cdx-manager 0.9.2 → 0.9.4

package/README.md

@@ -1,6 +1,6 @@
 # CDX Manager
 
-[![License](https://img.shields.io/badge/license-MIT-4C8BF5)](LICENSE) ![Version](https://img.shields.io/badge/version-v0.9.1-4C8BF5) ![Python](https://img.shields.io/badge/python-3.9%2B-3776AB?logo=python&logoColor=white)
+[![License](https://img.shields.io/badge/license-MIT-4C8BF5)](LICENSE) ![Version](https://img.shields.io/badge/version-v0.9.4-4C8BF5) ![Python](https://img.shields.io/badge/python-3.9%2B-3776AB?logo=python&logoColor=white)
 
 **Run multiple Codex, Claude, Antigravity, and Ollama sessions from one terminal. Switch between accounts instantly.**
 
@@ -301,7 +301,7 @@ cdx power all default
 cdx model provider:ollama default
 ```
 
-`--model` maps to Codex `--model`, Claude `--model`, and Ollama `ollama run <model>`. `--power` maps to Codex `model_reasoning_effort` and Claude `--effort`. `--permission` maps to provider-native permission flags. `--fast on` clears the stored power setting and uses low effort; setting `--power` again disables fast mode. `--priority` is a 0..100 selector preference used as a tie-breaker after readiness and availability. `--rtk on` injects a launch instruction that encourages assistants to use RTK (`rtk <command>`) for noisy terminal commands when RTK is available, while keeping raw commands for exact output. Logics guidance is auto-enabled when `logics-manager` is available; use `--logics off` to disable that guidance for a session, or `--logics on` to pin it explicitly.
+`--model` maps to Codex `--model`, Claude `--model`, and Ollama `ollama run <model>`. `--power` maps to Codex `model_reasoning_effort` and Claude `--effort`; supported values are `minimal`, `low`, `medium`, `high`, and `xhigh`. `--permission` maps to provider-native permission flags. Codex Fast mode is separate from reasoning effort: `--fast on` opts a Codex session into the Codex Fast service tier, while new sessions, `--fast off`, and default launches force the non-Fast `flex` tier. Use `--power low` when you want low reasoning effort without enabling Codex Fast credits. Existing legacy sessions that stored `fast=on` before this split continue to behave as low effort unless the user explicitly sets `--fast on` again. `--priority` is a 0..100 selector preference used as a tie-breaker after readiness and availability. `--rtk on` injects a launch instruction that encourages assistants to use RTK (`rtk <command>`) for noisy terminal commands when RTK is available, while keeping raw commands for exact output. Logics guidance is auto-enabled when `logics-manager` is available; use `--logics off` to disable that guidance for a session, or `--logics on` to pin it explicitly.
 
 ### Launch History
 
@@ -329,6 +329,7 @@ cdx history --summary --from 2026-05-01 --to 2026-05-28
 | `cdx --json` | List all sessions as a machine-readable JSON payload |
 | `cdx <name>` | Launch a session (checks auth first) |
 | `cdx <name> [--json]` | Launch a session; `--json` returns a structured success payload after the interactive run ends |
+| `cdx <name> -r` / `cdx <name> --resume` | Resume the provider-native conversation for a session when supported |
 | `cdx add [provider] <name> [--model MODEL] [--json]` | Register a new session (`provider`: `codex`, `claude`, `antigravity`, or `ollama`; Ollama requires `--model`) |
 | `cdx cp <source> <dest> [--json]` | Copy a session into another session name, overwriting the destination if it exists |
 | `cdx ren <source> <dest> [--json]` | Rename a session and move its auth data |
@@ -339,10 +340,12 @@ cdx history --summary --from 2026-05-01 --to 2026-05-28
 | `cdx config <name> [--json]` | Show persistent launch settings for a session |
 | `cdx configs [--json]` | Show persistent launch settings for all sessions in one table |
 | `cdx power\|perm\|fast\|model <name\|all\|provider:PROVIDER\|a,b> <value\|default> [--json]` | Shortcut commands for setting or clearing one launch setting |
-| `cdx set <name>\|--sessions all\|a,b\|--provider PROVIDER [--power low\|medium\|high\|xhigh\|max] [--permission review\|default\|auto\|full] [--fast on\|off] [--rtk on\|off] [--logics on\|off] [--model MODEL] [--priority 0..100] [--json]` | Persist launch settings for one or more sessions |
+| `cdx set <name>\|--sessions all\|a,b\|--provider PROVIDER [--power minimal\|low\|medium\|high\|xhigh] [--permission review\|default\|auto\|full] [--fast on\|off] [--rtk on\|off] [--logics on\|off] [--model MODEL] [--priority 0..100] [--json]` | Persist launch settings for one or more sessions |
 | `cdx unset <name>\|--sessions all\|a,b\|--provider PROVIDER (--power\|--permission\|--fast\|--rtk\|--logics\|--model\|--priority\|--all) [--json]` | Remove persisted launch settings and fall back to provider defaults |
 | `cdx history [name] [--limit N] [--summary] [--since 7d\|today\|DATE] [--from DATE] [--to DATE] [--json]` | Show recent launch history or aggregate total launch time per assistant, optionally filtered by period |
 | `cdx last [--json]` | Launch the most recent existing session from launch history |
+| `cdx resume <name> [--json]` | Resume the provider-native conversation for a session using the named command form |
+| `cdx can-resume <name> [--json]` | Check whether a session supports native resume without launching the provider |
 | `cdx context show\|path\|init\|edit\|clear\|set [text...] [--json]` | Manage the shared Markdown context for the current workspace |
 | `cdx handoff <name> [--json]` | Install the current workspace context into a target session and launch it unless `--json` is used |
 | `cdx handoff <source> <target> [--json]` | Build shared context from the source session's latest launch transcript, install it into the target session, and launch the target unless `--json` is used; supports cross-provider handoff |
@@ -358,8 +361,8 @@ cdx history --summary --from 2026-05-01 --to 2026-05-28
 | `cdx notify <name> --at-reset [--poll seconds] [--once] [--schedule] [--refresh] [--json]` | Wait for a session reset time or schedule an OS wake-up notification when due |
