@vellumai/assistant 0.5.3 → 0.5.5

package/src/tools/filesystem/read.ts

@@ -38,8 +38,13 @@ class FileReadTool implements Tool {
             type: "number",
             description: "Maximum number of lines to read",
           },
+          activity: {
+            type: "string",
+            description:
+              "Brief non-technical explanation of what you are doing and why, shown to the user as a status update.",
+          },
         },
-        required: ["path"],
+        required: ["path", "activity"],
       },
     };
   }

package/src/tools/filesystem/write.ts

@@ -28,8 +28,13 @@ class FileWriteTool implements Tool {
             type: "string",
             description: "The content to write to the file",
           },
+          activity: {
+            type: "string",
+            description:
+              "Brief non-technical explanation of what you are doing and why, shown to the user as a status update.",
+          },
         },
-        required: ["path", "content"],
+        required: ["path", "content", "activity"],
       },
     };
   }

package/src/tools/memory/handlers.ts

@@ -2,6 +2,8 @@ import { and, eq, ne } from "drizzle-orm";
 import { v4 as uuid } from "uuid";
 
 import type { AssistantConfig } from "../../config/types.js";
+import { buildArchiveRecall } from "../../memory/archive-recall.js";
+import { insertObservation } from "../../memory/archive-store.js";
 import { getDb } from "../../memory/db.js";
 import { computeMemoryFingerprint } from "../../memory/fingerprint.js";
 import { enqueueMemoryJob } from "../../memory/jobs-store.js";
@@ -18,7 +20,7 @@ const log = getLogger("memory-tools");
 
 export async function handleMemorySave(
   args: Record<string, unknown>,
-  _config: AssistantConfig,
+  config: AssistantConfig,
   conversationId: string,
   messageId: string | undefined,
   scopeId: string = "default",
@@ -63,6 +65,19 @@ export async function handleMemorySave(
       ? truncate(args.subject.trim(), 80, "")
       : inferSubjectFromStatement(statement.trim());
 
+  // When simplified memory is enabled, save directly to the simplified
+  // observation/chunk tables instead of the legacy memory_items table.
+  if (config.memory.simplified.enabled) {
+    return handleSimplifiedMemorySave(
+      kind,
+      subject,
+      statement.trim(),
+      conversationId,
+      messageId,
+      scopeId,
+    );
+  }
+
   try {
     const db = getDb();
     const id = uuid();
@@ -275,6 +290,12 @@ export async function handleMemoryRecall(
       ? args.scope.trim()
       : "default";
 
+  // When simplified memory is enabled, use the archive recall path
+  // instead of the legacy hybrid retriever.
+  if (config.memory.simplified.enabled) {
+    return handleSimplifiedMemoryRecall(query.trim(), scopeId ?? "default");
+  }
+
   // Scope policy: "conversation" means strict (only that scope),
   // anything else allows fallback to the default scope.
   const scopePolicyOverride: ScopePolicyOverride | undefined = scopeId
@@ -411,6 +432,113 @@ export async function handleMemoryDelete(
   }
 }
 
+// ── Simplified memory helpers ────────────────────────────────────────
+
+/**
+ * Save a memory item as an observation + chunk in the simplified system.
+ * This is used when simplified memory is enabled instead of writing to
+ * the legacy memory_items table.
+ */
+function handleSimplifiedMemorySave(
+  kind: string,
+  subject: string,
+  statement: string,
+  conversationId: string,
+  messageId: string | undefined,
+  scopeId: string,
+): ToolExecutionResult {
+  try {
+    const trimmedStatement = truncate(statement, 500, "");
+    const content = `[${kind}] ${subject}: ${trimmedStatement}`;
+
+    const result = insertObservation({
+      conversationId,
+      messageId: messageId ?? null,
+      role: "user",
+      content,
+      scopeId,
+      modality: "text",
+      source: "tool:memory_save",
+    });
+
+    log.debug(
+      {
+        observationId: result.observationId,
+        chunkId: result.chunkId,
+        kind,
+        subject,
+        conversationId,
+        messageId,
+      },
+      "Memory saved via simplified system",
+    );
+
+    return {
+      content: `Saved to memory (ID: ${result.observationId}).\nKind: ${kind}\nSubject: ${subject}\nStatement: ${trimmedStatement}`,
+      isError: false,
+    };
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    log.error({ err }, "simplified memory_save failed");
+    return { content: `Error: Failed to save memory: ${msg}`, isError: true };
+  }
+}
+
+/**
+ * Recall memories using the simplified archive recall path instead of
+ * the legacy hybrid retriever.
+ */
+function handleSimplifiedMemoryRecall(
+  query: string,
+  scopeId: string,
+): ToolExecutionResult {
+  try {
+    const recallResult = buildArchiveRecall(scopeId, query);
+
+    if (recallResult.bullets.length === 0) {
+      return {
+        content: JSON.stringify({
+          text: "No matching memories found.",
+          resultCount: 0,
+          degraded: false,
+          items: [],
+          sources: { semantic: 0, recency: 0 },
+        }),
+        isError: false,
+      };
+    }
+
+    const items = recallResult.bullets.map((b) => ({
+      id: b.sourceId,
+      type: b.source,
+      kind: b.source,
+    }));
+
+    const result = {
+      text: recallResult.text,
+      resultCount: recallResult.bullets.length,
+      degraded: false,
+      items,
+      sources: {
+        semantic: recallResult.prefetchHitCount,
+        recency: 0,
+      },
+    };
+
+    return {
+      content: JSON.stringify(result),
+      isError: false,
+    };
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    log.error({ err, query }, "simplified memory_recall failed");
+    return {
+      content: `Error: Memory recall failed: ${msg}`,
+      isError: true,
+    };
+  }
+}
+
 // ── Helpers ──────────────────────────────────────────────────────────
 
