@vellumai/assistant 0.6.3 → 0.6.4

package/src/context/window-manager.ts

@@ -6,6 +6,7 @@ import type {
   Provider,
 } from "../providers/types.js";
 import { getLogger } from "../util/logger.js";
+import { safeStringSlice } from "../util/unicode.js";
 import {
   estimateContentBlockTokens,
   estimatePromptTokens,
@@ -110,6 +111,16 @@ export class ContextWindowManager {
    * after a successful compaction pass.
    */
   nonPersistedPrefixCount = 0;
+  /**
+   * True when the message at index 0 is a context summary that was inherited
+   * from a parent fork (i.e. injected as part of the non-persisted prefix),
+   * rather than produced by this conversation's own compaction. The parent
+   * summary sits at index 0 but is excluded from `compactableMessages` by
+   * `summaryOffset`, so its slot in `nonPersistedPrefixCount` must be
+   * accounted for separately. Cleared after the first compaction replaces
+   * the parent summary with a child-owned one.
+   */
+  summaryIsInjected = false;
   /**
    * Cached resolved system prompt. Lazily populated on first access via the
    * `systemPrompt` getter and cleared after each compaction pass so the next
@@ -124,6 +135,16 @@ export class ContextWindowManager {
     this.toolTokenBudget = options.toolTokenBudget ?? 0;
   }
 
+  /**
+   * Provider key for the local token estimator. Wrapper providers (e.g.
+   * OpenRouter routing to `anthropic/*`) override `tokenEstimationProvider`
+   * so image/PDF sizing uses the same rules as the upstream API instead of
+   * the generic `base64/4` fallback.
+   */
+  private get estimationProviderName(): string {
+    return this.provider.tokenEstimationProvider ?? this.provider.name;
+  }
+
   /** Lazily resolve and cache the system prompt for the duration of a compaction pass. */
   private get systemPrompt(): string {
     if (this._resolvedSystemPrompt !== undefined) {
@@ -151,7 +172,7 @@ export class ContextWindowManager {
     if (!this.config.enabled) return { needed: false, estimatedTokens: 0 };
     try {
       const estimated = estimatePromptTokens(messages, this.systemPrompt, {
-        providerName: this.provider.name,
+        providerName: this.estimationProviderName,
         toolTokenBudget: this.toolTokenBudget,
       });
       const threshold = Math.floor(
@@ -183,7 +204,7 @@ export class ContextWindowManager {
     const previousEstimatedInputTokens =
       options?.precomputedEstimate ??
       estimatePromptTokens(messages, this.systemPrompt, {
-        providerName: this.provider.name,
+        providerName: this.estimationProviderName,
         toolTokenBudget: this.toolTokenBudget,
       });
     const thresholdTokens = Math.floor(
@@ -266,7 +287,7 @@ export class ContextWindowManager {
       const didTruncate = truncatedCount > 0;
       const estimatedAfterTruncation = didTruncate
         ? estimatePromptTokens(truncatedMessages, this.systemPrompt, {
-            providerName: this.provider.name,
+            providerName: this.estimationProviderName,
             toolTokenBudget: this.toolTokenBudget,
           })
         : previousEstimatedInputTokens;
@@ -313,8 +334,15 @@ export class ContextWindowManager {
       };
     }
 
+    // When the summary at index 0 was injected from a parent fork, it
+    // contributes 1 to `nonPersistedPrefixCount` but is excluded from
+    // `compactableMessages` by `summaryOffset`; subtract it here so the
+    // remaining injected count lines up with compactableMessages. A summary
+    // produced by this conversation's own prior compaction is not part of
+    // `nonPersistedPrefixCount` (already decremented), so no subtraction.
+    const injectedSummaryOffset = this.summaryIsInjected ? summaryOffset : 0;
     const injectedInCompactable = Math.min(
-      Math.max(0, this.nonPersistedPrefixCount - summaryOffset),
+      Math.max(0, this.nonPersistedPrefixCount - injectedSummaryOffset),
       compactableMessages.length,
     );
     const compactedPersistedMessages =
@@ -331,7 +359,7 @@ export class ContextWindowManager {
       projectedMessages,
       this.systemPrompt,
       {
-        providerName: this.provider.name,
+        providerName: this.estimationProviderName,
         toolTokenBudget: this.toolTokenBudget,
       },
     );
@@ -460,15 +488,20 @@ export class ContextWindowManager {
       compactedMessages,
       this.systemPrompt,
       {
-        providerName: this.provider.name,
+        providerName: this.estimationProviderName,
         toolTokenBudget: this.toolTokenBudget,
       },
     );
-    // Consume the injected prefix messages that were compacted away.
+    // Consume the injected prefix messages that were compacted away. When the
+    // parent-injected summary was replaced by a freshly produced child summary,
+    // also consume its slot (it was excluded from injectedInCompactable via
+    // injectedSummaryOffset) and clear the flag so subsequent compactions treat
+    // the summary at index 0 as child-owned.
     this.nonPersistedPrefixCount = Math.max(
       0,
-      this.nonPersistedPrefixCount - injectedInCompactable,
+      this.nonPersistedPrefixCount - injectedInCompactable - injectedSummaryOffset,
     );
+    this.summaryIsInjected = false;
 
