@vellumai/assistant 0.6.1 → 0.6.3

package/src/runtime/routes/conversation-management-routes.ts

@@ -4,6 +4,8 @@
  * POST   /v1/conversations                 — create a new conversation
  * POST   /v1/conversations/switch         — switch to an existing conversation
  * POST   /v1/conversations/fork           — fork an existing conversation
+ * GET    /v1/conversations/:id/host-access — read host access for one conversation
+ * PATCH  /v1/conversations/:id/host-access — update host access for one conversation
  * PATCH  /v1/conversations/:id/name       — rename a conversation
  * DELETE /v1/conversations                 — clear all conversations
  * POST   /v1/conversations/:id/wipe       — wipe conversation and revert memory
@@ -21,7 +23,9 @@ import {
   countConversationsByScheduleJobId,
   deleteConversation,
   getConversation,
+  getConversationHostAccess,
   PRIVATE_CONVERSATION_FORK_ERROR,
+  updateConversationHostAccess,
   wipeConversation,
 } from "../../memory/conversation-crud.js";
 import { updateConversationTitle } from "../../memory/conversation-crud.js";
@@ -34,6 +38,10 @@ import { enqueueMemoryJob } from "../../memory/jobs-store.js";
 import { deleteSchedule } from "../../schedule/schedule-store.js";
 import { UserError } from "../../util/errors.js";
 import { getLogger } from "../../util/logger.js";
+import { buildAssistantEvent } from "../assistant-event.js";
+import { assistantEventHub } from "../assistant-event-hub.js";
+import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
+import { requireBoundGuardian } from "../auth/require-bound-guardian.js";
 import { httpError } from "../http-errors.js";
 import type { RouteDefinition } from "../http-router.js";
 
@@ -52,6 +60,7 @@ export interface ConversationManagementDeps {
     conversationId: string;
     title: string;
     conversationType: string;
+    hostAccess: boolean;
   } | null>;
   renameConversation: (conversationId: string, name: string) => boolean;
   clearAllConversations: () => number;
@@ -218,6 +227,7 @@ export function conversationManagementRouteDefinitions(
         conversationId: z.string(),
         title: z.string(),
         conversationType: z.string(),
+        hostAccess: z.boolean(),
       }),
       handler: async ({ req }) => {
         const body = (await req.json()) as {
@@ -246,6 +256,104 @@ export function conversationManagementRouteDefinitions(
           title: result.title,
           conversationType:
             result.conversationType === "private" ? "private" : "standard",
+          hostAccess: result.hostAccess,
+        });
+      },
+    },
+    {
+      endpoint: "conversations/:id/host-access",
+      method: "GET",
+      policyKey: "conversations/host-access:GET",
+      summary: "Get conversation host access",
+      description: "Return whether the conversation can use host tools.",
+      tags: ["conversations"],
+      responseBody: z.object({
+        conversationId: z.string(),
+        hostAccess: z.boolean(),
+      }),
+      handler: ({ params }) => {
+        const resolvedId = resolveConversationId(params.id) ?? params.id;
+        const conversation = getConversation(resolvedId);
+        if (!conversation) {
+          return httpError(
+            "NOT_FOUND",
+            `Conversation ${params.id} not found`,
+            404,
+          );
+        }
+        return Response.json({
+          conversationId: conversation.id,
+          hostAccess: getConversationHostAccess(conversation.id),
+        });
+      },
+    },
+    {
+      endpoint: "conversations/:id/host-access",
+      method: "PATCH",
+      policyKey: "conversations/host-access",
+      summary: "Update conversation host access",
+      description: "Enable or disable host access for a conversation.",
+      tags: ["conversations"],
+      requestBody: z.object({
+        hostAccess: z.boolean(),
+      }),
+      responseBody: z.object({
+        conversationId: z.string(),
+        hostAccess: z.boolean(),
+      }),
+      handler: async ({ req, params, authContext }) => {
+        const guardianError = requireBoundGuardian(authContext);
+        if (guardianError) return guardianError;
+
+        const rawBody = (await req.json()) as unknown;
+        if (
+          rawBody == null ||
+          typeof rawBody !== "object" ||
+          Array.isArray(rawBody)
+        ) {
+          return httpError("BAD_REQUEST", "Invalid request body", 400);
+        }
+        const body = rawBody as { hostAccess?: unknown };
+        if (typeof body.hostAccess !== "boolean") {
+          return httpError("BAD_REQUEST", "Missing hostAccess boolean", 400);
+        }
+
+        const resolvedId = resolveConversationId(params.id) ?? params.id;
+        const conversation = getConversation(resolvedId);
+        if (!conversation) {
+          return httpError(
+            "NOT_FOUND",
+            `Conversation ${params.id} not found`,
+            404,
+          );
+        }
+
+        const nextHostAccess = body.hostAccess;
+        if (conversation.hostAccess !== (nextHostAccess ? 1 : 0)) {
+          updateConversationHostAccess(resolvedId, nextHostAccess);
+          assistantEventHub
+            .publish(
+              buildAssistantEvent(
+                DAEMON_INTERNAL_ASSISTANT_ID,
+                {
+                  type: "conversation_host_access_updated",
+                  conversationId: resolvedId,
+                  hostAccess: nextHostAccess,
+                },
+                resolvedId,
+              ),
+            )
+            .catch((err) => {
+              log.warn(
+                { err, conversationId: resolvedId },
+                "Failed to publish conversation_host_access_updated event",
+              );
+            });
+        }
+
+        return Response.json({
+          conversationId: resolvedId,
+          hostAccess: nextHostAccess,
         });
       },
     },

