@vellumai/assistant 0.5.9 → 0.5.10

package/src/workspace/migrations/016-migrate-credentials-from-keychain.ts

@@ -1,150 +1,12 @@
-import { getLogger } from "../../util/logger.js";
 import type { WorkspaceMigration } from "./types.js";
 
-const log = getLogger("workspace-migrations");
-
-const BROKER_WAIT_INTERVAL_MS = 500;
-const BROKER_WAIT_MAX_ATTEMPTS = 10; // 5 seconds total
-
+/**
+ * Originally migrated credentials from macOS Keychain back to encrypted store.
+ * No-op'd for the same reasons as migration 015 — see that file for details.
+ */
 export const migrateCredentialsFromKeychainMigration: WorkspaceMigration = {
   id: "016-migrate-credentials-from-keychain",
-  description:
-    "Copy keychain credentials back to encrypted store for CES unification",
-
-  async down(_workspaceDir: string): Promise<void> {
-    // Reverse: copy credentials from encrypted store back to keychain.
-    // Mirrors the forward logic of 015-migrate-credentials-to-keychain.
-    if (
-      process.env.VELLUM_DESKTOP_APP !== "1" ||
-      process.env.VELLUM_DEV === "1"
-    ) {
-      return;
-    }
-
-    const { createBrokerClient } =
-      await import("../../security/keychain-broker-client.js");
-    const client = createBrokerClient();
-
-    let brokerAvailable = false;
-    for (let i = 0; i < BROKER_WAIT_MAX_ATTEMPTS; i++) {
-      if (client.isAvailable()) {
-        brokerAvailable = true;
-        break;
-      }
-      await new Promise((r) => setTimeout(r, BROKER_WAIT_INTERVAL_MS));
-    }
-
-    if (!brokerAvailable) {
-      throw new Error(
-        "Keychain broker not available after waiting — credential rollback " +
-          "will be retried on next startup",
-      );
-    }
-
-    const { listKeys, getKey, deleteKey } =
-      await import("../../security/encrypted-store.js");
-
-    const accounts = listKeys();
-    if (accounts.length === 0) return;
-
-    let rolledBackCount = 0;
-    let failedCount = 0;
-
-    for (const account of accounts) {
-      const value = getKey(account);
-      if (value === undefined) {
-        log.warn(
-          { account },
-          "Failed to read key from encrypted store during rollback — skipping",
-        );
-        failedCount++;
-        continue;
-      }
-
-      const result = await client.set(account, value);
-      if (result.status === "ok") {
-        deleteKey(account);
-        rolledBackCount++;
-      } else {
-        log.warn(
-          { account, status: result.status },
-          "Failed to write key to keychain during rollback — skipping",
-        );
-        failedCount++;
-      }
-    }
-
-    log.info(
-      { rolledBackCount, failedCount },
-      "Credential rollback from encrypted store to keychain complete",
-    );
-  },
-
-  async run(_workspaceDir: string): Promise<void> {
-    // Only run on mac production builds (desktop app, non-dev).
-    if (
-      process.env.VELLUM_DESKTOP_APP !== "1" ||
-      process.env.VELLUM_DEV === "1"
-    ) {
-      return;
-    }
-
-    const { createBrokerClient } =
-      await import("../../security/keychain-broker-client.js");
-    const client = createBrokerClient();
-
-    // Wait for the broker to become available (up to 5 seconds), matching
-    // the retry strategy in secure-keys.ts waitForBrokerAvailability().
-    let brokerAvailable = false;
-    for (let i = 0; i < BROKER_WAIT_MAX_ATTEMPTS; i++) {
-      if (client.isAvailable()) {
-        brokerAvailable = true;
-        break;
-      }
-      await new Promise((r) => setTimeout(r, BROKER_WAIT_INTERVAL_MS));
-    }
-
-    if (!brokerAvailable) {
-      throw new Error(
-        "Keychain broker not available after waiting — credential migration " +
-          "will be retried on next startup",
-      );
-    }
-
-    const { setKey } = await import("../../security/encrypted-store.js");
-
-    const accounts = await client.list();
-    if (accounts.length === 0) {
-      return;
-    }
-
-    let migratedCount = 0;
-    let failedCount = 0;
-
-    for (const account of accounts) {
-      const result = await client.get(account);
-      if (!result || !result.found || result.value === undefined) {
-        log.warn({ account }, "Failed to read key from keychain — skipping");
-        failedCount++;
-        continue;
-      }
-
-      const written = setKey(account, result.value);
-      if (written) {
-        await client.del(account);
-        migratedCount++;
-      } else {
-        log.warn(
-          { account },
-          "Failed to write key to encrypted store — skipping",
-        );
-        failedCount++;
-      }
-    }
-
-    log.info(
-      { migratedCount, failedCount },
-      "Credential migration from keychain complete",
-    );
-  },
+  description: "No-op (keychain migration removed)",
+  async run(): Promise<void> {},
+  async down(): Promise<void> {},
 };

