@vellumai/assistant 0.4.30 → 0.4.32

package/src/daemon/ipc-contract/contacts.ts

@@ -40,8 +40,8 @@ export interface ContactPayload {
   id: string;
   displayName: string;
   role: "guardian" | "contact";
-  relationship?: string;
-  importance: number;
+  notes?: string;
+  contactType?: string;
   lastInteraction?: number;
   interactionCount: number;
   channels: ContactChannelPayload[];

package/src/daemon/ipc-contract/sessions.ts

@@ -141,11 +141,6 @@ export interface UsageRequest {
   sessionId: string;
 }
 
-export interface SandboxSetRequest {
-  type: "sandbox_set";
-  enabled: boolean;
-}
-
 export interface SessionsClearRequest {
   type: "sessions_clear";
 }
@@ -421,7 +416,6 @@ export type _SessionsClientMessages =
   | UndoRequest
   | RegenerateRequest
   | UsageRequest
-  | SandboxSetRequest
   | SessionListRequest
   | SessionCreateRequest
   | SessionSwitchRequest

package/src/daemon/ipc-contract-inventory.json

@@ -123,7 +123,6 @@
     "reorder_threads",
     "ride_shotgun_start",
     "ride_shotgun_stop",
-    "sandbox_set",
     "schedule_remove",
     "schedule_run_now",
     "schedule_toggle",

package/src/daemon/lifecycle.ts

@@ -20,7 +20,6 @@ import {
 import { loadConfig } from "../config/loader.js";
 import { ensurePromptFiles } from "../config/system-prompt.js";
 import { syncUpdateBulletinOnStartup } from "../config/update-bulletin.js";
-import { migrateContactsFromLegacyTables } from "../contacts/startup-migration.js";
 import { HeartbeatService } from "../heartbeat/heartbeat-service.js";
 import { getHookManager } from "../hooks/manager.js";
 import { installTemplates } from "../hooks/templates.js";
@@ -204,18 +203,6 @@ export async function runDaemon(): Promise<void> {
       );
     }
 
-    // Catch-up migration: populate contacts table from legacy guardian
-    // bindings and contact rows. Ensures upgrades from pre-contacts
-    // versions have a populated contacts table on first boot.
-    try {
-      migrateContactsFromLegacyTables("self");
-    } catch (err) {
-      log.warn(
-        { err },
-        "Contacts startup migration failed — continuing startup",
-      );
-    }
-
     try {
       syncUpdateBulletinOnStartup();
     } catch (err) {
@@ -437,22 +424,6 @@ export async function runDaemon(): Promise<void> {
           sourceChannel,
           sourceInterface,
         ),
-      persistAndProcessMessage: (
-        conversationId,
-        content,
-        attachmentIds,
-        options,
-        sourceChannel,
-        sourceInterface,
-      ) =>
-        server.persistAndProcessMessage(
-          conversationId,
-          content,
-          attachmentIds,
-          options,
-          sourceChannel,
-          sourceInterface,
-        ),
       interfacesDir: getInterfacesDir(),
       approvalCopyGenerator: createApprovalCopyGenerator(),
       approvalConversationGenerator: createApprovalConversationGenerator(),

package/src/daemon/session-agent-loop.ts

@@ -453,50 +453,7 @@ export async function runAgentLoopImpl(
       onEvent,
     );
 
