@vellumai/vellum-gateway 0.7.2 → 0.7.3

package/src/auth/guardian-bootstrap.ts

@@ -22,6 +22,8 @@ import {
   contacts as gwContacts,
   contactChannels as gwContactChannels,
 } from "../db/schema.js";
+import { readCredential } from "../credential-reader.js";
+import { credentialKey } from "../credential-key.js";
 import { getLogger } from "../logger.js";
 
 import { CURRENT_POLICY_EPOCH } from "./policy.js";
@@ -480,6 +482,51 @@ function mintRefreshToken(
 // Public: guardian bootstrap
 // ---------------------------------------------------------------------------
 
+/**
+ * Attempt to fetch the assistant owner's display name from the platform.
+ *
+ * Only runs when IS_PLATFORM=true. Reads platform_base_url and
+ * assistant_api_key from the credential store, then calls
+ * GET /v1/internal/gateway/guardian/ with a 5-second timeout.
+ * Returns null on any missing credential, timeout, or network/parse failure —
+ * callers fall back to a generated principal ID in that case.
+ */
+async function fetchPlatformOwnerDisplayName(): Promise<string | null> {
+  const isPlatform =
+    process.env.IS_PLATFORM?.trim().toLowerCase() === "true" ||
+    process.env.IS_PLATFORM?.trim() === "1";
+  if (!isPlatform) return null;
+
+  const [platformBaseUrl, assistantApiKey] = await Promise.all([
+    readCredential(credentialKey("vellum", "platform_base_url")),
+    readCredential(credentialKey("vellum", "assistant_api_key")),
+  ]);
+
+  if (!platformBaseUrl || !assistantApiKey) {
+    return null;
+  }
+
+  try {
+    const url = `${platformBaseUrl.replace(/\/+$/, "")}/v1/internal/gateway/guardian/`;
+    const response = await fetch(url, {
+      headers: { Authorization: `Api-Key ${assistantApiKey}` },
+      signal: AbortSignal.timeout(5_000),
+    });
+    if (!response.ok) {
+      log.warn(
+        { status: response.status },
+        "Failed to fetch platform owner display name",
+      );
+      return null;
+    }
+    const data = (await response.json()) as { display_name?: string | null };
+    return data.display_name?.trim() || null;
+  } catch (err) {
+    log.warn({ err }, "Failed to fetch platform owner display name");
+    return null;
+  }
+}
+
 /**
  * Ensure a vellum guardian binding exists. If one already exists, returns
  * its principalId. Otherwise creates a new binding with a fresh principal
@@ -497,6 +544,7 @@ export async function ensureVellumGuardianBinding(): Promise<string> {
     return existing.principalId;
   }
 
+  const displayName = await fetchPlatformOwnerDisplayName();
   const guardianPrincipalId = `vellum-principal-${uuid()}`;
   await createGuardianBinding({
     channel: "vellum",
@@ -504,6 +552,7 @@ export async function ensureVellumGuardianBinding(): Promise<string> {
     deliveryChatId: "local",
     guardianPrincipalId,
     verifiedVia: "bootstrap",
+    ...(displayName ? { displayName } : {}),
   });
   return guardianPrincipalId;
 }

package/src/auth/ipc-route-policy.ts

@@ -49,6 +49,11 @@ type PolicyEntry =
 const POLICY_TABLE: PolicyEntry[] = [
   // Admin / internal
   ["admin_rollbackmigrations_post", ["internal.write"], ["svc_gateway"]],
+  ["internal_mcp_auth_start", ["internal.write"], ["svc_gateway"]],
+  ["internal_mcp_auth_status", ["internal.write"], ["svc_gateway"]],
+  ["internal_mcp_reload", ["internal.write"], ["svc_gateway"]],
+  ["internal_oauth_connect_start", ["internal.write"], ["svc_gateway"]],
+  ["internal_oauth_connect_status", ["internal.write"], ["svc_gateway"]],
 
