@vellumai/assistant 0.5.7 → 0.5.9

package/src/__tests__/conversation-runtime-assembly.test.ts

@@ -11,6 +11,7 @@ import {
   injectChannelCapabilityContext,
   injectChannelCommandContext,
   injectInboundActorContext,
+  injectNowScratchpad,
   injectTemporalContext,
   injectTurnContext,
   isGroupChatType,
@@ -18,6 +19,8 @@ import {
   stripChannelCapabilityContext,
   stripChannelTurnContext,
   stripInboundActorContext,
+  stripInjectedContext,
+  stripNowScratchpad,
   stripTemporalContext,
 } from "../daemon/conversation-runtime-assembly.js";
 import type { Message } from "../providers/types.js";
@@ -1318,6 +1321,7 @@ describe("applyRuntimeInjections — injection mode", () => {
       canonicalActorIdentity: "user-1",
       trustClass: "guardian",
     } as InboundActorContext,
+    nowScratchpad: "Current focus: shipping PR 3",
     isNonInteractive: true,
   };
 
@@ -1337,6 +1341,7 @@ describe("applyRuntimeInjections — injection mode", () => {
     expect(allText).toContain("<turn_context>");
     expect(allText).toContain("<inbound_actor_context>");
     expect(allText).toContain("<non_interactive_context>");
+    expect(allText).toContain("<now_scratchpad>");
   });
 
   test("explicit mode: 'full' behaves the same as default", () => {
@@ -1353,6 +1358,7 @@ describe("applyRuntimeInjections — injection mode", () => {
     expect(allText).toContain("<temporal_context>");
     expect(allText).toContain("<channel_command_context>");
     expect(allText).toContain("<active_workspace>");
+    expect(allText).toContain("<now_scratchpad>");
   });
 
   test("minimal mode skips high-token optional blocks", () => {
@@ -1370,6 +1376,7 @@ describe("applyRuntimeInjections — injection mode", () => {
     expect(allText).not.toContain("<temporal_context>");
     expect(allText).not.toContain("<channel_command_context>");
     expect(allText).not.toContain("<active_workspace>");
+    expect(allText).not.toContain("<now_scratchpad>");
   });
 
