@vellumai/assistant 0.3.4 → 0.3.6

package/src/daemon/approved-devices-store.ts

@@ -0,0 +1,140 @@
+/**
+ * Persistent store for always-allowed paired devices.
+ *
+ * Persisted to ~/.vellum/protected/approved-devices.json using the
+ * atomic-write pattern from trust-store.ts (write .tmp → rename → chmod).
+ */
+
+import { existsSync, readFileSync, writeFileSync, renameSync, chmodSync, mkdirSync } from 'node:fs';
+import { join, dirname } from 'node:path';
+import { createHash } from 'node:crypto';
+import { getRootDir } from '../util/platform.js';
+import { getLogger } from '../util/logger.js';
+
+const log = getLogger('approved-devices-store');
+
+export interface ApprovedDevice {
+  hashedDeviceId: string;
+  deviceName: string;
+  lastPairedAt: number;
+}
+
+interface ApprovedDevicesFile {
+  version: 1;
+  devices: ApprovedDevice[];
+}
+
+function getStorePath(): string {
+  return join(getRootDir(), 'protected', 'approved-devices.json');
+}
+
+/** Hash a raw deviceId for storage. */
+export function hashDeviceId(deviceId: string): string {
+  return createHash('sha256').update(deviceId).digest('hex');
+}
+
+let cachedDevices: Map<string, ApprovedDevice> | null = null;
+
+function loadFromDisk(): Map<string, ApprovedDevice> {
+  const path = getStorePath();
+  if (!existsSync(path)) {
+    return new Map();
+  }
+  try {
+    const raw = readFileSync(path, 'utf-8');
+    const data = JSON.parse(raw) as ApprovedDevicesFile;
+    if (data.version !== 1 || !Array.isArray(data.devices)) {
+      log.warn('Invalid approved-devices.json format, starting fresh');
+      return new Map();
+    }
+    const map = new Map<string, ApprovedDevice>();
+    for (const device of data.devices) {
+      map.set(device.hashedDeviceId, device);
+    }
+    return map;
+  } catch (err) {
+    log.error({ err }, 'Failed to load approved-devices.json');
+    return new Map();
+  }
+}
+
+function saveToDisk(devices: Map<string, ApprovedDevice>): void {
+  const path = getStorePath();
+  const dir = dirname(path);
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  const data: ApprovedDevicesFile = {
+    version: 1,
+    devices: Array.from(devices.values()),
+  };
+  const tmpPath = path + '.tmp.' + process.pid;
+  writeFileSync(tmpPath, JSON.stringify(data, null, 2), { mode: 0o600 });
+  renameSync(tmpPath, path);
+  chmodSync(path, 0o600);
+}
+
+function getDevices(): Map<string, ApprovedDevice> {
+  if (cachedDevices == null) {
+    cachedDevices = loadFromDisk();
+  }
+  return cachedDevices;
+}
+
+/** Check if a hashed device ID is in the allowlist. */
+export function isDeviceApproved(hashedDeviceId: string): boolean {
+  return getDevices().has(hashedDeviceId);
+}
+
+/** Add or update a device in the allowlist. */
+export function approveDevice(hashedDeviceId: string, deviceName: string): void {
+  const devices = getDevices();
+  devices.set(hashedDeviceId, {
+    hashedDeviceId,
+    deviceName,
+    lastPairedAt: Date.now(),
+  });
+  saveToDisk(devices);
+  log.info({ hashedDeviceId }, 'Device approved and saved to allowlist');
+}
+
+/** Update lastPairedAt and deviceName for an existing device (auto-approve refresh). */
+export function refreshDevice(hashedDeviceId: string, deviceName: string): void {
+  const devices = getDevices();
+  const existing = devices.get(hashedDeviceId);
+  if (existing) {
+    existing.deviceName = deviceName;
+    existing.lastPairedAt = Date.now();
+    saveToDisk(devices);
+    log.info({ hashedDeviceId }, 'Device metadata refreshed');
+  }
+}
+
+/** Remove a device from the allowlist. Returns true if removed. */
+export function removeDevice(hashedDeviceId: string): boolean {
+  const devices = getDevices();
+  const removed = devices.delete(hashedDeviceId);
+  if (removed) {
+    saveToDisk(devices);
+    log.info({ hashedDeviceId }, 'Device removed from allowlist');
+  }
+  return removed;
+}
+
+/** Clear all approved devices. */
+export function clearAllDevices(): void {
+  const devices = getDevices();
+  devices.clear();
+  saveToDisk(devices);
+  log.info('All approved devices cleared');
+}
+
+/** List all approved devices. */
+export function listDevices(): ApprovedDevice[] {
+  return Array.from(getDevices().values());
+}
+
+/** Reset the in-memory cache (for testing). */
+export function resetCache(): void {
+  cachedDevices = null;
+}

