@vellumai/assistant 0.9.0 → 0.10.0-staging.2

package/src/messaging/providers/slack/send.test.ts

@@ -20,12 +20,19 @@ mock.module("./api.js", () => ({
   callSlackApiForm: async () => ({}),
   completeSlackUpload: async () => {},
   SlackApiError: class SlackApiError extends Error {
-    slackError?: string;
+    readonly slackError: string | undefined;
+
+    constructor(slackError: string | undefined) {
+      super(slackError ?? "unknown");
+      this.slackError = slackError;
+    }
   },
   uploadToSlackUrl: async () => {},
 }));
 
-import { sendSlackAssistantThreadStatus } from "./send.js";
+const { SlackApiError } = await import("./api.js");
+const { sendSlackAssistantThreadStatus, sendSlackReply } =
+  await import("./send.js");
 
 describe("sendSlackAssistantThreadStatus", () => {
   beforeEach(() => {
@@ -75,3 +82,108 @@ describe("sendSlackAssistantThreadStatus", () => {
     });
   });
 });
+
+describe("sendSlackReply update path", () => {
+  const messageTs = "1700000000.000100";
+  const blocks = [
+    { type: "section", text: { type: "mrkdwn", text: "Final reply" } },
+  ];
+
+  beforeEach(() => {
+    callSlackApiMock.mockReset();
+    callSlackApiMock.mockImplementation(async () => ({ ok: true }));
+  });
+
+  test("retries chat.update without blocks on invalid_blocks instead of posting a duplicate", async () => {
+    callSlackApiMock
+      .mockImplementationOnce(async () => {
+        throw new SlackApiError("invalid_blocks");
+      })
+      .mockImplementationOnce(async () => ({ ok: true, ts: messageTs }));
+
+    const result = await sendSlackReply("C123", "Final reply", {
+      messageTs,
+      threadTs: "1700000000.000001",
+      blocks,
+    });
+
+    expect(result).toEqual({ ok: true, ts: messageTs });
+    // Two chat.update calls (with then without blocks); never chat.postMessage,
+    // so the placeholder is edited in place rather than duplicated.
+    expect(callSlackApiMock).toHaveBeenCalledTimes(2);
+    expect(callSlackApiMock).toHaveBeenNthCalledWith(1, "chat.update", {
+      channel: "C123",
+      text: "Final reply",
+      ts: messageTs,
+      blocks,
+    });
+    expect(callSlackApiMock).toHaveBeenNthCalledWith(2, "chat.update", {
+      channel: "C123",
+      text: "Final reply",
+      ts: messageTs,
+    });
+    const postMessageCalls = callSlackApiMock.mock.calls.filter(
+      (call) => call[0] === "chat.postMessage",
+    );
+    expect(postMessageCalls).toHaveLength(0);
+  });
+
+  test("falls back to chat.postMessage only after the no-block update retry also fails", async () => {
+    callSlackApiMock
+      .mockImplementationOnce(async () => {
+        throw new SlackApiError("invalid_blocks");
+      })
+      .mockImplementationOnce(async () => {
+        throw new SlackApiError("message_not_found");
+      })
+      .mockImplementationOnce(async () => ({
+        ok: true,
+        ts: "1700000000.000200",
+      }));
+
+    const result = await sendSlackReply("C123", "Final reply", {
+      messageTs,
+      threadTs: "1700000000.000001",
+      blocks,
+    });
+
+    expect(result).toEqual({ ok: true, ts: "1700000000.000200" });
+    expect(callSlackApiMock).toHaveBeenCalledTimes(3);
+    expect(callSlackApiMock.mock.calls[0]?.[0]).toBe("chat.update");
+    expect(callSlackApiMock.mock.calls[1]?.[0]).toBe("chat.update");
+    // The post fallback drops the rejected blocks.
+    expect(callSlackApiMock).toHaveBeenNthCalledWith(3, "chat.postMessage", {
+      channel: "C123",
+      text: "Final reply",
+      thread_ts: "1700000000.000001",
+    });
+  });
+
+  test("non-invalid_blocks update failure still falls back to chat.postMessage", async () => {
+    callSlackApiMock
+      .mockImplementationOnce(async () => {
+        throw new SlackApiError("internal_error");
+      })
+      .mockImplementationOnce(async () => ({
+        ok: true,
+        ts: "1700000000.000200",
+      }));
+
+    const result = await sendSlackReply("C123", "Final reply", {
+      messageTs,
+      threadTs: "1700000000.000001",
+      blocks,
+    });
+
+    expect(result).toEqual({ ok: true, ts: "1700000000.000200" });
+    // One failed chat.update, then a single chat.postMessage (no extra retry).
+    expect(callSlackApiMock).toHaveBeenCalledTimes(2);
+    expect(callSlackApiMock.mock.calls[0]?.[0]).toBe("chat.update");
+    expect(callSlackApiMock).toHaveBeenNthCalledWith(2, "chat.postMessage", {
+      channel: "C123",
+      text: "Final reply",
+      thread_ts: "1700000000.000001",
+      blocks,
+    });
+  });
+});

