npm - @vellumai/assistant - Versions diffs - 0.6.2 → 0.6.3 - Mend

@vellumai/assistant 0.6.2 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (396) hide show

package/bun.lock +40 -40
package/bunfig.toml +3 -0
package/docs/architecture/memory.md +1 -1
package/node_modules/@vellumai/ces-contracts/src/rpc.ts +42 -0
package/openapi.yaml +184 -69
package/package.json +41 -41
package/scripts/generate-openapi.ts +1 -2
package/src/__tests__/acp-session.test.ts +43 -0
package/src/__tests__/app-builder-tool-scripts.test.ts +1 -0
package/src/__tests__/app-executors.test.ts +1 -0
package/src/__tests__/app-source-watcher.test.ts +37 -11
package/src/__tests__/approval-routes-http.test.ts +178 -1
package/src/__tests__/browser-fill-credential.test.ts +229 -94
package/src/__tests__/browser-manager.test.ts +40 -27
package/src/__tests__/catalog-files.test.ts +862 -0
package/src/__tests__/channel-approvals.test.ts +53 -0
package/src/__tests__/config-managed-gemini-defaults.test.ts +326 -0
package/src/__tests__/config-schema-cmd.test.ts +2 -2
package/src/__tests__/config-schema.test.ts +125 -48
package/src/__tests__/confirmation-request-guardian-bridge.test.ts +23 -0
package/src/__tests__/context-overflow-approval.test.ts +16 -1
package/src/__tests__/conversation-agent-loop-overflow.test.ts +1 -1
package/src/__tests__/conversation-agent-loop.test.ts +1 -1
package/src/__tests__/conversation-analysis-routes.test.ts +2 -2
package/src/__tests__/conversation-attachments.test.ts +80 -4
package/src/__tests__/conversation-confirmation-signals.test.ts +155 -0
package/src/__tests__/conversation-fork-crud.test.ts +17 -0
package/src/__tests__/conversation-history-web-search.test.ts +1 -0
package/src/__tests__/conversation-host-access-routes.test.ts +229 -0
package/src/__tests__/conversation-inject-context.test.ts +103 -0
package/src/__tests__/conversation-queue.test.ts +45 -2
package/src/__tests__/conversation-routes-disk-view.test.ts +5 -0
package/src/__tests__/conversation-routes-guardian-reply.test.ts +16 -0
package/src/__tests__/conversation-routes-slash-commands.test.ts +1 -0
package/src/__tests__/conversation-runtime-assembly.test.ts +269 -46
package/src/__tests__/conversation-starter-routes.test.ts +126 -0
package/src/__tests__/conversation-starters-cadence.test.ts +161 -0
package/src/__tests__/conversation-store.test.ts +195 -0
package/src/__tests__/conversation-workspace-cache-state.test.ts +193 -0
package/src/__tests__/credential-execution-approval-bridge.test.ts +32 -1
package/src/__tests__/credential-security-invariants.test.ts +1 -0
package/src/__tests__/credential-vault-unit.test.ts +4 -4
package/src/__tests__/credential-vault.test.ts +152 -13
package/src/__tests__/credentials-cli.test.ts +2 -2
package/src/__tests__/date-context.test.ts +4 -4
package/src/__tests__/embedding-managed-proxy-selection.test.ts +256 -0
package/src/__tests__/extension-id-sync-guard.test.ts +155 -0
package/src/__tests__/fixtures/mock-chrome-extension.ts +375 -0
package/src/__tests__/gateway-only-guard.test.ts +3 -0
package/src/__tests__/gemini-provider.test.ts +2 -2
package/src/__tests__/guardian-routing-invariants.test.ts +70 -2
package/src/__tests__/headless-browser-interactions.test.ts +707 -371
package/src/__tests__/headless-browser-navigate.test.ts +389 -47
package/src/__tests__/headless-browser-read-tools.test.ts +266 -103
package/src/__tests__/headless-browser-snapshot.test.ts +240 -77
package/src/__tests__/host-bash-proxy.test.ts +150 -1
package/src/__tests__/host-browser-e2e-cloud.test.ts +462 -0
package/src/__tests__/host-browser-e2e-self-hosted-capability.test.ts +286 -0
package/src/__tests__/host-browser-e2e-self-hosted.test.ts +374 -0
package/src/__tests__/host-browser-event-routes.test.ts +350 -0
package/src/__tests__/host-browser-proxy.test.ts +444 -0
package/src/__tests__/host-browser-routes.test.ts +198 -0
package/src/__tests__/host-browser-ws-events-e2e.test.ts +320 -0
package/src/__tests__/host-cu-proxy.test.ts +171 -1
package/src/__tests__/host-file-proxy.test.ts +185 -1
package/src/__tests__/host-file-read-tool.test.ts +52 -0
package/src/__tests__/host-proxy-interface.test.ts +165 -0
package/src/__tests__/host-shell-tool.test.ts +1 -11
package/src/__tests__/http-user-message-parity.test.ts +1 -0
package/src/__tests__/integration-status.test.ts +6 -7
