        eq(channelGuardianApprovalRequests.status, 'pending'),
-        gt(channelGuardianApprovalRequests.expiresAt, now),
-      ),
-    )
+    .where(and(...conditions))
     .orderBy(desc(channelGuardianApprovalRequests.createdAt))
     .get();
 
@@ -418,27 +429,34 @@ export function getPendingApprovalByGuardianChat(
  * guardian chat, and channel. Used when a callback button provides a run ID,
  * so the decision is applied to exactly the right approval even when
  * multiple approvals target the same guardian chat.
+ *
+ * When `assistantId` is provided, the lookup is further scoped to that
+ * assistant to prevent cross-assistant approval consumption.
  */
 export function getPendingApprovalByRunAndGuardianChat(
   runId: string,
   channel: string,
   guardianChatId: string,
+  assistantId?: string,
 ): GuardianApprovalRequest | null {
   const db = getDb();
   const now = Date.now();
 
+  const conditions = [
+    eq(channelGuardianApprovalRequests.runId, runId),
+    eq(channelGuardianApprovalRequests.channel, channel),
+    eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
+    eq(channelGuardianApprovalRequests.status, 'pending'),
+    gt(channelGuardianApprovalRequests.expiresAt, now),
+  ];
+  if (assistantId) {
+    conditions.push(eq(channelGuardianApprovalRequests.assistantId, assistantId));
+  }
+
   const row = db
     .select()
     .from(channelGuardianApprovalRequests)
-    .where(
-      and(
-        eq(channelGuardianApprovalRequests.runId, runId),
-        eq(channelGuardianApprovalRequests.channel, channel),
-        eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
-        eq(channelGuardianApprovalRequests.status, 'pending'),
-        gt(channelGuardianApprovalRequests.expiresAt, now),
-      ),
-    )
+    .where(and(...conditions))
     .get();
 
   return row ? rowToApprovalRequest(row) : null;
@@ -448,25 +466,32 @@ export function getPendingApprovalByRunAndGuardianChat(
  * Return all pending (non-expired) guardian approval requests for a given
  * guardian chat and channel. Used to detect ambiguity when a guardian sends
  * a plain-text decision while multiple approvals are pending.
+ *
+ * When `assistantId` is provided, the results are scoped to that assistant
+ * to prevent cross-assistant approval consumption.
  */
 export function getAllPendingApprovalsByGuardianChat(
   channel: string,
   guardianChatId: string,
+  assistantId?: string,
 ): GuardianApprovalRequest[] {
   const db = getDb();
   const now = Date.now();
 
+  const conditions = [
+    eq(channelGuardianApprovalRequests.channel, channel),
+    eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
+    eq(channelGuardianApprovalRequests.status, 'pending'),
+    gt(channelGuardianApprovalRequests.expiresAt, now),
+  ];
+  if (assistantId) {
+    conditions.push(eq(channelGuardianApprovalRequests.assistantId, assistantId));
+  }
+
   const rows = db
     .select()
     .from(channelGuardianApprovalRequests)
-    .where(
-      and(
-        eq(channelGuardianApprovalRequests.channel, channel),
-        eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
-        eq(channelGuardianApprovalRequests.status, 'pending'),
-        gt(channelGuardianApprovalRequests.expiresAt, now),
-      ),
-    )
+    .where(and(...conditions))
     .orderBy(desc(channelGuardianApprovalRequests.createdAt))
     .all();
 
@@ -525,7 +550,7 @@ export interface VerificationRateLimit {
   actorChatId: string;
   /** Individual attempt timestamps (epoch-ms) within the sliding window. */
   attemptTimestamps: number[];
-  /** Derived count of attempts currently inside the window (convenience). */
+  /** Total stored attempt count (may include expired timestamps; use lockedUntil for enforcement decisions). */
   invalidAttempts: number;
   lockedUntil: number | null;
   createdAt: number;
@@ -645,6 +670,9 @@ export function recordInvalidAttempt(
     channel,
     actorExternalUserId,
     actorChatId,
+    // Legacy columns kept for backward compatibility with upgraded databases
+    invalidAttempts: 0,
+    windowStartedAt: 0,
     attemptTimestampsJson: JSON.stringify(timestamps),
     lockedUntil,
     createdAt: now,

package/src/memory/conversation-key-store.ts

@@ -67,6 +67,26 @@ export function setConversationKey(conversationKey: string, conversationId: stri
     .run();
 }
 
