@vellumai/assistant 0.5.13 → 0.5.15

package/src/daemon/daemon-control.ts

@@ -2,21 +2,23 @@ import { execSync, spawn } from "node:child_process";
 import {
   closeSync,
   existsSync,
-  mkdirSync,
   openSync,
   readFileSync,
   unlinkSync,
   writeFileSync,
 } from "node:fs";
-import { join, resolve } from "node:path";
+import { resolve } from "node:path";
 
 import { getRuntimeHttpHost, getRuntimeHttpPort } from "../config/env.js";
 import { getIsContainerized } from "../config/env-registry.js";
+import { loadOrCreateSigningKey } from "../runtime/auth/token-service.js";
 import { DaemonError } from "../util/errors.js";
 import { getLogger } from "../util/logger.js";
 import {
+  ensureDataDir,
+  getDaemonStartupLockPath,
+  getDaemonStderrLogPath,
   getPidPath,
-  getRootDir,
   getWorkspaceConfigPath,
 } from "../util/platform.js";
 
@@ -66,7 +68,7 @@ function readDaemonTimeouts(): typeof DAEMON_TIMEOUT_DEFAULTS {
 /**
  * Kill the stale daemon recorded in this workspace's PID file, if any.
  * Only targets the exact PID from our PID file — never scans globally —
- * so isolated daemons (e.g., dev instances with a different BASE_DATA_DIR)
+ * so isolated daemons (e.g., dev instances with a different VELLUM_WORKSPACE_DIR)
  * are never affected.
  */
 function killStaleDaemon(): void {
@@ -240,7 +242,7 @@ export async function getDaemonStatus(): Promise<{
 }
 
 function getStartupLockPath(): string {
-  return join(getRootDir(), "daemon-startup.lock");
+  return getDaemonStartupLockPath();
 }
 
 /** Attempt to acquire a startup lock. Returns true on success. Stale locks
@@ -253,7 +255,7 @@ function acquireStartupLock(): boolean {
     // On a first-time run, getRootDir() may not exist yet, and writeFileSync
     // with 'wx' would throw ENOENT — which the catch block misinterprets as
     // "lock already held."
-    mkdirSync(getRootDir(), { recursive: true });
+    ensureDataDir();
     // O_CREAT | O_EXCL — fails atomically if the file already exists.
     writeFileSync(lockPath, String(Date.now()), { flag: "wx" });
     return true;
@@ -343,29 +345,43 @@ async function startDaemonLocked(): Promise<{
   // a crash where the process is alive but non-responsive).
   killStaleDaemon();
 
-  // Only create the root dir for PID files — the daemon process itself
-  // handles migration + full ensureDataDir() in runDaemon(). Calling
-  // ensureDataDir() here would pre-create workspace destination dirs
-  // and cause migration moves to no-op.
-  const rootDir = getRootDir();
-  if (!existsSync(rootDir)) {
-    mkdirSync(rootDir, { recursive: true });
-  }
+  // Ensure root + workspace dirs exist before spawning. The daemon itself
+  // handles full ensureDataDir() during runDaemon(), but we need at least
+  // the root dir for the PID file and stderr log.
+  ensureDataDir();
 
   // Spawn the daemon as a detached child process
   const mainPath = resolve(import.meta.dirname ?? __dirname, "main.ts");
 
+  // Pre-load the signing key so the daemon receives it via env var and
+  // never needs to access the protected directory for key material.
+  // Done before opening stderrFd to avoid leaking the file descriptor if
+  // loadOrCreateSigningKey throws.
+  const spawnEnv = { ...process.env };
+  if (!spawnEnv.ACTOR_TOKEN_SIGNING_KEY) {
+    try {
+      const key = loadOrCreateSigningKey();
+      spawnEnv.ACTOR_TOKEN_SIGNING_KEY = key.toString("hex");
+    } catch (err) {
+      throw new DaemonError(
+        `Failed to pre-load signing key for daemon: ${
+          err instanceof Error ? err.message : String(err)
+        }`,
+      );
+    }
+  }
+
   // Redirect the child's stderr to a file instead of piping it back to the
   // parent. A pipe's read end is destroyed when the parent exits, leaving
   // fd 2 broken in the child. Bun (unlike Node.js) does not ignore SIGPIPE,
   // so any later stderr write would silently kill the daemon.
-  const stderrPath = join(rootDir, "daemon-stderr.log");
+  const stderrPath = getDaemonStderrLogPath();
   const stderrFd = openSync(stderrPath, "w");
 
   const child = spawn("bun", ["run", mainPath], {
     detached: true,
     stdio: ["ignore", "ignore", stderrFd],
-    env: { ...process.env },
+    env: spawnEnv,
   });
 
