@vellumai/assistant 0.6.2 → 0.6.3

package/src/__tests__/host-file-proxy.test.ts

@@ -1,7 +1,13 @@
-import { afterEach, describe, expect, test } from "bun:test";
+import { afterEach, describe, expect, jest, test } from "bun:test";
 
 const { HostFileProxy } = await import("../daemon/host-file-proxy.js");
 
+// Minimal PNG header
+const PNG_HEADER = Buffer.from([
+  0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a, 0x00, 0x00, 0x00, 0x0d, 0x49,
+  0x48, 0x44, 0x52,
+]);
+
 describe("HostFileProxy", () => {
   let proxy: InstanceType<typeof HostFileProxy>;
   let sentMessages: unknown[];
@@ -77,6 +83,39 @@ describe("HostFileProxy", () => {
       expect(result.content).toContain("ENOENT");
     });
 
+    test("rebuilds image tool results from proxied image payloads", async () => {
+      setup();
+
+      const resultPromise = proxy.request(
+        {
+          operation: "read",
+          path: "/Users/test/Desktop/screenshot.png",
+        },
+        "session-1",
+      );
+
+      const sent = sentMessages[0] as Record<string, unknown>;
+      const requestId = sent.requestId as string;
+
+      proxy.resolve(requestId, {
+        content: "Image loaded on host",
+        isError: false,
+        imageData: PNG_HEADER.toString("base64"),
+      });
+
+      const result = await resultPromise;
+      expect(result.isError).toBe(false);
+      expect(result.content).toContain("Image loaded");
+      expect(result.content).toContain("/Users/test/Desktop/screenshot.png");
+      expect(result.contentBlocks).toHaveLength(1);
+      expect(result.contentBlocks?.[0]).toMatchObject({
+        type: "image",
+        source: {
+          media_type: "image/png",
+        },
+      });
+    });
+
     test("handles write operations", async () => {
       setup();
 
@@ -377,6 +416,151 @@ describe("HostFileProxy", () => {
     });
   });
 
