@ainyc/canonry 4.25.0 → 4.26.0

package/assets/index.html

@@ -12,7 +12,7 @@
     <link rel="icon" type="image/png" sizes="32x32" href="./favicon-32.png" />
     <link rel="apple-touch-icon" href="./apple-touch-icon.png" />
     <title>Canonry</title>
-    <script type="module" crossorigin src="./assets/index-C4scWriC.js"></script>
+    <script type="module" crossorigin src="./assets/index-X1r0qycv.js"></script>
     <link rel="stylesheet" crossorigin href="./assets/index-rPok6yk8.css">
   </head>
   <body>

package/dist/{chunk-A7HQ6X43.js → chunk-2FAEQ56I.js}

@@ -18,7 +18,7 @@ import {
   trafficConnectCloudRunRequestSchema,
   trafficConnectWordpressRequestSchema,
   trafficEventKindSchema
-} from "./chunk-CRQMGNPH.js";
+} from "./chunk-HVW665A4.js";
 
 // src/config.ts
 import fs from "fs";
@@ -1954,7 +1954,7 @@ var canonryMcpTools = [
   defineTool({
     name: "canonry_run_trigger",
     title: "Trigger run",
-    description: "Trigger an answer-visibility run for a Canonry project.",
+    description: "Trigger an answer-visibility run for a Canonry project. Pass request.queries[] to scope the sweep to a subset of the project's tracked queries; omit for a full sweep.",
     access: "write",
     tier: "core",
     inputSchema: runTriggerInputSchema,

package/dist/{chunk-6J6WQOGH.js → chunk-H4RE4WLW.js}

@@ -5,7 +5,7 @@ import {
   loadConfig,
   loadConfigRaw,
   saveConfigPatch
-} from "./chunk-A7HQ6X43.js";
+} from "./chunk-2FAEQ56I.js";
 import {
   DEFAULT_RUN_HISTORY_LIMIT,
   IntelligenceService,
@@ -68,7 +68,7 @@ import {
   schedules,
   trafficSources,
   usageCounters
-} from "./chunk-IS65IYNZ.js";
+} from "./chunk-PN24DAGC.js";
 import {
   AGENT_MEMORY_VALUE_MAX_BYTES,
   AGENT_PROVIDER_IDS,
@@ -169,7 +169,7 @@ import {
   visibilityStateFromAnswerMentioned,
   windowCutoff,
   wordpressEnvSchema
-} from "./chunk-CRQMGNPH.js";
+} from "./chunk-HVW665A4.js";
 
