@vellumai/assistant 0.4.48 → 0.4.49

package/src/context/token-estimator.ts

@@ -1,4 +1,5 @@
 import type { ContentBlock, Message } from "../providers/types.js";
+import { parseImageDimensions } from "./image-dimensions.js";
 
 const CHARS_PER_TOKEN = 4;
 const MESSAGE_OVERHEAD_TOKENS = 4;
@@ -12,6 +13,22 @@ const OTHER_BLOCK_TOKENS = 16;
 const SYSTEM_PROMPT_OVERHEAD_TOKENS = 8;
 const GEMINI_INLINE_FILE_MIME_TYPES = new Set(["application/pdf"]);
 
+// Anthropic scales images to fit within 1568x1568 maintaining aspect ratio,
+// then charges ~(width * height) / 750 tokens.
+const ANTHROPIC_IMAGE_MAX_DIMENSION = 1568;
+const ANTHROPIC_IMAGE_TOKENS_PER_PIXEL = 1 / 750;
+const ANTHROPIC_IMAGE_MAX_TOKENS = Math.ceil(
+  ANTHROPIC_IMAGE_MAX_DIMENSION *
+    ANTHROPIC_IMAGE_MAX_DIMENSION *
+    ANTHROPIC_IMAGE_TOKENS_PER_PIXEL,
+); // ~3,277 tokens
+
+// Anthropic renders each PDF page as an image (~1,568 tokens at standard
+// resolution) plus any extracted text. Typical PDF pages are 50-150 KB.
+// Using ~100 KB/page and ~1,600 tokens/page gives ~0.016 tokens/byte.
+const ANTHROPIC_PDF_TOKENS_PER_BYTE = 0.016;
+const ANTHROPIC_PDF_MIN_TOKENS = 1600; // At least one page
+
 export interface TokenEstimatorOptions {
   providerName?: string;
 }
@@ -21,21 +38,69 @@ export function estimateTextTokens(text: string): number {
   return Math.ceil(text.length / CHARS_PER_TOKEN);
 }
 
-function shouldCountFileSourceData(
+function estimateAnthropicPdfTokens(base64Data: string): number {
+  const rawBytes = Math.ceil((base64Data.length * 3) / 4);
+  return Math.max(
+    ANTHROPIC_PDF_MIN_TOKENS,
+    Math.ceil(rawBytes * ANTHROPIC_PDF_TOKENS_PER_BYTE),
+  );
+}
+
+function estimateFileDataTokens(
   block: Extract<ContentBlock, { type: "file" }>,
   options?: TokenEstimatorOptions,
-): boolean {
-  if (options?.providerName !== "gemini") {
-    return false;
+): number {
+  const providerName = options?.providerName;
+
+  // Anthropic sends PDFs as native document blocks and renders each page as an image
+  if (
+    providerName === "anthropic" &&
+    block.source.media_type === "application/pdf"
+  ) {
+    return estimateAnthropicPdfTokens(block.source.data);
+  }
+
+  // Gemini sends certain file types inline as base64
+  if (
+    providerName === "gemini" &&
+    GEMINI_INLINE_FILE_MIME_TYPES.has(block.source.media_type)
+  ) {
+    return estimateTextTokens(block.source.data);
   }
-  return GEMINI_INLINE_FILE_MIME_TYPES.has(block.source.media_type);
+
+  return 0;
+}
+
+function estimateAnthropicImageTokens(width: number, height: number): number {
+  // Scale down to fit within 1568x1568 bounding box, maintaining aspect ratio
+  const scale = Math.min(
+    1,
+    ANTHROPIC_IMAGE_MAX_DIMENSION / Math.max(width, height),
+  );
+  const scaledWidth = Math.round(width * scale);
+  const scaledHeight = Math.round(height * scale);
+  return Math.max(
+    IMAGE_BLOCK_TOKENS, // minimum 1024
+    Math.ceil(scaledWidth * scaledHeight * ANTHROPIC_IMAGE_TOKENS_PER_PIXEL),
+  );
 }
 