package/src/daemon/assistant-attachments.ts

@@ -191,7 +191,7 @@ const ATTR_RE = /(\w+)\s*=\s*"([^"]*)"|(\w+)\s*=\s*'([^']*)'/g;
 function parseAttributes(raw: string): Record<string, string> {
   const attrs: Record<string, string> = {};
   let m: RegExpExecArray | null;
-  while ((m = ATTR_RE.exec(raw)) !== null) {
+  while ((m = ATTR_RE.exec(raw)) != null) {
     const key = m[1] ?? m[3];
     const value = m[2] ?? m[4];
     attrs[key] = value;

package/src/daemon/classifier.ts

@@ -1,5 +1,4 @@
-import Anthropic from '@anthropic-ai/sdk';
-import { getConfig } from '../config/loader.js';
+import { getConfiguredProvider, createTimeout, extractToolUse, userMessage } from '../providers/provider-send-message.js';
 import { getLogger } from '../util/logger.js';
 
 const log = getLogger('classifier');
@@ -9,7 +8,7 @@ const CLASSIFICATION_TIMEOUT_MS = 5000;
 export type InteractionType = 'computer_use' | 'text_qa';
 
 /**
- * Classify a user task as computer_use or text_qa using a Haiku tool-use call,
+ * Classify a user task as computer_use or text_qa using an LLM tool-use call,
  * falling back to a heuristic if the API call fails or no API key is available.
  */
 export async function classifyInteraction(task: string, source?: 'voice' | 'text'): Promise<InteractionType> {
@@ -18,21 +17,18 @@ export async function classifyInteraction(task: string, source?: 'voice' | 'text
     return 'text_qa';
   }
 
-  const config = getConfig();
-  const apiKey = config.apiKeys.anthropic ?? process.env.ANTHROPIC_API_KEY;
-  if (!apiKey) {
-    log.warn('No API key available, falling back to heuristic classification');
+  const provider = getConfiguredProvider();
+  if (!provider) {
+    log.warn('No configured provider available, falling back to heuristic classification');
     return classifyHeuristic(task);
   }
 
   try {
-    const client = new Anthropic({ apiKey });
-    const response = await Promise.race([
-      client.messages.create({
-        model: 'claude-haiku-4-5-20251001',
-        max_tokens: 128,
-        system: 'You are a classifier. Determine whether the user\'s request requires computer use (controlling the GUI — clicking, scrolling, typing into app windows, navigating between apps) or can be handled with local tools (answering questions, running terminal commands, creating/editing/reading files, web searches, writing code). GUI tasks → computer_use. Everything else → text_qa.',
-        tools: [{
+    const { signal, cleanup } = createTimeout(CLASSIFICATION_TIMEOUT_MS);
+    try {
+      const response = await provider.sendMessage(
+        [userMessage(task)],
+        [{
           name: 'classify_interaction',
           description: 'Classify the user interaction type',
           input_schema: {
@@ -51,34 +47,41 @@ export async function classifyInteraction(task: string, source?: 'voice' | 'text
             required: ['interaction_type', 'reasoning'],
           },
         }],
-        tool_choice: { type: 'tool' as const, name: 'classify_interaction' },
-        messages: [{ role: 'user' as const, content: task }],
-      }),
-      new Promise<never>((_, reject) =>
-        setTimeout(() => reject(new Error('Classification timeout')), CLASSIFICATION_TIMEOUT_MS),
-      ),
-    ]);
+        'You are a classifier. Determine whether the user\'s request requires computer use (controlling the GUI — clicking, scrolling, typing into app windows, navigating between apps) or can be handled with local tools (answering questions, running terminal commands, creating/editing/reading files, web searches, writing code). GUI tasks → computer_use. Everything else → text_qa.',
+        {
+          config: {
+            modelIntent: 'latency-optimized',
+            max_tokens: 128,
+            tool_choice: { type: 'tool' as const, name: 'classify_interaction' },
+          },
+          signal,
+        },
+      );
+      cleanup();
 
