@vellumai/assistant 0.5.6 → 0.5.8

package/src/tools/memory/handlers.ts

@@ -9,7 +9,6 @@ import { buildMemoryRecall } from "../../memory/retriever.js";
 import { memoryItems } from "../../memory/schema.js";
 import type { ScopePolicyOverride } from "../../memory/search/types.js";
 import { getLogger } from "../../util/logger.js";
-import { truncate } from "../../util/truncate.js";
 import type { ToolExecutionResult } from "../types.js";
 
 const log = getLogger("memory-tools");
@@ -39,6 +38,7 @@ export async function handleMemorySave(
     "decision",
     "constraint",
     "event",
+    "journal",
   ]);
   if (typeof rawKind !== "string") {
     return {
@@ -60,14 +60,14 @@ export async function handleMemorySave(
 
   const subject =
     typeof args.subject === "string" && args.subject.trim().length > 0
-      ? truncate(args.subject.trim(), 80, "")
+      ? args.subject.trim()
       : inferSubjectFromStatement(statement.trim());
 
   try {
     const db = getDb();
     const id = uuid();
     const now = Date.now();
-    const trimmedStatement = truncate(statement.trim(), 500, "");
+    const trimmedStatement = statement.trim();
 
     const fingerprint = computeMemoryFingerprint(
       scopeId,
@@ -93,6 +93,7 @@ export async function handleMemorySave(
           status: "active",
           importance: 0.8,
           lastSeenAt: now,
+          sourceType: "tool",
           verificationState: "user_confirmed",
         })
         .where(eq(memoryItems.id, existing.id))
@@ -115,6 +116,7 @@ export async function handleMemorySave(
         confidence: 0.95, // explicit saves have high confidence
         importance: 0.8, // explicit saves are high importance
         fingerprint,
+        sourceType: "tool",
         verificationState: "user_confirmed",
         scopeId,
         firstSeenAt: now,
@@ -187,7 +189,7 @@ export async function handleMemoryUpdate(
     }
 
     const now = Date.now();
-    const trimmedStatement = truncate(statement.trim(), 500, "");
+    const trimmedStatement = statement.trim();
 
     const fingerprint = computeMemoryFingerprint(
       scopeId,
@@ -221,6 +223,7 @@ export async function handleMemoryUpdate(
         fingerprint,
         lastSeenAt: now,
         importance: 0.8,
+        sourceType: "tool",
         verificationState: "user_confirmed",
       })
       .where(eq(memoryItems.id, existing.id))
@@ -308,7 +311,7 @@ export async function handleMemoryRecall(
         items: [],
         sources: {
           semantic: recall.semanticHits,
-          recency: recall.recencyHits,
+          recency: 0,
         },
       };
       return {
@@ -328,7 +331,7 @@ export async function handleMemoryRecall(
       })),
       sources: {
         semantic: recall.semanticHits,
-        recency: recall.recencyHits,
+        recency: 0,
       },
     };
 
@@ -416,7 +419,7 @@ export async function handleMemoryDelete(
 function inferSubjectFromStatement(statement: string): string {
   // Take first few words as a subject label
   const words = statement.split(/\s+/).slice(0, 6).join(" ");
-  return truncate(words, 80, "");
+  return words;
 }
 
 /**

package/src/tools/network/script-proxy/session-manager.ts

@@ -61,10 +61,25 @@ const store = new SessionStore();
 /**
  * Host patterns that are allowed by default through the proxy policy engine,
  * regardless of session configuration. Supports exact matches (e.g.
- * `"localhost"`) and wildcard subdomain patterns (e.g. `"*.vellum.ai"`
- * matches `platform.vellum.ai`, `dev-platform.vellum.ai`, etc.).
+ * `"localhost"`) and wildcard subdomain patterns (e.g. `"*.example.com"`
+ * matches `api.example.com`, `dev.example.com`, etc.).
+ *
+ * Additional patterns can be added via the `PROXY_ALLOWED_HOSTS` env var
+ * (comma-separated, e.g. `"*.example.com,api.foo.bar"`).
  */
-const ALLOWED_HOST_PATTERNS: readonly string[] = ["*.vellum.ai", "localhost"];
+const ALLOWED_HOST_PATTERNS: readonly string[] = (() => {
+  const extra = process.env.PROXY_ALLOWED_HOSTS?.trim();
+  const defaults = ["localhost"];
+  if (extra) {
+    defaults.push(
+      ...extra
+        .split(",")
+        .map((h) => h.trim())
+        .filter(Boolean),
+    );
+  }
+  return defaults;
+})();
 