package/src/__tests__/list-messages-tool-merge.test.ts +37 -12
package/src/__tests__/mcp-client-auth.test.ts +40 -4
package/src/__tests__/mcp-health-check.test.ts +10 -3
package/src/__tests__/migration-cross-version-compatibility.test.ts +3 -1
package/src/__tests__/migration-export-http.test.ts +61 -2
package/src/__tests__/migration-export-streaming.test.ts +66 -0
package/src/__tests__/migration-import-commit-http.test.ts +101 -1
package/src/__tests__/native-host-marker-sync-guard.test.ts +157 -0
package/src/__tests__/oauth-apps-routes.test.ts +17 -12
package/src/__tests__/oauth-cli.test.ts +707 -60
package/src/__tests__/oauth-connect-orchestrator.test.ts +116 -24
package/src/__tests__/oauth-provider-seed-logos.test.ts +23 -0
package/src/__tests__/oauth-provider-serializer.test.ts +146 -10
package/src/__tests__/oauth-provider-visibility.test.ts +19 -21
package/src/__tests__/oauth-providers-routes.test.ts +50 -14
package/src/__tests__/oauth-store.test.ts +1386 -182
package/src/__tests__/oauth2-gateway-transport.test.ts +211 -20
package/src/__tests__/onboarding-template-contract.test.ts +75 -57
package/src/__tests__/openai-provider.test.ts +2 -2
package/src/__tests__/outlook-categories.test.ts +1 -1
package/src/__tests__/outlook-client-automation.test.ts +1 -1
package/src/__tests__/outlook-compose-tools.test.ts +1 -1
package/src/__tests__/outlook-email-watcher.test.ts +1 -1
package/src/__tests__/outlook-follow-up.test.ts +1 -1
package/src/__tests__/outlook-messaging-provider.test.ts +2 -2
package/src/__tests__/outlook-trash.test.ts +1 -1
package/src/__tests__/outlook-unsubscribe.test.ts +1 -1
package/src/__tests__/permission-checker-host-gate.test.ts +74 -14
package/src/__tests__/permission-mode.test.ts +28 -56
package/src/__tests__/platform-callback-registration.test.ts +19 -0
package/src/__tests__/post-turn-tool-result-truncation.test.ts +296 -0
package/src/__tests__/proxy-approval-callback.test.ts +18 -0
package/src/__tests__/require-fresh-approval.test.ts +40 -1
package/src/__tests__/sanitize-config-for-transfer.test.ts +132 -0
package/src/__tests__/schedule-routes.test.ts +162 -0
package/src/__tests__/secret-detection-handler.test.ts +84 -0
package/src/__tests__/secret-ingress-http.test.ts +1 -0
package/src/__tests__/send-endpoint-busy.test.ts +3 -0
package/src/__tests__/set-permission-mode.test.ts +13 -250
package/src/__tests__/skills-file-content-endpoint.test.ts +670 -0
package/src/__tests__/skills-files-catalog-fallback.test.ts +450 -0
package/src/__tests__/slack-channel-config.test.ts +12 -15
package/src/__tests__/subagent-detail.test.ts +44 -2
package/src/__tests__/subagent-disposal.test.ts +1 -0
package/src/__tests__/subagent-fork-notifications.test.ts +291 -0
package/src/__tests__/subagent-fork-spawn.test.ts +384 -0
package/src/__tests__/subagent-manager-notify.test.ts +1 -0
package/src/__tests__/subagent-notify-parent.test.ts +1 -0
package/src/__tests__/subagent-spawn-tool-fork.test.ts +411 -0
package/src/__tests__/subagent-tools.test.ts +1 -0
package/src/__tests__/subagent-types.test.ts +1 -0
package/src/__tests__/system-prompt-ask-mode.test.ts +27 -71
package/src/__tests__/system-prompt.test.ts +72 -1
package/src/__tests__/task-scheduler.test.ts +32 -6
package/src/__tests__/telegram-config.test.ts +10 -13
package/src/__tests__/terminal-tools.test.ts +9 -0
package/src/__tests__/tool-approval-handler.test.ts +73 -0
package/src/__tests__/tool-side-effects-slack-dm.test.ts +22 -0
package/src/__tests__/top-level-renderer.test.ts +73 -1
package/src/__tests__/transport-hints-queue.test.ts +14 -29
package/src/__tests__/trusted-contact-inline-approval-integration.test.ts +109 -0
package/src/__tests__/v2-consent-policy.test.ts +103 -0
package/src/acp/client-handler.ts +30 -4
package/src/agent/loop.ts +12 -6
package/src/approvals/guardian-request-resolvers.ts +21 -15
package/src/browser-session/__tests__/manager.test.ts +297 -0
package/src/browser-session/backends/cdp-inspect.ts +30 -0
package/src/browser-session/backends/extension.ts +26 -0
package/src/browser-session/backends/local.ts +24 -0
package/src/browser-session/events.ts +164 -0
package/src/browser-session/index.ts +27 -0
package/src/browser-session/manager.ts +159 -0
package/src/browser-session/types.ts +28 -0
