npm - @vellumai/assistant - Versions diffs - 0.5.5 → 0.5.7 - Mend

@vellumai/assistant 0.5.5 → 0.5.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (382) hide show

package/.env.example +16 -2
package/ARCHITECTURE.md +6 -75
package/Dockerfile +4 -5
package/README.md +0 -2
package/bun.lock +0 -414
package/docs/architecture/keychain-broker.md +45 -240
package/docs/architecture/security.md +0 -17
package/docs/credential-execution-service.md +2 -2
package/node_modules/@vellumai/ces-contracts/package.json +1 -0
package/node_modules/@vellumai/ces-contracts/src/rpc.ts +119 -0
package/node_modules/@vellumai/credential-storage/package.json +1 -0
package/node_modules/@vellumai/egress-proxy/package.json +1 -0
package/package.json +2 -3
package/src/__tests__/actor-token-service.test.ts +1 -2
package/src/__tests__/assistant-feature-flags-integration.test.ts +30 -29
package/src/__tests__/browser-skill-endstate.test.ts +6 -5
package/src/__tests__/btw-routes.test.ts +0 -39
package/src/__tests__/call-domain.test.ts +0 -128
package/src/__tests__/ces-rpc-credential-backend.test.ts +199 -0
package/src/__tests__/channel-approval-routes.test.ts +0 -5
package/src/__tests__/channel-readiness-service.test.ts +1 -60
package/src/__tests__/checker.test.ts +4 -2
package/src/__tests__/cli-command-risk-guard.test.ts +112 -0
package/src/__tests__/config-schema-cmd.test.ts +0 -1
package/src/__tests__/config-schema.test.ts +3 -3
package/src/__tests__/context-window-manager.test.ts +78 -0
package/src/__tests__/conversation-attention-telegram.test.ts +0 -5
package/src/__tests__/conversation-init.benchmark.test.ts +0 -2
package/src/__tests__/conversation-skill-tools.test.ts +0 -54
package/src/__tests__/conversation-title-service.test.ts +117 -1
package/src/__tests__/credential-execution-feature-gates.test.ts +28 -14
package/src/__tests__/credential-execution-managed-contract.test.ts +33 -18
package/src/__tests__/credential-security-e2e.test.ts +0 -66
package/src/__tests__/credential-security-invariants.test.ts +4 -45
package/src/__tests__/credentials-cli.test.ts +78 -0
package/src/__tests__/db-migration-rollback.test.ts +2015 -1
package/src/__tests__/docker-signing-key-bootstrap.test.ts +98 -0
package/src/__tests__/dynamic-skill-workflow-prompt.test.ts +6 -4
package/src/__tests__/guardian-routing-state.test.ts +0 -5
package/src/__tests__/host-shell-tool.test.ts +6 -7
package/src/__tests__/http-user-message-parity.test.ts +3 -103
package/src/__tests__/inbound-invite-redemption.test.ts +0 -4
package/src/__tests__/inline-skill-load-permissions.test.ts +6 -8
package/src/__tests__/intent-routing.test.ts +0 -13
package/src/__tests__/jobs-store-qdrant-breaker.test.ts +178 -0
package/src/__tests__/keychain-broker-client.test.ts +161 -22
package/src/__tests__/memory-jobs-worker-backoff.test.ts +150 -0
package/src/__tests__/memory-regressions.test.ts +8 -30
package/src/__tests__/migration-export-http.test.ts +2 -2
package/src/__tests__/migration-import-commit-http.test.ts +2 -2
package/src/__tests__/migration-import-preflight-http.test.ts +2 -2
package/src/__tests__/migration-validate-http.test.ts +2 -2
package/src/__tests__/non-member-access-request.test.ts +0 -5
package/src/__tests__/notification-decision-fallback.test.ts +4 -0
package/src/__tests__/notification-decision-identity.test.ts +4 -0
package/src/__tests__/permission-types.test.ts +1 -0
package/src/__tests__/provider-managed-proxy-integration.test.ts +5 -6
package/src/__tests__/qdrant-manager.test.ts +28 -2
package/src/__tests__/registry.test.ts +0 -6
package/src/__tests__/require-fresh-approval.test.ts +4 -0
package/src/__tests__/runtime-attachment-metadata.test.ts +0 -4
package/src/__tests__/secret-routes-managed-proxy.test.ts +0 -4
package/src/__tests__/secure-keys.test.ts +83 -263
package/src/__tests__/shell-identity.test.ts +96 -6
package/src/__tests__/skill-feature-flags-integration.test.ts +22 -14
package/src/__tests__/skill-feature-flags.test.ts +46 -45
package/src/__tests__/skill-load-feature-flag.test.ts +7 -10
package/src/__tests__/skill-load-inline-command.test.ts +8 -12
package/src/__tests__/skill-load-inline-includes.test.ts +6 -10
package/src/__tests__/skill-load-tool.test.ts +0 -2
package/src/__tests__/skill-projection-feature-flag.test.ts +33 -29
package/src/__tests__/skills.test.ts +0 -2
package/src/__tests__/slack-inbound-verification.test.ts +0 -4
package/src/__tests__/suggestion-routes.test.ts +1 -32
package/src/__tests__/system-prompt.test.ts +0 -1
package/src/__tests__/tool-executor-lifecycle-events.test.ts +4 -0
package/src/__tests__/tool-executor-shell-integration.test.ts +5 -3
package/src/__tests__/tool-executor.test.ts +4 -0
package/src/__tests__/trusted-contact-lifecycle-notifications.test.ts +0 -5
package/src/__tests__/trusted-contact-multichannel.test.ts +0 -4
package/src/__tests__/update-bulletin.test.ts +0 -2
package/src/__tests__/vellum-self-knowledge-inline-command.test.ts +6 -9
package/src/__tests__/voice-scoped-grant-consumer.test.ts +0 -6
package/src/__tests__/workspace-migration-015-migrate-credentials-to-keychain.test.ts +252 -0
package/src/__tests__/workspace-migration-016-migrate-credentials-from-keychain.test.ts +218 -0
package/src/__tests__/workspace-migration-down-functions.test.ts +1009 -0
package/src/__tests__/workspace-migrations-runner.test.ts +114 -0
package/src/calls/audio-store.test.ts +97 -0
package/src/calls/audio-store.ts +205 -0
