@vellumai/assistant 0.4.35 → 0.4.37

package/src/daemon/handlers/config-channels.ts

@@ -218,11 +218,11 @@ export function revokeGuardianForChannel(
 // Guardian verification handler
 // ---------------------------------------------------------------------------
 
-export function handleGuardianVerification(
+export async function handleGuardianVerification(
   msg: GuardianVerificationRequest,
   socket: net.Socket,
   ctx: HandlerContext,
-): void {
+): Promise<void> {
   const channel = msg.channel ?? "telegram";
 
   try {
@@ -240,7 +240,7 @@ export function handleGuardianVerification(
       const result = revokeGuardianForChannel(channel);
       ctx.send(socket, { type: "guardian_verification_response", ...result });
     } else if (msg.action === "start_outbound") {
-      const result = startOutbound({
+      const result = await startOutbound({
         channel,
         destination: msg.destination,
         rebind: msg.rebind,

package/src/daemon/handlers/config-dispatch.ts

@@ -0,0 +1,29 @@
+import { channelHandlers } from "./config-channels.js";
+import { heartbeatHandlers } from "./config-heartbeat.js";
+import { ingressHandlers } from "./config-ingress.js";
+import { integrationHandlers } from "./config-integrations.js";
+import { modelHandlers } from "./config-model.js";
+import { platformHandlers } from "./config-platform.js";
+import { schedulingHandlers } from "./config-scheduling.js";
+import { slackHandlers } from "./config-slack.js";
+import { telegramHandlers } from "./config-telegram.js";
+import { toolHandlers } from "./config-tools.js";
+import { trustHandlers } from "./config-trust.js";
+import { voiceHandlers } from "./config-voice.js";
+
+// Keep the dispatch map isolated from the public config barrel so direct
+// handler imports do not race with index.ts when Bun evaluates modules eagerly.
+export const configHandlers = {
+  ...modelHandlers,
+  ...trustHandlers,
+  ...schedulingHandlers,
+  ...slackHandlers,
+  ...ingressHandlers,
+  ...platformHandlers,
+  ...integrationHandlers,
+  ...telegramHandlers,
+  ...channelHandlers,
+  ...toolHandlers,
+  ...heartbeatHandlers,
+  ...voiceHandlers,
+};

package/src/daemon/handlers/config-inbox.ts

@@ -32,19 +32,20 @@ import {
   renderHistoryContent,
 } from "./shared.js";
 
-export function handleContactsInvite(
+export async function handleContactsInvite(
   msg: ContactsInviteRequest,
   socket: net.Socket,
   ctx: HandlerContext,
-): void {
+): Promise<void> {
   try {
     switch (msg.action) {
       case "create": {
-        const result = createIngressInvite({
+        const result = await createIngressInvite({
           sourceChannel: msg.sourceChannel,
           note: msg.note,
           maxUses: msg.maxUses,
           expiresInMs: msg.expiresInMs,
+          contactName: msg.contactName,
           friendName: msg.friendName,
           guardianName: msg.guardianName,
         });

package/src/daemon/handlers/config.ts

@@ -1,18 +1,7 @@
 /**
- * Config handler barrel — re-exports all config domain handlers and assembles
- * the combined `configHandlers` dispatch map.
- *
- * Individual handlers live in domain-specific files:
- *   config-model.ts       — Model selection (LLM + image gen)
- *   config-trust.ts       — Trust rules (permissions allowlist)
- *   config-scheduling.ts  — Schedules & reminders
- *   config-slack.ts       — Slack webhook sharing
- *   config-ingress.ts     — Public ingress URL & gateway reconciliation
- *   config-platform.ts    — Platform base URL configuration
- *   config-integrations.ts — Vercel API & Twitter integration
- *   config-telegram.ts    — Telegram bot configuration
- *   config-channels.ts    — Channel guardian verification
- *   config-tools.ts       — Env vars, tool permission simulation, tool names
+ * Config handler barrel — re-exports direct handler entry points for tests and
+ * feature code. The aggregate dispatch map now lives in config-dispatch.ts so
+ * direct imports do not participate in the runtime handler graph.
  */
 
