@vellumai/cli 0.6.3 → 0.6.5

package/src/index.ts

@@ -5,8 +5,10 @@ import { backup } from "./commands/backup";
 import { clean } from "./commands/clean";
 import { client } from "./commands/client";
 import { events } from "./commands/events";
+import { exec } from "./commands/exec";
 import { hatch } from "./commands/hatch";
 import { login, logout, whoami } from "./commands/login";
+import { logs } from "./commands/logs";
 import { message } from "./commands/message";
 import { pair } from "./commands/pair";
 import { ps } from "./commands/ps";
@@ -36,9 +38,11 @@ const commands = {
   clean,
   client,
   events,
+  exec,
   hatch,
   login,
   logout,
+  logs,
   message,
   pair,
   ps,
@@ -67,7 +71,9 @@ function printHelp(): void {
   console.log("  clean    Kill orphaned vellum processes");
   console.log("  client   Connect to a hatched assistant");
   console.log("  events   Stream events from a running assistant");
+  console.log("  exec     Execute a command inside an assistant's container");
   console.log("  hatch    Create a new assistant instance");
+  console.log("  logs     View logs from an assistant instance");
   console.log("  login    Log in to the Vellum platform");
   console.log("  logout   Log out of the Vellum platform");
   console.log("  message  Send a message to a running assistant");

