npm - @vellumai/assistant - Versions diffs - 0.4.37 → 0.4.41 - Mend

@vellumai/assistant 0.4.37 → 0.4.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/ARCHITECTURE.md +3 -3
package/README.md +13 -13
package/bun.lock +80 -24
package/docs/architecture/integrations.md +126 -128
package/docs/runbook-trusted-contacts.md +1 -1
package/docs/trusted-contact-access.md +12 -12
package/package.json +3 -1
package/src/__tests__/__snapshots__/ipc-snapshot.test.ts.snap +0 -14
package/src/__tests__/app-bundler.test.ts +209 -0
package/src/__tests__/app-compiler.test.ts +279 -0
package/src/__tests__/app-executors.test.ts +293 -483
package/src/__tests__/app-migration.test.ts +148 -0
package/src/__tests__/app-routes-csp.test.ts +202 -0
package/src/__tests__/avatar-e2e.test.ts +452 -0
package/src/__tests__/avatar-generator.test.ts +193 -0
package/src/__tests__/avatar-router.test.ts +186 -0
package/src/__tests__/browser-download-timeout.test.ts +28 -0
package/src/__tests__/bundled-skill-retrieval-guard.test.ts +9 -9
package/src/__tests__/call-domain.test.ts +3 -7
package/src/__tests__/credential-security-e2e.test.ts +19 -12
package/src/__tests__/credentials-cli.test.ts +30 -4
package/src/__tests__/guardian-verify-setup-skill-regression.test.ts +1 -1
package/src/__tests__/handlers-slack-config.test.ts +0 -72
package/src/__tests__/handlers-telegram-config.test.ts +19 -12
package/src/__tests__/handlers-twitter-config.test.ts +105 -48
package/src/__tests__/inbound-invite-redemption.test.ts +4 -4
package/src/__tests__/integration-status.test.ts +15 -5
package/src/__tests__/integrations-cli.test.ts +1 -1
package/src/__tests__/invite-redemption-service.test.ts +62 -7
package/src/__tests__/ipc-snapshot.test.ts +0 -8
package/src/__tests__/managed-avatar-client.test.ts +280 -0
package/src/__tests__/mcp-cli.test.ts +3 -3
package/src/__tests__/oauth-cli.test.ts +203 -0
package/src/__tests__/relay-server.test.ts +3 -3
package/src/__tests__/secret-onetime-send.test.ts +19 -12
package/src/__tests__/secure-keys.test.ts +78 -0
package/src/__tests__/session-messaging-secret-redirect.test.ts +3 -0
package/src/__tests__/slack-channel-config.test.ts +23 -16
package/src/__tests__/slack-share-routes.test.ts +263 -0
package/src/__tests__/sms-messaging-provider.test.ts +3 -1
package/src/__tests__/trusted-contact-lifecycle-notifications.test.ts +7 -7
package/src/__tests__/trusted-contact-multichannel.test.ts +3 -3
package/src/__tests__/trusted-contact-verification.test.ts +10 -10
package/src/__tests__/twilio-config.test.ts +15 -36
package/src/__tests__/twilio-provider.test.ts +4 -0
package/src/__tests__/twitter-auth-handler.test.ts +27 -14
package/src/__tests__/twitter-cli-error-shaping.test.ts +1 -1
package/src/__tests__/twitter-cli-routing.test.ts +38 -53
package/src/__tests__/twitter-oauth-client.test.ts +18 -47
package/src/__tests__/voice-invite-redemption.test.ts +27 -3
package/src/amazon/cart.ts +1 -1
package/src/amazon/client.ts +89 -7
package/src/approvals/guardian-request-resolvers.ts +2 -2
package/src/bundler/app-bundler.ts +77 -32
package/src/bundler/app-compiler.ts +195 -0
package/src/bundler/manifest.ts +1 -1
package/src/bundler/package-resolver.ts +185 -0
package/src/calls/call-domain.ts +4 -14
package/src/calls/relay-server.ts +2 -2
package/src/calls/twilio-config.ts +5 -24
package/src/calls/twilio-rest.ts +19 -5
package/src/cli/amazon.ts +74 -249
package/src/cli/audit.ts +2 -2
package/src/cli/autonomy.ts +9 -9
package/src/cli/channels.ts +5 -5
package/src/cli/completions.ts +27 -27
package/src/cli/config.ts +14 -14
package/src/cli/contacts.ts +27 -27
package/src/cli/credentials.ts +28 -28
package/src/cli/dev.ts +2 -2
package/src/cli/doctor.ts +2 -2
package/src/cli/email.ts +82 -82
package/src/cli/influencer.ts +13 -13
package/src/cli/integrations.ts +19 -144
package/src/cli/keys.ts +10 -10
package/src/cli/map.ts +4 -4
package/src/cli/mcp.ts +17 -17
package/src/cli/memory.ts +18 -18
package/src/cli/notifications.ts +13 -13
package/src/cli/oauth.ts +77 -0
package/src/cli/program.ts +2 -0
package/src/cli/sequence.ts +27 -27
package/src/cli/sessions.ts +12 -12
package/src/cli/trust.ts +8 -8
package/src/cli/twitter.ts +124 -70
package/src/config/bundled-skills/_shared/CLI_RETRIEVAL_PATTERN.md +1 -1