package/src/channels/__tests__/types.test.ts +134 -0
package/src/channels/types.ts +53 -3
package/src/cli/commands/browser-relay.ts +339 -409
package/src/cli/commands/credentials.ts +3 -3
package/src/cli/commands/email.ts +18 -13
package/src/cli/commands/mcp.ts +16 -4
package/src/cli/commands/oauth/__tests__/connect.test.ts +44 -44
package/src/cli/commands/oauth/__tests__/disconnect.test.ts +21 -21
package/src/cli/commands/oauth/__tests__/mode.test.ts +17 -17
package/src/cli/commands/oauth/__tests__/ping.test.ts +16 -16
package/src/cli/commands/oauth/__tests__/providers-delete.test.ts +31 -33
package/src/cli/commands/oauth/__tests__/providers-register.test.ts +329 -0
package/src/cli/commands/oauth/__tests__/providers-update.test.ts +116 -12
package/src/cli/commands/oauth/__tests__/status.test.ts +10 -10
package/src/cli/commands/oauth/__tests__/token.test.ts +7 -7
package/src/cli/commands/oauth/apps.ts +7 -4
package/src/cli/commands/oauth/connect.ts +6 -3
package/src/cli/commands/oauth/disconnect.ts +1 -1
package/src/cli/commands/oauth/providers.ts +200 -36
package/src/cli/commands/oauth/shared.ts +5 -5
package/src/cli/commands/platform/__tests__/callback-routes-list.test.ts +259 -0
package/src/cli/commands/platform/index.ts +107 -10
package/src/cli/commands/usage.ts +10 -9
package/src/cli/lib/daemon-credential-client.ts +4 -0
package/src/cli/program.ts +1 -1
package/src/config/bundled-skills/app-builder/SKILL.md +26 -249
package/src/config/bundled-skills/app-builder/references/CUSTOM_ROUTES.md +105 -0
package/src/config/bundled-skills/app-builder/references/INTERACTION_HOOKS.md +56 -0
package/src/config/bundled-skills/app-builder/references/WIDGETS.md +125 -0
package/src/config/bundled-skills/contacts/SKILL.md +3 -0
package/src/config/bundled-skills/document/SKILL.md +4 -0
package/src/config/bundled-skills/gmail/SKILL.md +1 -1
package/src/config/bundled-skills/outlook/SKILL.md +7 -0
package/src/config/bundled-skills/subagent/SKILL.md +21 -0
package/src/config/bundled-skills/subagent/TOOLS.json +8 -4
package/src/config/bundled-skills/tasks/SKILL.md +5 -0
package/src/config/env-registry.ts +14 -0
package/src/config/env.ts +21 -0
package/src/config/feature-flag-registry.json +44 -5
package/src/config/loader.ts +56 -1
package/src/config/sanitize-for-transfer.ts +47 -0
package/src/config/schema.ts +46 -5
package/src/config/schemas/host-browser.ts +66 -0
package/src/config/schemas/memory-lifecycle.ts +1 -1
package/src/config/schemas/memory-retrieval.ts +103 -0
package/src/config/schemas/security.ts +0 -6
package/src/config/schemas/services.ts +8 -0
package/src/config/types.ts +0 -1
package/src/context/post-turn-tool-result-truncation.ts +176 -0
package/src/context/window-manager.ts +19 -1
package/src/credential-execution/approval-bridge.ts +49 -15
package/src/daemon/__tests__/conversation-tool-setup.test.ts +186 -0
package/src/daemon/app-source-watcher.ts +35 -0
package/src/daemon/context-overflow-approval.ts +5 -0
package/src/daemon/conversation-agent-loop-handlers.ts +17 -2
package/src/daemon/conversation-agent-loop.ts +58 -24
package/src/daemon/conversation-attachments.ts +40 -0
package/src/daemon/conversation-process.ts +48 -1
package/src/daemon/conversation-runtime-assembly.ts +118 -36
package/src/daemon/conversation-surfaces.ts +37 -36
package/src/daemon/conversation-tool-setup.ts +74 -8
package/src/daemon/conversation-workspace.ts +12 -0
package/src/daemon/conversation.ts +226 -8
package/src/daemon/date-context.ts +10 -10
package/src/daemon/first-greeting.ts +3 -2
package/src/daemon/handlers/conversations.ts +9 -140
package/src/daemon/handlers/shared.ts +58 -0
package/src/daemon/handlers/skills.ts +232 -37
package/src/daemon/host-bash-proxy.ts +48 -13
package/src/daemon/host-browser-proxy.ts +191 -0
package/src/daemon/host-cu-proxy.ts +36 -11
package/src/daemon/host-file-proxy.ts +57 -9
package/src/daemon/lifecycle.ts +65 -11
package/src/daemon/message-protocol.ts +7 -0
package/src/daemon/message-types/conversations.ts +55 -13
package/src/daemon/message-types/host-browser.ts +100 -0
package/src/daemon/message-types/messages.ts +5 -5
package/src/daemon/message-types/skills.ts +10 -0
package/src/daemon/message-types/subagents.ts +2 -0
package/src/daemon/server.ts +92 -12
package/src/daemon/tool-side-effects.ts +6 -0
