@vellumai/assistant 0.5.11 → 0.5.13

package/src/daemon/lifecycle.ts

@@ -8,6 +8,7 @@ import { setRelayBroadcast } from "../calls/relay-server.js";
 import { TwilioConversationRelayProvider } from "../calls/twilio-provider.js";
 import { setVoiceBridgeDeps } from "../calls/voice-session-bridge.js";
 import {
+  getPlatformAssistantId,
   getQdrantHttpPortEnv,
   getQdrantUrlEnv,
   getRuntimeHttpHost,
@@ -77,7 +78,11 @@ import {
 import { ensureVellumGuardianBinding } from "../runtime/guardian-vellum-migration.js";
 import { RuntimeHttpServer } from "../runtime/http-server.js";
 import { startScheduler } from "../schedule/scheduler.js";
-import { setCesClient } from "../security/secure-keys.js";
+import {
+  onCesClientChanged,
+  setCesClient,
+  setCesReconnect,
+} from "../security/secure-keys.js";
 import { seedCatalogSkillMemories } from "../skills/skill-memory.js";
 import { UsageTelemetryReporter } from "../telemetry/usage-telemetry-reporter.js";
 import { getDeviceId } from "../util/device-id.js";
@@ -194,11 +199,13 @@ export async function startCesProcess(
       // after hatch and stored in the credential store — CES can't read
       // the env var, so we pass it via the handshake.
       const proxyCtx = await resolveManagedProxyContext();
-      const { accepted, reason } = await client.handshake(
-        proxyCtx.assistantApiKey
+      const assistantId = getPlatformAssistantId();
+      const { accepted, reason } = await client.handshake({
+        ...(proxyCtx.assistantApiKey
           ? { assistantApiKey: proxyCtx.assistantApiKey }
-          : undefined,
-      );
+          : {}),
+        ...(assistantId ? { assistantId } : {}),
+      });
       if (abortController.signal.aborted) {
         client.close();
         throw new Error("CES initialization aborted during shutdown");
@@ -495,6 +502,43 @@ export async function runDaemon(): Promise<void> {
           setCesClient(client);
         }
       }
+
+      // Register CES reconnection callback so the credential layer can
+      // re-establish the connection when the transport dies, instead of
+      // falling back to the encrypted file store.
+      if (cesResult.processManager) {
+        const pm = cesResult.processManager;
+        setCesReconnect(async () => {
+          try {
+            await pm.stop();
+            const transport = await pm.start();
+            const newClient = createCesClient(transport);
+            const proxyCtx = await resolveManagedProxyContext();
+            const assistantId = getPlatformAssistantId();
+            const { accepted, reason } = await newClient.handshake({
+              ...(proxyCtx.assistantApiKey
+                ? { assistantApiKey: proxyCtx.assistantApiKey }
+                : {}),
+              ...(assistantId ? { assistantId } : {}),
+            });
+            if (accepted) {
+              log.info("CES reconnection handshake accepted");
+              return newClient;
+            }
+            log.warn({ reason }, "CES reconnection handshake rejected");
+            newClient.close();
+            await pm.stop().catch(() => {});
+            return undefined;
+          } catch (err) {
+            log.warn(
+              { error: err instanceof Error ? err.message : String(err) },
+              "CES reconnection attempt failed",
+            );
+            await pm.stop().catch(() => {});
+            return undefined;
+          }
+        });
+      }
     }
 
     await initializeProvidersAndTools(config);
@@ -504,6 +548,11 @@ export async function runDaemon(): Promise<void> {
     log.info("Daemon startup: starting DaemonServer");
     const server = new DaemonServer();
     server.setCes(await cesStartupPromise);
+
+    // Keep the server's CES client ref in sync after reconnection so that
+    // secret routes and new conversations use the fresh client.
+    onCesClientChanged((client) => server.updateCesClient(client));
+
     await server.start();
     log.info("Daemon startup: DaemonServer started");
 
