@vellumai/assistant 0.9.1-staging.1 → 0.10.0-staging.2

package/src/__tests__/guardian-routing-invariants.test.ts

@@ -828,7 +828,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
       replyCtx({
         messageText: "approve",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [req.id],
+        pendingScope: { mode: "scoped", requestIds: [req.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -857,7 +857,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
       replyCtx({
         messageText: "ok, what is this for?",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [req.id],
+        pendingScope: { mode: "scoped", requestIds: [req.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -870,7 +870,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
     expect(unchanged!.status).toBe("pending");
   });
 
-  test("explicit empty pendingRequestIds hint stays fail-closed for desktop actors", async () => {
+  test("explicit blocked scope stays fail-closed for desktop actors", async () => {
     createCanonicalGuardianRequest({
       kind: "tool_approval",
       sourceType: "channel",
@@ -887,7 +887,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
         messageText: "approve",
         actor: trustedActor(),
         conversationId: "conv-unrelated",
-        pendingRequestIds: [],
+        pendingScope: { mode: "blocked" },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -897,6 +897,38 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
     expect(result.decisionApplied).toBe(false);
   });
 
+  test("explicit request code still resolves under a blocked scope (cross-chat carve-out)", async () => {
+    // The Slack cross-chat guard blocks identity fallback, but an explicit
+    // request code carries its own target and must still resolve — otherwise a
+    // guardian could not approve-by-code from a chat where no card was delivered.
+    const req = createCanonicalGuardianRequest({
+      kind: "tool_approval",
+      sourceType: "channel",
+      conversationId: "conv-other",
+      guardianExternalUserId: "guardian-1",
+      guardianPrincipalId: TEST_PRINCIPAL_ID,
+      requestCode: "ABC123",
+      toolName: "shell",
+      expiresAt: Date.now() + 60_000,
+    });
+    registerPendingToolApprovalInteraction(req.id, "conv-other", "shell");
+
+    const result = await routeGuardianReply(
+      replyCtx({
+        messageText: "ABC123 approve",
+        actor: trustedActor(),
+        conversationId: "conv-unrelated",
+        pendingScope: { mode: "blocked" },
+        approvalConversationGenerator: undefined,
+      }),
+    );
+
+    expect(result.consumed).toBe(true);
+    expect(result.requestId).toBe(req.id);
+    expect(result.decisionApplied).toBe(true);
+    expect(getCanonicalGuardianRequest(req.id)!.status).toBe("approved");
+  });
+
   test("multiple hinted pending requests with plain-text approve returns disambiguation", async () => {
     const req1 = createCanonicalGuardianRequest({
       kind: "tool_approval",
@@ -924,7 +956,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
       replyCtx({
         messageText: "approve",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [req1.id, req2.id],
+        pendingScope: { mode: "scoped", requestIds: [req1.id, req2.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -977,7 +1009,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
       replyCtx({
         messageText: "yes approve it",
         conversationId: "conv-1",
-        pendingRequestIds: [req1.id, req2.id],
+        pendingScope: { mode: "scoped", requestIds: [req1.id, req2.id] },
         approvalConversationGenerator: mockGenerator as any,
       }),
     );
@@ -1031,7 +1063,10 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
       replyCtx({
         messageText: "approve",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [answerRequest.id, approvalRequest.id],
+        pendingScope: {
+          mode: "scoped",
+          requestIds: [answerRequest.id, approvalRequest.id],
+        },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1075,7 +1110,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
       replyCtx({
         messageText: "yes",
         conversationId: "conv-1",
-        pendingRequestIds: [req.id],
+        pendingScope: { mode: "scoped", requestIds: [req.id] },
         approvalConversationGenerator: mockGenerator as any,
       }),
     );
@@ -1104,7 +1139,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
       replyCtx({
         messageText: "go for it",
         conversationId: "conv-1",
-        pendingRequestIds: [req.id],
+        pendingScope: { mode: "scoped", requestIds: [req.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1117,7 +1152,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
     expect(resolved!.status).toBe("approved");
   });
 