 | `cdx notify --next-ready [--poll seconds] [--once] [--schedule] [--refresh] [--json]` | Wait until the recommended session is usable, or schedule the next known reset notification |
 | `cdx next [--json] [--refresh]` | Select the best next assistant using the same priority logic as `cdx status` |
-| `cdx select --provider PROVIDER [--min-reasoning-effort low\|medium\|high] [--min-power low\|medium\|high] [--require-ready] [--refresh] --json` | Select a suitable session for headless automation |
-| `cdx run [session] --cwd PATH (--prompt-file PATH\|--prompt TEXT) [--provider PROVIDER] [--model MODEL] [--reasoning-effort low\|medium\|high] [--power low\|medium\|high] [--permission MODE] [--timeout-seconds N] --json` | Run one headless task and return a stable JSON result |
+| `cdx select --provider PROVIDER [--min-reasoning-effort minimal\|low\|medium\|high\|xhigh] [--min-power minimal\|low\|medium\|high\|xhigh] [--require-ready] [--refresh] --json` | Select a suitable session for headless automation |
+| `cdx run [session] --cwd PATH (--prompt-file PATH\|--prompt TEXT) [--provider PROVIDER] [--model MODEL] [--reasoning-effort minimal\|low\|medium\|high\|xhigh] [--power minimal\|low\|medium\|high\|xhigh] [--permission MODE] [--timeout-seconds N] --json` | Run one headless task and return a stable JSON result |
 | `cdx stats [name] [--since 7d\|today\|DATE] [--from DATE] [--to DATE] [--json]` | Aggregate launch counts, duration, and known headless token usage by session |
 | `cdx status [--json] [--refresh]` | Show token usage table for all sessions; JSON returns a versioned payload with structured warnings |
 | `cdx status --small [--refresh]` / `cdx status -s [--refresh]` | Show compact token usage table without provider, blocking quota, credits, and updated columns |
@@ -597,6 +600,7 @@ Session names are URL-encoded when used as directory or file names. CLI command
 ## Troubleshooting
 
 - **`cdx <name>` fails with "not authenticated"** — run `cdx login <name>` first.
+- **One of two Codex accounts keeps asking for login** — run `cdx doctor --json` and inspect each Codex session's `codex_auth_file` and `codex_live_auth` checks. Codex sessions use isolated `CODEX_HOME` directories, but newly created sessions seed from the current global `~/.codex/auth.json` when one exists. For two separate Codex accounts, create or repair each session by running `cdx login <name>` for that session; `cdx login` does not log out first, so use `cdx logout <name>` explicitly only when you want to clear that isolated profile.
 - **`cdx` says no compatible Python 3 interpreter was found** — install Python 3 and make `py -3`, `python`, or `python3` available on PATH.
 - **`cdx add` succeeds but the session does not appear** — check that `CDX_HOME` is consistent between calls; a mismatch creates two separate registries.
 - **Status shows `n/a` for all fields** — the Codex app-server rate-limit probe may be unavailable, the session may not be authenticated, and no legacy transcript/history status has been captured yet.

package/changelogs/CHANGELOGS_0_9_3.md

@@ -0,0 +1,35 @@
+# CDX Manager 0.9.3
+
+## Highlights
+
+- Codex Fast now stays opt-in and no longer silently lowers normal Codex session reasoning effort.
+- Codex authentication diagnostics now detect when local credentials belong to a different account than the live CLI session.
+- `cdx run` usage parsing now covers the Codex 0.141 JSONL `turn.completed` usage shape, including `reasoning_output_tokens`.
+
+## Changes
+
+### Codex Fast launch behavior
+
+`cdx set <session> --fast on` now marks Fast as a service-tier choice instead of treating it as a reason to lower power to `low`. Normal Codex sessions continue to launch with their configured reasoning effort and an explicit flex service tier when Fast is off.
+
+### Codex auth isolation diagnostics
+
+`cdx doctor` now reads the email from local Codex tokens and compares it with the live `codex login status` account when both are available. If a managed session has local tokens for one account but the CLI is authenticated as another, the report surfaces a repairable `codex_auth_mismatch` issue instead of reporting a vague live-auth failure.
+
+The auth probe also avoids trusting local credentials alone for launch and run readiness, which keeps multi-account sessions from accidentally using the wrong global Codex login after a CLI update or account switch.
+
+### Codex 0.141 run usage parsing
+
+Codex CLI 0.141 emits headless usage in JSONL `turn.completed` events. `cdx run` now maps the current `reasoning_output_tokens` field into the stable `reasoning_tokens` output and keeps computing total tokens from input plus output when the provider omits `total_tokens`.
+
+## Validation
+
+- `cdx doctor --json`
+- `cdx status --json --refresh`
+- `cdx run --provider codex --cwd /Users/alexandreagostini/Documents/cdx-manager --prompt 'Reply exactly: CDX_CODEX_OK' --timeout-seconds 90 --json`
+- `cdx run --provider claude --cwd /Users/alexandreagostini/Documents/cdx-manager --prompt 'Reply exactly: CDX_CLAUDE_OK' --timeout-seconds 90 --json`
+- `npm run lint`
+- `npm test`
+- `logics-manager lint --require-status`
+- `logics-manager health`
+- `git diff --check`

package/changelogs/CHANGELOGS_0_9_4.md

@@ -0,0 +1,43 @@
+# CDX Manager 0.9.4
+
+## Highlights
+
+- Added provider-native resume commands for named sessions.
+- Added a non-launching capability check for resume support.
+- Closed the Logics workflow for the resume command delivery.
+
+## Changes
+
+### Provider-native resume commands
+
+`cdx` can now resume supported provider conversations without requiring users to remember provider-specific commands:
+
+```
+cdx main -r
+cdx main --resume
+cdx resume main
+```
+
+Codex sessions resume with `codex resume --last --cd <cwd>` inside the named session's isolated `CODEX_HOME`. Claude sessions resume with `claude --continue --name <name>` inside the named session's isolated `HOME`.
+
+Providers without a verified native resume mode, currently Antigravity and Ollama, return a clear unsupported result instead of falling back to a normal launch.