package/src/daemon/transport-hints.ts +5 -24
package/src/inbound/platform-callback-registration.ts +18 -17
package/src/mcp/client.ts +59 -24
package/src/memory/app-store.ts +31 -1
package/src/memory/conversation-crud.ts +23 -0
package/src/memory/conversation-starters-cadence.ts +76 -0
package/src/memory/conversation-title-service.ts +5 -2
package/src/memory/db-init.ts +12 -0
package/src/memory/embedding-backend.test.ts +75 -0
package/src/memory/embedding-backend.ts +131 -5
package/src/memory/embedding-gemini.test.ts +54 -0
package/src/memory/embedding-gemini.ts +20 -9
package/src/memory/embedding-local.ts +176 -17
package/src/memory/graph/consolidation.ts +10 -23
package/src/memory/graph/extraction-job.ts +15 -0
package/src/memory/graph/retriever.ts +40 -22
package/src/memory/graph/store.test.ts +7 -3
package/src/memory/graph/store.ts +47 -12
package/src/memory/llm-usage-store.ts +45 -4
package/src/memory/migrations/213-oauth-providers-scope-separator.ts +13 -0
package/src/memory/migrations/214-oauth-providers-refresh-url.ts +11 -0
package/src/memory/migrations/215-oauth-providers-revoke.ts +14 -0
package/src/memory/migrations/216-oauth-providers-token-auth-method.ts +30 -0
package/src/memory/migrations/217-conversation-host-access.ts +40 -0
package/src/memory/migrations/218-oauth-providers-logo-url.ts +11 -0
package/src/memory/migrations/index.ts +6 -0
package/src/memory/migrations/registry.ts +8 -0
package/src/memory/schema/conversations.ts +1 -0
package/src/memory/schema/oauth.ts +18 -13
package/src/oauth/AGENTS.md +76 -0
package/src/oauth/__tests__/identity-verifier.test.ts +24 -19
package/src/oauth/__tests__/seed-providers-managed.test.ts +32 -0
package/src/oauth/byo-connection.test.ts +8 -8
package/src/oauth/byo-connection.ts +7 -7
package/src/oauth/connect-orchestrator.ts +23 -21
package/src/oauth/connect-types.ts +3 -3
package/src/oauth/connection-resolver.test.ts +17 -4
package/src/oauth/connection-resolver.ts +16 -16
package/src/oauth/connection.ts +1 -1
package/src/oauth/manual-token-connection.ts +13 -13
package/src/oauth/oauth-store.ts +214 -100
package/src/oauth/platform-connection.test.ts +3 -3
package/src/oauth/platform-connection.ts +4 -4
package/src/oauth/provider-serializer.ts +31 -5
package/src/oauth/revoke.ts +76 -0
package/src/oauth/seed-providers.ts +126 -87
package/src/oauth/token-persistence.ts +1 -1
package/src/permissions/permission-mode.ts +4 -11
package/src/permissions/prompter.ts +13 -1
package/src/permissions/v2-consent-policy.ts +87 -0
package/src/prompts/system-prompt.ts +18 -21
package/src/prompts/templates/BOOTSTRAP-REFERENCE.md +3 -65
package/src/prompts/templates/BOOTSTRAP.md +59 -105
package/src/providers/anthropic/client.ts +1 -0
package/src/providers/types.ts +1 -1
package/src/runtime/AGENTS.md +23 -0
package/src/runtime/__tests__/browser-extension-pair-routes.test.ts +715 -0
package/src/runtime/__tests__/capability-tokens.test.ts +258 -0
package/src/runtime/__tests__/chrome-extension-registry.test.ts +518 -0
package/src/runtime/assistant-event-hub.ts +2 -2
package/src/runtime/auth/__tests__/guard-tests.test.ts +1 -0
package/src/runtime/auth/__tests__/middleware.test.ts +116 -1
package/src/runtime/auth/__tests__/route-policy.test.ts +8 -0
package/src/runtime/auth/middleware.ts +98 -0
package/src/runtime/auth/route-policy.ts +6 -7
package/src/runtime/capability-tokens.ts +414 -0
package/src/runtime/channel-approvals.ts +18 -5
package/src/runtime/chrome-extension-registry.ts +332 -0
package/src/runtime/confirmation-request-guardian-bridge.ts +6 -0
package/src/runtime/guardian-decision-types.ts +7 -0
package/src/runtime/http-server.ts +425 -70
package/src/runtime/migrations/__tests__/rebind-secrets-credentials.test.ts +172 -0
package/src/runtime/migrations/__tests__/vbundle-builder-credentials.test.ts +276 -0
package/src/runtime/migrations/__tests__/vbundle-import-credentials.test.ts +162 -0
package/src/runtime/migrations/migration-transport.ts +6 -0
package/src/runtime/migrations/migration-wizard.ts +22 -2
package/src/runtime/migrations/rebind-secrets-screen.ts +76 -15
package/src/runtime/migrations/vbundle-builder.ts +145 -38
package/src/runtime/migrations/vbundle-import-analyzer.ts +19 -0
package/src/runtime/migrations/vbundle-importer.ts +55 -5