-  test("code-based routing is constrained to caller-provided pendingRequestIds scope", async () => {
+  test("code-based routing is constrained to caller-provided scope", async () => {
     const inScope = createCanonicalGuardianRequest({
       kind: "tool_approval",
       sourceType: "channel",
@@ -1145,7 +1180,7 @@ describe("routing invariant: disambiguation stays fail-closed", () => {
       replyCtx({
         messageText: "222BBB approve",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [inScope.id],
+        pendingScope: { mode: "scoped", requestIds: [inScope.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1438,7 +1473,7 @@ describe("routing invariant: directResolve interactions resolve via guardian dec
 describe("routing invariant: destination hints do not bypass tool_approval principal binding", () => {
   beforeEach(() => resetTables());
 
-  test("explicit pendingRequestIds still fail closed when guardianPrincipalId does not match", async () => {
+  test("explicit scope still fails closed when guardianPrincipalId does not match", async () => {
     // Voice-originated tool approval with a different principal than the actor.
     const req = createCanonicalGuardianRequest({
       kind: "tool_approval",
@@ -1452,15 +1487,15 @@ describe("routing invariant: destination hints do not bypass tool_approval princ
     });
     registerPendingToolApprovalInteraction(req.id, "conv-voice-1", "shell");
 
-    // The channel inbound router would compute pendingRequestIds from
-    // delivery-scoped lookup and pass them here. Simulate that.
+    // The channel inbound router would compute the pending scope from
+    // delivery-scoped lookup and pass it here. Simulate that.
     const result = await routeGuardianReply(
       replyCtx({
         messageText: "approve",
         channel: "telegram",
         actor: guardianActor({ guardianPrincipalId: "different-principal" }),
         conversationId: "conv-guardian-chat",
-        pendingRequestIds: [req.id],
+        pendingScope: { mode: "scoped", requestIds: [req.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1486,7 +1521,7 @@ describe("routing invariant: destination hints do not bypass tool_approval princ
       expiresAt: Date.now() + 60_000,
     });
 
-    // No pendingRequestIds passed — identity-based fallback uses
+    // No pendingScope passed — identity-based fallback uses
     // actor.actorExternalUserId which does not match any request's
     // guardianExternalUserId (since it's null).
     const result = await routeGuardianReply(
@@ -1495,7 +1530,7 @@ describe("routing invariant: destination hints do not bypass tool_approval princ
         channel: "telegram",
         actor: guardianActor({ actorExternalUserId: "guardian-tg-user" }),
         conversationId: "conv-guardian-chat",
-        // pendingRequestIds: undefined — no delivery hints
+        // pendingScope omitted — no delivery hints
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1534,7 +1569,7 @@ describe("routing invariant: invite handoff bypass for access requests", () => {
       replyCtx({
         messageText: "open invite flow",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [req.id],
+        pendingScope: { mode: "scoped", requestIds: [req.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1569,7 +1604,7 @@ describe("routing invariant: invite handoff bypass for access requests", () => {
         replyCtx({
           messageText: phrase,
           conversationId: "conv-test",
-          pendingRequestIds: [req.id],
+          pendingScope: { mode: "scoped", requestIds: [req.id] },
           approvalConversationGenerator: undefined,
         }),
       );
@@ -1595,7 +1630,7 @@ describe("routing invariant: invite handoff bypass for access requests", () => {
       replyCtx({
         messageText: "open invite flow",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [req.id],
+        pendingScope: { mode: "scoped", requestIds: [req.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1625,7 +1660,7 @@ describe("routing invariant: invite handoff bypass for access requests", () => {
       replyCtx({
         messageText: "A00B01 approve",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [req.id],
+        pendingScope: { mode: "scoped", requestIds: [req.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1655,7 +1690,7 @@ describe("routing invariant: invite handoff bypass for access requests", () => {
       channel: "vellum",
       actor: trustedActor({ channel: "vellum" }),
       conversationId: "conv-guardian-conversation",
-      pendingRequestIds: [req.id],
+      pendingScope: { mode: "scoped", requestIds: [req.id] },
       approvalConversationGenerator: undefined,
     });
 