package/src/lib/__tests__/docker.test.ts

@@ -0,0 +1,168 @@
+import { afterEach, beforeEach, describe, test, expect } from "bun:test";
+import {
+  ASSISTANT_INTERNAL_PORT,
+  DEFAULT_MEET_AVATAR_DEVICE_PATH,
+  dockerResourceNames,
+  MEET_AVATAR_DEVICE_ENV_VAR,
+  MEET_AVATAR_ENV_VAR,
+  resolveMeetAvatarDevicePath,
+  serviceDockerRunArgs,
+  type ServiceName,
+} from "../docker.js";
+
+const instanceName = "test-instance";
+const imageTags: Record<ServiceName, string> = {
+  assistant: "vellumai/vellum-assistant:test",
+  "credential-executor": "vellumai/vellum-credential-executor:test",
+  gateway: "vellumai/vellum-gateway:test",
+};
+
+function buildAssistantArgs(): string[] {
+  const res = dockerResourceNames(instanceName);
+  const builders = serviceDockerRunArgs({
+    gatewayPort: 7830,
+    imageTags,
+    instanceName,
+    res,
+  });
+  return builders.assistant();
+}
+
+describe("serviceDockerRunArgs — assistant", () => {
+  test("runs privileged so the inner dockerd can manage cgroups/iptables/overlayfs", () => {
+    const args = buildAssistantArgs();
+    expect(args).toContain("--privileged");
+  });
+
+  test("mounts a dedicated named volume at /var/lib/docker for the inner dockerd data store", () => {
+    const args = buildAssistantArgs();
+    const spec = `${instanceName}-dockerd-data:/var/lib/docker`;
+    const mountIndex = args.indexOf(spec);
+    expect(mountIndex).toBeGreaterThan(0);
+    expect(args[mountIndex - 1]).toBe("-v");
+  });
+
+  test("does NOT bind-mount the host Docker socket (DinD replaces host-socket access)", () => {
+    const args = buildAssistantArgs();
+    expect(args).not.toContain("/var/run/docker.sock:/var/run/docker.sock");
+  });
+
+  test("does NOT set VELLUM_WORKSPACE_VOLUME_NAME (legacy Phase 1.8 hint, no longer needed in DinD)", () => {
+    const args = buildAssistantArgs();
+    expect(
+      args.some((a) => a.startsWith("VELLUM_WORKSPACE_VOLUME_NAME=")),
+    ).toBe(false);
+  });
+
+  test("keeps existing workspace and socket volume mounts intact", () => {
+    const args = buildAssistantArgs();
+    expect(args).toContain(`${instanceName}-workspace:/workspace`);
+    expect(args).toContain(`${instanceName}-socket:/run/ces-bootstrap`);
+  });
+
+  test("preserves existing required env vars", () => {
+    const args = buildAssistantArgs();
+    expect(args).toContain("IS_CONTAINERIZED=true");
+    expect(args).toContain("VELLUM_WORKSPACE_DIR=/workspace");
+    expect(args).toContain(`VELLUM_ASSISTANT_NAME=${instanceName}`);
+  });
+
+  test("publishes the assistant HTTP port on all host interfaces so sibling bot containers can reach the daemon via host.docker.internal on both Docker Desktop and Linux", () => {
+    const args = buildAssistantArgs();
+    // The port mapping is expressed as two adjacent args: "-p" then the spec.
+    // Bound to all interfaces (no `127.0.0.1:` prefix) because on vanilla
+    // Linux Docker, host.docker.internal:host-gateway resolves to the Docker
+    // bridge gateway IP — packets arrive at the bridge interface, not
+    // loopback, so a 127.0.0.1 DNAT rule would not match.
+    const portSpec = `${ASSISTANT_INTERNAL_PORT}:${ASSISTANT_INTERNAL_PORT}`;
+    const portIndex = args.indexOf(portSpec);
+    expect(portIndex).toBeGreaterThan(0);
+    expect(args[portIndex - 1]).toBe("-p");
+  });
+});
+
+describe("Meet avatar device passthrough (VELLUM_MEET_AVATAR opt-in)", () => {
+  // Snapshot + restore the process env so tests can flip the env-var
+  // without leaking state to later suites or other CLI tests.
+  const originalEnv: Record<string, string | undefined> = {};
+
+  beforeEach(() => {
+    for (const key of [MEET_AVATAR_ENV_VAR, MEET_AVATAR_DEVICE_ENV_VAR]) {
+      originalEnv[key] = process.env[key];
+      delete process.env[key];
+    }
+  });
+
+  afterEach(() => {
+    for (const [key, value] of Object.entries(originalEnv)) {
+      if (value === undefined) delete process.env[key];
+      else process.env[key] = value;
+    }
+  });
+
+  test("resolveMeetAvatarDevicePath returns null when the env var is unset", () => {
+    expect(resolveMeetAvatarDevicePath({})).toBeNull();
+  });
+
+  test("resolveMeetAvatarDevicePath treats 0/false/no as disabled", () => {
+    for (const value of ["", "0", "false", "FALSE", "no", " NO "]) {
+      expect(resolveMeetAvatarDevicePath({ [MEET_AVATAR_ENV_VAR]: value })).toBe(
+        null,
+      );
+    }
+  });
+
+  test("resolveMeetAvatarDevicePath returns the default device path when enabled with a truthy value", () => {
+    for (const value of ["1", "true", "YES"]) {
+      expect(resolveMeetAvatarDevicePath({ [MEET_AVATAR_ENV_VAR]: value })).toBe(
+        DEFAULT_MEET_AVATAR_DEVICE_PATH,
+      );
+    }
+  });
+
+  test("resolveMeetAvatarDevicePath honors the VELLUM_MEET_AVATAR_DEVICE override", () => {
+    expect(
+      resolveMeetAvatarDevicePath({
+        [MEET_AVATAR_ENV_VAR]: "1",
+        [MEET_AVATAR_DEVICE_ENV_VAR]: "/dev/video11",
+      }),
+    ).toBe("/dev/video11");
+  });
+
+  test("assistant args omit --device and the avatar env vars when VELLUM_MEET_AVATAR is unset", () => {
+    const args = buildAssistantArgs();
+    expect(args).not.toContain("--device");
+    expect(
+      args.some((a) => a.startsWith(`${MEET_AVATAR_ENV_VAR}=`)),
+    ).toBe(false);
+    expect(
+      args.some((a) => a.startsWith(`${MEET_AVATAR_DEVICE_ENV_VAR}=`)),
+    ).toBe(false);
+  });
+
+  test("assistant args include --device=/dev/video10:/dev/video10 when VELLUM_MEET_AVATAR=1", () => {
+    process.env[MEET_AVATAR_ENV_VAR] = "1";
+    const args = buildAssistantArgs();
+    const deviceIdx = args.indexOf("--device");
+    expect(deviceIdx).toBeGreaterThan(0);
+    expect(args[deviceIdx + 1]).toBe(
+      `${DEFAULT_MEET_AVATAR_DEVICE_PATH}:${DEFAULT_MEET_AVATAR_DEVICE_PATH}`,
+    );
+    // The env var must also be propagated into the container so the daemon
+    // knows to turn on avatar passthrough when spawning the bot.
+    expect(args).toContain(`${MEET_AVATAR_ENV_VAR}=1`);
+    expect(args).toContain(
+      `${MEET_AVATAR_DEVICE_ENV_VAR}=${DEFAULT_MEET_AVATAR_DEVICE_PATH}`,
+    );
+  });
+
+  test("assistant args honor a custom device path from VELLUM_MEET_AVATAR_DEVICE", () => {
+    process.env[MEET_AVATAR_ENV_VAR] = "1";
+    process.env[MEET_AVATAR_DEVICE_ENV_VAR] = "/dev/video11";
+    const args = buildAssistantArgs();
+    const deviceIdx = args.indexOf("--device");
+    expect(deviceIdx).toBeGreaterThan(0);
+    expect(args[deviceIdx + 1]).toBe("/dev/video11:/dev/video11");
+    expect(args).toContain(`${MEET_AVATAR_DEVICE_ENV_VAR}=/dev/video11`);
+  });
+});