   // Calls
   ["calls_answer", ["calls.write"]],

package/src/db/contact-store.ts

@@ -1,4 +1,4 @@
-import { desc, eq, and, sql } from "drizzle-orm";
+import { desc, eq, and, ne, or, sql } from "drizzle-orm";
 import { type GatewayDb, getGatewayDb } from "./connection.js";
 import { contacts, contactChannels } from "./schema.js";
 
@@ -66,6 +66,32 @@ export class ContactStore {
       .all();
   }
 
+  /**
+   * Looks up a non-revoked phone channel whose externalUserId or address
+   * matches the given phone number. Used to detect callers whose number is
+   * registered but not yet verified via DTMF challenge.
+   */
+  getContactByPhoneNumber(
+    phoneNumber: string,
+  ): { contact: Contact; channel: ContactChannel } | undefined {
+    return this.db
+      .select({ contact: contacts, channel: contactChannels })
+      .from(contacts)
+      .innerJoin(contactChannels, eq(contactChannels.contactId, contacts.id))
+      .where(
+        and(
+          eq(contactChannels.type, "phone"),
+          ne(contactChannels.status, "revoked"),
+          or(
+            eq(contactChannels.externalUserId, phoneNumber),
+            eq(contactChannels.address, phoneNumber),
+          ),
+        ),
+      )
+      .limit(1)
+      .get();
+  }
+
   /**
    * Set lastSeenAt to now for a channel (gateway DB only).
    */

package/src/email/register-callback.test.ts

@@ -15,7 +15,7 @@ import {
 afterEach(() => {
   resetMockFetch();
   delete process.env.VELLUM_PLATFORM_URL;
-  delete process.env.PLATFORM_INTERNAL_API_KEY;
+  delete process.env.ASSISTANT_API_KEY;
 });
 
 function makeConfigFile(
@@ -118,9 +118,9 @@ describe("registerEmailCallbackRoute", () => {
     });
   });
 
-  test("uses credential cache for assistant ID", async () => {
+  test("uses env assistant key with credential cache for assistant ID", async () => {
     process.env.VELLUM_PLATFORM_URL = "https://env-platform.example.com";
-    process.env.PLATFORM_INTERNAL_API_KEY = "internal-key";
+    process.env.ASSISTANT_API_KEY = "env-key";
 
     const callbackUrl =
       "https://env-platform.example.com/v1/gateway/callbacks/11111111-2222-3333-4444-555555555555/webhooks/email/";
@@ -145,7 +145,7 @@ describe("registerEmailCallbackRoute", () => {
     const calls = getMockFetchCalls();
     expect(calls).toHaveLength(1);
     const headers = calls[0].init.headers as Record<string, string>;
-    expect(headers?.["Authorization"]).toBe("Bearer internal-key");
+    expect(headers?.["Authorization"]).toBe("Api-Key env-key");
   });
 
   test("throws on non-ok response", async () => {

package/src/email/register-callback.ts

@@ -22,9 +22,9 @@ interface PlatformCallbackRouteResponse {
  * webhooks are forwarded to this gateway instance.
  *
  * Follows the same pattern as Telegram's managed callback route registration
- * in `telegram/webhook-manager.ts`.  Requires platform credentials (base URL,
- * API key, assistant ID) either from the credential cache or environment
- * variables.
+ * in `telegram/webhook-manager.ts`. Requires platform credentials (base URL,
+ * assistant API key, assistant ID). The base URL can fall back to
+ * `VELLUM_PLATFORM_URL`; the key can fall back to `ASSISTANT_API_KEY`.
  *
  * Self-hosted assistants with a configured ``ingress.publicBaseUrl`` send
  * their own base URL so the callback route points directly at the gateway
@@ -37,7 +37,6 @@ export async function registerEmailCallbackRoute(caches?: {
   credentials?: CredentialCache;
   configFile?: ConfigFileCache;
 }): Promise<string | undefined> {
-  // Read from credential cache when available
   const [platformBaseUrlRaw, assistantApiKeyRaw, assistantIdRaw] =
     caches?.credentials
       ? await Promise.all([
@@ -49,29 +48,26 @@ export async function registerEmailCallbackRoute(caches?: {
         ])
       : [undefined, undefined, undefined];
 