+  describe("abort listener lifecycle", () => {
+    // Helper that wraps an AbortSignal to observe add/removeEventListener
+    // invocations without tripping over tsc's strict overload matching on
+    // AbortSignal itself.
+    type Spied = {
+      signal: AbortSignal;
+      addCalls: string[];
+      removeCalls: string[];
+    };
+    function spySignal(source: AbortSignal): Spied {
+      const addCalls: string[] = [];
+      const removeCalls: string[] = [];
+
+      const s = source as any;
+      const origAdd = source.addEventListener.bind(source);
+      const origRemove = source.removeEventListener.bind(source);
+      s.addEventListener = (
+        type: string,
+
+        ...rest: any[]
+      ) => {
+        addCalls.push(type);
+
+        return (origAdd as any)(type, ...rest);
+      };
+      s.removeEventListener = (
+        type: string,
+
+        ...rest: any[]
+      ) => {
+        removeCalls.push(type);
+
+        return (origRemove as any)(type, ...rest);
+      };
+      return { signal: source, addCalls, removeCalls };
+    }
+
+    test("removes abort listener from signal after resolve completes", async () => {
+      setup();
+      const controller = new AbortController();
+      const spy = spySignal(controller.signal);
+
+      const resultPromise = proxy.request(
+        { operation: "read", path: "/tmp/test.txt" },
+        "session-1",
+        spy.signal,
+      );
+
+      expect(spy.addCalls).toEqual(["abort"]);
+      expect(spy.removeCalls).toEqual([]);
+
+      const requestId = (sentMessages[0] as Record<string, unknown>)
+        .requestId as string;
+      proxy.resolve(requestId, { content: "file contents", isError: false });
+      await resultPromise;
+
+      // Listener is detached after normal completion.
+      expect(spy.removeCalls).toEqual(["abort"]);
+
+      // Subsequent aborts are harmless no-ops (no side effects on the proxy).
+      controller.abort();
+      // No additional emitted envelopes from the late abort.
+      expect(sentMessages).toHaveLength(1);
+    });
+
+    test("removes abort listener from signal on timer timeout", async () => {
+      setup();
+
+      jest.useFakeTimers();
+      try {
+        const controller = new AbortController();
+        const spy = spySignal(controller.signal);
+
+        const resultPromise = proxy.request(
+          { operation: "read", path: "/tmp/slow.txt" },
+          "session-1",
+          spy.signal,
+        );
+
+        expect(spy.addCalls).toEqual(["abort"]);
+        expect(spy.removeCalls).toEqual([]);
+
+        const requestId = (sentMessages[0] as Record<string, unknown>)
+          .requestId as string;
+        expect(proxy.hasPendingRequest(requestId)).toBe(true);
+
+        // Advance past the 30s internal timeout.
+        jest.advanceTimersByTime(31 * 1000);
+
+        const result = await resultPromise;
+        expect(result.isError).toBe(true);
+        expect(result.content).toContain("Host file proxy timed out");
+        expect(proxy.hasPendingRequest(requestId)).toBe(false);
+
+        // Listener is detached after the timer fires.
+        expect(spy.removeCalls).toEqual(["abort"]);
+
+        // Subsequent aborts should be harmless — no cancel emitted.
+        controller.abort();
+        expect(sentMessages).toHaveLength(1);
+      } finally {
+        jest.useRealTimers();
+      }
+    });
+  });
+
+  describe("sender throws synchronously", () => {
+    test("rejects the promise, clears pending state and timer, invokes onInternalResolve", async () => {
+      const resolvedIds: string[] = [];