 // src/telemetry.ts
 import crypto from "crypto";
@@ -1155,6 +1155,7 @@ function queueRunIfProjectIdle(db, params) {
       status: "queued",
       trigger,
       location: params.location ?? null,
+      queries: params.queries ?? null,
       createdAt
     }).run();
     return { conflict: false, runId };
@@ -1185,6 +1186,20 @@ async function runRoutes(app, opts) {
       rawProviders.splice(0, rawProviders.length, ...normalized);
     }
     const providers = rawProviders?.length ? rawProviders : void 0;
+    let scopedQueries = null;
+    if (body.queries?.length) {
+      const trackedRows = app.db.select({ query: queries.query }).from(queries).where(eq7(queries.projectId, project.id)).all();
+      const tracked = new Set(trackedRows.map((r) => r.query));
+      const missing = body.queries.filter((q) => !tracked.has(q));
+      if (missing.length) {
+        throw validationError(`Queries not tracked on project "${project.name}": ${missing.join(", ")}`, {
+          missing,
+          tracked: [...tracked]
+        });
+      }
+      scopedQueries = body.queries;
+    }
+    const queriesColumn = scopedQueries ? JSON.stringify(scopedQueries) : null;
     let resolvedLocation;
     const projectLocations = parseJsonColumn(project.locations, []);
     if (body.noLocation) {
@@ -1217,6 +1232,7 @@ async function runRoutes(app, opts) {
           status: "queued",
           trigger,
           location: loc.label,
+          queries: queriesColumn,
           createdAt: now
         }).run();
         newRuns.push({ runId: runId2, loc });
@@ -1244,7 +1260,8 @@ async function runRoutes(app, opts) {
       kind,
       projectId: project.id,
       trigger,
-      location: locationLabel
+      location: locationLabel,
+      queries: queriesColumn
     });
     if (queueResult.conflict) throw runInProgress(project.name);
     const runId = queueResult.runId;
@@ -1390,6 +1407,7 @@ function formatRun(row) {
     status: row.status,
     trigger: row.trigger,
     location: row.location,
+    queries: parseJsonColumn(row.queries, null),
     startedAt: row.startedAt,
     finishedAt: row.finishedAt,
     error: parseRunError(row.error),
@@ -8003,6 +8021,7 @@ var routeCatalog = [
               kind: stringSchema,
               trigger: stringSchema,
               providers: stringArraySchema,
+              queries: stringArraySchema,
               location: stringSchema,
               allLocations: booleanSchema,
               noLocation: booleanSchema
@@ -10171,8 +10190,8 @@ var routeCatalog = [
   {
     method: "post",
     path: "/api/v1/projects/{name}/traffic/sources/{id}/backfill",
-    summary: "Reclassify historical Cloud Run logs for a traffic source",
-    description: 'Async one-shot backfill: pulls the last `days` of request logs (clamped server-side to the upstream retention ceiling \u2014 30d for Cloud Logging `_Default`), classifies them with the current rules, and replaces the hourly rollup buckets + sample slice in the window inside one transaction. Returns immediately with `{ runId, status: "running" }`; poll `GET /runs/{id}` for completion. lastSyncedAt only advances forward, so a backfill never undoes incremental sync progress that ran ahead of it.',
+    summary: "Reclassify historical traffic-source logs",
+    description: 'Async one-shot backfill: pulls the last `days` of events (clamped server-side to the upstream retention ceiling \u2014 30d for Cloud Logging `_Default`; the WordPress plugin honours the same window via `since`/`until` query params), classifies them with the current rules, and replaces the hourly rollup buckets + sample slice in the window inside one transaction. Returns immediately with `{ runId, status: "running" }`; poll `GET /runs/{id}` for completion. lastSyncedAt only advances forward, so a backfill never undoes incremental sync progress that ran ahead of it. Supported source types: `cloud-run`, `wordpress`.',
     tags: ["traffic"],
     parameters: [
       nameParameter,
@@ -17411,6 +17430,7 @@ async function listWordpressTrafficEvents(options) {
   let cursor = options.cursor;
   let rawEntryCount = 0;
   let skippedEntryCount = 0;
+  let hasMore = false;
   const events = [];
   for (let page = 0; page < maxPages; page += 1) {
     const url = new URL(endpoint);
@@ -17418,6 +17438,12 @@ async function listWordpressTrafficEvents(options) {
     if (cursor !== void 0 && cursor !== "") {
       url.searchParams.set("cursor", cursor);
     }
+    if (options.since !== void 0 && options.since !== "") {
+      url.searchParams.set("since", options.since);
+    }
