@vellumai/assistant 0.3.28 → 0.4.0

package/src/__tests__/guardian-routing-invariants.test.ts

@@ -732,6 +732,33 @@ describe('routing invariant: disambiguation stays fail-closed', () => {
     const resolved = getCanonicalGuardianRequest(req.id);
     expect(resolved!.status).toBe('approved');
   });
+
+  test('single pending request accepts "go for it" as deterministic approval', async () => {
+    const req = createCanonicalGuardianRequest({
+      kind: 'tool_approval',
+      sourceType: 'channel',
+      conversationId: 'conv-1',
+      guardianExternalUserId: 'guardian-1',
+      toolName: 'shell',
+      requestCode: 'GO1234',
+      expiresAt: new Date(Date.now() + 60_000).toISOString(),
+    });
+    registerPendingToolApprovalInteraction(req.id, 'conv-1', 'shell');
+
+    const result = await routeGuardianReply(replyCtx({
+      messageText: 'go for it',
+      conversationId: 'conv-1',
+      pendingRequestIds: [req.id],
+      approvalConversationGenerator: undefined,
+    }));
+
+    expect(result.consumed).toBe(true);
+    expect(result.decisionApplied).toBe(true);
+    expect(result.type).toBe('canonical_decision_applied');
+
+    const resolved = getCanonicalGuardianRequest(req.id);
+    expect(resolved!.status).toBe('approved');
+  });
 });
 
 // ===========================================================================
@@ -952,3 +979,114 @@ describe('routing invariant: destination hints enable NL approval without guardi
     expect(unchanged!.status).toBe('pending');
   });
 });
+
+// ===========================================================================
+// SECTION 10: Invite handoff bypass for access requests
+// ===========================================================================
+
+describe('routing invariant: invite handoff bypass for access requests', () => {
+  beforeEach(() => resetTables());
+
+  test('pending access_request + message "open invite flow" returns not_consumed with skipApprovalInterception', async () => {
+    const req = createCanonicalGuardianRequest({
+      kind: 'access_request',
+      sourceType: 'channel',
+      sourceChannel: 'telegram',
+      conversationId: 'conv-access-1',
+      guardianExternalUserId: 'guardian-1',
+      requestCode: 'INV001',
+      toolName: 'ingress_access_request',
+      expiresAt: new Date(Date.now() + 60_000).toISOString(),
+    });
+
+    const result = await routeGuardianReply(replyCtx({
+      messageText: 'open invite flow',
+      conversationId: 'conv-guardian-thread',
+      pendingRequestIds: [req.id],
+      approvalConversationGenerator: undefined,
+    }));
+
+    expect(result.consumed).toBe(false);
+    expect(result.type).toBe('not_consumed');
+    expect(result.decisionApplied).toBe(false);
+    expect(result.skipApprovalInterception).toBe(true);
+
+    // Request remains pending — not resolved by the handoff
+    const unchanged = getCanonicalGuardianRequest(req.id);
+    expect(unchanged!.status).toBe('pending');
+  });
+
+  test('invite handoff is case-insensitive and punctuation-trimmed', async () => {
+    const req = createCanonicalGuardianRequest({
+      kind: 'access_request',
+      sourceType: 'channel',
+      sourceChannel: 'telegram',
+      guardianExternalUserId: 'guardian-1',
+      expiresAt: new Date(Date.now() + 60_000).toISOString(),
+    });
+
+    for (const phrase of ['Open Invite Flow', 'OPEN INVITE FLOW', 'open invite flow.', 'Open invite flow!']) {
+      const result = await routeGuardianReply(replyCtx({
+        messageText: phrase,
+        conversationId: 'conv-test',
+        pendingRequestIds: [req.id],
+        approvalConversationGenerator: undefined,
+      }));
+
+      expect(result.consumed).toBe(false);
+      expect(result.type).toBe('not_consumed');
+    }
+  });
+
+  test('invite handoff does NOT bypass for non-access-request kinds', async () => {
+    const req = createCanonicalGuardianRequest({
+      kind: 'tool_approval',
+      sourceType: 'channel',
+      conversationId: 'conv-1',
+      guardianExternalUserId: 'guardian-1',
+      requestCode: 'TAP001',
+      toolName: 'shell',
+      expiresAt: new Date(Date.now() + 60_000).toISOString(),
+    });
+
+    await routeGuardianReply(replyCtx({
+      messageText: 'open invite flow',
+      conversationId: 'conv-guardian-thread',
+      pendingRequestIds: [req.id],
+      approvalConversationGenerator: undefined,
+    }));
+
+    // Should NOT return not_consumed via the invite handoff path.
+    // Without NL generator and no explicit approve/reject, it falls through
+    // to not_consumed anyway, but the key invariant is the request remains pending.
+    const unchanged = getCanonicalGuardianRequest(req.id);
+    expect(unchanged!.status).toBe('pending');
+  });
+
+  test('explicit approve/reject messages still consume with pending access_request', async () => {
+    const req = createCanonicalGuardianRequest({
+      kind: 'access_request',
+      sourceType: 'channel',
+      sourceChannel: 'telegram',
+      conversationId: 'conv-access-2',
+      guardianExternalUserId: 'guardian-1',
+      requestCode: 'A00B01',
+      toolName: 'ingress_access_request',
+      expiresAt: new Date(Date.now() + 60_000).toISOString(),
+    });
+
+    // Code-based approve should still work (request code must be valid hex: [A-F0-9]{6})
+    const result = await routeGuardianReply(replyCtx({
+      messageText: 'A00B01 approve',
+      conversationId: 'conv-guardian-thread',
+      pendingRequestIds: [req.id],
+      approvalConversationGenerator: undefined,
+    }));
+
+    expect(result.consumed).toBe(true);
+    expect(result.decisionApplied).toBe(true);
+
+    const resolved = getCanonicalGuardianRequest(req.id);
+    expect(resolved!.status).toBe('approved');
+  });
+});

