Clean up experimental feature popup backend wiring

2026-06-03 20:02:10 +00:00 · 2026-05-04 15:23:37 -07:00
2391 changed files with 105605 additions and 275075 deletions
--- a/.bazelrc
+++ b/.bazelrc
@@ -38,50 +38,24 @@ common:windows --test_env=WINDIR
 common --test_env=RUST_MIN_STACK=8388608 # 8 MiB

 common --test_output=errors
-common --nobuild_runfile_links
-# These settings tune BuildBuddy/RBE behavior but do not contact a remote
-# service unless a `buildbuddy-*` configuration below supplies an endpoint.
+common --bes_results_url=https://app.buildbuddy.io/invocation/
+common --bes_backend=grpcs://remote.buildbuddy.io
+common --remote_cache=grpcs://remote.buildbuddy.io
 common --remote_download_toplevel
+common --nobuild_runfile_links
 common --remote_timeout=3600
 common --noexperimental_throttle_remote_action_building
 common --experimental_remote_execution_keepalive
 common --grpc_keepalive_time=30s
-
-# Opt-in remote configurations selected by
-# `.github/scripts/run_bazel_with_buildbuddy.py`. Plain Bazel commands do not
-# contact BuildBuddy unless a user selects one of these configurations.
-# Use the generic host for cache, BES, and downloads without remote execution.
-common:buildbuddy-generic --bes_backend=grpcs://remote.buildbuddy.io
-common:buildbuddy-generic --bes_results_url=https://app.buildbuddy.io/invocation/
-common:buildbuddy-generic --remote_cache=grpcs://remote.buildbuddy.io
-common:buildbuddy-generic --experimental_remote_downloader=grpcs://remote.buildbuddy.io
-
-# Add remote execution on the generic host.
-common:buildbuddy-generic-rbe --config=buildbuddy-generic
-common:buildbuddy-generic-rbe --config=remote
-common:buildbuddy-generic-rbe --remote_executor=grpcs://remote.buildbuddy.io
-
-# Use the OpenAI tenant for cache, BES, and downloads without remote execution.
-common:buildbuddy-openai --bes_backend=grpcs://openai.buildbuddy.io
-common:buildbuddy-openai --bes_results_url=https://openai.buildbuddy.io/invocation/
-common:buildbuddy-openai --remote_cache=grpcs://openai.buildbuddy.io
-common:buildbuddy-openai --experimental_remote_downloader=grpcs://openai.buildbuddy.io
-
-# Add remote execution on the OpenAI tenant.
-common:buildbuddy-openai-rbe --config=buildbuddy-openai
-common:buildbuddy-openai-rbe --config=remote
-common:buildbuddy-openai-rbe --remote_executor=grpcs://openai.buildbuddy.io
+common --experimental_remote_downloader=grpcs://remote.buildbuddy.io

 # This limits both in-flight executions and concurrent downloads. Even with high number
 # of jobs execution will still be limited by CPU cores, so this just pays a bit of
 # memory in exchange for higher download concurrency.
 common --jobs=30

-# Shared remote execution policy. The endpoint-bearing `buildbuddy-*-rbe`
-# configurations include this group; CI configs override TestRunner below
-# when tests must remain local on their runner.
-common:remote --strategy=remote
 common:remote --extra_execution_platforms=//:rbe
+common:remote --remote_executor=grpcs://remote.buildbuddy.io
 common:remote --jobs=800
 # TODO(team): Evaluate if this actually helps, zbarsky is not sure, everything seems bottlenecked on `core` either way.
 # Enable pipelined compilation since we are not bound by local CPU count.
@@ -105,10 +79,6 @@ common:ci --disk_cache=
 # Shared config for the main Bazel CI workflow.
 common:ci-bazel --config=ci
 common:ci-bazel --build_metadata=TAG_workflow=bazel
-# Bazel CI cross-compiles in several legs, and the V8-backed code-mode tests
-# are not stable in that setup yet. Keep running the rest of the Rust
-# integration suites through the workspace-root launcher.
-common:ci-bazel --test_env=CODEX_BAZEL_TEST_SKIP_FILTERS=suite::code_mode::

 # Shared config for Bazel-backed Rust linting.
 build:clippy --aspects=@rules_rust//rust:defs.bzl%rust_clippy_aspect
@@ -172,11 +142,15 @@ common:ci-windows --repo_contents_cache=D:/a/.cache/bazel-repo-contents-cache
 # Linux crossbuilds don't work until we untangle the libc constraint mess.
 common:ci-linux --config=ci-bazel
 common:ci-linux --build_metadata=TAG_os=linux
+common:ci-linux --config=remote
+common:ci-linux --strategy=remote
 common:ci-linux --platforms=//:rbe

 # On mac, we can run all the build actions remotely but test actions locally.
 common:ci-macos --config=ci-bazel
 common:ci-macos --build_metadata=TAG_os=macos
+common:ci-macos --config=remote
+common:ci-macos --strategy=remote
 common:ci-macos --strategy=TestRunner=darwin-sandbox,local

 # On Windows, use Linux remote execution for build actions but keep test actions
@@ -184,13 +158,15 @@ common:ci-macos --strategy=TestRunner=darwin-sandbox,local
 # still run against Windows binaries.
 common:ci-windows-cross --config=ci-windows
 common:ci-windows-cross --build_metadata=TAG_windows_cross_compile=true
+common:ci-windows-cross --config=remote
 common:ci-windows-cross --host_platform=//:rbe
+common:ci-windows-cross --strategy=remote
 common:ci-windows-cross --strategy=TestRunner=local
 common:ci-windows-cross --local_test_jobs=4
 common:ci-windows-cross --test_env=RUST_TEST_THREADS=1
-# Native Windows CI still covers the PowerShell tests. The cross-built gnullvm
-# binaries currently hang in PowerShell AST parser tests when those binaries are
-# run on the Windows runner.
+# Native Windows CI still covers these tests. The cross-built gnullvm binaries
+# currently crash in V8-backed code-mode tests and hang in PowerShell AST parser
+# tests when those binaries are run on the Windows runner.
 common:ci-windows-cross --test_env=CODEX_BAZEL_TEST_SKIP_FILTERS=suite::code_mode::,powershell
 common:ci-windows-cross --platforms=//:windows_x86_64_gnullvm
 common:ci-windows-cross --extra_execution_platforms=//:rbe,//:windows_x86_64_msvc
@@ -200,21 +176,8 @@ common:ci-windows-cross --extra_toolchains=//:windows_gnullvm_tests_on_msvc_host
 common:ci-v8 --config=ci
 common:ci-v8 --build_metadata=TAG_workflow=v8
 common:ci-v8 --build_metadata=TAG_os=linux
-
-# Source-built Bazel V8 artifacts use the in-process sandbox by default. This
-# does not affect Cargo's default prebuilt rusty_v8 path.
-common --@v8//:v8_enable_pointer_compression=True
-common --@v8//:v8_enable_sandbox=True
-
-# Keep currently published rusty_v8 release artifacts non-sandboxed until the
-# artifact migration ships matching Rust feature selection for Cargo consumers.
-common:v8-release-compat --@v8//:v8_enable_pointer_compression=False
-common:v8-release-compat --@v8//:v8_enable_sandbox=False
-
-# Match rusty_v8's upstream GN release contract for published artifacts: every
-# target object uses Chromium's custom libc++ headers and the archive folds in
-# the matching runtime objects.
-common:rusty-v8-upstream-libcxx --@v8//:v8_use_rusty_v8_custom_libcxx=True
+common:ci-v8 --config=remote
+common:ci-v8 --strategy=remote

 # Optional per-user local overrides.
 try-import %workspace%/user.bazelrc
--- a/.codex/environments/environment.toml
+++ b/.codex/environments/environment.toml
@@ -8,4 +8,4 @@ script = ""
 [[actions]]
 name = "Run"
 icon = "run"
-command = "cargo +1.95.0 run --manifest-path=codex-rs/Cargo.toml --bin codex -- -c mcp_oauth_credentials_store=file"
+command = "cargo +1.93.0 run --manifest-path=codex-rs/Cargo.toml --bin codex -- -c mcp_oauth_credentials_store=file"
--- a/.codex/skills/codex-issue-digest/SKILL.md
+++ b/.codex/skills/codex-issue-digest/SKILL.md
@@ -53,7 +53,7 @@ Use `--window "past week"` or `--window-hours 168` when the user asks for a non-
 ## Summary
 No major issues reported by users.

-Source: collector v5, git `abc123def456`, window `2026-04-27T00:00:00Z` to `2026-04-28T00:00:00Z`.
+Source: collector v4, git `abc123def456`, window `2026-04-27T00:00:00Z` to `2026-04-28T00:00:00Z`.
 Want details? I can expand this into the issue table.
 ```

@@ -65,7 +65,7 @@ Two issues are being surfaced by users:
 🔥🔥 Terminal launch hangs on startup [1](https://github.com/openai/codex/issues/123)
 🔥 Resume switches model providers unexpectedly [2](https://github.com/openai/codex/issues/456)

-Source: collector v5, git `abc123def456`, window `2026-04-27T00:00:00Z` to `2026-04-28T00:00:00Z`.
+Source: collector v4, git `abc123def456`, window `2026-04-27T00:00:00Z` to `2026-04-28T00:00:00Z`.
 Want details? I can expand this into the issue table.
 ```
 5. In `## Details`, when details are requested, include a compact table only when useful:
@@ -76,7 +76,7 @@ Want details? I can expand this into the issue table.
   - A clear quiet/no-concern sentence when there is no meaningful signal.
 6. Use the JSON `attention_marker` exactly. It is empty for normal rows, `🔥` for elevated rows, and `🔥🔥` for very high-attention rows. The actual cutoffs are in `attention_thresholds`.
 7. Use inline numbered references where a row or bullet points to issues, for example `Compaction bugs [1](https://github.com/openai/codex/issues/123), [2](https://github.com/openai/codex/issues/456)`. Do not add a separate footnotes section.
-8. Label `interactions` as `Interactions`; it counts unique human GitHub users who created a new issue, added a new comment, or reacted during the requested window. Multiple posts/reactions from the same user on the same issue count once.
+8. Label `interactions` as `Interactions`; it counts posts/comments/reactions during the requested window, not unique people.
 9. Mention the collector `script_version`, repo checkout `git_head`, and time window in one compact source line. In default mode, put this before the details prompt so the final line still asks whether the user wants details. In details-upfront mode, it can be the footer.

 ## Reaction Handling
@@ -89,7 +89,7 @@ GitHub issue search is still seeded by issue `updated_at`, so a purely reaction-

 ## Attention Markers

-The collector scales attention markers by the requested time window. The baseline is 5 unique human users for `🔥` and 10 unique human users for `🔥🔥` over 24 hours; longer or shorter windows scale those cutoffs linearly and round up. For example, a one-week report uses 35 and 70 interactions. Unique human users are users who authored a new issue, authored a new comment, or reacted during the window, including upvotes. Multiple actions from the same user on the same issue count once. Bot posts and bot reactions are excluded. In prose, explain this as high user interaction rather than naming the emoji.
+The collector scales attention markers by the requested time window. The baseline is 5 human user interactions for `🔥` and 10 for `🔥🔥` over 24 hours; longer or shorter windows scale those cutoffs linearly and round up. For example, a one-week report uses 35 and 70 interactions. Human user interactions are human-authored new issue posts, human-authored new comments, and human reactions created during the window, including upvotes. Bot posts and bot reactions are excluded. In prose, explain this as high user interaction rather than naming the emoji.

 ## Freshness

--- a/.codex/skills/codex-issue-digest/scripts/collect_issue_digest.py
+++ b/.codex/skills/codex-issue-digest/scripts/collect_issue_digest.py
@@ -11,7 +11,7 @@ from datetime import datetime, timedelta, timezone
 from pathlib import Path
 from urllib.parse import quote

-SCRIPT_VERSION = 5
+SCRIPT_VERSION = 4
 QUALIFYING_KIND_LABELS = ("bug", "enhancement")
 REACTION_KEYS = ("+1", "-1", "laugh", "hooray", "confused", "heart", "rocket", "eyes")
 BASE_ATTENTION_WINDOW_HOURS = 24.0
@@ -393,15 +393,9 @@ def is_bot_login(login):
    return bool(login) and login.lower().endswith("[bot]")


-def human_login_key(user_obj):
-    login = extract_login(user_obj)
-    if not login or is_bot_login(login):
-        return ""
-    return login.casefold()
-
-
 def is_human_user(user_obj):
-    return bool(human_login_key(user_obj))
+    login = extract_login(user_obj)
+    return bool(login) and not is_bot_login(login)


 def label_names(issue):
@@ -473,26 +467,22 @@ def reaction_summary(item):
 def reaction_event_summary(reactions, since, until):
    counts = {}
    total = 0
-    users = set()
    for reaction in reactions or []:
        if not isinstance(reaction, dict):
            continue
        if not is_in_window(str(reaction.get("created_at") or ""), since, until):
            continue
-        user_key = human_login_key(reaction.get("user"))
-        if not user_key:
+        if not is_human_user(reaction.get("user")):
            continue
        content = str(reaction.get("content") or "")
        if not content:
            continue
        counts[content] = counts.get(content, 0) + 1
        total += 1
-        users.add(user_key)
    return {
        "total": total,
        "counts": counts,
        "upvotes": counts.get("+1", 0),
-        "users": sorted(users, key=str.casefold),
    }


@@ -628,21 +618,13 @@ def summarize_issue(
    new_comment_reaction_total = sum(
        comment["reaction_total"] for comment in new_comments
    )
-    new_issue_user_key = human_login_key(issue.get("user")) if new_issue else ""
-    new_issue_user_interaction = bool(new_issue_user_key)
+    new_issue_user_interaction = new_issue and is_human_user(issue.get("user"))
    new_comment_user_interactions = sum(
        1 for comment in new_comments if comment["human_user_interaction"]
    )
-    interaction_user_keys = set(issue_reaction_events_summary["users"])
-    interaction_user_keys.update(comment_reaction_events_summary["users"])
-    if new_issue_user_key:
-        interaction_user_keys.add(new_issue_user_key)
-    interaction_user_keys.update(
-        comment["author"].casefold()
-        for comment in new_comments
-        if comment["human_user_interaction"]
+    user_interactions = (
+        int(new_issue_user_interaction) + new_comment_user_interactions + new_reactions
    )
-    user_interactions = len(interaction_user_keys)
    attention_level = attention_level_for(user_interactions, attention_thresholds)
    attention_marker = attention_marker_for(user_interactions, attention_thresholds)
    updated_without_visible_new_post = (
@@ -975,7 +957,6 @@ def collect_digest(args):
            "New issue comments are filtered by comment creation time within the window from the fetched comment set.",
            "Reaction events are counted by GitHub reaction created_at timestamps for hydrated issues and fetched comments.",
            "Current reaction totals are standing engagement signals; new_reactions and new_upvotes are windowed activity.",
-            "user_interactions counts unique human users per issue across new issues, new comments, and new reactions; repeated actions by the same user count once.",
            "The collector does not assign semantic clusters; use summary_inputs as model-ready evidence for report-time clustering.",
            "Pure reaction-only issues may be missed if GitHub issue search does not surface them via updated_at.",
            "Issues updated during the window without a new issue body or new comment are retained because label/status edits can still be useful owner signals.",
--- a/.codex/skills/codex-issue-digest/scripts/test_collect_issue_digest.py
+++ b/.codex/skills/codex-issue-digest/scripts/test_collect_issue_digest.py
@@ -494,70 +494,6 @@ def test_reactions_count_toward_attention_markers():
    assert summary["new_comments"][0]["new_upvotes"] == 0