package/src/messaging/providers/slack/send.ts

@@ -165,15 +165,38 @@ export async function sendSlackReply(
       );
       return { ok: true, ts: result.ts };
     } catch (err) {
-      if (err instanceof SlackApiError && err.slackError === "invalid_blocks") {
-        log.warn(
-          { chatId, messageTs: options!.messageTs },
-          "chat.update returned invalid_blocks; falling back to chat.postMessage without blocks",
-        );
-        delete slackBody.blocks;
+      if (
+        err instanceof SlackApiError &&
+        err.slackError === "invalid_blocks" &&
+        Array.isArray(updateBody.blocks) &&
+        updateBody.blocks.length > 0
+      ) {
+        // `invalid_blocks` means Slack rejected the Block Kit payload, not the
+        // target message — the message still exists. Retry the update without
+        // blocks so it is edited in place. Posting a fresh message here would
+        // leave the original alongside a duplicate ("ghost") reply.
+        const retryBody: Record<string, unknown> = {
+          channel: chatId,
+          text,
+          ts: options!.messageTs,
+        };
+        try {
+          const retryResult = await callSlackApi("chat.update", retryBody);
+          log.info(
+            { chatId, messageTs: options!.messageTs },
+            "Slack message updated without blocks after invalid_blocks",
+          );
+          return { ok: true, ts: retryResult.ts };
+        } catch (retryErr) {
+          log.warn(
+            { err: retryErr, chatId, messageTs: options!.messageTs },
+            "Slack chat.update without blocks failed, falling back to chat.postMessage",
+          );
+          delete slackBody.blocks;
+        }
       } else {
         log.warn(
-          { chatId, messageTs: options!.messageTs },
+          { err, chatId, messageTs: options!.messageTs },
           "Slack chat.update failed, falling back to chat.postMessage",
         );
       }