+      sentMessages = [];
+      sendToClient = () => {
+        throw new Error("transport down");
+      };
+      proxy = new HostFileProxy(sendToClient, (id) => resolvedIds.push(id));
+
+      const resultPromise = proxy.request(
+        { operation: "read", path: "/tmp/test.txt" },
+        "session-1",
+      );
+
+      await expect(resultPromise).rejects.toThrow("transport down");
+
+      // The internal resolve should fire exactly once as part of cleanup.
+      expect(resolvedIds).toHaveLength(1);
+
+      // Issue a new request on a fresh (non-throwing) sender and verify
+      // the proxy is still functional — no stale timers or bookkeeping
+      // from the failed request.
+      sentMessages = [];
+      proxy.updateSender((msg) => sentMessages.push(msg), true);
+      const okPromise = proxy.request(
+        { operation: "read", path: "/tmp/ok.txt" },
+        "session-1",
+      );
+      expect(sentMessages).toHaveLength(1);
+      const okRequestId = (sentMessages[0] as Record<string, unknown>)
+        .requestId as string;
+      expect(proxy.hasPendingRequest(okRequestId)).toBe(true);
+      proxy.resolve(okRequestId, { content: "ok", isError: false });
+      const okResult = await okPromise;
+      expect(okResult.content).toBe("ok");
+      expect(okResult.isError).toBe(false);
+    });
+  });
+
   describe("onInternalResolve callback", () => {
     test("fires on abort", async () => {
       const resolvedIds: string[] = [];

package/src/__tests__/host-file-read-tool.test.ts

@@ -3,6 +3,7 @@ import { tmpdir } from "node:os";
 import { join } from "node:path";
 import { afterEach, describe, expect, test } from "bun:test";
 
+import type { HostFileInput } from "../daemon/host-file-proxy.js";
 import { hostFileReadTool } from "../tools/host-filesystem/read.js";
 import type { ToolContext } from "../tools/types.js";
 
@@ -165,6 +166,57 @@ describe("host_file_read tool", () => {
 });
 
 describe("host_file_read image support", () => {
+  test("uses host proxy for image reads when available", async () => {
+    const requests: Array<{
+      input: HostFileInput;
+      conversationId: string;
+      signal?: AbortSignal;
+    }> = [];
+    const proxyContext: ToolContext = {
+      ...makeContext(),
+      hostFileProxy: {
+        isAvailable: () => true,
+        request: async (input, conversationId, signal) => {
+          requests.push({ input, conversationId, signal });
+          return {
+            content: "Image loaded: /host/screenshot.png",
+            isError: false,
+            contentBlocks: [
+              {
+                type: "image",
+                source: {
+                  type: "base64",
+                  media_type: "image/png",
+                  data: PNG_HEADER.toString("base64"),
+                },
+              },
+            ],
+          };
+        },
+      } as ToolContext["hostFileProxy"],
+    };
+
+    const result = await hostFileReadTool.execute(
+      { path: "/host/screenshot.png" },
+      proxyContext,
+    );
+
+    expect(result.isError).toBe(false);
+    expect(result.contentBlocks).toHaveLength(1);
+    expect(requests).toEqual([
+      {
+        input: {
+          operation: "read",
+          path: "/host/screenshot.png",
+          offset: undefined,
+          limit: undefined,
+        },
+        conversationId: "test-conversation",
+        signal: undefined,
+      },
+    ]);
+  });
+
   test("returns image content block for .png file", async () => {
     const dir = makeTempDir();
     const filePath = join(dir, "screenshot.png");