package/src/__tests__/handle-user-message-secret-resume.test.ts

@@ -37,6 +37,7 @@ describe('handleUserMessage secret redirect continuation', () => {
       setTurnChannelContext: () => {},
       setTurnInterfaceContext: () => {},
       setAssistantId: () => {},
+      setChannelCapabilities: () => {},
       setGuardianContext: () => {},
       setCommandIntent: () => {},
       processMessage: (content: string, _attachments: unknown[], _onEvent: unknown, requestId: string) => {

package/src/__tests__/handlers-slack-config.test.ts

@@ -12,7 +12,9 @@ let rawConfigStore: Record<string, unknown> = {};
 const saveRawConfigCalls: Record<string, unknown>[] = [];
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({}),
+  getConfig: () => ({
+    ui: {},
+    }),
   loadConfig: () => ({}),
   loadRawConfig: () => ({ ...rawConfigStore }),
   saveRawConfig: (cfg: Record<string, unknown>) => {

package/src/__tests__/handlers-telegram-config.test.ts

@@ -11,7 +11,9 @@ const testDir = mkdtempSync(join(tmpdir(), 'handlers-telegram-cfg-test-'));
 let rawConfigStore: Record<string, unknown> = {};
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({}),
+  getConfig: () => ({
+    ui: {},
+    }),
   loadConfig: () => ({}),
   loadRawConfig: () => ({ ...rawConfigStore }),
   saveRawConfig: (cfg: Record<string, unknown>) => {

package/src/__tests__/handlers-twilio-config.test.ts

@@ -11,7 +11,9 @@ const testDir = mkdtempSync(join(tmpdir(), 'handlers-twilio-cfg-test-'));
 let rawConfigStore: Record<string, unknown> = {};
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({ ...rawConfigStore }),
+  getConfig: () => ({
+    ui: {},
+     ...rawConfigStore }),
   loadConfig: () => ({ ...rawConfigStore }),
   loadRawConfig: () => ({ ...rawConfigStore }),
   saveRawConfig: (cfg: Record<string, unknown>) => {

package/src/__tests__/handlers-twitter-config.test.ts

@@ -12,7 +12,9 @@ let rawConfigStore: Record<string, unknown> = {};
 const saveRawConfigCalls: Record<string, unknown>[] = [];
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({}),
+  getConfig: () => ({
+    ui: {},
+    }),
   loadConfig: () => ({}),
   loadRawConfig: () => ({ ...rawConfigStore }),
   saveRawConfig: (cfg: Record<string, unknown>) => {