 // Re-export individual handlers for direct import by tests and other modules
@@ -76,32 +65,3 @@ export {
   handleVoiceConfigUpdate,
   normalizeActivationKey,
 } from "./config-voice.js";
-
-// Assemble the combined dispatch map from domain-specific handler groups
-import { channelHandlers } from "./config-channels.js";
-import { heartbeatHandlers } from "./config-heartbeat.js";
-import { ingressHandlers } from "./config-ingress.js";
-import { integrationHandlers } from "./config-integrations.js";
-import { modelHandlers } from "./config-model.js";
-import { platformHandlers } from "./config-platform.js";
-import { schedulingHandlers } from "./config-scheduling.js";
-import { slackHandlers } from "./config-slack.js";
-import { telegramHandlers } from "./config-telegram.js";
-import { toolHandlers } from "./config-tools.js";
-import { trustHandlers } from "./config-trust.js";
-import { voiceHandlers } from "./config-voice.js";
-
-export const configHandlers = {
-  ...modelHandlers,
-  ...trustHandlers,
-  ...schedulingHandlers,
-  ...slackHandlers,
-  ...ingressHandlers,
-  ...platformHandlers,
-  ...integrationHandlers,
-  ...telegramHandlers,
-  ...channelHandlers,
-  ...toolHandlers,
-  ...heartbeatHandlers,
-  ...voiceHandlers,
-};

package/src/daemon/handlers/contacts.ts

@@ -2,6 +2,7 @@ import * as net from "node:net";
 
 import { resolveGuardianName } from "../../config/user-reference.js";
 import {
+  deleteContact,
   getContact,
   listContacts,
   updateChannelStatus,
@@ -135,6 +136,39 @@ export function handleContacts(
         return;
       }
 
+      case "delete": {
+        if (!msg.contactId) {
+          ctx.send(socket, {
+            type: "contacts_response",
+            success: false,
+            error: "contactId is required for delete",
+          });
+          return;
+        }
+        const result = deleteContact(msg.contactId);
+        if (result === "not_found") {
+          ctx.send(socket, {
+            type: "contacts_response",
+            success: false,
+            error: `Contact "${msg.contactId}" not found`,
+          });
+          return;
+        }
+        if (result === "is_guardian") {
+          ctx.send(socket, {
+            type: "contacts_response",
+            success: false,
+            error: "Cannot delete a guardian contact",
+          });
+          return;
+        }
+        ctx.send(socket, {
+          type: "contacts_response",
+          success: true,
+        });
+        return;
+      }
+
       default: {
         ctx.send(socket, {
           type: "contacts_response",

package/src/daemon/handlers/index.ts

@@ -16,7 +16,7 @@ import { appHandlers } from "./apps.js";
 import { avatarHandlers } from "./avatar.js";
 import { browserHandlers } from "./browser.js";
 import { computerUseHandlers } from "./computer-use.js";
-import { configHandlers } from "./config.js";
+import { configHandlers } from "./config-dispatch.js";
 import { inboxInviteHandlers } from "./config-inbox.js";
 import { contactsHandlers } from "./contacts.js";
 import { diagnosticsHandlers } from "./diagnostics.js";
@@ -198,11 +198,25 @@ export function handleMessage(
   if (msg.type === "auth") return;
 
   const handler = handlers[msg.type] as
-    | ((msg: ClientMessage, socket: net.Socket, ctx: HandlerContext) => void)
+    | ((
+        msg: ClientMessage,
+        socket: net.Socket,
+        ctx: HandlerContext,
+      ) => void | Promise<void>)
     | undefined;
   if (!handler) {
     log.warn({ type: msg.type }, "Unknown message type, ignoring");
     return;
   }
-  handler(msg, socket, ctx);
+  // Handlers may be async — catch rejected promises so they don't become
+  // unhandled rejections at the process level.
+  const result = handler(msg, socket, ctx);
+  if (result && typeof result.catch === "function") {
+    result.catch((err: unknown) => {
+      log.error(
+        { err, type: msg.type },
+        "Unhandled error in async message handler",
+      );
+    });
+  }
 }

package/src/daemon/handlers/session-user-message.ts

@@ -539,6 +539,11 @@ async function handlePendingConfirmationReply(
           causedByRequestId: requestId,
           decisionText: messageText.trim(),
         });
+        // Notify agent loop so the outcome is persisted on the tool_use block
+        session.onConfirmationOutcome?.(
+          routerResult.requestId,
+          "resolved_stale",
+        );
       }
 
       const consumedChannelMeta = {
@@ -646,6 +651,8 @@ function autoDenyPendingConfirmations(
         source: "auto_deny",
         causedByRequestId: requestId,
       });
+      // Notify agent loop so the outcome is persisted on the tool_use block
+      session.onConfirmationOutcome?.(interaction.requestId, "denied");
     }
   }
   session.denyAllPendingConfirmations();

package/src/daemon/handlers/sessions.ts

@@ -61,6 +61,23 @@ import {
 export { handleUserMessage } from "./session-user-message.js";
 import { handleUserMessage } from "./session-user-message.js";
 
