@vellumai/assistant 0.4.35 → 0.4.37

package/src/daemon/session-agent-loop-handlers.ts

@@ -67,6 +67,22 @@ export interface EventHandlerState {
   firstThinkingDeltaEmitted: boolean;
   /** Name of the last completed tool, used to generate contextual statusText. */
   lastCompletedToolName: string | undefined;
+  /** Tracks tool_use_id → timing data for persisting on content blocks. */
+  readonly toolCallTimestamps: Map<
+    string,
+    { startedAt: number; completedAt?: number }
+  >;
+  /** The tool_use_id of the currently executing tool (set in handleToolUse, cleared in handleToolResult). */
+  currentToolUseId: string | undefined;
+  /** Maps confirmation requestId → tool_use_id for linking decisions to tools. */
+  readonly requestIdToToolUseId: Map<string, string>;
+  /** Stores confirmation outcomes keyed by tool_use_id. */
+  readonly toolConfirmationOutcomes: Map<
+    string,
+    { decision: string; label: string }
+  >;
+  /** tool_use_ids emitted in the current turn (populated in handleToolUse, cleared after annotation). */
+  currentTurnToolUseIds: string[];
 }
 
 /** Immutable context shared across event handlers within a single agent loop run. */
@@ -108,6 +124,11 @@ export function createEventHandlerState(): EventHandlerState {
     firstTextDeltaEmitted: false,
     firstThinkingDeltaEmitted: false,
     lastCompletedToolName: undefined,
+    toolCallTimestamps: new Map(),
+    currentToolUseId: undefined,
+    requestIdToToolUseId: new Map(),
+    toolConfirmationOutcomes: new Map(),
+    currentTurnToolUseIds: [],
   };
 }
 
@@ -253,6 +274,9 @@ export function handleToolUse(
 ): void {
   state.toolUseIdToName.set(event.id, event.name);
   state.currentTurnToolNames.push(event.name);
+  state.toolCallTimestamps.set(event.id, { startedAt: Date.now() });
+  state.currentToolUseId = event.id;
+  state.currentTurnToolUseIds.push(event.id);
   const statusText = `Running ${friendlyToolName(event.name)}`;
   deps.ctx.emitActivityState(
     "tool_running",
@@ -266,6 +290,7 @@ export function handleToolUse(
     toolName: event.name,
     input: event.input,
     sessionId: deps.ctx.conversationId,
+    toolUseId: event.id,
   });
 }
 
@@ -392,6 +417,11 @@ export function handleToolResult(
     contentBlocks: event.contentBlocks,
   });
 
+  // Record tool completion timestamp
+  const ts = state.toolCallTimestamps.get(event.toolUseId);
+  if (ts) ts.completedAt = Date.now();
+  state.currentToolUseId = undefined;
+
   const toolName = state.toolUseIdToName.get(event.toolUseId);
   if (toolName === "file_write" || toolName === "bash") {
     deps.ctx.markWorkspaceTopLevelDirty();
@@ -433,6 +463,68 @@ export function handleToolResult(
     deps.reqId,
     statusText,
   );
+
+  // Once all tools for this turn have completed, annotate the persisted
+  // assistant message with timing and confirmation metadata.
+  const allToolsDone = state.currentTurnToolUseIds.every((id) => {
+    const ts = state.toolCallTimestamps.get(id);
+    return ts && ts.completedAt != null;
+  });
+  if (allToolsDone && state.currentTurnToolUseIds.length > 0) {
+    annotatePersistedAssistantMessage(state);
+  }
+}
+
+/**
+ * After all tools for the current turn complete, fetch the persisted assistant
+ * message, annotate its tool_use blocks with timing and confirmation metadata,
+ * and update the DB. This runs post-tool-execution so the metadata maps are
+ * fully populated (unlike message_complete which fires before tools run).
+ */
+function annotatePersistedAssistantMessage(state: EventHandlerState): void {
+  const messageId = state.lastAssistantMessageId;
+  if (!messageId) return;
+
+  const row = conversationStore.getMessageById(messageId);
+  if (!row) return;
+
+  let content: ContentBlock[];
+  try {
+    content = JSON.parse(row.content) as ContentBlock[];
+  } catch {
+    return;
+  }
+
+  let modified = false;
+  for (const block of content) {
+    if (block.type === "tool_use") {
+      const rec = block as unknown as Record<string, unknown>;
+      const id = rec.id as string | undefined;
+      if (!id) continue;
+
+      const ts = state.toolCallTimestamps.get(id);
+      if (ts) {
+        rec._startedAt = ts.startedAt;
+        if (ts.completedAt != null) {
+          rec._completedAt = ts.completedAt;
+        }
+        modified = true;
+      }
+      const confirmation = state.toolConfirmationOutcomes.get(id);
+      if (confirmation) {
+        rec._confirmationDecision = confirmation.decision;
+        rec._confirmationLabel = confirmation.label;
+        modified = true;
+      }
+    }
+  }
+
+  if (modified) {
+    conversationStore.updateMessageContent(messageId, JSON.stringify(content));
+  }
+
+  // Clear for the next turn
+  state.currentTurnToolUseIds = [];
 }
 