package/src/__tests__/host-proxy-interface.test.ts

@@ -0,0 +1,165 @@
+import { describe, expect, test } from "bun:test";
+
+import type { HostProxyInterfaceId, InterfaceId } from "../channels/types.js";
+import { supportsHostProxy } from "../channels/types.js";
+import type {
+  ConversationTransportMetadata,
+  HostProxyTransportMetadata,
+  NonHostProxyTransportMetadata,
+} from "../daemon/message-types/conversations.js";
+import { isHostProxyTransport } from "../daemon/message-types/conversations.js";
+
+// ---------------------------------------------------------------------------
+// supportsHostProxy — runtime behavior
+// ---------------------------------------------------------------------------
+
+describe("supportsHostProxy (runtime)", () => {
+  test("no-arg form returns true for host-proxy interfaces", () => {
+    expect(supportsHostProxy("macos")).toBe(true);
+  });
+
+  test("no-arg form returns false for interfaces without host-proxy support", () => {
+    const nonHostProxyIds: InterfaceId[] = [
+      "ios",
+      "cli",
+      "telegram",
+      "phone",
+      "vellum",
+      "whatsapp",
+      "slack",
+      "email",
+      "chrome-extension",
+    ];
+    for (const id of nonHostProxyIds) {
+      expect(supportsHostProxy(id)).toBe(false);
+    }
+  });
+
+  test("capability form grants host_browser to chrome-extension", () => {
+    expect(supportsHostProxy("chrome-extension", "host_browser")).toBe(true);
+    expect(supportsHostProxy("chrome-extension", "host_bash")).toBe(false);
+    expect(supportsHostProxy("chrome-extension", "host_file")).toBe(false);
+    expect(supportsHostProxy("chrome-extension", "host_cu")).toBe(false);
+  });
+
+  test("capability form grants host_bash/file/cu to macOS but not host_browser", () => {
+    expect(supportsHostProxy("macos", "host_bash")).toBe(true);
+    expect(supportsHostProxy("macos", "host_file")).toBe(true);
+    expect(supportsHostProxy("macos", "host_cu")).toBe(true);
+    expect(supportsHostProxy("macos", "host_browser")).toBe(false);
+  });
+
+  test("capability form rejects everything for non-host-proxy interfaces", () => {
+    expect(supportsHostProxy("ios", "host_bash")).toBe(false);
+    expect(supportsHostProxy("cli", "host_file")).toBe(false);
+    expect(supportsHostProxy("telegram", "host_browser")).toBe(false);
+  });
+});
+
+// ---------------------------------------------------------------------------
+// supportsHostProxy — type predicate (compile-time contract)
+// ---------------------------------------------------------------------------
+
+describe("supportsHostProxy (type predicate)", () => {
+  test("no-arg form narrows InterfaceId to HostProxyInterfaceId", () => {
+    const id: InterfaceId = "macos";
+    if (supportsHostProxy(id)) {
+      // Inside this branch, TypeScript narrows `id` to HostProxyInterfaceId.
+      // If the overload were wrong, this assignment would fail to type-check
+      // and the test file wouldn't compile.
+      const narrowed: HostProxyInterfaceId = id;
+      expect(narrowed).toBe("macos");
+    } else {
+      throw new Error("expected narrowing branch to be taken for macos");
+    }
+  });
+
+  test("narrowing reaches through discriminated transport union", () => {
+    // Build a value typed as the full union so TypeScript can't cheat.
+    const transport: ConversationTransportMetadata = {
+      channelId: "vellum",
+      interfaceId: "macos",
+      hostHomeDir: "/Users/alice",
+      hostUsername: "alice",
+    };
+
+    if (transport.interfaceId && supportsHostProxy(transport.interfaceId)) {
+      // Narrowing the discriminant narrows the union member — after this
+      // check, `transport` should be HostProxyTransportMetadata and the
+      // host-env fields are directly accessible.
+      const narrowed: HostProxyTransportMetadata = transport;
+      expect(narrowed.hostHomeDir).toBe("/Users/alice");
+      expect(narrowed.hostUsername).toBe("alice");
+    } else {
+      throw new Error("expected host-proxy branch for macos transport");
+    }
+  });
+
+  test("non-host-proxy branch narrows to NonHostProxyTransportMetadata", () => {
+    const transport: ConversationTransportMetadata = {
+      channelId: "vellum",
+      interfaceId: "ios",
+    };
+
+    if (transport.interfaceId && supportsHostProxy(transport.interfaceId)) {
+      throw new Error("expected non-host-proxy branch for ios transport");
+    } else {
+      // `transport` is NonHostProxyTransportMetadata here.
+      const narrowed: NonHostProxyTransportMetadata = transport;
+      expect(narrowed.interfaceId).toBe("ios");
+    }
+  });
+});
+
+// ---------------------------------------------------------------------------
+// isHostProxyTransport — type guard on ConversationTransportMetadata
+// ---------------------------------------------------------------------------
+
+describe("isHostProxyTransport", () => {
+  test("returns true for macOS transport and narrows to HostProxyTransportMetadata", () => {
+    const transport: ConversationTransportMetadata = {
+      channelId: "vellum",
+      interfaceId: "macos",
+      hostHomeDir: "/Users/alice",
+      hostUsername: "alice",
+    };
+
+    expect(isHostProxyTransport(transport)).toBe(true);
+
+    if (isHostProxyTransport(transport)) {
+      const narrowed: HostProxyTransportMetadata = transport;
+      expect(narrowed.hostHomeDir).toBe("/Users/alice");
+      expect(narrowed.hostUsername).toBe("alice");
+    } else {
+      throw new Error("narrowing branch not taken");
+    }
+  });
+
+  test("returns false for every non-host-proxy interface", () => {
+    const nonHostProxyIds: Array<Exclude<InterfaceId, HostProxyInterfaceId>> = [
+      "ios",
+      "cli",
+      "telegram",
+      "phone",
+      "vellum",
+      "whatsapp",
+      "slack",
+      "email",
+      "chrome-extension",
+    ];
+    for (const interfaceId of nonHostProxyIds) {
+      const transport: ConversationTransportMetadata = {
+        channelId: "vellum",
+        interfaceId,
+      };
+      expect(isHostProxyTransport(transport)).toBe(false);
+    }
+  });
+
+  test("returns false when interfaceId is absent", () => {
+    const transport: ConversationTransportMetadata = {
+      channelId: "vellum",
+    };
+    expect(isHostProxyTransport(transport)).toBe(false);
+  });
+});

