Windows no std shim #46
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
|
Are you sure this is 4KB? I'll fiddle with Azure and try to get a VM. Please excuse my bad github skills, I don't know how to do reviews here |
Contributor
Author
|
Yup, pretty sure it's 4KB. GitHub and PowerShell both say so: |
Contributor
|
@zsol has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator. |
Contributor
|
What ever happened with this? Seems maybe even more compelling as part of the npm work #74? |
Contributor
Author
|
This works in OSS but I wasn't able to figure out how to get the nostd rust toolchain working on Windows internally. I'm about to leave Meta, but if the maintainers are OK with merging an OSS only build, I can get it cleaned up and mergeable next week |
Contributor
Contributor
|
This pull request was exported from Phabricator. Differential Revision: D69394745 |
zsol
added a commit
to zsol/dotslash
that referenced
this pull request
Aug 12, 2025
Summary: This PR changes the windows shim to drop a lot of dependencies, shrinking the size of the final binary to 4KB. It's 90% based on zertosh's [work](facebook@066d0b3), with a few changes: * stopped using a `Vec` and thus the need for a global allocator * A few extra places for error handling * Updated the dependencies (`windows-sys` and `compiler_builtins`) Pull Request resolved: facebook#46 Test Plan: Imported from GitHub, without a `Test Plan:` line. Rollback Plan: Reviewed By: bigfootjon Differential Revision: D69394745 Pulled By: zsol
zsol
force-pushed
the
windows-no-std-shim
branch
from
35dcf97 to
fe318da
Compare
Summary: This PR changes the windows shim to drop a lot of dependencies, shrinking the size of the final binary to 4KB. It's 90% based on zertosh's [work](facebook@066d0b3), with a few changes: * stopped using a `Vec` and thus the need for a global allocator * A few extra places for error handling * Updated the dependencies (`windows-sys` and `compiler_builtins`) Pull Request resolved: facebook#46 Test Plan: Imported from GitHub, without a `Test Plan:` line. Rollback Plan: Reviewed By: bigfootjon Differential Revision: D69394745 Pulled By: zsol
Contributor
|
This pull request was exported from Phabricator. Differential Revision: D69394745 |
zsol
force-pushed
the
windows-no-std-shim
branch
from
fe318da to
13d1a1f
Compare
zsol
force-pushed
the
windows-no-std-shim
branch
from
70757f8 to
e2c6fc5
Compare
Contributor
Author
|
Cool, this is ready to merge. Will let CI finish internally and then pull the trigger. The internal build still links to |
Contributor
bolinfest
added a commit
to openai/codex
that referenced
this pull request
Aug 15, 2025
…le (#2361) Now that we are improving our Windows support, we should be including an entry for it in the DotSlash file. Though anyone using the DotSlash file with Windows should use the new Windows shim introduced in facebook/dotslash#46. For more info, see https://dotslash-cli.com/docs/windows/.
austontroyer
added a commit
to austontroyer/codex
that referenced
this pull request
Aug 21, 2025
* chore: introduce ConversationManager as a clearinghouse for all conversations (#2240)
This PR does two things because after I got deep into the first one I
started pulling on the thread to the second:
- Makes `ConversationManager` the place where all in-memory
conversations are created and stored. Previously, `MessageProcessor` in
the `codex-mcp-server` crate was doing this via its `session_map`, but
this is something that should be done in `codex-core`.
- It unwinds the `ctrl_c: tokio::sync::Notify` that was threaded
throughout our code. I think this made sense at one time, but now that
we handle Ctrl-C within the TUI and have a proper `Op::Interrupt` event,
I don't think this was quite right, so I removed it. For `codex exec`
and `codex proto`, we now use `tokio::signal::ctrl_c()` directly, but we
no longer make `Notify` a field of `Codex` or `CodexConversation`.
Changes of note:
- Adds the files `conversation_manager.rs` and `codex_conversation.rs`
to `codex-core`.
- `Codex` and `CodexSpawnOk` are no longer exported from `codex-core`:
other crates must use `CodexConversation` instead (which is created via
`ConversationManager`).
- `core/src/codex_wrapper.rs` has been deleted in favor of
`ConversationManager`.
- `ConversationManager::new_conversation()` returns `NewConversation`,
which is in line with the `new_conversation` tool we want to add to the
MCP server. Note `NewConversation` includes `SessionConfiguredEvent`, so
we eliminate checks in cases like `codex-rs/core/tests/client.rs` to
verify `SessionConfiguredEvent` is the first event because that is now
internal to `ConversationManager`.
- Quite a bit of code was deleted from
`codex-rs/mcp-server/src/message_processor.rs` since it no longer has to
manage multiple conversations itself: it goes through
`ConversationManager` instead.
- `core/tests/live_agent.rs` has been deleted because I had to update a
bunch of tests and all the tests in here were ignored, and I don't think
anyone ever ran them, so this was just technical debt, at this point.
- Removed `notify_on_sigint()` from `util.rs` (and in a follow-up, I
hope to refactor the blandly-named `util.rs` into more descriptive
files).
- In general, I started replacing local variables named `codex` as
`conversation`, where appropriate, though admittedly I didn't do it
through all the integration tests because that would have added a lot of
noise to this PR.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2240).
* #2264
* #2263
* __->__ #2240
* [codex-cli] Add ripgrep as a dependency for node environment (#2237)
## Summary
Ripgrep is our preferred tool for file search. When users install via
`brew install codex`, it's automatically installed as a dependency. We
want to ensure that users running via an npm install also have this
tool! Microsoft has already solved this problem for VS Code - let's not
reinvent the wheel.
This approach of appending to the PATH directly might be a bit
heavy-handed, but feels reasonably robust to a variety of environment
concerns. Open to thoughts on better approaches here!
## Testing
- [x] confirmed this import approach works with `node -e "const { rgPath
} = require('@vscode/ripgrep'); require('child_process').spawn(rgPath,
['--version'], { stdio: 'inherit' })"`
- [x] Ran codex.js locally with `rg` uninstalled, asked it to run `which
rg`. Output below:
```
⚡ Ran command which rg; echo $?
⎿ /Users/dylan.hurd/code/dh--npm-rg/node_modules/@vscode/ripgrep/bin/rg
0
codex
Re-running to confirm the path and exit code.
- Path: `/Users/dylan.hurd/code/dh--npm-rg/node_modules/@vscode/ripgrep/bin/rg`
- Exit code: `0`
```
* TUI: change the diff preview to have color fg not bg (#2270)
<img width="328" height="95" alt="image"
src="https://github.com/user-attachments/assets/70e1e6c2-a88f-4058-8763-85c3a02eedb4"
/>
* fix: update `OutgoingMessageSender::send_response()` to take `Serialize` (#2263)
This makes `send_response()` easier to work with.
* Wait for requested delay in rate limit errors (#2266)
Fixes: https://github.com/openai/codex/issues/2131
Response doesn't have the delay in a separate field (yet) so parse the
message.
* use modifier dim instead of gray and .dim (#2273)
gray color doesn't work very well with white terminals. `.dim` doesn't
have an effect for some reason.
after:
<img width="1080" height="149" alt="image"
src="https://github.com/user-attachments/assets/26c0f8bb-550d-4d71-bd06-11b3189bc1d7"
/>
Before
<img width="1077" height="186" alt="image"
src="https://github.com/user-attachments/assets/b1fba0c7-bc4d-4da1-9754-6c0a105e8cd1"
/>
* tui: standardize tree prefix glyphs to └ (#2274)
Replace mixed `⎿` and `L` prefixes with `└` in TUI rendering.
<img width="454" height="659" alt="Screenshot 2025-08-13 at 4 02 03 PM"
src="https://github.com/user-attachments/assets/61c9c7da-830b-4040-bb79-a91be90870ca"
/>
* fix: skip `cargo test` for release builds on ordinary CI because it is slow, particularly with --all-features set (#2276)
I put this PR together because I noticed I have to wait quite a bit
longer on my PRs since we added
https://github.com/openai/codex/pull/2242 to catch more build issues.
I think we should think about reigning in our use of create features,
but this should be good enough to speed things up for now.
* Enable reasoning for codex-prefixed models (#2275)
## Summary
- enable reasoning for any model slug starting with `codex-`
- provide default model info for `codex-*` slugs
- test that codex models are detected and support reasoning
## Testing
- `just fmt`
- `just fix` *(fails: E0658 `let` expressions in this position are
unstable)*
- `cargo test --all-features` *(fails: E0658 `let` expressions in this
position are unstable)*
------
https://chatgpt.com/codex/tasks/task_i_689d13f8705483208a6ed21c076868e1
* feat: support traditional JSON-RPC request/response in MCP server (#2264)
This introduces a new set of request types that our `codex mcp`
supports. Note that these do not conform to MCP tool calls so that
instead of having to send something like this:
```json
{
"jsonrpc": "2.0",
"method": "tools/call",
"id": 42,
"params": {
"name": "newConversation",
"arguments": {
"model": "gpt-5",
"approvalPolicy": "on-request"
}
}
}
```
we can send something like this:
```json
{
"jsonrpc": "2.0",
"method": "newConversation",
"id": 42,
"params": {
"model": "gpt-5",
"approvalPolicy": "on-request"
}
}
```
Admittedly, this new format is not a valid MCP tool call, but we are OK
with that right now. (That is, not everything we might want to request
of `codex mcp` is something that is appropriate for an autonomous agent
to do.)
To start, this introduces four request types:
- `newConversation`
- `sendUserMessage`
- `addConversationListener`
- `removeConversationListener`
The new `mcp-server/tests/codex_message_processor_flow.rs` shows how
these can be used.
The types are defined on the `CodexRequest` enum, so we introduce a new
`CodexMessageProcessor` that is responsible for dealing with requests
from this enum. The top-level `MessageProcessor` has been updated so
that when `process_request()` is called, it first checks whether the
request conforms to `CodexRequest` and dispatches it to
`CodexMessageProcessor` if so.
Note that I also decided to use `camelCase` for the on-the-wire format,
as that seems to be the convention for MCP.
For the moment, the new protocol is defined in `wire_format.rs` within
the `mcp-server` crate, but in a subsequent PR, I will probably move it
to its own crate to ensure the protocol has minimal dependencies and
that we can codegen a schema from it.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2264).
* #2278
* __->__ #2264
* fix: verify notifications are sent with the conversationId set (#2278)
This updates `CodexMessageProcessor` so that each notification it sends
for a `EventMsg` from a `CodexConversation` such that:
- The `params` always has an appropriate `conversationId` field.
- The `method` is now includes the name of the `EventMsg` type rather
than using `codex/event` as the `method` type for all notifications. (We
currently prefix the method name with `codex/event/`, but I think that
should go away once we formalize the notification schema in
`wire_format.rs`.)
As part of this, we update `test_codex_jsonrpc_conversation_flow()` to
verify that the `task_finished` notification has made it through the
system instead of sleeping for 5s and "hoping" the server finished
processing the task. Note we have seen some flakiness in some of our
other, similar integration tests, and I expect adding a similar check
would help in those cases, as well.
* Parse reasoning text content (#2277)
Sometimes COT is returns as text content instead of `ReasoningText`. We
should parse it but not serialize back on requests.
---------
Co-authored-by: Ahmed Ibrahim <aibrahim@openai.com>
* Clarify PR/Contribution guidelines and issue templates (#2281)
Co-authored-by: Dylan <dylan.hurd@openai.com>
* Use enhancement tag for feature requests (#2282)
* fix: make all fields of Session private (#2285)
As `Session` needs a bit of work, it will make things easier to move
around if we can start by reducing the extent of its public API. This
makes all the fields private, though adds three `pub(crate)` getters.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2285).
* #2287
* #2286
* __->__ #2285
* fix: add support for exec and apply_patch approvals in the new wire format (#2286)
Now when `CodexMessageProcessor` receives either a
`EventMsg::ApplyPatchApprovalRequest` or a
`EventMsg::ExecApprovalRequest`, it sends the appropriate request from
the server to the client. When it gets a response, it forwards it on to
the `CodexConversation`.
Note this takes a lot of code from:
https://github.com/openai/codex/blob/main/codex-rs/mcp-server/src/conversation_loop.rs
https://github.com/openai/codex/blob/main/codex-rs/mcp-server/src/exec_approval.rs
https://github.com/openai/codex/blob/main/codex-rs/mcp-server/src/patch_approval.rs
I am copy/pasting for now because I am trying to consolidate around the
new `wire_format.rs`, so I plan to delete these other files soon.
Now that we have requests going both from client-to-server and
server-to-client, I renamed `CodexRequest` to `ClientRequest`.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2286).
* #2287
* __->__ #2286
* #2285
* feat: add support for an InterruptConversation request (#2287)
This adds `ClientRequest::InterruptConversation`, which effectively maps
directly to `Op::Interrupt`.
---
* __->__ #2287
* #2286
* #2285
* exploration: create Session as part of Codex::spawn() (#2291)
Historically, `Codex::spawn()` would create the instance of `Codex` and
enforce, by construction, that `Op::ConfigureSession` was the first `Op`
submitted via `submit()`. Then over in `submission_loop()`, it would
handle the case for taking the parameters of `Op::ConfigureSession` and
turning it into a `Session`.
