@vellumai/assistant 0.4.49 → 0.4.50

package/src/memory/search/types.ts

@@ -1,11 +1,7 @@
 export type CandidateType = "segment" | "item" | "summary" | "media";
-export type CandidateSource =
-  | "lexical"
-  | "semantic"
-  | "recency"
-  | "entity_direct"
-  | "entity_relation"
-  | "item_direct";
+export type CandidateSource = "semantic" | "recency";
+
+export type StalenessLevel = "fresh" | "aging" | "stale" | "very_stale";
 
 export interface Candidate {
   key: string;
@@ -18,10 +14,11 @@ export interface Candidate {
   confidence: number;
   importance: number;
   createdAt: number;
-  lexical: number;
   semantic: number;
   recency: number;
   finalScore: number;
+  tier?: 1 | 2 | null;
+  staleness?: StalenessLevel;
 }
 
 export interface MemoryRecallCandiateDebug {
@@ -29,7 +26,6 @@ export interface MemoryRecallCandiateDebug {
   type: CandidateType;
   kind: string;
   finalScore: number;
-  lexical: number;
   semantic: number;
   recency: number;
 }
@@ -39,7 +35,7 @@ export type DegradationReason =
   | "qdrant_unavailable"
   | "embedding_generation_failed";
 
-export type FallbackSource = "lexical" | "recency" | "direct_item" | "entity";
+export type FallbackSource = "recency";
 
 export interface DegradationStatus {
   semanticUnavailable: boolean;
@@ -54,22 +50,22 @@ export interface MemoryRecallResult {
   reason?: string;
   provider?: string;
   model?: string;
-  lexicalHits: number;
   semanticHits: number;
   recencyHits: number;
-  entityHits: number;
-  relationSeedEntityCount: number;
-  relationTraversedEdgeCount: number;
-  relationNeighborEntityCount: number;
-  relationExpandedItemCount: number;
-  earlyTerminated: boolean;
   mergedCount: number;
   selectedCount: number;
-  rerankApplied: boolean;
   injectedTokens: number;
   injectedText: string;
   latencyMs: number;
   topCandidates: MemoryRecallCandiateDebug[];
+  /** Count of tier 1 candidates after demotion. */
+  tier1Count?: number;
+  /** Count of tier 2 candidates after demotion. */
+  tier2Count?: number;
+  /** Milliseconds spent in the hybrid search step. */
+  hybridSearchMs?: number;
+  /** Whether sparse vectors were used in the hybrid search. */
+  sparseVectorUsed?: boolean;
 }
 
 /**
@@ -99,67 +95,9 @@ export interface MemoryRecallOptions {
   maxInjectTokensOverride?: number;
 }
 
-export interface CollectedCandidates {
-  lexical: Candidate[];
-  recency: Candidate[];
-  semantic: Candidate[];
-  entity: Candidate[];
-  relationSeedEntityCount: number;
-  relationTraversedEdgeCount: number;
-  relationNeighborEntityCount: number;
-  relationExpandedItemCount: number;
-  earlyTerminated: boolean;
-  /** True when semantic search was attempted but threw an error. */
-  semanticSearchFailed: boolean;
-  /** True when semantic search was known to be unavailable before retrieval (no vector or breaker open). */
-  semanticUnavailable: boolean;
-  /** The error that caused semantic search to fail, if any. */
-  semanticSearchError?: unknown;
-  merged: Candidate[];
-}
-
-export interface EntitySearchResult {
-  candidates: Candidate[];
-  relationSeedEntityCount: number;
-  relationTraversedEdgeCount: number;
-  relationNeighborEntityCount: number;
-  relationExpandedItemCount: number;
-  candidateDepths?: Map<string, number>; // candidate key → BFS hop depth (1-based)
-}
-
-export interface MatchedEntityRow {
-  id: string;
-  name: string;
-  type: string;
-  aliases: string | null;
-  mention_count: number;
-}
-
 export interface ItemMetadata {
   accessCount: number;
   lastUsedAt: number | null;
   verificationState: string;
-}
-
-import type { EntityRelationType, EntityType } from "../entity-extractor.js";
-
-export interface TraversalOptions {
-  maxEdges: number;
-  maxNeighborEntities: number;
-  maxDepth?: number; // default 3
-  relationTypes?: EntityRelationType[];
-  entityTypes?: EntityType[];
-  /** When true, only follow source→target edges (frontier must be on source side). */
-  directed?: boolean;
-}
-
-export interface TraversalResult {
-  neighborEntityIds: string[];
-  traversedEdgeCount: number;
-  neighborDepths: Map<string, number>; // entityId → depth (1-based)
-}
-
-export interface TraversalStep {
-  relationTypes?: EntityRelationType[];
-  entityTypes?: EntityType[];
+  sourceConversationCount?: number;
 }