   // The child inherited the fd; close the parent's copy.

package/src/daemon/date-context.ts

@@ -18,14 +18,14 @@ export interface TemporalContextOptions {
   userTimeZone?: string | null;
 }
 
-const WEEKDAY_NAMES = [
-  "Sunday",
-  "Monday",
-  "Tuesday",
-  "Wednesday",
-  "Thursday",
-  "Friday",
-  "Saturday",
+const WEEKDAY_SHORT = [
+  "Sun",
+  "Mon",
+  "Tue",
+  "Wed",
+  "Thu",
+  "Fri",
+  "Sat",
 ] as const;
 const UTC_GMT_OFFSET_TOKEN_RE = /^(?:UTC|GMT)([+-])(\d{1,2})(?::?(\d{2}))?$/i;
 
@@ -183,35 +183,41 @@ const TIMEZONE_TOKEN_RE = new RegExp(
 );
 
 /**
- * Extract the user's timezone from V2 memory recall injected text.
+ * Extract the user's timezone from memory recall injected text.
  *
- * Scans the `<user_identity>` section (if present) for lines containing
- * "timezone" and tries to resolve an IANA identifier. Falls back to
- * scanning the full text body.
+ * Prefers identity items (`<item kind="identity" ...>`) rendered inside the
+ * `<recalled>` section of `<memory_context>`. Falls back to scanning the
+ * full injected text for lines mentioning "timezone".
  */
 export function extractUserTimeZoneFromRecall(
   injectedText: string,
 ): string | null {
   if (!injectedText || injectedText.trim().length === 0) return null;
 
-  // Prefer lines inside <user_identity> that mention "timezone"
-  const identityMatch = injectedText.match(
-    /<user_identity>([\s\S]*?)<\/user_identity>/,
-  );
-  if (identityMatch) {
-    const identityBlock = identityMatch[1];
-    for (const line of identityBlock.split("\n")) {
-      if (/time\s*zone/i.test(line)) {
-        for (const token of extractTimeZoneCandidates(line)) {
+  // Prefer identity items: <item ... kind="identity" ...>content</item>
+  const identityItemRe = /<item\s[^>]*kind="identity"[^>]*>([\s\S]*?)<\/item>/g;
+  let match: RegExpExecArray | null;
+  const identityTexts: string[] = [];
+  while ((match = identityItemRe.exec(injectedText)) !== null) {
+    identityTexts.push(match[1]);
+  }
+
+  if (identityTexts.length > 0) {
+    // First pass: identity items whose text mentions "timezone"
+    for (const text of identityTexts) {
+      if (/time\s*zone/i.test(text)) {
+        for (const token of extractTimeZoneCandidates(text)) {
           const canonical = canonicalizeTimeZone(token);
           if (canonical) return canonical;
         }
       }
     }
-    // Scan full identity block for any timezone token
-    for (const token of extractTimeZoneCandidates(identityBlock)) {
-      const canonical = canonicalizeTimeZone(token);
-      if (canonical) return canonical;
+    // Second pass: any timezone token in any identity item
+    for (const text of identityTexts) {
+      for (const token of extractTimeZoneCandidates(text)) {
+        const canonical = canonicalizeTimeZone(token);
+        if (canonical) return canonical;
+      }
     }
   }
 
@@ -284,30 +290,25 @@ function formatLocalDate(date: Date, timeZone: string): string {
 }
 
