@vellumai/assistant 0.7.1 → 0.7.2

package/src/config/schemas/ingress.ts

@@ -1,5 +1,14 @@
 import { z } from "zod";
 
+function emptyOrAbsoluteHttpUrl(fieldPath: string) {
+  return z
+    .string({ error: `${fieldPath} must be a string` })
+    .refine(
+      (val) => val === "" || /^https?:\/\//i.test(val),
+      `${fieldPath} must be an absolute URL starting with http:// or https://`,
+    );
+}
+
 const IngressWebhookConfigSchema = z
   .object({
     secret: z
@@ -74,12 +83,7 @@ const IngressBaseSchema = z
       .boolean({ error: "ingress.enabled must be a boolean" })
       .optional()
       .describe("Whether the ingress HTTP server is enabled"),
-    publicBaseUrl: z
-      .string({ error: "ingress.publicBaseUrl must be a string" })
-      .refine(
-        (val) => val === "" || /^https?:\/\//i.test(val),
-        "ingress.publicBaseUrl must be an absolute URL starting with http:// or https://",
-      )
+    publicBaseUrl: emptyOrAbsoluteHttpUrl("ingress.publicBaseUrl")
       .default("")
       .describe(
         "Public-facing base URL for the ingress server (used in webhook callbacks)",

package/src/config/schemas/llm.ts

@@ -91,7 +91,6 @@ export type LLMCallSite = z.infer<typeof LLMCallSiteEnum>;
  * mapping table.
  */
 const EffortEnum = z.enum(["none", "low", "medium", "high", "xhigh", "max"]);
-export type Effort = z.infer<typeof EffortEnum>;
 
 export const SpeedEnum = z.enum(["standard", "fast"]);
 export type Speed = z.infer<typeof SpeedEnum>;
@@ -102,7 +101,6 @@ export type Speed = z.infer<typeof SpeedEnum>;
  * are stripped in `retry.ts` normalization.
  */
 const VerbosityEnum = z.enum(["low", "medium", "high"]);
-export type Verbosity = z.infer<typeof VerbosityEnum>;
 
 // ---------------------------------------------------------------------------
 // Leaf primitives (shared between LLMConfigBase and LLMConfigFragment)
@@ -150,7 +148,6 @@ const ThinkingSchema = z.object({
   enabled: ThinkingEnabledSchema.default(true),
   streamThinking: ThinkingStreamThinkingSchema.default(true),
 });
-export type Thinking = z.infer<typeof ThinkingSchema>;
 
 // Fragment view: every field optional, no defaults injected. Defining this
 // separately (rather than `ThinkingSchema.partial()`) avoids having Zod
@@ -243,7 +240,6 @@ const OpenRouterOnlyItemSchema = z.string().min(1);
 const OpenRouterSchema = z.object({
   only: z.array(OpenRouterOnlyItemSchema).default([]),
 });
-export type OpenRouter = z.infer<typeof OpenRouterSchema>;
 
 const OpenRouterDeepPartialSchema = z.object({
   only: z.array(OpenRouterOnlyItemSchema).optional(),
@@ -257,8 +253,8 @@ const OpenRouterDeepPartialSchema = z.object({
  * Distinguishes daemon-managed profiles (overwritten on every startup) from
  * user-created ones (never touched by the daemon).
  */
-export const ProfileSource = z.enum(["managed", "user"]);
-export type ProfileSource = z.infer<typeof ProfileSource>;
+const ProfileSource = z.enum(["managed", "user"]);
+type ProfileSource = z.infer<typeof ProfileSource>;
 
 // ---------------------------------------------------------------------------
 // Pricing overrides
@@ -270,7 +266,6 @@ const PricingOverrideSchema = z.object({
   inputPer1M: z.number().nonnegative(),
   outputPer1M: z.number().nonnegative(),
 });
-export type PricingOverride = z.infer<typeof PricingOverrideSchema>;
 