package/src/memory/task-memory-cleanup.ts

@@ -1,6 +1,5 @@
 import { getLogger } from "../util/logger.js";
 import { rawGet, rawRun } from "./raw-query.js";
-import { bumpMemoryVersion } from "./recall-cache.js";
 
 const log = getLogger("task-memory-cleanup");
 
@@ -85,7 +84,6 @@ export function invalidateAssistantInferredItemsForConversation(
   );
 
   if (affected > 0) {
-    bumpMemoryVersion();
     log.info(
       { conversationId, affected },
       "Invalidated assistant-inferred memory items after task failure",
@@ -96,9 +94,9 @@ export function invalidateAssistantInferredItemsForConversation(
 }
 
 /**
- * Cancel pending `extract_items` and `extract_entities` jobs whose messageId
- * belongs to the given conversation. This drains the queue so the worker never
- * processes them, complementing the runtime check in the extraction handler.
+ * Cancel pending `extract_items` jobs whose messageId belongs to the given
+ * conversation. This drains the queue so the worker never processes them,
+ * complementing the runtime check in the extraction handler.
  */
 function cancelPendingExtractionJobsForConversation(
   conversationId: string,
@@ -109,7 +107,7 @@ function cancelPendingExtractionJobsForConversation(
         SET status = 'failed',
             last_error = 'conversation_failed',
             updated_at = ?
-      WHERE type IN ('extract_items', 'extract_entities')
+      WHERE type IN ('extract_items')
         AND status IN ('pending', 'running')
         AND json_extract(payload, '$.messageId') IN (
           SELECT id FROM messages WHERE conversation_id = ?

package/src/messaging/providers/gmail/mime-builder.ts

@@ -21,6 +21,10 @@ export interface MimeMessageOptions {
   attachments: MimeAttachment[];
 }
 
+function sanitizeHeaderValue(value: string): string {
+  return value.replace(/[\r\n]+/g, " ").trim();
+}
+
 function toBase64Url(input: Buffer): string {
   return input
     .toString("base64")
@@ -37,17 +41,23 @@ export function buildMultipartMime(options: MimeMessageOptions): string {
   const { to, subject, body, inReplyTo, cc, bcc, attachments } = options;
   const boundary = `----=_Part_${randomBytes(16).toString("hex")}`;
 
+  const sanitizedTo = sanitizeHeaderValue(to);
+  const sanitizedSubject = sanitizeHeaderValue(subject);
+  const sanitizedCc = cc ? sanitizeHeaderValue(cc) : undefined;
+  const sanitizedBcc = bcc ? sanitizeHeaderValue(bcc) : undefined;
+  const sanitizedInReplyTo = inReplyTo ? sanitizeHeaderValue(inReplyTo) : undefined;
+
   const headers = [
-    `To: ${to}`,
-    `Subject: ${subject}`,
+    `To: ${sanitizedTo}`,
+    `Subject: ${sanitizedSubject}`,
     "MIME-Version: 1.0",
     `Content-Type: multipart/mixed; boundary="${boundary}"`,
   ];
-  if (cc) headers.push(`Cc: ${cc}`);
-  if (bcc) headers.push(`Bcc: ${bcc}`);
-  if (inReplyTo) {
-    headers.push(`In-Reply-To: ${inReplyTo}`);
-    headers.push(`References: ${inReplyTo}`);
+  if (sanitizedCc) headers.push(`Cc: ${sanitizedCc}`);
+  if (sanitizedBcc) headers.push(`Bcc: ${sanitizedBcc}`);
+  if (sanitizedInReplyTo) {
+    headers.push(`In-Reply-To: ${sanitizedInReplyTo}`);
+    headers.push(`References: ${sanitizedInReplyTo}`);
   }
 
