@vellumai/assistant 0.4.56 → 0.5.0

package/src/__tests__/event-bus.test.ts

@@ -33,18 +33,18 @@ describe("EventBus", () => {
 
     bus.onAny((event) => {
       seenType = event.type;
-      if (event.type === "daemon.session.created") {
+      if (event.type === "daemon.conversation.created") {
         seenConversationId = event.payload.conversationId;
       }
       expect(typeof event.emittedAtMs).toBe("number");
     });
 
-    await bus.emit("daemon.session.created", {
+    await bus.emit("daemon.conversation.created", {
       conversationId: "conv-2",
       createdAtMs: Date.now(),
     });
 
-    expect(seenType).toBe("daemon.session.created");
+    expect(seenType).toBe("daemon.conversation.created");
     expect(seenConversationId).toBe("conv-2");
   });
 

package/src/__tests__/file-read-tool.test.ts

@@ -177,3 +177,43 @@ describe("file_read image support", () => {
     expect(result.content).toContain("outside the working directory");
   });
 });
+
+// ── Out-of-bounds hint for host_file_read ─────────────────────────────
+
+describe("file_read out-of-bounds hint", () => {
+  test("suggests host_file_read for out-of-bounds text file path", async () => {
+    const dir = makeTempDir();
+
+    const result = await fileReadTool.execute(
+      { path: "/etc/passwd" },
+      makeContext(dir),
+    );
+
+    expect(result.isError).toBe(true);
+    expect(result.content).toContain("host_file_read");
+  });
+
+  test("suggests host_file_read for out-of-bounds image file path", async () => {
+    const dir = makeTempDir();
+
+    const result = await fileReadTool.execute(
+      { path: "/Users/someone/Desktop/screenshot.png" },
+      makeContext(dir),
+    );
+
+    expect(result.isError).toBe(true);
+    expect(result.content).toContain("host_file_read");
+  });
+
+  test("does not suggest host_file_read for missing file within sandbox", async () => {
+    const dir = makeTempDir();
+
+    const result = await fileReadTool.execute(
+      { path: "nonexistent.txt" },
+      makeContext(dir),
+    );
+
+    expect(result.isError).toBe(true);
+    expect(result.content).not.toContain("host_file_read");
+  });
+});

package/src/__tests__/gateway-only-enforcement.test.ts

@@ -58,7 +58,7 @@ mock.module("../config/loader.js", () => ({
     model: "test",
     provider: "test",
     memory: { enabled: false },
-    rateLimit: { maxRequestsPerMinute: 0, maxTokensPerSession: 0 },
+    rateLimit: { maxRequestsPerMinute: 0 },
     secretDetection: { enabled: false },
     calls: {
       enabled: true,
@@ -80,7 +80,7 @@ mock.module("../config/loader.js", () => ({
     model: "test",
     provider: "test",
     memory: { enabled: false },
-    rateLimit: { maxRequestsPerMinute: 0, maxTokensPerSession: 0 },
+    rateLimit: { maxRequestsPerMinute: 0 },
     secretDetection: { enabled: false },
     ingress: {
       publicBaseUrl: "https://test.example.com",

package/src/__tests__/gateway-only-guard.test.ts

@@ -22,6 +22,7 @@ const ALLOWLIST = new Set([
   // Matched by prefix check below: gateway/
 
   // --- Intentional local daemon-control paths ---
+  "assistant/src/cli/commands/conversations.ts", // CLI wipe talks to runtime directly
   "clients/shared/Network/DaemonClient.swift",
   "clients/macos/vellum-assistant/App/AppDelegate.swift",
   "clients/macos/vellum-assistant/Features/Settings/SettingsConnectTab.swift",

package/src/__tests__/gemini-image-service.test.ts

@@ -111,7 +111,7 @@ describe("generateImage", () => {
     expect(result.images).toHaveLength(1);
     expect(result.images[0].mimeType).toBe("image/png");
     expect(result.images[0].dataBase64).toBe("abc123");
-    expect(result.resolvedModel).toBe("gemini-2.5-flash-image");
+    expect(result.resolvedModel).toBe("gemini-3.1-flash-image-preview");
   });
 
   test("generate mode collects text commentary from response", async () => {
@@ -168,7 +168,7 @@ describe("generateImage", () => {
 
     expect(lastGenerateParams).not.toBeNull();
     expect((lastGenerateParams as Record<string, unknown>).model).toBe(
-      "gemini-2.5-flash-image",
+      "gemini-3.1-flash-image-preview",
     );
   });
 