@@ -1694,7 +1729,7 @@ describe("routing invariant: invite handoff bypass for access requests", () => {
       channel: "vellum",
       actor: trustedActor({ channel: "vellum" }),
       conversationId: "conv-guardian-conversation",
-      pendingRequestIds: [req.id],
+      pendingScope: { mode: "scoped", requestIds: [req.id] },
       approvalConversationGenerator: approvalConversationGenerator as any,
     });
 
@@ -1746,7 +1781,7 @@ describe("routing invariant: expired requests are excluded from pending discover
       replyCtx({
         messageText: "approve",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [expired.id, active.id],
+        pendingScope: { mode: "scoped", requestIds: [expired.id, active.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1781,7 +1816,7 @@ describe("routing invariant: expired requests are excluded from pending discover
       replyCtx({
         messageText: "`approve`",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [req.id],
+        pendingScope: { mode: "scoped", requestIds: [req.id] },
         approvalConversationGenerator: undefined,
       }),
     );
@@ -1821,7 +1856,10 @@ describe("routing invariant: expired requests are excluded from pending discover
       replyCtx({
         messageText: "approve",
         conversationId: "conv-guardian-conversation",
-        pendingRequestIds: [expired1.id, expired2.id],
+        pendingScope: {
+          mode: "scoped",
+          requestIds: [expired1.id, expired2.id],
+        },
         approvalConversationGenerator: undefined,
       }),
     );

package/src/__tests__/guardian-routing-state.test.ts

@@ -162,7 +162,6 @@ describe("inbound-message-handler trusted-contact interactivity", () => {
         {
           type: "telegram",
           address: "telegram-user-default",
-          externalUserId: "telegram-user-default",
           status: "active",
           policy: "allow",
         },

package/src/__tests__/headless-browser-mode.test.ts

@@ -75,6 +75,16 @@ mock.module("../tools/browser/cdp-client/factory.js", () => ({
   },
 }));
 
+// The real proxy is an always-present singleton; stub the grace wait so
+// extension-pinned acquisition doesn't poll for the full window here.
+mock.module("../daemon/host-browser-proxy.js", () => ({
+  HostBrowserProxy: {
+    get instance() {
+      return { waitForExtensionClient: async () => true };
+    },
+  },
+}));
+
 // ── Minimal browserManager stub ──────────────────────────────────────
 
 /** Mutable memo shared between mock methods and tests. */

package/src/__tests__/headless-browser-navigate.test.ts

@@ -58,9 +58,14 @@ let mockExtensionAvailable = false;
 mock.module("../daemon/host-browser-proxy.js", () => ({
   HostBrowserProxy: {
     get instance() {
-      return mockExtensionAvailable
-        ? { isAvailable: () => true, request: mock(async () => ({})) }
-        : undefined;
+      // The real proxy is a lazily-created singleton that always exists;
+      // `isAvailable`/`waitForExtensionClient` reflect whether an extension
+      // is connected rather than the instance being absent.
+      return {
+        isAvailable: () => mockExtensionAvailable,
+        waitForExtensionClient: async () => mockExtensionAvailable,
+        request: mock(async () => ({})),
+      };
     },
   },
 }));

package/src/__tests__/helpers/create-guardian-binding.ts

@@ -55,7 +55,6 @@ export function createGuardianBinding(params: {
       {
         type: params.channel,
         address: canonicalId,
-        externalUserId: canonicalId,
         externalChatId: params.guardianDeliveryChatId,
         status: "active",
         verifiedAt: Date.now(),

package/src/__tests__/host-browser-proxy.test.ts

@@ -46,6 +46,8 @@ mock.module("../runtime/assistant-event-hub.js", () => ({
       mockClients.filter((c) => c.capabilities.includes(cap)),
     listClientsByInterface: (interfaceId: string) =>
       mockClients.filter((c) => c.interfaceId === interfaceId),
+    getClientById: (clientId: string) =>
+      mockClients.find((c) => c.clientId === clientId),
     getActorPrincipalIdForClient: (clientId: string) =>
       mockClients.find((c) => c.clientId === clientId)?.actorPrincipalId,
   },
@@ -108,6 +110,91 @@ describe("HostBrowserProxy", () => {
     pendingInteractions.clear();
   });
 