package/src/__tests__/handlers-user-message-approval-consumption.test.ts

@@ -0,0 +1,318 @@
+import * as net from 'node:net';
+
+import { beforeEach, describe, expect, mock, test } from 'bun:test';
+
+import type { HandlerContext } from '../daemon/handlers.js';
+import type { UserMessage } from '../daemon/ipc-contract.js';
+import type { ServerMessage } from '../daemon/ipc-protocol.js';
+import { DebouncerMap } from '../util/debounce.js';
+
+const routeGuardianReplyMock = mock(async () => ({
+  consumed: false,
+  decisionApplied: false,
+  type: 'not_consumed' as const,
+})) as any;
+const listPendingByDestinationMock = mock(() => [] as Array<{ id: string; kind?: string }>);
+const listCanonicalMock = mock(() => [] as Array<{ id: string }>);
+const getByConversationMock = mock(
+  () => [] as Array<{
+    requestId: string;
+    kind: 'confirmation' | 'secret';
+    session?: unknown;
+  }>,
+);
+const resolveMock = mock(() => undefined as unknown);
+const addMessageMock = mock(async () => ({ id: 'persisted-message-id' }));
+const getConfigMock = mock(() => ({
+  daemon: { standaloneRecording: false },
+  secretDetection: { customPatterns: [], entropyThreshold: 3.5 },
+}));
+
+mock.module('../runtime/guardian-reply-router.js', () => ({
+  routeGuardianReply: routeGuardianReplyMock,
+}));
+
+mock.module('../memory/canonical-guardian-store.js', () => ({
+  listPendingCanonicalGuardianRequestsByDestinationConversation: listPendingByDestinationMock,
+  listCanonicalGuardianRequests: listCanonicalMock,
+}));
+
+mock.module('../runtime/pending-interactions.js', () => ({
+  getByConversation: getByConversationMock,
+  resolve: resolveMock,
+}));
+
+mock.module('../memory/conversation-store.js', () => ({
+  addMessage: addMessageMock,
+}));
+
+mock.module('../config/loader.js', () => ({
+  getConfig: getConfigMock,
+}));
+
+mock.module('../daemon/approval-generators.js', () => ({
+  createApprovalConversationGenerator: () => async () => ({
+    disposition: 'keep_pending',
+    replyText: 'pending',
+  }),
+}));
+
+mock.module('../util/logger.js', () => ({
+  getLogger: () => ({
+    info: () => {},
+    warn: () => {},
+    error: () => {},
+    debug: () => {},
+    child: () => ({
+      info: () => {},
+      warn: () => {},
+      error: () => {},
+      debug: () => {},
+    }),
+  }),
+}));
+
+import { handleUserMessage } from '../daemon/handlers/sessions.js';
+
+interface TestSession {
+  messages: Array<{ role: string; content: unknown[] }>;
+  hasEscalationHandler: () => boolean;
+  setChannelCapabilities: (caps: unknown) => void;
+  isProcessing: () => boolean;
+  hasPendingConfirmation: (requestId: string) => boolean;
+  hasAnyPendingConfirmation: () => boolean;
+  getQueueDepth: () => number;
+  denyAllPendingConfirmations: () => void;
+  enqueueMessage: (...args: unknown[]) => { queued: boolean; rejected?: boolean; requestId: string };
+  traceEmitter: { emit: (...args: unknown[]) => void };
+  setTurnChannelContext: (ctx: unknown) => void;
+  setTurnInterfaceContext: (ctx: unknown) => void;
+  setAssistantId: (assistantId: string) => void;
+  setGuardianContext: (ctx: unknown) => void;
+  setCommandIntent: (intent: unknown) => void;
+  processMessage: (...args: unknown[]) => Promise<string>;
+}
+
+function createContext(session: TestSession): { ctx: HandlerContext; sent: ServerMessage[] } {
+  const sent: ServerMessage[] = [];
+  const ctx: HandlerContext = {
+    sessions: new Map(),
+    socketToSession: new Map(),
+    cuSessions: new Map(),
+    socketToCuSession: new Map(),
+    cuObservationParseSequence: new Map(),
+    socketSandboxOverride: new Map(),
+    sharedRequestTimestamps: [],
+    debounceTimers: new DebouncerMap({ defaultDelayMs: 100 }),
+    suppressConfigReload: false,
+    setSuppressConfigReload: () => {},
+    updateConfigFingerprint: () => {},
+    send: (_socket, msg) => { sent.push(msg); },
+    broadcast: () => {},
+    clearAllSessions: () => 0,
+    getOrCreateSession: async () => session as any,