+/**
+ * Extract a valid ChannelId from a binding's sourceChannel, which may carry a
+ * `notification:` namespace prefix (e.g. `"notification:telegram"` -> `"telegram"`).
+ * Returns the ChannelId if valid, or null otherwise.
+ */
+function parseBindingSourceChannel(
+  sourceChannel: string,
+): import("../../channels/types.js").ChannelId | null {
+  if (isChannelId(sourceChannel)) return sourceChannel;
+  const NOTIFICATION_PREFIX = "notification:";
+  if (sourceChannel.startsWith(NOTIFICATION_PREFIX)) {
+    const inner = sourceChannel.slice(NOTIFICATION_PREFIX.length);
+    if (isChannelId(inner)) return inner;
+  }
+  return null;
+}
+
 export function syncCanonicalStatusFromIpcConfirmationDecision(
   requestId: string,
   decision: ConfirmationResponse["decision"],
@@ -283,10 +300,12 @@ export function handleSessionList(
         updatedAt: c.updatedAt,
         threadType: normalizeThreadType(c.threadType),
         source: c.source ?? "user",
-        ...(binding && isChannelId(binding.sourceChannel)
+        ...(binding && parseBindingSourceChannel(binding.sourceChannel)
           ? {
               channelBinding: {
-                sourceChannel: binding.sourceChannel,
+                sourceChannel: parseBindingSourceChannel(
+                  binding.sourceChannel,
+                )!,
                 externalChatId: binding.externalChatId,
                 externalUserId: binding.externalUserId,
                 displayName: binding.displayName,

package/src/daemon/handlers/shared.ts

@@ -70,6 +70,14 @@ export interface HistoryToolCall {
   isError?: boolean;
   /** Base64-encoded image data from tool contentBlocks (e.g. browser_screenshot). */
   imageData?: string;
+  /** Unix ms when the tool started executing. */
+  startedAt?: number;
+  /** Unix ms when the tool completed. */
+  completedAt?: number;
+  /** Confirmation decision for this tool call: "approved" | "denied" | "timed_out". */
+  confirmationDecision?: string;
+  /** Friendly label for the confirmation (e.g. "Edit File", "Run Command"). */
+  confirmationLabel?: string;
 }
 
 export interface HistorySurface {
@@ -468,6 +476,15 @@ export function renderHistoryContent(content: unknown): RenderedHistoryContent {
         : {};
       const id = typeof block.id === "string" ? block.id : "";
       const entry: HistoryToolCall = { name, input };
+      // Extract persisted timing/confirmation metadata
+      if (typeof block._startedAt === "number")
+        entry.startedAt = block._startedAt;
+      if (typeof block._completedAt === "number")
+        entry.completedAt = block._completedAt;
+      if (typeof block._confirmationDecision === "string")
+        entry.confirmationDecision = block._confirmationDecision;
+      if (typeof block._confirmationLabel === "string")
+        entry.confirmationLabel = block._confirmationLabel;
       toolCalls.push(entry);
       if (id) pendingToolUses.set(id, entry);
       contentOrder.push(`tool:${toolCalls.length - 1}`);

package/src/daemon/ipc-contract/apps.ts

@@ -238,6 +238,8 @@ export interface ForkSharedAppResponse {
 export interface BundleAppResponse {
   type: "bundle_app_response";
   bundlePath: string;
+  /** Base64-encoded PNG of the generated app icon, if available. */
+  iconImageBase64?: string;
   manifest: {
     format_version: number;
     name: string;

package/src/daemon/ipc-contract/computer-use.ts

@@ -217,6 +217,14 @@ export interface WatchCompleteRequest {
   watchId: string;
 }
 