+
+### Resume capability checks
+
+`cdx can-resume <name>` reports whether a session can resume without launching an interactive provider. JSON mode exposes a provider-neutral payload with the session name, provider, resumable state, strategy, reason, and command preview.
+
+### Workflow traceability
+
+The Logics request, backlog item, task, and ADR for provider-native resume are complete, with validation evidence attached to the delivery task.
+
+## Validation
+
+- `python -m unittest discover -s test -p 'test_runtime_py.py' -k resume`
+- `python -m unittest discover -s test -p 'test_cli_py.py' -k resume`
+- `python -m unittest discover -s test -p 'test_cli_py.py' -k help`
+- `python -m unittest discover -s test -p 'test_*_py.py' -k resume`
+- `npm run lint`
+- `npm test`
+- `logics-manager lint --require-status`
+- `logics-manager audit`
+- `git diff --check`

package/checksums/release-archives.json

@@ -72,6 +72,14 @@
     "v0.9.1": {
       "github_tarball_sha256": "8cbab620c823aeaf56e72c1a4d20e251a1c7142bfeeb3d516321d59c2c0a621d",
       "github_zip_sha256": "253909ede6dca61937835bd4ee29145ddacaa08fbdfba1b39810da73ae2ccc84"
+    },
+    "v0.9.2": {
+      "github_tarball_sha256": "3e3ae4e4efc63a97dc6623ae8ddff36f04f4b7a0b531878a28c041298223d0b8",
+      "github_zip_sha256": "09acd2866770f4dc7f9aaba6aff8308766bb211dabddd7f28bdfde9ace427e78"
+    },
+    "v0.9.3": {
+      "github_tarball_sha256": "cb3cfd9134447d1049b510836014001fb6c38a89de588adc8cdbb1fe5deb4d6d",
+      "github_zip_sha256": "056eb2d1a3f0fa721a7a0e597cd0409e496618cfa35791a78d4e184397596754"
     }
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cdx-manager",
-  "version": "0.9.2",
+  "version": "0.9.4",
   "description": "Terminal session manager for Codex and Claude accounts.",
   "license": "MIT",
   "author": "Alexandre Agostini",

package/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "cdx-manager"
-version = "0.9.2"
+version = "0.9.4"
 description = "Terminal session manager for Codex and Claude accounts."
 readme = "README.md"
 requires-python = ">=3.9"

package/src/cli.py

@@ -11,6 +11,7 @@ from .cli_commands import (
     handle_clean,
     handle_config,
     handle_configs,
+    handle_can_resume,
     handle_context,
     handle_copy,
     handle_doctor,
@@ -30,6 +31,7 @@ from .cli_commands import (
     handle_remove,
     handle_repair,
     handle_rename,
+    handle_resume,
     handle_run,
     handle_run_report,
     handle_run_status,
@@ -64,7 +66,7 @@ from .status_view import (
 )
 from .update_check import check_for_update, check_logics_manager_for_update
 
-VERSION = "0.9.2"
+VERSION = "0.9.4"
 
 
 # ---------------------------------------------------------------------------
@@ -82,8 +84,8 @@ def _print_help(use_color=False):
         f"  {_style('cdx status --small|-s [--refresh]', '36', use_color)}",
         f"  {_style('cdx status <name> [--json] [--refresh]', '36', use_color)}",
         f"  {_style('cdx next [--json] [--refresh]', '36', use_color)}",
-        f"  {_style('cdx select --provider PROVIDER [--min-reasoning-effort low|medium|high] [--min-power low|medium|high] [--require-ready] [--refresh] --json', '36', use_color)}",
-        f"  {_style('cdx run [session] --cwd PATH (--prompt-file PATH|--prompt TEXT) [--provider PROVIDER] [--model MODEL] [--reasoning-effort low|medium|high] [--power low|medium|high] [--permission review|default|auto|full|workspace-write|read-only|danger-full-access] [--timeout-seconds N] --json', '36', use_color)}",
+        f"  {_style('cdx select --provider PROVIDER [--min-reasoning-effort minimal|low|medium|high|xhigh] [--min-power minimal|low|medium|high|xhigh] [--require-ready] [--refresh] --json', '36', use_color)}",
+        f"  {_style('cdx run [session] --cwd PATH (--prompt-file PATH|--prompt TEXT) [--provider PROVIDER] [--model MODEL] [--reasoning-effort minimal|low|medium|high|xhigh] [--power minimal|low|medium|high|xhigh] [--permission review|default|auto|full|workspace-write|read-only|danger-full-access] [--timeout-seconds N] --json', '36', use_color)}",
         f"  {_style('cdx runs [--limit N] --json', '36', use_color)}",
         f"  {_style('cdx run-status <run_id> --json', '36', use_color)}",
         f"  {_style('cdx run-report <run_id> --json', '36', use_color)}",
@@ -91,11 +93,13 @@ def _print_help(use_color=False):
         f"  {_style('cdx config <name> [--json]', '36', use_color)}",
         f"  {_style('cdx configs [--json]', '36', use_color)}",
         f"  {_style('cdx power|perm|fast|model <name|all|provider:PROVIDER|a,b> <value|default> [--json]', '36', use_color)}",
-        f"  {_style('cdx set <name>|--sessions all|a,b|--provider PROVIDER [--power low|medium|high|xhigh|max] [--permission review|default|auto|full] [--fast on|off] [--rtk on|off] [--logics on|off] [--model MODEL] [--priority 0..100] [--json]', '36', use_color)}",
+        f"  {_style('cdx set <name>|--sessions all|a,b|--provider PROVIDER [--power minimal|low|medium|high|xhigh] [--permission review|default|auto|full] [--fast on|off] [--rtk on|off] [--logics on|off] [--model MODEL] [--priority 0..100] [--json]', '36', use_color)}",
         f"  {_style('cdx unset <name>|--sessions all|a,b|--provider PROVIDER (--power|--permission|--fast|--rtk|--logics|--model|--priority|--all) [--json]', '36', use_color)}",
         f"  {_style('cdx history [name] [--limit N] [--summary] [--since 7d|today|DATE] [--from DATE] [--to DATE] [--json]', '36', use_color)}",
