@vellumai/cli 0.7.0 → 0.7.2

package/src/lib/__tests__/runtime-url.test.ts

@@ -0,0 +1,125 @@
+import { describe, expect, test } from "bun:test";
+
+import type { AssistantEntry } from "../assistant-config.js";
+import {
+  resolveRuntimeMigrationUrl,
+  resolveRuntimeUrl,
+} from "../runtime-url.js";
+
+function makeEntry(
+  overrides: Partial<AssistantEntry> & {
+    cloud: string;
+    runtimeUrl: string;
+    assistantId: string;
+  },
+): Pick<AssistantEntry, "cloud" | "runtimeUrl" | "assistantId"> {
+  return {
+    cloud: overrides.cloud,
+    runtimeUrl: overrides.runtimeUrl,
+    assistantId: overrides.assistantId,
+  };
+}
+
+describe("resolveRuntimeMigrationUrl", () => {
+  test("local cloud uses gateway-loopback /v1/migrations/<subpath>", () => {
+    const entry = makeEntry({
+      cloud: "local",
+      runtimeUrl: "http://localhost:7821",
+      assistantId: "ast-local-1",
+    });
+    expect(resolveRuntimeMigrationUrl(entry, "export-to-gcs")).toBe(
+      "http://localhost:7821/v1/migrations/export-to-gcs",
+    );
+    expect(resolveRuntimeMigrationUrl(entry, "import-from-gcs")).toBe(
+      "http://localhost:7821/v1/migrations/import-from-gcs",
+    );
+    expect(resolveRuntimeMigrationUrl(entry, "jobs/job-abc")).toBe(
+      "http://localhost:7821/v1/migrations/jobs/job-abc",
+    );
+  });
+
+  test("docker cloud uses gateway-loopback /v1/migrations/<subpath>", () => {
+    const entry = makeEntry({
+      cloud: "docker",
+      runtimeUrl: "http://localhost:7831",
+      assistantId: "ast-docker-1",
+    });
+    expect(resolveRuntimeMigrationUrl(entry, "export-to-gcs")).toBe(
+      "http://localhost:7831/v1/migrations/export-to-gcs",
+    );
+  });
+
+  test("vellum (platform-managed) cloud uses wildcard-proxy /v1/assistants/<id>/migrations/<subpath>", () => {
+    const entry = makeEntry({
+      cloud: "vellum",
+      runtimeUrl: "https://platform.vellum.ai",
+      assistantId: "11111111-2222-3333-4444-555555555555",
+    });
+    expect(resolveRuntimeMigrationUrl(entry, "export-to-gcs")).toBe(
+      "https://platform.vellum.ai/v1/assistants/11111111-2222-3333-4444-555555555555/migrations/export-to-gcs",
+    );
+    expect(resolveRuntimeMigrationUrl(entry, "import-from-gcs")).toBe(
+      "https://platform.vellum.ai/v1/assistants/11111111-2222-3333-4444-555555555555/migrations/import-from-gcs",
+    );
+    expect(resolveRuntimeMigrationUrl(entry, "jobs/job-xyz")).toBe(
+      "https://platform.vellum.ai/v1/assistants/11111111-2222-3333-4444-555555555555/migrations/jobs/job-xyz",
+    );
+  });
+
+  test("dev platform URL still routes through the wildcard prefix", () => {
+    const entry = makeEntry({
+      cloud: "vellum",
+      runtimeUrl: "https://dev-platform.vellum.ai",
+      assistantId: "ast-dev-1",
+    });
+    expect(resolveRuntimeMigrationUrl(entry, "export-to-gcs")).toBe(
+      "https://dev-platform.vellum.ai/v1/assistants/ast-dev-1/migrations/export-to-gcs",
+    );
+  });
+
+  test("a non-vellum, non-local cloud (e.g. gcp) uses the local-shape URL", () => {
+    const entry = makeEntry({
+      cloud: "gcp",
+      runtimeUrl: "http://10.0.0.5:7821",
+      assistantId: "ast-gcp-1",
+    });
+    expect(resolveRuntimeMigrationUrl(entry, "export-to-gcs")).toBe(
+      "http://10.0.0.5:7821/v1/migrations/export-to-gcs",
+    );
+  });
+});
+
+describe("resolveRuntimeUrl", () => {
+  test("local cloud uses gateway-loopback /v1/<subpath>", () => {
+    const entry = makeEntry({
+      cloud: "local",
+      runtimeUrl: "http://localhost:7821",
+      assistantId: "ast-local-1",
+    });
+    expect(resolveRuntimeUrl(entry, "identity")).toBe(
+      "http://localhost:7821/v1/identity",
+    );
+  });
+
+  test("docker cloud uses gateway-loopback /v1/<subpath>", () => {
+    const entry = makeEntry({
+      cloud: "docker",
+      runtimeUrl: "http://localhost:7831",
+      assistantId: "ast-docker-1",
+    });
+    expect(resolveRuntimeUrl(entry, "identity")).toBe(
+      "http://localhost:7831/v1/identity",
+    );
+  });
+
+  test("vellum cloud uses wildcard-proxy /v1/assistants/<id>/<subpath>", () => {
+    const entry = makeEntry({
+      cloud: "vellum",
+      runtimeUrl: "https://platform.vellum.ai",
+      assistantId: "11111111-2222-3333-4444-555555555555",
+    });
+    expect(resolveRuntimeUrl(entry, "identity")).toBe(
+      "https://platform.vellum.ai/v1/assistants/11111111-2222-3333-4444-555555555555/identity",
+    );
+  });
+});