   test("minimal mode preserves safety-critical blocks", () => {
@@ -1417,3 +1424,223 @@ describe("applyRuntimeInjections — injection mode", () => {
     expect(texts).toContain("Hello");
   });
 });
+
+// ---------------------------------------------------------------------------
+// injectNowScratchpad
+// ---------------------------------------------------------------------------
+
+describe("injectNowScratchpad", () => {
+  const baseUserMessage: Message = {
+    role: "user",
+    content: [{ type: "text", text: "What should I work on?" }],
+  };
+
+  test("appends now_scratchpad block to user message", () => {
+    const result = injectNowScratchpad(
+      baseUserMessage,
+      "Current focus: shipping PR 3",
+    );
+    expect(result.content.length).toBe(2);
+    // Original content comes first
+    expect((result.content[0] as { type: "text"; text: string }).text).toBe(
+      "What should I work on?",
+    );
+    // Scratchpad is appended (not prepended)
+    const injected = result.content[1];
+    expect(injected.type).toBe("text");
+    const text = (injected as { type: "text"; text: string }).text;
+    expect(text).toBe(
+      "<now_scratchpad>\nCurrent focus: shipping PR 3\n</now_scratchpad>",
+    );
+  });
+
+  test("preserves existing multi-block content and appends at end", () => {
+    const multiBlockMessage: Message = {
+      role: "user",
+      content: [
+        { type: "text", text: "First block" },
+        { type: "text", text: "Second block" },
+      ],
+    };
+
+    const result = injectNowScratchpad(multiBlockMessage, "scratchpad notes");
+    expect(result.content.length).toBe(3);
+    expect((result.content[0] as { type: "text"; text: string }).text).toBe(
+      "First block",
+    );
+    expect((result.content[1] as { type: "text"; text: string }).text).toBe(
+      "Second block",
+    );
+    expect(
+      (result.content[2] as { type: "text"; text: string }).text,
+    ).toContain("<now_scratchpad>");
+  });
+});
+
+// ---------------------------------------------------------------------------
+// stripNowScratchpad
+// ---------------------------------------------------------------------------
+
+describe("stripNowScratchpad", () => {
+  test("strips now_scratchpad blocks from user messages", () => {
+    const messages: Message[] = [
+      {
+        role: "user",
+        content: [
+          { type: "text", text: "Hello" },
+          {
+            type: "text",
+            text: "<now_scratchpad>\nSome notes\n</now_scratchpad>",
+          },
+        ],
+      },
+      {
+        role: "assistant",
+        content: [{ type: "text", text: "Hi there" }],
+      },
+    ];
+
+    const result = stripNowScratchpad(messages);
+
+    expect(result.length).toBe(2);
+    expect(result[0].content.length).toBe(1);
+    expect((result[0].content[0] as { type: "text"; text: string }).text).toBe(
+      "Hello",
+    );
+    // Assistant message untouched
+    expect(result[1].content.length).toBe(1);
+  });
+
+  test("removes user messages that only contain now_scratchpad", () => {
+    const messages: Message[] = [
+      {
+        role: "user",
+        content: [
+          {
+            type: "text",
+            text: "<now_scratchpad>\nSome notes\n</now_scratchpad>",
+          },
+        ],
+      },
+    ];
+
+    const result = stripNowScratchpad(messages);
+    expect(result.length).toBe(0);
+  });
+
+  test("leaves messages without now_scratchpad untouched", () => {
+    const messages: Message[] = [
+      {
+        role: "user",
+        content: [{ type: "text", text: "Normal message" }],
+      },
+    ];
+
+    const result = stripNowScratchpad(messages);
+    expect(result.length).toBe(1);
+    expect(result[0]).toBe(messages[0]); // Same reference — untouched
+  });
+});
+
+// ---------------------------------------------------------------------------
+// stripInjectedContext removes now_scratchpad blocks
+// ---------------------------------------------------------------------------
+
+describe("stripInjectedContext with now_scratchpad", () => {
+  test("strips now_scratchpad blocks alongside other injections", () => {
+    const messages: Message[] = [
+      {
+        role: "user",
+        content: [
+          {
+            type: "text",
+            text: "<channel_capabilities>\nchannel: telegram\n</channel_capabilities>",
+          },
+          { type: "text", text: "Hello" },
+          {
+            type: "text",
+            text: "<now_scratchpad>\nCurrent focus\n</now_scratchpad>",
+          },
+        ],
+      },
+    ];
+
+    const result = stripInjectedContext(messages);
+    expect(result.length).toBe(1);
+    expect(result[0].content.length).toBe(1);
+    expect((result[0].content[0] as { type: "text"; text: string }).text).toBe(
+      "Hello",
+    );
+  });
+});
+
+// ---------------------------------------------------------------------------
+// applyRuntimeInjections with nowScratchpad
+// ---------------------------------------------------------------------------
+
+describe("applyRuntimeInjections with nowScratchpad", () => {
+  const baseMessages: Message[] = [
+    {
+      role: "user",
+      content: [{ type: "text", text: "What should I do?" }],
+    },
+  ];
+
+  test("injects now_scratchpad block when provided", () => {
+    const result = applyRuntimeInjections(baseMessages, {
+      nowScratchpad: "Current focus: fix the bug",
+    });
+
+    expect(result.length).toBe(1);
+    expect(result[0].content.length).toBe(2);
+    const injected = result[0].content[1];
+    const text = (injected as { type: "text"; text: string }).text;
+    expect(text).toContain("<now_scratchpad>");
+    expect(text).toContain("Current focus: fix the bug");
+  });
+
+  test("appended block appears after user's original text content", () => {
+    const result = applyRuntimeInjections(baseMessages, {
+      nowScratchpad: "scratchpad notes",
+    });
+
+    // Original text is first
+    expect(
+      (result[0].content[0] as { type: "text"; text: string }).text,
+    ).toBe("What should I do?");
+    // Scratchpad is appended after
+    expect(
+      (result[0].content[1] as { type: "text"; text: string }).text,
+    ).toContain("<now_scratchpad>");
+  });
+
+  test("does not inject when nowScratchpad is null", () => {
+    const result = applyRuntimeInjections(baseMessages, {
+      nowScratchpad: null,
+    });
+
+    expect(result.length).toBe(1);
+    expect(result[0].content.length).toBe(1);
+  });
+
+  test("does not inject when nowScratchpad is omitted", () => {
+    const result = applyRuntimeInjections(baseMessages, {});
+
+    expect(result.length).toBe(1);
+    expect(result[0].content.length).toBe(1);
+  });
+
+  test("skipped in minimal mode", () => {
+    const result = applyRuntimeInjections(baseMessages, {
+      nowScratchpad: "Current focus: fix the bug",
+      mode: "minimal",
+    });
+
+    const allText = result[0].content
+      .filter((b): b is { type: "text"; text: string } => b.type === "text")
+      .map((b) => b.text)
+      .join("\n");
+
+    expect(allText).not.toContain("<now_scratchpad>");
+  });
+});

