@vellumai/assistant 0.6.1 → 0.6.3

package/src/__tests__/schedule-routes.test.ts

@@ -0,0 +1,162 @@
+import { beforeEach, describe, expect, mock, test } from "bun:test";
+
+mock.module("../util/logger.js", () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
+}));
+
+import { getDb, initializeDb } from "../memory/db.js";
+import { scheduleRouteDefinitions } from "../runtime/routes/schedule-routes.js";
+import { createSchedule } from "../schedule/schedule-store.js";
+import { scheduleTask } from "../tasks/task-scheduler.js";
+import { createTask } from "../tasks/task-store.js";
+
+initializeDb();
+
+function clearTables(): void {
+  const db = getDb();
+  db.run("DELETE FROM cron_runs");
+  db.run("DELETE FROM cron_jobs");
+  db.run("DELETE FROM task_runs");
+  db.run("DELETE FROM tasks");
+  db.run("DELETE FROM messages");
+  db.run("DELETE FROM conversations");
+}
+
+function getRunNowHandler(sendMessageDeps: {
+  getOrCreateConversation: (
+    conversationId: string,
+    options?: Record<string, unknown>,
+  ) => Promise<unknown>;
+}) {
+  const route = scheduleRouteDefinitions({
+    sendMessageDeps: sendMessageDeps as never,
+  }).find(
+    (candidate) =>
+      candidate.endpoint === "schedules/:id/run" && candidate.method === "POST",
+  );
+  if (!route) {
+    throw new Error("Run-now schedule route not found");
+  }
+  return route.handler;
+}
+
+describe("schedule run-now trust propagation", () => {
+  beforeEach(() => {
+    clearTables();
+  });
+
+  test("manual run-now executes plain schedules with guardian trust", async () => {
+    const schedule = createSchedule({
+      name: "Direct schedule",
+      cronExpression: "* * * * *",
+      message: "scan my inbox",
+      syntax: "cron",
+    });
+
+    const getOrCreateCalls: Array<{
+      conversationId: string;
+      options?: Record<string, unknown>;
+    }> = [];
+    const processCalls: Array<unknown[]> = [];
+    const fakeConversation: {
+      taskRunId?: string;
+      processMessage: (...args: unknown[]) => Promise<string>;
+    } = {
+      taskRunId: "stale-task-run",
+      async processMessage(...args: unknown[]) {
+        processCalls.push(args);
+        return "message-id";
+      },
+    };
+
+    const handler = getRunNowHandler({
+      getOrCreateConversation: async (conversationId, options) => {
+        getOrCreateCalls.push({ conversationId, options });
+        return fakeConversation;
+      },
+    });
+
+    const response = await handler({
+      req: new Request(`http://localhost/v1/schedules/${schedule.id}/run`, {
+        method: "POST",
+      }),
+      url: new URL(`http://localhost/v1/schedules/${schedule.id}/run`),
+      server: {} as never,
+      authContext: {} as never,
+      params: { id: schedule.id },
+    });
+
+    expect(response.status).toBe(200);
+    expect(getOrCreateCalls).toHaveLength(1);
+    expect(getOrCreateCalls[0].options?.trustContext).toEqual({
+      sourceChannel: "vellum",
+      trustClass: "guardian",
+    });
+    expect(processCalls).toHaveLength(1);
+    expect(processCalls[0][0]).toBe("scan my inbox");
+    expect(processCalls[0][6]).toEqual({ isInteractive: false });
+    expect(fakeConversation.taskRunId).toBeUndefined();
+  });
+
+  test("manual run-now executes scheduled tasks with guardian trust and taskRunId", async () => {
+    const task = createTask({
+      title: "Email triage",
+      template: "triage inbox in background",
+    });
+    const schedule = scheduleTask({
+      taskId: task.id,
+      name: "Scheduled task",
+      cronExpression: "* * * * *",
+    });
+
+    const getOrCreateCalls: Array<{
+      conversationId: string;
+      options?: Record<string, unknown>;
+    }> = [];
+    const observedTaskRunIds: Array<string | undefined> = [];
+    const processCalls: Array<unknown[]> = [];
+    const fakeConversation: {
+      taskRunId?: string;
+      processMessage: (...args: unknown[]) => Promise<string>;
+    } = {
+      taskRunId: undefined,
+      async processMessage(...args: unknown[]) {
+        observedTaskRunIds.push(fakeConversation.taskRunId);
+        processCalls.push(args);
+        return "message-id";
+      },
+    };
+
+    const handler = getRunNowHandler({
+      getOrCreateConversation: async (conversationId, options) => {
+        getOrCreateCalls.push({ conversationId, options });
+        return fakeConversation;
+      },
+    });
+
+    const response = await handler({
+      req: new Request(`http://localhost/v1/schedules/${schedule.id}/run`, {
+        method: "POST",
+      }),
+      url: new URL(`http://localhost/v1/schedules/${schedule.id}/run`),
+      server: {} as never,
+      authContext: {} as never,
+      params: { id: schedule.id },
+    });
+
+    expect(response.status).toBe(200);
+    expect(getOrCreateCalls).toHaveLength(1);
+    expect(getOrCreateCalls[0].options?.trustContext).toEqual({
+      sourceChannel: "vellum",
+      trustClass: "guardian",
+    });
+    expect(processCalls).toHaveLength(1);
+    expect(processCalls[0][0]).toBe("triage inbox in background");
+    expect(processCalls[0][6]).toEqual({ isInteractive: false });
+    expect(typeof observedTaskRunIds[0]).toBe("string");
+    expect(fakeConversation.taskRunId).toBeUndefined();
+  });
+});

