@vellumai/assistant 0.5.6 → 0.5.8

package/src/runtime/routes/memory-item-routes.ts

@@ -28,7 +28,6 @@ import {
   memoryItems,
 } from "../../memory/schema.js";
 import { getLogger } from "../../util/logger.js";
-import { truncate } from "../../util/truncate.js";
 import { httpError } from "../http-errors.js";
 import type { RouteContext, RouteDefinition } from "../http-router.js";
 
@@ -45,6 +44,8 @@ const VALID_KINDS = [
   "decision",
   "constraint",
   "event",
+  "capability",
+  "journal",
 ] as const;
 
 type MemoryItemKind = (typeof VALID_KINDS)[number];
@@ -154,7 +155,7 @@ async function searchItemsSemantic(
     const sparse = generateSparseEmbedding(query);
     const sparseVector = { indices: sparse.indices, values: sparse.values };
 
-    // Build Qdrant filter — items only, exclude capability kind and sentinel
+    // Build Qdrant filter — items only, exclude sentinel
     const mustConditions: Array<Record<string, unknown>> = [
       { key: "target_type", match: { value: "item" } },
     ];
@@ -167,10 +168,7 @@ async function searchItemsSemantic(
 
     const filter = {
       must: mustConditions,
-      must_not: [
-        { key: "kind", match: { value: "capability" } },
-        { key: "_meta", match: { value: true } },
-      ],
+      must_not: [{ key: "_meta", match: { value: true } }],
     };
 
     const qdrant = getQdrantClient();
@@ -185,6 +183,11 @@ async function searchItemsSemantic(
     );
 
     const ids = results.map((r) => r.payload.target_id);
+
+    // Use the vector search result count as the pagination total.
+    // A DB-wide COUNT would include items with no embedding yet (lagging) and
+    // items irrelevant to the search query, inflating the total and causing
+    // clients to paginate into empty pages.
     return { ids, total: ids.length };
   } catch (err) {
     log.warn({ err }, "Semantic memory search failed, falling back to SQL");
@@ -249,11 +252,24 @@ export async function handleListMemoryItems(url: URL): Promise<Response> {
         offsetParam + limitParam,
       );
 
-      // Batch-fetch full rows from SQLite
+      if (pageIds.length === 0) {
+        return Response.json({ items: [], total: semanticResult.total });
+      }
+
+      // Re-apply the same DB-side filters used in the SQL path as defense-
+      // in-depth against stale Qdrant payloads leaking deleted/mismatched rows.
+      const hydrationConditions = [inArray(memoryItems.id, pageIds)];
+      if (statusParam && statusParam !== "all") {
+        hydrationConditions.push(eq(memoryItems.status, statusParam));
+      }
+      if (kindParam) {
+        hydrationConditions.push(eq(memoryItems.kind, kindParam));
+      }
+
       const rows = db
         .select()
         .from(memoryItems)
-        .where(inArray(memoryItems.id, pageIds))
+        .where(and(...hydrationConditions))
         .all();
 
       // Preserve Qdrant relevance ordering
@@ -279,8 +295,6 @@ export async function handleListMemoryItems(url: URL): Promise<Response> {
 
   // ── SQL path (default or fallback) ──────────────────────────────────
   const conditions = [];
-  // Hide system-managed capability memories (skill announcements) from the UI
-  conditions.push(ne(memoryItems.kind, "capability"));
   if (statusParam && statusParam !== "all") {
     conditions.push(eq(memoryItems.status, statusParam));
   }
@@ -428,8 +442,8 @@ export async function handleCreateMemoryItem(
     );
   }
 