         f"  {_style('cdx stats [name] [--since 7d|today|DATE] [--from DATE] [--to DATE] [--json]', '36', use_color)}",
         f"  {_style('cdx last [--json]', '36', use_color)}",
+        f"  {_style('cdx resume <name> [--json]', '36', use_color)}",
+        f"  {_style('cdx can-resume <name> [--json]', '36', use_color)}",
         f"  {_style('cdx handoff <name> [--json]', '36', use_color)}",
         f"  {_style('cdx handoff <source> <target> [--json]', '36', use_color)}",
         f"  {_style('cdx add [provider] <name> [--model MODEL] [--json]', '36', use_color)}",
@@ -283,7 +287,7 @@ def main(argv, options=None):
         "version": VERSION,
         "cwd": options.get("cwd") or os.getcwd(),
         "update_notices": _get_update_notices(service, env, options) if command not in (
-            "add", "cp", "ren", "rename", "mv", "rmv", "clean", "doctor", "repair", "view", "update", "ready", "notify", "next", "context", "config", "configs", "set", "unset", "power", "perm", "fast", "model", "history", "stats", "handoff", "login", "logout", "disable", "enable", "export", "import", "select", "run", "help", "version"
+            "add", "cp", "ren", "rename", "mv", "rmv", "clean", "doctor", "repair", "view", "update", "ready", "notify", "next", "context", "config", "configs", "set", "unset", "power", "perm", "fast", "model", "history", "stats", "resume", "can-resume", "handoff", "login", "logout", "disable", "enable", "export", "import", "select", "run", "help", "version"
         ) else None,
         "use_color": use_color,
     }
@@ -365,6 +369,12 @@ def main(argv, options=None):
     if command == "last":
         return handle_last(rest, ctx)
 
+    if command == "resume":
+        return handle_resume(rest, ctx)
+
+    if command == "can-resume":
+        return handle_can_resume(rest, ctx)
+
     if command == "handoff":
         return handle_handoff(rest, ctx)
 
@@ -400,8 +410,8 @@ def main(argv, options=None):
         out(f"{_print_version()}\n")
         return 0
 
-    if not rest or rest == ["--json"]:
-        return handle_launch(command, ctx)
+    if all(arg in ("--json", "-r", "--resume") for arg in rest):
+        return handle_launch(command, ctx, resume=("-r" in rest or "--resume" in rest))
 
     raise CdxError(f"Unknown command: {command}. Use cdx --help.")
 

package/src/cli_commands.py

@@ -3,6 +3,7 @@ import getpass
 import json
 import os
 import re
+import shlex
 import sys
 import time
 from datetime import datetime, timedelta
@@ -37,6 +38,7 @@ from .provider_runtime import (
     _list_launch_transcript_paths,
     _normalize_reasoning_effort,
     _probe_provider_auth,
+    get_resume_capability,
     _run_headless_provider_command,
     _run_interactive_provider_command,
 )
@@ -58,7 +60,7 @@ EXPORT_USAGE = "Usage: cdx export <file> [--include-auth] [--force] [--json] [--
 IMPORT_USAGE = "Usage: cdx import <file> [--force|--merge] [--json] [--sessions name1,name2] [--passphrase-env VAR]"
 CONTEXT_USAGE = "Usage: cdx context show|path|init|edit|clear|set [text...] [--json]"
 HANDOFF_USAGE = "Usage: cdx handoff <name> [--json] | cdx handoff <source> <target> [--json]"
-SET_USAGE = "Usage: cdx set <name>|--sessions all|a,b|--provider PROVIDER [--power low|medium|high|xhigh|max] [--permission review|default|auto|full] [--fast on|off] [--rtk on|off] [--logics on|off] [--model MODEL] [--priority 0..100] [--json]"
+SET_USAGE = "Usage: cdx set <name>|--sessions all|a,b|--provider PROVIDER [--power minimal|low|medium|high|xhigh] [--permission review|default|auto|full] [--fast on|off] [--rtk on|off] [--logics on|off] [--model MODEL] [--priority 0..100] [--json]"
 UNSET_USAGE = "Usage: cdx unset <name>|--sessions all|a,b|--provider PROVIDER (--power|--permission|--fast|--rtk|--logics|--model|--priority|--all) [--json]"
 SETTING_ALIAS_USAGE = "Usage: cdx power|perm|fast|model <name|all|provider:PROVIDER|a,b> <value|default> [--json]"
 CONFIG_USAGE = "Usage: cdx config <name> [--json]"
@@ -66,9 +68,11 @@ CONFIGS_USAGE = "Usage: cdx configs [--json]"
 HISTORY_USAGE = "Usage: cdx history [name] [--limit N] [--summary] [--since 7d|today|DATE] [--from DATE] [--to DATE] [--json]"
 STATS_USAGE = "Usage: cdx stats [name] [--since 7d|today|DATE] [--from DATE] [--to DATE] [--json]"
 LAST_USAGE = "Usage: cdx last [--json]"
-SELECT_USAGE = "Usage: cdx select --provider PROVIDER [--min-reasoning-effort low|medium|high] [--min-power low|medium|high] [--require-ready] [--refresh] --json"
+RESUME_USAGE = "Usage: cdx resume <name> [--json]"
+CAN_RESUME_USAGE = "Usage: cdx can-resume <name> [--json]"
+SELECT_USAGE = "Usage: cdx select --provider PROVIDER [--min-reasoning-effort minimal|low|medium|high|xhigh] [--min-power minimal|low|medium|high|xhigh] [--require-ready] [--refresh] --json"
 NEXT_USAGE = "Usage: cdx next [--json] [--refresh]"
-RUN_USAGE = "Usage: cdx run [session] --cwd PATH (--prompt-file PATH|--prompt TEXT) [--provider PROVIDER] [--model MODEL] [--kind assistant|code-review] [--reasoning-effort low|medium|high] [--power low|medium|high] [--permission review|default|auto|full|workspace-write|read-only|danger-full-access] [--timeout-seconds N] --json"
+RUN_USAGE = "Usage: cdx run [session] --cwd PATH (--prompt-file PATH|--prompt TEXT) [--provider PROVIDER] [--model MODEL] [--kind assistant|code-review] [--reasoning-effort minimal|low|medium|high|xhigh] [--power minimal|low|medium|high|xhigh] [--permission review|default|auto|full|workspace-write|read-only|danger-full-access] [--timeout-seconds N] --json"
