@vellumai/assistant 0.6.2 → 0.6.3

package/src/__tests__/task-scheduler.test.ts

@@ -128,9 +128,17 @@ describe("scheduler run_task detection", () => {
     forceScheduleDue(schedule.id);
 
     // Track all processMessage calls
-    const directCalls: { conversationId: string; message: string }[] = [];
-    const processMessage = async (conversationId: string, message: string) => {
-      directCalls.push({ conversationId, message });
+    const directCalls: Array<{
+      conversationId: string;
+      message: string;
+      options?: { trustClass?: string; taskRunId?: string };
+    }> = [];
+    const processMessage = async (
+      conversationId: string,
+      message: string,
+      options?: { trustClass?: string; taskRunId?: string },
+    ) => {
+      directCalls.push({ conversationId, message, options });
     };
 
     const scheduler = startScheduler(
@@ -154,6 +162,8 @@ describe("scheduler run_task detection", () => {
     expect(runTaskCalls.length).toBe(1);
     // The scheduler should NOT pass the raw run_task: message to processMessage
     expect(rawCalls.length).toBe(0);
+    expect(runTaskCalls[0].options?.trustClass).toBe("guardian");
+    expect(typeof runTaskCalls[0].options?.taskRunId).toBe("string");
   });
 
   test("regular messages still go through processMessage normally", async () => {
@@ -167,9 +177,17 @@ describe("scheduler run_task detection", () => {
 
     forceScheduleDue(schedule.id);
 
-    const processedMessages: { conversationId: string; message: string }[] = [];
-    const processMessage = async (conversationId: string, message: string) => {
-      processedMessages.push({ conversationId, message });
+    const processedMessages: Array<{
+      conversationId: string;
+      message: string;
+      options?: { trustClass?: string; taskRunId?: string };
+    }> = [];
+    const processMessage = async (
+      conversationId: string,
+      message: string,
+      options?: { trustClass?: string; taskRunId?: string },
+    ) => {
+      processedMessages.push({ conversationId, message, options });
     };
 
     const scheduler = startScheduler(
@@ -185,6 +203,14 @@ describe("scheduler run_task detection", () => {
     expect(
       processedMessages.some((m) => m.message === "Do something normal"),
     ).toBe(true);
+    expect(
+      processedMessages.some(
+        (m) =>
+          m.message === "Do something normal" &&
+          m.options?.trustClass === "guardian" &&
+          m.options?.taskRunId === undefined,
+      ),
+    ).toBe(true);
   });
 
   test("handles task not found gracefully", async () => {

package/src/__tests__/telegram-config.test.ts

@@ -7,7 +7,7 @@ let oauthConnectionStore: Record<
   string,
   { id: string; status: string; accountInfo?: string | null }
 > = {};
-const syncCalls: Array<{ providerKey: string; accountInfo?: string }> = [];
+const syncCalls: Array<{ provider: string; accountInfo?: string }> = [];
 
 mock.module("../config/loader.js", () => ({
   getConfig: () => ({ telegram: {}, ui: {} }),
@@ -49,32 +49,29 @@ mock.module("../security/secure-keys.js", () => ({
 }));
 
 mock.module("../oauth/oauth-store.js", () => ({
-  getConnectionByProvider: (providerKey: string) =>
-    oauthConnectionStore[providerKey] ?? undefined,
+  getConnectionByProvider: (provider: string) =>
+    oauthConnectionStore[provider] ?? undefined,
 }));
 