-    const toolBlock = response.content.find((b) => b.type === 'tool_use');
-    if (toolBlock && toolBlock.type === 'tool_use') {
-      const input = toolBlock.input as { interaction_type?: string; reasoning?: string };
-      const result = input.interaction_type === 'text_qa' ? 'text_qa' : 'computer_use';
-      log.info({ result, reasoning: input.reasoning }, 'Haiku classification');
-      return result;
-    }
+      const toolBlock = extractToolUse(response);
+      if (toolBlock) {
+        const input = toolBlock.input as { interaction_type?: string; reasoning?: string };
+        const result = input.interaction_type === 'text_qa' ? 'text_qa' : 'computer_use';
+        log.info({ result, reasoning: input.reasoning }, 'LLM classification');
+        return result;
+      }
 
-    log.warn('No tool_use block in classification response, falling back to heuristic');
-    return classifyHeuristic(task);
+      log.warn('No tool_use block in classification response, falling back to heuristic');
+      return classifyHeuristic(task);
+    } finally {
+      cleanup();
+    }
   } catch (err) {
     const message = err instanceof Error ? err.message : String(err);
-    log.warn({ err: message }, 'Haiku classification failed, falling back to heuristic');
+    log.warn({ err: message }, 'LLM classification failed, falling back to heuristic');
     return classifyHeuristic(task);
   }
 }
 
 /**
  * Heuristic classifier — direct port of the Swift client's logic.
- * Used as fallback when the Haiku API call is unavailable or fails.
+ * Used as fallback when the LLM API call is unavailable or fails.
  */
 export function classifyHeuristic(task: string): InteractionType {
   const lower = task.toLowerCase().trim();

package/src/daemon/config-watcher.ts

@@ -24,7 +24,7 @@ export class ConfigWatcher {
     protectedKeyPrefix: '__',
   });
   private suppressReload = false;
-  private lastFingerprint = '';
+  lastFingerprint = '';
   private lastRefreshTime = 0;
 
   static readonly REFRESH_INTERVAL_MS = 30_000;