 RUNS_USAGE = "Usage: cdx runs [--limit N] --json"
 RUN_STATUS_USAGE = "Usage: cdx run-status <run_id> --json"
 RUN_REPORT_USAGE = "Usage: cdx run-report <run_id> --json"
@@ -1683,8 +1687,8 @@ def _resolve_bulk_launch_targets(parsed, service):
 
 
 def _reasoning_rank(value):
-    order = {"low": 0, "medium": 1, "high": 2, "xhigh": 2, "max": 2}
-    return order.get(str(value or "low").lower(), 0)
+    order = {"minimal": 0, "low": 1, "medium": 2, "high": 3, "xhigh": 4}
+    return order.get(str(value or "low").lower(), -1)
 
 
 def _session_reasoning_effort(session):
@@ -1693,7 +1697,7 @@ def _session_reasoning_effort(session):
         launch.get("reasoning_effort")
         or launch.get("reasoningEffort")
         or launch.get("power")
-        or ("low" if launch.get("fast") is True else None)
+        or ("low" if launch.get("fast") is True and launch.get("fastMode") != "service_tier" else None)
         or "low"
     )
 
@@ -2290,6 +2294,7 @@ def handle_doctor(rest, ctx):
         ctx["service"],
         ctx["service"]["base_dir"],
         env=ctx.get("env"),
+        spawn_sync=ctx.get("spawn_sync"),
     )
     if json_flag:
         _write_json(ctx, _json_success("doctor", "Collected health report", report=report))
@@ -2672,11 +2677,6 @@ def handle_login(rest, ctx):
     session = ctx["service"]["get_session"](args[0])
     if not session:
         raise CdxError(f"Unknown session: {args[0]}")
-    if session["provider"] == PROVIDER_CODEX:
-        _run_interactive_provider_command(
-            session, "logout", spawn=ctx.get("spawn"), env_override=ctx.get("env"),
-            signal_emitter=ctx.get("signal_emitter")
-        )
     _run_interactive_provider_command(
         session, "login", spawn=ctx.get("spawn"), env_override=ctx.get("env"),
         signal_emitter=ctx.get("signal_emitter")
@@ -2687,6 +2687,7 @@ def handle_login(rest, ctx):
         spawn_sync=ctx.get("spawn_sync"),
         env_override=ctx.get("env"),
         behavior="probe-only",
+        trust_local_credentials=False,
     )
     if not auth_probe.get("authenticated") and session["provider"] == PROVIDER_CLAUDE:
         _bootstrap_claude_setup_token(session, ctx)
@@ -2696,6 +2697,7 @@ def handle_login(rest, ctx):
             spawn_sync=ctx.get("spawn_sync"),
             env_override=ctx.get("env"),
             behavior="probe-only",
+            trust_local_credentials=False,
         )
     if not auth_probe.get("authenticated"):
         raise CdxError(
@@ -2846,10 +2848,83 @@ def handle_update(rest, ctx):
     return 0
 
 
-def handle_launch(command, ctx, initial_prompt=None):
+def _resume_capability_for_session(session, ctx):
+    capability = get_resume_capability(session, cwd=ctx.get("cwd") or os.getcwd())
+    return {
+        "session": session["name"],
+        "provider": session["provider"],
+        "resumable": bool(capability.get("resumable")),
+        "strategy": capability.get("strategy"),
+        "reason": capability.get("reason"),
+        "command_preview": capability.get("command_preview") or [],
+    }
+
+
+def _format_resume_capability(capability, use_color=False):
+    name = capability["session"]
+    provider = capability["provider"]
+    if capability["resumable"]:
+        preview = shlex.join(capability.get("command_preview") or [])
+        detail = f"({provider}, {capability['strategy']})"
+        return (
+            f"{_success(f'{name} can resume', use_color)} "
+            f"{_dim(detail, use_color)}\n"
+            f"{_dim(preview, use_color)}"
+        )
+    reason = capability.get("reason") or "not_supported"
+    return (
+        f"{_warn(f'{name} cannot resume', use_color)} "
+        f"{_dim(f'({provider}, {reason})', use_color)}"
+    )
+
+
+def handle_can_resume(rest, ctx):
+    json_flag, args = _parse_json_flag(rest)
+    if len(args) != 1:
+        raise CdxError(CAN_RESUME_USAGE)
+    session = ctx["service"]["get_session"](args[0])
+    if not session:
+        raise CdxError(f"Unknown session: {args[0]}")
+    if session.get("enabled", True) is False:
+        capability = {
+            "session": session["name"],
+            "provider": session["provider"],
+            "resumable": False,
+            "strategy": "session_disabled",
+            "reason": "session_disabled",
+            "command_preview": [],
+        }
+    else:
+        capability = _resume_capability_for_session(session, ctx)
+    if json_flag:
+        _write_json(ctx, {
+            "schema_version": API_SCHEMA_VERSION,
+            "ok": True,
+            **capability,
+        })
+        return 0
+    ctx["out"](f"{_format_resume_capability(capability, ctx['use_color'])}\n")
+    return 0
+
+
+def handle_resume(rest, ctx):
+    json_flag, args = _parse_json_flag(rest)
+    if len(args) != 1:
+        raise CdxError(RESUME_USAGE)
+    return handle_launch(args[0], ctx, resume=True, force_json=json_flag)
+
+
+def handle_launch(command, ctx, initial_prompt=None, resume=False, force_json=None):
     json_flag = "--json" in ctx.get("raw_args", ctx["options"].get("raw_args", []))
+    if force_json is not None:
+        json_flag = force_json
     warnings = _update_notice_warnings(ctx)
     session = ctx["service"]["launch_session"](command)
+    capability = _resume_capability_for_session(session, ctx) if resume else None
+    if capability and not capability["resumable"]:
+        raise CdxError(
+            f"Provider {session['provider']} does not support native resume through cdx."