+  describe("waitForExtensionClient", () => {
+    const EXTENSION: MockClient = {
+      clientId: "ext-client",
+      interfaceId: "chrome-extension",
+      capabilities: ["host_browser"],
+    };
+
+    test("returns true immediately when an extension is connected", async () => {
+      mockClients = [EXTENSION];
+      expect(await proxy.waitForExtensionClient(undefined, undefined, 1_000)).toBe(
+        true,
+      );
+    });
+
+    test("returns false after the timeout when none connects", async () => {
+      mockClients = [DEFAULT_CLIENT]; // macos only, no extension
+      expect(await proxy.waitForExtensionClient(undefined, undefined, 100)).toBe(
+        false,
+      );
+    });
+
+    test("returns true when an extension appears within the window", async () => {
+      mockClients = [DEFAULT_CLIENT];
+      setTimeout(() => {
+        mockClients = [DEFAULT_CLIENT, EXTENSION];
+      }, 50);
+      expect(await proxy.waitForExtensionClient(undefined, undefined, 2_000)).toBe(
+        true,
+      );
+    });
+
+    test("respects sourceActorPrincipalId", async () => {
+      mockClients = [
+        {
+          clientId: "other-actor-ext",
+          interfaceId: "chrome-extension",
+          actorPrincipalId: "actor-b",
+          capabilities: ["host_browser"],
+        },
+      ];
+      // Caller is actor-a; the connected extension belongs to actor-b.
+      expect(await proxy.waitForExtensionClient("actor-a", undefined, 100)).toBe(
+        false,
+      );
+    });
+
+    test("with a targetClientId, waits for that exact client (not a sibling)", async () => {
+      // A sibling extension is connected, but the targeted client is not —
+      // the wait must not return early on the sibling's presence.
+      mockClients = [
+        {
+          clientId: "sibling-ext",
+          interfaceId: "chrome-extension",
+          capabilities: ["host_browser"],
+        },
+      ];
+      expect(
+        await proxy.waitForExtensionClient(undefined, "target-ext", 100),
+      ).toBe(false);
+    });
+
+    test("with a targetClientId, returns true once that client appears", async () => {
+      mockClients = [
+        {
+          clientId: "sibling-ext",
+          interfaceId: "chrome-extension",
+          capabilities: ["host_browser"],
+        },
+      ];
+      setTimeout(() => {
+        mockClients = [
+          ...mockClients,
+          {
+            clientId: "target-ext",
+            interfaceId: "chrome-extension",
+            capabilities: ["host_browser"],
+          },
+        ];
+      }, 50);
+      expect(
+        await proxy.waitForExtensionClient(undefined, "target-ext", 2_000),
+      ).toBe(true);
+    });
+  });
+
   describe("request/resolve lifecycle (happy path)", () => {
     test("sends host_browser_request and resolves with content", async () => {
       const resultPromise = proxy.request(

package/src/__tests__/injector-v3-suppression.test.ts

@@ -2,7 +2,7 @@
  * Tests for the memory-v3 step-0 branch in `applyRuntimeInjections`:
  * spotlight strip + v2 tail suppression.
  *
- * When the `memory-v3-live` flag is on AND the v3 injector (id `memory-v3`,
+ * When `memory.v3.live` is on AND the v3 injector (id `memory-v3`,
  * placement `after-memory-prefix`) produces a block — possibly EMPTY-TEXT on
  * an all-repeat turn — runtime assembly strips the v2 `<memory>` prefix from
  * the TAIL user message only before splicing the v3 block. Historical user
@@ -16,10 +16,11 @@
  * block lands at the tail.
  *
  * v2 suppression stays keyed off whether v3 produced a block, NOT off the
- * flag alone: a v3 failure (`produce()` → null) leaves v2's block intact
- * (fallback-to-v2). The flag-off path must be byte-for-byte identical to
+ * gate alone: a v3 failure (`produce()` → null) leaves v2's block intact
+ * (fallback-to-v2). The v3-off path must be byte-for-byte identical to
  * today — that is the load-bearing regression guard. `applyRuntimeInjections`
- * reads the flag itself, so these tests drive it through the override cache.
+ * reads the v3-live gate itself, so these tests drive it through the
+ * `isMemoryV3Live` mock slot.
  *
  * The strip discriminates v2's dynamic block by IDENTITY, not by prefix: v2's
  * `INJECTION_HEADER` and v3's `V3_CARDS_INJECTION_HEADER` are deliberately
@@ -42,7 +43,6 @@ import type {
   TurnContext,
 } from "../plugins/types.js";
 import type { Message } from "../providers/types.js";
-import { setOverridesForTesting } from "./feature-flag-test-helpers.js";
 