   const parts: string[] = [];

package/src/oauth/byo-connection.test.ts

@@ -81,7 +81,12 @@ const mockConnections = new Map<
 >();
 const mockApps = new Map<
   string,
-  { id: string; providerKey: string; clientId: string }
+  {
+    id: string;
+    providerKey: string;
+    clientId: string;
+    clientSecretCredentialPath: string;
+  }
 >();
 const mockProviders = new Map<
   string,
@@ -192,6 +197,7 @@ function setupCredential(
     id: appId,
     providerKey: service,
     clientId: "test-client-id",
+    clientSecretCredentialPath: `oauth_app/${appId}/client_secret`,
   });
   mockConnections.set(service, {
     id: connId,
@@ -514,6 +520,7 @@ describe("resolveOAuthConnection", () => {
       id: appId,
       providerKey: "github",
       clientId: "test-client-id",
+      clientSecretCredentialPath: `oauth_app/${appId}/client_secret`,
     });
 
     // Connection uses the custom credential service as its providerKey

package/src/oauth/oauth-store.ts

@@ -17,6 +17,7 @@ import {
 import {
   deleteSecureKeyAsync,
   getSecureKey,
+  getSecureKeyAsync,
   setSecureKeyAsync,
 } from "../security/secure-keys.js";
 import { getLogger } from "../util/logger.js";
@@ -47,6 +48,7 @@ export function seedProviders(
     tokenUrl: string;
     tokenEndpointAuthMethod?: string;
     userinfoUrl?: string;
+    pingUrl?: string;
     baseUrl?: string;
     defaultScopes: string[];
     scopePolicy: Record<string, unknown>;
@@ -62,6 +64,7 @@ export function seedProviders(
     const tokenUrl = p.tokenUrl;
     const tokenEndpointAuthMethod = p.tokenEndpointAuthMethod ?? null;
     const userinfoUrl = p.userinfoUrl ?? null;
+    const pingUrl = p.pingUrl ?? null;
     const baseUrl = p.baseUrl ?? null;
     const defaultScopes = JSON.stringify(p.defaultScopes);
     const scopePolicy = JSON.stringify(p.scopePolicy);
@@ -82,6 +85,7 @@ export function seedProviders(
         extraParams,
         callbackTransport,
         loopbackPort,
+        pingUrl,
         createdAt: now,
         updatedAt: now,
       })
@@ -98,6 +102,7 @@ export function seedProviders(
           extraParams,
           callbackTransport,
           loopbackPort,
+          pingUrl,
           updatedAt: now,
         },
       })
@@ -131,6 +136,7 @@ export function registerProvider(params: {
   tokenUrl: string;
   tokenEndpointAuthMethod?: string;
   userinfoUrl?: string;
+  pingUrl?: string;
   baseUrl?: string;
   defaultScopes: string[];
   scopePolicy: Record<string, unknown>;
@@ -158,6 +164,7 @@ export function registerProvider(params: {
     extraParams: params.extraParams ? JSON.stringify(params.extraParams) : null,
     callbackTransport: params.callbackTransport ?? null,
     loopbackPort: params.loopbackPort ?? null,
+    pingUrl: params.pingUrl ?? null,
     createdAt: now,
     updatedAt: now,
   };
@@ -178,11 +185,35 @@ export function registerProvider(params: {
 export async function upsertApp(
   providerKey: string,
   clientId: string,
-  clientSecret?: string,
+  clientSecretOpts?: {
+    clientSecretValue?: string;
+    clientSecretCredentialPath?: string;
+  },
 ): Promise<OAuthAppRow> {
+  const { clientSecretValue, clientSecretCredentialPath } =
+    clientSecretOpts ?? {};
+
+  if (clientSecretValue && clientSecretCredentialPath) {
+    throw new Error(
+      "Cannot provide both clientSecretValue and clientSecretCredentialPath",
+    );
+  }
+
+  const defaultCredPath = (appId: string) => `oauth_app/${appId}/client_secret`;
+
+  // Verify the credential path points to an existing secret.
+  if (clientSecretCredentialPath) {
+    const existing = await getSecureKeyAsync(clientSecretCredentialPath);
+    if (existing === undefined) {
+      throw new Error(
+        `No secret found at credential path: ${clientSecretCredentialPath}`,
+      );
+    }
+  }
+
   const db = getDb();
 