package/src/runtime/pending-interactions.ts +29 -13
package/src/runtime/routes/approval-routes.ts +90 -16
package/src/runtime/routes/browser-cdp-routes.ts +229 -0
package/src/runtime/routes/browser-extension-pair-routes.ts +497 -0
package/src/runtime/routes/conversation-analysis-routes.ts +2 -1
package/src/runtime/routes/conversation-management-routes.ts +108 -0
package/src/runtime/routes/conversation-routes.ts +301 -27
package/src/runtime/routes/conversation-starter-routes.ts +78 -16
package/src/runtime/routes/guardian-action-routes.ts +24 -13
package/src/runtime/routes/host-browser-routes.ts +279 -0
package/src/runtime/routes/host-file-routes.ts +9 -1
package/src/runtime/routes/identity-routes.ts +259 -16
package/src/runtime/routes/log-export-routes.ts +42 -22
package/src/runtime/routes/memory-item-routes.ts +1 -7
package/src/runtime/routes/migration-routes.ts +87 -2
package/src/runtime/routes/oauth-apps.ts +15 -17
package/src/runtime/routes/oauth-providers.ts +4 -0
package/src/runtime/routes/schedule-routes.ts +24 -11
package/src/runtime/routes/settings-routes.ts +9 -97
package/src/runtime/routes/skills-routes.ts +52 -2
package/src/runtime/routes/subagents-routes.ts +14 -10
package/src/runtime/routes/usage-routes.ts +8 -7
package/src/runtime/routes/workspace-routes.test.ts +22 -0
package/src/runtime/routes/workspace-routes.ts +8 -1
package/src/runtime/routes/workspace-utils.ts +2 -0
package/src/schedule/scheduler.ts +7 -5
package/src/security/ces-credential-client.ts +20 -0
package/src/security/ces-rpc-credential-backend.ts +17 -0
package/src/security/credential-backend.ts +5 -0
package/src/security/oauth2.ts +42 -25
package/src/security/secure-keys.ts +118 -25
package/src/security/token-manager.ts +23 -10
package/src/skills/catalog-files.ts +492 -0
package/src/subagent/manager.ts +131 -26
package/src/subagent/types.ts +19 -0
package/src/tools/apps/executors.ts +11 -2
package/src/tools/browser/__tests__/auth-detector.test.ts +202 -108
package/src/tools/browser/auth-detector.ts +43 -12
package/src/tools/browser/browser-execution.ts +645 -340
package/src/tools/browser/browser-manager.ts +36 -12
package/src/tools/browser/cdp-client/__tests__/accessibility-snapshot.test.ts +318 -0
package/src/tools/browser/cdp-client/__tests__/cdp-dom-helpers.test.ts +1175 -0
package/src/tools/browser/cdp-client/__tests__/cdp-inspect-client.test.ts +870 -0
package/src/tools/browser/cdp-client/__tests__/extension-cdp-client.test.ts +330 -0
package/src/tools/browser/cdp-client/__tests__/factory.test.ts +377 -0
package/src/tools/browser/cdp-client/__tests__/fixtures/ax-tree-nested-frames.json +64 -0
package/src/tools/browser/cdp-client/__tests__/fixtures/ax-tree-simple.json +69 -0
package/src/tools/browser/cdp-client/__tests__/local-cdp-client.test.ts +310 -0
package/src/tools/browser/cdp-client/__tests__/types.test.ts +96 -0
package/src/tools/browser/cdp-client/accessibility-snapshot.ts +387 -0
package/src/tools/browser/cdp-client/cdp-dom-helpers.ts +695 -0
package/src/tools/browser/cdp-client/cdp-inspect/__tests__/discovery.test.ts +743 -0
package/src/tools/browser/cdp-client/cdp-inspect/__tests__/ws-transport.test.ts +580 -0
package/src/tools/browser/cdp-client/cdp-inspect/discovery.ts +578 -0
package/src/tools/browser/cdp-client/cdp-inspect/ws-transport.ts +579 -0
package/src/tools/browser/cdp-client/cdp-inspect-client.ts +635 -0
package/src/tools/browser/cdp-client/errors.ts +34 -0
package/src/tools/browser/cdp-client/extension-cdp-client.ts +125 -0
package/src/tools/browser/cdp-client/factory.ts +204 -0
package/src/tools/browser/cdp-client/index.ts +14 -0
package/src/tools/browser/cdp-client/local-cdp-client.ts +187 -0
package/src/tools/browser/cdp-client/types.ts +52 -0
package/src/tools/filesystem/edit.ts +1 -1
package/src/tools/filesystem/list.ts +1 -1
package/src/tools/filesystem/read.ts +1 -1
package/src/tools/filesystem/write.ts +2 -1
package/src/tools/host-filesystem/edit.ts +1 -1
package/src/tools/host-filesystem/read.ts +12 -15
package/src/tools/host-filesystem/write.ts +1 -1
package/src/tools/host-terminal/host-shell.ts +21 -16
package/src/tools/permission-checker.ts +77 -82
package/src/tools/registry.ts +0 -2
package/src/tools/secret-detection-handler.ts +34 -0
package/src/tools/shared/filesystem/image-read.ts +61 -40
