@vellumai/assistant 0.3.4 → 0.3.6

package/src/runtime/routes/conversation-routes.ts

@@ -1,6 +1,7 @@
 /**
  * Route handlers for conversation messages and suggestions.
  */
+import { CHANNEL_IDS, parseChannelId } from '../../channels/types.js';
 import { existsSync, readdirSync, statSync } from 'node:fs';
 import { join, relative } from 'node:path';
 import {
@@ -10,8 +11,7 @@ import {
 import * as conversationStore from '../../memory/conversation-store.js';
 import * as attachmentsStore from '../../memory/attachments-store.js';
 import { renderHistoryContent, mergeToolResults } from '../../daemon/handlers.js';
-import { getConfig } from '../../config/loader.js';
-import { getFailoverProvider, listProviders } from '../../providers/registry.js';
+import { getConfiguredProvider } from '../../providers/provider-send-message.js';
 import type { Provider } from '../../providers/types.js';
 import type {
   MessageProcessor,
@@ -148,7 +148,21 @@ export async function handleSendMessage(
     sourceChannel?: string;
   };
 
-  const { conversationKey, content, attachmentIds, sourceChannel } = body;
+  const { conversationKey, content, attachmentIds } = body;
+  if (!body.sourceChannel || typeof body.sourceChannel !== 'string') {
+    return Response.json(
+      { error: 'sourceChannel is required' },
+      { status: 400 },
+    );
+  }
+  const sourceChannel = parseChannelId(body.sourceChannel);
+
+  if (!sourceChannel) {
+    return Response.json(
+      { error: `Invalid sourceChannel: ${body.sourceChannel}. Valid values: ${CHANNEL_IDS.join(', ')}` },
+      { status: 400 },
+    );
+  }
 
   if (!conversationKey) {
     return Response.json(
@@ -158,7 +172,7 @@ export async function handleSendMessage(
   }
 
   // Reject non-string content values (numbers, objects, etc.)
-  if (content !== undefined && content !== null && typeof content !== 'string') {
+  if (content != null && typeof content !== 'string') {
     return Response.json(
       { error: 'content must be a string' },
       { status: 400 },
@@ -311,10 +325,9 @@ export async function handleGetSuggestion(
     }
 
     // Try LLM suggestion using the configured provider
-    const config = getConfig();
-    if (listProviders().includes(config.provider)) {
+    const provider = getConfiguredProvider();
+    if (provider) {
       try {
-        const provider = getFailoverProvider(config.provider, config.providerOrder);
         // Deduplicate concurrent requests
         let promise = suggestionInFlight.get(msg.id);
         if (!promise) {
@@ -350,3 +363,33 @@ export async function handleGetSuggestion(
 
   return Response.json({ suggestion: null, messageId: null, source: 'none' as const });
 }
+
+/**
+ * GET /search?q=<query>[&limit=<n>][&maxMessagesPerConversation=<n>]
+ *
+ * Full-text search across all conversation threads (message content + titles).
+ * Returns ranked results grouped by conversation, each with matching message excerpts.
+ */
+export function handleSearchConversations(url: URL): Response {
+  const query = url.searchParams.get('q') ?? '';
+  if (!query.trim()) {
+    return Response.json(
+      { error: 'q query parameter is required' },
+      { status: 400 },
+    );
+  }
+
+  const limit = url.searchParams.has('limit')
+    ? Number(url.searchParams.get('limit'))
+    : undefined;
+  const maxMessagesPerConversation = url.searchParams.has('maxMessagesPerConversation')
+    ? Number(url.searchParams.get('maxMessagesPerConversation'))
+    : undefined;
+
+  const results = conversationStore.searchConversations(query, {
+    ...(limit !== undefined && !isNaN(limit) ? { limit } : {}),
+    ...(maxMessagesPerConversation !== undefined && !isNaN(maxMessagesPerConversation) ? { maxMessagesPerConversation } : {}),
+  });
+
+  return Response.json({ query, results });
+}