@@ -851,6 +900,8 @@ export async function runDaemon(): Promise<void> {
         getHandlerContext: () => server.getHandlerContext(),
       }),
       getCesClient: () => server.getCesClient(),
+      onProviderCredentialsChanged: () =>
+        server.refreshConversationsForProviderChange(),
       getHeartbeatService: () => server.getHeartbeatService(),
     });
 

package/src/daemon/message-types/conversations.ts

@@ -372,6 +372,7 @@ export type ConversationErrorCode =
   | "PROVIDER_ORDERING"
   | "PROVIDER_WEB_SEARCH"
   | "PROVIDER_NOT_CONFIGURED"
+  | "MANAGED_KEY_INVALID"
   | "CONTEXT_TOO_LARGE"
   | "CONVERSATION_ABORTED"
   | "CONVERSATION_PROCESSING_FAILED"

package/src/daemon/message-types/guardian-actions.ts

@@ -47,6 +47,8 @@ export interface GuardianActionDecisionResponse {
   resolverFailureReason?: string;
   requestId?: string;
   userText?: string;
+  /** Resolver reply text for the guardian (e.g. verification code for access requests). */
+  replyText?: string;
 }
 
 // --- Domain-level union aliases (consumed by the barrel file) ---

package/src/daemon/message-types/host-bash.ts

@@ -15,6 +15,11 @@ export interface HostBashRequest {
   env?: Record<string, string>;
 }
 
+export interface HostBashCancelRequest {
+  type: "host_bash_cancel";
+  requestId: string;
+}
+
 // --- Domain-level union aliases (consumed by the barrel file) ---
 
-export type _HostBashServerMessages = HostBashRequest;
+export type _HostBashServerMessages = HostBashRequest | HostBashCancelRequest;

package/src/daemon/message-types/host-cu.ts

@@ -14,6 +14,11 @@ export interface HostCuRequest {
   reasoning?: string;
 }
 
+export interface HostCuCancelRequest {
+  type: "host_cu_cancel";
+  requestId: string;
+}
+
 // --- Domain-level union aliases (consumed by the barrel file) ---
 
-export type _HostCuServerMessages = HostCuRequest;
+export type _HostCuServerMessages = HostCuRequest | HostCuCancelRequest;

package/src/daemon/message-types/host-file.ts

@@ -39,6 +39,11 @@ export type HostFileRequest =
   | HostFileWriteRequest
   | HostFileEditRequest;
 
+export interface HostFileCancelRequest {
+  type: "host_file_cancel";
+  requestId: string;
+}
+
 // --- Domain-level union aliases (consumed by the barrel file) ---
 
-export type _HostFileServerMessages = HostFileRequest;
+export type _HostFileServerMessages = HostFileRequest | HostFileCancelRequest;

package/src/daemon/message-types/integrations.ts

@@ -188,7 +188,6 @@ export interface IntegrationConnectResult {
   accountInfo?: string | null;
   error?: string | null;
   setupRequired?: boolean;
-  setupSkillId?: string;
   setupHint?: string;
 }
 

package/src/daemon/server.ts

@@ -256,6 +256,8 @@ export class DaemonServer {
   private cesClientPromise?: Promise<CesClient | undefined>;
   private cesInitAbortController?: AbortController;
   private cesClientRef?: CesClient;
+  /** Monotonically increasing counter to detect stale client updates. */
+  private cesClientGeneration = 0;
 
   /**
    * Logical assistant identifier used when publishing to the assistant-events hub.
@@ -279,9 +281,14 @@ export class DaemonServer {
     // Wrap the external promise so that cesClientRef stays in sync once the
     // handshake completes — the async work runs in lifecycle.ts but the
     // server needs the resolved client reference for getCesClient().
+    // Use a generation snapshot so a late-resolving promise doesn't overwrite
+    // a newer client set by updateCesClient().
     if (result.clientPromise) {
+      const gen = this.cesClientGeneration;
       this.cesClientPromise = result.clientPromise.then((client) => {
-        this.cesClientRef = client;
+        if (this.cesClientGeneration === gen) {
+          this.cesClientRef = client;
+        }
         return client;
       });
     }
@@ -295,6 +302,17 @@ export class DaemonServer {
     return this.cesClientRef;
   }
 