-  // Fall back to env vars when credential cache values are missing, matching
-  // the daemon's resolvePlatformCallbackRegistrationContext() behaviour.
+  // Fall back to env vars when managed pod credentials are not yet cached,
+  // matching the daemon's resolvePlatformCallbackRegistrationContext().
   const platformBaseUrl = (
     platformBaseUrlRaw?.trim() ||
     process.env.VELLUM_PLATFORM_URL?.trim() ||
     ""
   ).replace(/\/+$/, "");
 
-  const platformInternalApiKey =
-    process.env.PLATFORM_INTERNAL_API_KEY?.trim() || undefined;
-  const assistantApiKey = !platformInternalApiKey
-    ? assistantApiKeyRaw?.trim() || undefined
-    : undefined;
-  const authToken = platformInternalApiKey || assistantApiKey;
-  const authScheme = platformInternalApiKey ? "Bearer" : "Api-Key";
+  const assistantCredential =
+    assistantApiKeyRaw?.trim() ||
+    process.env.ASSISTANT_API_KEY?.trim() ||
+    undefined;
 
   const assistantId = assistantIdRaw?.trim() || undefined;
 
-  if (!platformBaseUrl || !authToken || !assistantId) {
+  if (!platformBaseUrl || !assistantCredential || !assistantId) {
     log.debug(
       {
         hasPlatformBaseUrl: !!platformBaseUrl,
-        hasApiKey: !!authToken,
+        hasApiKey: !!assistantCredential,
         hasAssistantId: !!assistantId,
       },
       "Email callback route registration unavailable — missing credentials",
@@ -109,7 +105,7 @@ export async function registerEmailCallbackRoute(caches?: {
     {
       method: "POST",
       headers: {
-        Authorization: `${authScheme} ${authToken}`,
+        Authorization: `Api-Key ${assistantCredential}`,
         "Content-Type": "application/json",
       },
       body: JSON.stringify(requestBody),

package/src/feature-flag-registry.json

@@ -241,13 +241,21 @@
       "description": "Expose the developer-only Compaction Playground tab in macOS Settings and enable the /playground/* HTTP endpoints for exercising compaction conditions. Dev-only; default off.",
       "defaultEnabled": false
     },
+    {
+      "id": "safe-storage-limits",
+      "scope": "assistant",
+      "key": "safe-storage-limits",
+      "label": "Safe Storage Limits",
+      "description": "Enable disk pressure protection flows that block background work and remote actors while storage is critically low.",
+      "defaultEnabled": false
+    },
     {
       "id": "memory-v2-enabled",
       "scope": "assistant",
       "key": "memory-v2-enabled",
       "label": "Memory v2 (concept-page activation model)",
-      "description": "Enables the v2 memory subsystem: prose concept pages with bidirectional edges, activation-based retrieval, and hourly LLM-driven consolidation. v1 graph + PKB stays write-active until cutover.",
-      "defaultEnabled": false
+      "description": "Enables the v2 memory subsystem: prose concept pages with bidirectional edges, activation-based retrieval, and hourly LLM-driven consolidation. When on, v1 graph extraction/maintenance and PKB filing are suppressed; flipping the flag back off re-engages the full v1 pipeline.",
+      "defaultEnabled": true
     },
     {
       "id": "account-deletion",
@@ -255,7 +263,7 @@
       "key": "account-deletion",
       "label": "Account Deletion",
       "description": "Surfaces the user-initiated account deletion flow in client settings.",
-      "defaultEnabled": false
+      "defaultEnabled": true
     },
     {
       "id": "app-control",
@@ -272,6 +280,22 @@
       "label": "Analyze Conversation",
       "description": "Show the 'Analyze' / 'Analyze conversation' option in conversation context menus and the conversation title actions dropdown.",
       "defaultEnabled": false
+    },
+    {
+      "id": "pro-plan-adjust",
+      "scope": "assistant",
+      "key": "pro-plan-adjust",
+      "label": "Pro Plan Adjust",
+      "description": "Show the rich Plan card (current plan, features, Manage/Upgrade CTA) at the top of the macOS Settings → Billing tab. The 'Configure Auto Top Ups' CTA is gated separately on `auto-credit-topup`.",
+      "defaultEnabled": false
+    },
+    {
+      "id": "auto-credit-topup",
+      "scope": "assistant",
+      "key": "auto-credit-topup",
+      "label": "Auto Credit Top-Up",
+      "description": "Show the 'Configure Auto Top Ups' CTA in the macOS Settings → Billing tab. Mirrors the platform web flag of the same name that gates the auto-reload card and /v1/organizations/billing/auto-top-up/ API.",
+      "defaultEnabled": false
     }
   ]
 }