package/src/runtime/routes/events-routes.ts

@@ -69,7 +69,7 @@ export function handleSubscribeAssistantEvents(
         try {
           // Shed stalled consumers: desiredSize <= 0 means the 16-event buffer
           // is full and the client isn't draining it.
-          if (controller.desiredSize !== null && controller.desiredSize <= 0) {
+          if (controller.desiredSize != null && controller.desiredSize <= 0) {
             sub.dispose();
             cleanup();
             return;
@@ -114,7 +114,7 @@ export function handleSubscribeAssistantEvents(
         try {
           // Apply the same slow-consumer guard as the event path: stop
           // feeding heartbeats into a queue the client is not draining.
-          if (controller.desiredSize !== null && controller.desiredSize <= 0) {
+          if (controller.desiredSize != null && controller.desiredSize <= 0) {
             sub.dispose();
             cleanup();
             return;

package/src/runtime/routes/identity-routes.ts

@@ -0,0 +1,126 @@
+/**
+ * Identity and health endpoint handlers.
+ */
+
+import { existsSync, readFileSync, statSync, statfsSync } from 'node:fs';
+import { join, dirname } from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { getWorkspacePromptPath, readLockfile } from '../../util/platform.js';
+import { getBaseDataDir } from '../../config/env-registry.js';
+
+interface DiskSpaceInfo {
+  path: string;
+  totalMb: number;
+  usedMb: number;
+  freeMb: number;
+}
+
+function getDiskSpaceInfo(): DiskSpaceInfo | null {
+  try {
+    const baseDataDir = getBaseDataDir();
+    const diskPath = baseDataDir && existsSync(baseDataDir) ? baseDataDir : '/';
+    const stats = statfsSync(diskPath);
+    const totalBytes = stats.bsize * stats.blocks;
+    const freeBytes = stats.bsize * stats.bavail;
+    const bytesToMb = (b: number) => Math.round((b / (1024 * 1024)) * 100) / 100;
+    return {
+      path: diskPath,
+      totalMb: bytesToMb(totalBytes),
+      usedMb: bytesToMb(totalBytes - freeBytes),
+      freeMb: bytesToMb(freeBytes),
+    };
+  } catch {
+    return null;
+  }
+}
+
+export function handleHealth(): Response {
+  return Response.json({
+    status: 'healthy',
+    timestamp: new Date().toISOString(),
+    disk: getDiskSpaceInfo(),
+  });
+}
+
+export function handleGetIdentity(): Response {
+  const identityPath = getWorkspacePromptPath('IDENTITY.md');
+  if (!existsSync(identityPath)) {
+    return Response.json({ error: 'IDENTITY.md not found' }, { status: 404 });
+  }
+
+  const content = readFileSync(identityPath, 'utf-8');
+  const fields: Record<string, string> = {};
+  for (const line of content.split('\n')) {
+    const trimmed = line.trim();
+    const lower = trimmed.toLowerCase();
+    const extract = (prefix: string): string | null => {
+      if (!lower.startsWith(prefix)) return null;
+      return trimmed.split(':**').pop()?.trim() ?? null;
+    };
+
+    const name = extract('- **name:**');
+    if (name) { fields.name = name; continue; }
+    const role = extract('- **role:**');
+    if (role) { fields.role = role; continue; }
+    const personality = extract('- **personality:**') ?? extract('- **vibe:**');
+    if (personality) { fields.personality = personality; continue; }
+    const emoji = extract('- **emoji:**');
+    if (emoji) { fields.emoji = emoji; continue; }
+    const home = extract('- **home:**');
+    if (home) { fields.home = home; continue; }
+  }
+
+  // Read version from package.json
+  let version: string | undefined;
+  try {
+    const pkgPath = join(dirname(fileURLToPath(import.meta.url)), '../../../package.json');
+    const pkg = JSON.parse(readFileSync(pkgPath, 'utf-8'));
+    version = pkg.version;
+  } catch {
+    // ignore
+  }
+
+  // Read createdAt from IDENTITY.md file birthtime
+  let createdAt: string | undefined;
+  try {
+    const stats = statSync(identityPath);
+    createdAt = stats.birthtime.toISOString();
+  } catch {
+    // ignore
+  }
+
+  // Read lockfile for assistantId, cloud, and originSystem
+  let assistantId: string | undefined;
+  let cloud: string | undefined;
+  let originSystem: string | undefined;
+  try {
+    const lockData = readLockfile();
+    const assistants = lockData?.assistants as Array<Record<string, unknown>> | undefined;
+    if (assistants && assistants.length > 0) {
+      // Use the most recently hatched assistant
+      const sorted = [...assistants].sort((a, b) => {
+        const dateA = new Date(a.hatchedAt as string || 0).getTime();
+        const dateB = new Date(b.hatchedAt as string || 0).getTime();
+        return dateB - dateA;
+      });
+      const latest = sorted[0];
+      assistantId = latest.assistantId as string | undefined;
+      cloud = latest.cloud as string | undefined;
+      originSystem = cloud === 'local' ? 'local' : cloud;
+    }
+  } catch {
+    // ignore -- lockfile may not exist
+  }
+
+  return Response.json({
+    name: fields.name ?? '',
+    role: fields.role ?? '',
+    personality: fields.personality ?? '',
+    emoji: fields.emoji ?? '',
+    home: fields.home ?? '',
+    version,
+    assistantId,
+    createdAt,
+    originSystem,
+  });
+}