@@ -180,12 +180,12 @@ describe("generateImage", () => {
       {
         prompt: "test",
         mode: "generate",
-        model: "gemini-3-pro-image",
+        model: "gemini-3-pro-image-preview",
       },
     );
 
     expect((lastGenerateParams as Record<string, unknown>).model).toBe(
-      "gemini-3-pro-image",
+      "gemini-3-pro-image-preview",
     );
   });
 

package/src/__tests__/gemini-provider.test.ts

@@ -739,17 +739,14 @@ describe("GeminiProvider", () => {
     expect(lastConstructorOpts).toEqual({ apiKey: "test-key" });
   });
 
-  test("sets vertexai mode with httpOptions.baseUrl when managedBaseUrl is provided", () => {
+  test("sets httpOptions.baseUrl when managedBaseUrl is provided", () => {
     new GeminiProvider("managed-key", "gemini-3-flash", {
-      managedBaseUrl: "https://platform.example.com/v1/runtime-proxy/vertex",
+      managedBaseUrl: "https://platform.example.com/v1/runtime-proxy/gemini",
     });
     expect(lastConstructorOpts).toEqual({
-      vertexai: true,
-      project: "proxy",
-      location: "us-central1",
+      apiKey: "managed-key",
       httpOptions: {
-        baseUrl: "https://platform.example.com/v1/runtime-proxy/vertex",
-        headers: { Authorization: "Bearer managed-key" },
+        baseUrl: "https://platform.example.com/v1/runtime-proxy/gemini",
       },
     });
   });
@@ -759,7 +756,7 @@ describe("GeminiProvider", () => {
       "managed-key",
       "gemini-3-flash",
       {
-        managedBaseUrl: "https://platform.example.com/v1/runtime-proxy/vertex",
+        managedBaseUrl: "https://platform.example.com/v1/runtime-proxy/gemini",
       },
     );
 
@@ -784,7 +781,7 @@ describe("GeminiProvider", () => {
       "managed-key",
       "gemini-3-flash",
       {
-        managedBaseUrl: "https://platform.example.com/v1/runtime-proxy/vertex",
+        managedBaseUrl: "https://platform.example.com/v1/runtime-proxy/gemini",
       },
     );
 

