npm - @vellumai/assistant - Versions diffs - 0.5.6 → 0.5.7 - Mend

@vellumai/assistant 0.5.6 → 0.5.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (305) hide show

package/.env.example +16 -2
package/ARCHITECTURE.md +6 -75
package/Dockerfile +1 -1
package/README.md +0 -2
package/bun.lock +0 -414
package/docs/architecture/keychain-broker.md +45 -240
package/docs/architecture/security.md +0 -17
package/docs/credential-execution-service.md +2 -2
package/node_modules/@vellumai/ces-contracts/package.json +1 -0
package/node_modules/@vellumai/ces-contracts/src/rpc.ts +119 -0
package/node_modules/@vellumai/credential-storage/package.json +1 -0
package/node_modules/@vellumai/egress-proxy/package.json +1 -0
package/package.json +2 -3
package/src/__tests__/actor-token-service.test.ts +0 -114
package/src/__tests__/assistant-feature-flags-integration.test.ts +30 -29
package/src/__tests__/browser-skill-endstate.test.ts +6 -5
package/src/__tests__/btw-routes.test.ts +0 -39
package/src/__tests__/call-domain.test.ts +0 -128
package/src/__tests__/ces-rpc-credential-backend.test.ts +199 -0
package/src/__tests__/channel-approval-routes.test.ts +0 -5
package/src/__tests__/channel-readiness-service.test.ts +1 -60
package/src/__tests__/checker.test.ts +4 -2
package/src/__tests__/cli-command-risk-guard.test.ts +112 -0
package/src/__tests__/config-schema-cmd.test.ts +0 -1
package/src/__tests__/config-schema.test.ts +1 -1
package/src/__tests__/conversation-attention-telegram.test.ts +0 -5
package/src/__tests__/conversation-init.benchmark.test.ts +0 -2
package/src/__tests__/conversation-skill-tools.test.ts +0 -54
package/src/__tests__/conversation-title-service.test.ts +87 -0
package/src/__tests__/credential-execution-feature-gates.test.ts +28 -14
package/src/__tests__/credential-execution-managed-contract.test.ts +33 -18
package/src/__tests__/credential-security-e2e.test.ts +0 -66
package/src/__tests__/credential-security-invariants.test.ts +4 -45
package/src/__tests__/credentials-cli.test.ts +78 -0
package/src/__tests__/db-migration-rollback.test.ts +2015 -1
package/src/__tests__/docker-signing-key-bootstrap.test.ts +34 -143
package/src/__tests__/dynamic-skill-workflow-prompt.test.ts +6 -4
package/src/__tests__/guardian-routing-state.test.ts +0 -5
package/src/__tests__/host-shell-tool.test.ts +6 -7
package/src/__tests__/http-user-message-parity.test.ts +3 -103
package/src/__tests__/inbound-invite-redemption.test.ts +0 -4
package/src/__tests__/inline-skill-load-permissions.test.ts +6 -8
package/src/__tests__/intent-routing.test.ts +0 -13
package/src/__tests__/jobs-store-qdrant-breaker.test.ts +178 -0
package/src/__tests__/keychain-broker-client.test.ts +161 -22
package/src/__tests__/memory-jobs-worker-backoff.test.ts +150 -0
package/src/__tests__/migration-export-http.test.ts +2 -2
package/src/__tests__/migration-import-commit-http.test.ts +2 -2
package/src/__tests__/migration-import-preflight-http.test.ts +2 -2
package/src/__tests__/migration-validate-http.test.ts +2 -2
package/src/__tests__/non-member-access-request.test.ts +0 -5
package/src/__tests__/notification-decision-fallback.test.ts +4 -0
package/src/__tests__/notification-decision-identity.test.ts +4 -0
package/src/__tests__/permission-types.test.ts +1 -0
package/src/__tests__/provider-managed-proxy-integration.test.ts +5 -6
package/src/__tests__/qdrant-manager.test.ts +28 -2
package/src/__tests__/registry.test.ts +0 -6
package/src/__tests__/runtime-attachment-metadata.test.ts +0 -4
package/src/__tests__/secret-routes-managed-proxy.test.ts +0 -4
package/src/__tests__/secure-keys.test.ts +83 -263
package/src/__tests__/shell-identity.test.ts +96 -6
package/src/__tests__/skill-feature-flags-integration.test.ts +22 -14
package/src/__tests__/skill-feature-flags.test.ts +46 -45
package/src/__tests__/skill-load-feature-flag.test.ts +7 -10
package/src/__tests__/skill-load-inline-command.test.ts +8 -12
package/src/__tests__/skill-load-inline-includes.test.ts +6 -10
package/src/__tests__/skill-load-tool.test.ts +0 -2
package/src/__tests__/skill-projection-feature-flag.test.ts +33 -29
package/src/__tests__/skills.test.ts +0 -2
package/src/__tests__/slack-inbound-verification.test.ts +0 -4
package/src/__tests__/suggestion-routes.test.ts +1 -32
package/src/__tests__/system-prompt.test.ts +0 -1
package/src/__tests__/tool-executor-shell-integration.test.ts +5 -3