 // ---------------------------------------------------------------------------
 // Base config (all fields defaulted) and Fragment (all fields optional)
@@ -302,7 +297,7 @@ export type LLMConfigBase = z.infer<typeof LLMConfigBase>;
  * objects so callers can override individual leaves (e.g. `{ thinking:
  * { enabled: false } }`).
  */
-export const LLMConfigFragment = z.object({
+const LLMConfigFragment = z.object({
   provider: LLMProvider.optional(),
   model: ModelSchema.optional(),
   maxTokens: MaxTokensSchema.optional(),
@@ -314,7 +309,7 @@ export const LLMConfigFragment = z.object({
   contextWindow: ContextWindowDeepPartialSchema.optional(),
   openrouter: OpenRouterDeepPartialSchema.optional(),
 });
-export type LLMConfigFragment = z.infer<typeof LLMConfigFragment>;
+type LLMConfigFragment = z.infer<typeof LLMConfigFragment>;
 
 /**
  * A named profile entry: an `LLMConfigFragment` augmented with
@@ -337,7 +332,7 @@ export type ProfileEntry = z.infer<typeof ProfileEntry>;
 const LLMCallSiteConfig = LLMConfigFragment.extend({
   profile: z.string().min(1).optional(),
 });
-export type LLMCallSiteConfig = z.infer<typeof LLMCallSiteConfig>;
+type LLMCallSiteConfig = z.infer<typeof LLMCallSiteConfig>;
 
 // ---------------------------------------------------------------------------
 // Top-level LLM schema

package/src/config/schemas/memory-lifecycle.ts

@@ -1,29 +1,82 @@
 import { z } from "zod";
 
-export const MemoryJobsConfigSchema = z
-  .object({
-    workerConcurrency: z
-      .number({ error: "memory.jobs.workerConcurrency must be a number" })
-      .int("memory.jobs.workerConcurrency must be an integer")
-      .positive("memory.jobs.workerConcurrency must be a positive integer")
-      .default(2)
-      .describe("Number of concurrent workers processing memory jobs"),
-    batchSize: z
-      .number({ error: "memory.jobs.batchSize must be a number" })
-      .int("memory.jobs.batchSize must be an integer")
-      .positive("memory.jobs.batchSize must be a positive integer")
-      .default(10)
-      .describe("Number of memory items processed per batch"),
-    stalledJobTimeoutMs: z
-      .number({ error: "memory.jobs.stalledJobTimeoutMs must be a number" })
-      .int("memory.jobs.stalledJobTimeoutMs must be an integer")
-      .positive("memory.jobs.stalledJobTimeoutMs must be a positive integer")
-      .default(30 * 60 * 1000)
-      .describe(
-        "Timeout in milliseconds after which a stalled memory job is considered failed",
-      ),
-  })
-  .describe("Memory background job processing configuration");
+const DEFAULT_WORKER_CONCURRENCY = 2;
+const DEFAULT_SLOW_LLM_CONCURRENCY = 1;
+const DEFAULT_FAST_CONCURRENCY = 2;
+const DEFAULT_EMBED_CONCURRENCY = 2;
+
+const positiveInt = (field: string) =>
+  z
+    .number({ error: `memory.jobs.${field} must be a number` })
+    .int(`memory.jobs.${field} must be an integer`)
+    .positive(`memory.jobs.${field} must be a positive integer`);
+
+// Input shape allows all fields to be omitted so we can distinguish
+// "user explicitly set workerConcurrency" from "user accepted the default"
+// when deriving lane caps. The output shape (after transform) always has
+// all four fields populated.
+const MemoryJobsConfigInputSchema = z.object({
+  workerConcurrency: positiveInt("workerConcurrency")
+    .optional()
+    .describe("Number of concurrent workers processing memory jobs"),
+  stalledJobTimeoutMs: positiveInt("stalledJobTimeoutMs")
+    .default(30 * 60 * 1000)
+    .describe(
+      "Timeout in milliseconds after which a stalled memory job is considered failed",
+    ),
+  slowLlmConcurrency: positiveInt("slowLlmConcurrency")
+    .optional()
+    .describe(
+      "Concurrent slow LLM-bound jobs (graph consolidation, narrative refine, etc.)",
+    ),
+  fastConcurrency: positiveInt("fastConcurrency")
+    .optional()
+    .describe(
+      "Concurrent fast jobs (concept-page embed, prunes, media processing, etc.)",
+    ),
+  embedConcurrency: positiveInt("embedConcurrency")
+    .optional()
+    .describe(
+      "Concurrent segment-embed jobs (gated by Qdrant circuit breaker)",
+    ),
+});
+
+export const MemoryJobsConfigSchema = MemoryJobsConfigInputSchema.transform(
+  (input) => {
+    // When `workerConcurrency` is explicitly set but lane caps are not,
+    // derive lane caps so existing user configs gain the per-lane fix
+    // without edits. Explicit lane caps always win.
+    const workerConcurrencyExplicit = input.workerConcurrency !== undefined;
+    const workerConcurrency =
+      input.workerConcurrency ?? DEFAULT_WORKER_CONCURRENCY;
+
+    const slowLlmConcurrency =
+      input.slowLlmConcurrency ??
+      (workerConcurrencyExplicit
+        ? Math.max(1, Math.floor(workerConcurrency / 2))
+        : DEFAULT_SLOW_LLM_CONCURRENCY);
+
+    const fastConcurrency =
+      input.fastConcurrency ??
+      (workerConcurrencyExplicit
+        ? workerConcurrency
+        : DEFAULT_FAST_CONCURRENCY);
+
+    const embedConcurrency =
+      input.embedConcurrency ??
+      (workerConcurrencyExplicit
+        ? workerConcurrency
+        : DEFAULT_EMBED_CONCURRENCY);
+
+    return {
+      workerConcurrency,
+      stalledJobTimeoutMs: input.stalledJobTimeoutMs,
+      slowLlmConcurrency,
+      fastConcurrency,
+      embedConcurrency,
+    };
+  },
+).describe("Memory background job processing configuration");
 