+/** Server → Client: bootstrap failure during learn-mode recording setup. */
+export interface RideShotgunError {
+  type: "ride_shotgun_error";
+  watchId: string;
+  sessionId: string;
+  message: string;
+}
+
 // --- Domain-level union aliases (consumed by the barrel file) ---
 
 export type _ComputerUseClientMessages =
@@ -236,6 +244,7 @@ export type _ComputerUseServerMessages =
   | TaskRouted
   | RideShotgunProgress
   | RideShotgunResult
+  | RideShotgunError
   | WatchStarted
   | WatchCompleteRequest
   | RecordingStart

package/src/daemon/ipc-contract/contacts.ts

@@ -1,11 +1,11 @@
-// Contact management: list, get, and update channel status.
+// Contact management: list, get, update channel status, and delete.
 
 // === Client → Server ===
 
 export interface ContactsRequest {
   type: "contacts";
-  action: "list" | "get" | "update_channel";
-  /** Contact ID (get only). */
+  action: "list" | "get" | "update_channel" | "delete";
+  /** Contact ID (get and delete). */
   contactId?: string;
   /** Channel ID (update_channel only). */
   channelId?: string;

package/src/daemon/ipc-contract/inbox.ts

@@ -25,6 +25,8 @@ export interface ContactsInviteRequest {
   status?: string;
   /** Invitee's first name (voice invite create only). */
   friendName?: string;
+  /** Contact display name for personalizing invite instructions (create only). */
+  contactName?: string;
   /** Guardian's first name (voice invite create only). */
   guardianName?: string;
 }

package/src/daemon/ipc-contract/messages.ts

@@ -80,6 +80,8 @@ export interface ToolUseStart {
   toolName: string;
   input: Record<string, unknown>;
   sessionId?: string;
+  /** The tool_use block ID for client-side correlation. */
+  toolUseId?: string;
 }
 
 export interface ToolOutputChunk {
@@ -240,6 +242,8 @@ export interface ConfirmationStateChanged {
   causedByRequestId?: string;
   /** Normalized user text for analytics/debug (e.g. "approve", "deny"). */
   decisionText?: string;
+  /** The tool_use block ID this confirmation applies to, for disambiguating parallel tool calls. */
+  toolUseId?: string;
 }
 
 /**

package/src/daemon/ipc-contract/sessions.ts

@@ -288,6 +288,14 @@ export interface HistoryResponseToolCall {
   isError?: boolean;
   /** Base64-encoded image data from tool contentBlocks (e.g. browser_screenshot). */
   imageData?: string;
+  /** Unix ms when the tool started executing. */
+  startedAt?: number;
+  /** Unix ms when the tool completed. */
+  completedAt?: number;
+  /** Confirmation decision for this tool call: "approved" | "denied" | "timed_out". */
+  confirmationDecision?: string;
+  /** Friendly label for the confirmation (e.g. "Edit File", "Run Command"). */
+  confirmationLabel?: string;
 }
 
 export interface HistoryResponseSurface {

package/src/daemon/ipc-contract-inventory.json

@@ -278,6 +278,7 @@
     "recording_start",
     "recording_stop",
     "reminders_list_response",
+    "ride_shotgun_error",
     "ride_shotgun_progress",
     "ride_shotgun_result",
     "schedule_thread_created",

package/src/daemon/lifecycle.ts

@@ -47,7 +47,6 @@ import {
 import { ensureVellumGuardianBinding } from "../runtime/guardian-vellum-migration.js";
 import { RuntimeHttpServer } from "../runtime/http-server.js";
 import { startScheduler } from "../schedule/scheduler.js";
-import { migrateKeychainToEncrypted } from "../security/keychain-to-encrypted-migration.js";
 import { getLogger, initLogger } from "../util/logger.js";
 import {
   ensureDataDir,
@@ -143,10 +142,6 @@ export async function runDaemon(): Promise<void> {
     migrateToWorkspaceLayout();
     ensureDataDir();
 
-    // Copy any existing macOS keychain secrets into the encrypted file store
-    // before config loads, so the new encrypted-store-first read path sees them.
-    migrateKeychainToEncrypted();
-
     // Load (or generate + persist) the auth signing key so tokens survive
     // daemon restarts. Must happen after ensureDataDir() creates the
     // protected directory.