-    if (memoryResult.conflictClarification) {
-      const loopChannelMeta = {
-        ...provenanceFromTrustContext(ctx.trustContext),
-        userMessageChannel: capturedTurnChannelContext.userMessageChannel,
-        assistantMessageChannel:
-          capturedTurnChannelContext.assistantMessageChannel,
-        userMessageInterface: capturedTurnInterfaceContext.userMessageInterface,
-        assistantMessageInterface:
-          capturedTurnInterfaceContext.assistantMessageInterface,
-      };
-      const assistantMessage = createAssistantMessage(
-        memoryResult.conflictClarification,
-      );
-      await conversationStore.addMessage(
-        ctx.conversationId,
-        "assistant",
-        JSON.stringify(assistantMessage.content),
-        loopChannelMeta,
-      );
-      ctx.messages.push(assistantMessage);
-      onEvent({
-        type: "assistant_text_delta",
-        text: memoryResult.conflictClarification,
-        sessionId: ctx.conversationId,
-      });
-      ctx.traceEmitter.emit(
-        "message_complete",
-        "Conflict clarification requested (relevant)",
-        {
-          requestId: reqId,
-          status: "info",
-          attributes: { conflictGate: "relevant" },
-        },
-      );
-      onEvent({ type: "message_complete", sessionId: ctx.conversationId });
-      return;
-    }
-
-    const {
-      recall,
-      dynamicProfile,
-      softConflictInstruction,
-      recallInjectionStrategy,
-    } = memoryResult;
+    const { recall, dynamicProfile, recallInjectionStrategy } = memoryResult;
     runMessages = memoryResult.runMessages;
 
     // Build active surface context
@@ -585,7 +542,6 @@ export async function runAgentLoopImpl(
 
     // Shared injection options — reused whenever we need to re-inject after reduction.
     const injectionOpts = {
-      softConflictInstruction,
       activeSurface,
       workspaceTopLevelContext: ctx.workspaceTopLevelContext,
       channelCapabilities: ctx.channelCapabilities ?? null,

package/src/daemon/session-conflict-gate.ts

@@ -1,8 +1,10 @@
 /**
  * Conflict-gate logic extracted from Session.
  *
- * Decides whether to ask the user about a pending memory conflict (relevant gate)
- * or skip entirely.
+ * Handles pending memory conflicts internally: dismisses non-user-evidenced
+ * and non-actionable conflicts, and attempts resolution when the user's reply
+ * looks like an explicit clarification with topical relevance. Never produces
+ * user-facing clarification text.
  */
 
 import { resolveConflictClarification } from "../memory/clarification-resolver.js";
@@ -14,47 +16,34 @@ import {
 } from "../memory/conflict-intent.js";
 import {
   isConflictKindPairEligible,
+  isConflictUserEvidenced,
   isStatementConflictEligible,
 } from "../memory/conflict-policy.js";
 import type { PendingConflictDetail } from "../memory/conflict-store.js";
 import {
   applyConflictResolution,
   listPendingConflictDetails,
-  markConflictAsked,
   resolveConflict,
 } from "../memory/conflict-store.js";
 
-export interface ConflictGateDecision {
-  question: string;
-  relevant: boolean;
-}
-
 export class ConflictGate {
-  private turnCounter = 0;
-  private lastAskedTurn = new Map<string, number>();
-
   async evaluate(
     userMessage: string,
     conflictConfig: {
       enabled: boolean;
       gateMode: string;
       relevanceThreshold: number;
-      reaskCooldownTurns: number;
       resolverLlmTimeoutMs: number;
-      askOnIrrelevantTurns: boolean;
       conflictableKinds: readonly string[];
     },
     scopeId = "default",
-  ): Promise<ConflictGateDecision | null> {
-    if (!conflictConfig.enabled || conflictConfig.gateMode !== "soft")
-      return null;
+  ): Promise<void> {
+    if (!conflictConfig.enabled || conflictConfig.gateMode !== "soft") return;
 
-    this.turnCounter += 1;
-    const threshold = conflictConfig.relevanceThreshold;
-    const cooldownTurns = Math.max(1, conflictConfig.reaskCooldownTurns);
     const pendingBeforeResolve = listPendingConflictDetails(scopeId, 50);
 