-  const trimmedSubject = truncate(subject.trim(), 80, "");
-  const trimmedStatement = truncate(statement.trim(), 500, "");
+  const trimmedSubject = subject.trim();
+  const trimmedStatement = statement.trim();
 
   const scopeId = "default";
   const fingerprint = computeMemoryFingerprint(
@@ -474,6 +488,7 @@ export async function handleCreateMemoryItem(
       confidence: 0.95,
       importance: importance ?? 0.8,
       fingerprint,
+      sourceType: "tool",
       verificationState: "user_confirmed",
       scopeId,
       firstSeenAt: now,
@@ -516,6 +531,7 @@ export async function handleUpdateMemoryItem(
     kind?: string;
     status?: string;
     importance?: number;
+    sourceType?: string;
     verificationState?: string;
   };
 
@@ -540,13 +556,13 @@ export async function handleUpdateMemoryItem(
     if (typeof body.subject !== "string") {
       return httpError("BAD_REQUEST", "subject must be a string", 400);
     }
-    set.subject = truncate(body.subject.trim(), 80, "");
+    set.subject = body.subject.trim();
   }
   if (body.statement !== undefined) {
     if (typeof body.statement !== "string") {
       return httpError("BAD_REQUEST", "statement must be a string", 400);
     }
-    set.statement = truncate(body.statement.trim(), 500, "");
+    set.statement = body.statement.trim();
   }
   if (body.kind !== undefined) {
     if (!isValidKind(body.kind)) {
@@ -564,8 +580,24 @@ export async function handleUpdateMemoryItem(
   if (body.importance !== undefined) {
     set.importance = body.importance;
   }
+  if (body.sourceType !== undefined) {
+    set.sourceType = body.sourceType;
+  }
+
+  // Accept verificationState from clients that haven't migrated to sourceType yet.
+  // Map verificationState → sourceType for forward compat, and write both fields.
   if (body.verificationState !== undefined) {
     set.verificationState = body.verificationState;
+    // Map verificationState to sourceType if sourceType wasn't explicitly provided
+    if (body.sourceType === undefined) {
+      set.sourceType =
+        body.verificationState === "user_confirmed" ? "tool" : "extraction";
+    }
+  }
+  // If sourceType was set (either directly or via mapping), also write verificationState
+  if (body.sourceType !== undefined && body.verificationState === undefined) {
+    set.verificationState =
+      body.sourceType === "tool" ? "user_confirmed" : "assistant_inferred";
   }
 
