@vellumai/assistant 0.5.2 → 0.5.4

package/src/runtime/routes/guardian-bootstrap-routes.ts

@@ -28,6 +28,7 @@ type ServerWithRequestIP = {
   ): { address: string; family: string; port: number } | null;
 };
 import { isHttpAuthDisabled } from "../../config/env.js";
+import { getIsContainerized } from "../../config/env-registry.js";
 
 const log = getLogger("guardian-bootstrap");
 
@@ -86,19 +87,30 @@ export async function handleGuardianBootstrap(
   req: Request,
   server: ServerWithRequestIP,
 ): Promise<Response> {
+  // Reject non-private-network peers (allows loopback, Docker bridge, etc.)
+  const peerIp = server.requestIP(req)?.address;
+  if ((!peerIp || !isPrivateAddress(peerIp)) && !isHttpAuthDisabled()) {
+    return httpError("FORBIDDEN", "Bootstrap endpoint is local-only", 403);
+  }
+
   // Reject requests forwarded from public networks. The gateway sets
   // x-forwarded-for to the real client IP; if that IP is on a private
   // network (loopback, Docker bridge, RFC 1918) the request is still
   // considered local. Only reject when the forwarded IP is public.
+  //
+  // Skip this check when running in a container: the peer IP was already
+  // validated above (Docker bridge network = private), so the request
+  // reached us through a co-located gateway. The x-forwarded-for header
+  // reflects the original external client (e.g. platform proxy) and is
+  // not meaningful for local-only enforcement in this topology.
   const forwarded = req.headers.get("x-forwarded-for");
   const forwardedIp = forwarded ? forwarded.split(",")[0].trim() : null;
-  if (forwardedIp && !isPrivateAddress(forwardedIp) && !isHttpAuthDisabled()) {
-    return httpError("FORBIDDEN", "Bootstrap endpoint is local-only", 403);
-  }
-
-  // Reject non-private-network peers (allows loopback, Docker bridge, etc.)
-  const peerIp = server.requestIP(req)?.address;
-  if ((!peerIp || !isPrivateAddress(peerIp)) && !isHttpAuthDisabled()) {
+  if (
+    forwardedIp &&
+    !isPrivateAddress(forwardedIp) &&
+    !isHttpAuthDisabled() &&
+    !getIsContainerized()
+  ) {
     return httpError("FORBIDDEN", "Bootstrap endpoint is local-only", 403);
   }
 

package/src/runtime/routes/identity-routes.ts

@@ -8,6 +8,7 @@ import { dirname, join } from "node:path";
 import { fileURLToPath } from "node:url";
 
 import { getBaseDataDir } from "../../config/env-registry.js";
+import { parseIdentityFields } from "../../daemon/handlers/identity.js";
 import { getWorkspacePromptPath, readLockfile } from "../../util/platform.js";
 import { httpError } from "../http-errors.js";
 import type { RouteDefinition } from "../http-router.js";
@@ -149,41 +150,7 @@ export function handleGetIdentity(): Response {
   }
 
   const content = readFileSync(identityPath, "utf-8");
-  const fields: Record<string, string> = {};
-  for (const line of content.split("\n")) {
-    const trimmed = line.trim();
-    const lower = trimmed.toLowerCase();
-    const extract = (prefix: string): string | null => {
-      if (!lower.startsWith(prefix)) return null;
-      return trimmed.split(":**").pop()?.trim() ?? null;
-    };
-
-    const name = extract("- **name:**");
-    if (name) {
-      fields.name = name;
-      continue;
-    }
-    const role = extract("- **role:**");
-    if (role) {
-      fields.role = role;
-      continue;
-    }
-    const personality = extract("- **personality:**") ?? extract("- **vibe:**");
-    if (personality) {
-      fields.personality = personality;
-      continue;
-    }
-    const emoji = extract("- **emoji:**");
-    if (emoji) {
-      fields.emoji = emoji;
-      continue;
-    }
-    const home = extract("- **home:**");
-    if (home) {
-      fields.home = home;
-      continue;
-    }
-  }
+  const fields = parseIdentityFields(content);
 
   const version = getPackageVersion();
 

