@vellumai/assistant 0.5.9 → 0.5.11

package/src/__tests__/workspace-migration-016-migrate-credentials-from-keychain.test.ts

@@ -1,220 +1,19 @@
-import { beforeEach, describe, expect, mock, test } from "bun:test";
+import { describe, expect, test } from "bun:test";
 
-// ---------------------------------------------------------------------------
-// Mock state
-// ---------------------------------------------------------------------------
-
-const isAvailableFn = mock((): boolean => true);
-const brokerGetFn = mock(
-  async (
-    _account: string,
-  ): Promise<{ found: boolean; value?: string } | null> => ({
-    found: true,
-    value: "secret",
-  }),
-);
-const brokerDelFn = mock(async (_account: string): Promise<boolean> => true);
-const brokerListFn = mock(async (): Promise<string[]> => []);
-const createBrokerClientFn = mock(() => ({
-  isAvailable: isAvailableFn,
-  get: brokerGetFn,
-  del: brokerDelFn,
-  list: brokerListFn,
-}));
-
-const setKeyFn = mock(
-  (_account: string, _value: string): boolean => true,
-);
-
-// ---------------------------------------------------------------------------
-// Mock modules — before importing module under test
-//
-// The logger is mocked with a silent Proxy to suppress pino output in tests.
-// The broker client and encrypted store are mocked to control migration
-// behavior without touching real keychain or filesystem state.
-// ---------------------------------------------------------------------------
-
-mock.module("../util/logger.js", () => ({
-  getLogger: () =>
-    new Proxy({} as Record<string, unknown>, {
-      get: () => () => {},
-    }),
-}));
-
-mock.module("../security/keychain-broker-client.js", () => ({
-  createBrokerClient: createBrokerClientFn,
-}));
-
-mock.module("../security/encrypted-store.js", () => ({
-  setKey: setKeyFn,
-}));
-
-// Import after mocking
 import { migrateCredentialsFromKeychainMigration } from "../workspace/migrations/016-migrate-credentials-from-keychain.js";
 
-// ---------------------------------------------------------------------------
-// Helpers
-// ---------------------------------------------------------------------------
-
-const WORKSPACE_DIR = "/mock-home/.vellum/workspace";
-
-// ---------------------------------------------------------------------------
-// Tests
-// ---------------------------------------------------------------------------
-
 describe("016-migrate-credentials-from-keychain migration", () => {
-  beforeEach(() => {
-    isAvailableFn.mockClear();
-    brokerGetFn.mockClear();
-    brokerDelFn.mockClear();
-    brokerListFn.mockClear();
-    createBrokerClientFn.mockClear();
-    setKeyFn.mockClear();
-
-    // Defaults: mac production build
-    process.env.VELLUM_DESKTOP_APP = "1";
-    delete process.env.VELLUM_DEV;
-
-    isAvailableFn.mockReturnValue(true);
-    brokerGetFn.mockResolvedValue({ found: true, value: "secret" });
-    brokerDelFn.mockResolvedValue(true);
-    brokerListFn.mockResolvedValue([]);
-    setKeyFn.mockReturnValue(true);
-  });
-
   test("has correct migration id", () => {
     expect(migrateCredentialsFromKeychainMigration.id).toBe(
       "016-migrate-credentials-from-keychain",
     );
   });
 
-  test("skips when VELLUM_DESKTOP_APP is not set", async () => {
-    delete process.env.VELLUM_DESKTOP_APP;
-
-    await migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR);
-
-    expect(createBrokerClientFn).not.toHaveBeenCalled();
-    expect(brokerListFn).not.toHaveBeenCalled();
-  });
-
-  test("skips when VELLUM_DESKTOP_APP is not '1'", async () => {
-    process.env.VELLUM_DESKTOP_APP = "0";
-
-    await migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR);
-
-    expect(createBrokerClientFn).not.toHaveBeenCalled();
-  });
-
-  test("skips when VELLUM_DEV=1", async () => {
-    process.env.VELLUM_DEV = "1";
-
-    await migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR);
-
-    expect(createBrokerClientFn).not.toHaveBeenCalled();
-    expect(brokerListFn).not.toHaveBeenCalled();
+  test("run is a no-op", async () => {
+    await migrateCredentialsFromKeychainMigration.run("/fake");
   });
 