This approach has two challenges from a state management perspective:
https://github.com/openai/codex/blob/f968a1327ad39a7786759ea8f1d1c088fe41e91b/codex-rs/core/src/codex.rs#L718
- The local `sess` variable in `submission_loop()` has to be `mut` and
`Option<Arc<Session>>` because it is not invariant that a `Session` is
present for the lifetime of the loop, so there is a lot of logic to deal
with the case where `sess` is `None` (e.g., the `send_no_session_event`
function and all of its callsites).
- `submission_loop()` is written in such a way that
`Op::ConfigureSession` could be observed multiple times, but in
practice, it is only observed exactly once at the start of the loop.
In this PR, we try to simplify the state management by _removing_ the
`Op::ConfigureSession` enum variant and constructing the `Session` as
part of `Codex::spawn()` so that it can be passed to `submission_loop()`
as `Arc<Session>`. The original logic from the `Op::ConfigureSession`
has largely been moved to the new `Session::new()` constructor.
---
Incidentally, I also noticed that the handling of `Op::ConfigureSession`
can result in events being dispatched in addition to
`EventMsg::SessionConfigured`, as an `EventMsg::Error` is created for
every MCP initialization error, so it is important to preserve that
behavior:
https://github.com/openai/codex/blob/f968a1327ad39a7786759ea8f1d1c088fe41e91b/codex-rs/core/src/codex.rs#L901-L916
Though admittedly, I believe this does not play nice with #2264, as
these error messages will likely be dispatched before the client has a
chance to call `addConversationListener`, so we likely need to make it
so `newConversation` automatically creates the subscription, but we must
also guarantee that the "ack" from `newConversation` is returned before
any other conversation-related notifications are sent so the client
knows what `conversation_id` to match on.
* Tag InputItem (#2304)
Instead of:
```
{ Text: { text: string } }
```
It is now:
```
{ type: "text", data: { text: string } }
```
which makes for cleaner discriminated unions
* HistoryCell is a trait (#2283)
refactors HistoryCell to be a trait instead of an enum. Also collapse
the many "degenerate" HistoryCell enums which were just a store of lines
into a single PlainHistoryCell type.
The goal here is to allow more ways of rendering history cells (e.g.
expanded/collapsed/"live"), and I expect we will return to more varied
types of HistoryCell as we develop this area.
* remove "status text" in bottom line (#2279)
this used to hold the most recent log line, but it was kinda broken and
not that useful.
* [context] Store context messages in rollouts (#2243)
## Summary
Currently, we use request-time logic to determine the user_instructions
and environment_context messages. This means that neither of these
values can change over time as conversations go on. We want to add in
additional details here, so we're migrating these to save these messages
to the rollout file instead. This is simpler for the client, and allows
us to append additional environment_context messages to each turn if we
want
## Testing
- [x] Integration test coverage
- [x] Tested locally with a few turns, confirmed model could reference
environment context and cached token metrics were reasonably high
* remove the · animation (#2271)
the pulsing dot felt too noisy to me next to the shimmering "Working"
text. we'll bring it back for streaming response text perhaps?
* remove logs from composer by default (#2307)
Currently the composer shows `handle_codex_event:<event name>` by
default which feels confusing. Let's make it appear in trace.
* fix: parallelize logic in Session::new() (#2305)
#2291 made it so that `Session::new()` is on the critical path to
`Codex::spawn()`, which means it is on the hot path to CLI startup. This
refactors `Session::new()` to run a number of async tasks in parallel
that were previously run serially to try to reduce latency.
* fix: do not allow dotenv to create/modify environment variables starting with CODEX_ (#2308)
This ensures Codex cannot drop a `.env` file with a value of
`CODEX_HOME` that points to a folder that Codex can control.
* text elements in textarea for pasted content (#2302)
This improves handling of pasted content in the textarea. It's no longer
possible to partially delete a placeholder (e.g. by ^W or ^D), nor is it
possible to place the cursor inside a placeholder. Also, we now render
placeholders in a different color to make them more clearly
differentiated.
https://github.com/user-attachments/assets/2051b3c3-963d-4781-a610-3afee522ae29
* use a central animation loop (#2268)
instead of each shimmer needing to have its own animation thread, have
render_ref schedule a new frame if it wants one and coalesce to the
earliest next frame. this also makes the animations
frame-timing-independent, based on start time instead of frame count.
* fix bash commands being incorrectly quoted in display (#2313)
The "display format" of commands was sometimes producing incorrect
quoting like `echo foo '>' bar`, which is importantly different from the
actual command that was being run. This refactors ParsedCommand to have
a string in `cmd` instead of a vec, as a `vec` can't accurately capture
a full command.
* test(core): add seatbelt sem lock tests (#1823)
## Summary
- add a unit test to ensure the macOS seatbelt policy allows POSIX
semaphores
- add a macOS-only test that runs a Python multiprocessing Lock under
Seatbelt
## Testing
- `cargo test -p codex_core seatbelt_base_policy_allows_ipc_posix_sem
--no-fail-fast` (failed: failed to download from
`https://static.crates.io/crates/tokio-stream/0.1.17/download`)
- `cargo test -p codex_core seatbelt_base_policy_allows_ipc_posix_sem
--no-fail-fast --offline` (failed: attempting to make an HTTP request,
but --offline was specified)
- `cargo test --all-features --no-fail-fast --offline` (failed:
attempting to make an HTTP request, but --offline was specified)
- `just fmt` (failed: command not found: just)
- `just fix` (failed: command not found: just)
Ran tests locally to confirm it passes on master and failed before my
previous change
------
https://chatgpt.com/codex/tasks/task_i_6890f221e0a4833381cfb53e11499bcc
* fix: move general sandbox tests to codex-rs/core/tests/sandbox.rs (#2317)
Previous to this PR, `codex-rs/core/tests/sandbox.rs` contained
integration tests that were specific to Seatbelt. This PR moves those
tests to `codex-rs/core/src/seatbelt.rs` and designates
`codex-rs/core/tests/sandbox.rs` to be used as the home for
cross-platform (well, Mac and Linux...) sandbox tests.
To start, this migrates
`python_multiprocessing_lock_works_under_seatbelt()` from #1823 to the
new `sandbox.rs` because this is the type of thing that should work on
both Mac _and_ Linux, though I still need to do some work to clean up
the test so it works on both platforms.
* fix: run python_multiprocessing_lock_works integration test on Mac and Linux (#2318)
The high-order bit on this PR is that it makes it so `sandbox.rs` tests
both Mac and Linux, as we introduce a general
`spawn_command_under_sandbox()` function with platform-specific
implementations for testing.
An important, and interesting, discovery in porting the test to Linux is
that (for reasons cited in the code comments), `/dev/shm` has to be
added to `writable_roots` on Linux in order for `multiprocessing.Lock`
to work there. Granting write access to `/dev/shm` comes with some
degree of risk, so we do not make this the default for Codex CLI.
Piggybacking on top of #2317, this moves the
`python_multiprocessing_lock_works` test yet again, moving
`codex-rs/core/tests/sandbox.rs` to `codex-rs/exec/tests/sandbox.rs`
because in `codex-rs/exec/tests` we can use `cargo_bin()` like so:
```
let codex_linux_sandbox_exe = assert_cmd::cargo::cargo_bin("codex-exec");
```
which is necessary so we can use `codex_linux_sandbox_exe` and therefore
`spawn_command_under_linux_sandbox` in an integration test.
This also moves `spawn_command_under_linux_sandbox()` out of `exec.rs`
and into `landlock.rs`, which makes things more consistent with
`seatbelt.rs` in `codex-core`.
For reference, https://github.com/openai/codex/pull/1808 is the PR that
made the change to Seatbelt to get this test to pass on Mac.
* fix: add call_id to ApprovalParams in mcp-server/src/wire_format.rs (#2322)
Clients still need this field.
* add a timer to running exec commands (#2321)
sometimes i switch back to codex and i don't know how long a command has
been running.
<img width="744" height="462" alt="Screenshot 2025-08-14 at 3 30 07 PM"
src="https://github.com/user-attachments/assets/bd80947f-5a47-43e6-ad19-69c2995a2a29"
/>
* fix: ensure rust-ci always "runs" when a PR is submitted (#2324)
Our existing path filters for `rust-ci.yml`:
https://github.com/openai/codex/blob/235987843c3d6647c0819c1071f9b9f064673e9c/.github/workflows/rust-ci.yml#L1-L11
made it so that PRs that touch only `README.md` would not trigger those
builds, which is a problem because our branch protection rules are set
as follows:
<img width="1569" height="1883" alt="Screenshot 2025-08-14 at 4 45
59 PM"
src="https://github.com/user-attachments/assets/5a61f8cc-cdaf-4341-abda-7faa7b46dbd4"
/>
With the existing setup, a change to `README.md` would get stuck in
limbo because not all the CI jobs required to merge would get run. It
turns out that we need to "run" all the jobs, but make them no-ops when
the `codex-rs` and `.github` folders are untouched to get the best of
both worlds.
I asked chat how to fix this, as we want CI to be fast for
documentation-only changes. It had two suggestions:
- Use https://github.com/dorny/paths-filter or some other third-party
action.
- Write an inline Bash script to avoid a third-party dependency.
This PR takes the latter approach so that we are clear about what we're
running in CI.
* clear running commands in various places (#2325)
we have a very unclear lifecycle for the chatwidget—this should only
have to be added in one place! but this fixes the "hanging commands"
issue where the active_exec_cell wasn't correctly cleared when commands
finished.
To repro w/o this PR:
1. prompt "run sleep 10"
2. once the command starts running, press <kbd>Esc</kbd>
3. prompt "run echo hi"
Expected:
```
✓ Completed
└ ⌨️ echo hi
codex
hi
```
Actual:
```
⚙︎ Working
└ ⌨️ echo hi
▌ Ask Codex to do anything
```
i.e. the "Working" never changes to "Completed".
The bug is fixed with this PR.
* Port login server to rust (#2294)
Port the login server to rust.
---------
Co-authored-by: pakrym-oai <pakrym@openai.com>
* Fix AF_UNIX, sockpair, recvfrom in linux sandbox (#2309)
When using codex-tui on a linux system I was unable to run `cargo
clippy` inside of codex due to:
```
[pid 3548377] socketpair(AF_UNIX, SOCK_SEQPACKET|SOCK_CLOEXEC, 0, <unfinished ...>
[pid 3548370] close(8 <unfinished ...>
[pid 3548377] <... socketpair resumed>0x7ffb97f4ed60) = -1 EPERM (Operation not permitted)
```
And
```
3611300 <... recvfrom resumed>0x708b8b5cffe0, 8, 0, NULL, NULL) = -1 EPERM (Operation not permitted)
```
This PR:
* Fixes a bug that disallowed AF_UNIX to allow it on `socket()`
* Adds recvfrom() to the syscall allow list, this should be fine since
we disable opening new sockets. But we should validate there is not a
open socket inheritance issue.
* Allow socketpair to be called for AF_UNIX
* Adds tests for AF_UNIX components
* All of which allows running `cargo clippy` within the sandbox on
linux, and possibly other tooling using a fork server model + AF_UNIX
comms.
* fix: trying to simplify rust-ci.yml (#2327)
It turns out that https://github.com/openai/codex/pull/2324 did not
quite work as intended. Chat's new idea is to have this catch-all "CI
results" job and update our branch protection rules to require this
instead.
* AGENTS.md more strongly suggests running targeted tests first (#2306)
* Added `allow-expect-in-tests` / `allow-unwrap-in-tests` (#2328)
This PR:
* Added the clippy.toml to configure allowable expect / unwrap usage in
tests
* Removed as many expect/allow lines as possible from tests
* moved a bunch of allows to expects where possible
Note: in integration tests, non `#[test]` helper functions are not
covered by this so we had to leave a few lingering `expect(expect_used`
checks around
* re-implement session id in status (#2332)
Basically the same thing as https://github.com/openai/codex/pull/2297
* Cleanup rust login server a bit more (#2331)
Remove some extra abstractions.
---------
Co-authored-by: easong-openai <easong@openai.com>
* Format multiline commands (#2333)
<img width="966" height="729" alt="image"
src="https://github.com/user-attachments/assets/fa45b7e1-cd46-427f-b2bc-8501e9e4760b"
/>
<img width="797" height="530" alt="image"
src="https://github.com/user-attachments/assets/6993eec5-e157-4df7-b558-15643ad10d64"
/>
* tui: include optional full command line in history display (#2334)
Add env var to show the raw, unparsed command line under parsed
commands. When we have transcript mode we should show the full command
there, but this is useful for debugging.
* [tools] Add apply_patch tool (#2303)
## Summary
We've been seeing a number of issues and reports with our synthetic
`apply_patch` tool, e.g. #802. Let's make this a real tool - in my
anecdotal testing, it's critical for GPT-OSS models, but I'd like to
make it the standard across GPT-5 and codex models as well.
## Testing
- [x] Tested locally
- [x] Integration test
* fix: tighten up checks against writable folders for SandboxPolicy (#2338)
I was looking at the implementation of `Session::get_writable_roots()`,
which did not seem right, as it was a copy of writable roots, which is
not guaranteed to be in sync with the `sandbox_policy` field.
I looked at who was calling `get_writable_roots()` and its only call
site was `apply_patch()` in `codex-rs/core/src/apply_patch.rs`, which
took the roots and forwarded them to `assess_patch_safety()` in
`safety.rs`. I updated `assess_patch_safety()` to take `sandbox_policy:
&SandboxPolicy` instead of `writable_roots: &[PathBuf]` (and replaced
`Session::get_writable_roots()` with `Session::get_sandbox_policy()`).
