npm - @grifhinz/logics-manager - Versions diffs - 2.6.0 → 2.8.0 - Mend

@grifhinz/logics-manager 2.6.0 → 2.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/README.md +37 -3
package/VERSION +1 -1
package/clients/viewer/browser-host.js +1597 -100
package/clients/viewer/index.html +11 -4
package/clients/viewer/viewer.css +402 -1
package/logics_manager/assist.py +1 -0
package/logics_manager/cli.py +5 -3
package/logics_manager/flow.py +67 -3
package/logics_manager/lint.py +11 -7
package/logics_manager/sync.py +47 -19
package/logics_manager/viewer.py +1327 -25
package/package.json +1 -1
package/pyproject.toml +1 -1

package/logics_manager/viewer.py CHANGED Viewed

@@ -1,6 +1,7 @@
 from __future__ import annotations
 import argparse
+import hashlib
 import json
 import mimetypes
 import os
@@ -20,6 +21,7 @@ from typing import Any
 from urllib.parse import parse_qs, quote, unquote, urlencode, urlparse
 from .audit import audit_payload
+from .bootstrap import bootstrap_payload
 from .config import find_repo_root
 from .lint import lint_payload
 from .update_check import get_update_info
@@ -42,6 +44,104 @@ DOC_FAMILIES = (
 )
 STAGE_ORDER = {family.stage: index for index, family in enumerate(DOC_FAMILIES)}
+CDX_MISSION_STRENGTHS = {
+    "standard": {"id": "standard", "label": "Standard", "timeout": 180, "reasoningEffort": "medium", "power": "medium"},
+    "deep": {"id": "deep", "label": "Deep", "timeout": 300, "reasoningEffort": "high", "power": "high"},
+    "max": {"id": "max", "label": "Max", "timeout": 600, "reasoningEffort": "high", "power": "high"},
+}
+CDX_MISSION_CATALOG = {
+    "full-audit": {
+        "id": "full-audit",
+        "title": "Full audit",
+        "description": "Audit the repository and optionally apply safe, validated fixes.",
+        "scope": "repository",
+        "requiresReleaseTag": False,
+        "requiresPlanConfirmation": False,
+        "supportsFileWrites": True,
+        "inputFields": [
+            {
+                "id": "directFixes",
+                "label": "Fix directly",
+                "type": "checkbox",
+                "required": False,
+            }
+        ],
+    },
+    "release-review": {
+        "id": "release-review",
+        "title": "Review since latest release",
+        "description": "Review changes since the latest release and optionally apply safe fixes.",
+        "scope": "latest-release",
+        "requiresReleaseTag": True,
+        "requiresPlanConfirmation": False,
+        "supportsFileWrites": True,
+        "inputFields": [
+            {
+                "id": "directFixes",
+                "label": "Fix directly",
+                "type": "checkbox",
+                "required": False,
+            }
+        ],
+    },
+    "corpus-ready": {
+        "id": "corpus-ready",
+        "title": "Prepare dev-ready corpus",
+        "description": "Produce a corpus plan for explicit deterministic application.",
+        "scope": "open-logics-workflow",
+        "requiresReleaseTag": False,
+        "requiresPlanConfirmation": True,
+        "supportsFileWrites": False,
+    },
+    "wish-to-request": {
+        "id": "wish-to-request",
+        "title": "Wish to request",
+        "description": "Create or draft a structured Logics request from a free-form wish.",
+        "scope": "request-draft",
+        "requiresReleaseTag": False,
+        "requiresPlanConfirmation": False,
+        "supportsFileWrites": True,
+        "inputFields": [
+            {
+                "id": "wishText",
+                "label": "Wish or intent",
+                "type": "textarea",
+                "placeholder": "Describe the workflow, feature, bug, or product intent to capture.",
+                "required": True,
+            }
+        ],
+    },
+    "pre-release": {
+        "id": "pre-release",
+        "title": "Guarded pre-release",
+        "description": "Prepare release metadata, changelog, validation, and fixes without tagging or publishing.",
+        "scope": "pre-release-report",
+        "requiresReleaseTag": False,
+        "requiresPlanConfirmation": False,
+        "supportsFileWrites": True,
+        "inputFields": [
+            {
+                "id": "releaseVersion",
+                "label": "Version",
+                "type": "text",
+                "placeholder": "vX.X.X",
+                "required": True,
+                "pattern": "^v\\d+\\.\\d+\\.\\d+$",
+            },
+            {
+                "id": "runFullValidation",
+                "label": "Run full validation and report fixes before pre-release",
+                "type": "checkbox",
+                "required": False,
+            },
+        ],
+    },
+}
+CDX_DEFAULT_MISSION_ID = "full-audit"
+GIT_FILE_PREVIEW_MAX_BYTES = 30000
+GIT_FILE_PREVIEW_MAX_CHARS = 20000
+FILE_PREVIEW_MAX_BYTES = 300000
+FILE_PREVIEW_MAX_CHARS = 200000
 REPO_ROOT = Path(__file__).resolve().parents[1]
 PACKAGE_VIEWER_ASSETS_ROOT = Path(__file__).resolve().parent / "viewer_assets"
 VIEWER_ROOT = REPO_ROOT / "clients" / "viewer"
@@ -342,22 +442,28 @@ def viewer_data_payload(
     selected_id: str | None = None,
     *,
     auto_refresh_interval_seconds: int = 15,
+    projects: list[dict[str, Any]] | None = None,
 ) -> dict[str, Any]:
+    capabilities = viewer_project_capabilities(repo_root)
+    active_root = repo_root.resolve()
+    has_logics = capabilities["logics"]["available"] is True
     return {
-        "root": str(repo_root.resolve()),
-        "repoName": repo_root.resolve().name,
+        "root": str(active_root),
+        "repoName": active_root.name,
         "repository": {
-            "root": str(repo_root.resolve()),
+            "root": str(active_root),
             "githubUrl": github_repo_url(repo_root),
         },
+        "capabilities": capabilities,
+        "projects": projects if projects is not None else viewer_project_registry(repo_root),
         "autoRefreshIntervalSeconds": auto_refresh_interval_seconds,
         "items": collect_viewer_items(repo_root),
         "updateInfo": get_update_info(_current_version()).to_payload(),
         "selectedId": selected_id,
         "changedPaths": [],
         "canResetProjectRoot": False,
-        "canBootstrapLogics": False,
-        "bootstrapLogicsTitle": "Local viewer is read-only. Use the CLI to bootstrap Logics.",
+        "canBootstrapLogics": not has_logics,
+        "bootstrapLogicsTitle": "Bootstrap Logics in this project." if not has_logics else "Logics is already bootstrapped.",
         "canLaunchCodex": False,
         "canLaunchClaude": False,
         "canRepairLogicsKit": False,
@@ -366,6 +472,155 @@ def viewer_data_payload(
     }
+def _viewer_project_id(repo_root: Path) -> str:
+    normalized = str(repo_root.resolve())
+    return hashlib.sha1(normalized.encode("utf-8")).hexdigest()[:12]
+def _looks_like_viewer_project(path: Path) -> bool:
+    if not path.is_dir():
+        return False
+    return any((path / marker).exists() for marker in ("logics", ".git", "package.json", "pyproject.toml", "logics.yaml"))
+def discover_viewer_project_roots(repo_root: Path, *, max_projects: int = 40) -> list[Path]:
+    active = repo_root.resolve()
+    candidates: list[Path] = [active]
+    parent = active.parent
+    try:
+        siblings = sorted(parent.iterdir(), key=lambda path: path.name.lower())
+    except OSError:
+        siblings = []
+    for sibling in siblings:
+        try:
+            resolved = sibling.resolve()
+        except OSError:
+            continue
+        if resolved == active or not _looks_like_viewer_project(resolved):
+            continue
+        candidates.append(resolved)
+        if len(candidates) >= max_projects:
+            break
+    unique: dict[str, Path] = {}
+    for candidate in candidates:
+        unique[str(candidate)] = candidate
+    return list(unique.values())
+def viewer_project_entry(repo_root: Path, *, active_root: Path | None = None) -> dict[str, Any]:
+    root = repo_root.resolve()
+    active = active_root.resolve() if active_root else root
+    has_logics = (root / "logics").is_dir()
+    available = root.is_dir()
+    return {
+        "id": _viewer_project_id(root),
+        "name": root.name,
+        "root": str(root),
+        "active": root == active,
+        "available": available,
+        "hasLogics": has_logics,
+        "message": "Logics corpus found." if has_logics else "No Logics corpus found.",
+    }
+def viewer_project_registry(repo_root: Path, *, project_roots: list[Path] | None = None) -> list[dict[str, Any]]:
+    active = repo_root.resolve()
+    roots = project_roots if project_roots is not None else discover_viewer_project_roots(active)
+    return [viewer_project_entry(root, active_root=active) for root in roots]
+def _viewer_capability(state: str, *, available: bool, message: str, detail: dict[str, Any] | None = None) -> dict[str, Any]:
+    payload: dict[str, Any] = {
+        "state": state,
+        "available": available,
+        "message": message,
+    }
+    if detail:
+        payload["detail"] = detail
+    return payload
+def _git_is_repository(repo_root: Path, *, runner: Any | None = None) -> bool | None:
+    try:
+        result = _run_read_only_git(repo_root, ["rev-parse", "--is-inside-work-tree"], runner=runner)
+    except (OSError, subprocess.SubprocessError):
+        return None
+    if result.returncode != 0:
+        return False
+    return result.stdout.strip().lower() == "true"
+def viewer_project_capabilities(
+    repo_root: Path,
+    *,
+    git_runner: Any | None = None,
+    which: Any | None = None,
+) -> dict[str, Any]:
+    which_command = which or shutil.which
+    logics_dir = repo_root / "logics"
+    has_logics = logics_dir.is_dir()
+    git_path = which_command("git")
+    cdx_path = which_command("cdx")
+    if has_logics:
+        logics = _viewer_capability("ready", available=True, message="Logics corpus found.")