package/src/messaging/providers/slack/withdraw.test.ts

@@ -0,0 +1,200 @@
+import { beforeEach, describe, expect, mock, test } from "bun:test";
+
+mock.module("../../../util/logger.js", () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, { get: () => () => {} }),
+  truncateForLog: (value: string) => value,
+}));
+
+const getSlackMessageBlocks = mock(
+  async (_channel: string, _ts: string): Promise<unknown[] | null> => null,
+);
+const callSlackApi = mock(
+  async (_method: string, _body: Record<string, unknown>) => ({
+    ok: true,
+    ts: "1.0",
+  }),
+);
+mock.module("./api.js", () => ({ getSlackMessageBlocks, callSlackApi }));
+
+import {
+  stripApprovalActionBlocks,
+  withdrawSlackApprovalCard,
+} from "./withdraw.js";
+
+describe("stripApprovalActionBlocks", () => {
+  test("strips the actions array from a native card block, keeping content", () => {
+    const blocks = [
+      {
+        type: "card",
+        title: { type: "plain_text", text: "Access Request" },
+        body: { type: "mrkdwn", text: "Alice wants in" },
+        actions: [{ type: "button", action_id: "apr:r1:approve_once" }],
+      },
+    ];
+    const result = stripApprovalActionBlocks(blocks) as Array<
+      Record<string, unknown>
+    >;
+    expect(result).toHaveLength(1);
+    expect(result[0].type).toBe("card");
+    expect(result[0].title).toEqual({
+      type: "plain_text",
+      text: "Access Request",
+    });
+    expect(result[0].body).toEqual({ type: "mrkdwn", text: "Alice wants in" });
+    expect("actions" in result[0]).toBe(false);
+  });
+
+  test("drops standalone actions blocks and preserves everything else", () => {
+    const blocks = [
+      { type: "section", text: { type: "mrkdwn", text: "Context" } },
+      {
+        type: "actions",
+        elements: [{ type: "button", action_id: "apr:r1:reject" }],
+      },
+      {
+        type: "context",
+        elements: [{ type: "mrkdwn", text: "Source: Slack" }],
+      },
+    ];
+    const result = stripApprovalActionBlocks(blocks) as Array<
+      Record<string, unknown>
+    >;
+    expect(result.map((b) => b.type)).toEqual(["section", "context"]);
+  });
+
+  test("tolerates non-object entries", () => {
+    const result = stripApprovalActionBlocks([
+      null,
+      "weird",
+      { type: "section" },
+    ]);
+    expect(result).toHaveLength(3);
+  });
+});
+
+describe("withdrawSlackApprovalCard", () => {
+  beforeEach(() => {
+    getSlackMessageBlocks.mockReset();
+    callSlackApi.mockReset();
+    callSlackApi.mockImplementation(async () => ({ ok: true, ts: "1.0" }));
+  });
+
+  test("edits in place, preserving content, removing buttons, appending status", async () => {
+    getSlackMessageBlocks.mockImplementationOnce(async () => [
+      {
+        type: "card",
+        title: { type: "plain_text", text: "Access Request" },
+        body: { type: "mrkdwn", text: "Alice wants in" },
+        actions: [{ type: "button", action_id: "apr:r1:approve_once" }],
+      },
+      {
+        type: "context",
+        elements: [{ type: "mrkdwn", text: "Source: Slack" }],
+      },
+    ]);
+
+    await withdrawSlackApprovalCard({
+      channel: "C1",
+      messageTs: "1700000000.0001",
+      status: "approved",
+      decidedByExternalUserId: "U-guardian",
+      decidedAtMs: 1_700_000_000_000,
+    });
+
+    expect(callSlackApi).toHaveBeenCalledTimes(1);