Within `safety.rs`, it was fairly easy to update
`is_write_patch_constrained_to_writable_paths()` to work with
`SandboxPolicy`, and in particular, it is far more accurate because, for
better or worse, `SandboxPolicy::get_writable_roots_with_cwd()` _returns
an empty vec_ for `SandboxPolicy::DangerFullAccess`, suggesting that
_nothing_ is writable when in reality _everything_ is writable. With
this PR, `is_write_patch_constrained_to_writable_paths()` now does the
right thing for each variant of `SandboxPolicy`.
I thought this would be the end of the story, but it turned out that
`test_writable_roots_constraint()` in `safety.rs` needed to be updated,
as well. In particular, the test was writing to
`std::env::current_dir()` instead of a `TempDir`, which I suspect was a
holdover from earlier when `SandboxPolicy::WorkspaceWrite` would always
make `TMPDIR` writable on macOS, which made it hard to write tests to
verify `SandboxPolicy` in `TMPDIR`. Fortunately, we now have
`exclude_tmpdir_env_var` as an option on
`SandboxPolicy::WorkspaceWrite`, so I was able to update the test to
preserve the existing behavior, but to no longer write to
`std::env::current_dir()`.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2338).
* #2345
* #2329
* #2343
* #2340
* __->__ #2338
* fix: introduce MutexExt::lock_unchecked() so we stop ignoring unwrap() throughout codex.rs (#2340)
This way we are sure a dangerous `unwrap()` does not sneak in!
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2340).
* #2345
* #2329
* #2343
* __->__ #2340
* #2338
* fix: try to fix flakiness in test_shell_command_approval_triggers_elicitation (#2344)
I still see flakiness in
`test_shell_command_approval_triggers_elicitation()` on occasion where
`MockServer` claims it has not received all of its expected requests.
I recently introduced a similar type of test in #2264,
`test_codex_jsonrpc_conversation_flow()`, which I have not seen flake
(yet!), so this PR pulls over two things I did in that test:
- increased `worker_threads` from `2` to `4`
- added an assertion to make sure the `task_complete` notification is
received
Honestly, I'm still not sure why `MockServer` claims it sometimes does
not receive all its expected requests given that we assert that the
final `JSONRPCResponse` is read on the stream, but let's give this a
shot.
Assuming this fixes things, my hypothesis is that the increase in
`worker_threads` helps because perhaps there are async tasks in
`MockServer` that do not reliably complete fully when there are not
enough threads available? If that is correct, it seems like the test
would still be flaky, though perhaps with lower frequency?
* tui: align diff display by always showing sign char and keeping fixed gutter (#2353)
diff lines without a sign char were misaligned.
* feat: introduce TurnContext (#2343)
This PR introduces `TurnContext`, which is designed to hold a set of
fields that should be constant for a turn of a conversation. Note that
the fields of `TurnContext` were previously governed by `Session`.
Ultimately, we want to enable users to change these values between turns
(changing model, approval policy, etc.), though in the current
implementation, the `TurnContext` is constant for the entire
conversation.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2345).
* #2345
* #2329
* __->__ #2343
* #2340
* #2338
* feat: introduce Op:UserTurn (#2329)
This introduces `Op::UserTurn`, which makes it possible to override many
of the fields that were set when the `Session` was originally created
when creating a new conversation turn. This is one way we could support
changing things like `model` or `cwd` in the middle of the conversation,
though we may want to consider making each field optional, or
alternatively having a separate `Op` that mutates the `TurnContext`
associated with a `submission_loop()`.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2329).
* #2345
* __->__ #2329
* #2343
* #2340
* #2338
* feat: introduce ClientRequest::SendUserTurn (#2345)
This adds a new request type, `SendUserTurn`, that makes it possible to
submit a `Op::UserTurn` operation (introduced in #2329) to a
conversation. This PR also adds a new integration test that verifies
that changing from `AskForApproval::UnlessTrusted` to
`AskForApproval::Never` mid-conversation ensures that an elicitation is
no longer sent for running `python3 -c print(42)`.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2345).
* __->__ #2345
* #2329
* #2343
* #2340
* #2338
* tui: skip identical consecutive entries in local composer history (#2352)
This PR avoids inserting duplicate consecutive messages into the Chat
Composer's local history.
* fix: introduce codex-protocol crate (#2355)
* Fix #2296 Add "minimal" reasoning effort for GPT 5 models (#2326)
This pull request resolves #2296; I've confirmed if it works by:
1. Add settings to ~/.codex/config.toml:
```toml
model_reasoning_effort = "minimal"
```
2. Run the CLI:
```
cd codex-rs
cargo build && RUST_LOG=trace cargo run --bin codex
/status
tail -f ~/.codex/log/codex-tui.log
```
Co-authored-by: pakrym-oai <pakrym@openai.com>
* Remove duplicated "Successfully logged in message" (#2357)
* color the status letter in apply patch summary (#2337)
<img width="440" height="77" alt="Screenshot 2025-08-14 at 8 30 30 PM"
src="https://github.com/user-attachments/assets/c6169a3a-2e98-4ace-b7ee-918cf4368b7a"
/>
* chore: remove duplicated lockfile (#2336)
* fix: include an entry for windows-x86_64 in the generated DotSlash file (#2361)
Now that we are improving our Windows support, we should be including an
entry for it in the DotSlash file.
Though anyone using the DotSlash file with Windows should use the new
Windows shim introduced in https://github.com/facebook/dotslash/pull/46.
For more info, see https://dotslash-cli.com/docs/windows/.
* Show progress indicator for /diff command (#2245)
## Summary
- Show a temporary Working on diff state in the bottom pan
- Add `DiffResult` app event and dispatch git diff asynchronously
## Testing
- `just fmt`
- `just fix` *(fails: `let` expressions in this position are unstable)*
- `cargo test --all-features` *(fails: `let` expressions in this
position are unstable)*
------
https://chatgpt.com/codex/tasks/task_i_689a839f32b88321840a893551d5fbef
* replace /prompts with a rotating placeholder (#2314)
* Added launch profile for attaching to a running codex CLI process (#2372)
* Added MCP server command to enable authentication using ChatGPT (#2373)
This PR adds two new APIs for the MCP server: 1) loginChatGpt, and 2)
cancelLoginChatGpt. The first starts a login server and returns a local
URL that allows for browser-based authentication, and the second
provides a way to cancel the login attempt. If the login attempt
succeeds, a notification (in the form of an event) is sent to a
subscriber.
I also added a timeout mechanism for the existing login server. The
loginChatGpt code path uses a 10-minute timeout by default, so if the
user fails to complete the login flow in that timeframe, the login
server automatically shuts down. I tested the timeout code by manually
setting the timeout to a much lower number and confirming that it works
as expected when used e2e.
* fix: refactor login/src/server.rs so process_request() is a separate function (#2388)
* fix: introduce EventMsg::TurnAborted (#2365)
Introduces `EventMsg::TurnAborted` that should be sent in response to
`Op::Interrupt`.
In the MCP server, updates the handling of a
`ClientRequest::InterruptConversation` request such that it sends the
`Op::Interrupt` but does not respond to the request until it sees an
`EventMsg::TurnAborted`.
* remove mcp-server/src/mcp_protocol.rs and the code that depends on it (#2360)
* fix: clean up styles & colors and define in styles.md (#2401)
New style guide:
# Headers, primary, and secondary text
- **Headers:** Use `bold`. For markdown with various header levels,
leave in the `#` signs.
- **Primary text:** Default.
- **Secondary text:** Use `dim`.
# Foreground colors
- **Default:** Most of the time, just use the default foreground color.
`reset` can help get it back.
- **Selection:** Use ANSI `blue`. (Ed & AE want to make this cyan too,
but we'll do that in a followup since it's riskier in different themes.)
- **User input tips and status indicators:** Use ANSI `cyan`.
- **Success and additions:** Use ANSI `green`.
- **Errors, failures and deletions:** Use ANSI `red`.
- **Codex:** Use ANSI `magenta`.
# Avoid
- Avoid custom colors because there's no guarantee that they'll contrast
well or look good on various terminal color themes.
- Avoid ANSI `black`, `white`, `yellow` as foreground colors because the
terminal theme will do a better job. (Use `reset` if you need to in
order to get those.) The exception is if you need contrast rendering
over a manually colored background.
(There are some rules to try to catch this in `clippy.toml`.)
# Testing
Tested in a variety of light and dark color themes in Terminal, iTerm2, and Ghostty.
* chore(deps-dev): bump @types/node from 24.2.1 to 24.3.0 in /.github/actions/codex (#2411)
Bumps
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)
from 24.2.1 to 24.3.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: stop using ANSI blue (#2421)
- One less color.
- Replaced with cyan which looks better next to other cyan components.
* chore: move mcp-server/src/wire_format.rs to protocol/src/mcp_protocol.rs (#2423)
The existing `wire_format.rs` should share more types with the
`codex-protocol` crate (like `AskForApproval` instead of maintaining a
parallel `CodexToolCallApprovalPolicy` enum), so this PR moves
`wire_format.rs` into `codex-protocol`, renaming it as
`mcp-protocol.rs`. We also de-dupe types, where appropriate.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2423).
* #2424
* __->__ #2423
* chore: add TS annotation to generated mcp-types (#2424)
Adds the `TS` annotation from https://crates.io/crates/ts-rs to all
types to facilitate codegen.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424).
* __->__ #2424
* #2423
* consolidate reasoning enums into one (#2428)
We have three enums for each of reasoning summaries and reasoning effort
with same values. They can be consolidated into one.
* Add an operation to override current task context (#2431)
- Added an operation to override current task context
- Added a test to check that cache stays the same
* protocol-ts (#2425)
* Add cache tests for UserTurn (#2432)
* Fix #2391 Add Ctrl+H as backspace keyboard shortcut (#2412)
This pull request resolves #2391. ctrl + h is not assigned to any other
operations at this moment, and this feature request sounds valid to me.
If we don't prefer having this, please feel free to close this.