package/src/config/bundled-skills/agentmail/SKILL.md +34 -34
package/src/config/bundled-skills/amazon/SKILL.md +54 -54
package/src/config/bundled-skills/app-builder/SKILL.md +137 -3
package/src/config/bundled-skills/app-builder/tools/app-create.ts +10 -4
package/src/config/bundled-skills/configure-settings/SKILL.md +18 -18
package/src/config/bundled-skills/contacts/SKILL.md +12 -12
package/src/config/bundled-skills/doordash/lib/client.ts +7 -9
package/src/config/bundled-skills/email-setup/SKILL.md +4 -4
package/src/config/bundled-skills/frontend-design/icon.svg +16 -0
package/src/config/bundled-skills/google-oauth-setup/SKILL.md +143 -162
package/src/config/bundled-skills/guardian-verify-setup/SKILL.md +4 -4
package/src/config/bundled-skills/influencer/SKILL.md +13 -13
package/src/config/bundled-skills/mcp-setup/SKILL.md +11 -11
package/src/config/bundled-skills/phone-calls/SKILL.md +48 -54
package/src/config/bundled-skills/public-ingress/SKILL.md +6 -6
package/src/config/bundled-skills/slack-app-setup/SKILL.md +1 -1
package/src/config/bundled-skills/sms-setup/SKILL.md +3 -3
package/src/config/bundled-skills/telegram-setup/SKILL.md +2 -2
package/src/config/bundled-skills/twilio-setup/SKILL.md +136 -225
package/src/config/bundled-skills/twitter/SKILL.md +68 -44
package/src/config/bundled-skills/voice-setup/SKILL.md +2 -2
package/src/config/core-schema.ts +26 -0
package/src/config/env.ts +4 -0
package/src/config/feature-flag-registry.json +9 -1
package/src/config/schema.ts +8 -0
package/src/config/system-prompt.ts +6 -3
package/src/config/templates/BOOTSTRAP.md +7 -5
package/src/contacts/contacts-write.ts +5 -1
package/src/daemon/handlers/apps.ts +31 -4
package/src/daemon/handlers/config-ingress.ts +3 -3
package/src/daemon/handlers/config-integrations.ts +120 -49
package/src/daemon/handlers/config-slack-channel.ts +26 -7
package/src/daemon/handlers/config-slack.ts +1 -54
package/src/daemon/handlers/config-telegram.ts +28 -10
package/src/daemon/handlers/config.ts +1 -4
package/src/daemon/handlers/twitter-auth.ts +11 -4
package/src/daemon/ipc-contract/apps.ts +0 -13
package/src/daemon/ipc-contract-inventory.json +0 -2
package/src/daemon/lifecycle.ts +8 -1
package/src/daemon/session-messaging.ts +2 -2
package/src/daemon/tool-side-effects.ts +30 -0
package/src/email/providers/agentmail.ts +1 -1
package/src/email/providers/index.ts +1 -1
package/src/email/service.ts +1 -1
package/src/gallery/default-gallery.ts +538 -0
package/src/gallery/gallery-manifest.ts +5 -1
package/src/influencer/client.ts +8 -6
package/src/mcp/client.ts +1 -1
package/src/media/avatar-router.ts +99 -0
package/src/media/avatar-types.ts +60 -0
package/src/media/managed-avatar-client.ts +189 -0
package/src/memory/app-migration.ts +114 -0
package/src/memory/app-store.ts +11 -0
package/src/memory/qdrant-client.ts +1 -1
package/src/messaging/providers/slack/client.ts +12 -2
package/src/messaging/providers/sms/adapter.ts +6 -10
package/src/migrations/data-layout.ts +8 -1
package/src/oauth/token-persistence.ts +9 -6
package/src/runtime/assistant-scope.ts +5 -0
package/src/runtime/auth/route-policy.ts +4 -0
package/src/runtime/channel-readiness-service.ts +9 -4
package/src/runtime/gateway-internal-client.ts +11 -3
package/src/runtime/http-server.ts +2 -0
package/src/runtime/invite-redemption-service.ts +23 -13
package/src/runtime/middleware/twilio-validation.ts +2 -2
package/src/runtime/routes/app-routes.ts +131 -3
package/src/runtime/routes/inbound-stages/verification-intercept.ts +3 -3
package/src/runtime/routes/integration-routes.ts +2 -2
package/src/runtime/routes/slack-share-routes.ts +235 -0
package/src/runtime/routes/twilio-routes.ts +47 -34
package/src/schedule/integration-status.ts +2 -3
package/src/security/token-manager.ts +11 -3
package/src/tools/apps/executors.ts +116 -8
package/src/tools/browser/browser-manager.ts +30 -2
package/src/tools/browser/chrome-cdp.ts +31 -3
package/src/tools/credentials/vault.ts +9 -7
package/src/tools/executor.ts +4 -0
package/src/tools/system/avatar-generator.ts +55 -34
package/src/twitter/client.ts +1 -1
package/src/twitter/oauth-client.ts +31 -43
package/src/twitter/router.ts +25 -23
package/src/util/platform.ts +5 -0
package/src/slack/slack-webhook.ts +0 -66