package/src/lib/assistant-config.ts

@@ -8,16 +8,16 @@ import {
   writeFileSync,
 } from "fs";
 import { homedir } from "os";
-import { join } from "path";
+import { dirname, join } from "path";
 
+import { DAEMON_INTERNAL_ASSISTANT_ID } from "./constants.js";
 import {
-  DAEMON_INTERNAL_ASSISTANT_ID,
-  DEFAULT_CES_PORT,
-  DEFAULT_DAEMON_PORT,
-  DEFAULT_GATEWAY_PORT,
-  DEFAULT_QDRANT_PORT,
-  LOCKFILE_NAMES,
-} from "./constants.js";
+  getDefaultPorts,
+  getLockfilePath,
+  getLockfilePaths,
+  getMultiInstanceDir,
+} from "./environments/paths.js";
+import { getCurrentEnvironment } from "./environments/resolve.js";
 import { probePort } from "./port-probe.js";
 
 /**
@@ -27,10 +27,11 @@ import { probePort } from "./port-probe.js";
  */
 export interface LocalInstanceResources {
   /**
-   * Instance-specific data root. The first local assistant uses `~` (home
-   * directory) with default ports. Subsequent instances are placed under
-   * `~/.local/share/vellum/assistants/<name>/`.
-   * The daemon's `.vellum/` directory lives inside it.
+   * Instance-specific data root. New local assistants are placed under
+   * `$XDG_DATA_HOME/vellum{-env}/assistants/<name>/`. Legacy entries
+   * (pre env-data-layout) may still point at `~` — the read path honors
+   * whatever `instanceDir` is stored. The daemon's `.vellum/` directory
+   * lives inside it.
    */
   instanceDir: string;
   /** HTTP port for the daemon runtime server */
@@ -84,18 +85,17 @@ export interface AssistantEntry {
   resources?: LocalInstanceResources;
   /** PID of the file watcher process for docker instances hatched with --watch. */
   watcherPid?: number;
-  /** Last-known version of the service group, populated at hatch and updated by health checks. */
-  serviceGroupVersion?: string;
   /** Docker image metadata for rollback. Only present for docker topology entries. */
   containerInfo?: ContainerInfo;
-  /** The service group version that was running before the last upgrade. */
-  previousServiceGroupVersion?: string;
   /** Docker image metadata from before the last upgrade. Enables rollback to the prior version. */
   previousContainerInfo?: ContainerInfo;
   /** Path to the .vbundle backup created for the most recent upgrade. Used by rollback to restore
    *  only the backup from the specific upgrade being rolled back — never a stale backup from a
    *  previous upgrade cycle. */
   preUpgradeBackupPath?: string;
+  /** Running version of the service group at the time of the last upgrade, as reported by
+   *  the health endpoint.  Used by saved-state rollback for logging / broadcast events. */
+  previousVersion?: string;
   /** Pre-upgrade DB migration version — used by rollback to know how far back to revert. */
   previousDbMigrationVersion?: number;
   /** Pre-upgrade workspace migration ID — used by rollback to know how far back to revert. */
@@ -114,15 +114,8 @@ export function getBaseDir(): string {
   return process.env.BASE_DATA_DIR?.trim() || homedir();
 }
 