package/src/__tests__/trusted-contact-lifecycle-notifications.test.ts +0 -5
package/src/__tests__/trusted-contact-multichannel.test.ts +0 -4
package/src/__tests__/update-bulletin.test.ts +0 -2
package/src/__tests__/vellum-self-knowledge-inline-command.test.ts +6 -9
package/src/__tests__/voice-scoped-grant-consumer.test.ts +0 -6
package/src/__tests__/workspace-migration-015-migrate-credentials-to-keychain.test.ts +252 -0
package/src/__tests__/workspace-migration-016-migrate-credentials-from-keychain.test.ts +218 -0
package/src/__tests__/workspace-migration-down-functions.test.ts +1009 -0
package/src/__tests__/workspace-migrations-runner.test.ts +114 -0
package/src/calls/audio-store.test.ts +97 -0
package/src/calls/audio-store.ts +205 -0
package/src/calls/call-controller.ts +85 -7
package/src/calls/call-domain.ts +3 -0
package/src/calls/call-store.ts +10 -3
package/src/calls/fish-audio-client.ts +117 -0
package/src/calls/relay-server.ts +27 -0
package/src/calls/twilio-routes.ts +2 -1
package/src/calls/types.ts +1 -0
package/src/calls/voice-ingress-preflight.ts +0 -42
package/src/calls/voice-quality.ts +26 -5
package/src/calls/voice-session-bridge.ts +6 -12
package/src/cli/commands/config.ts +1 -4
package/src/cli/commands/credentials.ts +34 -4
package/src/cli/commands/oauth/index.ts +7 -0
package/src/cli/commands/oauth/platform.ts +179 -0
package/src/cli/commands/platform.ts +3 -3
package/src/config/assistant-feature-flags.ts +186 -5
package/src/config/bundled-skills/messaging/SKILL.md +5 -5
package/src/config/bundled-skills/phone-calls/TOOLS.json +4 -0
package/src/config/bundled-skills/settings/TOOLS.json +2 -2
package/src/config/bundled-skills/settings/tools/voice-config-update.ts +42 -0
package/src/config/bundled-tool-registry.ts +1 -11
package/src/config/env-registry.ts +1 -1
package/src/config/env.ts +8 -14
package/src/config/feature-flag-registry.json +48 -8
package/src/config/loader.ts +98 -31
package/src/config/schema.ts +4 -13
package/src/config/schemas/calls.ts +13 -0
package/src/config/schemas/fish-audio.ts +39 -0
package/src/config/schemas/security.ts +0 -4
package/src/config/types.ts +0 -1
package/src/contacts/contact-store.ts +39 -0
package/src/contacts/types.ts +2 -0
package/src/credential-execution/approval-bridge.ts +1 -0
package/src/credential-execution/executable-discovery.ts +28 -4
package/src/credential-execution/feature-gates.ts +16 -0
package/src/credential-execution/process-manager.ts +38 -0
package/src/daemon/assistant-attachments.ts +9 -0
package/src/daemon/config-watcher.ts +5 -0
package/src/daemon/conversation-tool-setup.ts +0 -105
package/src/daemon/conversation.ts +10 -1
package/src/daemon/handlers/config-vercel.ts +92 -0
package/src/daemon/handlers/skills.ts +2 -15
package/src/daemon/install-symlink.ts +195 -0
package/src/daemon/lifecycle.ts +227 -51
package/src/daemon/message-types/conversations.ts +3 -4
package/src/daemon/message-types/diagnostics.ts +3 -22
package/src/daemon/message-types/messages.ts +0 -2
package/src/daemon/message-types/upgrades.ts +8 -0
package/src/daemon/server.ts +30 -92
package/src/events/domain-events.ts +2 -1
package/src/inbound/platform-callback-registration.ts +3 -3
package/src/instrument.ts +8 -5
package/src/memory/conversation-title-service.ts +50 -1
package/src/memory/db-init.ts +12 -0
package/src/memory/items-extractor.ts +15 -1
package/src/memory/job-handlers/conversation-starters.ts +4 -1
package/src/memory/jobs-store.ts +30 -5
package/src/memory/jobs-worker.ts +31 -7
package/src/memory/migrations/001-job-deferrals.ts +19 -0
package/src/memory/migrations/004-entity-relation-dedup.ts +10 -0
package/src/memory/migrations/005-fingerprint-scope-unique.ts +76 -0
package/src/memory/migrations/006-scope-salted-fingerprints.ts +50 -0
package/src/memory/migrations/007-assistant-id-to-self.ts +10 -0
package/src/memory/migrations/008-remove-assistant-id-columns.ts +34 -0
package/src/memory/migrations/009-llm-usage-events-drop-assistant-id.ts +26 -0
package/src/memory/migrations/014-backfill-inbox-thread-state.ts +10 -0
package/src/memory/migrations/015-drop-active-search-index.ts +17 -0
package/src/memory/migrations/019-notification-tables-schema-migration.ts +12 -0
package/src/memory/migrations/020-rename-macos-ios-channel-to-vellum.ts +121 -0
package/src/memory/migrations/024-embedding-vector-blob.ts +74 -0
