@vellumai/assistant 0.6.4 → 0.6.5

package/src/__tests__/filing-service.test.ts

@@ -0,0 +1,255 @@
+import { mkdirSync, writeFileSync } from "node:fs";
+import { join } from "node:path";
+import { afterEach, beforeEach, describe, expect, mock, test } from "bun:test";
+
+import { resolveCallSiteConfig } from "../config/llm-resolver.js";
+import { LLMSchema } from "../config/schemas/llm.js";
+
+const testWorkspaceDir = process.env.VELLUM_WORKSPACE_DIR!;
+
+// Mock config loader. Filing's `runOnce()` reads `getConfig().filing`, and
+// `executeRun()` no longer reads `config.speed` (PR 8) — the call site is
+// hardcoded to 'filingAgent' and the resolver picks up `llm.callSites.filingAgent`
+// inside the daemon's processMessage path.
+let mockConfig = {
+  filing: {
+    enabled: true,
+    intervalMs: 60_000,
+    speed: "standard" as "standard" | "fast",
+    activeHoursStart: null as number | null,
+    activeHoursEnd: null as number | null,
+  },
+};
+
+mock.module("../config/loader.js", () => ({
+  getConfig: () => mockConfig,
+  loadConfig: () => mockConfig,
+  loadRawConfig: () => ({}),
+  saveRawConfig: () => {},
+  invalidateConfigCache: () => {},
+}));
+
+// Mock conversation store
+const createdConversations: Array<{ title: string; conversationType: string }> =
+  [];
+let conversationIdCounter = 0;
+
+mock.module("../memory/conversation-crud.js", () => ({
+  getConversationType: () => "default",
+  setConversationOriginChannelIfUnset: () => {},
+  updateConversationContextWindow: () => {},
+  deleteMessageById: () => {},
+  updateConversationTitle: () => {},
+  updateConversationUsage: () => {},
+  addMessage: () => ({ id: "mock-msg-id" }),
+  getMessages: () => [],
+  getConversation: () => ({
+    id: "conv-1",
+    contextSummary: null,
+    contextCompactedMessageCount: 0,
+    totalInputTokens: 0,
+    totalOutputTokens: 0,
+    totalEstimatedCost: 0,
+    title: null,
+  }),
+  getMessageById: () => null,
+  provenanceFromTrustContext: () => ({
+    source: "user",
+    trustContext: undefined,
+  }),
+  getConversationOriginInterface: () => null,
+  getConversationOriginChannel: () => null,
+  createConversation: (opts: { title: string; conversationType: string }) => {
+    createdConversations.push(opts);
+    return { id: `conv-${++conversationIdCounter}`, ...opts };
+  },
+}));
+
+// Mock logger
+mock.module("../util/logger.js", () => ({
+  getLogger: () => ({
+    info: () => {},
+    debug: () => {},
+    warn: () => {},
+    error: () => {},
+  }),
+}));
+
+// Mock conversation title service
+mock.module("../memory/conversation-title-service.js", () => ({
+  GENERATING_TITLE: "Generating title...",
+  queueGenerateConversationTitle: () => {},
+}));
+
+// Import after mocks are set up
+const { FilingService } = await import("../filing/filing-service.js");
+
+describe("FilingService", () => {
+  let processMessageCalls: Array<{
+    conversationId: string;
+    content: string;
+    options?: { speed?: string; callSite?: string };
+  }>;
+
+  afterEach(() => {
+    // Clean up workspace files between tests so buffer-existence tests don't leak
+    const bufferPath = join(testWorkspaceDir, "pkb", "buffer.md");
+    try {
+      writeFileSync(bufferPath, "");
+    } catch {
+      // best-effort
+    }
+  });
+
+  beforeEach(() => {
+    processMessageCalls = [];
+    createdConversations.length = 0;
+    conversationIdCounter = 0;
+
+    mockConfig = {
+      filing: {
+        enabled: true,
+        intervalMs: 60_000,
+        speed: "standard",
+        activeHoursStart: null,
+        activeHoursEnd: null,
+      },
+    };
+
+    // Seed buffer.md with content so runOnce doesn't skip
+    const pkbDir = join(testWorkspaceDir, "pkb");
+    try {
+      mkdirSync(pkbDir, { recursive: true });
+    } catch {
+      // best-effort
+    }
+    writeFileSync(join(pkbDir, "buffer.md"), "- some buffered fact\n");
+  });
+
+  function createService(overrides?: {
+    processMessage?: (
+      id: string,
+      content: string,
+      options?: { speed?: string; callSite?: string },
+    ) => Promise<{ messageId: string }>;
+  }) {
+    return new FilingService({
+      processMessage:
+        overrides?.processMessage ??
+        (async (
