@vellumai/assistant 0.4.31 → 0.4.33

package/src/__tests__/provider-fail-open-selection.test.ts

@@ -1,8 +1,35 @@
-import { describe, expect, test } from "bun:test";
+import { describe, expect, mock, test } from "bun:test";
+
+// ---------------------------------------------------------------------------
+// Mock the underlying dependencies of managed-proxy/context.js rather than
+// the context module itself. This avoids global mock bleed: other test files
+// that import context.js will still get the real implementation with their
+// own dependency mocks.
+// ---------------------------------------------------------------------------
+let mockPlatformBaseUrl = "";
+let mockAssistantApiKey = "";
+
+const actualEnv = await import("../config/env.js");
+mock.module("../config/env.js", () => ({
+  ...actualEnv,
+  getPlatformBaseUrl: () => mockPlatformBaseUrl,
+}));
+
+const actualSecureKeys = await import("../security/secure-keys.js");
+mock.module("../security/secure-keys.js", () => ({
+  ...actualSecureKeys,
+  getSecureKey: (key: string) => {
+    if (key === "credential:vellum:assistant_api_key") {
+      return mockAssistantApiKey || null;
+    }
+    return null;
+  },
+}));
 
 import {
   getFailoverProvider,
   initializeProviders,
+  listProviders,
   resolveProviderSelection,
 } from "../providers/registry.js";
 
@@ -125,3 +152,109 @@ describe("getFailoverProvider (fail-open)", () => {
     expect(provider.name).not.toBe("failover");
   });
 });
+
+// -------------------------------------------------------------------------
+// Managed proxy fallback
+// -------------------------------------------------------------------------
+
+describe("managed proxy fallback", () => {
+  function enableManagedProxy() {
+    mockPlatformBaseUrl = "https://platform.example.com";
+    mockAssistantApiKey = "ast-key-123";
+  }
+
+  function disableManagedProxy() {
+    mockPlatformBaseUrl = "";
+    mockAssistantApiKey = "";
+  }
+
+  test("openai registered via managed fallback when no user key but proxy context is valid", () => {
+    enableManagedProxy();
+    try {
+      initializeProviders({
+        apiKeys: { anthropic: "test-key" },
+        provider: "anthropic",
+        model: "test-model",
+      });
+      const registered = listProviders();
+      expect(registered).toContain("openai");
+      expect(registered).toContain("fireworks");
+      expect(registered).toContain("openrouter");
+    } finally {
+      disableManagedProxy();
+    }
+  });
+
+  test("user key takes precedence over managed fallback", () => {
+    enableManagedProxy();
+    try {
+      initializeProviders({
+        apiKeys: { anthropic: "test-key", openai: "user-openai-key" },
+        provider: "anthropic",
+        model: "test-model",
+      });
+      // openai should be registered (via user key, not managed)
+      const registered = listProviders();
+      expect(registered).toContain("openai");
+      // fireworks/openrouter should also be registered via managed fallback
+      expect(registered).toContain("fireworks");
+      expect(registered).toContain("openrouter");
+    } finally {
+      disableManagedProxy();
+    }
+  });
+
+  test("managed fallback not activated when proxy context is disabled", () => {
+    disableManagedProxy();
+    initializeProviders({
+      apiKeys: { anthropic: "test-key" },
+      provider: "anthropic",
+      model: "test-model",
+    });
+    const registered = listProviders();
+    expect(registered).not.toContain("openai");
+    expect(registered).not.toContain("fireworks");
+    expect(registered).not.toContain("openrouter");
+  });
+
+  test("managed providers participate in failover selection", () => {
+    enableManagedProxy();
+    try {
+      initializeProviders({
+        apiKeys: { anthropic: "test-key" },
+        provider: "anthropic",
+        model: "test-model",
+      });
+      const selection = resolveProviderSelection("anthropic", [
+        "openai",
+        "fireworks",
+      ]);
+      expect(selection.availableProviders).toEqual([
+        "anthropic",
+        "openai",
+        "fireworks",
+      ]);
+      expect(selection.selectedPrimary).toBe("anthropic");
+      expect(selection.usedFallbackPrimary).toBe(false);
+    } finally {
+      disableManagedProxy();
+    }
+  });
+
+  test("managed provider selected as primary when configured primary unavailable", () => {
+    enableManagedProxy();
+    try {
+      // No anthropic key, no gemini key — only managed providers available
+      initializeProviders({
+        apiKeys: {},
+        provider: "openai",
+        model: "test-model",
+      });
+      const selection = resolveProviderSelection("openai", ["fireworks"]);
+      expect(selection.selectedPrimary).toBe("openai");
+      expect(selection.usedFallbackPrimary).toBe(false);
+    } finally {
+      disableManagedProxy();
+    }
+  });
+});