 mock.module("../oauth/manual-token-connection.js", () => ({
   ensureManualTokenConnection: async () => {},
   removeManualTokenConnection: () => {},
-  syncManualTokenConnection: async (
-    providerKey: string,
-    accountInfo?: string,
-  ) => {
-    syncCalls.push({ providerKey, accountInfo });
-    if (providerKey !== "telegram") return;
+  syncManualTokenConnection: async (provider: string, accountInfo?: string) => {
+    syncCalls.push({ provider, accountInfo });
+    if (provider !== "telegram") return;
     const hasBotToken =
       !!secureKeyStore[credentialKey("telegram", "bot_token")];
     const hasWebhookSecret =
       !!secureKeyStore[credentialKey("telegram", "webhook_secret")];
     if (hasBotToken && hasWebhookSecret) {
-      oauthConnectionStore[providerKey] = {
-        id: `conn-${providerKey}`,
+      oauthConnectionStore[provider] = {
+        id: `conn-${provider}`,
         status: "active",
         accountInfo: accountInfo ?? null,
       };
       return;
     }
-    delete oauthConnectionStore[providerKey];
+    delete oauthConnectionStore[provider];
   },
 }));
 
@@ -114,7 +111,7 @@ describe("Telegram config handler", () => {
     expect(result.botUsername).toBe("testbot");
     expect(result.connected).toBe(true);
     expect(syncCalls).toEqual([
-      { providerKey: "telegram", accountInfo: "@testbot" },
+      { provider: "telegram", accountInfo: "@testbot" },
     ]);
     expect(oauthConnectionStore["telegram"]?.accountInfo).toBe("@testbot");
   });

package/src/__tests__/terminal-tools.test.ts

@@ -445,6 +445,15 @@ describe("buildSanitizedEnv", () => {
     expect(env.LC_CTYPE).toBe("UTF-8");
   });
 
+  test("defaults LANG and LC_ALL to UTF-8 when unset", () => {
+    delete process.env.LANG;
+    delete process.env.LC_ALL;
+
+    const env = buildSanitizedEnv();
+    expect(env.LANG).toBe("C.UTF-8");
+    expect(env.LC_ALL).toBe("C.UTF-8");
+  });
+
   test("injects INTERNAL_GATEWAY_BASE_URL from gateway config", () => {
     process.env.GATEWAY_PORT = "9000";
     const env = buildSanitizedEnv();

package/src/__tests__/tool-approval-handler.test.ts

@@ -43,6 +43,11 @@ import {
   mintGrantFromDecision,
   type MintGrantParams,
 } from "../approvals/approval-primitive.js";
+import { _setOverridesForTesting } from "../config/assistant-feature-flags.js";
+import {
+  createConversation,
+  updateConversationHostAccess,
+} from "../memory/conversation-crud.js";
 import { getDb, initializeDb } from "../memory/db.js";
 import { scopedApprovalGrants } from "../memory/schema.js";
 import { computeToolApprovalDigest } from "../security/tool-approval-digest.js";
@@ -54,6 +59,8 @@ initializeDb();
 function clearTables(): void {
   const db = getDb();
   db.delete(scopedApprovalGrants).run();
+  db.run("DELETE FROM messages");
+  db.run("DELETE FROM conversations");
 }
 
 // ---------------------------------------------------------------------------
@@ -96,6 +103,7 @@ describe("ToolApprovalHandler / pre-exec gate grant check", () => {
   beforeEach(() => {
     clearTables();
     events.length = 0;
+    _setOverridesForTesting({});
   });
 
