vellum 0.2.12 → 0.2.14

package/src/daemon/handlers/index.ts

@@ -86,6 +86,7 @@ const inlineHandlers = defineHandlers({
     });
   },
   integration_disconnect: () => { /* no-op — integration registry removed */ },
+
 });
 
 const handlers = {

package/src/daemon/handlers/sessions.ts

@@ -1,6 +1,7 @@
 import * as net from 'node:net';
 import { v4 as uuid } from 'uuid';
 import * as conversationStore from '../../memory/conversation-store.js';
+import * as externalConversationStore from '../../memory/external-conversation-store.js';
 import { checkIngressForSecrets } from '../../security/secret-ingress.js';
 import { classifySessionError, buildSessionErrorMessage } from '../session-error.js';
 import { getAttachmentsForMessage, setAttachmentThumbnail } from '../../memory/attachments-store.js';
@@ -199,14 +200,29 @@ export function handleSecretResponse(
 
 export function handleSessionList(socket: net.Socket, ctx: HandlerContext): void {
   const conversations = conversationStore.listConversations(50);
+  const bindings = externalConversationStore.getBindingsForConversations(
+    conversations.map((c) => c.id),
+  );
   ctx.send(socket, {
     type: 'session_list_response',
-    sessions: conversations.map((c) => ({
-      id: c.id,
-      title: c.title ?? 'Untitled',
-      updatedAt: c.updatedAt,
-      threadType: normalizeThreadType(c.threadType),
-    })),
+    sessions: conversations.map((c) => {
+      const binding = bindings.get(c.id);
+      return {
+        id: c.id,
+        title: c.title ?? 'Untitled',
+        updatedAt: c.updatedAt,
+        threadType: normalizeThreadType(c.threadType),
+        ...(binding ? {
+          channelBinding: {
+            sourceChannel: binding.sourceChannel,
+            externalChatId: binding.externalChatId,
+            externalUserId: binding.externalUserId,
+            displayName: binding.displayName,
+            username: binding.username,
+          },
+        } : {}),
+      };
+    }),
   });
 }
 

package/src/daemon/handlers/shared.ts

@@ -8,6 +8,7 @@ import { estimateBase64Bytes } from '../assistant-attachments.js';
 import type { ClientMessage, CuSessionCreate, ServerMessage, SessionTransportMetadata } from '../ipc-protocol.js';
 import type { SecretPromptResult } from '../../permissions/secret-prompter.js';
 import { getConfig } from '../../config/loader.js';
+import type { DebouncerMap } from '../../util/debounce.js';
 
 const log = getLogger('handlers');
 
@@ -115,7 +116,7 @@ export interface HandlerContext {
   cuObservationParseSequence: Map<string, number>;
   socketSandboxOverride: Map<net.Socket, boolean>;
   sharedRequestTimestamps: number[];
-  debounceTimers: Map<string, ReturnType<typeof setTimeout>>;
+  debounceTimers: DebouncerMap;
   suppressConfigReload: boolean;
   setSuppressConfigReload(value: boolean): void;
   updateConfigFingerprint(): void;

package/src/daemon/handlers/skills.ts

@@ -61,10 +61,7 @@ export function handleSkillsEnable(
     }
     invalidateConfigCache();
 
-    const existingSuppressTimer = ctx.debounceTimers.get('__suppress_reset__');
-    if (existingSuppressTimer) clearTimeout(existingSuppressTimer);
-    const resetTimer = setTimeout(() => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
-    ctx.debounceTimers.set('__suppress_reset__', resetTimer);
+    ctx.debounceTimers.schedule('__suppress_reset__', () => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
 
     ctx.updateConfigFingerprint();
 
@@ -108,10 +105,7 @@ export function handleSkillsDisable(
     }
     invalidateConfigCache();
 
-    const existingSuppressTimer = ctx.debounceTimers.get('__suppress_reset__');
-    if (existingSuppressTimer) clearTimeout(existingSuppressTimer);
-    const resetTimer = setTimeout(() => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
-    ctx.debounceTimers.set('__suppress_reset__', resetTimer);
+    ctx.debounceTimers.schedule('__suppress_reset__', () => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
 
     ctx.updateConfigFingerprint();
 