 export function handleError(
@@ -465,6 +557,9 @@ export async function handleMessageComplete(
   deps: EventHandlerDeps,
   event: Extract<AgentEvent, { type: "message_complete" }>,
 ): Promise<void> {
+  // Reset per-turn tool tracking for the new turn.
+  state.currentTurnToolUseIds = [];
+
   // Flush any remaining directive display buffer
   if (state.pendingDirectiveDisplayBuffer.length > 0) {
     deps.onEvent({
@@ -533,6 +628,11 @@ export async function handleMessageComplete(
     );
   }
 
+  // NOTE: Tool timing/confirmation annotations are NOT applied here because
+  // message_complete fires BEFORE tool_use/tool_result events. The annotations
+  // are applied in handleToolResult after all tools for the turn complete,
+  // then the persisted message is updated via updateMessageContent.
+
   // Build content with UI surfaces
   const contentWithSurfaces: ContentBlock[] = [...cleanedBlocks];
   for (const surface of deps.ctx.currentTurnSurfaces) {

package/src/daemon/session-agent-loop.ts

@@ -118,6 +118,27 @@ import type { TraceEmitter } from "./trace-emitter.js";
 
 const log = getLogger("session-agent-loop");
 
+/** Title-cased friendly labels for tool names, used in confirmation chips. */
+const TOOL_FRIENDLY_LABEL: Record<string, string> = {
+  bash: "Run Command",
+  web_search: "Web Search",
+  web_fetch: "Web Fetch",
+  file_read: "Read File",
+  file_write: "Write File",
+  file_edit: "Edit File",
+  browser_navigate: "Browser",
+  browser_click: "Browser",
+  browser_type: "Browser",
+  browser_screenshot: "Browser",
+  browser_scroll: "Browser",
+  browser_wait: "Browser",
+  app_create: "Create App",
+  app_update: "Update App",
+  skill_load: "Load Skill",
+  app_file_edit: "Edit App File",
+  app_file_write: "Write App File",
+};
+
 type GitServiceInitializer = {
   ensureInitialized(): Promise<void>;
 };
@@ -222,6 +243,18 @@ export interface AgentLoopSessionContext {
       : never,
   ): void;
 
+  /**
+   * Optional callback invoked by the Session when a confirmation state changes.
+   * The agent loop registers this to track requestId → toolUseId mappings
+   * and record confirmation outcomes for persistence.
+   */
+  onConfirmationOutcome?: (
+    requestId: string,
+    state: string,
+    toolName?: string,
+    toolUseId?: string,
+  ) => void;
+
   getWorkspaceGitService?: (workspaceDir: string) => GitServiceInitializer;
   commitTurnChanges?: typeof commitTurnChanges;
 
@@ -432,6 +465,44 @@ export async function runAgentLoopImpl(
     }
 
     const state = createEventHandlerState();
+
+    // Register confirmation outcome tracker so the agent loop can link
+    // confirmation decisions to tool_use_ids for persistence.
+    ctx.onConfirmationOutcome = (
+      requestId,
+      confirmationState,
+      toolName,
+      toolUseId,
+    ) => {
+      if (confirmationState === "pending") {
+        // Use the toolUseId passed from the prompter (which knows which tool
+        // requested confirmation) instead of the ambient state.currentToolUseId,
+        // which is unreliable when multiple tools execute in parallel.
+        const resolvedToolUseId = toolUseId ?? state.currentToolUseId;
+        if (resolvedToolUseId) {
+          state.requestIdToToolUseId.set(requestId, resolvedToolUseId);
+        }
+      } else if (
+        confirmationState === "approved" ||
+        confirmationState === "denied" ||
+        confirmationState === "timed_out"
+      ) {
+        const resolvedId =
+          state.requestIdToToolUseId.get(requestId) ?? toolUseId;
+        if (resolvedId) {
+          const name = state.toolUseIdToName.get(resolvedId) ?? toolName ?? "";
+          // Build a friendly label from the tool name
+          const label =
+            TOOL_FRIENDLY_LABEL[name] ??
+            name.replace(/_/g, " ").replace(/\b\w/g, (c) => c.toUpperCase());
+          state.toolConfirmationOutcomes.set(resolvedId, {
+            decision: confirmationState,
+            label,
+          });
+        }
+      }
+    };
+
     let runMessages = ctx.messages;
 