package/src/workspace/migrations/AGENTS.md

@@ -0,0 +1,11 @@
+# Workspace Migrations — Agent Instructions
+
+## Self-Containment
+
+Each migration file must be **fully self-contained**. All helper functions, constants, and utilities that a migration needs must be defined inline within the migration file itself — not imported from shared modules outside of `./types.js` and the logger.
+
+- **No external exports.** Migration files must not export anything other than the single `WorkspaceMigration` object. Other code must never import from a migration file.
+- **Duplicate rather than share.** If two migrations need the same helper, duplicate it in both files. Migrations are write-once code — they run once per assistant and are never modified after release. Duplication is preferable to coupling.
+- **Allowed imports:** `./types.js` (for the `WorkspaceMigration` interface) and `../../util/logger.js` (for structured logging). All other dependencies should be inlined.
+- **Graceful on all platforms.** Migrations run on macOS, Linux, and in Docker. Platform-specific operations must no-op gracefully on unsupported platforms — never throw.
+- **Idempotent.** Migrations must be safe to re-run if interrupted. The runner checkpoints state as `"started"` before execution and `"completed"` after, so a crash mid-migration triggers a re-run on next startup.

package/src/workspace/migrations/runner.ts

@@ -3,7 +3,7 @@ import { dirname, join } from "node:path";
 
 import { ensureDir, readTextFileSync } from "../../util/fs.js";
 import { getLogger } from "../../util/logger.js";
-import type { WorkspaceMigration } from "./types.js";
+import type { WorkspaceMigration, WorkspaceMigrationStatus } from "./types.js";
 
 const log = getLogger("workspace-migrations");
 
@@ -16,7 +16,7 @@ export function getLastWorkspaceMigrationId(
 export type CheckpointFile = {
   applied: Record<
     string,
-    { appliedAt: string; status?: "started" | "completed" | "rolling_back" }
+    { appliedAt: string; status?: WorkspaceMigrationStatus }
   >;
 };
 
@@ -108,9 +108,14 @@ export async function runWorkspaceMigrations(
     } catch (error) {
       log.error(
         { migrationId: migration.id, error },
-        `Workspace migration failed: ${migration.id}`,
+        `Workspace migration failed: ${migration.id} — marking as failed and continuing`,
       );
-      throw error;
+      checkpoints.applied[migration.id] = {
+        appliedAt: new Date().toISOString(),
+        status: "failed",
+      };
+      saveCheckpoints(workspaceDir, checkpoints);
+      continue;
     }
 
     // Mark as completed
@@ -207,9 +212,14 @@ export async function rollbackWorkspaceMigrations(
     } catch (error) {
       log.error(
         { migrationId: migration.id, error },
-        `Workspace migration rollback failed: ${migration.id}`,
+        `Workspace migration rollback failed: ${migration.id} — marking as failed and continuing`,
       );
-      throw error;
+      checkpoints.applied[migration.id] = {
+        appliedAt: checkpoints.applied[migration.id]!.appliedAt,
+        status: "failed",
+      };
+      saveCheckpoints(workspaceDir, checkpoints);
+      continue;
     }
 
     // Remove the migration entry from checkpoints

package/src/workspace/migrations/types.ts

@@ -13,3 +13,10 @@ export interface WorkspaceMigration {
    *  Both synchronous and asynchronous rollbacks are supported. */
   down(workspaceDir: string): void | Promise<void>;
 }
+
+/** Checkpoint status values for workspace migration tracking. */
+export type WorkspaceMigrationStatus =
+  | "started"
+  | "completed"
+  | "rolling_back"
+  | "failed";