npm - @vellumai/assistant - Versions diffs - 0.7.3 → 0.8.0 - Mend

@vellumai/assistant 0.7.3 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/ARCHITECTURE.md +29 -28
package/Dockerfile +1 -0
package/__tests__/permissions/gateway-threshold-reader.test.ts +236 -9
package/bun.lock +3 -0
package/knip.json +1 -0
package/node_modules/@vellumai/ipc-server-utils/bun.lock +24 -0
package/node_modules/@vellumai/ipc-server-utils/package.json +18 -0
package/node_modules/@vellumai/ipc-server-utils/src/index.ts +6 -0
package/node_modules/@vellumai/ipc-server-utils/src/socket-watchdog.test.ts +430 -0
package/node_modules/@vellumai/ipc-server-utils/src/socket-watchdog.ts +221 -0
package/node_modules/@vellumai/ipc-server-utils/tsconfig.json +20 -0
package/openapi.yaml +22 -4
package/package.json +3 -1
package/src/__tests__/annotate-risk-options.test.ts +291 -0
package/src/__tests__/approval-cascade.test.ts +8 -16
package/src/__tests__/approval-routes-http.test.ts +6 -0
package/src/__tests__/auto-analysis-end-to-end.test.ts +12 -25
package/src/__tests__/call-constants.test.ts +10 -1
package/src/__tests__/call-controller.test.ts +127 -0
package/src/__tests__/cli-memory-v2-reembed-skills.test.ts +58 -28
package/src/__tests__/config-loader-platform-defaults.test.ts +284 -1
package/src/__tests__/context-search-memory-source.test.ts +3 -26
package/src/__tests__/context-search-pkb-source.test.ts +12 -6
package/src/__tests__/conversation-abort-tool-results.test.ts +1 -6
package/src/__tests__/conversation-agent-loop-inference-profile.test.ts +1 -1
package/src/__tests__/conversation-agent-loop-overflow.test.ts +1 -1
package/src/__tests__/conversation-agent-loop.test.ts +3 -3
package/src/__tests__/conversation-confirmation-signals.test.ts +5 -13
package/src/__tests__/conversation-init.benchmark.test.ts +1 -1
package/src/__tests__/conversation-process-callsite.test.ts +1 -6
package/src/__tests__/conversation-provider-retry-repair.test.ts +1 -6
package/src/__tests__/conversation-runtime-assembly.test.ts +15 -6
package/src/__tests__/conversation-slash-unknown.test.ts +1 -6
package/src/__tests__/conversation-surfaces-action-delivery.test.ts +170 -9
package/src/__tests__/conversation-surfaces-data-persist.test.ts +73 -1
package/src/__tests__/conversation-tool-setup-app-refresh.test.ts +59 -0
package/src/__tests__/conversation-workspace-injection.test.ts +1 -7
package/src/__tests__/conversation-workspace-tool-tracking.test.ts +1 -7
package/src/__tests__/filing-service.test.ts +2 -19
package/src/__tests__/handlers-skills-memory-v2-reseed.test.ts +10 -26
package/src/__tests__/injector-chain.test.ts +24 -16
package/src/__tests__/injector-pkb-v2-silenced.test.ts +10 -7
package/src/__tests__/lifecycle-memory-v2-seed.test.ts +154 -67
package/src/__tests__/notification-decision-fallback.test.ts +91 -0
package/src/__tests__/notification-decision-strategy.test.ts +22 -0
package/src/__tests__/oauth-cli.test.ts +121 -0
package/src/__tests__/relay-server.test.ts +46 -2
package/src/__tests__/secret-prompt-log-hygiene.test.ts +7 -5
package/src/__tests__/secret-prompter-channel-fallback.test.ts +7 -5
package/src/__tests__/secret-response-routing.test.ts +7 -5
