@vellumai/assistant 0.8.4 → 0.8.5

package/src/__tests__/openai-responses-provider.test.ts

@@ -22,6 +22,7 @@ let lastStreamParams: Record<string, unknown> | null = null;
 let lastStreamOptions: Record<string, unknown> | null = null;
 let lastConstructorOptions: Record<string, unknown> | null = null;
 let shouldThrow: Error | null = null;
+const DEFAULT_SDK_TIMEOUT_MS = 1_860_000;
 
 // Simulate OpenAI.APIError
 class FakeAPIError extends Error {
@@ -200,6 +201,19 @@ describe("OpenAIResponsesProvider", () => {
     expect(lastConstructorOptions).toEqual({
       apiKey: "sk-custom",
       baseURL: "https://proxy.example.com/v1",
+      timeout: DEFAULT_SDK_TIMEOUT_MS,
+    });
+  });
+
+  test("passes configured stream timeout plus buffer to OpenAI client", () => {
+    new OpenAIResponsesProvider("sk-custom", "gpt-5.4", {
+      streamTimeoutMs: 300_000,
+    });
+
+    expect(lastConstructorOptions).toEqual({
+      apiKey: "sk-custom",
+      baseURL: undefined,
+      timeout: 360_000,
     });
   });
 
@@ -273,18 +287,6 @@ describe("OpenAIResponsesProvider", () => {
     }
   });
 
-  test("strips SYSTEM_PROMPT_CACHE_BOUNDARY from system prompt", async () => {
-    fakeStreamEvents = [textDeltaEvent("OK"), completedEvent(10, 2)];
-
-    await provider.sendMessage(
-      [{ role: "user", content: [{ type: "text", text: "Hi" }] }],
-      undefined,
-      "Before\n<!-- SYSTEM_PROMPT_CACHE_BOUNDARY -->\nAfter",
-    );
-
-    expect(lastStreamParams!.instructions).toBe("Before\nAfter");
-  });
-
   // -----------------------------------------------------------------------
   // Tool definitions
   // -----------------------------------------------------------------------
@@ -1657,4 +1659,104 @@ describe("OpenAIResponsesProvider — Native Web Search", () => {
       text: "No search needed.",
     });
   });
+
+  // -----------------------------------------------------------------------
+  // codexSubscription — parameter stripping
+  // -----------------------------------------------------------------------
+  test("codexSubscription: strips max_output_tokens from params", async () => {
+    const codexProvider = new OpenAIResponsesProvider("sk-test", "gpt-5.4", {
+      codexSubscription: true,
+    });
+    fakeStreamEvents = [textDeltaEvent("OK"), completedEvent(10, 2)];
+
+    await codexProvider.sendMessage(
+      [{ role: "user", content: [{ type: "text", text: "Hi" }] }],
+      undefined,
+      undefined,
+      { config: { max_tokens: 64000 } },
+    );
+
+    expect(lastStreamParams!.max_output_tokens).toBeUndefined();
+  });
+
+  test("codexSubscription: strips reasoning param even when effort is set", async () => {
+    const codexProvider = new OpenAIResponsesProvider("sk-test", "gpt-5.4", {
+      codexSubscription: true,
+    });
+    fakeStreamEvents = [textDeltaEvent("OK"), completedEvent(10, 2)];
+
+    await codexProvider.sendMessage(
+      [{ role: "user", content: [{ type: "text", text: "Hi" }] }],
+      undefined,
+      undefined,
+      { config: { effort: "high" } },
+    );
+
+    expect(lastStreamParams!.reasoning).toBeUndefined();
+  });
+
+  test("codexSubscription: strips text.verbosity param", async () => {
+    const codexProvider = new OpenAIResponsesProvider("sk-test", "gpt-5.4", {
+      codexSubscription: true,
+    });
+    fakeStreamEvents = [textDeltaEvent("OK"), completedEvent(10, 2)];
+
+    await codexProvider.sendMessage(
+      [{ role: "user", content: [{ type: "text", text: "Hi" }] }],
+      undefined,
+      undefined,
+      { config: { verbosity: "low" } },
+    );
+
+    expect(lastStreamParams!.text).toBeUndefined();
+  });
+
+  test("codexSubscription: uses Codex baseURL", async () => {
+    new OpenAIResponsesProvider("sk-test", "gpt-5.4", {
+      codexSubscription: true,
+    });
+
+    expect(lastConstructorOptions!.baseURL).toBe(
+      "https://chatgpt.com/backend-api/codex",
+    );
+  });
+
+  test("codexSubscription: strips tools param", async () => {
+    const codexProvider = new OpenAIResponsesProvider("sk-test", "gpt-5.4", {
+      codexSubscription: true,
+    });
+    fakeStreamEvents = [textDeltaEvent("OK"), completedEvent(10, 2)];
+
+    const sampleTool: ToolDefinition = {
+      name: "test_tool",
+      description: "A test tool",
+      input_schema: { type: "object", properties: {} },
+    };
+    await codexProvider.sendMessage(
+      [{ role: "user", content: [{ type: "text", text: "Hi" }] }],
+      [sampleTool],
+    );
+
+    expect(lastStreamParams!.tools).toBeUndefined();
+  });
+
+  test("codexSubscription: still sends model, input, and instructions", async () => {
+    const codexProvider = new OpenAIResponsesProvider("sk-test", "gpt-5.4", {
+      codexSubscription: true,
+    });
+    fakeStreamEvents = [textDeltaEvent("OK"), completedEvent(10, 2)];
+
+    await codexProvider.sendMessage(
+      [{ role: "user", content: [{ type: "text", text: "Hi" }] }],
+      undefined,
+      "You are helpful.",
+      { config: { effort: "max", verbosity: "high", max_tokens: 64000 } },
+    );
+
+    expect(lastStreamParams!.model).toBe("gpt-5.4");
+    expect(lastStreamParams!.instructions).toBe("You are helpful.");
+    expect(lastStreamParams!.max_output_tokens).toBeUndefined();
+    expect(lastStreamParams!.reasoning).toBeUndefined();
+    expect(lastStreamParams!.text).toBeUndefined();
+  });
 });