-def test_user_interactions_are_deduped_by_human_login():
-    since = collect_issue_digest.parse_timestamp("2026-04-25T00:00:00Z", "--since")
-    until = collect_issue_digest.parse_timestamp("2026-04-26T00:00:00Z", "--until")
-
-    def comment(comment_id, login):
-        return {
-            "id": comment_id,
-            "created_at": f"2026-04-25T0{comment_id + 1}:00:00Z",
-            "updated_at": f"2026-04-25T0{comment_id + 1}:00:00Z",
-            "user": {"login": login},
-            "body": "same issue",
-        }
-
-    def reaction(content, login, created_at="2026-04-25T10:00:00Z"):
-        return {
-            "content": content,
-            "created_at": created_at,
-            "user": {"login": login},
-        }
-
-    issue = {
-        "number": 790,
-        "title": "Repeated pings should not boost attention",
-        "html_url": "https://github.com/openai/codex/issues/790",
-        "state": "open",
-        "created_at": "2026-04-25T01:00:00Z",
-        "updated_at": "2026-04-25T12:00:00Z",
-        "user": {"login": "Alice"},
-        "labels": [{"name": "bug"}, {"name": "tui"}],
-    }
-    comments = [comment(1, "alice"), comment(2, "ALICE"), comment(3, "bob")]
-    comments.append(comment(4, "github-actions[bot]"))
-    issue_reactions = [
-        reaction("+1", "alice"),
-        reaction("rocket", "Alice"),
-        reaction("+1", "bob"),
-        reaction("+1", "github-actions[bot]"),
-        reaction("+1", "carol", created_at="2026-04-24T23:00:00Z"),
-    ]
-    comment_reactions_by_id = {
-        1: [reaction("heart", "alice")],
-        2: [reaction("+1", "bob")],
-        3: [reaction("eyes", "carol")],
-    }
-
-    summary = collect_issue_digest.summarize_issue(
-        issue,
-        comments,
-        ["tui"],
-        since,
-        until,
-        body_chars=100,
-        comment_chars=100,
-        issue_reaction_events=issue_reactions,
-        comment_reactions_by_id=comment_reactions_by_id,
-    )
-
-    assert summary["activity"]["new_human_comments"] == 3
-    assert summary["new_reactions"] == 6
-    assert summary["user_interactions"] == 3
-    assert summary["attention"] is False
-    assert summary["attention_marker"] == ""
-
-
 def test_digest_rows_are_table_ready_with_concise_descriptions():
    rows = collect_issue_digest.digest_rows(
        [
--- a/.codex/skills/update-v8-version/SKILL.md
+++ b/.codex/skills/update-v8-version/SKILL.md
@@ -1,72 +0,0 @@
---
-name: update-v8-version
-description: Update Codex's pinned `v8` / `rusty_v8` versions, validate the release-candidate path, and investigate failed V8 canary or artifact builds. Use when asked to bump V8, update `rusty_v8` artifacts, prepare or validate a V8 release candidate, check `v8-canary`, or diagnose why a V8 version update no longer builds.
---
-
-# Update V8 Version
-
-## Core Workflow
-
-1. Read `third_party/v8/README.md` and follow its version-bump sequence. Treat
-   that document as the release-process source of truth.
-2. Inspect and update the concrete repo surfaces that carry the pin:
-   - `codex-rs/Cargo.toml`
-   - `codex-rs/Cargo.lock`
-   - `MODULE.bazel`
-   - `third_party/v8/BUILD.bazel`
-   - `third_party/v8/README.md`
-   - the matching `third_party/v8/rusty_v8_<version>.sha256` manifest when the
-     remaining prebuilt inputs change
-3. Keep the existing checksum helpers in the loop:
-
-   ```bash
-   python3 .github/scripts/rusty_v8_bazel.py update-module-bazel
-   python3 .github/scripts/rusty_v8_bazel.py check-module-bazel
-   python3 -m unittest discover -s .github/scripts -p test_rusty_v8_bazel.py
-   ```
-
-4. Validate the release-candidate path before broadening the work:
-   - Prefer checking the `v8-canary` CI result for the candidate branch or PR
-     when one exists, using GitHub check tooling or `gh` as appropriate.
-   - If CI is unavailable or the user asked for a local-only check, run the
-     closest local validation that is practical for the changed surface and say
-     explicitly that it is a local substitute, not the full hosted canary.
-5. If the canary path passes, stop there. Summarize the result and encourage the
-   user to commit the candidate changes or proceed with the release flow they
-   requested. Do not publish tags, releases, or pushes unless the user asked.
-
-## Failure Path
-
-Enter this path only when the canary or local build path fails.
-
-1. Capture the failing target, workflow job, and first actionable error.
-2. Compare the currently pinned version with the target version at the relevant
-   upstream tag or SHA. Inspect both:
-   - `denoland/rusty_v8`
-   - upstream V8 source at the target Bazel-pinned version
-3. Track build-relevant deltas rather than broad source churn:
-   - generated binding layout changes
-   - archive or asset naming changes
-   - GN/Bazel target changes
-   - custom libc++ / libc++abi / llvm-libc inputs
-   - sandbox or pointer-compression feature relationships
-   - patch hunks in `patches/` that no longer apply or no longer match upstream
-4. Trace each failing delta back into Codex's build graph:
-   - `MODULE.bazel`
-   - `third_party/v8/BUILD.bazel`
-   - `.github/scripts/rusty_v8_bazel.py`
-   - `.github/workflows/v8-canary.yml`
-   - `.github/workflows/rusty-v8-release.yml`
-5. Update only the pieces required to restore the target version's build and
-   artifact contract. Keep patch explanations and doc changes close to the
-   affected files.
-6. Re-run the focused validation. If it becomes green, return to the normal
-   workflow and stop with a concise summary plus the remaining release step.
-
-## Reporting
-
- Say whether validation came from hosted `v8-canary` or from a local
-  substitute.
- Distinguish "version bump complete" from "release published".
- When blocked, report the upstream delta that matters, the Codex file it hits,
-  and the next concrete fix to try.
--- a/.codex/skills/update-v8-version/agents/openai.yaml
+++ b/.codex/skills/update-v8-version/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "Update V8 Version"
-  short_description: "Guide V8 bumps and release validation"
-  default_prompt: "Use $update-v8-version to update Codex to a new v8 release and validate the release-candidate path."
--- a/.devcontainer/Dockerfile.secure
+++ b/.devcontainer/Dockerfile.secure
@@ -3,7 +3,7 @@ FROM mcr.microsoft.com/devcontainers/base:ubuntu-24.04
 ARG TZ
 ARG DEBIAN_FRONTEND=noninteractive
 ARG NODE_MAJOR=22
-ARG RUST_TOOLCHAIN=1.95.0
+ARG RUST_TOOLCHAIN=1.92.0
 # Keep this in sync with .devcontainer/codex-install/package.json and pnpm-lock.yaml.
 ARG CODEX_NPM_VERSION=0.121.0

--- a/.devcontainer/devcontainer.secure.json
+++ b/.devcontainer/devcontainer.secure.json
@@ -7,7 +7,7 @@
    "args": {
      "TZ": "${localEnv:TZ:UTC}",
      "NODE_MAJOR": "22",
-      "RUST_TOOLCHAIN": "1.95.0",
+      "RUST_TOOLCHAIN": "1.92.0",
      "CODEX_NPM_VERSION": "0.121.0"
    }
  },
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,7 +1,5 @@
 # Core crate ownership.
 /codex-rs/core/ @openai/codex-core-agent-team
-/codex-rs/ext/extension-api/ @openai/codex-core-agent-team
-/codex-rs/prompts/ @openai/codex-core-agent-team

 # Keep ownership changes reviewed by the same team.
 /.github/CODEOWNERS @openai/codex-core-agent-team
--- a/.github/ISSUE_TEMPLATE/3-cli.yml
+++ b/.github/ISSUE_TEMPLATE/3-cli.yml
@@ -2,6 +2,7 @@ name: 💻 CLI Bug
 description: Report an issue in the Codex CLI
 labels:
  - bug
+  - needs triage
 body:
  - type: markdown
    attributes:
@@ -11,8 +12,6 @@ body:

        Make sure you are running the [latest](https://npmjs.com/package/@openai/codex) version of Codex CLI. The bug you are experiencing may already have been fixed.

-        If your version supports it, please run `codex doctor --json` and paste the output in the "Codex doctor report" field below. This helps us diagnose install, config, auth, terminal, MCP, network, and local state issues.
-
  - type: input
    id: version
    attributes:
@@ -42,19 +41,9 @@ body:
    id: terminal
    attributes:
      label: What terminal emulator and version are you using (if applicable)?
+      description: Also note any multiplexer in use (screen / tmux / zellij)
      description: |
-        Also note any multiplexer in use (screen / tmux / zellij).
-        E.g., VS Code, Terminal.app, iTerm2, Ghostty, Windows Terminal (WSL / PowerShell)
-  - type: textarea
-    id: doctor
-    attributes:
-      label: Codex doctor report
-      description: |
-        If available, run `codex doctor --json` and paste the full output here.
-
-        The report is designed to redact secrets, but please review it before submitting.
-        If your Codex version does not support `doctor`, write `not available`.
-      render: json
+        E.g, VSCode, Terminal.app, iTerm2, Ghostty, Windows Terminal (WSL / PowerShell)
  - type: textarea
    id: actual
    attributes:
--- a/.github/ISSUE_TEMPLATE/5-feature-request.yml
+++ b/.github/ISSUE_TEMPLATE/5-feature-request.yml
@@ -10,7 +10,7 @@ body:

        Before you submit a feature:
        1. Search existing issues for similar features. If you find one, 👍 it rather than opening a new one.
-        2. The Codex team will try to balance the varying needs of the community when prioritizing or rejecting new features. Not all features will be accepted. See [Contributing](https://github.com/openai/codex/blob/main/docs/contributing.md) for more details.
+        2. The Codex team will try to balance the varying needs of the community when prioritizing or rejecting new features. Not all features will be accepted. See [Contributing](https://github.com/openai/codex#contributing) for more details.