-    // Dismiss non-actionable conflicts (kind/statement policy or incoherent pair)
+    // Dismiss non-actionable conflicts (kind/statement policy, incoherent pair,
+    // or assistant-inferred-only provenance with no user evidence)
     const dismissedIds = new Set<string>();
     for (const conflict of pendingBeforeResolve) {
       const dismissReason = this.getDismissReason(
@@ -73,13 +62,15 @@ export class ConflictGate {
     const actionablePending = pendingBeforeResolve.filter(
       (c) => !dismissedIds.has(c.id),
     );
+
+    // Attempt resolution only for explicit clarification-like replies with
+    // topical relevance to the conflict statements
     const clarificationReply = looksLikeClarificationReply(userMessage);
     const candidatesBeforeResolve = actionablePending.filter((conflict) => {
       const relevance = computeConflictRelevance(userMessage, conflict);
       return shouldAttemptConflictResolution({
         clarificationReply,
         relevance,
-        wasRecentlyAsked: this.wasRecentlyAsked(conflict.id, cooldownTurns),
       });
     });
     await this.resolvePendingConflicts(
@@ -87,45 +78,6 @@ export class ConflictGate {
       conflictConfig.resolverLlmTimeoutMs,
       candidatesBeforeResolve,
     );
-
-    const pending = listPendingConflictDetails(scopeId, 50);
-    if (pending.length === 0) return null;
-
-    const scored = pending.map((conflict) => ({
-      conflict,
-      relevance: computeConflictRelevance(userMessage, conflict),
-    }));
-    // Try relevant conflicts first
-    const askable = scored
-      .filter((entry) => entry.relevance >= threshold)
-      .find((entry) => this.shouldAsk(entry.conflict.id, cooldownTurns));
-
-    // If no relevant conflict to ask and askOnIrrelevantTurns is enabled, try ones
-    // below the threshold (including zero-relevance). Zero-relevance conflicts are
-    // surfaced but not tracked as asked, preventing wasRecentlyAsked from triggering
-    // heuristic resolution on subsequent unrelated turns.
-    const candidateToAsk =
-      askable ??
-      (conflictConfig.askOnIrrelevantTurns
-        ? scored.find(
-            (entry) =>
-              entry.relevance < threshold &&
-              this.shouldAsk(entry.conflict.id, cooldownTurns),
-          )
-        : undefined);
-
-    if (!candidateToAsk) return null;
-
-    if (askable || candidateToAsk.relevance > 0) {
-      this.lastAskedTurn.set(candidateToAsk.conflict.id, this.turnCounter);
-      markConflictAsked(candidateToAsk.conflict.id);
-    }
-    return {
-      question:
-        candidateToAsk.conflict.clarificationQuestion ??
-        buildFallbackConflictQuestion(candidateToAsk.conflict),
-      relevant: candidateToAsk.relevance >= threshold,
-    };
   }
 
   private async resolvePendingConflicts(
@@ -156,18 +108,6 @@ export class ConflictGate {
     }
   }
 
-  private shouldAsk(conflictId: string, cooldownTurns: number): boolean {
-    const lastAsked = this.lastAskedTurn.get(conflictId);
-    if (lastAsked === undefined) return true;
-    return this.turnCounter - lastAsked >= cooldownTurns;
-  }
-
-  private wasRecentlyAsked(conflictId: string, cooldownTurns: number): boolean {
-    const lastAsked = this.lastAskedTurn.get(conflictId);
-    if (lastAsked === undefined) return false;
-    return this.turnCounter - lastAsked <= cooldownTurns;
-  }
-
   /**
    * Returns a dismissal reason if the conflict should be dismissed, or null if actionable.
    */
@@ -211,18 +151,17 @@ export class ConflictGate {
     ) {
       return "Dismissed by conflict policy (incoherent — zero statement overlap).";
     }
+    // Dismiss conflicts where neither side has user-evidenced provenance
+    if (
+      !isConflictUserEvidenced(
+        conflict.existingVerificationState,
+        conflict.candidateVerificationState,
+      )
+    ) {
+      return "Dismissed by conflict policy (no user-evidenced provenance).";
+    }
     return null;
   }
 }
 
-export function buildFallbackConflictQuestion(
-  conflict: PendingConflictDetail,
-): string {
-  return [
-    "I have two conflicting notes and need your confirmation.",
-    `A) ${conflict.existingStatement}`,
-    `B) ${conflict.candidateStatement}`,
-    "Which one should I keep?",
-  ].join("\n");
-}
 export { computeConflictRelevance, looksLikeClarificationReply };

package/src/daemon/session-memory.ts

@@ -24,7 +24,6 @@ export interface MemoryRecallResult {
   runMessages: Message[];
   recall: Awaited<ReturnType<typeof buildMemoryRecall>>;
   dynamicProfile: { text: string };
-  softConflictInstruction: string | null;
   recallInjectionStrategy: RecallInjectionStrategy;
 }
 