package/src/memory/migrations/026a-embeddings-nullable-vector-json.ts +82 -0
package/src/memory/migrations/036-normalize-phone-identities.ts +11 -0
package/src/memory/migrations/116-messages-fts.ts +106 -1
package/src/memory/migrations/126-backfill-guardian-principal-id.ts +52 -0
package/src/memory/migrations/127-guardian-principal-id-not-null.ts +77 -0
package/src/memory/migrations/134-contacts-notes-column.ts +13 -0
package/src/memory/migrations/135-backfill-contact-interaction-stats.ts +20 -0
package/src/memory/migrations/136-drop-assistant-id-columns.ts +52 -0
package/src/memory/migrations/140-backfill-usage-cache-accounting.ts +13 -0
package/src/memory/migrations/141-rename-verification-table.ts +54 -0
package/src/memory/migrations/142-rename-verification-session-id-column.ts +25 -0
package/src/memory/migrations/143-rename-guardian-verification-values.ts +35 -0
package/src/memory/migrations/144-rename-voice-to-phone.ts +136 -0
package/src/memory/migrations/145-drop-accounts-table.ts +32 -0
package/src/memory/migrations/147-migrate-reminders-to-schedules.ts +14 -1
package/src/memory/migrations/148-drop-reminders-table.ts +35 -1
package/src/memory/migrations/150-oauth-apps-client-secret-path.ts +69 -1
package/src/memory/migrations/162-guardian-timestamps-epoch-ms.ts +290 -0
package/src/memory/migrations/169-rename-gmail-provider-key-to-google.ts +51 -1
package/src/memory/migrations/174-rename-thread-starters-table.ts +47 -1
package/src/memory/migrations/176-drop-capability-card-state.ts +13 -0
package/src/memory/migrations/180-backfill-inline-attachments-to-disk.ts +16 -0
package/src/memory/migrations/181-rename-thread-starters-checkpoints.ts +28 -1
package/src/memory/migrations/190-call-session-skip-disclosure.ts +15 -0
package/src/memory/migrations/191-backfill-audio-attachment-mime-types.ts +64 -0
package/src/memory/migrations/192-contacts-user-file-column.ts +15 -0
package/src/memory/migrations/index.ts +4 -0
package/src/memory/migrations/registry.ts +90 -0
package/src/memory/migrations/validate-migration-state.ts +137 -11
package/src/memory/qdrant-circuit-breaker.ts +9 -0
package/src/memory/qdrant-manager.ts +64 -7
package/src/memory/schema/calls.ts +1 -0
package/src/memory/schema/contacts.ts +1 -0
package/src/notifications/decision-engine.ts +4 -1
package/src/oauth/connection-resolver.ts +6 -4
package/src/permissions/checker.ts +0 -38
package/src/permissions/shell-identity.ts +76 -22
package/src/permissions/types.ts +4 -2
package/src/platform/client.ts +35 -7
package/src/prompts/persona-resolver.ts +138 -0
package/src/prompts/system-prompt.ts +36 -4
package/src/prompts/templates/users/default.md +1 -0
package/src/providers/registry.ts +27 -40
package/src/runtime/auth/__tests__/credential-service.test.ts +0 -1
package/src/runtime/auth/__tests__/external-assistant-id.test.ts +13 -68
package/src/runtime/auth/external-assistant-id.ts +13 -59
package/src/runtime/auth/route-policy.ts +15 -1
package/src/runtime/auth/token-service.ts +43 -138
package/src/runtime/channel-readiness-service.ts +1 -16
package/src/runtime/http-server.ts +27 -2
package/src/runtime/middleware/error-handler.ts +1 -9
package/src/runtime/routes/audio-routes.ts +40 -0
package/src/runtime/routes/btw-routes.ts +0 -17
package/src/runtime/routes/conversation-query-routes.ts +63 -1
package/src/runtime/routes/conversation-routes.ts +4 -44
package/src/runtime/routes/diagnostics-routes.ts +1 -477
package/src/runtime/routes/identity-routes.ts +18 -29
package/src/runtime/routes/inbound-stages/secret-ingress-check.ts +4 -33
package/src/runtime/routes/inbound-stages/transcribe-audio.test.ts +1 -1
package/src/runtime/routes/integrations/vercel.ts +89 -0
package/src/runtime/routes/log-export-routes.ts +5 -0
package/src/runtime/routes/memory-item-routes.ts +24 -6
package/src/runtime/routes/migration-rollback-routes.ts +209 -0
package/src/runtime/routes/migration-routes.ts +17 -1
package/src/runtime/routes/notification-routes.ts +58 -0
package/src/runtime/routes/schedule-routes.ts +65 -0
package/src/runtime/routes/settings-routes.ts +41 -1
package/src/runtime/routes/tts-routes.ts +86 -0
package/src/runtime/routes/upgrade-broadcast-routes.ts +26 -2
package/src/runtime/routes/workspace-commit-routes.ts +62 -0
package/src/runtime/routes/workspace-routes.test.ts +22 -1
package/src/runtime/routes/workspace-routes.ts +1 -1
