@vellumai/assistant 0.5.6 → 0.5.8

package/src/runtime/routes/inbound-stages/acl-enforcement.ts

@@ -8,7 +8,10 @@
  */
 import { isInviteCodeRedemptionEnabled } from "../../../channels/config.js";
 import type { ChannelId } from "../../../channels/types.js";
-import { findContactChannel } from "../../../contacts/contact-store.js";
+import {
+  findContactChannel,
+  findGuardianForChannel,
+} from "../../../contacts/contact-store.js";
 import { touchChannelLastSeen } from "../../../contacts/contacts-write.js";
 import type {
   ChannelStatus,
@@ -21,7 +24,10 @@ import {
   findByInviteCodeHash,
   findByInviteCodeHashAnyChannel,
 } from "../../../memory/invite-store.js";
+import { MESSAGE_PREVIEW_MAX_LENGTH } from "../../../notifications/copy-composer.js";
+import { resolveGuardianName } from "../../../prompts/user-reference.js";
 import { getLogger } from "../../../util/logger.js";
+import { truncate } from "../../../util/truncate.js";
 import { hashVoiceCode } from "../../../util/voice-code.js";
 import { notifyGuardianOfAccessRequest } from "../../access-request-helper.js";
 import { getInviteAdapterRegistry } from "../../channel-invite-transport.js";
@@ -32,6 +38,7 @@ import {
   resolveBootstrapToken,
 } from "../../channel-verification-service.js";
 import { deliverChannelReply } from "../../gateway-client.js";
+import { ensureVellumGuardianBinding } from "../../guardian-vellum-migration.js";
 import {
   redeemInvite,
   redeemInviteByCode,
@@ -40,6 +47,42 @@ import { getInviteRedemptionReply } from "../../invite-redemption-templates.js";
 
 const log = getLogger("runtime-http");
 
+/**
+ * Resolve the guardian's display name for use in requester-facing messages.
+ *
+ * Uses the assistant's anchored vellum principal to validate the guardian
+ * contact, matching the same strategy used by `notifyGuardianOfAccessRequest`.
+ * This prevents stale or cross-assistant contacts from leaking a wrong name.
+ */
+function resolveGuardianLabel(
+  sourceChannel: ChannelId,
+  canonicalAssistantId: string,
+): string {
+  const anchoredPrincipalId = ensureVellumGuardianBinding(canonicalAssistantId);
+
+  // Try source-channel guardian, but only accept it when the principal
+  // matches the assistant's anchor.
+  const sourceGuardian = findGuardianForChannel(sourceChannel);
+  if (
+    sourceGuardian &&
+    sourceGuardian.contact.principalId === anchoredPrincipalId
+  ) {
+    return resolveGuardianName(sourceGuardian.contact.displayName);
+  }
+
+  // Fall back to the vellum-channel guardian with the same anchor check.
+  const vellumGuardian = findGuardianForChannel("vellum");
+  if (
+    vellumGuardian &&
+    vellumGuardian.contact.principalId === anchoredPrincipalId
+  ) {
+    return resolveGuardianName(vellumGuardian.contact.displayName);
+  }
+
+  // No anchored guardian found — use generic fallback.
+  return resolveGuardianName(undefined);
+}
+
 // ---------------------------------------------------------------------------
 // Public API
 // ---------------------------------------------------------------------------
@@ -321,6 +364,10 @@ export async function enforceIngressAcl(
                 actorExternalId: canonicalSenderId ?? rawSenderId,
                 actorDisplayName,
                 actorUsername,
+                messagePreview: truncate(
+                  trimmedContent,
+                  MESSAGE_PREVIEW_MAX_LENGTH,
+                ),
               });
             } catch (err) {
               log.error(
@@ -349,7 +396,7 @@ export async function enforceIngressAcl(
                   dmCallbackUrl,
                   {
                     chatId: senderUserId,
-                    text: "I don't recognize you yet! I've let my owner know you're trying to reach me. They'll need to share a 6-digit verification code with you — ask them directly if you know them. Once you have the code, reply here with it.",
+                    text: `I don't recognize you yet! I've let ${resolveGuardianLabel(sourceChannel, canonicalAssistantId)} know you're trying to reach me. They'll need to share a 6-digit verification code with you — ask them directly if you know them. Once you have the code, reply here with it.`,
                     assistantId,
                   },
                   mintBearerToken(),
@@ -387,6 +434,10 @@ export async function enforceIngressAcl(
             actorExternalId: canonicalSenderId ?? rawSenderId,
             actorDisplayName,
             actorUsername,
+            messagePreview: truncate(
+              trimmedContent,
+              MESSAGE_PREVIEW_MAX_LENGTH,
+            ),
           });
           guardianNotified = accessResult.notified;
         } catch (err) {
@@ -398,7 +449,7 @@ export async function enforceIngressAcl(
 
