@vellumai/assistant 0.9.1-staging.1 → 0.10.0-staging.2

package/src/__tests__/contact-store-user-file.test.ts

@@ -75,7 +75,6 @@ describe("upsertContact user_file selection", () => {
         {
           type: "vellum",
           address: "vellum-principal-abc",
-          externalUserId: "vellum-principal-abc",
         },
       ],
     });
@@ -91,7 +90,6 @@ describe("upsertContact user_file selection", () => {
         {
           type: "slack",
           address: "u123456",
-          externalUserId: "U123456",
           externalChatId: "D987654",
         },
       ],
@@ -109,7 +107,6 @@ describe("upsertContact user_file selection", () => {
         {
           type: "slack",
           address: "ualice",
-          externalUserId: "UALICE",
           externalChatId: "DALICE",
         },
       ],
@@ -125,7 +122,6 @@ describe("upsertContact user_file selection", () => {
         {
           type: "slack",
           address: "ubob1",
-          externalUserId: "UBOB1",
           externalChatId: "DBOB1",
         },
       ],
@@ -137,7 +133,6 @@ describe("upsertContact user_file selection", () => {
         {
           type: "slack",
           address: "ubob2",
-          externalUserId: "UBOB2",
           externalChatId: "DBOB2",
         },
       ],
@@ -164,7 +159,6 @@ describe("upsertContact user_file selection", () => {
         {
           type: "phone",
           address: "+15550000",
-          externalUserId: "+15550000",
           externalChatId: "+15550000",
         },
       ],

package/src/__tests__/contacts-tools.test.ts

@@ -240,6 +240,35 @@ describe("contact_search tool", () => {
   });
 });
 
+// ── search_contacts route (HTTP/IPC compat shim) ─────────────────────
+
+describe("search_contacts route", () => {
+  beforeEach(clearContacts);
+
+  test("includes externalUserId (= address) on channels for older clients", () => {
+    const seeded = upsertFixture({
+      display_name: "Dana",
+      channels: [{ type: "slack", address: "U12345ABC" }],
+    });
+    const seededAddress = seeded.channels[0]!.address;
+
+    const searchRoute = ROUTES.find(
+      (r) => r.operationId === "search_contacts",
+    )!;
+    const contacts = searchRoute.handler({
+      body: { channelAddress: seededAddress },
+    }) as unknown as Array<{
+      channels: Array<{ address: string; externalUserId?: string }>;
+    }>;
+
+    expect(contacts.length).toBeGreaterThanOrEqual(1);
+    const channel = contacts[0]!.channels[0]!;
+    // The route re-derives the compat field from address, so SDK/macOS
+    // clients that read externalUserId keep working.
+    expect(channel.externalUserId).toBe(channel.address);
+  });
+});
+
 // ── contact_merge ───────────────────────────────────────────────────
 
 describe("contact_merge tool", () => {

package/src/__tests__/conversation-agent-loop-overflow.test.ts

@@ -68,6 +68,7 @@ const defaultLlmConfig: LLMConfig = {
     speed: "standard" as const,
     verbosity: "medium" as const,
     temperature: null,
+    topP: null,
     thinking: { enabled: false, streamThinking: true },
     contextWindow: {
       enabled: true,