package/src/__tests__/conversation-slash-queue.test.ts

@@ -130,7 +130,6 @@ mock.module("../memory/retriever.js", () => ({
     injectedText: "",
 
     semanticHits: 0,
-    recencyHits: 0,
     injectedTokens: 0,
     latencyMs: 0,
   }),

package/src/__tests__/conversation-slash-unknown.test.ts

@@ -137,7 +137,6 @@ mock.module("../memory/retriever.js", () => ({
     injectedText: "",
 
     semanticHits: 0,
-    recencyHits: 0,
     injectedTokens: 0,
     latencyMs: 0,
   }),

package/src/__tests__/conversation-workspace-injection.test.ts

@@ -149,7 +149,6 @@ mock.module("../memory/retriever.js", () => ({
     model: "mock",
     injectedText: "",
     semanticHits: 0,
-    recencyHits: 0,
     mergedCount: 0,
     selectedCount: 0,
     injectedTokens: 0,

package/src/__tests__/conversation-workspace-tool-tracking.test.ts

@@ -145,7 +145,6 @@ mock.module("../memory/retriever.js", () => ({
     model: "mock",
     injectedText: "",
     semanticHits: 0,
-    recencyHits: 0,
     mergedCount: 0,
     selectedCount: 0,
     injectedTokens: 0,

package/src/__tests__/credential-execution-client.test.ts

@@ -84,6 +84,9 @@ describe("local CES discovery", () => {
     if (result.mode === "unavailable") {
       expect(result.reason).toContain("CES executable not found");
       expect(result.mode).toBe("unavailable");
+    } else if (result.mode === "local-source") {
+      // Source entry point exists in the monorepo — verify the success shape.
+      expect(result.sourcePath).toBeTruthy();
     } else {
       // Binary exists in this environment — verify the success shape.
       expect(result.mode).toBe("local");
@@ -95,9 +98,9 @@ describe("local CES discovery", () => {
 
   test("never returns a fallback or in-process mode", () => {
     const result = discoverLocalCes();
-    // The result must be either "local" (with a valid path) or "unavailable".
+    // The result must be "local", "local-source", or "unavailable".
     // There must never be a fallback mode like "in-process" or "degraded".
-    expect(["local", "unavailable"]).toContain(result.mode);
+    expect(["local", "local-source", "unavailable"]).toContain(result.mode);
   });
 });
 

package/src/__tests__/credential-execution-feature-gates.test.ts

@@ -2,8 +2,8 @@
  * Tests for CES (Credential Execution Service) feature gates.
  *
  * Verifies:
- * - All CES flags default to disabled (safe dark-launch).
- * - Each flag can be enabled independently via config overrides.
+ * - Each CES flag defaults to its registry-declared value.
+ * - Each flag can be toggled independently via config overrides.
  * - Enabling CES flags does not implicitly change unrelated approval
  *   behavior or existing feature flags.
  */
@@ -54,28 +54,37 @@ const ALL_CES_FLAG_KEYS = [
   CES_MANAGED_SIDECAR_FLAG_KEY,
 ] as const;
 