package/src/calls/call-controller.ts +85 -7
package/src/calls/call-domain.ts +3 -0
package/src/calls/call-store.ts +10 -3
package/src/calls/fish-audio-client.ts +117 -0
package/src/calls/relay-server.ts +27 -0
package/src/calls/twilio-routes.ts +2 -1
package/src/calls/types.ts +1 -0
package/src/calls/voice-ingress-preflight.ts +0 -42
package/src/calls/voice-quality.ts +26 -5
package/src/calls/voice-session-bridge.ts +6 -12
package/src/cli/commands/config.ts +1 -4
package/src/cli/commands/conversations.ts +0 -18
package/src/cli/commands/credentials.ts +34 -4
package/src/cli/commands/oauth/index.ts +7 -0
package/src/cli/commands/oauth/platform.ts +179 -0
package/src/cli/commands/platform.ts +3 -3
package/src/config/assistant-feature-flags.ts +186 -5
package/src/config/bundled-skills/messaging/SKILL.md +5 -5
package/src/config/bundled-skills/phone-calls/TOOLS.json +4 -0
package/src/config/bundled-skills/settings/TOOLS.json +2 -2
package/src/config/bundled-skills/settings/tools/voice-config-update.ts +42 -0
package/src/config/bundled-tool-registry.ts +1 -11
package/src/config/env-registry.ts +1 -1
package/src/config/env.ts +16 -16
package/src/config/feature-flag-registry.json +48 -16
package/src/config/loader.ts +98 -31
package/src/config/schema.ts +4 -25
package/src/config/schemas/calls.ts +13 -0
package/src/config/schemas/fish-audio.ts +39 -0
package/src/config/schemas/memory.ts +0 -4
package/src/config/schemas/platform.ts +1 -1
package/src/config/schemas/security.ts +4 -4
package/src/config/types.ts +0 -1
package/src/contacts/contact-store.ts +39 -0
package/src/contacts/types.ts +2 -0
package/src/context/window-manager.ts +53 -2
package/src/credential-execution/approval-bridge.ts +1 -0
package/src/credential-execution/executable-discovery.ts +28 -4
package/src/credential-execution/feature-gates.ts +16 -0
package/src/credential-execution/process-manager.ts +38 -0
package/src/daemon/assistant-attachments.ts +9 -0
package/src/daemon/config-watcher.ts +6 -4
package/src/daemon/conversation-agent-loop.ts +0 -60
package/src/daemon/conversation-memory.ts +0 -117
package/src/daemon/conversation-runtime-assembly.ts +0 -2
package/src/daemon/conversation-tool-setup.ts +0 -105
package/src/daemon/conversation.ts +10 -1
package/src/daemon/handlers/config-vercel.ts +92 -0
package/src/daemon/handlers/conversations.ts +0 -11
package/src/daemon/handlers/skills.ts +2 -15
package/src/daemon/install-symlink.ts +195 -0
package/src/daemon/lifecycle.ts +229 -96
package/src/daemon/message-types/conversations.ts +3 -4
package/src/daemon/message-types/diagnostics.ts +3 -22
package/src/daemon/message-types/messages.ts +0 -2
package/src/daemon/message-types/upgrades.ts +8 -0
package/src/daemon/server.ts +30 -92
package/src/events/domain-events.ts +2 -1
package/src/followups/followup-store.ts +5 -2
package/src/inbound/platform-callback-registration.ts +3 -3
package/src/instrument.ts +8 -5
package/src/memory/conversation-crud.ts +0 -236
package/src/memory/conversation-title-service.ts +76 -11
package/src/memory/db-init.ts +15 -11
package/src/memory/indexer.ts +15 -106
package/src/memory/items-extractor.ts +15 -1
package/src/memory/job-handlers/conversation-starters.ts +4 -1
package/src/memory/job-handlers/embedding.ts +0 -79
package/src/memory/job-utils.ts +1 -1
package/src/memory/jobs-store.ts +30 -13
package/src/memory/jobs-worker.ts +31 -27
package/src/memory/migrations/001-job-deferrals.ts +19 -0
package/src/memory/migrations/004-entity-relation-dedup.ts +10 -0
package/src/memory/migrations/005-fingerprint-scope-unique.ts +76 -0
package/src/memory/migrations/006-scope-salted-fingerprints.ts +50 -0
package/src/memory/migrations/007-assistant-id-to-self.ts +10 -0
package/src/memory/migrations/008-remove-assistant-id-columns.ts +34 -0
package/src/memory/migrations/009-llm-usage-events-drop-assistant-id.ts +26 -0
package/src/memory/migrations/014-backfill-inbox-thread-state.ts +10 -0
package/src/memory/migrations/015-drop-active-search-index.ts +17 -0
package/src/memory/migrations/019-notification-tables-schema-migration.ts +12 -0
package/src/memory/migrations/020-rename-macos-ios-channel-to-vellum.ts +121 -0
package/src/memory/migrations/024-embedding-vector-blob.ts +74 -0
package/src/memory/migrations/026a-embeddings-nullable-vector-json.ts +82 -0
package/src/memory/migrations/036-normalize-phone-identities.ts +11 -0
package/src/memory/migrations/116-messages-fts.ts +106 -1
package/src/memory/migrations/126-backfill-guardian-principal-id.ts +52 -0
package/src/memory/migrations/127-guardian-principal-id-not-null.ts +77 -0
package/src/memory/migrations/134-contacts-notes-column.ts +13 -0
package/src/memory/migrations/135-backfill-contact-interaction-stats.ts +20 -0
package/src/memory/migrations/136-drop-assistant-id-columns.ts +52 -0
package/src/memory/migrations/140-backfill-usage-cache-accounting.ts +13 -0
package/src/memory/migrations/141-rename-verification-table.ts +54 -0
package/src/memory/migrations/142-rename-verification-session-id-column.ts +25 -0
package/src/memory/migrations/143-rename-guardian-verification-values.ts +35 -0
package/src/memory/migrations/144-rename-voice-to-phone.ts +136 -0
package/src/memory/migrations/145-drop-accounts-table.ts +32 -0
package/src/memory/migrations/147-migrate-reminders-to-schedules.ts +14 -1
package/src/memory/migrations/148-drop-reminders-table.ts +35 -1
