@vellumai/assistant 0.6.1 → 0.6.3

package/src/config/schema.ts

@@ -49,6 +49,14 @@ export type { FishAudioConfig } from "./schemas/fish-audio.js";
 export { FishAudioConfigSchema } from "./schemas/fish-audio.js";
 export type { HeartbeatConfig } from "./schemas/heartbeat.js";
 export { HeartbeatConfigSchema } from "./schemas/heartbeat.js";
+export type {
+  HostBrowserCdpInspectConfig,
+  HostBrowserConfig,
+} from "./schemas/host-browser.js";
+export {
+  HostBrowserCdpInspectConfigSchema,
+  HostBrowserConfigSchema,
+} from "./schemas/host-browser.js";
 export type {
   ContextOverflowRecoveryConfig,
   ContextWindowConfig,
@@ -115,6 +123,7 @@ export {
 export type { MemoryRetrievalConfig } from "./schemas/memory-retrieval.js";
 export {
   MemoryDynamicBudgetConfigSchema,
+  MemoryInjectionConfigSchema,
   MemoryRetrievalConfigSchema,
 } from "./schemas/memory-retrieval.js";
 export type {
@@ -139,8 +148,6 @@ export {
   PlatformConfigSchema,
   UiConfigSchema,
 } from "./schemas/platform.js";
-export type { SandboxConfig } from "./schemas/sandbox.js";
-export { SandboxConfigSchema } from "./schemas/sandbox.js";
 export type {
   PermissionsConfig,
   SecretDetectionConfig,
@@ -206,6 +213,7 @@ import { ElevenLabsConfigSchema } from "./schemas/elevenlabs.js";
 import { FilingConfigSchema } from "./schemas/filing.js";
 import { FishAudioConfigSchema } from "./schemas/fish-audio.js";
 import { HeartbeatConfigSchema } from "./schemas/heartbeat.js";
+import { HostBrowserConfigSchema } from "./schemas/host-browser.js";
 import {
   ContextWindowConfigSchema,
   EffortSchema,
@@ -227,7 +235,6 @@ import {
   PlatformConfigSchema,
   UiConfigSchema,
 } from "./schemas/platform.js";
-import { SandboxConfigSchema } from "./schemas/sandbox.js";
 import {
   PermissionsConfigSchema,
   SecretDetectionConfigSchema,
@@ -247,7 +254,7 @@ export const AssistantConfigSchema = z
       .number({ error: "maxTokens must be a number" })
       .int("maxTokens must be an integer")
       .positive("maxTokens must be a positive integer")
-      .default(16000)
+      .default(64000)
       .describe("Maximum number of output tokens per LLM response"),
     effort: EffortSchema,
     speed: SpeedSchema,
@@ -261,7 +268,6 @@ export const AssistantConfigSchema = z
       .default(getDataDir())
       .describe("Directory for storing assistant data (database, logs, etc.)"),
     timeouts: TimeoutConfigSchema.default(TimeoutConfigSchema.parse({})),
-    sandbox: SandboxConfigSchema.default(SandboxConfigSchema.parse({})),
     rateLimit: RateLimitConfigSchema.default(RateLimitConfigSchema.parse({})),
     secretDetection: SecretDetectionConfigSchema.default(
       SecretDetectionConfigSchema.parse({}),
@@ -281,6 +287,9 @@ export const AssistantConfigSchema = z
       ),
     filing: FilingConfigSchema.default(FilingConfigSchema.parse({})),
     heartbeat: HeartbeatConfigSchema.default(HeartbeatConfigSchema.parse({})),
+    hostBrowser: HostBrowserConfigSchema.default(
+      HostBrowserConfigSchema.parse({}),
+    ),
     journal: JournalConfigSchema.default(JournalConfigSchema.parse({})),
     mcp: McpConfigSchema.default(McpConfigSchema.parse({})),
     acp: AcpConfigSchema.default(AcpConfigSchema.parse({})),
@@ -321,6 +330,13 @@ export const AssistantConfigSchema = z
       .max(200, "maxStepsPerSession must be <= 200")
       .default(50)
       .describe("Maximum number of computer-use steps per session"),
+    systemPromptPrefix: z
+      .string({ error: "systemPromptPrefix must be a string" })
+      .nullable()
+      .default(null)
+      .describe(
+        "Custom text injected at the very beginning of the system prompt. Defaults to null (no injection).",
+      ),
   })
   .superRefine((config, ctx) => {
     if (
@@ -373,6 +389,31 @@ export const AssistantConfigSchema = z
           "memory.retrieval.dynamicBudget.minInjectTokens must be <= memory.retrieval.dynamicBudget.maxInjectTokens",
       });
     }
+    const injection = config.memory?.retrieval?.injection;
+    const ctxLoad = injection?.contextLoad;
+    if (
+      ctxLoad &&
+      ctxLoad.capabilityReserve + ctxLoad.serendipitySlots >= ctxLoad.maxNodes
+    ) {
+      ctx.addIssue({
+        code: z.ZodIssueCode.custom,
+        path: ["memory", "retrieval", "injection", "contextLoad"],
+        message:
+          "memory.retrieval.injection.contextLoad.capabilityReserve + serendipitySlots must be less than maxNodes",
+      });
+    }
+    const perTurn = injection?.perTurn;
+    if (
+      perTurn &&
+      perTurn.capabilityReserve + perTurn.serendipitySlots >= perTurn.maxNodes
+    ) {
+      ctx.addIssue({
+        code: z.ZodIssueCode.custom,
+        path: ["memory", "retrieval", "injection", "perTurn"],
+        message:
+          "memory.retrieval.injection.perTurn.capabilityReserve + serendipitySlots must be less than maxNodes",
+      });
+    }
   });
 