package/src/__tests__/server-history-render.test.ts +82 -0
package/src/__tests__/skill-include-graph.test.ts +31 -0
package/src/__tests__/skill-load-tool.test.ts +44 -16
package/src/__tests__/skills.test.ts +39 -0
package/src/__tests__/tool-execution-pipeline.benchmark.test.ts +0 -42
package/src/__tests__/tool-executor.test.ts +155 -0
package/src/__tests__/voice-session-bridge.test.ts +3 -0
package/src/__tests__/workspace-migration-069-seed-onboarding-threads.test.ts +120 -0
package/src/__tests__/workspace-migration-071-remove-safe-storage-release-note.test.ts +206 -0
package/src/__tests__/workspace-migration-safe-storage-limits-release.test.ts +15 -27
package/src/agent/loop.ts +11 -0
package/src/approvals/guardian-decision-primitive.ts +0 -13
package/src/approvals/guardian-request-resolvers.ts +4 -32
package/src/calls/call-constants.ts +5 -8
package/src/calls/call-controller.ts +130 -67
package/src/calls/relay-server.ts +7 -1
package/src/calls/voice-session-bridge.ts +1 -1
package/src/cli/commands/memory-v2.ts +7 -7
package/src/cli/commands/oauth/__tests__/connect.test.ts +0 -254
package/src/cli/commands/oauth/connect.ts +10 -52
package/src/config/bundled-skills/app-builder/SKILL.md +1 -3
package/src/config/feature-flag-registry.json +1 -17
package/src/config/loader.ts +72 -19
package/src/config/schemas/memory-v2.ts +1 -1
package/src/daemon/__tests__/conversation-lifecycle-auto-analyze.test.ts +32 -0
package/src/daemon/conversation-agent-loop-handlers.ts +32 -0
package/src/daemon/conversation-agent-loop.ts +13 -10
package/src/daemon/conversation-lifecycle.ts +22 -8
package/src/daemon/conversation-surfaces.ts +16 -14
package/src/daemon/conversation-tool-setup.ts +9 -5
package/src/daemon/conversation.ts +1 -1
package/src/daemon/handlers/shared.ts +26 -0
package/src/daemon/host-bash-proxy.ts +1 -1
package/src/daemon/host-browser-proxy.ts +1 -1
package/src/daemon/host-cu-proxy.ts +1 -1
package/src/daemon/host-file-proxy.ts +1 -1
package/src/daemon/host-transfer-proxy.ts +2 -2
package/src/daemon/lifecycle.ts +88 -73
package/src/daemon/memory-v2-startup.ts +55 -14
package/src/daemon/message-types/messages.ts +19 -1
package/src/documents/document-store.ts +35 -1
package/src/filing/filing-service.ts +2 -3
package/src/heartbeat/heartbeat-service.ts +1 -1
package/src/ipc/assistant-server.ts +93 -36
package/src/ipc/skill-server.ts +99 -42
package/src/memory/__tests__/jobs-worker-v2-schedule.test.ts +10 -57
package/src/memory/context-search/sources/memory-v2.ts +1 -17
package/src/memory/context-search/sources/memory.ts +2 -2
package/src/memory/context-search/sources/pkb.ts +2 -3
package/src/memory/graph/__tests__/conversation-graph-memory-v2-routing.test.ts +104 -61
package/src/memory/graph/__tests__/handle-remember-v2.test.ts +11 -26
package/src/memory/graph/conversation-graph-memory.ts +32 -9
package/src/memory/graph/graph-search.test.ts +6 -5
package/src/memory/graph/graph-search.ts +3 -4
package/src/memory/graph/retriever.test.ts +12 -7
package/src/memory/graph/retriever.ts +4 -5
package/src/memory/graph/tool-handlers.ts +3 -4
package/src/memory/graph/tools.ts +4 -4
package/src/memory/indexer.ts +1 -2