 function inferSubjectFromStatement(statement: string): string {

package/src/tools/schedule/create.ts

@@ -41,6 +41,7 @@ export async function executeScheduleCreate(
   const routingHints = input.routing_hints as
     | Record<string, unknown>
     | undefined;
+  const quiet = (input.quiet as boolean) ?? false;
 
   if (!name || typeof name !== "string") {
     return {
@@ -112,6 +113,7 @@ export async function executeScheduleCreate(
         mode,
         routingIntent: routingIntent as RoutingIntent | undefined,
         routingHints,
+        quiet,
       });
 
       const fireDate = formatLocalDate(job.nextRunAt);
@@ -187,6 +189,7 @@ export async function executeScheduleCreate(
       mode,
       routingIntent: routingIntent as RoutingIntent | undefined,
       routingHints,
+      quiet,
     });
 
     const scheduleDescription =

package/src/tools/schedule/list.ts

@@ -62,7 +62,11 @@ export async function executeScheduleList(
       );
     }
 
-    lines.push(`  Enabled: ${job.enabled}`, `  Message: ${job.message}`);
+    lines.push(
+      `  Enabled: ${job.enabled}`,
+      `  Quiet: ${job.quiet}`,
+      `  Message: ${job.message}`,
+    );
 
     if (!oneShot) {
       lines.push(`  Next run: ${formatLocalDate(job.nextRunAt)}`);

package/src/tools/schedule/update.ts

@@ -97,6 +97,11 @@ export async function executeScheduleUpdate(
     updates.routingHints = input.routing_hints;
   }
 
+  // Quiet mode
+  if (input.quiet !== undefined) {
+    updates.quiet = input.quiet;
+  }
+
   // Auto-detect syntax when expression changes without explicit syntax
   if (input.expression !== undefined || input.syntax !== undefined) {
     const resolved = normalizeScheduleSyntax({
@@ -159,6 +164,7 @@ export async function executeScheduleUpdate(
         mode?: ScheduleMode;
         routingIntent?: RoutingIntent;
         routingHints?: Record<string, unknown>;
+        quiet?: boolean;
       },
     );
 

package/src/util/device-id.ts

@@ -6,8 +6,10 @@
  * extensible for future per-device metadata.
  *
  * Path resolution:
- *   - Containerized (IS_CONTAINERIZED=true): uses BASE_DATA_DIR, which maps to a
- *     persistent volume. Each container is effectively its own "device."
+ *   - Containerized (IS_CONTAINERIZED=true): uses /home/assistant (the assistant
+ *     user's persistent home dir) so device.json lives on the assistant's own
+ *     filesystem rather than the shared data volume. Falls back to BASE_DATA_DIR
+ *     for migration from the old location.
  *   - Local (single or multi-instance): uses homedir() so all instances on the
  *     same machine share a single device ID, even when BASE_DATA_DIR is set to
  *     an instance-scoped directory.
@@ -31,18 +33,34 @@ let cached: string | undefined;
 /**
  * Resolve the base directory for device.json.
  *
- * In containerized environments, BASE_DATA_DIR points to a persistent volume
- * and homedir() is ephemeral, so we must use BASE_DATA_DIR.
+ * In containerized environments, device.json is stored under /home/assistant
+ * (the assistant user's persistent home dir) rather than on the shared data
+ * volume. Device ID is assistant-specific state that doesn't need to be shared.
  * In local environments (including multi-instance), homedir() is stable and
  * shared across instances, giving a true per-machine device ID.
  */
 export function getDeviceIdBaseDir(): string {
   if (getIsContainerized()) {
-    return getBaseDataDir() || homedir();
+    return "/home/assistant";
   }
   return homedir();
 }
 