-function estimateImageSourceDataTokens(
+function estimateImageTokens(
   block: Extract<ContentBlock, { type: "image" }>,
+  options?: TokenEstimatorOptions,
 ): number {
-  // Image payloads are carried inline as base64 for all currently supported
-  // providers, so estimator must scale with payload size (not fixed per image).
+  if (options?.providerName === "anthropic") {
+    const dims = parseImageDimensions(
+      block.source.data,
+      block.source.media_type,
+    );
+    if (dims) {
+      return estimateAnthropicImageTokens(dims.width, dims.height);
+    }
+    // Fallback: if dimensions can't be parsed, use Anthropic's max
+    return ANTHROPIC_IMAGE_MAX_TOKENS;
+  }
+  // Non-Anthropic: keep existing base64-size heuristic
   return estimateTextTokens(block.source.data);
 }
 
@@ -69,16 +134,14 @@ export function estimateContentBlockTokens(
         IMAGE_BLOCK_TOKENS,
         IMAGE_BLOCK_OVERHEAD_TOKENS +
           estimateTextTokens(block.source.media_type) +
-          estimateImageSourceDataTokens(block),
+          estimateImageTokens(block, options),
       );
     case "file":
       return (
         FILE_BLOCK_OVERHEAD_TOKENS +
         estimateTextTokens(block.source.filename) +
         estimateTextTokens(block.source.media_type) +
-        (shouldCountFileSourceData(block, options)
-          ? estimateTextTokens(block.source.data)
-          : 0) +
+        estimateFileDataTokens(block, options) +
         estimateTextTokens(block.extracted_text ?? "")
       );
     case "thinking":

package/src/context/window-manager.ts

@@ -83,21 +83,44 @@ export interface ContextWindowCompactOptions {
 
 export interface ContextWindowManagerOptions {
   provider: Provider;
-  systemPrompt: string;
+  systemPrompt: string | (() => string);
   config: ContextWindowConfig;
 }
 
 export class ContextWindowManager {
   private readonly provider: Provider;
-  private readonly systemPrompt: string;
+  private readonly _systemPrompt: string | (() => string);
   private readonly config: ContextWindowConfig;
+  /**
+   * Cached resolved system prompt. Lazily populated on first access via the
+   * `systemPrompt` getter and cleared after each compaction pass so the next
+   * pass picks up any prompt changes.
+   */
+  private _resolvedSystemPrompt: string | undefined;
 
   constructor(options: ContextWindowManagerOptions) {
     this.provider = options.provider;
-    this.systemPrompt = options.systemPrompt;
+    this._systemPrompt = options.systemPrompt;
     this.config = options.config;
   }
 
+  /** Lazily resolve and cache the system prompt for the duration of a compaction pass. */
+  private get systemPrompt(): string {
+    if (this._resolvedSystemPrompt !== undefined) {
+      return this._resolvedSystemPrompt;
+    }
+    const resolved =
+      typeof this._systemPrompt === "function"
+        ? this._systemPrompt()
+        : this._systemPrompt;
+    this._resolvedSystemPrompt = resolved;
+    return resolved;
+  }
+
+  private clearSystemPromptCache(): void {
+    this._resolvedSystemPrompt = undefined;
+  }
+
   /**
    * Cheap pre-check: returns whether the estimated token count exceeds
    * the compaction threshold, along with the estimated token count so
@@ -106,19 +129,35 @@ export class ContextWindowManager {
    */
   shouldCompact(messages: Message[]): ShouldCompactResult {
     if (!this.config.enabled) return { needed: false, estimatedTokens: 0 };
-    const estimated = estimatePromptTokens(messages, this.systemPrompt, {
-      providerName: this.provider.name,
-    });
-    const threshold = Math.floor(
-      this.config.maxInputTokens * this.config.compactThreshold,
-    );
-    return { needed: estimated >= threshold, estimatedTokens: estimated };
+    try {
+      const estimated = estimatePromptTokens(messages, this.systemPrompt, {
+        providerName: this.provider.name,
+      });
+      const threshold = Math.floor(
+        this.config.maxInputTokens * this.config.compactThreshold,
+      );
+      return { needed: estimated >= threshold, estimatedTokens: estimated };
+    } finally {
+      this.clearSystemPromptCache();
+    }
   }
 
   async maybeCompact(
     messages: Message[],
     signal?: AbortSignal,
     options?: ContextWindowCompactOptions,
+  ): Promise<ContextWindowResult> {
+    try {
+      return await this._maybeCompact(messages, signal, options);
+    } finally {
+      this.clearSystemPromptCache();
+    }
+  }
+
+  private async _maybeCompact(
+    messages: Message[],
+    signal?: AbortSignal,
+    options?: ContextWindowCompactOptions,
   ): Promise<ContextWindowResult> {
     const previousEstimatedInputTokens =
       options?.precomputedEstimate ??