-/** All CES predicate functions paired with their flag keys. */
+/** All CES predicate functions paired with their flag keys and expected defaults. */
 const ALL_CES_PREDICATES = [
-  { name: "isCesToolsEnabled", fn: isCesToolsEnabled, key: CES_TOOLS_FLAG_KEY },
+  {
+    name: "isCesToolsEnabled",
+    fn: isCesToolsEnabled,
+    key: CES_TOOLS_FLAG_KEY,
+    defaultEnabled: false,
+  },
   {
     name: "isCesShellLockdownEnabled",
     fn: isCesShellLockdownEnabled,
     key: CES_SHELL_LOCKDOWN_FLAG_KEY,
+    defaultEnabled: false,
   },
   {
     name: "isCesSecureInstallEnabled",
     fn: isCesSecureInstallEnabled,
     key: CES_SECURE_INSTALL_FLAG_KEY,
+    defaultEnabled: false,
   },
   {
     name: "isCesGrantAuditEnabled",
     fn: isCesGrantAuditEnabled,
     key: CES_GRANT_AUDIT_FLAG_KEY,
+    defaultEnabled: false,
   },
   {
     name: "isCesManagedSidecarEnabled",
     fn: isCesManagedSidecarEnabled,
     key: CES_MANAGED_SIDECAR_FLAG_KEY,
+    defaultEnabled: true,
   },
 ] as const;
 
@@ -92,21 +101,23 @@ describe("CES flag key format", () => {
 });
 
 // ---------------------------------------------------------------------------
-// Default-safe: all CES flags disabled by default
+// Defaults: each CES flag matches its registry-declared default
 // ---------------------------------------------------------------------------
 
-describe("CES flags default safely (all disabled)", () => {
-  for (const { name, fn } of ALL_CES_PREDICATES) {
-    test(`${name} returns false with no config overrides`, () => {
+describe("CES flags match registry defaults", () => {
+  for (const { name, fn, defaultEnabled } of ALL_CES_PREDICATES) {
+    test(`${name} returns ${defaultEnabled} with no config overrides`, () => {
       const config = makeConfig();
-      expect(fn(config)).toBe(false);
+      expect(fn(config)).toBe(defaultEnabled);
     });
   }
 
-  for (const key of ALL_CES_FLAG_KEYS) {
-    test(`isAssistantFeatureFlagEnabled('${key}') returns false with no overrides`, () => {
+  for (const pred of ALL_CES_PREDICATES) {
+    test(`isAssistantFeatureFlagEnabled('${pred.key}') returns ${pred.defaultEnabled} with no overrides`, () => {
       const config = makeConfig();
-      expect(isAssistantFeatureFlagEnabled(key, config)).toBe(false);
+      expect(isAssistantFeatureFlagEnabled(pred.key, config)).toBe(
+        pred.defaultEnabled,
+      );
     });
   }
 });
@@ -115,7 +126,7 @@ describe("CES flags default safely (all disabled)", () => {
 // Independent enablement: each flag can be enabled without affecting others
 // ---------------------------------------------------------------------------
 
-describe("CES flags can be enabled independently", () => {
+describe("CES flags can be toggled independently", () => {
   for (const { name, fn, key } of ALL_CES_PREDICATES) {
     test(`enabling ${key} makes ${name} return true`, () => {
       _setOverridesForTesting({ [key]: true });
@@ -123,12 +134,16 @@ describe("CES flags can be enabled independently", () => {
       expect(fn(config)).toBe(true);
     });
 
-    test(`enabling ${key} does not enable other CES flags`, () => {
+    test(`enabling ${key} does not change other CES flags from their defaults`, () => {
       _setOverridesForTesting({ [key]: true });
       const config = makeConfig();
-      for (const { fn: otherFn, key: otherKey } of ALL_CES_PREDICATES) {
+      for (const {
+        fn: otherFn,
+        key: otherKey,
+        defaultEnabled,
+      } of ALL_CES_PREDICATES) {
         if (otherKey === key) continue;
-        expect(otherFn(config)).toBe(false);
+        expect(otherFn(config)).toBe(defaultEnabled);
       }
     });
   }

package/src/__tests__/credential-execution-managed-contract.test.ts

@@ -446,9 +446,9 @@ describe("managed OAuth materialization through CES sidecar", () => {
 // ---------------------------------------------------------------------------
 