package/src/runtime/routes/pairing-routes.ts

@@ -0,0 +1,143 @@
+/**
+ * Pairing HTTP route handlers for device pairing flow.
+ */
+
+import { getLogger } from '../../util/logger.js';
+import { PairingStore } from '../../daemon/pairing-store.js';
+import {
+  isDeviceApproved,
+  refreshDevice,
+  hashDeviceId,
+} from '../../daemon/approved-devices-store.js';
+
+const log = getLogger('runtime-http');
+
+export interface PairingHandlerContext {
+  pairingStore: PairingStore;
+  bearerToken: string | undefined;
+  pairingBroadcast?: (msg: { type: string; [key: string]: unknown }) => void;
+}
+
+/**
+ * POST /v1/pairing/register -- Bearer-authenticated.
+ * macOS pre-registers a pairing request when the QR is displayed.
+ */
+export async function handlePairingRegister(req: Request, ctx: PairingHandlerContext): Promise<Response> {
+  try {
+    const body = await req.json() as Record<string, unknown>;
+    const pairingRequestId = typeof body.pairingRequestId === 'string' ? body.pairingRequestId : '';
+    const pairingSecret = typeof body.pairingSecret === 'string' ? body.pairingSecret : '';
+    const gatewayUrl = typeof body.gatewayUrl === 'string' ? body.gatewayUrl : '';
+    const localLanUrl = typeof body.localLanUrl === 'string' ? body.localLanUrl : null;
+
+    if (!pairingRequestId || !pairingSecret || !gatewayUrl) {
+      return Response.json({ error: 'Missing required fields: pairingRequestId, pairingSecret, gatewayUrl' }, { status: 400 });
+    }
+
+    const result = ctx.pairingStore.register({ pairingRequestId, pairingSecret, gatewayUrl, localLanUrl });
+    if (!result.ok) {
+      return Response.json({ error: 'Conflict: pairingRequestId exists with different secret' }, { status: 409 });
+    }
+
+    return Response.json({ ok: true });
+  } catch (err) {
+    log.error({ err }, 'Failed to register pairing request');
+    return Response.json({ error: 'Internal server error' }, { status: 500 });
+  }
+}
+
+/**
+ * POST /v1/pairing/request -- Unauthenticated (secret-gated).
+ * iOS initiates a pairing handshake.
+ */
+export async function handlePairingRequest(req: Request, ctx: PairingHandlerContext): Promise<Response> {
+  try {
+    const body = await req.json() as Record<string, unknown>;
+    const pairingRequestId = typeof body.pairingRequestId === 'string' ? body.pairingRequestId : '';
+    const pairingSecret = typeof body.pairingSecret === 'string' ? body.pairingSecret : '';
+    const deviceId = typeof body.deviceId === 'string' ? body.deviceId.trim() : '';
+    const deviceName = typeof body.deviceName === 'string' ? body.deviceName.trim() : '';
+
+    // Redact secret from any potential logging of body
+    log.info({ pairingRequestId, deviceName, hasDeviceId: !!deviceId }, 'Pairing request received');
+
+    if (!deviceId || !deviceName) {
+      return Response.json({ error: 'Missing required fields: deviceId, deviceName' }, { status: 400 });
+    }
+
+    if (!pairingRequestId || !pairingSecret) {
+      return Response.json({ error: 'Missing required fields: pairingRequestId, pairingSecret' }, { status: 400 });
+    }
+
+    const result = ctx.pairingStore.beginRequest({ pairingRequestId, pairingSecret, deviceId, deviceName });
+    if (!result.ok) {
+      const statusCode = result.reason === 'invalid_secret' ? 403 : result.reason === 'not_found' ? 403 : 410;
+      return Response.json({ error: 'Forbidden' }, { status: statusCode });
+    }
+
+    const entry = result.entry;
+    const hashedDeviceId = hashDeviceId(deviceId);
+
+    // Auto-approve if device is in the allowlist
+    if (isDeviceApproved(hashedDeviceId) && ctx.bearerToken) {
+      refreshDevice(hashedDeviceId, deviceName);
+      ctx.pairingStore.approve(pairingRequestId, ctx.bearerToken);
+      log.info({ pairingRequestId, hashedDeviceId }, 'Auto-approved allowlisted device');
+      return Response.json({
+        status: 'approved',
+        bearerToken: ctx.bearerToken,
+        gatewayUrl: entry.gatewayUrl,
+        localLanUrl: entry.localLanUrl,
+      });
+    }
+
+    // Send IPC to macOS to show approval prompt
+    if (ctx.pairingBroadcast) {
+      ctx.pairingBroadcast({
+        type: 'pairing_approval_request',
+        pairingRequestId,
+        deviceId: hashedDeviceId,
+        deviceName,
+      });
+    }
+
+    return Response.json({ status: 'pending' });
+  } catch (err) {
+    log.error({ err }, 'Failed to process pairing request');
+    return Response.json({ error: 'Internal server error' }, { status: 500 });
+  }
+}
+
+/**
+ * GET /v1/pairing/status?id=<id>&secret=<secret> -- Unauthenticated (secret-gated).
+ * iOS polls for approval status.
+ */
+export function handlePairingStatus(url: URL, ctx: PairingHandlerContext): Response {
+  const id = url.searchParams.get('id') ?? '';
+  // Note: secret is redacted from logs
+  const secret = url.searchParams.get('secret') ?? '';
+
+  if (!id || !secret) {
+    return Response.json({ error: 'Missing required params: id, secret' }, { status: 400 });
+  }
+
+  if (!ctx.pairingStore.validateSecret(id, secret)) {
+    return Response.json({ error: 'Forbidden' }, { status: 403 });
+  }
+
+  const entry = ctx.pairingStore.get(id);
+  if (!entry) {
+    return Response.json({ error: 'Not found' }, { status: 404 });
+  }
+
+  if (entry.status === 'approved') {
+    return Response.json({
+      status: 'approved',
+      bearerToken: entry.bearerToken,
+      gatewayUrl: entry.gatewayUrl,
+      localLanUrl: entry.localLanUrl,
+    });
+  }
+
+  return Response.json({ status: entry.status });
+}