 export const MemoryRetentionConfigSchema = z
   .object({

package/src/config/schemas/memory-v2.ts

@@ -87,6 +87,15 @@ export const MemoryV2ConfigSchema = z
       .describe(
         "Number of top-activation concept pages considered for injection per turn",
       ),
+    ann_candidate_limit: z
+      .number({ error: "memory.v2.ann_candidate_limit must be a number" })
+      .int("memory.v2.ann_candidate_limit must be an integer")
+      .positive("memory.v2.ann_candidate_limit must be a positive integer")
+      .nullable()
+      .default(null)
+      .describe(
+        "Per-channel cap on the unrestricted ANN candidate query (dense and sparse each return up to this many hits before they are unioned and fed into the activation pipeline). `null` = unlimited (every page in the v2 collection is eligible). Increase or null this out to surface more candidates at the cost of higher per-turn embedding/scoring work.",
+      ),
     top_k_skills: z
       .number({ error: "memory.v2.top_k_skills must be a number" })
       .int()
@@ -107,17 +116,52 @@ export const MemoryV2ConfigSchema = z
       .number({ error: "memory.v2.dense_weight must be a number" })
       .min(0, "memory.v2.dense_weight must be >= 0")
       .max(1, "memory.v2.dense_weight must be <= 1")
-      .default(0.7)
+      .default(0.85)
       .describe(
-        "Weight on dense (cosine) similarity in the hybrid retrieval score",
+        "Weight on dense (cosine) similarity in the hybrid retrieval score — dense embeddings dominate the score.",
       ),
     sparse_weight: z
       .number({ error: "memory.v2.sparse_weight must be a number" })
       .min(0, "memory.v2.sparse_weight must be >= 0")
       .max(1, "memory.v2.sparse_weight must be <= 1")
-      .default(0.3)
+      .default(0.15)
+      .describe(
+        "Weight on sparse (BM25-style) similarity in the hybrid retrieval score — sparse acts as a discriminator for keyword-rich queries.",
+      ),
+    // Adaptive sparse-weighting knobs. Both fields are intentionally
+    // optional with no default — the schema serialiser drops absent
+    // optionals so these stay invisible to operators who never tune them.
+    // The defaults live in `effectiveWeights` (sim.ts).
+    min_sparse_spread: z
+      .number({ error: "memory.v2.min_sparse_spread must be a number" })
+      .min(0, "memory.v2.min_sparse_spread must be >= 0")
+      .max(1, "memory.v2.min_sparse_spread must be <= 1")
+      .optional()
+      .describe(
+        "Adaptive sparse weighting: when the spread (max - min) of normalized sparse scores across the candidate hit set falls below this, sparse contribution collapses to 0. Linear interpolation between this and `full_sparse_spread`. Optional escape hatch — leave unset to use the built-in default.",
+      ),
+    full_sparse_spread: z
+      .number({ error: "memory.v2.full_sparse_spread must be a number" })
+      .min(0, "memory.v2.full_sparse_spread must be >= 0")
+      .max(1, "memory.v2.full_sparse_spread must be <= 1")
+      .optional()
+      .describe(
+        "Adaptive sparse weighting: at or above this spread, sparse weight stays at the configured `sparse_weight`. Optional escape hatch — leave unset to use the built-in default.",
+      ),
+    bm25_k1: z
+      .number({ error: "memory.v2.bm25_k1 must be a number" })
+      .min(0, "memory.v2.bm25_k1 must be >= 0")
+      .default(1.2)
+      .describe(
+        "BM25 term-frequency saturation parameter. Standard Lucene default — increase to make repeated mentions of a term matter more, decrease to flatten the curve.",
+      ),
+    bm25_b: z
+      .number({ error: "memory.v2.bm25_b must be a number" })
+      .min(0, "memory.v2.bm25_b must be >= 0")
+      .max(1, "memory.v2.bm25_b must be <= 1")
+      .default(0.4)
       .describe(
-        "Weight on sparse (BM25-style) similarity in the hybrid retrieval score",
+        "BM25 document-length normalization. 0 disables length normalization, 1 fully normalizes. Lucene's default is 0.75 (tuned for narrative/web corpora); we run lower because concept-page collections include structured list pages with high information density per word — full Lucene normalization over-penalizes them.",
       ),
     consolidation_interval_hours: z
       .number({