package/src/memory/migrations/150-oauth-apps-client-secret-path.ts +69 -1
package/src/memory/migrations/162-guardian-timestamps-epoch-ms.ts +290 -0
package/src/memory/migrations/169-rename-gmail-provider-key-to-google.ts +51 -1
package/src/memory/migrations/174-rename-thread-starters-table.ts +47 -1
package/src/memory/migrations/176-drop-capability-card-state.ts +13 -0
package/src/memory/migrations/180-backfill-inline-attachments-to-disk.ts +16 -0
package/src/memory/migrations/181-rename-thread-starters-checkpoints.ts +28 -1
package/src/memory/migrations/189-drop-simplified-memory.ts +42 -0
package/src/memory/migrations/190-call-session-skip-disclosure.ts +15 -0
package/src/memory/migrations/191-backfill-audio-attachment-mime-types.ts +64 -0
package/src/memory/migrations/192-contacts-user-file-column.ts +15 -0
package/src/memory/migrations/index.ts +5 -3
package/src/memory/migrations/registry.ts +90 -0
package/src/memory/migrations/validate-migration-state.ts +137 -11
package/src/memory/qdrant-circuit-breaker.ts +9 -0
package/src/memory/qdrant-client.ts +4 -6
package/src/memory/qdrant-manager.ts +64 -7
package/src/memory/schema/calls.ts +1 -0
package/src/memory/schema/contacts.ts +1 -0
package/src/memory/schema/conversations.ts +0 -3
package/src/memory/schema/index.ts +0 -2
package/src/messaging/draft-store.ts +2 -2
package/src/notifications/decision-engine.ts +4 -1
package/src/oauth/connection-resolver.ts +6 -4
package/src/permissions/checker.ts +0 -38
package/src/permissions/defaults.ts +3 -3
package/src/permissions/shell-identity.ts +76 -22
package/src/permissions/trust-client.ts +2 -13
package/src/permissions/trust-store.ts +8 -3
package/src/permissions/types.ts +4 -2
package/src/platform/client.ts +35 -7
package/src/prompts/persona-resolver.ts +138 -0
package/src/prompts/system-prompt.ts +36 -4
package/src/prompts/templates/users/default.md +1 -0
package/src/providers/registry.ts +27 -40
package/src/runtime/auth/__tests__/credential-service.test.ts +0 -1
package/src/runtime/auth/__tests__/external-assistant-id.test.ts +13 -68
package/src/runtime/auth/external-assistant-id.ts +13 -59
package/src/runtime/auth/route-policy.ts +29 -1
package/src/runtime/auth/token-service.ts +53 -15
package/src/runtime/channel-readiness-service.ts +1 -16
package/src/runtime/http-server.ts +29 -2
package/src/runtime/middleware/error-handler.ts +1 -9
package/src/runtime/routes/audio-routes.ts +40 -0
package/src/runtime/routes/btw-routes.ts +0 -17
package/src/runtime/routes/conversation-management-routes.ts +0 -36
package/src/runtime/routes/conversation-query-routes.ts +106 -2
package/src/runtime/routes/conversation-routes.ts +4 -43
package/src/runtime/routes/diagnostics-routes.ts +1 -477
package/src/runtime/routes/identity-routes.ts +18 -29
package/src/runtime/routes/inbound-stages/secret-ingress-check.ts +4 -33
package/src/runtime/routes/inbound-stages/transcribe-audio.test.ts +1 -1
package/src/runtime/routes/integrations/vercel.ts +89 -0
package/src/runtime/routes/log-export-routes.ts +5 -0
package/src/runtime/routes/memory-item-routes.test.ts +221 -3
package/src/runtime/routes/memory-item-routes.ts +144 -4
package/src/runtime/routes/migration-rollback-routes.ts +209 -0
package/src/runtime/routes/migration-routes.ts +17 -1
package/src/runtime/routes/notification-routes.ts +58 -0
package/src/runtime/routes/schedule-routes.ts +65 -0
package/src/runtime/routes/settings-routes.ts +41 -1
package/src/runtime/routes/tts-routes.ts +86 -0
package/src/runtime/routes/upgrade-broadcast-routes.ts +175 -0
package/src/runtime/routes/workspace-commit-routes.ts +62 -0
package/src/runtime/routes/workspace-routes.test.ts +22 -1
package/src/runtime/routes/workspace-routes.ts +1 -1
package/src/runtime/routes/workspace-utils.ts +86 -2
package/src/schedule/schedule-store.ts +0 -21
package/src/security/ces-credential-client.ts +59 -22
package/src/security/ces-rpc-credential-backend.ts +85 -0
package/src/security/credential-backend.ts +12 -88
package/src/security/keychain-broker-client.ts +10 -2
package/src/security/secure-keys.ts +94 -113
package/src/skills/catalog-install.ts +13 -7
package/src/skills/inline-command-render.ts +5 -1
package/src/skills/inline-command-runner.ts +30 -2
package/src/telemetry/usage-telemetry-reporter.ts +4 -2
package/src/tools/calls/call-start.ts +1 -0
package/src/tools/executor.ts +0 -4
package/src/tools/memory/handlers.ts +1 -129
package/src/tools/network/script-proxy/session-manager.ts +19 -4
package/src/tools/network/web-fetch.ts +3 -1
package/src/tools/permission-checker.ts +18 -0
package/src/tools/skills/execute.ts +1 -1
package/src/tools/skills/load.ts +9 -2
package/src/tools/types.ts +0 -8
package/src/util/errors.ts +0 -12
package/src/util/platform.ts +8 -55
package/src/util/xml.ts +8 -0
package/src/workspace/git-service.ts +5 -2
package/src/workspace/heartbeat-service.ts +5 -24
package/src/workspace/migrations/001-avatar-rename.ts +15 -0
package/src/workspace/migrations/003-seed-device-id.ts +17 -1
package/src/workspace/migrations/004-extract-collect-usage-data.ts +33 -0
package/src/workspace/migrations/005-add-send-diagnostics.ts +3 -0
package/src/workspace/migrations/006-services-config.ts +49 -0
package/src/workspace/migrations/007-web-search-provider-rename.ts +27 -0
package/src/workspace/migrations/008-voice-timeout-and-max-steps.ts +3 -0
package/src/workspace/migrations/009-backfill-conversation-disk-view.ts +4 -0