-  test(
-    "throws when broker is not available (skips checkpoint for retry)",
-    async () => {
-      isAvailableFn.mockReturnValue(false);
-
-      // Throwing skips the checkpoint so the migration retries on next startup
-      await expect(
-        migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR),
-      ).rejects.toThrow("Keychain broker not available after waiting");
-
-      // Should not proceed to list or migrate keys
-      expect(brokerListFn).not.toHaveBeenCalled();
-      expect(setKeyFn).not.toHaveBeenCalled();
-    },
-    { timeout: 10_000 },
-  );
-
-  test("no-ops when keychain has no accounts", async () => {
-    brokerListFn.mockResolvedValue([]);
-
-    await migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR);
-
-    expect(setKeyFn).not.toHaveBeenCalled();
-    expect(brokerDelFn).not.toHaveBeenCalled();
-  });
-
-  test("copies credentials from keychain to encrypted store and deletes from keychain", async () => {
-    brokerListFn.mockResolvedValue(["account-a", "account-b"]);
-    brokerGetFn.mockImplementation(async (account: string) => {
-      if (account === "account-a") return { found: true, value: "secret-a" };
-      if (account === "account-b") return { found: true, value: "secret-b" };
-      return null;
-    });
-    setKeyFn.mockReturnValue(true);
-
-    await migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR);
-
-    // Should have written each key to encrypted store
-    expect(setKeyFn).toHaveBeenCalledTimes(2);
-    expect(setKeyFn).toHaveBeenCalledWith("account-a", "secret-a");
-    expect(setKeyFn).toHaveBeenCalledWith("account-b", "secret-b");
-
-    // Should have deleted each key from keychain after successful migration
-    expect(brokerDelFn).toHaveBeenCalledTimes(2);
-    expect(brokerDelFn).toHaveBeenCalledWith("account-a");
-    expect(brokerDelFn).toHaveBeenCalledWith("account-b");
-  });
-
-  test("skips key when broker.get returns null", async () => {
-    brokerListFn.mockResolvedValue(["ghost-key", "real-key"]);
-    brokerGetFn.mockImplementation(async (account: string) => {
-      if (account === "ghost-key") return null;
-      if (account === "real-key") return { found: true, value: "real-secret" };
-      return null;
-    });
-
-    await migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR);
-
-    // ghost-key should not be written or deleted
-    expect(setKeyFn).not.toHaveBeenCalledWith(
-      "ghost-key",
-      expect.anything(),
-    );
-    expect(brokerDelFn).not.toHaveBeenCalledWith("ghost-key");
-
-    // real-key should be migrated
-    expect(setKeyFn).toHaveBeenCalledWith("real-key", "real-secret");
-    expect(brokerDelFn).toHaveBeenCalledWith("real-key");
-  });
-
-  test("skips key when broker.get returns not found", async () => {
-    brokerListFn.mockResolvedValue(["missing-key"]);
-    brokerGetFn.mockResolvedValue({ found: false });
-
-    await migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR);
-
-    expect(setKeyFn).not.toHaveBeenCalled();
-    expect(brokerDelFn).not.toHaveBeenCalled();
-  });
-
-  test("skips key when setKey fails and does not delete from keychain", async () => {
-    brokerListFn.mockResolvedValue(["fail-key", "ok-key"]);
-    brokerGetFn.mockImplementation(async (account: string) => {
-      if (account === "fail-key")
-        return { found: true, value: "fail-secret" };
-      if (account === "ok-key") return { found: true, value: "ok-secret" };
-      return null;
-    });
-    setKeyFn.mockImplementation((account: string) => {
-      if (account === "fail-key") return false;
-      return true;
-    });
-
-    await migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR);
-
-    // fail-key should NOT have been deleted from keychain (setKey failed)
-    expect(brokerDelFn).not.toHaveBeenCalledWith("fail-key");
-
-    // ok-key should have been migrated and deleted
-    expect(setKeyFn).toHaveBeenCalledWith("ok-key", "ok-secret");
-    expect(brokerDelFn).toHaveBeenCalledWith("ok-key");
-    expect(brokerDelFn).toHaveBeenCalledTimes(1);
+  test("down is a no-op", async () => {
+    await migrateCredentialsFromKeychainMigration.down("/fake");
   });
 });

package/src/__tests__/workspace-migration-018-rekey-compound-credential-keys.test.ts