package/src/__tests__/conversation-agent-loop.test.ts

@@ -1748,6 +1748,64 @@ describe("session-agent-loop", () => {
       // THEN the queue is drained with the loop-complete reason
       expect(drainReason).toBe("loop_complete");
     });
+
+    test("abort watchdog drives a wedged turn to its finally", async () => {
+      // GIVEN a provider whose call wedges: it acknowledges the user cancel
+      // (aborts the signal) but its promise never settles and never observes
+      // the signal — the exact condition that latched `processing` true.
+      const events: ServerMessage[] = [];
+      const abortController = new AbortController();
+      let drainReason: string | undefined;
+      // The provider's call wedges on this promise. It settles only on test
+      // teardown so the abandoned `run()` can unwind cleanly instead of leaking
+      // background work (e.g. partial-persist debounce timers) into later tests.
+      let releaseHang: (reason: unknown) => void = () => {};
+      const hang = new Promise<never>((_, reject) => {
+        releaseHang = reject;
+      });
+      const provider: Provider = {
+        name: "mock-provider",
+        sendMessage(_messages, _options) {
+          abortController.abort();
+          // Never observes the signal — the exact condition that latched
+          // `processing` true before the watchdog existed.
+          return hang;
+        },
+      };
+      const ctx = makeCtx({
+        loopProvider: provider,
+        abortController,
+        // Fire the watchdog quickly instead of the ~45s production default.
+        abortWatchdogMs: 30,
+        drainQueue: (reason: string) => {
+          drainReason = reason;
+        },
+      } as unknown as Partial<Conversation>);
+
+      try {
+        // WHEN the orchestrator runs the turn
+        await runAgentLoopImpl(ctx, "hi", "msg-1", (msg) => events.push(msg));
+
+        // THEN the watchdog forces the turn to its finally: processing clears,
+        // the abort controller is torn down, the queue drains, and the user
+        // sees a cancellation (not an error).
+        expect(ctx.isProcessing()).toBe(false);
+        expect(ctx.abortController).toBeNull();
+        expect(drainReason).toBe("loop_complete");
+        expect(
+          events.find((e) => e.type === "generation_cancelled"),
+        ).toBeDefined();
+        expect(
+          events.find((e) => e.type === "conversation_error"),
+        ).toBeUndefined();
+      } finally {
+        // Let the abandoned run() reject and unwind, then flush microtasks.
+        releaseHang(
+          new DOMException("The operation was aborted", "AbortError"),
+        );
+        await new Promise((resolve) => setTimeout(resolve, 0));
+      }
+    });
   });
 
   describe("stale pending surface cleanup", () => {

package/src/__tests__/conversation-attention-telegram.test.ts

@@ -76,7 +76,6 @@ function ensureTestContact(): void {
       {
         type: "telegram",
         address: "telegram-user-default",
-        externalUserId: "telegram-user-default",
         status: "active",
         policy: "allow",
       },

package/src/__tests__/conversation-lifecycle.test.ts

@@ -674,15 +674,13 @@ describe("loadFromDb metadata injection rehydration", () => {
   });
 
   test("internal-channel trusted_contact view still rehydrates memoryV2StaticBlock", async () => {
-    // Regression: the prior `!isUntrustedTrustClass(trustClass)` gate
-    // blocked any non-guardian view from rehydrating personal memory,
-    // including legitimate internal flows (e.g. trusted_contact actors
-    // arriving over the internal `"vellum"` channel). Injection time
-    // uses `shouldExposePersonalMemory`, which keys on `sourceChannel`
-    // rather than `trustClass` and exposes personal memory for
-    // `sourceChannel === "vellum"` regardless of actor trust class. The
-    // rehydrate gate must match so a daemon-restart reload of the same
-    // conversation produces an identical prefix.
+    // Rehydration keys on `sourceChannel`, not `trustClass`: injection uses
+    // `shouldExposePersonalMemory`, which exposes personal memory whenever
+    // `sourceChannel === "vellum"` regardless of actor trust class. So a
+    // trusted_contact view arriving over the internal `"vellum"` channel
+    // rehydrates `memoryV2StaticBlock`. The rehydrate gate must match
+    // injection so a daemon-restart reload of the same conversation produces
+    // an identical prefix.
     mockConversation = defaultConv();
     mockDbMessages = [
       {