package/src/memory/jobs/__tests__/embed-concept-page.test.ts +116 -0
package/src/memory/jobs/embed-concept-page.ts +223 -87
package/src/memory/jobs-worker.ts +8 -4
package/src/memory/pkb/pkb-search.test.ts +6 -5
package/src/memory/pkb/pkb-search.ts +4 -5
package/src/memory/qdrant-client.ts +3 -0
package/src/memory/search/semantic.ts +4 -5
package/src/memory/v2/__tests__/activation.test.ts +35 -5
package/src/memory/v2/__tests__/consolidation-job.test.ts +21 -32
package/src/memory/v2/__tests__/injection.test.ts +140 -23
package/src/memory/v2/__tests__/qdrant.test.ts +310 -9
package/src/memory/v2/__tests__/sim.test.ts +118 -7
package/src/memory/v2/__tests__/static-context.test.ts +1 -13
package/src/memory/v2/__tests__/sweep-job.test.ts +19 -33
package/src/memory/v2/consolidation-job.ts +7 -8
package/src/memory/v2/injection.ts +32 -12
package/src/memory/v2/page-store.ts +39 -0
package/src/memory/v2/prompts/consolidation.ts +5 -0
package/src/memory/v2/qdrant.ts +209 -48
package/src/memory/v2/sim.ts +67 -26
package/src/memory/v2/static-context.ts +4 -8
package/src/memory/v2/sweep-job.ts +5 -6
package/src/memory/v2/types.ts +7 -0
package/src/notifications/copy-composer.ts +46 -12
package/src/notifications/decision-engine.ts +46 -0
package/src/permissions/gateway-threshold-reader.ts +116 -8
package/src/permissions/prompter.ts +86 -96
package/src/permissions/secret-prompter.ts +31 -31
package/src/plugins/defaults/injectors.ts +1 -2
package/src/proactive-artifact/job.test.ts +51 -4
package/src/proactive-artifact/job.ts +16 -2
package/src/proactive-artifact/message-copy.ts +18 -1
package/src/prompts/templates/SOUL.md +13 -28
package/src/runtime/auth/route-policy.ts +1 -0
package/src/runtime/channel-approvals.ts +3 -2
package/src/runtime/guardian-reply-router.ts +0 -10
package/src/runtime/pending-interactions.ts +19 -15
package/src/runtime/routes/__tests__/memory-v2-routes.test.ts +147 -0
package/src/runtime/routes/approval-routes.ts +7 -3
package/src/runtime/routes/consolidation-routes.ts +8 -9
package/src/runtime/routes/conversation-query-routes.ts +44 -1
package/src/runtime/routes/debug-bash-routes.ts +2 -0
package/src/runtime/routes/filing-routes.ts +2 -3
package/src/runtime/routes/inbound-stages/guardian-reply-intercept.ts +0 -3
package/src/runtime/routes/memory-item-routes.test.ts +3 -9
package/src/runtime/routes/memory-item-routes.ts +5 -6
package/src/runtime/routes/memory-v2-routes.ts +103 -17
package/src/skills/include-graph.ts +35 -13
package/src/tools/document/document-tool.ts +20 -0
package/src/tools/executor.ts +18 -2
package/src/tools/memory/register.test.ts +7 -5
package/src/tools/permission-checker.ts +15 -0
package/src/tools/skills/load.ts +24 -20
package/src/tools/tool-name-aliases.ts +19 -0
package/src/tools/types.ts +19 -1
package/src/workspace/migrations/067-release-notes-safe-storage-limits.ts +4 -62
package/src/workspace/migrations/069-seed-onboarding-threads.ts +28 -0
package/src/workspace/migrations/070-memory-v2-summary-schema-rebuild.ts +31 -0
package/src/workspace/migrations/071-remove-safe-storage-release-note.ts +111 -0
package/src/workspace/migrations/registry.ts +6 -0