-/** The lockfile always lives under the home directory. */
-function getLockfileDir(): string {
-  return process.env.VELLUM_LOCKFILE_DIR?.trim() || homedir();
-}
-
 function readLockfile(): LockfileData {
-  const base = getLockfileDir();
-  const candidates = LOCKFILE_NAMES.map((name) => join(base, name));
-  for (const lockfilePath of candidates) {
+  for (const lockfilePath of getLockfilePaths(getCurrentEnvironment())) {
     if (!existsSync(lockfilePath)) continue;
     try {
       const raw = readFileSync(lockfilePath, "utf-8");
@@ -138,7 +131,8 @@ function readLockfile(): LockfileData {
 }
 
 function writeLockfile(data: LockfileData): void {
-  const lockfilePath = join(getLockfileDir(), LOCKFILE_NAMES[0]);
+  const lockfilePath = getLockfilePath(getCurrentEnvironment());
+  mkdirSync(dirname(lockfilePath), { recursive: true });
   const tmpPath = `${lockfilePath}.${randomBytes(4).toString("hex")}.tmp`;
   try {
     writeFileSync(tmpPath, JSON.stringify(data, null, 2) + "\n");
@@ -187,6 +181,8 @@ export function migrateLegacyEntry(raw: Record<string, unknown>): boolean {
     return false;
   }
 
+  const env = getCurrentEnvironment();
+  const defaultPorts = getDefaultPorts(env);
   let mutated = false;
 
   // Migrate top-level `baseDataDir` → `resources.instanceDir`
@@ -206,23 +202,19 @@ export function migrateLegacyEntry(raw: Record<string, unknown>): boolean {
   // Synthesise missing `resources` for local entries
   if (!raw.resources || typeof raw.resources !== "object") {
     const gatewayPort =
-      parsePortFromUrl(raw.runtimeUrl) ?? DEFAULT_GATEWAY_PORT;
+      parsePortFromUrl(raw.runtimeUrl) ?? defaultPorts.gateway;
     const instanceDir = join(
-      homedir(),
-      ".local",
-      "share",
-      "vellum",
-      "assistants",
+      getMultiInstanceDir(env),
       typeof raw.assistantId === "string"
         ? raw.assistantId
         : DAEMON_INTERNAL_ASSISTANT_ID,
     );
     raw.resources = {
       instanceDir,
-      daemonPort: DEFAULT_DAEMON_PORT,
+      daemonPort: defaultPorts.daemon,
       gatewayPort,
-      qdrantPort: DEFAULT_QDRANT_PORT,
-      cesPort: DEFAULT_CES_PORT,
+      qdrantPort: defaultPorts.qdrant,
+      cesPort: defaultPorts.ces,
       pidFile: join(instanceDir, ".vellum", "vellum.pid"),
     };
     mutated = true;
@@ -231,11 +223,7 @@ export function migrateLegacyEntry(raw: Record<string, unknown>): boolean {
     const res = raw.resources as Record<string, unknown>;
     if (!res.instanceDir) {
       res.instanceDir = join(
-        homedir(),
-        ".local",
-        "share",
-        "vellum",
-        "assistants",
+        getMultiInstanceDir(env),
         typeof raw.assistantId === "string"
           ? raw.assistantId
           : DAEMON_INTERNAL_ASSISTANT_ID,
@@ -243,20 +231,20 @@ export function migrateLegacyEntry(raw: Record<string, unknown>): boolean {
       mutated = true;
     }
     if (typeof res.daemonPort !== "number") {
-      res.daemonPort = DEFAULT_DAEMON_PORT;
+      res.daemonPort = defaultPorts.daemon;
       mutated = true;
     }
     if (typeof res.gatewayPort !== "number") {
       res.gatewayPort =
-        parsePortFromUrl(raw.runtimeUrl) ?? DEFAULT_GATEWAY_PORT;
+        parsePortFromUrl(raw.runtimeUrl) ?? defaultPorts.gateway;
       mutated = true;
     }
     if (typeof res.qdrantPort !== "number") {
-      res.qdrantPort = DEFAULT_QDRANT_PORT;
+      res.qdrantPort = defaultPorts.qdrant;
       mutated = true;
     }
     if (typeof res.cesPort !== "number") {
-      res.cesPort = DEFAULT_CES_PORT;
+      res.cesPort = defaultPorts.ces;
       mutated = true;
     }
     if (typeof res.pidFile !== "string") {
@@ -386,6 +374,22 @@ export function resolveTargetAssistant(nameArg?: string): AssistantEntry {
   process.exit(1);
 }
 