     log.info(
       {
@@ -541,7 +574,7 @@ export class ContextWindowManager {
         COMPACTION_TOOL_RESULT_MAX_CHARS,
       );
       return estimatePromptTokens(projectedMessages, this.systemPrompt, {
-        providerName: this.provider.name,
+        providerName: this.estimationProviderName,
         toolTokenBudget: this.toolTokenBudget,
       });
     };
@@ -610,7 +643,7 @@ export class ContextWindowManager {
     );
 
     const estimateBlockTokens = (b: ContentBlock): number =>
-      estimateContentBlockTokens(b, { providerName: this.provider.name });
+      estimateContentBlockTokens(b, { providerName: this.estimationProviderName });
 
     let totalTokens = 0;
     for (const block of blocks) {
@@ -752,7 +785,7 @@ export class ContextWindowManager {
     // Budget in tokens → approximate char limit (4 chars ≈ 1 token).
     const maxChars = this.summaryMaxTokens * 4;
     if (summary.length <= maxChars) return summary;
-    return `${summary.slice(0, maxChars)}...`;
+    return `${safeStringSlice(summary, 0, maxChars)}...`;
   }
 }
 
@@ -1025,7 +1058,7 @@ function serializeBlock(block: ContentBlock): string {
 
 function clampText(text: string): string {
   if (text.length <= MAX_BLOCK_PREVIEW_CHARS) return text;
-  return `${text.slice(0, MAX_BLOCK_PREVIEW_CHARS)}... [truncated ${
+  return `${safeStringSlice(text, 0, MAX_BLOCK_PREVIEW_CHARS)}... [truncated ${
     text.length - MAX_BLOCK_PREVIEW_CHARS
   } chars]`;
 }

package/src/credential-execution/executable-discovery.ts

@@ -17,7 +17,7 @@
  */
 
 import { existsSync } from "node:fs";
-import { join } from "node:path";
+import { dirname, join } from "node:path";
 
 import { getIsContainerized } from "../config/env-registry.js";
 import { getLogger } from "../util/logger.js";
@@ -65,9 +65,19 @@ function getManagedBootstrapSocketPath(): string {
  * `getDataDir()` (under `~/.vellum/workspace/data`) was previously included
  * but is inside the sandbox write boundary, so a sandboxed tool could plant
  * a malicious binary there. Removed to close the sandbox-escape vector.
+ *
+ * Search order:
+ * 1. Alongside the running executable (packaged macOS app:
+ *    `<App>.app/Contents/MacOS/credential-executor`). When running from
+ *    source via `bun run`, `process.execPath` points at the bun binary
+ *    itself, so this path won't exist and the search falls through.
+ * 2. `<binDir>/credential-executor` — user-installed override (dev flow).
  */
 function getLocalBinarySearchPaths(): string[] {
-  return [join(getBinDir(), "credential-executor")];
+  return [
+    join(dirname(process.execPath), "credential-executor"),
+    join(getBinDir(), "credential-executor"),
+  ];
 }
 
 // ---------------------------------------------------------------------------

package/src/credential-execution/process-manager.ts

@@ -240,7 +240,7 @@ export function createCesProcessManager(
       cmd: [discovery.executablePath],
       stdin: "pipe",
       stdout: "pipe",
-      stderr: "ignore",
+      stderr: "pipe",
       env: {
         ...process.env,
         // Signal to CES that it was launched by the assistant
@@ -251,6 +251,7 @@ export function createCesProcessManager(
     childProcess = proc;
 
     log.info({ pid: proc.pid }, "CES child process started");
+    forwardStderrToLogger(proc);
 