+/**
+ * Resolve the legacy base directory for device.json migration.
+ *
+ * Returns the old containerized path (BASE_DATA_DIR) so we can fall back to
+ * reading device.json from the shared volume if it hasn't been migrated yet.
+ * Returns undefined when not containerized or when no legacy path exists.
+ */
+function getLegacyDeviceIdBaseDir(): string | undefined {
+  if (!getIsContainerized()) {
+    return undefined;
+  }
+  const baseDataDir = getBaseDataDir();
+  return baseDataDir || undefined;
+}
+
 /**
  * Get the stable device ID for this machine.
  *
@@ -78,10 +96,55 @@ export function getDeviceId(): string {
       }
     }
   } catch (err) {
-    log.warn({ err }, "Failed to read device.json — generating new device ID");
+    log.warn({ err }, "Failed to read device.json — checking legacy path");
+  }
+
+  // Migration fallback: check the legacy location (shared volume) if the new
+  // location doesn't have a valid device.json yet.
+  const legacyBase = getLegacyDeviceIdBaseDir();
+  if (legacyBase) {
+    const legacyPath = join(legacyBase, ".vellum", "device.json");
+    try {
+      if (existsSync(legacyPath)) {
+        const raw = JSON.parse(readFileSync(legacyPath, "utf-8"));
+        if (
+          raw &&
+          typeof raw === "object" &&
+          typeof raw.deviceId === "string" &&
+          raw.deviceId.length > 0
+        ) {
+          cached = raw.deviceId as string;
+          log.info(
+            { deviceId: cached },
+            "Resolved device ID from legacy device.json — will persist to new location",
+          );
+          // Persist to the new location so future reads don't need the fallback
+          try {
+            mkdirSync(vellumDir, { recursive: true });
+            writeFileSync(
+              filePath,
+              JSON.stringify({ deviceId: cached }, null, 2) + "\n",
+              { mode: 0o644 },
+            );
+            log.info("Migrated device.json to new location");
+          } catch (writeErr) {
+            log.warn(
+              { err: writeErr },
+              "Failed to migrate device.json to new location",
+            );
+          }
+          return cached;
+        }
+      }
+    } catch (err) {
+      log.warn(
+        { err },
+        "Failed to read legacy device.json — generating new device ID",
+      );
+    }
   }
 
-  // Either the file doesn't exist, or deviceId was missing/empty.
+  // Either the file doesn't exist at either location, or deviceId was missing/empty.
   // Generate a new UUID and persist it.
   try {
     mkdirSync(vellumDir, { recursive: true });

package/src/util/logger.ts

@@ -76,20 +76,44 @@ let rootLogger: pino.Logger | null = null;
 let activeLogDate: string | null = null;
 let activeLogFileConfig: LogFileConfig | null = null;
 
+function resolveLogDir(config: LogFileConfig): string | undefined {
+  if (!config.dir) return undefined;
+
+  if (!existsSync(config.dir)) {
+    try {
+      mkdirSync(config.dir, { recursive: true });
+    } catch (err) {
+      if (getIsContainerized()) {
+        // Config has a host-specific path that can't be created inside the
+        // container (e.g. /Users/…). Fall back to the default log directory.
+        const fallback = join(getLogPath(), "..");
+        console.warn(
+          `[logger] Configured logFile.dir "${config.dir}" cannot be created ` +
+            `in container (${(err as Error).message}). Falling back to "${fallback}".`,
+        );
+        if (!existsSync(fallback)) {
+          mkdirSync(fallback, { recursive: true });
+        }
+        return fallback;
+      }
+      throw err;
+    }
+  }
+
+  return config.dir;
+}
+
 function buildRotatingLogger(config: LogFileConfig): pino.Logger {
-  if (!config.dir) {
+  const dir = resolveLogDir(config);
+  if (!dir) {
     return pino(
       { name: "assistant", serializers: logSerializers },
       pinoPretty(prettyOpts({ destination: 1 })),
     );
   }
 
-  if (!existsSync(config.dir)) {
-    mkdirSync(config.dir, { recursive: true });
-  }
-
   const today = formatDate(new Date());
-  const filePath = logFilePathForDate(config.dir, new Date());
+  const filePath = logFilePathForDate(dir, new Date());
   const fileDest = pino.destination({
     dest: filePath,
     sync: false,
@@ -107,7 +131,7 @@ function buildRotatingLogger(config: LogFileConfig): pino.Logger {
   );
 
   activeLogDate = today;
-  activeLogFileConfig = config;
+  activeLogFileConfig = { ...config, dir };
 