@@ -37,7 +36,7 @@ export interface MemoryPrepareContext {
   scopeId: string;
   includeDefaultFallback: boolean;
   trustClass: "guardian" | "trusted_contact" | "unknown";
-  /** When false (e.g. scheduled tasks), skip conflict clarification prompts. */
+  /** When false (e.g. scheduled tasks), skip conflict gate evaluation. */
   isInteractive?: boolean;
 }
 
@@ -64,7 +63,7 @@ export async function prepareMemoryContext(
   userMessageId: string,
   abortSignal: AbortSignal,
   onEvent: (msg: ServerMessage) => void,
-): Promise<MemoryRecallResult & { conflictClarification: string | null }> {
+): Promise<MemoryRecallResult> {
   // Provenance-based trust gating: untrusted actors skip all memory operations
   // (recall, dynamic profile, conflict gate) to prevent untrusted content from
   // influencing memory-augmented responses.
@@ -94,9 +93,7 @@ export async function prepareMemoryContext(
         topCandidates: [],
       } as Awaited<ReturnType<typeof buildMemoryRecall>>,
       dynamicProfile: { text: "" },
-      softConflictInstruction: null,
       recallInjectionStrategy: "prepend_user_block",
-      conflictClarification: null,
     };
   }
 
@@ -129,65 +126,25 @@ export async function prepareMemoryContext(
         topCandidates: [],
       } as Awaited<ReturnType<typeof buildMemoryRecall>>,
       dynamicProfile: { text: "" },
-      softConflictInstruction: null,
       recallInjectionStrategy: "prepend_user_block",
-      conflictClarification: null,
     };
   }
 
   const runtimeConfig = getConfig();
   const memoryEnabled = runtimeConfig.memory?.enabled !== false;
 
-  // Conflict gate — skip entirely for non-interactive sessions (scheduled tasks,
-  // work items) since there is no human to answer the clarification question.
+  // Conflict gate — evaluate for side effects (background resolution/dismissal)
+  // but do not return any user-facing payload. Non-interactive sessions skip
+  // entirely since there is no human context for conflict evaluation.
   const isInteractive = ctx.isInteractive !== false;
   const conflictConfig =
     memoryEnabled && isInteractive
       ? runtimeConfig.memory?.conflicts
       : undefined;
-  const conflictGateResult = conflictConfig
-    ? await ctx.conflictGate.evaluate(content, conflictConfig, ctx.scopeId)
-    : null;
-
-  if (conflictGateResult?.relevant) {
-    return {
-      runMessages: ctx.messages,
-      recall: {
-        enabled: false,
-        degraded: false,
-        injectedText: "",
-        lexicalHits: 0,
-        semanticHits: 0,
-        recencyHits: 0,
-        entityHits: 0,
-        relationSeedEntityCount: 0,
-        relationTraversedEdgeCount: 0,
-        relationNeighborEntityCount: 0,
-        relationExpandedItemCount: 0,
-        earlyTerminated: false,
-        mergedCount: 0,
-        selectedCount: 0,
-        rerankApplied: false,
-        injectedTokens: 0,
-        latencyMs: 0,
-        topCandidates: [],
-      } as Awaited<ReturnType<typeof buildMemoryRecall>>,
-      dynamicProfile: { text: "" },
-      softConflictInstruction: null,
-      recallInjectionStrategy: "prepend_user_block",
-      conflictClarification: [
-        conflictGateResult.question,
-        "",
-        "I need this clarification before I can give guidance that depends on that preference.",
-      ].join("\n"),
-    };
+  if (conflictConfig) {
+    await ctx.conflictGate.evaluate(content, conflictConfig, ctx.scopeId);
   }
 