package/src/__tests__/guardian-binding-drift-heal.test.ts

@@ -0,0 +1,128 @@
+import { mkdtempSync, rmSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { afterAll, beforeEach, describe, expect, mock, test } from "bun:test";
+
+const testDir = mkdtempSync(
+  join(tmpdir(), "guardian-binding-drift-heal-test-"),
+);
+
+mock.module("../util/platform.js", () => ({
+  getDataDir: () => testDir,
+  isMacOS: () => process.platform === "darwin",
+  isLinux: () => process.platform === "linux",
+  isWindows: () => process.platform === "win32",
+  getPidPath: () => join(testDir, "test.pid"),
+  getDbPath: () => join(testDir, "test.db"),
+  getLogPath: () => join(testDir, "test.log"),
+  ensureDataDir: () => {},
+}));
+
+mock.module("../util/logger.js", () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
+}));
+
+import { findGuardianForChannel } from "../contacts/contact-store.js";
+import { createGuardianBinding } from "../contacts/contacts-write.js";
+import { getDb, initializeDb, resetDb } from "../memory/db.js";
+import { healGuardianBindingDrift } from "../runtime/guardian-vellum-migration.js";
+
+initializeDb();
+
+function resetTables(): void {
+  const db = getDb();
+  db.run("DELETE FROM contact_channels");
+  db.run("DELETE FROM contacts");
+}
+
+describe("healGuardianBindingDrift", () => {
+  beforeEach(() => {
+    resetTables();
+  });
+
+  afterAll(() => {
+    resetDb();
+    try {
+      rmSync(testDir, { recursive: true });
+    } catch {
+      // best-effort cleanup
+    }
+  });
+
+  test("heals drift when both principals have vellum-principal- prefix", () => {
+    // Simulate DB reset: new guardian binding with a different UUID
+    createGuardianBinding({
+      channel: "vellum",
+      guardianExternalUserId: "vellum-principal-new-uuid",
+      guardianDeliveryChatId: "local",
+      guardianPrincipalId: "vellum-principal-new-uuid",
+      verifiedVia: "startup-migration",
+    });
+
+    // Client arrives with the old JWT principal
+    const healed = healGuardianBindingDrift("vellum-principal-old-uuid");
+    expect(healed).toBe(true);
+
+    // Guardian binding now matches the old JWT
+    const guardian = findGuardianForChannel("vellum");
+    expect(guardian).not.toBeNull();
+    expect(guardian!.contact.principalId).toBe("vellum-principal-old-uuid");
+    expect(guardian!.channel.externalUserId).toBe("vellum-principal-old-uuid");
+  });
+
+  test("no-op when principals already match", () => {
+    createGuardianBinding({
+      channel: "vellum",
+      guardianExternalUserId: "vellum-principal-same",
+      guardianDeliveryChatId: "local",
+      guardianPrincipalId: "vellum-principal-same",
+      verifiedVia: "startup-migration",
+    });
+
+    const healed = healGuardianBindingDrift("vellum-principal-same");
+    expect(healed).toBe(false);
+  });
+
+  test("refuses to heal when incoming principal lacks vellum-principal- prefix", () => {
+    createGuardianBinding({
+      channel: "vellum",
+      guardianExternalUserId: "vellum-principal-aaa",
+      guardianDeliveryChatId: "local",
+      guardianPrincipalId: "vellum-principal-aaa",
+      verifiedVia: "startup-migration",
+    });
+
+    // External/platform principal — should NOT be adopted
+    const healed = healGuardianBindingDrift("platform-user-12345");
+    expect(healed).toBe(false);
+
+    // Guardian unchanged
+    const guardian = findGuardianForChannel("vellum");
+    expect(guardian!.contact.principalId).toBe("vellum-principal-aaa");
+  });
+
+  test("refuses to heal when stored principal lacks vellum-principal- prefix", () => {
+    createGuardianBinding({
+      channel: "vellum",
+      guardianExternalUserId: "verified-phone-guardian",
+      guardianDeliveryChatId: "local",
+      guardianPrincipalId: "verified-phone-guardian",
+      verifiedVia: "challenge",
+    });
+
+    // Even with a vellum-principal- incoming, don't overwrite a real binding
+    const healed = healGuardianBindingDrift("vellum-principal-attacker");
+    expect(healed).toBe(false);
+
+    const guardian = findGuardianForChannel("vellum");
+    expect(guardian!.contact.principalId).toBe("verified-phone-guardian");
+  });
+
+  test("returns false when no guardian binding exists", () => {
+    const healed = healGuardianBindingDrift("vellum-principal-orphan");
+    expect(healed).toBe(false);
+  });
+});

package/src/__tests__/guardian-dispatch.test.ts

@@ -195,7 +195,6 @@ describe("guardian-dispatch", () => {
     expect(vellumDelivery!.destination_conversation_id).toBe("conv-vellum-1");
 
     const signalParams = emitCalls[0] as Record<string, unknown>;
-    expect(signalParams.skipVellumThread).toBeUndefined();
     expect(typeof signalParams.onConversationCreated).toBe("function");
   });
 

package/src/__tests__/host-file-read-tool.test.ts

@@ -8,6 +8,12 @@ import type { ToolContext } from "../tools/types.js";
 
 const testDirs: string[] = [];
 
+function makeTempDir(): string {
+  const dir = mkdtempSync(join(tmpdir(), "host-file-read-test-"));
+  testDirs.push(dir);
+  return dir;
+}
+
 function makeContext(): ToolContext {
   return {
     workingDir: "/tmp",
@@ -22,6 +28,18 @@ afterEach(() => {
   }
 });
 