 /**
  * Returns `true` when `hostname` matches any entry in
@@ -73,7 +88,7 @@ const ALLOWED_HOST_PATTERNS: readonly string[] = ["*.vellum.ai", "localhost"];
 function isAllowedHost(hostname: string): boolean {
   for (const pattern of ALLOWED_HOST_PATTERNS) {
     if (pattern.startsWith("*.")) {
-      const suffix = pattern.slice(1); // e.g. ".vellum.ai"
+      const suffix = pattern.slice(1); // e.g. ".example.com"
       if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {
         return true;
       }

package/src/tools/network/web-fetch.ts

@@ -573,7 +573,9 @@ export async function executeWebFetch(
       Accept:
         "text/markdown, text/html;q=0.9, application/xhtml+xml;q=0.9, text/plain;q=0.8, application/json;q=0.7, */*;q=0.6",
       "Accept-Encoding": "identity",
-      "User-Agent": "VellumAssistant/1.0 (+https://vellum.ai)",
+      "User-Agent":
+        process.env.HTTP_USER_AGENT ||
+        "VellumAssistant/1.0 (+https://vellum.ai)",
     };
 
     let currentUrl = new URL(requestedUrl);

package/src/tools/skills/execute.ts

@@ -30,7 +30,7 @@ export class SkillExecuteTool implements Tool {
           activity: {
             type: "string",
             description:
-              "Brief non-technical explanation of what you are doing and why, shown to the user as a status update.",
+              "Brief non-technical explanation of what you are doing and why, shown to the user as a progress update.",
           },
         },
         required: ["tool", "input", "activity"],

package/src/tools/terminal/safe-env.ts

@@ -28,6 +28,7 @@ const SAFE_ENV_VARS = [
   "GPG_TTY",
   "GNUPGHOME",
   "VELLUM_DEV",
+  "VELLUM_WORKSPACE_DIR",
 ] as const;
 
 export function buildSanitizedEnv(): Record<string, string> {

package/src/tools/types.ts

@@ -118,14 +118,6 @@ export interface ToolContext {
   proxyToolResolver?: ProxyToolResolver;
   /** When set, only tools in this set may execute. Tools outside the set are blocked with an error. */
   allowedToolNames?: Set<string>;
-  /** Request user confirmation for a sub-tool operation (used by claude_code tool). */
-  requestConfirmation?: (req: {
-    toolName: string;
-    input: Record<string, unknown>;
-    riskLevel: string;
-    executionTarget?: ExecutionTarget;
-    principal?: string;
-  }) => Promise<{ decision: "allow" | "deny" }>;
   /** Prompt the user for a secret value via native SecureField UI. */
   requestSecret?: (params: {
     service: string;

package/src/util/browser.ts

@@ -0,0 +1,15 @@
+import { isLinux, isMacOS } from "./platform.js";
+
+/**
+ * Open a URL in the user's default browser, falling back to printing the URL
+ * to stderr on unsupported platforms.
+ */
+export function openInBrowser(url: string): void {
+  if (isMacOS()) {
+    Bun.spawn(["open", url], { stdout: "ignore", stderr: "ignore" });
+  } else if (isLinux()) {
+    Bun.spawn(["xdg-open", url], { stdout: "ignore", stderr: "ignore" });
+  } else {
+    process.stderr.write(`Open this URL to authorize:\n\n${url}\n`);
+  }
+}

package/src/util/errors.ts

@@ -20,9 +20,6 @@ export enum ErrorCode {
   // WASM integrity check failures
   INTEGRITY_ERROR = "INTEGRITY_ERROR",
 