package/src/runtime/routes/conversation-routes.ts

@@ -17,6 +17,7 @@ import {
   isInteractiveInterface,
   parseChannelId,
   parseInterfaceId,
+  supportsHostProxy,
 } from "../../channels/types.js";
 import { isHttpAuthDisabled } from "../../config/env.js";
 import { getConfig } from "../../config/loader.js";
@@ -35,12 +36,13 @@ import {
 } from "../../daemon/first-greeting.js";
 import { renderHistoryContent } from "../../daemon/handlers/shared.js";
 import { HostBashProxy } from "../../daemon/host-bash-proxy.js";
+import { HostBrowserProxy } from "../../daemon/host-browser-proxy.js";
 import { HostCuProxy } from "../../daemon/host-cu-proxy.js";
 import { HostFileProxy } from "../../daemon/host-file-proxy.js";
 import type { ServerMessage } from "../../daemon/message-protocol.js";
 import type {
-  MacosTransportMetadata,
-  NonMacosTransportMetadata,
+  HostProxyTransportMetadata,
+  NonHostProxyTransportMetadata,
 } from "../../daemon/message-types/conversations.js";
 import type { HeartbeatService } from "../../heartbeat/heartbeat-service.js";
 import * as attachmentsStore from "../../memory/attachments-store.js";
@@ -76,6 +78,7 @@ import { silentlyWithLog } from "../../util/silently.js";
 import { buildAssistantEvent } from "../assistant-event.js";
 import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
 import type { AuthContext } from "../auth/types.js";
+import { getChromeExtensionRegistry } from "../chrome-extension-registry.js";
 import { bridgeConfirmationRequestToGuardian } from "../confirmation-request-guardian-bridge.js";
 import { routeGuardianReply } from "../guardian-reply-router.js";
 import { healGuardianBindingDrift } from "../guardian-vellum-migration.js";
@@ -421,8 +424,18 @@ export function handleListMessages(
   // pendingToolUses map — otherwise they render as "Unknown" tool calls.
   const mergedMessages = mergeToolResultsIntoAssistantMessages(rawMessages);
 
+  // During streaming, all assistant turns within one agent loop accumulate
+  // on a single client-side ChatMessage (via currentAssistantMessageId).
+  // In the DB, each API turn is a separate assistant row because
+  // consolidation is deferred to compaction for prefix-cache stability.
+  // Merge consecutive assistant messages here at query time so
+  // renderHistoryContent produces the same contentOrder shape as streaming
+  // (consecutive tool refs grouped together).
+  const { messages: consolidatedMessages, mergedIdMap } =
+    mergeConsecutiveAssistantMessages(mergedMessages);
+
   // Parse content blocks and extract text + tool calls
-  const parsed = mergedMessages.map((msg) => {
+  const parsed = consolidatedMessages.map((msg) => {
     let content: unknown;
     try {
       content = JSON.parse(msg.content);
@@ -547,7 +560,13 @@ export function handleListMessages(
       // blobs for non-image attachments (documents, audio). Then
       // selectively fetch full data only for images so the client can
       // generate thumbnails for inline display on history restore.
-      const linked = attachmentsStore.getAttachmentMetadataForMessage(m.id);
+      // Also query attachments for any messages that were merged into
+      // this one (consecutive assistant merge), so their attachments
+      // aren't lost before DB compaction relinks them.
+      const idsToQuery = [m.id, ...(mergedIdMap.get(m.id) ?? [])];
+      const linked = idsToQuery.flatMap((id) =>
+        attachmentsStore.getAttachmentMetadataForMessage(id),
+      );
       if (linked.length > 0) {
         msgAttachments = linked.map((a) => {
           if (a.mimeType.startsWith("image/")) {
@@ -721,7 +740,10 @@ function mergeToolResultsIntoAssistantMessages(
       }
     }
 