package/src/runtime/routes/llm-context-normalization.ts

@@ -86,7 +86,8 @@ export function normalizeLlmContextPayloads(
   }
 
   if (requestCandidate) {
-    return requestCandidate as LlmContextNormalizationResult;
+    const { summary, requestSections, responseSections } = requestCandidate;
+    return { summary, requestSections, responseSections };
   }
 
   if (responseCandidate) {
@@ -123,6 +124,7 @@ function normalizeOpenAiRequestPayload(
 
   const requestToolNames = extractOpenAiRequestToolNames(request.tools);
   const hasOpenAiSignal =
+    hasOpenAiModelPrefix(asString(request.model)) ||
     requestToolNames.length > 0 ||
     asString(request.tool_choice) !== undefined ||
     (request.parallel_tool_calls !== undefined &&
@@ -291,6 +293,7 @@ function normalizeAnthropicRequestPayload(
     }),
   );
   const hasAnthropicSignal =
+    hasAnthropicModelPrefix(asString(request.model)) ||
     request.system !== undefined ||
     requestToolNames.length > 0 ||
     isAnthropicToolChoice(request.tool_choice) ||
@@ -1171,6 +1174,16 @@ function normalizeCompatibleRequestPayload(
   }
 }
 
+function hasOpenAiModelPrefix(model: string | undefined): boolean {
+  if (!model) return false;
+  return /^(gpt-|chatgpt-|ft:|o[1-9]\d*(-|$))/.test(model);
+}
+
+function hasAnthropicModelPrefix(model: string | undefined): boolean {
+  if (!model) return false;
+  return model.startsWith("claude-");
+}
+
 function asRecord(value: unknown): Record<string, unknown> | null {
   if (typeof value !== "object" || value == null || Array.isArray(value)) {
     return null;

package/src/runtime/routes/memory-item-routes.ts

@@ -8,13 +8,17 @@
  * DELETE /v1/memory-items/:id    — delete a memory item and its embeddings
  */
 
-import { and, asc, count, desc, eq, like, ne, or } from "drizzle-orm";
+import { and, asc, count, desc, eq, inArray, like, ne, or } from "drizzle-orm";
 import { v4 as uuid } from "uuid";
 
 import { getDb } from "../../memory/db.js";
 import { computeMemoryFingerprint } from "../../memory/fingerprint.js";
 import { enqueueMemoryJob } from "../../memory/jobs-store.js";
-import { memoryEmbeddings, memoryItems } from "../../memory/schema.js";
+import {
+  conversations,
+  memoryEmbeddings,
+  memoryItems,
+} from "../../memory/schema.js";
 import { truncate } from "../../util/truncate.js";
 import { httpError } from "../http-errors.js";
 import type { RouteContext, RouteDefinition } from "../http-router.js";
@@ -64,6 +68,54 @@ function isValidSortField(value: string): value is SortField {
   return (VALID_SORT_FIELDS as readonly string[]).includes(value);
 }
 
+/**
+ * Resolve a `scopeLabel` for a memory item based on its `scopeId`.
+ *
+ * - `"default"` → `null`
+ * - `"private:<conversationId>"` → `"Private · <title>"` when the conversation
+ *   has a title, or `"Private"` when it doesn't (or the conversation was deleted).
+ */
+function resolveScopeLabel(
+  scopeId: string,
+  titleMap: Map<string, string | null>,
+): string | null {
+  if (scopeId === "default") return null;
+  if (scopeId.startsWith("private:")) {
+    const conversationId = scopeId.slice("private:".length);
+    const title = titleMap.get(conversationId);
+    return title ? `Private · ${title}` : "Private";
+  }
+  return null;
+}
+
+/**
+ * Batch-fetch conversation titles for a set of private-scoped memory items.
+ * Returns a Map from conversation ID → title (or null).
+ */
+function buildConversationTitleMap(
+  db: ReturnType<typeof getDb>,
+  scopeIds: string[],
+): Map<string, string | null> {
+  const conversationIds = scopeIds
+    .filter((s) => s.startsWith("private:"))
+    .map((s) => s.slice("private:".length));
+
+  const uniqueIds = [...new Set(conversationIds)];
+  if (uniqueIds.length === 0) return new Map();
+
+  const rows = db
+    .select({ id: conversations.id, title: conversations.title })
+    .from(conversations)
+    .where(inArray(conversations.id, uniqueIds))
+    .all();
+
+  const map = new Map<string, string | null>();
+  for (const row of rows) {
+    map.set(row.id, row.title);
+  }
+  return map;
+}
+
 // ---------------------------------------------------------------------------
 // GET /v1/memory-items
 // ---------------------------------------------------------------------------
@@ -145,7 +197,17 @@ export function handleListMemoryItems(url: URL): Response {
     .offset(offsetParam)
     .all();
 