package/src/lib/__tests__/terminal-session.test.ts

@@ -0,0 +1,202 @@
+import { describe, expect, test } from "bun:test";
+
+import {
+  parseSentinelOutput,
+  stripAnsi,
+} from "../terminal-session.js";
+
+const START = "__VELLUM_EXEC_START_1234__";
+const END = "__VELLUM_EXEC_END_1234__";
+
+// ---------------------------------------------------------------------------
+// stripAnsi
+// ---------------------------------------------------------------------------
+
+describe("stripAnsi", () => {
+  test("removes SGR color codes", () => {
+    expect(stripAnsi("\x1b[32mINFO\x1b[39m hello")).toBe("INFO hello");
+  });
+
+  test("removes OSC title sequences", () => {
+    expect(stripAnsi("\x1b]0;title\x07prompt$ ")).toBe("prompt$ ");
+  });
+
+  test("removes carriage returns", () => {
+    expect(stripAnsi("line1\r\nline2\r\n")).toBe("line1\nline2\n");
+  });
+
+  test("removes bracket-paste mode escapes", () => {
+    expect(stripAnsi("\x1b[?2004hroot$ ")).toBe("root$ ");
+  });
+
+  test("removes charset designator sequences", () => {
+    expect(stripAnsi("\x1b(Bhello")).toBe("hello");
+  });
+
+  test("passes through plain text unchanged", () => {
+    expect(stripAnsi("just plain text")).toBe("just plain text");
+  });
+
+  test("handles mixed ANSI sequences", () => {
+    const raw =
+      "\x1b[?2004hroot:/workspace$ \r\x1b[K\rroot:/workspace$ echo hello\r\nhello\r\n";
+    const clean = stripAnsi(raw);
+    expect(clean).not.toContain("\x1b");
+    expect(clean).not.toContain("\r");
+    expect(clean).toContain("hello");
+  });
+});
+
+// ---------------------------------------------------------------------------
+// parseSentinelOutput
+// ---------------------------------------------------------------------------
+
+describe("parseSentinelOutput", () => {
+  test("extracts output between sentinels", () => {
+    const cleaned = [
+      `echo '${START}'; ls; echo '${END}'; echo '__VELLUM_EXIT_'$__ec`,
+      START,
+      "file1.txt",
+      "file2.txt",
+      END,
+      "__VELLUM_EXIT_0",
+    ].join("\n");
+
+    const result = parseSentinelOutput(cleaned, START, END);
+    expect(result.output).toBe("file1.txt\nfile2.txt");
+    expect(result.exitCode).toBe(0);
+  });
+
+  test("extracts non-zero exit code", () => {
+    const cleaned = [
+      `echo '${START}'; false; echo '${END}'; echo '__VELLUM_EXIT_'$__ec`,
+      START,
+      END,
+      "__VELLUM_EXIT_1",
+    ].join("\n");
+
+    const result = parseSentinelOutput(cleaned, START, END);
+    expect(result.output).toBe("");
+    expect(result.exitCode).toBe(1);
+  });
+
+  test("handles exit code 127 (command not found)", () => {
+    const cleaned = [
+      START,
+      "bash: nosuchcmd: command not found",
+      END,
+      "__VELLUM_EXIT_127",
+    ].join("\n");
+
+    const result = parseSentinelOutput(cleaned, START, END);
+    expect(result.output).toBe("bash: nosuchcmd: command not found");
+    expect(result.exitCode).toBe(127);
+  });
+
+  test("uses last start sentinel (skips command echo)", () => {
+    // The command echo contains the sentinel text, then the actual output
+    // sentinel comes later. Parser must pick the last START, not the echo.
+    const cleaned = [
+      `root$ echo '${START}'; mycommand; echo '${END}'; echo '__VELLUM_EXIT_'$__ec`,
+      START,
+      "real output here",
+      END,
+      "__VELLUM_EXIT_0",
+    ].join("\n");
+
+    const result = parseSentinelOutput(cleaned, START, END);