-    // No tool results → pass through unchanged.
+    // No tool results → pass through unchanged. System notices are only
+    // injected alongside tool results in the agent loop, so a pure user
+    // message (no tool_result blocks) should never be filtered — even if
+    // the user's text happens to look like a system_notice tag.
     if (toolResultBlocks.length === 0) {
       result.push(msg);
       continue;
@@ -789,14 +811,158 @@ function mergeToolResultsIntoAssistantMessages(
   return result;
 }
 
+// ── Consecutive assistant message merging ────────────────────────────
+
+/** Parse a message's JSON content into an array of content blocks. */
+function parseContentBlocks(content: string): unknown[] {
+  try {
+    const parsed = JSON.parse(content);
+    return Array.isArray(parsed) ? parsed : [parsed];
+  } catch (err) {
+    log.warn(
+      { err },
+      "Failed to parse content blocks during assistant message merge",
+    );
+    return [];
+  }
+}
+
+/**
+ * Append content blocks from a donor message onto a target block array.
+ * Parses the donor's JSON content and pushes each block into `target`.
+ */
+function appendContentBlocks(target: unknown[], donorContent: string): void {
+  try {
+    const parsed = JSON.parse(donorContent);
+    if (Array.isArray(parsed)) {
+      target.push(...parsed);
+    } else {
+      target.push(parsed);
+    }
+  } catch (err) {
+    log.warn(
+      { err },
+      "Failed to parse donor content blocks during assistant message merge",
+    );
+  }
+}
+
+/**
+ * Promote metadata fields from a donor message to the surviving message
+ * when the survivor lacks them. Currently promotes `subagentNotification`.
+ * Returns a new MessageRow if promotion occurred, otherwise the original.
+ */
+function promoteMetadata(survivor: MessageRow, donor: MessageRow): MessageRow {
+  if (donor.metadata && survivor.metadata) {
+    try {
+      const survivorMeta = JSON.parse(survivor.metadata);
+      const donorMeta = JSON.parse(donor.metadata);
+      if (
+        !survivorMeta.subagentNotification &&
+        donorMeta.subagentNotification
+      ) {
+        survivorMeta.subagentNotification = donorMeta.subagentNotification;
+        return { ...survivor, metadata: JSON.stringify(survivorMeta) };
+      }
+    } catch (err) {
+      log.warn(
+        { err },
+        "Failed to parse metadata during assistant message merge",
+      );
+    }
+  } else if (donor.metadata && !survivor.metadata) {
+    return { ...survivor, metadata: donor.metadata };
+  }
+  return survivor;
+}
+
+/**
+ * Merge consecutive assistant messages into a single message at query time.
+ *
+ * During streaming, all assistant turns within one agent loop accumulate on
+ * a single client-side ChatMessage. In the DB, each API turn is stored as a
+ * separate assistant row (consolidation is deferred to compaction for
+ * prefix-cache stability). This produces N separate assistant messages that
+ * the client renders as N individual bubbles — each showing "Completed 1
+ * step" instead of one grouped "Completed N steps" accordion.
+ *
+ * This function concatenates the content block arrays of consecutive
+ * assistant messages (no intervening user messages after tool-result
+ * merging) into the first message of each run. The merged messages are
+ * removed from the output. This is query-time only — the DB is not
+ * modified.
+ *
+ * The first message in each run keeps its id, createdAt, and metadata so
+ * that attachment lookups, display timestamps, and subagent notifications
+ * continue to work. Metadata from later messages in the run (e.g.
+ * subagentNotification) is preserved by promoting it to the surviving
+ * message when the surviving message has no metadata of its own for that
+ * field.
+ */
+function mergeConsecutiveAssistantMessages(messages: MessageRow[]): {
+  messages: MessageRow[];
+  /** Maps each surviving message ID → all original message IDs merged into it. */
+  mergedIdMap: Map<string, string[]>;
+} {
+  const result: MessageRow[] = [];