package/src/daemon/assistant-attachments.ts

@@ -17,9 +17,6 @@ import {
 // Constants
 // ---------------------------------------------------------------------------
 
-/** Maximum number of attachments the assistant may emit per turn. */
-export const MAX_ASSISTANT_ATTACHMENTS = 5;
-
 /** Maximum size in bytes for a single assistant attachment (20 MB). */
 export const MAX_ASSISTANT_ATTACHMENT_BYTES = 20 * 1024 * 1024;
 
@@ -122,10 +119,9 @@ export interface ValidatedDrafts {
 }
 
 /**
- * Enforce per-turn attachment caps.
+ * Enforce per-attachment size cap.
  *
  * - Rejects individual drafts that exceed `MAX_ASSISTANT_ATTACHMENT_BYTES`.
- * - Truncates the list at `MAX_ASSISTANT_ATTACHMENTS`.
  */
 export function validateDrafts(
   drafts: AssistantAttachmentDraft[],
@@ -144,14 +140,6 @@ export function validateDrafts(
       continue;
     }
 
-    if (accepted.length >= MAX_ASSISTANT_ATTACHMENTS) {
-      warnings.push(
-        `Skipped attachment "${draft.filename}": ` +
-          `exceeded maximum of ${MAX_ASSISTANT_ATTACHMENTS} attachments per turn.`,
-      );
-      continue;
-    }
-
     accepted.push(draft);
   }
 

package/src/daemon/handlers/config-ingress.ts

@@ -5,7 +5,6 @@ import {
 } from "../../calls/twilio-rest.js";
 import {
   getGatewayInternalBaseUrl,
-  getIngressPublicBaseUrl,
   setIngressPublicBaseUrl,
 } from "../../config/env.js";
 import { loadRawConfig, saveRawConfig } from "../../config/loader.js";
@@ -26,20 +25,6 @@ import {
   log,
 } from "./shared.js";
 
-// Lazily capture the env-provided INGRESS_PUBLIC_BASE_URL on first access
-// rather than at module load time. The daemon loads ~/.vellum/.env inside
-// runDaemon() (see lifecycle.ts), which runs AFTER static ES module imports
-// resolve. A module-level snapshot would miss dotenv-provided values.
-let _originalIngressEnvCaptured = false;
-let _originalIngressEnv: string | undefined;
-function getOriginalIngressEnv(): string | undefined {
-  if (!_originalIngressEnvCaptured) {
-    _originalIngressEnv = getIngressPublicBaseUrl();
-    _originalIngressEnvCaptured = true;
-  }
-  return _originalIngressEnv;
-}
-
 export function computeGatewayTarget(): string {
   return getGatewayInternalBaseUrl();
 }
@@ -108,13 +93,11 @@ export async function handleIngressConfig(
       });
     } else if (msg.action === "set") {
       const value = (msg.publicBaseUrl ?? "").trim().replace(/\/+$/, "");
-      // Ensure we capture the original env value before any mutation below
-      getOriginalIngressEnv();
       const raw = loadRawConfig();
 
       // Update ingress.publicBaseUrl — this is the single source of truth for
-      // the canonical public ingress URL. The gateway receives this value via
-      // the INGRESS_PUBLIC_BASE_URL env var at spawn time (see hatch.ts).
+      // the canonical public ingress URL. The gateway reads this value from
+      // the workspace config file via ConfigFileCache.
       // The gateway also validates Twilio signatures against forwarded public
       // URL headers, so local tunnel updates generally apply without restarts.
       const ingress = (raw?.ingress ?? {}) as Record<string, unknown>;
@@ -139,24 +122,17 @@ export async function handleIngressConfig(
         CONFIG_RELOAD_DEBOUNCE_MS,
       );
 
