@vellumai/assistant 0.4.33 → 0.4.34

package/src/memory/guardian-approvals.ts

@@ -9,7 +9,6 @@
 import { and, count, desc, eq, gt, lte } from "drizzle-orm";
 import { v4 as uuid } from "uuid";
 
-import { DAEMON_INTERNAL_ASSISTANT_ID } from "../runtime/assistant-scope.js";
 import { getDb } from "./db.js";
 import { channelGuardianApprovalRequests } from "./schema.js";
 
@@ -29,7 +28,6 @@ export interface GuardianApprovalRequest {
   runId: string;
   requestId: string;
   conversationId: string;
-  assistantId: string;
   channel: string;
   requesterExternalUserId: string;
   requesterChatId: string;
@@ -57,7 +55,6 @@ function rowToApprovalRequest(
     runId: row.runId,
     requestId: row.requestId ?? row.runId,
     conversationId: row.conversationId,
-    assistantId: row.assistantId,
     channel: row.channel,
     requesterExternalUserId: row.requesterExternalUserId,
     requesterChatId: row.requesterChatId,
@@ -88,7 +85,6 @@ export function createApprovalRequest(params: {
   runId: string;
   requestId?: string;
   conversationId: string;
-  assistantId?: string;
   channel: string;
   requesterExternalUserId: string;
   requesterChatId: string;
@@ -108,7 +104,6 @@ export function createApprovalRequest(params: {
     runId: params.runId,
     requestId: params.requestId ?? null,
     conversationId: params.conversationId,
-    assistantId: params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID,
     channel: params.channel,
     requesterExternalUserId: params.requesterExternalUserId,
     requesterChatId: params.requesterChatId,
@@ -172,34 +167,25 @@ export function getUnresolvedApprovalForRequest(
 /**
  * Find a pending guardian approval request by the guardian's chat ID.
  * Used when the guardian sends a decision from their chat.
- *
- * When `assistantId` is provided, the lookup is scoped to that assistant,
- * preventing cross-assistant approval consumption in shared guardian chats.
  */
 export function getPendingApprovalByGuardianChat(
   channel: string,
   guardianChatId: string,
-  assistantId?: string,
 ): GuardianApprovalRequest | null {
   const db = getDb();
   const now = Date.now();
 
-  const conditions = [
-    eq(channelGuardianApprovalRequests.channel, channel),
-    eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
-    eq(channelGuardianApprovalRequests.status, "pending"),
-    gt(channelGuardianApprovalRequests.expiresAt, now),
-  ];
-  if (assistantId) {
-    conditions.push(
-      eq(channelGuardianApprovalRequests.assistantId, assistantId),
-    );
-  }
-
   const row = db
     .select()
     .from(channelGuardianApprovalRequests)
-    .where(and(...conditions))
+    .where(
+      and(
+        eq(channelGuardianApprovalRequests.channel, channel),
+        eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
+        eq(channelGuardianApprovalRequests.status, "pending"),
+        gt(channelGuardianApprovalRequests.expiresAt, now),
+      ),
+    )
     .orderBy(desc(channelGuardianApprovalRequests.createdAt))
     .get();
 
@@ -216,28 +202,22 @@ export function getPendingApprovalByRequestAndGuardianChat(
   requestId: string,
   channel: string,
   guardianChatId: string,
-  assistantId?: string,
 ): GuardianApprovalRequest | null {
   const db = getDb();
   const now = Date.now();
 
-  const conditions = [
-    eq(channelGuardianApprovalRequests.requestId, requestId),
-    eq(channelGuardianApprovalRequests.channel, channel),
-    eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
-    eq(channelGuardianApprovalRequests.status, "pending"),
-    gt(channelGuardianApprovalRequests.expiresAt, now),
-  ];
-  if (assistantId) {
-    conditions.push(
-      eq(channelGuardianApprovalRequests.assistantId, assistantId),
-    );
-  }
-
   const row = db
     .select()
     .from(channelGuardianApprovalRequests)
-    .where(and(...conditions))
+    .where(
+      and(
+        eq(channelGuardianApprovalRequests.requestId, requestId),
+        eq(channelGuardianApprovalRequests.channel, channel),
+        eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
+        eq(channelGuardianApprovalRequests.status, "pending"),
+        gt(channelGuardianApprovalRequests.expiresAt, now),
+      ),
+    )
     .get();
 
   return row ? rowToApprovalRequest(row) : null;
@@ -247,34 +227,25 @@ export function getPendingApprovalByRequestAndGuardianChat(
  * Return all pending (non-expired) guardian approval requests for a given
  * guardian chat and channel. Used to detect ambiguity when a guardian sends
  * a plain-text decision while multiple approvals are pending.
- *
- * When `assistantId` is provided, the results are scoped to that assistant
- * to prevent cross-assistant approval consumption.
  */
 export function getAllPendingApprovalsByGuardianChat(
   channel: string,
   guardianChatId: string,
-  assistantId?: string,
 ): GuardianApprovalRequest[] {
   const db = getDb();
   const now = Date.now();
 