@@ -165,10 +159,7 @@ export function handleSkillsConfigure(
     }
     invalidateConfigCache();
 
-    const existingSuppressTimer = ctx.debounceTimers.get('__suppress_reset__');
-    if (existingSuppressTimer) clearTimeout(existingSuppressTimer);
-    const resetTimer = setTimeout(() => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
-    ctx.debounceTimers.set('__suppress_reset__', resetTimer);
+    ctx.debounceTimers.schedule('__suppress_reset__', () => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
 
     ctx.updateConfigFingerprint();
 
@@ -226,10 +217,7 @@ export async function handleSkillsInstall(
         throw err;
       }
       invalidateConfigCache();
-      const existingSuppressTimer = ctx.debounceTimers.get('__suppress_reset__');
-      if (existingSuppressTimer) clearTimeout(existingSuppressTimer);
-      const resetTimer = setTimeout(() => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
-      ctx.debounceTimers.set('__suppress_reset__', resetTimer);
+      ctx.debounceTimers.schedule('__suppress_reset__', () => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
       ctx.updateConfigFingerprint();
     } catch (err) {
       log.warn({ err, skillId }, 'Failed to auto-enable installed skill');
@@ -321,10 +309,7 @@ export async function handleSkillsUninstall(
       }
       invalidateConfigCache();
 
-      const existingSuppressTimer = ctx.debounceTimers.get('__suppress_reset__');
-      if (existingSuppressTimer) clearTimeout(existingSuppressTimer);
-      const resetTimer = setTimeout(() => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
-      ctx.debounceTimers.set('__suppress_reset__', resetTimer);
+      ctx.debounceTimers.schedule('__suppress_reset__', () => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
 
       ctx.updateConfigFingerprint();
     }

package/src/daemon/ipc-contract-inventory.json

@@ -3,8 +3,12 @@
     "AcceptStarterBundle",
     "AddTrustRule",
     "AppDataRequest",
+    "AppDiffRequest",
+    "AppFileAtVersionRequest",
+    "AppHistoryRequest",
     "AppOpenRequest",
     "AppPreviewRequest",
+    "AppRestoreRequest",
     "AppUpdatePreviewRequest",
     "AppsListRequest",
     "AuthMessage",
@@ -82,6 +86,9 @@
     "SubagentStatusRequest",
     "SuggestionRequest",
     "TaskSubmit",
+    "TelegramConfigRequest",
+    "ToolNamesListRequest",
+    "ToolPermissionSimulateRequest",
     "TrustRulesList",
     "TwitterAuthStartRequest",
     "TwitterAuthStatusRequest",
@@ -112,8 +119,12 @@
     "AcceptStarterBundleResponse",
     "AgentHeartbeatAlert",
     "AppDataResponse",
+    "AppDiffResponse",
+    "AppFileAtVersionResponse",
     "AppFilesChanged",
+    "AppHistoryResponse",
     "AppPreviewResponse",
+    "AppRestoreResponse",
     "AppUpdatePreviewResponse",
     "AppsListResponse",
     "AssistantTextDelta",
@@ -193,8 +204,11 @@
     "TaskRouted",
     "TaskRunThreadCreated",
     "TasksChanged",
+    "TelegramConfigResponse",
     "ToolInputDelta",
+    "ToolNamesListResponse",
     "ToolOutputChunk",
+    "ToolPermissionSimulateResponse",
     "ToolResult",
     "ToolUseStart",
     "TraceEvent",
@@ -234,8 +248,12 @@
     "accept_starter_bundle",
     "add_trust_rule",
     "app_data_request",
+    "app_diff_request",
+    "app_file_at_version_request",
+    "app_history_request",
     "app_open_request",
     "app_preview_request",
+    "app_restore_request",
     "app_update_preview",
     "apps_list",
     "auth",
@@ -313,6 +331,9 @@
     "subagent_status",
     "suggestion_request",
     "task_submit",
+    "telegram_config",
+    "tool_names_list",
+    "tool_permission_simulate",
     "trust_rules_list",
     "twitter_auth_start",
     "twitter_auth_status",
@@ -343,8 +364,12 @@
     "accept_starter_bundle_response",
     "agent_heartbeat_alert",
     "app_data_response",
+    "app_diff_response",
+    "app_file_at_version_response",
     "app_files_changed",
+    "app_history_response",
     "app_preview_response",
+    "app_restore_response",
     "app_update_preview_response",
     "apps_list_response",
     "assistant_text_delta",
@@ -424,8 +449,11 @@
     "task_routed",
     "task_run_thread_created",
     "tasks_changed",
+    "telegram_config_response",
     "tool_input_delta",
+    "tool_names_list_response",
     "tool_output_chunk",
+    "tool_permission_simulate_response",
     "tool_result",
     "tool_use_start",
     "trace_event",