+// Minimal valid JPEG: FF D8 FF E0 header
+const JPEG_HEADER = Buffer.from([
+  0xff, 0xd8, 0xff, 0xe0, 0x00, 0x10, 0x4a, 0x46, 0x49, 0x46, 0x00, 0x01, 0x01,
+  0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00,
+]);
+
+// Minimal PNG header
+const PNG_HEADER = Buffer.from([
+  0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a, 0x00, 0x00, 0x00, 0x0d, 0x49,
+  0x48, 0x44, 0x52,
+]);
+
 describe("host_file_read tool", () => {
   test("rejects relative paths", async () => {
     const result = await hostFileReadTool.execute(
@@ -145,3 +163,72 @@ describe("host_file_read tool", () => {
     expect(result.content).toContain("symlink-content");
   });
 });
+
+describe("host_file_read image support", () => {
+  test("returns image content block for .png file", async () => {
+    const dir = makeTempDir();
+    const filePath = join(dir, "screenshot.png");
+    writeFileSync(filePath, PNG_HEADER);
+
+    const result = await hostFileReadTool.execute(
+      { path: filePath },
+      makeContext(),
+    );
+
+    expect(result.isError).toBe(false);
+    expect(result.content).toContain("Image loaded");
+    expect(result.content).toContain("image/png");
+    expect((result as any).contentBlocks).toBeDefined();
+    expect((result as any).contentBlocks[0].type).toBe("image");
+    expect((result as any).contentBlocks[0].source.media_type).toBe(
+      "image/png",
+    );
+  });
+
+  test("returns correct media type for .jpg file", async () => {
+    const dir = makeTempDir();
+    const filePath = join(dir, "photo.jpg");
+    writeFileSync(filePath, JPEG_HEADER);
+
+    const result = await hostFileReadTool.execute(
+      { path: filePath },
+      makeContext(),
+    );
+
+    expect(result.isError).toBe(false);
+    expect(result.content).toContain("Image loaded");
+    expect(result.content).toContain("image/jpeg");
+    expect((result as any).contentBlocks).toBeDefined();
+    expect((result as any).contentBlocks[0].type).toBe("image");
+    expect((result as any).contentBlocks[0].source.media_type).toBe(
+      "image/jpeg",
+    );
+  });
+
+  test("returns error for non-existent image path", async () => {
+    const filePath = join(tmpdir(), `host-file-read-missing-${Date.now()}.png`);
+    const result = await hostFileReadTool.execute(
+      { path: filePath },
+      makeContext(),
+    );
+
+    expect(result.isError).toBe(true);
+    expect(result.content).toContain("file not found");
+  });
+
+  test("text file still works as before (regression)", async () => {
+    const dir = makeTempDir();
+    const filePath = join(dir, "notes.txt");
+    writeFileSync(filePath, "hello world\nsecond line\n");
+
+    const result = await hostFileReadTool.execute(
+      { path: filePath },
+      makeContext(),
+    );
+
+    expect(result.isError).toBe(false);
+    expect(result.content).toContain("1  hello world");
+    expect(result.content).toContain("2  second line");
+    expect((result as any).contentBlocks).toBeUndefined();
+  });
+});

package/src/__tests__/host-shell-tool.test.ts

@@ -29,14 +29,14 @@ const mockConfig = {
     shellMaxTimeoutSec: 600,
     permissionTimeoutSec: 300,
   },
-  sandbox: { enabled: true },
-  rateLimit: { maxRequestsPerMinute: 0, maxTokensPerSession: 0 },
+  rateLimit: { maxRequestsPerMinute: 0 },
   secretDetection: {
     enabled: true,
     action: "warn" as const,
     entropyThreshold: 4.0,
   },
   auditLog: { retentionDays: 0 },
+  sandbox: { enabled: true },
 };
 
 // Track whether wrapCommand was ever called — host_bash must never invoke it
@@ -283,11 +283,11 @@ describe("host_bash — regression: no proxied-mode additions", () => {
     expect(schemaProps).not.toHaveProperty("credential_ids");
   });
 
-  test("schema only contains the expected properties (command, working_dir, timeout_seconds, reason)", () => {
+  test("schema only contains the expected properties (command, working_dir, timeout_seconds, activity)", () => {
     const propertyNames = Object.keys(schemaProps).sort();
     expect(propertyNames).toEqual([
+      "activity",
       "command",
-      "reason",
       "timeout_seconds",
       "working_dir",
     ]);
@@ -348,10 +348,10 @@ describe("host_bash — regression: no proxied-mode additions", () => {
     expect(definition.name).toBe("host_bash");
   });
 