+    else:
+        logics = _viewer_capability("missing", available=False, message="No Logics corpus found.")
+    if not git_path:
+        git = _viewer_capability("unavailable", available=False, message="Git executable is not available.")
+        github_url = ""
+        has_workflows = False
+    else:
+        is_repo = _git_is_repository(repo_root, runner=git_runner)
+        if is_repo is True:
+            git = _viewer_capability("ready", available=True, message="Git repository detected.")
+            github_url = github_repo_url(repo_root, runner=git_runner, which=which_command)
+            has_workflows = _has_github_actions_workflows(repo_root)
+        elif is_repo is False:
+            git = _viewer_capability("missing", available=False, message="Project is not a Git repository.")
+            github_url = ""
+            has_workflows = False
+        else:
+            git = _viewer_capability("error", available=False, message="Unable to inspect Git repository state.")
+            github_url = ""
+            has_workflows = False
+    if not github_url:
+        ci = _viewer_capability("hidden", available=False, message="No GitHub remote detected for this project.")
+    elif not has_workflows:
+        ci = _viewer_capability("hidden", available=False, message="No GitHub Actions workflows detected for this project.")
+    elif not which_command("gh"):
+        ci = _viewer_capability("unavailable", available=False, message="GitHub CLI is not available.")
+    else:
+        ci = _viewer_capability(
+            "ready",
+            available=True,
+            message="GitHub Actions can be inspected.",
+            detail={"githubUrl": github_url},
+        )
+    if cdx_path:
+        cdx = _viewer_capability("ready", available=True, message="CDX executable detected.")
+        cdx_runs = _viewer_capability(
+            "unsupported",
+            available=False,
+            message="CDX assistant run registry is not available yet.",
+        )
+    else:
+        cdx = _viewer_capability("missing", available=False, message="CDX executable is not available.")
+        cdx_runs = _viewer_capability("missing", available=False, message="CDX is required before assistant runs can be tracked.")
+    return {
+        "logics": logics,
+        "git": git,
+        "ci": ci,
+        "cdx": cdx,
+        "cdxRuns": cdx_runs,
+    }
 def read_doc_payload(repo_root: Path, rel_path: str) -> dict[str, Any]:
     normalized, absolute = _resolve_repo_doc_path(repo_root, rel_path)
     return {
@@ -396,6 +651,54 @@ def edit_doc_payload(repo_root: Path, rel_path: str, *, launcher: Any | None = N
     }
+def _resolve_openable_file_path(repo_root: Path, file_path: str) -> Path:
+    raw_path = unquote(file_path).strip()
+    if not raw_path:
+        raise ValueError("Missing file path.")
+    candidate = Path(raw_path).expanduser()
+    if not candidate.is_absolute():
+        candidate = repo_root / raw_path.lstrip("/\\")
+    absolute = candidate.resolve()
+    if not absolute.is_file():
+        raise FileNotFoundError(str(candidate))
+    return absolute
+def open_file_payload(repo_root: Path, file_path: str, *, launcher: Any | None = None) -> dict[str, str]:
+    absolute = _resolve_openable_file_path(repo_root, file_path)
+    command = _system_editor_command(absolute)
+    runner = launcher or subprocess.Popen
+    runner(command)
+    return {
+        "path": str(absolute),
+        "command": command[0],
+    }
+def file_preview_payload(
+    repo_root: Path,
+    file_path: str,
+    *,
+    max_bytes: int = FILE_PREVIEW_MAX_BYTES,
+    max_chars: int = FILE_PREVIEW_MAX_CHARS,
+) -> dict[str, Any]:
+    absolute = _resolve_openable_file_path(repo_root, file_path)
+    raw = absolute.read_bytes()
+    truncated = len(raw) > max_bytes
+    if truncated:
+        raw = raw[-max_bytes:]
+    content = raw.decode("utf-8", errors="replace")
+    if len(content) > max_chars:
+        content = content[-max_chars:]
+        truncated = True
+    return {
+        "path": str(absolute),
+        "name": absolute.name,
+        "content": content,
+        "truncated": truncated,
+    }
 def open_repo_folder_payload(repo_root: Path, *, launcher: Any | None = None) -> dict[str, str]:
     root = repo_root.resolve()
     command = _system_editor_command(root)
@@ -427,6 +730,24 @@ def _run_read_only_cdx(repo_root: Path, args: list[str], *, runner: Any | None =
     return cdx_runner(command, cwd=repo_root, text=True, capture_output=True, timeout=5)
+def _run_cdx_mission(repo_root: Path, args: list[str], *, timeout: int, runner: Any | None = None) -> subprocess.CompletedProcess[str]:
+    command = ["cdx", *args]
+    cdx_runner = runner or subprocess.run
+    return cdx_runner(command, cwd=repo_root, text=True, capture_output=True, timeout=timeout)
+def _run_logics_flow(repo_root: Path, args: list[str], *, runner: Any | None = None) -> subprocess.CompletedProcess[str]:
+    command = ["logics-manager", "flow", *args]
+    flow_runner = runner or subprocess.run
+    return flow_runner(command, cwd=repo_root, text=True, capture_output=True, timeout=30)
+def _run_logics_command(repo_root: Path, args: list[str], *, runner: Any | None = None) -> subprocess.CompletedProcess[str]:
+    command = ["logics-manager", *args]
+    logics_runner = runner or subprocess.run
+    return logics_runner(command, cwd=repo_root, text=True, capture_output=True, timeout=30)
 def _run_read_only_gh(repo_root: Path, args: list[str], *, runner: Any | None = None) -> subprocess.CompletedProcess[str]:
     command = ["gh", *args]
     gh_runner = runner or subprocess.run
@@ -554,7 +875,11 @@ def _parse_git_branch_line(line: str) -> dict[str, Any]:
     }
-def _parse_recent_git_commits(output: str) -> list[dict[str, str]]:
+GIT_HISTORY_DISPLAY_LIMIT = 50
+GIT_HISTORY_FETCH_LIMIT = GIT_HISTORY_DISPLAY_LIMIT + 1
+def _parse_recent_git_commits(output: str, *, limit: int | None = None) -> list[dict[str, str]]:
     commits: list[dict[str, str]] = []
     for line in output.splitlines():
         parts = line.split("\x1f")
@@ -570,6 +895,8 @@ def _parse_recent_git_commits(output: str) -> list[dict[str, str]]:
                 "refs": _sanitize_git_ref(refs),
             }
         )
+        if limit is not None and len(commits) >= limit:
+            break
     return commits
@@ -656,7 +983,7 @@ def git_status_payload(repo_root: Path, *, runner: Any | None = None, which: Any
         commit = _run_read_only_git(repo_root, ["log", "-1", "--pretty=format:%h %s"], runner=runner)
         recent_commits = _run_read_only_git(
             repo_root,
-            ["log", "-50", "--date=short", "--pretty=format:%h%x1f%s%x1f%an%x1f%ad%x1f%D"],
+            ["log", f"-{GIT_HISTORY_FETCH_LIMIT}", "--date=short", "--pretty=format:%h%x1f%s%x1f%an%x1f%ad%x1f%D"],
             runner=runner,
         )
         unpushed = _git_unpushed_commit_count(repo_root, runner=runner)
@@ -683,6 +1010,7 @@ def git_status_payload(repo_root: Path, *, runner: Any | None = None, which: Any
     counts = {key: len(value) for key, value in groups.items()}
     uncommitted_files = _count_unique_git_status_paths(groups)
     dirty = any(counts.values())
+    parsed_recent_commits = _parse_recent_git_commits(recent_commits.stdout, limit=GIT_HISTORY_FETCH_LIMIT) if recent_commits.returncode == 0 else []
     return {
         "state": "ok",
         **branch_info,
@@ -703,10 +1031,18 @@ def git_status_payload(repo_root: Path, *, runner: Any | None = None, which: Any
         },
         "groups": groups,
         "latestCommit": (commit.stdout.strip() if commit.returncode == 0 else "")[:300],
-        "recentCommits": _parse_recent_git_commits(recent_commits.stdout) if recent_commits.returncode == 0 else [],
+        "recentCommits": parsed_recent_commits[:GIT_HISTORY_DISPLAY_LIMIT],
+        "recentCommitsHasMore": len(parsed_recent_commits) > GIT_HISTORY_DISPLAY_LIMIT,
     }
+def _normalize_git_file_path(rel_path: str) -> str | None:
+    normalized = unquote(rel_path).replace("\\", "/").lstrip("/")
+    if not normalized or normalized.startswith("~") or normalized.startswith("/") or ".." in normalized.split("/"):
+        return None
+    return normalized
 def git_diff_payload(
     repo_root: Path,
     rel_path: str,
@@ -719,8 +1055,8 @@ def git_diff_payload(
     git_which = which or shutil.which
     if not git_which("git"):
         return {"state": "unavailable", "message": "Git is not available on PATH."}
-    normalized = unquote(rel_path).replace("\\", "/").lstrip("/")
-    if not normalized or normalized.startswith("~") or normalized.startswith("/") or ".." in normalized.split("/"):
+    normalized = _normalize_git_file_path(rel_path)
+    if not normalized:
         return {"state": "error", "message": "Unsafe Git path."}
     try:
