@vellumai/assistant 0.4.49 → 0.4.51

package/src/daemon/date-context.ts

@@ -33,10 +33,6 @@ const WEEKDAY_NAMES = [
   "Friday",
   "Saturday",
 ] as const;
-const TIMEZONE_SUBJECT_LINE_RE = /^\s*-\s*time\s*zone\s*:\s*(.+)$/i;
-const TIMEZONE_SUBJECT_COMPACT_RE = /^\s*-\s*timezone\s*:\s*(.+)$/i;
-const TIMEZONE_TOKEN_RE =
-  /\b(?:[A-Za-z][A-Za-z0-9_+-]*(?:\/[A-Za-z0-9_+-]+)+|(?:UTC|GMT)(?:[+-]\d{1,2}(?::?\d{2})?)?)\b/gi;
 const UTC_GMT_OFFSET_TOKEN_RE = /^(?:UTC|GMT)([+-])(\d{1,2})(?::?(\d{2}))?$/i;
 
 function normalizeOffsetToken(offsetToken: string): string {
@@ -111,6 +107,17 @@ function canonicalizeTimeZone(timeZone: string): string | null {
       return null;
     }
   }
+  // Check abbreviation mapping before Intl (many abbreviations are not recognized by Intl)
+  const abbrIana = TIMEZONE_ABBREVIATIONS[trimmed.toUpperCase()];
+  if (abbrIana) {
+    try {
+      return new Intl.DateTimeFormat("en-US", {
+        timeZone: abbrIana,
+      }).resolvedOptions().timeZone;
+    } catch {
+      return null;
+    }
+  }
   try {
     return new Intl.DateTimeFormat("en-US", {
       timeZone: trimmed,
@@ -120,47 +127,123 @@ function canonicalizeTimeZone(timeZone: string): string | null {
   }
 }
 
-function extractTimeZoneCandidates(text: string): string[] {
-  const matches = (text.match(TIMEZONE_TOKEN_RE) ?? [])
-    .map((token) => token.trim())
-    .filter((token) => token.length > 0);
-  const ianaTokens = matches.filter((token) => token.includes("/"));
-  const offsetTokens = matches.filter((token) => !token.includes("/"));
-  return [...ianaTokens, ...offsetTokens];
-}
+/**
+ * Common timezone abbreviation → IANA identifier mapping.
+ * Used as a fallback when `Intl.DateTimeFormat` does not recognize the abbreviation.
+ */
+const TIMEZONE_ABBREVIATIONS: Record<string, string> = {
+  // North America
+  PST: "America/Los_Angeles",
+  PDT: "America/Los_Angeles",
+  MST: "America/Denver",
+  MDT: "America/Denver",
+  CST: "America/Chicago",
+  CDT: "America/Chicago",
+  EST: "America/New_York",
+  EDT: "America/New_York",
+  AKST: "America/Anchorage",
+  AKDT: "America/Anchorage",
+  HST: "Pacific/Honolulu",
+  AST: "America/Puerto_Rico",
+  NST: "America/St_Johns",
+  NDT: "America/St_Johns",
+  // Europe
+  BST: "Europe/London",
+  CET: "Europe/Paris",
+  CEST: "Europe/Paris",
+  EET: "Europe/Athens",
+  EEST: "Europe/Athens",
+  WEST: "Europe/Lisbon",
+  MSK: "Europe/Moscow",
+  // Asia / Oceania
+  JST: "Asia/Tokyo",
+  KST: "Asia/Seoul",
+  HKT: "Asia/Hong_Kong",
+  SGT: "Asia/Singapore",
+  WIB: "Asia/Jakarta",
+  PHT: "Asia/Manila",
+  PKT: "Asia/Karachi",
+  NPT: "Asia/Kathmandu",
+  AEST: "Australia/Sydney",
+  AEDT: "Australia/Sydney",
+  ACST: "Australia/Adelaide",
+  ACDT: "Australia/Adelaide",
+  AWST: "Australia/Perth",
+  NZST: "Pacific/Auckland",
+  NZDT: "Pacific/Auckland",
+  // South America
+  BRT: "America/Sao_Paulo",
+};
 