-  const existing = db
+  const existingRow = db
     .select()
     .from(oauthApps)
     .where(
@@ -193,41 +224,55 @@ export async function upsertApp(
     )
     .get();
 
-  if (existing) {
-    if (clientSecret) {
+  if (existingRow) {
+    if (clientSecretValue) {
       const stored = await setSecureKeyAsync(
-        `oauth_app/${existing.id}/client_secret`,
-        clientSecret,
+        existingRow.clientSecretCredentialPath,
+        clientSecretValue,
       );
       if (!stored) {
         throw new Error("Failed to store client_secret in secure storage");
       }
     }
-    return existing;
+    if (clientSecretCredentialPath) {
+      db.update(oauthApps)
+        .set({
+          clientSecretCredentialPath,
+          updatedAt: Date.now(),
+        })
+        .where(eq(oauthApps.id, existingRow.id))
+        .run();
+      return db
+        .select()
+        .from(oauthApps)
+        .where(eq(oauthApps.id, existingRow.id))
+        .get()!;
+    }
+    return existingRow;
   }
 
   const now = Date.now();
   const id = uuid();
+  const credPath = clientSecretCredentialPath ?? defaultCredPath(id);
+
+  if (clientSecretValue) {
+    const stored = await setSecureKeyAsync(credPath, clientSecretValue);
+    if (!stored) {
+      throw new Error("Failed to store client_secret in secure storage");
+    }
+  }
+
   const row = {
     id,
     providerKey,
     clientId,
+    clientSecretCredentialPath: credPath,
     createdAt: now,
     updatedAt: now,
   };
 
   db.insert(oauthApps).values(row).run();
 
-  if (clientSecret) {
-    const stored = await setSecureKeyAsync(
-      `oauth_app/${id}/client_secret`,
-      clientSecret,
-    );
-    if (!stored) {
-      throw new Error("Failed to store client_secret in secure storage");
-    }
-  }
-
   return row;
 }
 
@@ -280,15 +325,16 @@ export function listApps(): OAuthAppRow[] {
 
 /** Delete an app by ID. Cleans up the client_secret from secure storage. Returns true if a row was deleted. */
 export async function deleteApp(id: string): Promise<boolean> {
+  const db = getDb();
+
+  const app = db.select().from(oauthApps).where(eq(oauthApps.id, id)).get();
+  if (!app) return false;
+
   // Delete the DB row first so that if it fails (e.g. FK constraint from
   // existing connections), the secret in secure storage remains intact.
-  const db = getDb();
   db.delete(oauthApps).where(eq(oauthApps.id, id)).run();
-  const deleted = rawChanges() > 0;
 
-  if (!deleted) return false;
-
-  const result = await deleteSecureKeyAsync(`oauth_app/${id}/client_secret`);
+  const result = await deleteSecureKeyAsync(app.clientSecretCredentialPath);
   if (result === "error") {
     throw new Error(
       `Deleted app ${id} but failed to remove client_secret from secure storage`,
@@ -354,12 +400,33 @@ export function getConnection(id: string): OAuthConnectionRow | undefined {
 
 /**
  * Get the most recent active connection for a provider.
+ * When `clientId` is provided, only connections linked to the matching app are considered.
  * Returns undefined if no active connection exists.
  */
 export function getConnectionByProvider(
   providerKey: string,
+  clientId?: string,
 ): OAuthConnectionRow | undefined {
   const db = getDb();
+
+  if (clientId) {
+    const app = getAppByProviderAndClientId(providerKey, clientId);
+    if (!app) return undefined;
+    return db
+      .select()
+      .from(oauthConnections)
+      .where(
+        and(
+          eq(oauthConnections.providerKey, providerKey),
+          eq(oauthConnections.oauthAppId, app.id),
+          eq(oauthConnections.status, "active"),
+        ),
+      )
+      .orderBy(desc(oauthConnections.createdAt), sql`rowid DESC`)
+      .limit(1)
+      .get();
+  }
+
   return db
     .select()
     .from(oauthConnections)
@@ -429,19 +496,37 @@ export function updateConnection(
   return rawChanges() > 0;
 }
 