* chore(deps): bump anyhow from 1.0.98 to 1.0.99 in /codex-rs (#2405)
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.98 to 1.0.99.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/anyhow/releases">anyhow's
releases</a>.</em></p>
<blockquote>
<h2>1.0.99</h2>
<ul>
<li>Allow build-script cleanup failure with NFSv3 output directory to be
non-fatal (<a
href="https://redirect.github.com/dtolnay/anyhow/issues/420">#420</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dtolnay/anyhow/commit/f2b963a759decf0828efb58a8fdd417fb12f71fb"><code>f2b963a</code></a>
Release 1.0.99</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/2c64c15e75f8f588f01810a990e1529e8aa0eea9"><code>2c64c15</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/anyhow/issues/420">#420</a>
from dtolnay/enotempty</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/8cf66f79361d568067a75848aec30d3b2072be5c"><code>8cf66f7</code></a>
Allow build-script cleanup failure with NFSv3 output directory to be
non-fatal</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/f5e145c683a2cb958268d1bbeb5dedabca0b0fc7"><code>f5e145c</code></a>
Revert "Pin nightly toolchain used for miri job"</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/1d7ef1db5414ac155ad6254685673c90ea4c7d77"><code>1d7ef1d</code></a>
Update ui test suite to nightly-2025-06-30</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/69295727cefb015a184f9b780fcc51ef905a798c"><code>6929572</code></a>
Update ui test suite to nightly-2025-06-18</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/37224e3142ea62f29f31d4a2bd69c3afc80d7cc4"><code>37224e3</code></a>
Ignore mismatched_lifetime_syntaxes lint</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/11f0e81aaf1a9bd6675c841c8db07968096e8ee1"><code>11f0e81</code></a>
Pin nightly toolchain used for miri job</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/d04c999d6327c7a72ab98221c7b249104debc16b"><code>d04c999</code></a>
Raise required compiler for backtrace feature to rust 1.82</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/219d16330d92a9d2adf6f4645a6db7ec5516d0cc"><code>219d163</code></a>
Update test suite to nightly-2025-05-01</li>
<li>See full diff in <a
href="https://github.com/dtolnay/anyhow/compare/1.0.98...1.0.99">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump libc from 0.2.174 to 0.2.175 in /codex-rs (#2406)
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.174 to 0.2.175.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/libc/releases">libc's
releases</a>.</em></p>
<blockquote>
<h2>0.2.175</h2>
<h3>Added</h3>
<ul>
<li>AIX: Add <code>getpeereid</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4524">#4524</a>)</li>
<li>AIX: Add <code>struct ld_info</code> and friends (<a
href="https://redirect.github.com/rust-lang/libc/pull/4578">#4578</a>)</li>
<li>AIX: Retore <code>struct winsize</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4577">#4577</a>)</li>
<li>Android: Add UDP socket option constants (<a
href="https://redirect.github.com/rust-lang/libc/pull/4619">#4619</a>)</li>
<li>Android: Add <code>CLONE_CLEAR_SIGHAND</code> and
<code>CLONE_INTO_CGROUP</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4502">#4502</a>)</li>
<li>Android: Add more <code>prctl</code> constants (<a
href="https://redirect.github.com/rust-lang/libc/pull/4531">#4531</a>)</li>
<li>FreeBSD Add further TCP stack-related constants (<a
href="https://redirect.github.com/rust-lang/libc/pull/4196">#4196</a>)</li>
<li>FreeBSD x86-64: Add <code>mcontext_t.mc_tlsbase </code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4503">#4503</a>)</li>
<li>FreeBSD15: Add <code>kinfo_proc.ki_uerrmsg</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4552">#4552</a>)</li>
<li>FreeBSD: Add <code>in_conninfo</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4482">#4482</a>)</li>
<li>FreeBSD: Add <code>xinpgen</code> and related types (<a
href="https://redirect.github.com/rust-lang/libc/pull/4482">#4482</a>)</li>
<li>FreeBSD: Add <code>xktls_session</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4482">#4482</a>)</li>
<li>Haiku: Add functionality from <code>libbsd</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4221">#4221</a>)</li>
<li>Linux: Add <code>SECBIT_*</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4480">#4480</a>)</li>
<li>NetBSD, OpenBSD: Export <code>ioctl</code> request generator macros
(<a
href="https://redirect.github.com/rust-lang/libc/pull/4460">#4460</a>)</li>
<li>NetBSD: Add <code>ptsname_r</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4608">#4608</a>)</li>
<li>RISCV32: Add time-related syscalls (<a
href="https://redirect.github.com/rust-lang/libc/pull/4612">#4612</a>)</li>
<li>Solarish: Add <code>strftime*</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4453">#4453</a>)</li>
<li>linux: Add <code>EXEC_RESTRICT_*</code> and <code>EXEC_DENY_*</code>
(<a
href="https://redirect.github.com/rust-lang/libc/pull/4545">#4545</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>AIX: Add <code>const</code> to signatures to be consistent with
other platforms (<a
href="https://redirect.github.com/rust-lang/libc/pull/4563">#4563</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>AIX: Fix the type of <code>struct statvfs.f_fsid</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4576">#4576</a>)</li>
<li>AIX: Fix the type of constants for the <code>ioctl</code>
<code>request</code> argument (<a
href="https://redirect.github.com/rust-lang/libc/pull/4582">#4582</a>)</li>
<li>AIX: Fix the types of <code>stat{,64}.st_*tim</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4597">#4597</a>)</li>
<li>AIX: Use unique <code>errno</code> values (<a
href="https://redirect.github.com/rust-lang/libc/pull/4507">#4507</a>)</li>
<li>Build: Fix an incorrect <code>target_os</code> ->
<code>target_arch</code> check (<a
href="https://redirect.github.com/rust-lang/libc/pull/4550">#4550</a>)</li>
<li>FreeBSD: Fix the type of <code>xktls_session_onedir.ifnet</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4552">#4552</a>)</li>
<li>Mips64 musl: Fix the type of <code>nlink_t</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4509">#4509</a>)</li>
<li>Mips64 musl: Use a special MIPS definition of <code>stack_t</code>
(<a
href="https://redirect.github.com/rust-lang/libc/pull/4528">#4528</a>)</li>
<li>Mips64: Fix <code>SI_TIMER</code>, <code>SI_MESGQ</code> and
<code>SI_ASYNCIO</code> definitions (<a
href="https://redirect.github.com/rust-lang/libc/pull/4529">#4529</a>)</li>
<li>Musl Mips64: Swap the order of <code>si_errno</code> and
<code>si_code</code> in <code>siginfo_t</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4530">#4530</a>)</li>
<li>Musl Mips64: Use a special MIPS definition of <code>statfs</code>
(<a
href="https://redirect.github.com/rust-lang/libc/pull/4527">#4527</a>)</li>
<li>Musl: Fix the definition of <code>fanotify_event_metadata</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4510">#4510</a>)</li>
<li>NetBSD: Correct <code>enum fae_action</code> to be
<code>#[repr(C)]</code> (<a
href="https://github.com/rust-lang/libc/commit/60a8cfd564f83164d45b9533ff7a0d7371878f2a">#60a8cfd5</a>)</li>
<li>PSP: Correct <code>char</code> -> <code>c_char</code> (<a
href="https://github.com/rust-lang/libc/commit/eaab4fc3f05dc646a953d4fd5ba46dfa1f8bd6f6">eaab4fc3</a>)</li>
<li>PowerPC musl: Fix <code>termios</code> definitions (<a
href="https://redirect.github.com/rust-lang/libc/pull/4518">#4518</a>)</li>
<li>PowerPC musl: Fix the definition of <code>EDEADLK</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4517">#4517</a>)</li>
<li>PowerPC musl: Fix the definition of <code>NCCS</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4513">#4513</a>)</li>
<li>PowerPC musl: Fix the definitions of <code>MAP_LOCKED</code> and
<code>MAP_NORESERVE</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4516">#4516</a>)</li>
<li>PowerPC64 musl: Fix the definition of <code>shmid_ds</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4519">#4519</a>)</li>
</ul>
<h3>Deprecated</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/libc/blob/0.2.175/CHANGELOG.md">libc's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/rust-lang/libc/compare/0.2.174...0.2.175">0.2.175</a>
- 2025-08-10</h2>
<h3>Added</h3>
<ul>
<li>AIX: Add <code>getpeereid</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4524">#4524</a>)</li>
<li>AIX: Add <code>struct ld_info</code> and friends (<a
href="https://redirect.github.com/rust-lang/libc/pull/4578">#4578</a>)</li>
<li>AIX: Retore <code>struct winsize</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4577">#4577</a>)</li>
<li>Android: Add UDP socket option constants (<a
href="https://redirect.github.com/rust-lang/libc/pull/4619">#4619</a>)</li>
<li>Android: Add <code>CLONE_CLEAR_SIGHAND</code> and
<code>CLONE_INTO_CGROUP</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4502">#4502</a>)</li>
<li>Android: Add more <code>prctl</code> constants (<a
href="https://redirect.github.com/rust-lang/libc/pull/4531">#4531</a>)</li>
<li>FreeBSD Add further TCP stack-related constants (<a
href="https://redirect.github.com/rust-lang/libc/pull/4196">#4196</a>)</li>
<li>FreeBSD x86-64: Add <code>mcontext_t.mc_tlsbase </code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4503">#4503</a>)</li>
<li>FreeBSD15: Add <code>kinfo_proc.ki_uerrmsg</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4552">#4552</a>)</li>
<li>FreeBSD: Add <code>in_conninfo</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4482">#4482</a>)</li>
<li>FreeBSD: Add <code>xinpgen</code> and related types (<a
href="https://redirect.github.com/rust-lang/libc/pull/4482">#4482</a>)</li>
<li>FreeBSD: Add <code>xktls_session</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4482">#4482</a>)</li>
<li>Haiku: Add functionality from <code>libbsd</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4221">#4221</a>)</li>
<li>Linux: Add <code>SECBIT_*</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4480">#4480</a>)</li>
<li>NetBSD, OpenBSD: Export <code>ioctl</code> request generator macros
(<a
href="https://redirect.github.com/rust-lang/libc/pull/4460">#4460</a>)</li>
<li>NetBSD: Add <code>ptsname_r</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4608">#4608</a>)</li>
<li>RISCV32: Add time-related syscalls (<a
href="https://redirect.github.com/rust-lang/libc/pull/4612">#4612</a>)</li>
<li>Solarish: Add <code>strftime*</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4453">#4453</a>)</li>
<li>linux: Add <code>EXEC_RESTRICT_*</code> and <code>EXEC_DENY_*</code>
(<a
href="https://redirect.github.com/rust-lang/libc/pull/4545">#4545</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>AIX: Add <code>const</code> to signatures to be consistent with
other platforms (<a
href="https://redirect.github.com/rust-lang/libc/pull/4563">#4563</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>AIX: Fix the type of <code>struct statvfs.f_fsid</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4576">#4576</a>)</li>
<li>AIX: Fix the type of constants for the <code>ioctl</code>
<code>request</code> argument (<a
href="https://redirect.github.com/rust-lang/libc/pull/4582">#4582</a>)</li>
<li>AIX: Fix the types of <code>stat{,64}.st_*tim</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4597">#4597</a>)</li>
<li>AIX: Use unique <code>errno</code> values (<a
href="https://redirect.github.com/rust-lang/libc/pull/4507">#4507</a>)</li>
<li>Build: Fix an incorrect <code>target_os</code> ->
<code>target_arch</code> check (<a
href="https://redirect.github.com/rust-lang/libc/pull/4550">#4550</a>)</li>
<li>FreeBSD: Fix the type of <code>xktls_session_onedir.ifnet</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4552">#4552</a>)</li>
<li>Mips64 musl: Fix the type of <code>nlink_t</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4509">#4509</a>)</li>
<li>Mips64 musl: Use a special MIPS definition of <code>stack_t</code>
(<a
href="https://redirect.github.com/rust-lang/libc/pull/4528">#4528</a>)</li>
<li>Mips64: Fix <code>SI_TIMER</code>, <code>SI_MESGQ</code> and
<code>SI_ASYNCIO</code> definitions (<a
href="https://redirect.github.com/rust-lang/libc/pull/4529">#4529</a>)</li>
<li>Musl Mips64: Swap the order of <code>si_errno</code> and
<code>si_code</code> in <code>siginfo_t</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4530">#4530</a>)</li>
<li>Musl Mips64: Use a special MIPS definition of <code>statfs</code>
(<a
href="https://redirect.github.com/rust-lang/libc/pull/4527">#4527</a>)</li>
<li>Musl: Fix the definition of <code>fanotify_event_metadata</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4510">#4510</a>)</li>
<li>NetBSD: Correct <code>enum fae_action</code> to be
<code>#[repr(C)]</code> (<a
href="https://github.com/rust-lang/libc/commit/60a8cfd564f83164d45b9533ff7a0d7371878f2a">#60a8cfd5</a>)</li>
<li>PSP: Correct <code>char</code> -> <code>c_char</code> (<a
href="https://github.com/rust-lang/libc/commit/eaab4fc3f05dc646a953d4fd5ba46dfa1f8bd6f6">eaab4fc3</a>)</li>
<li>PowerPC musl: Fix <code>termios</code> definitions (<a
href="https://redirect.github.com/rust-lang/libc/pull/4518">#4518</a>)</li>
<li>PowerPC musl: Fix the definition of <code>EDEADLK</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4517">#4517</a>)</li>
<li>PowerPC musl: Fix the definition of <code>NCCS</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4513">#4513</a>)</li>
<li>PowerPC musl: Fix the definitions of <code>MAP_LOCKED</code> and
<code>MAP_NORESERVE</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4516">#4516</a>)</li>
<li>PowerPC64 musl: Fix the definition of <code>shmid_ds</code> (<a
href="https://redirect.github.com/rust-lang/libc/pull/4519">#4519</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/rust-lang/libc/commit/84e26e6b166a6634d679fbf44e957102846b8a03"><code>84e26e6</code></a>
Update the lockfile</li>
<li><a
href="https://github.com/rust-lang/libc/commit/4d04aee906450fed27305de30c23f518166f919f"><code>4d04aee</code></a>
chore: release libc 0.2.175</li>
<li><a
href="https://github.com/rust-lang/libc/commit/94a7f32972a352fe348edbd49b06995542f3c5f5"><code>94a7f32</code></a>
cleanup: Format a file that was missed</li>
<li><a
href="https://github.com/rust-lang/libc/commit/172527344a1d92b2ca7f88fe2b1bbde4b02de58b"><code>1725273</code></a>
Rename the ctest file from <code>main</code> to <code>ctest</code></li>
<li><a
href="https://github.com/rust-lang/libc/commit/e9b021b7cd3d3f045ce8ec743d344e56b14f7244"><code>e9b021b</code></a>
freebsd adding further TCP stack related constants.</li>
<li><a
href="https://github.com/rust-lang/libc/commit/9606a2918b1f370119af8022d61b0ff03175beb5"><code>9606a29</code></a>
freebsd15: Add ki_uerrmsg to struct kinfo_proc</li>
<li><a
href="https://github.com/rust-lang/libc/commit/2816bc2f66c1c62ec5a616fb499a2b27bbba4a3c"><code>2816bc2</code></a>
libc-test: include sys/ktls.h on freebsd</li>
<li><a
href="https://github.com/rust-lang/libc/commit/adfe283365cff1c6a05cddeca8afeaa667d1c637"><code>adfe283</code></a>
libc-test: Account for xktls_session_onedir::gen (freebsd)</li>
<li><a
href="https://github.com/rust-lang/libc/commit/4cc1bf43310e6a31636e4c4eb31e78e702938f50"><code>4cc1bf4</code></a>
freebsd: Document avoidance of reserved name <code>gen</code></li>
<li><a
href="https://github.com/rust-lang/libc/commit/7cdcaa62396816db2177cb663a4bf57f79603a52"><code>7cdcaa6</code></a>
freebsd: Fix type of struct xktls_session_onedir, field ifnet</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-lang/libc/compare/0.2.174...0.2.175">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore: prefer returning Err to expect() (#2389)
Letting the caller deal with `Err` seems preferable to using `expect()`
(which would `panic!()`), particularly given that the function already
returns `Result`.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2389).
* #2399
* #2398
* #2396
* #2395
* #2394
* #2393
* __->__ #2389
* fix: async-ify login flow (#2393)
This replaces blocking I/O with async/non-blocking I/O in a number of
cases. This facilitates the use of `tokio::sync::Notify` and
`tokio::select!` in #2394.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2393).