   // When stdout is not a TTY (e.g. desktop app redirects to a hatch log file),
   // write to the rotating file only — the hatch log already captured early
@@ -144,8 +168,10 @@ function ensureCurrentDate(): void {
 export function initLogger(config: LogFileConfig): void {
   rootLogger = buildRotatingLogger(config);
 
-  if (config.dir && config.retentionDays > 0) {
-    const removed = pruneOldLogFiles(config.dir, config.retentionDays);
+  // Use the resolved dir (may differ from config.dir when containerized)
+  const resolvedDir = activeLogFileConfig?.dir;
+  if (resolvedDir && config.retentionDays > 0) {
+    const removed = pruneOldLogFiles(resolvedDir, config.retentionDays);
     if (removed > 0) {
       rootLogger.info(
         { removed, retentionDays: config.retentionDays },

package/src/util/platform.ts

@@ -8,7 +8,11 @@ import {
 import { homedir } from "node:os";
 import { join } from "node:path";
 
-import { getBaseDataDir } from "../config/env-registry.js";
+import {
+  getBaseDataDir,
+  getIsContainerized,
+  getWorkspaceDirOverride,
+} from "../config/env-registry.js";
 
 export function isMacOS(): boolean {
   return process.platform === "darwin";
@@ -237,6 +241,15 @@ export function getInterfacesDir(): string {
   return join(getDataDir(), "interfaces");
 }
 
+/**
+ * Returns the sounds directory (~/.vellum/workspace/data/sounds).
+ * Custom sound files and sound configuration live here. Sound files
+ * can be large, so this directory is excluded from diagnostic exports.
+ */
+export function getSoundsDir(): string {
+  return join(getWorkspaceDir(), "data", "sounds");
+}
+
 /**
  * Returns the TCP port the daemon should listen on for iOS clients.
  * Hardcoded default: 8765.
@@ -356,13 +369,19 @@ export function getSignalsDir(): string {
 // Currently not used by call-sites; wired in later PRs.
 
 /**
- * Returns ~/.vellum/workspace — the workspace root for user-facing state.
+ * Returns the workspace root for user-facing state.
+ *
+ * When the WORKSPACE_DIR env var is set, returns that value (used in
+ * containerized deployments where the workspace is a separate volume).
+ * Otherwise falls back to ~/.vellum/workspace.
  *
  * WARNING: The entire workspace directory is included in diagnostic log exports
  * ("Send logs to Vellum"). Do not store secrets, API keys, or sensitive
  * credentials here — use the credential store or ~/.vellum/protected/ instead.
  */
 export function getWorkspaceDir(): string {
+  const override = getWorkspaceDirOverride();
+  if (override) return override;
   return join(getRootDir(), "workspace");
 }
 
@@ -413,13 +432,17 @@ export function ensureDataDir(): void {
   const root = getRootDir();
   const workspace = getWorkspaceDir();
   const wsData = join(workspace, "data");
+  const containerized = getIsContainerized();
   const dirs = [
-    // Root-level dirs (runtime / protected)
+    // Root-level dirs (runtime)
     root,
-    join(root, "protected"),
+    // protected, signals, hooks are local-only — skip in containerized mode
+    // (credentials via CES HTTP API, trust via gateway API, no IPC signals)
+    ...(containerized
+      ? []
+      : [join(root, "protected"), join(root, "signals"), join(root, "hooks")]),
     // Workspace dirs
     workspace,
-    join(root, "hooks"),
     join(workspace, "skills"),
     join(workspace, "embedding-models"),
     join(workspace, "conversations"),
@@ -432,6 +455,7 @@ export function ensureDataDir(): void {
     join(wsData, "memory", "knowledge"),
     join(wsData, "apps"),
     join(wsData, "interfaces"),
+    join(wsData, "sounds"),
   ];
   for (const dir of dirs) {
     if (!existsSync(dir)) {