package/src/__tests__/host-shell-tool.test.ts

@@ -36,7 +36,6 @@ const mockConfig = {
     entropyThreshold: 4.0,
   },
   auditLog: { retentionDays: 0 },
-  sandbox: { enabled: true },
 };
 
 // Track whether wrapCommand was ever called — host_bash must never invoke it
@@ -149,10 +148,6 @@ describe("host_bash tool", () => {
     const dir = mkdtempSync(join(tmpdir(), "host-shell-plain-"));
     testDirs.push(dir);
 
-    // Verify the tool executes successfully even when sandbox is enabled in config,
-    // proving it bypasses the sandbox entirely
-    expect(mockConfig.sandbox.enabled).toBe(true);
-
     spawnCalls.length = 0;
 
     const result = await hostShellTool.execute(
@@ -236,10 +231,7 @@ describe("host_bash — baseline: no sandbox isolation", () => {
     expect(spawnCalls[0].args[2]).toBe("ls -la /tmp");
   });
 
-  test("sandbox config being enabled does not affect host_bash", async () => {
-    // The mock config has sandbox.enabled = true
-    expect(mockConfig.sandbox.enabled).toBe(true);
-
+  test("host_bash always spawns plain bash without wrapCommand", async () => {
     const dir = mkdtempSync(join(tmpdir(), "host-shell-sandbox-cfg-"));
     testDirs.push(dir);
 
@@ -255,9 +247,7 @@ describe("host_bash — baseline: no sandbox isolation", () => {
     );
 
     expect(result.isError).toBe(false);
-    // Must never call wrapCommand regardless of config
     expect(wrapCommandCallCount).toBe(0);
-    // Must still spawn plain bash
     expect(spawnCalls[0].command).toBe("bash");
   });
 });

package/src/__tests__/http-user-message-parity.test.ts

@@ -178,6 +178,7 @@ function makeConversation(overrides: Record<string, unknown> = {}) {
     setTrustContext: () => {},
     updateClient: () => {},
     setHostBashProxy: () => {},
+    setHostBrowserProxy: () => {},
     setHostFileProxy: () => {},
     setHostCuProxy: () => {},
     addPreactivatedSkillId: () => {},

package/src/__tests__/integration-status.test.ts

@@ -21,17 +21,16 @@ mock.module("../config/loader.js", () => ({
 }));
 
 mock.module("../oauth/oauth-store.js", () => ({
-  isProviderConnected: (providerKey: string) =>
-    connectedProviders.has(providerKey),
-  getConnectionByProvider: (providerKey: string) =>
-    connectedProviders.has(providerKey)
-      ? { id: `conn-${providerKey}`, status: "active" }
+  isProviderConnected: (provider: string) => connectedProviders.has(provider),
+  getConnectionByProvider: (provider: string) =>
+    connectedProviders.has(provider)
+      ? { id: `conn-${provider}`, status: "active" }
       : undefined,
 }));
 
 /** Mark a provider as fully connected (active row + access token). */
-function setOAuthConnected(providerKey: string): void {
-  connectedProviders.add(providerKey);
+function setOAuthConnected(provider: string): void {
+  connectedProviders.add(provider);
 }
 
 const { getIntegrationSummary, formatIntegrationSummary, hasCapability } =

package/src/__tests__/list-messages-tool-merge.test.ts

@@ -84,7 +84,11 @@ describe("handleListMessages tool_result merging", () => {
       conv.id,
       "user",
       JSON.stringify([
-        { type: "tool_result", tool_use_id: "tu1", content: "file1.txt\nfile2.txt" },
+        {
+          type: "tool_result",
+          tool_use_id: "tu1",
+          content: "file1.txt\nfile2.txt",
+        },
       ]),
     );
 
@@ -117,7 +121,12 @@ describe("handleListMessages tool_result merging", () => {
       JSON.stringify([
         { type: "tool_use", id: "tu1", name: "bash", input: { command: "ls" } },
         { type: "text", text: "and also" },
-        { type: "tool_use", id: "tu2", name: "file_read", input: { path: "/tmp/a" } },
+        {
+          type: "tool_use",
+          id: "tu2",
+          name: "file_read",
+          input: { path: "/tmp/a" },
+        },
       ]),
     );
     await addMessage(
@@ -176,7 +185,11 @@ describe("handleListMessages tool_result merging", () => {
       conv.id,
       "user",
       JSON.stringify([
-        { type: "tool_result", tool_use_id: "tu_orphan", content: "stale result" },
+        {
+          type: "tool_result",
+          tool_use_id: "tu_orphan",
+          content: "stale result",
+        },
       ]),
     );
     await addMessage(
@@ -228,7 +241,12 @@ describe("handleListMessages tool_result merging", () => {
       "assistant",
       JSON.stringify([
         { type: "text", text: "Now reading:" },
-        { type: "tool_use", id: "tu2", name: "file_read", input: { path: "/x" } },
+        {
+          type: "tool_use",
+          id: "tu2",
+          name: "file_read",
+          input: { path: "/x" },
+        },
       ]),
     );
     await addMessage(
@@ -248,17 +266,19 @@ describe("handleListMessages tool_result merging", () => {
     const response = handleListMessages(createTestUrl(conv.id), null);
     const body = (await response.json()) as { messages: MessagePayload[] };
 