@@ -0,0 +1,181 @@
+import { describe, expect, mock, test } from "bun:test";
+
+// ---------------------------------------------------------------------------
+// Mocks — must precede migration import
+// ---------------------------------------------------------------------------
+
+// In-memory credential store. Using `let` so tests can reset between runs.
+let store = new Map<string, string>();
+let storeUnreachable = false;
+
+mock.module("../security/secure-keys.js", () => ({
+  listSecureKeysAsync: async () => ({
+    accounts: [...store.keys()],
+    unreachable: storeUnreachable,
+  }),
+  getSecureKeyAsync: async (key: string) => store.get(key),
+  setSecureKeyAsync: async (key: string, value: string) => {
+    store.set(key, value);
+    return true;
+  },
+  deleteSecureKeyAsync: async (key: string) => {
+    store.delete(key);
+  },
+}));
+
+import { rekeyCompoundCredentialKeysMigration } from "../workspace/migrations/018-rekey-compound-credential-keys.js";
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+function resetStore(entries: Record<string, string> = {}): void {
+  store = new Map(Object.entries(entries));
+  storeUnreachable = false;
+}
+
+function storeEntries(): Record<string, string> {
+  return Object.fromEntries(store);
+}
+
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+
+describe("018-rekey-compound-credential-keys migration", () => {
+  test("has correct migration id", () => {
+    expect(rekeyCompoundCredentialKeysMigration.id).toBe(
+      "018-rekey-compound-credential-keys",
+    );
+  });
+
+  test("run() re-keys compound credential from indexOf to lastIndexOf format", async () => {
+    resetStore({
+      "credential/integration/google:access_token": "my-token",
+    });
+
+    await rekeyCompoundCredentialKeysMigration.run("/fake");
+
+    expect(storeEntries()).toEqual({
+      "credential/integration:google/access_token": "my-token",
+    });
+  });
+
+  test("run() leaves simple single-colon keys unchanged", async () => {
+    resetStore({
+      "credential/github/token": "gh-token",
+    });
+
+    await rekeyCompoundCredentialKeysMigration.run("/fake");
+
+    expect(storeEntries()).toEqual({
+      "credential/github/token": "gh-token",
+    });
+  });
+
+  test("run() ignores non-credential keys", async () => {
+    resetStore({
+      "other/integration/google:access_token": "my-token",
+    });
+
+    await rekeyCompoundCredentialKeysMigration.run("/fake");
+
+    expect(storeEntries()).toEqual({
+      "other/integration/google:access_token": "my-token",
+    });
+  });
+
+  test("run() is idempotent — second run is a no-op", async () => {
+    resetStore({
+      "credential/integration/google:access_token": "my-token",
+    });
+
+    await rekeyCompoundCredentialKeysMigration.run("/fake");
+    const afterFirst = storeEntries();
+
+    await rekeyCompoundCredentialKeysMigration.run("/fake");
+
+    expect(storeEntries()).toEqual(afterFirst);
+  });
+
+  test("run() deletes orphaned old key when new key already exists", async () => {
+    resetStore({
+      "credential/integration/google:access_token": "old-token",
+      "credential/integration:google/access_token": "new-token",
+    });
+
+    await rekeyCompoundCredentialKeysMigration.run("/fake");
+
+    // Old key removed; new key (already present) wins
+    expect(storeEntries()).toEqual({
+      "credential/integration:google/access_token": "new-token",
+    });
+  });
+
+  test("run() throws when credential store is unreachable", async () => {
+    resetStore();
+    storeUnreachable = true;
+
+    await expect(
+      rekeyCompoundCredentialKeysMigration.run("/fake"),
+    ).rejects.toThrow("Credential store unreachable");
+  });
+
+  test("down() reverses run() — re-keys from lastIndexOf back to indexOf format", async () => {
+    resetStore({
+      "credential/integration:google/access_token": "my-token",
+    });
+
+    await rekeyCompoundCredentialKeysMigration.down("/fake");
+
+    expect(storeEntries()).toEqual({
+      "credential/integration/google:access_token": "my-token",
+    });
+  });
+
+  test("down() leaves simple keys unchanged", async () => {
+    resetStore({
+      "credential/github/token": "gh-token",
+    });
+
+    await rekeyCompoundCredentialKeysMigration.down("/fake");
+
+    expect(storeEntries()).toEqual({
+      "credential/github/token": "gh-token",
+    });
+  });
+
+  test("down() is idempotent — second down() is a no-op", async () => {
+    resetStore({
+      "credential/integration:google/access_token": "my-token",
+    });
+
+    await rekeyCompoundCredentialKeysMigration.down("/fake");
+    const afterFirst = storeEntries();
+
+    await rekeyCompoundCredentialKeysMigration.down("/fake");
+
+    expect(storeEntries()).toEqual(afterFirst);
+  });
+
+  test("run() then down() restores original state", async () => {
+    const original = {
+      "credential/integration/google:access_token": "my-token",
+    };
+    resetStore(original);
+
+    await rekeyCompoundCredentialKeysMigration.run("/fake");
+    await rekeyCompoundCredentialKeysMigration.down("/fake");
+
+    expect(storeEntries()).toEqual(original);
+  });
+
+  test("down() throws when credential store is unreachable", async () => {
+    resetStore();
+    storeUnreachable = true;
+
+    await expect(
+      rekeyCompoundCredentialKeysMigration.down("/fake"),
+    ).rejects.toThrow("Credential store unreachable");
+  });
+});

package/src/__tests__/workspace-migrations-runner.test.ts

@@ -130,16 +130,16 @@ describe("runWorkspaceMigrations", () => {
       throw new Error("migration 002 failed");
     });
 