         if (replyCallbackUrl) {
           const replyText = guardianNotified
-            ? "Hmm looks like you don't have access to talk to me. I'll let them know you tried talking to me and get back to you."
+            ? `Hmm looks like you don't have access to talk to me. I'll let ${resolveGuardianLabel(sourceChannel, canonicalAssistantId)} know you tried talking to me and get back to you.`
             : "Sorry, you haven't been approved to message this assistant.";
           const replyPayload: Parameters<typeof deliverChannelReply>[1] = {
             chatId: conversationExternalId,
@@ -579,6 +630,10 @@ export async function enforceIngressAcl(
                   previousMemberStatus: channelStatusToMemberStatus(
                     resolvedMember.channel.status,
                   ),
+                  messagePreview: truncate(
+                    trimmedContent,
+                    MESSAGE_PREVIEW_MAX_LENGTH,
+                  ),
                 });
               } catch (err) {
                 log.error(
@@ -603,7 +658,7 @@ export async function enforceIngressAcl(
                     dmCallbackUrl,
                     {
                       chatId: senderUserId,
-                      text: "I don't recognize you yet! I've let my owner know you're trying to reach me. They'll need to share a 6-digit verification code with you — ask them directly if you know them. Once you have the code, reply here with it.",
+                      text: `I don't recognize you yet! I've let ${resolveGuardianLabel(sourceChannel, canonicalAssistantId)} know you're trying to reach me. They'll need to share a 6-digit verification code with you — ask them directly if you know them. Once you have the code, reply here with it.`,
                       assistantId,
                     },
                     mintBearerToken(),
@@ -645,6 +700,10 @@ export async function enforceIngressAcl(
                 previousMemberStatus: channelStatusToMemberStatus(
                   resolvedMember.channel.status,
                 ),
+                messagePreview: truncate(
+                  trimmedContent,
+                  MESSAGE_PREVIEW_MAX_LENGTH,
+                ),
               });
               guardianNotified = accessResult.notified;
             } catch (err) {
@@ -657,7 +716,7 @@ export async function enforceIngressAcl(
 
           if (replyCallbackUrl) {
             const replyText = guardianNotified
-              ? "Hmm looks like you don't have access to talk to me. I'll let them know you tried talking to me and get back to you."
+              ? `Hmm looks like you don't have access to talk to me. I'll let ${resolveGuardianLabel(sourceChannel, canonicalAssistantId)} know you tried talking to me and get back to you.`
               : "Sorry, you haven't been approved to message this assistant.";
             const inactiveReplyPayload: Parameters<
               typeof deliverChannelReply

package/src/runtime/routes/inbound-stages/background-dispatch.ts

@@ -75,8 +75,6 @@ export interface BackgroundProcessingParams {
   approvalCopyGenerator?: ApprovalCopyGenerator;
   commandIntent?: Record<string, unknown>;
   sourceLanguageCode?: string;
-  /** External message ID (e.g. Slack message ts) used for reaction indicators. */
-  externalMessageId?: string;
   /** Chat type from the gateway (e.g. "private", "group", "supergroup"). */
   chatType?: string;
 }
@@ -106,7 +104,6 @@ export function processChannelMessageInBackground(
     approvalCopyGenerator,
     commandIntent,
     sourceLanguageCode,
-    externalMessageId,
     chatType,
   } = params;
 
