instar 1.3.543 → 1.3.544

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -8567,7 +8567,7 @@ export async function startServer(options) {
8567
8567
  // stops routing reads/attribution through moved slots (an env fleet isn't store-steered, and
8568
8568
  // attributing it would mis-credit usage to a slot tenant). Dark-default: when the feature flag
8569
8569
  // is off this short-circuits before evaluating the gate, so it's byte-for-byte today's behavior.
8570
- isEnabled: () => config.subscriptionPool?.credentialRepointing?.enabled === true &&
8570
+ isEnabled: () => resolveDevAgentGate(config.subscriptionPool?.credentialRepointing?.enabled, config) &&
8571
8571
  !credentialEnvTokenGate.evaluate().refused,
8572
8572
  ledger: credentialLocationLedger,
8573
8573
  emitAttention: credentialGateEmitAttention,
@@ -8580,7 +8580,7 @@ export async function startServer(options) {
8580
8580
  const { credentialSlotKey: canonicalizeSlot } = await import('../core/OAuthRefresher.js');
8581
8581
  setCredentialWriteRefusalGate({
8582
8582
  shouldRefuse: (canonicalSlot) => {
8583
- if (config.subscriptionPool?.credentialRepointing?.enabled !== true)
8583
+ if (!resolveDevAgentGate(config.subscriptionPool?.credentialRepointing?.enabled, config))
8584
8584
  return false;
8585
8585
  // The funnel passes a canonicalized slot key, but the ledger stores raw enrollment-home
8586
8586
  // spellings (`~/.claude`, an enrollment path). Compare canonical-to-canonical so a
@@ -8631,7 +8631,7 @@ export async function startServer(options) {
8631
8631
  resolveIdentity: credResolveIdentity,
8632
8632
  // The executor reads the SAME dark gate the routes do — strict no-op while disabled.
8633
8633
  config: {
8634
- enabled: config.subscriptionPool?.credentialRepointing?.enabled === true,
8634
+ enabled: resolveDevAgentGate(config.subscriptionPool?.credentialRepointing?.enabled, config),
8635
8635
  dryRun: config.subscriptionPool?.credentialRepointing?.dryRun !== false,
8636
8636
  },
8637
8637
  emitAudit: (rec) => credentialAuditEmit.audit({ event: 'swap-step', ...rec }),