package/src/config/schemas/platform.ts

@@ -10,6 +10,12 @@ export const PlatformConfigSchema = z
       )
       .default("")
       .describe("Base URL of the Vellum platform API"),
+    subdomain: z
+      .string({ error: "platform.subdomain must be a string" })
+      .default("")
+      .describe(
+        "Registered subdomain on vellum.me (e.g. 'apollobot' → apollobot.vellum.me). Set automatically by 'assistant domain register'.",
+      ),
   })
   .describe("Vellum platform connection settings");
 

package/src/config/schemas/services.ts

@@ -4,7 +4,7 @@ import { SttServiceSchema } from "./stt.js";
 import { TtsServiceSchema } from "./tts.js";
 
 const ServiceModeSchema = z.enum(["managed", "your-own"]);
-export type ServiceMode = z.infer<typeof ServiceModeSchema>;
+type ServiceMode = z.infer<typeof ServiceModeSchema>;
 
 export const VALID_INFERENCE_PROVIDERS = [
   "anthropic",
@@ -26,7 +26,6 @@ const VALID_WEB_SEARCH_PROVIDERS = [
 const BaseServiceSchema = z.object({
   mode: ServiceModeSchema.default("your-own"),
 });
-export type BaseService = z.infer<typeof BaseServiceSchema>;
 
 /**
  * Inference service entry. Carries only the routing `mode`
@@ -37,52 +36,41 @@ export type BaseService = z.infer<typeof BaseServiceSchema>;
  * workspace migration `039-drop-legacy-llm-keys`.
  */
 const InferenceServiceSchema = BaseServiceSchema;
-export type InferenceService = z.infer<typeof InferenceServiceSchema>;
 
 const ImageGenerationServiceSchema = BaseServiceSchema.extend({
   provider: z.enum(VALID_IMAGE_GEN_PROVIDERS).default("gemini"),
   model: z.string().default("gemini-3.1-flash-image-preview"),
 });
-export type ImageGenerationService = z.infer<
-  typeof ImageGenerationServiceSchema
->;
 
 const WebSearchServiceSchema = BaseServiceSchema.extend({
   provider: z
     .enum(VALID_WEB_SEARCH_PROVIDERS)
     .default("inference-provider-native"),
 });
-export type WebSearchService = z.infer<typeof WebSearchServiceSchema>;
 
 const GoogleOAuthServiceSchema = BaseServiceSchema.extend({
   mode: ServiceModeSchema.default("your-own"),
 });
-export type GoogleOAuthService = z.infer<typeof GoogleOAuthServiceSchema>;
 
 const OutlookOAuthServiceSchema = BaseServiceSchema.extend({
   mode: ServiceModeSchema.default("your-own"),
 });
-export type OutlookOAuthService = z.infer<typeof OutlookOAuthServiceSchema>;
 
 const LinearOAuthServiceSchema = BaseServiceSchema.extend({
   mode: ServiceModeSchema.default("your-own"),
 });
-export type LinearOAuthService = z.infer<typeof LinearOAuthServiceSchema>;
 
 const GitHubOAuthServiceSchema = BaseServiceSchema.extend({
   mode: ServiceModeSchema.default("your-own"),
 });
-export type GitHubOAuthService = z.infer<typeof GitHubOAuthServiceSchema>;
 
 const NotionOAuthServiceSchema = BaseServiceSchema.extend({
   mode: ServiceModeSchema.default("your-own"),
 });
-export type NotionOAuthService = z.infer<typeof NotionOAuthServiceSchema>;
 
 const TwitterOAuthServiceSchema = BaseServiceSchema.extend({
   mode: ServiceModeSchema.default("your-own"),
 });
-export type TwitterOAuthService = z.infer<typeof TwitterOAuthServiceSchema>;
 