package/src/__tests__/workspace-migration-069-seed-onboarding-threads.test.ts ADDED Viewed

@@ -0,0 +1,120 @@
+/**
+ * Tests for workspace migration `069-seed-onboarding-threads`.
+ *
+ * The migration writes onboarding bullet content to `memory/threads.md` only
+ * when the file exists and is empty (or whitespace-only). It must preserve
+ * any existing content and must be idempotent.
+ */
+import {
+  existsSync,
+  mkdirSync,
+  mkdtempSync,
+  readFileSync,
+  rmSync,
+  writeFileSync,
+} from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { afterEach, beforeEach, describe, expect, test } from "bun:test";
+import { memoryV2InitMigration } from "../workspace/migrations/060-memory-v2-init.js";
+import { seedOnboardingThreadsMigration } from "../workspace/migrations/069-seed-onboarding-threads.js";
+let workspaceDir: string;
+beforeEach(() => {
+  workspaceDir = mkdtempSync(join(tmpdir(), "vellum-migration-069-test-"));
+});
+afterEach(() => {
+  if (existsSync(workspaceDir)) {
+    rmSync(workspaceDir, { recursive: true, force: true });
+  }
+});
+function readThreads(): string {
+  return readFileSync(join(workspaceDir, "memory", "threads.md"), "utf-8");
+}
+describe("069-seed-onboarding-threads migration", () => {
+  test("has correct id and description", () => {
+    expect(seedOnboardingThreadsMigration.id).toBe(
+      "069-seed-onboarding-threads",
+    );
+    expect(seedOnboardingThreadsMigration.description).toContain("threads.md");
+  });
+  test.each([
+    ["empty file", ""],
+    ["whitespace-only file", "   \n\n"],
+  ])("seeds onboarding bullets when memory/threads.md is %s", (_, initial) => {
+    mkdirSync(join(workspaceDir, "memory"), { recursive: true });
+    writeFileSync(join(workspaceDir, "memory", "threads.md"), initial, "utf-8");
+    seedOnboardingThreadsMigration.run(workspaceDir);
+    const content = readThreads();
+    expect(content).toContain("Figure out what kind of personality");
+    expect(content).toContain("data/avatar/avatar-image.png");
+    expect(content).toContain("ChatGPT, Claude");
+    expect(content).toContain("Slack or Telegram");
+  });
+  test("preserves existing content when memory/threads.md is non-empty", () => {
+    mkdirSync(join(workspaceDir, "memory"), { recursive: true });
+    const existing = "Follow up with Bob about the design review.\n";
+    writeFileSync(
+      join(workspaceDir, "memory", "threads.md"),
+      existing,
+      "utf-8",
+    );
+    seedOnboardingThreadsMigration.run(workspaceDir);
+    expect(readThreads()).toBe(existing);
+  });
+  test("no-op when memory/threads.md does not exist", () => {
+    seedOnboardingThreadsMigration.run(workspaceDir);
+    expect(existsSync(join(workspaceDir, "memory", "threads.md"))).toBe(false);
+  });
+  test("idempotent — second run does not duplicate or rewrite content", () => {
+    mkdirSync(join(workspaceDir, "memory"), { recursive: true });
+    writeFileSync(join(workspaceDir, "memory", "threads.md"), "", "utf-8");
+    seedOnboardingThreadsMigration.run(workspaceDir);
+    const afterFirst = readThreads();
+    seedOnboardingThreadsMigration.run(workspaceDir);
+    const afterSecond = readThreads();
+    expect(afterSecond).toBe(afterFirst);
+  });
+  test("composes with 060: fresh workspace -> 060 -> 069 produces seeded threads.md", () => {
+    memoryV2InitMigration.run(workspaceDir);
+    seedOnboardingThreadsMigration.run(workspaceDir);
+    expect(readThreads()).toContain("Figure out what kind of personality");
+    // The other v2 prose files are untouched (still empty).
+    for (const filename of ["essentials.md", "recent.md", "buffer.md"]) {
+      expect(
+        readFileSync(join(workspaceDir, "memory", filename), "utf-8"),
+      ).toBe("");
+    }
+  });
+  test("down() is a no-op — seeded content remains", () => {
+    mkdirSync(join(workspaceDir, "memory"), { recursive: true });
+    writeFileSync(join(workspaceDir, "memory", "threads.md"), "", "utf-8");
+    seedOnboardingThreadsMigration.run(workspaceDir);
+    const seeded = readThreads();
+    seedOnboardingThreadsMigration.down(workspaceDir);
+    expect(readThreads()).toBe(seeded);
+  });
+});

package/src/__tests__/workspace-migration-071-remove-safe-storage-release-note.test.ts ADDED Viewed