package/src/__tests__/provider-managed-proxy-integration.test.ts

@@ -0,0 +1,269 @@
+import { beforeEach, describe, expect, mock, test } from "bun:test";
+
+import { MANAGED_PROVIDER_META } from "../providers/managed-proxy/constants.js";
+
+// ---------------------------------------------------------------------------
+// Mock the underlying dependencies that the real context module relies on.
+// This avoids mocking the context module directly and prevents mock conflicts
+// with context.test.ts (which also mocks these same underlying deps).
+// ---------------------------------------------------------------------------
+let mockPlatformBaseUrl = "";
+let mockAssistantApiKey: string | null = null;
+
+mock.module("../config/env.js", () => ({
+  getPlatformBaseUrl: () => mockPlatformBaseUrl,
+}));
+
+mock.module("../security/secure-keys.js", () => ({
+  getSecureKey: (key: string) => {
+    if (key === "credential:vellum:assistant_api_key") {
+      return mockAssistantApiKey;
+    }
+    return null;
+  },
+}));
+
+import {
+  getProviderRoutingSource,
+  initializeProviders,
+  listProviders,
+} from "../providers/registry.js";
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+const PLATFORM_BASE = "https://platform.example.com";
+const MANAGED_API_KEY = "ast-managed-key-123";
+
+const MANAGED_PROVIDERS: string[] = [
+  "openai",
+  "anthropic",
+  "gemini",
+  "fireworks",
+  "openrouter",
+];
+
+function enableManagedProxy() {
+  mockPlatformBaseUrl = PLATFORM_BASE;
+  mockAssistantApiKey = MANAGED_API_KEY;
+}
+
+function disableManagedProxy() {
+  mockPlatformBaseUrl = "";
+  mockAssistantApiKey = null;
+}
+
+/**
+ * Build an apiKeys record with a user key for every provider in `names`.
+ */
+function userKeysFor(...names: string[]): Record<string, string> {
+  const keys: Record<string, string> = {};
+  for (const n of names) {
+    keys[n] = `user-key-${n}`;
+  }
+  return keys;
+}
+
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+
+beforeEach(() => {
+  disableManagedProxy();
+});
+
+describe("managed proxy integration — credential precedence", () => {
+  describe("user keys present → providers use direct connections (not proxy)", () => {
+    test.each(MANAGED_PROVIDERS)(
+      "%s routes via user-key when user key is provided regardless of managed context",
+      (provider: string) => {
+        enableManagedProxy();
+        initializeProviders({
+          apiKeys: userKeysFor(provider),
+          provider,
+          model: "test-model",
+        });
+        expect(listProviders()).toContain(provider);
+        expect(getProviderRoutingSource(provider)).toBe("user-key");
+      },
+    );
+
+    test("all five managed providers route via user-key with user keys", () => {
+      enableManagedProxy();
+      initializeProviders({
+        apiKeys: userKeysFor(...MANAGED_PROVIDERS),
+        provider: "anthropic",
+        model: "test-model",
+      });
+      const registered = listProviders();
+      for (const p of MANAGED_PROVIDERS) {
+        expect(registered).toContain(p);
+        expect(getProviderRoutingSource(p)).toBe("user-key");
+      }
+    });
+
+    test("user keys still route via user-key when managed context is disabled", () => {
+      disableManagedProxy();
+      initializeProviders({
+        apiKeys: userKeysFor(...MANAGED_PROVIDERS),
+        provider: "anthropic",
+        model: "test-model",
+      });
+      const registered = listProviders();
+      for (const p of MANAGED_PROVIDERS) {
+        expect(registered).toContain(p);
+        expect(getProviderRoutingSource(p)).toBe("user-key");
+      }
+    });
+  });
+
+  describe("user keys absent + managed context available → providers use managed proxy", () => {
+    test.each(MANAGED_PROVIDERS)(
+      "%s routes via managed-proxy when no user key",
+      (provider: string) => {
+        enableManagedProxy();
+        initializeProviders({
+          apiKeys: {},
+          // For ollama, provider selection does not trigger managed proxy
+          provider: provider === "openai" ? "openai" : "anthropic",
+          model: "test-model",
+        });
+        expect(listProviders()).toContain(provider);
+        expect(getProviderRoutingSource(provider)).toBe("managed-proxy");
+      },
+    );
+
+    test("all five managed providers route via managed-proxy simultaneously", () => {
+      enableManagedProxy();
+      initializeProviders({