 /**
  * `services.meet.host.*` — daemon-side knobs for the externalized meet-join
@@ -106,7 +94,6 @@ const MeetHostConfigSchema = z
       ),
   })
   .describe("Daemon-side configuration for the external meet-join skill host");
-export type MeetHostConfig = z.infer<typeof MeetHostConfigSchema>;
 
 /**
  * Daemon-side `services.meet` block. Intentionally distinct from the
@@ -120,7 +107,6 @@ const MeetDaemonServiceSchema = z
     host: MeetHostConfigSchema.default(MeetHostConfigSchema.parse({})),
   })
   .describe("meet-join skill daemon-side configuration");
-export type MeetDaemonService = z.infer<typeof MeetDaemonServiceSchema>;
 
 export const ServicesSchema = z.object({
   inference: InferenceServiceSchema.default(InferenceServiceSchema.parse({})),

package/src/config/schemas/skills.ts

@@ -149,9 +149,3 @@ export const SkillsConfigSchema = z
   );
 
 export type SkillEntryConfig = z.infer<typeof SkillEntryConfigSchema>;
-export type SkillsLoadConfig = z.infer<typeof SkillsLoadConfigSchema>;
-export type SkillsInstallConfig = z.infer<typeof SkillsInstallConfigSchema>;
-export type RemoteProviderConfig = z.infer<typeof RemoteProviderConfigSchema>;
-export type RemoteProvidersConfig = z.infer<typeof RemoteProvidersConfigSchema>;
-export type RemotePolicyConfig = z.infer<typeof RemotePolicyConfigSchema>;
-export type SkillsConfig = z.infer<typeof SkillsConfigSchema>;

package/src/config/seed-inference-profiles.ts

@@ -11,7 +11,7 @@ import {
  * updates propagate automatically. User-created profiles (keyed by
  * different names) are never touched.
  */
-export const MANAGED_PROFILE_SEED_DATA: Record<string, ProfileEntry> = {
+const MANAGED_PROFILE_SEED_DATA: Record<string, ProfileEntry> = {
   balanced: {
     source: "managed",
     label: "Balanced",

package/src/contacts/contact-store.ts

@@ -961,19 +961,6 @@ export function updateChannelStatus(
   return parseChannel(existing);
 }
 
-/**
- * Update the lastSeenAt timestamp on a contact channel by its primary key.
- * Optimized for the hot path — single UPDATE with no prior SELECT.
- */
-export function updateChannelLastSeenById(channelId: string): void {
-  const db = getDb();
-  const now = Date.now();
-  db.update(contactChannels)
-    .set({ lastSeenAt: now, updatedAt: now })
-    .where(eq(contactChannels.id, channelId))
-    .run();
-}
-
 /**
  * Update a guardian contact's principalId and its channel's identity fields.
  * Used for healing guardian binding drift when the JWT principal no longer
@@ -1037,23 +1024,6 @@ export function updateContactPrincipalAndChannel(
   return true;
 }
 
-/**
- * Atomically increment interactionCount and set lastInteraction on a contact channel.
- * Optimized for the hot path — single UPDATE with no prior SELECT.
- */
-export function updateChannelInteraction(channelId: string): void {
-  const db = getDb();
-  const now = Date.now();
-  db.update(contactChannels)
-    .set({
-      lastInteraction: now,
-      interactionCount: sql`${contactChannels.interactionCount} + 1`,
-      updatedAt: now,
-    })
-    .where(eq(contactChannels.id, channelId))
-    .run();
-}
-
 // ── Assistant Contact Metadata ──────────────────────────────────────
 
 function parseAssistantMetadata(

package/src/contacts/contacts-write.ts

@@ -8,7 +8,6 @@
 
 import type { ChannelId } from "../channels/types.js";
 import { canonicalizeInboundIdentity } from "../util/canonicalize-identity.js";
-import { getLogger } from "../util/logger.js";
 import { emitContactChange } from "./contact-events.js";
 import {
   findContactChannel,
@@ -16,8 +15,6 @@ import {
   getChannelById,
   getContact,
   getContactInternal,
-  updateChannelInteraction,
-  updateChannelLastSeenById,
   updateChannelStatus,
   upsertContact,
 } from "./contact-store.js";
@@ -28,7 +25,6 @@ import type {
   ContactWriteResult,
 } from "./types.js";
 