package/src/__tests__/pending-interactions-resolved-event.test.ts

@@ -54,7 +54,6 @@ describe("pendingInteractions.resolve emits interaction_resolved", () => {
     expect(returned).toBeDefined();
     const evt = lastResolvedEvent();
     expect(evt.requestId).toBe("req-1");
-    expect(evt.conversationKey).toBe("conv-1");
     expect(evt.conversationId).toBe("conv-1");
     expect(evt.state).toBe("cancelled");
     expect(evt.kind).toBe("confirmation");

package/src/__tests__/platform-bash-auto-approve.test.ts

@@ -100,7 +100,7 @@ mock.module("../permissions/checker.js", () => ({
 mock.module("../memory/tool-usage-store.js", () => ({
   recordToolInvocation: () => {},
   getRecentInvocations: () => [],
-  rotateToolInvocations: () => 0,
+  rotateToolInvocations: async () => 0,
 }));
 
 mock.module("../tools/registry.js", () => ({
@@ -111,7 +111,7 @@ mock.module("../tools/registry.js", () => ({
       description: "test tool",
       category: "shell",
       defaultRiskLevel: "medium",
-      getDefinition: () => ({}),
+      input_schema: {},
       execute: async () => fakeToolResult,
     };
   },

package/src/__tests__/platform.test.ts

@@ -8,7 +8,7 @@ import {
   getDataDir,
   getDbPath,
   getHistoryPath,
-  getLogPath,
+  getLogsDir,
   getPidPath,
   getSandboxRootDir,
   getSandboxWorkingDir,
@@ -64,7 +64,7 @@ describe("path characterization", () => {
 