+    if (options.until !== void 0 && options.until !== "") {
+      url.searchParams.set("until", options.until);
+    }
     const response = await fetch(url, {
       method: "GET",
       headers: {
@@ -17446,6 +17472,7 @@ async function listWordpressTrafficEvents(options) {
       }
     }
     cursor = body.next_cursor ?? void 0;
+    hasMore = Boolean(body.has_more) && Boolean(cursor);
     if (!body.has_more || !cursor) break;
   }
   return {
@@ -17453,6 +17480,7 @@ async function listWordpressTrafficEvents(options) {
     rawEntryCount,
     skippedEntryCount,
     nextCursor: cursor,
+    hasMore,
     endpoint
   };
 }
@@ -17462,6 +17490,8 @@ var DEFAULT_SYNC_WINDOW_MINUTES = 43200;
 var DEFAULT_PAGE_SIZE3 = 1e3;
 var DEFAULT_MAX_PAGES3 = 5;
 var DEFAULT_SAMPLE_LIMIT2 = 100;
+var DEFAULT_WP_PAGE_SIZE = 500;
+var DEFAULT_WP_MAX_PAGES = 20;
 var MAX_TRACKED_EVENT_IDS = 1e3;
 var DEFAULT_BACKFILL_DAYS = 30;
 var MAX_BACKFILL_DAYS = 30;
@@ -17503,14 +17533,10 @@ async function runBackfillTask(options) {
     runId,
     project,
     sourceRow,
-    gcpProjectId,
-    serviceName,
-    location,
-    credential,
     windowStart,
     windowEnd,
-    pullEvents,
-    resolveAccessToken: resolveAccessToken2
+    pullForBackfill,
+    pullErrorPrefix
   } = options;
   const markFailed = (msg) => {
     const failedAt = (/* @__PURE__ */ new Date()).toISOString();
@@ -17522,33 +17548,11 @@ async function runBackfillTask(options) {
     } catch {
     }
   };
-  let accessToken;
+  let allEvents;
   try {
-    accessToken = await resolveAccessToken2(credential);
+    allEvents = await pullForBackfill();
   } catch (e) {
-    markFailed(`Failed to resolve Cloud Run access token: ${e instanceof Error ? e.message : String(e)}`);
-    return;
-  }
-  const allEvents = [];
-  try {
-    const page = await pullEvents(accessToken, {
-      gcpProjectId,
-      serviceName,
-      location,
-      startTime: windowStart.toISOString(),
-      endTime: windowEnd.toISOString(),
-      pageSize: DEFAULT_PAGE_SIZE3,
-      maxPages: BACKFILL_MAX_PAGES,
-      // Backfill is intentionally `firstSync: false`. We don't want desc
-      // ordering — the in-memory rollup builder handles any order, and the
-      // ring-buffer reseed at the end takes the most-recent IDs from the
-      // dedupedEvents anyway.
-      firstSync: false,
-      orderBy: "timestamp asc"
-    });
-    allEvents.push(...page.events);
-  } catch (e) {
-    markFailed(`Cloud Run pull failed: ${e instanceof Error ? e.message : String(e)}`);
+    markFailed(`${pullErrorPrefix}: ${e instanceof Error ? e.message : String(e)}`);
     return;
   }
   if (allEvents.length === 0) {
@@ -17838,33 +17842,12 @@ async function trafficRoutes(app, opts) {
     if (!sourceRow || sourceRow.projectId !== project.id) {
       throw notFound("Traffic source", request.params.id);
     }
-    if (sourceRow.sourceType !== TrafficSourceTypes["cloud-run"]) {
+    if (sourceRow.sourceType !== TrafficSourceTypes["cloud-run"] && sourceRow.sourceType !== TrafficSourceTypes.wordpress) {
       throw validationError(
-        `Sync for source type "${sourceRow.sourceType}" is not implemented yet \u2014 only cloud-run is supported in v1.`
+        `Sync for source type "${sourceRow.sourceType}" is not implemented yet \u2014 only cloud-run and wordpress are supported in v1.`
       );
     }
-    const credentialStore = opts.cloudRunCredentialStore;
-    if (!credentialStore) {
-      throw validationError("Cloud Run credential storage is not configured for this deployment");
-    }
-    const credential = credentialStore.getConnection(project.name);
-    if (!credential) {
-      throw validationError(
-        `No Cloud Run credential found for project "${project.name}". Run "canonry traffic connect cloud-run" first.`
-      );
-    }
-    const config = parseSourceConfig(sourceRow);
-    const gcpProjectId = config.gcpProjectId ?? credential.gcpProjectId;
-    const serviceName = config.serviceName ?? credential.serviceName ?? void 0;
-    const location = config.location ?? credential.location ?? void 0;
-    const requestedMinutes = request.body?.sinceMinutes;
-    const windowMinutes = Number.isFinite(requestedMinutes) && requestedMinutes && requestedMinutes > 0 ? Math.floor(requestedMinutes) : syncWindowMinutes;
     const windowEnd = /* @__PURE__ */ new Date();
-    const requestedStartMs = windowEnd.getTime() - windowMinutes * 6e4;
-    const lastSyncedMs = sourceRow.lastSyncedAt ? new Date(sourceRow.lastSyncedAt).getTime() : Number.NEGATIVE_INFINITY;
-    const windowStart = new Date(