+/**
+ * Insert a conversation-key mapping only if the key does not already exist.
+ *
+ * Uses `onConflictDoNothing` on the unique `conversationKey` column to
+ * avoid unique-constraint races when concurrent first messages attempt
+ * to migrate a legacy key to a new scoped alias.
+ */
+export function setConversationKeyIfAbsent(conversationKey: string, conversationId: string): void {
+  const db = getDb();
+  db.insert(conversationKeys)
+    .values({
+      id: uuid(),
+      conversationKey,
+      conversationId,
+      createdAt: Date.now(),
+    })
+    .onConflictDoNothing()
+    .run();
+}
+
 /**
  * Get or create a conversation for the given conversationKey.
  *

package/src/memory/conversation-store.ts

@@ -84,7 +84,7 @@ export function deleteConversation(id: string): void {
   });
 }
 
-export function listConversations(limit?: number, includeBackground = false) {
+export function listConversations(limit?: number, includeBackground = false, offset = 0) {
   const db = getDb();
   const where = includeBackground ? undefined : sql`${conversations.threadType} != 'background'`;
   const query = db
@@ -92,10 +92,22 @@ export function listConversations(limit?: number, includeBackground = false) {
     .from(conversations)
     .where(where)
     .orderBy(desc(conversations.updatedAt))
-    .limit(limit ?? 100);
+    .limit(limit ?? 100)
+    .offset(offset);
   return query.all();
 }
 
+export function countConversations(includeBackground = false): number {
+  const db = getDb();
+  const where = includeBackground ? undefined : sql`${conversations.threadType} != 'background'`;
+  const [{ total }] = db
+    .select({ total: count() })
+    .from(conversations)
+    .where(where)
+    .all();
+  return total;
+}
+
 export function getLatestConversation() {
   const db = getDb();
   const result = db

package/src/memory/db.ts

@@ -992,6 +992,10 @@ export function initializeDb(): void {
   database.run(/*sql*/ `CREATE INDEX IF NOT EXISTS idx_channel_guardian_approval_run ON channel_guardian_approval_requests(run_id, status)`);
   database.run(/*sql*/ `CREATE INDEX IF NOT EXISTS idx_channel_guardian_approval_status ON channel_guardian_approval_requests(status)`);
 
+  // Migration: add assistant_id column to scope approval requests by assistant.
+  // Existing rows default to 'self' for backward compatibility.
+  try { database.run(/*sql*/ `ALTER TABLE channel_guardian_approval_requests ADD COLUMN assistant_id TEXT NOT NULL DEFAULT 'self'`); } catch { /* already exists */ }
+
   // ── Channel Guardian Verification Rate Limits ─────────────────────
 
   database.run(/*sql*/ `
@@ -1001,6 +1005,8 @@ export function initializeDb(): void {
       channel TEXT NOT NULL,
       actor_external_user_id TEXT NOT NULL,
       actor_chat_id TEXT NOT NULL,
+      invalid_attempts INTEGER NOT NULL DEFAULT 0,
+      window_started_at INTEGER NOT NULL DEFAULT 0,
       attempt_timestamps_json TEXT NOT NULL DEFAULT '[]',
       locked_until INTEGER,
       created_at INTEGER NOT NULL,
@@ -1013,6 +1019,12 @@ export function initializeDb(): void {
   // doesn't support DROP COLUMN in older versions) but are no longer read by the app.
   try { database.run(/*sql*/ `ALTER TABLE channel_guardian_rate_limits ADD COLUMN attempt_timestamps_json TEXT NOT NULL DEFAULT '[]'`); } catch { /* already exists */ }
 
+  // Migration: re-add legacy columns for databases created during the brief window when
+  // PR #6748 was live (columns were absent from CREATE TABLE). These columns are not read
+  // by app logic but must exist so drizzle inserts don't fail.
+  try { database.run(/*sql*/ `ALTER TABLE channel_guardian_rate_limits ADD COLUMN invalid_attempts INTEGER NOT NULL DEFAULT 0`); } catch { /* already exists */ }
+  try { database.run(/*sql*/ `ALTER TABLE channel_guardian_rate_limits ADD COLUMN window_started_at INTEGER NOT NULL DEFAULT 0`); } catch { /* already exists */ }
+
   database.run(/*sql*/ `CREATE UNIQUE INDEX IF NOT EXISTS idx_channel_guardian_rate_limits_actor ON channel_guardian_rate_limits(assistant_id, channel, actor_external_user_id, actor_chat_id)`);
 
   migrateMemoryFtsBackfill(database);