package/src/__tests__/avatar-router.test.ts ADDED Viewed

@@ -0,0 +1,186 @@
+import { beforeEach, describe, expect, mock, test } from "bun:test";
+// ---------------------------------------------------------------------------
+// Mock state
+// ---------------------------------------------------------------------------
+let mockStrategy: string | undefined;
+let mockGeminiKey: string | undefined = "test-gemini-key";
+let mockManagedAvailable = true;
+let mockManagedResult: unknown;
+let mockManagedError: Error | undefined;
+let mockGeminiResult: unknown;
+const generateManagedAvatarFn = mock(async () => {
+  if (mockManagedError) throw mockManagedError;
+  return mockManagedResult;
+});
+const generateImageFn = mock(async () => mockGeminiResult);
+const isManagedAvailableFn = mock(() => mockManagedAvailable);
+// ---------------------------------------------------------------------------
+// Mock modules — before importing module under test
+// ---------------------------------------------------------------------------
+mock.module("../config/loader.js", () => ({
+  getConfig: () => ({
+    apiKeys: { gemini: mockGeminiKey },
+    avatar: { generationStrategy: mockStrategy ?? "local_only" },
+  }),
+}));
+mock.module("../util/logger.js", () => ({
+  getLogger: () => ({
+    debug: () => {},
+    info: () => {},
+    warn: () => {},
+    error: () => {},
+  }),
+}));
+mock.module("../media/managed-avatar-client.js", () => ({
+  isManagedAvailable: isManagedAvailableFn,
+  generateManagedAvatar: generateManagedAvatarFn,
+}));
+mock.module("../media/gemini-image-service.js", () => ({
+  generateImage: generateImageFn,
+}));
+// Import after mocking
+import {
+  getAvatarStrategy,
+  routedGenerateAvatar,
+} from "../media/avatar-router.js";
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function managedResponse() {
+  return {
+    image: {
+      mime_type: "image/png",
+      data_base64: "base64data",
+      bytes: 1024,
+      sha256: "abc",
+    },
+    usage: { billable: false, class_name: "assistant_avatar_system" },
+    generation_source: "vertex",
+    profile: "avatar_v1",
+    correlation_id: "test-correlation-id",
+  };
+}
+function geminiResponse() {
+  return {
+    images: [{ mimeType: "image/png", dataBase64: "base64data" }],
+    resolvedModel: "gemini-2.5-flash-image",
+  };
+}
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+describe("avatar-router", () => {
+  beforeEach(() => {
+    mockStrategy = undefined;
+    mockGeminiKey = "test-gemini-key";
+    mockManagedAvailable = true;
+    mockManagedResult = managedResponse();
+    mockManagedError = undefined;
+    mockGeminiResult = geminiResponse();
+    generateManagedAvatarFn.mockClear();
+    generateImageFn.mockClear();
+    isManagedAvailableFn.mockClear();
+  });
+  // 1. managed_required — managed success
+  test("managed_required returns pathUsed managed on success", async () => {
+    mockStrategy = "managed_required";
+    const result = await routedGenerateAvatar("a cute cat");
+    expect(result.pathUsed).toBe("managed");
+    expect(result.imageBase64).toBe("base64data");
+    expect(result.mimeType).toBe("image/png");
+    expect(generateManagedAvatarFn).toHaveBeenCalledTimes(1);