         inside = _run_read_only_git(repo_root, ["rev-parse", "--is-inside-work-tree"], runner=runner)
@@ -755,6 +1091,71 @@ def git_diff_payload(
     }
+def git_file_preview_payload(
+    repo_root: Path,
+    rel_path: str,
+    *,
+    max_bytes: int = GIT_FILE_PREVIEW_MAX_BYTES,
+    max_chars: int = GIT_FILE_PREVIEW_MAX_CHARS,
+) -> dict[str, Any]:
+    normalized = _normalize_git_file_path(rel_path)
+    if not normalized:
+        return {"state": "error", "message": "Unsafe Git path."}
+    target = (repo_root / normalized).resolve()
+    try:
+        target.relative_to(repo_root.resolve())
+    except ValueError:
+        return {"state": "error", "message": "Unsafe Git path."}
+    if not target.exists() or not target.is_file():
+        return {
+            "state": "missing",
+            "path": normalized,
+            "message": "The current file is missing or deleted, so no file preview is available.",
+        }
+    try:
+        size = target.stat().st_size
+    except OSError as exc:
+        return {"state": "error", "path": normalized, "message": f"Unable to inspect file: {exc}"}
+    if size > max_bytes:
+        return {
+            "state": "oversized",
+            "path": normalized,
+            "size": size,
+            "message": f"File preview is limited to {max_bytes} bytes; this file is {size} bytes.",
+        }
+    try:
+        data = target.read_bytes()
+    except OSError as exc:
+        return {"state": "error", "path": normalized, "message": f"Unable to read file preview: {exc}"}
+    if b"\x00" in data:
+        return {
+            "state": "unsupported",
+            "path": normalized,
+            "message": "Binary or unsupported file content cannot be previewed.",
+        }
+    try:
+        content = data.decode("utf-8")
+    except UnicodeDecodeError:
+        return {
+            "state": "unsupported",
+            "path": normalized,
+            "message": "Binary or unsupported file encoding cannot be previewed.",
+        }
+    content = content.replace("\r\n", "\n").replace("\r", "\n")
+    truncated = len(content) > max_chars
+    if truncated:
+        content = content[:max_chars]
+    return {
+        "state": "ok",
+        "path": normalized,
+        "mode": "file-preview",
+        "content": content,
+        "truncated": truncated,
+        "logicsType": _logics_doc_type(normalized),
+        "message": "",
+    }
 def _current_git_ci_context(repo_root: Path, *, runner: Any | None = None) -> dict[str, str]:
     context = {"branch": "", "headSha": "", "subject": "", "author": ""}
     commands = {
@@ -789,11 +1190,41 @@ def _ci_badge_state(status: str, conclusion: str) -> str:
     return "unknown"
+def _is_active_ci_status(run: dict[str, Any]) -> bool:
+    return str(run.get("status") or "").strip().lower() in {"queued", "in_progress", "waiting", "requested", "pending"}
+def _select_github_actions_run(runs: list[dict[str, Any]], head_sha: str) -> tuple[dict[str, Any], str]:
+    head_runs = [run for run in runs if head_sha and str(run.get("head_sha") or "") == head_sha]
+    active_head_run = next((run for run in head_runs if _is_active_ci_status(run)), None)
+    if active_head_run is not None:
+        return active_head_run, "head-active"
+    failing_head_run = next((run for run in head_runs if _ci_badge_state(str(run.get("status") or ""), str(run.get("conclusion") or "")) == "failing"), None)
+    if failing_head_run is not None:
+        return failing_head_run, "head-failing"
+    cancelled_head_run = next((run for run in head_runs if _ci_badge_state(str(run.get("status") or ""), str(run.get("conclusion") or "")) == "cancelled"), None)
+    if cancelled_head_run is not None:
+        return cancelled_head_run, "head-cancelled"
+    unknown_head_run = next((run for run in head_runs if _ci_badge_state(str(run.get("status") or ""), str(run.get("conclusion") or "")) == "unknown"), None)
+    if unknown_head_run is not None:
+        return unknown_head_run, "head-unknown"
+    if head_runs:
+        return head_runs[0], "head"
+    active_branch_run = next((run for run in runs if _is_active_ci_status(run)), None)
+    if active_branch_run is not None:
+        return active_branch_run, "branch-active"
+    failing_branch_run = next((run for run in runs if _ci_badge_state(str(run.get("status") or ""), str(run.get("conclusion") or "")) == "failing"), None)
+    if failing_branch_run is not None:
+        return failing_branch_run, "branch-failing"
+    return runs[0], "branch-latest"
 def _parse_github_actions_run(run: dict[str, Any], *, match_source: str) -> dict[str, Any]:
     status = str(run.get("status") or "")
     conclusion = str(run.get("conclusion") or "")
     commit = run.get("head_commit") if isinstance(run.get("head_commit"), dict) else {}
     author = commit.get("author") if isinstance(commit.get("author"), dict) else {}
+    commit_lines = str(commit.get("message") or run.get("display_title") or "").splitlines()
     return {
         "id": run.get("id"),
         "name": str(run.get("name") or run.get("display_title") or "GitHub Actions"),
@@ -808,7 +1239,7 @@ def _parse_github_actions_run(run: dict[str, Any], *, match_source: str) -> dict
         "createdAt": str(run.get("created_at") or ""),
         "updatedAt": str(run.get("updated_at") or ""),
         "runStartedAt": str(run.get("run_started_at") or ""),
-        "commitMessage": str(commit.get("message") or run.get("display_title") or "").splitlines()[0][:240],
+        "commitMessage": commit_lines[0][:240] if commit_lines else "",
         "author": str(author.get("name") or ""),
         "matchSource": match_source,
     }
@@ -864,7 +1295,7 @@ def ci_status_payload(repo_root: Path, *, git_runner: Any | None = None, gh_runn
     context = _current_git_ci_context(repo_root, runner=git_runner)
     branch = context.get("branch", "")
     head_sha = context.get("headSha", "")
-    endpoint = f"repos/{owner}/{repo}/actions/runs?per_page=10"
+    endpoint = f"repos/{owner}/{repo}/actions/runs?per_page=30"
     if branch:
         endpoint = f"{endpoint}&branch={quote(branch, safe='')}"
     try:
@@ -886,10 +1317,7 @@ def ci_status_payload(repo_root: Path, *, git_runner: Any | None = None, gh_runn
     if not runs:
         return {"state": "ok", "visible": True, "message": "No GitHub Actions runs found for the current branch.", "repositoryUrl": github_url, **context, "badgeState": "unknown", "run": None, "jobs": []}
-    selected = next((run for run in runs if head_sha and str(run.get("head_sha") or "") == head_sha), None)
-    match_source = "head" if selected else "branch-latest"
-    if selected is None:
-        selected = runs[0]
+    selected, match_source = _select_github_actions_run(runs, head_sha)
     run_payload = _parse_github_actions_run(selected, match_source=match_source)
     jobs: list[dict[str, str]] = []
     run_id = run_payload.get("id")
@@ -939,6 +1367,751 @@ def cdx_status_payload(repo_root: Path, *, runner: Any | None = None, which: Any
     return {"state": "ok", "message": "", "status": parsed}
+def cdx_runs_payload(repo_root: Path, *, runner: Any | None = None, which: Any | None = None) -> dict[str, Any]:
+    cdx_which = which or shutil.which
+    if not cdx_which("cdx"):
+        return {"state": "unavailable", "message": "CDX executable is not available on PATH.", "runs": []}
+    try:
+        result = _run_read_only_cdx(repo_root, ["runs", "--json"], runner=runner)
+    except subprocess.TimeoutExpired:
+        return {"state": "timeout", "message": "CDX runs timed out.", "runs": []}
+    except (OSError, subprocess.SubprocessError) as exc:
+        return {"state": "error", "message": f"Unable to run CDX runs: {exc}", "runs": []}
+    if result.returncode != 0:
+        message = (result.stderr or result.stdout or "CDX runs failed.").strip().splitlines()[0]
+        return {"state": "error", "message": message, "runs": []}
+    try:
+        parsed = json.loads(result.stdout or "{}")
+    except json.JSONDecodeError:
+        return {"state": "invalid-json", "message": "CDX runs returned invalid JSON.", "runs": []}
+    runs = parsed.get("runs") if isinstance(parsed, dict) else None
+    if not isinstance(runs, list):
+        return {"state": "invalid-json", "message": "CDX runs JSON must include a runs array.", "runs": []}
+    normalized_runs: list[dict[str, Any]] = []
+    for run in runs:
+        if not isinstance(run, dict):
+            continue
+        item = dict(run)
+        status = str(item.get("status") or item.get("state") or "").strip().lower()
+        if status == "stale" and not item.get("ended_at") and not item.get("endedAt"):
+            item["status"] = "running"
+            item["status_detail"] = "CDX still marks this run active; no end timestamp has been reported yet."