package/src/__tests__/secret-detection-handler.test.ts

@@ -0,0 +1,84 @@
+import { beforeEach, describe, expect, mock, test } from "bun:test";
+
+import { _setOverridesForTesting } from "../config/assistant-feature-flags.js";
+
+const triggerMock = mock(async () => {});
+const scanTextMock = mock(() => [
+  { type: "api_key", redactedValue: "sk-***redacted***" },
+]);
+
+mock.module("../config/loader.js", () => ({
+  getConfig: () => ({
+    secretDetection: {
+      enabled: true,
+      action: "prompt",
+      entropyThreshold: 4.5,
+      customPatterns: [],
+    },
+  }),
+}));
+
+mock.module("../hooks/manager.js", () => ({
+  getHookManager: () => ({
+    trigger: triggerMock,
+  }),
+}));
+
+mock.module("../security/secret-scanner.js", () => ({
+  compileCustomPatterns: () => [],
+  redactSecrets: (content: string) => content,
+  scanText: scanTextMock,
+}));
+
+import { SecretDetectionHandler } from "../tools/secret-detection-handler.js";
+
+describe("SecretDetectionHandler under v2", () => {
+  beforeEach(() => {
+    _setOverridesForTesting({});
+    triggerMock.mockClear();
+    scanTextMock.mockClear();
+  });
+
+  test("blocks secret output without opening a deterministic approval prompt", async () => {
+    _setOverridesForTesting({ "permission-controls-v2": true });
+
+    const promptMock = mock(async () => ({ decision: "allow" as const }));
+    const handler = new SecretDetectionHandler({
+      prompt: promptMock,
+    } as never);
+    const emitLifecycleEvent = mock(() => {});
+
+    const result = await handler.handle(
+      { content: "secret output", isError: false },
+      "bash",
+      { command: "print-secret" },
+      {
+        conversationId: "conv-1",
+        workingDir: "/tmp",
+        requestId: "req-1",
+        isInteractive: true,
+      } as never,
+      "sandbox",
+      "medium",
+      "allow",
+      Date.now(),
+      emitLifecycleEvent,
+      (_toolName, input) => input,
+    );
+
+    expect(result.earlyReturn).toBe(true);
+    expect(result.result.isError).toBe(true);
+    expect(result.result.content).toContain(
+      "Secret-output approval cards are disabled under v2",
+    );
+    expect(promptMock).not.toHaveBeenCalled();
+    expect(emitLifecycleEvent).toHaveBeenCalledWith(
+      expect.anything(),
+      expect.objectContaining({
+        type: "permission_denied",
+        decision: "deny",
+      }),
+    );
+    expect(triggerMock).toHaveBeenCalled();
+  });
+});

package/src/__tests__/secret-ingress-http.test.ts

@@ -175,6 +175,7 @@ function makeSendMessageDeps() {
     trustContext: undefined,
     hasPendingConfirmation: () => false,
     setHostBashProxy: () => {},
+    setHostBrowserProxy: () => {},
     setHostFileProxy: () => {},
     setHostCuProxy: () => {},
     addPreactivatedSkillId: () => {},

package/src/__tests__/send-endpoint-busy.test.ts

@@ -115,6 +115,7 @@ function makeCompletingConversation(): Conversation {
     usageStats: { inputTokens: 0, outputTokens: 0, estimatedCost: 0 },
     updateClient: () => {},
     setHostBashProxy: () => {},
+    setHostBrowserProxy: () => {},
     setHostFileProxy: () => {},
     setHostCuProxy: () => {},
     addPreactivatedSkillId: () => {},
@@ -173,6 +174,7 @@ function makeHangingConversation(): Conversation {
     usageStats: { inputTokens: 0, outputTokens: 0, estimatedCost: 0 },
     updateClient: () => {},
     setHostBashProxy: () => {},
+    setHostBrowserProxy: () => {},
     setHostFileProxy: () => {},
     setHostCuProxy: () => {},
     addPreactivatedSkillId: () => {},
@@ -259,6 +261,7 @@ function makePendingApprovalConversation(
     usageStats: { inputTokens: 0, outputTokens: 0, estimatedCost: 0 },
     updateClient: () => {},
     setHostBashProxy: () => {},
+    setHostBrowserProxy: () => {},
     setHostFileProxy: () => {},
     setHostCuProxy: () => {},
     addPreactivatedSkillId: () => {},