-  const conditions = [
-    eq(channelGuardianApprovalRequests.channel, channel),
-    eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
-    eq(channelGuardianApprovalRequests.status, "pending"),
-    gt(channelGuardianApprovalRequests.expiresAt, now),
-  ];
-  if (assistantId) {
-    conditions.push(
-      eq(channelGuardianApprovalRequests.assistantId, assistantId),
-    );
-  }
-
   const rows = db
     .select()
     .from(channelGuardianApprovalRequests)
-    .where(and(...conditions))
+    .where(
+      and(
+        eq(channelGuardianApprovalRequests.channel, channel),
+        eq(channelGuardianApprovalRequests.guardianChatId, guardianChatId),
+        eq(channelGuardianApprovalRequests.status, "pending"),
+        gt(channelGuardianApprovalRequests.expiresAt, now),
+      ),
+    )
     .orderBy(desc(channelGuardianApprovalRequests.createdAt))
     .all();
 
@@ -326,11 +297,10 @@ export function updateApprovalDecision(
 // ---------------------------------------------------------------------------
 
 /**
- * List approval requests filtered by assistant, and optionally by channel,
- * conversation, and status. Returns a paginated list of escalations.
+ * List approval requests optionally filtered by channel, conversation, and
+ * status. Returns a paginated list of escalations.
  */
 export function listPendingApprovalRequests(params: {
-  assistantId?: string;
   channel?: string;
   conversationId?: string;
   status?: ApprovalRequestStatus;
@@ -339,12 +309,7 @@ export function listPendingApprovalRequests(params: {
 }): GuardianApprovalRequest[] {
   const db = getDb();
 
-  const conditions = [
-    eq(
-      channelGuardianApprovalRequests.assistantId,
-      params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID,
-    ),
-  ];
+  const conditions: ReturnType<typeof eq>[] = [];
   if (params.channel) {
     conditions.push(
       eq(channelGuardianApprovalRequests.channel, params.channel),
@@ -447,26 +412,18 @@ export function resolveApprovalRequest(
  * Count pending approval requests for a given conversation.
  * Used by thread state projection to compute `pending_escalation_count`.
  */
-export function countPendingByConversation(
-  conversationId: string,
-  assistantId?: string,
-): number {
+export function countPendingByConversation(conversationId: string): number {
   const db = getDb();
 
-  const conditions = [
-    eq(channelGuardianApprovalRequests.conversationId, conversationId),
-    eq(channelGuardianApprovalRequests.status, "pending"),
-  ];
-  if (assistantId) {
-    conditions.push(
-      eq(channelGuardianApprovalRequests.assistantId, assistantId),
-    );
-  }
-
   const result = db
     .select({ count: count() })
     .from(channelGuardianApprovalRequests)
-    .where(and(...conditions))
+    .where(
+      and(
+        eq(channelGuardianApprovalRequests.conversationId, conversationId),
+        eq(channelGuardianApprovalRequests.status, "pending"),
+      ),
+    )
     .get();
 
   return result?.count ?? 0;
@@ -478,7 +435,6 @@ export function countPendingByConversation(
  * Retained for existing test fixtures that check legacy approval dedup.
  */
 export function findPendingAccessRequestForRequester(
-  assistantId: string,
   channel: string,
   requesterExternalUserId: string,
   toolName: string,
@@ -491,7 +447,6 @@ export function findPendingAccessRequestForRequester(
     .from(channelGuardianApprovalRequests)
     .where(
       and(
-        eq(channelGuardianApprovalRequests.assistantId, assistantId),
         eq(channelGuardianApprovalRequests.channel, channel),
         eq(
           channelGuardianApprovalRequests.requesterExternalUserId,

package/src/memory/guardian-rate-limits.ts

@@ -17,7 +17,6 @@ import { channelGuardianRateLimits } from "./schema.js";
 