package/src/__tests__/conversation-load-history-repair.test.ts

@@ -552,3 +552,104 @@ describe("loadFromDb history repair", () => {
     ]);
   });
 });
+
+describe("loadFromDb turn-count rehydration", () => {
+  beforeEach(() => {
+    nextMockMessageId = 1;
+    mockConversation = {
+      id: "conv-1",
+      contextSummary: null,
+      contextCompactedMessageCount: 0,
+      totalInputTokens: 0,
+      totalOutputTokens: 0,
+      totalEstimatedCost: 0,
+    };
+  });
+
+  const userText = (text: string) => ({
+    role: "user",
+    content: JSON.stringify([{ type: "text", text }]),
+  });
+  const assistantText = (text: string) => ({
+    role: "assistant",
+    content: JSON.stringify([{ type: "text", text }]),
+  });
+  const assistantToolUse = (id: string) => ({
+    role: "assistant",
+    content: JSON.stringify([
+      { type: "tool_use", id, name: "bash", input: { cmd: "ls" } },
+    ]),
+  });
+  const toolResult = (id: string) => ({
+    role: "user",
+    content: JSON.stringify([
+      { type: "tool_result", tool_use_id: id, content: "ok" },
+    ]),
+  });
+  const withIds = (msgs: Array<{ role: string; content: string }>) =>
+    msgs.map((m, i) => ({ id: `m${i}`, ...m }));
+
+  test("restores turnCount from persisted history rather than resetting to 0", async () => {
+    // Three completed human turns persisted before this conversation object
+    // was (re)created — e.g. after an idle eviction or daemon restart.
+    mockDbMessages = withIds([
+      userText("Hello"),
+      assistantText("Hi"),
+      userText("How are you?"),
+      assistantText("Good"),
+      userText("Bye"),
+      assistantText("Later"),
+    ]);
+
+    const conversation = makeConversation();
+    // Fresh object starts at 0 (the bug: it would stay 0 after reload).
+    expect(conversation.turnCount).toBe(0);
+
+    await conversation.loadFromDb();
+
+    expect(conversation.turnCount).toBe(3);
+  });
+
+  test("counts a multi-iteration tool-use turn as a single turn", async () => {
+    // One real user message; the tool_result user messages are continuations
+    // within the same turn, not new turns.
+    mockDbMessages = withIds([
+      userText("convert the voice memo"),
+      assistantToolUse("tu_1"),
+      toolResult("tu_1"),
+      assistantToolUse("tu_2"),
+      toolResult("tu_2"),
+      assistantText("done"),
+    ]);
+
+    const conversation = makeConversation();
+    await conversation.loadFromDb();
+
+    expect(conversation.turnCount).toBe(1);
+  });
+
+  test("counts only real user turns when tool iterations are interleaved", async () => {
+    mockDbMessages = withIds([
+      userText("q1"),
+      assistantToolUse("tu_1"),
+      toolResult("tu_1"),
+      assistantText("a1"),
+      userText("q2"),
+      assistantText("a2"),
+    ]);
+
+    const conversation = makeConversation();
+    await conversation.loadFromDb();
+
+    expect(conversation.turnCount).toBe(2);
+  });
+
+  test("empty history yields turnCount 0", async () => {
+    mockDbMessages = [];
+
+    const conversation = makeConversation();
+    await conversation.loadFromDb();
+
+    expect(conversation.turnCount).toBe(0);
+  });
+});

package/src/__tests__/conversation-routes-guardian-reply.test.ts

@@ -222,13 +222,16 @@ describe("handleSendMessage canonical guardian reply interception", () => {
     const routerCall = (routeGuardianReplyMock as any).mock
       .calls[0][0] as Record<string, unknown>;
     expect(routerCall.messageText).toBe("05BECB approve");
-    expect(routerCall.pendingRequestIds).toEqual(["access-req-1"]);
+    expect(routerCall.pendingScope).toEqual({
+      mode: "scoped",
+      requestIds: ["access-req-1"],
+    });
     expect(addMessageMock).toHaveBeenCalledTimes(2);
     expect(persistUserMessage).toHaveBeenCalledTimes(0);
     expect(runAgentLoop).toHaveBeenCalledTimes(0);
   });
 
-  test("passes empty pendingRequestIds array when no canonical hints are found", async () => {
+  test("passes a blocked scope when no canonical hints are found", async () => {
     listPendingByDestinationMock.mockReturnValue([]);
     listCanonicalMock.mockReturnValue([]);
     routeGuardianReplyMock.mockResolvedValue({
@@ -301,7 +304,7 @@ describe("handleSendMessage canonical guardian reply interception", () => {
     expect(routeGuardianReplyMock).toHaveBeenCalledTimes(1);
     const routerCall = (routeGuardianReplyMock as any).mock
       .calls[0][0] as Record<string, unknown>;
-    expect(routerCall.pendingRequestIds).toEqual([]);
+    expect(routerCall.pendingScope).toEqual({ mode: "blocked" });
     expect(persistUserMessage).toHaveBeenCalledTimes(1);
     expect(runAgentLoop).toHaveBeenCalledTimes(1);
   });
@@ -384,15 +387,15 @@ describe("handleSendMessage canonical guardian reply interception", () => {
     expect(routeGuardianReplyMock).toHaveBeenCalledTimes(1);
     const routerCall = (routeGuardianReplyMock as any).mock
       .calls[0][0] as Record<string, unknown>;
-    expect(routerCall.pendingRequestIds).toEqual([
-      "tool-approval-live",
-      "access-req-1",
-    ]);
-    expect(
-      (routerCall.pendingRequestIds as string[]).includes(
-        "tool-approval-stale",
-      ),
-    ).toBe(false);
+    const scope = routerCall.pendingScope as {
+      mode: string;
+      requestIds: string[];
+    };
+    expect(scope).toEqual({
+      mode: "scoped",
+      requestIds: ["tool-approval-live", "access-req-1"],
+    });
+    expect(scope.requestIds.includes("tool-approval-stale")).toBe(false);
   });
 
