You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
State: Completed. PR #110 hardened the generic Code Bridge provenance surface so Launchplane-created work can be correlated without adding a Launchplane dependency or moving orchestration into Code Bridge.
Completed evidence:
Code Bridge hello metadata now validates client labels and optional provenance before registration.
Provenance URLs are bounded HTTPS identity links without credentials, ports, query strings, fragments, localhost, private IPs, or IPv4-mapped private IPv6 hosts.
Request id, trace id, and environment label values are bounded ASCII tokens.
The protocol README documents the provenance privacy boundary and keeps product-specific Launchplane, discord-blue, and app-server fields out of the core protocol.
The service rejects invalid provenance at the HTTP boundary before creating a client session.
Identify the minimal bounded metadata needed to correlate bridge events with Launchplane work: repository, issue/PR URL, request id, source kind, environment label, and trace/request id where safe.
Metadata is optional, redacted, size-capped, and does not copy secrets, prompt text, live product topology, broad local paths, or raw issue bodies.
Launchplane remains the authority for work-request records and status; Code Bridge only carries correlation/provenance.
Any Launchplane service API interaction uses existing helper/operator contracts and fails closed.
No dependency on Launchplane availability is required for local Code Bridge operation.
Target Surface
Codex Lab bridge protocol/service first; Launchplane docs or adapter code only when a product use case is selected. Related local docs: Launchplane service-boundary and Every Code work-request records.
Validation Gate
Protocol/service redaction tests and, later, Launchplane contract tests for any adapter.
Risks
The bridge should not become a second planning/work graph backend. Keep it as observation/control correlation only.
Finish Line
Launchplane-created work can be correlated with Code Bridge events through bounded provenance metadata without moving Launchplane orchestration into the bridge service.
Current Status
Updated 2026-06-16 by Code.
State: Completed. PR #110 hardened the generic Code Bridge provenance surface so Launchplane-created work can be correlated without adding a Launchplane dependency or moving orchestration into Code Bridge.
Completed evidence:
hellometadata now validates client labels and optional provenance before registration.Validation evidence:
cargo fmt --manifest-path codex-rs/Cargo.toml --package codex-code-bridge-protocol --package codex-code-bridge-service -- --checkcargo test --manifest-path codex-rs/Cargo.toml -p codex-code-bridge-protocol --no-fail-fastcargo test --manifest-path codex-rs/Cargo.toml -p codex-code-bridge-service --no-fail-fastAgent review:
Acceptance Criteria
Target Surface
Codex Lab bridge protocol/service first; Launchplane docs or adapter code only when a product use case is selected. Related local docs: Launchplane service-boundary and Every Code work-request records.
Validation Gate
Protocol/service redaction tests and, later, Launchplane contract tests for any adapter.
Risks
The bridge should not become a second planning/work graph backend. Keep it as observation/control correlation only.
Finish Line
Launchplane-created work can be correlated with Code Bridge events through bounded provenance metadata without moving Launchplane orchestration into the bridge service.