     return createStdioTransport(proc);
   }
@@ -272,7 +273,7 @@ export function createCesProcessManager(
       cmd: [bunPath, "run", discovery.sourcePath],
       stdin: "pipe",
       stdout: "pipe",
-      stderr: "ignore",
+      stderr: "pipe",
       env: {
         ...process.env,
         // Signal to CES that it was launched by the assistant
@@ -283,6 +284,7 @@ export function createCesProcessManager(
     childProcess = proc;
 
     log.info({ pid: proc.pid }, "CES child process started (from source)");
+    forwardStderrToLogger(proc);
 
     return createStdioTransport(proc);
   }
@@ -442,6 +444,35 @@ function createSocketTransport(socket: Socket): CesTransport {
 // Helpers
 // ---------------------------------------------------------------------------
 
+function forwardStderrToLogger(proc: Subprocess): void {
+  if (!proc.stderr || typeof proc.stderr === "number") return;
+
+  const reader = proc.stderr.getReader();
+  const decoder = new TextDecoder();
+  let buffer = "";
+
+  void (async () => {
+    try {
+      while (true) {
+        const { value, done } = await reader.read();
+        if (done) break;
+
+        buffer += decoder.decode(value, { stream: true });
+        let newlineIdx: number;
+        while ((newlineIdx = buffer.indexOf("\n")) !== -1) {
+          const line = buffer.slice(0, newlineIdx).trimEnd();
+          buffer = buffer.slice(newlineIdx + 1);
+          if (line) log.error({ pid: proc.pid }, `[ces-stderr] ${line}`);
+        }
+      }
+      const trailing = buffer.trimEnd();
+      if (trailing) log.error({ pid: proc.pid }, `[ces-stderr] ${trailing}`);
+    } catch {
+      // Process ended or stream closed; nothing to forward.
+    }
+  })();
+}
+
 async function stopLocalProcess(proc: Subprocess): Promise<void> {
   log.info({ pid: proc.pid }, "Stopping CES child process");
   proc.kill("SIGTERM");