+    expect(result.output).toBe("real output here");
+    expect(result.exitCode).toBe(0);
+  });
+
+  test("regression: end sentinel in echo before start sentinel in output", () => {
+    // This was the original bug: backward search found END in the echo
+    // (line 0) before START in the output (line 1), giving endIdx < startIdx.
+    const cleaned = [
+      `echo '${START}'; cmd; echo '${END}'; echo '__VELLUM_EXIT_'$__ec; exit $__ec`,
+      START,
+      "[INFO] Running clawhub command",
+      '    args: ["search"]',
+      '    cwd: "/workspace"',
+    ].join("\n");
+
+    // No end sentinel in actual output yet (stream was cut short in old code)
+    const result = parseSentinelOutput(cleaned, START, END);
+    // Should still return the partial output (no end sentinel → take everything)
+    expect(result.output).toContain("[INFO] Running clawhub command");
+    expect(result.output).toContain('cwd: "/workspace"');
+  });
+
+  test("handles multiline output with special characters", () => {
+    const cleaned = [
+      START,
+      "📤 Resend Email Setup [installed]",
+      "  ID: resend-setup",
+      '  Set up and send emails via a user-provided Resend account (BYO email provider)',
+      "",
+      "Community registry (1):",
+      "",
+      "  resend-setup [installed]",
+      END,
+      "__VELLUM_EXIT_0",
+    ].join("\n");
+
+    const result = parseSentinelOutput(cleaned, START, END);
+    expect(result.output).toContain("📤 Resend Email Setup");
+    expect(result.output).toContain("Community registry (1):");
+    expect(result.exitCode).toBe(0);
+  });
+
+  test("returns empty output and exit code 0 when no sentinels found", () => {
+    const cleaned = "just some random output\nwith no sentinels\n";
+    const result = parseSentinelOutput(cleaned, START, END);
+    // Falls back to entire output (trimmed)
+    expect(result.output).toBe(
+      "just some random output\nwith no sentinels",
+    );
+    expect(result.exitCode).toBe(0);
+  });
+
+  test("handles output with only start sentinel (no end)", () => {
+    const cleaned = [
+      START,
+      "partial output",
+      "more output",
+    ].join("\n");
+
+    const result = parseSentinelOutput(cleaned, START, END);
+    expect(result.output).toBe("partial output\nmore output");
+    expect(result.exitCode).toBe(0);
+  });
+
+  test("handles real-world verbose trace structure", () => {
+    // Simulates the full cleaned output from a real exec session
+    const cleaned = [
+      "root:/workspace$ root:/workspace$ " +
+        `echo '${START}'; 'assistant' 'skills' 'search' 'resend-setup'; __ec=$?; echo ` +
+        ` '${END}'; echo '__VELLUM_EXIT_'$__ec; exit $__ec`,
+      START,
+      "[13:06:38.851] INFO (761 on pod-0): [clawhub] Running clawhub command",
+      '    args: [',
+      '      "search",',
+      '      "resend-setup",',
+      '      "--limit",',
+      '      "10"',
+      "    ]",
+      '    cwd: "/workspace"',
+      "Bundled & installed skills (1):",
+      "",
+      "  📤 Resend Email Setup [installed]",
+      "    ID: resend-setup",
+      "",
+      END,
+      "__VELLUM_EXIT_0",
+    ].join("\n");
+
+    const result = parseSentinelOutput(cleaned, START, END);
+    expect(result.output).toContain("Bundled & installed skills (1):");
+    expect(result.output).toContain("📤 Resend Email Setup [installed]");
+    expect(result.output).toContain("[clawhub] Running clawhub command");
+    expect(result.exitCode).toBe(0);
+  });
+});