+    touchSession: () => {},
+  };
+  return { ctx, sent };
+}
+
+function makeMessage(content: string): UserMessage {
+  return {
+    type: 'user_message',
+    sessionId: 'conv-1',
+    content,
+    channel: 'vellum',
+    interface: 'macos',
+  };
+}
+
+function makeSession(overrides: Partial<TestSession> = {}): TestSession {
+  return {
+    messages: [],
+    hasEscalationHandler: () => true,
+    setChannelCapabilities: () => {},
+    isProcessing: () => false,
+    hasPendingConfirmation: () => true,
+    hasAnyPendingConfirmation: () => true,
+    getQueueDepth: () => 0,
+    denyAllPendingConfirmations: mock(() => {}),
+    enqueueMessage: mock(() => ({ queued: true, requestId: 'queued-id' })),
+    traceEmitter: { emit: () => {} },
+    setTurnChannelContext: () => {},
+    setTurnInterfaceContext: () => {},
+    setAssistantId: () => {},
+    setGuardianContext: () => {},
+    setCommandIntent: () => {},
+    processMessage: async () => 'msg-id',
+    ...overrides,
+  };
+}
+
+describe('handleUserMessage pending-confirmation reply interception', () => {
+  beforeEach(() => {
+    routeGuardianReplyMock.mockClear();
+    listPendingByDestinationMock.mockClear();
+    listCanonicalMock.mockClear();
+    getByConversationMock.mockClear();
+    resolveMock.mockClear();
+    addMessageMock.mockClear();
+    getConfigMock.mockClear();
+  });
+
+  test('consumes decision replies before auto-deny', async () => {
+    listPendingByDestinationMock.mockReturnValue([{ id: 'req-1', kind: 'tool_approval' }]);
+    listCanonicalMock.mockReturnValue([{ id: 'req-1' }]);
+    routeGuardianReplyMock.mockResolvedValue({
+      consumed: true,
+      decisionApplied: true,
+      type: 'canonical_decision_applied',
+      requestId: 'req-1',
+    });
+
+    const session = makeSession();
+    const { ctx, sent } = createContext(session);
+
+    await handleUserMessage(makeMessage('go for it'), {} as net.Socket, ctx);
+
+    expect(routeGuardianReplyMock).toHaveBeenCalledTimes(1);
+    const routeCall = (routeGuardianReplyMock as any).mock.calls[0][0] as Record<string, unknown>;
+    expect(routeCall.messageText).toBe('go for it');
+    expect(typeof routeCall.approvalConversationGenerator).toBe('function');
+    expect((session.denyAllPendingConfirmations as any).mock.calls.length).toBe(0);
+    expect((session.enqueueMessage as any).mock.calls.length).toBe(0);
+    expect(session.messages).toHaveLength(2);
+    expect(session.messages[0]?.role).toBe('user');
+    expect(session.messages[1]?.role).toBe('assistant');
+    expect(addMessageMock).toHaveBeenCalledTimes(2);
+    expect(addMessageMock).toHaveBeenCalledWith(
+      'conv-1',
+      'user',
+      expect.any(String),
+      expect.objectContaining({
+        userMessageChannel: 'vellum',
+        assistantMessageChannel: 'vellum',
+        userMessageInterface: 'macos',
+        assistantMessageInterface: 'macos',
+        provenanceActorRole: 'guardian',
+      }),
+    );
+    expect(addMessageMock).toHaveBeenCalledWith(
+      'conv-1',
+      'assistant',
+      expect.stringContaining('Decision applied.'),
+      expect.objectContaining({
+        userMessageChannel: 'vellum',
+        assistantMessageChannel: 'vellum',
+        userMessageInterface: 'macos',
+        assistantMessageInterface: 'macos',
+        provenanceActorRole: 'guardian',
+      }),
+    );
+    expect(sent.map((msg) => msg.type)).toEqual([
+      'message_queued',
+      'message_dequeued',
+      'assistant_text_delta',
+      'message_request_complete',
+    ]);
+    const assistantDelta = sent.find(
+      (msg): msg is Extract<ServerMessage, { type: 'assistant_text_delta' }> => msg.type === 'assistant_text_delta',
+    );
+    expect(assistantDelta?.text).toBe('Decision applied.');
+    const requestComplete = sent.find(
+      (msg): msg is Extract<ServerMessage, { type: 'message_request_complete' }> => msg.type === 'message_request_complete',
+    );