package/src/runtime/routes/workspace-utils.ts +86 -2
package/src/security/ces-credential-client.ts +59 -22
package/src/security/ces-rpc-credential-backend.ts +85 -0
package/src/security/credential-backend.ts +12 -88
package/src/security/keychain-broker-client.ts +10 -2
package/src/security/secure-keys.ts +94 -113
package/src/skills/catalog-install.ts +13 -7
package/src/telemetry/usage-telemetry-reporter.ts +4 -2
package/src/tools/calls/call-start.ts +1 -0
package/src/tools/executor.ts +0 -4
package/src/tools/network/script-proxy/session-manager.ts +19 -4
package/src/tools/network/web-fetch.ts +3 -1
package/src/tools/skills/execute.ts +1 -1
package/src/tools/types.ts +0 -8
package/src/util/errors.ts +0 -12
package/src/util/platform.ts +3 -50
package/src/workspace/git-service.ts +5 -2
package/src/workspace/migrations/001-avatar-rename.ts +15 -0
package/src/workspace/migrations/003-seed-device-id.ts +17 -1
package/src/workspace/migrations/004-extract-collect-usage-data.ts +33 -0
package/src/workspace/migrations/005-add-send-diagnostics.ts +3 -0
package/src/workspace/migrations/006-services-config.ts +49 -0
package/src/workspace/migrations/007-web-search-provider-rename.ts +27 -0
package/src/workspace/migrations/008-voice-timeout-and-max-steps.ts +3 -0
package/src/workspace/migrations/009-backfill-conversation-disk-view.ts +4 -0
package/src/workspace/migrations/010-app-dir-rename.ts +78 -0
package/src/workspace/migrations/011-backfill-installation-id.ts +11 -0
package/src/workspace/migrations/012-rename-conversation-disk-view-dirs.ts +44 -0
package/src/workspace/migrations/013-repair-conversation-disk-view.ts +5 -0
package/src/workspace/migrations/015-migrate-credentials-to-keychain.ts +153 -0
package/src/workspace/migrations/016-extract-feature-flags-to-protected.ts +156 -0
package/src/workspace/migrations/016-migrate-credentials-from-keychain.ts +150 -0
package/src/workspace/migrations/017-seed-persona-dirs.ts +95 -0
package/src/workspace/migrations/migrate-to-workspace-volume.ts +23 -1
package/src/workspace/migrations/registry.ts +8 -0
package/src/workspace/migrations/runner.ts +106 -2
package/src/workspace/migrations/types.ts +4 -0
package/src/__tests__/claude-code-skill-regression.test.ts +0 -206
package/src/__tests__/claude-code-tool-profiles.test.ts +0 -99
package/src/__tests__/diagnostics-export.test.ts +0 -288
package/src/__tests__/local-gateway-health.test.ts +0 -209
package/src/__tests__/secret-ingress-handler.test.ts +0 -120
package/src/__tests__/swarm-conversation-integration.test.ts +0 -358
package/src/__tests__/swarm-dag-pathological.test.ts +0 -547
package/src/__tests__/swarm-orchestrator.test.ts +0 -463
package/src/__tests__/swarm-plan-validator.test.ts +0 -384
package/src/__tests__/swarm-recursion.test.ts +0 -197
package/src/__tests__/swarm-router-planner.test.ts +0 -234
package/src/__tests__/swarm-tool.test.ts +0 -185
package/src/__tests__/swarm-worker-backend.test.ts +0 -144
package/src/__tests__/swarm-worker-runner.test.ts +0 -288
package/src/commands/__tests__/cc-command-registry.test.ts +0 -396
package/src/commands/cc-command-registry.ts +0 -248
package/src/config/bundled-skills/claude-code/SKILL.md +0 -53
package/src/config/bundled-skills/claude-code/TOOLS.json +0 -47
package/src/config/bundled-skills/claude-code/tools/claude-code.ts +0 -12
package/src/config/bundled-skills/orchestration/SKILL.md +0 -33
package/src/config/bundled-skills/orchestration/TOOLS.json +0 -35
package/src/config/bundled-skills/orchestration/tools/swarm-delegate.ts +0 -12
package/src/config/schemas/swarm.ts +0 -82
package/src/logfire.ts +0 -135
package/src/runtime/local-gateway-health.ts +0 -275
package/src/security/secret-ingress.ts +0 -68
package/src/swarm/backend-claude-code.ts +0 -225
package/src/swarm/checkpoint.ts +0 -137
package/src/swarm/graph-utils.ts +0 -53
package/src/swarm/index.ts +0 -55
package/src/swarm/limits.ts +0 -66
package/src/swarm/orchestrator.ts +0 -424
package/src/swarm/plan-validator.ts +0 -117
package/src/swarm/router-planner.ts +0 -162
package/src/swarm/router-prompts.ts +0 -39
package/src/swarm/synthesizer.ts +0 -81
package/src/swarm/types.ts +0 -72
package/src/swarm/worker-backend.ts +0 -131
package/src/swarm/worker-prompts.ts +0 -80
package/src/swarm/worker-runner.ts +0 -170
package/src/tools/claude-code/claude-code.ts +0 -610
package/src/tools/swarm/delegate.ts +0 -205

