npm - @vellumai/assistant - Versions diffs - 0.5.15 → 0.5.16 - Mend

@vellumai/assistant 0.5.15 → 0.5.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (175) hide show

package/ARCHITECTURE.md +2 -2
package/docs/architecture/integrations.md +15 -14
package/knip.json +3 -1
package/openapi.yaml +11 -43
package/package.json +1 -1
package/src/__tests__/assistant-feature-flags-integration.test.ts +3 -375
package/src/__tests__/ces-rpc-credential-backend.test.ts +4 -1
package/src/__tests__/checker.test.ts +59 -0
package/src/__tests__/cli-command-risk-guard.test.ts +98 -10
package/src/__tests__/cli-memory.test.ts +372 -0
package/src/__tests__/computer-use-skill-manifest-regression.test.ts +12 -2
package/src/__tests__/config-schema.test.ts +0 -2
package/src/__tests__/config-watcher-feature-flags.test.ts +211 -0
package/src/__tests__/conversation-runtime-assembly.test.ts +7 -4
package/src/__tests__/conversation-slash-commands.test.ts +2 -6
package/src/__tests__/conversation-usage.test.ts +1 -0
package/src/__tests__/credential-security-e2e.test.ts +4 -1
package/src/__tests__/docker-signing-key-bootstrap.test.ts +7 -73
package/src/__tests__/dynamic-skill-workflow-prompt.test.ts +6 -7
package/src/__tests__/guardian-routing-invariants.test.ts +151 -0
package/src/__tests__/heartbeat-service.test.ts +1 -3
package/src/__tests__/intent-routing.test.ts +6 -18
package/src/__tests__/log-export-workspace.test.ts +2 -28
package/src/__tests__/managed-skill-lifecycle.test.ts +7 -37
package/src/__tests__/managed-store.test.ts +2 -10
package/src/__tests__/messaging-send-tool.test.ts +6 -6
package/src/__tests__/migration-cross-version-compatibility.test.ts +1 -29
package/src/__tests__/migration-export-http.test.ts +3 -34
package/src/__tests__/migration-import-commit-http.test.ts +1 -29
package/src/__tests__/migration-import-preflight-http.test.ts +3 -34
package/src/__tests__/no-domain-routing-in-prompt-guard.test.ts +2 -1
package/src/__tests__/oauth-apps-routes.test.ts +120 -10
package/src/__tests__/oauth-connect-orchestrator.test.ts +709 -0
package/src/__tests__/oauth-provider-serializer.test.ts +2 -1
package/src/__tests__/oauth-provider-visibility.test.ts +149 -0
package/src/__tests__/oauth-providers-routes.test.ts +5 -2
package/src/__tests__/oauth-store.test.ts +0 -5
package/src/__tests__/outlook-messaging-provider.test.ts +576 -0
package/src/__tests__/path-policy.test.ts +2 -17
package/src/__tests__/permission-types.test.ts +0 -1
package/src/__tests__/platform-callback-registration.test.ts +3 -7
package/src/__tests__/provider-commit-message-generator.test.ts +0 -1
package/src/__tests__/provider-error-scenarios.test.ts +0 -2
package/src/__tests__/qdrant-manager.test.ts +68 -21
package/src/__tests__/require-fresh-approval.test.ts +0 -1
package/src/__tests__/sandbox-diagnostics.test.ts +20 -29
package/src/__tests__/scaffold-managed-skill-tool.test.ts +2 -10
package/src/__tests__/secret-allowlist.test.ts +20 -35
package/src/__tests__/shell-credential-ref.test.ts +0 -5
package/src/__tests__/skill-load-feature-flag.test.ts +2 -43
package/src/__tests__/skill-load-inline-command.test.ts +3 -65
package/src/__tests__/skill-load-inline-includes.test.ts +3 -65
package/src/__tests__/skill-load-tool.test.ts +3 -67
package/src/__tests__/skill-memory.test.ts +362 -119
package/src/__tests__/skills.test.ts +22 -49