 /**
- * Format a Date as local ISO 8601 with timezone offset in the given timezone.
+ * Format HH:MM and UTC offset for the given instant in the given timezone.
  */
-function formatLocalIsoWithOffset(date: Date, timeZone: string): string {
+function formatCompactTimeAndOffset(
+  date: Date,
+  timeZone: string,
+): { time: string; offset: string } {
   const fmt = new Intl.DateTimeFormat("en-US", {
     timeZone,
-    year: "numeric",
-    month: "2-digit",
-    day: "2-digit",
     hour: "2-digit",
     minute: "2-digit",
-    second: "2-digit",
     hourCycle: "h23",
     timeZoneName: "shortOffset",
   });
   const parts = fmt.formatToParts(date);
   const get = (t: string) => parts.find((p) => p.type === t)?.value ?? "";
-  const offset = normalizeOffsetToken(get("timeZoneName"));
-  const year = get("year");
-  const month = get("month");
-  const day = get("day");
   const hour = get("hour");
   const minute = get("minute");
-  const second = get("second");
-  return `${year}-${month}-${day}T${hour}:${minute}:${second}${offset}`;
+  const offset = normalizeOffsetToken(get("timeZoneName"));
+  return { time: `${hour}:${minute}`, offset };
 }
 
 /**
@@ -345,22 +346,23 @@ export function buildTemporalContext(
         : "assistant_host_fallback";
   const todayParts = localDateParts(now, timeZone);
   const todayStr = formatLocalDate(now, timeZone);
-  const todayWeekday = WEEKDAY_NAMES[todayParts.weekday];
+  const todayWeekday = WEEKDAY_SHORT[todayParts.weekday];
+  const { time, offset } = formatCompactTimeAndOffset(now, timeZone);
+
+  const tzSuffix =
+    timeZoneSource === "assistant_host_fallback" ? " (host fallback)" : "";
 
   const lines = [
     `<temporal_context>`,
-    `Today: ${todayStr} (${todayWeekday})`,
-    `Timezone: ${timeZone}`,
-    `Current local time: ${formatLocalIsoWithOffset(now, timeZone)}`,
-    `Current UTC time: ${now.toISOString()}`,
-    `Timezone source: ${timeZoneSource}`,
+    `Today: ${todayStr} (${todayWeekday}) ${time} ${offset}`,
+    `TZ: ${timeZone}${tzSuffix}`,
   ];
 
   if (userTimeZone && userTimeZone !== timeZone) {
-    lines.push(`User timezone: ${userTimeZone}`);
+    lines.push(`User TZ: ${userTimeZone}`);
   }
   if (resolvedHostTimeZone !== timeZone) {
-    lines.push(`Assistant host timezone: ${resolvedHostTimeZone}`);
+    lines.push(`Host TZ: ${resolvedHostTimeZone}`);
   }
 
   lines.push(`</temporal_context>`);

package/src/daemon/dictation-profile-store.ts

@@ -16,7 +16,7 @@ import {
 import { dirname, join } from "node:path";
 
 import { getLogger } from "../util/logger.js";
-import { getRootDir } from "../util/platform.js";
+import { getWorkspaceDir } from "../util/platform.js";
 
 const log = getLogger("dictation-profile-store");
 
@@ -97,7 +97,7 @@ let storePathOverride: string | null = null;
 
 function getStorePath(): string {
   if (storePathOverride) return storePathOverride;
-  return join(getRootDir(), "dictation-profiles.json");
+  return join(getWorkspaceDir(), "dictation-profiles.json");
 }
 
 let cachedConfig: DictationProfilesConfig | null = null;

package/src/daemon/handlers/conversations.ts

@@ -24,7 +24,9 @@ import {
   UNTITLED_FALLBACK,
 } from "../../memory/conversation-title-service.js";
 import * as pendingInteractions from "../../runtime/pending-interactions.js";
+import { redactSecrets } from "../../security/secret-scanner.js";
 import { getSubagentManager } from "../../subagent/index.js";
+import { summarizeToolInput } from "../../tools/tool-input-summary.js";
 import { truncate } from "../../util/truncate.js";
 import type { Conversation } from "../conversation.js";
 import { HostBashProxy } from "../host-bash-proxy.js";
@@ -84,6 +86,14 @@ export function makeEventSender(params: {
 
