@vellumai/assistant 0.6.2 → 0.6.3

package/src/runtime/routes/log-export-routes.ts

@@ -49,6 +49,7 @@ const MAX_LOG_PAYLOAD_BYTES = 10 * 1024 * 1024;
 interface ExportRequestBody {
   auditLimit?: number;
   conversationId?: string; // scope to a single conversation
+  full?: boolean; // include all conversation data (messages + LLM logs) — use for test data debugging
   startTime?: number; // epoch ms — lower bound (inclusive)
   endTime?: number; // epoch ms — upper bound (inclusive)
 }
@@ -67,7 +68,7 @@ async function handleExport(body: ExportRequestBody): Promise<Response> {
   const staging = mkdtempSync(join(tmpdir(), "vellum-export-"));
 
   try {
-    const { conversationId, startTime, endTime } = body;
+    const { conversationId, full, startTime, endTime } = body;
 
     // --- Audit data ---
     const limit = body.auditLimit ?? 1000;
@@ -98,14 +99,19 @@ async function handleExport(body: ExportRequestBody): Promise<Response> {
       "utf-8",
     );
 
-    // --- Conversation-scoped data tables ---
-    if (conversationId) {
+    // --- Conversation data tables ---
+    // Included when scoped to a single conversation OR when all conversations are requested.
+    if (conversationId || full) {
+      const conversationFilter = conversationId
+        ? [eq(messages.conversationId, conversationId)]
+        : [];
+
       const messageRows = db
         .select()
         .from(messages)
         .where(
           and(
-            eq(messages.conversationId, conversationId),
+            ...conversationFilter,
             startTime ? gte(messages.createdAt, startTime) : undefined,
             endTime ? lte(messages.createdAt, endTime) : undefined,
           ),
@@ -118,12 +124,16 @@ async function handleExport(body: ExportRequestBody): Promise<Response> {
         "utf-8",
       );
 
+      const llmConversationFilter = conversationId
+        ? [eq(llmRequestLogs.conversationId, conversationId)]
+        : [];
+
       const llmLogRows = db
         .select()
         .from(llmRequestLogs)
         .where(
           and(
-            eq(llmRequestLogs.conversationId, conversationId),
+            ...llmConversationFilter,
             startTime ? gte(llmRequestLogs.createdAt, startTime) : undefined,
             endTime ? lte(llmRequestLogs.createdAt, endTime) : undefined,
           ),
@@ -136,12 +146,16 @@ async function handleExport(body: ExportRequestBody): Promise<Response> {
         "utf-8",
       );
 
+      const usageConversationFilter = conversationId
+        ? [eq(llmUsageEvents.conversationId, conversationId)]
+        : [];
+
       const usageRows = db
         .select()
         .from(llmUsageEvents)
         .where(
           and(
-            eq(llmUsageEvents.conversationId, conversationId),
+            ...usageConversationFilter,
             startTime ? gte(llmUsageEvents.createdAt, startTime) : undefined,
             endTime ? lte(llmUsageEvents.createdAt, endTime) : undefined,
           ),
@@ -265,22 +279,21 @@ async function handleExport(body: ExportRequestBody): Promise<Response> {
     }
 
     // --- Export manifest ---
-    const manifest = conversationId
-      ? {
-          type: "conversation-export" as const,
-          conversationId,
-          assistantVersion: APP_VERSION,
-          commitSha: COMMIT_SHA,
-          ...(startTime !== undefined ? { startTime } : {}),
-          ...(endTime !== undefined ? { endTime } : {}),
-          exportedAt: new Date().toISOString(),
-        }
-      : {
-          type: "global-export" as const,
-          assistantVersion: APP_VERSION,
-          commitSha: COMMIT_SHA,
-          exportedAt: new Date().toISOString(),
-        };
+    const manifestType = conversationId
+      ? ("conversation-export" as const)
+      : full
+        ? ("full-export" as const)
+        : ("global-export" as const);
+    const manifest = {
+      type: manifestType,
+      ...(conversationId ? { conversationId } : {}),
+      ...(full ? { full: true } : {}),
+      assistantVersion: APP_VERSION,
+      commitSha: COMMIT_SHA,
+      ...(startTime !== undefined ? { startTime } : {}),
+      ...(endTime !== undefined ? { endTime } : {}),
+      exportedAt: new Date().toISOString(),
+    };
     writeFileSync(
       join(staging, "export-manifest.json"),
       JSON.stringify(manifest, null, 2),
@@ -294,6 +307,7 @@ async function handleExport(body: ExportRequestBody): Promise<Response> {
         totalBytes,
         hasConfig: configSnapshot !== undefined,
         conversationId: conversationId ?? null,
+        full: full ?? false,
         workspaceEntries: workspaceResult.entries.length,
         workspaceBytes: workspaceResult.totalBytes,
       },
@@ -441,6 +455,12 @@ export function logExportRouteDefinitions(): RouteDefinition[] {
       .string()
       .optional()
       .describe("Scope to a single conversation"),
+    full: z
+      .boolean()
+      .optional()
+      .describe(
+        "Full export — include messages, LLM request logs, and usage events for all conversations. Use for test data debugging.",
+      ),
     startTime: z.number().optional().describe("Lower bound epoch ms"),
     endTime: z.number().optional().describe("Upper bound epoch ms"),
   });