-const log = getLogger("contacts-write");
 
 // ── Guardian operations ──────────────────────────────────────────────
 
@@ -179,26 +175,3 @@ export function revokeMember(
   return { contact, channel: updatedChannel };
 }
 
-/**
- * Update the lastSeenAt timestamp on a contact channel by its ID.
- * Expects a plain channel UUID (ContactChannel.id), not the composite API ID.
- */
-export function touchChannelLastSeen(channelId: string): void {
-  try {
-    updateChannelLastSeenById(channelId);
-  } catch (err) {
-    log.warn({ err }, "Failed to update channel lastSeenAt");
-  }
-}
-
-/**
- * Track an interaction on the specific channel that received it.
- * Swallows errors to avoid disrupting the inbound message hot path.
- */
-export function touchContactInteraction(channelId: string): void {
-  try {
-    updateChannelInteraction(channelId);
-  } catch (err) {
-    log.warn({ err }, "Failed to update channel interaction stats");
-  }
-}

package/src/context/window-manager.ts

@@ -22,8 +22,7 @@ import { truncateToolResultsAcrossHistory } from "./tool-result-truncation.js";
 const log = getLogger("context-window");
 
 export const CONTEXT_SUMMARY_MARKER = "<context_summary>";
-export const CONVERSATION_SUMMARY_CALL_SITE: LLMCallSite =
-  "conversationSummarization";
+const CONVERSATION_SUMMARY_CALL_SITE: LLMCallSite = "conversationSummarization";
 const MAX_BLOCK_PREVIEW_CHARS = 3000;
 const MAX_FALLBACK_SUMMARY_CHARS = 12000;
 const COMPACTION_COOLDOWN_MS = 2 * 60 * 1000;

package/src/credential-execution/feature-gates.ts

@@ -28,12 +28,12 @@ export const CES_SECURE_INSTALL_FLAG_KEY = "ces-secure-install" as const;
 /** Gate for credential grant and audit inspection surfaces. */
 export const CES_GRANT_AUDIT_FLAG_KEY = "ces-grant-audit" as const;
 
-/** Gate for managed sidecar transport in containerized environments. */
-export const CES_MANAGED_SIDECAR_FLAG_KEY = "ces-managed-sidecar" as const;
-
 /** Gate for routing credential reads/writes through the CES process. */
 const CES_CREDENTIAL_BACKEND_FLAG_KEY = "ces-credential-backend" as const;
 
+/** Gate for managed sidecar transport in containerized environments. */
+export const CES_MANAGED_SIDECAR_FLAG_KEY = "ces-managed-sidecar" as const;
+
 // ---------------------------------------------------------------------------
 // Public API — predicate functions
 // ---------------------------------------------------------------------------
@@ -66,13 +66,6 @@ export function isCesGrantAuditEnabled(config: AssistantConfig): boolean {
   return isAssistantFeatureFlagEnabled(CES_GRANT_AUDIT_FLAG_KEY, config);
 }
 
-/**
- * Whether managed sidecar transport should be used for CES communication.
- */
-export function isCesManagedSidecarEnabled(config: AssistantConfig): boolean {
-  return isAssistantFeatureFlagEnabled(CES_MANAGED_SIDECAR_FLAG_KEY, config);
-}
-
 /**
  * Whether credential reads and writes should be routed through the CES process.
  */
@@ -81,3 +74,10 @@ export function isCesCredentialBackendEnabled(
 ): boolean {
   return isAssistantFeatureFlagEnabled(CES_CREDENTIAL_BACKEND_FLAG_KEY, config);
 }
+
+/**
+ * Whether managed sidecar transport should be used for CES communication.
+ */
+export function isCesManagedSidecarEnabled(config: AssistantConfig): boolean {
+  return isAssistantFeatureFlagEnabled(CES_MANAGED_SIDECAR_FLAG_KEY, config);
+}