         try {
           const trustContext = conversation.trustContext;
+          const inputRecord = event.input as Record<string, unknown>;
+          const activityRaw =
+            (typeof inputRecord.activity === "string"
+              ? inputRecord.activity
+              : undefined) ??
+            (typeof inputRecord.reason === "string"
+              ? inputRecord.reason
+              : undefined);
           createCanonicalGuardianRequest({
             id: event.requestId,
             kind: "tool_approval",
@@ -92,6 +102,15 @@ export function makeEventSender(params: {
             conversationId,
             guardianPrincipalId: trustContext?.guardianPrincipalId ?? undefined,
             toolName: event.toolName,
+            commandPreview:
+              redactSecrets(
+                summarizeToolInput(event.toolName, inputRecord),
+              ) || undefined,
+            riskLevel: event.riskLevel,
+            activityText: activityRaw
+              ? redactSecrets(activityRaw)
+              : undefined,
+            executionTarget: event.executionTarget,
             status: "pending",
             requestCode: generateCanonicalRequestCode(),
             expiresAt: Date.now() + 5 * 60 * 1000,

package/src/daemon/handlers/shared.ts

@@ -1,6 +1,7 @@
 import { v4 as uuid } from "uuid";
 
 import { getConfig } from "../../config/loader.js";
+import type { Speed } from "../../config/schemas/inference.js";
 import type { HeartbeatService } from "../../heartbeat/heartbeat-service.js";
 import type { SecretPromptResult } from "../../permissions/secret-prompter.js";
 import type { AuthContext } from "../../runtime/auth/types.js";
@@ -91,27 +92,8 @@ export interface RenderedHistoryContent {
   contentOrder: string[];
   /** UI surfaces (widgets) embedded in the message. */
   surfaces: HistorySurface[];
-}
-
-export interface SubagentNotificationData {
-  subagentId: string;
-  label: string;
-  status: "completed" | "failed" | "aborted";
-  error?: string;
-  conversationId?: string;
-}
-
-export interface ParsedHistoryMessage {
-  id?: string;
-  role: string;
-  text: string;
-  timestamp: number;
-  toolCalls: HistoryToolCall[];
-  toolCallsBeforeText: boolean;
-  textSegments: string[];
-  contentOrder: string[];
-  surfaces: HistorySurface[];
-  subagentNotification?: SubagentNotificationData;
+  /** Thinking segments extracted from thinking blocks. */
+  thinkingSegments: string[];
 }
 
 /**
@@ -120,6 +102,7 @@ export interface ParsedHistoryMessage {
 export interface ConversationCreateOptions {
   systemPromptOverride?: string;
   maxResponseTokens?: number;
+  speed?: Speed;
   transport?: ConversationTransportMetadata;
   assistantId?: string;
   trustContext?: TrustContext;
@@ -220,6 +203,7 @@ export function renderHistoryContent(content: unknown): RenderedHistoryContent {
       textSegments: text ? [text] : [],
       contentOrder: text ? ["text:0"] : [],
       surfaces: [],
+      thinkingSegments: [],
     };
   }
 
@@ -227,6 +211,7 @@ export function renderHistoryContent(content: unknown): RenderedHistoryContent {
   const attachmentParts: string[] = [];
   const toolCalls: HistoryToolCall[] = [];
   const surfaces: HistorySurface[] = [];
+  const thinkingSegments: string[] = [];
   const pendingToolUses = new Map<string, HistoryToolCall>();
   let seenText = false;
   let seenToolUse = false;
@@ -300,6 +285,13 @@ export function renderHistoryContent(content: unknown): RenderedHistoryContent {
       continue;
     }
 
+    if (block.type === "thinking" && typeof block.thinking === "string") {
+      finalizeSegment();
+      thinkingSegments.push(block.thinking);
+      contentOrder.push(`thinking:${thinkingSegments.length - 1}`);
+      continue;
+    }
+
     if (block.type === "text" && typeof block.text === "string") {
       textParts.push(block.text);
       ensureSegment();
@@ -410,6 +402,7 @@ export function renderHistoryContent(content: unknown): RenderedHistoryContent {
     textSegments,
     contentOrder,
     surfaces,
+    thinkingSegments,
   };
 }
 

package/src/daemon/lifecycle.ts

@@ -1,5 +1,3 @@
-import { join } from "node:path";
-
 import { config as dotenvConfig } from "dotenv";
 
 import { setPointerMessageProcessor } from "../calls/call-pointer-messages.js";
@@ -89,8 +87,8 @@ import { getDeviceId } from "../util/device-id.js";
 import { getLogger, initLogger } from "../util/logger.js";
 import {
   ensureDataDir,
+  getDotEnvPath,
   getInterfacesDir,
-  getRootDir,
   getWorkspaceDir,
 } from "../util/platform.js";
 import {
@@ -149,7 +147,7 @@ export {
 const log = getLogger("lifecycle");
 
 function loadDotEnv(): void {
-  dotenvConfig({ path: join(getRootDir(), ".env"), quiet: true });
+  dotenvConfig({ path: getDotEnvPath(), quiet: true });
 }
 
 export interface CesStartupResult {
@@ -266,8 +264,7 @@ export async function runDaemon(): Promise<void> {
     ensureDataDir();
 