 /**
- * Extract a valid user timezone from compiled `<dynamic-user-profile>` text.
+ * Regex matching IANA timezone identifiers (e.g. "America/New_York"),
+ * UTC/GMT offset tokens (e.g. "UTC+5", "GMT-8:30"), and common
+ * timezone abbreviations (e.g. "PST", "EST", "JST").
  *
- * Prefers explicit `timezone:` profile lines, then falls back to scanning the
- * full profile body for valid IANA timezone identifiers.
+ * Abbreviation alternation is built from `TIMEZONE_ABBREVIATIONS` keys.
  */
-export function extractUserTimeZoneFromDynamicProfile(
-  profileText: string,
+const TIMEZONE_ABBR_ALTERNATION = Object.keys(TIMEZONE_ABBREVIATIONS).join("|");
+const TIMEZONE_TOKEN_RE = new RegExp(
+  `\\b(?:[A-Za-z][A-Za-z0-9_+-]*(?:/[A-Za-z0-9_+-]+)+|(?:UTC|GMT)(?:[+-]\\d{1,2}(?::?\\d{2})?)?|(?:${TIMEZONE_ABBR_ALTERNATION}))\\b`,
+  "gi",
+);
+
+/**
+ * Extract the user's timezone from V2 memory recall injected text.
+ *
+ * Scans the `<user_identity>` section (if present) for lines containing
+ * "timezone" and tries to resolve an IANA identifier. Falls back to
+ * scanning the full text body.
+ */
+export function extractUserTimeZoneFromRecall(
+  injectedText: string,
 ): string | null {
-  const trimmed = profileText.trim();
-  if (trimmed.length === 0) return null;
+  if (!injectedText || injectedText.trim().length === 0) return null;
 
-  const candidateTexts: string[] = [];
-  for (const line of trimmed.split("\n")) {
-    const match =
-      line.match(TIMEZONE_SUBJECT_LINE_RE) ??
-      line.match(TIMEZONE_SUBJECT_COMPACT_RE);
-    if (match) {
-      candidateTexts.push(match[1]);
+  // Prefer lines inside <user_identity> that mention "timezone"
+  const identityMatch = injectedText.match(
+    /<user_identity>([\s\S]*?)<\/user_identity>/,
+  );
+  if (identityMatch) {
+    const identityBlock = identityMatch[1];
+    for (const line of identityBlock.split("\n")) {
+      if (/time\s*zone/i.test(line)) {
+        for (const token of extractTimeZoneCandidates(line)) {
+          const canonical = canonicalizeTimeZone(token);
+          if (canonical) return canonical;
+        }
+      }
     }
-  }
-  candidateTexts.push(trimmed);
-
-  for (const text of candidateTexts) {
-    for (const token of extractTimeZoneCandidates(text)) {
+    // Scan full identity block for any timezone token
+    for (const token of extractTimeZoneCandidates(identityBlock)) {
       const canonical = canonicalizeTimeZone(token);
       if (canonical) return canonical;
     }
   }
+
+  // Fallback: scan entire injected text for timezone tokens in
+  // lines that mention "timezone"
+  for (const line of injectedText.split("\n")) {
+    if (/time\s*zone/i.test(line)) {
+      for (const token of extractTimeZoneCandidates(line)) {
+        const canonical = canonicalizeTimeZone(token);
+        if (canonical) return canonical;
+      }
+    }
+  }
+
   return null;
 }
 
+function extractTimeZoneCandidates(text: string): string[] {
+  const matches = (text.match(TIMEZONE_TOKEN_RE) ?? [])
+    .map((token) => token.trim())
+    .filter((token) => token.length > 0);
+  const ianaTokens = matches.filter((token) => token.includes("/"));
+  const offsetTokens = matches.filter((token) => !token.includes("/"));
+  return [...ianaTokens, ...offsetTokens];
+}
+
 /**
  * Get the local date parts for a given instant in the specified timezone.
  */