   // If subject, statement, or kind changed, recompute fingerprint

package/src/runtime/routes/migration-rollback-routes.ts

@@ -0,0 +1,209 @@
+/**
+ * Migration rollback endpoint — rolls back DB and/or workspace migrations
+ * to a specified target version/migration ID.
+ *
+ * Protected by a route policy restricting access to gateway service
+ * principals only (`svc_gateway` with `internal.write` scope), following
+ * the same pattern as other gateway-forwarded control-plane endpoints.
+ */
+
+import { getDb } from "../../memory/db-connection.js";
+import { getMaxMigrationVersion } from "../../memory/migrations/registry.js";
+import { rollbackMemoryMigration } from "../../memory/migrations/validate-migration-state.js";
+import { getWorkspaceDir } from "../../util/platform.js";
+import { WORKSPACE_MIGRATIONS } from "../../workspace/migrations/registry.js";
+import {
+  getLastWorkspaceMigrationId,
+  loadCheckpoints,
+  rollbackWorkspaceMigrations,
+} from "../../workspace/migrations/runner.js";
+import { httpError } from "../http-errors.js";
+import type { RouteDefinition } from "../http-router.js";
+
+export function migrationRollbackRouteDefinitions(): RouteDefinition[] {
+  return [
+    {
+      endpoint: "admin/rollback-migrations",
+      method: "POST",
+      handler: async ({ req }) => {
+        let body: unknown;
+        try {
+          body = await req.json();
+        } catch {
+          return httpError("BAD_REQUEST", "Invalid JSON body", 400);
+        }
+
+        if (!body || typeof body !== "object") {
+          return httpError(
+            "BAD_REQUEST",
+            "Request body must be a JSON object",
+            400,
+          );
+        }
+
+        const {
+          targetDbVersion,
+          targetWorkspaceMigrationId,
+          rollbackToRegistryCeiling,
+        } = body as {
+          targetDbVersion?: unknown;
+          targetWorkspaceMigrationId?: unknown;
+          rollbackToRegistryCeiling?: unknown;
+        };
+
+        // When rollbackToRegistryCeiling is true, auto-determine targets
+        // from this daemon's own migration registry ceilings.
+        let effectiveDbVersion = targetDbVersion as number | undefined;
+        let effectiveWorkspaceMigrationId = targetWorkspaceMigrationId as
+          | string
+          | undefined;
+
+        if (rollbackToRegistryCeiling === true) {
+          if (effectiveDbVersion === undefined)
+            effectiveDbVersion = getMaxMigrationVersion();
+          if (effectiveWorkspaceMigrationId === undefined)
+            effectiveWorkspaceMigrationId =
+              getLastWorkspaceMigrationId(WORKSPACE_MIGRATIONS) ?? undefined;
+        }
+
+        // At least one rollback target must be specified.
+        if (
+          effectiveDbVersion === undefined &&
+          effectiveWorkspaceMigrationId === undefined
+        ) {
+          return httpError(
+            "BAD_REQUEST",
+            "At least one of targetDbVersion or targetWorkspaceMigrationId must be provided",
+            400,
+          );
+        }
+
+        // Validate effectiveDbVersion when provided.
+        if (effectiveDbVersion !== undefined) {
+          if (
+            typeof effectiveDbVersion !== "number" ||
+            !Number.isInteger(effectiveDbVersion) ||
+            effectiveDbVersion < 0
+          ) {
+            return httpError(
+              "BAD_REQUEST",
+              "targetDbVersion must be a non-negative integer",
+              400,
+            );
+          }
+        }
+
+        // Validate effectiveWorkspaceMigrationId when provided.
+        if (effectiveWorkspaceMigrationId !== undefined) {
+          if (
+            typeof effectiveWorkspaceMigrationId !== "string" ||
+            effectiveWorkspaceMigrationId.length === 0
+          ) {
+            return httpError(
+              "BAD_REQUEST",
+              "targetWorkspaceMigrationId must be a non-empty string",
+              400,
+            );
+          }
+        }
+
+        // Preflight: validate that the workspace migration ID exists in the
+        // registry BEFORE executing any mutations. This prevents the DB
+        // rollback from committing when the workspace target is invalid.
+        let resolvedTargetIndex = -1;
+        if (effectiveWorkspaceMigrationId !== undefined) {
+          const targetId = effectiveWorkspaceMigrationId as string;
+          resolvedTargetIndex = WORKSPACE_MIGRATIONS.findIndex(
+            (m) => m.id === targetId,
+          );
+          if (resolvedTargetIndex === -1) {
+            return httpError(
+              "BAD_REQUEST",
+              `Target workspace migration "${targetId}" not found in the registry`,
+              400,
+            );
+          }
+        }
+
+        const rolledBack: { db: string[]; workspace: string[] } = {
+          db: [],
+          workspace: [],
+        };
+
+        // Roll back DB migrations if requested.
+        if (effectiveDbVersion !== undefined) {
+          try {
+            rolledBack.db = rollbackMemoryMigration(
+              getDb(),
+              effectiveDbVersion,
+            );
+          } catch (err) {
+            const detail = err instanceof Error ? err.message : "Unknown error";
+            return httpError(
+              "INTERNAL_ERROR",
+              `DB migration rollback failed: ${detail}`,
+              500,
+            );
+          }
+        }
+
+        // Roll back workspace migrations if requested.
+        if (effectiveWorkspaceMigrationId !== undefined) {
+          const workspaceDir = getWorkspaceDir();
+
+          // Compute which migrations are candidates for rollback before
+          // executing, since rollbackWorkspaceMigrations returns void.
+          const targetId = effectiveWorkspaceMigrationId;
+
+          const checkpointsBefore = loadCheckpoints(workspaceDir);
+          const candidateIds = WORKSPACE_MIGRATIONS.slice(
+            resolvedTargetIndex + 1,
+          )
+            .filter((m) => {
+              const entry = checkpointsBefore.applied[m.id];
+              return (
+                entry &&
+                entry.status !== "started" &&
+                entry.status !== "rolling_back"
+              );
+            })
+            .map((m) => m.id);
+
+          try {
+            await rollbackWorkspaceMigrations(
+              workspaceDir,
+              WORKSPACE_MIGRATIONS,
+              targetId,
+            );
+
+            rolledBack.workspace = candidateIds;
+          } catch (err) {
+            // Re-read checkpoints to determine which migrations were actually
+            // rolled back before the error occurred. A candidate whose entry
+            // is no longer present in the checkpoint file was successfully
+            // reverted.
+            const checkpointsAfter = loadCheckpoints(workspaceDir);
+            const actuallyRolledBack = candidateIds.filter(
+              (id) => !checkpointsAfter.applied[id],
+            );
+
+            const detail = err instanceof Error ? err.message : "Unknown error";
+            return httpError(
+              "INTERNAL_ERROR",
+              `Workspace migration rollback failed: ${detail}`,
+              500,
+              {
+                partialRolledBack: {
+                  db: rolledBack.db,
+                  workspace: actuallyRolledBack,
+                },
+              },
+            );
+          }
+        }
+
+        return Response.json({ ok: true, rolledBack });
+      },
+    },
+  ];
+}