+    const [method, body] = callSlackApi.mock.calls[0];
+    expect(method).toBe("chat.update");
+    expect(body.channel).toBe("C1");
+    expect(body.ts).toBe("1700000000.0001");
+
+    const blocks = body.blocks as Array<Record<string, unknown>>;
+    // original card (no actions) + original context + appended status context
+    expect(blocks).toHaveLength(3);
+    expect(blocks[0].type).toBe("card");
+    expect("actions" in blocks[0]).toBe(false);
+    expect(JSON.stringify(blocks)).not.toContain("apr:");
+
+    // status line carries the outcome, decider mention, and a date token
+    const statusText = JSON.stringify(blocks[2]);
+    expect(statusText).toContain("Approved");
+    expect(statusText).toContain("<@U-guardian>");
+    expect(statusText).toContain("<!date^1700000000^");
+  });
+
+  test("falls back to a status-only edit when the original blocks can't be read", async () => {
+    getSlackMessageBlocks.mockImplementationOnce(async () => null);
+
+    await withdrawSlackApprovalCard({
+      channel: "C1",
+      messageTs: "1.0",
+      status: "denied",
+    });
+
+    expect(callSlackApi).toHaveBeenCalledTimes(1);
+    const [method, body] = callSlackApi.mock.calls[0];
+    expect(method).toBe("chat.update");
+    const blocks = body.blocks as Array<Record<string, unknown>>;
+    expect(blocks).toHaveLength(1);
+    expect(blocks[0].type).toBe("section");
+    expect(JSON.stringify(blocks)).toContain("Denied");
+  });
+
+  test("falls back when the fetch throws (e.g. missing history scope)", async () => {
+    getSlackMessageBlocks.mockImplementationOnce(async () => {
+      throw new Error("missing_scope");
+    });
+
+    await withdrawSlackApprovalCard({
+      channel: "C1",
+      messageTs: "1.0",
+      status: "approved",
+    });
+
+    expect(callSlackApi).toHaveBeenCalledTimes(1);
+    expect(callSlackApi.mock.calls[0][0]).toBe("chat.update");
+  });
+
+  test("retries with a status-only edit when preserved blocks are rejected", async () => {
+    getSlackMessageBlocks.mockImplementationOnce(async () => [
+      {
+        type: "card",
+        body: { type: "mrkdwn", text: "Alice wants in" },
+        actions: [{ type: "button", action_id: "apr:r1:approve_once" }],
+      },
+    ]);
+    // First chat.update (preserved blocks) is rejected; second must still edit.
+    callSlackApi.mockImplementationOnce(async () => {
+      throw new Error("invalid_blocks");
+    });
+
+    await withdrawSlackApprovalCard({
+      channel: "C1",
+      messageTs: "1.0",
+      status: "approved",
+    });
+
+    expect(callSlackApi).toHaveBeenCalledTimes(2);
+    // both attempts are edits — never a new message
+    expect(callSlackApi.mock.calls.every((c) => c[0] === "chat.update")).toBe(
+      true,
+    );
+    const retryBlocks = callSlackApi.mock.calls[1][1].blocks as Array<
+      Record<string, unknown>
+    >;
+    expect(retryBlocks).toHaveLength(1);
+    expect(retryBlocks[0].type).toBe("section");
+  });
+
+  test("never posts a new message (withdrawal is edit-only)", async () => {
+    getSlackMessageBlocks.mockImplementationOnce(async () => null);
+    await withdrawSlackApprovalCard({
+      channel: "C1",
+      messageTs: "1.0",
+      status: "approved",
+    });
+    expect(
+      callSlackApi.mock.calls.some((c) => c[0] === "chat.postMessage"),
+    ).toBe(false);
+  });
+});