package/src/runtime/routes/run-routes.ts

@@ -4,6 +4,7 @@
 import { getOrCreateConversation } from '../../memory/conversation-key-store.js';
 import * as attachmentsStore from '../../memory/attachments-store.js';
 import * as runsStore from '../../memory/runs-store.js';
+import { CHANNEL_IDS, parseChannelId } from '../../channels/types.js';
 import { addRule } from '../../permissions/trust-store.js';
 import { getTool } from '../../tools/registry.js';
 import { getLogger } from '../../util/logger.js';
@@ -19,15 +20,27 @@ export async function handleCreateRun(
     conversationKey?: string;
     content?: string;
     attachmentIds?: string[];
+    sourceChannel?: string;
   };
 
   const { conversationKey, content, attachmentIds } = body;
+  if (!body.sourceChannel || typeof body.sourceChannel !== 'string') {
+    return Response.json({ error: 'sourceChannel is required' }, { status: 400 });
+  }
+  const sourceChannel = parseChannelId(body.sourceChannel);
+
+  if (!sourceChannel) {
+    return Response.json(
+      { error: `Invalid sourceChannel: ${body.sourceChannel}. Valid values: ${CHANNEL_IDS.join(', ')}` },
+      { status: 400 },
+    );
+  }
 
   if (!conversationKey) {
     return Response.json({ error: 'conversationKey is required' }, { status: 400 });
   }
 