+  /**
+   * Update the CES client reference after a successful reconnection.
+   * Called via the `onCesClientChanged` listener registered in lifecycle.ts.
+   * Bumps the generation counter so any pending setCes().then() callback
+   * won't overwrite this newer client.
+   */
+  updateCesClient(client: CesClient | undefined): void {
+    this.cesClientGeneration++;
+    this.cesClientRef = client;
+  }
+
   /** Optional heartbeat service reference for "Run Now" from the UI. */
   private _heartbeatService?: HeartbeatService;
 
@@ -319,7 +337,7 @@ export class DaemonServer {
   }
 
   private applyTransportMetadata(
-    _conversation: Conversation,
+    conversation: Conversation,
     options: ConversationCreateOptions | undefined,
   ): void {
     const transport = options?.transport;
@@ -328,6 +346,7 @@ export class DaemonServer {
       { channelId: transport.channelId },
       "Transport metadata received",
     );
+    conversation.setTransportHints(transport.hints);
   }
 
   constructor() {
@@ -683,6 +702,14 @@ export class DaemonServer {
     return changed;
   }
 
+  /**
+   * Provider instances are captured when conversations are created, so a key
+   * change must evict or mark them stale before the next turn.
+   */
+  refreshConversationsForProviderChange(): void {
+    this.evictConversationsForReload();
+  }
+
   private async getOrCreateConversation(
     conversationId: string,
     options?: ConversationCreateOptions,

package/src/hooks/cli.ts

@@ -14,9 +14,33 @@ const log = getCliLogger("hooks");
 export function registerHooksCommand(program: Command): void {
   const hooks = program.command("hooks").description("Manage hooks");
 
+  hooks.addHelpText(
+    "after",
+    `
+Hooks are user-installed scripts that run in response to assistant lifecycle
+events (e.g. tool invocations, message sends). Each hook is a directory
+containing a hook.json manifest and a script file. Hooks are stored in
+~/.vellum/hooks/ and must be explicitly enabled after installation.
+
+Examples:
+  $ assistant hooks list
+  $ assistant hooks install ./my-hook
+  $ assistant hooks enable my-hook
+  $ assistant hooks disable my-hook`,
+  );
+
   hooks
     .command("list")
     .description("List all installed hooks")
+    .addHelpText(
+      "after",
+      `
+Displays a table of all installed hooks with their name, subscribed events,
+enabled status, and version.
+
+Examples:
+  $ assistant hooks list`,
+    )
     .action(() => {
       const discovered = discoverHooks();
       if (discovered.length === 0) {
@@ -53,6 +77,17 @@ export function registerHooksCommand(program: Command): void {
   hooks
     .command("enable <name>")
     .description("Enable a hook")
+    .addHelpText(
+      "after",
+      `
+Arguments:
+  name   Hook name as shown by 'assistant hooks list'
+
+Enables a previously installed hook so it runs on matching events.
+
+Examples:
+  $ assistant hooks enable my-hook`,
+    )
     .action((name: string) => {
       const discovered = discoverHooks();
       const hook = discovered.find((h) => h.name === name);
@@ -67,6 +102,18 @@ export function registerHooksCommand(program: Command): void {
   hooks
     .command("disable <name>")
     .description("Disable a hook")
+    .addHelpText(
+      "after",
+      `
+Arguments:
+  name   Hook name as shown by 'assistant hooks list'
+
+Disables a hook so it no longer runs on events. The hook remains installed
+and can be re-enabled later.
+
+Examples:
+  $ assistant hooks disable my-hook`,
+    )
     .action((name: string) => {
       const discovered = discoverHooks();
       const hook = discovered.find((h) => h.name === name);
@@ -81,6 +128,21 @@ export function registerHooksCommand(program: Command): void {
   hooks
     .command("install <path>")
     .description("Install a hook from a directory")
+    .addHelpText(
+      "after",
+      `
+Arguments:
+  path   Path to a directory containing a hook.json manifest and a script file.
+         The manifest must have name, script, description, version, and at
+         least one valid event.
+
+Copies the hook directory into ~/.vellum/hooks/<name>/ and registers it as
+disabled by default. Run 'assistant hooks enable <name>' to activate.
+
+Examples:
+  $ assistant hooks install ./my-hook
+  $ assistant hooks install /path/to/custom-hook`,
+    )
     .action((hookPath: string) => {
       const srcDir = resolve(hookPath);
       if (!pathExists(srcDir)) {
@@ -146,6 +208,18 @@ export function registerHooksCommand(program: Command): void {
   hooks
     .command("remove <name>")
     .description("Remove an installed hook")
+    .addHelpText(
+      "after",
+      `
+Arguments:
+  name   Hook name as shown by 'assistant hooks list'
+
+Permanently deletes the hook directory and removes it from configuration.
+Prompts for confirmation before proceeding.
+
+Examples:
+  $ assistant hooks remove my-hook`,
+    )
     .action(async (name: string) => {
       const discovered = discoverHooks();
       const hook = discovered.find((h) => h.name === name);