+          conversationId: string,
+          content: string,
+          options?: { speed?: string; callSite?: string },
+        ) => {
+          processMessageCalls.push({ conversationId, content, options });
+          return { messageId: "msg-1" };
+        }),
+    });
+  }
+
+  test("runOnce() passes callSite: 'filingAgent' to processMessage", async () => {
+    const service = createService();
+    await service.runOnce();
+
+    expect(processMessageCalls).toHaveLength(1);
+    expect(processMessageCalls[0].options).toEqual({ callSite: "filingAgent" });
+    expect(processMessageCalls[0].options?.callSite).toBe("filingAgent");
+  });
+
+  test("runOnce() does not pass legacy 'speed' kwarg even when filing.speed is set", async () => {
+    // Filing's schema still carries `speed` (PR 19 will remove it), but PR 8
+    // stopped reading it. Ensure the new wiring no longer leaks the legacy
+    // kwarg through to processMessage.
+    mockConfig.filing.speed = "fast";
+    const service = createService();
+    await service.runOnce();
+
+    expect(processMessageCalls).toHaveLength(1);
+    expect(processMessageCalls[0].options?.speed).toBeUndefined();
+    expect(processMessageCalls[0].options?.callSite).toBe("filingAgent");
+  });
+
+  test("runOnce() invokes processMessage with the filing prompt template", async () => {
+    const service = createService();
+    await service.runOnce();
+
+    expect(processMessageCalls).toHaveLength(1);
+    expect(processMessageCalls[0].conversationId).toBe("conv-1");
+    expect(processMessageCalls[0].content).toContain(
+      "periodic knowledge base filing job",
+    );
+  });
+
+  test("creates background conversation with generating title placeholder", async () => {
+    const service = createService();
+    await service.runOnce();
+
+    expect(createdConversations).toHaveLength(1);
+    expect(createdConversations[0].title).toBe("Generating title...");
+    expect(createdConversations[0].conversationType).toBe("background");
+  });
+
+  describe("llm.callSites.filingAgent resolution", () => {
+    // These tests verify that the call-site name used by FilingService
+    // ('filingAgent') resolves through the unified `llm` config the way
+    // downstream consumers expect.
+
+    test("resolves to llm.default when no filingAgent override exists", () => {
+      const llm = LLMSchema.parse({
+        default: {
+          provider: "anthropic",
+          model: "claude-opus-4-7",
+          maxTokens: 64000,
+          effort: "max",
+          speed: "standard",
+        },
+      });
+      const resolved = resolveCallSiteConfig("filingAgent", llm);
+      expect(resolved.model).toBe("claude-opus-4-7");
+      expect(resolved.speed).toBe("standard");
+    });
+
+    test("call-site override on filingAgent wins over llm.default", () => {
+      const llm = LLMSchema.parse({
+        default: {
+          provider: "anthropic",
+          model: "claude-opus-4-7",
+          maxTokens: 64000,
+          effort: "max",
+          speed: "standard",
+        },
+        callSites: {
+          filingAgent: { speed: "fast", model: "claude-haiku-4-7" },
+        },
+      });
+      const resolved = resolveCallSiteConfig("filingAgent", llm);
+      expect(resolved.model).toBe("claude-haiku-4-7");
+      expect(resolved.speed).toBe("fast");
+      // Sibling defaults remain untouched.
+      expect(resolved.provider).toBe("anthropic");
+      expect(resolved.maxTokens).toBe(64000);
+    });
+
+    test("filingAgent profile reference resolves through profile fragment", () => {
+      const llm = LLMSchema.parse({
+        default: {
+          provider: "anthropic",
+          model: "claude-opus-4-7",
+          maxTokens: 64000,
+          effort: "max",
+          speed: "standard",
+        },
+        profiles: {
+          background: { speed: "fast", effort: "low" },
+        },
+        callSites: {
+          filingAgent: { profile: "background" },
+        },
+      });
+      const resolved = resolveCallSiteConfig("filingAgent", llm);
+      expect(resolved.speed).toBe("fast");
+      expect(resolved.effort).toBe("low");
+      expect(resolved.model).toBe("claude-opus-4-7");
+    });
+  });
+});