+            item["raw_status"] = "stale"
+        normalized_runs.append(item)
+    return {"state": "ok", "message": "", "runs": normalized_runs}
+def cdx_run_report_payload(repo_root: Path, run_id: str, *, runner: Any | None = None, which: Any | None = None) -> dict[str, Any]:
+    cdx_which = which or shutil.which
+    if not run_id:
+        return {"state": "error", "message": "Missing CDX run id.", "report": None}
+    if not cdx_which("cdx"):
+        return {"state": "unavailable", "message": "CDX executable is not available on PATH.", "report": None}
+    try:
+        result = _run_read_only_cdx(repo_root, ["run-report", run_id, "--json"], runner=runner)
+    except subprocess.TimeoutExpired:
+        return {"state": "timeout", "message": "CDX run report timed out.", "report": None}
+    except (OSError, subprocess.SubprocessError) as exc:
+        return {"state": "error", "message": f"Unable to run CDX run-report: {exc}", "report": None}
+    if result.returncode != 0:
+        message = (result.stderr or result.stdout or "CDX run-report failed.").strip().splitlines()[0]
+        return {"state": "error", "message": message, "report": None}
+    try:
+        parsed = json.loads(result.stdout or "{}")
+    except json.JSONDecodeError:
+        return {"state": "invalid-json", "message": "CDX run-report returned invalid JSON.", "report": None}
+    report = parsed.get("report") if isinstance(parsed, dict) else None
+    if not isinstance(report, dict):
+        return {"state": "invalid-json", "message": "CDX run-report JSON must include a report object.", "report": None}
+    merged_report = _merge_cdx_mission_output(report)
+    if merged_report:
+        report = merged_report
+    return {"state": "ok", "message": "", "report": report}
+def cdx_mission_catalog_payload() -> dict[str, Any]:
+    return {
+        "missions": list(CDX_MISSION_CATALOG.values()),
+        "strengths": list(CDX_MISSION_STRENGTHS.values()),
+        "defaultMissionId": CDX_DEFAULT_MISSION_ID,
+        "defaultStrengthId": "standard",
+    }
+def _cdx_status_sessions(status_payload: dict[str, Any]) -> list[str]:
+    status = status_payload.get("status") if isinstance(status_payload.get("status"), dict) else {}
+    sessions = status.get("sessions") if isinstance(status.get("sessions"), list) else []
+    ids: list[str] = []
+    for session in sessions:
+        if not isinstance(session, dict):
+            continue
+        session_id = str(session.get("id") or session.get("name") or "").strip()
+        if session_id:
+            ids.append(session_id)
+    return ids
+def _normalize_cdx_session(value: Any, status_payload: dict[str, Any] | None = None) -> str:
+    session = str(value or "").strip()
+    if not re.match(r"^[A-Za-z0-9_.:@/-]{1,120}$", session):
+        return ""
+    if status_payload is None:
+        return session
+    known_sessions = _cdx_status_sessions(status_payload)
+    if known_sessions and session not in known_sessions:
+        return ""
+    return session
+def _latest_release_tag(repo_root: Path, *, runner: Any | None = None, which: Any | None = None) -> str:
+    git_which = which or shutil.which
+    if not git_which("git"):
+        return ""
+    commands = [
+        ["tag", "--sort=-version:refname", "--list", "v[0-9]*"],
+        ["tag", "--sort=-version:refname", "--list", "[0-9]*"],
+        ["describe", "--tags", "--abbrev=0"],
+    ]
+    for args in commands:
+        try:
+            result = _run_read_only_git(repo_root, args, runner=runner)
+        except (OSError, subprocess.SubprocessError, subprocess.TimeoutExpired):
+            continue
+        if result.returncode != 0:
+            continue
+        tag = (result.stdout or "").strip().splitlines()[0] if (result.stdout or "").strip() else ""
+        if tag:
+            return tag[:200]
+    return ""
+def _mission_text_input(body: dict[str, Any], key: str, *, max_chars: int = 4000) -> str:
+    raw = str(body.get(key) or "").strip()
+    normalized = re.sub(r"\s+", " ", raw)
+    return normalized[:max_chars]
+def _mission_bool_input(body: dict[str, Any], key: str) -> bool:
+    value = body.get(key)
+    if isinstance(value, bool):
+        return value
+    if isinstance(value, str):
+        return value.strip().lower() in {"1", "true", "yes", "on"}
+    return False
+def _cdx_mission_prompt(
+    mission_id: str,
+    *,
+    release_tag: str = "",
+    wish_text: str = "",
+    release_version: str = "",
+    run_full_validation: bool = False,
+    allow_file_writes: bool = False,
+    direct_fixes: bool = False,
+    commit_at_end: bool = False,
+) -> str:
+    write_guidance = (
+        "File edits are allowed when they directly complete the selected mission mode. Keep changes scoped, run relevant validation, and report changed files."
+        if allow_file_writes
+        else "Do not modify files."
+    )
+    commit_guidance = (
+        "At the end, if and only if files were added, deleted, or modified, create one scoped git commit that includes all mission changes. Do not push, tag, publish, upload assets, or create a GitHub release. Include the commit hash and message in the returned JSON when a commit is created."
+        if commit_at_end
+        else "Do not create git commits."
+    )
+    if mission_id == "full-audit":
+        if direct_fixes:
+            action_guidance = "Fix safe, scoped issues directly in repository files when you can validate them. Do not write a separate audit corpus/report artifact. Do not make broad refactors, release, tag, push, or publish."
+            schema = "Return concise JSON with keys: summary, findings, directFixes, changedFiles, validationEvidence."
+        elif allow_file_writes:
+            action_guidance = "Create or update a bounded Logics request under logics/request/ for actionable full-audit follow-up. Do not write a separate audit corpus/report artifact. Do not directly modify product/source files to fix issues."
+            schema = "Return concise JSON with keys: summary, findings, recommendations, requestFiles, validationEvidence."
+        else:
+            action_guidance = "Report only; do not write corpus files, fix issues, or modify files."
+            schema = "Return concise JSON with keys: summary, findings, recommendations."
+        return "\n".join([
+            "Run a full repository audit for this Logics Manager checkout.",
+            "Focus on correctness bugs, workflow risks, missing validation, stale documentation, and test gaps.",
+            write_guidance,
+            action_guidance,
+            commit_guidance,
+            schema,
+        ])
+    if mission_id == "release-review":
+        if direct_fixes:
+            action_guidance = "Fix safe, scoped release-readiness issues directly in repository files when you can validate them, such as stale documentation, missing release notes, or narrow test failures. Do not write a separate release-review corpus/report artifact. Do not bump versions unless explicitly requested, and do not tag, push, publish, upload assets, or create GitHub releases."
+            schema = "Return concise JSON with keys: summary, findings, directFixes, changedFiles, validationEvidence."
+        elif allow_file_writes:
+            action_guidance = "Create or update a bounded Logics request under logics/request/ for actionable release-review follow-up. Do not write a separate release-review corpus/report artifact under logics/external. Do not directly modify product/source files to fix issues. Do not bump versions, tag, push, publish, upload assets, or create GitHub releases."
+            schema = "Return concise JSON with keys: summary, findings, recommendations, requestFiles, validationEvidence."
+        else:
+            action_guidance = "Report only; do not update release files, write corpus files, fix issues, tag, push, publish, upload assets, or create GitHub releases."
+            schema = "Return concise JSON with keys: summary, findings, recommendations."
+        return "\n".join([
+            f"Review repository changes since the latest release tag {release_tag}.",
+            "Focus on regressions, incomplete release notes, migration risks, and missing tests.",
+            write_guidance,
+            action_guidance,
+            commit_guidance,
+            schema,
+        ])
+    if mission_id == "corpus-ready":
+        return "\n".join([
+            "Prepare the open Logics workflow corpus for development.",
+            "Analyze requests, backlog items, tasks, docs, lint/audit state, and workflow consistency.",
+            "Do not modify files directly. This mission is plan-first: return allowed actions for the viewer to apply explicitly.",
+            "Do not run destructive commands.",
+            "Return JSON only with this schema:",
+            '{"summary":"...","actions":[{"type":"promote-request-to-backlog","target":"req_..."},{"type":"promote-backlog-to-task","target":"item_..."},{"type":"refresh-corpus-context","target":""}],"notes":["..."]}',
+            "Allowed action types are exactly: promote-request-to-backlog, promote-backlog-to-task, refresh-corpus-context.",
+            "Use only targets that exist in the repository. Omit actions that are not clearly justified.",
+        ])
+    if mission_id == "wish-to-request":
+        request_guidance = (
+            "Create the request draft file under logics/request/ using the next available req_ slug. Keep the file as a request draft only; do not promote backlog items and do not create tasks. Include the created path in generatedFiles."