     // Load (or generate + persist) the auth signing key so tokens survive
-    // daemon restarts. Must happen after ensureDataDir() creates the
-    // protected directory.
+    // daemon restarts.
     const signingKey = resolveSigningKey();
     initAuthSigningKey(signingKey);
 
@@ -1155,12 +1152,13 @@ export async function runDaemon(): Promise<void> {
 
     const heartbeatConfig = config.heartbeat;
     const heartbeat = new HeartbeatService({
-      processMessage: (conversationId, content) =>
+      processMessage: (conversationId, content, options) =>
         server.processMessage(conversationId, content, undefined, {
           trustContext: {
             sourceChannel: "vellum",
             trustClass: "guardian",
           },
+          ...options,
         }),
       alerter: (alert) => server.broadcast(alert),
       onConversationCreated: (info) =>

package/src/daemon/message-types/conversations.ts

@@ -341,6 +341,8 @@ export interface UsageUpdate {
   totalOutputTokens: number;
   estimatedCost: number;
   model: string;
+  contextWindowTokens?: number;
+  contextWindowMaxTokens?: number;
 }
 
 export interface UsageResponse {

package/src/daemon/message-types/guardian-actions.ts

@@ -2,6 +2,8 @@
 // Enables desktop clients to fetch pending guardian prompts and submit
 // button decisions deterministically (without text parsing).
 
+import type { GuardianDecisionPrompt } from "../../runtime/guardian-decision-types.js";
+
 // === Client -> Server ===
 
 export interface GuardianActionsPendingRequest {
@@ -21,23 +23,7 @@ export interface GuardianActionDecision {
 export interface GuardianActionsPendingResponse {
   type: "guardian_actions_pending_response";
   conversationId: string;
-  prompts: Array<{
-    requestId: string;
-    requestCode: string;
-    state: string;
-    questionText: string;
-    toolName: string | null;
-    actions: Array<{ action: string; label: string }>;
-    expiresAt: number;
-    conversationId: string;
-    callSessionId: string | null;
-    /**
-     * Canonical request kind (e.g. 'tool_approval', 'pending_question').
-     * Present when the prompt originates from the canonical guardian request
-     * store. Absent for legacy-only prompts.
-     */
-    kind?: string;
-  }>;
+  prompts: GuardianDecisionPrompt[];
 }
 
 export interface GuardianActionDecisionResponse {

package/src/daemon/message-types/integrations.ts

@@ -211,6 +211,14 @@ export interface NavigateSettings {
   tab: string;
 }
 
+export interface ShowPlatformLogin {
+  type: "show_platform_login";
+}
+
+export interface PlatformDisconnected {
+  type: "platform_disconnected";
+}
+
 // --- Domain-level union aliases (consumed by the barrel file) ---
 
 export type _IntegrationsClientMessages =
@@ -237,4 +245,6 @@ export type _IntegrationsServerMessages =
   | IntegrationConnectResult
   | OAuthConnectResultResponse
   | OpenUrl
-  | NavigateSettings;
+  | NavigateSettings
+  | ShowPlatformLogin
+  | PlatformDisconnected;

package/src/daemon/message-types/messages.ts

@@ -71,6 +71,7 @@ export interface AssistantTextDelta {
 export interface AssistantThinkingDelta {
   type: "assistant_thinking_delta";
   thinking: string;
+  conversationId?: string;
 }
 
 export interface ToolUseStart {

package/src/daemon/pairing-store.ts

@@ -1,28 +1,14 @@
 /**
- * Pairing request store with TTL and disk persistence.
+ * In-memory pairing request store with TTL.
  *
  * Each pairing request lives for at most TTL_MS (5 minutes) before
  * being swept as expired. Status transitions:
  *   registered → pending → approved | denied | expired
- *
- * Entries are persisted to ~/.vellum/protected/pairing-requests.json
- * using the same atomic-write pattern as approved-devices-store.ts
- * so that device bindings survive daemon restarts.
  */
 