-    await expect(
-      runWorkspaceMigrations(WORKSPACE_DIR, [m1, m2]),
-    ).rejects.toThrow("migration 002 failed");
+    // Runner no longer throws — it marks failed migrations and continues
+    await runWorkspaceMigrations(WORKSPACE_DIR, [m1, m2]);
 
-    // m1 ran successfully before the error
+    // m1 ran successfully, m2 was attempted
     expect(m1.run).toHaveBeenCalledTimes(1);
+    expect(m2.run).toHaveBeenCalledTimes(1);
 
-    // Checkpoints saved: started m1, completed m1, started m2 = 3 writes
-    expect(writeFileSyncFn).toHaveBeenCalledTimes(3);
-    expect(renameSyncFn).toHaveBeenCalledTimes(3);
+    // Checkpoints saved: started m1, completed m1, started m2, failed m2 = 4 writes
+    expect(writeFileSyncFn).toHaveBeenCalledTimes(4);
+    expect(renameSyncFn).toHaveBeenCalledTimes(4);
 
     // Verify the completed checkpoint contains m1
     // The second write is the "completed" marker for m1
@@ -149,6 +149,14 @@ describe("runWorkspaceMigrations", () => {
     const parsed = JSON.parse(completedWrite);
     expect(parsed.applied["001"]).toBeDefined();
     expect(parsed.applied["001"].status).toBe("completed");
+
+    // Verify m2 is marked as failed
+    const failedWrite = (
+      writeFileSyncFn.mock.calls[3] as unknown[]
+    )[1] as string;
+    const failedParsed = JSON.parse(failedWrite);
+    expect(failedParsed.applied["002"]).toBeDefined();
+    expect(failedParsed.applied["002"].status).toBe("failed");
   });
 
   test("idempotent on re-run", async () => {

package/src/acp/client-handler.ts

@@ -31,6 +31,8 @@ import type {
 } from "@agentclientprotocol/sdk";
 
 import type { ServerMessage } from "../daemon/message-protocol.js";
+import type { UserDecision } from "../permissions/types.js";
+import * as pendingInteractions from "../runtime/pending-interactions.js";
 import { getLogger } from "../util/logger.js";
 
 const log = getLogger("acp:client-handler");
@@ -51,6 +53,8 @@ interface TerminalState {
 export class VellumAcpClientHandler implements Client {
   private terminals = new Map<string, TerminalState>();
   private accumulatedText = "";
+  /** Tracks pending ACP permission requestIds for cleanup on session close. */
+  readonly pendingRequestIds = new Set<string>();
 
   /** Returns the full agent response text accumulated from agent_message_chunk events. */
   get responseText(): string {
@@ -60,10 +64,7 @@ export class VellumAcpClientHandler implements Client {
   constructor(
     private readonly acpSessionId: string,
     private readonly sendToVellum: (msg: ServerMessage) => void,
-    private readonly pendingPermissions: Map<
-      string,
-      { resolve: (optionId: string) => void }
-    >,
+    private readonly parentConversationId: string,
   ) {}
 
   async sessionUpdate(params: SessionNotification): Promise<void> {
@@ -152,33 +153,87 @@ export class VellumAcpClientHandler implements Client {
     params: RequestPermissionRequest,
   ): Promise<RequestPermissionResponse> {
     const requestId = randomUUID();
+    const toolTitle = params.toolCall.title ?? "Unknown tool";
+    const toolKind = params.toolCall.kind ?? "other";
+    const options = params.options;
+
     log.info(
       {
         acpSessionId: this.acpSessionId,
         requestId,
-        toolTitle: params.toolCall.title,
-        toolKind: params.toolCall.kind,
-        optionCount: params.options.length,
+        toolTitle,
+        toolKind,
+        optionCount: options.length,
       },
       "ACP permission requested",
     );
 