-  const softConflictInstruction =
-    conflictGateResult && !conflictGateResult.relevant
-      ? conflictGateResult.question
-      : null;
-
   // Dynamic profile
   const profileConfig = memoryEnabled
     ? runtimeConfig.memory?.profile
@@ -312,8 +269,6 @@ export async function prepareMemoryContext(
     runMessages,
     recall,
     dynamicProfile,
-    softConflictInstruction,
     recallInjectionStrategy,
-    conflictClarification: null,
   };
 }

package/src/daemon/session-process.ts

@@ -541,7 +541,9 @@ export async function processMessage(
       messageText: trimmedContent,
       channel: "vellum",
       actor: {
-        externalUserId: session.trustContext?.guardianExternalUserId,
+        actorPrincipalId:
+          session.trustContext?.guardianPrincipalId ?? undefined,
+        actorExternalUserId: session.trustContext?.guardianExternalUserId,
         channel: "vellum",
         guardianPrincipalId:
           session.trustContext?.guardianPrincipalId ?? undefined,

package/src/daemon/session-runtime-assembly.ts

@@ -115,6 +115,10 @@ export interface InboundActorContext {
   memberPolicy?: string;
   /** Denial reason when access is blocked. */
   denialReason?: string;
+  /** Free-text notes about this contact. */
+  contactNotes?: string;
+  /** Number of prior interactions with this contact. */
+  contactInteractionCount?: number;
 }
 
 /**
@@ -159,6 +163,9 @@ export function inboundActorContextFromTrust(
       : undefined,
     memberPolicy: ctx.memberRecord?.channel.policy ?? undefined,
     denialReason: ctx.denialReason,
+    contactNotes: ctx.memberRecord?.contact.notes ?? undefined,
+    contactInteractionCount:
+      ctx.memberRecord?.contact.interactionCount ?? undefined,
   };
 }
 
@@ -392,24 +399,6 @@ export interface ActiveSurfaceContext {
   appFiles?: string[];
 }
 
-/**
- * Append a memory-conflict clarification instruction to the last user message.
- */
-export function injectClarificationRequestIntoUserMessage(
-  message: Message,
-  question: string,
-): Message {
-  const instruction = [
-    "[Memory clarification request]",
-    `Ask this once in your response: ${question}`,
-    "After asking, continue helping with the current request.",
-  ].join("\n");
-  return {
-    ...message,
-    content: [...message.content, { type: "text", text: `\n\n${instruction}` }],
-  };
-}
-
 const MAX_CONTEXT_LENGTH = 100_000;
 
 function truncateHtml(html: string, budget: number): string {
@@ -791,6 +780,14 @@ export function buildInboundActorContextBlock(
     lines.push(`member_policy: ${ctx.memberPolicy}`);
   }
   lines.push(`denial_reason: ${ctx.denialReason ?? "none"}`);
+  // Contact metadata — only included when the sender has a contact record
+  // with non-default values.
+  if (ctx.contactNotes) {
+    lines.push(`contact_notes: ${ctx.contactNotes}`);
+  }
+  if (ctx.contactInteractionCount != null && ctx.contactInteractionCount > 0) {
+    lines.push(`contact_interaction_count: ${ctx.contactInteractionCount}`);
+  }
   if (
     ctx.actorMemberDisplayName &&
     ctx.actorSenderDisplayName &&
@@ -1050,9 +1047,9 @@ export function stripInjectedContext(
  * - `'full'` (default): all injections are applied.
  * - `'minimal'`: only safety-critical context is injected (channel turn,
  *   interface turn, inbound actor, non-interactive marker, voice call
- *   control, channel capabilities, soft conflict). High-token optional
- *   blocks (workspace top-level, temporal, channel command, active surface)
- *   are skipped to reduce context pressure.
+ *   control, channel capabilities). High-token optional blocks (workspace
+ *   top-level, temporal, channel command, active surface) are skipped to
+ *   reduce context pressure.
  */
 export type InjectionMode = "full" | "minimal";
 