-      Math.min(windowEnd.getTime(), Math.max(requestedStartMs, lastSyncedMs))
-    );
     const startedAt = windowEnd.toISOString();
     const syncStartedAtMs = windowEnd.getTime();
     const runId = crypto20.randomUUID();
@@ -17898,32 +17881,100 @@ async function trafficRoutes(app, opts) {
       } catch {
       }
     };
-    let accessToken;
-    try {
-      accessToken = await resolveAccessToken2(credential);
-    } catch (e) {
-      const msg = e instanceof Error ? e.message : String(e);
-      markFailed(msg, "PROVIDER_AUTH");
-      throw providerError(`Failed to resolve Cloud Run access token: ${msg}`);
-    }
-    const isFirstSync = !sourceRow.lastSyncedAt;
-    let allEvents = [];
-    try {
-      const page = await pullEvents(accessToken, {
-        gcpProjectId,
-        serviceName,
-        location,
-        startTime: windowStart.toISOString(),
-        endTime: windowEnd.toISOString(),
-        pageSize,
-        maxPages,
-        firstSync: isFirstSync
-      });
-      allEvents = page.events;
-    } catch (e) {
-      const msg = e instanceof Error ? e.message : String(e);
-      markFailed(msg, "PROVIDER_PULL");
-      throw providerError(`Cloud Run pull failed: ${msg}`);
+    let windowStart;
+    let allEvents;
+    let nextCursor;
+    let auditAction;
+    if (sourceRow.sourceType === TrafficSourceTypes["cloud-run"]) {
+      auditAction = "traffic.cloud-run.synced";
+      const credentialStore = opts.cloudRunCredentialStore;
+      if (!credentialStore) {
+        throw validationError("Cloud Run credential storage is not configured for this deployment");
+      }
+      const credential = credentialStore.getConnection(project.name);
+      if (!credential) {
+        throw validationError(
+          `No Cloud Run credential found for project "${project.name}". Run "canonry traffic connect cloud-run" first.`
+        );
+      }
+      const config = parseSourceConfig(sourceRow);
+      const gcpProjectId = config.gcpProjectId ?? credential.gcpProjectId;
+      const serviceName = config.serviceName ?? credential.serviceName ?? void 0;
+      const location = config.location ?? credential.location ?? void 0;
+      const requestedMinutes = request.body?.sinceMinutes;
+      const windowMinutes = Number.isFinite(requestedMinutes) && requestedMinutes && requestedMinutes > 0 ? Math.floor(requestedMinutes) : syncWindowMinutes;
+      const requestedStartMs = windowEnd.getTime() - windowMinutes * 6e4;
+      const lastSyncedMs = sourceRow.lastSyncedAt ? new Date(sourceRow.lastSyncedAt).getTime() : Number.NEGATIVE_INFINITY;
+      windowStart = new Date(
+        Math.min(windowEnd.getTime(), Math.max(requestedStartMs, lastSyncedMs))
+      );
+      let accessToken;
+      try {
+        accessToken = await resolveAccessToken2(credential);
+      } catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        markFailed(msg, "PROVIDER_AUTH");
+        throw providerError(`Failed to resolve Cloud Run access token: ${msg}`);
+      }
+      const isFirstSync = !sourceRow.lastSyncedAt;
+      try {
+        const page = await pullEvents(accessToken, {
+          gcpProjectId,
+          serviceName,
+          location,
+          startTime: windowStart.toISOString(),
+          endTime: windowEnd.toISOString(),
+          pageSize,
+          maxPages,
+          firstSync: isFirstSync
+        });
+        allEvents = page.events;
+      } catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        markFailed(msg, "PROVIDER_PULL");
+        throw providerError(`Cloud Run pull failed: ${msg}`);
+      }
+    } else {
+      auditAction = "traffic.wordpress.synced";
+      const credentialStore = opts.wordpressTrafficCredentialStore;
+      if (!credentialStore) {
+        throw validationError("WordPress traffic credential storage is not configured for this deployment");
+      }
+      const credential = credentialStore.getConnection(project.name);
+      if (!credential) {
+        app.db.delete(runs).where(eq23(runs.id, runId)).run();
+        throw validationError(
+          `No WordPress credential found for project "${project.name}". Run "canonry traffic connect wordpress" first.`
+        );
+      }
+      windowStart = sourceRow.lastSyncedAt ? new Date(sourceRow.lastSyncedAt) : windowEnd;
+      const wpPageSize = opts.defaultWordpressPageSize ?? DEFAULT_WP_PAGE_SIZE;
+      const wpMaxPages = opts.defaultWordpressMaxPages ?? DEFAULT_WP_MAX_PAGES;
+      const collected = [];
+      let cursor = sourceRow.lastCursor ?? void 0;
+      try {
+        for (let page = 0; page < wpMaxPages; page += 1) {