+    expect(requestComplete?.runStillActive).toBe(false);
+  });
+
+  test('does not mutate in-memory history while processing', async () => {
+    listPendingByDestinationMock.mockReturnValue([{ id: 'req-1', kind: 'tool_approval' }]);
+    listCanonicalMock.mockReturnValue([{ id: 'req-1' }]);
+    routeGuardianReplyMock.mockResolvedValue({
+      consumed: true,
+      decisionApplied: true,
+      type: 'canonical_decision_applied',
+      requestId: 'req-1',
+    });
+
+    const session = makeSession({ isProcessing: () => true });
+    const { ctx, sent } = createContext(session);
+
+    await handleUserMessage(makeMessage('approve'), {} as net.Socket, ctx);
+
+    expect(addMessageMock).toHaveBeenCalledTimes(2);
+    expect(session.messages).toHaveLength(0);
+    // assistant_text_delta must NOT be sent when the session is processing —
+    // it would contaminate the agent's in-flight streaming message on the client.
+    expect(sent.some((msg) => msg.type === 'assistant_text_delta')).toBe(false);
+    expect(sent.map((msg) => msg.type)).toEqual([
+      'message_queued',
+      'message_dequeued',
+      'message_request_complete',
+    ]);
+    const requestComplete = sent.find(
+      (msg): msg is Extract<ServerMessage, { type: 'message_request_complete' }> => msg.type === 'message_request_complete',
+    );
+    expect(requestComplete?.runStillActive).toBe(true);
+  });
+
+  test('nl keep_pending falls back to existing auto-deny + queue behavior', async () => {
+    listPendingByDestinationMock.mockReturnValue([{ id: 'req-1', kind: 'tool_approval' }]);
+    listCanonicalMock.mockReturnValue([{ id: 'req-1' }]);
+    routeGuardianReplyMock.mockResolvedValue({
+      consumed: true,
+      decisionApplied: false,
+      type: 'nl_keep_pending',
+      requestId: 'req-1',
+      replyText: 'Need clarification',
+    });
+
+    const session = makeSession();
+    const { ctx, sent } = createContext(session);
+
+    await handleUserMessage(makeMessage('what does that do?'), {} as net.Socket, ctx);
+
+    expect(routeGuardianReplyMock).toHaveBeenCalledTimes(1);
+    expect((session.denyAllPendingConfirmations as any).mock.calls.length).toBe(1);
+    expect((session.enqueueMessage as any).mock.calls.length).toBe(1);
+    expect(session.messages).toHaveLength(0);
+    expect(addMessageMock).toHaveBeenCalledTimes(0);
+    expect(sent.some((msg) => msg.type === 'message_queued')).toBe(true);
+    expect(sent.some((msg) => msg.type === 'message_dequeued')).toBe(false);
+  });
+
+  test('routes only live pending confirmation request ids', async () => {
+    const session = makeSession({
+      hasPendingConfirmation: (requestId: string) => requestId === 'req-live',
+    });
+
+    getByConversationMock.mockReturnValue([
+      { requestId: 'req-stale', kind: 'confirmation', session: {} },
+      { requestId: 'req-live', kind: 'confirmation', session: session as unknown },
+    ]);
+    listPendingByDestinationMock.mockReturnValue([
+      { id: 'req-stale', kind: 'tool_approval' },
+      { id: 'req-live', kind: 'tool_approval' },
+    ]);
+    listCanonicalMock.mockReturnValue([
+      { id: 'req-stale' },
+      { id: 'req-live' },
+    ]);
+    routeGuardianReplyMock.mockResolvedValue({
+      consumed: false,
+      decisionApplied: false,
+      type: 'not_consumed',
+    });
+
+    const { ctx } = createContext(session);
+    await handleUserMessage(makeMessage('allow'), {} as net.Socket, ctx);
+
+    expect(routeGuardianReplyMock).toHaveBeenCalledTimes(1);
+    const routeCall = (routeGuardianReplyMock as any).mock.calls[0][0] as Record<string, unknown>;
+    expect(routeCall.pendingRequestIds).toEqual(['req-live']);
+    // Auto-deny clears matching confirmation entries from pending-interactions
+    // so stale IDs are not reused as routing candidates. Only the live
+    // session-scoped interaction should be resolved.
+    expect(resolveMock).toHaveBeenCalledTimes(1);
+    expect(resolveMock).toHaveBeenCalledWith('req-live');
+  });
+});