  - type: input
    id: variant
--- a/.github/ISSUE_TEMPLATE/6-docs-issue.yml
+++ b/.github/ISSUE_TEMPLATE/6-docs-issue.yml
@@ -1,6 +1,6 @@
 name: 📗 Documentation Issue
 description: Tell us if there is missing or incorrect documentation
-labels: [documentation]
+labels: [docs]
 body:
  - type: markdown
    attributes:
@@ -24,4 +24,4 @@ body:
  - type: textarea
    attributes:
      label: Where did you find it?
-      description: If possible, please provide the URL(s) where you found this issue.
+      description: If possible, please provide the URL(s) where you found this issue.
--- a/.github/actions/prepare-bazel-ci/action.yml
+++ b/.github/actions/prepare-bazel-ci/action.yml
@@ -50,7 +50,7 @@ runs:
    - name: Restore bazel repository cache
      id: cache_bazel_repository_restore
      continue-on-error: true
-      uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+      uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
      with:
        path: ${{ steps.setup_bazel.outputs.repository-cache-path }}
        key: ${{ steps.cache_bazel_repository_key.outputs.repository-cache-key }}
--- a/.github/actions/setup-msvc-env/action.yml
+++ b/.github/actions/setup-msvc-env/action.yml
@@ -1,17 +0,0 @@
-name: setup-msvc-env
-description: Expose an MSVC developer environment for the requested Windows target.
-inputs:
-  target:
-    description: Rust target triple that will be built on this Windows runner.
-    required: true
-  host-arch:
-    description: Optional Visual Studio host architecture override.
-    required: false
-    default: ""
-
-runs:
-  using: composite
-  steps:
-    - name: Expose MSVC SDK environment
-      shell: pwsh
-      run: '& "$env:GITHUB_ACTION_PATH/setup-msvc-env.ps1" -Target "${{ inputs.target }}" -HostArch "${{ inputs.host-arch }}"'
--- a/.github/actions/setup-msvc-env/setup-msvc-env.ps1
+++ b/.github/actions/setup-msvc-env/setup-msvc-env.ps1
@@ -1,257 +0,0 @@
-param(
-    [Parameter(Mandatory = $true)]
-    [string]$Target,
-
-    [string]$HostArch = ""
-)
-
-# Cargo can cross-compile the Rust code for Windows ARM64 on a Windows x64
-# runner, but rustup alone does not expose the matching MSVC/UCRT include and
-# library paths. Ask Visual Studio for the target-specific developer
-# environment, then persist the relevant variables through GITHUB_ENV so the
-# later Cargo step sees the same environment as a normal VsDevCmd shell.
-switch ($Target) {
-    "x86_64-pc-windows-msvc" {
-        $TargetArch = "x64"
-        $RequiredComponent = "Microsoft.VisualStudio.Component.VC.Tools.x86.x64"
-    }
-    "aarch64-pc-windows-msvc" {
-        $TargetArch = "arm64"
-        $RequiredComponent = "Microsoft.VisualStudio.Component.VC.Tools.ARM64"
-    }
-    default {
-        throw "Unsupported Windows MSVC target: $Target"
-    }
-}
-
-# VsDevCmd needs both sides of the cross compile: the architecture of the
-# machine running the tools and the architecture of the binaries being linked.
-# Infer the host from the runner unless a caller needs to override it.
-if (-not $HostArch) {
-    $HostArch = if ($env:PROCESSOR_ARCHITEW6432 -eq "ARM64" -or $env:PROCESSOR_ARCHITECTURE -eq "ARM64") {
-        "arm64"
-    } else {
-        "x64"
-    }
-}
-
-$VsWhere = "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe"
-if (-not (Test-Path $VsWhere)) {
-    throw "vswhere.exe not found"
-}
-
-# Require the target VC tools component, not merely any Visual Studio install,
-# so an x64 archive producer cannot silently link ARM64 tests with the wrong
-# SDK/toolchain layout.
-$InstallPath = & $VsWhere -latest -products * -requires $RequiredComponent -property installationPath 2>$null
-if (-not $InstallPath) {
-    throw "Could not locate a Visual Studio installation with component $RequiredComponent"
-}
-
-$VsDevCmd = Join-Path $InstallPath "Common7\Tools\VsDevCmd.bat"
-if (-not (Test-Path $VsDevCmd)) {
-    throw "VsDevCmd.bat not found at $VsDevCmd"
-}
-
-$VarsToExport = @(
-    "INCLUDE",
-    "LIB",
-    "LIBPATH",
-    "PATH",
-    "UCRTVersion",
-    "UniversalCRTSdkDir",
-    "VCINSTALLDIR",
-    "VCToolsInstallDir",
-    "WindowsLibPath",
-    "WindowsSdkBinPath",
-    "WindowsSdkDir",
-    "WindowsSDKLibVersion",
-    "WindowsSDKVersion"
-)
-
-# Run VsDevCmd inside cmd.exe because it is a batch file, then copy just the
-# variables Cargo/rustc need into the GitHub Actions environment file. PowerShell
-# cannot mutate the parent composite-action environment directly.
-$EnvLines = & cmd.exe /c ('"{0}" -no_logo -arch={1} -host_arch={2} >nul && set' -f $VsDevCmd, $TargetArch, $HostArch)
-$VcToolsInstallDir = $null
-foreach ($Line in $EnvLines) {
-    if ($Line -notmatch "^(.*?)=(.*)$") {
-        continue
-    }
-
-    $Name = $Matches[1]
-    $Value = $Matches[2]
-    if ($VarsToExport -contains $Name) {
-        if ($Name -ieq "Path") {
-            $Name = "PATH"
-        }
-        if ($Name -eq "VCToolsInstallDir") {
-            $VcToolsInstallDir = $Value
-        }
-        "$Name=$Value" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-    }
-}
-
-if (-not $VcToolsInstallDir) {
-    throw "VCToolsInstallDir was not exported by VsDevCmd.bat"
-}
-
-# Prefer Rust's bundled linker when rustup provides one, then Visual Studio's
-# LLVM linker, and finally MSVC link.exe. This keeps the cross-compile path close
-# to Rust's normal Windows MSVC behavior while still working on runner images
-# where one of those linkers is absent.
-$Linker = $null
-$Rustc = Get-Command rustc -ErrorAction SilentlyContinue
-if ($Rustc) {
-    $Sysroot = (& rustc --print sysroot 2>$null).Trim()
-    $RustHost = & rustc -vV 2>$null | Select-String "^host: " | ForEach-Object { $_.Line.Substring(6) }
-    if ($RustHost) {
-        $RustHost = $RustHost.Trim()
-    }
-    if ($Sysroot -and $RustHost) {
-        $RustLld = Join-Path $Sysroot "lib\rustlib\$RustHost\bin\rust-lld.exe"
-        if (Test-Path $RustLld) {
-            $Linker = $RustLld
-        }
-    }
-}
-if (-not $Linker) {
-    $Linker = Join-Path $InstallPath "VC\Tools\Llvm\x64\bin\lld-link.exe"
-}
-if (-not (Test-Path $Linker)) {
-    $Linker = Join-Path $VcToolsInstallDir "bin\Host${HostArch}\${TargetArch}\link.exe"
-}
-if (-not (Test-Path $Linker)) {
-    throw "Windows linker not found at $Linker"
-}
-
-# rustc passes `/arm64hazardfree` for ARM64 MSVC links. The lld variants on our
-# Windows x64 archive producers reject that flag, including when rustc places it
-# inside a response file. Compile a tiny forwarding wrapper that strips only
-# that unsupported flag, then delegate every other argument to the real linker.
-if ($TargetArch -eq "arm64" -and (Split-Path -Leaf $Linker) -match "lld") {
-    $WrapperDir = Join-Path $env:RUNNER_TEMP "msvc-lld-wrapper"
-    New-Item -Path $WrapperDir -ItemType Directory -Force | Out-Null
-    $WrapperPath = Join-Path $WrapperDir "lld-link-wrapper.exe"
-    $WrapperSource = @'
-using System;
-using System.Collections.Generic;
-using System.Diagnostics;
-using System.IO;
-using System.Text;
-using System.Text.RegularExpressions;
-
-internal static class Program
-{
-    private static int Main(string[] args)
-    {
-        var linker = Environment.GetEnvironmentVariable("MSVC_REAL_LINKER");
-        if (string.IsNullOrEmpty(linker))
-        {
-            Console.Error.WriteLine("MSVC_REAL_LINKER is not set");
-            return 1;
-        }
-
-        var startInfo = new ProcessStartInfo(linker)
-        {
-            UseShellExecute = false,
-        };
-        var filteredArgs = new List<string> { "-flavor", "link", "/defaultlib:ucrt", "/nodefaultlib:libucrt" };
-        foreach (var arg in args)
-        {
-            if (!string.Equals(arg, "/arm64hazardfree", StringComparison.OrdinalIgnoreCase))
-            {
-                filteredArgs.Add(QuoteArgument(FilterResponseFile(arg)));
-            }
-        }
-        startInfo.Arguments = string.Join(" ", filteredArgs);
-
-        using var process = Process.Start(startInfo);
-        if (process is null)
-        {
-            Console.Error.WriteLine($"Failed to start linker: {linker}");
-            return 1;
-        }
-
-        process.WaitForExit();
-        return process.ExitCode;
-    }
-
-    private static string FilterResponseFile(string argument)
-    {
-        if (argument.Length < 2 || argument[0] != '@')
-        {
-            return argument;
-        }
-
-        var responsePath = argument.Substring(1);
-        if (!File.Exists(responsePath))
-        {
-            return argument;
-        }
-
-        var filteredResponsePath = Path.Combine(Path.GetTempPath(), Path.GetRandomFileName() + ".rsp");
-        var responseContents = Regex.Replace(
-            File.ReadAllText(responsePath),
-            "/arm64hazardfree",
-            string.Empty,
-            RegexOptions.IgnoreCase);
-        File.WriteAllText(filteredResponsePath, responseContents);
-        return "@" + filteredResponsePath;
-    }
-
-    private static string QuoteArgument(string argument)
-    {
-        if (argument.Length == 0)
-        {
-            return "\"\"";
-        }
-        if (argument.IndexOfAny(new[] { ' ', '\t', '"' }) < 0)
-        {
-            return argument;
-        }
-
-        var quoted = new StringBuilder("\"");
-        var backslashes = 0;
-        foreach (var character in argument)
-        {
-            if (character == '\\')
-            {
-                backslashes++;
-                continue;
-            }
-            if (character == '"')
-            {
-                quoted.Append('\\', (backslashes * 2) + 1);
-                quoted.Append(character);
-                backslashes = 0;
-                continue;
-            }
-
-            quoted.Append('\\', backslashes);
-            backslashes = 0;
-            quoted.Append(character);
-        }
-        quoted.Append('\\', backslashes * 2);
-        quoted.Append('"');
-        return quoted.ToString();
-    }
-}
-'@
-    $WrapperSourcePath = Join-Path $WrapperDir "lld-link-wrapper.cs"
-    $WrapperSource | Out-File -FilePath $WrapperSourcePath -Encoding utf8
-    $Csc = Join-Path $InstallPath "MSBuild\Current\Bin\Roslyn\csc.exe"
-    if (-not (Test-Path $Csc)) {
-        throw "csc.exe not found at $Csc"
-    }
-    & $Csc /nologo /target:exe /out:$WrapperPath $WrapperSourcePath
-    if ($LASTEXITCODE -ne 0) {
-        throw "Failed to compile lld-link wrapper"
-    }
-    "MSVC_REAL_LINKER=$Linker" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-    $Linker = $WrapperPath
-}
-
-Write-Output "Using Windows linker: $Linker"
-$CargoTarget = $Target.ToUpperInvariant().Replace("-", "_")
-"CARGO_TARGET_${CargoTarget}_LINKER=$Linker" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
--- a/.github/actions/setup-rusty-v8-musl/action.yml
+++ b/.github/actions/setup-rusty-v8-musl/action.yml
@@ -1,20 +1,29 @@
-name: setup-rusty-v8
-description: Download and verify Codex-built rusty_v8 artifacts for Cargo builds.
+name: setup-rusty-v8-musl
+description: Download and verify musl rusty_v8 artifacts for Cargo builds.
 inputs:
  target:
-    description: Rust target triple with Codex-built V8 release artifacts.
+    description: Rust musl target triple.
    required: true

 runs:
  using: composite
  steps:
-    - name: Configure rusty_v8 artifact overrides and verify checksums
+    - name: Configure musl rusty_v8 artifact overrides and verify checksums
      shell: bash
      env:
        TARGET: ${{ inputs.target }}
      run: |
        set -euo pipefail

+        case "${TARGET}" in
+          x86_64-unknown-linux-musl|aarch64-unknown-linux-musl)
+            ;;
+          *)
+            echo "Unsupported musl rusty_v8 target: ${TARGET}" >&2
+            exit 1
+            ;;
+        esac
+
        version="$(python3 "${GITHUB_WORKSPACE}/.github/scripts/rusty_v8_bazel.py" resolved-v8-crate-version)"
        release_tag="rusty-v8-v${version}"
        base_url="https://github.com/openai/codex/releases/download/${release_tag}"
@@ -22,21 +31,19 @@ runs:
        archive_path="${binding_dir}/librusty_v8_release_${TARGET}.a.gz"
        binding_path="${binding_dir}/src_binding_release_${TARGET}.rs"
        checksums_path="${binding_dir}/rusty_v8_release_${TARGET}.sha256"
+        checksums_source="${GITHUB_WORKSPACE}/third_party/v8/rusty_v8_${version//./_}.sha256"

        mkdir -p "${binding_dir}"
        curl -fsSL "${base_url}/librusty_v8_release_${TARGET}.a.gz" -o "${archive_path}"
        curl -fsSL "${base_url}/src_binding_release_${TARGET}.rs" -o "${binding_path}"
-        curl -fsSL "${base_url}/rusty_v8_release_${TARGET}.sha256" -o "${checksums_path}"
+        grep -E "  (librusty_v8_release_${TARGET}[.]a[.]gz|src_binding_release_${TARGET}[.]rs)$" \
+          "${checksums_source}" > "${checksums_path}"

        if [[ "$(wc -l < "${checksums_path}")" -ne 2 ]]; then
-          echo "Expected exactly two checksums for ${TARGET} in ${checksums_path}" >&2
+          echo "Expected exactly two checksums for ${TARGET} in ${checksums_source}" >&2
          exit 1
        fi

-        if command -v sha256sum >/dev/null 2>&1; then
-          (cd "${binding_dir}" && sha256sum -c "${checksums_path}")
-        else
-          (cd "${binding_dir}" && shasum -a 256 -c "${checksums_path}")
-        fi
+        (cd "${binding_dir}" && sha256sum -c "${checksums_path}")
        echo "RUSTY_V8_ARCHIVE=${archive_path}" >> "${GITHUB_ENV}"
        echo "RUSTY_V8_SRC_BINDING_PATH=${binding_path}" >> "${GITHUB_ENV}"
--- a/.github/actions/windows-code-sign/action.yml
+++ b/.github/actions/windows-code-sign/action.yml
@@ -30,7 +30,7 @@ runs:
  using: composite
  steps:
    - name: Azure login for Trusted Signing (OIDC)
-      uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
+      uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
      with:
        client-id: ${{ inputs.client-id }}
        tenant-id: ${{ inputs.tenant-id }}
@@ -54,7 +54,7 @@ runs:
        } >> "$GITHUB_OUTPUT"

    - name: Sign Windows binaries with Azure Trusted Signing
-      uses: azure/trusted-signing-action@1d365fec12862c4aa68fcac418143d73f0cea293 # v0.5.11
+      uses: azure/trusted-signing-action@1d365fec12862c4aa68fcac418143d73f0cea293 # v0
      with:
        endpoint: ${{ inputs.endpoint }}
        trusted-signing-account-name: ${{ inputs.account-name }}
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -6,37 +6,25 @@ updates:
    directory: .github/actions/codex
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: cargo
    directories:
      - codex-rs
      - codex-rs/*
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: devcontainers
    directory: /
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: docker
    directory: codex-cli
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: github-actions
    directory: /
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: rust-toolchain
    directory: codex-rs
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
--- a/.github/dotslash-config.json
+++ b/.github/dotslash-config.json
@@ -3,56 +3,56 @@
    "codex": {
      "platforms": {
        "macos-aarch64": {
-          "regex": "^codex-package-aarch64-apple-darwin\\.tar\\.zst$",
-          "path": "bin/codex"
+          "regex": "^codex-aarch64-apple-darwin\\.zst$",
+          "path": "codex"
        },
        "macos-x86_64": {
-          "regex": "^codex-package-x86_64-apple-darwin\\.tar\\.zst$",
-          "path": "bin/codex"
+          "regex": "^codex-x86_64-apple-darwin\\.zst$",
+          "path": "codex"
        },
        "linux-x86_64": {
-          "regex": "^codex-package-x86_64-unknown-linux-musl\\.tar\\.zst$",
-          "path": "bin/codex"
+          "regex": "^codex-x86_64-unknown-linux-musl\\.zst$",
+          "path": "codex"
        },
        "linux-aarch64": {
-          "regex": "^codex-package-aarch64-unknown-linux-musl\\.tar\\.zst$",
-          "path": "bin/codex"
+          "regex": "^codex-aarch64-unknown-linux-musl\\.zst$",
+          "path": "codex"
        },
        "windows-x86_64": {
-          "regex": "^codex-package-x86_64-pc-windows-msvc\\.tar\\.zst$",
-          "path": "bin/codex.exe"
+          "regex": "^codex-x86_64-pc-windows-msvc\\.exe\\.zst$",
+          "path": "codex.exe"
        },
        "windows-aarch64": {
-          "regex": "^codex-package-aarch64-pc-windows-msvc\\.tar\\.zst$",
-          "path": "bin/codex.exe"
+          "regex": "^codex-aarch64-pc-windows-msvc\\.exe\\.zst$",
+          "path": "codex.exe"
        }
      }
    },
    "codex-app-server": {
      "platforms": {
        "macos-aarch64": {
-          "regex": "^codex-app-server-package-aarch64-apple-darwin\\.tar\\.zst$",
-          "path": "bin/codex-app-server"
+          "regex": "^codex-app-server-aarch64-apple-darwin\\.zst$",
+          "path": "codex-app-server"
        },
        "macos-x86_64": {
-          "regex": "^codex-app-server-package-x86_64-apple-darwin\\.tar\\.zst$",
-          "path": "bin/codex-app-server"
+          "regex": "^codex-app-server-x86_64-apple-darwin\\.zst$",
+          "path": "codex-app-server"
        },
        "linux-x86_64": {
-          "regex": "^codex-app-server-package-x86_64-unknown-linux-musl\\.tar\\.zst$",
-          "path": "bin/codex-app-server"
+          "regex": "^codex-app-server-x86_64-unknown-linux-musl\\.zst$",
+          "path": "codex-app-server"
        },
        "linux-aarch64": {
-          "regex": "^codex-app-server-package-aarch64-unknown-linux-musl\\.tar\\.zst$",
-          "path": "bin/codex-app-server"
+          "regex": "^codex-app-server-aarch64-unknown-linux-musl\\.zst$",
+          "path": "codex-app-server"
        },
        "windows-x86_64": {
-          "regex": "^codex-app-server-package-x86_64-pc-windows-msvc\\.tar\\.zst$",
-          "path": "bin/codex-app-server.exe"
+          "regex": "^codex-app-server-x86_64-pc-windows-msvc\\.exe\\.zst$",
+          "path": "codex-app-server.exe"
        },
        "windows-aarch64": {
-          "regex": "^codex-app-server-package-aarch64-pc-windows-msvc\\.tar\\.zst$",
-          "path": "bin/codex-app-server.exe"
+          "regex": "^codex-app-server-aarch64-pc-windows-msvc\\.exe\\.zst$",
+          "path": "codex-app-server.exe"
        }
      }
    },
@@ -84,18 +84,6 @@
        }
      }
    },
-    "bwrap": {
-      "platforms": {
-        "linux-x86_64": {
-          "regex": "^bwrap-x86_64-unknown-linux-musl\\.zst$",
-          "path": "bwrap"
-        },
-        "linux-aarch64": {
-          "regex": "^bwrap-aarch64-unknown-linux-musl\\.zst$",
-          "path": "bwrap"
-        }
-      }
-    },
    "codex-command-runner": {
      "platforms": {
        "windows-x86_64": {
--- a/.github/dotslash-zsh-config.json
+++ b/.github/dotslash-zsh-config.json
@@ -7,11 +7,6 @@
          "format": "tar.gz",
          "path": "codex-zsh/bin/zsh"
        },
-        "macos-x86_64": {
-          "name": "codex-zsh-x86_64-apple-darwin.tar.gz",
-          "format": "tar.gz",
-          "path": "codex-zsh/bin/zsh"
-        },
        "linux-x86_64": {
          "name": "codex-zsh-x86_64-unknown-linux-musl.tar.gz",
          "format": "tar.gz",
--- a/.github/scripts/build-codex-package-archive.sh
+++ b/.github/scripts/build-codex-package-archive.sh
@@ -1,172 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-usage() {
-  cat <<'EOF'
-Usage: build-codex-package-archive.sh \
-  --target <rust-target> \
-  --bundle <primary|app-server> \
-  --entrypoint-dir <dir> \
-  --archive-dir <dir> \
-  [--bwrap-bin <path>] \
-  [--codex-command-runner-bin <path>] \
-  [--codex-windows-sandbox-setup-bin <path>] \
-  [--target-suffixed-entrypoint]
-EOF
-}
-
-target=""
-bundle=""
-entrypoint_dir=""
-archive_dir=""
-target_suffixed_entrypoint="false"
-resource_args=()
-bwrap_bin_provided="false"
-command_runner_bin_provided="false"
-sandbox_setup_bin_provided="false"
-
-while [[ $# -gt 0 ]]; do
-  case "$1" in
-    --target)
-      target="${2:?--target requires a value}"
-      shift 2
-      ;;
-    --bundle)
-      bundle="${2:?--bundle requires a value}"
-      shift 2
-      ;;
-    --entrypoint-dir)
-      entrypoint_dir="${2:?--entrypoint-dir requires a value}"
-      shift 2
-      ;;
-    --archive-dir)
-      archive_dir="${2:?--archive-dir requires a value}"
-      shift 2
-      ;;
-    --bwrap-bin)
-      resource_args+=(--bwrap-bin "${2:?--bwrap-bin requires a value}")
-      bwrap_bin_provided="true"
-      shift 2
-      ;;
-    --codex-command-runner-bin)
-      resource_args+=(
-        --codex-command-runner-bin
-        "${2:?--codex-command-runner-bin requires a value}"
-      )
-      command_runner_bin_provided="true"
-      shift 2
-      ;;
-    --codex-windows-sandbox-setup-bin)
-      resource_args+=(
-        --codex-windows-sandbox-setup-bin
-        "${2:?--codex-windows-sandbox-setup-bin requires a value}"
-      )
-      sandbox_setup_bin_provided="true"
-      shift 2
-      ;;
-    --target-suffixed-entrypoint)
-      target_suffixed_entrypoint="true"
-      shift
-      ;;
-    -h|--help)
-      usage
-      exit 0
-      ;;
-    *)
-      echo "Unexpected argument: $1" >&2
-      usage >&2
-      exit 1
-      ;;
-  esac
-done
-
-if [[ -z "$target" || -z "$bundle" || -z "$entrypoint_dir" || -z "$archive_dir" ]]; then
-  usage >&2
-  exit 1
-fi
-
-case "$bundle" in
-  primary)
-    variant="codex"
-    entrypoint="codex"
-    archive_stem="codex-package"
-    ;;
-  app-server)
-    variant="codex-app-server"
-    entrypoint="codex-app-server"
-    archive_stem="codex-app-server-package"
-    ;;
-  *)
-    echo "No Codex package variant for bundle: $bundle" >&2
-    exit 1
-    ;;
-esac
-
-exe_suffix=""
-case "$target" in
-  *windows*)
-    exe_suffix=".exe"
-    ;;
-esac
-
-entrypoint_name="$entrypoint"
-if [[ "$target_suffixed_entrypoint" == "true" ]]; then
-  entrypoint_name="${entrypoint_name}-${target}"
-fi
-
-case "$target" in
-  *linux*)
-    bwrap_bin="${entrypoint_dir%/}/bwrap"
-    if [[ "$bwrap_bin_provided" == "false" && -f "$bwrap_bin" ]]; then
-      resource_args+=(--bwrap-bin "$bwrap_bin")
-    fi
-    ;;
-  *windows*)
-    command_runner_bin="${entrypoint_dir%/}/codex-command-runner.exe"
-    sandbox_setup_bin="${entrypoint_dir%/}/codex-windows-sandbox-setup.exe"
-    if [[ "$command_runner_bin_provided" == "false" && -f "$command_runner_bin" ]]; then
-      resource_args+=(--codex-command-runner-bin "$command_runner_bin")
-    fi
-    if [[ "$sandbox_setup_bin_provided" == "false" && -f "$sandbox_setup_bin" ]]; then
-      resource_args+=(--codex-windows-sandbox-setup-bin "$sandbox_setup_bin")
-    fi
-    ;;
-esac
-
-repo_root="${GITHUB_WORKSPACE:-}"
-if [[ -z "$repo_root" ]]; then
-  repo_root="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
-fi
-
-if command -v python3 >/dev/null 2>&1; then
-  python_bin="python3"
-else
-  python_bin="python"
-fi
-
-if ! command -v zstd >/dev/null 2>&1 && [[ -x "${repo_root}/.github/workflows/zstd" ]]; then
-  export PATH="${repo_root}/.github/workflows:${PATH}"
-fi
-
-mkdir -p "$archive_dir"
-package_dir="${RUNNER_TEMP:-/tmp}/${archive_stem}-${target}"
-gzip_archive_path="${archive_dir}/${archive_stem}-${target}.tar.gz"
-zstd_archive_path="${archive_dir}/${archive_stem}-${target}.tar.zst"
-rm -rf "$package_dir"
-
-python_args=(
-  "${repo_root}/scripts/build_codex_package.py"
-  --target "$target"
-  --variant "$variant"
-  --entrypoint-bin "${entrypoint_dir%/}/${entrypoint_name}${exe_suffix}"
-  --cargo-profile release
-  --package-dir "$package_dir"
-  --archive-output "$gzip_archive_path"
-  --archive-output "$zstd_archive_path"
-)
-if ((${#resource_args[@]} > 0)); then
-  python_args+=("${resource_args[@]}")
-fi
-python_args+=(--force)
-
-"$python_bin" "${python_args[@]}"
--- a/.github/scripts/install-musl-build-tools.sh
+++ b/.github/scripts/install-musl-build-tools.sh
@@ -150,9 +150,7 @@ for arg in "\$@"; do
  args+=("\${arg}")
 done