+  // Key = index in `result`, value = accumulated content blocks.
+  const pendingMerges = new Map<number, unknown[]>();
+  // Key = index in `result`, value = IDs of messages merged into the target.
+  const mergedIds = new Map<number, string[]>();
+
+  for (const msg of messages) {
+    const lastIdx = result.length - 1;
+    const isConsecutiveAssistant =
+      msg.role === "assistant" &&
+      lastIdx >= 0 &&
+      result[lastIdx].role === "assistant";
+
+    if (!isConsecutiveAssistant) {
+      result.push(msg);
+      continue;
+    }
+
+    // Track the donor message ID.
+    let ids = mergedIds.get(lastIdx);
+    if (!ids) {
+      ids = [];
+      mergedIds.set(lastIdx, ids);
+    }
+    ids.push(msg.id);
+
+    // Lazily parse the target's content on first merge.
+    let targetContent = pendingMerges.get(lastIdx);
+    if (!targetContent) {
+      targetContent = parseContentBlocks(result[lastIdx].content);
+      pendingMerges.set(lastIdx, targetContent);
+    }
+
+    appendContentBlocks(targetContent, msg.content);
+    result[lastIdx] = promoteMetadata(result[lastIdx], msg);
+  }
+
+  // Write back merged content for any messages that were targets.
+  for (const [idx, content] of pendingMerges) {
+    result[idx] = { ...result[idx], content: JSON.stringify(content) };
+  }
+
+  // Build the merged ID map keyed by surviving message ID.
+  const mergedIdMap = new Map<string, string[]>();
+  for (const [idx, ids] of mergedIds) {
+    mergedIdMap.set(result[idx].id, ids);
+  }
+
+  return { messages: result, mergedIdMap };
+}
+
 /**
  * Build an `onEvent` callback that publishes every outbound event to the
  * assistant event hub, maintaining ordered delivery through a serial chain.
  *
  * Also registers pending interactions when confirmation_request,
- * secret_request, host_bash_request, or host_file_request events flow
- * through, so standalone approval/result endpoints can look up the conversation
- * by requestId.
+ * secret_request, host_bash_request, host_browser_request, host_file_request,
+ * or host_cu_request events flow through, so standalone approval/result
+ * endpoints can look up the conversation by requestId.
  */
 function makeHubPublisher(
   deps: SendMessageDeps,
@@ -888,6 +1054,12 @@ function makeHubPublisher(
         conversationId,
         kind: "host_bash",
       });
+    } else if (msg.type === "host_browser_request") {
+      pendingInteractions.register(msg.requestId, {
+        conversation,
+        conversationId,
+        kind: "host_browser",
+      });
     } else if (msg.type === "host_file_request") {
       pendingInteractions.register(msg.requestId, {
         conversation,
@@ -1054,18 +1226,21 @@ export async function handleSendMessage(
 
   // Build transport metadata from the request so the daemon can inject
   // host environment hints (home directory, username) into the LLM context.
-  const transport =
-    sourceInterface === "macos"
-      ? ({
-          channelId: sourceChannel,
-          interfaceId: "macos" as const,
-          hostHomeDir: body.hostHomeDir,
-          hostUsername: body.hostUsername,
-        } satisfies MacosTransportMetadata)
-      : ({
-          channelId: sourceChannel,
-          interfaceId: sourceInterface,
-        } satisfies NonMacosTransportMetadata);
+  // The `supportsHostProxy` type predicate narrows `sourceInterface` to
+  // `HostProxyInterfaceId` in the truthy branch, which is exactly the
+  // discriminant the `HostProxyTransportMetadata` variant expects — so the
+  // construction site stays in lock-step with the runtime capability gate.
+  const transport = supportsHostProxy(sourceInterface)
+    ? ({
+        channelId: sourceChannel,
+        interfaceId: sourceInterface,
+        hostHomeDir: body.hostHomeDir,
+        hostUsername: body.hostUsername,
+      } satisfies HostProxyTransportMetadata)
+    : ({
+        channelId: sourceChannel,
+        interfaceId: sourceInterface,
+      } satisfies NonHostProxyTransportMetadata);
 