package/src/daemon/daemon-control.ts

@@ -0,0 +1,217 @@
+import { spawn } from 'node:child_process';
+import { mkdirSync, readFileSync, writeFileSync, unlinkSync, existsSync, openSync, closeSync } from 'node:fs';
+import { join, resolve } from 'node:path';
+import {
+  getSocketPath,
+  getPidPath,
+  getRootDir,
+  removeSocketFile,
+} from '../util/platform.js';
+import { getLogger } from '../util/logger.js';
+import { DaemonError } from '../util/errors.js';
+import { getConfig } from '../config/loader.js';
+
+const log = getLogger('lifecycle');
+
+function isProcessRunning(pid: number): boolean {
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+function readPid(): number | null {
+  const pidPath = getPidPath();
+  if (!existsSync(pidPath)) return null;
+  try {
+    const pid = parseInt(readFileSync(pidPath, 'utf-8').trim(), 10);
+    return isNaN(pid) ? null : pid;
+  } catch {
+    return null;
+  }
+}
+
+export function writePid(pid: number): void {
+  writeFileSync(getPidPath(), String(pid));
+}
+
+export function cleanupPidFile(): void {
+  const pidPath = getPidPath();
+  if (existsSync(pidPath)) {
+    unlinkSync(pidPath);
+  }
+}
+
+export function isDaemonRunning(): boolean {
+  const pid = readPid();
+  if (pid == null) return false;
+  if (!isProcessRunning(pid)) {
+    cleanupPidFile();
+    return false;
+  }
+  return true;
+}
+
+export function getDaemonStatus(): { running: boolean; pid?: number } {
+  const pid = readPid();
+  if (pid == null) return { running: false };
+  if (!isProcessRunning(pid)) {
+    cleanupPidFile();
+    return { running: false };
+  }
+  return { running: true, pid };
+}
+
+export async function startDaemon(): Promise<{
+  pid: number;
+  alreadyRunning: boolean;
+}> {
+  const status = getDaemonStatus();
+  if (status.running && status.pid) {
+    return { pid: status.pid, alreadyRunning: true };
+  }
+
+  // Only create the root dir for socket/PID — the daemon process itself
+  // handles migration + full ensureDataDir() in runDaemon(). Calling
+  // ensureDataDir() here would pre-create workspace destination dirs
+  // and cause migration moves to no-op.
+  const rootDir = getRootDir();
+  if (!existsSync(rootDir)) {
+    mkdirSync(rootDir, { recursive: true });
+  }
+
+  // Clean up stale socket (only if it's actually a Unix socket)
+  const socketPath = getSocketPath();
+  removeSocketFile(socketPath);
+
+  // Spawn the daemon as a detached child process
+  const mainPath = resolve(
+    import.meta.dirname ?? __dirname,
+    'main.ts',
+  );
+
+  // Redirect the child's stderr to a file instead of piping it back to the
+  // parent. A pipe's read end is destroyed when the parent exits, leaving
+  // fd 2 broken in the child. Bun (unlike Node.js) does not ignore SIGPIPE,
+  // so any later stderr write would silently kill the daemon.
+  const stderrPath = join(rootDir, 'daemon-stderr.log');
+  const stderrFd = openSync(stderrPath, 'w');
+
+  const child = spawn('bun', ['run', mainPath], {
+    detached: true,
+    stdio: ['ignore', 'ignore', stderrFd],
+    env: { ...process.env },
+  });
+
+  // The child inherited the fd; close the parent's copy.
+  closeSync(stderrFd);
