@vellumai/assistant 0.4.34 → 0.4.36

package/src/__tests__/assistant-feature-flags-integration.test.ts

@@ -35,7 +35,10 @@ let currentConfig: Record<string, unknown> = {
 const DECLARED_FLAG_KEY = "feature_flags.hatch-new-assistant.enabled";
 const DECLARED_SKILL_ID = "hatch-new-assistant";
 
+// eslint-disable-next-line @typescript-eslint/no-require-imports
+const realPlatform = require("../util/platform.js");
 mock.module("../util/platform.js", () => ({
+  ...realPlatform,
   getRootDir: () => TEST_DIR,
   getDataDir: () => TEST_DIR,
   getWorkspaceDir: () => TEST_DIR,
@@ -59,38 +62,60 @@ mock.module("../util/platform.js", () => ({
   isWindows: () => false,
   getPlatformName: () => "linux",
   getClipboardCommand: () => null,
+  readSessionToken: () => null,
   removeSocketFile: () => {},
   migratePath: () => {},
   migrateToWorkspaceLayout: () => {},
   migrateToDataLayout: () => {},
 }));
 
+const noopLogger = new Proxy({} as Record<string, unknown>, {
+  get: (_target, prop) => (prop === "child" ? () => noopLogger : () => {}),
+});
+
+// eslint-disable-next-line @typescript-eslint/no-require-imports
+const realLogger = require("../util/logger.js");
 mock.module("../util/logger.js", () => ({
-  getLogger: () =>
-    new Proxy({} as Record<string, unknown>, {
-      get: () => () => {},
-    }),
+  ...realLogger,
+  getLogger: () => noopLogger,
+  getCliLogger: () => noopLogger,
   isDebug: () => false,
   truncateForLog: (v: string) => v,
+  initLogger: () => {},
+  pruneOldLogFiles: () => 0,
 }));
 
 mock.module("../config/loader.js", () => ({
   getConfig: () => currentConfig,
+  loadConfig: () => currentConfig,
+  loadRawConfig: () => ({}),
+  saveConfig: () => {},
+  saveRawConfig: () => {},
+  invalidateConfigCache: () => {},
+  getNestedValue: () => undefined,
+  setNestedValue: () => {},
+  syncConfigToLockfile: () => {},
 }));
 
+// eslint-disable-next-line @typescript-eslint/no-require-imports
+const realUserReference = require("../config/user-reference.js");
 mock.module("../config/user-reference.js", () => ({
+  ...realUserReference,
   resolveUserReference: () => "TestUser",
   resolveUserPronouns: () => null,
 }));
 
+// eslint-disable-next-line @typescript-eslint/no-require-imports
+const realCredentialMetadataStore = require("../tools/credentials/metadata-store.js");
 mock.module("../tools/credentials/metadata-store.js", () => ({
+  ...realCredentialMetadataStore,
   listCredentialMetadata: () => [],
 }));
 
 const { buildSystemPrompt } = await import("../config/system-prompt.js");
 const { isAssistantFeatureFlagEnabled } =
   await import("../config/assistant-feature-flags.js");
-const { isSkillFeatureEnabled } = await import("../config/skill-state.js");
+const { skillFlagKey } = await import("../config/skill-state.js");
 
 // ---------------------------------------------------------------------------
 // Setup / Teardown
@@ -301,18 +326,22 @@ describe("isAssistantFeatureFlagEnabled", () => {
   });
 });
 
-describe("legacy isSkillFeatureEnabled backward compat", () => {
-  test("delegates to the canonical resolver", () => {
+describe("isAssistantFeatureFlagEnabled with skillFlagKey", () => {
+  test("resolves skill flag via canonical path", () => {
     const config = {
       assistantFeatureFlagValues: { [DECLARED_FLAG_KEY]: false },
     } as any;
 
-    expect(isSkillFeatureEnabled(DECLARED_SKILL_ID, config)).toBe(false);
+    expect(
+      isAssistantFeatureFlagEnabled(skillFlagKey(DECLARED_SKILL_ID), config),
+    ).toBe(false);
   });
 
   test("disabled when no override set (registry default is false)", () => {
     const config = {} as any;
 