+    expect(generateImageFn).not.toHaveBeenCalled();
+  });
+  // 2. managed_required — managed failure throws, no fallback
+  test("managed_required throws on managed failure without fallback", async () => {
+    mockStrategy = "managed_required";
+    mockManagedError = new Error("upstream error");
+    await expect(routedGenerateAvatar("a cute cat")).rejects.toThrow(
+      "upstream error",
+    );
+    expect(generateImageFn).not.toHaveBeenCalled();
+  });
+  // 3. local_only — calls local Gemini, never managed
+  test("local_only calls local Gemini and never managed", async () => {
+    mockStrategy = "local_only";
+    const result = await routedGenerateAvatar("a cute cat");
+    expect(result.pathUsed).toBe("local");
+    expect(result.imageBase64).toBe("base64data");
+    expect(generateImageFn).toHaveBeenCalledTimes(1);
+    expect(generateManagedAvatarFn).not.toHaveBeenCalled();
+  });
+  // 4. local_only — missing Gemini API key throws
+  test("local_only throws when Gemini API key is missing", async () => {
+    mockStrategy = "local_only";
+    mockGeminiKey = undefined;
+    // Also clear the env var to ensure no fallback
+    const saved = process.env.GEMINI_API_KEY;
+    delete process.env.GEMINI_API_KEY;
+    try {
+      await expect(routedGenerateAvatar("a cute cat")).rejects.toThrow(
+        "Gemini API key is not configured",
+      );
+      expect(generateImageFn).not.toHaveBeenCalled();
+    } finally {
+      if (saved !== undefined) process.env.GEMINI_API_KEY = saved;
+    }
+  });
+  // 5. managed_prefer — managed success
+  test("managed_prefer returns pathUsed managed on success", async () => {
+    mockStrategy = "managed_prefer";
+    const result = await routedGenerateAvatar("a cute cat");
+    expect(result.pathUsed).toBe("managed");
+    expect(generateManagedAvatarFn).toHaveBeenCalledTimes(1);
+    expect(generateImageFn).not.toHaveBeenCalled();
+  });
+  // 6. managed_prefer — managed failure falls back to local
+  test("managed_prefer falls back to local on managed failure", async () => {
+    mockStrategy = "managed_prefer";
+    mockManagedError = new Error("managed failed");
+    const result = await routedGenerateAvatar("a cute cat");
+    expect(result.pathUsed).toBe("local");
+    expect(generateManagedAvatarFn).toHaveBeenCalledTimes(1);
+    expect(generateImageFn).toHaveBeenCalledTimes(1);
+  });
+  // 7. managed_prefer — managed unavailable goes directly to local
+  test("managed_prefer goes to local when managed unavailable", async () => {
+    mockStrategy = "managed_prefer";
+    mockManagedAvailable = false;
+    const result = await routedGenerateAvatar("a cute cat");
+    expect(result.pathUsed).toBe("local");
+    expect(generateManagedAvatarFn).not.toHaveBeenCalled();
+    expect(generateImageFn).toHaveBeenCalledTimes(1);
+  });
+  // 8. Default strategy is local_only when config key absent
+  test("defaults to local_only when config key is absent", () => {
+    mockStrategy = undefined;
+    expect(getAvatarStrategy()).toBe("local_only");
+  });
+  // 9. Removed: Invalid strategy values are now rejected at config parse time
+  // by the Zod schema, so they cannot reach getAvatarStrategy().
+});