+
+  let childExited = false;
+  let childExitCode: number | null = null;
+  child.on('exit', (code) => {
+    childExited = true;
+    childExitCode = code;
+  });
+
+  child.unref();
+
+  const pid = child.pid;
+  if (!pid) {
+    throw new DaemonError('Failed to start daemon: no PID returned');
+  }
+
+  writePid(pid);
+
+  // Wait for socket to appear
+  const config = getConfig();
+  const maxWait = config.daemon.startupSocketWaitMs;
+  const interval = 100;
+  let waited = 0;
+  while (waited < maxWait) {
+    if (existsSync(socketPath)) {
+      return { pid, alreadyRunning: false };
+    }
+    if (childExited) {
+      cleanupPidFile();
+      const stderr = readFileSync(stderrPath, 'utf-8').trim();
+      const detail = stderr
+        ? `\n${stderr}`
+        : `\nCheck logs at ~/.vellum/workspace/data/logs/ for details.`;
+      throw new DaemonError(
+        `Daemon exited immediately (code ${childExitCode ?? 'unknown'}).${detail}`,
+      );
+    }
+    await new Promise((r) => setTimeout(r, interval));
+    waited += interval;
+  }
+
+  throw new DaemonError(
+    `Daemon started but socket not available after ${maxWait}ms`,
+  );
+}
+
+export type StopResult =
+  | { stopped: true }
+  | { stopped: false; reason: 'not_running' | 'stop_failed' };
+
+export async function stopDaemon(): Promise<StopResult> {
+  const pid = readPid();
+  if (pid == null || !isProcessRunning(pid)) {
+    cleanupPidFile();
+    return { stopped: false, reason: 'not_running' };
+  }
+
+  process.kill(pid, 'SIGTERM');
+
+  const config = getConfig();
+
+  // Wait for process to exit
+  const maxWait = config.daemon.stopTimeoutMs;
+  const interval = 100;
+  let waited = 0;
+  while (waited < maxWait) {
+    if (!isProcessRunning(pid)) {
+      cleanupPidFile();
+      return { stopped: true };
+    }
+    await new Promise((r) => setTimeout(r, interval));
+    waited += interval;
+  }
+
+  // Force kill
+  try {
+    process.kill(pid, 'SIGKILL');
+  } catch (err) {
+    log.debug({ err, pid }, 'SIGKILL failed, process already exited');
+  }
+
+  // Wait for the process to actually die after SIGKILL. Without this,
+  // startDaemon() can race with the dying process's shutdown handler,
+  // which removes the socket file and bricks the new daemon.
+  const killMaxWait = config.daemon.sigkillGracePeriodMs;
+  let killWaited = 0;
+  while (killWaited < killMaxWait && isProcessRunning(pid)) {
+    await new Promise((r) => setTimeout(r, 100));
+    killWaited += 100;
+  }
+
+  // Only clean up if the process has actually exited.
+  // If it's still alive after SIGKILL + timeout, preserve both socket
+  // and PID file so isDaemonRunning() still reports true and prevents
+  // a duplicate daemon from being spawned.
+  if (!isProcessRunning(pid)) {
+    removeSocketFile(getSocketPath());
+    cleanupPidFile();
+    return { stopped: true };
+  }
+
+  log.warn({ pid }, 'Daemon process still running after SIGKILL + timeout, leaving socket and PID file intact');
+  return { stopped: false, reason: 'stop_failed' };
+}
+
+export async function ensureDaemonRunning(): Promise<void> {
+  if (isDaemonRunning()) return;
+  await startDaemon();
+}