@@ -126,18 +123,18 @@ export function processChannelMessageInBackground(
         )
       : undefined;
 
-    // Add 👀 reaction to the inbound Slack message as a processing indicator
-    const removeSlackReaction =
-      shouldEmitSlackReaction(sourceChannel, replyCallbackUrl) &&
-      externalMessageId
-        ? addSlackEyesReaction(
-            replyCallbackUrl!,
-            externalChatId,
-            externalMessageId,
-            mintBearerToken,
-            assistantId,
-          )
-        : undefined;
+    // Set Slack Assistants API "is thinking..." status indicator
+    const clearSlackThinkingStatus = shouldEmitSlackReaction(
+      sourceChannel,
+      replyCallbackUrl,
+    )
+      ? setSlackThinkingStatus(
+          replyCallbackUrl!,
+          externalChatId,
+          mintBearerToken,
+          assistantId,
+        )
+      : undefined;
     const stopApprovalWatcher = replyCallbackUrl
       ? startPendingApprovalPromptWatcher({
           conversationId,
@@ -230,7 +227,7 @@ export function processChannelMessageInBackground(
       deliveryStatus.recordProcessingFailure(eventId, err);
     } finally {
       stopTypingHeartbeat?.();
-      removeSlackReaction?.();
+      clearSlackThinkingStatus?.();
       stopApprovalWatcher?.();
       stopTcApprovalNotifier?.();
     }
@@ -295,7 +292,7 @@ export function startTelegramTypingHeartbeat(
 }
 
 // ---------------------------------------------------------------------------
-// Slack eyes reaction indicator
+// Slack Assistants API thinking status indicator
 // ---------------------------------------------------------------------------
 
 export function shouldEmitSlackReaction(
@@ -310,65 +307,80 @@ export function shouldEmitSlackReaction(
   }
 }
 
-const SLACK_EYES_MAX_DURATION_MS = 120_000;
+const SLACK_THINKING_MAX_DURATION_MS = 120_000;
 
 /**
- * Add a 👀 reaction to the inbound Slack message and return a cleanup
- * function that removes it. Both operations are fire-and-forget.
+ * Set the Slack Assistants API "is thinking..." status on the thread and
+ * return a cleanup function that clears it. Both operations are fire-and-forget.
  *
- * A safety timer auto-removes the reaction after {@link SLACK_EYES_MAX_DURATION_MS}
- * to prevent stuck eyes when `processMessage` hangs (e.g. queued behind
- * an active session turn that never completes for this message).
+ * A safety timer auto-clears the status after {@link SLACK_THINKING_MAX_DURATION_MS}
+ * to prevent a stuck indicator when `processMessage` hangs.
  */
-export function addSlackEyesReaction(
+export function setSlackThinkingStatus(
   callbackUrl: string,
   chatId: string,
-  messageTs: string,
   mintBearerToken: () => string,
   assistantId?: string,
 ): () => void {
-  let removed = false;
+  let cleared = false;
+
+  // Extract the thread timestamp from the callback URL so we can target
+  // the correct thread for the Assistants API status.
+  const threadTs = extractThreadTsFromCallbackUrl(callbackUrl);
+
+  // If there's no thread context, we can't set a thread status — bail.
+  if (!threadTs) {
+    return () => {};
+  }
 
-  // Track the add promise so remove waits for it to settle first,
-  // preventing a race where remove arrives at Slack before add.
-  const addPromise = deliverChannelReply(
+  // Track the set promise so clear waits for it to settle first,
+  // preventing a race where clear arrives at Slack before set.
+  const setPromise = deliverChannelReply(
     callbackUrl,
     {
       chatId,
       assistantId,
-      reaction: { action: "add", name: "eyes", messageTs },
+      assistantThreadStatus: {
+        channel: chatId,
+        threadTs,
+        status: "is thinking...",
+      },
     },
     mintBearerToken(),
   ).catch((err) => {
-    log.debug({ err, chatId, messageTs }, "Failed to add Slack eyes reaction");
+    log.debug({ err, chatId, threadTs }, "Failed to set Slack thinking status");
   });
 