-  // Secret detected in inbound content
-  INGRESS_BLOCKED = "INGRESS_BLOCKED",
-
   // Internal/unexpected errors
   INTERNAL_ERROR = "INTERNAL_ERROR",
 }
@@ -178,12 +175,3 @@ export class IntegrityError extends AssistantError {
   }
 }
 
-export class IngressBlockedError extends AssistantError {
-  constructor(
-    message: string,
-    public readonly detectedTypes: string[],
-  ) {
-    super(message, ErrorCode.INGRESS_BLOCKED);
-    this.name = "IngressBlockedError";
-  }
-}

package/src/util/platform.ts

@@ -3,7 +3,6 @@ import {
   existsSync,
   mkdirSync,
   readFileSync,
-  writeFileSync,
 } from "node:fs";
 import { homedir } from "node:os";
 import { join } from "node:path";
@@ -45,25 +44,6 @@ export function getClipboardCommand(): string | null {
   return null;
 }
 
-/**
- * Read and parse the lockfile (~/.vellum.lock.json).
- * Respects BASE_DATA_DIR for non-standard home directories.
- * Returns null if the file doesn't exist or is malformed.
- */
-export function readLockfile(): Record<string, unknown> | null {
-  const base = getBaseDataDir() || homedir();
-  const lockPath = join(base, ".vellum.lock.json");
-  if (!existsSync(lockPath)) return null;
-  try {
-    const raw = JSON.parse(readFileSync(lockPath, "utf-8"));
-    if (raw && typeof raw === "object" && !Array.isArray(raw)) {
-      return raw as Record<string, unknown>;
-    }
-  } catch {
-    // malformed JSON
-  }
-  return null;
-}
 
 /**
  * Resolve the instance data directory from the lockfile.
@@ -155,45 +135,18 @@ export function resolveInstanceDataDir(): string | undefined {
  * (see migration 007-assistant-id-to-self). However, the desktop UI
  * sends the real assistant ID (e.g., "vellum-true-eel") while the
  * inbound call path resolves phone numbers to config keys (typically
- * "self"). This function maps any known lockfile assistant ID to "self"
+ * "self"). This function maps the current assistant's ID to "self"
  * so both sides use a consistent DB key.
- *
- * Multi-instance safety: each daemon process runs with a scoped
- * BASE_DATA_DIR, so readLockfile() only sees the lockfile for this
- * instance. The mapping to "self" is correct because each daemon is
- * single-tenant — it only manages its own instance's data.
  */
 export function normalizeAssistantId(assistantId: string): string {
   if (assistantId === "self") return "self";
 
-  try {
-    const lockData = readLockfile();
-    const assistants = lockData?.assistants as
-      | Array<Record<string, unknown>>
-      | undefined;
-    if (assistants) {
-      for (const entry of assistants) {
-        if (entry.assistantId === assistantId) return "self";
-      }
-    }
-  } catch {
-    // lockfile unreadable — return as-is
-  }
+  const ownName = process.env.VELLUM_ASSISTANT_NAME;
+  if (ownName && assistantId === ownName) return "self";
 
   return assistantId;
 }
 
-/**
- * Write data to the primary lockfile (~/.vellum.lock.json).
- * Respects BASE_DATA_DIR for non-standard home directories.
- */
-export function writeLockfile(data: Record<string, unknown>): void {
-  const base = getBaseDataDir() || homedir();
-  writeFileSync(
-    join(base, ".vellum.lock.json"),
-    JSON.stringify(data, null, 2) + "\n",
-  );
-}
 
