feat: Settings page comprehensive redesign (#936)

CLAUDE.md

@@ -98,7 +98,7 @@ src/synthorg/
   memory/         # Pluggable MemoryBackend, retrieval pipeline, org memory, consolidation
   persistence/    # Pluggable PersistenceBackend, SQLite, settings + user repositories
   observability/  # Structured logging, correlation tracking, redaction, third-party logger taming, events/
-  providers/      # LLM provider abstraction, presets, model auto-discovery, runtime CRUD (management/), provider families, discovery SSRF allowlist, health tracking, active health probing
+  providers/      # LLM provider abstraction, presets, model auto-discovery, capabilities, runtime CRUD (management/), provider families, discovery SSRF allowlist, health tracking, active health probing
   settings/       # Runtime-editable settings (DB > env > YAML > code), Fernet encryption, ConfigResolver, definitions/, subscribers/
   security/       # Rule engine, audit log, output scanner, progressive trust, autonomy levels, timeout policies, LLM fallback evaluator, custom policy rules
   templates/      # Pre-built company templates, personality presets, model requirements, tier-to-model matching, locale-aware name generation

docs/design/brand-and-ux.md

@@ -228,6 +228,8 @@ The following shared components live in `web/src/components/ui/` and form the bu
 | `SelectField` | `select-field.tsx` | `label`, `options`, `value`, `onChange`, `error?`, `hint?`, `placeholder?`, `required?`, `disabled?`, `className?` | Labeled select dropdown with error/hint display and placeholder support. |
 | `SliderField` | `slider-field.tsx` | `label`, `value`, `onChange`, `min`, `max`, `step?`, `formatValue?`, `disabled?`, `className?` | Labeled range slider with custom value formatter and aria-live value display. |
 | `ToggleField` | `toggle-field.tsx` | `label`, `checked`, `onChange`, `description?`, `disabled?` | Labeled toggle switch (role="switch") with optional description text. |
+| `TagInput` | `tag-input.tsx` | `label`, `value`, `onChange`, `placeholder?`, `disabled?`, `className?` | Chip-style multi-value input with add/remove, keyboard support (Enter to add, Backspace to remove), paste splitting. |
+| `TokenUsageBar` | `token-usage-bar.tsx` | `data`, `segments?`, `max?`, `animated?`, `className?` | Segmented horizontal meter bar for token usage (multi-segment with auto-colors, `role="meter"`, animated transitions). |
 | `CodeMirrorEditor` | `code-mirror-editor.tsx` | `value`, `onChange`, `language`, `readOnly?`, `aria-label?`, `className?` | CodeMirror 6 editor with JSON/YAML modes, design-token dark theme, line numbers, bracket matching, and `readOnly` support. |
 | `SegmentedControl` | `segmented-control.tsx` | `label`, `options`, `value`, `onChange`, `disabled?`, `size?`, `className?` | Accessible radiogroup with keyboard navigation (arrow keys + wrapping), size variants (`sm`/`md`), generic `<T extends string>` typing. |
 | `ThemeToggle` | `theme-toggle.tsx` | `className?` | Radix Popover with 5-axis theme controls (color, density, typography, animation, sidebar). Rendered in StatusBar for global access. |

docs/design/operations.md

@@ -1184,11 +1184,11 @@ For the full page list, navigation hierarchy, URL routing map, and WebSocket cha
 