-  const removeReaction = () => {
-    if (removed) return;
-    removed = true;
+  const clearStatus = () => {
+    if (cleared) return;
+    cleared = true;
     clearTimeout(safetyTimer);
-    void addPromise.then(() =>
+    void setPromise.then(() =>
       deliverChannelReply(
         callbackUrl,
         {
           chatId,
           assistantId,
-          reaction: { action: "remove", name: "eyes", messageTs },
+          assistantThreadStatus: {
+            channel: chatId,
+            threadTs,
+            status: "",
+          },
         },
         mintBearerToken(),
       ).catch((err) => {
         log.debug(
-          { err, chatId, messageTs },
-          "Failed to remove Slack eyes reaction",
+          { err, chatId, threadTs },
+          "Failed to clear Slack thinking status",
         );
       }),
     );
   };
 
-  const safetyTimer = setTimeout(removeReaction, SLACK_EYES_MAX_DURATION_MS);
+  const safetyTimer = setTimeout(clearStatus, SLACK_THINKING_MAX_DURATION_MS);
   (safetyTimer as { unref?: () => void }).unref?.();
 
-  return removeReaction;
+  return clearStatus;
 }
 
 // ---------------------------------------------------------------------------

package/src/runtime/routes/inbound-stages/secret-ingress-check.ts

@@ -1,12 +1,6 @@
 /**
- * Secret ingress check stage: persists the raw inbound payload, runs the
- * secret detection scan, and records a conversation-seen signal for
- * Telegram messages.
- *
- * The payload is stored before the scan so dead-lettered events can be
- * replayed. If the scan detects embedded secrets the stored payload is
- * cleared before the IngressBlockedError propagates, ensuring
- * secret-bearing content is never left on disk.
+ * Inbound payload persistence stage: persists the raw inbound payload and
+ * records a conversation-seen signal for Telegram messages.
  *
  * Extracted from inbound-message-handler.ts to keep the top-level handler
  * focused on orchestration.
@@ -15,8 +9,6 @@ import type { ChannelId } from "../../../channels/types.js";
 import type { TrustContext } from "../../../daemon/conversation-runtime-assembly.js";
 import { recordConversationSeenSignal } from "../../../memory/conversation-attention-store.js";
 import * as deliveryCrud from "../../../memory/delivery-crud.js";
-import { checkIngressForSecrets } from "../../../security/secret-ingress.js";
-import { IngressBlockedError } from "../../../util/errors.js";
 import { getLogger } from "../../../util/logger.js";
 
 const log = getLogger("runtime-http");
@@ -44,10 +36,7 @@ export interface SecretIngressCheckParams {
 }
 
 /**
- * Persist the raw payload, run the secret ingress scan, and record a
- * Telegram seen signal.
- *
- * Throws IngressBlockedError if the content contains secrets.
+ * Persist the raw payload and record a Telegram seen signal.
  */
 export function runSecretIngressCheck(params: SecretIngressCheckParams): void {
   const {
@@ -68,9 +57,7 @@ export function runSecretIngressCheck(params: SecretIngressCheckParams): void {
     canonicalAssistantId,
   } = params;
 
-  // Persist the raw payload first so dead-lettered events can always be
-  // replayed. If the ingress check later detects secrets we clear it
-  // before throwing, so secret-bearing content is never left on disk.
+  // Persist the raw payload so dead-lettered events can always be replayed.
   deliveryCrud.storePayload(eventId, {
     sourceChannel,
     externalChatId: conversationExternalId,
@@ -86,22 +73,6 @@ export function runSecretIngressCheck(params: SecretIngressCheckParams): void {
     assistantId: canonicalAssistantId,
   });
 