   const conversation = await smDeps.getOrCreateConversation(
     mapping.conversationId,
@@ -1135,12 +1310,13 @@ export async function handleSendMessage(
     conversation,
   );
   const isInteractive = isInteractiveInterface(sourceInterface);
-  // Only create the host bash proxy for desktop client interfaces that can
-  // execute commands on the user's machine. Non-desktop conversations (CLI,
-  // channels, headless) fall back to local execution.
+  // Only create each host proxy for interfaces that support the matching
+  // capability. macOS supports all four; the chrome-extension interface only
+  // supports host_browser. Non-desktop conversations (CLI, channels, headless)
+  // fall back to local execution.
   // Set the proxy BEFORE updateClient so updateClient's call to
   // hostBashProxy.updateSender targets the correct (new) proxy.
-  if (sourceInterface === "macos") {
+  if (supportsHostProxy(sourceInterface, "host_bash")) {
     // Reuse the existing proxy if the conversation is actively processing a
     // host bash request to avoid orphaning in-flight requests.
     if (!conversation.isProcessing() || !conversation.hostBashProxy) {
@@ -1149,12 +1325,92 @@ export async function handleSendMessage(
       });
       conversation.setHostBashProxy(proxy);
     }
+  } else if (!conversation.isProcessing()) {
+    conversation.setHostBashProxy(undefined);
+  }
+  // For the chrome-extension interface we route host_browser_request /
+  // host_browser_cancel frames through the in-process ChromeExtensionRegistry
+  // to the WebSocket opened against /v1/browser-relay by the connected
+  // extension, instead of the SSE/onEvent hub used by macOS. The registry
+  // lookup is keyed by the JWT-derived actor principal id, which the
+  // runtime captured at WebSocket upgrade time.
+  //
+  // A single guardian may have multiple parallel extension installs
+  // connected at once (two Chrome profiles, two desktops). The registry
+  // tracks them under (guardianId, clientInstanceId) pairs and the
+  // default `send(guardianId, msg)` path routes to whichever instance
+  // has the most recent activity — typically the one the user is
+  // currently driving. Pinning to a specific instance can be done via
+  // `sendToInstance` if a caller ever needs it.
+  //
+  // macOS (and any other interface that supports host_browser in the
+  // future via the SSE hub) keeps using `onEvent` — see the else branch.
+  const browserProxySendToClient: (msg: ServerMessage) => void =
+    sourceInterface === "chrome-extension"
+      ? (msg) => {
+          // Resolve the guardian principal id at send time rather than
+          // capturing it from the POST-time authContext. This closure can be
+          // re-fired on queue drain — if a different actor's POST lands while
+          // the queue is still draining an earlier turn, a captured
+          // authContext.actorPrincipalId would mis-route the earlier turn's
+          // host_browser frames to the *new* actor. Preferring
+          // conversation.trustContext?.guardianPrincipalId makes the routing
+          // follow the conversation's bound guardian, which is stable across
+          // subsequent POSTs. Falls back to the per-POST authContext for
+          // turns that haven't been bound to a trust context yet.
+          const gid =
+            conversation.trustContext?.guardianPrincipalId ??
+            authContext.actorPrincipalId;
+          if (!gid) {
+            // No guardian identity on this turn — nothing to route to.
+            // The proxy will observe this via its try/catch and surface a
+            // transport error back to the caller.
+            throw new Error(
+              "chrome-extension host_browser send skipped: no guardianId on AuthContext",
+            );
+          }
+          const ok = getChromeExtensionRegistry().send(gid, msg);
+          if (!ok) {
+            throw new Error(
+              `chrome-extension host_browser send failed: no active connection for guardian ${gid}`,
+            );
+          }
+        }
+      : onEvent;
+  // Stash the registry-routed sender on the conversation so queue-drain
+  // restores (which run outside of conversation-routes.ts and only have
+  // access to `sendToClient`) can preserve it when calling