package/src/handlers/handle-inbound.ts

@@ -14,6 +14,7 @@ import {
 import type { RuntimeInboundResponse } from "../runtime/client.js";
 import type { GatewayInboundEvent } from "../types.js";
 import { tryTextVerificationIntercept } from "../verification/text-verification.js";
+import { upsertVerifiedContactChannel } from "../verification/contact-helpers.js";
 
 const log = getLogger("handle-inbound");
 
@@ -183,6 +184,17 @@ export async function handleInbound(
       );
     }
 
+    if (response.activatedContact) {
+      const { sourceChannel, externalUserId, externalChatId, displayName } =
+        response.activatedContact;
+      void upsertVerifiedContactChannel({
+        sourceChannel,
+        externalUserId,
+        externalChatId: externalChatId ?? externalUserId,
+        displayName,
+      }).catch(() => {});
+    }
+
     return { forwarded: true, rejected: false, runtimeResponse: response };
   } catch (err) {
     // Let CircuitBreakerOpenError propagate so webhook handlers can

package/src/http/routes/contact-prompt.ts

@@ -13,10 +13,17 @@
  * Auth: edge (same as all ingress contact routes).
  */
 
+import { eq } from "drizzle-orm";
+
 import {
   assistantDbQuery,
   assistantDbRun,
 } from "../../db/assistant-db-proxy.js";
+import { getGatewayDb } from "../../db/connection.js";
+import {
+  contactChannels as gwContactChannels,
+  contacts as gwContacts,
+} from "../../db/schema.js";
 import { ipcCallAssistant } from "../../ipc/assistant-client.js";
 import { getLogger } from "../../logger.js";
 
@@ -68,48 +75,152 @@ export async function handleContactPromptSubmit(req: Request): Promise<Response>
   let channelId: string;
 