+        apiKeys: {},
+        provider: "anthropic",
+        model: "test-model",
+      });
+      const registered = listProviders();
+      for (const p of MANAGED_PROVIDERS) {
+        expect(registered).toContain(p);
+        expect(getProviderRoutingSource(p)).toBe("managed-proxy");
+      }
+    });
+  });
+
+  describe("neither user keys nor managed context → providers not initialized", () => {
+    test.each(MANAGED_PROVIDERS)(
+      "%s is NOT registered when no user key and no managed context",
+      (provider: string) => {
+        disableManagedProxy();
+        initializeProviders({
+          apiKeys: {},
+          provider: "anthropic",
+          model: "test-model",
+        });
+        expect(listProviders()).not.toContain(provider);
+        expect(getProviderRoutingSource(provider)).toBeUndefined();
+      },
+    );
+
+    test("registry is empty when no keys and no managed context (non-ollama primary)", () => {
+      disableManagedProxy();
+      initializeProviders({
+        apiKeys: {},
+        provider: "anthropic",
+        model: "test-model",
+      });
+      expect(listProviders()).toEqual([]);
+    });
+  });
+
+  describe("mixed: some user keys + managed fallback fills gaps", () => {
+    test("user key for anthropic routes direct, managed fallback fills remaining four via proxy", () => {
+      enableManagedProxy();
+      initializeProviders({
+        apiKeys: userKeysFor("anthropic"),
+        provider: "anthropic",
+        model: "test-model",
+      });
+      const registered = listProviders();
+      expect(registered).toContain("anthropic");
+      expect(getProviderRoutingSource("anthropic")).toBe("user-key");
+      for (const p of ["openai", "gemini", "fireworks", "openrouter"]) {
+        expect(registered).toContain(p);
+        expect(getProviderRoutingSource(p)).toBe("managed-proxy");
+      }
+    });
+
+    test("user key for openai routes direct, managed fallback fills remaining four via proxy", () => {
+      enableManagedProxy();
+      initializeProviders({
+        apiKeys: userKeysFor("openai"),
+        provider: "openai",
+        model: "test-model",
+      });
+      const registered = listProviders();
+      expect(registered).toContain("openai");
+      expect(getProviderRoutingSource("openai")).toBe("user-key");
+      for (const p of ["anthropic", "gemini", "fireworks", "openrouter"]) {
+        expect(registered).toContain(p);
+        expect(getProviderRoutingSource(p)).toBe("managed-proxy");
+      }
+    });
+  });
+});
+
+describe("managed proxy integration — ollama exclusion", () => {
+  test("ollama is never registered via managed proxy fallback", () => {
+    enableManagedProxy();
+    initializeProviders({
+      apiKeys: {},
+      provider: "anthropic",
+      model: "test-model",
+    });
+    expect(listProviders()).not.toContain("ollama");
+  });
+
+  test("ollama registers only when explicitly configured as provider", () => {
+    enableManagedProxy();
+    initializeProviders({
+      apiKeys: {},
+      provider: "ollama",
+      model: "test-model",
+    });
+    expect(listProviders()).toContain("ollama");
+  });
+
+  test("ollama registers with explicit API key", () => {
+    enableManagedProxy();
+    initializeProviders({
+      apiKeys: { ollama: "ollama-key" },
+      provider: "anthropic",
+      model: "test-model",
+    });
+    expect(listProviders()).toContain("ollama");
+  });
+
+  test("ollama metadata is marked as non-managed", () => {
+    const meta = MANAGED_PROVIDER_META.ollama;
+    expect(meta).toBeDefined();
+    expect(meta.managed).toBe(false);
+    expect(meta.proxyPath).toBeUndefined();
+  });
+});
+
+describe("managed proxy integration — constants integrity", () => {
+  test("all five managed providers have metadata with managed=true and a proxyPath", () => {
+    for (const provider of MANAGED_PROVIDERS) {
+      const meta = MANAGED_PROVIDER_META[provider];
+      expect(meta).toBeDefined();
+      expect(meta.managed).toBe(true);
+      expect(meta.proxyPath).toBeTruthy();
+      expect(meta.proxyPath).toMatch(/^\/v1\/runtime-proxy\//);
+    }
+  });
+
+  test("managed proxy paths are unique across providers", () => {
+    const paths = Object.values(MANAGED_PROVIDER_META)
+      .filter((m) => m.managed && m.proxyPath)
+      .map((m) => m.proxyPath);
+    expect(new Set(paths).size).toBe(paths.length);
+  });
+});

