ltcai 4.2.0 → 4.3.1

package/frontend/src/api/openapi.ts

@@ -207,6 +207,23 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
+    "/admin/product-hardening": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** Admin Product Hardening */
+        get: operations["admin_product_hardening_admin_product_hardening_get"];
+        put?: never;
+        post?: never;
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
     "/admin/roles": {
         parameters: {
             query?: never;
@@ -1280,6 +1297,40 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
+    "/api/knowledge-graph/archive/import": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /** Import Encrypted Archive */
+        post: operations["import_encrypted_archive_api_knowledge_graph_archive_import_post"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
+    "/api/knowledge-graph/archive/inspect": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /** Inspect Encrypted Archive */
+        post: operations["inspect_encrypted_archive_api_knowledge_graph_archive_inspect_post"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
     "/api/knowledge-graph/archive/restore": {
         parameters: {
             query?: never;
@@ -1297,6 +1348,23 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
+    "/api/knowledge-graph/archive/verify": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        get?: never;
+        put?: never;
+        /** Verify Encrypted Archive */
+        post: operations["verify_encrypted_archive_api_knowledge_graph_archive_verify_post"];
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
     "/api/knowledge-graph/backup": {
         parameters: {
             query?: never;
@@ -1314,6 +1382,23 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
+    "/api/knowledge-graph/backup-health": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** Backup Health */
+        get: operations["backup_health_api_knowledge_graph_backup_health_get"];
+        put?: never;
+        post?: never;
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
     "/api/knowledge-graph/export": {
         parameters: {
             query?: never;
@@ -5822,8 +5907,32 @@ export interface components {
             /** Path */
             path?: string | null;
         };
+        /** EncryptedInspectRequest */
+        EncryptedInspectRequest: {
+            /** Passphrase */
+            passphrase?: string | null;
+            /** Path */
+            path: string;
+        };
         /** EncryptedRestoreRequest */
         EncryptedRestoreRequest: {
+            /**
+             * Confirm
+             * @default false
+             */
+            confirm: boolean;
+            /**
+             * Dry Run
+             * @default false
+             */
+            dry_run: boolean;
+            /** Passphrase */
+            passphrase: string;
+            /** Path */
+            path: string;
+        };
+        /** EncryptedVerifyRequest */
+        EncryptedVerifyRequest: {
             /** Passphrase */
             passphrase: string;
             /** Path */
@@ -6074,6 +6183,11 @@ export interface components {
         LoadModelRequest: {
             /** Adapter Path */
             adapter_path?: string | null;
+            /**
+             * Allow Download
+             * @default false
+             */
+            allow_download: boolean;
             /** Draft Model Id */
             draft_model_id?: string | null;
             /** Engine */
@@ -6307,6 +6421,11 @@ export interface components {
         };
         /** PrepareModelRequest */
         PrepareModelRequest: {
+            /**
+             * Allow Download
+             * @default false
+             */
+            allow_download: boolean;
             /** Engine */
             engine?: string | null;
             /** Model */
@@ -6389,6 +6508,16 @@ export interface components {
         };
         /** RestoreRequest */
         RestoreRequest: {
+            /**
+             * Confirm
+             * @default false
+             */
+            confirm: boolean;
+            /**
+             * Dry Run
+             * @default false
+             */
+            dry_run: boolean;
             /** Path */
             path: string;
             /**
@@ -7458,6 +7587,26 @@ export interface operations {
             };
         };
     };
+    admin_product_hardening_admin_product_hardening_get: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody?: never;
+        responses: {
+            /** @description Successful Response */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": unknown;
+                };
+            };
+        };
+    };
     admin_roles_admin_roles_get: {
         parameters: {
             query?: never;
@@ -9503,6 +9652,72 @@ export interface operations {
             };
         };
     };
+    import_encrypted_archive_api_knowledge_graph_archive_import_post: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["EncryptedRestoreRequest"];
+            };
+        };
+        responses: {
+            /** @description Successful Response */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": unknown;
+                };
+            };
+            /** @description Validation Error */
+            422: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["HTTPValidationError"];
+                };
+            };
+        };
+    };
+    inspect_encrypted_archive_api_knowledge_graph_archive_inspect_post: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["EncryptedInspectRequest"];
+            };
+        };
+        responses: {
+            /** @description Successful Response */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": unknown;
+                };
+            };
+            /** @description Validation Error */
+            422: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["HTTPValidationError"];
+                };
+            };
+        };
+    };
     restore_encrypted_archive_api_knowledge_graph_archive_restore_post: {
         parameters: {
             query?: never;
@@ -9536,6 +9751,39 @@ export interface operations {
             };
         };
     };
+    verify_encrypted_archive_api_knowledge_graph_archive_verify_post: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["EncryptedVerifyRequest"];
+            };
+        };
+        responses: {
+            /** @description Successful Response */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": unknown;
+                };
+            };
+            /** @description Validation Error */
+            422: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["HTTPValidationError"];
+                };
+            };
+        };
+    };
     backup_graph_api_knowledge_graph_backup_post: {
         parameters: {
             query?: never;
@@ -9569,6 +9817,26 @@ export interface operations {
             };
         };
     };
+    backup_health_api_knowledge_graph_backup_health_get: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody?: never;
+        responses: {
+            /** @description Successful Response */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": unknown;
+                };
+            };
+        };
+    };
     export_graph_api_knowledge_graph_export_post: {
         parameters: {
             query?: never;