 describe("feature-flag rollback safety", () => {
-  test("managed sidecar flag defaults to false (safe dark-launch)", () => {
+  test("managed sidecar flag defaults to true (enabled by default)", () => {
     const config = makeConfig();
-    expect(isCesManagedSidecarEnabled(config)).toBe(false);
+    expect(isCesManagedSidecarEnabled(config)).toBe(true);
   });
 
   test("managed sidecar flag can be explicitly enabled", () => {

package/src/__tests__/credential-security-e2e.test.ts

@@ -66,7 +66,7 @@ mock.module("../security/secure-keys.js", () => {
     setSecureKeyAsync: async (key: string, value: string) =>
       syncSet(key, value),
     deleteSecureKeyAsync: async (key: string) => syncDelete(key),
-    listSecureKeysAsync: async () => [...storedKeys.keys()],
+    listSecureKeysAsync: async () => ({ accounts: [...storedKeys.keys()], unreachable: false }),
   };
 });
 

package/src/__tests__/credential-security-invariants.test.ts

@@ -180,8 +180,7 @@ describe("Invariant 2: no generic plaintext secret read API", () => {
       "calls/twilio-rest.ts", // Twilio REST API credential lookup
       "calls/fish-audio-client.ts", // Fish Audio TTS API key lookup
       "runtime/channel-invite-transports/telegram.ts", // Telegram invite transport bot token lookup
-      "cli/commands/keys.ts", // CLI credential management commands
-      "cli/commands/credentials.ts", // CLI credential management commands
+      "cli/lib/daemon-credential-client.ts", // CLI-to-daemon credential routing intermediary
       "messaging/providers/telegram-bot/adapter.ts", // Telegram bot token lookup for connectivity check
       "runtime/channel-readiness-service.ts", // channel readiness probes for Telegram connectivity
       "messaging/providers/whatsapp/adapter.ts", // WhatsApp credential lookup for connectivity check
@@ -198,9 +197,7 @@ describe("Invariant 2: no generic plaintext secret read API", () => {
       "daemon/conversation-messaging.ts", // credential storage during session messaging
       "runtime/routes/settings-routes.ts", // settings routes OAuth credential lookup (client_secret)
       "oauth/oauth-store.ts", // OAuth provider disconnect (delete stored tokens)
-      "cli/commands/oauth/connections.ts", // CLI OAuth connection delete (legacy credential cleanup)
       "oauth/manual-token-connection.ts", // manual-token provider backfill (keychain credential existence check)
-      "cli/commands/doctor.ts", // CLI diagnostic API key verification via secure storage
       "workspace/provider-commit-message-generator.ts", // commit message generation provider key lookup
       "config/bundled-skills/transcribe/tools/transcribe-media.ts", // transcription tool API key lookup
       "config/bundled-skills/image-studio/tools/media-generate-image.ts", // image generation tool API key lookup
@@ -213,7 +210,7 @@ describe("Invariant 2: no generic plaintext secret read API", () => {
       "memory/embedding-backend.ts", // embedding backend API key lookup
       "daemon/providers-setup.ts", // provider initialization API key lookup
       "workspace/migrations/006-services-config.ts", // services config migration reads provider API keys
-      "cli/commands/avatar.ts", // CLI avatar generation API key lookup
+      "workspace/migrations/018-rekey-compound-credential-keys.ts", // re-key compound credential storage keys
       "config/bundled-skills/slack/tools/shared.ts", // Slack skill bot token lookup
       "daemon/conversation-process.ts", // masked provider key display
       "daemon/handlers/config-model.ts", // masked provider key display

package/src/__tests__/credentials-cli.test.ts

@@ -40,9 +40,10 @@ mock.module("../security/secure-keys.js", () => ({
     }
     return "not-found";
   },
-  listSecureKeysAsync: async (): Promise<string[]> => {
-    return [...secureKeyStore.keys()];
-  },
+  listSecureKeysAsync: async () => ({
+    accounts: [...secureKeyStore.keys()],
+    unreachable: false,
+  }),
   getSecureKeyAsync: async (account: string): Promise<string | undefined> => {
     return secureKeyStore.get(account);
   },