+        )
     _ensure_session_authentication(
         session,
         ctx["service"],
@@ -2859,8 +2934,13 @@ def handle_launch(command, ctx, initial_prompt=None):
         stdin_is_tty=ctx["stdin_is_tty"],
         behavior="launch",
         signal_emitter=ctx.get("signal_emitter"),
+        trust_local_credentials=False,
+    )
+    message = (
+        f"Resuming {session['provider']} session {session['name']}"
+        if resume else
+        f"Launching {session['provider']} session {session['name']}"
     )
-    message = f"Launching {session['provider']} session {session['name']}"
     if not json_flag:
         ctx["out"](f"{_info(message, ctx['use_color'])}\n")
         _write_update_notice(ctx)
@@ -2881,7 +2961,7 @@ def handle_launch(command, ctx, initial_prompt=None):
 
     try:
         run_info = _run_interactive_provider_command(
-            session, "launch", spawn=ctx.get("spawn"), cwd=cwd, env_override=ctx.get("env"),
+            session, "resume" if resume else "launch", spawn=ctx.get("spawn"), cwd=cwd, env_override=ctx.get("env"),
             signal_emitter=ctx.get("signal_emitter"), initial_prompt=initial_prompt,
             lifecycle_callback=runtime_lifecycle,
         )
@@ -2904,12 +2984,16 @@ def handle_launch(command, ctx, initial_prompt=None):
         raise
     ctx["service"]["record_launch_history"](session["name"], {
         "status": "success",
+        "action": "resume" if resume else "launch",
         "cwd": cwd,
         "exit_code": 0,
         **run_info,
     })
     if json_flag:
-        _write_json(ctx, _json_success("launch", message, warnings=warnings, session=ctx["service"]["get_session"](session["name"])))
+        extra = {"session": ctx["service"]["get_session"](session["name"])}
+        if capability:
+            extra["resume"] = capability
+        _write_json(ctx, _json_success("resume" if resume else "launch", message, warnings=warnings, **extra))
     return 0
 
 

package/src/health.py

@@ -6,6 +6,8 @@ import tempfile
 from urllib.parse import quote, unquote
 
 from .cli_render import _pad_table, _style
+from .config import PROVIDER_CODEX
+from .provider_runtime import codex_auth_diagnostic
 
 
 def _encode(name):
@@ -30,7 +32,7 @@ def _issue(status, code, message, detail=None, repairable=False):
     }
 
 
-def collect_health_report(service, base_dir, env=None):
+def collect_health_report(service, base_dir, env=None, spawn_sync=None):
     env = env or os.environ
     issues = []
 
@@ -79,11 +81,48 @@ def collect_health_report(service, base_dir, env=None):
         state_path = _state_file_path(base_dir, name)
         if not os.path.isfile(state_path):
             issues.append(_issue("FAIL", "missing_state", f"session {name} state file is missing", state_path, True))
+        if session.get("provider") == PROVIDER_CODEX:
+            issues.extend(_codex_auth_issues(session, spawn_sync=spawn_sync, env=env))
 
     issues.extend(_collect_profile_issues(base_dir, session_names))
     return {"base_dir": base_dir, "issues": issues, "summary": summarize_health(issues)}
 
 
+def _codex_auth_issues(session, spawn_sync=None, env=None):
+    name = session["name"]
+    diag = codex_auth_diagnostic(session, spawn_sync=spawn_sync, env_override=env)
+    identity = diag.get("account_email") or "unknown account"
+    issues = [
+        _issue(
+            "OK" if diag.get("auth_json_exists") else "WARN",
+            "codex_auth_file",
+            f"session {name} Codex auth file {'found' if diag.get('auth_json_exists') else 'missing'} ({identity})",
+            {
+                "session": name,
+                "auth_home": diag.get("auth_home"),
+                "auth_json_exists": diag.get("auth_json_exists"),
+                "local_tokens_present": diag.get("local_tokens_present"),
+                "account_email": diag.get("account_email"),
+            },
+        )
+    ]
+    live_status = diag.get("live_status")
+    live_ok = live_status == "authenticated"
+    live_warn = live_status in ("logged_out", "error")
+    issues.append(_issue(
+        "OK" if live_ok else "WARN" if live_warn else "WARN",
+        "codex_live_auth",
+        f"session {name} live Codex auth status: {live_status}",
+        {
+            "session": name,
+            "auth_home": diag.get("auth_home"),
+            "live_status": live_status,
+            "live_error": diag.get("live_error"),
+        },
+    ))
+    return issues
+
+
 def _check_cdx_home(base_dir):
     try:
         os.makedirs(base_dir, exist_ok=True)

package/src/provider_runtime.py

@@ -7,6 +7,7 @@ import shutil
 import subprocess
 import sys
 import uuid
+import base64
 from datetime import datetime, timezone
 
 from .config import PROVIDER_ANTIGRAVITY, PROVIDER_CLAUDE, PROVIDER_CODEX, PROVIDER_OLLAMA
@@ -14,7 +15,7 @@ from .errors import CdxError
 
 
 LOG_ROTATE_BYTES = 10 * 1024 * 1024  # 10 MB
-REASONING_EFFORT_VALUES = {"low", "medium", "high"}
+REASONING_EFFORT_VALUES = {"minimal", "low", "medium", "high", "xhigh"}
 RTK_PROMPT = (
     "When running noisy shell commands, prefer RTK wrappers (`rtk <command>`) if `rtk` is available. "
     "Use raw commands when exact, unfiltered output is required."
@@ -148,6 +149,64 @@ def _has_local_codex_auth(auth_home):
     )
 
 
+def _decode_jwt_claims(token):
+    if not token or "." not in str(token):
+        return {}
+    parts = str(token).split(".")