+          const pageResult = await pullWordpressEvents({
+            baseUrl: credential.baseUrl,
+            username: credential.username,
+            applicationPassword: credential.applicationPassword,
+            cursor,
+            pageSize: wpPageSize,
+            maxPages: 1
+          });
+          collected.push(...pageResult.events);
+          const previousCursor = cursor;
+          cursor = pageResult.nextCursor;
+          if (!pageResult.hasMore) break;
+          if (!cursor || cursor === previousCursor) break;
+        }
+        allEvents = collected;
+        nextCursor = cursor;
+      } catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        markFailed(msg, "PROVIDER_PULL");
+        throw providerError(`WordPress pull failed: ${msg}`);
+      }
     }
     let crawlerBucketRows = 0;
     let aiReferralBucketRows = 0;
@@ -18050,7 +18101,7 @@ async function trafficRoutes(app, opts) {
         }).run();
         sampleRows += 1;
       }
-      tx.update(trafficSources).set({
+      const sourceUpdate = {
         status: TrafficSourceStatuses.connected,
         // Advance to windowEnd, not finishedAt — events arriving at the
         // source between windowEnd and finishedAt aren't in this pull's
@@ -18060,13 +18111,17 @@ async function trafficRoutes(app, opts) {
         lastError: null,
         lastEventIds: JSON.stringify(nextEventIds),
         updatedAt: finishedAt
-      }).where(eq23(trafficSources.id, sourceRow.id)).run();
+      };
+      if (sourceRow.sourceType === TrafficSourceTypes.wordpress) {
+        sourceUpdate.lastCursor = nextCursor ?? null;
+      }
+      tx.update(trafficSources).set(sourceUpdate).where(eq23(trafficSources.id, sourceRow.id)).run();
       tx.update(runs).set({ status: RunStatuses.completed, finishedAt }).where(eq23(runs.id, runId)).run();
     });
     writeAuditLog(app.db, {
       projectId: project.id,
       actor: "api",
-      action: "traffic.cloud-run.synced",
+      action: auditAction,
       entityType: "traffic_source",
       entityId: sourceRow.id
     });
@@ -18104,19 +18159,9 @@ async function trafficRoutes(app, opts) {
     if (!sourceRow || sourceRow.projectId !== project.id) {
       throw notFound("Traffic source", request.params.id);
     }
-    if (sourceRow.sourceType !== TrafficSourceTypes["cloud-run"]) {
+    if (sourceRow.sourceType !== TrafficSourceTypes["cloud-run"] && sourceRow.sourceType !== TrafficSourceTypes.wordpress) {
       throw validationError(
-        `Backfill for source type "${sourceRow.sourceType}" is not implemented yet \u2014 only cloud-run is supported in v1.`
-      );
-    }
-    const credentialStore = opts.cloudRunCredentialStore;
-    if (!credentialStore) {
-      throw validationError("Cloud Run credential storage is not configured for this deployment");
-    }
-    const credential = credentialStore.getConnection(project.name);
-    if (!credential) {
-      throw validationError(
-        `No Cloud Run credential found for project "${project.name}". Run "canonry traffic connect cloud-run" first.`
+        `Backfill for source type "${sourceRow.sourceType}" is not implemented yet \u2014 only cloud-run and wordpress are supported in v1.`
       );
     }
     const requestedDays = request.body?.days ?? DEFAULT_BACKFILL_DAYS;
@@ -18124,13 +18169,86 @@ async function trafficRoutes(app, opts) {
       throw validationError('"days" must be a positive integer');
     }
     const appliedDays = Math.min(requestedDays, MAX_BACKFILL_DAYS);
-    const config = parseSourceConfig(sourceRow);
-    const gcpProjectId = config.gcpProjectId ?? credential.gcpProjectId;
-    const serviceName = config.serviceName ?? credential.serviceName ?? void 0;
-    const location = config.location ?? credential.location ?? void 0;
     const windowEnd = /* @__PURE__ */ new Date();
     const windowStart = new Date(windowEnd.getTime() - appliedDays * 864e5);
     windowStart.setUTCMinutes(0, 0, 0);
+    let pullForBackfill;
+    let pullErrorPrefix;
+    if (sourceRow.sourceType === TrafficSourceTypes["cloud-run"]) {
+      const credentialStore = opts.cloudRunCredentialStore;
+      if (!credentialStore) {
+        throw validationError("Cloud Run credential storage is not configured for this deployment");
+      }
+      const credential = credentialStore.getConnection(project.name);
+      if (!credential) {
+        throw validationError(
+          `No Cloud Run credential found for project "${project.name}". Run "canonry traffic connect cloud-run" first.`
+        );
+      }
+      const config = parseSourceConfig(sourceRow);
