npm - vellum - Versions diffs - 0.2.7 → 0.2.8 - Mend

vellum 0.2.7 → 0.2.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

package/bun.lock +2 -2
package/package.json +2 -2
package/src/__tests__/asset-materialize-tool.test.ts +2 -2
package/src/__tests__/checker.test.ts +104 -0
package/src/__tests__/gateway-only-enforcement.test.ts +458 -0
package/src/__tests__/ipc-snapshot.test.ts +11 -0
package/src/__tests__/oauth-callback-registry.test.ts +85 -0
package/src/__tests__/oauth2-gateway-transport.test.ts +298 -0
package/src/__tests__/provider-commit-message-generator.test.ts +51 -12
package/src/__tests__/public-ingress-urls.test.ts +206 -0
package/src/__tests__/tool-executor.test.ts +88 -0
package/src/__tests__/turn-commit.test.ts +64 -0
package/src/calls/twilio-config.ts +17 -1
package/src/calls/twilio-routes.ts +10 -2
package/src/calls/twilio-webhook-urls.ts +18 -21
package/src/config/defaults.ts +4 -0
package/src/config/schema.ts +30 -2
package/src/config/system-prompt.ts +1 -1
package/src/config/types.ts +1 -0
package/src/daemon/computer-use-session.ts +2 -1
package/src/daemon/handlers/config.ts +51 -2
package/src/daemon/handlers/sessions.ts +2 -2
package/src/daemon/handlers/work-items.ts +1 -1
package/src/daemon/ipc-contract-inventory.json +4 -0
package/src/daemon/ipc-contract.ts +16 -1
package/src/daemon/session-tool-setup.ts +7 -0
package/src/inbound/public-ingress-urls.ts +106 -0
package/src/memory/attachments-store.ts +0 -1
package/src/memory/channel-delivery-store.ts +0 -1
package/src/memory/conversation-key-store.ts +0 -1
package/src/memory/db.ts +346 -149
package/src/memory/runs-store.ts +0 -3
package/src/memory/schema.ts +0 -4
package/src/runtime/http-server.ts +84 -2
package/src/security/oauth-callback-registry.ts +56 -0
package/src/security/oauth2.ts +174 -58
package/src/swarm/backend-claude-code.ts +1 -1
package/src/tools/assets/search.ts +1 -36
package/src/tools/claude-code/claude-code.ts +3 -3
package/src/tools/tasks/work-item-list.ts +16 -2
package/src/workspace/provider-commit-message-generator.ts +39 -23
package/src/workspace/turn-commit.ts +6 -2