   try {
-    // Check if a channel with this (type, address) already exists.
-    const existing = await assistantDbQuery<{
-      channelId: string;
-      contactId: string;
-    }>(
-      `SELECT cc.id AS channelId, cc.contact_id AS contactId
-       FROM contact_channels cc
-       WHERE cc.type = ? AND cc.address = ?
-       LIMIT 1`,
+    // -----------------------------------------------------------------------
+    // Phase 1: Resolve contact
+    //
+    // Guardian prompts always bind to the existing guardian contact — there
+    // must only ever be one.  Non-guardian prompts reuse an existing contact
+    // (found via a matching channel address) or create a new one.
+    // -----------------------------------------------------------------------
+    let createdNewContact = false;
+
+    if (effectiveRole === "guardian") {
+      const guardianRows = await assistantDbQuery<{ id: string }>(
+        `SELECT id FROM contacts WHERE role = 'guardian' ORDER BY created_at ASC LIMIT 1`,
+        [],
+      );
+      if (guardianRows.length > 0) {
+        contactId = guardianRows[0].id;
+      } else {
+        // Bootstrap hasn't run yet — create the guardian contact.
+        log.warn(
+          { channelType, address: normalizedAddress },
+          "contact-prompt-submit: no guardian contact found, creating one",
+        );
+        contactId = crypto.randomUUID();
+        createdNewContact = true;
+        await assistantDbRun(
+          `INSERT INTO contacts (id, display_name, role, contact_type, created_at, updated_at)
+           VALUES (?, ?, 'guardian', 'human', ?, ?)`,
+          [contactId, effectiveDisplayName, now, now],
+        );
+        try {
+          getGatewayDb()
+            .insert(gwContacts)
+            .values({ id: contactId, displayName: effectiveDisplayName, role: "guardian", createdAt: now, updatedAt: now })
+            .onConflictDoNothing()
+            .run();
+        } catch (gwErr) {
+          log.warn({ err: gwErr }, "contact-prompt-submit: gateway DB guardian contact INSERT dual-write failed");
+        }
+      }
+    } else {
+      // Reuse an existing contact if this channel address is already known.
+      const existingForChannel = await assistantDbQuery<{ contactId: string }>(
+        `SELECT contact_id AS contactId FROM contact_channels WHERE type = ? AND address = ? LIMIT 1`,
+        [channelType, normalizedAddress],
+      );
+      if (existingForChannel.length > 0) {
+        contactId = existingForChannel[0].contactId;
+      } else {
+        contactId = crypto.randomUUID();
+        createdNewContact = true;
+        await assistantDbRun(
+          `INSERT INTO contacts (id, display_name, role, contact_type, created_at, updated_at)
+           VALUES (?, ?, ?, 'human', ?, ?)`,
+          [contactId, effectiveDisplayName, effectiveRole, now, now],
+        );
+        try {
+          getGatewayDb()
+            .insert(gwContacts)
+            .values({ id: contactId, displayName: effectiveDisplayName, role: effectiveRole, createdAt: now, updatedAt: now })
+            .onConflictDoNothing()
+            .run();
+        } catch (gwErr) {
+          log.warn({ err: gwErr }, "contact-prompt-submit: gateway DB contact INSERT dual-write failed");
+        }
+      }
+    }
+
+    // -----------------------------------------------------------------------
+    // Phase 2: Resolve channel
+    //
+    // If a channel for (type, address) already points to our contact, reuse it.
+    // If it points to a different contact and we are binding as guardian, that
+    // is a conflict the caller must resolve — return 409.  Otherwise create a
+    // new channel bound to the resolved contact.
+    // -----------------------------------------------------------------------
+    const existingChannel = await assistantDbQuery<{ id: string; contactId: string }>(
+      `SELECT id, contact_id AS contactId FROM contact_channels WHERE type = ? AND address = ? LIMIT 1`,
       [channelType, normalizedAddress],
     );
 
-    if (existing.length > 0) {
-      contactId = existing[0].contactId;
-      channelId = existing[0].channelId;
+    if (existingChannel.length > 0 && existingChannel[0].contactId === contactId) {
+      channelId = existingChannel[0].id;
       log.info(
         { channelType, address: normalizedAddress, contactId, channelId },
         "contact-prompt-submit: channel already exists",
       );
+    } else if (existingChannel.length > 0) {
+      // Channel exists but belongs to a different contact.  The caller must
+      // clean up the stale binding before a guardian channel can be created.
+      log.warn(
+        { channelType, address: normalizedAddress, contactId, existingContactId: existingChannel[0].contactId },
+        "contact-prompt-submit: channel already assigned to another contact",
+      );
+      await ipcCallAssistant("resolve_contact_prompt", {
+        body: { requestId, error: "Channel already assigned to another contact" },
+      });
+      return Response.json(
+        { accepted: false, error: "Channel already assigned to another contact" },
+        { status: 409 },
+      );
     } else {
-      contactId = crypto.randomUUID();
       channelId = crypto.randomUUID();
 