package/src/runtime/routes/memory-item-routes.ts

@@ -712,15 +712,9 @@ export async function handleDeleteMemoryItem(
     return httpError("NOT_FOUND", "Memory item not found", 404);
   }
 
-  // Hard-delete the node (cascades to edges and triggers via FK)
+  // Soft-delete the node (deleteNode sets fidelity='gone' and enqueues Qdrant cleanup)
   deleteNode(id);
 
-  // Clean up Qdrant vectors asynchronously
-  enqueueMemoryJob("delete_qdrant_vectors", {
-    targetType: "graph_node",
-    targetId: id,
-  });
-
   return new Response(null, { status: 204 });
 }
 

package/src/runtime/routes/migration-routes.ts

@@ -21,6 +21,11 @@ import { invalidateConfigCache } from "../../config/loader.js";
 import { getDb, resetDb } from "../../memory/db-connection.js";
 import { validateMigrationState } from "../../memory/migrations/validate-migration-state.js";
 import { clearCache as clearTrustCache } from "../../permissions/trust-store.js";
+import {
+  bulkSetSecureKeysAsync,
+  getSecureKeyResultAsync,
+  listSecureKeysAsync,
+} from "../../security/secure-keys.js";
 import { getLogger } from "../../util/logger.js";
 import {
   getDbPath,
@@ -34,7 +39,10 @@ import {
   analyzeImport,
   DefaultPathResolver,
 } from "../migrations/vbundle-import-analyzer.js";
-import { commitImport } from "../migrations/vbundle-importer.js";
+import {
+  commitImport,
+  extractCredentialsFromBundle,
+} from "../migrations/vbundle-importer.js";
 import { validateVBundle } from "../migrations/vbundle-validator.js";
 
 const log = getLogger("migration-routes");
@@ -146,6 +154,27 @@ export async function handleMigrationExport(req: Request): Promise<Response> {
   let cleanup: (() => Promise<void>) | undefined;
 
   try {
+    // Read all stored credentials to include in the export bundle
+    const credentialList = await listSecureKeysAsync();
+    const credentials: Array<{ account: string; value: string }> = [];
+    if (credentialList.unreachable) {
+      log.warn(
+        "Credential store is unreachable — export will not include credentials",
+      );
+    } else {
+      for (const account of credentialList.accounts) {
+        const result = await getSecureKeyResultAsync(account);
+        if (result.unreachable) {
+          log.warn(
+            { account },
+            "Credential store unreachable when reading credential — skipping",
+          );
+        } else if (result.value != null) {
+          credentials.push({ account, value: result.value });
+        }
+      }
+    }
+
     const result = await streamExportVBundle({
       // hooksDir is intentionally omitted — hooks now live under workspace/hooks/
       // and are included in the workspace walk. Passing hooksDir separately would
@@ -153,6 +182,7 @@ export async function handleMigrationExport(req: Request): Promise<Response> {
       workspaceDir: getWorkspaceDir(),
       source: "runtime-export",
       description,
+      credentials,
       checkpoint: () => {
         const dbPath = getDbPath();
         try {
@@ -196,6 +226,7 @@ export async function handleMigrationExport(req: Request): Promise<Response> {
         "Content-Length": String(size),
         "X-Vbundle-Schema-Version": manifest.schema_version,
         "X-Vbundle-Manifest-Sha256": manifest.manifest_sha256,
+        "X-Vbundle-Credentials-Included": String(credentials.length),
       },
     });
   } catch (err) {
@@ -444,6 +475,57 @@ export async function handleMigrationImport(req: Request): Promise<Response> {
       );
     }
 