package/src/__tests__/slack-channel-config.test.ts +2 -21
package/src/__tests__/starter-bundle.test.ts +2 -8
package/src/__tests__/stt-hints.test.ts +7 -2
package/src/__tests__/system-prompt.test.ts +25 -45
package/src/__tests__/task-compiler.test.ts +0 -21
package/src/__tests__/task-management-tools.test.ts +0 -21
package/src/__tests__/task-memory-cleanup.test.ts +0 -21
package/src/__tests__/task-runner.test.ts +0 -21
package/src/__tests__/task-scheduler.test.ts +0 -21
package/src/__tests__/terminal-tools.test.ts +1 -17
package/src/__tests__/token-estimator-accuracy.benchmark.test.ts +0 -79
package/src/__tests__/tool-approval-handler.test.ts +1 -20
package/src/__tests__/tool-execution-abort-cleanup.test.ts +2 -11
package/src/__tests__/tool-execution-pipeline.benchmark.test.ts +1 -25
package/src/__tests__/tool-executor-lifecycle-events.test.ts +0 -1
package/src/__tests__/tool-executor.test.ts +0 -1
package/src/__tests__/tool-grant-request-escalation.test.ts +1 -20
package/src/__tests__/tool-preview-lifecycle.test.ts +0 -20
package/src/__tests__/trust-store.test.ts +9 -41
package/src/__tests__/trusted-contact-approval-notifier.test.ts +1 -30
package/src/__tests__/trusted-contact-inline-approval-integration.test.ts +1 -21
package/src/__tests__/trusted-contact-lifecycle-notifications.test.ts +0 -22
package/src/__tests__/trusted-contact-multichannel.test.ts +0 -22
package/src/__tests__/trusted-contact-verification.test.ts +0 -22
package/src/__tests__/turn-boundary-resolution.test.ts +0 -28
package/src/__tests__/twilio-provider.test.ts +0 -16
package/src/__tests__/twilio-routes-twiml.test.ts +7 -12
package/src/__tests__/twilio-routes.test.ts +0 -24
package/src/__tests__/update-bulletin.test.ts +17 -89
package/src/__tests__/usage-cache-backfill-migration.test.ts +0 -20
package/src/__tests__/usage-routes.test.ts +0 -21
package/src/__tests__/user-reference.test.ts +1 -5
package/src/__tests__/vbundle-pax-and-symlink.test.ts +4 -34
package/src/__tests__/vellum-self-knowledge-inline-command.test.ts +2 -53
package/src/__tests__/voice-invite-redemption.test.ts +0 -21
package/src/__tests__/voice-scoped-grant-consumer.test.ts +0 -24
package/src/__tests__/voice-session-bridge.test.ts +0 -21
package/src/__tests__/workspace-migration-009-backfill-conversation-disk-view.test.ts +2 -23
package/src/__tests__/workspace-migration-012-rename-conversation-disk-view-dirs.test.ts +2 -2
package/src/__tests__/workspace-migration-013-repair-conversation-disk-view.test.ts +2 -23
package/src/__tests__/workspace-migration-down-functions.test.ts +0 -6
package/src/acp/client-handler.ts +1 -2
package/src/cli/__tests__/notifications.test.ts +0 -22
package/src/cli/cli-memory.ts +176 -0
package/src/cli/commands/oauth/__tests__/providers-update.test.ts +1 -1
package/src/cli/commands/oauth/connect.ts +15 -0
package/src/cli/commands/oauth/providers.ts +49 -42
package/src/cli/commands/platform/__tests__/connect.test.ts +2 -48
package/src/cli/commands/platform/__tests__/disconnect.test.ts +2 -48
package/src/cli/commands/platform/__tests__/status.test.ts +0 -50
package/src/config/bundled-skills/computer-use/TOOLS.json +7 -7
package/src/config/bundled-skills/messaging/SKILL.md +17 -2
package/src/config/bundled-skills/settings/TOOLS.json +3 -3
package/src/config/feature-flag-registry.json +16 -0