 export interface VerificationRateLimit {
   id: string;
-  assistantId: string;
   channel: string;
   actorExternalUserId: string;
   actorChatId: string;
@@ -49,7 +48,6 @@ function rowToRateLimit(
   const timestamps = parseTimestamps(row.attemptTimestampsJson);
   return {
     id: row.id,
-    assistantId: row.assistantId,
     channel: row.channel,
     actorExternalUserId: row.actorExternalUserId,
     actorChatId: row.actorChatId,
@@ -69,7 +67,6 @@ function rowToRateLimit(
  * Get the rate-limit record for a given actor on a specific channel.
  */
 export function getRateLimit(
-  assistantId: string,
   channel: string,
   actorExternalUserId: string,
   actorChatId: string,
@@ -80,7 +77,6 @@ export function getRateLimit(
     .from(channelGuardianRateLimits)
     .where(
       and(
-        eq(channelGuardianRateLimits.assistantId, assistantId),
         eq(channelGuardianRateLimits.channel, channel),
         eq(channelGuardianRateLimits.actorExternalUserId, actorExternalUserId),
         eq(channelGuardianRateLimits.actorChatId, actorChatId),
@@ -101,7 +97,6 @@ export function getRateLimit(
  * accumulate indefinitely.
  */
 export function recordInvalidAttempt(
-  assistantId: string,
   channel: string,
   actorExternalUserId: string,
   actorChatId: string,
@@ -113,12 +108,7 @@ export function recordInvalidAttempt(
   const now = Date.now();
   const cutoff = now - windowMs;
 
-  const existing = getRateLimit(
-    assistantId,
-    channel,
-    actorExternalUserId,
-    actorChatId,
-  );
+  const existing = getRateLimit(channel, actorExternalUserId, actorChatId);
 
   if (existing) {
     // Keep only timestamps within the sliding window, then add the new one
@@ -158,7 +148,6 @@ export function recordInvalidAttempt(
   const lockedUntil = 1 >= maxAttempts ? now + lockoutMs : null;
   const row = {
     id,
-    assistantId,
     channel,
     actorExternalUserId,
     actorChatId,
@@ -181,7 +170,6 @@ export function recordInvalidAttempt(
  * successful verification).
  */
 export function resetRateLimit(
-  assistantId: string,
   channel: string,
   actorExternalUserId: string,
   actorChatId: string,
@@ -197,7 +185,6 @@ export function resetRateLimit(
     })
     .where(
       and(
-        eq(channelGuardianRateLimits.assistantId, assistantId),
         eq(channelGuardianRateLimits.channel, channel),
         eq(channelGuardianRateLimits.actorExternalUserId, actorExternalUserId),
         eq(channelGuardianRateLimits.actorChatId, actorChatId),

package/src/memory/guardian-verification.ts

@@ -30,7 +30,6 @@ export type VerificationPurpose = "guardian" | "trusted_contact";
 
 export interface VerificationChallenge {
   id: string;
-  assistantId: string;
   channel: string;
   challengeHash: string;
   expiresAt: number;
@@ -68,7 +67,6 @@ function rowToChallenge(
 ): VerificationChallenge {
   return {
     id: row.id,
-    assistantId: row.assistantId,
     channel: row.channel,
     challengeHash: row.challengeHash,
     expiresAt: row.expiresAt,
@@ -101,7 +99,6 @@ function rowToChallenge(
 
 export function createChallenge(params: {
   id: string;
-  assistantId: string;
   channel: string;
   challengeHash: string;
   expiresAt: number;
@@ -110,16 +107,12 @@ export function createChallenge(params: {
   const db = getDb();
   const now = Date.now();
 
-  // Revoke any prior pending challenges for the same (assistantId, channel)
+  // Revoke any prior pending challenges for the same channel
   // to close the replay window — only the latest challenge should be valid.
   db.update(channelGuardianVerificationChallenges)
     .set({ status: "revoked", updatedAt: now })
     .where(
       and(
-        eq(
-          channelGuardianVerificationChallenges.assistantId,
-          params.assistantId,
-        ),
         eq(channelGuardianVerificationChallenges.channel, params.channel),
         eq(channelGuardianVerificationChallenges.status, "pending"),
       ),
@@ -128,7 +121,6 @@ export function createChallenge(params: {
 
   const row = {
     id: params.id,
-    assistantId: params.assistantId,
     channel: params.channel,
     challengeHash: params.challengeHash,
     expiresAt: params.expiresAt,
@@ -157,16 +149,12 @@ export function createChallenge(params: {
   return rowToChallenge(row);
 }
 