@@ -1065,7 +1062,6 @@ export type InjectionMode = "full" | "minimal";
 export function applyRuntimeInjections(
   runMessages: Message[],
   options: {
-    softConflictInstruction?: string | null;
     activeSurface?: ActiveSurfaceContext | null;
     workspaceTopLevelContext?: string | null;
     channelCapabilities?: ChannelCapabilities | null;
@@ -1113,19 +1109,6 @@ export function applyRuntimeInjections(
     }
   }
 
-  if (options.softConflictInstruction) {
-    const userTail = result[result.length - 1];
-    if (userTail && userTail.role === "user") {
-      result = [
-        ...result.slice(0, -1),
-        injectClarificationRequestIntoUserMessage(
-          userTail,
-          options.softConflictInstruction,
-        ),
-      ];
-    }
-  }
-
   if (mode === "full" && options.activeSurface) {
     const userTail = result[result.length - 1];
     if (userTail && userTail.role === "user") {

package/src/heartbeat/heartbeat-service.ts

@@ -79,7 +79,11 @@ export class HeartbeatService {
 
     // Active hours guard — only applied when both bounds are set.
     // The schema rejects configs where only one bound is provided.
-    if (!force && config.activeHoursStart != null && config.activeHoursEnd != null) {
+    if (
+      !force &&
+      config.activeHoursStart != null &&
+      config.activeHoursEnd != null
+    ) {
       const hour = this.deps.getCurrentHour?.() ?? new Date().getHours();
       if (
         !isWithinActiveHours(

package/src/home-base/app-link-store.ts

@@ -76,10 +76,3 @@ export function setHomeBaseAppLink(
     updatedAt: now,
   };
 }
-
-export function clearHomeBaseAppLink(): void {
-  const db = getDb();
-  db.delete(homeBaseAppLinks)
-    .where(eq(homeBaseAppLinks.id, HOME_BASE_LINK_ID))
-    .run();
-}

package/src/memory/conflict-intent.ts

@@ -193,16 +193,13 @@ export function looksLikeClarificationReply(userMessage: string): boolean {
 }
 
 /**
- * Conflict resolution should require explicit clarification intent and either:
- * - non-zero topical overlap with the conflict statements, or
- * - a very recent explicit ask from the assistant.
+ * Conflict resolution requires explicit clarification intent with non-zero
+ * topical overlap with the conflict statements.
  */
 export function shouldAttemptConflictResolution(input: {
   clarificationReply: boolean;
   relevance: number;
-  wasRecentlyAsked: boolean;
 }): boolean {
   if (!input.clarificationReply) return false;
-  if (input.relevance > 0) return true;
-  return input.wasRecentlyAsked;
+  return input.relevance > 0;
 }

package/src/memory/conflict-policy.ts

@@ -71,6 +71,40 @@ export function isDurableInstructionStatement(statement: string): boolean {
   return DURABLE_INSTRUCTION_CUES.test(statement);
 }
 
+// ── Verification-state provenance ──────────────────────────────────────
+
+// States indicating user involvement — either the user directly stated
+// the information, explicitly confirmed it, or it was bulk-imported from
+// a trusted external source the user chose to connect.
+const USER_EVIDENCED_STATES = new Set([
+  "user_reported",
+  "user_confirmed",
+  "legacy_import",
+]);
+
+/**
+ * Returns true when the verification state indicates user provenance
+ * (as opposed to purely assistant-inferred).
+ */
+export function isUserEvidencedVerificationState(state: string): boolean {
+  return USER_EVIDENCED_STATES.has(state);
+}
+
+/**
+ * Returns true when at least one side of a conflict pair has user-evidenced
+ * provenance. Assistant-inferred-only conflicts should not escalate into
+ * user-facing behavior.
+ */
+export function isConflictUserEvidenced(
+  existingState: string,
+  candidateState: string,
+): boolean {
+  return (
+    isUserEvidencedVerificationState(existingState) ||
+    isUserEvidencedVerificationState(candidateState)
+  );
+}
+
 /**
  * Returns true when a statement of the given kind is eligible to participate
  * in conflict detection at the statement level. This combines kind eligibility