package/src/__tests__/browser-download-timeout.test.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import { describe, expect, it } from "bun:test";
+import { withTimeout } from "../tools/browser/browser-manager.js";
+describe("withTimeout", () => {
+  it("resolves normally for a fast promise", async () => {
+    const result = await withTimeout(Promise.resolve("ok"), 1_000, "fast");
+    expect(result).toBe("ok");
+  });
+  it("rejects with timeout error for a hanging promise", async () => {
+    const hanging = new Promise<string>(() => {
+      // never resolves
+    });
+    await expect(withTimeout(hanging, 50, "slow op")).rejects.toThrow(
+      "slow op timed out after 50ms",
+    );
+  });
+  it("propagates the original rejection if it happens before the timeout", async () => {
+    const failing = Promise.reject(new Error("original error"));
+    await expect(withTimeout(failing, 1_000, "failing")).rejects.toThrow(
+      "original error",
+    );
+  });
+});

package/src/__tests__/bundled-skill-retrieval-guard.test.ts CHANGED Viewed

@@ -90,16 +90,16 @@ const GATEWAY_RETRIEVAL_BANLIST: Array<{
   {
     skillPath: "voice-setup/SKILL.md",
     bannedSnippets: [
-      "vellum config get elevenlabs.voiceId",
-      "vellum config get calls.enabled",
+      "assistant config get elevenlabs.voiceId",
+      "assistant config get calls.enabled",
     ],
   },
   {
     skillPath: "email-setup/SKILL.md",
     bannedSnippets: [
       "host_bash",
-      "vellum email create",
-      "vellum config set email.address",
+      "assistant email create",
+      "assistant config set email.address",
     ],
   },
 ];
@@ -118,11 +118,11 @@ const HOST_BASH_RETRIEVAL_ALLOWLIST = new Set<string>([
 ]);
 const RETRIEVAL_MARKERS = [
-  "vellum integrations ",
-  "vellum config get",
-  "vellum email status",
-  "vellum email inbox list",
-  "vellum email provider get",
+  "assistant integrations ",
+  "assistant config get",
+  "assistant email status",
+  "assistant email inbox list",
+  "assistant email provider get",
 ];
 describe("bundled skill retrieval guard", () => {

package/src/__tests__/call-domain.test.ts CHANGED Viewed

@@ -207,16 +207,12 @@ describe("resolveCallerIdentity — strict implicit-default policy", () => {
     }
   });
-  test("assistant_number resolves from assistant-scoped Twilio number when assistantId is provided", async () => {
-    const result = await resolveCallerIdentity(
-      makeConfig(),
-      undefined,
-      "ast-alpha",
-    );
+  test("assistant_number resolves from twilio config phone number", async () => {
+    const result = await resolveCallerIdentity(makeConfig());
     expect(result.ok).toBe(true);
     if (result.ok) {
       expect(result.mode).toBe("assistant_number");
-      expect(result.fromNumber).toBe("+15550003333");
+      expect(result.fromNumber).toBe("+15550001111");
       expect(result.source).toBe("implicit_default");
     }
   });

