# Updates plan > **Audience.** Buyers and admins deciding whether to subscribe to the > Updates plan. > ⟵ [back to docs index](../README.md) **TL;DR.** Subscribe to the Updates plan and every time a new base model ships (Gemma 5, Llama 5, Qwen 3, Mistral Medium 3…), we re-fine-tune it on your corpus, validate against your eval harness, and push the new weights to your Box. Security patches and dependency updates included. No per-release fee, no token metering. Cancel any time. ## 01 · What you get | Deliverable | Cadence | |------------|---------| | **New base-model refreshes** (re-fine-tuned on your corpus) | Within 4 weeks of upstream release | | **Security patches** for the runtime, OS, drivers, kernel | Within 7 days of CVE publication (14 days for low-sev) | | **Dependency refresh** (vLLM, cuDNN, CUDA minor versions) | Monthly | | **Eval-harness CI** run against your Box | Weekly | | **Drift alerts** (if pass-rate moves more than 2 pp) | Continuous | | **Snapshot replication** to an S3-compatible bucket you own | Nightly | Everything is **opt-in on your side**. Your admin approves each model update before it enters production. ## 02 · How an update flows A typical "new base model ships" event: ```text Upstream release (e.g., Gemma 5) │ ▼ T+0 — we grab it ┌─────────────────────────────┐ │ 1. Download + verify checksum │ └─────────────────────────────┘ │ ▼ T+1 day — our lab ┌─────────────────────────────┐ │ 2. Re-fine-tune on your corpus │ │ (reuses your last fine-tune │ │ config; no new data sent) │ └─────────────────────────────┘ │ ▼ T+3 days ┌─────────────────────────────┐ │ 3. Quantise + package │ └─────────────────────────────┘ │ ▼ T+4 days ┌─────────────────────────────┐ │ 4. Run your full eval suite │ │ in our sandbox │ └─────────────────────────────┘ │ ▼ T+7 days — ship ┌─────────────────────────────┐ │ 5. Signed bundle available │ │ at updates.bilbs.ai │ └─────────────────────────────┘ │ ▼ next maintenance window ┌─────────────────────────────┐ │ 6. Your Box pulls the bundle │ │ (if online) or prompts you │ │ to insert a USB (airgap) │ └─────────────────────────────┘ │ ▼ T+ ~14 days from upstream ┌─────────────────────────────┐ │ 7. Bundle runs on a staging │ │ route on your Box; evals │ │ run against it │ └─────────────────────────────┘ │ ▼ admin approves ┌─────────────────────────────┐ │ 8. Traffic shifts over the │ │ next maintenance window │ └─────────────────────────────┘ ``` **You are always in the loop.** No update auto-applies to production without an admin clicking Approve in the UI. The staging route is the default safety net. ## 03 · What "unlimited" means - **Unlimited in count.** As many new base models per year as upstream ships. Expect 4–8 per year across the frontier-open-weight cohort. - **Unlimited in re-fine-tunes.** If you add new corpus data, we'll re-run the fine-tune pipeline on the existing base at no extra charge. - **Not unlimited in scope.** If you ask us to switch to a model family we haven't validated (e.g., a new Chinese-government-operator model), that's a Build-style engagement, not an Updates-plan inclusion. ## 04 · What's included in the price | Tier | Monthly | |------|---------:| | Mini | $99 | | Box | $149 | | Pro | $299 | | Cluster | from $699 | Price covers *all* of the updates + patches + evals + alerts for that one Box. Multiple Boxes on the same company account receive a volume discount (contact us). ## 05 · What's not included - **Model re-fine-tunes that require new annotations.** If Gemma 5 lands and you want to add 2,000 new human-annotated examples, that annotation work is yours; the re-fine-tune on top of it is included. - **Custom models.** If you want us to train a model from scratch (not a fine-tune on an open base), that's a Build engagement. - **Feature development.** New admin-UI features, new integrations, new agent tools — not included. Those come from a Build or Embedded engagement. - **Incident response.** That's the [Support plan](./support-plan.md). ## 06 · Airgap variant If your Box is airgapped, we ship Updates on a **signed USB drive**, quarterly, by courier. The drive contains: - The re-fine-tuned weights. - The runtime image. - Dependency updates. - A signed manifest your Box verifies before accepting the update. Your admin inserts the drive, confirms the manifest, and approves in the admin UI. The Box never touches the public internet. For clients with one-way data diodes, we ship the same payload over the diode on the same cadence. ## 07 · Opting in From the admin UI: **System → Plans → Updates → Subscribe.** You'll need a valid payment method on file (wire / ACH / card). The plan activates immediately; the first update lands whenever the next qualifying upstream release occurs. From the admin CLI: ```bash bilbs plan subscribe updates --billing-email billing@yourco.com ``` ## 08 · Cancelling From the admin UI: **System → Plans → Updates → Cancel.** - Effective end of current billing month. - Box keeps the most recent update you received; future updates stop. - You can re-subscribe later — re-entry is prorated and catches up to the latest release on our next scheduled run. - No clawback; nothing we sent you during the subscription is revoked. ## 09 · SLAs | Commitment | Target | |-----------|--------| | Security-patch availability after CVE publication | ≤ 7 days high/critical, ≤ 14 days low/medium | | New-base-model availability after upstream release | ≤ 4 weeks | | Snapshot replication latency | ≤ 24 h | | Drift alert after eval failure | ≤ 1 h | Miss an SLA and the following month's Updates fee is credited back. ## 10 · Common questions **"What if we don't like the new base model?"** Don't approve it. The staging bundle expires on your Box after 90 days if never approved. **"Do you ever push updates without asking?"** Security patches for the runtime go out during your maintenance window automatically if you've set `auto_apply_security = true` in the plan config. Everything else requires admin approval. **"What happens if we cancel and Gemma 6 ships?"** You keep Gemma 5 (or whatever you had). Gemma 6 you skip. Re-subscribe later to catch up. **"Can we stay on an older base forever?"** Yes. Nothing forces you to upgrade. Your Box works forever on whatever was last deployed. **"Does a new base require new Box hardware?"** Usually no. We pick quantisation + LoRA-rank strategies compatible with your existing hardware. If a future base (say a 500B model) fundamentally won't fit, we'll tell you ahead of the release and you can skip or trade up the hardware. --- See also: [support-plan.md](./support-plan.md) · [bilbs-box.md](../bilbs-box.md).