 /**
  * Returns the root ~/.vellum directory. User-facing files (config, prompt
@@ -371,7 +324,7 @@ export function getSignalsDir(): string {
 /**
  * Returns the workspace root for user-facing state.
  *
- * When the WORKSPACE_DIR env var is set, returns that value (used in
+ * When the VELLUM_WORKSPACE_DIR env var is set, returns that value (used in
  * containerized deployments where the workspace is a separate volume).
  * Otherwise falls back to ~/.vellum/workspace.
  *

package/src/workspace/git-service.ts

@@ -753,8 +753,11 @@ export class WorkspaceGitService {
    * Must be called with the mutex lock held.
    */
   private async ensureCommitIdentityLocked(): Promise<void> {
-    await this.execGit(["config", "user.name", "Vellum Assistant"]);
-    await this.execGit(["config", "user.email", "assistant@vellum.ai"]);
+    const gitName = process.env.ASSISTANT_GIT_USER_NAME || "Vellum Assistant";
+    const gitEmail =
+      process.env.ASSISTANT_GIT_USER_EMAIL || "assistant@vellum.ai";
+    await this.execGit(["config", "user.name", gitName]);
+    await this.execGit(["config", "user.email", gitEmail]);
   }
 
   /**

package/src/workspace/migrations/001-avatar-rename.ts

@@ -22,4 +22,19 @@ export const avatarRenameMigration: WorkspaceMigration = {
       renameSync(oldTraits, newTraits);
     }
   },
+  down(workspaceDir: string): void {
+    const avatarDir = join(workspaceDir, "data", "avatar");
+
+    const newImage = join(avatarDir, "avatar-image.png");
+    const oldImage = join(avatarDir, "custom-avatar.png");
+    if (existsSync(newImage) && !existsSync(oldImage)) {
+      renameSync(newImage, oldImage);
+    }
+
+    const newTraits = join(avatarDir, "character-traits.json");
+    const oldTraits = join(avatarDir, "avatar-components.json");
+    if (existsSync(newTraits) && !existsSync(oldTraits)) {
+      renameSync(newTraits, oldTraits);
+    }
+  },
 };

package/src/workspace/migrations/003-seed-device-id.ts

@@ -1,4 +1,10 @@
-import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import {
+  existsSync,
+  mkdirSync,
+  readFileSync,
+  unlinkSync,
+  writeFileSync,
+} from "node:fs";
 import { join } from "node:path";
 
 import { getDeviceIdBaseDir } from "../../util/device-id.js";
@@ -97,4 +103,14 @@ export const seedDeviceIdMigration: WorkspaceMigration = {
       // Best-effort — getDeviceId() will generate a new one if this fails.
     }
   },
+  down(_workspaceDir: string): void {
+    // The forward migration seeds deviceId in ~/.vellum/device.json from the
+    // lockfile. Reverse by removing device.json entirely — getDeviceId() will
+    // generate a fresh one on next startup if needed.
+    const base = getDeviceIdBaseDir();
+    const devicePath = join(base, ".vellum", "device.json");
+    if (existsSync(devicePath)) {
+      unlinkSync(devicePath);
+    }
+  },
 };

package/src/workspace/migrations/004-extract-collect-usage-data.ts

@@ -45,6 +45,39 @@ export const extractCollectUsageDataMigration: WorkspaceMigration = {
       delete config.assistantFeatureFlagValues;
     }
 
+    writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
+  },
+  down(workspaceDir: string): void {
+    const configPath = join(workspaceDir, "config.json");
+    if (!existsSync(configPath)) return;
+
+    let config: Record<string, unknown>;
+    try {
+      const raw = JSON.parse(readFileSync(configPath, "utf-8"));
+      if (!raw || typeof raw !== "object" || Array.isArray(raw)) return;
+      config = raw as Record<string, unknown>;
+    } catch {
+      return;
+    }
+
+    // Only reverse if collectUsageData was explicitly set to false
+    // (the forward migration only persisted false).
+    if (!("collectUsageData" in config)) return;
+    const value = config.collectUsageData;
+    if (typeof value !== "boolean") return;
+
+    // Restore the feature flag value
+    const FLAG_KEY = "feature_flags.collect-usage-data.enabled";
+    const flagValues = (config.assistantFeatureFlagValues ?? {}) as Record<
+      string,
+      unknown
+    >;
+    flagValues[FLAG_KEY] = value;
+    config.assistantFeatureFlagValues = flagValues;
+
+    // Remove the extracted top-level key
+    delete config.collectUsageData;
+
     writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
   },
 };

package/src/workspace/migrations/005-add-send-diagnostics.ts

@@ -9,4 +9,7 @@ export const addSendDiagnosticsMigration: WorkspaceMigration = {
     // will sync the UserDefaults value on first startup. This migration exists
     // as a checkpoint marker for future reference.
   },
+  down(_workspaceDir: string): void {
+    // No-op — the forward migration is a checkpoint marker with no data changes.
+  },
 };

package/src/workspace/migrations/006-services-config.ts

@@ -132,6 +132,55 @@ export const servicesConfigMigration: WorkspaceMigration = {
     delete config.imageGenModel;
     delete config.webSearchProvider;
 