* #2399
* #2398
* #2396
* #2395
* #2394
* __->__ #2393
* #2389
* chore(deps): bump clap from 4.5.43 to 4.5.45 in /codex-rs (#2404)
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.43 to 4.5.45.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.5.45</h2>
<h2>[4.5.45] - 2025-08-12</h2>
<h3>Fixes</h3>
<ul>
<li><em>(unstable-v5)</em> <code>ValueEnum</code> variants now use the
full doc comment, not summary, for <code>PossibleValue::help</code></li>
</ul>
<h2>v4.5.44</h2>
<h2>[4.5.44] - 2025-08-11</h2>
<h3>Features</h3>
<ul>
<li>Add <code>Command::mut_subcommands</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.5.45] - 2025-08-12</h2>
<h3>Fixes</h3>
<ul>
<li><em>(unstable-v5)</em> <code>ValueEnum</code> variants now use the
full doc comment, not summary, for <code>PossibleValue::help</code></li>
</ul>
<h2>[4.5.44] - 2025-08-11</h2>
<h3>Features</h3>
<ul>
<li>Add <code>Command::mut_subcommands</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/clap-rs/clap/commit/246d972a6c5bef724ce5fbaac4a97cffa10a77c8"><code>246d972</code></a>
chore: Release</li>
<li><a
href="https://github.com/clap-rs/clap/commit/a35a0761aeebcfb10d363227fe54db25a5bea2c0"><code>a35a076</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/clap-rs/clap/commit/9b985a3c17449f474633c31ec63215dbb810d075"><code>9b985a3</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5912">#5912</a>
from epage/takes</li>
<li><a
href="https://github.com/clap-rs/clap/commit/389fbe87d2cf5f093db7dc5ebcac819536176f76"><code>389fbe8</code></a>
feat(builder): Allow flags to take num_args=0..=1</li>
<li><a
href="https://github.com/clap-rs/clap/commit/c395d02703e1ebe76dc87d03b725a47937be29de"><code>c395d02</code></a>
test(parser): Show flag behavior</li>
<li><a
href="https://github.com/clap-rs/clap/commit/32c119efa6937a8f261e75d7c71323ab5312748d"><code>32c119e</code></a>
refactor(assert): Be more specific than action.takes_values</li>
<li><a
href="https://github.com/clap-rs/clap/commit/80ea3e7c2437c46722c5e66e132002e684889bd9"><code>80ea3e7</code></a>
fix(assert): Clean up num_args/action assert</li>
<li><a
href="https://github.com/clap-rs/clap/commit/2bc0f45fe590a8c4a5518a3a3d42d074dc89ee87"><code>2bc0f45</code></a>
fix(builder): Make ValueRange display independent of usize::MAX</li>
<li><a
href="https://github.com/clap-rs/clap/commit/a0187c6f3beb15f8f75bc38dd9e45cea2563329c"><code>a0187c6</code></a>
test(assert): Verify num_args/action compat</li>
<li><a
href="https://github.com/clap-rs/clap/commit/a8f9885250579d632aa9f6adc2a9ca17ab0833a1"><code>a8f9885</code></a>
refactor(builder): Be more explicit in how takes_values is used</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.43...clap_complete-v4.5.45">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any …
justinlinw
pushed a commit
to Stanford-Trinity/ARTEMIS
that referenced
this pull request
Aug 29, 2025
* feat: add a /mention slash command (#2114)
- To help people discover @mentions.
- Command just places a @ in the composer.
- #2115 then improves the behavior of @mentions with empty queries.
* fix: change the model used with the GitHub action from o3 to gpt-5 (#2198)
`gpt-5` has been a valid slug since
https://github.com/openai/codex/pull/1942.
* [TUI] Split multiline commands (#2202)
Fixes:
<img width="5084" height="1160" alt="CleanShot 2025-08-11 at 16 02 55"
src="https://github.com/user-attachments/assets/ccdbf39d-dc8b-4214-ab65-39ac89841d1c"
/>
* Send prompt_cache_key (#2200)
To optimize prompt caching performance.
* [prompts] integration test prompt caching (#2189)
## Summary
Our current approach to prompt caching is fragile! The current approach
works, but we are planning to update to a more resilient system (storing
them in the rollout file). Let's start adding some integration tests to
ensure stability while we migrate it.
## Testing
- [x] These are the tests 😎
* fix: remove unused import in release mode (#2201)
Moves `use codex_core::protocol::EventMsg` inside the block annotated
with `#[cfg(debug_assertions)]` since that was the only place in the
file that was using it.
This eliminates the `warning: unused import:` when building with `cargo
build --release` in `cargo-rs/tui`.
Note this was not breaking CI because we do not build release builds on
CI since we're impatient :P
* chore(deps): bump toml from 0.9.4 to 0.9.5 in /codex-rs (#2157)
Bumps [toml](https://github.com/toml-rs/toml) from 0.9.4 to 0.9.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/toml-rs/toml/commit/bd21148c49c784cb9136e5d069471dfeae13a339"><code>bd21148</code></a>
chore: Release</li>
<li><a
href="https://github.com/toml-rs/toml/commit/ff1cb9a263314e7a908b2c864c1932d5346af441"><code>ff1cb9a</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/toml-rs/toml/commit/39dd8b6422ac0f1068ae889737dfaa6a9fc7a53d"><code>39dd8b6</code></a>
fix(parser): Improve bad quote error messages (<a
href="https://redirect.github.com/toml-rs/toml/issues/1014">#1014</a>)</li>
<li><a
href="https://github.com/toml-rs/toml/commit/137338eb266892ae371058516c4057d1c3d57d34"><code>137338e</code></a>
chore(deps): Update Rust crate serde_json to v1.0.142 (<a
href="https://redirect.github.com/toml-rs/toml/issues/1022">#1022</a>)</li>
<li><a
href="https://github.com/toml-rs/toml/commit/d5b8c8a94e6f34f35a74d04e542d69cd0727819e"><code>d5b8c8a</code></a>
fix(parser): Improve missing-open-quote errors</li>
<li><a
href="https://github.com/toml-rs/toml/commit/ce91354fc7673320381a36dc4db8c55ce9d6a8e0"><code>ce91354</code></a>
fix(parser): Don't treat trailing quotes as separate items</li>
<li><a
href="https://github.com/toml-rs/toml/commit/8f424edd08403509169db7187d16728c4a46e890"><code>8f424ed</code></a>
fix(parser): Conjoin more values in unquoted string errors</li>
<li><a
href="https://github.com/toml-rs/toml/commit/2b9a81ae793329e2c2e979f80cc8b88649a1cb91"><code>2b9a81a</code></a>
fix(parser): Reduce float false positives</li>
<li><a
href="https://github.com/toml-rs/toml/commit/f6538413bbc61de436ba3f294cd8fd3863c69e7e"><code>f653841</code></a>
fix(parser): Reduce float/bool false positives</li>
<li><a
href="https://github.com/toml-rs/toml/commit/f4864ef34b70fb4d772555484bf5cac8a260128d"><code>f4864ef</code></a>
test(parser): Add case for missing start quote</li>
<li>See full diff in <a
href="https://github.com/toml-rs/toml/compare/toml-v0.9.4...toml-v0.9.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* docs: update codex-rs/config.md to reflect that gpt-5 is the default model (#2199)
`gpt-5` has replaced `codex-mini-latest` as the default.
* chore(deps): bump clap from 4.5.41 to 4.5.43 in /codex-rs (#2159)
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.41 to 4.5.43.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.5.43</h2>
<h2>[4.5.43] - 2025-08-06</h2>
<h3>Fixes</h3>
<ul>
<li><em>(help)</em> In long help, list Possible Values before defaults,
rather than after, for a more consistent look</li>
</ul>
<h2>v4.5.42</h2>
<h2>[4.5.42] - 2025-07-30</h2>
<h3>Fixes</h3>
<ul>
<li>Include subcommand visible long aliases in <code>--help</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.5.43] - 2025-08-06</h2>
<h3>Fixes</h3>
<ul>
<li><em>(help)</em> In long help, list Possible Values before defaults,
rather than after, for a more consistent look</li>
</ul>
<h2>[4.5.42] - 2025-07-30</h2>
<h3>Fixes</h3>
<ul>
<li>Include subcommand visible long aliases in <code>--help</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/clap-rs/clap/commit/c4105bd90c314ac21dd9e008de8b88ab0175fdf7"><code>c4105bd</code></a>
chore: Release</li>
<li><a
href="https://github.com/clap-rs/clap/commit/a029b20be631aab1d3a963872df2158b97f61427"><code>a029b20</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/clap-rs/clap/commit/cf15d48b59cf39cafc3e3797dec293edaf9cf533"><code>cf15d48</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5893">#5893</a>
from 8LWXpg/patch-2</li>
<li><a
href="https://github.com/clap-rs/clap/commit/7e54542de972c4af98d3035377dcde83c5a5734e"><code>7e54542</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5892">#5892</a>
from 8LWXpg/patch-1</li>
<li><a
href="https://github.com/clap-rs/clap/commit/6ffc88f8c97be82e71d5d6101c98e1042708ab69"><code>6ffc88f</code></a>
fix(complete): Check if help string is empty</li>
<li><a
href="https://github.com/clap-rs/clap/commit/7d8470ed9cf1d5503482938cea62f8f363579f12"><code>7d8470e</code></a>
fix(complete): Fix single quote escaping in PowerShell</li>
<li><a
href="https://github.com/clap-rs/clap/commit/eadcc8f66c128272ea309fed3d53d45b9c700b6f"><code>eadcc8f</code></a>
chore: Release</li>
<li><a
href="https://github.com/clap-rs/clap/commit/7ce0f7bea34011ca888a762bdd95d2371006c97a"><code>7ce0f7b</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/clap-rs/clap/commit/fea7c5487bb602a9b7151c40069afc6f34bda442"><code>fea7c54</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5888">#5888</a>
from epage/tut</li>
<li><a
href="https://github.com/clap-rs/clap/commit/c297ddd56e2601d9d1b0a0ba13a9086e8f3ac43c"><code>c297ddd</code></a>
docs(tutorial): Experiment with a flat layout</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.41...clap_complete-v4.5.43">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 24.1.0 to 24.2.1 in /.github/actions/codex (#2164)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump clap_complete from 4.5.55 to 4.5.56 in /codex-rs (#2158)
Bumps [clap_complete](https://github.com/clap-rs/clap) from 4.5.55 to
4.5.56.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/clap-rs/clap/commit/9cec1007acdc3cd990feded4322a4bccd2fd471c"><code>9cec100</code></a>
chore: Release</li>
<li><a
href="https://github.com/clap-rs/clap/commit/00e72e06f46e2c21e5bb4dd82aa5fca02a9e5c16"><code>00e72e0</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/clap-rs/clap/commit/c7848ff6fc3f8e0f7b66eaee10d44b43eea54538"><code>c7848ff</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/6094">#6094</a>
from epage/home</li>
<li><a
href="https://github.com/clap-rs/clap/commit/60184fb76a3d88277f89430402d01a121feb858c"><code>60184fb</code></a>
feat(complete): Expand ~ in native completions</li>
<li><a
href="https://github.com/clap-rs/clap/commit/09969d3c1af9dd22fb944c09f8b1c27274cad824"><code>09969d3</code></a>
chore(deps): Update Rust Stable to v1.89 (<a
href="https://redirect.github.com/clap-rs/clap/issues/6093">#6093</a>)</li>
<li><a
href="https://github.com/clap-rs/clap/commit/520beb5ec2d2bb5dd11912d27127df4e97027965"><code>520beb5</code></a>
chore: Release</li>
<li><a
href="https://github.com/clap-rs/clap/commit/2bd8ab3c009fc975db28209c3c3fb526364342ae"><code>2bd8ab3</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/clap-rs/clap/commit/220875b58511028ba9cd38f7195b8b3315b72d0d"><code>220875b</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/6091">#6091</a>
from epage/possible</li>
<li><a
href="https://github.com/clap-rs/clap/commit/e5eb6c9d84efac5d660322e92dbbc0158266602d"><code>e5eb6c9</code></a>
fix(help): Integrate 'Possible Values:' into 'Arg::help'</li>
<li><a
href="https://github.com/clap-rs/clap/commit/594a771030e43df8c806ea1a029862339739a0f3"><code>594a771</code></a>
refactor(help): Make empty tracking more consistent</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.55...clap_complete-v4.5.56">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* TUI: Show apply patch diff. Stack: [2/2] (#2050)
Show the diff for apply patch
<img width="801" height="345" alt="image"
src="https://github.com/user-attachments/assets/a15d6112-e83e-4612-a2bd-43285689a358"
/>
Stack:
-> #2050
#2049
* chore(deps-dev): bump @types/bun from 1.2.19 to 1.2.20 in /.github/actions/codex (#2163)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: update ctrl-z to suspend tui (#2113)
- Lean on ctrl-c and esc to interrupt.
- (Only on unix.)
https://github.com/user-attachments/assets/7ce6c57f-6ee2-40c2-8cd2-b31265f16c1c
* fix: take ExecToolCallOutput by value to avoid clone() (#2197)
Since the output could be a large string, it seemed like a win to avoid
the `clone()` in the common case.
* Support truststore when available and add tracing (#2232)
Supports minimal tracing and detection of working ssl cert.
