@vellumai/assistant 0.4.49 → 0.4.50

package/src/runtime/routes/brain-graph-routes.ts

@@ -2,7 +2,7 @@
  * Route handlers for the brain graph visualization endpoint.
  *
  * Queries the memory database to return a knowledge graph shaped for brain-lobe
- * visualization, with entities mapped to brain regions based on their type.
+ * visualization, with memory items mapped to brain regions based on their kind.
  */
 
 import { readFileSync } from "node:fs";
@@ -11,65 +11,23 @@ import { join } from "node:path";
 import { count } from "drizzle-orm";
 
 import { getDb } from "../../memory/db.js";
-import {
-  memoryEntities,
-  memoryEntityRelations,
-  memoryItems,
-} from "../../memory/schema.js";
+import { memoryItems } from "../../memory/schema.js";
 import { resolveBundledDir } from "../../util/bundled-asset.js";
 import type { RouteDefinition } from "../http-router.js";
 
-function getLobeRegion(entityType: string): string {
-  switch (entityType) {
-    case "person":
-    case "organization":
-      return "right-social";
-    case "project":
-    case "company":
-      return "left-planning";
-    case "tool":
-      return "left-technical";
-    case "concept":
-      return "right-creative";
-    case "location":
-      return "right-spatial";
-    default:
-      return "center";
-  }
-}
-
-function getEntityColor(entityType: string): string {
-  switch (entityType) {
-    case "person":
-      return "#22c55e";
-    case "project":
-      return "#f97316";
-    case "tool":
-      return "#06b6d4";
-    case "company":
-      return "#a855f7";
-    case "organization":
-      return "#a855f7";
-    case "concept":
-      return "#eab308";
-    case "location":
-      return "#14b8a6";
-    default:
-      return "#94a3b8";
-  }
-}
-
 function getMemoryKindColor(kind: string): string {
   switch (kind) {
-    case "profile":
+    case "identity":
       return "#8b5cf6";
     case "preference":
       return "#3b82f6";
+    case "project":
+      return "#10b981";
+    case "decision":
+      return "#f59e0b";
     case "constraint":
       return "#ef4444";
-    case "instruction":
-      return "#f59e0b";
-    case "style":
+    case "event":
       return "#ec4899";
     default:
       return "#94a3b8";
@@ -80,27 +38,6 @@ export function handleGetBrainGraph(): Response {
   try {
     const db = getDb();
 
-    const entityRows = db
-      .select({
-        id: memoryEntities.id,
-        name: memoryEntities.name,
-        type: memoryEntities.type,
-        mentionCount: memoryEntities.mentionCount,
-        firstSeenAt: memoryEntities.firstSeenAt,
-        lastSeenAt: memoryEntities.lastSeenAt,
-      })
-      .from(memoryEntities)
-      .all();
-
-    const relationRows = db
-      .select({
-        sourceEntityId: memoryEntityRelations.sourceEntityId,
-        targetEntityId: memoryEntityRelations.targetEntityId,
-        relation: memoryEntityRelations.relation,
-      })
-      .from(memoryEntityRelations)
-      .all();
-
     const kindCountRows = db
       .select({
         kind: memoryItems.kind,
@@ -110,23 +47,6 @@ export function handleGetBrainGraph(): Response {
       .groupBy(memoryItems.kind)
       .all();
 
-    const entities = entityRows.map((entity) => ({
-      id: entity.id,
-      name: entity.name,
-      type: entity.type,
-      lobeRegion: getLobeRegion(entity.type),
-      color: getEntityColor(entity.type),
-      mentionCount: entity.mentionCount,
-      firstSeenAt: entity.firstSeenAt,
-      lastSeenAt: entity.lastSeenAt,
-    }));
-
-    const relations = relationRows.map((rel) => ({
-      sourceId: rel.sourceEntityId,
-      targetId: rel.targetEntityId,
-      relation: rel.relation,
-    }));
-
     const memorySummary = kindCountRows.map((row) => ({
       kind: row.kind,
       count: row.count,
@@ -139,8 +59,8 @@ export function handleGetBrainGraph(): Response {
     );
 
     return Response.json({
-      entities,
-      relations,
+      entities: [],
+      relations: [],
       memorySummary,
       totalKnowledgeCount,
       generatedAt: new Date().toISOString(),