     // Sub-paths under workspace/data
     expect(getDbPath()).toBe(join(data, "db", "assistant.db"));
-    expect(getLogPath()).toBe(join(data, "logs", "vellum.log"));
+    expect(getLogsDir()).toBe(join(data, "logs"));
     expect(getHistoryPath()).toBe(join(data, "history"));
     expect(getSandboxRootDir()).toBe(join(data, "sandbox"));
     expect(getSandboxWorkingDir()).toBe(ws);

package/src/__tests__/plugin-api-tool-definition.test.ts

@@ -0,0 +1,92 @@
+/**
+ * Shape tests for the public `ToolDefinition` author-facing tool spec.
+ *
+ * These tests don't exercise runtime behavior — they assert via
+ * `satisfies` that representative tool literals line up with the public
+ * interface. If a later PR breaks a field name or signature in
+ * `assistant/src/plugin-api/types.ts`, this file fails to type-check and
+ * the regression is caught at `tsc --noEmit` / `bun test` time.
+ */
+
+import { describe, expect, test } from "bun:test";
+
+import {
+  RiskLevel,
+  type ToolContext,
+  type ToolDefinition,
+  type ToolExecutionResult,
+} from "../plugin-api/index.js";
+
+describe("ToolDefinition (public author-facing tool spec) ", () => {
+  test("a fully-populated literal satisfies the interface", () => {
+    const tool = {
+      description: "Greet the model in a fixed language.",
+      defaultRiskLevel: RiskLevel.Low,
+      input_schema: {
+        type: "object",
+        properties: {
+          language: { type: "string" },
+        },
+        required: ["language"],
+        additionalProperties: false,
+      },
+      async execute(
+        input: Record<string, unknown>,
+        _ctx: ToolContext,
+      ): Promise<ToolExecutionResult> {
+        return {
+          content: `hello, ${String(input.language)} speaker`,
+          isError: false,
+        };
+      },
+    } as const satisfies ToolDefinition;
+
+    // `as const` propagates literal types and verifies type compatibility,
+    // but the runtime expectations below also smoke-check the structure
+    // for anyone reading the test without TS folded in.
+    expect(typeof tool.execute).toBe("function");
+    expect(tool.defaultRiskLevel).toBe(RiskLevel.Low);
+  });
+
+  test("every field is optional — empty literal satisfies the interface", () => {
+    const tool: ToolDefinition = {};
+    expect(tool).toEqual({});
+  });
+
+  test("every author-facing risk level is permitted", () => {
+    const low: ToolDefinition = { defaultRiskLevel: RiskLevel.Low };
+    const medium: ToolDefinition = { defaultRiskLevel: RiskLevel.Medium };
+    const high: ToolDefinition = { defaultRiskLevel: RiskLevel.High };
+
+    expect(low.defaultRiskLevel).toBe(RiskLevel.Low);
+    expect(medium.defaultRiskLevel).toBe(RiskLevel.Medium);
+    expect(high.defaultRiskLevel).toBe(RiskLevel.High);
+  });
+
+  test("execute receives the public ToolContext", async () => {
+    // Type-only assertion: the execute signature uses the public
+    // ToolContext (narrow base). A daemon-internal field added to the
+    // rich ToolContext that doesn't exist on the narrow one must not be
+    // accessible here. We can't test this at runtime — the assertion
+    // lives in `tsc --noEmit` over this file.
+    const tool: ToolDefinition = {
+      async execute(_input, ctx) {
+        // `ctx` is the public `ToolContext`. Touch
+        // commonly-needed fields to make sure they're present.
+        const _conversationId = ctx.conversationId;
+        const _workingDir = ctx.workingDir;
+        const _signal = ctx.signal;
+        return { content: "ok", isError: false };
+      },
+    };
+    const result = await tool.execute?.(
+      {},
+      {
+        conversationId: "conv-abc",
+        workingDir: "/tmp",
+        signal: new AbortController().signal,
+      } as ToolContext,
+    );
+    expect(result?.isError).toBe(false);
+  });
+});