-    const optionIdPromise = new Promise<string>((resolve) => {
-      this.pendingPermissions.set(requestId, { resolve });
-    });
-
+    // Normalize rawInput into a Record for the confirmation_request shape
+    const rawInput = params.toolCall.rawInput;
+    const input: Record<string, unknown> =
+      rawInput != null &&
+      typeof rawInput === "object" &&
+      !Array.isArray(rawInput)
+        ? (rawInput as Record<string, unknown>)
+        : { command: rawInput };
+
+    const toolName = `ACP Agent: ${toolTitle}`;
+    const acpOptions = options.map((opt) => ({
+      optionId: opt.optionId,
+      name: opt.name,
+      kind: opt.kind,
+    }));
+
+    // Send the confirmation_request first — this triggers makeEventSender
+    // which registers a normal "confirmation" entry in pendingInteractions.
     this.sendToVellum({
-      type: "acp_permission_request",
-      acpSessionId: this.acpSessionId,
+      type: "confirmation_request",
       requestId,
-      toolTitle: params.toolCall.title ?? "Unknown tool",
-      toolKind: params.toolCall.kind ?? "other",
-      rawInput: params.toolCall.rawInput,
-      options: params.options.map((opt) => ({
-        optionId: opt.optionId,
-        name: opt.name,
-        kind: opt.kind,
-      })),
+      toolName,
+      input,
+      riskLevel: "medium",
+      allowlistOptions: [],
+      scopeOptions: [],
+      persistentDecisionsAllowed: false,
+      acpToolKind: toolKind,
+      acpOptions,
+      conversationId: this.parentConversationId,
+    });
+
+    // Now overwrite with our ACP registration that has directResolve.
+    // This must come AFTER sendToVellum so it wins over makeEventSender's
+    // registration.
+    const optionIdPromise = new Promise<string>((resolve) => {
+      const timeoutMs = 5 * 60 * 1000; // 5 minutes
+      const timer = setTimeout(() => {
+        const pending = pendingInteractions.resolve(requestId);
+        if (pending?.directResolve) {
+          pending.directResolve("deny");
+        }
+      }, timeoutMs);
+
+      this.pendingRequestIds.add(requestId);
+      pendingInteractions.register(requestId, {
+        conversation: null,
+        conversationId: this.parentConversationId,
+        kind: "acp_confirmation",
+        confirmationDetails: {
+          toolName,
+          input,
+          riskLevel: "medium",
+          allowlistOptions: [],
+          scopeOptions: [],
+          persistentDecisionsAllowed: false,
+          acpToolKind: toolKind,
+          acpOptions,
+        },
+        directResolve: (decision: UserDecision) => {
+          clearTimeout(timer);
+          this.pendingRequestIds.delete(requestId);
+          const optionId = mapDecisionToOptionId(decision, options);
+          resolve(optionId);
+        },
+      });
     });
 
     const optionId = await optionIdPromise;
@@ -336,18 +391,45 @@ export class VellumAcpClientHandler implements Client {
 }
 
 /**
- * Resolves a pending permission request by its request ID.
+ * Maps a UserDecision to the best-matching ACP option ID.
  */
-export function resolvePermission(
-  pendingPermissions: Map<string, { resolve: (optionId: string) => void }>,
-  requestId: string,
-  optionId: string,
-): void {
-  const pending = pendingPermissions.get(requestId);
-  if (pending) {
-    pending.resolve(optionId);
-    pendingPermissions.delete(requestId);
+function mapDecisionToOptionId(
+  decision: UserDecision,
+  options: Array<{ optionId: string; kind: string }>,
+): string {
+  const isAllow =
+    decision === "allow" ||
+    decision === "allow_10m" ||
+    decision === "allow_conversation" ||
+    decision === "always_allow" ||
+    decision === "always_allow_high_risk" ||
+    decision === "temporary_override" ||
+    decision === "dangerously_skip_permissions";
+
+  if (isAllow) {
+    // Prefer allow_always for persistent decisions, fallback to allow_once
+    if (decision === "always_allow" || decision === "always_allow_high_risk") {
+      const alwaysOpt = options.find((o) => o.kind === "allow_always");
+      if (alwaysOpt) return alwaysOpt.optionId;
+    }
+    const allowOpt =
+      options.find((o) => o.kind === "allow_once") ??
+      options.find((o) => o.kind === "allow_always");
+    if (allowOpt) return allowOpt.optionId;
   }
+
+  // Deny: prefer reject_always for persistent deny, fallback to reject_once
+  if (decision === "always_deny") {
+    const alwaysDeny = options.find((o) => o.kind === "reject_always");
+    if (alwaysDeny) return alwaysDeny.optionId;
+  }
+  const denyOpt =
+    options.find((o) => o.kind === "reject_once") ??
+    options.find((o) => o.kind === "reject_always");
+  if (denyOpt) return denyOpt.optionId;
+
+  // Fallback: return first option
+  return options[0]?.optionId ?? "deny";
 }
 
 /**