package/src/inbound/platform-callback-registration.ts

@@ -204,18 +204,13 @@ export async function resolveCallbackUrl(
     }
     return url;
   } catch (err) {
-    log.warn(
-      { err, callbackPath, type },
-      "Failed to register platform callback route, falling back to direct URL",
+    // In managed/containerized mode there is no local-ingress fallback and
+    // ngrok is not applicable. Surface a clear error so callers (and the
+    // user) understand this is a platform-side issue, not a tunnel problem.
+    const detail = err instanceof Error ? err.message : String(err);
+    throw new Error(
+      `Managed callback route registration failed: ${detail}. ` +
+        `Please contact support if this problem persists.`,
     );
-    try {
-      return directUrl();
-    } catch (fallbackErr) {
-      log.error(
-        { fallbackErr, callbackPath, type },
-        "Direct URL fallback also failed after platform registration failure",
-      );
-      throw err;
-    }
   }
 }

package/src/index.ts

@@ -1,17 +1,5 @@
 #!/usr/bin/env bun
 
 import { buildCliProgram } from "./cli/program.js";
-import { resolveInstanceDataDir } from "./util/platform.js";
-
-// Auto-resolve BASE_DATA_DIR from the lockfile when running as a standalone CLI.
-// The daemon always has BASE_DATA_DIR set by the launcher (cli/src/lib/local.ts),
-// but the CLI process doesn't — so credential commands and other path-dependent
-// operations would read from ~/.vellum instead of the instance-scoped directory.
-if (!process.env.BASE_DATA_DIR) {
-  const instanceDir = resolveInstanceDataDir();
-  if (instanceDir) {
-    process.env.BASE_DATA_DIR = instanceDir;
-  }
-}
 
 buildCliProgram().parse();

package/src/mcp/client.ts

@@ -159,12 +159,17 @@ export class McpClient {
   async callTool(
     name: string,
     args: Record<string, unknown>,
+    signal?: AbortSignal,
   ): Promise<McpCallResult> {
     if (!this.connected) {
       throw new Error(`MCP client "${this.serverId}" is not connected`);
     }
 
-    const result = await this.client.callTool({ name, arguments: args });
+    const result = await this.client.callTool(
+      { name, arguments: args },
+      undefined,
+      signal ? { signal } : undefined,
+    );
     const isError = result.isError === true;
 
     // Handle structuredContent if present

package/src/mcp/manager.ts

@@ -127,12 +127,13 @@ export class McpServerManager {
     serverId: string,
     toolName: string,
     args: Record<string, unknown>,
+    signal?: AbortSignal,
   ) {
     const client = this.clients.get(serverId);
     if (!client) {
       throw new Error(`MCP server "${serverId}" not found`);
     }
-    return client.callTool(toolName, args);
+    return client.callTool(toolName, args, signal);
   }
 
   getClient(serverId: string): McpClient | undefined {

package/src/memory/conversation-crud.ts

@@ -10,6 +10,7 @@ import {
   gte,
   inArray,
   isNull,
+  lt,
   lte,
   sql,
 } from "drizzle-orm";
@@ -314,6 +315,22 @@ export function getConversation(id: string): ConversationRow | null {
   return row ? parseConversation(row) : null;
 }
 