-      // Propagate to the gateway's process environment so it picks up the
-      // new URL when it is restarted. For the local-deployment path the
-      // gateway runs as a child process that inherited the assistant's env,
-      // so updating process.env here ensures the value is visible when the
-      // gateway is restarted (e.g. by the self-upgrade skill or a manual
-      // `pkill -f gateway`).
-      // Only export the URL when ingress is enabled; clearing it when
+      // Propagate to module-level state so the assistant's in-process URL
+      // resolution stays in sync. The gateway reads from the workspace config
+      // file directly via ConfigFileCache, so no env var propagation is needed.
+      // Only set the URL when ingress is enabled; clearing it when
       // disabled ensures the gateway stops accepting inbound webhooks.
       const isEnabled = (ingress.enabled as boolean | undefined) ?? false;
       if (value && isEnabled) {
         setIngressPublicBaseUrl(value);
-      } else if (isEnabled && getOriginalIngressEnv() !== undefined) {
-        // Ingress is enabled but the user cleared the URL — fall back to the
-        // env var that was present when the process started.
-        setIngressPublicBaseUrl(getOriginalIngressEnv()!);
       } else {
-        // Ingress is disabled or no URL is configured and no startup env var
-        // exists — remove the env var so the gateway stops accepting webhooks.
+        // Ingress is disabled or no URL is configured — clear the module-level
+        // URL so the gateway stops accepting webhooks.
         setIngressPublicBaseUrl(undefined);
       }
 
@@ -250,4 +226,3 @@ export async function handleIngressConfig(
     });
   }
 }
-

package/src/daemon/handlers/config-slack-channel.ts

@@ -5,6 +5,11 @@ import {
   saveRawConfig,
   setNestedValue,
 } from "../../config/loader.js";
+import {
+  ensureManualTokenConnection,
+  removeManualTokenConnection,
+} from "../../oauth/manual-token-connection.js";
+import { getConnectionByProvider } from "../../oauth/oauth-store.js";
 import { credentialKey } from "../../security/credential-key.js";
 import {
   deleteSecureKeyAsync,
@@ -41,12 +46,15 @@ export function getSlackChannelConfig(): SlackChannelConfigResult {
   const hasAppToken = !!getSecureKey(
     credentialKey("slack_channel", "app_token"),
   );
+  const conn = getConnectionByProvider("slack_channel");
+  const connected =
+    !!(conn && conn.status === "active") && hasBotToken && hasAppToken;
   const { teamId, teamName, botUserId, botUsername } = getConfig().slack;
   return {
     success: true,
     hasBotToken,
     hasAppToken,
-    connected: hasBotToken && hasAppToken,
+    connected,
     ...(teamId ? { teamId } : {}),
     ...(teamName ? { teamName } : {}),
     ...(botUserId ? { botUserId } : {}),
@@ -83,17 +91,13 @@ export async function setSlackChannelConfig(
         user?: string;
       };
       if (!data.ok) {
-        const storedBotToken = !!getSecureKey(
-          credentialKey("slack_channel", "bot_token"),
-        );
-        const storedAppToken = !!getSecureKey(
-          credentialKey("slack_channel", "app_token"),
-        );
+        const errConn = getConnectionByProvider("slack_channel");
+        const errConnected = !!(errConn && errConn.status === "active");
         return {
           success: false,
-          hasBotToken: storedBotToken,
-          hasAppToken: storedAppToken,
-          connected: storedBotToken && storedAppToken,
+          hasBotToken: errConnected,
+          hasAppToken: errConnected,
+          connected: errConnected,