package/src/daemon/handlers/apps.ts

@@ -3,6 +3,7 @@ import { v4 as uuid } from 'uuid';
 import { existsSync, rmSync, readdirSync, readFileSync } from 'node:fs';
 import { homedir } from 'node:os';
 import { join } from 'node:path';
+import { getRuntimeHttpPort } from '../../config/env.js';
 import { queryAppRecords, createAppRecord, updateAppRecord, deleteAppRecord, listApps, getApp, getAppPreview, createApp, updateApp } from '../../memory/app-store.js';
 import { computeContentId } from '../../util/content-id.js';
 import { packageApp } from '../../bundler/app-bundler.js';
@@ -365,9 +366,7 @@ export async function handleShareAppCloud(
     const bundleData = readFileSync(result.bundlePath);
     const { shareToken } = createSharedAppLink(bundleData, result.manifest);
 
-    const port = process.env.RUNTIME_HTTP_PORT
-      ? parseInt(process.env.RUNTIME_HTTP_PORT, 10)
-      : 7821;
+    const port = getRuntimeHttpPort() ?? 7821;
     const shareUrl = `http://localhost:${port}/v1/apps/shared/${shareToken}`;
 
     ctx.send(socket, {

package/src/daemon/handlers/config-channels.ts

@@ -0,0 +1,158 @@
+import * as net from 'node:net';
+import { createVerificationChallenge, getGuardianBinding, getPendingChallenge, revokeBinding as revokeGuardianBinding, revokePendingChallenges } from '../../runtime/channel-guardian-service.js';
+import { createReadinessService, type ChannelReadinessService } from '../../runtime/channel-readiness-service.js';
+import * as externalConversationStore from '../../memory/external-conversation-store.js';
+import type {
+  GuardianVerificationRequest,
+  ChannelReadinessRequest,
+} from '../ipc-protocol.js';
+import { normalizeAssistantId } from '../../util/platform.js';
+import { log, defineHandlers, type HandlerContext } from './shared.js';
+
+// Lazy singleton — created on first use so module-load stays lightweight.
+let _readinessService: ChannelReadinessService | undefined;
+export function getReadinessService(): ChannelReadinessService {
+  if (!_readinessService) {
+    _readinessService = createReadinessService();
+  }
+  return _readinessService;
+}
+
+export function handleGuardianVerification(
+  msg: GuardianVerificationRequest,
+  socket: net.Socket,
+  ctx: HandlerContext,
+): void {
+  // Normalize the assistant ID so challenges are always stored under the
+  // same key the inbound-call path will use for lookups (typically "self").
+  const assistantId = normalizeAssistantId(msg.assistantId ?? 'self');
+  const channel = msg.channel ?? 'telegram';
+
+  try {
+    if (msg.action === 'create_challenge') {
+      const result = createVerificationChallenge(assistantId, channel, msg.sessionId);
+
+      ctx.send(socket, {
+        type: 'guardian_verification_response',
+        success: true,
+        secret: result.secret,
+        instruction: result.instruction,
+        channel,
+      });
+    } else if (msg.action === 'status') {
+      const binding = getGuardianBinding(assistantId, channel);
+      let guardianUsername: string | undefined;
+      let guardianDisplayName: string | undefined;
+      if (binding?.metadataJson) {
+        try {
+          const parsed = JSON.parse(binding.metadataJson) as Record<string, unknown>;
+          if (typeof parsed.username === 'string' && parsed.username.trim().length > 0) {
+            guardianUsername = parsed.username.trim();
+          }
+          if (typeof parsed.displayName === 'string' && parsed.displayName.trim().length > 0) {
+            guardianDisplayName = parsed.displayName.trim();
+          }
+        } catch {
+          // ignore malformed metadata
+        }
+      }
+      if (binding?.guardianDeliveryChatId && (!guardianUsername || !guardianDisplayName)) {
+        const ext = externalConversationStore.getBindingByChannelChat(
+          channel,
+          binding.guardianDeliveryChatId,
+        );
+        if (!guardianUsername && ext?.username) {
+          guardianUsername = ext.username;
+        }
+        if (!guardianDisplayName && ext?.displayName) {
+          guardianDisplayName = ext.displayName;
+        }
+      }
+      const hasPendingChallenge = getPendingChallenge(assistantId, channel) != null;
+      ctx.send(socket, {
+        type: 'guardian_verification_response',
+        success: true,
+        bound: binding != null,
+        guardianExternalUserId: binding?.guardianExternalUserId,
+        guardianUsername,
+        guardianDisplayName,
+        channel,
+        assistantId,
+        guardianDeliveryChatId: binding?.guardianDeliveryChatId,
+        hasPendingChallenge,
+      });
+    } else if (msg.action === 'revoke') {
+      revokeGuardianBinding(assistantId, channel);
+      revokePendingChallenges(assistantId, channel);
+      ctx.send(socket, {
+        type: 'guardian_verification_response',
+        success: true,
+        bound: false,
+        channel,
+      });
+    } else {
+      ctx.send(socket, {
+        type: 'guardian_verification_response',
+        success: false,
+        error: `Unknown action: ${String(msg.action)}`,
+        channel,
+      });
+    }
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    log.error({ err }, 'Failed to handle guardian verification');
+    ctx.send(socket, {
+      type: 'guardian_verification_response',
+      success: false,
+      error: message,
+      channel,
+    });
+  }
+}
+
+export async function handleChannelReadiness(
+  msg: ChannelReadinessRequest,
+  socket: net.Socket,
+  ctx: HandlerContext,
+): Promise<void> {
+  try {
+    const service = getReadinessService();
+
+    if (msg.action === 'refresh') {
+      if (msg.channel) {
+        service.invalidateChannel(msg.channel, msg.assistantId);
+      } else {
+        service.invalidateAll();
+      }
+    }
+
+    const snapshots = await service.getReadiness(msg.channel, msg.includeRemote, msg.assistantId);
+
+    ctx.send(socket, {
+      type: 'channel_readiness_response',
+      success: true,
+      snapshots: snapshots.map((s) => ({
+        channel: s.channel,
+        ready: s.ready,
+        checkedAt: s.checkedAt,
+        stale: s.stale,
+        reasons: s.reasons,
+        localChecks: s.localChecks,
+        remoteChecks: s.remoteChecks,
+      })),
+    });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    log.error({ err }, 'Failed to handle channel readiness');
+    ctx.send(socket, {
+      type: 'channel_readiness_response',
+      success: false,
+      error: message,
+    });
+  }
+}
+
+export const channelHandlers = defineHandlers({
+  channel_readiness: handleChannelReadiness,
+  guardian_verification: handleGuardianVerification,
+});