+            if allow_file_writes
+            else "Do not create the request file; return the request draft and generatedFiles preview only."
+        )
+        return "\n".join([
+            "Turn the following user wish into a structured Logics request draft.",
+            write_guidance,
+            request_guidance,
+            commit_guidance,
+            "Do not promote backlog items and do not create tasks.",
+            "Return JSON only with this schema:",
+            '{"summary":"...","requestDraft":{"title":"...","needs":["..."],"context":["..."],"acceptanceCriteria":["AC1: ..."],"definitionOfReady":{"problemExplicit":true,"scopeBounded":true,"criteriaTestable":true,"risksListed":true},"references":["..."],"questions":["..."],"openAssumptions":["..."]},"generatedFiles":[]}',
+            "If the wish is underspecified, include concrete questions and open assumptions instead of inventing details.",
+            "User wish:",
+            wish_text,
+        ])
+    if mission_id == "pre-release":
+        validation_mode = "Run the project-defined full validation path before finalizing the report, and include actionable fixes for any failures." if run_full_validation else "Do not run full validation; identify the validation commands that should be run before release."
+        release_prep_guidance = (
+            "Prepare release metadata files for the requested version when needed: update package.json, pyproject.toml, VERSION, and create or update the matching changelogs/CHANGELOGS_X_Y_Z.md. Do not create Git tags, push branches, publish packages, upload release assets, or create GitHub releases."
+            if allow_file_writes
+            else "Do not modify package versions, changelog files, create Git tags, push branches, publish packages, upload release assets, or create GitHub releases."
+        )
+        return "\n".join([
+            f"Prepare a guarded pre-release for version {release_version}.",
+            validation_mode,
+            release_prep_guidance,
+            write_guidance,
+            commit_guidance,
+            "Return JSON only with this schema:",
+            '{"summary":"...","version":"vX.X.X","validationMode":"full|plan-only","validationEvidence":["..."],"actionableFixes":[{"title":"...","command":"...","risk":"..."}],"generatedFiles":[{"path":"...","purpose":"..."}],"releasePlan":["..."],"blocked":false}',
+        ])
+    raise ValueError("Unknown CDX mission.")
+def _cdx_mission_command(
+    repo_root: Path,
+    mission_id: str,
+    *,
+    session: str,
+    strength: dict[str, Any],
+    release_tag: str = "",
+    mission_inputs: dict[str, str] | None = None,
+    allow_file_writes: bool = False,
+    commit_at_end: bool = False,
+) -> list[str]:
+    mission_inputs = mission_inputs or {}
+    prompt = _cdx_mission_prompt(
+        mission_id,
+        release_tag=release_tag,
+        wish_text=mission_inputs.get("wishText", ""),
+        release_version=mission_inputs.get("releaseVersion", ""),
+        run_full_validation=mission_inputs.get("runFullValidation") == "true",
+        allow_file_writes=allow_file_writes,
+        direct_fixes=mission_inputs.get("directFixes") == "true",
+        commit_at_end=commit_at_end,
+    )
+    timeout = int(strength.get("timeout") or 180)
+    reasoning_effort = str(strength.get("reasoningEffort") or "medium")
+    power = str(strength.get("power") or "medium")
+    permission = "workspace-write" if allow_file_writes else "read-only"
+    return [
+        "run",
+        session,
+        "--cwd",
+        str(repo_root),
+        "--prompt",
+        prompt,
+        "--kind",
+        "assistant",
+        "--reasoning-effort",
+        reasoning_effort,
+        "--power",
+        power,
+        "--permission",
+        permission,
+        "--timeout-seconds",
+        str(timeout),
+        "--json",
+    ]
+def _parse_json_from_text(text: str) -> dict[str, Any] | None:
+    raw = text.strip()
+    if not raw:
+        return None
+    jsonl_candidates: list[str] = []
+    for line in reversed(raw.splitlines()):
+        line = line.strip()
+        if not line.startswith("{"):
+            continue
+        try:
+            event = json.loads(line)
+        except json.JSONDecodeError:
+            continue
+        if not isinstance(event, dict):
+            continue
+        item = event.get("item") if isinstance(event.get("item"), dict) else {}
+        text_value = item.get("text") if item.get("type") == "agent_message" else event.get("text")
+        if isinstance(text_value, str) and text_value.strip():
+            jsonl_candidates.append(text_value.strip())
+    candidates = [raw]
+    candidates.extend(jsonl_candidates)
+    fence_match = re.search(r"```(?:json)?\s*(.*?)```", raw, re.IGNORECASE | re.DOTALL)
+    if fence_match:
+        candidates.insert(0, fence_match.group(1).strip())
+    decoder = json.JSONDecoder()
+    fallback: dict[str, Any] | None = None
+    for candidate in candidates:
+        try:
+            parsed = json.loads(candidate)
+            if isinstance(parsed, dict):
+                if any(key in parsed for key in ("actions", "summary", "findings", "recommendations")):
+                    return parsed
+                fallback = fallback or parsed
+        except json.JSONDecodeError:
+            pass
+        for index, char in enumerate(candidate):
+            if char != "{":
+                continue
+            try:
+                parsed, _end = decoder.raw_decode(candidate[index:])
+            except json.JSONDecodeError:
+                continue
+            if isinstance(parsed, dict):
+                if any(key in parsed for key in ("actions", "summary", "findings", "recommendations")):
+                    return parsed
+                fallback = fallback or parsed
+    return fallback
+def _read_cdx_output_path(parsed: dict[str, Any]) -> str:
+    candidates = [
+        parsed.get("stdout"),
+        parsed.get("output"),
+    ]
+    artifacts = parsed.get("artifacts") if isinstance(parsed.get("artifacts"), dict) else {}
+    candidates.extend([
+        parsed.get("stdout_path"),
+        parsed.get("stdoutPath"),
+        artifacts.get("stdout_path"),
+        artifacts.get("stdoutPath"),
+    ])
+    for candidate in candidates:
+        if not isinstance(candidate, str) or not candidate.strip():
+            continue
+        value = candidate.strip()
+        if "\n" in value or value.lstrip().startswith("{") or value.lstrip().startswith("```"):
+            return value[:12000]
+        path = Path(value).expanduser()
+        if not path.is_file():
+            continue
+        try:
+            with path.open("rb") as handle:
+                size = path.stat().st_size
+                if size > 60000:
+                    handle.seek(size - 60000)
+                return handle.read(60000).decode("utf-8", errors="replace")
+        except OSError:
+            continue
+    return ""
+def _merge_cdx_mission_output(parsed: Any) -> dict[str, Any] | None:
+    if not isinstance(parsed, dict):
+        return None
+    merged = dict(parsed)
+    embedded = _parse_json_from_text(_read_cdx_output_path(parsed))
+    if embedded:
+        merged["missionOutput"] = embedded
+        if isinstance(embedded.get("actions"), list) and "actions" not in merged:
+            merged["actions"] = embedded["actions"]
+        if "summary" in embedded and "summary" not in merged:
+            merged["summary"] = embedded["summary"]
+    return merged
+def _extract_cdx_usage(parsed: Any) -> dict[str, Any]:
+    if not isinstance(parsed, dict):
+        return {"available": False, "message": "CDX did not return structured usage."}
+    candidates = [
+        parsed.get("usage"),
+        parsed.get("tokenUsage"),
+        parsed.get("tokens"),
+        (parsed.get("run") or {}).get("usage") if isinstance(parsed.get("run"), dict) else None,
+        (parsed.get("result") or {}).get("usage") if isinstance(parsed.get("result"), dict) else None,
+    ]
+    usage = next((candidate for candidate in candidates if isinstance(candidate, dict)), None)
+    if usage is None:
+        return {"available": False, "message": "Token usage was not exposed by CDX for this run."}
+    input_tokens = usage.get("input_tokens", usage.get("inputTokens", usage.get("prompt_tokens", usage.get("promptTokens"))))
+    output_tokens = usage.get("output_tokens", usage.get("outputTokens", usage.get("completion_tokens", usage.get("completionTokens"))))
+    total_tokens = usage.get("total_tokens", usage.get("totalTokens"))
+    if total_tokens is None and isinstance(input_tokens, int) and isinstance(output_tokens, int):
+        total_tokens = input_tokens + output_tokens
+    return {
+        "available": True,
+        "inputTokens": input_tokens,
+        "outputTokens": output_tokens,
+        "totalTokens": total_tokens,
+        "raw": usage,
+    }
+def _bounded_process_text(value: str, limit: int = 12000) -> str:
+    text = value.strip()
+    if len(text) <= limit:
+        return text
+    return f"{text[:limit]}\n... truncated ..."