+    // Import credentials from the bundle into CES (non-blocking — failures
+    // are logged as warnings but do not fail the overall import).
+    let credentialsImported:
+      | {
+          total: number;
+          succeeded: number;
+          failed: number;
+          failedAccounts: string[];
+        }
+      | undefined;
+
+    if (validation.entries) {
+      const bundleCredentials = extractCredentialsFromBundle(
+        validation.entries,
+        validation.manifest!,
+      );
+      if (bundleCredentials.length > 0) {
+        try {
+          const credResults = await bulkSetSecureKeysAsync(bundleCredentials);
+          const failedResults = credResults.filter((r) => !r.ok);
+          if (failedResults.length > 0) {
+            log.warn(
+              { failed: failedResults.map((f) => f.account) },
+              "Some credentials failed to import",
+            );
+          }
+          log.info(
+            { total: bundleCredentials.length, failed: failedResults.length },
+            "Credential import complete",
+          );
+          const succeeded = bundleCredentials.length - failedResults.length;
+          credentialsImported = {
+            total: bundleCredentials.length,
+            succeeded,
+            failed: failedResults.length,
+            failedAccounts: failedResults.map((f) => f.account),
+          };
+          if (failedResults.length > 0) {
+            result.report.warnings.push(
+              `Imported ${succeeded} credential(s), ${failedResults.length} failed`,
+            );
+          }
+        } catch (err) {
+          log.warn({ err }, "Credential import failed entirely");
+          result.report.warnings.push(
+            `Credential import failed: ${err instanceof Error ? err.message : String(err)}`,
+          );
+        }
+      }
+    }
+
     // Invalidate in-process caches so imported settings.json and trust.json take effect
     invalidateConfigCache();
     clearTrustCache();
@@ -463,7 +545,10 @@ export async function handleMigrationImport(req: Request): Promise<Response> {
       // Don't fail the import if validation itself errors
     }
 
-    return Response.json(result.report);
+    return Response.json({
+      ...result.report,
+      ...(credentialsImported ? { credentialsImported } : {}),
+    });
   } catch (err) {
     log.error({ err }, "Unexpected error during import commit");
     return httpError(

package/src/runtime/routes/oauth-apps.ts

@@ -60,8 +60,8 @@ export function oauthAppsRouteDefinitions(): RouteDefinition[] {
       endpoint: "oauth/apps",
       method: "GET",
       handler: ({ url }) => {
-        const providerKey = url.searchParams.get("provider_key");
-        if (!providerKey) {
+        const provider = url.searchParams.get("provider_key");
+        if (!provider) {
           return httpError(
             "BAD_REQUEST",
             "provider_key query parameter is required",
@@ -70,20 +70,18 @@ export function oauthAppsRouteDefinitions(): RouteDefinition[] {
         }
 
         const allApps = listApps();
-        const filtered = allApps.filter(
-          (row) => row.providerKey === providerKey,
-        );
+        const filtered = allApps.filter((row) => row.provider === provider);
 
-        const providerRow = getProvider(providerKey);
-        const provider = providerRow
+        const providerRow = getProvider(provider);
+        const providerSummary = providerRow
           ? serializeProviderSummary(providerRow)
           : null;
 
         return Response.json({
-          provider,
+          provider: providerSummary,
           apps: filtered.map((row) => ({
             id: row.id,
-            provider_key: row.providerKey,
+            provider_key: row.provider,
             client_id: row.clientId,
             created_at: row.createdAt,
             updated_at: row.updatedAt,
@@ -138,7 +136,7 @@ export function oauthAppsRouteDefinitions(): RouteDefinition[] {
           {
             app: {
               id: app.id,
-              provider_key: app.providerKey,
+              provider_key: app.provider,
               client_id: app.clientId,
               created_at: app.createdAt,
               updated_at: app.updatedAt,
@@ -165,9 +163,9 @@ export function oauthAppsRouteDefinitions(): RouteDefinition[] {
         }
 
         // Disconnect all connections for this app first to clean up tokens.
-        const connections = listConnections(app.providerKey, app.clientId);
+        const connections = listConnections(app.provider, app.clientId);
         for (const conn of connections) {
-          await disconnectOAuthProvider(app.providerKey, app.clientId, conn.id);
+          await disconnectOAuthProvider(app.provider, app.clientId, conn.id);
         }
 
         await deleteApp(params.id);
@@ -190,12 +188,12 @@ export function oauthAppsRouteDefinitions(): RouteDefinition[] {
           );
         }
 