package/src/runtime/routes/integrations/vercel.ts ADDED Viewed

@@ -0,0 +1,89 @@
+/**
+ * Route handlers for Vercel integration config endpoints.
+ *
+ * GET    /v1/integrations/vercel/config — check if a Vercel API token is stored
+ * POST   /v1/integrations/vercel/config — set or delete token (dispatched via action field)
+ * DELETE /v1/integrations/vercel/config — delete the stored Vercel API token
+ *
+ * The Swift client sends all mutations as POST with an `action` field
+ * ("set" or "delete") rather than using HTTP verbs directly.
+ */
+import {
+  deleteVercelConfig,
+  getVercelConfig,
+  setVercelConfig,
+} from "../../../daemon/handlers/config-vercel.js";
+import type { RouteDefinition } from "../../http-router.js";
+/**
+ * GET /v1/integrations/vercel/config
+ */
+export async function handleGetVercelConfig(): Promise<Response> {
+  const result = await getVercelConfig();
+  return Response.json(result);
+}
+/**
+ * POST /v1/integrations/vercel/config
+ *
+ * Body: { action: "set" | "delete"; apiToken?: string }
+ *
+ * The Swift client uses POST for both set and delete operations,
+ * distinguished by the `action` field.
+ */
+export async function handlePostVercelConfig(req: Request): Promise<Response> {
+  const body = (await req.json()) as {
+    action?: "get" | "set" | "delete";
+    apiToken?: string;
+  };
+  switch (body.action) {
+    case "delete": {
+      const result = await deleteVercelConfig();
+      return Response.json(result);
+    }
+    case "get": {
+      const result = await getVercelConfig();
+      return Response.json(result);
+    }
+    case "set":
+    default: {
+      const result = await setVercelConfig(body.apiToken);
+      const status = result.success ? 200 : 400;
+      return Response.json(result, { status });
+    }
+  }
+}
+/**
+ * DELETE /v1/integrations/vercel/config
+ */
+export async function handleDeleteVercelConfig(): Promise<Response> {
+  const result = await deleteVercelConfig();
+  return Response.json(result);
+}
+// ---------------------------------------------------------------------------
+// Route definitions
+// ---------------------------------------------------------------------------
+export function vercelRouteDefinitions(): RouteDefinition[] {
+  return [
+    {
+      endpoint: "integrations/vercel/config",
+      method: "GET",
+      handler: () => handleGetVercelConfig(),
+    },
+    {
+      endpoint: "integrations/vercel/config",
+      method: "POST",
+      handler: async ({ req }) => handlePostVercelConfig(req),
+    },
+    {
+      endpoint: "integrations/vercel/config",
+      method: "DELETE",
+      handler: async () => handleDeleteVercelConfig(),
+    },
+  ];
+}

package/src/runtime/routes/log-export-routes.ts CHANGED Viewed

@@ -37,6 +37,7 @@ import {
   getWorkspaceConfigPath,
   getWorkspaceDir,
 } from "../../util/platform.js";
+import { APP_VERSION, COMMIT_SHA } from "../../version.js";
 import { httpError } from "../http-errors.js";
 import type { RouteDefinition } from "../http-router.js";
@@ -264,12 +265,16 @@ async function handleExport(body: ExportRequestBody): Promise<Response> {
       ? {
           type: "conversation-export" as const,
           conversationId,
+          assistantVersion: APP_VERSION,
+          commitSha: COMMIT_SHA,
           ...(startTime !== undefined ? { startTime } : {}),
           ...(endTime !== undefined ? { endTime } : {}),
           exportedAt: new Date().toISOString(),
         }
       : {
           type: "global-export" as const,
+          assistantVersion: APP_VERSION,
+          commitSha: COMMIT_SHA,
           exportedAt: new Date().toISOString(),
         };
     writeFileSync(

package/src/runtime/routes/memory-item-routes.ts CHANGED Viewed

@@ -45,6 +45,7 @@ const VALID_KINDS = [
   "decision",
   "constraint",
   "event",
+  "capability",
 ] as const;
 type MemoryItemKind = (typeof VALID_KINDS)[number];
@@ -154,7 +155,7 @@ async function searchItemsSemantic(
     const sparse = generateSparseEmbedding(query);
     const sparseVector = { indices: sparse.indices, values: sparse.values };
-    // Build Qdrant filter — items only, exclude capability kind and sentinel
+    // Build Qdrant filter — items only, exclude sentinel
     const mustConditions: Array<Record<string, unknown>> = [
       { key: "target_type", match: { value: "item" } },
     ];
@@ -168,7 +169,6 @@ async function searchItemsSemantic(
     const filter = {
       must: mustConditions,
       must_not: [
-        { key: "kind", match: { value: "capability" } },
         { key: "_meta", match: { value: true } },
       ],
     };
@@ -185,6 +185,11 @@ async function searchItemsSemantic(
     );
     const ids = results.map((r) => r.payload.target_id);
+    // Use the vector search result count as the pagination total.
+    // A DB-wide COUNT would include items with no embedding yet (lagging) and
+    // items irrelevant to the search query, inflating the total and causing
+    // clients to paginate into empty pages.
     return { ids, total: ids.length };
   } catch (err) {
     log.warn({ err }, "Semantic memory search failed, falling back to SQL");
@@ -249,11 +254,26 @@ export async function handleListMemoryItems(url: URL): Promise<Response> {
         offsetParam + limitParam,
       );
-      // Batch-fetch full rows from SQLite
+      if (pageIds.length === 0) {
+        return Response.json({ items: [], total: semanticResult.total });
+      }
+      // Re-apply the same DB-side filters used in the SQL path as defense-
+      // in-depth against stale Qdrant payloads leaking deleted/mismatched rows.
+      const hydrationConditions = [
+        inArray(memoryItems.id, pageIds),
+      ];
+      if (statusParam && statusParam !== "all") {
+        hydrationConditions.push(eq(memoryItems.status, statusParam));
+      }
+      if (kindParam) {
+        hydrationConditions.push(eq(memoryItems.kind, kindParam));
+      }
       const rows = db
         .select()
         .from(memoryItems)
-        .where(inArray(memoryItems.id, pageIds))
+        .where(and(...hydrationConditions))
         .all();
       // Preserve Qdrant relevance ordering
@@ -279,8 +299,6 @@ export async function handleListMemoryItems(url: URL): Promise<Response> {
   // ── SQL path (default or fallback) ──────────────────────────────────
   const conditions = [];
-  // Hide system-managed capability memories (skill announcements) from the UI
-  conditions.push(ne(memoryItems.kind, "capability"));
   if (statusParam && statusParam !== "all") {
     conditions.push(eq(memoryItems.status, statusParam));
   }