@@ -0,0 +1,206 @@
+import {
+  existsSync,
+  mkdtempSync,
+  readFileSync,
+  rmSync,
+  writeFileSync,
+} from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import {
+  afterAll,
+  afterEach,
+  beforeAll,
+  beforeEach,
+  describe,
+  expect,
+  test,
+} from "bun:test";
+import { removeSafeStorageReleaseNoteMigration } from "../workspace/migrations/071-remove-safe-storage-release-note.js";
+const MIGRATION_ID = "071-remove-safe-storage-release-note";
+const SAFE_STORAGE_MARKER =
+  "<!-- release-note-id:067-release-notes-safe-storage-limits -->";
+const LATER_MARKER =
+  "<!-- release-note-id:068-release-notes-local-timezone -->";
+const SAFE_STORAGE_RELEASE_NOTE = `${SAFE_STORAGE_MARKER}
+## Safe storage limits
+A new storage protection mode is available behind the safe-storage-limits
+rollout flag. When enabled, the assistant watches workspace disk usage and
+enters cleanup mode if the volume reaches the critical 95% threshold.
+In cleanup mode, background processes pause and remote messages, including
+trusted-contact messages, are blocked until the guardian frees enough space or
+explicitly overrides the lock. The macOS app now shows a storage cleanup banner
+that must be acknowledged before cleanup chat continues, then keeps a status
+banner visible while cleanup mode is active.
+`;
+let testRoot: string;
+let workspaceDir: string;
+beforeAll(() => {
+  testRoot = mkdtempSync(join(tmpdir(), "migration-071-remove-safe-storage-"));
+});
+afterAll(() => {
+  rmSync(testRoot, { recursive: true, force: true });
+});
+beforeEach(() => {
+  workspaceDir = mkdtempSync(join(testRoot, "ws-"));
+});
+afterEach(() => {
+  rmSync(workspaceDir, { recursive: true, force: true });
+});
+function updatesPath(): string {
+  return join(workspaceDir, "UPDATES.md");
+}
+describe("workspace migration 071-remove-safe-storage-release-note", () => {
+  test("has the correct id and description", () => {
+    expect(removeSafeStorageReleaseNoteMigration.id).toBe(MIGRATION_ID);
+    expect(removeSafeStorageReleaseNoteMigration.description).toContain(
+      "safe storage release note",
+    );
+  });
+  test("missing UPDATES.md is a no-op", () => {
+    expect(existsSync(updatesPath())).toBe(false);
+    removeSafeStorageReleaseNoteMigration.run(workspaceDir);
+    expect(existsSync(updatesPath())).toBe(false);
+  });
+  test("removes UPDATES.md when it only contains the safe-storage bulletin", () => {
+    writeFileSync(updatesPath(), SAFE_STORAGE_RELEASE_NOTE, "utf-8");
+    removeSafeStorageReleaseNoteMigration.run(workspaceDir);
+    expect(existsSync(updatesPath())).toBe(false);
+  });
+  test("preserves prior unrelated release notes when removing the safe-storage block", () => {
+    const prior = `<!-- release-note-id:066-earlier-note -->
+## Earlier note
+This note should stay.
+`;
+    writeFileSync(
+      updatesPath(),
+      `${prior}\n${SAFE_STORAGE_RELEASE_NOTE}`,
+      "utf-8",
+    );
+    removeSafeStorageReleaseNoteMigration.run(workspaceDir);
+    const content = readFileSync(updatesPath(), "utf-8");
+    expect(content).toContain("## Earlier note");
+    expect(content).toContain("This note should stay.");
+    expect(content).not.toContain(SAFE_STORAGE_MARKER);