+    if len(parts) < 2:
+        return {}
+    padding = "=" * (-len(parts[1]) % 4)
+    try:
+        decoded = base64.urlsafe_b64decode(parts[1] + padding)
+        return json.loads(decoded.decode("utf-8"))
+    except (ValueError, json.JSONDecodeError, UnicodeDecodeError):
+        return {}
+
+
+def _read_codex_account_email(auth_home):
+    try:
+        with open(os.path.join(auth_home, "auth.json"), "r", encoding="utf-8") as handle:
+            auth = json.load(handle)
+    except (FileNotFoundError, OSError, json.JSONDecodeError):
+        return None
+    tokens = auth.get("tokens") if isinstance(auth, dict) else {}
+    if not isinstance(tokens, dict):
+        return None
+    for token_name in ("id_token", "access_token"):
+        claims = _decode_jwt_claims(tokens.get(token_name))
+        email = claims.get("email")
+        if not email and token_name == "access_token":
+            profile = claims.get("https://api.openai.com/profile") or {}
+            email = profile.get("email") if isinstance(profile, dict) else None
+        if email:
+            return str(email).strip().lower()
+    return None
+
+
+def codex_auth_diagnostic(session, spawn_sync=None, env_override=None):
+    auth_home = _get_auth_home(session)
+    auth_path = os.path.join(auth_home, "auth.json")
+    result = {
+        "auth_home": auth_home,
+        "auth_json_exists": os.path.isfile(auth_path),
+        "local_tokens_present": _has_local_codex_auth(auth_home),
+        "account_email": _read_codex_account_email(auth_home),
+        "live_status": "unknown",
+        "live_error": None,
+    }
+    try:
+        result["live_status"] = "authenticated" if _probe_provider_auth(
+            session,
+            spawn_sync=spawn_sync,
+            env_override=env_override,
+            trust_local_credentials=False,
+        ) else "logged_out"
+    except CdxError as error:
+        result["live_status"] = "error"
+        result["live_error"] = str(error)
+    return result
+
+
 def _read_claude_account_email(auth_home):
     config_path = os.path.join(auth_home, ".claude.json")
     try:
@@ -196,11 +255,25 @@ def _launch_power(session):
     power = launch.get("reasoning_effort") or launch.get("reasoningEffort") or launch.get("power")
     if power:
         return power
-    if launch.get("fast") is True:
+    if _legacy_fast_low_effort(launch):
         return "low"
     return None
 
 
+def _legacy_fast_low_effort(launch):
+    return launch.get("fast") is True and launch.get("fastMode") != "service_tier"
+
+
+def _codex_fast_enabled(launch):
+    return launch.get("fast") is True and launch.get("fastMode") == "service_tier"
+
+
+def _codex_fast_config_args(launch):
+    if _codex_fast_enabled(launch):
+        return ["-c", 'service_tier="fast"', "-c", "features.fast_mode=true"]
+    return ["-c", 'service_tier="flex"', "-c", "features.fast_mode=false"]
+
+
 def _normalize_reasoning_effort(reasoning_effort=None, power=None, usage="Unsupported reasoning effort."):
     effort = str(reasoning_effort).strip().lower() if reasoning_effort is not None else None
     alias = str(power).strip().lower() if power is not None else None
@@ -269,6 +342,7 @@ def _launch_config_args(session):
         return args
     if power:
         args += ["-c", f'model_reasoning_effort="{power}"']
+    args += _codex_fast_config_args(launch)
     if permission:
         args += LAUNCH_PERMISSION_ARGS[PROVIDER_CODEX].get(permission, [])
     return args
@@ -437,6 +511,90 @@ def _build_launch_spec(session, cwd=None, env_override=None, initial_prompt=None
     }, capture_transcript=capture_transcript, env=env)
 
 
+def _redacted_resume_command_preview(session, cwd=None):
+    capability = get_resume_capability(session, cwd=cwd)
+    return capability.get("command_preview")
+
+
+def get_resume_capability(session, cwd=None):
+    provider = session.get("provider")
+    cwd = cwd or os.getcwd()
+    if provider == PROVIDER_CODEX:
+        return {
+            "resumable": True,
+            "provider": provider,
+            "strategy": "provider_last",
+            "reason": "supported",
+            "command_preview": ["codex", "resume", "--last", "--cd", cwd],
+        }
+    if provider == PROVIDER_CLAUDE:
+        return {
+            "resumable": True,
+            "provider": provider,
+            "strategy": "provider_continue",
+            "reason": "supported",
+            "command_preview": ["claude", "--continue"],
+        }
+    return {
+        "resumable": False,
+        "provider": provider,
+        "strategy": "not_supported",
+        "reason": "not_supported",
+        "command_preview": [],
+    }
+
+
+def _build_resume_spec(session, cwd=None, env_override=None, capture_transcript=True):
+    cwd = cwd or os.getcwd()
+    env_override = env_override or {}
+    env = {**os.environ, **env_override}
+    capability = get_resume_capability(session, cwd=cwd)
+    if not capability["resumable"]:
+        raise CdxError(f"Provider {session.get('provider')} does not support native resume through cdx.")
+
+    resume_prompt = _with_launch_preferences(session, env=env)
+    _validate_initial_prompt(resume_prompt)
+
+    if session["provider"] == PROVIDER_CLAUDE:
+        launch = session.get("launch") or {}
+        args = ["--continue", "--name", session["name"]]
+        if launch.get("model"):
+            args += ["--model", _claude_cli_model(launch["model"])]
+        args += _launch_config_args(session)
+        if resume_prompt:
+            args.append(resume_prompt)
+        auth_home = _get_auth_home(session)
+        claude_env = _claude_env(env, auth_home)
+        oauth_token = _read_claude_launch_oauth_token(auth_home)
+        if oauth_token:
+            claude_env["CLAUDE_CODE_OAUTH_TOKEN"] = oauth_token
+        return _wrap_launch_with_transcript(session, {
+            "command": "claude",
+            "args": args,
+            "options": {
+                "cwd": cwd,
+                "env": claude_env,
+            },
+            "label": "claude resume",
+        }, capture_transcript=capture_transcript, env=env)
+
+    launch = session.get("launch") or {}
+    args = ["resume", "--last", "--cd", cwd]
+    if launch.get("model"):
+        args += ["--model", launch["model"]]
+    args += _launch_config_args(session)
+    if resume_prompt:
+        args.append(resume_prompt)
+    return _wrap_launch_with_transcript(session, {
+        "command": "codex",
+        "args": args,
+        "options": {
+            "env": {**env, "CODEX_HOME": _get_auth_home(session)},
+        },
+        "label": "codex resume",
+    }, capture_transcript=capture_transcript, env=env)
+
+
 def _validate_initial_prompt(initial_prompt):
     if initial_prompt is not None:
         if not isinstance(initial_prompt, str):
@@ -482,6 +640,7 @@ def _build_headless_launch_spec(session, cwd=None, env_override=None, initial_pr
             args += ["--model", model]
         if power:
             args += ["-c", f'model_reasoning_effort="{power}"']
+        args += _codex_fast_config_args(launch)
         if permission:
             args += HEADLESS_CODEX_PERMISSION_ARGS.get(permission, [])
         if initial_prompt:
@@ -771,11 +930,14 @@ def _run_interactive_provider_command(session, action, spawn=None, cwd=None,
                                       env_override=None, signal_emitter=None,
                                       initial_prompt=None, lifecycle_callback=None):
     spawn = spawn or subprocess.Popen
-    spec = (
-        _build_launch_spec(session, cwd=cwd, env_override=env_override, initial_prompt=initial_prompt)
-        if action == "launch"
-        else _build_auth_action_spec(session, action, cwd=cwd, env_override=env_override)
-    )
+    if action == "launch":
+        spec = _build_launch_spec(session, cwd=cwd, env_override=env_override, initial_prompt=initial_prompt)
+    elif action == "resume":
+        if initial_prompt is not None:
+            raise CdxError("initial_prompt is not supported for resume.")