 **Secondary navigation** (sidebar, collapsible "Workspace" section):
 
-- **Agents** (`/agents`): Agent profile cards/table. Click opens Agent Detail slide-in panel with tabs: Overview, Performance (collaboration score), Access (autonomy level), Activity (tasks, spending)
+- **Agents** (`/agents`): Agent profile cards/table. Click navigates to Agent Detail page (`/agents/{agentName}`) -- single scrollable page with identity header, prose insights, performance metrics, tool badges, career timeline, task history, and activity log
 - **Messages** (`/messages`): Channel-filtered agent-to-agent communication feed for investigating delegation chains and coordination
 - **Meetings** (`/meetings`): Meeting history, transcripts, outcomes. Trigger meeting action
 - **Providers** (`/providers`): LLM provider CRUD, connection test, preset-based creation, model auto-discovery (Ollama `/api/tags`, standard `/models`). Provider routing settings alongside CRUD cards
-- **Settings** (`/settings`): Configuration for 7 namespaces (api, memory, budget, security, coordination, observability, backup). Two-column responsive grid, basic/advanced mode, GUI/JSON/YAML toggle. Backup management CRUD nested under backup namespace. System-managed settings hidden from GUI. Environment-sourced settings read-only.
+- **Settings** (`/settings`): Configuration for 7 namespaces (api, memory, budget, security, coordination, observability, backup). Namespace tab bar navigation with single-column layout, basic/advanced mode, GUI/Code edit toggle (split-pane diff view for JSON/YAML). Observability sinks sub-page (`/settings/observability/sinks`) for log sink management with card grid and test-before-save. Backup management CRUD nested under backup namespace. System-managed settings hidden from GUI. Environment-sourced settings read-only.
     - *DB-backed persistence*: 9 namespaces total (api, company, providers, memory, budget, security, coordination, observability, backup) -- company and providers are managed on their own dedicated pages. Setting types: `STRING`, `INTEGER`, `FLOAT`, `BOOLEAN`, `ENUM`, `JSON`. 4-layer resolution: DB > env > YAML > code defaults. Fernet encryption for `sensitive` values. REST API (`GET`/`PUT`/`DELETE` + schema endpoints for dynamic UI generation), change notifications via message bus.
     - *`ConfigResolver`*: Typed scalar accessors assemble full Pydantic config models from individually resolved settings (using `asyncio.TaskGroup` for parallel resolution). Structural data accessors (`get_agents`, `get_departments`, `get_provider_configs`) resolve JSON-typed settings with Pydantic schema validation and graceful fallback to `RootConfig` defaults on invalid data.
     - *Hot-reload*: `SettingsChangeDispatcher` polls the `#settings` bus channel and routes change notifications to registered `SettingsSubscriber` implementations. Settings marked `restart_required=True` are filtered (logged as WARNING, not dispatched). Concrete subscribers: `ProviderSettingsSubscriber` (rebuilds `ModelRouter` on `routing_strategy` change via `AppState.swap_model_router`), `MemorySettingsSubscriber` (advisory logging for non-restart memory settings), `BackupSettingsSubscriber` (toggles `BackupScheduler` on `enabled` change, reschedules interval on `schedule_hours` change).

docs/design/page-structure.md

@@ -123,17 +123,21 @@ No WebSocket subscription -- provider changes are low-frequency admin operations
 
 #### Settings (`/settings`)
 
-Configuration for 7 namespaces: api, memory, budget, security, coordination, observability, backup. Collapsible namespace sections with sub-group headings, basic/advanced mode, GUI/Code edit toggle (JSON/YAML within Code mode). Each namespace is URL-addressable (`/settings/{namespace}`) for deep linking from other pages (e.g. Dashboard budget warning links to `/settings/budget`).
+Configuration for 7 namespaces: api, memory, budget, security, coordination, observability, backup. Navigation uses a horizontal **namespace tab bar** across the top of the settings page, with each namespace as a clickable tab. Within each namespace, settings are displayed in a single-column layout with sub-group headings, basic/advanced mode, GUI/Code edit toggle (JSON/YAML within Code mode). Each namespace is URL-addressable (`/settings/{namespace}`) for deep linking from other pages (e.g. Dashboard budget warning links to `/settings/budget`).
+
+The **Code edit mode** uses a **split-pane diff editor view**: the left pane shows the current persisted configuration (read-only), and the right pane is an editable CodeMirror editor for composing changes. This allows operators to see exactly what will change before saving.
 
 Enabling advanced mode for the first time shows a confirmation dialog warning about misconfiguration risk. The warning is deduplicated per session via `sessionStorage`. Advanced mode preference persists in `localStorage`.
 
 Dependency indicators are driven by a frontend-maintained `SETTING_DEPENDENCIES` map in `web/src/utils/constants.ts` (not by backend schema). When a controller setting is disabled, its dependent settings display in a muted state.
 
+The **observability namespace** includes a dedicated **Sinks** sub-page (`/settings/observability/sinks`) for managing log sink configuration. The sinks page displays all active sinks (console and file) as cards showing identifier, log level, format, rotation policy, and routing prefixes. Operators can edit sink overrides and define custom sinks with a test-before-save workflow.
+
 The **backup namespace** will include backup management CRUD (trigger, list, restore, delete) in a future iteration, consolidating the BackupController under the Settings page. The current implementation covers backup configuration settings only (schedule, retention, path).
 