package/src/credential-health/credential-health-service.ts

@@ -0,0 +1,366 @@
+/**
+ * Proactive credential health monitoring.
+ *
+ * Enumerates all active OAuth connections and validates each one for:
+ * - Token presence in secure storage
+ * - Token expiry (expired or expiring within the warning window)
+ * - Scope coverage (grantedScopes vs provider defaultScopes)
+ * - Liveness ping (for providers with a pingUrl)
+ *
+ * Designed to run during the heartbeat cycle. All checks are diagnostic —
+ * no token refresh or recovery is attempted.
+ */
+
+import {
+  isTokenExpired,
+  oauthConnectionAccessTokenPath,
+} from "@vellumai/credential-storage";
+
+import {
+  getProvider,
+  listActiveConnectionsByProvider,
+  listProviders,
+} from "../oauth/oauth-store.js";
+import { getSecureKeyAsync } from "../security/secure-keys.js";
+import { getLogger } from "../util/logger.js";
+
+const log = getLogger("credential-health");
+
+/** 7 days in milliseconds — warn if token expires within this window. */
+const EXPIRY_WARNING_MS = 7 * 24 * 60 * 60 * 1000;
+
+/** Timeout for liveness pings. */
+const PING_TIMEOUT_MS = 5_000;
+
+// ── Types ─────────────────────────────────────────────────────────────
+
+export type CredentialHealthStatus =
+  | "healthy"
+  | "expiring"
+  | "expired"
+  | "missing_token"
+  | "missing_scopes"
+  | "revoked"
+  | "ping_failed";
+
+export interface CredentialHealthResult {
+  connectionId: string;
+  provider: string;
+  accountInfo: string | null;
+  status: CredentialHealthStatus;
+  details: string;
+  missingScopes: string[];
+  canAutoRecover: boolean;
+}
+
+export interface CredentialHealthReport {
+  checkedAt: number;
+  results: CredentialHealthResult[];
+  unhealthy: CredentialHealthResult[];
+}
+
+// ── Helpers ───────────────────────────────────────────────────────────
+
+function safeJsonParse<T>(raw: string | null | undefined, fallback: T): T {
+  if (!raw) return fallback;
+  try {
+    return JSON.parse(raw) as T;
+  } catch {
+    return fallback;
+  }
+}
+
+function scopeDifference(required: string[], granted: string[]): string[] {
+  const grantedSet = new Set(granted);
+  return required.filter((s) => !grantedSet.has(s));
+}
+
+// ── Liveness ping ─────────────────────────────────────────────────────
+
+/** @internal Exposed for test injection. */
+export let _fetchFn: typeof fetch = fetch;
+
+/** @internal Test-only: override the fetch function used for pings. */
+export function _setFetchFn(fn: typeof fetch): void {
+  _fetchFn = fn;
+}
+
+async function pingProvider(
+  token: string,
+  pingUrl: string,
+  pingMethod: string | null,
+  pingHeaders: string | null,
+  pingBody: string | null,
+): Promise<{ ok: boolean; authError: boolean }> {
+  const method = pingMethod ?? "GET";
+  const headers: Record<string, string> = {
+    Authorization: `Bearer ${token}`,
+    ...safeJsonParse<Record<string, string>>(pingHeaders, {}),
+  };
+
+  const body =
+    method !== "GET" && pingBody
+      ? (typeof pingBody === "string" ? pingBody : JSON.stringify(pingBody))
+      : undefined;
+
+  try {
+    const response = await _fetchFn(pingUrl, {
+      method,
+      headers,
+      body,
+      signal: AbortSignal.timeout(PING_TIMEOUT_MS),
+    });
+
+    if (response.ok) return { ok: true, authError: false };
+    if (response.status === 401 || response.status === 403) {
+      return { ok: false, authError: true };
+    }
+    return { ok: false, authError: false };
+  } catch {
+    // Network error or timeout — treat as non-auth failure
+    return { ok: false, authError: false };
+  }
+}
+
+// ── Core check ────────────────────────────────────────────────────────
+
+interface CheckConnectionOpts {
+  connectionId: string;
+  provider: string;
+  accountInfo: string | null;
+  expiresAt: number | null;
+  hasRefreshToken: boolean;
+  grantedScopesRaw: string;
+  defaultScopesRaw: string;
+  pingUrl: string | null;
+  pingMethod: string | null;
+  pingHeaders: string | null;
+  pingBody: string | null;
+}
+
+async function checkConnection(
+  opts: CheckConnectionOpts,
+): Promise<CredentialHealthResult> {
+  const {
+    connectionId,
+    provider,
+    accountInfo,
+    expiresAt,
+    hasRefreshToken,
+    grantedScopesRaw,
+    defaultScopesRaw,
+    pingUrl,
+    pingMethod,
+    pingHeaders,
+    pingBody,
+  } = opts;
+
+  const base = { connectionId, provider, accountInfo, missingScopes: [] as string[] };
+
+  // 1. Check token presence
+  const token = await getSecureKeyAsync(
+    oauthConnectionAccessTokenPath(connectionId),
+  );
+  if (!token) {
+    return {
+      ...base,
+      status: "missing_token",
+      details: `No access token found for ${provider}. Re-authorization required.`,
+      canAutoRecover: false,
+    };
+  }
+
+  // 2. Check token expiry
+  if (isTokenExpired(expiresAt)) {
+    return {
+      ...base,
+      status: hasRefreshToken ? "expiring" : "expired",
+      details: hasRefreshToken
+        ? `Token for ${provider} is expired but has a refresh token — auto-recovery may work.`
+        : `Token for ${provider} is expired with no refresh token. Re-authorization required.`,
+      canAutoRecover: hasRefreshToken,
+    };
+  }
+
+  // Check if expiring within warning window (but not yet expired by the 5-min buffer)
+  if (expiresAt && Date.now() >= expiresAt - EXPIRY_WARNING_MS) {
+    // Token works now but will expire soon
+    if (!hasRefreshToken) {