-    expect(isSkillFeatureEnabled(DECLARED_SKILL_ID, config)).toBe(false);
+    expect(
+      isAssistantFeatureFlagEnabled(skillFlagKey(DECLARED_SKILL_ID), config),
+    ).toBe(false);
   });
 });

package/src/__tests__/assistant-id-boundary-guard.test.ts

@@ -481,8 +481,8 @@ describe("assistant ID boundary", () => {
     const repoRoot = getRepoRoot();
 
     // Scan all Drizzle schema files for assistantId column definitions.
-    // The Drizzle ORM pattern is `assistantId: text(` for defining a text
-    // column named assistantId.
+    // Match `assistantId:` followed by any Drizzle column builder (text(,
+    // integer(, blob(, real(, etc.) — not just text(.
     const schemaGlobs = [
       "assistant/src/memory/schema/*.ts",
       "assistant/src/memory/schema/**/*.ts",
@@ -492,7 +492,7 @@ describe("assistant ID boundary", () => {
     try {
       grepOutput = execFileSync(
         "git",
-        ["grep", "-nE", "assistantId\\s*:\\s*text\\(", "--", ...schemaGlobs],
+        ["grep", "-nE", "assistantId\\s*:", "--", ...schemaGlobs],
         { encoding: "utf-8", cwd: repoRoot },
       ).trim();
     } catch (err) {
@@ -546,6 +546,9 @@ describe("assistant ID boundary", () => {
     // Scan store files for exported function signatures that include
     // assistantId as a parameter. This covers memory stores, contact stores,
     // notification stores, credential/token stores, and call stores.
+    //
+    // We read each file and extract full parameter lists (which may span
+    // multiple lines) from exported functions to catch multiline signatures.
     const storeGlobs = [
       "assistant/src/memory/*.ts",
       "assistant/src/contacts/*.ts",
@@ -556,52 +559,97 @@ describe("assistant ID boundary", () => {
       "assistant/src/calls/call-store.ts",
     ];
 
-    // Match exported function declarations/expressions with assistantId in
-    // their parameter lists. Patterns:
-    //   export function foo(assistantId
-    //   export function foo(bar, assistantId
-    //   export async function foo(assistantId
-    //   export const foo = (assistantId
-    //   export const foo = async (assistantId
-    // We use a broad pattern that catches assistantId appearing after an
-    // opening paren in an export context.
-    const pattern =
-      "export\\s+(async\\s+)?function\\s+\\w+\\s*\\([^)]*assistantId|export\\s+const\\s+\\w+\\s*=\\s*(async\\s+)?\\([^)]*assistantId";
-
-    let grepOutput = "";
-    try {
-      grepOutput = execFileSync(
-        "git",
-        ["grep", "-nE", pattern, "--", ...storeGlobs],
-        { encoding: "utf-8", cwd: repoRoot },
-      ).trim();
-    } catch (err) {
-      // Exit code 1 means no matches — happy path
-      if ((err as { status?: number }).status === 1) {
-        return;
+    // Find matching files using git ls-files with each glob
+    const matchedFiles: string[] = [];
+    for (const glob of storeGlobs) {
+      try {
+        const output = execFileSync("git", ["ls-files", "--", glob], {
+          encoding: "utf-8",
+          cwd: repoRoot,
+        }).trim();
+        if (output) {
+          matchedFiles.push(...output.split("\n").filter((f) => f.length > 0));
+        }
+      } catch {
+        // Ignore errors — glob may not match anything
       }
-      throw err;
     }
 
-    const allLines = grepOutput.split("\n").filter((l) => l.length > 0);
-    const violations = allLines.filter((line) => {
-      const filePath = line.split(":")[0];
-      if (isTestFile(filePath)) return false;
-      if (isMigrationFile(filePath)) return false;
+    const violations: string[] = [];
 