+/**
+ * Count conversations that reference a given schedule job ID.
+ * Useful for determining whether a schedule can be safely deleted
+ * (i.e. no other conversations still reference it).
+ */
+export function countConversationsByScheduleJobId(
+  scheduleJobId: string,
+): number {
+  return (
+    rawGet<{ c: number }>(
+      "SELECT COUNT(*) AS c FROM conversations WHERE schedule_job_id = ?",
+      scheduleJobId,
+    )?.c ?? 0
+  );
+}
+
 export function getConversationType(
   conversationId: string,
 ): "standard" | "private" {
@@ -1096,6 +1113,77 @@ export function getMessages(conversationId: string): MessageRow[] {
     .map(parseMessage);
 }
 
+export interface PaginatedMessagesResult {
+  messages: MessageRow[];
+  hasMore: boolean;
+}
+
+export function getMessagesPaginated(
+  conversationId: string,
+  limit: number | undefined,
+  beforeTimestamp?: number,
+): PaginatedMessagesResult {
+  const db = getDb();
+
+  if (limit === undefined) {
+    const conditions = [eq(messages.conversationId, conversationId)];
+    if (beforeTimestamp !== undefined) {
+      conditions.push(lt(messages.createdAt, beforeTimestamp));
+    }
+    const rows = db
+      .select()
+      .from(messages)
+      .where(and(...conditions))
+      .orderBy(asc(messages.createdAt))
+      .all()
+      .map(parseMessage);
+    return { messages: rows, hasMore: false };
+  }
+
+  const conditions = [eq(messages.conversationId, conversationId)];
+  if (beforeTimestamp !== undefined) {
+    conditions.push(lt(messages.createdAt, beforeTimestamp));
+  }
+
+  const rows = db
+    .select()
+    .from(messages)
+    .where(and(...conditions))
+    .orderBy(desc(messages.createdAt))
+    .limit(limit + 1)
+    .all()
+    .map(parseMessage);
+
+  const hasMore = rows.length > limit;
+  if (hasMore) {
+    rows.splice(limit);
+  }
+  rows.reverse();
+
+  return { messages: rows, hasMore };
+}
+
+export function getLastAssistantTimestampBefore(
+  conversationId: string,
+  beforeTimestamp: number,
+): number {
+  const db = getDb();
+  const row = db
+    .select({ createdAt: messages.createdAt })
+    .from(messages)
+    .where(
+      and(
+        eq(messages.conversationId, conversationId),
+        eq(messages.role, "assistant"),
+        lt(messages.createdAt, beforeTimestamp),
+      ),
+    )
+    .orderBy(desc(messages.createdAt))
+    .limit(1)
+    .get();
+  return row?.createdAt ?? 0;
+}
+
 /** Fetch a single message by ID, optionally scoped to a specific conversation. */
 export function getMessageById(
   messageId: string,
@@ -1745,9 +1833,10 @@ export function getTurnTimeBounds(
   // beyond any surviving message. Cap at 30 minutes to avoid sweeping in
   // logs from a much later turn.
   const MAX_TURN_DURATION_MS = 30 * 60 * 1000;
-  const hardCeiling = nextTurnStart != null && nextTurnStart > startTime
-    ? nextTurnStart - 1
-    : startTime + MAX_TURN_DURATION_MS;
+  const hardCeiling =
+    nextTurnStart != null && nextTurnStart > startTime
+      ? nextTurnStart - 1
+      : startTime + MAX_TURN_DURATION_MS;
 
   if (hardCeiling > endTime) {
     const latestLog = db

package/src/memory/conversation-key-store.ts

@@ -7,14 +7,23 @@
  * first contact.
  */
 
+import { existsSync, unlinkSync } from "node:fs";
+
 import { eq } from "drizzle-orm";
 import { v4 as uuid } from "uuid";
 
+import { getLogger } from "../util/logger.js";
+import { getWorkspacePromptPath } from "../util/platform.js";
 import { initConversationDir } from "./conversation-disk-view.js";
 import { GENERATING_TITLE } from "./conversation-title-service.js";
 import { getDb } from "./db.js";
 import { conversationKeys, conversations } from "./schema.js";
 
+const log = getLogger("conversation-key-store");
+
+/** Set after the first conversation is created so BOOTSTRAP.md is deleted on the second. */
+let firstConversationSeen = false;
+
 export interface ConversationKeyMapping {
   id: string;
   conversationKey: string;
@@ -190,6 +199,23 @@ export function getOrCreateConversation(
       };
     }
 