package/src/daemon/ride-shotgun-handler.ts

@@ -2,6 +2,11 @@ import { randomUUID } from "node:crypto";
 import type * as net from "node:net";
 
 import { autoNavigate } from "../tools/browser/auto-navigate.js";
+import {
+  type CdpSession,
+  ensureChromeWithCdp,
+  minimizeChromeWindow,
+} from "../tools/browser/chrome-cdp.js";
 import { NetworkRecorder } from "../tools/browser/network-recorder.js";
 import type { SessionRecording } from "../tools/browser/network-recording-types.js";
 import { saveRecording } from "../tools/browser/recording-store.js";
@@ -24,6 +29,9 @@ const log = getLogger("ride-shotgun-handler");
 /** Active network recorders keyed by watchId. */
 const activeRecorders = new Map<string, NetworkRecorder>();
 
+/** Active CDP sessions keyed by watchId — tracks browser ownership for cleanup. */
+const activeCdpSessions = new Map<string, CdpSession>();
+
 /** Active progress interval timers keyed by watchId, cleared on session completion. */
 const activeProgressIntervals = new Map<string, NodeJS.Timeout>();
 
@@ -71,20 +79,48 @@ async function completeSession(session: WatchSession): Promise<void> {
 
   // In learn mode, stop recording and save — skip the LLM summary (not needed)
   if (session.isLearnMode && session.recordingId) {
-    session.savedRecordingPath = await finalizeLearnRecording(
-      watchId,
-      session,
-      session.recordingId,
-    );
-    lastSummaryBySession.set(
-      sessionId,
-      session.savedRecordingPath
+    const hasRecorder = activeRecorders.has(watchId);
+
+    if (hasRecorder) {
+      session.savedRecordingPath = await finalizeLearnRecording(
+        watchId,
+        session,
+        session.recordingId,
+      );
+    }
+
+    // Clean up the CDP session — minimize if we launched Chrome, leave it alone otherwise
+    const cdpSession = activeCdpSessions.get(watchId);
+    if (cdpSession) {
+      activeCdpSessions.delete(watchId);
+      if (cdpSession.launchedByUs) {
+        try {
+          await minimizeChromeWindow(cdpSession.baseUrl);
+          log.info({ watchId }, "Minimized assistant-launched Chrome window");
+        } catch (err) {
+          log.debug({ err, watchId }, "Failed to minimize Chrome window");
+        }
+      }
+    }
+
+    // Use bootstrapFailureReason as the primary discriminator — hasRecorder
+    // alone can't distinguish "browser never launched" from "recorder failed
+    // after retries" since both leave activeRecorders empty.
+    const summary = session.bootstrapFailureReason
+      ? `Learn session failed — ${session.bootstrapFailureReason}`
+      : session.savedRecordingPath
         ? "Learn session completed — recording saved."
-        : "Learn session completed — recording failed to save.",
-    );
+        : "Learn session completed — recording failed to save.";
+
+    lastSummaryBySession.set(sessionId, summary);
     session.status = "completed";
     log.info(
-      { watchId, sessionId },
+      {
+        watchId,
+        sessionId,
+        hasRecorder,
+        bootstrapFailureReason: session.bootstrapFailureReason,
+      },
       "Learn session complete — firing completion notifier",
     );
     fireWatchCompletionNotifier(sessionId, session);
@@ -142,10 +178,67 @@ export async function handleRideShotgunStart(
     "Session created and stored in watchSessions map",
   );
 