-      // Allow comments
-      const parts = line.split(":");
-      const content = parts.slice(2).join(":").trim();
-      if (
-        content.startsWith("//") ||
-        content.startsWith("*") ||
-        content.startsWith("/*")
+    // Regex to find the start of an exported function declaration or
+    // arrow-function expression. We capture everything from `export` up to
+    // and including the opening parenthesis of the parameter list.
+    const exportFnStartRegex =
+      /export\s+(?:async\s+)?function\s+\w+\s*\(|export\s+const\s+\w+\s*=\s*(?:async\s+)?\(/g;
+
+    for (const relPath of matchedFiles) {
+      if (isTestFile(relPath) || isMigrationFile(relPath)) continue;
+
+      const content = readFileSync(join(repoRoot, relPath), "utf-8");
+
+      exportFnStartRegex.lastIndex = 0;
+      for (
+        let match = exportFnStartRegex.exec(content);
+        match;
+        match = exportFnStartRegex.exec(content)
       ) {
-        return false;
-      }
+        // Skip matches that fall inside comments. Find the beginning of
+        // the line containing the match and check for comment prefixes.
+        const lineStart = content.lastIndexOf("\n", match.index) + 1;
+        const linePrefix = content.slice(lineStart, match.index).trim();
+        if (linePrefix.startsWith("//")) {
+          continue;
+        }
+        // For block comments: check if the match is inside an unclosed
+        // block comment. A prefix starting with `*` (continuation line)
+        // or `/*` only counts if there is no closing `*/` between the
+        // last `/*` opener and the match position — otherwise the
+        // comment was already closed (e.g. `/** docs */ export …`).
+        if (linePrefix.startsWith("*") || linePrefix.startsWith("/*")) {
+          const textBeforeMatch = content.slice(lineStart, match.index);
+          const lastOpen = textBeforeMatch.lastIndexOf("/*");
+          if (lastOpen === -1) {
+            // No block-comment opener on this line but starts with `*`,
+            // so it's a continuation line inside a multi-line comment.
+            continue;
+          }
+          const closeBetween = textBeforeMatch.indexOf("*/", lastOpen + 2);
+          if (closeBetween === -1) {
+            // The block comment is still open at the match position.
+            continue;
+          }
+          // The block comment was closed before the match — fall through
+          // and evaluate the match normally.
+        }
 
-      return true;
-    });
+        // Find the matching closing paren to extract the full parameter list,
+        // which may span multiple lines.
+        const parenStart = match.index + match[0].length - 1; // index of '('
+        let depth = 1;
+        let paramEnd = parenStart + 1;
+        for (let i = parenStart + 1; i < content.length && depth > 0; i++) {
+          if (content[i] === "(") depth++;
+          if (content[i] === ")") depth--;
+          if (depth === 0) {
+            paramEnd = i;
+            break;
+          }
+        }
+
+        const paramList = content.slice(parenStart + 1, paramEnd);
+
+        // Check if the parameter list contains assistantId as a word boundary
+        if (/\bassistantId\b/.test(paramList)) {
+          // Determine the line number of the export keyword for reporting
+          const lineNum = content.slice(0, match.index).split("\n").length;
+          const firstLine = content
+            .slice(match.index, match.index + match[0].length)
+            .trim();
+          violations.push(`${relPath}:${lineNum}: ${firstLine}...`);
+        }
+      }
+    }
 
     if (violations.length > 0) {
       const message = [

package/src/__tests__/browser-fill-credential.test.ts

@@ -60,7 +60,7 @@ let mockGetCredentialMetadata: ReturnType<typeof mock>;
 mock.module("../security/secure-keys.js", () => ({
   getSecureKey: (...args: unknown[]) => mockGetSecureKey(...args),
   setSecureKey: () => true,
-  deleteSecureKey: () => true,
+  deleteSecureKey: () => "deleted",
   listSecureKeys: () => [],
   getBackendType: () => "encrypted",
   _resetBackend: () => {},

package/src/__tests__/bundle-scanner.test.ts

@@ -49,7 +49,7 @@ async function createBundle(
   const data = await zip.generateAsync({ type: "uint8array" });
   const path = join(
     tempDir,
-    `test-${Date.now()}-${Math.random().toString(36).slice(2)}.vellumapp`,
+    `test-${Date.now()}-${Math.random().toString(36).slice(2)}.vellum`,
   );
   await Bun.write(path, data);
   return path;