-        const connections = listConnections(app.providerKey, app.clientId);
+        const connections = listConnections(app.provider, app.clientId);
 
         return Response.json({
           connections: connections.map((row) => ({
             id: row.id,
-            provider_key: row.providerKey,
+            provider_key: row.provider,
             account_info: row.accountInfo,
             granted_scopes: parseGrantedScopes(row.grantedScopes),
             status: row.status,
@@ -223,7 +221,7 @@ export function oauthAppsRouteDefinitions(): RouteDefinition[] {
         }
 
         const result = await disconnectOAuthProvider(
-          conn.providerKey,
+          conn.provider,
           undefined,
           conn.id,
         );
@@ -282,7 +280,7 @@ export function oauthAppsRouteDefinitions(): RouteDefinition[] {
         const clientSecret = await getAppClientSecret(app);
 
         const result = await orchestrateOAuthConnect({
-          service: app.providerKey,
+          service: app.provider,
           clientId: app.clientId,
           clientSecret,
           requestedScopes: body.scopes,
@@ -292,7 +290,7 @@ export function oauthAppsRouteDefinitions(): RouteDefinition[] {
 
         if (result.success && result.deferred) {
           return Response.json({
-            auth_url: result.authUrl,
+            auth_url: result.authorizeUrl,
             state: result.state,
           });
         }

package/src/runtime/routes/oauth-providers.ts

@@ -44,6 +44,10 @@ export function oauthProvidersRouteDefinitions(): RouteDefinition[] {
     },
 
     // GET /v1/oauth/providers/:providerKey — Get a single provider.
+    // The path parameter name `providerKey` is preserved for backward
+    // compatibility with the published OpenAPI spec (operationId
+    // `oauth_providers_by_providerKey_get`). The actual URL the client hits
+    // (`/v1/oauth/providers/google`) is unchanged either way.
     {
       endpoint: "oauth/providers/:providerKey",
       method: "GET",

package/src/runtime/routes/schedule-routes.ts

@@ -25,6 +25,10 @@ import type { RouteDefinition } from "../http-router.js";
 import type { SendMessageDeps } from "../http-types.js";
 
 const log = getLogger("schedule-routes");
+const SCHEDULE_GUARDIAN_TRUST_CONTEXT = {
+  sourceChannel: "vellum",
+  trustClass: "guardian",
+} as const;
 
 // ---------------------------------------------------------------------------
 // Handlers
@@ -202,17 +206,23 @@ async function handleRunScheduleNow(
             );
           }
           const conversation =
-            await sendMessageDeps.getOrCreateConversation(conversationId);
+            await sendMessageDeps.getOrCreateConversation(conversationId, {
+              trustContext: SCHEDULE_GUARDIAN_TRUST_CONTEXT,
+            });
           conversation.taskRunId = taskRunId;
-          await conversation.processMessage(
-            message,
-            [],
-            () => {}, // no event callback for HTTP mode
-            undefined,
-            undefined,
-            undefined,
-            { isInteractive: false },
-          );
+          try {
+            await conversation.processMessage(
+              message,
+              [],
+              () => {}, // no event callback for HTTP mode
+              undefined,
+              undefined,
+              undefined,
+              { isInteractive: false },
+            );
+          } finally {
+            conversation.taskRunId = undefined;
+          }
         },
       );
 
@@ -276,7 +286,10 @@ async function handleRunScheduleNow(
       throw new Error("sendMessageDeps not available for schedule execution");
     }
     const activeConversation =
-      await sendMessageDeps.getOrCreateConversation(conversationId);
+      await sendMessageDeps.getOrCreateConversation(conversationId, {
+        trustContext: SCHEDULE_GUARDIAN_TRUST_CONTEXT,
+      });
+    activeConversation.taskRunId = undefined;
     await activeConversation.processMessage(
       schedule.message,
       [],

package/src/runtime/routes/settings-routes.ts

@@ -12,16 +12,11 @@ import { join } from "node:path";
 
 import { z } from "zod";
 
-import { isAssistantFeatureFlagEnabled } from "../../config/assistant-feature-flags.js";
 import {
   getPlatformBaseUrl,
   setIngressPublicBaseUrl,
 } from "../../config/env.js";
-import {
-  getConfig,
-  loadRawConfig,
-  saveRawConfig,
-} from "../../config/loader.js";
+import { loadRawConfig, saveRawConfig } from "../../config/loader.js";
 import { loadSkillCatalog } from "../../config/skills.js";
 import {
   computeGatewayTarget,
@@ -41,12 +36,6 @@ import {
   generateAllowlistOptions,
   generateScopeOptions,
 } from "../../permissions/checker.js";
-import {
-  getMode,
-  onModeChanged,
-  setAskBeforeActing,
-  setHostAccess,
-} from "../../permissions/permission-mode-store.js";
 import { getSecureKeyAsync } from "../../security/secure-keys.js";
 import { parseToolManifestFile } from "../../skills/tool-manifest.js";
 import {
@@ -72,24 +61,6 @@ import { resolveWorkspacePath } from "./workspace-utils.js";
 
 const log = getLogger("settings-routes");
 