package/src/__tests__/gemini-provider.test.ts

@@ -422,7 +422,6 @@ describe("GeminiProvider", () => {
     expect(contents[1].role).toBe("model");
     expect(contents[1].parts[0]).toEqual({
       functionCall: {
-        id: "call_abc",
         name: "file_read",
         args: { path: "/tmp/test" },
       },
@@ -430,7 +429,6 @@ describe("GeminiProvider", () => {
     expect(contents[2].role).toBe("user");
     expect(contents[2].parts[0]).toEqual({
       functionResponse: {
-        id: "call_abc",
         name: "file_read",
         response: { output: "file content here" },
       },
@@ -464,7 +462,6 @@ describe("GeminiProvider", () => {
     }>;
     expect(contents[0].parts[0]).toEqual({
       functionResponse: {
-        id: "unknown_id",
         name: "unknown_id",
         response: { output: "some result" },
       },

package/src/__tests__/guardian-grant-minting.test.ts

@@ -31,6 +31,10 @@ import {
 import * as approvalMessageComposer from "../runtime/approval-message-composer.js";
 import * as gatewayClient from "../runtime/gateway-client.js";
 import * as pendingInteractions from "../runtime/pending-interactions.js";
+import {
+  _clearApprovalPromptTsTrackerForTesting,
+  trackApprovalPromptTs,
+} from "../runtime/routes/approval-prompt-ts-tracker.js";
 import { handleApprovalInterception } from "../runtime/routes/guardian-approval-interception.js";
 import { computeToolApprovalDigest } from "../security/tool-approval-digest.js";
 
@@ -60,6 +64,7 @@ function resetTables(): void {
     /* tables may not exist yet */
   }
   pendingInteractions.clear();
+  _clearApprovalPromptTsTrackerForTesting();
 }
 
 function createTestGuardianApproval(
@@ -227,6 +232,8 @@ describe("guardian grant minting on tool-approval decisions", () => {
       TOOL_NAME,
       TOOL_INPUT,
     );
+    const approvalMessageTs = "1700000000.000100";
+    trackApprovalPromptTs("slack", GUARDIAN_CHAT, approvalMessageTs);
 
     const result = await handleApprovalInterception({
       conversationId: "guardian-conv-1",
@@ -238,6 +245,7 @@ describe("guardian grant minting on tool-approval decisions", () => {
       replyCallbackUrl: "https://gateway.test/deliver",
       trustCtx: makeTrustContext(),
       assistantId: ASSISTANT_ID,
+      approvalMessageTs,
     });
 
     expect(result.handled).toBe(true);

package/src/__tests__/headless-browser-interactions.test.ts

@@ -392,7 +392,7 @@ describe("executeBrowserClick (CDP)", () => {
     const result = await executeBrowserClick({ element_id: "e99" }, ctx);
     expect(result.isError).toBe(true);
     expect(result.content).toContain('element_id "e99" not found');
-    expect(result.content).toContain("browser_snapshot");
+    expect(result.content).toContain("snapshot");
     // Resolution failed before acquiring a CdpClient.
     expect(sendCalls).toHaveLength(0);
   });

package/src/__tests__/heartbeat-service.test.ts

@@ -9,7 +9,6 @@ let mockConfig = {
   heartbeat: {
     enabled: true,
     intervalMs: 60_000,
-    speed: "standard" as "standard" | "fast",
     activeHoursStart: undefined as number | undefined,
     activeHoursEnd: undefined as number | undefined,
   },
@@ -126,11 +125,44 @@ const IDENTITY_TEMPLATE = readFileSync(
 const { stripCommentLines } = await import("../util/strip-comment-lines.js");
 const SCAFFOLD_PERSONA = stripCommentLines(GUARDIAN_PERSONA_TEMPLATE).trim();
 