-# Zig enables UBSan for debug C builds by default. Rust links these objects
-# without Zig's sanitizer runtime, so keep native dependencies uninstrumented.
-exec "${zig_bin}" cc -target "${zig_target}" "\${args[@]}" -fno-sanitize=undefined
+exec "${zig_bin}" cc -target "${zig_target}" "\${args[@]}"
 EOF
  cat >"${cxx}" <<EOF
 #!/usr/bin/env bash
@@ -209,9 +207,7 @@ for arg in "\$@"; do
  args+=("\${arg}")
 done

-# Zig enables UBSan for debug C++ builds by default. Rust links these objects
-# without Zig's sanitizer runtime, so keep native dependencies uninstrumented.
-exec "${zig_bin}" c++ -target "${zig_target}" "\${args[@]}" -fno-sanitize=undefined
+exec "${zig_bin}" c++ -target "${zig_target}" "\${args[@]}"
 EOF
  chmod +x "${cc}" "${cxx}"

@@ -274,11 +270,6 @@ echo "PKG_CONFIG_PATH=${pkg_config_path}" >> "$GITHUB_ENV"
 pkg_config_path_var="PKG_CONFIG_PATH_${TARGET}"
 pkg_config_path_var="${pkg_config_path_var//-/_}"
 echo "${pkg_config_path_var}=${libcap_pkgconfig_dir}" >> "$GITHUB_ENV"
-pkg_config_libdir_var="PKG_CONFIG_LIBDIR_${TARGET}"
-pkg_config_libdir_var="${pkg_config_libdir_var//-/_}"
-# Do not let musl cross-builds resolve native libraries from the host glibc
-# pkg-config directories. libcap is the only target package provided here.
-echo "${pkg_config_libdir_var}=${libcap_pkgconfig_dir}" >> "$GITHUB_ENV"

 if [[ -n "${sysroot}" && "${sysroot}" != "/" ]]; then
  echo "PKG_CONFIG_SYSROOT_DIR=${sysroot}" >> "$GITHUB_ENV"
--- a/.github/scripts/run-bazel-ci.sh
+++ b/.github/scripts/run-bazel-ci.sh
@@ -53,20 +53,11 @@ fi

 run_bazel() {
  if [[ "${RUNNER_OS:-}" == "Windows" ]]; then
-    MSYS2_ARG_CONV_EXCL='*' "$(dirname "${BASH_SOURCE[0]}")/run_bazel_with_buildbuddy.py" "$@"
+    MSYS2_ARG_CONV_EXCL='*' bazel "$@"
    return
  fi

-  "$(dirname "${BASH_SOURCE[0]}")/run_bazel_with_buildbuddy.py" "$@"
-}
-
-run_bazel_with_startup_args() {
-  if (( ${#bazel_startup_args[@]} > 0 )); then
-    run_bazel "${bazel_startup_args[@]}" "$@"
-    return
-  fi
-
-  run_bazel "$@"
+  bazel "$@"
 }

 ci_config=ci-linux
@@ -86,16 +77,23 @@ esac
 print_bazel_test_log_tails() {
  local console_log="$1"
  local testlogs_dir
-
+  local -a bazel_info_cmd=(bazel)
  local -a bazel_info_args=(info)
-  if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then
-    # `bazel info` needs the same CI config as the failed test invocation so
-    # platform-specific output roots match. On Windows, omitting `ci-windows`
-    # would point at `local_windows-fastbuild` even when the test ran with the
-    # MSVC host platform under `local_windows_msvc-fastbuild`.
-    bazel_info_args+=("--config=${ci_config}")
+
+  if (( ${#bazel_startup_args[@]} > 0 )); then
+    bazel_info_cmd+=("${bazel_startup_args[@]}")
  fi

+  # `bazel info` needs the same CI config as the failed test invocation so
+  # platform-specific output roots match. On Windows, omitting `ci-windows`
+  # would point at `local_windows-fastbuild` even when the test ran with the
+  # MSVC host platform under `local_windows_msvc-fastbuild`.
+  if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then
+    bazel_info_args+=(
+      "--config=${ci_config}"
+      "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"
+    )
+  fi
  # Only pass flags that affect Bazel's output-root selection or repository
  # lookup. Test/build-only flags such as execution logs or remote download
  # mode can make `bazel info` fail, which would hide the real test log path.
@@ -107,7 +105,7 @@ print_bazel_test_log_tails() {
    esac
  done

-  testlogs_dir="$(run_bazel_with_startup_args \
+  testlogs_dir="$(run_bazel "${bazel_info_cmd[@]:1}" \
    --noexperimental_remote_repo_contents_cache \
    "${bazel_info_args[@]}" \
    bazel-testlogs 2>/dev/null || echo bazel-testlogs)"
@@ -256,9 +254,8 @@ if [[ ${#bazel_args[@]} -eq 0 || ${#bazel_targets[@]} -eq 0 ]]; then
 fi

 if [[ "${RUNNER_OS:-}" == "Windows" && $windows_cross_compile -eq 1 && -z "${BUILDBUDDY_API_KEY:-}" ]]; then
-  # Windows cross-compilation depends on authenticated RBE. Preserve the local
-  # Windows build shape when credentials are unavailable.
-  ci_config=ci-windows
+  # Fork PRs do not receive the BuildBuddy secret needed for the remote
+  # cross-compile config. Preserve the previous local Windows build shape.
  windows_msvc_host_platform=1
 fi

@@ -300,9 +297,9 @@ if [[ "${RUNNER_OS:-}" == "Windows" && $windows_cross_compile -eq 1 && -n "${BUI
 fi

 if [[ "${RUNNER_OS:-}" == "Windows" && $windows_cross_compile -eq 1 && -z "${BUILDBUDDY_API_KEY:-}" ]]; then
-  # The Windows cross-compile config depends on authenticated remote
-  # execution. When credentials are unavailable, keep the local build shape
-  # and its lower concurrency cap.
+  # The Windows cross-compile config depends on remote execution. Fork PRs do
+  # not receive the BuildBuddy secret, so fall back to the existing local build
+  # shape and keep its lower concurrency cap.
  post_config_bazel_args+=(--jobs=8)
 fi

@@ -380,31 +377,70 @@ fi
 bazel_console_log="$(mktemp)"
 trap 'rm -f "$bazel_console_log"' EXIT

-bazel_run_args=(
-  "${bazel_args[@]}"
-)
+bazel_cmd=(bazel)
+if (( ${#bazel_startup_args[@]} > 0 )); then
+  bazel_cmd+=("${bazel_startup_args[@]}")
+fi
+
 if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then
  echo "BuildBuddy API key is available; using remote Bazel configuration."
-  bazel_run_args+=("--config=${ci_config}")
+  # Work around Bazel 9 remote repo contents cache / overlay materialization failures
+  # seen in CI (for example "is not a symlink" or permission errors while
+  # materializing external repos such as rules_perl). We still use BuildBuddy for
+  # remote execution/cache; this only disables the startup-level repo contents cache.
+  bazel_run_args=(
+    "${bazel_args[@]}"
+    "--config=${ci_config}"
+    "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"
+  )
+  if (( ${#post_config_bazel_args[@]} > 0 )); then
+    bazel_run_args+=("${post_config_bazel_args[@]}")
+  fi
+  set +e
+  run_bazel "${bazel_cmd[@]:1}" \
+    --noexperimental_remote_repo_contents_cache \
+    "${bazel_run_args[@]}" \
+    -- \
+    "${bazel_targets[@]}" \
+    2>&1 | tee "$bazel_console_log"
+  bazel_status=${PIPESTATUS[0]}
+  set -e
 else
  echo "BuildBuddy API key is not available; using local Bazel configuration."
+  # Keep fork/community PRs on Bazel but disable remote services that are
+  # configured in .bazelrc and require auth.
+  #
+  # Flag docs:
+  # - Command-line reference: https://bazel.build/reference/command-line-reference
+  # - Remote caching overview: https://bazel.build/remote/caching
+  # - Remote execution overview: https://bazel.build/remote/rbe
+  # - Build Event Protocol overview: https://bazel.build/remote/bep
+  #
+  # --noexperimental_remote_repo_contents_cache:
+  #   disable remote repo contents cache enabled in .bazelrc startup options.
+  #   https://bazel.build/reference/command-line-reference#startup_options-flag--experimental_remote_repo_contents_cache
+  # --remote_cache= and --remote_executor=:
+  #   clear remote cache/execution endpoints configured in .bazelrc.
+  #   https://bazel.build/reference/command-line-reference#common_options-flag--remote_cache
+  #   https://bazel.build/reference/command-line-reference#common_options-flag--remote_executor
+  bazel_run_args=(
+    "${bazel_args[@]}"
+    --remote_cache=
+    --remote_executor=
+  )
+  if (( ${#post_config_bazel_args[@]} > 0 )); then
+    bazel_run_args+=("${post_config_bazel_args[@]}")
+  fi
+  set +e
+  run_bazel "${bazel_cmd[@]:1}" \
+    --noexperimental_remote_repo_contents_cache \
+    "${bazel_run_args[@]}" \
+    -- \
+    "${bazel_targets[@]}" \
+    2>&1 | tee "$bazel_console_log"
+  bazel_status=${PIPESTATUS[0]}
+  set -e
 fi
-if (( ${#post_config_bazel_args[@]} > 0 )); then
-  bazel_run_args+=("${post_config_bazel_args[@]}")
-fi
-set +e
-# Work around Bazel 9 remote repo contents cache / overlay materialization
-# failures seen in CI (for example "is not a symlink" or permission errors
-# while materializing external repos such as rules_perl). This only disables
-# the startup-level repo contents cache; keyed runs still use BuildBuddy.
-run_bazel_with_startup_args \
-  --noexperimental_remote_repo_contents_cache \
-  "${bazel_run_args[@]}" \
-  -- \
-  "${bazel_targets[@]}" \
-  2>&1 | tee "$bazel_console_log"
-bazel_status=${PIPESTATUS[0]}
-set -e

 if [[ ${bazel_status:-0} -ne 0 ]]; then
  if [[ $print_failed_bazel_action_summary -eq 1 ]]; then
--- a/.github/scripts/run-bazel-query-ci.sh
+++ b/.github/scripts/run-bazel-query-ci.sh
@@ -2,17 +2,48 @@

 set -euo pipefail

-# Run target-discovery queries with the same startup settings as the main
-# build/test invocation so they can reuse the same Bazel server. Queries only
-# enumerate labels, so they intentionally do not select CI or remote configs.
+# Run Bazel queries with the same CI startup settings as the main build/test
+# invocation so target-discovery queries can reuse the same Bazel server.