+    writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
+  },
+  down(workspaceDir: string): void {
+    const configPath = join(workspaceDir, "config.json");
+    if (!existsSync(configPath)) return;
+
+    let config: Record<string, unknown>;
+    try {
+      const raw = JSON.parse(readFileSync(configPath, "utf-8"));
+      if (!raw || typeof raw !== "object" || Array.isArray(raw)) return;
+      config = raw as Record<string, unknown>;
+    } catch {
+      return;
+    }
+
+    const services = config.services;
+    if (!services || typeof services !== "object" || Array.isArray(services))
+      return;
+
+    const svc = services as Record<string, Record<string, unknown>>;
+
+    // Extract inference provider and model back to top-level fields.
+    // Note: inferenceMode is lost in this rollback — the original config did
+    // not store a mode field. This is an accepted lossy reversal.
+    if (svc.inference) {
+      if (typeof svc.inference.provider === "string") {
+        config.provider = svc.inference.provider;
+      }
+      if (typeof svc.inference.model === "string") {
+        config.model = svc.inference.model;
+      }
+    }
+
+    // Extract image generation model back to top-level
+    if (svc["image-generation"]) {
+      if (typeof svc["image-generation"].model === "string") {
+        config.imageGenModel = svc["image-generation"].model;
+      }
+    }
+
+    // Extract web search provider back to top-level
+    if (svc["web-search"]) {
+      if (typeof svc["web-search"].provider === "string") {
+        config.webSearchProvider = svc["web-search"].provider;
+      }
+    }
+
+    delete config.services;
+
     writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
   },
 };

package/src/workspace/migrations/007-web-search-provider-rename.ts

@@ -34,4 +34,31 @@ export const webSearchProviderRenameMigration: WorkspaceMigration = {
     ws.provider = "inference-provider-native";
     writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
   },
+  down(workspaceDir: string): void {
+    const configPath = join(workspaceDir, "config.json");
+    if (!existsSync(configPath)) return;
+
+    let config: Record<string, unknown>;
+    try {
+      const raw = JSON.parse(readFileSync(configPath, "utf-8"));
+      if (!raw || typeof raw !== "object" || Array.isArray(raw)) return;
+      config = raw as Record<string, unknown>;
+    } catch {
+      return;
+    }
+
+    const services = config.services;
+    if (!services || typeof services !== "object" || Array.isArray(services))
+      return;
+
+    const webSearch = (services as Record<string, unknown>)["web-search"];
+    if (!webSearch || typeof webSearch !== "object" || Array.isArray(webSearch))
+      return;
+
+    const ws = webSearch as Record<string, unknown>;
+    if (ws.provider !== "inference-provider-native") return;
+
+    ws.provider = "anthropic-native";
+    writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n");
+  },
 };

package/src/workspace/migrations/008-voice-timeout-and-max-steps.ts

@@ -9,4 +9,7 @@ export const voiceTimeoutAndMaxStepsMigration: WorkspaceMigration = {
     // Existing users: macOS client will sync UserDefaults values
     // to config on next startup via settings sync endpoints.
   },
+  down(_workspaceDir: string): void {
+    // No-op — the forward migration is a checkpoint marker with no data changes.
+  },
 };

package/src/workspace/migrations/009-backfill-conversation-disk-view.ts

@@ -7,4 +7,8 @@ export const backfillConversationDiskViewMigration: WorkspaceMigration = {
   run(_workspaceDir: string): void {
     rebuildConversationDiskViewFromDb();
   },
+  // No-op: the disk view is a derived cache that can be regenerated from the
+  // database at any time. Removing it would only cause unnecessary I/O churn
+  // since the next forward migration (or startup rebuild) will recreate it.
+  down(_workspaceDir: string): void {},
 };

package/src/workspace/migrations/010-app-dir-rename.ts

@@ -76,6 +76,84 @@ export const appDirRenameMigration: WorkspaceMigration = {
   description:
     "Rename UUID-based app directories and files to human-readable slugified names",
 