-  const contentToCheck = content ?? "";
-  let ingressCheck: ReturnType<typeof checkIngressForSecrets>;
-  try {
-    ingressCheck = checkIngressForSecrets(contentToCheck);
-  } catch (checkErr) {
-    deliveryCrud.clearPayload(eventId);
-    throw checkErr;
-  }
-  if (ingressCheck.blocked) {
-    deliveryCrud.clearPayload(eventId);
-    throw new IngressBlockedError(
-      ingressCheck.userNotice!,
-      ingressCheck.detectedTypes,
-    );
-  }
-
   // Record inferred seen signal for non-duplicate Telegram inbound messages
   if (sourceChannel === "telegram") {
     try {

package/src/runtime/routes/inbound-stages/transcribe-audio.test.ts

@@ -24,7 +24,7 @@ mock.module("../../../config/assistant-feature-flags.js", () => ({
 }));
 
 mock.module("../../../config/loader.js", () => ({
-  getConfig: () => ({ assistantFeatureFlagValues: {} }),
+  getConfig: () => ({}),
 }));
 
 mock.module("../../../memory/attachments-store.js", () => ({

package/src/runtime/routes/integrations/twilio.ts

@@ -91,10 +91,19 @@ export async function handleGetTwilioConfig(): Promise<Response> {
 export async function handleSetTwilioCredentials(
   req: Request,
 ): Promise<Response> {
-  const body = (await req.json().catch(() => ({}))) as {
-    accountSid?: string;
-    authToken?: string;
-  };
+  let body: { accountSid?: string; authToken?: string };
+  try {
+    body = (await req.json()) as typeof body;
+  } catch {
+    return Response.json(
+      {
+        success: false,
+        hasCredentials: await hasTwilioCredentials(),
+        error: "Invalid JSON in request body",
+      },
+      { status: 400 },
+    );
+  }
 
   if (!body.accountSid || !body.authToken) {
     return Response.json(
@@ -261,10 +270,19 @@ export async function handleProvisionTwilioNumber(
     });
   }
 
-  const body = (await req.json().catch(() => ({}))) as {
-    country?: string;
-    areaCode?: string;
-  };
+  let body: { country?: string; areaCode?: string };
+  try {
+    body = (await req.json()) as typeof body;
+  } catch {
+    return Response.json(
+      {
+        success: false,
+        hasCredentials: await hasTwilioCredentials(),
+        error: "Invalid JSON in request body",
+      },
+      { status: 400 },
+    );
+  }
   const { accountSid, authToken } = await getTwilioCredentials();
   const country = body.country ?? "US";
 
@@ -318,7 +336,19 @@ export async function handleProvisionTwilioNumber(
 export async function handleAssignTwilioNumber(
   req: Request,
 ): Promise<Response> {
-  const body = (await req.json().catch(() => ({}))) as { phoneNumber?: string };
+  let body: { phoneNumber?: string };
+  try {
+    body = (await req.json()) as typeof body;
+  } catch {
+    return Response.json(
+      {
+        success: false,
+        hasCredentials: await hasTwilioCredentials(),
+        error: "Invalid JSON in request body",
+      },
+      { status: 400 },
+    );
+  }
 
   if (!body.phoneNumber) {
     return Response.json(
@@ -375,7 +405,19 @@ export async function handleReleaseTwilioNumber(
     });
   }
 
-  const body = (await req.json().catch(() => ({}))) as { phoneNumber?: string };
+  let body: { phoneNumber?: string };
+  try {
+    body = (await req.json()) as typeof body;
+  } catch {
+    return Response.json(
+      {
+        success: false,
+        hasCredentials: await hasTwilioCredentials(),
+        error: "Invalid JSON in request body",
+      },
+      { status: 400 },
+    );
+  }
   const raw = loadRawConfig();
   const twilio = (raw?.twilio ?? {}) as Record<string, unknown>;
   const phoneNumber = body.phoneNumber || (twilio.phoneNumber as string) || "";