package/src/workspace/migrations/010-app-dir-rename.ts +78 -0
package/src/workspace/migrations/011-backfill-installation-id.ts +11 -0
package/src/workspace/migrations/012-rename-conversation-disk-view-dirs.ts +44 -0
package/src/workspace/migrations/013-repair-conversation-disk-view.ts +5 -0
package/src/workspace/migrations/015-migrate-credentials-to-keychain.ts +153 -0
package/src/workspace/migrations/016-extract-feature-flags-to-protected.ts +156 -0
package/src/workspace/migrations/016-migrate-credentials-from-keychain.ts +150 -0
package/src/workspace/migrations/017-seed-persona-dirs.ts +95 -0
package/src/workspace/migrations/migrate-to-workspace-volume.ts +23 -1
package/src/workspace/migrations/registry.ts +8 -0
package/src/workspace/migrations/runner.ts +106 -2
package/src/workspace/migrations/types.ts +4 -0
package/src/__tests__/archive-recall.test.ts +0 -560
package/src/__tests__/claude-code-skill-regression.test.ts +0 -206
package/src/__tests__/claude-code-tool-profiles.test.ts +0 -99
package/src/__tests__/conversation-memory-dirty-tail.test.ts +0 -150
package/src/__tests__/conversation-switch-memory-reduction.test.ts +0 -474
package/src/__tests__/db-memory-archive-migration.test.ts +0 -372
package/src/__tests__/db-memory-brief-state-migration.test.ts +0 -213
package/src/__tests__/db-memory-reducer-checkpoints.test.ts +0 -273
package/src/__tests__/diagnostics-export.test.ts +0 -288
package/src/__tests__/local-gateway-health.test.ts +0 -209
package/src/__tests__/memory-brief-open-loops.test.ts +0 -530
package/src/__tests__/memory-brief-time.test.ts +0 -285
package/src/__tests__/memory-brief-wrapper.test.ts +0 -311
package/src/__tests__/memory-chunk-archive.test.ts +0 -400
package/src/__tests__/memory-chunk-dual-write.test.ts +0 -453
package/src/__tests__/memory-episode-archive.test.ts +0 -370
package/src/__tests__/memory-episode-dual-write.test.ts +0 -626
package/src/__tests__/memory-observation-archive.test.ts +0 -375
package/src/__tests__/memory-observation-dual-write.test.ts +0 -318
package/src/__tests__/memory-reducer-job.test.ts +0 -538
package/src/__tests__/memory-reducer-scheduling.test.ts +0 -473
package/src/__tests__/memory-reducer-store.test.ts +0 -728
package/src/__tests__/memory-reducer-types.test.ts +0 -707
package/src/__tests__/memory-reducer.test.ts +0 -704
package/src/__tests__/memory-simplified-config.test.ts +0 -281
package/src/__tests__/secret-ingress-handler.test.ts +0 -120
package/src/__tests__/simplified-memory-e2e.test.ts +0 -666
package/src/__tests__/simplified-memory-runtime.test.ts +0 -616
package/src/__tests__/swarm-conversation-integration.test.ts +0 -358
package/src/__tests__/swarm-dag-pathological.test.ts +0 -547
package/src/__tests__/swarm-orchestrator.test.ts +0 -463
package/src/__tests__/swarm-plan-validator.test.ts +0 -384
package/src/__tests__/swarm-recursion.test.ts +0 -197
package/src/__tests__/swarm-router-planner.test.ts +0 -234
package/src/__tests__/swarm-tool.test.ts +0 -185
package/src/__tests__/swarm-worker-backend.test.ts +0 -144
package/src/__tests__/swarm-worker-runner.test.ts +0 -288
package/src/commands/__tests__/cc-command-registry.test.ts +0 -396
package/src/commands/cc-command-registry.ts +0 -248
package/src/config/bundled-skills/claude-code/SKILL.md +0 -53
package/src/config/bundled-skills/claude-code/TOOLS.json +0 -47
package/src/config/bundled-skills/claude-code/tools/claude-code.ts +0 -12
package/src/config/bundled-skills/orchestration/SKILL.md +0 -33
package/src/config/bundled-skills/orchestration/TOOLS.json +0 -35
package/src/config/bundled-skills/orchestration/tools/swarm-delegate.ts +0 -12
package/src/config/schemas/memory-simplified.ts +0 -101
package/src/config/schemas/swarm.ts +0 -82
package/src/logfire.ts +0 -135
package/src/memory/archive-recall.ts +0 -516
package/src/memory/archive-store.ts +0 -400
package/src/memory/brief-formatting.ts +0 -33
package/src/memory/brief-open-loops.ts +0 -266
package/src/memory/brief-time.ts +0 -162
package/src/memory/brief.ts +0 -75
package/src/memory/job-handlers/backfill-simplified-memory.ts +0 -462
package/src/memory/job-handlers/reduce-conversation-memory.ts +0 -229
package/src/memory/migrations/185-memory-brief-state.ts +0 -52
package/src/memory/migrations/186-memory-archive.ts +0 -109
package/src/memory/migrations/187-memory-reducer-checkpoints.ts +0 -19
package/src/memory/reducer-scheduler.ts +0 -242
package/src/memory/reducer-store.ts +0 -271
package/src/memory/reducer-types.ts +0 -106
package/src/memory/reducer.ts +0 -467
package/src/memory/schema/memory-archive.ts +0 -121
package/src/memory/schema/memory-brief.ts +0 -55
package/src/runtime/local-gateway-health.ts +0 -275
package/src/security/secret-ingress.ts +0 -68
package/src/swarm/backend-claude-code.ts +0 -225
package/src/swarm/checkpoint.ts +0 -137
package/src/swarm/graph-utils.ts +0 -53
package/src/swarm/index.ts +0 -55
package/src/swarm/limits.ts +0 -66
package/src/swarm/orchestrator.ts +0 -424
package/src/swarm/plan-validator.ts +0 -117
package/src/swarm/router-planner.ts +0 -162
package/src/swarm/router-prompts.ts +0 -39
package/src/swarm/synthesizer.ts +0 -81
package/src/swarm/types.ts +0 -72
package/src/swarm/worker-backend.ts +0 -131
package/src/swarm/worker-prompts.ts +0 -80
package/src/swarm/worker-runner.ts +0 -170
package/src/tools/claude-code/claude-code.ts +0 -610
package/src/tools/swarm/delegate.ts +0 -205