-  test("required fields contains command and reason", () => {
+  test("required fields contains command and activity", () => {
     expect(
       (definition.input_schema as Record<string, unknown>).required,
-    ).toEqual(["command", "reason"]);
+    ).toEqual(["command", "activity"]);
   });
 });
 

package/src/__tests__/http-user-message-parity.test.ts

@@ -142,9 +142,9 @@ mock.module("../config/loader.js", () => ({
       "image-generation": {
         mode: "your-own",
         provider: "gemini",
-        model: "gemini-2.5-flash-image",
+        model: "gemini-3.1-flash-image-preview",
       },
-      "web-search": { mode: "your-own", provider: "anthropic-native" },
+      "web-search": { mode: "your-own", provider: "inference-provider-native" },
     },
   }),
 }));

package/src/__tests__/identity-intro-cache.test.ts

@@ -0,0 +1,209 @@
+/**
+ * Unit tests for the identity intro cache (identity-intro-cache.ts).
+ *
+ * Validates TTL-based expiration, content-hash-based invalidation when
+ * workspace identity files change, and round-trip get/set behavior.
+ */
+
+import { afterEach, describe, expect, mock, test } from "bun:test";
+
+// ---------------------------------------------------------------------------
+// Mocks — must be defined before importing the module under test
+// ---------------------------------------------------------------------------
+
+// Suppress logger output
+mock.module("../util/logger.js", () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
+}));
+
+// In-memory checkpoint store
+const checkpointStore = new Map<string, string>();
+
+mock.module("../memory/checkpoints.js", () => ({
+  getMemoryCheckpoint: (key: string) => checkpointStore.get(key) ?? null,
+  setMemoryCheckpoint: (key: string, value: string) => {
+    checkpointStore.set(key, value);
+  },
+}));
+
+// Simulated workspace file contents
+const workspaceFiles: Record<string, string> = {};
+
+mock.module("../util/platform.js", () => ({
+  getWorkspacePromptPath: (name: string) => `/mock/workspace/${name}`,
+}));
+
+mock.module("node:fs", () => ({
+  existsSync: (path: string) => {
+    const name = path.split("/").pop() ?? "";
+    return name in workspaceFiles;
+  },
+  readFileSync: (path: string, _encoding: string) => {
+    const name = path.split("/").pop() ?? "";
+    if (name in workspaceFiles) return workspaceFiles[name];
+    throw new Error(`ENOENT: ${path}`);
+  },
+}));
+
+// ---------------------------------------------------------------------------
+// Imports (after mocks)
+// ---------------------------------------------------------------------------
+
+import {
+  computeIdentityContentHash,
+  getCachedIntro,
+  setCachedIntro,
+} from "../runtime/routes/identity-intro-cache.js";
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+afterEach(() => {
+  checkpointStore.clear();
+  for (const key of Object.keys(workspaceFiles)) {
+    delete workspaceFiles[key];
+  }
+});
+
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+
+describe("identity intro cache", () => {
+  test("returns null when cache is empty", () => {
+    expect(getCachedIntro()).toBeNull();
+  });
+
+  test("round-trip: set then get returns cached text", () => {
+    workspaceFiles["IDENTITY.md"] = "- **Name:** Atlas";
+    workspaceFiles["SOUL.md"] = "Be playful.";
+    workspaceFiles["USER.md"] = "The user likes coffee.";
+
+    setCachedIntro("Hey, I'm Atlas.");
+    const cached = getCachedIntro();
+    expect(cached).not.toBeNull();
+    expect(cached!.text).toBe("Hey, I'm Atlas.");
+  });
+
+  test("returns null when cache is expired (TTL exceeded)", () => {
+    workspaceFiles["IDENTITY.md"] = "- **Name:** Atlas";
+
+    setCachedIntro("Hello!");
+
+    // Manually set the timestamp to 5 hours ago