+    // Delete BOOTSTRAP.md when a non-first conversation is created.
+    // The first conversation is the onboarding one; keep BOOTSTRAP.md
+    // for its entire duration. Any subsequent conversation means
+    // onboarding is over.
+    if (firstConversationSeen) {
+      const bp = getWorkspacePromptPath("BOOTSTRAP.md");
+      if (existsSync(bp)) {
+        try {
+          unlinkSync(bp);
+          log.info("Deleted BOOTSTRAP.md — onboarding conversation ended");
+        } catch {
+          // Best-effort
+        }
+      }
+    }
+    firstConversationSeen = true;
+
     const now = Date.now();
     const conversationId = uuid();
     const title = GENERATING_TITLE;

package/src/memory/conversation-queries.ts

@@ -26,13 +26,13 @@ function buildFtsMatchQuery(text: string): string | null {
 
 export function listConversations(
   limit?: number,
-  includeBackground = false,
+  backgroundOnly = false,
   offset = 0,
 ): ConversationRow[] {
   ensureDisplayOrderMigration();
   const db = getDb();
-  const where = includeBackground
-    ? undefined
+  const where = backgroundOnly
+    ? sql`${conversations.conversationType} = 'background'`
     : sql`${conversations.conversationType} NOT IN ('background', 'private')`;
   const query = db
     .select()
@@ -44,10 +44,10 @@ export function listConversations(
   return query.all().map(parseConversation);
 }
 
-export function countConversations(includeBackground = false): number {
+export function countConversations(backgroundOnly = false): number {
   const db = getDb();
-  const where = includeBackground
-    ? undefined
+  const where = backgroundOnly
+    ? sql`${conversations.conversationType} = 'background'`
     : sql`${conversations.conversationType} NOT IN ('background', 'private')`;
   const [{ total }] = db
     .select({ total: count() })

package/src/memory/db-init.ts

@@ -71,6 +71,7 @@ import {
   migrateDropMemorySegmentFts,
   migrateDropOrphanedMediaTables,
   migrateDropRemindersTable,
+  migrateDropSetupSkillIdColumn,
   migrateDropSimplifiedMemory,
   migrateDropUsageCompositeIndexes,
   migrateFkCascadeRebuilds,
@@ -89,10 +90,12 @@ import {
   migrateLlmRequestLogMessageId,
   migrateLlmRequestLogProvider,
   migrateMemoryItemSupersession,
+  migrateMessagesConversationCreatedAtIndex,
   migrateMessagesFtsBackfill,
   migrateNormalizePhoneIdentities,
   migrateNotificationDeliveryThreadDecision,
   migrateOAuthAppsClientSecretPath,
+  migrateOAuthProvidersBehaviorColumns,
   migrateOAuthProvidersDisplayMetadata,
   migrateOAuthProvidersManagedServiceConfigKey,
   migrateOAuthProvidersPingConfig,
@@ -117,6 +120,7 @@ import {
   migrateScheduleOneShotRouting,
   migrateScheduleQuietFlag,
   migrateSchemaIndexesAndColumns,
+  migrateStripIntegrationPrefixFromProviderKeys,
   migrateUsageDashboardIndexes,
   migrateVoiceInviteColumns,
   migrateVoiceInviteDisplayMetadata,
@@ -516,6 +520,18 @@ export function initializeDb(): void {
   // 92. Add ping_method, ping_headers, ping_body columns to oauth_providers
   migrateOAuthProvidersPingConfig(database);
 
+  // 93. Strip `integration:` prefix from provider_key across OAuth tables
+  migrateStripIntegrationPrefixFromProviderKeys(database);
+
+  // 94. Composite index on messages(conversation_id, created_at) for paginated history queries
+  migrateMessagesConversationCreatedAtIndex(database);
+
+  // 95. Add behavioral config columns to oauth_providers (loopback port, injection templates, setup metadata, identity verification)
+  migrateOAuthProvidersBehaviorColumns(database);
+
+  // 96. Drop the setup_skill_id column from oauth_providers (concept removed)
+  migrateDropSetupSkillIdColumn(database);
+
   validateMigrationState(database);
 
   if (process.env.BUN_TEST === "1") {