 import { createHash, timingSafeEqual } from "node:crypto";
-import {
-  chmodSync,
-  existsSync,
-  mkdirSync,
-  readFileSync,
-  renameSync,
-  writeFileSync,
-} from "node:fs";
-import { dirname, join } from "node:path";
 
 import { getLogger } from "../util/logger.js";
-import { getRootDir } from "../util/platform.js";
 
 const log = getLogger("pairing-store");
 
@@ -59,60 +45,11 @@ function timingSafeCompare(a: string, b: string): boolean {
   return timingSafeEqual(bufA, bufB);
 }
 
-interface PairingStoreFile {
-  version: 1;
-  requests: PairingRequest[];
-}
-
-function getStorePath(): string {
-  return join(getRootDir(), "protected", "pairing-requests.json");
-}
-
-function loadFromDisk(): Map<string, PairingRequest> {
-  const path = getStorePath();
-  if (!existsSync(path)) {
-    return new Map();
-  }
-  try {
-    const raw = readFileSync(path, "utf-8");
-    const data = JSON.parse(raw) as PairingStoreFile;
-    if (data.version !== 1 || !Array.isArray(data.requests)) {
-      log.warn("Invalid pairing-requests.json format, starting fresh");
-      return new Map();
-    }
-    const map = new Map<string, PairingRequest>();
-    for (const entry of data.requests) {
-      map.set(entry.pairingRequestId, entry);
-    }
-    return map;
-  } catch (err) {
-    log.error({ err }, "Failed to load pairing-requests.json");
-    return new Map();
-  }
-}
-
-function saveToDisk(requests: Map<string, PairingRequest>): void {
-  const path = getStorePath();
-  const dir = dirname(path);
-  if (!existsSync(dir)) {
-    mkdirSync(dir, { recursive: true });
-  }
-  const data: PairingStoreFile = {
-    version: 1,
-    requests: Array.from(requests.values()),
-  };
-  const tmpPath = path + ".tmp." + process.pid;
-  writeFileSync(tmpPath, JSON.stringify(data, null, 2), { mode: 0o600 });
-  renameSync(tmpPath, path);
-  chmodSync(path, 0o600);
-}
-
 export class PairingStore {
   private requests = new Map<string, PairingRequest>();
   private sweepTimer: ReturnType<typeof setInterval> | null = null;
 
   start(): void {
-    this.requests = loadFromDisk();
     this.sweepTimer = setInterval(() => this.sweep(), SWEEP_INTERVAL_MS);
   }
 
@@ -168,8 +105,6 @@ export class PairingStore {
       localLanUrl: params.localLanUrl ?? null,
       createdAt: Date.now(),
     });
-    this.persist();
-
     log.info(
       { pairingRequestId: params.pairingRequestId },
       "Pairing request registered",
@@ -226,8 +161,6 @@ export class PairingStore {
     if (entry.status === "registered") {
       entry.status = "pending";
     }
-    this.persist();
-
     return { ok: true, entry };
   }
 
@@ -242,7 +175,6 @@ export class PairingStore {
     if (!entry) return null;
     entry.status = "approved";
     entry.bearerToken = bearerToken;
-    this.persist();
     return entry;
   }
 
@@ -253,7 +185,6 @@ export class PairingStore {
     const entry = this.requests.get(pairingRequestId);
     if (!entry) return null;
     entry.status = "denied";
-    this.persist();
     return entry;
   }
 
@@ -274,14 +205,6 @@ export class PairingStore {
     return timingSafeCompare(entry.hashedPairingSecret, hashedSecret);
   }
 
-  private persist(): void {
-    try {
-      saveToDisk(this.requests);
-    } catch (err) {
-      log.error({ err }, "Failed to persist pairing requests to disk");
-    }
-  }
-
   private sweep(): void {
     const now = Date.now();
     let changed = false;
@@ -300,7 +223,7 @@ export class PairingStore {
       }
     }
     if (changed) {
-      this.persist();
+      log.debug("Sweep completed with changes");
     }
   }
 }