-// ---------------------------------------------------------------------------
-// Permission mode SSE broadcast
-// ---------------------------------------------------------------------------
-
-onModeChanged((mode) => {
-  assistantEventHub
-    .publish(
-      buildAssistantEvent(DAEMON_INTERNAL_ASSISTANT_ID, {
-        type: "permission_mode_update",
-        askBeforeActing: mode.askBeforeActing,
-        hostAccess: mode.hostAccess,
-      }),
-    )
-    .catch((err) => {
-      log.warn({ err }, "Failed to publish permission_mode_update event");
-    });
-});
-
 // ---------------------------------------------------------------------------
 // Voice config
 // ---------------------------------------------------------------------------
@@ -240,7 +211,7 @@ async function handleOAuthConnectStart(body: {
   try {
     // For HTTP, we cannot send `open_url` mid-request. The auth URL is
     // returned to the client to open.
-    let authUrl: string | undefined;
+    let authorizeUrl: string | undefined;
 
     const result = await orchestrateOAuthConnect({
       service,
@@ -250,7 +221,7 @@ async function handleOAuthConnectStart(body: {
       callbackTransport: "loopback",
       isInteractive: true,
       openUrl: (url: string) => {
-        authUrl = url;
+        authorizeUrl = url;
       },
       onDeferredComplete: (deferredResult) => {
         // Prefer accountInfo from oauth-store when available.
@@ -309,7 +280,9 @@ async function handleOAuthConnectStart(body: {
       return Response.json({
         ok: true,
         deferred: true,
-        authUrl: result.authUrl,
+        // Wire key stays `authUrl` for backward compatibility with existing
+        // clients; the internal field on `result` is `authorizeUrl`.
+        authUrl: result.authorizeUrl,
       });
     }
 
@@ -326,7 +299,9 @@ async function handleOAuthConnectStart(body: {
       ok: true,
       grantedScopes: result.grantedScopes,
       accountInfo: responseAccountInfo,
-      ...(authUrl ? { authUrl } : {}),
+      // Wire key stays `authUrl` for backward compatibility with existing
+      // clients; the local variable was renamed to `authorizeUrl`.
+      ...(authorizeUrl ? { authUrl: authorizeUrl } : {}),
     });
   } catch (err) {
     const message = err instanceof Error ? err.message : String(err);
@@ -921,68 +896,5 @@ export function settingsRouteDefinitions(): RouteDefinition[] {
         }
       },
     },
-
-    // Permission mode (GET always available; PUT gated on feature flag)
-    {
-      endpoint: "permission-mode",
-      method: "GET",
-      policyKey: "permission-mode:GET",
-      summary: "Get permission mode",
-      description:
-        "Return the current two-axis permission mode (askBeforeActing, hostAccess).",
-      tags: ["settings"],
-      responseBody: z.object({
-        askBeforeActing: z.boolean(),
-        hostAccess: z.boolean(),
-      }),
-      handler: () => {
-        const mode = getMode();
-        return Response.json({
-          askBeforeActing: mode.askBeforeActing,
-          hostAccess: mode.hostAccess,
-        });
-      },
-    },
-    {
-      endpoint: "permission-mode",
-      method: "PUT",
-      policyKey: "permission-mode",
-      summary: "Update permission mode",
-      description:
-        "Update the two-axis permission mode. Requires the permission-controls-v2 feature flag.",
-      tags: ["settings"],
-      requestBody: z.object({
-        askBeforeActing: z.boolean().optional(),
-        hostAccess: z.boolean().optional(),
-      }),
-      responseBody: z.object({
-        askBeforeActing: z.boolean(),
-        hostAccess: z.boolean(),
-      }),
-      handler: async ({ req }) => {
-        const config = getConfig();
-        if (!isAssistantFeatureFlagEnabled("permission-controls-v2", config)) {
-          return httpError("NOT_FOUND", "Not found", 404);
-        }
-
-        const body = (await req.json()) as {
-          askBeforeActing?: boolean;
-          hostAccess?: boolean;
-        };
-
-        if (typeof body.askBeforeActing === "boolean") {
-          setAskBeforeActing(body.askBeforeActing);
-        }
-        if (typeof body.hostAccess === "boolean") {
-          setHostAccess(body.hostAccess);
-        }
-
-        const mode = getMode();
-        return Response.json({
-          askBeforeActing: mode.askBeforeActing,
-          hostAccess: mode.hostAccess,
-        });
-      },
-    },
   ];
 }