     const memoryResult = await prepareMemoryContext(
@@ -1347,6 +1418,7 @@ export async function runAgentLoopImpl(
 
     ctx.abortController = null;
     ctx.processing = false;
+    ctx.onConfirmationOutcome = undefined;
     ctx.surfaceActionRequestIds.delete(ctx.currentRequestId ?? "");
     ctx.currentRequestId = undefined;
     ctx.currentActiveSurfaceId = undefined;

package/src/daemon/session-tool-setup.ts

@@ -135,6 +135,7 @@ export function createToolExecutor(
   name: string,
   input: Record<string, unknown>,
   onOutput?: (chunk: string) => void,
+  toolUseId?: string,
 ) => Promise<ToolExecutionResult> {
   // Register the session's sendToClient for browser screencast surface messages
   registerSessionSender(ctx.conversationId, (msg) => ctx.sendToClient(msg));
@@ -143,6 +144,7 @@ export function createToolExecutor(
     name: string,
     input: Record<string, unknown>,
     onOutput?: (chunk: string) => void,
+    toolUseId?: string,
   ) => {
     if (isDoordashCommand(name, input)) {
       markDoordashStepInProgress(ctx, input);
@@ -172,6 +174,7 @@ export function createToolExecutor(
       allowedToolNames: ctx.allowedToolNames,
       memoryScopeId: ctx.memoryPolicy.scopeId,
       forcePromptSideEffects: ctx.memoryPolicy.strictSideEffects,
+      toolUseId,
       onToolLifecycleEvent: handleToolLifecycleEvent,
       sendToClient: (msg) => {
         // Tool context's sendToClient uses a loose { type: string; [key: string]: unknown }
@@ -255,6 +258,10 @@ export function createToolExecutor(
           undefined,
           ctx.conversationId,
           req.executionTarget,
+          undefined,
+          undefined,
+          undefined,
+          toolUseId,
         );
         if (
           (response.decision === "always_allow" ||

package/src/daemon/session.ts

@@ -222,6 +222,13 @@ export class Session {
    * no-op for socketless sessions.
    */
   private onStateSignal?: (msg: ServerMessage) => void;
+  /** Set by the agent loop to track confirmation outcomes for persistence. */
+  onConfirmationOutcome?: (
+    requestId: string,
+    state: string,
+    toolName?: string,
+    toolUseId?: string,
+  ) => void;
 
   constructor(
     conversationId: string,
@@ -243,7 +250,7 @@ export class Session {
       : { ...DEFAULT_MEMORY_POLICY };
     this.traceEmitter = new TraceEmitter(conversationId, sendToClient);
     this.prompter = new PermissionPrompter(sendToClient);
-    this.prompter.setOnStateChanged((requestId, state, source) => {
+    this.prompter.setOnStateChanged((requestId, state, source, toolUseId) => {
       // Route through emitConfirmationStateChanged so the onStateSignal
       // listener publishes to the SSE hub for HTTP/SSE consumers.
       this.emitConfirmationStateChanged({
@@ -251,7 +258,11 @@ export class Session {
         requestId,
         state,
         source,
+        toolUseId,
       });
+      // Notify the agent loop so it can track requestId → toolUseId mappings
+      // and record confirmation outcomes for persistence.
+      this.onConfirmationOutcome?.(requestId, state, undefined, toolUseId);
       // Emit activity state transitions for confirmation lifecycle
       if (state === "pending") {
         this.emitActivityState(
@@ -523,6 +534,9 @@ export class Session {
       return;
     }
 