package/src/runtime/routes/workspace-commit-routes.ts ADDED Viewed

@@ -0,0 +1,62 @@
+/**
+ * Workspace commit endpoint — creates a git commit in the workspace
+ * directory with all pending changes.
+ *
+ * Protected by a route policy restricting access to gateway service
+ * principals only (`svc_gateway` with `internal.write` scope), following
+ * the same pattern as other gateway-forwarded control-plane endpoints.
+ */
+import { getWorkspaceDir } from "../../util/platform.js";
+import { getWorkspaceGitService } from "../../workspace/git-service.js";
+import { httpError } from "../http-errors.js";
+import type { RouteDefinition } from "../http-router.js";
+export function workspaceCommitRouteDefinitions(): RouteDefinition[] {
+  return [
+    {
+      endpoint: "admin/workspace-commit",
+      method: "POST",
+      handler: async ({ req }) => {
+        let body: unknown;
+        try {
+          body = await req.json();
+        } catch {
+          return httpError("BAD_REQUEST", "Invalid JSON body", 400);
+        }
+        if (!body || typeof body !== "object") {
+          return httpError(
+            "BAD_REQUEST",
+            "Request body must be a JSON object",
+            400,
+          );
+        }
+        const { message } = body as { message?: unknown };
+        if (typeof message !== "string" || message.length === 0) {
+          return httpError(
+            "BAD_REQUEST",
+            "message is required and must be a non-empty string",
+            400,
+          );
+        }
+        try {
+          await getWorkspaceGitService(getWorkspaceDir()).commitChanges(
+            message,
+          );
+          return Response.json({ ok: true });
+        } catch (err) {
+          const detail = err instanceof Error ? err.message : "Unknown error";
+          return httpError(
+            "INTERNAL_ERROR",
+            `Workspace commit failed: ${detail}`,
+            500,
+          );
+        }
+      },
+    },
+  ];
+}

package/src/runtime/routes/workspace-routes.test.ts CHANGED Viewed

@@ -190,9 +190,30 @@ describe("isTextMimeType", () => {
     expect(isTextMimeType("video/mp4")).toBe(false);
   });
-  test("application/octet-stream is not text", () => {
+  test("application/octet-stream is not text without filename", () => {
     expect(isTextMimeType("application/octet-stream")).toBe(false);
   });
+  test("application/octet-stream with .py filename is text", () => {
+    expect(isTextMimeType("application/octet-stream", "script.py")).toBe(true);
+  });
+  test("application/octet-stream with .go filename is text", () => {
+    expect(isTextMimeType("application/octet-stream", "main.go")).toBe(true);
+  });
+  test("application/octet-stream with .rs filename is text", () => {
+    expect(isTextMimeType("application/octet-stream", "lib.rs")).toBe(true);
+  });
+  test("application/octet-stream with unknown extension is not text", () => {
+    expect(isTextMimeType("application/octet-stream", "data.bin")).toBe(false);
+  });
+  test("extension fallback only applies to application/octet-stream", () => {
+    // A binary plist has a specific MIME type — extension should not override it
+    expect(isTextMimeType("application/x-plist", "Info.plist")).toBe(false);
+  });
 });
 // ===========================================================================