package/src/daemon/ipc-contract.ts

@@ -318,6 +318,10 @@ export interface AddTrustRule {
   pattern: string;
   scope: string;
   decision: 'allow' | 'deny' | 'ask';
+  /** When true, the rule also covers high-risk invocations. */
+  allowHighRisk?: boolean;
+  /** Execution target override for this rule. */
+  executionTarget?: 'host' | 'sandbox';
 }
 
 export interface TrustRulesList {
@@ -456,6 +460,32 @@ export interface GalleryInstallRequest {
   galleryAppId: string;
 }
 
+export interface AppHistoryRequest {
+  type: 'app_history_request';
+  appId: string;
+  limit?: number;
+}
+
+export interface AppDiffRequest {
+  type: 'app_diff_request';
+  appId: string;
+  fromCommit: string;
+  toCommit?: string;
+}
+
+export interface AppFileAtVersionRequest {
+  type: 'app_file_at_version_request';
+  appId: string;
+  path: string;
+  commitHash: string;
+}
+
+export interface AppRestoreRequest {
+  type: 'app_restore_request';
+  appId: string;
+  commitHash: string;
+}
+
 export interface ShareAppCloudRequest {
   type: 'share_app_cloud';
   appId: string;
@@ -494,10 +524,29 @@ export interface VercelApiConfigResponse {
 
 export interface TwitterIntegrationConfigRequest {
   type: 'twitter_integration_config';
-  action: 'get' | 'set_mode' | 'set_local_client' | 'clear_local_client' | 'disconnect';
+  action: 'get' | 'set_mode' | 'set_local_client' | 'clear_local_client' | 'disconnect' | 'get_strategy' | 'set_strategy';
   mode?: 'local_byo' | 'managed';
   clientId?: string;
   clientSecret?: string;
+  strategy?: string;
+}
+
+export interface TelegramConfigRequest {
+  type: 'telegram_config';
+  action: 'get' | 'set' | 'clear' | 'set_commands';
+  botToken?: string;  // Only for action: 'set'
+  commands?: Array<{ command: string; description: string }>;  // Only for action: 'set_commands'
+}
+
+export interface TelegramConfigResponse {
+  type: 'telegram_config_response';
+  success: boolean;
+  hasBotToken: boolean;
+  botUsername?: string;
+  connected: boolean;
+  hasWebhookSecret: boolean;
+  lastError?: string;
+  error?: string;
 }
 
 export interface TwitterIntegrationConfigResponse {
@@ -508,6 +557,9 @@ export interface TwitterIntegrationConfigResponse {
   localClientConfigured: boolean;
   connected: boolean;
   accountInfo?: string;
+  strategy?: 'oauth' | 'browser' | 'auto';
+  /** Whether the user has explicitly set a strategy (vs. relying on the default 'auto'). */
+  strategyConfigured?: boolean;
   error?: string;
 }
 
@@ -892,6 +944,24 @@ export interface IdentityGetRequest {
   type: 'identity_get';
 }
 