-  return Response.json({ items, total });
+  // Resolve scope labels for private-scoped items
+  const titleMap = buildConversationTitleMap(
+    db,
+    items.map((i) => i.scopeId),
+  );
+  const enrichedItems = items.map((item) => ({
+    ...item,
+    scopeLabel: resolveScopeLabel(item.scopeId, titleMap),
+  }));
+
+  return Response.json({ items: enrichedItems, total });
 }
 
 // ---------------------------------------------------------------------------
@@ -187,9 +249,14 @@ export function handleGetMemoryItem(ctx: RouteContext): Response {
     supersededBySubject = superseding?.subject;
   }
 
+  // Resolve scope label
+  const titleMap = buildConversationTitleMap(db, [item.scopeId]);
+  const scopeLabel = resolveScopeLabel(item.scopeId, titleMap);
+
   return Response.json({
     item: {
       ...item,
+      scopeLabel,
       ...(supersedesSubject !== undefined ? { supersedesSubject } : {}),
       ...(supersededBySubject !== undefined ? { supersededBySubject } : {}),
     },
@@ -303,7 +370,14 @@ export async function handleCreateMemoryItem(
     .where(eq(memoryItems.id, id))
     .get();
 
-  return Response.json({ item: insertedRow }, { status: 201 });
+  // Enrich with scopeLabel for API consistency
+  const titleMap = buildConversationTitleMap(db, [scopeId]);
+  const scopeLabel = resolveScopeLabel(scopeId, titleMap);
+
+  return Response.json(
+    { item: { ...insertedRow, scopeLabel } },
+    { status: 201 },
+  );
 }
 
 // ---------------------------------------------------------------------------
@@ -430,7 +504,18 @@ export async function handleUpdateMemoryItem(
     .where(eq(memoryItems.id, id))
     .get();
 
-  return Response.json({ item: updatedRow });
+  // Enrich with scopeLabel for API consistency
+  const patchTitleMap = buildConversationTitleMap(db, [
+    updatedRow?.scopeId ?? existing.scopeId,
+  ]);
+  const patchScopeLabel = resolveScopeLabel(
+    updatedRow?.scopeId ?? existing.scopeId,
+    patchTitleMap,
+  );
+
+  return Response.json({
+    item: { ...updatedRow, scopeLabel: patchScopeLabel },
+  });
 }
 
 // ---------------------------------------------------------------------------

package/src/runtime/routes/secret-routes.ts

@@ -11,6 +11,7 @@ import {
 } from "../../config/loader.js";
 import type { CesClient } from "../../credential-execution/client.js";
 import { setSentryOrganizationId } from "../../instrument.js";
+import { clearEmbeddingBackendCache } from "../../memory/embedding-backend.js";
 import { syncManualTokenConnection } from "../../oauth/manual-token-connection.js";
 import { validateAnthropicApiKey } from "../../providers/anthropic/client.js";
 import { validateGeminiApiKey } from "../../providers/gemini/client.js";
@@ -181,6 +182,7 @@ export async function handleAddSecret(
           500,
         );
       }
+      clearEmbeddingBackendCache();
       invalidateConfigCache();
       await initializeProviders(getConfig());
       log.info({ provider: name }, "API key updated via HTTP");
@@ -346,6 +348,7 @@ export async function handleDeleteSecret(req: Request): Promise<Response> {
           500,
         );
       }
+      clearEmbeddingBackendCache();
       invalidateConfigCache();
       await initializeProviders(getConfig());
       log.info({ provider: name }, "API key deleted via HTTP");

package/src/runtime/routes/surface-action-routes.ts

@@ -5,8 +5,15 @@
  * Requires the conversation to already exist (does not create new conversations).
  */
 import { getLogger } from "../../util/logger.js";
+import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
+import type { AuthContext } from "../auth/types.js";
+import { healGuardianBindingDrift } from "../guardian-vellum-migration.js";
 import { httpError } from "../http-errors.js";
 import type { RouteDefinition } from "../http-router.js";
+import {
+  resolveTrustContext,
+  withSourceChannel,
+} from "../trust-context-resolver.js";
 
 const log = getLogger("surface-action-routes");
 