package/src/config/loader.ts +4 -0
package/src/config/schemas/security.ts +0 -6
package/src/config/schemas/services.ts +8 -0
package/src/context/window-manager.ts +28 -9
package/src/credential-execution/approval-bridge.ts +0 -1
package/src/daemon/config-watcher.ts +51 -0
package/src/daemon/conversation-agent-loop.ts +3 -2
package/src/daemon/conversation-process.ts +1 -0
package/src/daemon/conversation-usage.ts +1 -0
package/src/daemon/handlers/skills.ts +9 -1
package/src/daemon/lifecycle.ts +13 -4
package/src/daemon/message-types/conversations.ts +1 -0
package/src/daemon/providers-setup.ts +2 -0
package/src/daemon/server.ts +26 -22
package/src/events/domain-events.ts +1 -2
package/src/memory/db-init.ts +9 -0
package/src/memory/job-handlers/batch-extraction.ts +16 -4
package/src/memory/job-handlers/embedding.test.ts +3 -27
package/src/memory/job-handlers/journal-carry-forward.test.ts +1 -29
package/src/memory/llm-usage-store.ts +35 -2
package/src/memory/migrations/201-oauth-providers-feature-flag.ts +11 -0
package/src/memory/migrations/202-drop-callback-transport-column.ts +13 -0
package/src/memory/migrations/index.ts +2 -0
package/src/memory/qdrant-manager.ts +26 -5
package/src/memory/query-expansion.ts +1 -1
package/src/memory/retriever.test.ts +22 -20
package/src/memory/retriever.ts +10 -2
package/src/memory/schema/oauth.ts +1 -1
package/src/memory/search/mmr.ts +8 -5
package/src/memory/slack-thread-store.ts +17 -0
package/src/messaging/providers/outlook/adapter.ts +193 -0
package/src/messaging/providers/outlook/client.ts +311 -0
package/src/messaging/providers/outlook/types.ts +83 -0
package/src/notifications/adapters/slack.ts +1 -1
package/src/oauth/__tests__/identity-verifier.test.ts +1 -1
package/src/oauth/connect-orchestrator.ts +10 -3
package/src/oauth/oauth-store.ts +10 -11
package/src/oauth/provider-serializer.ts +3 -0
package/src/oauth/provider-visibility.ts +16 -0
package/src/oauth/seed-providers.ts +49 -17
package/src/permissions/checker.ts +39 -7
package/src/permissions/types.ts +2 -4
package/src/prompts/journal-context.ts +9 -11
package/src/prompts/system-prompt.ts +3 -64
package/src/prompts/templates/UPDATES.md +6 -0
package/src/runtime/auth/__tests__/credential-service.test.ts +1 -27
package/src/runtime/auth/__tests__/token-service.test.ts +1 -25
package/src/runtime/auth/route-policy.ts +0 -4
package/src/runtime/guardian-reply-router.ts +6 -2
package/src/runtime/routes/conversation-query-routes.ts +2 -58
package/src/runtime/routes/inbound-stages/background-dispatch.ts +43 -2
package/src/runtime/routes/memory-item-routes.test.ts +0 -17
package/src/runtime/routes/memory-item-routes.ts +103 -12
package/src/runtime/routes/oauth-apps.ts +18 -1
package/src/runtime/routes/oauth-providers.ts +13 -1
package/src/runtime/routes/settings-routes.ts +1 -0
package/src/runtime/routes/usage-routes.ts +19 -2
package/src/runtime/routes/work-items-routes.test.ts +0 -21
package/src/runtime/routes/workspace-routes.test.ts +3 -27
package/src/security/secret-allowlist.ts +4 -4
package/src/skills/skill-memory.ts +62 -23
package/src/tools/memory/handlers.test.ts +1 -29
package/src/tools/permission-checker.ts +0 -18
package/src/tools/skills/skill-script-runner.ts +1 -1
package/src/util/device-id.ts +3 -65
package/src/workspace/git-service.ts +27 -6