           error: `Slack API validation failed: ${
             data.error ?? "unknown error"
           }`,
@@ -107,17 +111,13 @@ export async function setSlackChannelConfig(
       };
     } catch (err) {
       const message = err instanceof Error ? err.message : String(err);
-      const storedBotToken = !!getSecureKey(
-        credentialKey("slack_channel", "bot_token"),
-      );
-      const storedAppToken = !!getSecureKey(
-        credentialKey("slack_channel", "app_token"),
-      );
+      const errConn = getConnectionByProvider("slack_channel");
+      const errConnected = !!(errConn && errConn.status === "active");
       return {
         success: false,
-        hasBotToken: storedBotToken,
-        hasAppToken: storedAppToken,
-        connected: storedBotToken && storedAppToken,
+        hasBotToken: errConnected,
+        hasAppToken: errConnected,
+        connected: errConnected,
         error: `Failed to validate bot token: ${message}`,
       };
     }
@@ -127,17 +127,13 @@ export async function setSlackChannelConfig(
       botToken,
     );
     if (!stored) {
-      const storedBotToken = !!getSecureKey(
-        credentialKey("slack_channel", "bot_token"),
-      );
-      const storedAppToken = !!getSecureKey(
-        credentialKey("slack_channel", "app_token"),
-      );
+      const errConn = getConnectionByProvider("slack_channel");
+      const errConnected = !!(errConn && errConn.status === "active");
       return {
         success: false,
-        hasBotToken: storedBotToken,
-        hasAppToken: storedAppToken,
-        connected: storedBotToken && storedAppToken,
+        hasBotToken: errConnected,
+        hasAppToken: errConnected,
+        connected: errConnected,
         error: "Failed to store bot token in secure storage",
       };
     }
@@ -165,17 +161,13 @@ export async function setSlackChannelConfig(
   // Validate and store app token
   if (appToken) {
     if (!appToken.startsWith("xapp-")) {
-      const storedBotToken = !!getSecureKey(
-        credentialKey("slack_channel", "bot_token"),
-      );
-      const storedAppToken = !!getSecureKey(
-        credentialKey("slack_channel", "app_token"),
-      );
+      const errConn = getConnectionByProvider("slack_channel");
+      const errConnected = !!(errConn && errConn.status === "active");
       return {
         success: false,
-        hasBotToken: storedBotToken,
-        hasAppToken: storedAppToken,
-        connected: storedBotToken && storedAppToken,
+        hasBotToken: errConnected,
+        hasAppToken: errConnected,
+        connected: errConnected,
         error: 'Invalid app token: must start with "xapp-"',
       };
     }
@@ -185,17 +177,13 @@ export async function setSlackChannelConfig(
       appToken,
     );
     if (!stored) {
-      const storedBotToken = !!getSecureKey(
-        credentialKey("slack_channel", "bot_token"),
-      );
-      const storedAppToken = !!getSecureKey(
-        credentialKey("slack_channel", "app_token"),
-      );
+      const errConn = getConnectionByProvider("slack_channel");
+      const errConnected = !!(errConn && errConn.status === "active");
       return {
         success: false,
-        hasBotToken: storedBotToken,
-        hasAppToken: storedAppToken,
-        connected: storedBotToken && storedAppToken,
+        hasBotToken: errConnected,
+        hasAppToken: errConnected,
+        connected: errConnected,
         error: "Failed to store app token in secure storage",
       };
     }
@@ -218,6 +206,17 @@ export async function setSlackChannelConfig(
       "App token stored but bot token is missing — connection incomplete.";
   }
 