+def cdx_mission_plan_payload(
+    repo_root: Path,
+    body: dict[str, Any],
+    *,
+    cdx_runner: Any | None = None,
+    git_runner: Any | None = None,
+    which: Any | None = None,
+) -> dict[str, Any]:
+    tool_which = which or shutil.which
+    if not tool_which("cdx"):
+        return {"state": "unavailable", "message": "CDX executable is not available on PATH.", "plan": None}
+    mission_id = str(body.get("missionId") or CDX_DEFAULT_MISSION_ID)
+    mission = CDX_MISSION_CATALOG.get(mission_id)
+    if mission is None:
+        return {"state": "error", "message": "Unknown CDX mission.", "plan": None}
+    strength = str(body.get("strengthId") or "standard")
+    strength_def = CDX_MISSION_STRENGTHS.get(strength)
+    if strength_def is None:
+        return {"state": "error", "message": "Unknown CDX mission strength.", "plan": None}
+    status_payload = cdx_status_payload(repo_root, runner=cdx_runner, which=which)
+    session = _normalize_cdx_session(body.get("sessionId"), status_payload if status_payload.get("state") == "ok" else None)
+    if not session:
+        sessions = _cdx_status_sessions(status_payload)
+        session = sessions[0] if sessions else ""
+    if not session:
+        return {"state": "error", "message": "No usable CDX session is available.", "plan": None, "status": status_payload}
+    release_tag = ""
+    warnings: list[str] = []
+    mission_inputs: dict[str, str] = {}
+    if mission_id == "wish-to-request":
+        wish_text = _mission_text_input(body, "wishText")
+        if not wish_text:
+            return {"state": "error", "message": "Enter a wish or intent before previewing this mission.", "plan": None, "catalog": cdx_mission_catalog_payload(), "status": status_payload}
+        mission_inputs["wishText"] = wish_text
+    if mission_id in {"full-audit", "release-review"}:
+        mission_inputs["directFixes"] = "true" if _mission_bool_input(body, "directFixes") else "false"
+    if mission_id == "pre-release":
+        release_version = _mission_text_input(body, "releaseVersion", max_chars=40)
+        if not re.fullmatch(r"v\d+\.\d+\.\d+", release_version):
+            return {"state": "error", "message": "Enter a semantic version in vX.X.X format before previewing this mission.", "plan": None, "catalog": cdx_mission_catalog_payload(), "status": status_payload}
+        mission_inputs["releaseVersion"] = release_version
+        mission_inputs["runFullValidation"] = "true" if _mission_bool_input(body, "runFullValidation") else "false"
+    if mission.get("requiresReleaseTag"):
+        release_tag = _latest_release_tag(repo_root, runner=git_runner, which=which)
+        if not release_tag:
+            return {"state": "error", "message": "No release tag was found for this mission.", "plan": None, "status": status_payload}
+    if status_payload.get("state") != "ok":
+        warnings.append(str(status_payload.get("message") or "CDX status could not be confirmed."))
+    requested_file_writes = _mission_bool_input(body, "allowFileWrites")
+    requested_commit_at_end = _mission_bool_input(body, "commitAtEnd")
+    direct_fixes = mission_inputs.get("directFixes") == "true"
+    supports_file_writes = bool(mission.get("supportsFileWrites", True))
+    allow_file_writes = (requested_file_writes or direct_fixes) and supports_file_writes
+    commit_at_end = requested_commit_at_end and allow_file_writes
+    if requested_file_writes and not supports_file_writes:
+        warnings.append("This mission is plan-first; direct CDX file writes are disabled. Use Apply allowed actions after CDX returns actions.")
+    if requested_commit_at_end and not allow_file_writes:
+        warnings.append("Commit-at-end was requested but direct file writes are disabled for this mission.")
+    permission = "workspace-write" if allow_file_writes else "read-only"
+    command = _cdx_mission_command(
+        repo_root,
+        mission_id,
+        session=session,
+        strength=strength_def,
+        release_tag=release_tag,
+        mission_inputs=mission_inputs,
+        allow_file_writes=allow_file_writes,
+        commit_at_end=commit_at_end,
+    )
+    plan = {
+        "mission": mission,
+        "missionId": mission_id,
+        "sessionId": session,
+        "strength": strength_def,
+        "strengthId": strength,
+        "missionInputs": mission_inputs,
+        "scope": mission["scope"],
+        "releaseTag": release_tag,
+        "allowFileWrites": allow_file_writes,
+        "requestedFileWrites": requested_file_writes,
+        "commitAtEnd": commit_at_end,
+        "requestedCommitAtEnd": requested_commit_at_end,
+        "supportsFileWrites": supports_file_writes,
+        "permission": permission,
+        "command": ["cdx", *command],
+        "arguments": command,
+        "warnings": warnings,
+        "requiresConfirmation": bool(mission.get("requiresPlanConfirmation")),
+        "canRun": True,
+    }
+    if mission_id == "corpus-ready":
+        plan["allowedPlanActions"] = [
+            "promote-request-to-backlog",
+            "promote-backlog-to-task",
+            "refresh-corpus-context",
+        ]
+    return {"state": "ok", "message": "", "plan": plan, "catalog": cdx_mission_catalog_payload(), "status": status_payload}
+def cdx_mission_run_payload(
+    repo_root: Path,
+    body: dict[str, Any],
+    *,
+    cdx_runner: Any | None = None,
+    git_runner: Any | None = None,
+    which: Any | None = None,
+) -> dict[str, Any]:
+    plan_payload = cdx_mission_plan_payload(repo_root, body, cdx_runner=cdx_runner, git_runner=git_runner, which=which)
+    if plan_payload.get("state") != "ok":
+        return {"state": plan_payload.get("state") or "error", "message": plan_payload.get("message") or "Unable to plan CDX mission.", "plan": plan_payload.get("plan"), "run": None}
+    plan = plan_payload["plan"]
+    timeout = int(plan["strength"].get("timeout") or 180)
+    try:
+        result = _run_cdx_mission(repo_root, list(plan["arguments"]), timeout=timeout, runner=cdx_runner)
+    except subprocess.TimeoutExpired:
+        return {"state": "timeout", "message": "CDX mission timed out.", "plan": plan, "run": None}
+    except (OSError, subprocess.SubprocessError) as exc:
+        return {"state": "error", "message": f"Unable to run CDX mission: {exc}", "plan": plan, "run": None}
+    parsed: Any = None
+    if result.stdout.strip():
+        try:
+            parsed = json.loads(result.stdout)
+        except json.JSONDecodeError:
+            parsed = None
+    parsed = _merge_cdx_mission_output(parsed)
+    usage = _extract_cdx_usage(parsed)
+    run_id = ""
+    if isinstance(parsed, dict):
+        run = parsed.get("run") if isinstance(parsed.get("run"), dict) else {}
+        run_id = str(parsed.get("run_id") or parsed.get("runId") or run.get("run_id") or run.get("runId") or "")
+    run_payload = {
+        "returnCode": result.returncode,
+        "runId": run_id,
+        "stdout": _bounded_process_text(result.stdout or ""),
+        "stderr": _bounded_process_text(result.stderr or ""),
+        "parsed": parsed if isinstance(parsed, dict) else None,
+        "usage": usage,
+    }
+    if result.returncode != 0:
+        message = (result.stderr or result.stdout or "CDX mission failed.").strip().splitlines()[0]
+        return {"state": "error", "message": message, "plan": plan, "run": run_payload}
+    return {"state": "ok", "message": "", "plan": plan, "run": run_payload}
+def cdx_mission_apply_plan_payload(repo_root: Path, body: dict[str, Any], *, runner: Any | None = None, which: Any | None = None) -> dict[str, Any]:
+    tool_which = which or shutil.which
+    if not tool_which("logics-manager"):
+        return {"state": "unavailable", "message": "logics-manager executable is not available on PATH.", "results": []}
+    actions = body.get("actions") if isinstance(body.get("actions"), list) else []
+    if not actions:
+        return {"state": "error", "message": "No corpus plan actions were provided.", "results": []}
+    allowed: dict[str, list[str]] = {
+        "promote-request-to-backlog": ["flow", "promote", "request-to-backlog"],
+        "promote-backlog-to-task": ["flow", "promote", "backlog-to-task"],
+        "refresh-corpus-context": ["sync", "refresh-mermaid-signatures"],
+    }
+    results: list[dict[str, Any]] = []
+    for action in actions:
+        if not isinstance(action, dict):
+            return {"state": "error", "message": "Corpus plan actions must be objects.", "results": results}
+        action_type = str(action.get("type") or "")
+        command = allowed.get(action_type)
+        if command is None:
+            return {"state": "error", "message": f"Unsupported corpus plan action: {action_type}", "results": results}
+        target = str(action.get("target") or "").strip()
+        args = [*command]
+        if target and action_type != "refresh-corpus-context":
+            if not re.match(r"^[A-Za-z0-9_.:/-]{1,160}$", target):
+                return {"state": "error", "message": "Invalid corpus plan action target.", "results": results}