+/**
+ * Determine which cloud topology an assistant entry is running on.
+ */
+export function resolveCloud(entry: AssistantEntry): string {
+  if (entry.cloud) {
+    return entry.cloud;
+  }
+  if (entry.project) {
+    return "gcp";
+  }
+  if (entry.sshUser) {
+    return "custom";
+  }
+  return "local";
+}
+
 export function saveAssistantEntry(entry: AssistantEntry): void {
   const entries = readAssistants().filter(
     (e) => e.assistantId !== entry.assistantId,
@@ -394,23 +398,6 @@ export function saveAssistantEntry(entry: AssistantEntry): void {
   writeAssistants(entries);
 }
 
-/**
- * Update just the serviceGroupVersion field on a lockfile entry.
- * Reads the current entry, updates the version if changed, and writes back.
- * No-op if the entry doesn't exist or the version hasn't changed.
- */
-export function updateServiceGroupVersion(
-  assistantId: string,
-  version: string,
-): void {
-  const entries = readAssistants();
-  const entry = entries.find((e) => e.assistantId === assistantId);
-  if (!entry) return;
-  if (entry.serviceGroupVersion === version) return;
-  entry.serviceGroupVersion = version;
-  writeAssistants(entries);
-}
-
 /**
  * Scan upward from `basePort` to find an available port. A port is considered
  * available when `probePort()` returns false (nothing listening). Scans up to
@@ -434,72 +421,47 @@ async function findAvailablePort(
 
 /**
  * Allocate an isolated set of resources for a named local instance.
- * The first local assistant uses the home directory with default ports.
- * Subsequent assistants are placed under
- * `~/.local/share/vellum/assistants/<name>/` with scanned ports.
+ * Every new local assistant is allocated under
+ * `$XDG_DATA_HOME/vellum{-env}/assistants/<name>/`. The legacy `~/.vellum/`
+ * path is only reached via existing lockfile entries from before this change
+ * — the read path honors whatever `resources.instanceDir` is stored, so
+ * production users' existing first-local assistants keep their `~/.vellum/`
+ * roots unchanged.
  */
 export async function allocateLocalResources(
   instanceName: string,
 ): Promise<LocalInstanceResources> {
-  // First local assistant gets the home directory with default ports.
-  // Respect BASE_DATA_DIR when set (e.g. in e2e tests) so the daemon,
-  // gateway, and credential store all resolve paths under the same root.
-  const existingLocals = loadAllAssistants().filter((e) => e.cloud === "local");
-  if (existingLocals.length === 0) {
-    const baseDir = getBaseDir();
-    const vellumDir = join(baseDir, ".vellum");
-    return {
-      instanceDir: baseDir,
-      daemonPort: DEFAULT_DAEMON_PORT,
-      gatewayPort: DEFAULT_GATEWAY_PORT,
-      qdrantPort: DEFAULT_QDRANT_PORT,
-      cesPort: DEFAULT_CES_PORT,
-      pidFile: join(vellumDir, "vellum.pid"),
-    };
-  }
-
-  const instanceDir = join(
-    homedir(),
-    ".local",
-    "share",
-    "vellum",
-    "assistants",
-    instanceName,
-  );
+  const env = getCurrentEnvironment();
+  const instanceDir = join(getMultiInstanceDir(env), instanceName);
   mkdirSync(instanceDir, { recursive: true });
 
   // Collect ports already assigned to other local instances in the lockfile.
-  // Even if those instances are stopped, we must avoid reusing their ports
-  // to prevent binding collisions when both are woken.
   const reservedPorts: number[] = [];
   for (const entry of loadAllAssistants()) {
-    if (entry.cloud !== "local") continue;
-    if (entry.resources) {
-      reservedPorts.push(
-        entry.resources.daemonPort,
-        entry.resources.gatewayPort,
-        entry.resources.qdrantPort,
-        entry.resources.cesPort,
-      );
-    }
+    if (entry.cloud !== "local" || !entry.resources) continue;
+    reservedPorts.push(
+      entry.resources.daemonPort,
+      entry.resources.gatewayPort,
+      entry.resources.qdrantPort,
+      entry.resources.cesPort,
+    );
   }
 