package/frontend/src/pages/Act.tsx

@@ -58,6 +58,11 @@ function AgentsPanel() {
     mutationFn: () => latticeApi.registerAgent({ name: agentName, type: "custom", capabilities: [] }),
     onSuccess: () => qc.invalidateQueries({ queryKey: ["agentRegistry"] }),
   });
+  const runtimeData = (runtime.data?.data || {}) as Record<string, unknown>;
+  const runtimeMeta = (runtimeData.runtime || {}) as Record<string, unknown>;
+  const runtimeReady = Boolean(runtimeMeta.ready);
+  const runtimeReason = String(runtimeMeta.unavailable_reason || "Load an LLM-backed model before running agents.");
+  const canRunAgent = Boolean(goal.trim()) && runtimeReady && !run.isPending;
   return (
     <div className="grid gap-4 xl:grid-cols-[0.9fr_1.1fr]">
       <Card>
@@ -67,7 +72,15 @@ function AgentsPanel() {
         </CardHeader>
         <CardContent className="space-y-3">
           <Textarea value={goal} onChange={(e) => setGoal(e.target.value)} placeholder="Describe the objective..." />
-          <Button disabled={!goal.trim() || run.isPending} onClick={() => run.mutate()}><Play className="h-4 w-4" /> Run planner/executor/reviewer</Button>
+          {!runtimeReady ? <Badge variant="warning">{runtimeReason}</Badge> : null}
+          <Button
+            className="w-full"
+            variant={runtimeReady ? "default" : "outline"}
+            disabled={!canRunAgent}
+            onClick={() => run.mutate()}
+          >
+            <Play className="h-4 w-4" /> {runtimeReady ? "Run pipeline" : "Agent execution unavailable"}
+          </Button>
           {run.data ? <JsonView value={run.data.data || run.data.error} /> : null}
         </CardContent>
       </Card>
@@ -162,8 +175,26 @@ function RunList({ runs, kind }: { runs: Array<Record<string, unknown>>; kind: "
 }
 