@@ -18,6 +25,11 @@ interface SurfaceActionTarget {
     data?: Record<string, unknown>,
   ): void;
   handleSurfaceUndo?(surfaceId: string): void;
+  setTrustContext?(ctx: {
+    trustClass: "guardian" | "trusted_contact" | "unknown";
+    sourceChannel: string;
+  }): void;
+  trustContext?: { trustClass: string } | null;
 }
 
 export type ConversationLookup = (
@@ -28,6 +40,53 @@ export type ConversationLookupBySurfaceId = (
   surfaceId: string,
 ) => SurfaceActionTarget | undefined;
 
+/**
+ * Resolve trust context from the request's auth context and set it on the
+ * conversation, following the same pattern as POST /v1/messages. This ensures
+ * surface actions inherit the correct trust class (guardian vs trusted_contact)
+ * rather than defaulting to unknown.
+ */
+function applyTrustContext(
+  conversation: SurfaceActionTarget,
+  authContext: AuthContext,
+): void {
+  if (!conversation.setTrustContext) return;
+
+  const sourceChannel = "vellum";
+
+  if (authContext.actorPrincipalId) {
+    const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
+    let trustCtx = resolveTrustContext({
+      assistantId,
+      sourceChannel,
+      conversationExternalId: "local",
+      actorExternalId: authContext.actorPrincipalId,
+    });
+    if (trustCtx.trustClass === "unknown") {
+      const healed = healGuardianBindingDrift(authContext.actorPrincipalId);
+      if (healed) {
+        trustCtx = resolveTrustContext({
+          assistantId,
+          sourceChannel,
+          conversationExternalId: "local",
+          actorExternalId: authContext.actorPrincipalId,
+        });
+        log.info(
+          {
+            actorPrincipalId: authContext.actorPrincipalId,
+            trustClass: trustCtx.trustClass,
+          },
+          "Trust re-resolved after guardian binding drift heal (surface action)",
+        );
+      }
+    }
+    conversation.setTrustContext(withSourceChannel(sourceChannel, trustCtx));
+  } else {
+    // Service principals or tokens without an actor ID get guardian context.
+    conversation.setTrustContext({ trustClass: "guardian", sourceChannel });
+  }
+}
+
 /**
  * POST /v1/surface-actions — handle a UI surface action.
  *
@@ -37,6 +96,7 @@ export async function handleSurfaceAction(
   req: Request,
   findConversation: ConversationLookup,
   findConversationBySurfaceId?: ConversationLookupBySurfaceId,
+  authContext?: AuthContext,
 ): Promise<Response> {
   const body = (await req.json()) as {
     conversationId?: string | null;
@@ -65,6 +125,12 @@ export async function handleSurfaceAction(
     return httpError("NOT_FOUND", "No active conversation found", 404);
   }
 
+  // Resolve trust context from the request's auth headers so the conversation
+  // has the correct trust class for tool approval decisions.
+  if (authContext) {
+    applyTrustContext(conversation, authContext);
+  }
+
   try {
     conversation.handleSurfaceAction(surfaceId, actionId, data);
     log.info(
@@ -143,7 +209,7 @@ export function surfaceActionRouteDefinitions(deps: {
     {
       endpoint: "surface-actions",
       method: "POST",
-      handler: async ({ req }) => {
+      handler: async ({ req, authContext }) => {
         if (!deps.findConversation) {
           return httpError(
             "NOT_IMPLEMENTED",
@@ -155,6 +221,7 @@ export function surfaceActionRouteDefinitions(deps: {
           req,
           deps.findConversation,
           deps.findConversationBySurfaceId,
+          authContext,
         );
       },
     },

