@vellumai/assistant 0.7.0 → 0.7.1

package/src/credential-health/credential-health-service.ts

@@ -11,18 +11,14 @@
  * no token refresh or recovery is attempted.
  */
 
-import {
-  isTokenExpired,
-  oauthConnectionAccessTokenPath,
-} from "@vellumai/credential-storage";
+import { isTokenExpired } from "@vellumai/credential-storage";
 
-import { manualTokenAccessCredentialKey } from "../oauth/manual-token-connection.js";
+import { getConnectionAccessTokenResult } from "../oauth/credential-token-resolver.js";
 import {
   getProvider,
   listActiveConnectionsByProvider,
   listProviders,
 } from "../oauth/oauth-store.js";
-import { getSecureKeyAsync } from "../security/secure-keys.js";
 import { getLogger } from "../util/logger.js";
 
 const log = getLogger("credential-health");
@@ -40,6 +36,7 @@ export type CredentialHealthStatus =
   | "expiring"
   | "expired"
   | "missing_token"
+  | "unreachable"
   | "missing_scopes"
   | "revoked"
   | "ping_failed";
@@ -165,16 +162,23 @@ async function checkConnection(
     missingScopes: [] as string[],
   };
 
-  // 1. Check token presence. Manual-token providers (e.g. slack_channel,
-  // telegram) store their primary token under credential/<provider>/<field>
-  // rather than oauth_connection/<id>/access_token, so resolve the correct
-  // path before looking up the token — otherwise the lookup always returns
-  // null and marks these providers as "missing_token".
-  const tokenPath =
-    manualTokenAccessCredentialKey(provider) ??
-    oauthConnectionAccessTokenPath(connectionId);
-  const token = await getSecureKeyAsync(tokenPath);
-  if (!token) {
+  // 1. Check token presence via the centralized resolver. Manual-token
+  // providers (e.g. slack_channel, telegram) store their primary token at
+  // credential/<provider>/<field> rather than oauth_connection/<id>/access_token;
+  // the resolver handles the mapping automatically.
+  const tokenResult = await getConnectionAccessTokenResult({
+    provider,
+    connectionId,
+  });
+  if (!tokenResult.value) {
+    if (tokenResult.unreachable) {
+      return {
+        ...base,
+        status: "unreachable",
+        details: `Credential backend is temporarily unreachable for ${provider}. Token status unknown.`,
+        canAutoRecover: true,
+      };
+    }
     return {
       ...base,
       status: "missing_token",
@@ -182,6 +186,7 @@ async function checkConnection(
       canAutoRecover: false,
     };
   }
+  const token = tokenResult.value;
 
   // 2. Check token expiry
   if (isTokenExpired(expiresAt)) {

package/src/daemon/__tests__/conversation-surfaces-launch.test.ts

@@ -45,10 +45,9 @@ mock.module("../../runtime/assistant-event.js", () => ({
   // Pass-through so `focus` / `conversationId` can be asserted directly
   // on the captured event's `message` payload.
   buildAssistantEvent: (
-    assistantId: string,
     message: unknown,
     conversationId?: string,
-  ) => ({ assistantId, message, conversationId }),
+  ) => ({ message, conversationId }),
 }));
 
 // Stub DB helpers so the real `launchConversation` can run without a DB.
@@ -76,12 +75,55 @@ mock.module("../../memory/conversation-crud.js", () => ({
   },
 }));
 
+// Stub conversation-store so the real `launchConversation` can hydrate
+// a fake Conversation without touching the real map.
+let trustContextOnConversation: unknown | null = null;
+const fakeConversation = {
+  setTrustContext: (c: unknown) => {
+    trustContextOnConversation = c;
+  },
+};
+const getOrCreateConversationCalls: string[] = [];
+const realConvStore = await import("../conversation-store.js");
+mock.module("../conversation-store.js", () => ({
+  ...realConvStore,
+  getOrCreateConversation: async (id: string) => {
+    getOrCreateConversationCalls.push(id);
+    return fakeConversation as never;
+  },
+}));
+
+// Stub processMessageInBackground so the seed turn is controllable.
+const processMessageCalls: Array<{
+  conversationId: string;
+  content: string;
+}> = [];
+let resolveProcess = () => {};
+let rejectProcess: (err: Error) => void = () => {};
+let markProcessStarted = () => {};
+let processStartedPromise = new Promise<void>((resolve) => {
+  markProcessStarted = resolve;
+});
+const realProcessMessage = await import("../process-message.js");
+mock.module("../process-message.js", () => ({
+  ...realProcessMessage,
+  processMessageInBackground: (
+    conversationId: string,
+    content: string,
+  ) => {
+    processMessageCalls.push({ conversationId, content });
+    markProcessStarted();
+    return new Promise((resolve, reject) => {
+      resolveProcess = () => resolve({ messageId: "msg-1" });
+      rejectProcess = (err) => reject(err);
+    });
+  },
+}));
+
 // Dynamic imports after mock.module calls so the stubs take effect
 // before the modules under test are loaded.
 const { createSurfaceMutex, handleSurfaceAction } =
   await import("../conversation-surfaces.js");
-const { registerLaunchConversationDeps, resetLaunchConversationDeps } =
-  await import("../conversation-launch.js");
 type SurfaceConversationContext =
   import("../conversation-surfaces.js").SurfaceConversationContext;
 type TrustContext = import("../trust-context.js").TrustContext;
@@ -89,60 +131,17 @@ type ServerMessage = import("../message-protocol.js").ServerMessage;
 type SurfaceData = import("../message-protocol.js").SurfaceData;
 type SurfaceType = import("../message-protocol.js").SurfaceType;
 