-/** List connections, optionally filtered by provider key. */
-export function listConnections(providerKey?: string): OAuthConnectionRow[] {
+/** List connections, optionally filtered by provider key and/or client ID. */
+export function listConnections(
+  providerKey?: string,
+  clientId?: string,
+): OAuthConnectionRow[] {
   const db = getDb();
 
+  let rows: OAuthConnectionRow[];
   if (providerKey) {
-    return db
+    rows = db
       .select()
       .from(oauthConnections)
       .where(eq(oauthConnections.providerKey, providerKey))
       .all();
+  } else {
+    rows = db.select().from(oauthConnections).all();
   }
 
-  return db.select().from(oauthConnections).all();
+  if (clientId) {
+    const matchingAppIds = new Set(
+      db
+        .select({ id: oauthApps.id })
+        .from(oauthApps)
+        .where(eq(oauthApps.clientId, clientId))
+        .all()
+        .map((a) => a.id),
+    );
+    return rows.filter((r) => matchingAppIds.has(r.oauthAppId));
+  }
+
+  return rows;
 }
 
 /** Delete a connection by ID. Returns true if a row was deleted. */
@@ -466,8 +551,9 @@ export function deleteConnection(id: string): boolean {
  */
 export async function disconnectOAuthProvider(
   providerKey: string,
+  clientId?: string,
 ): Promise<"disconnected" | "not-found" | "error"> {
-  const conn = getConnectionByProvider(providerKey);
+  const conn = getConnectionByProvider(providerKey, clientId);
   if (!conn) return "not-found";
 
   const r1 = await deleteSecureKeyAsync(

package/src/oauth/seed-providers.ts

@@ -17,6 +17,7 @@ const PROVIDER_SEED_DATA: Record<
     tokenUrl: string;
     tokenEndpointAuthMethod?: string;
     userinfoUrl?: string;
+    pingUrl?: string;
     baseUrl?: string;
     defaultScopes: string[];
     scopePolicy: {
@@ -34,6 +35,7 @@ const PROVIDER_SEED_DATA: Record<
     authUrl: "https://accounts.google.com/o/oauth2/v2/auth",
     tokenUrl: "https://oauth2.googleapis.com/token",
     userinfoUrl: "https://www.googleapis.com/oauth2/v2/userinfo",
+    pingUrl: "https://www.googleapis.com/oauth2/v2/userinfo",
     baseUrl: "https://gmail.googleapis.com/gmail/v1/users/me",
     defaultScopes: [
       "https://www.googleapis.com/auth/gmail.readonly",
@@ -57,6 +59,7 @@ const PROVIDER_SEED_DATA: Record<
     providerKey: "integration:slack",
     authUrl: "https://slack.com/oauth/v2/authorize",
     tokenUrl: "https://slack.com/api/oauth.v2.access",
+    pingUrl: "https://slack.com/api/auth.test",
     baseUrl: "https://slack.com/api",
     defaultScopes: [
       "channels:read",
@@ -90,6 +93,7 @@ const PROVIDER_SEED_DATA: Record<
     providerKey: "integration:notion",
     authUrl: "https://api.notion.com/v1/oauth/authorize",
     tokenUrl: "https://api.notion.com/v1/oauth/token",
+    pingUrl: "https://api.notion.com/v1/users/me",
     baseUrl: "https://api.notion.com",
     defaultScopes: [],
     scopePolicy: {
@@ -105,6 +109,7 @@ const PROVIDER_SEED_DATA: Record<
     providerKey: "integration:twitter",
     authUrl: "https://twitter.com/i/oauth2/authorize",
     tokenUrl: "https://api.x.com/2/oauth2/token",
+    pingUrl: "https://api.x.com/2/users/me",
     baseUrl: "https://api.x.com",
     defaultScopes: [
       "tweet.read",
@@ -128,6 +133,7 @@ const PROVIDER_SEED_DATA: Record<
     providerKey: "slack_channel",
     authUrl: "urn:manual-token",
     tokenUrl: "urn:manual-token",
+    pingUrl: "https://slack.com/api/auth.test",
     baseUrl: "https://slack.com/api",
     defaultScopes: [],
     scopePolicy: {