package/src/__tests__/daemon-credential-client.test.ts

@@ -0,0 +1,123 @@
+import { afterEach, beforeEach, describe, expect, mock, test } from "bun:test";
+
+import { credentialKey } from "../security/credential-key.js";
+
+let fallbackValues = new Map<string, string>();
+
+mock.module("../config/env.js", () => ({
+  getRuntimeHttpHost: () => "127.0.0.1",
+  getRuntimeHttpPort: () => 4123,
+}));
+
+mock.module("../daemon/daemon-control.js", () => ({
+  healthCheckHost: (host: string) => host,
+  isHttpHealthy: async () => true,
+}));
+
+mock.module("../runtime/auth/token-service.js", () => ({
+  initAuthSigningKey: () => {},
+  loadOrCreateSigningKey: () => "signing-key",
+  mintDaemonDeliveryToken: () => "daemon-token",
+}));
+
+mock.module("../security/secure-keys.js", () => ({
+  deleteSecureKeyAsync: async () => "deleted" as const,
+  getSecureKeyAsync: async (account: string) => fallbackValues.get(account),
+  getSecureKeyResultAsync: async (account: string) => ({
+    value: fallbackValues.get(account),
+    unreachable: false,
+  }),
+  setSecureKeyAsync: async () => true,
+}));
+
+mock.module("../util/logger.js", () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
+}));
+
+import {
+  getSecureKeyResultViaDaemon,
+  getSecureKeyViaDaemon,
+} from "../cli/lib/daemon-credential-client.js";
+
+const originalFetch = globalThis.fetch;
+const fetchCalls: Array<{ url: string; init?: RequestInit }> = [];
+
+function getRequestBody(index = 0): Record<string, unknown> {
+  const body = fetchCalls[index]?.init?.body;
+  if (typeof body !== "string") {
+    throw new Error("Expected fetch body to be a JSON string");
+  }
+  return JSON.parse(body) as Record<string, unknown>;
+}
+
+beforeEach(() => {
+  fallbackValues = new Map();
+  fetchCalls.length = 0;
+  const mockFetch = mock(
+    async (input: string | URL | Request, init?: RequestInit) => {
+      const url =
+        typeof input === "string"
+          ? input
+          : input instanceof URL
+            ? input.toString()
+            : input.url;
+      fetchCalls.push({ url, init });
+      return new Response(
+        JSON.stringify({ found: true, value: "secret-value" }),
+        {
+          status: 200,
+          headers: { "Content-Type": "application/json" },
+        },
+      );
+    },
+  );
+  globalThis.fetch = mockFetch as unknown as typeof globalThis.fetch;
+});
+
+afterEach(() => {
+  globalThis.fetch = originalFetch;
+});
+
+describe("daemon credential read requests", () => {
+  test("keeps provider secrets on the api_key path", async () => {
+    const value = await getSecureKeyViaDaemon("openai");
+
+    expect(value).toBe("secret-value");
+    expect(fetchCalls).toHaveLength(1);
+    expect(fetchCalls[0]?.url).toBe("http://127.0.0.1:4123/v1/secrets/read");
+    expect(getRequestBody()).toEqual({
+      type: "api_key",
+      name: "openai",
+      reveal: true,
+    });
+  });
+
+  test("converts canonical credential keys into credential reads", async () => {
+    const value = await getSecureKeyViaDaemon(
+      credentialKey("vellum", "platform_base_url"),
+    );
+
+    expect(value).toBe("secret-value");
+    expect(getRequestBody()).toEqual({
+      type: "credential",
+      name: "vellum:platform_base_url",
+      reveal: true,
+    });
+  });
+
+  test("preserves compound credential service names on metadata reads", async () => {
+    const result = await getSecureKeyResultViaDaemon(
+      credentialKey("integration:google", "client_secret"),
+    );
+
+    expect(result).toEqual({ value: "secret-value", unreachable: false });
+    expect(getRequestBody()).toEqual({
+      type: "credential",
+      name: "integration:google:client_secret",
+      reveal: true,
+    });
+  });
+});

package/src/__tests__/deterministic-verification-control-plane.test.ts

@@ -128,6 +128,7 @@ describe("TwiML parameter propagation", () => {
     transcriptionProvider: "deepgram",
     ttsProvider: "google",
     voice: "en-US-Standard-A",
+    interruptSensitivity: "low",
   };
 
   test("includes verificationSessionId as Parameter when provided", () => {