package/src/lib/assistant-client.ts

@@ -13,9 +13,7 @@
  */
 
 import {
-  findAssistantByName,
-  getActiveAssistant,
-  loadLatestAssistant,
+  resolveAssistant,
 } from "./assistant-config.js";
 import { GATEWAY_PORT } from "./constants.js";
 import { loadGuardianToken } from "./guardian-token.js";
@@ -28,8 +26,8 @@ export interface AssistantClientOpts {
   /**
    * When provided alongside `orgId`, the client authenticates with a
    * session token instead of a guardian token.  The session token is
-   * sent as `Authorization: Bearer <sessionToken>` and the org id is
-   * sent via the `X-Vellum-Org-Id` header.
+   * sent as `X-Session-Token: <sessionToken>` and the org id is
+   * sent via the `Vellum-Organization-Id` header.
    */
   sessionToken?: string;
   /** Required when `sessionToken` is provided. */
@@ -48,6 +46,8 @@ export class AssistantClient {
 
   private readonly _assistantId: string;
   private readonly token: string | undefined;
+  /** True when token is a platform session token (X-Session-Token), false for guardian JWT (Authorization: Bearer). */
+  private readonly isSessionAuth: boolean;
   private readonly orgId: string | undefined;
 
   /**
@@ -58,27 +58,13 @@ export class AssistantClient {
    * @throws If no matching assistant is found.
    */
   constructor(opts?: AssistantClientOpts) {
-    const nameOrId = opts?.assistantId;
-    let entry = nameOrId ? findAssistantByName(nameOrId) : null;
-
-    if (nameOrId && !entry) {
-      throw new Error(`No assistant found with name '${nameOrId}'.`);
-    }
-
-    if (!entry) {
-      const active = getActiveAssistant();
-      if (active) {
-        entry = findAssistantByName(active);
-      }
-    }
-
-    if (!entry) {
-      entry = loadLatestAssistant();
-    }
+    const entry = resolveAssistant(opts?.assistantId);
 
     if (!entry) {
       throw new Error(
-        "No assistant found. Hatch one first with 'vellum hatch'.",
+        opts?.assistantId
+          ? `No assistant found with name '${opts.assistantId}'.`
+          : "No assistant found. Hatch one first with 'vellum hatch'.",
       );
     }
 
@@ -90,12 +76,14 @@ export class AssistantClient {
     this._assistantId = entry.assistantId;
 
     if (opts?.sessionToken) {
-      // Platform assistant: use session token + org id header.
+      // Platform assistant: use X-Session-Token + Vellum-Organization-Id.
       this.token = opts.sessionToken;
+      this.isSessionAuth = true;
       this.orgId = opts.orgId;
     } else {
       this.token =
         loadGuardianToken(this._assistantId)?.accessToken ?? entry.bearerToken;
+      this.isSessionAuth = false;
       this.orgId = undefined;
     }
   }
@@ -191,10 +179,14 @@ export class AssistantClient {
 
     const headers: Record<string, string> = { ...opts?.headers };
     if (this.token) {
-      headers["Authorization"] ??= `Bearer ${this.token}`;
+      if (this.isSessionAuth) {
+        headers["X-Session-Token"] ??= this.token;
+      } else {
+        headers["Authorization"] ??= `Bearer ${this.token}`;
+      }
     }
     if (this.orgId) {
-      headers["X-Vellum-Org-Id"] ??= this.orgId;
+      headers["Vellum-Organization-Id"] ??= this.orgId;
     }
     if (body !== undefined) {
       headers["Content-Type"] = "application/json";

package/src/lib/assistant-config.ts

@@ -108,10 +108,6 @@ interface LockfileData {
   [key: string]: unknown;
 }
 
-export function getBaseDir(): string {
-  return process.env.BASE_DATA_DIR?.trim() || homedir();
-}
-
 /**
  * Derive the daemon PID file path from a resources object. The PID file
  * lives inside the instance's workspace directory. When no resources are
@@ -343,19 +339,17 @@ export function setActiveAssistant(assistantId: string): void {
 }
 