 export type AssistantConfig = z.infer<typeof AssistantConfigSchema>;

package/src/config/schemas/host-browser.ts

@@ -0,0 +1,66 @@
+import { z } from "zod";
+
+/**
+ * Configuration for the `cdp-inspect` browser backend — connects directly
+ * to a host Chrome instance that was launched with `--remote-debugging-port`
+ * (e.g. `chrome://inspect`-style remote debugging) as an alternative to the
+ * extension or local Playwright backend.
+ */
+export const HostBrowserCdpInspectConfigSchema = z
+  .object({
+    enabled: z
+      .boolean({ error: "hostBrowser.cdpInspect.enabled must be a boolean" })
+      .default(false)
+      .describe(
+        "Whether the cdp-inspect backend is enabled. When true, the factory will route browser tool calls through the configured host/port instead of the local Playwright backend.",
+      ),
+    host: z
+      .string({ error: "hostBrowser.cdpInspect.host must be a string" })
+      .min(1, "hostBrowser.cdpInspect.host must not be empty")
+      .default("localhost")
+      .describe(
+        "Host name or IP address where the host Chrome instance exposes its remote debugging endpoint.",
+      ),
+    port: z
+      .number({ error: "hostBrowser.cdpInspect.port must be a number" })
+      .int("hostBrowser.cdpInspect.port must be an integer")
+      .min(1, "hostBrowser.cdpInspect.port must be >= 1")
+      .max(65535, "hostBrowser.cdpInspect.port must be <= 65535")
+      .default(9222)
+      .describe(
+        "TCP port for the host Chrome remote-debugging endpoint (matches `--remote-debugging-port`).",
+      ),
+    probeTimeoutMs: z
+      .number({
+        error: "hostBrowser.cdpInspect.probeTimeoutMs must be a number",
+      })
+      .int("hostBrowser.cdpInspect.probeTimeoutMs must be an integer")
+      .min(50, "hostBrowser.cdpInspect.probeTimeoutMs must be >= 50")
+      .max(5000, "hostBrowser.cdpInspect.probeTimeoutMs must be <= 5000")
+      .default(500)
+      .describe(
+        "Timeout (in milliseconds) for the backend availability probe. Kept small so browser tool calls fail fast when the endpoint is unreachable.",
+      ),
+  })
+  .describe(
+    "Settings for the cdp-inspect backend that connects to a host Chrome instance via its remote-debugging endpoint.",
+  );
+
+export type HostBrowserCdpInspectConfig = z.infer<
+  typeof HostBrowserCdpInspectConfigSchema
+>;
+
+/**
+ * Top-level configuration for host-browser backends. Currently only exposes
+ * `cdpInspect`, but the shape leaves room for additional host-browser knobs
+ * (e.g. extension-specific settings) without another namespace churn.
+ */
+export const HostBrowserConfigSchema = z
+  .object({
+    cdpInspect: HostBrowserCdpInspectConfigSchema.default(
+      HostBrowserCdpInspectConfigSchema.parse({}),
+    ),
+  })
+  .describe("Host-browser backend configuration (cdp-inspect, etc.)");
+
+export type HostBrowserConfig = z.infer<typeof HostBrowserConfigSchema>;