-// ── launchConversation deps harness ────────────────────────────────
+// ── Harness reset helper ───────────────────────────────────────────
 
-interface DepsHarness {
-  getOrCreateCalls: Array<string>;
-  processCalls: Array<{ conversationId: string; content: string }>;
-  lastTrustContext(): unknown | null;
-  resolveProcess: () => void;
-  rejectProcess: (err: Error) => void;
-  /** Resolves once `persistAndProcessMessage` has actually been invoked. */
-  processStarted: Promise<void>;
-}
-
-function setupLaunchDeps(): DepsHarness {
-  const getOrCreateCalls: Array<string> = [];
-  const processCalls: Array<{ conversationId: string; content: string }> = [];
-  let trustContextOnConversation: unknown | null = null;
-  let resolveProcess = () => {};
-  let rejectProcess: (err: Error) => void = () => {};
-  let markProcessStarted = () => {};
-  const processStarted = new Promise<void>((resolve) => {
+function resetProcessHarness(): void {
+  processMessageCalls.length = 0;
+  getOrCreateConversationCalls.length = 0;
+  trustContextOnConversation = null;
+  resolveProcess = () => {};
+  rejectProcess = () => {};
+  processStartedPromise = new Promise<void>((resolve) => {
     markProcessStarted = resolve;
   });
-
-  const fakeConversation = {
-    setTrustContext: (c: unknown) => {
-      trustContextOnConversation = c;
-    },
-  };
-
-  registerLaunchConversationDeps({
-    getOrCreateConversation: async (id: string) => {
-      getOrCreateCalls.push(id);
-      return fakeConversation as never;
-    },
-    persistAndProcessMessage: (conversationId: string, content: string) => {
-      processCalls.push({ conversationId, content });
-      markProcessStarted();
-      return new Promise((resolve, reject) => {
-        resolveProcess = () => resolve({ messageId: "msg-1" });
-        rejectProcess = (err) => reject(err);
-      });
-    },
-    publishAssistantEvent: () => {},
-    getAssistantId: () => "assistant-test-id",
-  });
-
-  return {
-    getOrCreateCalls,
-    processCalls,
-    lastTrustContext: () => trustContextOnConversation,
-    resolveProcess: () => resolveProcess(),
-    rejectProcess: (err: Error) => rejectProcess(err),
-    processStarted,
-  };
 }
 
 // ── Surface-context harness ────────────────────────────────────────
@@ -216,7 +215,6 @@ function registerCardSurface(
 // Helper: filter captured publish calls down to `open_conversation`
 // events. Typed so assertions can reach the inner `message` payload.
 function openConversationEvents(): Array<{
-  assistantId: string;
   conversationId?: string;
   message: {
     type: "open_conversation";
@@ -234,7 +232,6 @@ function openConversationEvents(): Array<{
     .map(
       (e) =>
         e as unknown as {
-          assistantId: string;
           conversationId?: string;
           message: {
             type: "open_conversation";
@@ -254,16 +251,12 @@ describe("handleSurfaceAction — launch_conversation dispatch", () => {
     publishCalls.length = 0;
     updateTitleCalls.length = 0;
     nextKeyStoreResult = { conversationId: "conv-new" };
-    // Reset module-level `_deps` so a test that forgets to call
-    // `setupLaunchDeps()` cannot accidentally piggy-back on deps left
-    // registered by a previous test. Each test that exercises the launch
-    // helper must call `setupLaunchDeps()` explicitly.
-    resetLaunchConversationDeps();
+    resetProcessHarness();
   });
 
   test("launches new conversation with inherited trust context and no chat message", async () => {
     nextKeyStoreResult = { conversationId: "conv-launched-1" };
-    const harness = setupLaunchDeps();
+    
     const originTrustContext: TrustContext = {
       sourceChannel: "vellum",
       trustClass: "guardian",
@@ -295,14 +288,14 @@ describe("handleSurfaceAction — launch_conversation dispatch", () => {
     expect(openEvents[0].message.title).toBe("New Thread");
 