package/src/credential-execution/process-manager.ts

@@ -12,12 +12,6 @@
  * creates a socket-based CesTransport. The CES sidecar manages its own
  * lifecycle; the process manager only manages the transport connection.
  *
- * Feature-flag gate: Managed sidecar mode is controlled by the
- * `ces-managed-sidecar` feature flag (checked via the required
- * AssistantConfig). When the flag is off, the process manager skips
- * managed discovery even in containerized environments, ensuring
- * rollback safety.
- *
  * Managed env contract:
  * - CES_BOOTSTRAP_SOCKET  — Path to the bootstrap Unix socket (shared emptyDir)
  * - /assistant-data-ro     — Assistant data mounted read-only into the CES sidecar
@@ -42,7 +36,6 @@ import {
   type LocalSourceDiscoverySuccess,
   type ManagedDiscoverySuccess,
 } from "./executable-discovery.js";
-import { isCesManagedSidecarEnabled } from "./feature-gates.js";
 
 const log = getLogger("ces-process-manager");
 
@@ -71,10 +64,8 @@ export const CES_PRIVATE_DATA_DIR = "/ces-data";
 
 export interface CesProcessManagerConfig {
   /**
-   * Assistant configuration for feature-flag checks.
-   * The managed sidecar path is gated behind the `ces-managed-sidecar`
-   * feature flag via this config.  When omitted (e.g. CLI / admin
-   * callers), managed mode is allowed unconditionally.
+   * Assistant configuration.
+   * Reserved for future feature-flag checks or config-driven behavior.
    */
   assistantConfig?: AssistantConfig;
 }
@@ -88,10 +79,6 @@ export interface CesProcessManager {
    * Start the CES process (local) or connect to the sidecar (managed).
    * Returns a CesTransport ready for use with createCesClient().
    *
-   * When the `ces-managed-sidecar` feature flag is off, managed mode
-   * is skipped even in containerized environments — the process manager
-   * falls back to local discovery.
-   *
    * Throws if CES is unavailable.
    */
   start(): Promise<CesTransport>;
@@ -118,7 +105,7 @@ export interface CesProcessManager {
 // ---------------------------------------------------------------------------
 
 export function createCesProcessManager(
-  config: CesProcessManagerConfig,
+  _config: CesProcessManagerConfig,
 ): CesProcessManager {
   let childProcess: Subprocess | null = null;
   let managedSocket: Socket | null = null;
@@ -131,31 +118,15 @@ export function createCesProcessManager(
         throw new Error("CES process manager is already running");
       }
 
-      // Feature-flag gate: when the managed sidecar flag is off, skip
-      // managed discovery entirely. This ensures rollback safety —
-      // disabling the flag leaves existing non-agent platform consumers
-      // intact.
-      const managedAllowed = config.assistantConfig
-        ? isCesManagedSidecarEnabled(config.assistantConfig)
-        : true; // No config → allow managed mode unconditionally (CLI/admin callers)
-
-      if (managedAllowed) {
-        discoveryResult = await discoverCes();
-        if (discoveryResult.mode === "unavailable") {
-          // The managed sidecar bootstrap socket is not present — this happens
-          // when the flag is enabled by default but the instance pre-dates the
-          // socket volume mount (e.g. existing Docker configs without the
-          // ces-bootstrap volume). Warn and fall back to local discovery so
-          // these deployments don't fail on upgrade.
-          log.warn(
-            { reason: discoveryResult.reason },
-            "CES managed sidecar bootstrap socket unavailable — falling back to local CES discovery",
-          );
-          discoveryResult = discoverLocalCes();
-        }
-      } else {
-        log.info(
-          "CES managed sidecar feature flag is off — skipping managed discovery, falling back to local",
+      discoveryResult = await discoverCes();
+      if (discoveryResult.mode === "unavailable") {
+        // The managed sidecar bootstrap socket is not present — this happens
+        // when the instance pre-dates the socket volume mount (e.g. existing
+        // Docker configs without the ces-bootstrap volume). Warn and fall
+        // back to local discovery so these deployments don't fail on upgrade.
+        log.warn(
+          { reason: discoveryResult.reason },
+          "CES managed sidecar bootstrap socket unavailable — falling back to local CES discovery",
         );
         discoveryResult = discoverLocalCes();
       }