 function WorkflowsPanel() {
+  const qc = useQueryClient();
   const defs = useQuery({ queryKey: ["workflowDefinitions"], queryFn: latticeApi.workflowDefinitions });
   const triggers = useQuery({ queryKey: ["workflowTriggers"], queryFn: latticeApi.workflowTriggers });
+  const [name, setName] = React.useState("Manual workflow");
+  const [importText, setImportText] = React.useState("");
+  const create = useMutation({
+    mutationFn: () => latticeApi.createWorkflow({
+      name: name.trim() || "Manual workflow",
+      nodes: manualWorkflowNodes(),
+      metadata: { created_from: "desktop-act-ui" },
+    }),
+    onSuccess: () => qc.invalidateQueries({ queryKey: ["workflowDefinitions"] }),
+  });
+  const importWorkflow = useMutation({
+    mutationFn: () => latticeApi.importWorkflow(JSON.parse(importText) as Record<string, unknown>),
+    onSuccess: () => {
+      setImportText("");
+      qc.invalidateQueries({ queryKey: ["workflowDefinitions"] });
+    },
+  });
   const workflows = asArray<Record<string, unknown>>((defs.data?.data as Record<string, unknown>)?.workflows);
   const nodes: Node[] = workflows.slice(0, 12).map((workflow, index) => ({
     id: String(workflow.id || workflow.workflow_id || index),
@@ -189,7 +220,17 @@ function WorkflowsPanel() {
       </Card>
       <DataPanel title="Definitions" result={defs.data}>
         {() => (
-          <div className="space-y-2">
+          <div className="space-y-3">
+            <div className="grid gap-2 rounded-md border border-border p-3">
+              <div className="flex flex-wrap gap-2">
+                <Input value={name} onChange={(event) => setName(event.target.value)} placeholder="Workflow name" />
+                <Button disabled={create.isPending} onClick={() => create.mutate()}>Create</Button>
+              </div>
+              <Textarea value={importText} onChange={(event) => setImportText(event.target.value)} placeholder="Paste exported workflow JSON" />
+              <Button variant="outline" disabled={!importText.trim() || importWorkflow.isPending} onClick={() => importWorkflow.mutate()}>Import</Button>
+              {create.data ? <JsonView value={create.data.data || create.data.error} /> : null}
+              {importWorkflow.data ? <JsonView value={importWorkflow.data.data || importWorkflow.data.error} /> : null}
+            </div>
             {workflows.length ? workflows.map((workflow) => {
               const id = String(workflow.id || workflow.workflow_id);
               return (
@@ -197,6 +238,7 @@ function WorkflowsPanel() {
                   <div className="font-medium">{String(workflow.name || id)}</div>
                   <div className="mt-2 flex gap-2">
                     <ActionButton label="Run" action={() => latticeApi.runWorkflow(id)} invalidate={["workflowRuns"]} />
+                    <ActionButton label="Export" action={() => latticeApi.exportWorkflow(id)} />
                   </div>
                 </div>
               );
@@ -211,6 +253,25 @@ function WorkflowsPanel() {
   );
 }
 
+function manualWorkflowNodes(): Array<Record<string, unknown>> {
+  return [
+    {
+      id: "trigger",
+      type: "trigger",
+      name: "Manual start",
+      config: { trigger: "manual" },
+      next: "output",
+    },
+    {
+      id: "output",
+      type: "output",
+      name: "Output",
+      config: { value: "Workflow completed" },
+      next: null,
+    },
+  ];
+}
+
 function HooksPanel() {
   const hooks = useQuery({ queryKey: ["hooks"], queryFn: latticeApi.hooks });
   const runs = useQuery({ queryKey: ["hookRuns"], queryFn: latticeApi.hookRuns });

package/frontend/src/pages/Library.tsx

@@ -40,7 +40,6 @@ export function LibraryPage({ initialTab }: { initialTab?: string }) {
 }
 
 function ModelsPanel() {
-  const qc = useQueryClient();
   const models = useQuery({ queryKey: ["models"], queryFn: latticeApi.models });
   const emb = useQuery({ queryKey: ["embeddings"], queryFn: latticeApi.embeddingsStatus });
   const catalog = [
@@ -55,18 +54,25 @@ function ModelsPanel() {
             {(catalog.length ? catalog : asArray<Record<string, unknown>>((data as Record<string, unknown>).loaded)).slice(0, 14).map((model, index) => {
               const id = String(model.id || model.model_id || model.name || index);
               const loaded = asArray<string>((data as Record<string, unknown>).loaded).includes(id) || (data as Record<string, unknown>).current === id || model.state === "loaded";
+              const loadId = String(model.recommended_load_id || id);
+              const engine = String(model.recommended_engine || model.engine || "");
+              const loadAvailable = Boolean(model.load_available) || loaded;
+              const loadStatus = String(model.load_status || (loaded ? "loaded" : "unavailable"));
+              const unavailableReason = String(model.unavailable_reason || "Unavailable until the backend reports a local model/runtime ready.");
               return (
                 <div key={id} className="flex flex-wrap items-center justify-between gap-3 rounded-md border border-border bg-background p-3">
                   <div>
                     <div className="font-medium">{String(model.name || id)}</div>
                     <div className="text-sm text-muted-foreground">{String(model.family || model.engine || model.recommended_engine || "local")}</div>
+                    {!loaded && !loadAvailable ? <div className="mt-1 text-xs text-muted-foreground">{unavailableReason}</div> : null}
                   </div>
                   <div className="flex items-center gap-2">
-                    <Badge variant={loaded ? "success" : "muted"}>{loaded ? "loaded" : "available"}</Badge>
+                    <Badge variant={loaded ? "success" : loadAvailable ? "muted" : "warning"}>{loaded ? "loaded" : loadStatus}</Badge>
                     <ActionButton
                       label={loaded ? "Unload" : "Load"}
-                      action={() => loaded ? latticeApi.unloadModel(id) : latticeApi.loadModel(id, String(model.recommended_engine || model.engine || ""))}
+                      action={() => loaded ? latticeApi.unloadModel(loadId) : latticeApi.loadModel(loadId, engine, false)}
                       invalidate={["models"]}
+                      disabled={!loaded && !loadAvailable}
                     />
                   </div>
                 </div>