package/src/daemon/handlers/config-ingress.ts

@@ -161,7 +161,7 @@ export async function handleIngressConfig(
       // Best-effort Twilio webhook reconciliation: when ingress is being
       // enabled/updated and Twilio numbers are assigned with valid credentials,
       // push the new webhook URLs to Twilio so calls route correctly.
-      if (isEnabled && hasTwilioCredentials()) {
+      if (isEnabled && (await hasTwilioCredentials())) {
         const currentConfig = loadRawConfig();
         const twilioConfig = (currentConfig?.twilio ?? {}) as Record<
           string,
@@ -188,7 +188,7 @@ export async function handleIngressConfig(
 
         if (assignedNumbers.size > 0) {
           const { accountSid: acctSid, authToken: acctToken } =
-            getTwilioCredentials();
+            await getTwilioCredentials();
           // Fire-and-forget: webhook sync failure must not block the ingress save.
           // Reconcile every assigned number so assistant-scoped mappings do not
           // retain stale Twilio webhook URLs after ingress URL changes.

package/src/daemon/handlers/config-slack-channel.ts

@@ -13,7 +13,7 @@ import { getConnectionByProvider } from "../../oauth/oauth-store.js";
 import { credentialKey } from "../../security/credential-key.js";
 import {
   deleteSecureKeyAsync,
-  getSecureKey,
+  getSecureKeyAsync,
   setSecureKeyAsync,
 } from "../../security/secure-keys.js";
 import {
@@ -39,13 +39,13 @@ export interface SlackChannelConfigResult {
 