package/src/workspace/provider-commit-message-generator.ts CHANGED Viewed

@@ -10,9 +10,10 @@ export type CommitMessageSource = 'llm' | 'deterministic';
 export type LLMFallbackReason =
   | 'disabled'
   | 'missing_provider_api_key'
-  | 'provider_not_initialized'
   | 'breaker_open'
   | 'insufficient_budget'
+  | 'missing_fast_model'
+  | 'provider_not_initialized'
   | 'timeout'
   | 'provider_error'
   | 'invalid_output';
@@ -103,17 +104,25 @@ export class ProviderCommitMessageGenerator {
     const config = getConfig();
     const llmConfig = config.workspaceGit.commitMessageLLM;
+    // ── Fallback check order (canonical) ──────────────────────────────
+    // 1. disabled
+    // 2. missing_provider_api_key  (except keyless providers like ollama)
+    // 3. breaker_open
+    // 4. insufficient_budget
+    // 5. missing_fast_model
+    // 6. provider_not_initialized
+    // 7. call provider → timeout / provider_error / invalid_output
+    // ──────────────────────────────────────────────────────────────────
     // Step 1: Feature gate
     if (!llmConfig.enabled) {
       return buildDeterministicResult(context, 'disabled');
     }
-    // Step 2: Provider gate
     if (!llmConfig.useConfiguredProvider) {
       return buildDeterministicResult(context, 'disabled');
     }
-    // Step 2.5: API key preflight (skip for providers that run without a key)
+    // Step 2: API key preflight (skip for providers that run without a key)
     if (!KEYLESS_PROVIDERS.has(config.provider)) {
       const providerApiKey = config.apiKeys[config.provider];
       if (!providerApiKey || providerApiKey === '') {
@@ -143,7 +152,19 @@ export class ProviderCommitMessageGenerator {
       }
     }
-    // Step 5: Call the provider
+    // Step 5: Fast model preflight — resolve before any provider call
+    const fastModel = llmConfig.providerFastModelOverrides[config.provider]
+      ?? PROVIDER_DEFAULT_FAST_MODELS[config.provider];
+    if (!fastModel) {
+      log.debug(
+        { provider: config.provider },
+        'No fast model resolvable for provider; falling back to deterministic',
+      );
+      return buildDeterministicResult(context, 'missing_fast_model');
+    }
+    // Step 6 + 7: Call the provider
     try {
       const { getProvider } = await import('../providers/registry.js');
@@ -179,14 +200,6 @@ export class ProviderCommitMessageGenerator {
         },
       ];
-      // Resolve fast model
-      const fastModel = llmConfig.providerFastModelOverrides[config.provider]
-        ?? PROVIDER_DEFAULT_FAST_MODELS[config.provider];
-      if (!fastModel) {
-        log.debug({ provider: config.provider }, 'No default fast model for provider; falling back to deterministic');
-        return buildDeterministicResult(context, 'provider_error');
-      }
       // AbortController with timeout
       const ac = new AbortController();
       const timer = setTimeout(() => ac.abort(), llmConfig.timeoutMs);
@@ -199,7 +212,11 @@ export class ProviderCommitMessageGenerator {
           SYSTEM_PROMPT,
           {
             signal: ac.signal,
-            config: { model: fastModel, max_tokens: llmConfig.maxTokens, temperature: llmConfig.temperature },
+            config: {
+              model: fastModel,
+              max_tokens: llmConfig.maxTokens,
+              temperature: llmConfig.temperature,
+            },
           },
         );
       } catch (err: unknown) {
@@ -230,21 +247,20 @@ export class ProviderCommitMessageGenerator {
         return buildDeterministicResult(context, 'invalid_output');
       }
-      // Validate single-line subject: first line must be <= 72 chars
-      const firstLine = text.split('\n')[0];
-      if (firstLine.length > 72) {
+      // Cap subject line to 72 chars deterministically (no fallback, no breaker failure)
+      const lines = text.split('\n');
+      if (lines[0].length > 72) {
         log.debug(
-          { subjectLength: firstLine.length },
-          'LLM subject line too long; falling back to deterministic',
+          { originalLength: lines[0].length },
+          'Capping LLM subject line to 72 chars',
         );
-        this.recordFailure();
-        return buildDeterministicResult(context, 'invalid_output');
+        lines[0] = lines[0].slice(0, 72);
       }
+      const finalMessage = lines.join('\n');
       this.recordSuccess();
-      return { message: text, source: 'llm' };
+      return { message: finalMessage, source: 'llm' };
     } catch (err: unknown) {
-      // Step 6: Any error -> deterministic fallback
       log.warn(
         { err: err instanceof Error ? err.message : String(err) },
         'Commit message LLM provider error; falling back to deterministic',

package/src/workspace/turn-commit.ts CHANGED Viewed

@@ -72,10 +72,14 @@ export async function commitTurnChanges(
     if (!provider) {
       // Guard: skip pre-check if deadline already elapsed to avoid unnecessary mutex contention
       let preClean = false;
+      let candidateChangedFiles: string[] = [];
       if (!deadlineMs || Date.now() < deadlineMs) {
         try {
           const preStatus = await gitService.getStatus();
           preClean = preStatus.clean;
+          if (!preClean) {
+            candidateChangedFiles = [...new Set([...preStatus.staged, ...preStatus.modified, ...preStatus.untracked])];
+          }
         } catch {
           // If we can't determine status, assume dirty so we don't skip the commit
         }
@@ -90,10 +94,10 @@ export async function commitTurnChanges(
               trigger: 'turn',
               sessionId,
               turnNumber,
-              changedFiles: [], // File list unavailable outside the git mutex; generator handles empty arrays
+              changedFiles: candidateChangedFiles,
               timestampMs: Date.now(),
             },
-            { deadlineMs, changedFiles: [] },
+            { deadlineMs, changedFiles: candidateChangedFiles },
           );
           commitMessageSource = result.source;
           llmFallbackReason = result.reason;