package/frontend/src/pages/System.tsx

@@ -275,18 +275,44 @@ function NetworkPanel() {
 }
 
 function SettingsPanel() {
+  const qc = useQueryClient();
   const { theme, setTheme, mode, setMode } = useAppStore();
   const health = useQuery({ queryKey: ["health"], queryFn: latticeApi.health });
   const sys = useQuery({ queryKey: ["sysinfo"], queryFn: latticeApi.sysinfo });
   const comp = useQuery({ queryKey: ["computerMemory"], queryFn: latticeApi.computerMemory });
   const storage = useQuery({ queryKey: ["brainStorage"], queryFn: latticeApi.brainStorage });
+  const backupHealth = useQuery({ queryKey: ["backupHealth"], queryFn: latticeApi.backupHealth });
   const [dsn, setDsn] = React.useState("");
   const [schema, setSchema] = React.useState("lattice_brain");
   const [dockerConsent, setDockerConsent] = React.useState(false);
+  const [archivePath, setArchivePath] = React.useState("");
+  const [restorePath, setRestorePath] = React.useState("");
+  const [archivePassphrase, setArchivePassphrase] = React.useState("");
+  const [restoreConfirm, setRestoreConfirm] = React.useState(false);
   const docker = useMutation({ mutationFn: (consent: boolean) => latticeApi.dockerPostgres({ consent, dry_run: !consent, port: 5432 }) });
   const migration = useMutation({
     mutationFn: () => latticeApi.migratePostgres({ dsn, schema_name: schema || "lattice_brain", dry_run: true }),
   });
+  const archiveCreate = useMutation({
+    mutationFn: () => latticeApi.brainArchive({ path: archivePath.trim() || null, passphrase: archivePassphrase }),
+    onSuccess: () => qc.invalidateQueries({ queryKey: ["backupHealth"] }),
+  });
+  const archiveInspect = useMutation({
+    mutationFn: () => latticeApi.brainArchiveInspect({ path: restorePath, passphrase: archivePassphrase || null }),
+  });
+  const archiveVerify = useMutation({
+    mutationFn: () => latticeApi.brainArchiveVerify({ path: restorePath, passphrase: archivePassphrase }),
+  });
+  const archiveDryRun = useMutation({
+    mutationFn: () => latticeApi.brainArchiveRestore({ path: restorePath, passphrase: archivePassphrase, dry_run: true, confirm: false }),
+  });
+  const archiveRestore = useMutation({
+    mutationFn: () => latticeApi.brainArchiveRestore({ path: restorePath, passphrase: archivePassphrase, dry_run: false, confirm: restoreConfirm }),
+    onSuccess: () => {
+      qc.invalidateQueries({ queryKey: ["brainStorage"] });
+      qc.invalidateQueries({ queryKey: ["backupHealth"] });
+    },
+  });
   return (
     <div className="grid gap-4 xl:grid-cols-3">
       <Card>
@@ -311,6 +337,36 @@ function SettingsPanel() {
       <DataPanel title="Brain storage" result={storage.data} className="xl:col-span-3">
         {(data) => <JsonView value={data} />}
       </DataPanel>
+      <DataPanel title="Backup health" result={backupHealth.data} className="xl:col-span-3">
+        {(data) => <JsonView value={data} />}
+      </DataPanel>
+      <Card className="xl:col-span-3">
+        <CardHeader>
+          <CardTitle>.latticebrain portability</CardTitle>
+          <CardDescription>Encrypted export, inspect, verify, dry-run restore, and confirmed restore use the Brain portability API.</CardDescription>
+        </CardHeader>
+        <CardContent className="grid gap-3">
+          <div className="grid gap-2 sm:grid-cols-[1fr_1fr]">
+            <Input value={archivePath} onChange={(e) => setArchivePath(e.target.value)} placeholder="export path (optional)" />