package/src/__tests__/credential-security-e2e.test.ts CHANGED Viewed

@@ -30,23 +30,30 @@ mock.module("../util/logger.js", () => ({
 // Track keychain writes
 const storedKeys = new Map<string, string>();
-mock.module("../security/secure-keys.js", () => ({
-  getSecureKey: (key: string) => storedKeys.get(key) ?? null,
-  setSecureKey: (key: string, value: string) => {
+mock.module("../security/secure-keys.js", () => {
+  const syncSet = (key: string, value: string) => {
     storedKeys.set(key, value);
     return true;
-  },
-  deleteSecureKey: (key: string) => {
+  };
+  const syncDelete = (key: string) => {
     if (storedKeys.has(key)) {
       storedKeys.delete(key);
-      return "deleted";
+      return "deleted" as const;
     }
-    return "not-found";
-  },
-  listSecureKeys: () => [...storedKeys.keys()],
-  getBackendType: () => "encrypted",
-  isDowngradedFromKeychain: () => false,
-}));
+    return "not-found" as const;
+  };
+  return {
+    getSecureKey: (key: string) => storedKeys.get(key) ?? null,
+    setSecureKey: syncSet,
+    setSecureKeyAsync: async (key: string, value: string) =>
+      syncSet(key, value),
+    deleteSecureKey: syncDelete,
+    deleteSecureKeyAsync: async (key: string) => syncDelete(key),
+    listSecureKeys: () => [...storedKeys.keys()],
+    getBackendType: () => "encrypted",
+    isDowngradedFromKeychain: () => false,
+  };
+});
 // In-memory metadata store that mirrors storedKeys for list/get operations
 const metadataStore = new Map<

package/src/__tests__/credentials-cli.test.ts CHANGED Viewed

@@ -39,17 +39,43 @@ mock.module("../security/secure-keys.js", () => ({
     secureKeyStore.set(account, value);
     return true;
   },
-  deleteSecureKey: (account: string) => {
+  setSecureKeyAsync: async (
+    account: string,
+    value: string,
+  ): Promise<boolean> => {
+    _setSecureKeyCalls += 1;
+    secureKeyStore.set(account, value);
+    return true;
+  },
+  deleteSecureKey: (account: string): "deleted" | "not-found" | "error" => {
+    _deleteSecureKeyCalls += 1;
+    if (secureKeyStore.has(account)) {
+      secureKeyStore.delete(account);
+      return "deleted";
+    }
+    return "not-found";
+  },
+  deleteSecureKeyAsync: async (
+    account: string,
+  ): Promise<"deleted" | "not-found" | "error"> => {
     _deleteSecureKeyCalls += 1;
     if (secureKeyStore.has(account)) {
       secureKeyStore.delete(account);
-      return "deleted" as const;
+      return "deleted";
     }
-    return "not-found" as const;
+    return "not-found";
   },
   listSecureKeys: (): string[] => {
     return [...secureKeyStore.keys()];
   },
+  getSecureKeyAsync: async (account: string): Promise<string | undefined> => {
+    _getSecureKeyCalls += 1;
+    return secureKeyStore.get(account);
+  },
+  getBackendType: (): "broker" | "encrypted" | null => null,
+  isDowngradedFromKeychain: (): boolean => false,
+  _resetBackend: (): void => {},
+  _setBackend: (): void => {},
 }));
 // ---------------------------------------------------------------------------
@@ -243,7 +269,7 @@ function seedMetadataOnly(
 // Tests
 // ---------------------------------------------------------------------------
-describe("vellum credentials CLI", () => {
+describe("assistant credentials CLI", () => {
   beforeEach(() => {
     secureKeyStore = new Map();
     metadataStore = [];

package/src/__tests__/guardian-verify-setup-skill-regression.test.ts CHANGED Viewed

@@ -55,7 +55,7 @@ describe("guardian-verify-setup skill — voice auto-followup", () => {
         .split("## Voice Auto-Check Polling")[1]
         ?.split("## Step 6")[0] ?? "";
     expect(pollingSection).toContain(
-      "vellum integrations guardian status --channel voice --json",
+      "assistant integrations guardian status --channel voice --json",
     );
   });