package/src/tools/subagent/spawn.ts +47 -3
package/src/tools/subagent/status.ts +2 -0
package/src/tools/system/register.ts +2 -16
package/src/tools/terminal/safe-env.ts +7 -0
package/src/tools/terminal/shell.ts +21 -16
package/src/tools/tool-approval-handler.ts +48 -2
package/src/tools/types.ts +2 -0
package/src/util/platform.ts +14 -19
package/src/workspace/top-level-renderer.ts +19 -1
package/src/__tests__/chrome-cdp.test.ts +0 -419
package/src/__tests__/permission-mode-sse.test.ts +0 -418
package/src/__tests__/permission-mode-store.test.ts +0 -277
package/src/browser-extension-relay/protocol.ts +0 -63
package/src/browser-extension-relay/server.ts +0 -203
package/src/config/schemas/sandbox.ts +0 -14
package/src/permissions/permission-mode-store.ts +0 -180
package/src/tools/browser/chrome-cdp.ts +0 -239
package/src/tools/system/set-permission-mode.ts +0 -103

package/src/tools/browser/browser-manager.ts CHANGED Viewed

@@ -203,7 +203,13 @@ class BrowserManager {
   private pages = new Map<string, Page>();
   private rawPages = new Map<string, unknown>();
   private cdpSessions = new Map<string, CDPSession>();
-  private snapshotMaps = new Map<string, Map<string, string>>();
+  /**
+   * CDP backendNodeId lookup per conversation, populated by the
+   * AX-tree-based `executeBrowserSnapshot`. Click/type/hover/etc. tools
+   * resolve an element_id against this map and talk to CDP with the
+   * resulting backendNodeId.
+   */
+  private snapshotBackendNodeMaps = new Map<string, Map<string, number>>();
   private browserCdpSession: CDPSession | null = null;
   private browserWindowId: number | null = null;
   private interactiveModeSessions = new Set<string>();
@@ -358,7 +364,7 @@ class BrowserManager {
           this.rawPages.clear();
           this.cdpSessions.clear();
-          this.snapshotMaps.clear();
+          this.snapshotBackendNodeMaps.clear();
           this.downloads.clear();
           for (const pending of this.pendingDownloads.values()) {
             for (const waiter of pending)
@@ -384,7 +390,7 @@ class BrowserManager {
     }
     // Clear stale snapshot mappings and CDP state when replacing a closed page
-    this.snapshotMaps.delete(conversationId);
+    this.snapshotBackendNodeMaps.delete(conversationId);
     await this.stopScreencast(conversationId);
     const page = await context.newPage();
@@ -437,7 +443,7 @@ class BrowserManager {
     }
     this.pages.delete(conversationId);
     this.rawPages.delete(conversationId);
-    this.snapshotMaps.delete(conversationId);
+    this.snapshotBackendNodeMaps.delete(conversationId);
     this.downloads.delete(conversationId);
     // Reject any pending download waiters
     const pending = this.pendingDownloads.get(conversationId);
@@ -470,7 +476,7 @@ class BrowserManager {
     }
     this.pages.clear();
     this.rawPages.clear();
-    this.snapshotMaps.clear();
+    this.snapshotBackendNodeMaps.clear();
     this.downloads.clear();
     for (const pending of this.pendingDownloads.values()) {
       for (const waiter of pending) waiter.reject(new Error("Browser closed"));
@@ -526,19 +532,37 @@ class BrowserManager {
     }
   }
-  storeSnapshotMap(conversationId: string, map: Map<string, string>): void {
-    this.snapshotMaps.set(conversationId, map);
+  /**
+   * Store the backendNodeId lookup produced by the AX-tree-based
+   * `executeBrowserSnapshot`. Callers overwrite any prior map for the
+   * conversation so each snapshot fully supersedes the previous one.
+   */
+  storeSnapshotBackendNodeMap(
+    conversationId: string,
+    map: Map<string, number>,
+  ): void {
+    this.snapshotBackendNodeMaps.set(conversationId, map);
   }
-  clearSnapshotMap(conversationId: string): void {
-    this.snapshotMaps.delete(conversationId);
+  /**
+   * Drop the backendNodeId lookup for a conversation so stale element
+   * IDs from a previous snapshot cannot resolve after a navigation or
+   * page close.
+   */
+  clearSnapshotBackendNodeMap(conversationId: string): void {
+    this.snapshotBackendNodeMaps.delete(conversationId);
   }
-  resolveSnapshotSelector(
+  /**
+   * Look up the CDP backendNodeId for an element id produced by the
+   * most recent AX-tree snapshot. Returns `null` if no snapshot has
+   * been taken or the id is unknown.