package/src/__tests__/oauth-provider-serializer.test.ts CHANGED Viewed

@@ -19,7 +19,6 @@ function makeRow(overrides: Partial<OAuthProviderRow> = {}): OAuthProviderRow {
     defaultScopes: "[]",
     scopePolicy: "{}",
     extraParams: null,
-    callbackTransport: null,
     pingUrl: null,
     pingMethod: null,
     pingHeaders: null,
@@ -41,6 +40,7 @@ function makeRow(overrides: Partial<OAuthProviderRow> = {}): OAuthProviderRow {
     identityResponsePaths: null,
     identityFormat: null,
     identityOkField: null,
+    featureFlag: null,
     createdAt: now,
     updatedAt: now,
     ...overrides,
@@ -191,6 +191,7 @@ describe("serializeProviderSummary", () => {
       client_id_placeholder: "your-client-id.apps.googleusercontent.com",
       requires_client_secret: true,
       supports_managed_mode: true,
+      feature_flag: null,
     });
   });

package/src/__tests__/oauth-provider-visibility.test.ts ADDED Viewed

@@ -0,0 +1,149 @@
+import {
+  afterAll,
+  afterEach,
+  beforeEach,
+  describe,
+  expect,
+  mock,
+  test,
+} from "bun:test";
+mock.module("../util/logger.js", () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
+}));
+mock.module("../security/secure-keys.js", () => ({
+  deleteSecureKeyAsync: () => Promise.resolve("deleted" as const),
+  setSecureKeyAsync: () => Promise.resolve(true),
+  getSecureKeyAsync: () => Promise.resolve(undefined),
+}));
+import { _setOverridesForTesting } from "../config/assistant-feature-flags.js";
+import type { AssistantConfig } from "../config/schema.js";
+import { initializeDb, resetDb, resetTestTables } from "../memory/db.js";
+import { listProviders, seedProviders } from "../oauth/oauth-store.js";
+import { isProviderVisible } from "../oauth/provider-visibility.js";
+initializeDb();
+/** Create a minimal AssistantConfig for testing. */
+function makeConfig(): AssistantConfig {
+  return {} as AssistantConfig;
+}
+beforeEach(() => {
+  resetTestTables("oauth_connections", "oauth_apps", "oauth_providers");
+  _setOverridesForTesting({});
+});
+afterEach(() => {
+  _setOverridesForTesting({});
+});
+afterAll(() => {
+  resetDb();
+});
+describe("isProviderVisible", () => {
+  test("returns true when featureFlag is null", () => {
+    seedProviders([
+      {
+        providerKey: "no-flag-provider",
+        authUrl: "https://example.com/auth",
+        tokenUrl: "https://example.com/token",
+        defaultScopes: ["read"],
+        scopePolicy: {},
+      },
+    ]);
+    const providers = listProviders();
+    const provider = providers.find(
+      (p) => p.providerKey === "no-flag-provider",
+    );
+    expect(provider).toBeDefined();
+    expect(provider!.featureFlag).toBeNull();
+    const config = makeConfig();
+    expect(isProviderVisible(provider!, config)).toBe(true);
+  });
+  test("returns true when featureFlag is set and the flag is enabled", () => {
+    _setOverridesForTesting({ "test-gate": true });
+    seedProviders([
+      {
+        providerKey: "gated-provider",
+        authUrl: "https://example.com/auth",
+        tokenUrl: "https://example.com/token",
+        defaultScopes: ["read"],
+        scopePolicy: {},
+        featureFlag: "test-gate",
+      },
+    ]);
+    const providers = listProviders();
+    const provider = providers.find((p) => p.providerKey === "gated-provider");
+    expect(provider).toBeDefined();
+    expect(provider!.featureFlag).toBe("test-gate");
+    const config = makeConfig();
+    expect(isProviderVisible(provider!, config)).toBe(true);
+  });
+  test("returns false when featureFlag is set and the flag is disabled", () => {
+    _setOverridesForTesting({ "test-gate": false });
+    seedProviders([
+      {
+        providerKey: "gated-provider",
+        authUrl: "https://example.com/auth",
+        tokenUrl: "https://example.com/token",
+        defaultScopes: ["read"],
+        scopePolicy: {},
+        featureFlag: "test-gate",
+      },
+    ]);
+    const providers = listProviders();
+    const provider = providers.find((p) => p.providerKey === "gated-provider");
+    expect(provider).toBeDefined();
+    const config = makeConfig();
+    expect(isProviderVisible(provider!, config)).toBe(false);
+  });
+  test("listProviders returns all providers but isProviderVisible filters gated ones when flag is disabled", () => {
+    _setOverridesForTesting({ "test-gate": false });
+    seedProviders([
+      {
+        providerKey: "visible-provider",
+        authUrl: "https://example.com/auth",
+        tokenUrl: "https://example.com/token",
+        defaultScopes: ["read"],
+        scopePolicy: {},
+      },
+      {
+        providerKey: "gated-provider",
+        authUrl: "https://gated.example.com/auth",
+        tokenUrl: "https://gated.example.com/token",
+        defaultScopes: ["read"],
+        scopePolicy: {},
+        featureFlag: "test-gate",
+      },
+    ]);
+    const allProviders = listProviders();
+    expect(allProviders).toHaveLength(2);
+    const config = makeConfig();
+    const visibleProviders = allProviders.filter((p) =>
+      isProviderVisible(p, config),
+    );
+    expect(visibleProviders).toHaveLength(1);
+    expect(visibleProviders[0]!.providerKey).toBe("visible-provider");
+  });
+});