-if [[ $# -lt 2 || "${@: -2:1}" != "--" ]]; then
-  echo "Usage: $0 [<bazel query args>...] -- <query expression>" >&2
+query_args=()
+windows_cross_compile=0
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --windows-cross-compile)
+      windows_cross_compile=1
+      shift
+      ;;
+    --)
+      shift
+      break
+      ;;
+    *)
+      query_args+=("$1")
+      shift
+      ;;
+  esac
+done
+
+if [[ $# -ne 1 ]]; then
+  echo "Usage: $0 [--windows-cross-compile] [<bazel query args>...] -- <query expression>" >&2
  exit 1
 fi

-query_args=("${@:1:$#-2}")
-query_expression="${@: -1}"
+query_expression="$1"
+
+ci_config=ci-linux
+case "${RUNNER_OS:-}" in
+  macOS)
+    ci_config=ci-macos
+    ;;
+  Windows)
+    if [[ $windows_cross_compile -eq 1 ]]; then
+      ci_config=ci-windows-cross
+    else
+      ci_config=ci-windows
+    fi
+    ;;
+esac

 bazel_startup_args=()
 if [[ -n "${BAZEL_OUTPUT_USER_ROOT:-}" ]]; then
@@ -29,6 +60,12 @@ run_bazel() {
 }

 bazel_query_args=(--noexperimental_remote_repo_contents_cache query)
+if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then
+  bazel_query_args+=(
+    "--config=${ci_config}"
+    "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"
+  )
+fi

 if [[ -n "${BAZEL_REPO_CONTENTS_CACHE:-}" ]]; then
  bazel_query_args+=("--repo_contents_cache=${BAZEL_REPO_CONTENTS_CACHE}")
@@ -38,10 +75,7 @@ if [[ -n "${BAZEL_REPOSITORY_CACHE:-}" ]]; then
  bazel_query_args+=("--repository_cache=${BAZEL_REPOSITORY_CACHE}")
 fi

-if (( ${#query_args[@]} > 0 )); then
-  bazel_query_args+=("${query_args[@]}")
-fi
-bazel_query_args+=("$query_expression")
+bazel_query_args+=("${query_args[@]}" "$query_expression")

 if (( ${#bazel_startup_args[@]} > 0 )); then
  run_bazel "${bazel_startup_args[@]}" "${bazel_query_args[@]}"
--- a/.github/scripts/run_bazel_with_buildbuddy.py
+++ b/.github/scripts/run_bazel_with_buildbuddy.py
@@ -1,147 +0,0 @@
-#!/usr/bin/env python3
-
-import json
-import os
-import subprocess
-import sys
-from collections.abc import Mapping
-from collections.abc import Sequence
-from pathlib import Path
-
-
-OPENAI_REPOSITORY = "openai/codex"
-# Remote configurations select cache/BES/download endpoints. Their -rbe forms
-# also select the matching remote executor endpoint.
-GENERIC_REMOTE_CONFIG = "buildbuddy-generic"
-OPENAI_REMOTE_CONFIG = "buildbuddy-openai"
-# These CI configurations require remote build execution. The wrapper supplies
-# an RBE configuration, which also includes the common `remote` settings.
-REMOTE_EXECUTION_CONFIGS = {
-    "--config=ci-linux",
-    "--config=ci-macos",
-    "--config=ci-v8",
-    "--config=ci-windows-cross",
-}
-# Only authenticated workflow runs executing trusted upstream code may use the
-# OpenAI BuildBuddy host. A pull request event without proof that its head is
-# in the upstream repository fails closed to the generic host.
-def is_trusted_upstream_run(env: Mapping[str, str]) -> bool:
-    # `GITHUB_REPOSITORY` is easy to set locally. Requiring GitHub's workflow
-    # marker prevents a local command from opting itself into the OpenAI host.
-    if (
-        env.get("GITHUB_ACTIONS") != "true"
-        or env.get("GITHUB_REPOSITORY") != OPENAI_REPOSITORY
-    ):
-        return False
-    # Non-PR workflow runs in `openai/codex` execute upstream refs, so they are
-    # trusted. Fork code reaches these workflows only through pull requests.
-    if env.get("GITHUB_EVENT_NAME") != "pull_request":
-        return True
-
-    event_path = env.get("GITHUB_EVENT_PATH")
-    if not event_path:
-        return False
-    try:
-        event = json.loads(Path(event_path).read_text(encoding="utf-8"))
-    except (OSError, json.JSONDecodeError):
-        return False
-
-    try:
-        return event["pull_request"]["head"]["repo"]["fork"] is False
-    except (KeyError, TypeError):
-        return False
-
-
-def uses_openai_host(env: Mapping[str, str]) -> bool:
-    return bool(env.get("BUILDBUDDY_API_KEY")) and is_trusted_upstream_run(env)
-
-
-def uses_remote_execution(args: Sequence[str]) -> bool:
-    try:
-        separator_idx = args.index("--")
-    except ValueError:
-        separator_idx = len(args)
-    return any(arg in REMOTE_EXECUTION_CONFIGS for arg in args[:separator_idx])
-
-
-def remote_config(args: Sequence[str], env: Mapping[str, str]) -> str | None:
-    if not env.get("BUILDBUDDY_API_KEY"):
-        return None
-
-    config = OPENAI_REMOTE_CONFIG if uses_openai_host(env) else GENERIC_REMOTE_CONFIG
-    if uses_remote_execution(args):
-        config += "-rbe"
-    return config
-
-
-def bazel_args_without_remote_execution(args: Sequence[str]) -> list[str]:
-    # Remote CI configs require BuildBuddy credentials. Removing them preserves
-    # the local fallback used for fork pull requests.
-    try:
-        separator_idx = args.index("--")
-    except ValueError:
-        separator_idx = len(args)
-    return [
-        *(arg for arg in args[:separator_idx] if arg not in REMOTE_EXECUTION_CONFIGS),
-        *args[separator_idx:],
-    ]
-
-
-def bazel_args_with_remote_config(
-    args: Sequence[str], env: Mapping[str, str]
-) -> list[str]:
-    config = remote_config(args, env)
-    if config is None:
-        return bazel_args_without_remote_execution(args)
-
-    # `remote_config()` returns a configuration only when this key is present.
-    api_key = env["BUILDBUDDY_API_KEY"]
-    remote_args = [
-        f"--config={config}",
-        f"--remote_header=x-buildbuddy-api-key={api_key}",
-    ]
-
-    # Insert immediately after the Bazel command. This keeps wrapper-added
-    # options out of positional payloads and lets later CI configs override
-    # shared RBE defaults such as the Windows cross-compilation exec platforms.
-    insertion_idx = next(
-        (idx + 1 for idx, arg in enumerate(args) if not arg.startswith("-")),
-        len(args),
-    )
-    return [*args[:insertion_idx], *remote_args, *args[insertion_idx:]]
-
-
-def bazel_command(*args: str, env: Mapping[str, str] | None = None) -> list[str]:
-    env = os.environ if env is None else env
-    bazel = env.get("CODEX_BAZEL_BIN", "bazel")
-    return [bazel, *bazel_args_with_remote_config(args, env)]
-
-
-def main() -> None:
-    config = remote_config(sys.argv[1:], os.environ)
-    if config is None:
-        print(
-            "BuildBuddy key unavailable; using local Bazel configuration.",
-            file=sys.stderr,
-        )
-    else:
-        host_description = (
-            "OpenAI tenant" if uses_openai_host(os.environ) else "generic"
-        )
-        print(
-            f"Using {host_description} BuildBuddy configuration: {config}.",
-            file=sys.stderr,
-        )
-
-    command = bazel_command(*sys.argv[1:])
-    if os.name == "nt":
-        # Windows CRT exec can split arguments containing spaces and lose the
-        # eventual child exit status. Wait for Bazel and propagate its status.
-        result = subprocess.run(command, check=False)
-        raise SystemExit(result.returncode)
-
-    os.execvp(command[0], command)
-
-
-if __name__ == "__main__":
-    main()
--- a/.github/scripts/rusty_v8_bazel.py
+++ b/.github/scripts/rusty_v8_bazel.py
@@ -9,14 +9,13 @@ import re
 import shutil
 import subprocess
 import sys
+import tempfile
 import tomllib
 from pathlib import Path

-from run_bazel_with_buildbuddy import bazel_command
 from rusty_v8_module_bazel import (
    RustyV8ChecksumError,
    check_module_bazel,
-    rusty_v8_http_file_versions,
    update_module_bazel,
 )

@@ -24,27 +23,34 @@ from rusty_v8_module_bazel import (
 ROOT = Path(__file__).resolve().parents[2]
 MODULE_BAZEL = ROOT / "MODULE.bazel"
 RUSTY_V8_CHECKSUMS_DIR = ROOT / "third_party" / "v8"
-RELEASE_ARTIFACT_PROFILE = "release"
-SANDBOX_ARTIFACT_PROFILE = "ptrcomp_sandbox_release"
-ARTIFACT_BAZEL_CONFIGS = ["rusty-v8-upstream-libcxx"]
+MUSL_RUNTIME_ARCHIVE_LABELS = [
+    "@llvm//runtimes/libcxx:libcxx.static",
+    "@llvm//runtimes/libcxx:libcxxabi.static",
+]
+LLVM_AR_LABEL = "@llvm//tools:llvm-ar"
+LLVM_RANLIB_LABEL = "@llvm//tools:llvm-ranlib"


 def bazel_execroot() -> Path:
-    output = subprocess.check_output(
-        bazel_command("info", "execution_root"),
+    result = subprocess.run(
+        ["bazel", "info", "execution_root"],
        cwd=ROOT,
+        check=True,
+        capture_output=True,
        text=True,
    )
-    return Path(output.strip())
+    return Path(result.stdout.strip())


 def bazel_output_base() -> Path:
-    output = subprocess.check_output(
-        bazel_command("info", "output_base"),
+    result = subprocess.run(
+        ["bazel", "info", "output_base"],
        cwd=ROOT,
+        check=True,
+        capture_output=True,
        text=True,
    )
-    return Path(output.strip())
+    return Path(result.stdout.strip())


 def bazel_output_path(path: str) -> Path:
@@ -57,47 +63,40 @@ def bazel_output_files(
    platform: str,
    labels: list[str],
    compilation_mode: str = "fastbuild",
-    bazel_configs: list[str] | None = None,
 ) -> list[Path]:
    expression = "set(" + " ".join(labels) + ")"
-    bazel_configs = bazel_configs or []
-    output = subprocess.check_output(
-        bazel_command(
+    result = subprocess.run(
+        [
+            "bazel",
            "cquery",
            "-c",
            compilation_mode,
            f"--platforms=@llvm//platforms:{platform}",
-            *[f"--config={config}" for config in bazel_configs],
            "--output=files",
            expression,
-        ),
+        ],
        cwd=ROOT,
+        check=True,
+        capture_output=True,
        text=True,
    )
-    return [
-        bazel_output_path(line.strip()) for line in output.splitlines() if line.strip()
-    ]
+    return [bazel_output_path(line.strip()) for line in result.stdout.splitlines() if line.strip()]


 def bazel_build(
    platform: str,
    labels: list[str],
    compilation_mode: str = "fastbuild",
-    bazel_configs: list[str] | None = None,
-    download_toplevel: bool = False,
 ) -> None:
-    bazel_configs = bazel_configs or []
-    download_args = ["--remote_download_toplevel"] if download_toplevel else []
    subprocess.run(
-        bazel_command(
+        [
+            "bazel",
            "build",
            "-c",
            compilation_mode,
            f"--platforms=@llvm//platforms:{platform}",
-            *[f"--config={config}" for config in bazel_configs],
-            *download_args,
            *labels,
-        ),
+        ],
        cwd=ROOT,
        check=True,
    )
@@ -107,36 +106,22 @@ def ensure_bazel_output_files(
    platform: str,
    labels: list[str],
    compilation_mode: str = "fastbuild",
-    bazel_configs: list[str] | None = None,
 ) -> list[Path]:
-    # Bazel output paths can be reused across config flips, so existence alone
-    # does not prove the files match the requested flags.
-    bazel_build(
-        platform,
-        labels,
-        compilation_mode,
-        bazel_configs,
-        download_toplevel=True,
-    )
-    outputs = bazel_output_files(platform, labels, compilation_mode, bazel_configs)
+    outputs = bazel_output_files(platform, labels, compilation_mode)
+    if all(path.exists() for path in outputs):
+        return outputs
+
+    bazel_build(platform, labels, compilation_mode)
+    outputs = bazel_output_files(platform, labels, compilation_mode)
    missing = [str(path) for path in outputs if not path.exists()]
    if missing:
        raise SystemExit(f"missing built outputs for {labels}: {missing}")
    return outputs


-def artifact_bazel_configs(bazel_configs: list[str] | None = None) -> list[str]:
-    configured = list(ARTIFACT_BAZEL_CONFIGS)
-    for config in bazel_configs or []:
-        if config not in configured:
-            configured.append(config)
-    return configured
-
-
-def release_pair_label(target: str, sandbox: bool = False) -> str:
+def release_pair_label(target: str) -> str:
    target_suffix = target.replace("-", "_")
-    pair_kind = "sandbox_release_pair" if sandbox else "release_pair"
-    return f"//third_party/v8:rusty_v8_{pair_kind}_{target_suffix}"
+    return f"//third_party/v8:rusty_v8_release_pair_{target_suffix}"


 def resolved_v8_crate_version() -> str:
@@ -157,7 +142,7 @@ def resolved_v8_crate_version() -> str:
    matches = sorted(
        set(
            re.findall(
-                r"https://static\.crates\.io/crates/v8/v8-([0-9]+\.[0-9]+\.[0-9]+)\.crate",
+                r'https://static\.crates\.io/crates/v8/v8-([0-9]+\.[0-9]+\.[0-9]+)\.crate',
                module_bazel,
            )
        )
@@ -177,16 +162,6 @@ def rusty_v8_checksum_manifest_path(version: str) -> Path:
 def command_version(version: str | None) -> str:
    if version is not None:
        return version
-
-    manifest_versions = rusty_v8_http_file_versions(MODULE_BAZEL.read_text())
-    if len(manifest_versions) == 1:
-        return manifest_versions[0]
-    if len(manifest_versions) > 1:
-        raise SystemExit(
-            "expected at most one rusty_v8 http_file version in MODULE.bazel, "
-            f"found: {manifest_versions}; pass --version explicitly"
-        )
-
    return resolved_v8_crate_version()


@@ -198,41 +173,93 @@ def command_manifest_path(manifest: Path | None, version: str) -> Path:
    return ROOT / manifest


-def staged_archive_name(target: str, source_path: Path, artifact_profile: str) -> str:
-    if target.endswith("-pc-windows-msvc"):
-        return f"rusty_v8_{artifact_profile}_{target}.lib.gz"
-    return f"librusty_v8_{artifact_profile}_{target}.a.gz"
+def staged_archive_name(target: str, source_path: Path) -> str:
+    if source_path.suffix == ".lib":
+        return f"rusty_v8_release_{target}.lib.gz"
+    return f"librusty_v8_release_{target}.a.gz"


-def staged_binding_name(target: str, artifact_profile: str) -> str:
-    return f"src_binding_{artifact_profile}_{target}.rs"
+def is_musl_archive_target(target: str, source_path: Path) -> bool:
+    return target.endswith("-unknown-linux-musl") and source_path.suffix == ".a"


-def staged_checksums_name(target: str, artifact_profile: str) -> str:
-    return f"rusty_v8_{artifact_profile}_{target}.sha256"
+def single_bazel_output_file(
+    platform: str,
+    label: str,
+    compilation_mode: str = "fastbuild",
+) -> Path:
+    outputs = ensure_bazel_output_files(platform, [label], compilation_mode)
+    if len(outputs) != 1:
+        raise SystemExit(f"expected exactly one output for {label}, found {outputs}")
+    return outputs[0]