-      await assistantDbRun(
-        `INSERT INTO contacts (id, display_name, role, contact_type, created_at, updated_at)
-         VALUES (?, ?, ?, 'human', ?, ?)`,
-        [contactId, effectiveDisplayName, effectiveRole, now, now],
-      );
-
       try {
         await assistantDbRun(
           `INSERT INTO contact_channels (id, contact_id, type, address, is_primary, status, policy, interaction_count, created_at, updated_at)
            VALUES (?, ?, ?, ?, 1, 'unverified', 'allow', 0, ?, ?)`,
           [channelId, contactId, channelType, normalizedAddress, now, now],
         );
+        try {
+          getGatewayDb()
+            .insert(gwContactChannels)
+            .values({
+              id: channelId,
+              contactId,
+              type: channelType,
+              address: normalizedAddress,
+              isPrimary: true,
+              status: "unverified",
+              policy: "allow",
+              interactionCount: 0,
+              createdAt: now,
+              updatedAt: now,
+            })
+            .onConflictDoNothing()
+            .run();
+        } catch (gwErr) {
+          log.warn({ err: gwErr }, "contact-prompt-submit: gateway DB channel INSERT dual-write failed");
+        }
       } catch (channelErr) {
-        // Compensating delete — remove the orphaned contact row.
+        // Compensating delete — only remove the contact if we created it here.
         log.error(
           { channelErr, contactId, channelType },
           "contact-prompt-submit: channel INSERT failed, rolling back contact",
         );
-        await assistantDbRun("DELETE FROM contacts WHERE id = ?", [contactId]);
+        if (createdNewContact) {
+          await assistantDbRun("DELETE FROM contacts WHERE id = ?", [contactId]);
+          try {
+            getGatewayDb()
+              .delete(gwContacts)
+              .where(eq(gwContacts.id, contactId))
+              .run();
+          } catch (gwErr) {
+            log.warn({ err: gwErr }, "contact-prompt-submit: gateway DB contact rollback DELETE dual-write failed");
+          }
+        }
 
         // Notify daemon of failure so the CLI doesn't hang.
         await ipcCallAssistant("resolve_contact_prompt", {
@@ -122,8 +233,8 @@ export async function handleContactPromptSubmit(req: Request): Promise<Response>
       }
 
       log.info(
-        { channelType, address: normalizedAddress, contactId, channelId, role: effectiveRole },
-        "contact-prompt-submit: created new contact + channel",
+        { channelType, address: normalizedAddress, contactId, channelId },
+        "contact-prompt-submit: created new channel",
       );
     }
   } catch (err) {

package/src/http/routes/contacts-control-plane-proxy.ts

@@ -6,10 +6,18 @@
  */
 
 import { proxyForward } from "@vellumai/assistant-client";
+import { eq } from "drizzle-orm";
 
 import { mintServiceToken } from "../../auth/token-exchange.js";
 import type { GatewayConfig } from "../../config.js";
+import {
+  assistantDbQuery,
+  assistantDbRun,
+} from "../../db/assistant-db-proxy.js";
+import { getGatewayDb } from "../../db/connection.js";
+import { contacts } from "../../db/schema.js";
 import { fetchImpl } from "../../fetch.js";
+import { ipcCallAssistant } from "../../ipc/assistant-client.js";
 import { getLogger } from "../../logger.js";
 
 const log = getLogger("contacts-control-plane-proxy");
@@ -72,11 +80,32 @@ export function createContactsControlPlaneProxyHandler(config: GatewayConfig) {
       return forward(req, `/v1/contacts/${contactId}`);
     },
 