-  if (content !== undefined && content !== null && typeof content !== 'string') {
+  if (content != null && typeof content !== 'string') {
     return Response.json({ error: 'content must be a string' }, { status: 400 });
   }
 
@@ -57,6 +70,7 @@ export async function handleCreateRun(
       mapping.conversationId,
       content ?? '',
       hasAttachments ? attachmentIds : undefined,
+      { sourceChannel },
     );
     return Response.json({
       id: run.id,

package/src/runtime/run-orchestrator.ts

@@ -13,11 +13,14 @@
  * status and submit a decision or secret via the respective endpoints.
  */
 
+import type { ChannelId, TurnChannelContext } from '../channels/types.js';
+import { parseChannelId } from '../channels/types.js';
 import * as runsStore from '../memory/runs-store.js';
 import type { Run } from '../memory/runs-store.js';
 import type { Session } from '../daemon/session.js';
 import type { ServerMessage } from '../daemon/ipc-protocol.js';
 import { resolveChannelCapabilities } from '../daemon/session-runtime-assembly.js';
+import type { GuardianRuntimeContext } from '../daemon/session-runtime-assembly.js';
 import type { UserDecision } from '../permissions/types.js';
 import { checkIngressForSecrets } from '../security/secret-ingress.js';
 import { IngressBlockedError } from '../util/errors.js';
@@ -37,7 +40,11 @@ interface PendingRunState {
 }
 
 export interface RunOrchestratorDeps {
-  getOrCreateSession: (conversationId: string) => Promise<Session>;
+  getOrCreateSession: (conversationId: string, transport?: {
+    channelId: ChannelId;
+    hints?: string[];
+    uxBrief?: string;
+  }) => Promise<Session>;
   resolveAttachments: (attachmentIds: string[]) => Array<{
     id: string;
     filename: string;
@@ -64,9 +71,27 @@ export interface RunStartOptions {
   /**
    * The originating channel (e.g. 'telegram', 'slack'). When provided,
    * channel capabilities are resolved for this channel instead of the
-   * default 'http-api'.
+   * default 'macos'.
    */
-  sourceChannel?: string;
+  sourceChannel?: ChannelId;
+  /**
+   * Transport hints from sourceMetadata (e.g. reply-context cues).
+   * Forwarded to the session so the agent loop can incorporate them.
+   */
+  hints?: string[];
+  /**
+   * Brief UX context from sourceMetadata (e.g. UI surface description).
+   * Forwarded to the session so the agent loop can tailor its response.
+   */
+  uxBrief?: string;
+  /** Assistant scope for multi-assistant channels. */
+  assistantId?: string;
+  /** Guardian trust/identity context for the inbound actor. */
+  guardianContext?: GuardianRuntimeContext;
+  /** Channel command intent metadata (e.g. Telegram /start). */
+  commandIntent?: { type: string; payload?: string; languageCode?: string };
+  /** Resolved channel context for this turn. */
+  turnChannelContext?: TurnChannelContext;
 }
 
 // ---------------------------------------------------------------------------
@@ -104,7 +129,17 @@ export class RunOrchestrator {
       throw new IngressBlockedError(ingressCheck.userNotice!, ingressCheck.detectedTypes);
     }
 
-    const session = await this.deps.getOrCreateSession(conversationId);
+    // Build transport metadata when channel context is available so the
+    // session receives the same hints/uxBrief as the non-orchestrator path.
+    const transport = options?.sourceChannel
+      ? {
+          channelId: options.sourceChannel,
+          hints: options.hints,
+          uxBrief: options.uxBrief,
+        }
+      : undefined;
+
+    const session = await this.deps.getOrCreateSession(conversationId, transport);
 
     if (session.isProcessing()) {
       throw new Error('Session is already processing a message');
@@ -121,6 +156,13 @@ export class RunOrchestrator {
       ...session.memoryPolicy,
       strictSideEffects,
     };
+    session.setAssistantId(options?.assistantId ?? 'self');
+    session.setGuardianContext(options?.guardianContext ?? null);
+    session.setCommandIntent(options?.commandIntent ?? null);
+    session.setTurnChannelContext(options?.turnChannelContext ?? {
+      userMessageChannel: parseChannelId(options?.sourceChannel) ?? 'macos',
+      assistantMessageChannel: parseChannelId(options?.sourceChannel) ?? 'macos',
+    });
 
     const attachments = attachmentIds
       ? this.deps.resolveAttachments(attachmentIds)
@@ -132,8 +174,8 @@ export class RunOrchestrator {
 