-    // user("list files"), assistant(bash), assistant(file_read), user("thanks")
-    expect(body.messages).toHaveLength(4);
+    // Consecutive assistant messages are merged at query time so the client
+    // sees one grouped message (matching the streaming path behavior).
+    // user("list files"), merged-assistant(bash + file_read), user("thanks")
+    expect(body.messages).toHaveLength(3);
     expect(body.messages[0].role).toBe("user");
     expect(body.messages[1].role).toBe("assistant");
+    expect(body.messages[1].toolCalls).toHaveLength(2);
     expect(body.messages[1].toolCalls![0].name).toBe("bash");
     expect(body.messages[1].toolCalls![0].result).toBe("files");
-    expect(body.messages[2].role).toBe("assistant");
-    expect(body.messages[2].toolCalls![0].name).toBe("file_read");
-    expect(body.messages[2].toolCalls![0].result).toBe("file data");
-    expect(body.messages[3].role).toBe("user");
-    expect(body.messages[3].content).toBe("thanks");
+    expect(body.messages[1].toolCalls![1].name).toBe("file_read");
+    expect(body.messages[1].toolCalls![1].result).toBe("file data");
+    expect(body.messages[2].role).toBe("user");
+    expect(body.messages[2].content).toBe("thanks");
   });
 
   test("tool_result with is_error propagates error status", async () => {
@@ -272,7 +292,12 @@ describe("handleListMessages tool_result merging", () => {
       conv.id,
       "assistant",
       JSON.stringify([
-        { type: "tool_use", id: "tu1", name: "bash", input: { command: "fail" } },
+        {
+          type: "tool_use",
+          id: "tu1",
+          name: "bash",
+          input: { command: "fail" },
+        },
       ]),
     );
     await addMessage(

package/src/__tests__/mcp-client-auth.test.ts

@@ -13,6 +13,7 @@ mock.module("../inbound/platform-callback-registration.js", () => ({
 }));
 
 const { McpClient } = await import("../mcp/client.js");
+const { McpOAuthProvider } = await import("../mcp/mcp-oauth-provider.js");
 
 /**
  * Mimics the SDK's StreamableHTTPError which has a `.code` property
@@ -67,7 +68,7 @@ describe("McpClient auth error detection", () => {
     expect(client.isConnected).toBe(false);
   });
 
-  test("rethrows non-auth StreamableHTTPError for HTTP transports", async () => {
+  test("swallows non-auth StreamableHTTPError (connect never throws)", async () => {
     const client = new McpClient("test-server");
 
     (client as any).createTransport = () => ({});
@@ -78,9 +79,9 @@ describe("McpClient auth error detection", () => {
       close: async () => {},
     };
 
-    await expect(client.connect(httpTransport)).rejects.toThrow(
-      "Internal Server Error",
-    );
+    // Non-auth errors are logged but never propagated — daemon keeps running
+    await client.connect(httpTransport);
+    expect(client.isConnected).toBe(false);
   });
 
   test("treats error message containing 'unauthorized' as auth error", async () => {
@@ -97,4 +98,39 @@ describe("McpClient auth error detection", () => {
     await client.connect(httpTransport);
     expect(client.isConnected).toBe(false);
   });
+
+  test("treats SDK fetchToken 'authorizationCode is required' error as auth error", async () => {
+    const client = new McpClient("test-server");
+
+    (client as any).createTransport = () => ({});
+    (client as any).client = {
+      connect: () => {
+        throw new Error(
+          "Either provider.prepareTokenRequest() or authorizationCode is required",
+        );
+      },
+      close: async () => {},
+    };
+
+    await client.connect(httpTransport);
+    expect(client.isConnected).toBe(false);
+  });
+});
+
+describe("McpOAuthProvider redirectUrl", () => {
+  test("redirectUrl is undefined until startCallbackServer() is called", () => {
+    const nonInteractive = new McpOAuthProvider(
+      "test-server",
+      "https://example.com/mcp",
+      /* interactive */ false,
+    );
+    expect(nonInteractive.redirectUrl).toBeUndefined();
+
+    const interactive = new McpOAuthProvider(
+      "test-server",
+      "https://example.com/mcp",
+      /* interactive */ true,
+    );
+    expect(interactive.redirectUrl).toBeUndefined();
+  });
 });