+  down(workspaceDir: string): void {
+    const appsDir = join(workspaceDir, "data", "apps");
+    if (!existsSync(appsDir)) return;
+
+    const jsonFiles = readdirSync(appsDir)
+      .filter((f) => f.endsWith(".json"))
+      .sort();
+
+    if (jsonFiles.length === 0) return;
+
+    for (const jsonFile of jsonFiles) {
+      const jsonPath = join(appsDir, jsonFile);
+      let raw: string;
+      try {
+        raw = readFileSync(jsonPath, "utf-8");
+      } catch {
+        continue;
+      }
+
+      let parsed: {
+        id?: string;
+        name?: string;
+        dirName?: string;
+      };
+      try {
+        parsed = JSON.parse(raw);
+      } catch {
+        continue;
+      }
+
+      const appId = parsed.id;
+      if (!appId || !parsed.dirName || !isValidDirName(parsed.dirName)) {
+        continue;
+      }
+
+      const dirName = parsed.dirName;
+
+      // 1. Rename the app directory: {dirName}/ -> {appId}/
+      const slugDir = join(appsDir, dirName);
+      const uuidDir = join(appsDir, appId);
+      if (existsSync(slugDir) && !existsSync(uuidDir) && slugDir !== uuidDir) {
+        renameSync(slugDir, uuidDir);
+      }
+
+      // 2. Rename the preview file: {dirName}.preview -> {appId}.preview
+      const slugPreview = join(appsDir, `${dirName}.preview`);
+      const uuidPreview = join(appsDir, `${appId}.preview`);
+      if (
+        existsSync(slugPreview) &&
+        !existsSync(uuidPreview) &&
+        slugPreview !== uuidPreview
+      ) {
+        renameSync(slugPreview, uuidPreview);
+      }
+
+      // 3. Remove dirName from JSON and rename file: {dirName}.json -> {appId}.json
+      const updatedParsed = { ...parsed };
+      delete updatedParsed.dirName;
+      const updatedJson = JSON.stringify(updatedParsed, null, 2);
+
+      const uuidJsonFile = `${appId}.json`;
+      const uuidJsonPath = join(appsDir, uuidJsonFile);
+
+      if (jsonFile !== uuidJsonFile) {
+        writeFileSync(uuidJsonPath, updatedJson, "utf-8");
+        if (existsSync(jsonPath) && jsonPath !== uuidJsonPath) {
+          try {
+            unlinkSync(jsonPath);
+          } catch {
+            // Old file cleanup is best-effort
+          }
+        }
+      } else {
+        writeFileSync(uuidJsonPath, updatedJson, "utf-8");
+      }
+    }
+  },
+
   run(workspaceDir: string): void {
     const appsDir = join(workspaceDir, "data", "apps");
     if (!existsSync(appsDir)) return;

package/src/workspace/migrations/011-backfill-installation-id.ts

@@ -14,6 +14,17 @@ export const backfillInstallationIdMigration: WorkspaceMigration = {
   id: "011-backfill-installation-id",
   description:
     "Backfill installationId into lockfile from SQLite checkpoint and clean up stale row",
+
+  down(_workspaceDir: string): void {
+    // The forward migration moved an installationId from a SQLite checkpoint
+    // into the lockfile entry. Rolling back by removing installationId from
+    // the lockfile would break telemetry continuity and the field is harmless
+    // to leave in place. The SQLite checkpoint was already deleted and
+    // cannot be restored.
+    //
+    // No-op: leaving installationId in the lockfile is safe and non-disruptive.
+  },
+
   run(_workspaceDir: string): void {
     // a. Read existing installation ID from SQLite, or generate a new one.
     //    On fresh installs the memory_checkpoints table may not exist yet,