-def stage_artifacts(
-    target: str,
+def merged_musl_archive(
+    platform: str,
    lib_path: Path,
-    binding_path: Path,
-    output_dir: Path,
-    sandbox: bool,
-) -> None:
-    missing_paths = [
-        str(path) for path in [lib_path, binding_path] if not path.exists()
+    compilation_mode: str = "fastbuild",
+) -> Path:
+    llvm_ar = single_bazel_output_file(platform, LLVM_AR_LABEL, compilation_mode)
+    llvm_ranlib = single_bazel_output_file(platform, LLVM_RANLIB_LABEL, compilation_mode)
+    runtime_archives = [
+        single_bazel_output_file(platform, label, compilation_mode)
+        for label in MUSL_RUNTIME_ARCHIVE_LABELS
    ]
-    if missing_paths:
-        raise SystemExit(f"missing release outputs for {target}: {missing_paths}")
+
+    temp_dir = Path(tempfile.mkdtemp(prefix="rusty-v8-musl-stage-"))
+    merged_archive = temp_dir / lib_path.name
+    merge_commands = "\n".join(
+        [
+            f"create {merged_archive}",
+            f"addlib {lib_path}",
+            *[f"addlib {archive}" for archive in runtime_archives],
+            "save",
+            "end",
+        ]
+    )
+    subprocess.run(
+        [str(llvm_ar), "-M"],
+        cwd=ROOT,
+        check=True,
+        input=merge_commands,
+        text=True,
+    )
+    subprocess.run([str(llvm_ranlib), str(merged_archive)], cwd=ROOT, check=True)
+    return merged_archive
+
+
+def stage_release_pair(
+    platform: str,
+    target: str,
+    output_dir: Path,
+    compilation_mode: str = "fastbuild",
+) -> None:
+    outputs = ensure_bazel_output_files(
+        platform,
+        [release_pair_label(target)],
+        compilation_mode,
+    )
+
+    try:
+        lib_path = next(path for path in outputs if path.suffix in {".a", ".lib"})
+    except StopIteration as exc:
+        raise SystemExit(f"missing static library output for {target}") from exc
+
+    try:
+        binding_path = next(path for path in outputs if path.suffix == ".rs")
+    except StopIteration as exc:
+        raise SystemExit(f"missing Rust binding output for {target}") from exc

    output_dir.mkdir(parents=True, exist_ok=True)
-    artifact_profile = SANDBOX_ARTIFACT_PROFILE if sandbox else RELEASE_ARTIFACT_PROFILE
-    staged_library = output_dir / staged_archive_name(
-        target, lib_path, artifact_profile
+    staged_library = output_dir / staged_archive_name(target, lib_path)
+    staged_binding = output_dir / f"src_binding_release_{target}.rs"
+    source_archive = (
+        merged_musl_archive(platform, lib_path, compilation_mode)
+        if is_musl_archive_target(target, lib_path)
+        else lib_path
    )
-    staged_binding = output_dir / staged_binding_name(target, artifact_profile)

-    with lib_path.open("rb") as src, staged_library.open("wb") as dst:
+    with source_archive.open("rb") as src, staged_library.open("wb") as dst:
        with gzip.GzipFile(
            filename="",
            mode="wb",
@@ -244,7 +271,7 @@ def stage_artifacts(

    shutil.copyfile(binding_path, staged_binding)

-    staged_checksums = output_dir / staged_checksums_name(target, artifact_profile)
+    staged_checksums = output_dir / f"rusty_v8_release_{target}.sha256"
    with staged_checksums.open("w", encoding="utf-8") as checksums:
        for path in [staged_library, staged_binding]:
            digest = hashlib.sha256()
@@ -258,53 +285,6 @@ def stage_artifacts(
    print(staged_checksums)


-def upstream_release_pair_paths(source_root: Path, target: str) -> tuple[Path, Path]:
-    lib_name = (
-        "rusty_v8.lib" if target.endswith("-pc-windows-msvc") else "librusty_v8.a"
-    )
-    gn_out = source_root / "target" / target / "release" / "gn_out"
-    return gn_out / "obj" / lib_name, gn_out / "src_binding.rs"
-
-
-def stage_upstream_release_pair(
-    source_root: Path,
-    target: str,
-    output_dir: Path,
-    sandbox: bool = False,
-) -> None:
-    lib_path, binding_path = upstream_release_pair_paths(source_root, target)
-    stage_artifacts(target, lib_path, binding_path, output_dir, sandbox)
-
-
-def stage_release_pair(
-    platform: str,
-    target: str,
-    output_dir: Path,
-    compilation_mode: str = "fastbuild",
-    bazel_configs: list[str] | None = None,
-    sandbox: bool = False,
-) -> None:
-    bazel_configs = artifact_bazel_configs(bazel_configs)
-    outputs = ensure_bazel_output_files(
-        platform,
-        [release_pair_label(target, sandbox)],
-        compilation_mode,
-        bazel_configs,
-    )
-
-    try:
-        lib_path = next(path for path in outputs if path.suffix in {".a", ".lib"})
-    except StopIteration as exc:
-        raise SystemExit(f"missing static library output for {target}") from exc
-
-    try:
-        binding_path = next(path for path in outputs if path.suffix == ".rs")
-    except StopIteration as exc:
-        raise SystemExit(f"missing Rust binding output for {target}") from exc
-
-    stage_artifacts(target, lib_path, binding_path, output_dir, sandbox)
-
-
 def parse_args() -> argparse.Namespace:
    parser = argparse.ArgumentParser()
    subparsers = parser.add_subparsers(dest="command", required=True)
@@ -313,29 +293,12 @@ def parse_args() -> argparse.Namespace:
    stage_release_pair_parser.add_argument("--platform", required=True)
    stage_release_pair_parser.add_argument("--target", required=True)
    stage_release_pair_parser.add_argument("--output-dir", required=True)
-    stage_release_pair_parser.add_argument("--sandbox", action="store_true")
-    stage_release_pair_parser.add_argument(
-        "--bazel-config",
-        action="append",
-        default=[],
-        dest="bazel_configs",
-    )
    stage_release_pair_parser.add_argument(
        "--compilation-mode",
        default="fastbuild",
        choices=["fastbuild", "opt", "dbg"],
    )

-    stage_upstream_release_pair_parser = subparsers.add_parser(
-        "stage-upstream-release-pair"
-    )
-    stage_upstream_release_pair_parser.add_argument(
-        "--source-root", type=Path, required=True
-    )
-    stage_upstream_release_pair_parser.add_argument("--target", required=True)
-    stage_upstream_release_pair_parser.add_argument("--output-dir", required=True)
-    stage_upstream_release_pair_parser.add_argument("--sandbox", action="store_true")
-
    subparsers.add_parser("resolved-v8-crate-version")

    check_module_bazel_parser = subparsers.add_parser("check-module-bazel")
@@ -367,16 +330,6 @@ def main() -> int:
            target=args.target,
            output_dir=Path(args.output_dir),
            compilation_mode=args.compilation_mode,
-            bazel_configs=args.bazel_configs,
-            sandbox=args.sandbox,
-        )
-        return 0
-    if args.command == "stage-upstream-release-pair":
-        stage_upstream_release_pair(
-            source_root=args.source_root,
-            target=args.target,
-            output_dir=Path(args.output_dir),
-            sandbox=args.sandbox,
        )
        return 0
    if args.command == "resolved-v8-crate-version":
--- a/.github/scripts/rusty_v8_module_bazel.py
+++ b/.github/scripts/rusty_v8_module_bazel.py
@@ -9,7 +9,6 @@ from pathlib import Path

 SHA256_RE = re.compile(r"[0-9a-f]{64}")
 HTTP_FILE_BLOCK_RE = re.compile(r"(?ms)^http_file\(\n.*?^\)\n?")
-HTTP_FILE_VERSION_RE = re.compile(r"^rusty_v8_([0-9]+)_([0-9]+)_([0-9]+)_")


 class RustyV8ChecksumError(ValueError):
@@ -96,18 +95,6 @@ def rusty_v8_http_files(module_bazel: str, version: str) -> list[RustyV8HttpFile
    return entries


-def rusty_v8_http_file_versions(module_bazel: str) -> list[str]:
-    versions = set()
-    for match in HTTP_FILE_BLOCK_RE.finditer(module_bazel):
-        name = string_field(match.group(0), "name")
-        if not name:
-            continue
-        version_match = HTTP_FILE_VERSION_RE.match(name)
-        if version_match:
-            versions.add(".".join(version_match.groups()))
-    return sorted(versions)
-
-
 def module_entry_set_errors(
    entries: list[RustyV8HttpFile],
    checksums: dict[str, str],
--- a/.github/scripts/setup-dev-drive.ps1
+++ b/.github/scripts/setup-dev-drive.ps1
@@ -1,62 +0,0 @@
-# Configure a fast drive for Windows CI jobs.
-#
-# GitHub-hosted Windows runners do not always expose a secondary D: volume. When
-# they do not, try to create a Dev Drive VHD and fall back to C: if the runner
-# image does not allow that provisioning path.
-
-function Use-FallbackDrive {
-    param([string]$Reason)
-
-    Write-Warning "$Reason Falling back to C:"
-    return "C:"
-}
-
-function Invoke-BestEffort {
-    param([scriptblock]$Script, [string]$Description)
-
-    try {
-        & $Script
-    } catch {
-        Write-Warning "$Description failed: $($_.Exception.Message)"
-    }
-}
-
-if (Test-Path "D:\") {
-    Write-Output "Using existing drive at D:"
-    $Drive = "D:"
-} else {
-    try {
-        $VhdPath = Join-Path $env:RUNNER_TEMP "codex-dev-drive.vhdx"
-        $SizeBytes = 64GB
-
-        if (Test-Path $VhdPath) {
-            Remove-Item -Path $VhdPath -Force
-        }
-
-        New-VHD -Path $VhdPath -SizeBytes $SizeBytes -Dynamic -ErrorAction Stop | Out-Null
-        $Mounted = Mount-VHD -Path $VhdPath -Passthru -ErrorAction Stop
-        $Disk = $Mounted | Get-Disk -ErrorAction Stop
-        $Disk | Initialize-Disk -PartitionStyle GPT -ErrorAction Stop
-        $Partition = $Disk | New-Partition -AssignDriveLetter -UseMaximumSize -ErrorAction Stop
-        $Volume = $Partition | Format-Volume -FileSystem ReFS -NewFileSystemLabel "CodexDevDrive" -DevDrive -Confirm:$false -Force -ErrorAction Stop
-
-        $Drive = "$($Volume.DriveLetter):"
-
-        Invoke-BestEffort { fsutil devdrv trust $Drive } "Trusting Dev Drive $Drive"
-        Invoke-BestEffort { fsutil devdrv enable /disallowAv } "Disabling AV filter attachment for Dev Drives"
-        Invoke-BestEffort { fsutil devdrv query $Drive } "Querying Dev Drive $Drive"
-
-        Write-Output "Using Dev Drive at $Drive"
-    } catch {
-        $Drive = Use-FallbackDrive "Failed to create Dev Drive: $($_.Exception.Message)"
-    }
-}
-
-$Tmp = "$Drive\codex-tmp"
-New-Item -Path $Tmp -ItemType Directory -Force | Out-Null
-
-@(
-    "DEV_DRIVE=$Drive"
-    "TMP=$Tmp"
-    "TEMP=$Tmp"
-) | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
--- a/.github/scripts/test_run_bazel_with_buildbuddy.py
+++ b/.github/scripts/test_run_bazel_with_buildbuddy.py
@@ -1,214 +0,0 @@
-#!/usr/bin/env python3
-
-import json
-import os
-import subprocess
-import sys
-import unittest
-from pathlib import Path
-from tempfile import TemporaryDirectory
-
-import run_bazel_with_buildbuddy
-
-
-class RunBazelWithBuildBuddyTest(unittest.TestCase):
-    def github_env(
-        self,
-        temp_dir: str,
-        *,
-        repository: str = "openai/codex",
-        fork: bool = False,
-        event_name: str = "pull_request",
-    ) -> dict[str, str]:
-        event_path = Path(temp_dir) / "event.json"
-        event_path.write_text(
-            json.dumps({"pull_request": {"head": {"repo": {"fork": fork}}}}),
-            encoding="utf-8",
-        )
-        return {
-            "BUILDBUDDY_API_KEY": "token",
-            "GITHUB_ACTIONS": "true",
-            "GITHUB_EVENT_NAME": event_name,
-            "GITHUB_EVENT_PATH": str(event_path),
-            "GITHUB_REPOSITORY": repository,
-        }
-
-    def test_keyless_invocation_drops_remote_ci_configuration(self) -> None:
-        self.assertIsNone(
-            run_bazel_with_buildbuddy.remote_config(
-                ["build", "--config=ci-linux", "//codex-rs/cli:codex"],
-                {},
-            )
-        )
-        self.assertEqual(
-            run_bazel_with_buildbuddy.bazel_args_with_remote_config(
-                ["build", "--config=ci-linux", "--", "//codex-rs/cli:codex"],
-                {},
-            ),
-            ["build", "--", "//codex-rs/cli:codex"],
-        )
-
-    def test_program_arguments_after_separator_do_not_select_or_lose_rbe(self) -> None:
-        args = ["run", "//codex-rs/cli:codex", "--", "--config=remote"]
-
-        self.assertEqual(
-            run_bazel_with_buildbuddy.bazel_args_with_remote_config(args, {}),
-            args,
-        )
-        self.assertEqual(
-            run_bazel_with_buildbuddy.remote_config(
-                args, {"BUILDBUDDY_API_KEY": "fork-token"}
-            ),
-            "buildbuddy-generic",
-        )
-
-    def test_upstream_push_selects_openai_rbe_before_target_separator(self) -> None:
-        with TemporaryDirectory() as temp_dir:
-            env = self.github_env(temp_dir, event_name="push")
-
-            self.assertEqual(
-                run_bazel_with_buildbuddy.bazel_args_with_remote_config(
-                    ["build", "--config=ci-linux", "--", "//codex-rs/cli:codex"],
-                    env,
-                ),
-                [
-                    "build",
-                    "--config=buildbuddy-openai-rbe",
-                    "--remote_header=x-buildbuddy-api-key=token",
-                    "--config=ci-linux",
-                    "--",
-                    "//codex-rs/cli:codex",
-                ],
-            )
-
-    def test_windows_cross_ci_configuration_follows_remote_configuration(self) -> None:
-        env = {"BUILDBUDDY_API_KEY": "fork-token"}
-
-        self.assertEqual(
-            run_bazel_with_buildbuddy.bazel_args_with_remote_config(
-                ["build", "--config=ci-windows-cross", "//codex-rs/cli:codex"],
-                env,
-            ),
-            [
-                "build",
-                "--config=buildbuddy-generic-rbe",
-                "--remote_header=x-buildbuddy-api-key=fork-token",
-                "--config=ci-windows-cross",
-                "//codex-rs/cli:codex",
-            ],
-        )
-
-    def test_query_remote_configuration_is_inserted_before_expression(self) -> None:
-        expression = 'kind("rust_library rule", //codex-rs/...)'
-        env = {"BUILDBUDDY_API_KEY": "fork-token"}
-
-        for command in ("query", "cquery", "aquery"):
-            with self.subTest(command=command):
-                self.assertEqual(
-                    run_bazel_with_buildbuddy.bazel_args_with_remote_config(
-                        [
-                            command,
-                            "--config=ci-windows-cross",
-                            "--output=label",
-                            expression,
-                        ],
-                        env,
-                    ),
-                    [
-                        command,
-                        "--config=buildbuddy-generic-rbe",
-                        "--remote_header=x-buildbuddy-api-key=fork-token",
-                        "--config=ci-windows-cross",
-                        "--output=label",
-                        expression,
-                    ],
-                )
-
-    def test_same_repository_pull_request_selects_openai_host(self) -> None:
-        with TemporaryDirectory() as temp_dir:
-            self.assertEqual(
-                run_bazel_with_buildbuddy.remote_config(
-                    ["build", "--config=ci-v8"], self.github_env(temp_dir)
-                ),
-                "buildbuddy-openai-rbe",
-            )
-
-    def test_fork_pull_request_cannot_select_openai_host(self) -> None:
-        with TemporaryDirectory() as temp_dir:
-            env = self.github_env(temp_dir, fork=True)
-
-            self.assertEqual(
-                run_bazel_with_buildbuddy.remote_config(
-                    ["build", "--config=ci-v8"], env
-                ),
-                "buildbuddy-generic-rbe",
-            )
-
-    def test_run_in_fork_repository_cannot_select_openai_host(self) -> None:
-        with TemporaryDirectory() as temp_dir:
-            env = self.github_env(temp_dir, repository="contributor/codex")
-
-            self.assertEqual(
-                run_bazel_with_buildbuddy.remote_config(
-                    ["build", "--config=ci-v8"], env
-                ),
-                "buildbuddy-generic-rbe",
-            )
-
-    def test_pull_request_without_readable_event_payload_fails_closed(self) -> None:
-        for event_path in (None, "missing-event.json"):
-            env = {
-                "BUILDBUDDY_API_KEY": "token",
-                "GITHUB_ACTIONS": "true",
-                "GITHUB_EVENT_NAME": "pull_request",
-                "GITHUB_REPOSITORY": "openai/codex",
-            }
-            if event_path is not None:
-                env["GITHUB_EVENT_PATH"] = event_path
-
-            with self.subTest(event_path=event_path):
-                self.assertEqual(
-                    run_bazel_with_buildbuddy.remote_config(["build"], env),
-                    "buildbuddy-generic",
-                )
-
-    def test_bazel_command_uses_configured_binary_locally(self) -> None:
-        self.assertEqual(
-            run_bazel_with_buildbuddy.bazel_command(
-                "info",
-                "execution_root",
-                env={"CODEX_BAZEL_BIN": "fake-bazel"},
-            ),
-            ["fake-bazel", "info", "execution_root"],
-        )
-
-    def test_main_preserves_spaced_argument_and_child_exit_status(self) -> None:
-        spaced_arg = (
-            r"--test_env=PATH=C:\Program Files\PowerShell\7;C:\Program Files\Git\bin"
-        )
-        child_code = (
-            f"import sys; sys.exit(37 if sys.argv[1] == {spaced_arg!r} else 91)"
-        )
-        env = os.environ.copy()
-        env["CODEX_BAZEL_BIN"] = sys.executable
-        env.pop("BUILDBUDDY_API_KEY", None)
-
-        result = subprocess.run(
-            [
-                sys.executable,
-                str(Path(run_bazel_with_buildbuddy.__file__)),
-                "-c",
-                child_code,
-                spaced_arg,
-            ],
-            env=env,
-            check=False,
-            capture_output=True,
-            text=True,
-        )
-
-        self.assertEqual(result.returncode, 37, result.stderr)
-
-
-if __name__ == "__main__":
-    unittest.main()
--- a/.github/scripts/test_rusty_v8_bazel.py
+++ b/.github/scripts/test_rusty_v8_bazel.py
@@ -4,291 +4,11 @@ from __future__ import annotations