+export interface ToolPermissionSimulateRequest {
+  type: 'tool_permission_simulate';
+  /** Tool name to simulate (e.g. 'bash', 'file_write'). */
+  toolName: string;
+  /** Tool input record to simulate. */
+  input: Record<string, unknown>;
+  /** Working directory context; defaults to daemon cwd when omitted. */
+  workingDir?: string;
+  /** Whether the simulated context is interactive (default true). */
+  isInteractive?: boolean;
+  /** When true, side-effect tools that would normally be auto-allowed get promoted to prompt. */
+  forcePromptSideEffects?: boolean;
+}
+
+export interface ToolNamesListRequest {
+  type: 'tool_names_list';
+}
+
 export type ClientMessage =
   | AuthMessage
   | UserMessage
@@ -961,11 +1031,16 @@ export type ClientMessage =
   | IngressConfigRequest
   | VercelApiConfigRequest
   | TwitterIntegrationConfigRequest
+  | TelegramConfigRequest
   | TwitterAuthStartRequest
   | TwitterAuthStatusRequest
   | SessionsClearRequest
   | GalleryListRequest
   | GalleryInstallRequest
+  | AppHistoryRequest
+  | AppDiffRequest
+  | AppFileAtVersionRequest
+  | AppRestoreRequest
   | AppUpdatePreviewRequest
   | AppPreviewRequest
   | PublishPageRequest
@@ -999,7 +1074,9 @@ export type ClientMessage =
   | SubagentDetailRequest
   | WorkspaceFilesListRequest
   | WorkspaceFileReadRequest
-  | IdentityGetRequest;
+  | IdentityGetRequest
+  | ToolPermissionSimulateRequest
+  | ToolNamesListRequest;
 
 export interface IntegrationListRequest {
   type: 'integration_list';
@@ -1106,12 +1183,6 @@ export interface ConfirmationRequest {
   diff?: { filePath: string; oldContent: string; newContent: string; isNewFile: boolean };
   sandboxed?: boolean;
   sessionId?: string;
-  /** Principal kind that initiated this tool use (e.g. 'core' or 'skill'). */
-  principalKind?: string;
-  /** Skill ID when principalKind is 'skill'. */
-  principalId?: string;
-  /** Content-hash of the skill source for version tracking. */
-  principalVersion?: string;
   /** When false, the client should hide "always allow" / trust-rule persistence affordances. */
   persistentDecisionsAllowed?: boolean;
 }
@@ -1149,9 +1220,18 @@ export interface SessionInfo {
   threadType?: ThreadType;
 }
 
+/** Channel binding metadata exposed in session/conversation list APIs. */
+export interface ChannelBinding {
+  sourceChannel: string;
+  externalChatId: string;
+  externalUserId?: string | null;
+  displayName?: string | null;
+  username?: string | null;
+}
+
 export interface SessionListResponse {
   type: 'session_list_response';
-  sessions: Array<{ id: string; title: string; updatedAt: number; threadType?: ThreadType }>;
+  sessions: Array<{ id: string; title: string; updatedAt: number; threadType?: ThreadType; channelBinding?: ChannelBinding }>;
 }
 
 export interface SessionsClearResponse {
@@ -1695,6 +1775,35 @@ export interface GalleryInstallResponse {
   error?: string;
 }
 
+export interface AppHistoryResponse {
+  type: 'app_history_response';
+  appId: string;
+  versions: Array<{
+    commitHash: string;
+    message: string;
+    timestamp: number;
+  }>;
+}
+
+export interface AppDiffResponse {
+  type: 'app_diff_response';
+  appId: string;
+  diff: string;
+}
+
+export interface AppFileAtVersionResponse {
+  type: 'app_file_at_version_response';
+  appId: string;
+  path: string;
+  content: string;
+}
+
+export interface AppRestoreResponse {
+  type: 'app_restore_response';
+  success: boolean;
+  error?: string;
+}
+
 export interface ShareToSlackResponse {
   type: 'share_to_slack_response';
   success: boolean;
@@ -2160,6 +2269,48 @@ export interface IdentityGetResponse {
   originSystem?: string;
 }
 