-export function revokePendingChallenges(
-  assistantId: string,
-  channel: string,
-): void {
+export function revokePendingChallenges(channel: string): void {
   const db = getDb();
   db.update(channelGuardianVerificationChallenges)
     .set({ status: "revoked", updatedAt: Date.now() })
     .where(
       and(
-        eq(channelGuardianVerificationChallenges.assistantId, assistantId),
         eq(channelGuardianVerificationChallenges.channel, channel),
         eq(channelGuardianVerificationChallenges.status, "pending"),
       ),
@@ -175,7 +163,6 @@ export function revokePendingChallenges(
 }
 
 export function findPendingChallengeByHash(
-  assistantId: string,
   channel: string,
   challengeHash: string,
 ): VerificationChallenge | null {
@@ -188,7 +175,6 @@ export function findPendingChallengeByHash(
     .from(channelGuardianVerificationChallenges)
     .where(
       and(
-        eq(channelGuardianVerificationChallenges.assistantId, assistantId),
         eq(channelGuardianVerificationChallenges.channel, channel),
         eq(channelGuardianVerificationChallenges.challengeHash, challengeHash),
         inArray(channelGuardianVerificationChallenges.status, [
@@ -205,7 +191,7 @@ export function findPendingChallengeByHash(
 }
 
 /**
- * Find any pending inbound (non-expired) challenge for a given (assistantId, channel).
+ * Find any pending inbound (non-expired) challenge for a given channel.
  * Scoped to 'pending' status only — this is the inbound verification path used by
  * the relay-server to gate incoming voice calls. Outbound session states
  * (pending_bootstrap, awaiting_response) are excluded so that an active outbound
@@ -213,7 +199,6 @@ export function findPendingChallengeByHash(
  * guardian verification flow.
  */
 export function findPendingChallengeForChannel(
-  assistantId: string,
   channel: string,
 ): VerificationChallenge | null {
   const db = getDb();
@@ -224,7 +209,6 @@ export function findPendingChallengeForChannel(
     .from(channelGuardianVerificationChallenges)
     .where(
       and(
-        eq(channelGuardianVerificationChallenges.assistantId, assistantId),
         eq(channelGuardianVerificationChallenges.channel, channel),
         eq(channelGuardianVerificationChallenges.status, "pending"),
         gt(channelGuardianVerificationChallenges.expiresAt, now),
@@ -261,11 +245,10 @@ export function consumeChallenge(
 /**
  * Create an outbound verification session with expected-identity binding.
  * Auto-revokes prior pending/awaiting_response sessions for the same
- * (assistantId, channel) to close the replay window.
+ * channel to close the replay window.
  */
 export function createVerificationSession(params: {
   id: string;
-  assistantId: string;
   channel: string;
   challengeHash: string;
   expiresAt: number;
@@ -284,15 +267,11 @@ export function createVerificationSession(params: {
   const db = getDb();
   const now = Date.now();
 
-  // Revoke any prior pending/awaiting_response sessions for the same (assistantId, channel)
+  // Revoke any prior pending/awaiting_response sessions for the same channel
   db.update(channelGuardianVerificationChallenges)
     .set({ status: "revoked", updatedAt: now })
     .where(
       and(
-        eq(
-          channelGuardianVerificationChallenges.assistantId,
-          params.assistantId,
-        ),
         eq(channelGuardianVerificationChallenges.channel, params.channel),
         inArray(channelGuardianVerificationChallenges.status, [
           "pending",
@@ -305,7 +284,6 @@ export function createVerificationSession(params: {
 
   const row = {
     id: params.id,
-    assistantId: params.assistantId,
     channel: params.channel,
     challengeHash: params.challengeHash,
     expiresAt: params.expiresAt,
@@ -336,10 +314,9 @@ export function createVerificationSession(params: {
 