* Set user-agent (#2230)
Use the same well-defined value in all cases when sending user-agent
header
* [prompt] Restore important guidance for shell command usage (#2211)
## Summary
In #1939 we overhauled a lot of our prompt. This was largely good, but
we're seeing some specific points of confusion from the model! This
prompt update attempts to address 3 of them:
- Enforcing the use of `ripgrep`, which is bundled as a dependency when
installed with homebrew. We should do the same on node (in progress)
- Explicit guidance on reading files in chunks.
- Slight adjustment to networking sandbox language. `enabled` /
`restricted` is anecdotally less confusing to the model and requires
less reasoning to escalate for approval.
We are going to continue iterating on shell usage and tools, but this
restores us to best practices for current model snapshots.
## Testing
- [x] evals
- [x] local testing
* Show "Update plan" in TUI plan updates (#2192)
## Summary
- Display "Update plan" instead of "Update to do" when the plan is
updated in the TUI
## Testing
- `just fmt`
- `just fix` *(fails: E0658 `let` expressions in this position are
unstable)*
- `cargo test --all-features` *(fails: E0658 `let` expressions in this
position are unstable)*
------
https://chatgpt.com/codex/tasks/task_i_6897f78fc5908322be488f02db42a5b9
* Fix release build (#2244)
Missing import.
* Better implementation of interrupt on Esc (#2111)
Use existing abstractions
* Fix build break and build release (#2242)
Build release profile for one configuration.
* Re-add markdown streaming (#2029)
Wait for newlines, then render markdown on a line by line basis. Word wrap it for the current terminal size and then spit it out line by line into the UI. Also adds tests and fixes some UI regressions.
* Fix frontend test (#2247)
UI fixtures are brittle! Who knew.
* fix: display canonical command name in help (#2246)
## Summary
- ensure CLI help uses `codex` as program name regardless of binary
filename
## Testing
- `just fmt`
- `just fix` *(fails: `let` expressions in this position are unstable)*
- `cargo test --all-features` *(fails: `let` expressions in this
position are unstable)*
------
https://chatgpt.com/codex/tasks/task_i_689bd5a731188320814dcbbc546ce22a
* feat(tui): add ctrl-b and ctrl-f shortcuts (#2260)
## Summary
- support Ctrl-b and Ctrl-f to move the cursor left and right in the
chat composer text area
- test Ctrl-b/Ctrl-f cursor movements
## Testing
- `just fmt`
- `just fix` *(fails: `let` expressions in this position are unstable)*
- `cargo test --all-features` *(fails: `let` expressions in this
position are unstable)*
------
https://chatgpt.com/codex/tasks/task_i_689cbd1d7968832e876fff169891e486
* Update header from Working once batched commands are done (#2249)
Update commands from Working to Complete or Failed after they're done
before:
<img width="725" height="332" alt="image"
src="https://github.com/user-attachments/assets/fb93d21f-5c4a-42bc-a154-14f4fe99d5f9"
/>
after:
<img width="464" height="65" alt="image"
src="https://github.com/user-attachments/assets/15ec7c3b-355f-473e-9a8e-eab359ec5f0d"
/>
* fix: remove behavioral prompting from update_plan tool def (#2261)
- Moved some of the content to the main prompt.
* chore: introduce ConversationManager as a clearinghouse for all conversations (#2240)
This PR does two things because after I got deep into the first one I
started pulling on the thread to the second:
- Makes `ConversationManager` the place where all in-memory
conversations are created and stored. Previously, `MessageProcessor` in
the `codex-mcp-server` crate was doing this via its `session_map`, but
this is something that should be done in `codex-core`.
- It unwinds the `ctrl_c: tokio::sync::Notify` that was threaded
throughout our code. I think this made sense at one time, but now that
we handle Ctrl-C within the TUI and have a proper `Op::Interrupt` event,
I don't think this was quite right, so I removed it. For `codex exec`
and `codex proto`, we now use `tokio::signal::ctrl_c()` directly, but we
no longer make `Notify` a field of `Codex` or `CodexConversation`.
Changes of note:
- Adds the files `conversation_manager.rs` and `codex_conversation.rs`
to `codex-core`.
- `Codex` and `CodexSpawnOk` are no longer exported from `codex-core`:
other crates must use `CodexConversation` instead (which is created via
`ConversationManager`).
- `core/src/codex_wrapper.rs` has been deleted in favor of
`ConversationManager`.
- `ConversationManager::new_conversation()` returns `NewConversation`,
which is in line with the `new_conversation` tool we want to add to the
MCP server. Note `NewConversation` includes `SessionConfiguredEvent`, so
we eliminate checks in cases like `codex-rs/core/tests/client.rs` to
verify `SessionConfiguredEvent` is the first event because that is now
internal to `ConversationManager`.
- Quite a bit of code was deleted from
`codex-rs/mcp-server/src/message_processor.rs` since it no longer has to
manage multiple conversations itself: it goes through
`ConversationManager` instead.
- `core/tests/live_agent.rs` has been deleted because I had to update a
bunch of tests and all the tests in here were ignored, and I don't think
anyone ever ran them, so this was just technical debt, at this point.
- Removed `notify_on_sigint()` from `util.rs` (and in a follow-up, I
hope to refactor the blandly-named `util.rs` into more descriptive
files).
- In general, I started replacing local variables named `codex` as
`conversation`, where appropriate, though admittedly I didn't do it
through all the integration tests because that would have added a lot of
noise to this PR.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2240).
* #2264
* #2263
* __->__ #2240
* [codex-cli] Add ripgrep as a dependency for node environment (#2237)
## Summary
Ripgrep is our preferred tool for file search. When users install via
`brew install codex`, it's automatically installed as a dependency. We
want to ensure that users running via an npm install also have this
tool! Microsoft has already solved this problem for VS Code - let's not
reinvent the wheel.
This approach of appending to the PATH directly might be a bit
heavy-handed, but feels reasonably robust to a variety of environment
concerns. Open to thoughts on better approaches here!
## Testing
- [x] confirmed this import approach works with `node -e "const { rgPath
} = require('@vscode/ripgrep'); require('child_process').spawn(rgPath,
['--version'], { stdio: 'inherit' })"`
- [x] Ran codex.js locally with `rg` uninstalled, asked it to run `which
rg`. Output below:
```
⚡ Ran command which rg; echo $?
⎿ /Users/dylan.hurd/code/dh--npm-rg/node_modules/@vscode/ripgrep/bin/rg
0
codex
Re-running to confirm the path and exit code.
- Path: `/Users/dylan.hurd/code/dh--npm-rg/node_modules/@vscode/ripgrep/bin/rg`
- Exit code: `0`
```
* TUI: change the diff preview to have color fg not bg (#2270)
<img width="328" height="95" alt="image"
src="https://github.com/user-attachments/assets/70e1e6c2-a88f-4058-8763-85c3a02eedb4"
/>
* fix: update `OutgoingMessageSender::send_response()` to take `Serialize` (#2263)
This makes `send_response()` easier to work with.
* Wait for requested delay in rate limit errors (#2266)
Fixes: https://github.com/openai/codex/issues/2131
Response doesn't have the delay in a separate field (yet) so parse the
message.
* use modifier dim instead of gray and .dim (#2273)
gray color doesn't work very well with white terminals. `.dim` doesn't
have an effect for some reason.
after:
<img width="1080" height="149" alt="image"
src="https://github.com/user-attachments/assets/26c0f8bb-550d-4d71-bd06-11b3189bc1d7"
/>
Before
<img width="1077" height="186" alt="image"
src="https://github.com/user-attachments/assets/b1fba0c7-bc4d-4da1-9754-6c0a105e8cd1"
/>
* tui: standardize tree prefix glyphs to └ (#2274)
Replace mixed `⎿` and `L` prefixes with `└` in TUI rendering.
<img width="454" height="659" alt="Screenshot 2025-08-13 at 4 02 03 PM"
src="https://github.com/user-attachments/assets/61c9c7da-830b-4040-bb79-a91be90870ca"
/>
* fix: skip `cargo test` for release builds on ordinary CI because it is slow, particularly with --all-features set (#2276)
I put this PR together because I noticed I have to wait quite a bit
longer on my PRs since we added
https://github.com/openai/codex/pull/2242 to catch more build issues.
I think we should think about reigning in our use of create features,
but this should be good enough to speed things up for now.
* Enable reasoning for codex-prefixed models (#2275)
## Summary
- enable reasoning for any model slug starting with `codex-`
- provide default model info for `codex-*` slugs
- test that codex models are detected and support reasoning
## Testing
- `just fmt`
- `just fix` *(fails: E0658 `let` expressions in this position are
unstable)*
- `cargo test --all-features` *(fails: E0658 `let` expressions in this
position are unstable)*
------
https://chatgpt.com/codex/tasks/task_i_689d13f8705483208a6ed21c076868e1
* feat: support traditional JSON-RPC request/response in MCP server (#2264)
This introduces a new set of request types that our `codex mcp`
supports. Note that these do not conform to MCP tool calls so that
instead of having to send something like this:
```json
{
"jsonrpc": "2.0",
"method": "tools/call",
"id": 42,
"params": {
"name": "newConversation",
"arguments": {
"model": "gpt-5",
"approvalPolicy": "on-request"
}
}
}
```
we can send something like this:
```json
{
"jsonrpc": "2.0",
"method": "newConversation",
"id": 42,
"params": {
"model": "gpt-5",
"approvalPolicy": "on-request"
}
}
```
Admittedly, this new format is not a valid MCP tool call, but we are OK
with that right now. (That is, not everything we might want to request
of `codex mcp` is something that is appropriate for an autonomous agent
to do.)
To start, this introduces four request types:
- `newConversation`
- `sendUserMessage`
- `addConversationListener`
- `removeConversationListener`
The new `mcp-server/tests/codex_message_processor_flow.rs` shows how
these can be used.
The types are defined on the `CodexRequest` enum, so we introduce a new
`CodexMessageProcessor` that is responsible for dealing with requests
from this enum. The top-level `MessageProcessor` has been updated so
that when `process_request()` is called, it first checks whether the
request conforms to `CodexRequest` and dispatches it to
`CodexMessageProcessor` if so.
Note that I also decided to use `camelCase` for the on-the-wire format,
as that seems to be the convention for MCP.
For the moment, the new protocol is defined in `wire_format.rs` within
the `mcp-server` crate, but in a subsequent PR, I will probably move it
to its own crate to ensure the protocol has minimal dependencies and
that we can codegen a schema from it.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2264).
* #2278
* __->__ #2264
* fix: verify notifications are sent with the conversationId set (#2278)
This updates `CodexMessageProcessor` so that each notification it sends
for a `EventMsg` from a `CodexConversation` such that:
- The `params` always has an appropriate `conversationId` field.
- The `method` is now includes the name of the `EventMsg` type rather
than using `codex/event` as the `method` type for all notifications. (We
currently prefix the method name with `codex/event/`, but I think that
should go away once we formalize the notification schema in
`wire_format.rs`.)
As part of this, we update `test_codex_jsonrpc_conversation_flow()` to
verify that the `task_finished` notification has made it through the
system instead of sleeping for 5s and "hoping" the server finished
processing the task. Note we have seen some flakiness in some of our
other, similar integration tests, and I expect adding a similar check
would help in those cases, as well.
* Parse reasoning text content (#2277)
Sometimes COT is returns as text content instead of `ReasoningText`. We
should parse it but not serialize back on requests.
---------
Co-authored-by: Ahmed Ibrahim <aibrahim@openai.com>
* Clarify PR/Contribution guidelines and issue templates (#2281)
Co-authored-by: Dylan <dylan.hurd@openai.com>
* Use enhancement tag for feature requests (#2282)
* fix: make all fields of Session private (#2285)
As `Session` needs a bit of work, it will make things easier to move
around if we can start by reducing the extent of its public API. This
makes all the fields private, though adds three `pub(crate)` getters.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2285).
* #2287
* #2286
* __->__ #2285
* fix: add support for exec and apply_patch approvals in the new wire format (#2286)
Now when `CodexMessageProcessor` receives either a
`EventMsg::ApplyPatchApprovalRequest` or a
`EventMsg::ExecApprovalRequest`, it sends the appropriate request from
the server to the client. When it gets a response, it forwards it on to
the `CodexConversation`.
Note this takes a lot of code from:
https://github.com/openai/codex/blob/main/codex-rs/mcp-server/src/conversation_loop.rs
https://github.com/openai/codex/blob/main/codex-rs/mcp-server/src/exec_approval.rs
https://github.com/openai/codex/blob/main/codex-rs/mcp-server/src/patch_approval.rs
I am copy/pasting for now because I am trying to consolidate around the
new `wire_format.rs`, so I plan to delete these other files soon.
Now that we have requests going both from client-to-server and
server-to-client, I renamed `CodexRequest` to `ClientRequest`.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2286).
* #2287
* __->__ #2286
* #2285
* feat: add support for an InterruptConversation request (#2287)
This adds `ClientRequest::InterruptConversation`, which effectively maps
directly to `Op::Interrupt`.
---
* __->__ #2287
* #2286
* #2285
* exploration: create Session as part of Codex::spawn() (#2291)
Historically, `Codex::spawn()` would create the instance of `Codex` and
enforce, by construction, that `Op::ConfigureSession` was the first `Op`
submitted via `submit()`. Then over in `submission_loop()`, it would
handle the case for taking the parameters of `Op::ConfigureSession` and
turning it into a `Session`.