package/src/runtime/routes/migration-routes.ts

@@ -15,7 +15,8 @@ import { join } from "node:path";
 import { Database } from "bun:sqlite";
 
 import { invalidateConfigCache } from "../../config/loader.js";
-import { resetDb } from "../../memory/db-connection.js";
+import { getDb, resetDb } from "../../memory/db-connection.js";
+import { validateMigrationState } from "../../memory/migrations/validate-migration-state.js";
 import { clearCache as clearTrustCache } from "../../permissions/trust-store.js";
 import { getLogger } from "../../util/logger.js";
 import {
@@ -438,6 +439,21 @@ export async function handleMigrationImport(req: Request): Promise<Response> {
     invalidateConfigCache();
     clearTrustCache();
 
+    // Check whether the imported database contains migration checkpoints from
+    // a newer version. This is non-blocking — the import has already
+    // succeeded — but we surface a warning so the caller knows some data may
+    // not be fully compatible with this daemon's schema.
+    try {
+      const migrationValidation = validateMigrationState(getDb());
+      if (migrationValidation.unknownCheckpoints.length > 0) {
+        result.report.warnings.push(
+          `Imported data contains ${migrationValidation.unknownCheckpoints.length} migration(s) from a newer version. Some data may not be fully compatible.`,
+        );
+      }
+    } catch {
+      // Don't fail the import if validation itself errors
+    }
+
     return Response.json(result.report);
   } catch (err) {
     log.error({ err }, "Unexpected error during import commit");