+    expect(content).not.toContain("Safe storage limits");
+  });
+  test("preserves a later release-note block after safe storage", () => {
+    const later = `${LATER_MARKER}
+## Local timezone grounding
+This later note should stay.
+`;
+    writeFileSync(
+      updatesPath(),
+      `${SAFE_STORAGE_RELEASE_NOTE}\n${later}`,
+      "utf-8",
+    );
+    removeSafeStorageReleaseNoteMigration.run(workspaceDir);
+    const content = readFileSync(updatesPath(), "utf-8");
+    expect(content.startsWith(LATER_MARKER)).toBe(true);
+    expect(content).toContain("## Local timezone grounding");
+    expect(content).toContain("This later note should stay.");
+    expect(content).not.toContain(SAFE_STORAGE_MARKER);
+    expect(content).not.toContain("Safe storage limits");
+  });
+  test("fallback preserves a later release-note block after a partial safe-storage block", () => {
+    const partialSafeStorage = `${SAFE_STORAGE_MARKER}
+## Safe storage limits
+Partially written note.
+`;
+    const later = `${LATER_MARKER}
+## Local timezone grounding
+This later note should stay.
+`;
+    writeFileSync(updatesPath(), `${partialSafeStorage}\n${later}`, "utf-8");
+    removeSafeStorageReleaseNoteMigration.run(workspaceDir);
+    const content = readFileSync(updatesPath(), "utf-8");
+    expect(content.startsWith(LATER_MARKER)).toBe(true);
+    expect(content).toContain("## Local timezone grounding");
+    expect(content).not.toContain(SAFE_STORAGE_MARKER);
+    expect(content).not.toContain("Partially written note.");
+  });
+  test("content without the safe-storage marker is byte-identical", () => {
+    const original =
+      "## Existing note\r\n\r\nNo safe storage marker appears here.\r\n";
+    writeFileSync(updatesPath(), original, "utf-8");
+    removeSafeStorageReleaseNoteMigration.run(workspaceDir);
+    expect(readFileSync(updatesPath(), "utf-8")).toBe(original);
+  });
+  test("preserves CRLF in unrelated content when removing the safe-storage block", () => {
+    const prior =
+      "<!-- release-note-id:066-earlier-note -->\r\n## Earlier note\r\n\r\nThis note should keep CRLF.\r\n";
+    writeFileSync(
+      updatesPath(),
+      `${prior}\r\n${SAFE_STORAGE_RELEASE_NOTE}`,
+      "utf-8",
+    );
+    removeSafeStorageReleaseNoteMigration.run(workspaceDir);
+    expect(readFileSync(updatesPath(), "utf-8")).toBe(prior);
+  });
+  test("running twice is idempotent", () => {
+    const prior = `<!-- release-note-id:066-earlier-note -->
+## Earlier note
+This note should stay.
+`;
+    const later = `${LATER_MARKER}
+## Local timezone grounding
+This later note should stay.
+`;
+    writeFileSync(
+      updatesPath(),
+      `${prior}\n${SAFE_STORAGE_RELEASE_NOTE}\n${later}`,
+      "utf-8",
+    );
+    removeSafeStorageReleaseNoteMigration.run(workspaceDir);
+    const afterFirst = readFileSync(updatesPath(), "utf-8");
+    removeSafeStorageReleaseNoteMigration.run(workspaceDir);
+    const afterSecond = readFileSync(updatesPath(), "utf-8");
+    expect(afterSecond).toBe(afterFirst);
+    expect(afterSecond).toContain("## Earlier note");
+    expect(afterSecond).toContain("## Local timezone grounding");
+    expect(afterSecond).not.toContain(SAFE_STORAGE_MARKER);
+  });
+});