   test("text fallback: request-code approve routes through guardian reply router", async () => {

package/src/__tests__/conversation-surfaces-activation-emit.test.ts

@@ -10,9 +10,11 @@ mock.module("../util/logger.js", () => ({
     }),
 }));
 
-// Usage-data collection is enabled so recordActivationEvent writes rows.
-mock.module("../config/loader.js", () => ({
-  getConfig: () => ({ collectUsageData: true }),
+// Analytics consent is granted so recordActivationEvent writes rows.
+let shareAnalytics = true;
+
+mock.module("../platform/consent-cache.js", () => ({
+  getCachedShareAnalytics: () => shareAnalytics,
 }));
 
 let broadcastedMessages: ServerMessage[] = [];
@@ -117,6 +119,7 @@ async function showTaggedChoice(
 
 describe("activation moment emission from ui_show surface commits", () => {
   beforeEach(() => {
+    shareAnalytics = true;
     broadcastedMessages = [];
     resetTables();
   });

package/src/__tests__/conversation-title-service.test.ts

@@ -69,10 +69,38 @@ import {
 describe("conversation-title-service", () => {
   beforeEach(() => {
     mockRunBtwSidechain.mockClear();
+    mockRunBtwSidechain.mockImplementation(
+      async (_params: Record<string, unknown>) => ({
+        text: "Project kickoff",
+        hadTextDeltas: true,
+        response: {
+          content: [{ type: "text", text: "Project kickoff" }],
+          model: "test-model",
+          usage: { inputTokens: 10, outputTokens: 5 },
+          stopReason: "end_turn",
+        },
+      }),
+    );
     mockGetConversation.mockClear();
+    mockGetConversation.mockImplementation(
+      (_conversationId: string) =>
+        ({
+          title: "Generating title...",
+          isAutoTitle: 1,
+        }) as {
+          title: string;
+          isAutoTitle: number;
+        },
+    );
     mockGetMessages.mockClear();
+    mockGetMessages.mockImplementation(() => [
+      { role: "user", content: "first message" },
+      { role: "assistant", content: "first reply" },
+      { role: "user", content: "follow-up" },
+    ]);
     mockUpdateConversationTitle.mockClear();
     mockGetConfiguredProvider.mockClear();
+    mockGetConfiguredProvider.mockImplementation(async () => null);
     mockPublishConversationTitleChanged.mockClear();
   });
 
@@ -232,6 +260,30 @@ describe("conversation-title-service", () => {
     );
   });
 
+  test("fallback retry skips regeneration after a successful initial title", async () => {
+    mockGetConversation.mockReturnValueOnce({
+      title: "Project kickoff",
+      isAutoTitle: 1,
+    });
+
+    const provider = {
+      name: "test-provider",
+      sendMessage: mock(async () => {
+        throw new Error("should not call directly");
+      }),
+    };
+
+    const result = await regenerateConversationTitle({
+      conversationId: "conv-1",
+      provider,
+      onlyIfReplaceable: true,
+    });
+
+    expect(result).toEqual({ title: "Project kickoff", updated: false });
+    expect(mockRunBtwSidechain).not.toHaveBeenCalled();
+    expect(mockUpdateConversationTitle).not.toHaveBeenCalled();
+  });
+
   test("rejects meta-failure outputs like 'Missing Context' and uses fallback", async () => {
     mockRunBtwSidechain.mockImplementationOnce(async () => ({
       text: "Missing Context",
@@ -482,6 +534,16 @@ describe("conversation-title-service", () => {
 
     // Both calls went through — failure didn't break the chain
     expect(mockRunBtwSidechain).toHaveBeenCalledTimes(2);
+    const firstUpdate = (
+      mockUpdateConversationTitle.mock.calls as unknown as Array<
+        [string, string, number?]
+      >
+    ).find((c) => c[0] === "conv-1");
+    expect(firstUpdate).toEqual([
+      "conv-1",
+      "Untitled Conversation",
+      AUTO_TITLE_DETERMINISTIC,
+    ]);
     // Second conversation got a proper title
     const secondUpdate = (
       mockUpdateConversationTitle.mock.calls as unknown as string[][]

package/src/__tests__/credential-execution-shell-lockdown.test.ts

@@ -11,27 +11,33 @@
 
 import { describe, expect, test } from "bun:test";
 