package/src/oauth/token-persistence.ts

@@ -22,6 +22,7 @@ import type { CredentialInjectionTemplate } from "../tools/credentials/policy-ty
 import { runPostConnectHook } from "../tools/credentials/post-connect-hooks.js";
 import {
   createConnection,
+  getApp,
   getConnectionByProvider,
   updateConnection,
   upsertApp,
@@ -101,13 +102,20 @@ export async function storeOAuth2Tokens(
 
   // 1. Upsert the oauth_app row (or use the pre-resolved ID).
   const app = params.oauthAppId
-    ? { id: params.oauthAppId }
-    : await upsertApp(service, clientId, clientSecret);
+    ? (getApp(params.oauthAppId) ?? {
+        id: params.oauthAppId,
+        clientSecretCredentialPath: `oauth_app/${params.oauthAppId}/client_secret`,
+      })
+    : await upsertApp(
+        service,
+        clientId,
+        clientSecret ? { clientSecretValue: clientSecret } : undefined,
+      );
 
   // When oauthAppId is pre-resolved, still persist clientSecret if provided.
   if (params.oauthAppId && clientSecret) {
     const stored = await setSecureKeyAsync(
-      `oauth_app/${params.oauthAppId}/client_secret`,
+      app.clientSecretCredentialPath,
       clientSecret,
     );
     if (!stored) {

package/src/permissions/defaults.ts

@@ -20,6 +20,7 @@ const HOST_FILE_TOOLS = [
   "host_file_edit",
 ] as const;
 const COMPUTER_USE_TOOLS = [
+  "computer_use_observe",
   "computer_use_click",
   "computer_use_type_text",
   "computer_use_key",

package/src/permissions/trust-store.ts

@@ -283,12 +283,28 @@ function loadFromDisk(): TrustRule[] {
       // Restore persisted starter bundle flag
       cachedStarterBundleAccepted = data.starterBundleAccepted === true;
 
+      // Defense-in-depth: strip any __internal: prefixed rules that may have
+      // been hand-edited into trust.json.
+      const sanitizedRules = rawRules.filter((r) => {
+        if (typeof r.tool === "string" && r.tool.startsWith("__internal:")) {
+          log.warn(
+            { ruleId: r.id, tool: r.tool },
+            "Stripping __internal: rule from trust file on load",
+          );
+          return false;
+        }
+        return true;
+      });
+
       if (
         data.version === TRUST_FILE_VERSION ||
         data.version === 1 ||
         data.version === 2
       ) {
-        rules = rawRules;
+        rules = sanitizedRules;
+        if (sanitizedRules.length < rawRules.length) {
+          needsSave = true;
+        }
         if (data.version !== TRUST_FILE_VERSION) {
           needsSave = true;
           log.info(
@@ -395,6 +411,8 @@ export function addRule(
     executionTarget?: string;
   },
 ): TrustRule {
+  if (tool.startsWith("__internal:"))
+    throw new Error(`Cannot create internal pseudo-rule via addRule: ${tool}`);
   // Re-read from disk to avoid lost updates if another call modified rules
   // between our last read and now (e.g. two rapid trust rule additions).
   cachedRules = null;
@@ -437,6 +455,10 @@ export function updateRule(
   const defaultIds = new Set(getDefaultRuleTemplates().map((t) => t.id));
   if (defaultIds.has(id))
     throw new Error(`Cannot modify default trust rule: ${id}`);
+  if (updates.tool?.startsWith("__internal:"))
+    throw new Error(
+      `Cannot update tool to internal pseudo-rule: ${updates.tool}`,
+    );
 
   // Re-read from disk to avoid lost updates from concurrent modifications.
   cachedRules = null;

package/src/playbooks/playbook-compiler.ts

@@ -1,7 +1,7 @@
 /**
  * Compile all active playbook memory items into a triage context block
  * that can be injected into the system prompt alongside the contact
- * graph and dynamic profile.
+ * graph.
  */
 
 import { and, desc, eq, isNull } from "drizzle-orm";