+   */
+  resolveSnapshotBackendNodeId(
     conversationId: string,
     elementId: string,
-  ): string | null {
-    const map = this.snapshotMaps.get(conversationId);
+  ): number | null {
+    const map = this.snapshotBackendNodeMaps.get(conversationId);
     if (!map) return null;
     return map.get(elementId) ?? null;
   }

package/src/tools/browser/cdp-client/__tests__/accessibility-snapshot.test.ts ADDED Viewed

@@ -0,0 +1,318 @@
+import { describe, expect, it } from "bun:test";
+import {
+  type AxSnapshotElement,
+  type AxSnapshotResult,
+  formatAxSnapshot,
+  transformAxTree,
+} from "../accessibility-snapshot.js";
+import nestedFramesFixture from "./fixtures/ax-tree-nested-frames.json" with { type: "json" };
+import simpleFixture from "./fixtures/ax-tree-simple.json" with { type: "json" };
+// ── transformAxTree ──────────────────────────────────────────────────
+describe("transformAxTree", () => {
+  it("happy path: simple fixture returns exactly 3 elements with stable eids", () => {
+    const result = transformAxTree(simpleFixture);
+    expect(result.elements).toHaveLength(3);
+    const [e1, e2, e3] = result.elements as [
+      AxSnapshotElement,
+      AxSnapshotElement,
+      AxSnapshotElement,
+    ];
+    // e1: the button (trimmed + focusable prop not surfaced as attr).
+    expect(e1.eid).toBe("e1");
+    expect(e1.role).toBe("button");
+    expect(e1.name).toBe("Submit Form");
+    expect(e1.backendNodeId).toBe(101);
+    expect(e1.attrs).toEqual({ disabled: "false" });
+    expect(e1.value).toBeUndefined();
+    // e2: the link carries its url property in attrs.
+    expect(e2.eid).toBe("e2");
+    expect(e2.role).toBe("link");
+    expect(e2.name).toBe("About Us");
+    expect(e2.backendNodeId).toBe(102);
+    expect(e2.attrs).toEqual({ url: "https://example.com/about" });
+    // e3: the textbox carries placeholder + required + a `value` field.
+    expect(e3.eid).toBe("e3");
+    expect(e3.role).toBe("textbox");
+    expect(e3.name).toBe("Email address");
+    expect(e3.backendNodeId).toBe(103);
+    expect(e3.value).toBe("user@example.com");
+    expect(e3.attrs).toEqual({
+      placeholder: "you@example.com",
+      required: "true",
+    });
+  });
+  it("filters out ignored nodes", () => {
+    const result = transformAxTree(simpleFixture);
+    for (const el of result.elements) {
+      expect(el.name).not.toBe("Hidden Action");
+    }
+  });
+  it("filters out nodes without backendDOMNodeId", () => {
+    const result = transformAxTree(simpleFixture);
+    for (const el of result.elements) {
+      expect(el.name).not.toBe("Orphan Button");
+    }
+  });
+  it("truncates to opts.maxElements", () => {
+    const result = transformAxTree(simpleFixture, { maxElements: 2 });
+    expect(result.elements).toHaveLength(2);
+    expect(result.elements[0]?.eid).toBe("e1");
+    expect(result.elements[1]?.eid).toBe("e2");
+    // selectorMap only contains the kept elements.
+    expect(result.selectorMap.size).toBe(2);
+    expect(result.selectorMap.get("e1")).toBe(101);
+    expect(result.selectorMap.get("e2")).toBe(102);
+    expect(result.selectorMap.has("e3")).toBe(false);
+  });
+  it("selectorMap.get() returns the backendNodeId for each eid", () => {
+    const result = transformAxTree(simpleFixture);
+    expect(result.selectorMap.size).toBe(3);
+    expect(result.selectorMap.get("e1")).toBe(101);
+    expect(result.selectorMap.get("e2")).toBe(102);
+    expect(result.selectorMap.get("e3")).toBe(103);
+  });
+  it("filters out non-interactive roles (StaticText, generic, RootWebArea)", () => {
+    const fixture = {
+      nodes: [
+        {
+          nodeId: "1",
+          role: { value: "RootWebArea" },
+          name: { value: "Root" },
+          backendDOMNodeId: 1,
+          childIds: ["2", "3", "4"],
+          ignored: false,
+        },
+        {
+          nodeId: "2",
+          role: { value: "StaticText" },
+          name: { value: "Just some text" },
+          backendDOMNodeId: 2,
+          childIds: [],
+          ignored: false,
+        },
+        {
+          nodeId: "3",
+          role: { value: "generic" },
+          name: { value: "A div" },
+          backendDOMNodeId: 3,
+          childIds: [],
+          ignored: false,
+        },
+        {
+          nodeId: "4",
+          role: { value: "button" },
+          name: { value: "Real Button" },
+          backendDOMNodeId: 4,
+          childIds: [],
+          ignored: false,
+        },
+      ],
+    };
+    const result = transformAxTree(fixture);
+    expect(result.elements).toHaveLength(1);
+    expect(result.elements[0]?.name).toBe("Real Button");
+    expect(result.elements[0]?.role).toBe("button");
+  });
+  it("includes focusable nodes even when the role is not interactive", () => {
+    // Regression test for contenteditable divs and custom widgets: a
+    // generic-role node with `focusable: true` must still surface.