+            args.append(target)
+        try:
+            result = _run_logics_command(repo_root, args, runner=runner)
+        except subprocess.TimeoutExpired:
+            return {"state": "timeout", "message": "Logics corpus plan application timed out.", "results": results}
+        except (OSError, subprocess.SubprocessError) as exc:
+            return {"state": "error", "message": f"Unable to apply corpus plan action: {exc}", "results": results}
+        item = {
+            "type": action_type,
+            "target": target,
+            "command": ["logics-manager", *args],
+            "returnCode": result.returncode,
+            "stdout": _bounded_process_text(result.stdout or "", 4000),
+            "stderr": _bounded_process_text(result.stderr or "", 4000),
+        }
+        results.append(item)
+        if result.returncode != 0:
+            message = (result.stderr or result.stdout or "Corpus plan action failed.").strip().splitlines()[0]
+            return {"state": "error", "message": message, "results": results}
+    return {"state": "ok", "message": "", "results": results}
+def _slugify_viewer_doc(text: str) -> str:
+    slug = re.sub(r"[^a-z0-9]+", "_", text.lower()).strip("_")
+    return slug[:80] or "cdx_code_review_findings"
+def _next_viewer_request_ref(repo_root: Path, title: str) -> str:
+    request_dir = repo_root / "logics" / "request"
+    highest = -1
+    if request_dir.is_dir():
+        for path in request_dir.glob("req_*.md"):
+            match = re.match(r"^req_(\d{3})_", path.stem)
+            if match:
+                highest = max(highest, int(match.group(1)))
+    return f"req_{highest + 1:03d}_{_slugify_viewer_doc(title)}"
+def create_request_from_cdx_report(repo_root: Path, report_payload: dict[str, Any]) -> dict[str, Any]:
+    report = report_payload.get("report") if isinstance(report_payload.get("report"), dict) else report_payload
+    run = report.get("run") if isinstance(report.get("run"), dict) else {}
+    task_report = report.get("task_report") if isinstance(report.get("task_report"), dict) else {}
+    parsed = report.get("parsed") if isinstance(report.get("parsed"), dict) else {}
+    mission_output = next(
+        (
+            candidate
+            for candidate in (
+                report.get("missionOutput"),
+                report.get("mission_output"),
+                parsed.get("missionOutput"),
+                parsed.get("mission_output"),
+                run.get("missionOutput"),
+                run.get("mission_output"),
+                task_report.get("missionOutput"),
+                task_report.get("mission_output"),
+            )
+            if isinstance(candidate, dict)
+        ),
+        {},
+    )
+    run_id = str(run.get("run_id") or task_report.get("run_id") or "unknown")
+    task_kind = str(task_report.get("kind") or run.get("kind") or "assistant")
+    findings = task_report.get("findings") if isinstance(task_report.get("findings"), list) else []
+    if not findings and isinstance(mission_output.get("findings"), list):
+        findings = mission_output["findings"]
+    recommendations = mission_output.get("recommendations") if isinstance(mission_output.get("recommendations"), list) else []
+    request_files = mission_output.get("requestFiles") if isinstance(mission_output.get("requestFiles"), list) else []
+    actionable_fixes = mission_output.get("actionableFixes") if isinstance(mission_output.get("actionableFixes"), list) else []
+    release_plan = mission_output.get("releasePlan") if isinstance(mission_output.get("releasePlan"), list) else []
+    if task_kind == "code-review":
+        title = f"Address CDX code review findings for {run_id}"
+        theme = "Code review follow-up"
+        need = f"Follow up on CDX code-review run `{run_id}`."
+    elif task_kind == "full-audit":
+        title = f"Address CDX audit findings for {run_id}"
+        theme = "Audit follow-up"
+        need = f"Follow up on CDX full-audit run `{run_id}`."
+    else:
+        title = f"Address CDX {task_kind} follow-up for {run_id}"
+        theme = "CDX mission follow-up"
+        need = f"Follow up on CDX `{task_kind}` run `{run_id}`."
+    ref = _next_viewer_request_ref(repo_root, title)
+    request_dir = repo_root / "logics" / "request"
+    request_dir.mkdir(parents=True, exist_ok=True)
+    rel_path = f"logics/request/{ref}.md"
+    path = repo_root / rel_path
+    def _item_message(item: Any, fallback: str) -> str:
+        if isinstance(item, dict):
+            title_value = item.get("title") or item.get("message") or item.get("summary") or item.get("path") or fallback
+            details = []
+            if item.get("purpose"):
+                details.append(f"purpose: {item['purpose']}")
+            if item.get("command"):
+                details.append(f"command: `{item['command']}`")
+            if item.get("risk"):
+                details.append(f"risk: {item['risk']}")
+            return f"{title_value}" + (f" ({'; '.join(details)})" if details else "")
+        return str(item or fallback)
+    finding_lines = []
+    for index, finding in enumerate(findings, start=1):
+        if not isinstance(finding, dict):
+            finding_lines.append(f"- F{index}: {finding}")
+            continue
+        location = finding.get("path") or finding.get("file") or "unknown path"
+        if finding.get("line"):
+            location = f"{location}:{finding['line']}"
+        severity = finding.get("severity") or "unknown"
+        message = finding.get("message") or finding.get("title") or "Review finding"
+        finding_lines.append(f"- F{index} [{severity}] `{location}`: {message}")
+    if not finding_lines:
+        finding_lines.append("- No structured findings were reported. Review the CDX artifacts linked below.")
+    follow_up_lines = []
+    for label, values in (
+        ("Recommendation", recommendations),
+        ("Request file", request_files),
+        ("Actionable fix", actionable_fixes),
+        ("Release plan", release_plan),
+    ):
+        for index, value in enumerate(values, start=1):
+            follow_up_lines.append(f"- {label} {index}: {_item_message(value, label)}")
+    if not follow_up_lines:
+        follow_up_lines.append("- Review CDX output and split any actionable follow-up into tasks before implementation.")
+    summary = task_report.get("summary") or mission_output.get("summary") or "No structured summary provided."
+    text = "\n".join([
+        f"## {ref} - {title}",
+        "> Status: Draft",
+        "> Understanding: 70%",
+        "> Confidence: 70%",
+        "> Complexity: Medium",
+        f"> Theme: {theme}",
+        "",
+        "# Needs",
+        f"- {need}",
+        f"- Summary: {summary}",
+        "",
+        "# Findings",
+        *finding_lines,
+        "",
+        "# Follow-up",
+        *follow_up_lines,
+        "",
+        "# Traceability",
+        f"- CDX run id: `{run_id}`",
+        f"- Transcript: `{(report.get('artifacts') or {}).get('transcript_path') or ''}`",
+        f"- Stdout: `{(report.get('artifacts') or {}).get('stdout_path') or ''}`",
+        "",
+        "# Acceptance Criteria",
+        "- AC1: Each actionable finding is reviewed and either fixed, documented as not applicable, or split into follow-up work.",
+        "- AC2: Validation evidence is added before closing this request.",
+        "",
+    ])
+    path.write_text(text, encoding="utf-8")
+    return {"id": ref, "path": rel_path, "title": title}
 def _json_bytes(payload: Any) -> bytes:
     return json.dumps(payload, indent=2, sort_keys=True).encode("utf-8")
@@ -951,10 +2124,35 @@ class LogicsViewerServer(ThreadingHTTPServer):
         *,
         auto_refresh_interval_seconds: int = 15,
     ):
-        self.repo_root = repo_root.resolve()
+        self.launch_repo_root = repo_root.resolve()
+        self.project_roots = discover_viewer_project_roots(self.launch_repo_root)
+        self.project_root_by_id = {_viewer_project_id(root): root.resolve() for root in self.project_roots}
+        self.active_project_id = _viewer_project_id(self.launch_repo_root)
+        self.repo_root = self.launch_repo_root
         self.auto_refresh_interval_seconds = auto_refresh_interval_seconds
         super().__init__(server_address, LogicsViewerRequestHandler)
+    def project_registry_payload(self) -> list[dict[str, Any]]:
+        return viewer_project_registry(self.repo_root, project_roots=self.project_roots)
+    def viewer_payload(self, *, selected_id: str | None = None) -> dict[str, Any]:
+        return viewer_data_payload(
+            self.repo_root,
+            selected_id=selected_id,
+            auto_refresh_interval_seconds=self.auto_refresh_interval_seconds,
+            projects=self.project_registry_payload(),
+        )
+    def switch_project(self, project_id: str) -> dict[str, Any]:
+        target = self.project_root_by_id.get(project_id)
+        if target is None:
+            raise ValueError("Unknown project id.")