+// Resolver wiring — used by the end-to-end resolution test below to verify
+// that `callSite: 'heartbeatAgent'` resolves to the correct config when
+// `llm.callSites.heartbeatAgent` is defined.
+const { resolveCallSiteConfig } = await import("../config/llm-resolver.js");
+const { LLMSchema } = await import("../config/schemas/llm.js");
+
+// Minimal fully-specified `llm.default` block. The resolver requires every
+// `LLMConfigBase` field to be present in `default`, so we provide the same
+// fixture the resolver test suite uses.
+const LLM_DEFAULT = {
+  provider: "anthropic" as const,
+  model: "claude-opus-4-7",
+  maxTokens: 64000,
+  effort: "max" as const,
+  speed: "standard" as const,
+  temperature: null,
+  thinking: { enabled: true, streamThinking: true },
+  contextWindow: {
+    enabled: true,
+    maxInputTokens: 200000,
+    targetBudgetRatio: 0.3,
+    compactThreshold: 0.8,
+    summaryBudgetRatio: 0.05,
+    overflowRecovery: {
+      enabled: true,
+      safetyMarginRatio: 0.05,
+      maxAttempts: 3,
+      interactiveLatestTurnCompression: "summarize" as const,
+      nonInteractiveLatestTurnCompression: "truncate" as const,
+    },
+  },
+};
+
 describe("HeartbeatService", () => {
   let processMessageCalls: Array<{
     conversationId: string;
     content: string;
-    options?: { speed?: string };
+    options?: { callSite?: string };
   }>;
   let alerterCalls: Array<{ type: string; title: string; body: string }>;
 
@@ -152,7 +184,6 @@ describe("HeartbeatService", () => {
       heartbeat: {
         enabled: true,
         intervalMs: 60_000,
-        speed: "standard",
         activeHoursStart: undefined,
         activeHoursEnd: undefined,
       },
@@ -163,7 +194,7 @@ describe("HeartbeatService", () => {
     processMessage?: (
       id: string,
       content: string,
-      options?: { speed?: string },
+      options?: { callSite?: string },
     ) => Promise<{ messageId: string }>;
     getCurrentHour?: () => number;
   }) {
@@ -173,7 +204,7 @@ describe("HeartbeatService", () => {
         (async (
           conversationId: string,
           content: string,
-          options?: { speed?: string },
+          options?: { callSite?: string },
         ) => {
           processMessageCalls.push({ conversationId, content, options });
           return { messageId: "msg-1" };
@@ -504,32 +535,52 @@ describe("HeartbeatService", () => {
     expect(service.nextRunAt).toBeNull();
   });
 
-  test("passes heartbeat config speed to processMessage", async () => {
-    mockConfig.heartbeat.speed = "standard";
+  test("passes callSite='heartbeatAgent' to processMessage", async () => {
     const service = createService();
     await service.runOnce();
 
     expect(processMessageCalls).toHaveLength(1);
-    expect(processMessageCalls[0].options).toEqual({ speed: "standard" });
+    expect(processMessageCalls[0].options).toEqual({
+      callSite: "heartbeatAgent",
+    });
   });
 
-  test("heartbeat uses its own speed even when global config differs", async () => {
-    // Simulate: global config has fast, but heartbeat config has standard
-    mockConfig.heartbeat.speed = "standard";
+  test("processMessage receives only callSite — no legacy speed knob", async () => {
+    // The heartbeat service unconditionally passes `callSite:
+    // 'heartbeatAgent'` and nothing else. The resolver maps that identifier
+    // to whatever `llm.callSites.heartbeatAgent` (or `llm.default`)
+    // configures.
     const service = createService();
     await service.runOnce();
 
     expect(processMessageCalls).toHaveLength(1);
-    expect(processMessageCalls[0].options?.speed).toBe("standard");
+    expect(processMessageCalls[0].options).toEqual({
+      callSite: "heartbeatAgent",
+    });
   });
 