+  // `restoreBrowserProxyAvailability()`. For non-chrome-extension
+  // interfaces the override is cleared so the SSE hub sender is used.
+  if (sourceInterface === "chrome-extension") {
+    conversation.hostBrowserSenderOverride = browserProxySendToClient;
+  } else {
+    conversation.hostBrowserSenderOverride = undefined;
+  }
+  if (supportsHostProxy(sourceInterface, "host_browser")) {
+    if (!conversation.isProcessing() || !conversation.hostBrowserProxy) {
+      const browserProxy = new HostBrowserProxy(
+        browserProxySendToClient,
+        (requestId) => {
+          pendingInteractions.resolve(requestId);
+        },
+      );
+      conversation.setHostBrowserProxy(browserProxy);
+    }
+  } else if (!conversation.isProcessing()) {
+    conversation.setHostBrowserProxy(undefined);
+  }
+  if (supportsHostProxy(sourceInterface, "host_file")) {
     if (!conversation.isProcessing() || !conversation.hostFileProxy) {
       const fileProxy = new HostFileProxy(onEvent, (requestId) => {
         pendingInteractions.resolve(requestId);
       });
       conversation.setHostFileProxy(fileProxy);
     }
+  } else if (!conversation.isProcessing()) {
+    conversation.setHostFileProxy(undefined);
+  }
+  if (supportsHostProxy(sourceInterface, "host_cu")) {
     if (!conversation.isProcessing() || !conversation.hostCuProxy) {
       const cuProxy = new HostCuProxy(onEvent, (requestId) => {
         pendingInteractions.resolve(requestId);
@@ -1168,19 +1424,41 @@ export async function handleSendMessage(
       conversation.addPreactivatedSkillId("computer-use");
     }
   } else if (!conversation.isProcessing()) {
-    conversation.setHostBashProxy(undefined);
-    conversation.setHostFileProxy(undefined);
     conversation.setHostCuProxy(undefined);
   }
   // Wire sendToClient to the SSE hub so all subsystems can reach the HTTP client.
   // Called after setHostBashProxy so updateSender targets the current proxy.
   // When proxies are preserved during an active turn (non-desktop request while
-  // processing), skip updating proxy senders to avoid degrading them.
+  // processing), skip updating proxy senders to avoid degrading them. The gate
+  // matches the host_bash capability because the legacy "reject send during
+  // host bash" flow is what this is really protecting.
   const preservingProxies =
-    conversation.isProcessing() && sourceInterface !== "macos";
+    conversation.isProcessing() &&
+    !supportsHostProxy(sourceInterface, "host_bash");
+  // hasNoClient must remain `!isInteractive` so downstream tool gating
+  // (`isToolActiveForContext` for HOST_TOOL_NAMES, `createToolExecutor`'s
+  // `isInteractive: !ctx.hasNoClient`) keeps host_bash/host_file/host_cu
+  // tools gated for non-desktop interfaces. The chrome-extension interface
+  // is non-interactive (no SSE prompter UI) but still has a connected client
+  // that can service host_browser_request events; we restore that single
+  // proxy explicitly below without relaxing `hasNoClient`.
   conversation.updateClient(onEvent, !isInteractive, {
     skipProxySenderUpdate: preservingProxies,
   });
+  // For non-interactive interfaces that DO support host_browser
+  // (chrome-extension), explicitly re-enable just the browser proxy. The
+  // helper bypasses the `hasNoClient` gate so the single-capability
+  // chrome-extension turn can drive the browser via CDP without leaking
+  // host_bash/host_file tool availability into tool gating.
+  //
+  // `restoreBrowserProxyAvailability()` reads `hostBrowserSenderOverride`
+  // (set above for chrome-extension) and applies the registry-routed
+  // sender, so the chrome-extension path gets the correct sender here
+  // — including after queue-drain restores run from conversation-process.ts,
+  // which only have access to the conversation instance.
+  if (supportsHostProxy(sourceInterface, "host_browser")) {
+    conversation.restoreBrowserProxyAvailability?.();
+  }
 
   // ── Canned first-greeting fast path ──
   // On a completely fresh workspace, skip LLM inference for the macOS
@@ -1338,6 +1616,8 @@ export async function handleSendMessage(
         ...(body.automated === true ? { automated: true } : {}),
       },
       { isInteractive },
+      undefined, // displayContent
+      transport,
     );
     if (enqueueResult.rejected) {
       return Response.json(