package/src/__tests__/set-permission-mode.test.ts

@@ -1,274 +1,37 @@
-/**
- * Tests for the set_permission_mode system tool.
- *
- * Verifies:
- *   - Mode transitions via askBeforeActing and hostAccess
- *   - Partial updates (only provided fields change)
- *   - Idempotent calls (setting same value is safe)
- *   - Error when no fields provided
- *   - Tool is not registered when permission-controls-v2 flag is off
- *   - Tool is registered when permission-controls-v2 flag is on
- */
-
-import { existsSync, mkdirSync, writeFileSync } from "node:fs";
-import { join } from "node:path";
-import {
-  afterAll,
-  afterEach,
-  beforeEach,
-  describe,
-  expect,
-  mock,
-  test,
-} from "bun:test";
-
-// ---------------------------------------------------------------------------
-// Mocks — declared before imports that depend on platform/logger
-// ---------------------------------------------------------------------------
-
-const WORKSPACE_DIR = process.env.VELLUM_WORKSPACE_DIR!;
-const CONFIG_PATH = join(WORKSPACE_DIR, "config.json");
-
-function ensureTestDir(): void {
-  const dirs = [
-    WORKSPACE_DIR,
-    join(WORKSPACE_DIR, "data"),
-    join(WORKSPACE_DIR, "data", "logs"),
-  ];
-  for (const dir of dirs) {
-    if (!existsSync(dir)) mkdirSync(dir, { recursive: true });
-  }
-}
-
-function makeLoggerStub(): Record<string, unknown> {
-  const stub: Record<string, unknown> = {};
-  for (const m of [
-    "info",
-    "warn",
-    "error",
-    "debug",
-    "trace",
-    "fatal",
-    "silent",
-    "child",
-  ]) {
-    stub[m] = m === "child" ? () => makeLoggerStub() : () => {};
-  }
-  return stub;
-}
+import { afterAll, beforeEach, describe, expect, mock, test } from "bun:test";
 
 mock.module("../util/logger.js", () => ({
-  getLogger: () => makeLoggerStub(),
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
 }));
 
-afterAll(() => {
-  mock.restore();
-});
-
 import { _setOverridesForTesting } from "../config/assistant-feature-flags.js";
-import { invalidateConfigCache } from "../config/loader.js";
-import {
-  getMode,
-  resetForTesting,
-} from "../permissions/permission-mode-store.js";
 import { __clearRegistryForTesting, getTool } from "../tools/registry.js";
 import { registerSystemTools } from "../tools/system/register.js";
-import { setPermissionModeTool } from "../tools/system/set-permission-mode.js";
-import type { ToolContext } from "../tools/types.js";
-
-// ---------------------------------------------------------------------------
-// Helpers
-// ---------------------------------------------------------------------------
-
-function writeConfig(obj: unknown): void {
-  ensureTestDir();
-  writeFileSync(CONFIG_PATH, JSON.stringify(obj, null, 2) + "\n");
-}
-
-function makeContext(): ToolContext {
-  return {
-    workingDir: WORKSPACE_DIR,
-    conversationId: "test-conversation",
-    trustClass: "guardian",
-  };
-}
-
-// ---------------------------------------------------------------------------
-// Setup / teardown
-// ---------------------------------------------------------------------------
 
 beforeEach(() => {
-  ensureTestDir();
-  resetForTesting();
-  invalidateConfigCache();
   _setOverridesForTesting({});
   __clearRegistryForTesting();
-  // Write a minimal config so the store initializes cleanly
-  writeConfig({});
 });
 