+    const fixture = {
+      nodes: [
+        {
+          nodeId: "1",
+          role: { value: "RootWebArea" },
+          name: { value: "Root" },
+          backendDOMNodeId: 1,
+          childIds: ["2"],
+          ignored: false,
+        },
+        {
+          nodeId: "2",
+          role: { value: "generic" },
+          name: { value: "Contenteditable field" },
+          properties: [
+            { name: "focusable", value: { type: "boolean", value: true } },
+          ],
+          backendDOMNodeId: 42,
+          childIds: [],
+          ignored: false,
+        },
+      ],
+    };
+    const result = transformAxTree(fixture);
+    expect(result.elements).toHaveLength(1);
+    const [el] = result.elements;
+    expect(el?.role).toBe("generic");
+    expect(el?.backendNodeId).toBe(42);
+    expect(el?.name).toBe("Contenteditable field");
+  });
+  it("traverses nested RootWebArea (iframe) children in document order", () => {
+    const result = transformAxTree(nestedFramesFixture);
+    // Expect 4 kept elements across parent + inner frame, in doc order.
+    expect(result.elements).toHaveLength(4);
+    expect(result.elements.map((el) => el.name)).toEqual([
+      "Parent Button",
+      "Inner Link",
+      "Inner Search",
+      "Subscribe",
+    ]);
+    expect(result.elements.map((el) => el.backendNodeId)).toEqual([
+      201, 203, 204, 205,
+    ]);
+    expect(result.elements.map((el) => el.eid)).toEqual([
+      "e1",
+      "e2",
+      "e3",
+      "e4",
+    ]);
+  });
+  it("truncates names longer than 80 chars", () => {
+    const longName = "x".repeat(200);
+    const fixture = {
+      nodes: [
+        {
+          nodeId: "1",
+          role: { value: "button" },
+          name: { value: longName },
+          backendDOMNodeId: 1,
+          childIds: [],
+          ignored: false,
+        },
+      ],
+    };
+    const result = transformAxTree(fixture);
+    expect(result.elements).toHaveLength(1);
+    expect(result.elements[0]?.name.length).toBe(80);
+  });
+  it("returns an empty result for malformed input", () => {
+    expect(transformAxTree(null)).toEqual({
+      elements: [],
+      selectorMap: new Map(),
+    });
+    expect(transformAxTree(undefined)).toEqual({
+      elements: [],
+      selectorMap: new Map(),
+    });
+    expect(transformAxTree({})).toEqual({
+      elements: [],
+      selectorMap: new Map(),
+    });
+    expect(transformAxTree({ nodes: [] })).toEqual({
+      elements: [],
+      selectorMap: new Map(),
+    });
+  });
+});
+// ── formatAxSnapshot ──────────────────────────────────────────────────
+describe("formatAxSnapshot", () => {
+  it("byte-matches the legacy executeBrowserSnapshot format for the simple fixture", () => {
+    const result = transformAxTree(simpleFixture);
+    const formatted = formatAxSnapshot(result, {
+      url: "https://example.com/",
+      title: "Example",
+    });
+    const expected = [
+      "URL: https://example.com/",
+      "Title: Example",
+      "",
+      `[e1] <button disabled="false"> Submit Form`,
+      `[e2] <link url="https://example.com/about"> About Us`,
+      `[e3] <textbox placeholder="you@example.com" required="true" value="user@example.com"> Email address`,
+      "",
+      "3 interactive elements found.",
+    ].join("\n");
+    expect(formatted).toBe(expected);
+  });
+  it("uses '(none)' when title is empty", () => {
+    const result: AxSnapshotResult = {
+      elements: [],
+      selectorMap: new Map(),
+    };
+    const formatted = formatAxSnapshot(result, {
+      url: "about:blank",
+      title: "",
+    });
+    expect(formatted).toBe(
+      [
+        "URL: about:blank",
+        "Title: (none)",
+        "",
+        "(no interactive elements found)",
+      ].join("\n"),
+    );
+  });
+  it("renders 'interactive element' (singular) for a single-element result", () => {
+    const result: AxSnapshotResult = {
+      elements: [
+        {
+          eid: "e1",
+          role: "button",
+          name: "Click",
+          attrs: {},
+          backendNodeId: 1,
+        },
+      ],
+      selectorMap: new Map([["e1", 1]]),
+    };
+    const formatted = formatAxSnapshot(result, {
+      url: "https://example.com/",
+      title: "T",
+    });
+    expect(formatted).toBe(
+      [
+        "URL: https://example.com/",
+        "Title: T",
+        "",
+        "[e1] <button> Click",
+        "",
+        "1 interactive element found.",
+      ].join("\n"),
+    );
+  });
+  it("omits the trailing ' name' segment when name is empty", () => {
+    const result: AxSnapshotResult = {
+      elements: [
+        {
+          eid: "e1",
+          role: "button",
+          name: "",
+          attrs: {},
+          backendNodeId: 1,
+        },
+      ],
+      selectorMap: new Map([["e1", 1]]),
+    };
+    const formatted = formatAxSnapshot(result, {
+      url: "https://example.com/",
+      title: "T",
+    });
+    expect(formatted.split("\n")[3]).toBe("[e1] <button>");
+  });
+});