package/src/config/schemas/memory-lifecycle.ts

@@ -80,7 +80,7 @@ export const MemoryCleanupConfigSchema = z
       .nonnegative(
         "memory.cleanup.llmRequestLogRetentionMs must be non-negative",
       )
-      .default(7 * 24 * 60 * 60 * 1000)
+      .default(1 * 24 * 60 * 60 * 1000)
       .describe(
         "Retention period for LLM request/response logs in milliseconds (0 disables pruning)",
       ),

package/src/config/schemas/memory-retrieval.ts

@@ -184,6 +184,106 @@ const MemoryFreshnessConfigSchema = z
     "Freshness-based ranking for memory retrieval — down-ranks old items unless recently reinforced",
   );
 
+const MemoryContextLoadInjectionSchema = z
+  .object({
+    maxNodes: z
+      .number({
+        error:
+          "memory.retrieval.injection.contextLoad.maxNodes must be a number",
+      })
+      .int("memory.retrieval.injection.contextLoad.maxNodes must be an integer")
+      .positive(
+        "memory.retrieval.injection.contextLoad.maxNodes must be a positive integer",
+      )
+      .default(25)
+      .describe("Maximum number of memory nodes to load at conversation start"),
+    serendipitySlots: z
+      .number({
+        error:
+          "memory.retrieval.injection.contextLoad.serendipitySlots must be a number",
+      })
+      .int(
+        "memory.retrieval.injection.contextLoad.serendipitySlots must be an integer",
+      )
+      .nonnegative(
+        "memory.retrieval.injection.contextLoad.serendipitySlots must be non-negative",
+      )
+      .default(5)
+      .describe("Number of random wildcard memory picks at conversation start"),
+    capabilityReserve: z
+      .number({
+        error:
+          "memory.retrieval.injection.contextLoad.capabilityReserve must be a number",
+      })
+      .int(
+        "memory.retrieval.injection.contextLoad.capabilityReserve must be an integer",
+      )
+      .nonnegative(
+        "memory.retrieval.injection.contextLoad.capabilityReserve must be non-negative",
+      )
+      .default(5)
+      .describe(
+        "Reserved slots for skill/CLI capability nodes at conversation start",
+      ),
+  })
+  .describe("Memory injection limits at conversation start");
+
+const MemoryPerTurnInjectionSchema = z
+  .object({
+    maxNodes: z
+      .number({
+        error: "memory.retrieval.injection.perTurn.maxNodes must be a number",
+      })
+      .int("memory.retrieval.injection.perTurn.maxNodes must be an integer")
+      .positive(
+        "memory.retrieval.injection.perTurn.maxNodes must be a positive integer",
+      )
+      .default(6)
+      .describe(
+        "Maximum total memory nodes injected per turn (general + capability + serendipity)",
+      ),
+    serendipitySlots: z
+      .number({
+        error:
+          "memory.retrieval.injection.perTurn.serendipitySlots must be a number",
+      })
+      .int(
+        "memory.retrieval.injection.perTurn.serendipitySlots must be an integer",
+      )
+      .nonnegative(
+        "memory.retrieval.injection.perTurn.serendipitySlots must be non-negative",
+      )
+      .default(1)
+      .describe("Number of random wildcard memory picks per turn"),
+    capabilityReserve: z
+      .number({
+        error:
+          "memory.retrieval.injection.perTurn.capabilityReserve must be a number",
+      })
+      .int(
+        "memory.retrieval.injection.perTurn.capabilityReserve must be an integer",
+      )
+      .nonnegative(
+        "memory.retrieval.injection.perTurn.capabilityReserve must be non-negative",
+      )
+      .default(2)
+      .describe("Reserved slots for skill/CLI capability nodes per turn"),
+  })
+  .describe("Memory injection limits for mid-conversation turns");
+
+export const MemoryInjectionConfigSchema = z
+  .object({
+    contextLoad: MemoryContextLoadInjectionSchema.default(
+      MemoryContextLoadInjectionSchema.parse({}),
+    ),
+    perTurn: MemoryPerTurnInjectionSchema.default(
+      MemoryPerTurnInjectionSchema.parse({}),
+    ),
+  })
+  .describe(
+    "Controls how many memory items are injected at conversation start and per turn",
+  );
+
 export const MemoryRetrievalConfigSchema = z
   .object({
     maxInjectTokens: z
@@ -209,6 +309,9 @@ export const MemoryRetrievalConfigSchema = z
     dynamicBudget: MemoryDynamicBudgetConfigSchema.default(
       MemoryDynamicBudgetConfigSchema.parse({}),
     ),
+    injection: MemoryInjectionConfigSchema.default(
+      MemoryInjectionConfigSchema.parse({}),
+    ),
   })
   .describe(
     "Controls how memories are retrieved and injected into conversations",