package/src/__tests__/handlers-slack-config.test.ts CHANGED Viewed

@@ -55,33 +55,9 @@ mock.module("../util/logger.js", () => ({
   }),
 }));
-// Mock app-store so getApp returns a fake app for share tests
-mock.module("../memory/app-store.js", () => ({
-  queryAppRecords: () => [],
-  createAppRecord: () => {},
-  updateAppRecord: () => {},
-  deleteAppRecord: () => {},
-  listApps: () => [],
-  getApp: (id: string) =>
-    id === "test-app"
-      ? { id: "test-app", name: "Test App", description: "A test app" }
-      : undefined,
-  createApp: () => {},
-  updateApp: () => {},
-}));
-// Mock Slack webhook poster
-const postedWebhooks: { url: string; name: string }[] = [];
-mock.module("../slack/slack-webhook.js", () => ({
-  postToSlackWebhook: async (url: string, name: string) => {
-    postedWebhooks.push({ url, name });
-  },
-}));
 import { handleMessage, type HandlerContext } from "../daemon/handlers.js";
 import type {
   ServerMessage,
-  ShareToSlackRequest,
   SlackWebhookConfigRequest,
 } from "../daemon/ipc-contract.js";
 import { DebouncerMap } from "../util/debounce.js";
@@ -161,52 +137,4 @@ describe("Slack handlers use workspace config (not hardcoded path)", () => {
       "https://hooks.slack.com/new",
     );
   });
-  test("share_to_slack reads webhook URL from loadRawConfig", async () => {
-    rawConfigStore = { slackWebhookUrl: "https://hooks.slack.com/share" };
-    postedWebhooks.length = 0;
-    const msg: ShareToSlackRequest = {
-      type: "share_to_slack",
-      appId: "test-app",
-    };
-    const { ctx, sent } = createTestContext();
-    await handleMessage(msg, {} as net.Socket, ctx);
-    // Wait a tick for async handler to complete
-    await new Promise((r) => setTimeout(r, 50));
-    const res = sent.find(
-      (m) => (m as { type: string }).type === "share_to_slack_response",
-    ) as { type: string; success: boolean } | undefined;
-    expect(res).toBeDefined();
-    expect(res!.success).toBe(true);
-    // Verify the webhook was posted with the URL from loadRawConfig
-    expect(postedWebhooks).toHaveLength(1);
-    expect(postedWebhooks[0]!.url).toBe("https://hooks.slack.com/share");
-    expect(postedWebhooks[0]!.name).toBe("Test App");
-  });
-  test("share_to_slack fails gracefully when no webhook URL configured", async () => {
-    rawConfigStore = {};
-    const msg: ShareToSlackRequest = {
-      type: "share_to_slack",
-      appId: "test-app",
-    };
-    const { ctx, sent } = createTestContext();
-    await handleMessage(msg, {} as net.Socket, ctx);
-    await new Promise((r) => setTimeout(r, 50));
-    const res = sent.find(
-      (m) => (m as { type: string }).type === "share_to_slack_response",
-    ) as { type: string; success: boolean; error?: string } | undefined;
-    expect(res).toBeDefined();
-    expect(res!.success).toBe(false);
-    expect(res!.error).toContain("No Slack webhook URL configured");
-  });
 });

package/src/__tests__/handlers-telegram-config.test.ts CHANGED Viewed

@@ -66,20 +66,27 @@ let secureKeyStore: Record<string, string> = {};
 let setSecureKeyOverride: ((account: string, value: string) => boolean) | null =
   null;
+function syncSet(account: string, value: string): boolean {
+  if (setSecureKeyOverride) return setSecureKeyOverride(account, value);
+  secureKeyStore[account] = value;
+  return true;
+}
+function syncDelete(account: string): "deleted" | "not-found" {
+  if (account in secureKeyStore) {
+    delete secureKeyStore[account];
+    return "deleted";
+  }
+  return "not-found";
+}
 mock.module("../security/secure-keys.js", () => ({
   getSecureKey: (account: string) => secureKeyStore[account] ?? undefined,
-  setSecureKey: (account: string, value: string) => {
-    if (setSecureKeyOverride) return setSecureKeyOverride(account, value);
-    secureKeyStore[account] = value;
-    return true;
-  },
-  deleteSecureKey: (account: string) => {
-    if (account in secureKeyStore) {
-      delete secureKeyStore[account];
-      return "deleted";
-    }
-    return "not-found";
-  },
+  setSecureKey: syncSet,
+  deleteSecureKey: syncDelete,
+  setSecureKeyAsync: async (account: string, value: string) =>
+    syncSet(account, value),
+  deleteSecureKeyAsync: async (account: string) => syncDelete(account),
   listSecureKeys: () => Object.keys(secureKeyStore),
   getBackendType: () => "encrypted",
   isDowngradedFromKeychain: () => false,