+      const gcpProjectId = config.gcpProjectId ?? credential.gcpProjectId;
+      const serviceName = config.serviceName ?? credential.serviceName ?? void 0;
+      const location = config.location ?? credential.location ?? void 0;
+      pullErrorPrefix = "Cloud Run pull failed";
+      pullForBackfill = async () => {
+        const accessToken = await resolveAccessToken2(credential);
+        const page = await pullEvents(accessToken, {
+          gcpProjectId,
+          serviceName,
+          location,
+          startTime: windowStart.toISOString(),
+          endTime: windowEnd.toISOString(),
+          pageSize: DEFAULT_PAGE_SIZE3,
+          maxPages: BACKFILL_MAX_PAGES,
+          // Backfill is intentionally `firstSync: false`. We don't want desc
+          // ordering — the in-memory rollup builder handles any order, and the
+          // ring-buffer reseed at the end takes the most-recent IDs from the
+          // dedupedEvents anyway.
+          firstSync: false,
+          orderBy: "timestamp asc"
+        });
+        return page.events;
+      };
+    } else {
+      const credentialStore = opts.wordpressTrafficCredentialStore;
+      if (!credentialStore) {
+        throw validationError("WordPress traffic credential storage is not configured for this deployment");
+      }
+      const credential = credentialStore.getConnection(project.name);
+      if (!credential) {
+        throw validationError(
+          `No WordPress credential found for project "${project.name}". Run "canonry traffic connect wordpress" first.`
+        );
+      }
+      const wpPageSize = opts.defaultWordpressPageSize ?? DEFAULT_WP_PAGE_SIZE;
+      pullErrorPrefix = "WordPress pull failed";
+      pullForBackfill = async () => {
+        const collected = [];
+        const windowStartIso = windowStart.toISOString();
+        const windowEndIso = windowEnd.toISOString();
+        let cursor = void 0;
+        for (let page = 0; page < BACKFILL_MAX_PAGES; page += 1) {
+          const pageResult = await pullWordpressEvents({
+            baseUrl: credential.baseUrl,
+            username: credential.username,
+            applicationPassword: credential.applicationPassword,
+            cursor,
+            pageSize: wpPageSize,
+            // Each call fetches a single page; the for-loop drives
+            // continuation. Matches the WP sync path's pattern.
+            maxPages: 1,
+            since: windowStartIso,
+            until: windowEndIso
+          });
+          collected.push(...pageResult.events);
+          const previousCursor = cursor;
+          cursor = pageResult.nextCursor;
+          if (!pageResult.hasMore) break;
+          if (!cursor || cursor === previousCursor) break;
+        }
+        return collected;
+      };
+    }
     const startedAt = windowEnd.toISOString();
     const runId = crypto20.randomUUID();
     app.db.insert(runs).values({
@@ -18148,15 +18266,10 @@ async function trafficRoutes(app, opts) {
       runId,
       project,
       sourceRow,
-      gcpProjectId,
-      serviceName,
-      location,
-      credential,
       windowStart,
       windowEnd,
-      appliedDays,
-      pullEvents,
-      resolveAccessToken: resolveAccessToken2
+      pullForBackfill,
+      pullErrorPrefix
     }).catch(() => {
     });
     const response = {
@@ -22887,7 +23000,8 @@ var JobRunner = class {
         throw new Error("No providers configured. Add at least one provider API key.");
       }
       log.info("run.dispatch", { runId, providerCount: activeProviders.length, providers: activeProviders.map((p) => p.adapter.name) });
-      projectQueries = this.db.select().from(queries).where(eq27(queries.projectId, projectId)).all();
+      const scopedQueryNames = parseJsonColumn(existingRun.queries, null);
+      projectQueries = scopedQueryNames ? this.db.select().from(queries).where(and16(eq27(queries.projectId, projectId), inArray7(queries.query, scopedQueryNames))).all() : this.db.select().from(queries).where(eq27(queries.projectId, projectId)).all();
       const projectCompetitors = this.db.select().from(competitors).where(eq27(competitors.projectId, projectId)).all();
       const competitorDomains = projectCompetitors.map((c) => c.domain);
       const allDomains = effectiveDomains({
@@ -23167,7 +23281,8 @@ var JobRunner = class {
       status: runs.status,
       finishedAt: runs.finishedAt,
       error: runs.error,
-      trigger: runs.trigger
+      trigger: runs.trigger,
+      queries: runs.queries
     }).from(runs).where(eq27(runs.id, runId)).get();
   }
   isRunCancelled(runId) {