     // 3. The spawned conversation inherited the origin's trust context.
-    expect(harness.lastTrustContext()).toEqual(originTrustContext);
+    expect(trustContextOnConversation).toEqual(originTrustContext);
 
     // 4. Seed turn was kicked off fire-and-forget — resolve it to clean
     //    up the pending promise the harness stubbed.
-    await harness.processStarted;
-    expect(harness.processCalls).toHaveLength(1);
-    expect(harness.processCalls[0].content).toBe("S");
-    harness.resolveProcess();
+    await processStartedPromise;
+    expect(processMessageCalls).toHaveLength(1);
+    expect(processMessageCalls[0].content).toBe("S");
+    resolveProcess();
 
     // 5. No chat message side effect on the origin conversation — neither
     //    the LLM pipeline nor the `[User action on app: ...]` text echo.
@@ -358,7 +351,7 @@ describe("handleSurfaceAction — launch_conversation dispatch", () => {
 
   test("omits originTrustContext when origin conversation has none", async () => {
     nextKeyStoreResult = { conversationId: "conv-launched-3" };
-    const harness = setupLaunchDeps();
+    
     // No `trustContext` on the origin context — simulating the
     // no-inherited-guardian path.
     const ctx = makeContext();
@@ -376,20 +369,20 @@ describe("handleSurfaceAction — launch_conversation dispatch", () => {
     });
 
     // Trust context was never applied to the spawned conversation.
-    expect(harness.lastTrustContext()).toBeNull();
+    expect(trustContextOnConversation).toBeNull();
 
     // Still exactly one open_conversation event with focus: false.
     const openEvents = openConversationEvents();
     expect(openEvents).toHaveLength(1);
     expect(openEvents[0].message.focus).toBe(false);
 
-    await harness.processStarted;
-    harness.resolveProcess();
+    await processStartedPromise;
+    resolveProcess();
   });
 
   test("handler returns before the seed turn resolves (fire-and-forget)", async () => {
     nextKeyStoreResult = { conversationId: "conv-nonblocking" };
-    const harness = setupLaunchDeps();
+    
     const ctx = makeContext();
     registerCardSurface(ctx, "surface-4");
 
@@ -413,14 +406,14 @@ describe("handleSurfaceAction — launch_conversation dispatch", () => {
     // Seed turn is in-flight but not yet resolved. Prove the helper
     // actually invoked it (so we know fire-and-forget is wired), then
     // resolve it to clean up.
-    await harness.processStarted;
-    expect(harness.processCalls).toHaveLength(1);
-    harness.resolveProcess();
+    await processStartedPromise;
+    expect(processMessageCalls).toHaveLength(1);
+    resolveProcess();
   });
 
   test("seed turn rejection is swallowed by the helper's .catch()", async () => {
     nextKeyStoreResult = { conversationId: "conv-seed-fails" };
-    const harness = setupLaunchDeps();
+    
     const ctx = makeContext();
     registerCardSurface(ctx, "surface-5");
 
@@ -438,8 +431,8 @@ describe("handleSurfaceAction — launch_conversation dispatch", () => {
     // Reject the pending seed turn — the helper's `.catch()` handler
     // must swallow it. If it didn't, Bun would surface the unhandled
     // rejection at test-end and this test would fail.
-    await harness.processStarted;
-    harness.rejectProcess(new Error("seed-turn-failed"));
+    await processStartedPromise;
+    rejectProcess(new Error("seed-turn-failed"));
     // Give the microtask queue a tick so the `.catch()` runs before
     // the test completes.
     await Promise.resolve();
@@ -456,7 +449,7 @@ describe("handleSurfaceAction — launch_conversation dispatch", () => {
     // message and triggering a full LLM round-trip on every click. The plan
     // claimed to eliminate that round-trip; this test enforces it.
     nextKeyStoreResult = { conversationId: "conv-pending-set" };
-    const harness = setupLaunchDeps();
+    
     const ctx = makeContext();
     registerCardSurface(ctx, "surface-pending");
     // Simulate `ui_show` having stamped a pending entry for this surface
@@ -491,7 +484,7 @@ describe("handleSurfaceAction — launch_conversation dispatch", () => {
     // persistent card aren't blocked behind a stale "owes-an-answer" flag.
     expect(ctx.pendingSurfaceActions.has("surface-pending")).toBe(false);
 