+    const fiveHoursAgo = String(Date.now() - 5 * 60 * 60 * 1000);
+    checkpointStore.set("identity:intro:cached_at", fiveHoursAgo);
+
+    expect(getCachedIntro()).toBeNull();
+  });
+
+  test("returns cached text when within TTL (3 hours ago)", () => {
+    workspaceFiles["IDENTITY.md"] = "- **Name:** Atlas";
+
+    setCachedIntro("Hello!");
+
+    // Set timestamp to 3 hours ago (within 4-hour TTL)
+    const threeHoursAgo = String(Date.now() - 3 * 60 * 60 * 1000);
+    checkpointStore.set("identity:intro:cached_at", threeHoursAgo);
+
+    const cached = getCachedIntro();
+    expect(cached).not.toBeNull();
+    expect(cached!.text).toBe("Hello!");
+  });
+
+  test("busts cache when IDENTITY.md changes", () => {
+    workspaceFiles["IDENTITY.md"] = "- **Name:** Atlas";
+    setCachedIntro("I'm Atlas!");
+
+    // Change IDENTITY.md
+    workspaceFiles["IDENTITY.md"] = "- **Name:** Nova";
+
+    expect(getCachedIntro()).toBeNull();
+  });
+
+  test("busts cache when SOUL.md changes", () => {
+    workspaceFiles["SOUL.md"] = "Be playful.";
+    setCachedIntro("Hey there!");
+
+    // Change SOUL.md
+    workspaceFiles["SOUL.md"] = "Be serious and formal.";
+
+    expect(getCachedIntro()).toBeNull();
+  });
+
+  test("busts cache when USER.md changes", () => {
+    workspaceFiles["USER.md"] = "Likes coffee.";
+    setCachedIntro("Good morning!");
+
+    // Change USER.md
+    workspaceFiles["USER.md"] = "Likes tea.";
+
+    expect(getCachedIntro()).toBeNull();
+  });
+
+  test("cache survives when files are unchanged", () => {
+    workspaceFiles["IDENTITY.md"] = "- **Name:** Atlas";
+    workspaceFiles["SOUL.md"] = "Be chill.";
+    workspaceFiles["USER.md"] = "Likes sunsets.";
+
+    setCachedIntro("Atlas here.");
+
+    // Read twice — both should return the cached value
+    expect(getCachedIntro()?.text).toBe("Atlas here.");
+    expect(getCachedIntro()?.text).toBe("Atlas here.");
+  });
+
+  test("computeIdentityContentHash is deterministic", () => {
+    workspaceFiles["IDENTITY.md"] = "test";
+    workspaceFiles["SOUL.md"] = "test2";
+    workspaceFiles["USER.md"] = "test3";
+
+    const hash1 = computeIdentityContentHash();
+    const hash2 = computeIdentityContentHash();
+    expect(hash1).toBe(hash2);
+    expect(hash1).toMatch(/^[a-f0-9]{64}$/); // SHA-256 hex
+  });
+
+  test("computeIdentityContentHash changes when file content changes", () => {
+    workspaceFiles["IDENTITY.md"] = "v1";
+    const hash1 = computeIdentityContentHash();
+
+    workspaceFiles["IDENTITY.md"] = "v2";
+    const hash2 = computeIdentityContentHash();
+
+    expect(hash1).not.toBe(hash2);
+  });
+
+  test("handles missing workspace files gracefully", () => {
+    // No files exist — should still work (empty content hashed)
+    setCachedIntro("Hello!");
+    const cached = getCachedIntro();
+    expect(cached).not.toBeNull();
+    expect(cached!.text).toBe("Hello!");
+  });
+
+  test("returns null when text checkpoint is missing", () => {
+    checkpointStore.set("identity:intro:content_hash", "abc");
+    checkpointStore.set("identity:intro:cached_at", String(Date.now()));
+    // Missing text — should return null
+    expect(getCachedIntro()).toBeNull();
+  });
+
+  test("returns null when hash checkpoint is missing", () => {
+    checkpointStore.set("identity:intro:text", "Hello");
+    checkpointStore.set("identity:intro:cached_at", String(Date.now()));
+    // Missing hash — should return null
+    expect(getCachedIntro()).toBeNull();
+  });
+
+  test("returns null when timestamp checkpoint is missing", () => {
+    checkpointStore.set("identity:intro:text", "Hello");
+    checkpointStore.set("identity:intro:content_hash", "abc");
+    // Missing timestamp — should return null
+    expect(getCachedIntro()).toBeNull();
+  });
+});