 /**
- * Resolve which assistant to target for a command. Priority:
+ * Best-effort resolution of the target assistant. Returns null when no
+ * match is found — callers decide how to handle the absence.
+ *
+ * Priority:
  * 1. Explicit name argument
  * 2. Active assistant set via `vellum use`
- * 3. Sole local assistant (when exactly one exists)
+ * 3. Sole lockfile entry (any cloud)
  */
-export function resolveTargetAssistant(nameArg?: string): AssistantEntry {
+export function resolveAssistant(nameArg?: string): AssistantEntry | null {
   if (nameArg) {
-    const entry = findAssistantByName(nameArg);
-    if (!entry) {
-      console.error(`No assistant found with name '${nameArg}'.`);
-      process.exit(1);
-    }
-    return entry;
+    return findAssistantByName(nameArg);
   }
 
   const active = getActiveAssistant();
@@ -366,15 +360,35 @@ export function resolveTargetAssistant(nameArg?: string): AssistantEntry {
   }
 
   const all = readAssistants();
-  const locals = all.filter((e) => e.cloud === "local");
-  if (locals.length === 1) return locals[0];
+  if (all.length === 1) return all[0];
+
+  return null;
+}
+
+/**
+ * Resolve which assistant to target for a command, exiting the process
+ * with a user-facing error when resolution fails.
+ *
+ * Priority:
+ * 1. Explicit name argument
+ * 2. Active assistant set via `vellum use`
+ * 3. Sole lockfile entry (any cloud)
+ */
+export function resolveTargetAssistant(nameArg?: string): AssistantEntry {
+  const entry = resolveAssistant(nameArg);
+  if (entry) return entry;
 
-  if (locals.length === 0) {
-    console.error("No local assistant found. Run 'vellum hatch local' first.");
+  if (nameArg) {
+    console.error(`No assistant found with name '${nameArg}'.`);
   } else {
-    console.error(
-      `Multiple assistants found. Set an active assistant with 'vellum use <name>'.`,
-    );
+    const all = readAssistants();
+    if (all.length === 0) {
+      console.error("No assistant found. Run 'vellum hatch' first.");
+    } else {
+      console.error(
+        `Multiple assistants found. Set an active assistant with 'vellum use <name>'.`,
+      );
+    }
   }
   process.exit(1);
 }
@@ -494,25 +508,4 @@ export function getLockfilePlatformBaseUrl(): string | undefined {
   return undefined;
 }
 
-/**
- * Read the assistant config file and sync client-relevant values to the
- * lockfile. This lets external tools (e.g. vel) discover the platform URL
- * without importing the assistant config schema.
- */
-export function syncConfigToLockfile(): void {
-  const configPath = join(getBaseDir(), ".vellum", "workspace", "config.json");
-  if (!existsSync(configPath)) return;
 
-  try {
-    const raw = JSON.parse(readFileSync(configPath, "utf-8")) as Record<
-      string,
-      unknown
-    >;
-    const platform = raw.platform as Record<string, unknown> | undefined;
-    const data = readLockfile();
-    data.platformBaseUrl = (platform?.baseUrl as string) || undefined;
-    writeLockfile(data);
-  } catch {
-    // Config file unreadable — skip sync
-  }
-}

package/src/lib/backup-ops.ts

@@ -9,7 +9,10 @@ import {
 import { homedir } from "os";
 import { dirname, join } from "path";
 
-import { loadGuardianToken, leaseGuardianToken } from "./guardian-token.js";
+import {
+  loadGuardianToken,
+  refreshGuardianToken,
+} from "./guardian-token.js";
 
 /** Default backup directory following XDG convention */
 export function getBackupsDir(): string {
@@ -25,20 +28,25 @@ export function formatSize(bytes: number): string {
   return `${(bytes / (1024 * 1024)).toFixed(1)} MB`;
 }
 