-    await harness.processStarted;
-    harness.resolveProcess();
+    await processStartedPromise;
+    resolveProcess();
   });
 });

package/src/daemon/__tests__/daemon-skill-host.test.ts

@@ -110,13 +110,8 @@ mock.module("../../runtime/assistant-event-hub.js", () => ({
 }));
 
 mock.module("../../runtime/assistant-event.js", () => ({
-  buildAssistantEvent: (
-    assistantId: string,
-    message: unknown,
-    conversationId?: string,
-  ) => ({
+  buildAssistantEvent: (message: unknown, conversationId?: string) => ({
     id: "evt-1",
-    assistantId,
     conversationId,
     emittedAt: "2024-01-01T00:00:00.000Z",
     message,
@@ -195,7 +190,6 @@ describe("createDaemonSkillHost", () => {
 
   test("identity normalizes a null assistant name to undefined", () => {
     expect(host.identity.getAssistantName()).toBeUndefined();
-    expect(host.identity.internalAssistantId).toBe("self");
   });
 
   test("platform methods return the stubbed values", () => {
@@ -243,11 +237,10 @@ describe("createDaemonSkillHost", () => {
 
   test("events.publish, subscribe, and buildEvent plumb through the hub", async () => {
     const evt = host.events.buildEvent({ type: "ping" }, "c1");
-    expect(evt.assistantId).toBe("self");
     expect(evt.conversationId).toBe("c1");
     await host.events.publish(evt);
     expect(publishSpy).toHaveBeenCalled();
-    const sub = host.events.subscribe({ assistantId: "self" }, () => undefined);
+    const sub = host.events.subscribe({}, () => undefined);
     expect(sub.active).toBe(true);
     expect(subscribeSpy).toHaveBeenCalled();
   });

package/src/daemon/connection-policy.ts

@@ -1,32 +1,7 @@
 /**
- * Connection policy helpers for daemon autostart and authentication behavior.
- *
- * Token authentication is always required.
- * To explicitly disable auth (e.g. development/testing scenarios),
- * set VELLUM_DAEMON_NOAUTH=1 on both the daemon and the client.
- * This is an intentional opt-in to an unsafe mode — never enable it
- * on connections accessible to untrusted users.
+ * Connection policy helpers for daemon autostart behavior.
  */
 
-/**
- * True when the user has explicitly opted into unauthenticated connections
- * via VELLUM_DAEMON_NOAUTH=1.
- *
- * Requires VELLUM_UNSAFE_AUTH_BYPASS=1 as a safety gate to prevent
- * accidental production use.
- */
-export function hasNoAuthOverride(
-  env: Record<string, string | undefined> = process.env,
-): boolean {
-  const value = env.VELLUM_DAEMON_NOAUTH?.trim();
-  if (value !== "1" && value !== "true") return false;
-
-  const safetyGate = env.VELLUM_UNSAFE_AUTH_BYPASS?.trim();
-  if (safetyGate !== "1") return false;
-
-  return true;
-}
-
 export function shouldAutoStartDaemon(
   env: Record<string, string | undefined> = process.env,
 ): boolean {

package/src/daemon/conversation-agent-loop-handlers.ts

@@ -26,6 +26,7 @@ import {
   recordRequestLog,
 } from "../memory/llm-request-log-store.js";
 import { backfillMemoryRecallLogMessageId } from "../memory/memory-recall-log-store.js";
+import { backfillMemoryV2ActivationMessageId } from "../memory/memory-v2-activation-log-store.js";
 import { getThreadTs } from "../memory/slack-thread-store.js";
 import {
   type SlackMessageMetadata,
@@ -158,7 +159,15 @@ export interface EventHandlerState {
   /** Stores risk metadata keyed by tool_use_id (populated in handleToolResult). */
   readonly toolRiskOutcomes: Map<
     string,
-    { riskLevel: string; riskReason?: string; autoApproved: boolean }
+    {
+      riskLevel: string;
+      riskReason?: string;
+      autoApproved: boolean;
+      matchedTrustRuleId?: string;
+      approvalMode?: string;
+      approvalReason?: string;
+      riskThreshold?: string;
+    }
   >;
   /** tool_use_ids emitted in the current turn (populated in handleToolUse, cleared after annotation). */
   currentTurnToolUseIds: string[];
@@ -224,20 +233,31 @@ export function createEventHandlerState(): EventHandlerState {
 