package/src/__tests__/workspace-migration-safe-storage-limits-release.test.ts CHANGED Viewed

@@ -12,7 +12,6 @@ import { afterEach, beforeEach, describe, expect, test } from "bun:test";
 import { releaseNotesSafeStorageLimitsMigration } from "../workspace/migrations/067-release-notes-safe-storage-limits.js";
 const MIGRATION_ID = "067-release-notes-safe-storage-limits";
-const MARKER = `<!-- release-note-id:${MIGRATION_ID} -->`;
 let workspaceDir: string;
@@ -28,10 +27,6 @@ function updatesPath(): string {
   return join(workspaceDir, "UPDATES.md");
 }
-function markerCount(content: string): number {
-  return content.split(MARKER).length - 1;
-}
 beforeEach(() => {
   freshWorkspace();
 });
@@ -47,44 +42,37 @@ describe("workspace migration 067-release-notes-safe-storage-limits", () => {
     expect(releaseNotesSafeStorageLimitsMigration.id).toBe(MIGRATION_ID);
   });
-  test("creates UPDATES.md with marker and key copy when file is absent", () => {
+  test("does not create UPDATES.md when file is absent", () => {
     expect(existsSync(updatesPath())).toBe(false);
     releaseNotesSafeStorageLimitsMigration.run(workspaceDir);
-    const content = readFileSync(updatesPath(), "utf-8");
-    expect(content).toContain(MARKER);
-    expect(content).toContain("safe-storage-limits");
-    expect(content).toContain("critical 95% threshold");
-    expect(content).toContain("trusted-contact messages");
+    expect(existsSync(updatesPath())).toBe(false);
   });
-  test("is idempotent when run twice", () => {
-    releaseNotesSafeStorageLimitsMigration.run(workspaceDir);
+  test("leaves existing UPDATES.md byte-identical", () => {
+    const existing = "## Prior\n\nExisting release note.\n";
+    writeFileSync(updatesPath(), existing, "utf-8");
     releaseNotesSafeStorageLimitsMigration.run(workspaceDir);
-    const content = readFileSync(updatesPath(), "utf-8");
-    expect(markerCount(content)).toBe(1);
-    expect(content.match(/Safe storage limits/g)?.length).toBe(1);
+    expect(readFileSync(updatesPath(), "utf-8")).toBe(existing);
   });
-  test("appends to existing UPDATES.md when marker is absent", () => {
-    const prior = "## Prior\n\nExisting release note.\n";
-    writeFileSync(updatesPath(), prior, "utf-8");
+  test("is idempotent when run twice in an empty workspace", () => {
+    releaseNotesSafeStorageLimitsMigration.run(workspaceDir);
     releaseNotesSafeStorageLimitsMigration.run(workspaceDir);
-    const content = readFileSync(updatesPath(), "utf-8");
-    expect(content.startsWith(prior)).toBe(true);
-    expect(content).toContain(MARKER);
+    expect(existsSync(updatesPath())).toBe(false);
   });
-  test("is a no-op when marker is already present", () => {
-    const seeded = `## Prior\n\n${MARKER}\nAlready announced.\n`;
-    writeFileSync(updatesPath(), seeded, "utf-8");
+  test("is idempotent when run twice with existing UPDATES.md", () => {
+    const existing = "## Prior\n\nExisting release note.\n";
+    writeFileSync(updatesPath(), existing, "utf-8");
+    releaseNotesSafeStorageLimitsMigration.run(workspaceDir);
     releaseNotesSafeStorageLimitsMigration.run(workspaceDir);
-    expect(readFileSync(updatesPath(), "utf-8")).toBe(seeded);
+    expect(readFileSync(updatesPath(), "utf-8")).toBe(existing);
   });
 });

package/src/agent/loop.ts CHANGED Viewed

@@ -96,6 +96,11 @@ export type AgentEvent =
       matchedTrustRuleId?: string;
       isContainerized?: boolean;
       riskScopeOptions?: Array<{ pattern: string; label: string }>;
+      riskAllowlistOptions?: Array<{
+        label: string;
+        description: string;
+        pattern: string;
+      }>;
       riskDirectoryScopeOptions?: Array<{ scope: string; label: string }>;
       approvalMode?: string;
       approvalReason?: string;
@@ -282,6 +287,11 @@ export type LoopToolExecutor = (
   matchedTrustRuleId?: string;
   isContainerized?: boolean;
   riskScopeOptions?: Array<{ pattern: string; label: string }>;
+  riskAllowlistOptions?: Array<{
+    label: string;
+    description: string;
+    pattern: string;
+  }>;
   riskDirectoryScopeOptions?: Array<{ scope: string; label: string }>;
   approvalMode?: string;
   approvalReason?: string;
@@ -1001,6 +1011,7 @@ export class AgentLoop {
             matchedTrustRuleId: result.matchedTrustRuleId,
             isContainerized: result.isContainerized,
             riskScopeOptions: result.riskScopeOptions,
+            riskAllowlistOptions: result.riskAllowlistOptions,
             riskDirectoryScopeOptions: result.riskDirectoryScopeOptions,
             approvalMode: result.approvalMode,
             approvalReason: result.approvalReason,