package/src/runtime/routes/notification-routes.ts

@@ -0,0 +1,58 @@
+/**
+ * Route handlers for notification delivery acknowledgments.
+ *
+ * Provides a REST endpoint for clients to report the outcome of
+ * local notification delivery (UNUserNotificationCenter.add).
+ */
+
+import { eq } from "drizzle-orm";
+
+import { getDb } from "../../memory/db.js";
+import { notificationDeliveries } from "../../memory/schema.js";
+import { httpError } from "../http-errors.js";
+import type { RouteDefinition } from "../http-router.js";
+
+export function notificationRouteDefinitions(): RouteDefinition[] {
+  return [
+    // POST /v1/notification-intent-result — client ack for notification delivery
+    {
+      endpoint: "notification-intent-result",
+      method: "POST",
+      policyKey: "notification-intent-result",
+      handler: async ({ req }) => {
+        const body = (await req.json()) as {
+          deliveryId?: string;
+          success?: boolean;
+          errorMessage?: string;
+          errorCode?: string;
+        };
+
+        if (!body.deliveryId || typeof body.deliveryId !== "string") {
+          return httpError("BAD_REQUEST", "deliveryId is required", 400);
+        }
+
+        const db = getDb();
+        const now = Date.now();
+
+        const updates: Record<string, unknown> = {
+          clientDeliveryStatus: body.success ? "delivered" : "client_failed",
+          clientDeliveryAt: now,
+          updatedAt: now,
+        };
+        if (body.errorMessage) {
+          updates.clientDeliveryError = body.errorMessage;
+        }
+        if (body.errorCode) {
+          updates.errorCode = body.errorCode;
+        }
+
+        db.update(notificationDeliveries)
+          .set(updates)
+          .where(eq(notificationDeliveries.id, body.deliveryId))
+          .run();
+
+        return Response.json({ ok: true });
+      },
+    },
+  ];
+}

package/src/runtime/routes/schedule-routes.ts

@@ -99,6 +99,59 @@ function handleCancelSchedule(id: string): Response {
   return handleListSchedules();
 }
 
+const VALID_MODES = ["notify", "execute"] as const;
+const VALID_ROUTING_INTENTS = [
+  "single_channel",
+  "multi_channel",
+  "all_channels",
+] as const;
+
+function handleUpdateSchedule(
+  id: string,
+  body: Record<string, unknown>,
+): Response {
+  const updates: Record<string, unknown> = {};
+
+  if ("mode" in body && !VALID_MODES.includes(body.mode as (typeof VALID_MODES)[number])) {
+    return httpError("BAD_REQUEST", `Invalid mode: must be one of ${VALID_MODES.join(", ")}`, 400);
+  }
+  if ("routingIntent" in body && !VALID_ROUTING_INTENTS.includes(body.routingIntent as (typeof VALID_ROUTING_INTENTS)[number])) {
+    return httpError("BAD_REQUEST", `Invalid routingIntent: must be one of ${VALID_ROUTING_INTENTS.join(", ")}`, 400);
+  }
+
+  for (const key of [
+    "name",
+    "expression",
+    "timezone",
+    "message",
+    "mode",
+    "routingIntent",
+    "quiet",
+  ] as const) {
+    if (key in body) {
+      updates[key] = body[key];
+    }
+  }
+
+  try {
+    const updated = updateSchedule(id, updates);
+    if (!updated) {
+      return httpError("NOT_FOUND", "Schedule not found", 404);
+    }
+    log.info({ id, updates }, "Schedule updated via HTTP");
+  } catch (err) {
+    if (
+      err instanceof Error &&
+      (err.message.includes("Invalid") || err.message.includes("invalid"))
+    ) {
+      return httpError("BAD_REQUEST", err.message, 400);
+    }
+    log.error({ err }, "Failed to update schedule");
+    return httpError("INTERNAL_ERROR", "Failed to update schedule", 500);
+  }
+  return handleListSchedules();
+}
+
 async function handleRunScheduleNow(
   id: string,
   sendMessageDeps?: SendMessageDeps,
@@ -243,6 +296,18 @@ export function scheduleRouteDefinitions(deps: {
       policyKey: "schedules",
       handler: ({ params }) => handleDeleteSchedule(params.id),
     },
+    {
+      endpoint: "schedules/:id",
+      method: "PATCH",
+      policyKey: "schedules",
+      handler: async ({ req, params }) => {
+        const body: unknown = await req.json();
+        if (typeof body !== "object" || !body || Array.isArray(body)) {
+          return httpError("BAD_REQUEST", "Request body must be a JSON object", 400);
+        }
+        return handleUpdateSchedule(params.id, body as Record<string, unknown>);
+      },
+    },
     {
       endpoint: "schedules/:id/run",
       method: "POST",