package/src/config/schemas/security.ts

@@ -79,12 +79,6 @@ export const PermissionsConfigSchema = z
       .describe(
         "Permission mode — 'strict' requires explicit approval for all operations, 'workspace' allows operations within the workspace",
       ),
-    askBeforeActing: z
-      .boolean({
-        error: "permissions.askBeforeActing must be a boolean",
-      })
-      .default(true)
-      .describe("Whether the assistant should check in before taking actions"),
     hostAccess: z
       .boolean({
         error: "permissions.hostAccess must be a boolean",

package/src/config/schemas/services.ts

@@ -56,6 +56,16 @@ export const OutlookOAuthServiceSchema = BaseServiceSchema.extend({
 });
 export type OutlookOAuthService = z.infer<typeof OutlookOAuthServiceSchema>;
 
+export const LinearOAuthServiceSchema = BaseServiceSchema.extend({
+  mode: ServiceModeSchema.default("your-own"),
+});
+export type LinearOAuthService = z.infer<typeof LinearOAuthServiceSchema>;
+
+export const GitHubOAuthServiceSchema = BaseServiceSchema.extend({
+  mode: ServiceModeSchema.default("your-own"),
+});
+export type GitHubOAuthService = z.infer<typeof GitHubOAuthServiceSchema>;
+
 export const ServicesSchema = z.object({
   inference: InferenceServiceSchema.default(InferenceServiceSchema.parse({})),
   "image-generation": ImageGenerationServiceSchema.default(
@@ -70,5 +80,11 @@ export const ServicesSchema = z.object({
   "outlook-oauth": OutlookOAuthServiceSchema.default(
     OutlookOAuthServiceSchema.parse({}),
   ),
+  "linear-oauth": LinearOAuthServiceSchema.default(
+    LinearOAuthServiceSchema.parse({}),
+  ),
+  "github-oauth": GitHubOAuthServiceSchema.default(
+    GitHubOAuthServiceSchema.parse({}),
+  ),
 });
 export type Services = z.infer<typeof ServicesSchema>;

package/src/config/types.ts

@@ -27,7 +27,6 @@ export type {
   PermissionsConfig,
   QdrantConfig,
   RateLimitConfig,
-  SandboxConfig,
   SecretDetectionConfig,
   ServiceMode,
   Services,