package/src/__tests__/recurrence-types.test.ts

@@ -66,21 +66,6 @@ describe("normalizeScheduleSyntax", () => {
     });
   });
 
-  test("falls back to legacyCronExpression", () => {
-    const result = normalizeScheduleSyntax({
-      legacyCronExpression: "0 9 * * *",
-    });
-    expect(result).toEqual({ syntax: "cron", expression: "0 9 * * *" });
-  });
-
-  test("honors explicit syntax hint in legacyCronExpression fallback", () => {
-    const result = normalizeScheduleSyntax({
-      syntax: "rrule",
-      legacyCronExpression: "0 9 * * *",
-    });
-    expect(result).toEqual({ syntax: "rrule", expression: "0 9 * * *" });
-  });
-
   test("returns null when nothing is provided", () => {
     expect(normalizeScheduleSyntax({})).toBeNull();
   });

package/src/__tests__/relay-server.test.ts

@@ -42,7 +42,6 @@ mock.module("../util/platform.js", () => ({
   getDbPath: () => join(testDir, "test.db"),
   getLogPath: () => join(testDir, "test.log"),
   ensureDataDir: () => {},
-  readHttpToken: () => null,
 }));
 
 mock.module("../util/logger.js", () => ({
@@ -61,9 +60,20 @@ mock.module("../daemon/identity-helpers.js", () => ({
 
 // ── User-reference mock (isolate from real USER.md) ──────────────────
 
+let mockUserReference = "my human";
 mock.module("../config/user-reference.js", () => ({
-  resolveUserReference: () => "my human",
+  resolveUserReference: () => mockUserReference,
   resolveUserPronouns: () => null,
+  DEFAULT_USER_REFERENCE: "my human",
+  resolveGuardianName: (guardianDisplayName?: string | null) => {
+    if (mockUserReference !== "my human") {
+      return mockUserReference;
+    }
+    if (guardianDisplayName && guardianDisplayName.trim().length > 0) {
+      return guardianDisplayName.trim();
+    }
+    return "my human";
+  },
 }));
 
 // ── Config mock ─────────────────────────────────────────────────────
@@ -345,6 +355,7 @@ describe("relay-server", () => {
   beforeEach(() => {
     resetTables();
     activeRelayConnections.clear();
+    mockUserReference = "my human";
     mockSendMessage.mockImplementation(createMockProviderResponse(["Hello"]));
     mockConfig.calls.verification.enabled = false;
     mockConfig.calls.verification.maxAttempts = 3;
@@ -4129,4 +4140,136 @@ describe("relay-server", () => {
 