-  // In learn mode, connect directly to Chrome's CDP endpoint for network recording.
-  // Retry a few times since Chrome may still be starting up after the Swift client restarts it.
+  // In learn mode, ensure Chrome is available with CDP, then connect for network recording.
   if (isLearnMode) {
     const startRecording = async () => {
+      // Ensure Chrome is running with CDP — launches it if needed
+      let cdpSession: CdpSession;
+      try {
+        cdpSession = await ensureChromeWithCdp({
+          startUrl: targetDomain ? `https://${targetDomain}` : undefined,
+        });
+        // If session completed while we were awaiting Chrome, skip storing to avoid a stale map entry
+        if (session.status !== "active") {
+          log.info(
+            { watchId, status: session.status },
+            "Session no longer active after CDP launch — skipping recording",
+          );
+          // If we launched Chrome, minimize it since completeSession already ran and won't find it
+          if (cdpSession.launchedByUs) {
+            try {
+              await minimizeChromeWindow(cdpSession.baseUrl);
+              log.info(
+                { watchId },
+                "Minimized assistant-launched Chrome window (post-session)",
+              );
+            } catch (err) {
+              log.debug(
+                { err, watchId },
+                "Failed to minimize Chrome window (post-session)",
+              );
+            }
+          }
+          return;
+        }
+        activeCdpSessions.set(watchId, cdpSession);
+        log.info(
+          {
+            watchId,
+            launchedByUs: cdpSession.launchedByUs,
+            baseUrl: cdpSession.baseUrl,
+          },
+          "CDP session established",
+        );
+      } catch (err) {
+        log.warn(
+          { err, watchId },
+          "Failed to ensure Chrome with CDP — cannot start recording",
+        );
+        ctx.send(socket, {
+          type: "ride_shotgun_error",
+          watchId,
+          sessionId,
+          message:
+            "Failed to start browser — Chrome CDP could not be launched.",
+        });
+        // Fail-fast: complete the session immediately instead of waiting for timeout
+        session.bootstrapFailureReason = "browser could not be started.";
+        await completeSession(session);
+        return;
+      }
+
+      const cdpBaseUrl = cdpSession.baseUrl;
+
       for (let attempt = 0; attempt < 10; attempt++) {
         // Check if session is still active before each attempt
         if (session.status !== "active") {
@@ -156,7 +249,7 @@ export async function handleRideShotgunStart(
           return;
         }
         try {
-          const recorder = new NetworkRecorder(targetDomain);
+          const recorder = new NetworkRecorder(targetDomain, cdpBaseUrl);
           recorder.loginSignals = getLoginSignals(targetDomain);
           await recorder.startDirect();
           // If session completed while we were connecting, stop immediately to avoid leak
@@ -248,7 +341,7 @@ export async function handleRideShotgunStart(
                 clearInterval(checkInterval);
               }
             }, 1000);
-            navigateXPages(abortSignal)
+            navigateXPages({ abortSignal, cdpBaseUrl })
               .then((completed) => {
                 clearInterval(checkInterval);
                 log.info(
@@ -275,16 +368,20 @@ export async function handleRideShotgunStart(
                 clearInterval(checkInterval);
               }
             }, 1000);
-            autoNavigate(navDomain, abortSignal, (progress) => {
-              // Send progress to connected client
-              if (progress.type === "visiting" && progress.url) {
-                const shortUrl = progress.url.replace(/^https?:\/\//, "");
-                ctx.send(socket, {
-                  type: "ride_shotgun_progress",
-                  watchId,
-                  message: `[${progress.pageNumber || "?"}] ${shortUrl}`,
-                });
-              }
+            autoNavigate(navDomain, {
+              abortSignal,
+              onProgress: (progress) => {
+                // Send progress to connected client
+                if (progress.type === "visiting" && progress.url) {
+                  const shortUrl = progress.url.replace(/^https?:\/\//, "");
+                  ctx.send(socket, {
+                    type: "ride_shotgun_progress",
+                    watchId,
+                    message: `[${progress.pageNumber || "?"}] ${shortUrl}`,
+                  });
+                }
+              },
+              cdpBaseUrl,
             })
               .then((visited) => {
                 clearInterval(checkInterval);
@@ -326,6 +423,15 @@ export async function handleRideShotgunStart(
               { err, watchId },
               "Failed to start network recording after 10 attempts",
             );
+            ctx.send(socket, {
+              type: "ride_shotgun_error",
+              watchId,
+              sessionId,
+              message: "Failed to start network recording after 10 attempts.",
+            });
+            session.bootstrapFailureReason =
+              "network recording could not be started after 10 attempts.";
+            await completeSession(session);
           }
         }
       }
@@ -336,6 +442,14 @@ export async function handleRideShotgunStart(
 
   // Set timeout for duration expiry
   session.timeoutHandle = setTimeout(() => {
+    if (
+      session.isLearnMode &&
+      !activeRecorders.has(watchId) &&
+      !session.bootstrapFailureReason
+    ) {
+      session.bootstrapFailureReason =
+        "session timed out before recording could start.";
+    }
     completeSession(session);
   }, durationSeconds * 1000);