-  test("heartbeat passes fast speed when explicitly configured", async () => {
-    mockConfig.heartbeat.speed = "fast";
+  test("end-to-end: llm.callSites.heartbeatAgent.speed resolves to 'fast'", async () => {
+    // Verifies the contract that PR 7 establishes: heartbeat passes
+    // `callSite: 'heartbeatAgent'`, and the LLM resolver maps that to the
+    // configured speed via `llm.callSites.heartbeatAgent`. The heartbeat
+    // service itself doesn't call the resolver — that happens downstream in
+    // the provider layer (see PR 5) — so this test asserts both halves of
+    // the wiring: (a) the call site identifier flows through to
+    // processMessage, and (b) the resolver maps that identifier to the
+    // user's configured speed.
+    const llm = LLMSchema.parse({
+      default: LLM_DEFAULT,
+      callSites: {
+        heartbeatAgent: { speed: "fast" },
+      },
+    });
     const service = createService();
     await service.runOnce();
 
     expect(processMessageCalls).toHaveLength(1);
-    expect(processMessageCalls[0].options?.speed).toBe("fast");
+    expect(processMessageCalls[0].options?.callSite).toBe("heartbeatAgent");
+    const resolved = resolveCallSiteConfig("heartbeatAgent", llm);
+    expect(resolved.speed).toBe("fast");
   });
 
   describe("isShallowProfile", () => {
@@ -672,4 +723,34 @@ describe("HeartbeatService", () => {
       expect(existsSync(tsPath)).toBe(true);
     });
   });
+
+  describe("credential health gating", () => {
+    test("prompt includes credential-status when providers are unhealthy", () => {
+      const service = createService();
+      const { prompt } = service.buildPrompt("- Check email", ["google"]);
+
+      expect(prompt).toContain("<credential-status>");
+      expect(prompt).toContain("google");
+      expect(prompt).toContain(
+        "Do NOT attempt to use tools for these providers",
+      );
+    });
+
+    test("prompt omits credential-status when all providers are healthy", () => {
+      const service = createService();
+      const { prompt } = service.buildPrompt("- Check email", []);
+
+      expect(prompt).not.toContain("<credential-status>");
+    });
+
+    test("prompt lists multiple unhealthy providers", () => {
+      const service = createService();
+      const { prompt } = service.buildPrompt("- Check things", [
+        "google",
+        "slack",
+      ]);
+
+      expect(prompt).toContain("google, slack");
+    });
+  });
 });

package/src/__tests__/host-shell-tool.test.ts

@@ -674,6 +674,18 @@ describe("host_bash — spawn error handling", () => {
     expect(result.isError).toBe(false);
     expect(result.content).toContain("<command_completed />");
   });
+
+  test("injects __CONVERSATION_ID for local host_bash execution", async () => {
+    const result = await hostShellTool.execute(
+      {
+        command: 'echo "$__CONVERSATION_ID"',
+      },
+      makeContext(),
+    );
+
+    expect(result.isError).toBe(false);
+    expect(result.content.trim()).toBe("test-conversation");
+  });
 });
 
 // ---------------------------------------------------------------------------
@@ -681,6 +693,34 @@ describe("host_bash — spawn error handling", () => {
 // ---------------------------------------------------------------------------
 
 describe("host_bash — proxy delegation", () => {
+  const ROUTING_ENV_KEYS = [
+    "BASE_DATA_DIR",
+    "VELLUM_WORKSPACE_DIR",
+    "VELLUM_DATA_DIR",
+    "VELLUM_ENVIRONMENT",
+    "INTERNAL_GATEWAY_BASE_URL",
+  ] as const;
+
+  function captureEnv(
+    keys: readonly string[],
+  ): Record<string, string | undefined> {
+    const snapshot: Record<string, string | undefined> = {};
+    for (const key of keys) {
+      snapshot[key] = process.env[key];
+    }
+    return snapshot;
+  }
+
+  function restoreEnv(snapshot: Record<string, string | undefined>): void {
+    for (const [key, value] of Object.entries(snapshot)) {
+      if (value === undefined) {
+        delete process.env[key];
+      } else {
+        process.env[key] = value;
+      }
+    }
+  }
+
   function makeMockProxy(result: ToolExecutionResult) {
     const calls: Array<{
       input: {
@@ -843,6 +883,12 @@ describe("host_bash — proxy delegation", () => {
       "ces-shell-lockdown": true,
     });
 