This approach has two challenges from a state management perspective:
https://github.com/openai/codex/blob/f968a1327ad39a7786759ea8f1d1c088fe41e91b/codex-rs/core/src/codex.rs#L718
- The local `sess` variable in `submission_loop()` has to be `mut` and
`Option<Arc<Session>>` because it is not invariant that a `Session` is
present for the lifetime of the loop, so there is a lot of logic to deal
with the case where `sess` is `None` (e.g., the `send_no_session_event`
function and all of its callsites).
- `submission_loop()` is written in such a way that
`Op::ConfigureSession` could be observed multiple times, but in
practice, it is only observed exactly once at the start of the loop.
In this PR, we try to simplify the state management by _removing_ the
`Op::ConfigureSession` enum variant and constructing the `Session` as
part of `Codex::spawn()` so that it can be passed to `submission_loop()`
as `Arc<Session>`. The original logic from the `Op::ConfigureSession`
has largely been moved to the new `Session::new()` constructor.
---
Incidentally, I also noticed that the handling of `Op::ConfigureSession`
can result in events being dispatched in addition to
`EventMsg::SessionConfigured`, as an `EventMsg::Error` is created for
every MCP initialization error, so it is important to preserve that
behavior:
https://github.com/openai/codex/blob/f968a1327ad39a7786759ea8f1d1c088fe41e91b/codex-rs/core/src/codex.rs#L901-L916
Though admittedly, I believe this does not play nice with #2264, as
these error messages will likely be dispatched before the client has a
chance to call `addConversationListener`, so we likely need to make it
so `newConversation` automatically creates the subscription, but we must
also guarantee that the "ack" from `newConversation` is returned before
any other conversation-related notifications are sent so the client
knows what `conversation_id` to match on.
* Tag InputItem (#2304)
Instead of:
```
{ Text: { text: string } }
```
It is now:
```
{ type: "text", data: { text: string } }
```
which makes for cleaner discriminated unions
* HistoryCell is a trait (#2283)
refactors HistoryCell to be a trait instead of an enum. Also collapse
the many "degenerate" HistoryCell enums which were just a store of lines
into a single PlainHistoryCell type.
The goal here is to allow more ways of rendering history cells (e.g.
expanded/collapsed/"live"), and I expect we will return to more varied
types of HistoryCell as we develop this area.
* remove "status text" in bottom line (#2279)
this used to hold the most recent log line, but it was kinda broken and
not that useful.
* [context] Store context messages in rollouts (#2243)
## Summary
Currently, we use request-time logic to determine the user_instructions
and environment_context messages. This means that neither of these
values can change over time as conversations go on. We want to add in
additional details here, so we're migrating these to save these messages
to the rollout file instead. This is simpler for the client, and allows
us to append additional environment_context messages to each turn if we
want
## Testing
- [x] Integration test coverage
- [x] Tested locally with a few turns, confirmed model could reference
environment context and cached token metrics were reasonably high
* remove the · animation (#2271)
the pulsing dot felt too noisy to me next to the shimmering "Working"
text. we'll bring it back for streaming response text perhaps?
* remove logs from composer by default (#2307)
Currently the composer shows `handle_codex_event:<event name>` by
default which feels confusing. Let's make it appear in trace.
* fix: parallelize logic in Session::new() (#2305)
#2291 made it so that `Session::new()` is on the critical path to
`Codex::spawn()`, which means it is on the hot path to CLI startup. This
refactors `Session::new()` to run a number of async tasks in parallel
that were previously run serially to try to reduce latency.
* fix: do not allow dotenv to create/modify environment variables starting with CODEX_ (#2308)
This ensures Codex cannot drop a `.env` file with a value of
`CODEX_HOME` that points to a folder that Codex can control.
* text elements in textarea for pasted content (#2302)
This improves handling of pasted content in the textarea. It's no longer
possible to partially delete a placeholder (e.g. by ^W or ^D), nor is it
possible to place the cursor inside a placeholder. Also, we now render
placeholders in a different color to make them more clearly
differentiated.
https://github.com/user-attachments/assets/2051b3c3-963d-4781-a610-3afee522ae29
* use a central animation loop (#2268)
instead of each shimmer needing to have its own animation thread, have
render_ref schedule a new frame if it wants one and coalesce to the
earliest next frame. this also makes the animations
frame-timing-independent, based on start time instead of frame count.
* fix bash commands being incorrectly quoted in display (#2313)
The "display format" of commands was sometimes producing incorrect
quoting like `echo foo '>' bar`, which is importantly different from the
actual command that was being run. This refactors ParsedCommand to have
a string in `cmd` instead of a vec, as a `vec` can't accurately capture
a full command.
* test(core): add seatbelt sem lock tests (#1823)
## Summary
- add a unit test to ensure the macOS seatbelt policy allows POSIX
semaphores
- add a macOS-only test that runs a Python multiprocessing Lock under
Seatbelt
## Testing
- `cargo test -p codex_core seatbelt_base_policy_allows_ipc_posix_sem
--no-fail-fast` (failed: failed to download from
`https://static.crates.io/crates/tokio-stream/0.1.17/download`)
- `cargo test -p codex_core seatbelt_base_policy_allows_ipc_posix_sem
--no-fail-fast --offline` (failed: attempting to make an HTTP request,
but --offline was specified)
- `cargo test --all-features --no-fail-fast --offline` (failed:
attempting to make an HTTP request, but --offline was specified)
- `just fmt` (failed: command not found: just)
- `just fix` (failed: command not found: just)
Ran tests locally to confirm it passes on master and failed before my
previous change
------
https://chatgpt.com/codex/tasks/task_i_6890f221e0a4833381cfb53e11499bcc
* fix: move general sandbox tests to codex-rs/core/tests/sandbox.rs (#2317)
Previous to this PR, `codex-rs/core/tests/sandbox.rs` contained
integration tests that were specific to Seatbelt. This PR moves those
tests to `codex-rs/core/src/seatbelt.rs` and designates
`codex-rs/core/tests/sandbox.rs` to be used as the home for
cross-platform (well, Mac and Linux...) sandbox tests.
To start, this migrates
`python_multiprocessing_lock_works_under_seatbelt()` from #1823 to the
new `sandbox.rs` because this is the type of thing that should work on
both Mac _and_ Linux, though I still need to do some work to clean up
the test so it works on both platforms.
* fix: run python_multiprocessing_lock_works integration test on Mac and Linux (#2318)
The high-order bit on this PR is that it makes it so `sandbox.rs` tests
both Mac and Linux, as we introduce a general
`spawn_command_under_sandbox()` function with platform-specific
implementations for testing.
An important, and interesting, discovery in porting the test to Linux is
that (for reasons cited in the code comments), `/dev/shm` has to be
added to `writable_roots` on Linux in order for `multiprocessing.Lock`
to work there. Granting write access to `/dev/shm` comes with some
degree of risk, so we do not make this the default for Codex CLI.
Piggybacking on top of #2317, this moves the
`python_multiprocessing_lock_works` test yet again, moving
`codex-rs/core/tests/sandbox.rs` to `codex-rs/exec/tests/sandbox.rs`
because in `codex-rs/exec/tests` we can use `cargo_bin()` like so:
```
let codex_linux_sandbox_exe = assert_cmd::cargo::cargo_bin("codex-exec");
```
which is necessary so we can use `codex_linux_sandbox_exe` and therefore
`spawn_command_under_linux_sandbox` in an integration test.
This also moves `spawn_command_under_linux_sandbox()` out of `exec.rs`
and into `landlock.rs`, which makes things more consistent with
`seatbelt.rs` in `codex-core`.
For reference, https://github.com/openai/codex/pull/1808 is the PR that
made the change to Seatbelt to get this test to pass on Mac.
* fix: add call_id to ApprovalParams in mcp-server/src/wire_format.rs (#2322)
Clients still need this field.
* add a timer to running exec commands (#2321)
sometimes i switch back to codex and i don't know how long a command has
been running.
<img width="744" height="462" alt="Screenshot 2025-08-14 at 3 30 07 PM"
src="https://github.com/user-attachments/assets/bd80947f-5a47-43e6-ad19-69c2995a2a29"
/>
* fix: ensure rust-ci always "runs" when a PR is submitted (#2324)
Our existing path filters for `rust-ci.yml`:
https://github.com/openai/codex/blob/235987843c3d6647c0819c1071f9b9f064673e9c/.github/workflows/rust-ci.yml#L1-L11
made it so that PRs that touch only `README.md` would not trigger those
builds, which is a problem because our branch protection rules are set
as follows:
<img width="1569" height="1883" alt="Screenshot 2025-08-14 at 4 45
59 PM"
src="https://github.com/user-attachments/assets/5a61f8cc-cdaf-4341-abda-7faa7b46dbd4"
/>
With the existing setup, a change to `README.md` would get stuck in
limbo because not all the CI jobs required to merge would get run. It
turns out that we need to "run" all the jobs, but make them no-ops when
the `codex-rs` and `.github` folders are untouched to get the best of
both worlds.
I asked chat how to fix this, as we want CI to be fast for
documentation-only changes. It had two suggestions:
- Use https://github.com/dorny/paths-filter or some other third-party
action.
- Write an inline Bash script to avoid a third-party dependency.
This PR takes the latter approach so that we are clear about what we're
running in CI.
* clear running commands in various places (#2325)
we have a very unclear lifecycle for the chatwidget—this should only
have to be added in one place! but this fixes the "hanging commands"
issue where the active_exec_cell wasn't correctly cleared when commands
finished.
To repro w/o this PR:
1. prompt "run sleep 10"
2. once the command starts running, press <kbd>Esc</kbd>
3. prompt "run echo hi"
Expected:
```
✓ Completed
└ ⌨️ echo hi
codex
hi
```
Actual:
```
⚙︎ Working
└ ⌨️ echo hi
▌ Ask Codex to do anything
```
i.e. the "Working" never changes to "Completed".
The bug is fixed with this PR.
* Port login server to rust (#2294)
Port the login server to rust.
---------
Co-authored-by: pakrym-oai <pakrym@openai.com>
* Fix AF_UNIX, sockpair, recvfrom in linux sandbox (#2309)
When using codex-tui on a linux system I was unable to run `cargo
clippy` inside of codex due to:
```
[pid 3548377] socketpair(AF_UNIX, SOCK_SEQPACKET|SOCK_CLOEXEC, 0, <unfinished ...>
[pid 3548370] close(8 <unfinished ...>
[pid 3548377] <... socketpair resumed>0x7ffb97f4ed60) = -1 EPERM (Operation not permitted)
```
And
```
3611300 <... recvfrom resumed>0x708b8b5cffe0, 8, 0, NULL, NULL) = -1 EPERM (Operation not permitted)
```
This PR:
* Fixes a bug that disallowed AF_UNIX to allow it on `socket()`
* Adds recvfrom() to the syscall allow list, this should be fine since
we disable opening new sockets. But we should validate there is not a
open socket inheritance issue.
* Allow socketpair to be called for AF_UNIX
* Adds tests for AF_UNIX components
* All of which allows running `cargo clippy` within the sandbox on
linux, and possibly other tooling using a fork server model + AF_UNIX
comms.
* fix: trying to simplify rust-ci.yml (#2327)
It turns out that https://github.com/openai/codex/pull/2324 did not
quite work as intended. Chat's new idea is to have this catch-all "CI
results" job and update our branch protection rules to require this
instead.
* AGENTS.md more strongly suggests running targeted tests first (#2306)
* Added `allow-expect-in-tests` / `allow-unwrap-in-tests` (#2328)
This PR:
* Added the clippy.toml to configure allowable expect / unwrap usage in
tests
* Removed as many expect/allow lines as possible from tests
* moved a bunch of allows to expects where possible
Note: in integration tests, non `#[test]` helper functions are not
covered by this so we had to leave a few lingering `expect(expect_used`
checks around
* re-implement session id in status (#2332)
Basically the same thing as https://github.com/openai/codex/pull/2297
* Cleanup rust login server a bit more (#2331)
Remove some extra abstractions.
---------
Co-authored-by: easong-openai <easong@openai.com>
* Format multiline commands (#2333)
<img width="966" height="729" alt="image"
src="https://github.com/user-attachments/assets/fa45b7e1-cd46-427f-b2bc-8501e9e4760b"
/>
<img width="797" height="530" alt="image"
src="https://github.com/user-attachments/assets/6993eec5-e157-4df7-b558-15643ad10d64"
/>
* tui: include optional full command line in history display (#2334)
Add env var to show the raw, unparsed command line under parsed
commands. When we have transcript mode we should show the full command
there, but this is useful for debugging.
* [tools] Add apply_patch tool (#2303)
## Summary
We've been seeing a number of issues and reports with our synthetic
`apply_patch` tool, e.g. #802. Let's make this a real tool - in my
anecdotal testing, it's critical for GPT-OSS models, but I'd like to
make it the standard across GPT-5 and codex models as well.
## Testing
- [x] Tested locally
- [x] Integration test
* fix: tighten up checks against writable folders for SandboxPolicy (#2338)
I was looking at the implementation of `Session::get_writable_roots()`,
which did not seem right, as it was a copy of writable roots, which is
not guaranteed to be in sync with the `sandbox_policy` field.
I looked at who was calling `get_writable_roots()` and its only call
site was `apply_patch()` in `codex-rs/core/src/apply_patch.rs`, which
took the roots and forwarded them to `assess_patch_safety()` in
`safety.rs`. I updated `assess_patch_safety()` to take `sandbox_policy:
&SandboxPolicy` instead of `writable_roots: &[PathBuf]` (and replaced
`Session::get_writable_roots()` with `Session::get_sandbox_policy()`).