-/** Obtain a valid guardian access token (cached or fresh lease) */
+/**
+ * Obtain a valid guardian access token.
+ *
+ * Resolution order:
+ *  1. Cached token that is not yet expired — use as-is.
+ *  2. Cached token with a valid refresh token — call /v1/guardian/refresh.
+ *  3. No usable token — return null so callers can skip the backup gracefully
+ *     rather than hitting /v1/guardian/init (which 403s on bootstrapped instances).
+ */
 async function getGuardianAccessToken(
   runtimeUrl: string,
   assistantId: string,
-  forceRefresh?: boolean,
-): Promise<string> {
-  if (!forceRefresh) {
-    const tokenData = loadGuardianToken(assistantId);
-    if (tokenData && new Date(tokenData.accessTokenExpiresAt) > new Date()) {
-      return tokenData.accessToken;
-    }
+): Promise<string | null> {
+  const tokenData = loadGuardianToken(assistantId);
+  if (tokenData && new Date(tokenData.accessTokenExpiresAt) > new Date()) {
+    return tokenData.accessToken;
   }
-  const freshToken = await leaseGuardianToken(runtimeUrl, assistantId);
-  return freshToken.accessToken;
+  const refreshed = await refreshGuardianToken(runtimeUrl, assistantId);
+  return refreshed?.accessToken ?? null;
 }
 
 /**
@@ -53,6 +61,10 @@ export async function createBackup(
 ): Promise<string | null> {
   try {
     let accessToken = await getGuardianAccessToken(runtimeUrl, assistantId);
+    if (!accessToken) {
+      console.warn("Warning: backup skipped — no valid guardian token available");
+      return null;
+    }
 
     let response = await fetch(`${runtimeUrl}/v1/migrations/export`, {
       method: "POST",
@@ -66,10 +78,15 @@ export async function createBackup(
       signal: AbortSignal.timeout(120_000),
     });
 
-    // Retry once with a fresh token on 401 — the cached token may be stale
-    // after a container restart that generated a new gateway signing key.
+    // Retry once with a refreshed token on 401 — the cached token may be
+    // stale after a container restart that regenerated the gateway signing key.
     if (response.status === 401) {
-      accessToken = await getGuardianAccessToken(runtimeUrl, assistantId, true);
+      const refreshed = await refreshGuardianToken(runtimeUrl, assistantId);
+      if (!refreshed) {
+        console.warn(`Warning: backup export failed (401) and token refresh failed`);
+        return null;
+      }
+      accessToken = refreshed.accessToken;
       response = await fetch(`${runtimeUrl}/v1/migrations/export`, {
         method: "POST",
         headers: {
@@ -130,6 +147,10 @@ export async function restoreBackup(
 
     const bundleData = readFileSync(backupPath);
     let accessToken = await getGuardianAccessToken(runtimeUrl, assistantId);
+    if (!accessToken) {
+      console.warn("Warning: restore skipped — no valid guardian token available");
+      return false;
+    }
 
     let response = await fetch(`${runtimeUrl}/v1/migrations/import`, {
       method: "POST",
@@ -141,10 +162,15 @@ export async function restoreBackup(
       signal: AbortSignal.timeout(120_000),
     });
 
-    // Retry once with a fresh token on 401 — the cached token may be stale
-    // after a container restart that generated a new gateway signing key.
+    // Retry once with a refreshed token on 401 — the cached token may be
+    // stale after a container restart that regenerated the gateway signing key.
     if (response.status === 401) {
-      accessToken = await getGuardianAccessToken(runtimeUrl, assistantId, true);
+      const refreshed = await refreshGuardianToken(runtimeUrl, assistantId);
+      if (!refreshed) {
+        console.warn(`Warning: restore failed (401) and token refresh failed`);
+        return false;
+      }
+      accessToken = refreshed.accessToken;
       response = await fetch(`${runtimeUrl}/v1/migrations/import`, {
         method: "POST",
         headers: {

package/src/lib/cli-error.ts

@@ -9,6 +9,7 @@
 
 /** Known error categories emitted by CLI commands. */
 export type CliErrorCategory =
+  | "CLI_UPDATE_FAILED"
   | "DOCKER_NOT_RUNNING"
   | "IMAGE_PULL_FAILED"
   | "MISSING_VERSION"

package/src/lib/client-identity.ts

@@ -2,7 +2,7 @@
  * Stable per-install client identity for the CLI.
  *
  * Generates a UUID on first use and persists it to
- * `~/.config/vellum/client-id` so the daemon's ClientRegistry can
+ * `~/.config/vellum/client-id` so the daemon's event hub can
  * track this terminal across SSE reconnects and CLI restarts.
  */