package/src/runtime/routes/integrations/vercel.ts

@@ -0,0 +1,89 @@
+/**
+ * Route handlers for Vercel integration config endpoints.
+ *
+ * GET    /v1/integrations/vercel/config — check if a Vercel API token is stored
+ * POST   /v1/integrations/vercel/config — set or delete token (dispatched via action field)
+ * DELETE /v1/integrations/vercel/config — delete the stored Vercel API token
+ *
+ * The Swift client sends all mutations as POST with an `action` field
+ * ("set" or "delete") rather than using HTTP verbs directly.
+ */
+
+import {
+  deleteVercelConfig,
+  getVercelConfig,
+  setVercelConfig,
+} from "../../../daemon/handlers/config-vercel.js";
+import type { RouteDefinition } from "../../http-router.js";
+
+/**
+ * GET /v1/integrations/vercel/config
+ */
+export async function handleGetVercelConfig(): Promise<Response> {
+  const result = await getVercelConfig();
+  return Response.json(result);
+}
+
+/**
+ * POST /v1/integrations/vercel/config
+ *
+ * Body: { action: "set" | "delete"; apiToken?: string }
+ *
+ * The Swift client uses POST for both set and delete operations,
+ * distinguished by the `action` field.
+ */
+export async function handlePostVercelConfig(req: Request): Promise<Response> {
+  const body = (await req.json()) as {
+    action?: "get" | "set" | "delete";
+    apiToken?: string;
+  };
+
+  switch (body.action) {
+    case "delete": {
+      const result = await deleteVercelConfig();
+      return Response.json(result);
+    }
+    case "get": {
+      const result = await getVercelConfig();
+      return Response.json(result);
+    }
+    case "set":
+    default: {
+      const result = await setVercelConfig(body.apiToken);
+      const status = result.success ? 200 : 400;
+      return Response.json(result, { status });
+    }
+  }
+}
+
+/**
+ * DELETE /v1/integrations/vercel/config
+ */
+export async function handleDeleteVercelConfig(): Promise<Response> {
+  const result = await deleteVercelConfig();
+  return Response.json(result);
+}
+
+// ---------------------------------------------------------------------------
+// Route definitions
+// ---------------------------------------------------------------------------
+
+export function vercelRouteDefinitions(): RouteDefinition[] {
+  return [
+    {
+      endpoint: "integrations/vercel/config",
+      method: "GET",
+      handler: () => handleGetVercelConfig(),
+    },
+    {
+      endpoint: "integrations/vercel/config",
+      method: "POST",
+      handler: async ({ req }) => handlePostVercelConfig(req),
+    },
+    {
+      endpoint: "integrations/vercel/config",
+      method: "DELETE",
+      handler: async () => handleDeleteVercelConfig(),
+    },
+  ];
+}

package/src/runtime/routes/log-export-routes.ts

@@ -37,6 +37,7 @@ import {
   getWorkspaceConfigPath,
   getWorkspaceDir,
 } from "../../util/platform.js";
+import { APP_VERSION, COMMIT_SHA } from "../../version.js";
 import { httpError } from "../http-errors.js";
 import type { RouteDefinition } from "../http-router.js";
 
@@ -264,12 +265,16 @@ async function handleExport(body: ExportRequestBody): Promise<Response> {
       ? {
           type: "conversation-export" as const,
           conversationId,
+          assistantVersion: APP_VERSION,
+          commitSha: COMMIT_SHA,
           ...(startTime !== undefined ? { startTime } : {}),
           ...(endTime !== undefined ? { endTime } : {}),
           exportedAt: new Date().toISOString(),
         }
       : {
           type: "global-export" as const,
+          assistantVersion: APP_VERSION,
+          commitSha: COMMIT_SHA,
           exportedAt: new Date().toISOString(),
         };
     writeFileSync(

package/src/runtime/routes/memory-item-routes.test.ts

@@ -754,7 +754,7 @@ describe("Memory Item Routes", () => {
       expect(res.status).toBe(400);
     });
 
-    test("truncates long subject and statement", async () => {
+    test("preserves long subject and statement without truncation", async () => {
       const longSubject = "a".repeat(200);
       const longStatement = "b".repeat(1000);
       const ctx = makeJsonCtx("memory-items", "POST", {
@@ -767,8 +767,8 @@ describe("Memory Item Routes", () => {
       const body = (await res.json()) as {
         item: { subject: string; statement: string };
       };
-      expect(body.item.subject.length).toBeLessThanOrEqual(80);
-      expect(body.item.statement.length).toBeLessThanOrEqual(500);
+      expect(body.item.subject).toBe(longSubject);
+      expect(body.item.statement).toBe(longStatement);
     });
 
     test("enqueues embed job on create", async () => {