-import { isUntrustedTrustClass } from "../runtime/actor-trust-resolver.js";
+import { resolveCapabilities } from "../runtime/capabilities.js";
 
 // ---------------------------------------------------------------------------
 // Trust class categorization (foundational for lockdown decisions)
 // ---------------------------------------------------------------------------
 
 describe("trust class categorization for CES lockdown", () => {
-  test("guardian is not untrusted", () => {
-    expect(isUntrustedTrustClass("guardian")).toBe(false);
+  test("guardian runs an unsandboxed shell", () => {
+    expect(resolveCapabilities("guardian").canRunUnsandboxedShell).toBe(true);
   });
 
-  test("trusted_contact is untrusted", () => {
-    expect(isUntrustedTrustClass("trusted_contact")).toBe(true);
+  test("trusted_contact shell is sandboxed", () => {
+    expect(resolveCapabilities("trusted_contact").canRunUnsandboxedShell).toBe(false);
   });
 
-  test("unknown is untrusted", () => {
-    expect(isUntrustedTrustClass("unknown")).toBe(true);
+  test("unverified_contact shell is sandboxed", () => {
+    expect(resolveCapabilities("unverified_contact").canRunUnsandboxedShell).toBe(
+      false,
+    );
   });
 
-  test("undefined is untrusted", () => {
-    expect(isUntrustedTrustClass(undefined)).toBe(true);
+  test("unknown shell is sandboxed", () => {
+    expect(resolveCapabilities("unknown").canRunUnsandboxedShell).toBe(false);
+  });
+
+  test("undefined shell is sandboxed", () => {
+    expect(resolveCapabilities(undefined).canRunUnsandboxedShell).toBe(false);
   });
 });
 
@@ -91,7 +97,7 @@ describe("VELLUM_UNTRUSTED_SHELL env flag", () => {
 describe("CES shell lockdown activation", () => {
   test("lockdown is active only when both flag is enabled AND actor is untrusted", () => {
     // Simulates the condition used in shell.ts:
-    // const shellLockdownActive = isCesShellLockdownEnabled(config) && isUntrustedTrustClass(context.trustClass);
+    // const shellLockdownActive = isCesShellLockdownEnabled(config) && !resolveCapabilities(context.trustClass).canRunUnsandboxedShell;
     const cases: Array<{
       flagEnabled: boolean;
       trustClass: "guardian" | "trusted_contact" | "unknown";
@@ -106,7 +112,8 @@ describe("CES shell lockdown activation", () => {
     ];
 
     for (const { flagEnabled, trustClass, expected } of cases) {
-      const active = flagEnabled && isUntrustedTrustClass(trustClass);
+      const active =
+        flagEnabled && !resolveCapabilities(trustClass).canRunUnsandboxedShell;
       expect(active).toBe(expected);
     }
   });

package/src/__tests__/credential-prompt-route.test.ts

@@ -110,6 +110,7 @@ function slackResult(
     hasAppToken: false,
     hasUserToken: false,
     connected: false,
+    threadMode: "mention_only",
     ...overrides,
   };
 }

package/src/__tests__/credential-security-invariants.test.ts

@@ -158,6 +158,7 @@ describe("Invariant 2: no generic plaintext secret read API", () => {
       "credential-execution/prompted-credential.ts", // shared prompt-action persistence (stores secret via setSecureKeyAsync)
       "tools/credentials/broker.ts", // brokered credential access
       "tools/network/web-search.ts", // web search API key lookup
+      "tools/network/web-fetch.ts", // web fetch provider (Firecrawl) API key lookup
       "daemon/handlers/config-telegram.ts", // Telegram bot token management
       "daemon/handlers/config-vercel.ts", // Vercel API token management
       "runtime/routes/integrations/twilio.ts", // Twilio credential management (HTTP control-plane)
@@ -237,6 +238,7 @@ describe("Invariant 2: no generic plaintext secret read API", () => {
       "tools/credential-execution/make-authenticated-request.ts", // resolves the CES RPC client via getCesClient
       "tools/credential-execution/manage-secure-command-tool.ts", // resolves the CES RPC client via getCesClient
       "tools/executor.ts", // CES approval bridge resolves the CES RPC client via getCesClient
+      "tools/network/web-fetch.ts", // Firecrawl /scrape BYOK fetch provider API key lookup (firecrawl provider key)
     ]);
 