package/src/runtime/routes/workspace-routes.ts CHANGED Viewed

@@ -119,7 +119,7 @@ function handleWorkspaceFile(ctx: RouteContext): Response {
   }
   const mimeType = Bun.file(resolved).type;
-  const isText = isTextMimeType(mimeType);
+  const isText = isTextMimeType(mimeType, basename(resolved));
   const isBinary = !isText;
   let content: string | undefined = undefined;

package/src/runtime/routes/workspace-utils.ts CHANGED Viewed

@@ -85,10 +85,94 @@ const TEXT_MIME_PREFIXES = [
   "application/x-yaml",
   "application/toml",
   "application/x-sh",
+  "application/x-httpd-php",
+  "application/x-perl",
+  "application/x-sql",
+  "application/x-tex",
+  "application/vnd.dart",
 ];
-export function isTextMimeType(mimeType: string): boolean {
-  return TEXT_MIME_PREFIXES.some((prefix) => mimeType.startsWith(prefix));
+/**
+ * File extensions that are known text/code files but that Bun's MIME
+ * detection reports as `application/octet-stream`.
+ */
+const TEXT_FILE_EXTENSIONS = new Set([
+  // Programming languages
+  "py",
+  "rb",
+  "go",
+  "rs",
+  "swift",
+  "kt",
+  "kts",
+  "cs",
+  "scala",
+  "ex",
+  "exs",
+  "erl",
+  "hs",
+  "clj",
+  "cljs",
+  "jl",
+  "zig",
+  "nim",
+  "v",
+  "sol",
+  "r",
+  "java",
+  "lua",
+  // Shell / scripting
+  "bash",
+  "zsh",
+  "fish",
+  "ps1",
+  "bat",
+  "cmd",
+  "awk",
+  // Web frameworks
+  "vue",
+  "svelte",
+  "scss",
+  "sass",
+  "less",
+  // Config / data
+  "cfg",
+  "conf",
+  "ini",
+  "properties",
+  "env",
+  "gradle",
+  "cmake",
+  // Markup / docs
+  "rst",
+  "adoc",
+  "org",
+  "tex",
+  "latex",
+  // Other text formats
+  "graphql",
+  "gql",
+  "proto",
+  "tf",
+  "hcl",
+  "diff",
+  "patch",
+  "log",
+  "lock",
+]);
+export function isTextMimeType(mimeType: string, fileName?: string): boolean {
+  if (TEXT_MIME_PREFIXES.some((prefix) => mimeType.startsWith(prefix))) {
+    return true;
+  }
+  // Only fall back to extension check when the MIME type is genuinely unknown.
+  // Specific MIME types (e.g. application/x-plist for binary plists) should be
+  // trusted over the extension — overriding them risks corrupting binary files.
+  if (fileName && mimeType === "application/octet-stream") {
+    const ext = fileName.split(".").pop()?.toLowerCase();
+    if (ext && TEXT_FILE_EXTENSIONS.has(ext)) return true;
+  }
+  return false;
 }
 export const MAX_INLINE_TEXT_SIZE = 2 * 1024 * 1024; // 2 MB

package/src/schedule/schedule-store.ts CHANGED Viewed

@@ -206,27 +206,6 @@ export function listSchedules(options?: {
   return rows.map(parseJobRow);
 }
-/**
- * Return enabled schedules whose next run falls within a time window.
- * Used by the memory brief compiler to surface due-soon schedule entries.
- */
-export function getDueSoonSchedules(
-  now: number,
-  horizonMs: number,
-): ScheduleJob[] {
-  const db = getDb();
-  const cutoff = now + horizonMs;
-  const rows = db
-    .select()
-    .from(scheduleJobs)
-    .where(
-      and(eq(scheduleJobs.enabled, true), lte(scheduleJobs.nextRunAt, cutoff)),
-    )
-    .orderBy(asc(scheduleJobs.nextRunAt))
-    .all();
-  return rows.map(parseJobRow);
-}
 export function updateSchedule(
   id: string,
   updates: {