+export interface ToolPermissionSimulateResponse {
+  type: 'tool_permission_simulate_response';
+  success: boolean;
+  /** The simulated permission decision. */
+  decision?: 'allow' | 'deny' | 'prompt';
+  /** Risk level of the simulated tool invocation. */
+  riskLevel?: string;
+  /** Human-readable reason for the decision. */
+  reason?: string;
+  /** When decision is 'prompt', the data needed to render a ToolConfirmationBubble. */
+  promptPayload?: {
+    allowlistOptions: Array<{ label: string; description: string; pattern: string }>;
+    scopeOptions: Array<{ label: string; scope: string }>;
+    persistentDecisionsAllowed: boolean;
+  };
+  /** Resolved execution target for the tool. */
+  executionTarget?: 'host' | 'sandbox';
+  /** ID of the trust rule that matched (if any). */
+  matchedRuleId?: string;
+  /** Error message when success is false. */
+  error?: string;
+}
+
+export interface ToolInputSchema {
+  type: 'object';
+  properties?: Record<string, {
+    type?: string;
+    description?: string;
+    enum?: string[];
+    [key: string]: unknown;
+  }>;
+  required?: string[];
+}
+
+export interface ToolNamesListResponse {
+  type: 'tool_names_list_response';
+  /** Sorted list of all registered tool names. */
+  names: string[];
+  /** Input schemas keyed by tool name. */
+  schemas?: Record<string, ToolInputSchema>;
+}
+
 export type ServerMessage =
   | AuthResult
   | UserMessageEcho
@@ -2235,11 +2386,16 @@ export type ServerMessage =
   | TraceEvent
   | GalleryListResponse
   | GalleryInstallResponse
+  | AppHistoryResponse
+  | AppDiffResponse
+  | AppFileAtVersionResponse
+  | AppRestoreResponse
   | ShareToSlackResponse
   | SlackWebhookConfigResponse
   | IngressConfigResponse
   | VercelApiConfigResponse
   | TwitterIntegrationConfigResponse
+  | TelegramConfigResponse
   | TwitterAuthResult
   | TwitterAuthStatusResponse
   | OpenUrl
@@ -2280,7 +2436,9 @@ export type ServerMessage =
   | SubagentDetailResponse
   | WorkspaceFilesListResponse
   | WorkspaceFileReadResponse
-  | IdentityGetResponse;
+  | IdentityGetResponse
+  | ToolPermissionSimulateResponse
+  | ToolNamesListResponse;
 
 // === Subagent IPC ─────────────────────────────────────────────────────
 

package/src/daemon/ipc-validate.ts

@@ -150,6 +150,23 @@ const HIGH_RISK_VALIDATORS: Record<string, PropertyValidator> = {
     return null;
   },
 
+  add_trust_rule: (obj) => {
+    if (typeof obj.toolName !== 'string' || obj.toolName === '') {
+      return 'add_trust_rule requires a non-empty string "toolName"';
+    }
+    if (typeof obj.pattern !== 'string') {
+      return 'add_trust_rule requires a string "pattern"';
+    }
+    if (typeof obj.scope !== 'string') {
+      return 'add_trust_rule requires a string "scope"';
+    }
+    const validDecisions = ['allow', 'deny', 'ask'];
+    if (typeof obj.decision !== 'string' || !validDecisions.includes(obj.decision)) {
+      return `add_trust_rule "decision" must be one of: ${validDecisions.join(', ')}`;
+    }
+    return null;
+  },
+
   ui_surface_action: (obj) => {
     if (typeof obj.sessionId !== 'string' || obj.sessionId === '') {
       return 'ui_surface_action requires a non-empty string "sessionId"';

package/src/daemon/lifecycle.ts

@@ -41,6 +41,7 @@ import { slackProvider as slackWatcherProvider } from '../watcher/providers/slac
 import { registerMessagingProvider } from '../messaging/registry.js';
 import { slackProvider as slackMessagingProvider } from '../messaging/providers/slack/adapter.js';
 import { gmailMessagingProvider } from '../messaging/providers/gmail/adapter.js';
+import { telegramBotMessagingProvider } from '../messaging/providers/telegram-bot/adapter.js';
 import { browserManager } from '../tools/browser/browser-manager.js';
 import { RuntimeHttpServer } from '../runtime/http-server.js';
 import { getHookManager } from '../hooks/manager.js';
@@ -384,6 +385,7 @@ export async function runDaemon(): Promise<void> {
   // Register messaging providers
   registerMessagingProvider(slackMessagingProvider);
   registerMessagingProvider(gmailMessagingProvider);
+  registerMessagingProvider(telegramBotMessagingProvider);
 
   const scheduler = startScheduler(
     async (conversationId, message) => {