package/src/messaging/providers/slack/withdraw.ts

@@ -0,0 +1,161 @@
+/**
+ * Withdraw a Slack approval card when its underlying guardian request resolves.
+ *
+ * "Withdraw" preserves the card's information and removes only the live
+ * affordances: the original message blocks are fetched, the action buttons are
+ * stripped, and a resolved-status line (outcome, decider, time) is appended,
+ * then the message is edited in place. This keeps an in-channel audit trail
+ * rather than collapsing the card to a bare status.
+ *
+ * This is strictly an in-place edit (`chat.update`). It never posts a new
+ * message: the whole point is to drop the buttons on the *existing* card, so a
+ * "post instead" fallback would duplicate the card and leave its buttons live.
+ * When the original blocks can't be read (missing `*:history` scope, threaded
+ * reply, deleted message) or don't round-trip through `chat.update`, it falls
+ * back to editing the message down to a status-only block — still an edit.
+ */
+
+import { getLogger } from "../../../util/logger.js";
+import { callSlackApi, getSlackMessageBlocks } from "./api.js";
+
+const log = getLogger("slack-withdraw");
+
+const STATUS_GLYPH: Record<string, string> = {
+  approved: ":white_check_mark:",
+  denied: ":x:",
+  expired: ":hourglass_done:",
+  cancelled: ":no_entry_sign:",
+};
+
+const STATUS_WORD: Record<string, string> = {
+  approved: "Approved",
+  denied: "Denied",
+  expired: "Expired",
+  cancelled: "Cancelled",
+};
+
+export interface WithdrawSlackApprovalCardParams {
+  /** Channel/DM id the approval message lives in. */
+  channel: string;
+  /** Timestamp (`ts`) of the approval message to edit. */
+  messageTs: string;
+  /** Terminal status of the request (e.g. "approved", "denied", "expired"). */
+  status: string;
+  /** Slack user id of the decider, when the decision came from Slack. */
+  decidedByExternalUserId?: string;
+  /** Decision time (epoch ms) for the audit line. */
+  decidedAtMs?: number;
+}
+
+/**
+ * Build the resolved-status line shown in place of the action buttons.
+ * Uses Slack's `<!date>` token so the time renders in each viewer's timezone.
+ */
+function buildStatusText(params: WithdrawSlackApprovalCardParams): string {
+  const glyph = STATUS_GLYPH[params.status] ?? "";
+  const word = STATUS_WORD[params.status] ?? "Resolved";
+  let line = glyph ? `${glyph} *${word}*` : `*${word}*`;
+  if (params.decidedByExternalUserId) {
+    line += ` by <@${params.decidedByExternalUserId}>`;
+  }
+  if (params.decidedAtMs && Number.isFinite(params.decidedAtMs)) {
+    const seconds = Math.floor(params.decidedAtMs / 1000);
+    const fallback = new Date(params.decidedAtMs).toISOString();
+    line += ` · <!date^${seconds}^{date_short_pretty} at {time}|${fallback}>`;
+  }
+  return line;
+}
+
+/**
+ * Remove interactive affordances from a fetched message's blocks: drop
+ * standalone `actions` rows and strip the `actions` array from native `card`
+ * blocks, leaving all informational content intact.
+ */
+export function stripApprovalActionBlocks(blocks: unknown[]): unknown[] {
+  const result: unknown[] = [];
+  for (const block of blocks) {
+    if (!block || typeof block !== "object") {
+      result.push(block);
+      continue;
+    }
+    const b = block as Record<string, unknown>;
+    if (b.type === "actions") continue;
+    if (b.type === "card" && "actions" in b) {
+      const { actions: _removed, ...rest } = b;
+      result.push(rest);
+      continue;
+    }
+    result.push(block);
+  }
+  return result;
+}
+
+/** Edit a message in place. Throws on Slack API failure. */
+async function editMessage(
+  channel: string,
+  ts: string,
+  text: string,
+  blocks: unknown[],
+): Promise<void> {
+  await callSlackApi("chat.update", { channel, ts, text, blocks });
+}
+
+/**
+ * Edit a Slack approval message in place to its resolved state, preserving the
+ * card content and dropping its buttons. Throws only if even the status-only
+ * edit fails, which the caller treats as non-fatal.
+ */
+export async function withdrawSlackApprovalCard(
+  params: WithdrawSlackApprovalCardParams,
+): Promise<void> {
+  const statusText = buildStatusText(params);
+  const statusOnlyBlocks = [
+    { type: "section", text: { type: "mrkdwn", text: statusText } },
+  ];
+
+  let preserved: unknown[] | null = null;
+  try {
+    const original = await getSlackMessageBlocks(
+      params.channel,
+      params.messageTs,
+    );
+    if (original && original.length > 0) {
+      preserved = [
+        ...stripApprovalActionBlocks(original),
+        { type: "context", elements: [{ type: "mrkdwn", text: statusText }] },
+      ];
+    }
+  } catch (err) {
+    log.warn(
+      { err, channel: params.channel, messageTs: params.messageTs },
+      "Could not read original Slack approval card; collapsing to status only",
+    );
+  }
+
+  // Try to preserve the card content; if those blocks are rejected (e.g. a
+  // block type that doesn't round-trip through chat.update), fall back to a
+  // status-only edit. Both paths are edits — never a new message.
+  if (preserved) {
+    try {
+      await editMessage(
+        params.channel,
+        params.messageTs,
+        statusText,
+        preserved,
+      );
+      return;
+    } catch (err) {
+      log.warn(
+        { err, channel: params.channel, messageTs: params.messageTs },
+        "Editing Slack card with preserved blocks failed; retrying status-only",
+      );
+    }
+  }
+
+  await editMessage(
+    params.channel,
+    params.messageTs,
+    statusText,
+    statusOnlyBlocks,
+  );
+}

package/src/notifications/AGENTS.md

@@ -3,3 +3,5 @@
 All notification producers **MUST** go through `emitNotificationSignal()` in `notifications/emit-signal.ts`. Do not bypass the pipeline by broadcasting events directly -- the pipeline handles event persistence, deduplication, decision routing, and delivery audit.
 
 When a notification flow creates a server-side conversation (e.g. guardian question conversations, task run conversations), the conversation and initial message **MUST** be persisted before the conversation-created event is emitted. This ensures the macOS/iOS client can immediately fetch the conversation contents when it receives the event.
+
+Guardian-request producers (access requests, tool approvals, tool-grant escalations, voice questions, trusted-contact confirmations) **MUST** record approval-card deliveries through `recordApprovalCardDelivery` / `recordGuardianRequestDeliveries` in `canonical-delivery-recorder.ts` -- never by calling `createCanonicalGuardianDelivery` directly. That sink is the single place the card-to-request addressing convention lives (conversation id for the in-app card; chat + channel-native `ts` for channel cards), so the path that writes a delivery row cannot drift from the paths that read it back to withdraw a card or resolve an emoji reaction -- the drift that previously fanned this logic into four divergent copies. (Tests may call the store helper directly for fixtures.)