package/src/security/ces-credential-client.ts CHANGED Viewed

@@ -16,11 +16,17 @@
  */
 import { getLogger } from "../util/logger.js";
-import type { CredentialBackend, DeleteResult } from "./credential-backend.js";
+import type {
+  CredentialBackend,
+  CredentialGetResult,
+  DeleteResult,
+} from "./credential-backend.js";
 const log = getLogger("ces-credential-client");
 const REQUEST_TIMEOUT_MS = 10_000;
+const SET_MAX_RETRIES = 3;
+const SET_RETRY_DELAY_MS = 2_000;
 // ---------------------------------------------------------------------------
 // Env helpers
@@ -77,49 +83,80 @@ export class CesCredentialBackend implements CredentialBackend {
     return !!getBaseUrl() && !!getServiceToken();
   }
-  async get(account: string): Promise<string | undefined> {
+  async get(account: string): Promise<CredentialGetResult> {
     try {
       const res = await cesRequest(
         "GET",
         `/v1/credentials/${encodeURIComponent(account)}`,
       );
-      if (!res) return undefined;
-      if (res.status === 404) return undefined;
+      if (!res) return { value: undefined, unreachable: true };
+      if (res.status === 404) return { value: undefined, unreachable: false };
       if (!res.ok) {
         log.warn(
           { account, status: res.status },
           "CES credential get returned non-OK status",
         );
-        return undefined;
+        return { value: undefined, unreachable: true };
       }
       const data = (await res.json()) as { value?: string };
-      return data.value;
+      return { value: data.value, unreachable: false };
     } catch (err) {
       log.warn({ err, account }, "CES credential get threw unexpectedly");
-      return undefined;
+      return { value: undefined, unreachable: true };
     }
   }
   async set(account: string, value: string): Promise<boolean> {
-    try {
-      const res = await cesRequest(
-        "POST",
-        `/v1/credentials/${encodeURIComponent(account)}`,
-        { value },
-      );
-      if (!res) return false;
-      if (!res.ok) {
-        log.warn(
-          { account, status: res.status },
-          "CES credential set returned non-OK status",
+    for (let attempt = 0; attempt < SET_MAX_RETRIES; attempt++) {
+      try {
+        const res = await cesRequest(
+          "POST",
+          `/v1/credentials/${encodeURIComponent(account)}`,
+          { value },
         );
+        if (!res) {
+          // CES not reachable or env vars missing — retry in case sidecar
+          // is still starting up after pod creation.
+          if (attempt < SET_MAX_RETRIES - 1) {
+            log.warn(
+              { account, attempt },
+              "CES credential set got no response, retrying",
+            );
+            await new Promise((r) => setTimeout(r, SET_RETRY_DELAY_MS));
+            continue;
+          }
+          return false;
+        }
+        if (!res.ok) {
+          if (attempt < SET_MAX_RETRIES - 1) {
+            log.warn(
+              { account, status: res.status, attempt },
+              "CES credential set returned non-OK status, retrying",
+            );
+            await new Promise((r) => setTimeout(r, SET_RETRY_DELAY_MS));
+            continue;
+          }
+          log.warn(
+            { account, status: res.status },
+            "CES credential set returned non-OK status",
+          );
+          return false;
+        }
+        return true;
+      } catch (err) {
+        if (attempt < SET_MAX_RETRIES - 1) {
+          log.warn(
+            { err, account, attempt },
+            "CES credential set threw, retrying",
+          );
+          await new Promise((r) => setTimeout(r, SET_RETRY_DELAY_MS));
+          continue;
+        }
+        log.warn({ err, account }, "CES credential set threw unexpectedly");
         return false;
       }
-      return true;
-    } catch (err) {
-      log.warn({ err, account }, "CES credential set threw unexpectedly");
-      return false;
     }
+    return false;
   }
   async delete(account: string): Promise<DeleteResult> {

package/src/security/ces-rpc-credential-backend.ts ADDED Viewed

@@ -0,0 +1,85 @@
+/**
+ * CesRpcCredentialBackend — a CredentialBackend that delegates all credential
+ * operations to the Credential Execution Service (CES) via stdio RPC.
+ *
+ * Maps RPC responses to the existing CredentialGetResult and DeleteResult
+ * types. Errors are caught and mapped to unreachable/error states for
+ * graceful fallback.
+ */
+import { CesRpcMethod } from "@vellumai/ces-contracts";
+import type { CesClient } from "../credential-execution/client.js";
+import { getLogger } from "../util/logger.js";
+import type {
+  CredentialBackend,
+  CredentialGetResult,
+  DeleteResult,
+} from "./credential-backend.js";
+const log = getLogger("ces-rpc-credential-backend");
+export class CesRpcCredentialBackend implements CredentialBackend {
+  readonly name = "ces-rpc";
+  constructor(private readonly client: CesClient) {}
+  isAvailable(): boolean {
+    return this.client.isReady();
+  }
+  async get(account: string): Promise<CredentialGetResult> {
+    try {
+      const result = await this.client.call(
+        CesRpcMethod.GetCredential,
+        { account },
+      );
+      return {
+        value: result.found ? result.value : undefined,
+        unreachable: false,
+      };
+    } catch (err) {
+      log.warn({ err, account }, "CES RPC credential get failed");
+      return { value: undefined, unreachable: true };
+    }
+  }
+  async set(account: string, value: string): Promise<boolean> {
+    try {
+      const result = await this.client.call(
+        CesRpcMethod.SetCredential,
+        { account, value },
+      );
+      return result.ok;
+    } catch (err) {
+      log.warn({ err, account }, "CES RPC credential set failed");
+      return false;
+    }
+  }
+  async delete(account: string): Promise<DeleteResult> {
+    try {
+      const result = await this.client.call(
+        CesRpcMethod.DeleteCredential,
+        { account },
+      );
+      return result.result;
+    } catch (err) {
+      log.warn({ err, account }, "CES RPC credential delete failed");
+      return "error";
+    }
+  }
+  async list(): Promise<string[]> {
+    try {
+      const result = await this.client.call(
+        CesRpcMethod.ListCredentials,
+        {},
+      );
+      return result.accounts;
+    } catch (err) {
+      log.warn({ err }, "CES RPC credential list failed");
+      return [];
+    }
+  }
+}