 // Drive the suppression branch by controlling the static injector chain that
 // `applyRuntimeInjections` walks. The slot is mutated per-test to stand in for
@@ -52,6 +52,13 @@ mock.module("../plugins/defaults/memory-retrieval/injector-chain.js", () => ({
   getInjectorChain: () => injectorChainSlot,
 }));
 
+// `applyRuntimeInjections` reads the v3-live gate (`config.memory.v3.live`)
+// via `isMemoryV3Live`; drive it directly through this slot per-test.
+let memoryV3LiveSlot = false;
+mock.module("../config/memory-v3-gate.js", () => ({
+  isMemoryV3Live: () => memoryV3LiveSlot,
+}));
+
 const { applyRuntimeInjections } =
   await import("../daemon/conversation-runtime-assembly.js");
 
@@ -141,9 +148,9 @@ function tailTexts(messages: Message[]): string[] {
 describe("memory-v3-live v2 suppression", () => {
   beforeEach(() => {
     injectorChainSlot.length = 0;
-    // Clean baseline: no overrides → `memory-v3-live` resolves to its registry
-    // default (off). Each test seeds the flag it needs.
-    setOverridesForTesting({});
+    // Clean baseline: v3-live off (registry/config default). Each test seeds
+    // the gate value it needs.
+    memoryV3LiveSlot = false;
   });
 
   afterEach(() => {
@@ -152,7 +159,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("flag ON + v3 produced a block → TAIL v2 stripped, historical memory blocks frozen in place", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     injectorChainSlot.push(v3Injector("net-new cards"));
     seedV2Identity("fresh recalled fact");
 
@@ -194,7 +201,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("flag ON + EMPTY-TEXT v3 block (all-repeat turn) → tail v2 stripped, nothing attached", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     injectorChainSlot.push(v3Injector(""));
     seedV2Identity("fresh recalled fact");
 
@@ -217,7 +224,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("stale spotlight blocks are stripped from EVERY user message; the new spotlight lands at the tail", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     injectorChainSlot.push(v3Injector(""), spotlightInjector("fresh sections"));
 
     const staleSpotlight = {
@@ -253,7 +260,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("convergence re-entry: a tail leading with this turn's frozen v3 cards (and <info>) is NOT stripped", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     // Re-entry shape: the memo returns the same selections, every slug is now
     // in the everInjected store, so the injector produces an EMPTY block —
     // while the tail still carries the v3 card block frozen on first entry
@@ -292,7 +299,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("first entry with a v2 prefix AND a frozen v3 block strips ONLY the v2 block", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     injectorChainSlot.push(v3Injector(""));
     seedV2Identity("fresh recalled fact");
 
@@ -319,7 +326,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("REGRESSION: a v2 block leading with the REAL summary header (byte-identical to v3's) is stripped; v3 cards and <info> survive (first entry)", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     injectorChainSlot.push(v3Injector(""));
 
     // The collision this guards: v2's router block leads with
@@ -358,7 +365,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("REGRESSION: re-entry with a header-bearing v2 identity keeps the first entry's frozen v3 cards", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     // Re-entry: produce() returns the EMPTY block (cards already claimed by
     // the store) while the tail carries the FIRST entry's v3 block — and the
     // graph handle still holds the summary-bearing v2 identity from this
@@ -391,7 +398,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("v2 memory-image groups and legacy <memory __injected> blocks are stripped even without an identity", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     injectorChainSlot.push(v3Injector("net-new cards"));
     // No live graph handle: identity unknown (null). Image groups and legacy
     // blocks are unambiguously v2's and are stripped regardless; the shared
@@ -430,7 +437,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("the v3 block's attachment-commit callback fires on a user tail", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     const commit = mock(() => {});
     injectorChainSlot.push(v3Injector("net-new cards", commit));
 