     // Set channel capabilities based on the originating channel so capabilities
     // (e.g. attachment scope) match the actual transport rather than always
-    // defaulting to 'http-api'.
-    session.setChannelCapabilities(resolveChannelCapabilities(options?.sourceChannel ?? 'http-api'));
+    // defaulting to 'macos'.
+    session.setChannelCapabilities(resolveChannelCapabilities(options?.sourceChannel ?? 'macos'));
 
     // Serialized publish chain so hub subscribers observe events in order.
     let hubChain: Promise<void> = Promise.resolve();
@@ -145,11 +187,14 @@ export class RunOrchestrator {
           : undefined;
       const resolvedSessionId = msgSessionId ?? conversationId;
       const event = buildAssistantEvent('self', msg, resolvedSessionId);
-      hubChain = hubChain
-        .then(() => assistantEventHub.publish(event))
-        .catch((err: unknown) => {
+      hubChain = (async () => {
+        await hubChain;
+        try {
+          await assistantEventHub.publish(event);
+        } catch (err) {
           log.warn({ err }, 'assistant-events hub subscriber threw during HTTP run');
-        });
+        }
+      })();
     };
 
 
@@ -201,6 +246,9 @@ export class RunOrchestrator {
       // Reset channel capabilities so a subsequent IPC/desktop session on the
       // same conversation is not incorrectly treated as an HTTP-API client.
       session.setChannelCapabilities(null);
+      session.setGuardianContext(null);
+      session.setCommandIntent(null);
+      session.setAssistantId('self');
       // Reset the session's client callback to a no-op so the stale
       // closure doesn't intercept events from future runs on the same session.
       // Set hasNoClient=true here since the run is done and no HTTP caller
@@ -208,32 +256,35 @@ export class RunOrchestrator {
       session.updateClient(() => {}, true);
     };
 
-    session.runAgentLoop(content, messageId, (msg: ServerMessage) => {
-      if (msg.type === 'error') {
-        lastError = msg.message;
-      } else if (msg.type === 'session_error') {
-        lastError = msg.userMessage;
-      }
-      // Mirror agent-loop events (assistant_text_delta, message_complete,
-      // tool_use_start, tool_result, etc.) to the hub. These travel through
-      // the onEvent path, distinct from the updateClient path used by the
-      // prompter (confirmation_request). Both paths must publish so SSE
-      // consumers receive the full response stream.
-      publishToHub(msg);
-    }).then(() => {
-      if (lastError) {
-        log.error({ runId: run.id, error: lastError }, 'Run failed (error event from agent loop)');
-        runsStore.failRun(run.id, lastError);
-      } else {
-        runsStore.completeRun(run.id);
+    void (async () => {
+      try {
+        await session.runAgentLoop(content, messageId, (msg: ServerMessage) => {
+          if (msg.type === 'error') {
+            lastError = msg.message;
+          } else if (msg.type === 'session_error') {
+            lastError = msg.userMessage;
+          }
+          // Mirror agent-loop events (assistant_text_delta, message_complete,
+          // tool_use_start, tool_result, etc.) to the hub. These travel through
+          // the onEvent path, distinct from the updateClient path used by the
+          // prompter (confirmation_request). Both paths must publish so SSE
+          // consumers receive the full response stream.
+          publishToHub(msg);
+        });
+        if (lastError) {
+          log.error({ runId: run.id, error: lastError }, 'Run failed (error event from agent loop)');
+          runsStore.failRun(run.id, lastError);
+        } else {
+          runsStore.completeRun(run.id);
+        }
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        log.error({ err, runId: run.id }, 'Run failed');
+        runsStore.failRun(run.id, message);
+      } finally {
+        cleanup();
       }
-      cleanup();
-    }).catch((err) => {
-      const message = err instanceof Error ? err.message : String(err);
-      log.error({ err, runId: run.id }, 'Run failed');
-      runsStore.failRun(run.id, message);
-      cleanup();
-    });
+    })();
 
     return run;
   }