+            <Input value={restorePath} onChange={(e) => setRestorePath(e.target.value)} placeholder="archive path for inspect/restore" />
+          </div>
+          <Input type="password" value={archivePassphrase} onChange={(e) => setArchivePassphrase(e.target.value)} placeholder="archive passphrase" />
+          <div className="flex flex-wrap gap-2">
+            <Button onClick={() => archiveCreate.mutate()} disabled={!archivePassphrase || archiveCreate.isPending}>Export archive</Button>
+            <Button variant="outline" onClick={() => archiveInspect.mutate()} disabled={!restorePath || archiveInspect.isPending}>Inspect</Button>
+            <Button variant="outline" onClick={() => archiveVerify.mutate()} disabled={!restorePath || !archivePassphrase || archiveVerify.isPending}>Verify</Button>
+            <Button variant="outline" onClick={() => archiveDryRun.mutate()} disabled={!restorePath || !archivePassphrase || archiveDryRun.isPending}>Restore dry run</Button>
+            <label className="flex items-center gap-2 rounded-md border border-border px-3 py-2 text-sm">
+              <input type="checkbox" checked={restoreConfirm} onChange={(e) => setRestoreConfirm(e.target.checked)} />
+              Confirm restore
+            </label>
+            <Button variant="destructive" onClick={() => archiveRestore.mutate()} disabled={!restorePath || !archivePassphrase || !restoreConfirm || archiveRestore.isPending}>Restore</Button>
+          </div>
+          {[archiveCreate.data, archiveInspect.data, archiveVerify.data, archiveDryRun.data, archiveRestore.data].filter(Boolean).map((item, i) => (
+            <JsonView key={i} value={item?.data || item?.error} />
+          ))}
+        </CardContent>
+      </Card>
       <Card className="xl:col-span-3">
         <CardHeader>
           <CardTitle>Postgres scale mode</CardTitle>
@@ -355,6 +411,7 @@ function AdminPanel() {
   const audit = useQuery({ queryKey: ["adminAudit"], queryFn: latticeApi.adminAudit });
   const roles = useQuery({ queryKey: ["adminRoles"], queryFn: latticeApi.adminRoles });
   const policies = useQuery({ queryKey: ["adminPolicies"], queryFn: latticeApi.adminPolicies });
+  const hardening = useQuery({ queryKey: ["adminProductHardening"], queryFn: latticeApi.adminProductHardening });
   const security = useQuery({ queryKey: ["adminSecurity"], queryFn: latticeApi.adminSecurity });
   const vpc = useQuery({ queryKey: ["vpcStatus"], queryFn: latticeApi.vpcStatus });
   return (
@@ -364,6 +421,7 @@ function AdminPanel() {
       <DataPanel title="Audit" result={audit.data}>{(data) => <EntityList items={(data as Record<string, unknown>).recent_events || data} titleKey="act" metaKey="sev" />}</DataPanel>
       <DataPanel title="Roles" result={roles.data}>{(data) => <JsonView value={data} />}</DataPanel>
       <DataPanel title="Policies" result={policies.data}>{(data) => <JsonView value={data} />}</DataPanel>
+      <DataPanel title="Product hardening" result={hardening.data}>{(data) => <JsonView value={data} />}</DataPanel>
       <DataPanel title="Security overview" result={security.data}>{(data) => <JsonView value={data} />}</DataPanel>
       <DataPanel title="Private VPC" result={vpc.data} className="xl:col-span-2">
         {(data) => (

package/lattice_brain/__init__.py

@@ -19,7 +19,7 @@ from .storage import (
     storage_from_env,
 )
 
-__version__ = "4.2.0"
+__version__ = "4.3.1"
 
 __all__ = [
     "AssembledContext",