     relay.destroy();
   });
+
+  // ── resolveGuardianLabel resolution priority ─────────────────────────
+
+  test("guardian label: USER.md name takes precedence over Contact.displayName", async () => {
+    mockUserReference = "Alice";
+
+    // Create a guardian binding with a different displayName
+    createGuardianBinding({
+      assistantId: "self",
+      channel: "voice",
+      guardianExternalUserId: "+15559990001",
+      guardianDeliveryChatId: "+15559990001",
+      guardianPrincipalId: "+15559990001",
+      verifiedVia: "test",
+      metadataJson: JSON.stringify({ displayName: "Bob" }),
+    });
+
+    ensureConversation("conv-label-user-md");
+    const session = createCallSession({
+      conversationId: "conv-label-user-md",
+      provider: "twilio",
+      fromNumber: "+15559990099",
+      toNumber: "+15551111111",
+      assistantId: "self",
+    });
+
+    const { ws, relay } = createMockWs(session.id);
+
+    await relay.handleMessage(
+      JSON.stringify({
+        type: "setup",
+        callSid: "CA_label_user_md",
+        from: "+15559990099",
+        to: "+15551111111",
+      }),
+    );
+
+    expect(relay.getConnectionState()).toBe("awaiting_name");
+
+    // The greeting should use the USER.md name ("Alice"), not Contact.displayName ("Bob")
+    const textMessages = ws.sentMessages
+      .map((raw) => JSON.parse(raw) as { type: string; token?: string })
+      .filter((m) => m.type === "text");
+    const promptText = textMessages.map((m) => m.token ?? "").join("");
+    expect(promptText).toContain("Alice");
+    expect(promptText).not.toContain("Bob");
+
+    relay.destroy();
+  });
+
+  test("guardian label: Contact.displayName used when USER.md is empty", async () => {
+    mockUserReference = "my human";
+
+    // Create a guardian binding with a displayName
+    createGuardianBinding({
+      assistantId: "self",
+      channel: "voice",
+      guardianExternalUserId: "+15559990002",
+      guardianDeliveryChatId: "+15559990002",
+      guardianPrincipalId: "+15559990002",
+      verifiedVia: "test",
+      metadataJson: JSON.stringify({ displayName: "Charlie" }),
+    });
+
+    ensureConversation("conv-label-contact");
+    const session = createCallSession({
+      conversationId: "conv-label-contact",
+      provider: "twilio",
+      fromNumber: "+15559990098",
+      toNumber: "+15551111111",
+      assistantId: "self",
+    });
+
+    const { ws, relay } = createMockWs(session.id);
+
+    await relay.handleMessage(
+      JSON.stringify({
+        type: "setup",
+        callSid: "CA_label_contact",
+        from: "+15559990098",
+        to: "+15551111111",
+      }),
+    );
+
+    expect(relay.getConnectionState()).toBe("awaiting_name");
+
+    // The greeting should use Contact.displayName ("Charlie")
+    const textMessages = ws.sentMessages
+      .map((raw) => JSON.parse(raw) as { type: string; token?: string })
+      .filter((m) => m.type === "text");
+    const promptText = textMessages.map((m) => m.token ?? "").join("");
+    expect(promptText).toContain("Charlie");
+
+    relay.destroy();
+  });
+
+  test("guardian label: DEFAULT_USER_REFERENCE used when both USER.md and Contact.displayName are empty", async () => {
+    mockUserReference = "my human";
+
+    // No guardian binding — no Contact.displayName available
+
+    ensureConversation("conv-label-default");
+    const session = createCallSession({
+      conversationId: "conv-label-default",
+      provider: "twilio",
+      fromNumber: "+15559990097",
+      toNumber: "+15551111111",
+      assistantId: "self",
+    });
+
+    const { ws, relay } = createMockWs(session.id);
+
+    await relay.handleMessage(
+      JSON.stringify({
+        type: "setup",
+        callSid: "CA_label_default",
+        from: "+15559990097",
+        to: "+15551111111",
+      }),
+    );
+
+    expect(relay.getConnectionState()).toBe("awaiting_name");
+
+    // The greeting should use the default "my human"
+    const textMessages = ws.sentMessages
+      .map((raw) => JSON.parse(raw) as { type: string; token?: string })
+      .filter((m) => m.type === "text");
+    const promptText = textMessages.map((m) => m.token ?? "").join("");
+    expect(promptText).toContain("my human");
+
+    relay.destroy();
+  });
 });

package/src/__tests__/sandbox-host-parity.test.ts

@@ -679,11 +679,14 @@ describe("Terminal output format: formatShellOutput shared by sandbox and host",
     expect(result.isError).toBe(false);
   });
 
-  test("non-zero exit code with empty output produces <command_exit /> tag", () => {
+  test("non-zero exit code with empty output produces <command_exit /> tag and descriptive message", () => {
     const result = formatShellOutput("", "", 42, false, 120);
 
-    expect(result.content).toBe('<command_exit code="42" />');
+    expect(result.content).toContain('<command_exit code="42" />');
+    expect(result.content).toContain("Command failed with exit code 42");
+    expect(result.content).toContain("No stdout or stderr output was produced");
     expect(result.isError).toBe(true);
+    expect(result.status).toContain('<command_exit code="42" />');
   });
 
   test("stderr is appended to stdout with a newline separator", () => {