+    // Capture toolUseId before resolving (resolution deletes the pending entry)
+    const toolUseId = this.prompter.getToolUseId(requestId);
+
     this.prompter.resolveConfirmation(
       requestId,
       decision,
@@ -547,6 +561,7 @@ export class Session {
       requestId,
       state: resolvedState,
       source: emissionContext?.source ?? "button",
+      toolUseId,
       ...(emissionContext?.causedByRequestId
         ? { causedByRequestId: emissionContext.causedByRequestId }
         : {}),
@@ -554,6 +569,13 @@ export class Session {
         ? { decisionText: emissionContext.decisionText }
         : {}),
     });
+    // Notify the agent loop of the confirmation outcome for persistence
+    this.onConfirmationOutcome?.(
+      requestId,
+      resolvedState,
+      undefined,
+      toolUseId,
+    );
     this.emitActivityState(
       "thinking",
       "confirmation_resolved",

package/src/daemon/tool-side-effects.ts

@@ -9,14 +9,18 @@
 
 import { join } from "node:path";
 
+import { generateAppIcon } from "../media/app-icon-generator.js";
 import { updatePublishedAppDeployment } from "../services/published-app-updater.js";
 import type { ToolExecutionResult } from "../tools/types.js";
+import { getLogger } from "../util/logger.js";
 import { getWorkspaceDir } from "../util/platform.js";
 import { isDoordashCommand, updateDoordashProgress } from "./doordash-steps.js";
 import type { ServerMessage } from "./ipc-protocol.js";
 import { refreshSurfacesForApp } from "./session-surfaces.js";
 import type { ToolSetupContext } from "./session-tool-setup.js";
 
+const log = getLogger("tool-side-effects");
+
 // ── Types ────────────────────────────────────────────────────────────
 
 export interface SideEffectContext {
@@ -65,13 +69,36 @@ function registerHook(
 
 // Broadcast app_files_changed when a new app is created so clients
 // (e.g. macOS "Things" sidebar) refresh their app list immediately.
+// Also kicks off async icon generation via Gemini.
 registerHook(
   "app_create",
   (_name, _input, result, { ctx, broadcastToAllClients }) => {
     try {
-      const parsed = JSON.parse(result.content) as { id?: string };
+      const parsed = JSON.parse(result.content) as {
+        id?: string;
+        name?: string;
+        description?: string;
+      };
       if (parsed.id) {
         handleAppChange(ctx, parsed.id, broadcastToAllClients);
+
+        // Fire-and-forget: generate an app icon in the background.
+        // When complete, broadcast again so clients pick up the new icon.
+        if (parsed.name) {
+          void generateAppIcon(parsed.id, parsed.name, parsed.description)
+            .then(() => {
+              broadcastToAllClients?.({
+                type: "app_files_changed",
+                appId: parsed.id!,
+              });
+            })
+            .catch((err) => {
+              log.warn(
+                { err, appId: parsed.id },
+                "Background icon generation failed",
+              );
+            });
+        }
       }
     } catch {
       // Result wasn't valid JSON — skip the broadcast.
@@ -79,6 +106,17 @@ registerHook(
   },
 );
 
+// Broadcast app_files_changed when an icon is (re)generated so clients refresh.
+registerHook(
+  "app_generate_icon",
+  (_name, input, _result, { broadcastToAllClients }) => {
+    const appId = input.app_id as string | undefined;
+    if (appId) {
+      broadcastToAllClients?.({ type: "app_files_changed", appId });
+    }
+  },
+);
+
 // Auto-refresh workspace surfaces when a persisted app is updated.
 registerHook(
   "app_update",

package/src/email/service.ts

@@ -17,6 +17,7 @@ import {
   setOutboundPaused,
 } from "../cli/email-guardrails.js";
 import {
+  getNestedValue,
   loadRawConfig,
   saveRawConfig,
   setNestedValue,
@@ -74,6 +75,8 @@ export class EmailService {
   /** Force re-creation of the provider (e.g. after `provider set`). */
   resetProvider(): void {
     this.providerInstance = null;
+    this.primaryAddressResolved = false;
+    this.cachedPrimaryAddress = undefined;
   }
 
   // =========================================================================
@@ -109,6 +112,54 @@ export class EmailService {
     };
   }
 