package/src/schedule/schedule-store.ts

@@ -35,6 +35,7 @@ export interface ScheduleJob {
   mode: ScheduleMode;
   routingIntent: RoutingIntent;
   routingHints: Record<string, unknown>;
+  quiet: boolean;
   status: ScheduleStatus;
   createdAt: number;
   updatedAt: number;
@@ -91,6 +92,7 @@ export function createSchedule(params: {
   mode?: ScheduleMode;
   routingIntent?: RoutingIntent;
   routingHints?: Record<string, unknown>;
+  quiet?: boolean;
 }): ScheduleJob {
   const expression = params.expression ?? params.cronExpression ?? null;
   const isOneShot = expression == null;
@@ -118,6 +120,7 @@ export function createSchedule(params: {
   const mode = params.mode ?? "execute";
   const routingIntent = params.routingIntent ?? "all_channels";
   const routingHints = params.routingHints ?? {};
+  const quiet = params.quiet ?? false;
 
   let nextRunAt: number;
   if (isOneShot) {
@@ -144,6 +147,7 @@ export function createSchedule(params: {
     mode,
     routingIntent,
     routingHintsJson: JSON.stringify(routingHints),
+    quiet,
     status: "active" as ScheduleStatus,
     createdAt: now,
     updatedAt: now,
@@ -202,6 +206,27 @@ export function listSchedules(options?: {
   return rows.map(parseJobRow);
 }
 
+/**
+ * Return enabled schedules whose next run falls within a time window.
+ * Used by the memory brief compiler to surface due-soon schedule entries.
+ */
+export function getDueSoonSchedules(
+  now: number,
+  horizonMs: number,
+): ScheduleJob[] {
+  const db = getDb();
+  const cutoff = now + horizonMs;
+  const rows = db
+    .select()
+    .from(scheduleJobs)
+    .where(
+      and(eq(scheduleJobs.enabled, true), lte(scheduleJobs.nextRunAt, cutoff)),
+    )
+    .orderBy(asc(scheduleJobs.nextRunAt))
+    .all();
+  return rows.map(parseJobRow);
+}
+
 export function updateSchedule(
   id: string,
   updates: {
@@ -215,6 +240,7 @@ export function updateSchedule(
     mode?: ScheduleMode;
     routingIntent?: RoutingIntent;
     routingHints?: Record<string, unknown>;
+    quiet?: boolean;
   },
 ): ScheduleJob | null {
   const db = getDb();
@@ -269,6 +295,7 @@ export function updateSchedule(
     set.routingIntent = updates.routingIntent;
   if (updates.routingHints !== undefined)
     set.routingHintsJson = JSON.stringify(updates.routingHints);
+  if (updates.quiet !== undefined) set.quiet = updates.quiet;
 
   // Recompute nextRunAt if schedule timing may have changed (only for recurring)
   if (
@@ -750,6 +777,7 @@ function parseJobRow(row: typeof scheduleJobs.$inferSelect): ScheduleJob {
     mode: (row.mode ?? "execute") as ScheduleMode,
     routingIntent: (row.routingIntent ?? "all_channels") as RoutingIntent,
     routingHints: safeParseJson(row.routingHintsJson),
+    quiet: row.quiet ?? false,
     status: (row.status ?? "active") as ScheduleStatus,
     createdAt: row.createdAt,
     updatedAt: row.updatedAt,

package/src/schedule/scheduler.ts

@@ -206,7 +206,9 @@ async function runScheduleOnce(
           if (isOneShot) failOneShot(job.id);
         } else {
           completeScheduleRun(runId, { status: "ok" });
-          notifySchedule({ id: job.id, name: job.name });
+          if (!job.quiet) {
+            notifySchedule({ id: job.id, name: job.name });
+          }
           if (isOneShot) completeOneShot(job.id);
         }
         processed += 1;
@@ -278,7 +280,9 @@ async function runScheduleOnce(
         trustClass: "guardian",
       });
       completeScheduleRun(runId, { status: "ok" });
-      notifySchedule({ id: job.id, name: job.name });
+      if (!job.quiet) {
+        notifySchedule({ id: job.id, name: job.name });
+      }
       if (isOneShot) completeOneShot(job.id);
       processed += 1;
     } catch (err) {