package/src/context/post-turn-tool-result-truncation.ts

@@ -0,0 +1,176 @@
+import { createHash } from "node:crypto";
+import { mkdirSync, writeFileSync } from "node:fs";
+import { join } from "node:path";
+
+import type {
+  ContentBlock,
+  Message,
+  ToolResultContent,
+  ToolUseContent,
+} from "../providers/types.js";
+
+/** Minimum content length (chars) before a tool result is eligible for truncation. ~2000 tokens at 4 chars/token. */
+export const THRESHOLD_CHARS = 8_000;
+
+/** Target size (chars) for the truncated stub. ~300 tokens at 4 chars/token. */
+export const TARGET_CHARS = 1_200;
+
+/** Subdirectory name under the conversation directory for saved full results. */
+export const TOOL_RESULT_DIR = ".tool-results";
+
+/** Marker used to detect already-truncated results (idempotency guard). */
+export const TRUNCATION_MARKER = "\u2014 full result:";
+
+/**
+ * Deterministic file path for a tool result's full content on disk.
+ * Uses the first 12 hex chars of the SHA-256 of the tool_use_id.
+ */
+export function getToolResultFilePath(
+  conversationDir: string,
+  toolUseId: string,
+): string {
+  const hash = createHash("sha256").update(toolUseId).digest("hex").slice(0, 12);
+  return join(conversationDir, TOOL_RESULT_DIR, `${hash}.txt`);
+}
+
+/**
+ * Build the truncated stub that replaces a large tool result in context.
+ * Preserves the first and last halves of TARGET_CHARS, with a middle marker
+ * indicating how many tokens were omitted and where to find the full result.
+ */
+export function buildTruncatedContent(
+  original: string,
+  filePath: string,
+): string {
+  const half = Math.floor(TARGET_CHARS / 2);
+  const prefix = original.slice(0, half);
+  const suffix = original.slice(-half);
+  const omittedChars = original.length - TARGET_CHARS;
+  const estimatedTokens = Math.round(omittedChars / 4);
+  return `${prefix}\n\n...(${estimatedTokens} tokens omitted ${TRUNCATION_MARKER} ${filePath})\n\n${suffix}`;
+}
+
+/**
+ * Walk all messages and truncate tool results that exceed `THRESHOLD_CHARS`.
+ *
+ * For each eligible result:
+ * - The full content is persisted to a deterministic file path on disk.
+ * - The in-context content is replaced with a prefix/suffix stub.
+ *
+ * Results are skipped if they are below threshold, are error results,
+ * or have already been truncated (contain `TRUNCATION_MARKER`).
+ *
+ * Returns a shallow-copied messages array (only modified messages are cloned)
+ * and the count of results that were truncated.
+ */
+export function postTurnTruncateToolResults(
+  messages: Message[],
+  options: { conversationDir: string },
+): { messages: Message[]; truncatedCount: number } {
+  let truncatedCount = 0;
+
+  const mapped = messages.map((msg) => {
+    let changed = false;
+    const nextContent: ContentBlock[] = msg.content.map((block) => {
+      if (block.type !== "tool_result") return block;
+      const tr = block as ToolResultContent;
+
+      // Skip short results.
+      if (tr.content.length <= THRESHOLD_CHARS) return block;
+
+      // Skip error results.
+      if (tr.is_error) return block;
+
+      // Skip already-truncated results (idempotency).
+      if (tr.content.includes(TRUNCATION_MARKER)) return block;
+
+      const filePath = getToolResultFilePath(
+        options.conversationDir,
+        tr.tool_use_id,
+      );
+
+      // Persist full content to disk.
+      mkdirSync(join(options.conversationDir, TOOL_RESULT_DIR), {
+        recursive: true,
+      });
+      writeFileSync(filePath, tr.content, "utf-8");
+
+      changed = true;
+      truncatedCount++;
+      return {
+        ...tr,
+        content: buildTruncatedContent(tr.content, filePath),
+      } as ContentBlock;
+    });
+
+    return changed ? { ...msg, content: nextContent } : msg;
+  });
+
+  return { messages: truncatedCount > 0 ? mapped : messages, truncatedCount };
+}
+
+/** Stub that replaces a re-read of a saved tool result to avoid context duplication. */
+export const REREAD_STUB =
+  "(Re-read of saved tool result — original context is preserved above)";
+
+/**
+ * Deduplicate re-reads of saved tool results.
+ *
+ * When `postTurnTruncateToolResults` truncates a large result, it saves the full
+ * content to a `.tool-results/` file. If the model later calls `file_read` on that
+ * saved file, the result is a second copy of content whose truncated prefix/suffix
+ * is already in context. This function detects those re-reads and replaces their
+ * tool_result content with a short stub to avoid duplication.
+ */
+export function derefToolResultReReads(messages: Message[]): {
+  messages: Message[];
+  dereferencedCount: number;
+} {
+  // Build a set of tool_use_ids that are file_read calls targeting .tool-results/ paths.
+  const reReadToolUseIds = new Set<string>();
+
+  for (const msg of messages) {
+    if (msg.role !== "assistant") continue;
+    for (const block of msg.content) {
+      if (block.type !== "tool_use") continue;
+      const tu = block as ToolUseContent;
+      if (tu.name !== "file_read") continue;
+      const filePath = tu.input.path ?? tu.input.file_path;
+      if (typeof filePath !== "string") continue;
+      if (filePath.includes(`/${TOOL_RESULT_DIR}/`)) {
+        reReadToolUseIds.add(tu.id);
+      }
+    }
+  }
+
+  if (reReadToolUseIds.size === 0) {
+    return { messages, dereferencedCount: 0 };
+  }
+
+  let dereferencedCount = 0;
+
+  const mapped = messages.map((msg) => {
+    if (msg.role !== "user") return msg;
+
+    let changed = false;
+    const nextContent: ContentBlock[] = msg.content.map((block) => {
+      if (block.type !== "tool_result") return block;
+      const tr = block as ToolResultContent;
+      if (!reReadToolUseIds.has(tr.tool_use_id)) return block;
+
+      // Skip error results — preserve diagnostics (e.g. file not found).
+      if (tr.is_error) return block;
+
+      changed = true;
+      dereferencedCount++;
+      return { ...tr, content: REREAD_STUB } as ContentBlock;
+    });
+
+    return changed ? { ...msg, content: nextContent } : msg;
+  });
+
+  return {
+    messages: dereferencedCount > 0 ? mapped : messages,
+    dereferencedCount,
+  };
+}