@@ -443,7 +450,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("the commit callback is SKIPPED when the tail is not a user message (block never attaches)", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     const commit = mock(() => {});
     injectorChainSlot.push(v3Injector("net-new cards", commit));
 
@@ -465,7 +472,7 @@ describe("memory-v3-live v2 suppression", () => {
   });
 
   test("flag ON but v3 produced NOTHING → v2 block left intact (fallback-to-v2)", async () => {
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     injectorChainSlot.push(v3Injector(null));
 
     const runMessages: Message[] = [
@@ -524,7 +531,7 @@ describe("memory-v3-live v2 suppression", () => {
   test("no v3 injector registered + flag ON → no stripping, messages untouched", async () => {
     // No injector named memory-v3 at all (e.g. plugin not loaded): the
     // suppression branch keys off the produced block, so nothing is stripped.
-    setOverridesForTesting({ "memory-v3-live": true });
+    memoryV3LiveSlot = true;
     expect(injectorChainSlot).toHaveLength(0);
 
     const runMessages: Message[] = [

package/src/__tests__/internal-telemetry-routes.test.ts

@@ -7,23 +7,15 @@ mock.module("../util/logger.js", () => ({
     }),
 }));
 
-// Toggle for the collectUsageData opt-out the real store consults. The store
+// Toggle for the share_analytics opt-out the real store consults. The store
 // module is intentionally NOT mocked here — it has its own DB-backed tests, and
 // Bun's `mock.module` is process-global, so mocking it would leak into those
 // tests when files share an invocation. Exercising the real store keeps every
 // auth-fallback test order-independent.
-let collectUsageData = true;
+let shareAnalytics = true;
 
-mock.module("../config/loader.js", () => ({
-  getConfig: () => ({
-    ui: {},
-    model: "test",
-    provider: "test",
-    memory: { enabled: false },
-    rateLimit: { maxRequestsPerMinute: 0 },
-    secretDetection: { enabled: false },
-    collectUsageData,
-  }),
+mock.module("../platform/consent-cache.js", () => ({
+  getCachedShareAnalytics: () => shareAnalytics,
 }));
 
 import { queryUnreportedAuthFallbackEvents } from "../memory/auth-fallback-events-store.js";
@@ -61,7 +53,7 @@ const VALID_BODY = {
 
 describe("internal-telemetry-routes: auth-fallback", () => {
   beforeEach(() => {
-    collectUsageData = true;
+    shareAnalytics = true;
     getDb().delete(authFallbackEvents).run();
   });
 
@@ -90,7 +82,7 @@ describe("internal-telemetry-routes: auth-fallback", () => {
   });
 
   test("returns skipped and persists nothing under the opt-out", () => {
-    collectUsageData = false;
+    shareAnalytics = false;
     expect(call(VALID_BODY)).toEqual({ skipped: true });
     expect(queryUnreportedAuthFallbackEvents(0, undefined, 100).length).toBe(0);
   });

package/src/__tests__/invite-redemption-service.test.ts

@@ -292,7 +292,6 @@ describe("invite-redemption-service", () => {
         {
           type: "telegram",
           address: "guardian-tg-id",
-          externalUserId: "guardian-tg-id",
           status: "revoked",
         },
       ],
@@ -346,7 +345,6 @@ describe("invite-redemption-service", () => {
         {
           type: "telegram",
           address: "guardian-own-id",
-          externalUserId: "guardian-own-id",
           status: "revoked",
         },
       ],
@@ -381,7 +379,6 @@ describe("invite-redemption-service", () => {
         {
           type: "telegram",
           address: "guardian-code-id",
-          externalUserId: "guardian-code-id",
           status: "revoked",
         },
       ],