   test("untrusted actor + matching tool_signature grant -> allow", async () => {
@@ -508,4 +516,69 @@ describe("ToolApprovalHandler / pre-exec gate grant check", () => {
       expect(lastError.isExpected).toBe(true);
     }
   });
+
+  test("v2 trusted contact bypasses tool grants for sandboxed side-effect tools", async () => {
+    _setOverridesForTesting({ "permission-controls-v2": true });
+
+    const result = await handler.checkPreExecutionGates(
+      "bash",
+      { command: "echo hello" },
+      makeContext({ trustClass: "trusted_contact" }),
+      "sandbox",
+      "high",
+      Date.now(),
+      emitLifecycleEvent,
+    );
+
+    expect(result.allowed).toBe(true);
+    expect(events.filter((e) => e.type === "permission_denied")).toHaveLength(
+      0,
+    );
+  });
+
+  test("v2 trusted contact host tools are denied until computer access is enabled for the conversation", async () => {
+    _setOverridesForTesting({ "permission-controls-v2": true });
+
+    const conv = createConversation("trusted contact host gate");
+    const result = await handler.checkPreExecutionGates(
+      "bash",
+      { command: "ls -la" },
+      makeContext({
+        trustClass: "trusted_contact",
+        conversationId: conv.id,
+      }),
+      "host",
+      "high",
+      Date.now(),
+      emitLifecycleEvent,
+    );
+
+    expect(result.allowed).toBe(false);
+    if (result.allowed) return;
+    expect(result.result.content).toContain(
+      "computer access is not enabled for this conversation",
+    );
+  });
+
+  test("v2 trusted contact host tools run once computer access is enabled for the conversation", async () => {
+    _setOverridesForTesting({ "permission-controls-v2": true });
+
+    const conv = createConversation("trusted contact host access enabled");
+    updateConversationHostAccess(conv.id, true);
+
+    const result = await handler.checkPreExecutionGates(
+      "bash",
+      { command: "ls -la" },
+      makeContext({
+        trustClass: "trusted_contact",
+        conversationId: conv.id,
+      }),
+      "host",
+      "high",
+      Date.now(),
+      emitLifecycleEvent,
+    );
+
+    expect(result.allowed).toBe(true);
+  });
 });

package/src/__tests__/tool-side-effects-slack-dm.test.ts

@@ -30,8 +30,30 @@ mock.module("../media/app-icon-generator.js", () => ({
 mock.module("../memory/app-store.js", () => ({
   getApp: mock(() => null),
   getAppDirPath: mock(() => ""),
+  getAppsDir: mock(() => ""),
   isMultifileApp: mock(() => false),
   resolveAppIdFromPath: mock(() => null),
+  resolveAppIdByDirName: mock(() => null),
+  resolveAppDir: mock(() => ({ dirName: "", dirPath: "" })),
+  slugify: mock((s: string) => s),
+  validateDirName: mock(() => {}),
+  generateAppDirName: mock(() => ""),
+  listApps: mock(() => []),
+  createApp: mock(() => ({})),
+  updateApp: mock(() => {}),
+  deleteApp: mock(() => {}),
+  getAppPreview: mock(() => null),
+  createAppRecord: mock(() => ({})),
+  getAppRecord: mock(() => null),
+  queryAppRecords: mock(() => []),
+  updateAppRecord: mock(() => {}),
+  deleteAppRecord: mock(() => {}),
+  listAppFiles: mock(() => []),
+  appFileExists: mock(() => false),
+  readAppFile: mock(() => ""),
+  writeAppFile: mock(() => {}),
+  editAppFile: mock(() => ({})),
+  inlineDistAssets: mock((_, html: string) => html),
 }));
 mock.module("../services/published-app-updater.js", () => ({
   updatePublishedAppDeployment: mock(() => Promise.resolve()),

package/src/__tests__/top-level-renderer.test.ts

@@ -1,10 +1,11 @@
+import { homedir, userInfo } from "node:os";
 import { describe, expect, test } from "bun:test";
 
 import { renderWorkspaceTopLevelContext } from "../workspace/top-level-renderer.js";
 import type { TopLevelSnapshot } from "../workspace/top-level-scanner.js";
 