-  // Allocate ports sequentially to avoid overlapping ranges assigning the
-  // same port to multiple services (e.g. daemon 7821-7920 overlaps gateway 7830-7929).
-  const daemonPort = await findAvailablePort(
-    DEFAULT_DAEMON_PORT,
-    reservedPorts,
-  );
-  const gatewayPort = await findAvailablePort(DEFAULT_GATEWAY_PORT, [
+  // Env-aware bases: non-prod envs sit in their own 1000-port window so
+  // running prod and staging assistants side-by-side doesn't collide. See
+  // `environments/seeds.ts:portBlock` for the layout.
+  const basePorts = getDefaultPorts(env);
+  const daemonPort = await findAvailablePort(basePorts.daemon, reservedPorts);
+  const gatewayPort = await findAvailablePort(basePorts.gateway, [
     ...reservedPorts,
     daemonPort,
   ]);
-  const qdrantPort = await findAvailablePort(DEFAULT_QDRANT_PORT, [
+  const qdrantPort = await findAvailablePort(basePorts.qdrant, [
     ...reservedPorts,
     daemonPort,
     gatewayPort,
   ]);
-  const cesPort = await findAvailablePort(DEFAULT_CES_PORT, [
+  const cesPort = await findAvailablePort(basePorts.ces, [
     ...reservedPorts,
     daemonPort,
     gatewayPort,
@@ -516,6 +478,18 @@ export async function allocateLocalResources(
   };
 }
 
+/**
+ * Return `platformBaseUrl` from the lockfile, if set. This is the value
+ * persisted by {@link syncConfigToLockfile} the last time the active
+ * assistant was hatched/waked, and is the source of truth for "which
+ * platform does the currently-active assistant target".
+ */
+export function getLockfilePlatformBaseUrl(): string | undefined {
+  const url = readLockfile().platformBaseUrl;
+  if (typeof url === "string" && url.trim()) return url.trim();
+  return undefined;
+}
+
 /**
  * Read the assistant config file and sync client-relevant values to the
  * lockfile. This lets external tools (e.g. vel) discover the platform URL

package/src/lib/aws.ts

@@ -411,7 +411,18 @@ export async function hatchAws(
       }
     }
 
-    const sshUser = userInfo().username;
+    let sshUser: string;
+    try {
+      sshUser = userInfo().username;
+    } catch {
+      sshUser = process.env.USER ?? "";
+    }
+    if (!sshUser) {
+      console.error(
+        "Error: Could not determine SSH username. Set the USER environment variable and try again.",
+      );
+      process.exit(1);
+    }
     const hatchedBy = process.env.VELLUM_HATCHED_BY;
     const providerApiKeys: Record<string, string> = {};
     for (const [, envVar] of Object.entries(PROVIDER_ENV_VAR_NAMES)) {

package/src/lib/config-utils.ts

@@ -5,8 +5,8 @@ import { join } from "path";
 /**
  * Convert flat dot-notation key=value pairs into a nested config object.
  *
- * e.g. {"services.inference.provider": "anthropic", "services.inference.model": "claude-opus-4-6"}
- *   → {services: {inference: {provider: "anthropic", model: "claude-opus-4-6"}}}
+ * e.g. {"llm.default.provider": "anthropic", "llm.default.model": "claude-opus-4-6"}
+ *   → {llm: {default: {provider: "anthropic", model: "claude-opus-4-6"}}}
  */
 export function buildNestedConfig(
   configValues: Record<string, string>,
@@ -39,8 +39,8 @@ export function buildNestedConfig(
  * values into its workspace config on first boot.
  *
  * Keys use dot-notation to address nested fields. For example:
- *   "services.inference.provider" → {services: {inference: {provider: ...}}}
- *   "services.inference.model"    → {services: {inference: {model: ...}}}
+ *   "llm.default.provider" → {llm: {default: {provider: ...}}}
+ *   "llm.default.model"    → {llm: {default: {model: ...}}}
  *
  * Returns undefined when configValues is empty (nothing to write).
  */

package/src/lib/constants.ts

@@ -16,16 +16,6 @@ export const DEFAULT_GATEWAY_PORT = 7830;
 export const DEFAULT_QDRANT_PORT = 6333;
 export const DEFAULT_CES_PORT = 8090;
 
-/**
- * Lockfile candidate filenames, checked in priority order.
- * `.vellum.lock.json` is the current name; `.vellum.lockfile.json` is the
- * legacy name kept for backwards compatibility with older installs.
- */
-export const LOCKFILE_NAMES = [
-  ".vellum.lock.json",
-  ".vellum.lockfile.json",
-] as const;
-
 export const VALID_REMOTE_HOSTS = [
   "local",
   "gcp",