package/src/memory/schema.ts

@@ -646,6 +646,7 @@ export const channelGuardianApprovalRequests = sqliteTable('channel_guardian_app
   id: text('id').primaryKey(),
   runId: text('run_id').notNull(),
   conversationId: text('conversation_id').notNull(),
+  assistantId: text('assistant_id').notNull().default('self'),
   channel: text('channel').notNull(),
   requesterExternalUserId: text('requester_external_user_id').notNull(),
   requesterChatId: text('requester_chat_id').notNull(),
@@ -669,6 +670,10 @@ export const channelGuardianRateLimits = sqliteTable('channel_guardian_rate_limi
   channel: text('channel').notNull(),
   actorExternalUserId: text('actor_external_user_id').notNull(),
   actorChatId: text('actor_chat_id').notNull(),
+  // Legacy columns kept with defaults for backward compatibility with upgraded databases
+  // that still have the old NOT NULL columns without DEFAULT. Not read by app logic.
+  invalidAttempts: integer('invalid_attempts').notNull().default(0),
+  windowStartedAt: integer('window_started_at').notNull().default(0),
   attemptTimestampsJson: text('attempt_timestamps_json').notNull().default('[]'),
   lockedUntil: integer('locked_until'),
   createdAt: integer('created_at').notNull(),

package/src/runtime/http-server.ts

@@ -154,13 +154,16 @@ const GATEWAY_SUBPATH_MAP: Record<string, string> = {
   voice: 'voice-webhook',
   status: 'status',
   'connect-action': 'connect-action',
+  sms: 'sms',
 };
 
 /**
  * Direct Twilio webhook subpaths that are blocked in gateway_only mode.
+ * Includes all public-facing webhook paths (voice, status, connect-action, SMS)
+ * because the runtime must never serve as a direct ingress for external webhooks.
  * Internal forwarding endpoints (gateway→runtime) are unaffected.
  */
-const GATEWAY_ONLY_BLOCKED_SUBPATHS = new Set(['voice-webhook', 'status', 'connect-action']);
+const GATEWAY_ONLY_BLOCKED_SUBPATHS = new Set(['voice-webhook', 'status', 'connect-action', 'sms']);
 
 /**
  * Check if a request origin is from a private/internal network address.
@@ -616,7 +619,7 @@ export class RuntimeHttpServer {
     const assistantId = match[1];
     const endpoint = match[2];
     log.warn({ endpoint, assistantId }, '[deprecated] /v1/assistants/:assistantId/... route used; migrate to /v1/...');
-    return this.dispatchEndpoint(endpoint, req, url);
+    return this.dispatchEndpoint(endpoint, req, url, assistantId);
   }
 
   /**
@@ -628,6 +631,7 @@ export class RuntimeHttpServer {
     endpoint: string,
     req: Request,
     url: URL,
+    assistantId: string = 'self',
   ): Promise<Response> {
     try {
       if (endpoint === 'health' && req.method === 'GET') {
@@ -636,7 +640,9 @@ export class RuntimeHttpServer {
 
       if (endpoint === 'conversations' && req.method === 'GET') {
         const limit = Number(url.searchParams.get('limit') ?? 50);
-        const conversations = conversationStore.listConversations(limit);
+        const offset = Number(url.searchParams.get('offset') ?? 0);
+        const conversations = conversationStore.listConversations(limit, false, offset);
+        const totalCount = conversationStore.countConversations();
         const bindings = externalConversationStore.getBindingsForConversations(
           conversations.map((c) => c.id),
         );
@@ -659,6 +665,7 @@ export class RuntimeHttpServer {
               } : {}),
             };
           }),
+          hasMore: offset + conversations.length < totalCount,
         });
       }
 
@@ -732,11 +739,12 @@ export class RuntimeHttpServer {
       }
 
       if (endpoint === 'channels/conversation' && req.method === 'DELETE') {
-        return await handleDeleteConversation(req);
+        return await handleDeleteConversation(req, assistantId);
       }
 
       if (endpoint === 'channels/inbound' && req.method === 'POST') {
-        return await handleChannelInbound(req, this.processMessage, this.bearerToken, this.runOrchestrator);
+        const gatewayOriginSecret = process.env.RUNTIME_GATEWAY_ORIGIN_SECRET || undefined;
+        return await handleChannelInbound(req, this.processMessage, this.bearerToken, this.runOrchestrator, assistantId, gatewayOriginSecret);
       }
 
       if (endpoint === 'channels/delivery-ack' && req.method === 'POST') {