     const thisDir = dirname(fileURLToPath(import.meta.url));

package/src/__tests__/disk-pressure-policy.test.ts

@@ -108,6 +108,18 @@ describe("classifyDiskPressureTurnPolicy", () => {
       },
       expected: { action: "block", reason: "trusted-contact" },
     },
+    {
+      name: "unverified contact is blocked",
+      status: status(),
+      metadata: {
+        ...guardianTurn,
+        trustContext: {
+          sourceChannel: "telegram",
+          trustClass: "unverified_contact",
+        },
+      },
+      expected: { action: "block", reason: "trusted-contact" },
+    },
     {
       name: "non-guardian contact is blocked",
       status: status(),

package/src/__tests__/disk-usage.test.ts

@@ -6,6 +6,8 @@ const GIB = 1024 * MIB;
 let existingPaths = new Set<string>();
 const workspaceDir = "/workspace";
 let minikubeStorageSize: string | undefined;
+let isContainerized = false;
+let isPlatform = false;
 let statfsResult = {
   bsize: 4096,
   blocks: 0,
@@ -34,6 +36,8 @@ mock.module("node:child_process", () => ({
 
 mock.module("../config/env-registry.js", () => ({
   getMinikubeStorageSize: () => minikubeStorageSize,
+  getIsContainerized: () => isContainerized,
+  getIsPlatform: () => isPlatform,
 }));
 
 mock.module("../util/platform.js", () => ({
@@ -55,6 +59,8 @@ describe("disk usage sampler", () => {
   beforeEach(() => {
     existingPaths = new Set([workspaceDir]);
     minikubeStorageSize = undefined;
+    isContainerized = false;
+    isPlatform = false;
     statfsResult = statfsFor(100 * MIB, 25 * MIB);
     spawnResult = { status: 0, stdout: "" };
     spawnCalls = [];
@@ -119,6 +125,65 @@ describe("disk usage sampler", () => {
     ]);
   });
 
+  test("measures workspace du usage on a local Docker hatch", () => {
+    isContainerized = true;
+    isPlatform = false;
+    statfsResult = statfsFor(100 * GIB, 40 * GIB);
+    spawnResult = {
+      status: 0,
+      stdout: `${2 * GIB}\t/workspace\n`,
+    };
+
+    const usage = getDiskUsageInfo();
+
+    // Used reflects only the workspace (du), free reflects the host headroom
+    // the volume can grow into, and total is their sum.
+    expect(usage).toEqual({
+      path: "/workspace",
+      totalMb: 2048 + 40960,
+      usedMb: 2048,
+      freeMb: 40960,
+    });
+    expect(spawnCalls).toEqual([
+      { command: "du", args: ["-sb", "/workspace"] },
+    ]);
+  });
+
+  test("does not use du for platform-managed containerized instances", () => {
+    isContainerized = true;
+    isPlatform = true;
+    statfsResult = statfsFor(10 * GIB, 6 * GIB);
+
+    const usage = getDiskUsageInfo();
+
+    expect(usage).toEqual({
+      path: "/workspace",
+      totalMb: 10240,
+      usedMb: 4096,
+      freeMb: 6144,
+    });
+    expect(spawnCalls).toHaveLength(0);
+  });
+
+  test("falls back to statfs when du fails on a local Docker hatch", () => {
+    isContainerized = true;
+    isPlatform = false;
+    statfsResult = statfsFor(100 * GIB, 40 * GIB);
+    spawnResult = { status: 1, stdout: "" };
+
+    const usage = getDiskUsageInfo();
+
+    expect(usage).toEqual({
+      path: "/workspace",
+      totalMb: 102400,
+      usedMb: 61440,
+      freeMb: 40960,
+    });
+    expect(spawnCalls).toEqual([
+      { command: "du", args: ["-sb", "/workspace"] },
+    ]);
+  });
+
   test("returns null for malformed Kubernetes memory strings", () => {
     expect(parseK8sMemoryBytes("")).toBeNull();
     expect(parseK8sMemoryBytes("abc")).toBeNull();