+  // =========================================================================
+  // Primary inbox address (cached)
+  // =========================================================================
+
+  private primaryAddressResolved = false;
+  private cachedPrimaryAddress: string | undefined;
+
+  /**
+   * Return the assistant's primary inbox email address, caching the result
+   * for the lifetime of this service instance. Returns `undefined` when no
+   * inboxes are configured or the provider is unavailable.
+   */
+  async getPrimaryInboxAddress(): Promise<string | undefined> {
+    if (this.primaryAddressResolved) {
+      return this.cachedPrimaryAddress;
+    }
+    try {
+      const p = await this.provider();
+      const health = await p.health();
+      this.cachedPrimaryAddress =
+        health.inboxes.length > 0 ? health.inboxes[0].address : undefined;
+    } catch {
+      this.cachedPrimaryAddress = undefined;
+    }
+
+    // Only cache positive results from the provider so a missing inbox is
+    // retried on next call (e.g. user sets up email after initial miss).
+    if (this.cachedPrimaryAddress !== undefined) {
+      this.primaryAddressResolved = true;
+      return this.cachedPrimaryAddress;
+    }
+
+    // Fall back to the statically configured email address in workspace config
+    // when the provider can't list inboxes (e.g. provider temporarily unavailable).
+    // Intentionally NOT setting primaryAddressResolved so the provider is retried
+    // on the next call — the fallback is a best-effort stopgap, not authoritative.
+    try {
+      const raw = loadRawConfig();
+      const configured = getNestedValue(raw, "email.address");
+      if (typeof configured === "string" && configured.length > 0) {
+        return configured;
+      }
+    } catch {
+      // Config unavailable — leave as undefined
+    }
+    return undefined;
+  }
+
   // =========================================================================
   // Domain setup
   // =========================================================================
@@ -138,7 +189,10 @@ export class EmailService {
     displayName?: string,
   ): Promise<EmailInbox> {
     const p = await this.provider();
-    return p.createInbox({ username, domain, displayName });
+    const inbox = await p.createInbox({ username, domain, displayName });
+    this.primaryAddressResolved = false;
+    this.cachedPrimaryAddress = undefined;
+    return inbox;
   }
 
   async listInboxes(): Promise<EmailInbox[]> {
@@ -148,7 +202,10 @@ export class EmailService {
 
   async ensureInboxes(domain: string): Promise<EmailInbox[]> {
     const p = await this.provider();
-    return p.ensureInboxes({ domain });
+    const inboxes = await p.ensureInboxes({ domain });
+    this.primaryAddressResolved = false;
+    this.cachedPrimaryAddress = undefined;
+    return inboxes;
   }
 
   // =========================================================================

package/src/index.ts

@@ -1,63 +1,5 @@
 #!/usr/bin/env bun
 
-import { createRequire } from "node:module";
+import { buildCliProgram } from "./cli/program.js";
 
-import { Command } from "commander";
-
-const require = createRequire(import.meta.url);
-const { version } = require("../package.json") as { version: string };
-
-import { registerAmazonCommand } from "./cli/amazon.js";
-import {
-  registerConfigCommand,
-  registerKeysCommand,
-  registerMemoryCommand,
-  registerTrustCommand,
-} from "./cli/config-commands.js";
-import {
-  registerAuditCommand,
-  registerCompletionsCommand,
-  registerDefaultAction,
-  registerDevCommand,
-  registerDoctorCommand,
-  registerSessionsCommand,
-} from "./cli/core-commands.js";
-import { registerEmailCommand } from "./cli/email.js";
-import { registerInfluencerCommand } from "./cli/influencer.js";
-import {
-  registerContactsCommand,
-  registerIntegrationsCommand,
-} from "./cli/integrations.js";
-import { registerMapCommand } from "./cli/map.js";
-import { registerMcpCommand } from "./cli/mcp.js";
-import { registerSequenceCommand } from "./cli/sequence.js";
-import { registerTwitterCommand } from "./cli/twitter.js";
-import { registerHooksCommand } from "./hooks/cli.js";
-
-const program = new Command();
-
-program.name("vellum").description("Local AI assistant").version(version);
-
-registerDefaultAction(program);
-registerDevCommand(program);
-registerSessionsCommand(program);
-registerConfigCommand(program);
-registerKeysCommand(program);
-registerTrustCommand(program);
-registerMemoryCommand(program);
-registerAuditCommand(program);
-registerDoctorCommand(program);
-registerHooksCommand(program);
-registerMcpCommand(program);
-registerEmailCommand(program);
-registerIntegrationsCommand(program);
-registerContactsCommand(program);
-registerAmazonCommand(program);
-registerCompletionsCommand(program);
-
-registerTwitterCommand(program);
-registerMapCommand(program);
-registerInfluencerCommand(program);
-registerSequenceCommand(program);
-
-program.parse();
+buildCliProgram().parse();