+  // Sync oauth_connection record so getConnectionByProvider("slack_channel")
+  // reflects the current credential state.
+  if (hasBotToken && hasAppToken) {
+    const accountInfo = metadata.teamName
+      ? `${metadata.teamName}${metadata.botUsername ? ` (@${metadata.botUsername})` : ""}`
+      : undefined;
+    await ensureManualTokenConnection("slack_channel", accountInfo);
+  } else {
+    removeManualTokenConnection("slack_channel");
+  }
+
   return {
     success: true,
     hasBotToken,
@@ -237,6 +236,7 @@ export async function clearSlackChannelConfig(): Promise<SlackChannelConfigResul
   );
 
   if (r1 === "error" || r2 === "error") {
+    // Check each key individually so partial deletions report accurate status.
     const hasBotToken = !!getSecureKey(
       credentialKey("slack_channel", "bot_token"),
     );
@@ -255,6 +255,9 @@ export async function clearSlackChannelConfig(): Promise<SlackChannelConfigResul
   deleteCredentialMetadata("slack_channel", "bot_token");
   deleteCredentialMetadata("slack_channel", "app_token");
 
+  // Remove the oauth_connection row so getConnectionByProvider returns undefined.
+  removeManualTokenConnection("slack_channel");
+
   const raw = loadRawConfig();
   setNestedValue(raw, "slack.teamId", "");
   setNestedValue(raw, "slack.teamName", "");

package/src/daemon/handlers/config-telegram.ts

@@ -8,6 +8,11 @@ import {
   registerCallbackRoute,
   shouldUsePlatformCallbacks,
 } from "../../inbound/platform-callback-registration.js";
+import {
+  ensureManualTokenConnection,
+  removeManualTokenConnection,
+} from "../../oauth/manual-token-connection.js";
+import { getConnectionByProvider } from "../../oauth/oauth-store.js";
 import { credentialKey } from "../../security/credential-key.js";
 import {
   deleteSecureKeyAsync,
@@ -65,12 +70,14 @@ export function getTelegramConfig(): TelegramConfigResult {
   const hasWebhookSecret = !!getSecureKey(
     credentialKey("telegram", "webhook_secret"),
   );
+  const conn = getConnectionByProvider("telegram");
+  const connected = !!(conn && conn.status === "active");
   const botUsername = getTelegramBotUsername();
   return {
     success: true,
     hasBotToken,
     botUsername,
-    connected: hasBotToken && hasWebhookSecret,
+    connected: connected && hasBotToken && hasWebhookSecret,
     hasWebhookSecret,
   };
 }
@@ -200,6 +207,13 @@ export async function setTelegramConfig(
     upsertCredentialMetadata("telegram", "webhook_secret", {});
   }
 
+  // Sync oauth_connection record so getConnectionByProvider("telegram")
+  // reflects the current credential state.
+  await ensureManualTokenConnection(
+    "telegram",
+    botUsername ? `@${botUsername}` : undefined,
+  );
+
   const result: TelegramConfigResult = {
     success: true,
     hasBotToken: true,
@@ -245,6 +259,7 @@ export async function clearTelegramConfig(): Promise<TelegramConfigResult> {
   );
 
   if (r1 === "error" || r2 === "error") {
+    // Check each key individually so partial deletions report accurate status.
     const hasBotToken = !!getSecureKey(credentialKey("telegram", "bot_token"));
     const hasWebhookSecret = !!getSecureKey(
       credentialKey("telegram", "webhook_secret"),
@@ -261,6 +276,9 @@ export async function clearTelegramConfig(): Promise<TelegramConfigResult> {
   deleteCredentialMetadata("telegram", "bot_token");
   deleteCredentialMetadata("telegram", "webhook_secret");
 
+  // Remove the oauth_connection row so getConnectionByProvider returns undefined.
+  removeManualTokenConnection("telegram");
+
   // Clear bot username from config so getTelegramBotUsername() doesn't
   // return a stale value after disconnect.
   const raw = loadRawConfig();
@@ -306,38 +324,36 @@ export async function setTelegramCommands(
     );
     if (!res.ok) {
       const body = await res.text();
+      const cmdConn = getConnectionByProvider("telegram");
+      const cmdConnected = !!(cmdConn && cmdConn.status === "active");
       return {
         success: false,
         hasBotToken: true,
-        connected: !!getSecureKey(credentialKey("telegram", "webhook_secret")),
-        hasWebhookSecret: !!getSecureKey(
-          credentialKey("telegram", "webhook_secret"),
-        ),
+        connected: cmdConnected,
+        hasWebhookSecret: cmdConnected,
         error: `Failed to set bot commands: ${body}`,
       };
     }
   } catch (err) {
     const message = summarizeTelegramError(err);
+    const cmdConn = getConnectionByProvider("telegram");
+    const cmdConnected = !!(cmdConn && cmdConn.status === "active");
     return {
       success: false,
       hasBotToken: true,
-      connected: !!getSecureKey(credentialKey("telegram", "webhook_secret")),
-      hasWebhookSecret: !!getSecureKey(
-        credentialKey("telegram", "webhook_secret"),
-      ),
+      connected: cmdConnected,
+      hasWebhookSecret: cmdConnected,
       error: `Failed to set bot commands: ${message}`,
     };
   }
 
-  const hasBotToken = !!getSecureKey(credentialKey("telegram", "bot_token"));
-  const hasWebhookSecret = !!getSecureKey(
-    credentialKey("telegram", "webhook_secret"),
-  );
+  const cmdConn = getConnectionByProvider("telegram");
+  const cmdConnected = !!(cmdConn && cmdConn.status === "active");
   return {
     success: true,
-    hasBotToken,
-    connected: hasBotToken && hasWebhookSecret,
-    hasWebhookSecret,
+    hasBotToken: true,
+    connected: cmdConnected,
+    hasWebhookSecret: cmdConnected,
     commandsRegistered: resolvedCommands.map((c) => c.command),
   };
 }