package/src/runtime/routes/migration-rollback-routes.ts ADDED Viewed

@@ -0,0 +1,209 @@
+/**
+ * Migration rollback endpoint — rolls back DB and/or workspace migrations
+ * to a specified target version/migration ID.
+ *
+ * Protected by a route policy restricting access to gateway service
+ * principals only (`svc_gateway` with `internal.write` scope), following
+ * the same pattern as other gateway-forwarded control-plane endpoints.
+ */
+import { getDb } from "../../memory/db-connection.js";
+import { getMaxMigrationVersion } from "../../memory/migrations/registry.js";
+import { rollbackMemoryMigration } from "../../memory/migrations/validate-migration-state.js";
+import { getWorkspaceDir } from "../../util/platform.js";
+import { WORKSPACE_MIGRATIONS } from "../../workspace/migrations/registry.js";
+import {
+  getLastWorkspaceMigrationId,
+  loadCheckpoints,
+  rollbackWorkspaceMigrations,
+} from "../../workspace/migrations/runner.js";
+import { httpError } from "../http-errors.js";
+import type { RouteDefinition } from "../http-router.js";
+export function migrationRollbackRouteDefinitions(): RouteDefinition[] {
+  return [
+    {
+      endpoint: "admin/rollback-migrations",
+      method: "POST",
+      handler: async ({ req }) => {
+        let body: unknown;
+        try {
+          body = await req.json();
+        } catch {
+          return httpError("BAD_REQUEST", "Invalid JSON body", 400);
+        }
+        if (!body || typeof body !== "object") {
+          return httpError(
+            "BAD_REQUEST",
+            "Request body must be a JSON object",
+            400,
+          );
+        }
+        const {
+          targetDbVersion,
+          targetWorkspaceMigrationId,
+          rollbackToRegistryCeiling,
+        } = body as {
+          targetDbVersion?: unknown;
+          targetWorkspaceMigrationId?: unknown;
+          rollbackToRegistryCeiling?: unknown;
+        };
+        // When rollbackToRegistryCeiling is true, auto-determine targets
+        // from this daemon's own migration registry ceilings.
+        let effectiveDbVersion = targetDbVersion as number | undefined;
+        let effectiveWorkspaceMigrationId = targetWorkspaceMigrationId as
+          | string
+          | undefined;
+        if (rollbackToRegistryCeiling === true) {
+          if (effectiveDbVersion === undefined)
+            effectiveDbVersion = getMaxMigrationVersion();
+          if (effectiveWorkspaceMigrationId === undefined)
+            effectiveWorkspaceMigrationId =
+              getLastWorkspaceMigrationId(WORKSPACE_MIGRATIONS) ?? undefined;
+        }
+        // At least one rollback target must be specified.
+        if (
+          effectiveDbVersion === undefined &&
+          effectiveWorkspaceMigrationId === undefined
+        ) {
+          return httpError(
+            "BAD_REQUEST",
+            "At least one of targetDbVersion or targetWorkspaceMigrationId must be provided",
+            400,
+          );
+        }
+        // Validate effectiveDbVersion when provided.
+        if (effectiveDbVersion !== undefined) {
+          if (
+            typeof effectiveDbVersion !== "number" ||
+            !Number.isInteger(effectiveDbVersion) ||
+            effectiveDbVersion < 0
+          ) {
+            return httpError(
+              "BAD_REQUEST",
+              "targetDbVersion must be a non-negative integer",
+              400,
+            );
+          }
+        }
+        // Validate effectiveWorkspaceMigrationId when provided.
+        if (effectiveWorkspaceMigrationId !== undefined) {
+          if (
+            typeof effectiveWorkspaceMigrationId !== "string" ||
+            effectiveWorkspaceMigrationId.length === 0
+          ) {
+            return httpError(
+              "BAD_REQUEST",
+              "targetWorkspaceMigrationId must be a non-empty string",
+              400,
+            );
+          }
+        }
+        // Preflight: validate that the workspace migration ID exists in the
+        // registry BEFORE executing any mutations. This prevents the DB
+        // rollback from committing when the workspace target is invalid.
+        let resolvedTargetIndex = -1;
+        if (effectiveWorkspaceMigrationId !== undefined) {
+          const targetId = effectiveWorkspaceMigrationId as string;
+          resolvedTargetIndex = WORKSPACE_MIGRATIONS.findIndex(
+            (m) => m.id === targetId,
+          );
+          if (resolvedTargetIndex === -1) {
+            return httpError(
+              "BAD_REQUEST",
+              `Target workspace migration "${targetId}" not found in the registry`,
+              400,
+            );
+          }
+        }
+        const rolledBack: { db: string[]; workspace: string[] } = {
+          db: [],
+          workspace: [],
+        };
+        // Roll back DB migrations if requested.
+        if (effectiveDbVersion !== undefined) {
+          try {
+            rolledBack.db = rollbackMemoryMigration(
+              getDb(),
+              effectiveDbVersion,
+            );
+          } catch (err) {
+            const detail = err instanceof Error ? err.message : "Unknown error";
+            return httpError(
+              "INTERNAL_ERROR",
+              `DB migration rollback failed: ${detail}`,
+              500,
+            );
+          }
+        }
+        // Roll back workspace migrations if requested.
+        if (effectiveWorkspaceMigrationId !== undefined) {
+          const workspaceDir = getWorkspaceDir();
+          // Compute which migrations are candidates for rollback before
+          // executing, since rollbackWorkspaceMigrations returns void.
+          const targetId = effectiveWorkspaceMigrationId;
+          const checkpointsBefore = loadCheckpoints(workspaceDir);
+          const candidateIds = WORKSPACE_MIGRATIONS.slice(
+            resolvedTargetIndex + 1,
+          )
+            .filter((m) => {
+              const entry = checkpointsBefore.applied[m.id];
+              return (
+                entry &&
+                entry.status !== "started" &&
+                entry.status !== "rolling_back"
+              );
+            })
+            .map((m) => m.id);
+          try {
+            await rollbackWorkspaceMigrations(
+              workspaceDir,
+              WORKSPACE_MIGRATIONS,
+              targetId,
+            );
+            rolledBack.workspace = candidateIds;
+          } catch (err) {
+            // Re-read checkpoints to determine which migrations were actually
+            // rolled back before the error occurred. A candidate whose entry
+            // is no longer present in the checkpoint file was successfully
+            // reverted.
+            const checkpointsAfter = loadCheckpoints(workspaceDir);
+            const actuallyRolledBack = candidateIds.filter(
+              (id) => !checkpointsAfter.applied[id],
+            );
+            const detail = err instanceof Error ? err.message : "Unknown error";
+            return httpError(
+              "INTERNAL_ERROR",
+              `Workspace migration rollback failed: ${detail}`,
+              500,
+              {
+                partialRolledBack: {
+                  db: rolledBack.db,
+                  workspace: actuallyRolledBack,
+                },
+              },
+            );
+          }
+        }
+        return Response.json({ ok: true, rolledBack });
+      },
+    },
+  ];
+}