package/src/__tests__/oauth-providers-routes.test.ts CHANGED Viewed

@@ -17,7 +17,7 @@ const mockListProviders = mock(() => [
     defaultScopes: "[]",
     scopePolicy: "[]",
     extraParams: null,
-    callbackTransport: null,
     pingUrl: null,
     pingMethod: null,
     pingHeaders: null,
@@ -33,6 +33,7 @@ const mockListProviders = mock(() => [
     identityFormat: null,
     identityOkField: null,
     identityResponsePaths: null,
+    featureFlag: null,
     createdAt: 1735689500000,
     updatedAt: 1735689550000,
   },
@@ -52,7 +53,7 @@ const mockListProviders = mock(() => [
     defaultScopes: "[]",
     scopePolicy: "[]",
     extraParams: null,
-    callbackTransport: null,
     pingUrl: null,
     pingMethod: null,
     pingHeaders: null,
@@ -68,6 +69,7 @@ const mockListProviders = mock(() => [
     identityFormat: null,
     identityOkField: null,
     identityResponsePaths: null,
+    featureFlag: null,
     createdAt: 1735689600000,
     updatedAt: 1735689650000,
   },
@@ -148,6 +150,7 @@ describe("GET /v1/oauth/providers", () => {
       "client_id_placeholder",
       "requires_client_secret",
       "supports_managed_mode",
+      "feature_flag",
     ];
     for (const provider of body.providers) {

package/src/__tests__/oauth-store.test.ts CHANGED Viewed

@@ -208,7 +208,6 @@ describe("provider operations", () => {
           userinfoUrl: "https://api.github.com/user",
           baseUrl: "https://api.github.com",
           extraParams: { prompt: "consent" },
-          callbackTransport: "loopback",
           pingUrl: "https://api.github.com/user",
         },
@@ -249,7 +248,6 @@ describe("provider operations", () => {
           userinfoUrl: "https://api.github.com/user-v2",
           baseUrl: "https://api.github.com/v2",
           extraParams: { prompt: "login" },
-          callbackTransport: "gateway",
           pingUrl: "https://api.github.com/user-v2",
         },
@@ -272,7 +270,6 @@ describe("provider operations", () => {
       expect(row!.tokenEndpointAuthMethod).toBe("client_secret_basic");
       expect(row!.userinfoUrl).toBe("https://api.github.com/user-v2");
       expect(JSON.parse(row!.extraParams!)).toEqual({ prompt: "login" });
-      expect(row!.callbackTransport).toBe("gateway");
       expect(row!.pingUrl).toBe("https://api.github.com/user-v2");
     });
   });
@@ -286,14 +283,12 @@ describe("provider operations", () => {
           tokenUrl: "https://github.com/token",
           defaultScopes: ["repo"],
           scopePolicy: {},
-          callbackTransport: "loopback",
         },
       ]);
       const row = getProvider("github");
       expect(row).toBeDefined();
       expect(row!.providerKey).toBe("github");
-      expect(row!.callbackTransport).toBe("loopback");
     });
     test("returns undefined for unknown keys", () => {