 import textwrap
 import unittest
-from os import environ
-from pathlib import Path
-from tempfile import TemporaryDirectory
-from unittest.mock import patch

-import rusty_v8_bazel
 import rusty_v8_module_bazel


 class RustyV8BazelTest(unittest.TestCase):
-    def test_consumer_selectors_track_resolved_crate_version(self) -> None:
-        build_bazel = (
-            rusty_v8_bazel.ROOT / "third_party" / "v8" / "BUILD.bazel"
-        ).read_text()
-        version_suffix = rusty_v8_bazel.resolved_v8_crate_version().replace(".", "_")
-
-        for selector in [
-            "aarch64_apple_darwin_bazel",
-            "aarch64_pc_windows_gnullvm",
-            "aarch64_pc_windows_msvc",
-            "aarch64_unknown_linux_gnu_bazel",
-            "aarch64_unknown_linux_musl_release_base",
-            "x86_64_apple_darwin_bazel",
-            "x86_64_pc_windows_gnullvm",
-            "x86_64_pc_windows_msvc",
-            "x86_64_unknown_linux_gnu_bazel",
-            "x86_64_unknown_linux_musl_release",
-        ]:
-            self.assertIn(
-                f":v8_{version_suffix}_{selector}",
-                build_bazel,
-            )
-
-        for selector in [
-            "aarch64_apple_darwin",
-            "aarch64_pc_windows_gnullvm",
-            "aarch64_pc_windows_msvc",
-            "aarch64_unknown_linux_gnu",
-            "aarch64_unknown_linux_musl",
-            "x86_64_apple_darwin",
-            "x86_64_pc_windows_gnullvm",
-            "x86_64_pc_windows_msvc",
-            "x86_64_unknown_linux_gnu",
-            "x86_64_unknown_linux_musl",
-        ]:
-            self.assertIn(
-                f":src_binding_release_{selector}_{version_suffix}_release",
-                build_bazel,
-            )
-
-    def test_command_version_tracks_remaining_http_file_assets(self) -> None:
-        with TemporaryDirectory() as temp_dir:
-            module_bazel = Path(temp_dir) / "MODULE.bazel"
-            module_bazel.write_text(
-                textwrap.dedent(
-                    """\
-                    http_file(
-                        name = "rusty_v8_146_4_0_x86_64_unknown_linux_gnu_archive",
-                        downloaded_file_path = "librusty_v8_release_x86_64-unknown-linux-gnu.a.gz",
-                        urls = ["https://example.test/archive.gz"],
-                    )
-                    """
-                )
-            )
-
-            with patch.object(rusty_v8_bazel, "MODULE_BAZEL", module_bazel):
-                self.assertEqual("146.4.0", rusty_v8_bazel.command_version(None))
-
-    def test_artifact_bazel_configs_always_enable_upstream_libcxx(self) -> None:
-        self.assertEqual(
-            ["rusty-v8-upstream-libcxx"],
-            rusty_v8_bazel.artifact_bazel_configs(),
-        )
-        self.assertEqual(
-            ["rusty-v8-upstream-libcxx", "v8-release-compat"],
-            rusty_v8_bazel.artifact_bazel_configs(["v8-release-compat"]),
-        )
-        self.assertEqual(
-            ["rusty-v8-upstream-libcxx", "v8-release-compat"],
-            rusty_v8_bazel.artifact_bazel_configs(
-                ["rusty-v8-upstream-libcxx", "v8-release-compat"]
-            ),
-        )
-
-    def test_bazel_commands_use_shared_buildbuddy_remote_config_library(self) -> None:
-        with patch.dict(environ, {}, clear=True):
-            self.assertEqual(
-                [
-                    "bazel",
-                    "build",
-                    "//third_party/v8:release",
-                ],
-                rusty_v8_bazel.bazel_command(
-                    "build",
-                    "--config=ci-v8",
-                    "//third_party/v8:release",
-                ),
-            )
-        with patch.dict(environ, {"BUILDBUDDY_API_KEY": "token"}, clear=True):
-            self.assertEqual(
-                [
-                    "bazel",
-                    "build",
-                    "--config=buildbuddy-generic-rbe",
-                    "--remote_header=x-buildbuddy-api-key=token",
-                    "--config=ci-v8",
-                    "//third_party/v8:release",
-                ],
-                rusty_v8_bazel.bazel_command(
-                    "build",
-                    "--config=ci-v8",
-                    "//third_party/v8:release",
-                ),
-            )
-
-    def test_release_pair_labels_and_staged_names_distinguish_sandbox_artifacts(
-        self,
-    ) -> None:
-        self.assertEqual(
-            "//third_party/v8:rusty_v8_release_pair_x86_64_unknown_linux_musl",
-            rusty_v8_bazel.release_pair_label("x86_64-unknown-linux-musl"),
-        )
-        self.assertEqual(
-            "//third_party/v8:rusty_v8_sandbox_release_pair_x86_64_unknown_linux_musl",
-            rusty_v8_bazel.release_pair_label(
-                "x86_64-unknown-linux-musl", sandbox=True
-            ),
-        )
-        self.assertEqual(
-            "//third_party/v8:rusty_v8_sandbox_release_pair_x86_64_apple_darwin",
-            rusty_v8_bazel.release_pair_label("x86_64-apple-darwin", sandbox=True),
-        )
-        self.assertEqual(
-            "librusty_v8_release_x86_64-unknown-linux-musl.a.gz",
-            rusty_v8_bazel.staged_archive_name(
-                "x86_64-unknown-linux-musl",
-                Path("libv8.a"),
-                rusty_v8_bazel.RELEASE_ARTIFACT_PROFILE,
-            ),
-        )
-        self.assertEqual(
-            "rusty_v8_ptrcomp_sandbox_release_x86_64-pc-windows-msvc.lib.gz",
-            rusty_v8_bazel.staged_archive_name(
-                "x86_64-pc-windows-msvc",
-                Path("v8.a"),
-                rusty_v8_bazel.SANDBOX_ARTIFACT_PROFILE,
-            ),
-        )
-        self.assertEqual(
-            "src_binding_ptrcomp_sandbox_release_x86_64-unknown-linux-musl.rs",
-            rusty_v8_bazel.staged_binding_name(
-                "x86_64-unknown-linux-musl",
-                rusty_v8_bazel.SANDBOX_ARTIFACT_PROFILE,
-            ),
-        )
-        self.assertEqual(
-            "rusty_v8_ptrcomp_sandbox_release_x86_64-unknown-linux-musl.sha256",
-            rusty_v8_bazel.staged_checksums_name(
-                "x86_64-unknown-linux-musl",
-                rusty_v8_bazel.SANDBOX_ARTIFACT_PROFILE,
-            ),
-        )
-
-    def test_stage_artifacts(self) -> None:
-        with TemporaryDirectory() as source_dir, TemporaryDirectory() as output_dir:
-            source_root = Path(source_dir)
-            archive = source_root / "librusty_v8.a"
-            binding = source_root / "src_binding.rs"
-            archive.write_bytes(b"archive")
-            binding.write_text("binding")
-
-            rusty_v8_bazel.stage_artifacts(
-                "aarch64-apple-darwin",
-                archive,
-                binding,
-                Path(output_dir),
-                sandbox=True,
-            )
-
-            self.assertEqual(
-                {
-                    "librusty_v8_ptrcomp_sandbox_release_aarch64-apple-darwin.a.gz",
-                    "src_binding_ptrcomp_sandbox_release_aarch64-apple-darwin.rs",
-                    "rusty_v8_ptrcomp_sandbox_release_aarch64-apple-darwin.sha256",
-                },
-                {path.name for path in Path(output_dir).iterdir()},
-            )
-
-    def test_upstream_release_pair_paths(self) -> None:
-        self.assertEqual(
-            (
-                Path(
-                    "/tmp/rusty_v8/target/x86_64-apple-darwin/release/gn_out/obj/"
-                    "librusty_v8.a"
-                ),
-                Path(
-                    "/tmp/rusty_v8/target/x86_64-apple-darwin/release/gn_out/"
-                    "src_binding.rs"
-                ),
-            ),
-            rusty_v8_bazel.upstream_release_pair_paths(
-                Path("/tmp/rusty_v8"),
-                "x86_64-apple-darwin",
-            ),
-        )
-        self.assertEqual(
-            (
-                Path(
-                    "/tmp/rusty_v8/target/x86_64-pc-windows-msvc/release/gn_out/"
-                    "obj/rusty_v8.lib"
-                ),
-                Path(
-                    "/tmp/rusty_v8/target/x86_64-pc-windows-msvc/release/gn_out/"
-                    "src_binding.rs"
-                ),
-            ),
-            rusty_v8_bazel.upstream_release_pair_paths(
-                Path("/tmp/rusty_v8"),
-                "x86_64-pc-windows-msvc",
-            ),
-        )
-
-    def test_stage_upstream_release_pair(self) -> None:
-        with TemporaryDirectory() as source_dir, TemporaryDirectory() as output_dir:
-            source_root = Path(source_dir)
-            gn_out = (
-                source_root / "target" / "x86_64-pc-windows-msvc" / "release" / "gn_out"
-            )
-            (gn_out / "obj").mkdir(parents=True)
-            (gn_out / "obj" / "rusty_v8.lib").write_bytes(b"archive")
-            (gn_out / "src_binding.rs").write_text("binding")
-
-            rusty_v8_bazel.stage_upstream_release_pair(
-                source_root,
-                "x86_64-pc-windows-msvc",
-                Path(output_dir),
-                sandbox=True,
-            )
-
-            self.assertEqual(
-                {
-                    "rusty_v8_ptrcomp_sandbox_release_x86_64-pc-windows-msvc.lib.gz",
-                    "src_binding_ptrcomp_sandbox_release_x86_64-pc-windows-msvc.rs",
-                    "rusty_v8_ptrcomp_sandbox_release_x86_64-pc-windows-msvc.sha256",
-                },
-                {path.name for path in Path(output_dir).iterdir()},
-            )
-
-    def test_ensure_bazel_output_files_rebuilds_existing_outputs(self) -> None:
-        with TemporaryDirectory() as output_dir:
-            output = Path(output_dir) / "libv8.a"
-            output.write_bytes(b"archive")
-
-            with (
-                patch.object(rusty_v8_bazel, "bazel_build") as bazel_build,
-                patch.object(
-                    rusty_v8_bazel,
-                    "bazel_output_files",
-                    return_value=[output],
-                ) as bazel_output_files,
-            ):
-                self.assertEqual(
-                    [output],
-                    rusty_v8_bazel.ensure_bazel_output_files(
-                        "macos_arm64",
-                        ["//third_party/v8:pair"],
-                        "opt",
-                        ["rusty-v8-upstream-libcxx"],
-                    ),
-                )
-
-            bazel_build.assert_called_once_with(
-                "macos_arm64",
-                ["//third_party/v8:pair"],
-                "opt",
-                ["rusty-v8-upstream-libcxx"],
-                download_toplevel=True,
-            )
-            bazel_output_files.assert_called_once_with(
-                "macos_arm64",
-                ["//third_party/v8:pair"],
-                "opt",
-                ["rusty-v8-upstream-libcxx"],
-            )
-
    def test_update_module_bazel_replaces_and_inserts_sha256(self) -> None:
        module_bazel = textwrap.dedent(
            """\
@@ -401,34 +121,6 @@ class RustyV8BazelTest(unittest.TestCase):
                "146.4.0",
            )

-    def test_rusty_v8_http_file_versions(self) -> None:
-        module_bazel = textwrap.dedent(
-            """\
-            http_file(
-                name = "rusty_v8_146_4_0_x86_64_unknown_linux_gnu_archive",
-                downloaded_file_path = "archive.gz",
-                urls = ["https://example.test/archive.gz"],
-            )
-
-            http_file(
-                name = "rusty_v8_147_4_0_x86_64_unknown_linux_gnu_archive",
-                downloaded_file_path = "new-archive.gz",
-                urls = ["https://example.test/new-archive.gz"],
-            )
-
-            http_file(
-                name = "unrelated_archive",
-                downloaded_file_path = "other.gz",
-                urls = ["https://example.test/other.gz"],
-            )
-            """
-        )
-
-        self.assertEqual(
-            ["146.4.0", "147.4.0"],
-            rusty_v8_module_bazel.rusty_v8_http_file_versions(module_bazel),
-        )
-

 if __name__ == "__main__":
    unittest.main()
--- a/.github/scripts/verify_cargo_workspace_manifests.py
+++ b/.github/scripts/verify_cargo_workspace_manifests.py
@@ -25,10 +25,7 @@ TOP_LEVEL_NAME_EXCEPTIONS = {
 UTILITY_NAME_EXCEPTIONS = {
    "path-utils": "codex-utils-path",
 }
-MANIFEST_FEATURE_EXCEPTIONS = {
-    "codex-rs/code-mode/Cargo.toml": {"sandbox": ("v8/v8_enable_sandbox",)},
-    "codex-rs/v8-poc/Cargo.toml": {"sandbox": ("v8/v8_enable_sandbox",)},
-}
+MANIFEST_FEATURE_EXCEPTIONS = {}
 OPTIONAL_DEPENDENCY_EXCEPTIONS = set()
 INTERNAL_DEPENDENCY_FEATURE_EXCEPTIONS = {}