package/src/context/window-manager.ts

@@ -102,6 +102,14 @@ export class ContextWindowManager {
   private readonly _systemPrompt: string | (() => string);
   private readonly config: ContextWindowConfig;
   private readonly toolTokenBudget: number;
+  /**
+   * Number of leading messages that are non-persisted (injected inherited
+   * context from a parent conversation).  `countPersistedMessages` subtracts
+   * this so `compactedPersistedMessages` only reflects DB-backed messages.
+   * Set by `Conversation.injectInheritedContext` and consumed (decremented)
+   * after a successful compaction pass.
+   */
+  nonPersistedPrefixCount = 0;
   /**
    * Cached resolved system prompt. Lazily populated on first access via the
    * `systemPrompt` getter and cleared after each compaction pass so the next
@@ -305,8 +313,12 @@ export class ContextWindowManager {
       };
     }
 
+    const injectedInCompactable = Math.min(
+      Math.max(0, this.nonPersistedPrefixCount - summaryOffset),
+      compactableMessages.length,
+    );
     const compactedPersistedMessages =
-      countPersistedMessages(compactableMessages);
+      countPersistedMessages(compactableMessages) - injectedInCompactable;
     const rawProjectedMessages = [
       createContextSummaryMessage(existingSummary ?? "Projected summary"),
       ...messages.slice(keepPlan.keepFromIndex),
@@ -452,6 +464,12 @@ export class ContextWindowManager {
         toolTokenBudget: this.toolTokenBudget,
       },
     );
+    // Consume the injected prefix messages that were compacted away.
+    this.nonPersistedPrefixCount = Math.max(
+      0,
+      this.nonPersistedPrefixCount - injectedInCompactable,
+    );
+
     log.info(
       {
         previousEstimatedInputTokens,