+      return {
+        ...base,
+        status: "expiring",
+        details: `Token for ${provider} expires within 7 days and has no refresh token. Re-authorization will be needed soon.`,
+        canAutoRecover: false,
+      };
+    }
+    // Has refresh token — not an issue, auto-refresh will handle it
+  }
+
+  // 3. Check scope coverage
+  const grantedScopes = safeJsonParse<string[]>(grantedScopesRaw, []);
+  const defaultScopes = safeJsonParse<string[]>(defaultScopesRaw, []);
+  if (defaultScopes.length > 0 && grantedScopes.length > 0) {
+    const missing = scopeDifference(defaultScopes, grantedScopes);
+    if (missing.length > 0) {
+      return {
+        ...base,
+        status: "missing_scopes",
+        details: `${provider} is missing required scopes: ${missing.join(", ")}. Features may not work correctly.`,
+        missingScopes: missing,
+        canAutoRecover: false,
+      };
+    }
+  }
+
+  // 4. Liveness ping
+  if (pingUrl) {
+    const pingResult = await pingProvider(
+      token,
+      pingUrl,
+      pingMethod,
+      pingHeaders,
+      pingBody,
+    );
+    if (!pingResult.ok) {
+      if (pingResult.authError) {
+        return {
+          ...base,
+          status: "revoked",
+          details: `${provider} token was rejected (401/403). The token may have been revoked. Re-authorization required.`,
+          canAutoRecover: false,
+        };
+      }
+      // Non-auth ping failure — log but don't mark as critical.
+      // Could be a transient API issue.
+      log.debug(
+        { provider, connectionId },
+        "Credential ping failed with non-auth error",
+      );
+      return {
+        ...base,
+        status: "ping_failed",
+        details: `${provider} liveness check failed (non-auth error). This may be transient.`,
+        canAutoRecover: false,
+      };
+    }
+  }
+
+  return {
+    ...base,
+    status: "healthy",
+    details: `${provider} credential is healthy.`,
+    canAutoRecover: hasRefreshToken,
+  };
+}
+
+// ── Public API ────────────────────────────────────────────────────────
+
+/**
+ * Check the health of all active OAuth connections.
+ *
+ * Iterates every registered provider, looks up active connections, and
+ * validates each one. Returns a structured report with overall results
+ * and a filtered list of unhealthy credentials.
+ */
+export async function checkAllCredentials(): Promise<CredentialHealthReport> {
+  const checkedAt = Date.now();
+  const results: CredentialHealthResult[] = [];
+
+  let providers;
+  try {
+    providers = listProviders();
+  } catch (err) {
+    log.warn({ err }, "Failed to list OAuth providers");
+    return { checkedAt, results, unhealthy: [] };
+  }
+
+  for (const providerRow of providers) {
+    let connections;
+    try {
+      connections = listActiveConnectionsByProvider(providerRow.provider);
+    } catch (err) {
+      log.warn(
+        { err, provider: providerRow.provider },
+        "Failed to list connections for provider",
+      );
+      continue;
+    }
+
+    for (const conn of connections) {
+      try {
+        const result = await checkConnection({
+          connectionId: conn.id,
+          provider: conn.provider,
+          accountInfo: conn.accountInfo,
+          expiresAt: conn.expiresAt,
+          hasRefreshToken: !!conn.hasRefreshToken,
+          grantedScopesRaw: conn.grantedScopes,
+          defaultScopesRaw: providerRow.defaultScopes,
+          pingUrl: providerRow.pingUrl,
+          pingMethod: providerRow.pingMethod,
+          pingHeaders: providerRow.pingHeaders,
+          pingBody: providerRow.pingBody,
+        });
+        results.push(result);
+      } catch (err) {
+        log.warn(
+          { err, provider: conn.provider, connectionId: conn.id },
+          "Failed to check credential health",
+        );
+      }
+    }
+  }
+
+  const unhealthy = results.filter((r) => r.status !== "healthy");
+  if (unhealthy.length > 0) {
+    log.info(
+      {
+        total: results.length,
+        unhealthy: unhealthy.length,
+        providers: [...new Set(unhealthy.map((r) => r.provider))],
+      },
+      "Credential health check found issues",
+    );
+  } else {
+    log.debug({ total: results.length }, "All credentials healthy");
+  }
+
+  return { checkedAt, results, unhealthy };
+}
+
+/**
+ * Check credential health for a single provider. Returns the health
+ * result for the most recent active connection, or null if no connection
+ * exists.
+ *
+ * Used by the watcher engine for pre-poll gating.
+ */
+export async function checkCredentialForProvider(
+  provider: string,
+): Promise<CredentialHealthResult | null> {
+  let connections;
+  try {
+    connections = listActiveConnectionsByProvider(provider);
+  } catch {
+    return null;
+  }
+  if (connections.length === 0) return null;
+
+  const conn = connections[0]!;
+  const providerRow = getProvider(conn.provider);
+  if (!providerRow) return null;
+
+  return checkConnection({
+    connectionId: conn.id,
+    provider: conn.provider,
+    accountInfo: conn.accountInfo,
+    expiresAt: conn.expiresAt,
+    hasRefreshToken: !!conn.hasRefreshToken,
+    grantedScopesRaw: conn.grantedScopes,
+    defaultScopesRaw: providerRow.defaultScopes,
+    pingUrl: providerRow.pingUrl,
+    pingMethod: providerRow.pingMethod,
+    pingHeaders: providerRow.pingHeaders,
+    pingBody: providerRow.pingBody,
+  });
+}