package/src/__tests__/plugin-bootstrap.test.ts

@@ -375,6 +375,7 @@ describe("plugin bootstrap", () => {
             name: "gated-off-tool",
             description: "should not be registered",
             defaultRiskLevel: RiskLevel.Low,
+            executionTarget: "sandbox",
             input_schema: { type: "object", properties: {}, required: [] },
             execute: async () => ({ content: "nope", isError: false }),
           },
@@ -421,8 +422,7 @@ describe("plugin bootstrap", () => {
   });
 
   test("requiresFlag absent: plugin activates unconditionally", async () => {
-    // Deliberately do not set any overrides — the resolver defaults
-    // undeclared keys to `true`, but more importantly a plugin with no
+    // Deliberately do not set any overrides — a plugin with no
     // `requiresFlag` key must not consult the resolver at all.
     let initFired = false;
     const plugin = buildPlugin("no-flag", {

package/src/__tests__/plugin-tool-contribution.test.ts

@@ -59,7 +59,7 @@ import {
   unregisterPluginTools,
 } from "../tools/registry.js";
 import type {
-  LoadedPluginTool,
+  LoadedTool,
   ToolContext,
   ToolExecutionResult,
 } from "../tools/types.js";
@@ -81,12 +81,13 @@ const fakeCtx: DaemonContext = {
 
 function makeFakeTool(
   name: string,
-  extras: Partial<LoadedPluginTool> = {},
-): LoadedPluginTool {
+  extras: Partial<LoadedTool> = {},
+): LoadedTool {
   return {
     name,
     description: `Fake ${name}`,
     defaultRiskLevel: RiskLevel.Low,
+    executionTarget: "sandbox",
     input_schema: { type: "object", properties: {}, required: [] },
     async execute(
       _input: Record<string, unknown>,
@@ -281,7 +282,7 @@ describe("registerPluginTools / unregisterPluginTools helpers", () => {
     expect(alias).toMatch(/^[a-zA-Z0-9_-]{1,64}$/);
     expect(alias.startsWith("Stripe_Link_CLI__")).toBe(true);
     expect(getTool(alias)).toBeDefined();
-    expect(accepted[0]!.getDefinition().name).toBe(alias);
+    expect(accepted[0]!.name).toBe(alias);
 
     await accepted[0]!.execute(
       {},
@@ -320,12 +321,18 @@ describe("registerPluginTools / unregisterPluginTools helpers", () => {
     // ownerMcpServerId / ownerSkillBundled / ownerSkillVersionHash) so the
     // stamped tool cannot leak across namespaces or spoof bundled-skill
     // auto-allow.
-    const spoofed = makeFakeTool("pt_spoof", {
+    //
+    // The narrow `ToolDefinition` shape doesn't expose these ownership
+    // fields, so the cast through `unknown` simulates a hostile or
+    // transpiled artifact that arrives with spoofed fields baked in —
+    // the bootstrap-side defense is the second layer that must hold.
+    const spoofed = {
+      ...makeFakeTool("pt_spoof"),
       origin: "skill",
       ownerSkillId: "some-other-skill",
       ownerSkillBundled: true,
       ownerSkillVersionHash: "deadbeef",
-    });
+    } as unknown as LoadedTool;
     registerPluginTools("my-plugin", [spoofed]);
     const retrieved = getTool("pt_spoof");
     expect(retrieved?.origin).toBe("plugin");

package/src/__tests__/plugin-types.test.ts

@@ -46,7 +46,7 @@ import {
   type ToolResultTruncateResult,
   type TurnContext,
 } from "../plugins/types.js";
-import type { LoadedPluginTool } from "../tools/types.js";
+import type { LoadedTool } from "../tools/types.js";
 
 const sampleTrust: TrustContext = {
   sourceChannel: "vellum",
@@ -207,10 +207,11 @@ describe("plugin core types", () => {
       },
     };
 
-    const sampleTool: LoadedPluginTool = {
+    const sampleTool: LoadedTool = {
       name: "sample-tool",
       description: "Sample plugin tool",
       defaultRiskLevel: RiskLevel.Low,
+      executionTarget: "sandbox",
       input_schema: { type: "object", properties: {}, required: [] },
       async execute() {
         return { content: "ok", isError: false };