 // ── Shared Helper ────────────────────────────────────────────────────
 
+// providerNameOverride should be supplied when the caller already knows the
+// resolved provider name (e.g. handleUsage, which has event.actualProvider).
+// When called during streaming (text_delta / thinking_delta) the override is
+// omitted and provider.name is used — the CallSiteRoutingProvider getter
+// returns the active transport name during sendMessage, so they agree.
+// Passing the override from handleUsage guarantees started/finished never
+// disagree even for tool-call-only responses where text_delta never fires
+// (and therefore the started event would otherwise fall back here *after*
+// the AsyncLocalStorage context in CallSiteRoutingProvider has already exited).
 function emitLlmCallStartedIfNeeded(
   state: EventHandlerState,
   deps: EventHandlerDeps,
+  providerNameOverride?: string,
 ): void {
   if (state.llmCallStartedEmitted) return;
   state.llmCallStartedEmitted = true;
+  const providerName = providerNameOverride ?? deps.ctx.provider.name;
   deps.ctx.traceEmitter.emit(
     "llm_call_started",
-    `LLM call to ${deps.ctx.provider.name}`,
+    `LLM call to ${providerName}`,
     {
       requestId: deps.reqId,
       status: "info",
       attributes: {
-        provider: deps.ctx.provider.name,
+        provider: providerName,
         model: state.model || "unknown",
       },
     },
@@ -290,6 +310,7 @@ function handleTextDelta(
         "first_text_delta",
         "assistant_turn",
         deps.reqId,
+        "Thinking",
       );
     }
     deps.onEvent({
@@ -522,6 +543,10 @@ export function handleToolResult(
       riskLevel: event.riskLevel,
       riskReason: event.riskReason,
       autoApproved: !state.toolConfirmationOutcomes.has(event.toolUseId),
+      matchedTrustRuleId: event.matchedTrustRuleId,
+      approvalMode: event.approvalMode,
+      approvalReason: event.approvalReason,
+      riskThreshold: event.riskThreshold,
     });
   }
 
@@ -598,9 +623,13 @@ export function handleToolResult(
     toolUseId: event.toolUseId,
     riskLevel: event.riskLevel,
     riskReason: event.riskReason,
+    matchedTrustRuleId: event.matchedTrustRuleId,
     isContainerized: event.isContainerized,
     riskScopeOptions: event.riskScopeOptions,
     riskDirectoryScopeOptions: event.riskDirectoryScopeOptions,
+    approvalMode: event.approvalMode,
+    approvalReason: event.approvalReason,
+    riskThreshold: event.riskThreshold,
   });
 }
 
@@ -653,6 +682,11 @@ function annotatePersistedAssistantMessage(
         rec._riskLevel = risk.riskLevel;
         if (risk.riskReason) rec._riskReason = risk.riskReason;
         rec._autoApproved = risk.autoApproved;
+        if (risk.matchedTrustRuleId)
+          rec._matchedTrustRuleId = risk.matchedTrustRuleId;
+        if (risk.approvalMode) rec._approvalMode = risk.approvalMode;
+        if (risk.approvalReason) rec._approvalReason = risk.approvalReason;
+        if (risk.riskThreshold) rec._riskThreshold = risk.riskThreshold;
         modified = true;
       }
     }
@@ -937,6 +971,18 @@ export async function handleMessageComplete(
     );
   }
 
+  try {
+    backfillMemoryV2ActivationMessageId(
+      deps.ctx.conversationId,
+      assistantMsg.id,
+    );
+  } catch (err) {
+    deps.rlog.warn(
+      { err },
+      "Failed to backfill memory v2 activation log messageId (non-fatal)",
+    );
+  }
+
   deps.ctx.currentTurnSurfaces = [];
 
   // Emit trace event
@@ -1018,7 +1064,9 @@ function handleUsage(
     }
   }
 
-  emitLlmCallStartedIfNeeded(state, deps);
+  // Pass providerName so that if text_delta never fired (tool-call-only
+  // responses), the started event uses the same resolved name as finished.
+  emitLlmCallStartedIfNeeded(state, deps, providerName);
 
   deps.ctx.traceEmitter.emit(
     "llm_call_finished",
@@ -1096,6 +1144,7 @@ export async function dispatchAgentEvent(
           "tool_result_received",
           "assistant_turn",
           deps.reqId,
+          "Thinking",
         );
 
         // Format web search results into a human-readable string for the client.