 describe("renderWorkspaceTopLevelContext", () => {
-  test("renders basic snapshot with directories and files", () => {
+  test("renders basic snapshot with directories, files, and host env", () => {
     const snapshot: TopLevelSnapshot = {
       rootPath: "/sandbox",
       directories: ["lib", "src", "tests"],
@@ -19,6 +20,8 @@ describe("renderWorkspaceTopLevelContext", () => {
         "Root: /sandbox",
         "Directories: lib, src, tests",
         "Files: README.md, package.json",
+        `Host home directory: ${homedir()}`,
+        `Host username: ${userInfo().username}`,
         "</workspace>",
       ].join("\n"),
     );
@@ -65,6 +68,8 @@ describe("renderWorkspaceTopLevelContext", () => {
         "Root: /empty",
         "Directories: ",
         "Files: ",
+        `Host home directory: ${homedir()}`,
+        `Host username: ${userInfo().username}`,
         "</workspace>",
       ].join("\n"),
     );
@@ -142,4 +147,71 @@ describe("renderWorkspaceTopLevelContext", () => {
     );
     expect(result).not.toContain("Current conversation folder");
   });
+
+  test("prefers client-reported host env over daemon os.homedir()", () => {
+    const snapshot: TopLevelSnapshot = {
+      rootPath: "/sandbox",
+      directories: ["src"],
+      files: ["package.json"],
+      truncated: false,
+    };
+
+    const result = renderWorkspaceTopLevelContext(snapshot, {
+      hostHomeDir: "/Users/alice",
+      hostUsername: "alice",
+    });
+
+    expect(result).toContain("Host home directory: /Users/alice");
+    expect(result).toContain("Host username: alice");
+    // Fallback values must NOT appear when client values are provided.
+    expect(result).not.toContain(`Host home directory: ${homedir()}`);
+    expect(result).not.toContain(`Host username: ${userInfo().username}`);
+  });
+
+  test("falls back to daemon os info when host env options omitted", () => {
+    const snapshot: TopLevelSnapshot = {
+      rootPath: "/sandbox",
+      directories: ["src"],
+      files: ["package.json"],
+      truncated: false,
+    };
+
+    const result = renderWorkspaceTopLevelContext(snapshot, {});
+
+    expect(result).toContain(`Host home directory: ${homedir()}`);
+    expect(result).toContain(`Host username: ${userInfo().username}`);
+  });
+
+  test("falls back to daemon os info when host env options are undefined", () => {
+    const snapshot: TopLevelSnapshot = {
+      rootPath: "/sandbox",
+      directories: ["src"],
+      files: ["package.json"],
+      truncated: false,
+    };
+
+    const result = renderWorkspaceTopLevelContext(snapshot, {
+      hostHomeDir: undefined,
+      hostUsername: undefined,
+    });
+
+    expect(result).toContain(`Host home directory: ${homedir()}`);
+    expect(result).toContain(`Host username: ${userInfo().username}`);
+  });
+
+  test("uses client home dir but falls back to os username when only home is provided", () => {
+    const snapshot: TopLevelSnapshot = {
+      rootPath: "/sandbox",
+      directories: ["src"],
+      files: ["package.json"],
+      truncated: false,
+    };
+
+    const result = renderWorkspaceTopLevelContext(snapshot, {
+      hostHomeDir: "/Users/alice",
+    });
+
+    expect(result).toContain("Host home directory: /Users/alice");
+    expect(result).toContain(`Host username: ${userInfo().username}`);
+  });
 });

package/src/__tests__/transport-hints-queue.test.ts

@@ -1,8 +1,8 @@
 import { describe, expect, test } from "bun:test";
 
 import type {
-  MacosTransportMetadata,
-  NonMacosTransportMetadata,
+  HostProxyTransportMetadata,
+  NonHostProxyTransportMetadata,
 } from "../daemon/message-types/conversations.js";
 import { buildTransportHints } from "../daemon/transport-hints.js";
 
@@ -11,8 +11,8 @@ import { buildTransportHints } from "../daemon/transport-hints.js";
 // ---------------------------------------------------------------------------
 
 describe("buildTransportHints", () => {
-  test("produces correct hints for macOS transport", () => {
-    const transport: MacosTransportMetadata = {
+  test("returns empty array for host-proxy transport without client hints", () => {
+    const transport: HostProxyTransportMetadata = {
       channelId: "vellum",
       interfaceId: "macos",
       hostHomeDir: "/Users/alice",
@@ -21,29 +21,22 @@ describe("buildTransportHints", () => {
 
     const hints = buildTransportHints(transport);
 