package/src/runtime/routes/migration-routes.ts CHANGED Viewed

@@ -15,7 +15,8 @@ import { join } from "node:path";
 import { Database } from "bun:sqlite";
 import { invalidateConfigCache } from "../../config/loader.js";
-import { resetDb } from "../../memory/db-connection.js";
+import { getDb, resetDb } from "../../memory/db-connection.js";
+import { validateMigrationState } from "../../memory/migrations/validate-migration-state.js";
 import { clearCache as clearTrustCache } from "../../permissions/trust-store.js";
 import { getLogger } from "../../util/logger.js";
 import {
@@ -438,6 +439,21 @@ export async function handleMigrationImport(req: Request): Promise<Response> {
     invalidateConfigCache();
     clearTrustCache();
+    // Check whether the imported database contains migration checkpoints from
+    // a newer version. This is non-blocking — the import has already
+    // succeeded — but we surface a warning so the caller knows some data may
+    // not be fully compatible with this daemon's schema.
+    try {
+      const migrationValidation = validateMigrationState(getDb());
+      if (migrationValidation.unknownCheckpoints.length > 0) {
+        result.report.warnings.push(
+          `Imported data contains ${migrationValidation.unknownCheckpoints.length} migration(s) from a newer version. Some data may not be fully compatible.`,
+        );
+      }
+    } catch {
+      // Don't fail the import if validation itself errors
+    }
     return Response.json(result.report);
   } catch (err) {
     log.error({ err }, "Unexpected error during import commit");

package/src/runtime/routes/notification-routes.ts ADDED Viewed

@@ -0,0 +1,58 @@
+/**
+ * Route handlers for notification delivery acknowledgments.
+ *
+ * Provides a REST endpoint for clients to report the outcome of
+ * local notification delivery (UNUserNotificationCenter.add).
+ */
+import { eq } from "drizzle-orm";
+import { getDb } from "../../memory/db.js";
+import { notificationDeliveries } from "../../memory/schema.js";
+import { httpError } from "../http-errors.js";
+import type { RouteDefinition } from "../http-router.js";
+export function notificationRouteDefinitions(): RouteDefinition[] {
+  return [
+    // POST /v1/notification-intent-result — client ack for notification delivery
+    {
+      endpoint: "notification-intent-result",
+      method: "POST",
+      policyKey: "notification-intent-result",
+      handler: async ({ req }) => {
+        const body = (await req.json()) as {
+          deliveryId?: string;
+          success?: boolean;
+          errorMessage?: string;
+          errorCode?: string;
+        };
+        if (!body.deliveryId || typeof body.deliveryId !== "string") {
+          return httpError("BAD_REQUEST", "deliveryId is required", 400);
+        }
+        const db = getDb();
+        const now = Date.now();
+        const updates: Record<string, unknown> = {
+          clientDeliveryStatus: body.success ? "delivered" : "client_failed",
+          clientDeliveryAt: now,
+          updatedAt: now,
+        };
+        if (body.errorMessage) {
+          updates.clientDeliveryError = body.errorMessage;
+        }
+        if (body.errorCode) {
+          updates.errorCode = body.errorCode;
+        }
+        db.update(notificationDeliveries)
+          .set(updates)
+          .where(eq(notificationDeliveries.id, body.deliveryId))
+          .run();
+        return Response.json({ ok: true });
+      },
+    },
+  ];
+}