-afterEach(() => {
-  resetForTesting();
-  invalidateConfigCache();
-  _setOverridesForTesting({});
-  __clearRegistryForTesting();
-});
-
-// ---------------------------------------------------------------------------
-// Tests — tool execution
-// ---------------------------------------------------------------------------
-
-describe("set_permission_mode tool", () => {
-  describe("mode transitions", () => {
-    test("sets askBeforeActing to false", async () => {
-      const result = await setPermissionModeTool.execute(
-        { askBeforeActing: false },
-        makeContext(),
-      );
-
-      expect(result.isError).toBe(false);
-      expect(result.content).toContain("askBeforeActing: false");
-
-      const mode = getMode();
-      expect(mode.askBeforeActing).toBe(false);
-    });
-
-    test("sets hostAccess to true", async () => {
-      const result = await setPermissionModeTool.execute(
-        { hostAccess: true },
-        makeContext(),
-      );
-
-      expect(result.isError).toBe(false);
-      expect(result.content).toContain("hostAccess: true");
-
-      const mode = getMode();
-      expect(mode.hostAccess).toBe(true);
-    });
-
-    test("sets both fields at once", async () => {
-      const result = await setPermissionModeTool.execute(
-        { askBeforeActing: false, hostAccess: true },
-        makeContext(),
-      );
-
-      expect(result.isError).toBe(false);
-      expect(result.content).toContain("askBeforeActing: false");
-      expect(result.content).toContain("hostAccess: true");
-
-      const mode = getMode();
-      expect(mode.askBeforeActing).toBe(false);
-      expect(mode.hostAccess).toBe(true);
-    });
-  });
-
-  describe("partial updates", () => {
-    test("only askBeforeActing changes, hostAccess unchanged", async () => {
-      await setPermissionModeTool.execute(
-        { askBeforeActing: false },
-        makeContext(),
-      );
-
-      const mode = getMode();
-      expect(mode.askBeforeActing).toBe(false);
-      // hostAccess should remain at default (false)
-      expect(mode.hostAccess).toBe(false);
-    });
-
-    test("only hostAccess changes, askBeforeActing unchanged", async () => {
-      await setPermissionModeTool.execute({ hostAccess: true }, makeContext());
-
-      const mode = getMode();
-      // askBeforeActing should remain at default (true)
-      expect(mode.askBeforeActing).toBe(true);
-      expect(mode.hostAccess).toBe(true);
-    });
-  });
-
-  describe("idempotent calls", () => {
-    test("setting askBeforeActing to current value is safe", async () => {
-      // Default is true
-      const result = await setPermissionModeTool.execute(
-        { askBeforeActing: true },
-        makeContext(),
-      );
-
-      expect(result.isError).toBe(false);
-      expect(getMode().askBeforeActing).toBe(true);
-    });
-
-    test("setting hostAccess to current value is safe", async () => {
-      // Default is false
-      const result = await setPermissionModeTool.execute(
-        { hostAccess: false },
-        makeContext(),
-      );
-
-      expect(result.isError).toBe(false);
-      expect(getMode().hostAccess).toBe(false);
-    });
-
-    test("repeated calls produce same result", async () => {
-      await setPermissionModeTool.execute(
-        { askBeforeActing: false, hostAccess: true },
-        makeContext(),
-      );
-      const result = await setPermissionModeTool.execute(
-        { askBeforeActing: false, hostAccess: true },
-        makeContext(),
-      );
-
-      expect(result.isError).toBe(false);
-      const mode = getMode();
-      expect(mode.askBeforeActing).toBe(false);
-      expect(mode.hostAccess).toBe(true);
-    });
-  });
-
-  describe("validation", () => {
-    test("returns error when no fields provided", async () => {
-      const result = await setPermissionModeTool.execute({}, makeContext());
-
-      expect(result.isError).toBe(true);
-      expect(result.content).toContain("at least one");
-    });
-  });
-
-  describe("tool definition", () => {
-    test("has correct name", () => {
-      expect(setPermissionModeTool.name).toBe("set_permission_mode");
-    });
-
-    test("has correct category", () => {
-      expect(setPermissionModeTool.category).toBe("system");
-    });
-
-    test("definition includes both properties", () => {
-      const def = setPermissionModeTool.getDefinition();
-      const schema = def.input_schema as { properties?: Record<string, unknown> };
-      const props = schema.properties as Record<string, unknown>;
-      expect(props).toHaveProperty("askBeforeActing");
-      expect(props).toHaveProperty("hostAccess");
-    });
-  });
+afterAll(() => {
+  mock.restore();
 });
 
-// ---------------------------------------------------------------------------
-// Tests — feature flag gating
-// ---------------------------------------------------------------------------
-
-describe("set_permission_mode registration", () => {
-  test("tool is NOT registered when permission-controls-v2 flag is off", () => {
-    _setOverridesForTesting({ "permission-controls-v2": false });
+describe("set_permission_mode removal", () => {
+  test("tool is not registered when system tools are initialized", () => {
+    _setOverridesForTesting({ "permission-controls-v2": true });
     registerSystemTools();
 
     expect(getTool("set_permission_mode")).toBeUndefined();
   });
 
-  test("tool IS registered when permission-controls-v2 flag is on", () => {
-    _setOverridesForTesting({ "permission-controls-v2": true });
+  test("tool stays unavailable even when the feature flag is disabled", () => {
+    _setOverridesForTesting({ "permission-controls-v2": false });
     registerSystemTools();
 
-    expect(getTool("set_permission_mode")).toBeDefined();
+    expect(getTool("set_permission_mode")).toBeUndefined();
   });
 });