-    expect(hints).toContain("User is messaging from interface: macos");
-    expect(hints).toContain("Host home directory: /Users/alice");
-    expect(hints).toContain("Host username: alice");
-    expect(hints).toHaveLength(3);
+    expect(hints).toHaveLength(0);
   });
 
-  test("produces correct hints for non-macOS transport", () => {
-    const transport: NonMacosTransportMetadata = {
+  test("returns empty array for non-host-proxy transport without client hints", () => {
+    const transport: NonHostProxyTransportMetadata = {
       channelId: "vellum",
       interfaceId: "ios",
     };
 
     const hints = buildTransportHints(transport);
 
-    expect(hints).toContain("User is messaging from interface: ios");
-    expect(hints).toHaveLength(1);
-    // Should not include host environment hints
-    expect(hints.some((h) => h.includes("Host home directory"))).toBe(false);
-    expect(hints.some((h) => h.includes("Host username"))).toBe(false);
+    expect(hints).toHaveLength(0);
   });
 
-  test("includes client-provided hints", () => {
-    const transport: MacosTransportMetadata = {
+  test("forwards client-provided hints", () => {
+    const transport: HostProxyTransportMetadata = {
       channelId: "vellum",
       interfaceId: "macos",
       hostHomeDir: "/Users/bob",
@@ -53,25 +46,17 @@ describe("buildTransportHints", () => {
 
     const hints = buildTransportHints(transport);
 
-    expect(hints).toContain("User is messaging from interface: macos");
-    expect(hints).toContain("Host home directory: /Users/bob");
-    expect(hints).toContain("Host username: bob");
-    expect(hints).toContain("custom hint");
-    expect(hints).toHaveLength(4);
+    expect(hints).toEqual(["custom hint"]);
   });
 
-  test("handles missing optional fields on macOS transport", () => {
-    const transport: MacosTransportMetadata = {
+  test("returns empty array when no hints field present", () => {
+    const transport: HostProxyTransportMetadata = {
       channelId: "vellum",
       interfaceId: "macos",
     };
 
     const hints = buildTransportHints(transport);
 
-    expect(hints).toContain("User is messaging from interface: macos");
-    // Without hostHomeDir and hostUsername, only the interface hint is present
-    expect(hints).toHaveLength(1);
-    expect(hints.some((h) => h.includes("Host home directory"))).toBe(false);
-    expect(hints.some((h) => h.includes("Host username"))).toBe(false);
+    expect(hints).toHaveLength(0);
   });
 });