+        if not target.is_dir():
+            raise FileNotFoundError(str(target))
+        self.active_project_id = project_id
+        self.repo_root = target
+        return self.viewer_payload()
 class LogicsViewerRequestHandler(BaseHTTPRequestHandler):
     server: LogicsViewerServer
@@ -1018,13 +2216,13 @@ class LogicsViewerRequestHandler(BaseHTTPRequestHandler):
             self._send_json(
                 {
                     "ok": True,
-                    "payload": viewer_data_payload(
-                        self.server.repo_root,
-                        auto_refresh_interval_seconds=self.server.auto_refresh_interval_seconds,
-                    ),
+                    "payload": self.server.viewer_payload(),
                 }
             )
             return
+        if route == "/api/projects":
+            self._send_json({"ok": True, "payload": {"projects": self.server.project_registry_payload()}})
+            return
         if route == "/api/doc":
             rel_path = parse_qs(parsed.query).get("path", [""])[0]
             try:
@@ -1038,6 +2236,9 @@ class LogicsViewerRequestHandler(BaseHTTPRequestHandler):
         if route == "/api/audit":
             self._send_json({"ok": True, "payload": audit_payload(self.server.repo_root)})
             return
+        if route == "/api/capabilities":
+            self._send_json({"ok": True, "payload": viewer_project_capabilities(self.server.repo_root)})
+            return
         if route == "/api/git-status":
             self._send_json({"ok": True, "payload": git_status_payload(self.server.repo_root)})
             return
@@ -1047,12 +2248,24 @@ class LogicsViewerRequestHandler(BaseHTTPRequestHandler):
         if route == "/api/cdx-status":
             self._send_json({"ok": True, "payload": cdx_status_payload(self.server.repo_root)})
             return
+        if route == "/api/cdx-runs":
+            self._send_json({"ok": True, "payload": cdx_runs_payload(self.server.repo_root)})
+            return
+        if route == "/api/cdx-run-report":
+            run_id = parse_qs(parsed.query).get("runId", [""])[0]
+            self._send_json({"ok": True, "payload": cdx_run_report_payload(self.server.repo_root, run_id)})
+            return
         if route == "/api/git-diff":
             params = parse_qs(parsed.query)
             rel_path = params.get("path", [""])[0]
             cached = params.get("cached", [""])[0].lower() in {"1", "true", "yes"}
             self._send_json({"ok": True, "payload": git_diff_payload(self.server.repo_root, rel_path, cached=cached)})
             return
+        if route == "/api/git-file-preview":
+            params = parse_qs(parsed.query)
+            rel_path = params.get("path", [""])[0]
+            self._send_json({"ok": True, "payload": git_file_preview_payload(self.server.repo_root, rel_path)})
+            return
         self._send_error_json(HTTPStatus.NOT_FOUND, "Not found")
     def do_POST(self) -> None:
@@ -1061,13 +2274,76 @@ class LogicsViewerRequestHandler(BaseHTTPRequestHandler):
             self._send_json(
                 {
                     "ok": True,
-                    "payload": viewer_data_payload(
-                        self.server.repo_root,
-                        auto_refresh_interval_seconds=self.server.auto_refresh_interval_seconds,
-                    ),
+                    "payload": self.server.viewer_payload(),
                 }
             )
             return
+        if parsed.path == "/api/switch-project":
+            try:
+                length = int(self.headers.get("Content-Length", "0") or "0")
+                raw_body = self.rfile.read(length).decode("utf-8") if length > 0 else "{}"
+                body = json.loads(raw_body or "{}")
+                project_id = str(body.get("projectId") or "")
+                self._send_json({"ok": True, "payload": self.server.switch_project(project_id)})
+            except json.JSONDecodeError:
+                self._send_error_json(HTTPStatus.BAD_REQUEST, "Invalid JSON body.")
+            except ValueError as exc:
+                self._send_error_json(HTTPStatus.FORBIDDEN, str(exc))
+            except FileNotFoundError as exc:
+                self._send_error_json(HTTPStatus.NOT_FOUND, str(exc))
+            return
+        if parsed.path == "/api/bootstrap-logics":
+            try:
+                bootstrap = bootstrap_payload(self.server.repo_root, check=False)
+                self._send_json({"ok": True, "payload": self.server.viewer_payload(), "bootstrap": bootstrap})
+            except SystemExit as exc:
+                self._send_error_json(HTTPStatus.BAD_REQUEST, str(exc))
+            except OSError as exc:
+                self._send_error_json(HTTPStatus.INTERNAL_SERVER_ERROR, str(exc))
+            return
+        if parsed.path == "/api/cdx-report-request":
+            try:
+                length = int(self.headers.get("Content-Length", "0") or "0")
+                raw_body = self.rfile.read(length).decode("utf-8") if length > 0 else "{}"
+                body = json.loads(raw_body or "{}")
+                report_payload = cdx_run_report_payload(self.server.repo_root, str(body.get("runId") or ""))
+                if report_payload.get("state") != "ok":
+                    self._send_error_json(HTTPStatus.BAD_GATEWAY, str(report_payload.get("message") or "Unable to load CDX report."))
+                    return
+                created = create_request_from_cdx_report(self.server.repo_root, report_payload)
+                self._send_json({"ok": True, "created": created, "payload": self.server.viewer_payload(selected_id=created["id"])})
+            except json.JSONDecodeError:
+                self._send_error_json(HTTPStatus.BAD_REQUEST, "Invalid JSON body.")
+            except OSError as exc:
+                self._send_error_json(HTTPStatus.INTERNAL_SERVER_ERROR, str(exc))
+            return
+        if parsed.path == "/api/cdx-mission-plan":
+            try:
+                length = int(self.headers.get("Content-Length", "0") or "0")
+                raw_body = self.rfile.read(length).decode("utf-8") if length > 0 else "{}"
+                body = json.loads(raw_body or "{}")
+                self._send_json({"ok": True, "payload": cdx_mission_plan_payload(self.server.repo_root, body)})
+            except json.JSONDecodeError:
+                self._send_error_json(HTTPStatus.BAD_REQUEST, "Invalid JSON body.")
+            return
+        if parsed.path == "/api/cdx-mission-run":
+            try:
+                length = int(self.headers.get("Content-Length", "0") or "0")
+                raw_body = self.rfile.read(length).decode("utf-8") if length > 0 else "{}"
+                body = json.loads(raw_body or "{}")
+                self._send_json({"ok": True, "payload": cdx_mission_run_payload(self.server.repo_root, body)})
+            except json.JSONDecodeError:
+                self._send_error_json(HTTPStatus.BAD_REQUEST, "Invalid JSON body.")
+            return
+        if parsed.path == "/api/cdx-mission-apply-plan":
+            try:
+                length = int(self.headers.get("Content-Length", "0") or "0")
+                raw_body = self.rfile.read(length).decode("utf-8") if length > 0 else "{}"
+                body = json.loads(raw_body or "{}")
+                self._send_json({"ok": True, "payload": cdx_mission_apply_plan_payload(self.server.repo_root, body)})
+            except json.JSONDecodeError:
+                self._send_error_json(HTTPStatus.BAD_REQUEST, "Invalid JSON body.")
+            return
         if parsed.path == "/api/edit":
             rel_path = parse_qs(parsed.query).get("path", [""])[0]
             try:
@@ -1077,6 +2353,32 @@ class LogicsViewerRequestHandler(BaseHTTPRequestHandler):
             except OSError as exc:
                 self._send_error_json(HTTPStatus.INTERNAL_SERVER_ERROR, str(exc))
             return
+        if parsed.path == "/api/open-file":
+            try:
+                length = int(self.headers.get("Content-Length", "0") or "0")
+                raw_body = self.rfile.read(length).decode("utf-8") if length > 0 else "{}"
+                body = json.loads(raw_body or "{}")
+                self._send_json({"ok": True, "payload": open_file_payload(self.server.repo_root, str(body.get("path", "")))})
+            except json.JSONDecodeError:
+                self._send_error_json(HTTPStatus.BAD_REQUEST, "Invalid JSON body.")
+            except (FileNotFoundError, ValueError) as exc:
+                self._send_error_json(HTTPStatus.NOT_FOUND, str(exc))
+            except OSError as exc:
+                self._send_error_json(HTTPStatus.INTERNAL_SERVER_ERROR, str(exc))
+            return
+        if parsed.path == "/api/file-preview":
+            try:
+                length = int(self.headers.get("Content-Length", "0") or "0")
+                raw_body = self.rfile.read(length).decode("utf-8") if length > 0 else "{}"
+                body = json.loads(raw_body or "{}")
+                self._send_json({"ok": True, "payload": file_preview_payload(self.server.repo_root, str(body.get("path", "")))})
+            except json.JSONDecodeError:
+                self._send_error_json(HTTPStatus.BAD_REQUEST, "Invalid JSON body.")
+            except (FileNotFoundError, ValueError) as exc:
+                self._send_error_json(HTTPStatus.NOT_FOUND, str(exc))
+            except OSError as exc:
+                self._send_error_json(HTTPStatus.INTERNAL_SERVER_ERROR, str(exc))
+            return
         if parsed.path == "/api/open-repo-folder":
             try:
                 self._send_json({"ok": True, "payload": open_repo_folder_payload(self.server.repo_root)})