package/src/approvals/guardian-decision-primitive.ts CHANGED Viewed

@@ -355,12 +355,6 @@ export type CanonicalDecisionResult =
       resolverFailed?: boolean;
       resolverFailureReason?: string;
       resolverReplyText?: string;
-      activatedContact?: {
-        sourceChannel: string;
-        externalUserId: string;
-        externalChatId?: string;
-        displayName?: string;
-      };
     }
   | {
       applied: false;
@@ -527,9 +521,6 @@ export async function applyCanonicalGuardianDecision(
   let resolverFailed = false;
   let resolverFailureReason: string | undefined;
   let resolverReplyText: string | undefined;
-  let activatedContact:
-    | { sourceChannel: string; externalUserId: string; externalChatId?: string; displayName?: string }
-    | undefined;
   const resolver = getResolver(request.kind);
   if (resolver) {
     const resolverResult = await resolver.resolve({
@@ -558,9 +549,6 @@ export async function applyCanonicalGuardianDecision(
       resolverFailureReason = resolverResult.reason;
     } else {
       resolverReplyText = resolverResult.guardianReplyText;
-      if (resolverResult.activatedContact) {
-        activatedContact = resolverResult.activatedContact;
-      }
     }
   } else {
     log.info(
@@ -612,6 +600,5 @@ export async function applyCanonicalGuardianDecision(
     grantMinted,
     ...(resolverFailed ? { resolverFailed, resolverFailureReason } : {}),
     ...(resolverReplyText ? { resolverReplyText } : {}),
-    ...(activatedContact ? { activatedContact } : {}),
   };
 }

package/src/approvals/guardian-request-resolvers.ts CHANGED Viewed

@@ -119,12 +119,6 @@ export type ResolverResult =
       applied: true;
       grantMinted?: boolean;
       guardianReplyText?: string;
-      activatedContact?: {
-        sourceChannel: string;
-        externalUserId: string;
-        externalChatId?: string;
-        displayName?: string;
-      };
     }
   | { ok: false; reason: string };
@@ -192,28 +186,15 @@ const pendingInteractionResolver: GuardianRequestResolver = {
       return { ok: false, reason: "pending_interaction_not_found" };
     }
-    // Resolve the interaction: remove from tracker and get the session.
-    const resolved = pendingInteractions.resolve(request.id);
-    if (!resolved) {
-      // Race condition: interaction was consumed between get() and resolve().
-      log.warn(
-        {
-          event: "resolver_tool_approval_resolve_race",
-          requestId: request.id,
-        },
-        "Tool approval resolver: pending interaction consumed between lookup and resolve",
-      );
-      return { ok: false, reason: "pending_interaction_race" };
-    }
     // Map action to the permission system's UserDecision type and notify session.
+    // resolveConfirmation() owns pendingInteractions deregistration.
     const userDecision: UserDecision =
       decision.action === "reject" ? "deny" : "allow";
-    const conversation = findConversation(resolved.conversationId);
+    const conversation = findConversation(interaction.conversationId);
     if (!conversation) {
       return {
         ok: false,
-        reason: `conversation_not_found: ${resolved.conversationId}`,
+        reason: `conversation_not_found: ${interaction.conversationId}`,
       };
     }
     conversation.handleConfirmationResponse(
@@ -539,16 +520,7 @@ const accessRequestResolver: GuardianRequestResolver = {
         );
       });
-      return {
-        ok: true,
-        applied: true,
-        activatedContact: {
-          sourceChannel: "phone",
-          externalUserId: requesterExternalUserId,
-          ...(requesterChatId ? { externalChatId: requesterChatId } : {}),
-          ...(requesterDisplayName ? { displayName: requesterDisplayName } : {}),
-        },
-      };
+      return { ok: true, applied: true };
     }
     // Non-voice approvals: mint an identity-bound verification session so the

package/src/calls/call-constants.ts CHANGED Viewed

@@ -1,14 +1,7 @@
 import { getConfig } from "../config/loader.js";
 // Emergency/high-risk numbers that should never be called
-const DENIED_NUMBERS = new Set([
-  "911",
-  "112",
-  "999",
-  "000",
-  "110",
-  "119",
-]);
+const DENIED_NUMBERS = new Set(["911", "112", "999", "000", "110", "119"]);
 /**
  * Check whether a phone number is a denied emergency number.
@@ -75,3 +68,7 @@ export function getGuardianWaitUpdateSteadyMaxIntervalMs(): number {
 export function getSilenceTimeoutMs(): number {
   return 30 * 1000; // 30 seconds
 }
+export function getEndCallListenWindowMs(): number {
+  return 15 * 1000;
+}