package/src/__tests__/heartbeat-service.test.ts

@@ -31,6 +31,26 @@ const createdConversations: Array<{ title: string; threadType: string }> = [];
 let conversationIdCounter = 0;
 
 mock.module('../memory/conversation-store.js', () => ({
+  getConversationThreadType: () => 'default',
+  setConversationOriginChannelIfUnset: () => {},
+  updateConversationContextWindow: () => {},
+  deleteMessageById: () => {},
+  updateConversationTitle: () => {},
+  updateConversationUsage: () => {},
+  addMessage: () => ({ id: 'mock-msg-id' }),
+  getMessages: () => [],
+  getConversation: () => ({
+    id: 'conv-1',
+    contextSummary: null,
+    contextCompactedMessageCount: 0,
+    totalInputTokens: 0,
+    totalOutputTokens: 0,
+    totalEstimatedCost: 0,
+    title: null,
+  }),
+  provenanceFromGuardianContext: () => ({ source: 'user', guardianContext: undefined }),
+  getConversationOriginInterface: () => null,
+  getConversationOriginChannel: () => null,
   createConversation: (opts: { title: string; threadType: string }) => {
     createdConversations.push(opts);
     return { id: `conv-${++conversationIdCounter}`, ...opts };

package/src/__tests__/inbound-invite-redemption.test.ts

@@ -364,4 +364,37 @@ describe('inbound invite redemption intercept', () => {
     expect(json.accepted).toBe(true);
     expect(json.denied).toBeUndefined();
   });
+
+  test('reactivation via invite preserves existing guardian-managed member display name', async () => {
+    const { rawToken } = createInvite({ sourceChannel: 'telegram', maxUses: 5 });
+
+    upsertMember({
+      assistantId: 'self',
+      sourceChannel: 'telegram',
+      externalUserId: 'user-invite-123',
+      externalChatId: 'chat-invite-test',
+      status: 'revoked',
+      policy: 'allow',
+      displayName: 'Jeff',
+    });
+
+    const req = buildInviteRequest(rawToken, {
+      senderName: 'Noa Flaherty',
+    });
+    const resp = await handleChannelInbound(req, undefined, TEST_BEARER_TOKEN);
+    const json = await resp.json() as Record<string, unknown>;
+
+    expect(json.accepted).toBe(true);
+    expect(json.inviteRedemption).toBe('redeemed');
+
+    const member = findMember({
+      assistantId: 'self',
+      sourceChannel: 'telegram',
+      externalUserId: 'user-invite-123',
+      externalChatId: 'chat-invite-test',
+    });
+    expect(member).not.toBeNull();
+    expect(member!.status).toBe('active');
+    expect(member!.displayName).toBe('Jeff');
+  });
 });

package/src/__tests__/ingress-reconcile.test.ts

@@ -11,7 +11,9 @@ const testDir = mkdtempSync(join(tmpdir(), 'ingress-reconcile-test-'));
 let rawConfigStore: Record<string, unknown> = {};
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({}),
+  getConfig: () => ({
+    ui: {},
+    }),
   loadConfig: () => ({}),
   loadRawConfig: () => ({ ...rawConfigStore }),
   saveRawConfig: (cfg: Record<string, unknown>) => {