package/dist/{chunk-CRQMGNPH.js → chunk-HVW665A4.js}

@@ -105,6 +105,7 @@ var runTriggerRequestSchema = z2.object({
   kind: z2.literal(RunKinds["answer-visibility"]).optional(),
   trigger: z2.literal(RunTriggers.manual).optional(),
   providers: z2.array(providerNameSchema).optional(),
+  queries: z2.array(z2.string().min(1)).min(1).optional(),
   location: z2.string().min(1).optional(),
   allLocations: z2.boolean().optional(),
   noLocation: z2.boolean().optional()
@@ -131,6 +132,7 @@ var runDtoSchema = z2.object({
   status: runStatusSchema,
   trigger: runTriggerSchema.default("manual"),
   location: z2.string().nullable().optional(),
+  queries: z2.array(z2.string()).nullable().optional(),
   startedAt: z2.string().nullable().optional(),
   finishedAt: z2.string().nullable().optional(),
   error: runErrorSchema.nullable().optional(),

package/dist/{chunk-IS65IYNZ.js → chunk-PN24DAGC.js}

@@ -8,7 +8,7 @@ import {
   categoryLabel,
   determineAnswerMentioned,
   normalizeProjectDomain
-} from "./chunk-CRQMGNPH.js";
+} from "./chunk-HVW665A4.js";
 
 // src/intelligence-service.ts
 import { eq, desc, asc, and, or, inArray } from "drizzle-orm";
@@ -109,6 +109,7 @@ var runs = sqliteTable("runs", {
   status: text("status").notNull().default("queued"),
   trigger: text("trigger").notNull().default("manual"),
   location: text("location"),
+  queries: text("queries"),
   sourceId: text("source_id"),
   startedAt: text("started_at"),
   finishedAt: text("finished_at"),
@@ -1792,6 +1793,17 @@ var MIGRATION_VERSIONS = [
       `ALTER TABLE discovery_sessions ADD COLUMN run_id TEXT`,
       `CREATE INDEX IF NOT EXISTS idx_discovery_sessions_run ON discovery_sessions(run_id)`
     ]
+  },
+  {
+    version: 57,
+    name: "runs-scoped-queries",
+    // Persists an optional subset of tracked queries to sweep on a per-run
+    // basis. NULL = full sweep (the default and only behavior pre-v57); a JSON
+    // array of query strings = scope. The job runner reads this to filter the
+    // query fetch via `inArray`.
+    statements: [
+      `ALTER TABLE runs ADD COLUMN queries TEXT`
+    ]
   }
 ];
 function isDuplicateColumnError(err) {