package/src/runtime/routes/schedule-routes.ts CHANGED Viewed

@@ -99,6 +99,59 @@ function handleCancelSchedule(id: string): Response {
   return handleListSchedules();
 }
+const VALID_MODES = ["notify", "execute"] as const;
+const VALID_ROUTING_INTENTS = [
+  "single_channel",
+  "multi_channel",
+  "all_channels",
+] as const;
+function handleUpdateSchedule(
+  id: string,
+  body: Record<string, unknown>,
+): Response {
+  const updates: Record<string, unknown> = {};
+  if ("mode" in body && !VALID_MODES.includes(body.mode as (typeof VALID_MODES)[number])) {
+    return httpError("BAD_REQUEST", `Invalid mode: must be one of ${VALID_MODES.join(", ")}`, 400);
+  }
+  if ("routingIntent" in body && !VALID_ROUTING_INTENTS.includes(body.routingIntent as (typeof VALID_ROUTING_INTENTS)[number])) {
+    return httpError("BAD_REQUEST", `Invalid routingIntent: must be one of ${VALID_ROUTING_INTENTS.join(", ")}`, 400);
+  }
+  for (const key of [
+    "name",
+    "expression",
+    "timezone",
+    "message",
+    "mode",
+    "routingIntent",
+    "quiet",
+  ] as const) {
+    if (key in body) {
+      updates[key] = body[key];
+    }
+  }
+  try {
+    const updated = updateSchedule(id, updates);
+    if (!updated) {
+      return httpError("NOT_FOUND", "Schedule not found", 404);
+    }
+    log.info({ id, updates }, "Schedule updated via HTTP");
+  } catch (err) {
+    if (
+      err instanceof Error &&
+      (err.message.includes("Invalid") || err.message.includes("invalid"))
+    ) {
+      return httpError("BAD_REQUEST", err.message, 400);
+    }
+    log.error({ err }, "Failed to update schedule");
+    return httpError("INTERNAL_ERROR", "Failed to update schedule", 500);
+  }
+  return handleListSchedules();
+}
 async function handleRunScheduleNow(
   id: string,
   sendMessageDeps?: SendMessageDeps,
@@ -243,6 +296,18 @@ export function scheduleRouteDefinitions(deps: {
       policyKey: "schedules",
       handler: ({ params }) => handleDeleteSchedule(params.id),
     },
+    {
+      endpoint: "schedules/:id",
+      method: "PATCH",
+      policyKey: "schedules",
+      handler: async ({ req, params }) => {
+        const body: unknown = await req.json();
+        if (typeof body !== "object" || !body || Array.isArray(body)) {
+          return httpError("BAD_REQUEST", "Request body must be a JSON object", 400);
+        }
+        return handleUpdateSchedule(params.id, body as Record<string, unknown>);
+      },
+    },
     {
       endpoint: "schedules/:id/run",
       method: "POST",

package/src/runtime/routes/settings-routes.ts CHANGED Viewed

@@ -10,7 +10,10 @@
 import { readFileSync } from "node:fs";
 import { join } from "node:path";
-import { setIngressPublicBaseUrl } from "../../config/env.js";
+import {
+  getPlatformBaseUrl,
+  setIngressPublicBaseUrl,
+} from "../../config/env.js";
 import { loadRawConfig, saveRawConfig } from "../../config/loader.js";
 import { loadSkillCatalog } from "../../config/skills.js";
 import {
@@ -728,6 +731,43 @@ export function settingsRouteDefinitions(): RouteDefinition[] {
       handler: () => handleEnvVars(),
     },
+    // Platform config (GET / PUT)
+    {
+      endpoint: "config/platform",
+      method: "GET",
+      policyKey: "config/platform:GET",
+      handler: () => {
+        const raw = loadRawConfig();
+        const platform = (raw?.platform ?? {}) as Record<string, unknown>;
+        const baseUrl =
+          (platform.baseUrl as string | undefined) || getPlatformBaseUrl();
+        return Response.json({ baseUrl, success: true });
+      },
+    },
+    {
+      endpoint: "config/platform",
+      method: "PUT",
+      policyKey: "config/platform",
+      handler: async ({ req }) => {
+        try {
+          const body = (await req.json()) as { baseUrl?: string };
+          const value = (body.baseUrl ?? "").trim().replace(/\/+$/, "");
+          const raw = loadRawConfig();
+          const platform = (raw?.platform ?? {}) as Record<string, unknown>;
+          platform.baseUrl = value || undefined;
+          saveRawConfig({ ...raw, platform });
+          return Response.json({ baseUrl: value, success: true });
+        } catch (err) {
+          const message = err instanceof Error ? err.message : String(err);
+          log.error({ err }, "Failed to update platform config via HTTP");
+          return Response.json(
+            { baseUrl: "", success: false, error: message },
+            { status: 500 },
+          );
+        }
+      },
+    },
     // Ingress config (GET / PUT)
     {
       endpoint: "integrations/ingress/config",