 // -- Business logic --
 
-export function getSlackChannelConfig(): SlackChannelConfigResult {
-  const hasBotToken = !!getSecureKey(
+export async function getSlackChannelConfig(): Promise<SlackChannelConfigResult> {
+  const hasBotToken = !!(await getSecureKeyAsync(
     credentialKey("slack_channel", "bot_token"),
-  );
-  const hasAppToken = !!getSecureKey(
+  ));
+  const hasAppToken = !!(await getSecureKeyAsync(
     credentialKey("slack_channel", "app_token"),
-  );
+  ));
   const conn = getConnectionByProvider("slack_channel");
   const connected =
     !!(conn && conn.status === "active") && hasBotToken && hasAppToken;
@@ -91,13 +91,17 @@ export async function setSlackChannelConfig(
         user?: string;
       };
       if (!data.ok) {
-        const errConn = getConnectionByProvider("slack_channel");
-        const errConnected = !!(errConn && errConn.status === "active");
+        const errHasBotToken = !!(await getSecureKeyAsync(
+          credentialKey("slack_channel", "bot_token"),
+        ));
+        const errHasAppToken = !!(await getSecureKeyAsync(
+          credentialKey("slack_channel", "app_token"),
+        ));
         return {
           success: false,
-          hasBotToken: errConnected,
-          hasAppToken: errConnected,
-          connected: errConnected,
+          hasBotToken: errHasBotToken,
+          hasAppToken: errHasAppToken,
+          connected: errHasBotToken && errHasAppToken,
           error: `Slack API validation failed: ${
             data.error ?? "unknown error"
           }`,
@@ -111,13 +115,17 @@ export async function setSlackChannelConfig(
       };
     } catch (err) {
       const message = err instanceof Error ? err.message : String(err);
-      const errConn = getConnectionByProvider("slack_channel");
-      const errConnected = !!(errConn && errConn.status === "active");
+      const errHasBotToken = !!(await getSecureKeyAsync(
+        credentialKey("slack_channel", "bot_token"),
+      ));
+      const errHasAppToken = !!(await getSecureKeyAsync(
+        credentialKey("slack_channel", "app_token"),
+      ));
       return {
         success: false,
-        hasBotToken: errConnected,
-        hasAppToken: errConnected,
-        connected: errConnected,
+        hasBotToken: errHasBotToken,
+        hasAppToken: errHasAppToken,
+        connected: errHasBotToken && errHasAppToken,
         error: `Failed to validate bot token: ${message}`,
       };
     }
@@ -127,13 +135,17 @@ export async function setSlackChannelConfig(
       botToken,
     );
     if (!stored) {
-      const errConn = getConnectionByProvider("slack_channel");
-      const errConnected = !!(errConn && errConn.status === "active");
+      const errHasBotToken = !!(await getSecureKeyAsync(
+        credentialKey("slack_channel", "bot_token"),
+      ));
+      const errHasAppToken = !!(await getSecureKeyAsync(
+        credentialKey("slack_channel", "app_token"),
+      ));
       return {
         success: false,
-        hasBotToken: errConnected,
-        hasAppToken: errConnected,
-        connected: errConnected,
+        hasBotToken: errHasBotToken,
+        hasAppToken: errHasAppToken,
+        connected: errHasBotToken && errHasAppToken,
         error: "Failed to store bot token in secure storage",
       };
     }
@@ -161,13 +173,17 @@ export async function setSlackChannelConfig(
   // Validate and store app token
   if (appToken) {
     if (!appToken.startsWith("xapp-")) {
-      const errConn = getConnectionByProvider("slack_channel");
-      const errConnected = !!(errConn && errConn.status === "active");
+      const errHasBotToken = !!(await getSecureKeyAsync(
+        credentialKey("slack_channel", "bot_token"),
+      ));
+      const errHasAppToken = !!(await getSecureKeyAsync(
+        credentialKey("slack_channel", "app_token"),
+      ));
       return {
         success: false,
-        hasBotToken: errConnected,
-        hasAppToken: errConnected,
-        connected: errConnected,
+        hasBotToken: errHasBotToken,
+        hasAppToken: errHasAppToken,
+        connected: errHasBotToken && errHasAppToken,
         error: 'Invalid app token: must start with "xapp-"',
       };
     }
@@ -177,13 +193,17 @@ export async function setSlackChannelConfig(
       appToken,
     );
     if (!stored) {
-      const errConn = getConnectionByProvider("slack_channel");
-      const errConnected = !!(errConn && errConn.status === "active");
+      const errHasBotToken = !!(await getSecureKeyAsync(
+        credentialKey("slack_channel", "bot_token"),
+      ));
+      const errHasAppToken = !!(await getSecureKeyAsync(
+        credentialKey("slack_channel", "app_token"),
+      ));
       return {
         success: false,
-        hasBotToken: errConnected,
-        hasAppToken: errConnected,
-        connected: errConnected,
+        hasBotToken: errHasBotToken,
+        hasAppToken: errHasAppToken,
+        connected: errHasBotToken && errHasAppToken,
         error: "Failed to store app token in secure storage",
       };
     }
@@ -191,12 +211,12 @@ export async function setSlackChannelConfig(
     upsertCredentialMetadata("slack_channel", "app_token", {});
   }
 
-  const hasBotToken = !!getSecureKey(
+  const hasBotToken = !!(await getSecureKeyAsync(
     credentialKey("slack_channel", "bot_token"),
-  );
-  const hasAppToken = !!getSecureKey(
+  ));
+  const hasAppToken = !!(await getSecureKeyAsync(
     credentialKey("slack_channel", "app_token"),
-  );
+  ));
 
   if (hasBotToken && !hasAppToken) {
     warning =
@@ -237,12 +257,12 @@ export async function clearSlackChannelConfig(): Promise<SlackChannelConfigResul
 
   if (r1 === "error" || r2 === "error") {
     // Check each key individually so partial deletions report accurate status.
-    const hasBotToken = !!getSecureKey(
+    const hasBotToken = !!(await getSecureKeyAsync(
       credentialKey("slack_channel", "bot_token"),
-    );
-    const hasAppToken = !!getSecureKey(
+    ));
+    const hasAppToken = !!(await getSecureKeyAsync(
       credentialKey("slack_channel", "app_token"),
-    );
+    ));
     return {
       success: false,
       hasBotToken,

package/src/daemon/handlers/config-telegram.ts

@@ -16,7 +16,7 @@ import { getConnectionByProvider } from "../../oauth/oauth-store.js";
 import { credentialKey } from "../../security/credential-key.js";
 import {
   deleteSecureKeyAsync,
-  getSecureKey,
+  getSecureKeyAsync,
   setSecureKeyAsync,
 } from "../../security/secure-keys.js";
 import { getTelegramBotUsername } from "../../telegram/bot-username.js";
@@ -65,11 +65,13 @@ export type TelegramConfigResult = Omit<TelegramConfigResponse, "type">;
 