+        spec = _build_resume_spec(session, cwd=cwd, env_override=env_override)
+    else:
+        spec = _build_auth_action_spec(session, action, cwd=cwd, env_override=env_override)
     def start_child(current_spec):
         command = current_spec["command"]
         if spawn is subprocess.Popen:

package/src/run_command.py

@@ -43,7 +43,7 @@ def run_payload_reasoning_effort(parsed, session):
         or launch.get("reasoning_effort")
         or launch.get("reasoningEffort")
         or launch.get("power")
-        or ("low" if launch.get("fast") is True else None)
+        or ("low" if launch.get("fast") is True and launch.get("fastMode") != "service_tier" else None)
     )
 
 

package/src/run_usage.py

@@ -91,6 +91,7 @@ def _usage_from_dict(value):
     output_tokens = _int_value(usage.get("output_tokens"), usage.get("completion_tokens"))
     reasoning_tokens = _int_value(
         usage.get("reasoning_tokens"),
+        usage.get("reasoning_output_tokens"),
         _nested_int(usage, "output_tokens_details", "reasoning_tokens"),
         _nested_int(usage, "completion_tokens_details", "reasoning_tokens"),
     )

package/src/session_service.py

@@ -21,6 +21,7 @@ ALLOWED_PROVIDERS = set(PROVIDERS)
 MAX_SESSION_NAME_LENGTH = 64
 RESERVED_SESSION_NAMES = {
     "add",
+    "can-resume",
     "clean",
     "context",
     "configs",
@@ -45,6 +46,7 @@ RESERVED_SESSION_NAMES = {
     "power",
     "ready",
     "repair",
+    "resume",
     "ren",
     "rename",
     "rmv",
@@ -66,8 +68,8 @@ RESERVED_SESSION_NAMES = {
 STATUS_CACHE_TTL_SECONDS = 60
 CLAUDE_STATUS_CACHE_TTL_SECONDS = 10 * 60
 MAX_STATUS_WORKERS = 8
-LAUNCH_POWER_VALUES = {"low", "medium", "high", "xhigh", "max"}
-LAUNCH_REASONING_EFFORT_VALUES = {"low", "medium", "high"}
+LAUNCH_POWER_VALUES = {"minimal", "low", "medium", "high", "xhigh"}
+LAUNCH_REASONING_EFFORT_VALUES = {"minimal", "low", "medium", "high", "xhigh"}
 LAUNCH_PERMISSION_VALUES = {"review", "default", "auto", "full"}
 MAX_LAUNCH_MODEL_LENGTH = 128
 MIN_LAUNCH_PRIORITY = 0
@@ -107,7 +109,7 @@ def _seed_codex_auth_from_global(auth_home, env=None):
     return True
 
 
-def _normalize_launch_settings(settings):
+def _normalize_launch_settings(settings, mark_fast_service_tier=True):
     normalized = {}
     if not settings:
         return normalized
@@ -138,6 +140,12 @@ def _normalize_launch_settings(settings):
                 normalized["fast"] = False
             else:
                 raise CdxError(f"Unsupported fast value: {settings['fast']}")
+        if normalized["fast"] is True and mark_fast_service_tier:
+            normalized["fastMode"] = "service_tier"
+        else:
+            normalized.pop("fastMode", None)
+        if settings.get("fastMode") == "service_tier" and normalized["fast"] is True:
+            normalized["fastMode"] = "service_tier"
     if "rtk" in settings and settings["rtk"] is not None:
         value = settings["rtk"]
         if isinstance(value, bool):
@@ -827,17 +835,15 @@ def create_session_service(options=None):
         updates = _normalize_launch_settings(settings)
         if not updates:
             raise CdxError("At least one launch setting is required.")
-        current = _normalize_launch_settings(session.get("launch") or {})
+        current = _normalize_launch_settings(session.get("launch") or {}, mark_fast_service_tier=False)
         launch = {**current, **updates}
         explicit_power = "power" in updates or "reasoning_effort" in updates
-        if explicit_power and "fast" not in updates:
+        if explicit_power and "fast" not in updates and launch.get("fastMode") != "service_tier":
             launch["fast"] = False
-        if "fast" in updates and not explicit_power:
-            if updates["fast"] is True:
-                launch.pop("power", None)
-                launch.pop("reasoning_effort", None)
-                launch.pop("reasoningEffort", None)
-            elif not any(key in launch for key in ("power", "reasoning_effort", "reasoningEffort")):
+            launch.pop("fastMode", None)
+        if updates.get("fast") is False:
+            launch.pop("fastMode", None)
+            if not any(key in launch for key in ("power", "reasoning_effort", "reasoningEffort")):
                 launch["power"] = DEFAULT_LAUNCH_SETTINGS["power"]
         now = _local_now_iso()
         return store["update_session"](name, lambda s: {