 System-managed settings (e.g. `api/setup_complete`) are hidden from the GUI. Environment-sourced settings display as read-only.
 
-**API endpoints**: `GET /settings/_schema`, `GET /settings/_schema/{ns}`, `GET /settings`, `GET /settings/{ns}`, `GET /settings/{ns}/{key}`, `PUT /settings/{ns}/{key}`, `DELETE /settings/{ns}/{key}`, `POST /admin/backups`, `GET /admin/backups`, `GET /admin/backups/{id}`, `DELETE /admin/backups/{id}`, `POST /admin/backups/restore`
+**API endpoints**: `GET /settings/_schema`, `GET /settings/_schema/{ns}`, `GET /settings`, `GET /settings/{ns}`, `GET /settings/{ns}/{key}`, `PUT /settings/{ns}/{key}`, `DELETE /settings/{ns}/{key}`, `GET /settings/observability/sinks`, `POST /settings/observability/sinks/_test`, `POST /admin/backups`, `GET /admin/backups`, `GET /admin/backups/{id}`, `DELETE /admin/backups/{id}`, `POST /admin/backups/restore`
 **WS channels**: `system` (restart-required notifications)
 
 ### Standalone Pages
@@ -252,8 +256,9 @@ SIDEBAR (220px expanded / 56px icon rail)
 | `/meetings/:meetingId` | Meeting detail | Transcript and outcomes |
 | `/providers` | Providers | Provider list |
 | `/providers/:providerName` | Provider detail | Edit/test provider |
-| `/settings` | Settings | Namespace overview |
-| `/settings/:namespace` | Settings (filtered) | Single namespace view |
+| `/settings` | Settings | Namespace overview (tab bar navigation) |
+| `/settings/:namespace` | Settings (filtered) | Single namespace view via tab bar |
+| `/settings/observability/sinks` | Settings Sinks | Observability sink management (card grid with edit/test) |
 | `*` | 404 Not Found | Catch-all |
 
 ### Route Guards

src/synthorg/api/app.py

@@ -41,7 +41,12 @@
 from synthorg.api.controllers import ALL_CONTROLLERS
 from synthorg.api.controllers.ws import ws_handler
 from synthorg.api.exception_handlers import EXCEPTION_HANDLERS
-from synthorg.api.lifecycle import _safe_shutdown, _safe_startup, _try_stop
+from synthorg.api.lifecycle import (
+    _maybe_start_health_prober,
+    _safe_shutdown,
+    _safe_startup,
+    _try_stop,
+)
 from synthorg.api.middleware import RequestLoggingMiddleware, security_headers_hook
 from synthorg.api.state import AppState
 from synthorg.api.ws_models import WsEvent, WsEventType
@@ -80,7 +85,7 @@
 from synthorg.persistence.factory import create_backend
 from synthorg.persistence.protocol import PersistenceBackend  # noqa: TC001
 from synthorg.providers.health import ProviderHealthTracker  # noqa: TC001
-from synthorg.providers.health_prober import ProviderHealthProber
+from synthorg.providers.health_prober import ProviderHealthProber  # noqa: TC001
 from synthorg.providers.registry import ProviderRegistry  # noqa: TC001
 from synthorg.security.timeout.scheduler import ApprovalTimeoutScheduler  # noqa: TC001
 from synthorg.settings.dispatcher import SettingsChangeDispatcher
@@ -372,19 +377,7 @@ async def on_startup() -> None:
             name="ws-ticket-cleanup",
         )
         _ticket_cleanup_task.add_done_callback(_on_cleanup_task_done)
-        # Start health prober for local providers (after config is resolved)
-        if app_state.has_provider_health_tracker and app_state.has_config_resolver:
-            policy_loader = (
-                app_state.provider_management.get_discovery_policy
-                if app_state.has_provider_management
-                else None
-            )
-            _health_prober = ProviderHealthProber(
-                health_tracker=app_state.provider_health_tracker,
-                config_resolver=app_state.config_resolver,
-                discovery_policy_loader=policy_loader,
-            )
-            await _health_prober.start()
+        _health_prober = await _maybe_start_health_prober(app_state)
 
     async def on_shutdown() -> None:
         nonlocal _ticket_cleanup_task, _auto_wired_dispatcher, _health_prober