package/src/__tests__/trusted-contact-inline-approval-integration.test.ts

@@ -162,6 +162,7 @@ mock.module("../config/env.js", () => ({
 import { applyCanonicalGuardianDecision } from "../approvals/guardian-decision-primitive.js";
 import type { ActorContext } from "../approvals/guardian-request-resolvers.js";
 import { getResolver } from "../approvals/guardian-request-resolvers.js";
+import { _setOverridesForTesting } from "../config/assistant-feature-flags.js";
 import type { TrustContext } from "../daemon/conversation-runtime-assembly.js";
 import {
   createCanonicalGuardianRequest,
@@ -169,6 +170,10 @@ import {
   listCanonicalGuardianRequests,
   updateCanonicalGuardianRequest,
 } from "../memory/canonical-guardian-store.js";
+import {
+  createConversation,
+  updateConversationHostAccess,
+} from "../memory/conversation-crud.js";
 import { getDb, initializeDb } from "../memory/db.js";
 import { scopedApprovalGrants } from "../memory/schema.js";
 import { bridgeConfirmationRequestToGuardian } from "../runtime/confirmation-request-guardian-bridge.js";
@@ -184,6 +189,8 @@ initializeDb();
 function resetTables(): void {
   const db = getDb();
   db.delete(scopedApprovalGrants).run();
+  db.run("DELETE FROM messages");
+  db.run("DELETE FROM conversations");
   db.run("DELETE FROM canonical_guardian_deliveries");
   db.run("DELETE FROM canonical_guardian_requests");
 }
@@ -246,6 +253,7 @@ describe("(a) target flow: trusted-contact inline guardian approval end-to-end",
     events.length = 0;
     emittedSignals.length = 0;
     deliveredReplies.length = 0;
+    _setOverridesForTesting({});
     mockGuardianBinding = {
       id: "binding-1",
       assistantId: "self",
@@ -1160,3 +1168,104 @@ describe("cross-milestone integration checks", () => {
     expect(freshReq?.followupState).toBeNull();
   });
 });
+
+describe("(g) v2 trusted-contact flow: model-mediated guardian consent", () => {
+  const handler = new ToolApprovalHandler({
+    inlineGrantWait: { maxWaitMs: 100, intervalMs: 20 },
+  });
+
+  beforeEach(() => {
+    resetTables();
+    events.length = 0;
+    emittedSignals.length = 0;
+    deliveredReplies.length = 0;
+    _setOverridesForTesting({ "permission-controls-v2": true });
+    mockGuardianBinding = {
+      id: "binding-1",
+      assistantId: "self",
+      channel: "telegram",
+      guardianExternalUserId: "guardian-1",
+      guardianDeliveryChatId: "guardian-chat-1",
+      guardianPrincipalId: "test-principal-id",
+      status: "active",
+    };
+  });
+
+  test("trusted-contact host tools do not create tool_grant_request rows under v2", async () => {
+    const conv = createConversation("trusted contact v2 host gate");
+    const result = await handler.checkPreExecutionGates(
+      "bash",
+      { command: "ls" },
+      makeToolContext({
+        trustClass: "trusted_contact",
+        conversationId: conv.id,
+      }),
+      "host",
+      "high",
+      Date.now(),
+      emitLifecycleEvent,
+    );
+
+    expect(result.allowed).toBe(false);
+    if (result.allowed) return;
+    expect(result.result.content).toContain(
+      "computer access is not enabled for this conversation",
+    );
+
+    const requests = listCanonicalGuardianRequests({
+      kind: "tool_grant_request",
+      status: "pending",
+    });
+    expect(requests).toHaveLength(0);
+    expect(emittedSignals).toHaveLength(0);
+  });
+
+  test("trusted-contact host tools run inline once the guardian has already enabled computer access for the conversation", async () => {
+    const conv = createConversation("trusted contact v2 host access enabled");
+    updateConversationHostAccess(conv.id, true);
+
+    const result = await handler.checkPreExecutionGates(
+      "bash",
+      { command: "ls" },
+      makeToolContext({
+        trustClass: "trusted_contact",
+        conversationId: conv.id,
+      }),
+      "host",
+      "high",
+      Date.now(),
+      emitLifecycleEvent,
+    );
+
+    expect(result.allowed).toBe(true);
+  });
+
+  test("confirmation_request guardian bridge is disabled for trusted contacts under v2", () => {
+    const canonicalRequest = createCanonicalGuardianRequest({
+      id: `req-v2-skip-${Date.now()}`,
+      kind: "tool_approval",
+      sourceType: "channel",
+      sourceChannel: "telegram",
+      conversationId: "conv-v2-skip",
+      requesterExternalUserId: "requester-1",
+      guardianExternalUserId: "guardian-1",
+      guardianPrincipalId: "test-principal-id",
+      toolName: "bash",
+      status: "pending",
+      expiresAt: Date.now() + 5 * 60_000,
+    });
+
+    const result = bridgeConfirmationRequestToGuardian({
+      canonicalRequest,
+      trustContext: makeTrustedContactTrustContext(),
+      conversationId: "conv-v2-skip",
+      toolName: "bash",
+    });
+
+    expect("skipped" in result && result.skipped).toBe(true);
+    if ("skipped" in result) {
+      expect(result.reason).toBe("v2_model_mediated");
+    }
+    expect(emittedSignals).toHaveLength(0);
+  });
+});