package/src/runtime/routes/conversation-routes.ts

@@ -648,9 +648,17 @@ export async function handleSendMessage(
       session.setHostFileProxy(fileProxy);
     }
     if (!session.isProcessing() || !session.hostCuProxy) {
-      const cuProxy = new HostCuProxy(onEvent);
+      const cuProxy = new HostCuProxy(onEvent, (requestId) => {
+        pendingInteractions.resolve(requestId);
+      });
       session.setHostCuProxy(cuProxy);
     }
+    // Only preactivate CU when the session is idle — if the session is
+    // processing, this message will be queued and preactivation is deferred
+    // to dequeue time in drainQueueImpl to avoid mutating in-flight turn state.
+    if (!session.isProcessing()) {
+      session.addPreactivatedSkillId("computer-use");
+    }
   } else if (!session.isProcessing()) {
     session.setHostBashProxy(undefined);
     session.setHostFileProxy(undefined);

package/src/runtime/routes/inbound-stages/acl-enforcement.ts

@@ -334,7 +334,7 @@ export async function enforceIngressAcl(
                   dmCallbackUrl,
                   {
                     chatId: senderUserId,
-                    text: "I've notified the owner. They'll share a verification code with you if they approve access. You can reply with the code here.",
+                    text: "I've notified the owner that you'd like to chat with me. If they approve your request, they'll share a 6-digit verification code with you. You can reply with the code here.",
                     assistantId,
                   },
                   mintBearerToken(),
@@ -423,11 +423,12 @@ export async function enforceIngressAcl(
 
     if (resolvedMember) {
       if (resolvedMember.channel.status !== "active") {
+        const isBlockedMember = resolvedMember.channel.status === "blocked";
         // Same bypass logic as the no-member branch: verification codes and
-        // bootstrap commands must pass through even when the member record is
-        // revoked/blocked — otherwise the user can never re-verify.
+        // bootstrap commands must pass through for re-verifiable states
+        // (pending/revoked), but never for blocked members.
         let denyInactiveMember = true;
-        if (isGuardianVerifyCode) {
+        if (!isBlockedMember && isGuardianVerifyCode) {
           const hasPendingChallenge = !!getPendingSession(sourceChannel);
           const hasActiveOutboundSession = !!findActiveSession(sourceChannel);
           if (hasPendingChallenge || hasActiveOutboundSession) {
@@ -444,7 +445,7 @@ export async function enforceIngressAcl(
             );
           }
         }
-        if (isBootstrapCommand) {
+        if (!isBlockedMember && isBootstrapCommand) {
           const bootstrapPayload = (
             rawCommandIntentForAcl as Record<string, unknown>
           ).payload as string;
@@ -471,9 +472,11 @@ export async function enforceIngressAcl(
         }
 
         // ── Invite token intercept (inactive member) ──
-        // Same as the non-member branch: invite tokens can reactivate
-        // revoked/pending members without requiring guardian approval.
-        if (inviteToken && denyInactiveMember) {
+        // Invite tokens can reactivate revoked/pending members without
+        // requiring guardian approval, but blocked members are excluded so
+        // they are short-circuited at the ACL layer rather than entering the
+        // redemption path.
+        if (!isBlockedMember && inviteToken && denyInactiveMember) {
           const inviteResult = await handleInviteTokenIntercept({
             rawToken: inviteToken,
             sourceChannel,
@@ -496,9 +499,15 @@ export async function enforceIngressAcl(
         }
 
         // ── 6-digit invite code intercept (inactive member) ──
-        // Same as the non-member branch: codes can reactivate revoked/pending
-        // members. Non-matching codes fall through to normal processing.
-        if (denyInactiveMember && /^\d{6}$/.test(trimmedContent)) {
+        // Codes can reactivate revoked/pending members; non-matching codes
+        // fall through. Blocked members are excluded here for consistency —
+        // the redemption service would reject them anyway, but early exit
+        // avoids unnecessary work.
+        if (
+          !isBlockedMember &&
+          denyInactiveMember &&
+          /^\d{6}$/.test(trimmedContent)
+        ) {
           const codeInterceptResult = await handleInviteCodeIntercept({
             code: trimmedContent,
             sourceChannel,
@@ -579,7 +588,7 @@ export async function enforceIngressAcl(
                     dmCallbackUrl,
                     {
                       chatId: senderUserId,
-                      text: "I've notified the owner. They'll share a verification code with you if they approve access. You can reply with the code here.",
+                      text: "I've notified the owner that you'd like to chat with me. If they approve your request, they'll share a 6-digit verification code with you. You can reply with the code here.",
                       assistantId,
                     },
                     mintBearerToken(),