package/src/workspace/migrations/migrate-to-workspace-volume.ts

@@ -0,0 +1,113 @@
+/**
+ * Workspace migration: Migrate workspace data from /data to /workspace volume.
+ *
+ * In the old Docker volume layout, workspace data lived at
+ * `$BASE_DATA_DIR/.vellum/workspace`. In the new layout, WORKSPACE_DIR points
+ * to a dedicated volume (e.g. `/workspace`). On first boot with the new layout,
+ * this migration copies existing workspace data from the old location to the
+ * new volume so nothing is lost.
+ *
+ * Idempotent:
+ * - Skips if WORKSPACE_DIR is not set (non-Docker or old layout).
+ * - Skips if the workspace volume already has data (config.json exists).
+ * - Skips if the sentinel file exists (already migrated).
+ * - Skips if the old workspace directory doesn't exist or is empty.
+ */
+
+import { cpSync, existsSync, readdirSync, writeFileSync } from "node:fs";
+import { join } from "node:path";
+
+import {
+  getBaseDataDir,
+  getWorkspaceDirOverride,
+} from "../../config/env-registry.js";
+import type { WorkspaceMigration } from "./types.js";
+
+const SENTINEL_FILENAME = ".workspace-volume-migrated";
+
+export const migrateToWorkspaceVolumeMigration: WorkspaceMigration = {
+  id: "014-migrate-to-workspace-volume",
+  description:
+    "Copy workspace data from old /data/.vellum/workspace to new WORKSPACE_DIR volume on first boot",
+
+  run(workspaceDir: string): void {
+    const workspaceDirOverride = getWorkspaceDirOverride();
+
+    // Only relevant when WORKSPACE_DIR is explicitly set (Docker with separate volume)
+    if (!workspaceDirOverride) return;
+
+    const sentinelPath = join(workspaceDir, SENTINEL_FILENAME);
+
+    // Already migrated — skip
+    if (existsSync(sentinelPath)) return;
+
+    // If the workspace volume already has data (config.json), assume it's
+    // already populated — either by a previous migration or manual setup.
+    if (existsSync(join(workspaceDir, "config.json"))) {
+      // Write sentinel so we don't re-check on every boot
+      writeSentinel(sentinelPath);
+      return;
+    }
+
+    // Resolve the old workspace location: $BASE_DATA_DIR/.vellum/workspace
+    const baseDataDir = getBaseDataDir();
+    if (!baseDataDir) {
+      // No BASE_DATA_DIR means there's no old location to migrate from
+      writeSentinel(sentinelPath);
+      return;
+    }
+
+    const oldWorkspaceDir = join(baseDataDir, ".vellum", "workspace");
+
+    // If the old workspace doesn't exist or is empty, nothing to migrate
+    if (!existsSync(oldWorkspaceDir)) {
+      writeSentinel(sentinelPath);
+      return;
+    }
+
+    let entries: string[];
+    try {
+      entries = readdirSync(oldWorkspaceDir);
+    } catch {
+      // Can't read old workspace — write sentinel and move on
+      writeSentinel(sentinelPath);
+      return;
+    }
+
+    if (entries.length === 0) {
+      writeSentinel(sentinelPath);
+      return;
+    }
+
+    // Copy everything from old workspace to new workspace volume.
+    // Use cpSync with recursive to handle nested directories.
+    // Copy each entry individually rather than the whole directory to avoid
+    // overwriting the target directory itself (which may already have
+    // sub-directories created by ensureDataDir).
+    for (const entry of entries) {
+      const src = join(oldWorkspaceDir, entry);
+      const dst = join(workspaceDir, entry);
+
+      // Skip if destination already exists (partial previous run)
+      if (existsSync(dst)) continue;
+
+      try {
+        cpSync(src, dst, { recursive: true });
+      } catch {
+        // Best-effort per entry — continue with remaining items
+      }
+    }
+
+    // Mark migration complete
+    writeSentinel(sentinelPath);
+  },
+};
+
+function writeSentinel(sentinelPath: string): void {
+  try {
+    writeFileSync(sentinelPath, new Date().toISOString() + "\n", "utf-8");
+  } catch {
+    // Best-effort — if we can't write the sentinel, the migration runner's
+    // checkpoint will still prevent re-running the migration function.
+  }
+}

package/src/workspace/migrations/registry.ts

@@ -10,6 +10,7 @@ import { appDirRenameMigration } from "./010-app-dir-rename.js";
 import { backfillInstallationIdMigration } from "./011-backfill-installation-id.js";
 import { renameConversationDiskViewDirsMigration } from "./012-rename-conversation-disk-view-dirs.js";
 import { repairConversationDiskViewMigration } from "./013-repair-conversation-disk-view.js";
+import { migrateToWorkspaceVolumeMigration } from "./migrate-to-workspace-volume.js";
 import type { WorkspaceMigration } from "./types.js";
 
 /**
@@ -29,4 +30,5 @@ export const WORKSPACE_MIGRATIONS: WorkspaceMigration[] = [
   appDirRenameMigration,
   renameConversationDiskViewDirsMigration,
   repairConversationDiskViewMigration,
+  migrateToWorkspaceVolumeMigration,
 ];