+    const envSnapshot = captureEnv(ROUTING_ENV_KEYS);
+    // Keep this test focused on lockdown propagation behavior only.
+    for (const key of ROUTING_ENV_KEYS) {
+      delete process.env[key];
+    }
+
     try {
       const proxyResult: ToolExecutionResult = {
         content: "proxied",
@@ -863,32 +909,92 @@ describe("host_bash — proxy delegation", () => {
 
       expect(result).toBe(proxyResult);
       expect(calls.length).toBe(1);
-      expect(calls[0].input.env).toEqual({ VELLUM_UNTRUSTED_SHELL: "1" });
+      expect(calls[0].input.env).toEqual({
+        VELLUM_UNTRUSTED_SHELL: "1",
+        __CONVERSATION_ID: "test-conversation",
+      });
     } finally {
       _setOverridesForTesting({});
+      restoreEnv(envSnapshot);
     }
   });
 
   test("does not propagate env to proxy when CES lockdown is inactive", async () => {
-    const proxyResult: ToolExecutionResult = {
-      content: "proxied",
-      isError: false,
-    };
-    const { proxy, calls } = makeMockProxy(proxyResult);
+    const envSnapshot = captureEnv(ROUTING_ENV_KEYS);
+    for (const key of ROUTING_ENV_KEYS) {
+      delete process.env[key];
+    }
 
-    const ctx: ToolContext = {
-      ...makeContext(),
-      trustClass: "guardian", // trusted actor — no lockdown
-      hostBashProxy: proxy as unknown as ToolContext["hostBashProxy"],
-    };
+    try {
+      const proxyResult: ToolExecutionResult = {
+        content: "proxied",
+        isError: false,
+      };
+      const { proxy, calls } = makeMockProxy(proxyResult);
 
-    const result = await hostShellTool.execute(
-      { command: "echo no-lockdown" },
-      ctx,
-    );
+      const ctx: ToolContext = {
+        ...makeContext(),
+        trustClass: "guardian", // trusted actor — no lockdown
+        hostBashProxy: proxy as unknown as ToolContext["hostBashProxy"],
+      };
 
-    expect(result).toBe(proxyResult);
-    expect(calls.length).toBe(1);
-    expect(calls[0].input.env).toBeUndefined();
+      const result = await hostShellTool.execute(
+        { command: "echo no-lockdown" },
+        ctx,
+      );
+
+      expect(result).toBe(proxyResult);
+      expect(calls.length).toBe(1);
+      expect(calls[0].input.env).toEqual({
+        __CONVERSATION_ID: "test-conversation",
+      });
+    } finally {
+      restoreEnv(envSnapshot);
+    }
+  });
+
+  test("propagates daemon routing env vars to proxy for nested assistant CLI calls", async () => {
+    const envSnapshot = captureEnv([
+      ...ROUTING_ENV_KEYS,
+      "VELLUM_UNTRUSTED_SHELL",
+    ]);
+    process.env.BASE_DATA_DIR = "/tmp/vellum-instance";
+    process.env.VELLUM_WORKSPACE_DIR = "/tmp/vellum-instance/.vellum/workspace";
+    process.env.VELLUM_DATA_DIR = "/tmp/vellum-instance/.vellum/workspace/data";
+    process.env.VELLUM_ENVIRONMENT = "local";
+    process.env.INTERNAL_GATEWAY_BASE_URL = "http://127.0.0.1:7830";
+    delete process.env.VELLUM_UNTRUSTED_SHELL;
+
+    try {
+      const proxyResult: ToolExecutionResult = {
+        content: "proxied",
+        isError: false,
+      };
+      const { proxy, calls } = makeMockProxy(proxyResult);
+
+      const ctx: ToolContext = {
+        ...makeContext(),
+        trustClass: "guardian", // trusted actor — no lockdown
+        hostBashProxy: proxy as unknown as ToolContext["hostBashProxy"],
+      };
+
+      const result = await hostShellTool.execute(
+        { command: "assistant browser status --json" },
+        ctx,
+      );
+
+      expect(result).toBe(proxyResult);
+      expect(calls.length).toBe(1);
+      expect(calls[0].input.env).toEqual({
+        BASE_DATA_DIR: "/tmp/vellum-instance",
+        VELLUM_WORKSPACE_DIR: "/tmp/vellum-instance/.vellum/workspace",
+        VELLUM_DATA_DIR: "/tmp/vellum-instance/.vellum/workspace/data",
+        VELLUM_ENVIRONMENT: "local",
+        INTERNAL_GATEWAY_BASE_URL: "http://127.0.0.1:7830",
+        __CONVERSATION_ID: "test-conversation",
+      });
+    } finally {
+      restoreEnv(envSnapshot);
+    }
   });
 });