 /**
  * Find the most recent pending_bootstrap or awaiting_response session
- * for a given (assistantId, channel).
+ * for a given channel.
  */
 export function findActiveSession(
-  assistantId: string,
   channel: string,
 ): VerificationChallenge | null {
   const db = getDb();
@@ -350,7 +327,6 @@ export function findActiveSession(
     .from(channelGuardianVerificationChallenges)
     .where(
       and(
-        eq(channelGuardianVerificationChallenges.assistantId, assistantId),
         eq(channelGuardianVerificationChallenges.channel, channel),
         inArray(channelGuardianVerificationChallenges.status, [
           "pending_bootstrap",
@@ -370,7 +346,6 @@ export function findActiveSession(
  * Used by the Telegram /start gv_<token> bootstrap flow.
  */
 export function findSessionByBootstrapTokenHash(
-  assistantId: string,
   channel: string,
   tokenHash: string,
 ): VerificationChallenge | null {
@@ -382,7 +357,6 @@ export function findSessionByBootstrapTokenHash(
     .from(channelGuardianVerificationChallenges)
     .where(
       and(
-        eq(channelGuardianVerificationChallenges.assistantId, assistantId),
         eq(channelGuardianVerificationChallenges.channel, channel),
         eq(channelGuardianVerificationChallenges.bootstrapTokenHash, tokenHash),
         eq(channelGuardianVerificationChallenges.status, "pending_bootstrap"),
@@ -399,7 +373,6 @@ export function findSessionByBootstrapTokenHash(
  * given identity fields with an active status.
  */
 export function findSessionByIdentity(
-  assistantId: string,
   channel: string,
   externalUserId?: string,
   chatId?: string,
@@ -415,7 +388,6 @@ export function findSessionByIdentity(
   const now = Date.now();
 
   const conditions = [
-    eq(channelGuardianVerificationChallenges.assistantId, assistantId),
     eq(channelGuardianVerificationChallenges.channel, channel),
     inArray(channelGuardianVerificationChallenges.status, [
       "pending_bootstrap",

package/src/memory/invite-store.ts

@@ -10,7 +10,6 @@ import { createHash, randomBytes, randomUUID } from "node:crypto";
 
 import { and, desc, eq, gt } from "drizzle-orm";
 
-import { DAEMON_INTERNAL_ASSISTANT_ID } from "../runtime/assistant-scope.js";
 import { getDb } from "./db.js";
 import { assistantIngressInvites } from "./schema.js";
 
@@ -22,7 +21,6 @@ export type InviteStatus = "active" | "redeemed" | "revoked" | "expired";
 
 export interface IngressInvite {
   id: string;
-  assistantId: string;
   sourceChannel: string;
   tokenHash: string;
   createdBySessionId: string | null;
@@ -71,7 +69,6 @@ function rowToInvite(
 ): IngressInvite {
   return {
     id: row.id,
-    assistantId: row.assistantId,
     sourceChannel: row.sourceChannel,
     tokenHash: row.tokenHash,
     createdBySessionId: row.createdBySessionId,
@@ -99,7 +96,6 @@ function rowToInvite(
 // ---------------------------------------------------------------------------
 
 export function createInvite(params: {
-  assistantId?: string;
   sourceChannel: string;
   createdBySessionId?: string;
   note?: string;
@@ -122,7 +118,6 @@ export function createInvite(params: {
 
   const row = {
     id,
-    assistantId: params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID,
     sourceChannel: params.sourceChannel,
     tokenHash: tokenH,
     createdBySessionId: params.createdBySessionId ?? null,
@@ -154,16 +149,15 @@ export function createInvite(params: {
 // ---------------------------------------------------------------------------
 
 export function listInvites(params: {
-  assistantId?: string;
   sourceChannel?: string;
   status?: InviteStatus;
   limit?: number;
   offset?: number;
 }): IngressInvite[] {
   const db = getDb();
-  const assistantId = params.assistantId ?? DAEMON_INTERNAL_ASSISTANT_ID;
 
-  const conditions = [eq(assistantIngressInvites.assistantId, assistantId)];
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  const conditions: any[] = [];
 
   if (params.sourceChannel) {
     conditions.push(
@@ -174,10 +168,9 @@ export function listInvites(params: {
     conditions.push(eq(assistantIngressInvites.status, params.status));
   }
 
-  const rows = db
-    .select()
-    .from(assistantIngressInvites)
-    .where(and(...conditions))
+  const query = db.select().from(assistantIngressInvites);
+
+  const rows = (conditions.length > 0 ? query.where(and(...conditions)) : query)
     .orderBy(desc(assistantIngressInvites.createdAt))
     .limit(params.limit ?? 100)
     .offset(params.offset ?? 0)
@@ -329,7 +322,6 @@ export function findByTokenHash(tokenHash: string): IngressInvite | null {
  * before code hash matching.
  */
 export function findActiveVoiceInvites(params: {
-  assistantId: string;
   expectedExternalUserId: string;
 }): IngressInvite[] {
   const db = getDb();
@@ -339,7 +331,6 @@ export function findActiveVoiceInvites(params: {
     .from(assistantIngressInvites)
     .where(
       and(
-        eq(assistantIngressInvites.assistantId, params.assistantId),
         eq(assistantIngressInvites.sourceChannel, "voice"),
         eq(assistantIngressInvites.status, "active"),
         eq(