 // -- Extracted business logic functions --
 
-export function getTelegramConfig(): TelegramConfigResult {
-  const hasBotToken = !!getSecureKey(credentialKey("telegram", "bot_token"));
-  const hasWebhookSecret = !!getSecureKey(
+export async function getTelegramConfig(): Promise<TelegramConfigResult> {
+  const hasBotToken = !!(await getSecureKeyAsync(
+    credentialKey("telegram", "bot_token"),
+  ));
+  const hasWebhookSecret = !!(await getSecureKeyAsync(
     credentialKey("telegram", "webhook_secret"),
-  );
+  ));
   const conn = getConnectionByProvider("telegram");
   const connected = !!(conn && conn.status === "active");
   const botUsername = getTelegramBotUsername();
@@ -89,7 +91,8 @@ export async function setTelegramConfig(
   // Track provenance so we only rollback tokens that were freshly provided.
   const isNewToken = !!botToken;
   const resolvedToken =
-    botToken || getSecureKey(credentialKey("telegram", "bot_token"));
+    botToken ||
+    (await getSecureKeyAsync(credentialKey("telegram", "bot_token")));
   if (!resolvedToken) {
     return {
       success: false,
@@ -166,9 +169,9 @@ export async function setTelegramConfig(
   invalidateConfigCache();
 
   // Ensure webhook secret exists (generate if missing)
-  let hasWebhookSecret = !!getSecureKey(
+  let hasWebhookSecret = !!(await getSecureKeyAsync(
     credentialKey("telegram", "webhook_secret"),
-  );
+  ));
   if (!hasWebhookSecret) {
     const { randomUUID } = await import("node:crypto");
     const webhookSecret = randomUUID();
@@ -241,7 +244,9 @@ export async function clearTelegramConfig(): Promise<TelegramConfigResult> {
   // The gateway reconcile short-circuits when credentials are absent,
   // so we must call the Telegram API directly while the token is still
   // available.
-  const botToken = getSecureKey(credentialKey("telegram", "bot_token"));
+  const botToken = await getSecureKeyAsync(
+    credentialKey("telegram", "bot_token"),
+  );
   if (botToken) {
     try {
       await fetch(`https://api.telegram.org/bot${botToken}/deleteWebhook`);
@@ -260,10 +265,12 @@ export async function clearTelegramConfig(): Promise<TelegramConfigResult> {
 
   if (r1 === "error" || r2 === "error") {
     // Check each key individually so partial deletions report accurate status.
-    const hasBotToken = !!getSecureKey(credentialKey("telegram", "bot_token"));
-    const hasWebhookSecret = !!getSecureKey(
+    const hasBotToken = !!(await getSecureKeyAsync(
+      credentialKey("telegram", "bot_token"),
+    ));
+    const hasWebhookSecret = !!(await getSecureKeyAsync(
       credentialKey("telegram", "webhook_secret"),
-    );
+    ));
     return {
       success: false,
       hasBotToken,
@@ -297,7 +304,9 @@ export async function clearTelegramConfig(): Promise<TelegramConfigResult> {
 export async function setTelegramCommands(
   commands?: Array<{ command: string; description: string }>,
 ): Promise<TelegramConfigResult> {
-  const storedToken = getSecureKey(credentialKey("telegram", "bot_token"));
+  const storedToken = await getSecureKeyAsync(
+    credentialKey("telegram", "bot_token"),
+  );
   if (!storedToken) {
     return {
       success: false,
@@ -398,7 +407,7 @@ export async function handleTelegramConfig(
     let result: TelegramConfigResult;
 
     if (msg.action === "get") {
-      result = getTelegramConfig();
+      result = await getTelegramConfig();
     } else if (msg.action === "set") {
       result = await setTelegramConfig(msg.botToken);
     } else if (msg.action === "clear") {