Within `safety.rs`, it was fairly easy to update
`is_write_patch_constrained_to_writable_paths()` to work with
`SandboxPolicy`, and in particular, it is far more accurate because, for
better or worse, `SandboxPolicy::get_writable_roots_with_cwd()` _returns
an empty vec_ for `SandboxPolicy::DangerFullAccess`, suggesting that
_nothing_ is writable when in reality _everything_ is writable. With
this PR, `is_write_patch_constrained_to_writable_paths()` now does the
right thing for each variant of `SandboxPolicy`.
I thought this would be the end of the story, but it turned out that
`test_writable_roots_constraint()` in `safety.rs` needed to be updated,
as well. In particular, the test was writing to
`std::env::current_dir()` instead of a `TempDir`, which I suspect was a
holdover from earlier when `SandboxPolicy::WorkspaceWrite` would always
make `TMPDIR` writable on macOS, which made it hard to write tests to
verify `SandboxPolicy` in `TMPDIR`. Fortunately, we now have
`exclude_tmpdir_env_var` as an option on
`SandboxPolicy::WorkspaceWrite`, so I was able to update the test to
preserve the existing behavior, but to no longer write to
`std::env::current_dir()`.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2338).
* #2345
* #2329
* #2343
* #2340
* __->__ #2338
* fix: introduce MutexExt::lock_unchecked() so we stop ignoring unwrap() throughout codex.rs (#2340)
This way we are sure a dangerous `unwrap()` does not sneak in!
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2340).
* #2345
* #2329
* #2343
* __->__ #2340
* #2338
* fix: try to fix flakiness in test_shell_command_approval_triggers_elicitation (#2344)
I still see flakiness in
`test_shell_command_approval_triggers_elicitation()` on occasion where
`MockServer` claims it has not received all of its expected requests.
I recently introduced a similar type of test in #2264,
`test_codex_jsonrpc_conversation_flow()`, which I have not seen flake
(yet!), so this PR pulls over two things I did in that test:
- increased `worker_threads` from `2` to `4`
- added an assertion to make sure the `task_complete` notification is
received
Honestly, I'm still not sure why `MockServer` claims it sometimes does
not receive all its expected requests given that we assert that the
final `JSONRPCResponse` is read on the stream, but let's give this a
shot.
Assuming this fixes things, my hypothesis is that the increase in
`worker_threads` helps because perhaps there are async tasks in
`MockServer` that do not reliably complete fully when there are not
enough threads available? If that is correct, it seems like the test
would still be flaky, though perhaps with lower frequency?
* tui: align diff display by always showing sign char and keeping fixed gutter (#2353)
diff lines without a sign char were misaligned.
* feat: introduce TurnContext (#2343)
This PR introduces `TurnContext`, which is designed to hold a set of
fields that should be constant for a turn of a conversation. Note that
the fields of `TurnContext` were previously governed by `Session`.
Ultimately, we want to enable users to change these values between turns
(changing model, approval policy, etc.), though in the current
implementation, the `TurnContext` is constant for the entire
conversation.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2345).
* #2345
* #2329
* __->__ #2343
* #2340
* #2338
* feat: introduce Op:UserTurn (#2329)
This introduces `Op::UserTurn`, which makes it possible to override many
of the fields that were set when the `Session` was originally created
when creating a new conversation turn. This is one way we could support
changing things like `model` or `cwd` in the middle of the conversation,
though we may want to consider making each field optional, or
alternatively having a separate `Op` that mutates the `TurnContext`
associated with a `submission_loop()`.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2329).
* #2345
* __->__ #2329
* #2343
* #2340
* #2338
* feat: introduce ClientRequest::SendUserTurn (#2345)
This adds a new request type, `SendUserTurn`, that makes it possible to
submit a `Op::UserTurn` operation (introduced in #2329) to a
conversation. This PR also adds a new integration test that verifies
that changing from `AskForApproval::UnlessTrusted` to
`AskForApproval::Never` mid-conversation ensures that an elicitation is
no longer sent for running `python3 -c print(42)`.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2345).
* __->__ #2345
* #2329
* #2343
* #2340
* #2338
* tui: skip identical consecutive entries in local composer history (#2352)
This PR avoids inserting duplicate consecutive messages into the Chat
Composer's local history.
* fix: introduce codex-protocol crate (#2355)
* Fix #2296 Add "minimal" reasoning effort for GPT 5 models (#2326)
This pull request resolves #2296; I've confirmed if it works by:
1. Add settings to ~/.codex/config.toml:
```toml
model_reasoning_effort = "minimal"
```
2. Run the CLI:
```
cd codex-rs
cargo build && RUST_LOG=trace cargo run --bin codex
/status
tail -f ~/.codex/log/codex-tui.log
```
Co-authored-by: pakrym-oai <pakrym@openai.com>
* Remove duplicated "Successfully logged in message" (#2357)
* color the status letter in apply patch summary (#2337)
<img width="440" height="77" alt="Screenshot 2025-08-14 at 8 30 30 PM"
src="https://github.com/user-attachments/assets/c6169a3a-2e98-4ace-b7ee-918cf4368b7a"
/>
* chore: remove duplicated lockfile (#2336)
* fix: include an entry for windows-x86_64 in the generated DotSlash file (#2361)
Now that we are improving our Windows support, we should be including an
entry for it in the DotSlash file.
Though anyone using the DotSlash file with Windows should use the new
Windows shim introduced in https://github.com/facebook/dotslash/pull/46.
For more info, see https://dotslash-cli.com/docs/windows/.
* Show progress indicator for /diff command (#2245)
## Summary
- Show a temporary Working on diff state in the bottom pan
- Add `DiffResult` app event and dispatch git diff asynchronously
## Testing
- `just fmt`
- `just fix` *(fails: `let` expressions in this position are unstable)*
- `cargo test --all-features` *(fails: `let` expressions in this
position are unstable)*
------
https://chatgpt.com/codex/tasks/task_i_689a839f32b88321840a893551d5fbef
* replace /prompts with a rotating placeholder (#2314)
* Added launch profile for attaching to a running codex CLI process (#2372)
* Added MCP server command to enable authentication using ChatGPT (#2373)
This PR adds two new APIs for the MCP server: 1) loginChatGpt, and 2)
cancelLoginChatGpt. The first starts a login server and returns a local
URL that allows for browser-based authentication, and the second
provides a way to cancel the login attempt. If the login attempt
succeeds, a notification (in the form of an event) is sent to a
subscriber.
I also added a timeout mechanism for the existing login server. The
loginChatGpt code path uses a 10-minute timeout by default, so if the
user fails to complete the login flow in that timeframe, the login
server automatically shuts down. I tested the timeout code by manually
setting the timeout to a much lower number and confirming that it works
as expected when used e2e.
* fix: refactor login/src/server.rs so process_request() is a separate function (#2388)
* fix: introduce EventMsg::TurnAborted (#2365)
Introduces `EventMsg::TurnAborted` that should be sent in response to
`Op::Interrupt`.
In the MCP server, updates the handling of a
`ClientRequest::InterruptConversation` request such that it sends the
`Op::Interrupt` but does not respond to the request until it sees an
`EventMsg::TurnAborted`.
* remove mcp-server/src/mcp_protocol.rs and the code that depends on it (#2360)
* fix: clean up styles & colors and define in styles.md (#2401)
New style guide:
# Headers, primary, and secondary text
- **Headers:** Use `bold`. For markdown with various header levels,
leave in the `#` signs.
- **Primary text:** Default.
- **Secondary text:** Use `dim`.
# Foreground colors
- **Default:** Most of the time, just use the default foreground color.
`reset` can help get it back.
- **Selection:** Use ANSI `blue`. (Ed & AE want to make this cyan too,
but we'll do that in a followup since it's riskier in different themes.)
- **User input tips and status indicators:** Use ANSI `cyan`.
- **Success and additions:** Use ANSI `green`.
- **Errors, failures and deletions:** Use ANSI `red`.
- **Codex:** Use ANSI `magenta`.
# Avoid
- Avoid custom colors because there's no guarantee that they'll contrast
well or look good on various terminal color themes.
- Avoid ANSI `black`, `white`, `yellow` as foreground colors because the
terminal theme will do a better job. (Use `reset` if you need to in
order to get those.) The exception is if you need contrast rendering
over a manually colored background.
(There are some rules to try to catch this in `clippy.toml`.)
# Testing
Tested in a variety of light and dark color themes in Terminal, iTerm2, and Ghostty.
* chore(deps-dev): bump @types/node from 24.2.1 to 24.3.0 in /.github/actions/codex (#2411)
Bumps
[@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)
from 24.2.1 to 24.3.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: stop using ANSI blue (#2421)
- One less color.
- Replaced with cyan which looks better next to other cyan components.
* chore: move mcp-server/src/wire_format.rs to protocol/src/mcp_protocol.rs (#2423)
The existing `wire_format.rs` should share more types with the
`codex-protocol` crate (like `AskForApproval` instead of maintaining a
parallel `CodexToolCallApprovalPolicy` enum), so this PR moves
`wire_format.rs` into `codex-protocol`, renaming it as
`mcp-protocol.rs`. We also de-dupe types, where appropriate.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2423).
* #2424
* __->__ #2423
* chore: add TS annotation to generated mcp-types (#2424)
Adds the `TS` annotation from https://crates.io/crates/ts-rs to all
types to facilitate codegen.
---
[//]: # (BEGIN SAPLING FOOTER)
Stack created with [Sapling](https://sapling-scm.com). Best reviewed
with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424).
* __->__ #2424
* #2423
* consolidate reasoning enums into one (#2428)
We have three enums for each of reasoning summaries and reasoning effort
with same values. They can be consolidated into one.
* Add an operation to override current task context (#2431)
- Added an operation to override current task context
- Added a test to check that cache stays the same
* protocol-ts (#2425)
* Add cache tests for UserTurn (#2432)
* Fix #2391 Add Ctrl+H as backspace keyboard shortcut (#2412)
This pull request resolves #2391. ctrl + h is not assigned to any other
operations at this moment, and this feature request sounds valid to me.
If we don't prefer having this, please feel free to close this.
* chore(deps): bump anyhow from 1.0.98 to 1.0.99 in /codex-rs (#2405)
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.98 to 1.0.99.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/anyhow/releases">anyhow's
releases</a>.</em></p>
<blockquote>
<h2>1.0.99</h2>
<ul>
<li>Allow build-script cleanup failure with NFSv3 output directory to be
non-fatal (<a
href="https://redirect.github.com/dtolnay/anyhow/issues/420">#420</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dtolnay/anyhow/commit/f2b963a759decf0828efb58a8fdd417fb12f71fb"><code>f2b963a</code></a>
Release 1.0.99</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/2c64c15e75f8f588f01810a990e1529e8aa0eea9"><code>2c64c15</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/anyhow/issues/420">#420</a>
from dtolnay/enotempty</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/8cf66f79361d568067a75848aec30d3b2072be5c"><code>8cf66f7</code></a>
Allow build-script cleanup failure with NFSv3 output directory to be
non-fatal</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/f5e145c683a2cb958268d1bbeb5dedabca0b0fc7"><code>f5e145c</code></a>
Revert "Pin nightly toolchain used for miri job"</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/1d7ef1db5414ac155ad6254685673c90ea4c7d77"><code>1d7ef1d</code></a>
Update ui test suite to nightly-2025-06-30</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/69295727cefb015a184f9b780fcc51ef905a798c"><code>6929572</code></a>
Update ui test suite to nightly-2025-06-18</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/37224e3142ea62f29f31d4a2bd69c3afc80d7cc4"><code>37224e3</code></a>
Ignore mismatched_lifetime_syntaxes lint</li>
<li><a
href="https://github.com/dtolnay/anyhow/commit/11f0e81aaf1a9bd6675c841c8db07968096e8ee1"><code>11…
Viperdk2020
pushed a commit
to Viperdk2020/codexCLI-mem
that referenced
this pull request
Sep 1, 2025
…le (openai#2361) Now that we are improving our Windows support, we should be including an entry for it in the DotSlash file. Though anyone using the DotSlash file with Windows should use the new Windows shim introduced in facebook/dotslash#46. For more info, see https://dotslash-cli.com/docs/windows/.
buihongduc132
pushed a commit
to buihongduc132/codex
that referenced
this pull request
Sep 9, 2025
…le (openai#2361) Now that we are improving our Windows support, we should be including an entry for it in the DotSlash file. Though anyone using the DotSlash file with Windows should use the new Windows shim introduced in facebook/dotslash#46. For more info, see https://dotslash-cli.com/docs/windows/.
sangoi-exe
pushed a commit
to sangoi-exe/codex
that referenced
this pull request
Oct 13, 2025
…le (openai#2361) Now that we are improving our Windows support, we should be including an entry for it in the DotSlash file. Though anyone using the DotSlash file with Windows should use the new Windows shim introduced in facebook/dotslash#46. For more info, see https://dotslash-cli.com/docs/windows/.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR changes the windows shim to drop a lot of dependencies, shrinking the size of the final binary to 4KB.
It's 90% based on @zertosh's work, with a few changes:
Vecand thus the need for a global allocatorwindows-sysandcompiler_builtins)