-    async handleDeleteContact(
-      req: Request,
-      contactId: string,
-    ): Promise<Response> {
-      return forward(req, `/v1/contacts/${contactId}`);
+    async handleDeleteContact(contactId: string): Promise<Response> {
+      const rows = await assistantDbQuery<{ role: string }>(
+        "SELECT role FROM contacts WHERE id = ?",
+        [contactId],
+      );
+      if (rows.length === 0) {
+        log.warn({ contactId }, "delete_contact: not found");
+        return Response.json(
+          { error: { code: "NOT_FOUND", message: `Contact "${contactId}" not found` } },
+          { status: 404 },
+        );
+      }
+      if (rows[0].role === "guardian") {
+        log.warn({ contactId }, "delete_contact: attempted to delete guardian");
+        return Response.json(
+          { error: { code: "FORBIDDEN", message: "Cannot delete a guardian contact" } },
+          { status: 403 },
+        );
+      }
+      await assistantDbRun("DELETE FROM contacts WHERE id = ?", [contactId]);
+      getGatewayDb().delete(contacts).where(eq(contacts.id, contactId)).run();
+      void ipcCallAssistant("emit_event", {
+        body: { kind: "contacts_changed" },
+      } as unknown as Record<string, unknown>);
+      log.info({ contactId }, "delete_contact: deleted");
+      return new Response(null, { status: 204 });
     },
 
     async handleMergeContacts(req: Request): Promise<Response> {

package/src/http/routes/ipc-runtime-proxy.ts

@@ -118,6 +118,24 @@ export async function tryIpcProxy(
     }
   });
 
+  // Override caller-supplied identity headers with values derived from the
+  // verified JWT claims. The daemon's IPC adapter (`injectLocalActorHeader`)
+  // preserves any inbound `x-vellum-actor-principal-id`, so without this
+  // step a malicious client could spoof another user's principal id by
+  // setting the header explicitly. Mirrors the HTTP adapter's behavior in
+  // `assistant/src/runtime/routes/http-adapter.ts`.
+  delete headers["x-vellum-actor-principal-id"];
+  delete headers["x-vellum-principal-type"];
+  if (claims) {
+    const sub = parseSub(claims.sub);
+    if (sub.ok) {
+      headers["x-vellum-principal-type"] = sub.principalType;
+      if (sub.actorPrincipalId) {
+        headers["x-vellum-actor-principal-id"] = sub.actorPrincipalId;
+      }
+    }
+  }
+
   let body: Record<string, unknown> | undefined;
   if (req.method !== "GET" && req.method !== "HEAD") {
     const contentType = req.headers.get("content-type") ?? "";

package/src/http/routes/twilio-voice-webhook.test.ts

@@ -314,7 +314,28 @@ describe("resolvePublicBaseWssUrl", () => {
     );
   });
 
-  test("falls back to configFile publicBaseUrl when velayBaseUrl is set but platformAssistantId is missing", () => {
+  test("uses configFile publicBaseUrl before velayBaseUrl fallback", () => {
+    const config = {
+      ...baseConfig,
+      velayBaseUrl: "http://host.docker.internal:8501",
+    };
+    const mockConfigFile = {
+      getString: (section: string, key: string) =>
+        section === "ingress" && key === "publicBaseUrl"
+          ? "https://velay-public.example.test/abc12345-0000-0000-0000-000000000000"
+          : undefined,
+    } as Parameters<typeof resolvePublicBaseWssUrl>[1];
+    const result = resolvePublicBaseWssUrl(
+      config,
+      mockConfigFile,
+      "abc12345-0000-0000-0000-000000000000",
+    );
+    expect(result).toBe(
+      "wss://velay-public.example.test/abc12345-0000-0000-0000-000000000000",
+    );
+  });
+
+  test("falls back to configFile publicBaseUrl when platformAssistantId is missing", () => {
     const config = {
       ...baseConfig,
       velayBaseUrl: "https://velay-dev.vellum.ai",