package/src/security/credential-backend.ts CHANGED Viewed

@@ -1,15 +1,10 @@
 /**
  * CredentialBackend interface and adapters — abstracts credential storage
  * behind a unified async API so callers don't need to know which backend
- * (macOS Keychain, encrypted file store, etc.) is in use.
+ * is in use.
  */
-import { getLogger } from "../util/logger.js";
 import * as encryptedStore from "./encrypted-store.js";
-import type { KeychainBrokerClient } from "./keychain-broker-client.js";
-import { createBrokerClient } from "./keychain-broker-client.js";
-const log = getLogger("credential-backend");
 // ---------------------------------------------------------------------------
 // Types
@@ -18,6 +13,12 @@ const log = getLogger("credential-backend");
 /** Result of a delete operation — distinguishes success, not-found, and error. */
 export type DeleteResult = "deleted" | "not-found" | "error";
+/** Result of a get operation — distinguishes unreachable from not-found. */
+export interface CredentialGetResult {
+  value: string | undefined;
+  unreachable: boolean;
+}
 // ---------------------------------------------------------------------------
 // Interface
 // ---------------------------------------------------------------------------
@@ -29,8 +30,8 @@ export interface CredentialBackend {
   /** Whether this backend is currently reachable. Sync and cheap. */
   isAvailable(): boolean;
-  /** Retrieve a secret. Returns undefined if not found or on error. */
-  get(account: string): Promise<string | undefined>;
+  /** Retrieve a secret. Returns a result distinguishing unreachable from not-found. */
+  get(account: string): Promise<CredentialGetResult>;
   /** Store a secret. Returns true on success. */
   set(account: string, value: string): Promise<boolean>;
@@ -42,79 +43,6 @@ export interface CredentialBackend {
   list(): Promise<string[]>;
 }
-// ---------------------------------------------------------------------------
-// KeychainBackend
-// ---------------------------------------------------------------------------
-export class KeychainBackend implements CredentialBackend {
-  readonly name = "keychain";
-  constructor(private readonly client: KeychainBrokerClient) {}
-  isAvailable(): boolean {
-    return this.client.isAvailable();
-  }
-  async get(account: string): Promise<string | undefined> {
-    try {
-      const result = await this.client.get(account);
-      if (result == null) {
-        log.warn(
-          { account },
-          "Keychain broker unreachable during get — falling back",
-        );
-        return undefined;
-      }
-      if (!result.found) return undefined;
-      return result.value;
-    } catch (err) {
-      log.warn({ err, account }, "Keychain get threw unexpectedly");
-      return undefined;
-    }
-  }
-  async set(account: string, value: string): Promise<boolean> {
-    try {
-      const result = await this.client.set(account, value);
-      if (result.status === "ok") return true;
-      log.warn(
-        {
-          account,
-          status: result.status,
-          ...(result.status === "rejected"
-            ? { code: result.code, message: result.message }
-            : {}),
-        },
-        "Keychain broker set failed",
-      );
-      return false;
-    } catch (err) {
-      log.warn({ err, account }, "Keychain set threw unexpectedly");
-      return false;
-    }
-  }
-  async delete(account: string): Promise<DeleteResult> {
-    try {
-      const ok = await this.client.del(account);
-      // The keychain broker returns a boolean — it does not distinguish
-      // "not found" from a genuine error, so we map false → "error".
-      return ok ? "deleted" : "error";
-    } catch {
-      return "error";
-    }
-  }
-  async list(): Promise<string[]> {
-    try {
-      return await this.client.list();
-    } catch (err) {
-      log.warn({ err }, "Keychain list threw unexpectedly");
-      return [];
-    }
-  }
-}
 // ---------------------------------------------------------------------------
 // EncryptedStoreBackend
 // ---------------------------------------------------------------------------
@@ -126,11 +54,11 @@ export class EncryptedStoreBackend implements CredentialBackend {
     return true;
   }
-  async get(account: string): Promise<string | undefined> {
+  async get(account: string): Promise<CredentialGetResult> {
     try {
-      return encryptedStore.getKey(account);
+      return { value: encryptedStore.getKey(account), unreachable: false };
     } catch {
-      return undefined;
+      return { value: undefined, unreachable: false };
     }
   }
@@ -163,10 +91,6 @@ export class EncryptedStoreBackend implements CredentialBackend {
 // Factory functions
 // ---------------------------------------------------------------------------
-export function createKeychainBackend(): KeychainBackend {
-  return new KeychainBackend(createBrokerClient());
-}
 export function createEncryptedStoreBackend(): EncryptedStoreBackend {
   return new EncryptedStoreBackend();
 }

package/src/security/keychain-broker-client.ts CHANGED Viewed

@@ -24,9 +24,10 @@ import { getRootDir } from "../util/platform.js";
 const log = getLogger("keychain-broker-client");
 const REQUEST_TIMEOUT_MS = 5_000;
+const CONNECT_TIMEOUT_MS = 3_000;
-/** Cooldown periods (ms) after consecutive connection failures: 30s, 60s, 2min, 5min, then cap at 5min. */
-const RECONNECT_COOLDOWN_MS = [30_000, 60_000, 120_000, 300_000];
+/** Cooldown periods (ms) after consecutive connection failures: 5s, 15s, 30s, 60s, 5min, then cap at 5min. */
+const RECONNECT_COOLDOWN_MS = [5_000, 15_000, 30_000, 60_000, 300_000];
 // ---------------------------------------------------------------------------
 // Types
@@ -191,7 +192,13 @@ export function createBrokerClient(): KeychainBrokerClient {
       const sock = createConnection({ path: socketPath });
+      const connectTimer = setTimeout(() => {
+        sock.destroy();
+        reject(new Error("Connect timeout"));
+      }, CONNECT_TIMEOUT_MS);
       sock.on("connect", () => {
+        clearTimeout(connectTimer);
         socket = sock;
         consecutiveFailures = 0;
         unavailableSince = null;
@@ -199,6 +206,7 @@ export function createBrokerClient(): KeychainBrokerClient {
       });
       sock.on("error", (err) => {
+        clearTimeout(connectTimer);
         log.warn({ err }, "Keychain broker socket error");
         cleanupSocket();
         reject(err);