--- a/.github/workflows/README.md
+++ b/.github/workflows/README.md
@@ -21,8 +21,7 @@ The workflows in this directory are split so that pull requests get fast, review
 - `rust-ci-full.yml` is the full Cargo-native verification workflow.
  It keeps the heavier checks off the PR path while still validating them after merge:
  - the full Cargo `clippy` matrix
-  - the full Cargo `nextest` matrix via per-platform archive-backed shards
-  - Windows ARM64 nextest archives cross-compiled on Windows x64, then replayed on native Windows ARM64 shards
+  - the full Cargo `nextest` matrix
  - release-profile Cargo builds
  - cross-platform `argument-comment-lint`
  - Linux remote-env tests
--- a/.github/workflows/bazel.yml
+++ b/.github/workflows/bazel.yml
@@ -15,13 +15,12 @@ concurrency:
  # See https://docs.github.com/en/actions/using-jobs/using-concurrency and https://docs.github.com/en/actions/learn-github-actions/contexts for more info.
  group: concurrency-group::${{ github.workflow }}::${{ github.event.pull_request.number > 0 && format('pr-{0}', github.event.pull_request.number) || github.ref_name }}${{ github.ref_name == 'main' && format('::{0}', github.run_id) || ''}}
  cancel-in-progress: ${{ github.ref_name != 'main' }}
-
 jobs:
  test:
-    # PRs use the sharded Windows cross-compiled test jobs below. Post-merge
-    # pushes to main also run the native Windows test job for broader Windows
-    # signal without putting PR latency back on the critical path. Cargo CI
-    # owns V8/code-mode test coverage for now.
+    # PRs use a fast Windows cross-compiled test leg for pre-merge signal.
+    # Post-merge pushes to main also run the native Windows test job below,
+    # which keeps V8/code-mode coverage without putting PR latency back on the
+    # critical path.
    timeout-minutes: 30
    strategy:
      fail-fast: false
@@ -45,28 +44,26 @@ jobs:
          # - os: ubuntu-24.04-arm
          #   target: aarch64-unknown-linux-gnu

+          # Windows fast path: build the windows-gnullvm binaries with Linux
+          # RBE, then run the resulting Windows tests on the Windows runner.
+          # The main-only native Windows job below preserves full V8/code-mode
+          # coverage post-merge.
+          - os: windows-latest
+            target: x86_64-pc-windows-gnullvm
    runs-on: ${{ matrix.os }}

    # Configure a human readable name for each job
    name: Bazel test on ${{ matrix.os }} for ${{ matrix.target }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
-
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
-        if: matrix.os == 'ubuntu-24.04' && matrix.target == 'x86_64-unknown-linux-gnu'
-        with:
-          tool: just
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Check rusty_v8 MODULE.bazel checksums
        if: matrix.os == 'ubuntu-24.04' && matrix.target == 'x86_64-unknown-linux-gnu'
        shell: bash
        run: |
          python3 .github/scripts/rusty_v8_bazel.py check-module-bazel
-          just test-github-scripts
+          python3 -m unittest discover -s .github/scripts -p test_rusty_v8_bazel.py

      - name: Prepare Bazel CI
        id: prepare_bazel
@@ -91,11 +88,6 @@ jobs:
            # path. V8 consumers under `//codex-rs/...` still participate
            # transitively through `//...`.
            -//third_party/v8:all
-            # V8-backed code-mode tests are covered by Cargo CI. Bazel CI
-            # cross-compiles in several legs, and those tests are not stable in
-            # that setup yet.
-            -//codex-rs/code-mode:code-mode-unit-tests
-            -//codex-rs/v8-poc:v8-poc-unit-tests
          )

          bazel_wrapper_args=(
@@ -108,6 +100,22 @@ jobs:
            --test_verbose_timeout_warnings
            --build_metadata=COMMIT_SHA=${GITHUB_SHA}
          )
+          if [[ "${RUNNER_OS}" == "Windows" ]]; then
+            bazel_wrapper_args+=(
+              --windows-cross-compile
+              --remote-download-toplevel
+            )
+            # Tradeoff: the Linux-RBE-built windows-gnullvm V8 archive
+            # currently crashes during direct V8/code-mode smoke tests on the
+            # Windows runner. Keep the broader fast Windows suite in PR CI and
+            # rely on the main-only native Windows job below for full
+            # V8/code-mode signal while we investigate the cross-built archive.
+            bazel_targets+=(
+              -//codex-rs/code-mode:code-mode-unit-tests
+              -//codex-rs/v8-poc:v8-poc-unit-tests
+            )
+          fi
+
          ./.github/scripts/run-bazel-ci.sh \
            "${bazel_wrapper_args[@]}" \
            -- \
@@ -118,7 +126,7 @@ jobs:
      - name: Upload Bazel execution logs
        if: always() && !cancelled()
        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: bazel-execution-logs-test-${{ matrix.target }}
          path: ${{ runner.temp }}/bazel-execution-logs
@@ -129,146 +137,23 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
          key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}

-  test-windows-shard:
-    # Split the Windows Bazel test leg across separate Windows
-    # hosts. Each shard still uses Linux RBE for build actions, but the test
-    # execution itself happens on its own Windows runner.
-    timeout-minutes: 30
-    strategy:
-      fail-fast: false
-      matrix:
-        shard:
-          - 1
-          - 2
-          - 3
-          - 4
-    runs-on:
-      group: codex-runners
-      labels: codex-windows-x64
-    name: Bazel test on windows-latest for x86_64-pc-windows-gnullvm shard ${{ matrix.shard }}/4
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
-
-      - name: Test BuildBuddy Bazel wrapper
-        if: matrix.shard == 1
-        shell: pwsh
-        run: python .github/scripts/test_run_bazel_with_buildbuddy.py
-
-      - name: Prepare Bazel CI
-        id: prepare_bazel
-        uses: ./.github/actions/prepare-bazel-ci
-        with:
-          target: x86_64-pc-windows-gnullvm
-          # Reuse the former monolithic Windows test cache for restores. Do
-          # not save it from every shard below; duplicate uploads would sit on
-          # the PR-blocking critical path after the useful test work is done.
-          cache-scope: bazel-test
-          install-test-prereqs: "true"
-
-      - name: bazel test shard
-        env:
-          BAZEL_TEST_SHARD: ${{ matrix.shard }}
-          BAZEL_TEST_SHARD_COUNT: 4
-          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          bazel_test_query='tests(//...) except tests(//third_party/v8:all) except //codex-rs/code-mode:code-mode-unit-tests except //codex-rs/v8-poc:v8-poc-unit-tests except attr(tags, "manual", tests(//...))'
-          mapfile -t bazel_targets < <(
-            MSYS2_ARG_CONV_EXCL='*' bazel query --output=label "${bazel_test_query}" \
-              | LC_ALL=C sort
-          )
-
-          selected_targets=()
-          for bazel_target in "${bazel_targets[@]}"; do
-            target_bucket="$(
-              printf '%s\n' "${bazel_target}" \
-                | cksum \
-                | awk -v shard_count="${BAZEL_TEST_SHARD_COUNT}" '{ print ($1 % shard_count) + 1 }'
-            )"
-            if [[ "${target_bucket}" == "${BAZEL_TEST_SHARD}" ]]; then
-              selected_targets+=("${bazel_target}")
-            fi
-          done
-
-          if [[ ${#selected_targets[@]} -eq 0 ]]; then
-            echo "No Bazel test targets selected for Windows shard ${BAZEL_TEST_SHARD}/${BAZEL_TEST_SHARD_COUNT}." >&2
-            exit 1
-          fi
-
-          echo "Selected ${#selected_targets[@]} of ${#bazel_targets[@]} Bazel test targets for Windows shard ${BAZEL_TEST_SHARD}/${BAZEL_TEST_SHARD_COUNT}."
-
-          bazel_test_args=(
-            test
-            --skip_incompatible_explicit_targets
-            --test_tag_filters=-argument-comment-lint
-            --test_verbose_timeout_warnings
-            --build_metadata=COMMIT_SHA=${GITHUB_SHA}
-            --build_metadata=TAG_windows_test_shard=${BAZEL_TEST_SHARD}
-          )
-
-          ./.github/scripts/run-bazel-ci.sh \
-            --print-failed-action-summary \
-            --print-failed-test-logs \
-            --windows-cross-compile \
-            --remote-download-toplevel \
-            -- \
-            "${bazel_test_args[@]}" \
-            -- \
-            "${selected_targets[@]}"
-
-      - name: Upload Bazel execution logs
-        if: always() && !cancelled()
-        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: bazel-execution-logs-test-x86_64-pc-windows-gnullvm-shard-${{ matrix.shard }}
-          path: ${{ runner.temp }}/bazel-execution-logs
-          if-no-files-found: ignore
-
-  test-windows:
-    # Preserve the existing required-check surface while the real work happens
-    # in the sharded Windows jobs above.
-    if: always()
-    needs: test-windows-shard
-    runs-on: ubuntu-24.04
-    name: Bazel test on windows-latest for x86_64-pc-windows-gnullvm
-
-    steps:
-      - name: Confirm Windows Bazel test shards passed
-        shell: bash
-        run: |
-          if [[ "${{ needs.test-windows-shard.result }}" != "success" ]]; then
-            echo "Windows Bazel test shards finished with result: ${{ needs.test-windows-shard.result }}" >&2
-            exit 1
-          fi
-
  test-windows-native-main:
    # Native Windows Bazel tests are slower and frequently approach the
-    # 30-minute PR budget. Run this only for post-merge commits to main and give
-    # it a larger timeout.
+    # 30-minute PR budget, but they provide the full V8/code-mode signal that
+    # the fast cross-compiled PR leg intentionally trades away. Run this only
+    # for post-merge commits to main and give it a larger timeout.
    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
    timeout-minutes: 40
-    runs-on:
-      group: codex-runners
-      labels: codex-windows-x64
+    runs-on: windows-latest
    name: Bazel test on windows-latest for x86_64-pc-windows-gnullvm (native main)

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Prepare Bazel CI
        id: prepare_bazel
@@ -289,11 +174,6 @@ jobs:
            # path. V8 consumers under `//codex-rs/...` still participate
            # transitively through `//...`.
            -//third_party/v8:all
-            # Keep this aligned with the main Bazel job. The native Windows
-            # job preserves broad post-merge coverage, but code-mode/V8 tests
-            # are covered by Cargo CI rather than Bazel for now.
-            -//codex-rs/code-mode:code-mode-unit-tests
-            -//codex-rs/v8-poc:v8-poc-unit-tests
          )

          bazel_test_args=(
@@ -315,7 +195,7 @@ jobs:
      - name: Upload Bazel execution logs
        if: always() && !cancelled()
        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: bazel-execution-logs-test-windows-native-x86_64-pc-windows-gnullvm
          path: ${{ runner.temp }}/bazel-execution-logs
@@ -326,7 +206,7 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
          key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
@@ -347,17 +227,11 @@ jobs:
            target: aarch64-apple-darwin
          - os: windows-latest
            target: x86_64-pc-windows-gnullvm
-            runs_on:
-              group: codex-runners
-              labels: codex-windows-x64
-    runs-on: ${{ matrix.runs_on || matrix.os }}
+    runs-on: ${{ matrix.os }}
    name: Bazel clippy on ${{ matrix.os }} for ${{ matrix.target }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Prepare Bazel CI
        id: prepare_bazel
@@ -412,7 +286,7 @@ jobs:
      - name: Upload Bazel execution logs
        if: always() && !cancelled()
        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: bazel-execution-logs-clippy-${{ matrix.target }}
          path: ${{ runner.temp }}/bazel-execution-logs
@@ -423,7 +297,7 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
          key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
@@ -440,17 +314,11 @@ jobs:
            target: aarch64-apple-darwin
          - os: windows-latest
            target: x86_64-pc-windows-gnullvm
-            runs_on:
-              group: codex-runners
-              labels: codex-windows-x64
-    runs-on: ${{ matrix.runs_on || matrix.os }}
+    runs-on: ${{ matrix.os }}
    name: Verify release build on ${{ matrix.os }} for ${{ matrix.target }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Prepare Bazel CI
        id: prepare_bazel
@@ -503,26 +371,10 @@ jobs:
            -- \
            "${bazel_targets[@]}"

-      - name: Verify Bazel builds bwrap
-        if: runner.os == 'Linux'
-        env:
-          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
-        shell: bash
-        run: |
-          ./.github/scripts/run-bazel-ci.sh \
-            --remote-download-toplevel \
-            --print-failed-action-summary \
-            -- \
-            build \
-            --build_metadata=COMMIT_SHA=${GITHUB_SHA} \
-            --build_metadata=TAG_job=verify-bwrap \
-            -- \
-            //codex-rs/bwrap:bwrap
-
      - name: Upload Bazel execution logs
        if: always() && !cancelled()
        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: bazel-execution-logs-verify-release-build-${{ matrix.target }}
          path: ${{ runner.temp }}/bazel-execution-logs
@@ -533,7 +385,7 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
          key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
--- a/.github/workflows/blob-size-policy.yml
+++ b/.github/workflows/blob-size-policy.yml
@@ -8,19 +8,17 @@ jobs:
    name: Blob size policy
    runs-on: ubuntu-24.04
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
          fetch-depth: 0
-          persist-credentials: false

      - name: Determine PR comparison range
        id: range
        shell: bash
        run: |
          set -euo pipefail
-          echo "base=${{ github.event.pull_request.base.sha }}" >> "$GITHUB_OUTPUT"
-          echo "head=${{ github.event.pull_request.head.sha }}" >> "$GITHUB_OUTPUT"
+          echo "base=$(git rev-parse HEAD^1)" >> "$GITHUB_OUTPUT"
+          echo "head=$(git rev-parse HEAD^2)" >> "$GITHUB_OUTPUT"

      - name: Check changed blob sizes
        env:
--- a/.github/workflows/cargo-deny.yml
+++ b/.github/workflows/cargo-deny.yml
@@ -6,11 +6,6 @@ on:
    branches:
      - main

-# Cargo's libgit2 transport has been flaky when fetching git dependencies with
-# nested submodules. Prefer the system git CLI across every Cargo invocation.
-env:
-  CARGO_NET_GIT_FETCH_WITH_CLI: "true"
-
 jobs:
  cargo-deny:
    runs-on: ubuntu-latest
@@ -19,16 +14,13 @@ jobs:
        working-directory: ./codex-rs
    steps:
      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Install Rust toolchain
-        uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
+        uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0

      - name: Run cargo-deny
        uses: EmbarkStudios/cargo-deny-action@82eb9f621fbc699dd0918f3ea06864c14cc84246 # v2
        with:
-          rust-version: 1.95.0
+          rust-version: 1.93.0
          manifest-path: ./codex-rs/Cargo.toml
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -12,10 +12,7 @@ jobs:
      NODE_OPTIONS: --max-old-space-size=4096
    steps:
      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Verify codex-rs Cargo manifests inherit workspace settings
        run: python3 .github/scripts/verify_cargo_workspace_manifests.py
@@ -26,22 +23,22 @@ jobs:
      - name: Verify Bazel clippy flags match Cargo workspace lints
        run: python3 .github/scripts/verify_bazel_clippy_lints.py

-      - name: Test Codex package builder
-        run: python3 -m unittest discover -s scripts/codex_package -p 'test_*.py'
-
      - name: Setup pnpm
        uses: pnpm/action-setup@a8198c4bff370c8506180b035930dea56dbd5288 # v5
        with:
          run_install: false

      - name: Setup Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
        with:
          node-version: 22

      - name: Install dependencies
        run: pnpm install --frozen-lockfile

+      # stage_npm_packages.py requires DotSlash when staging releases.
+      - uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2
+
      - name: Stage npm package
        id: stage_npm_package
        env:
@@ -52,8 +49,8 @@ jobs:
          # cross-platform native payload required by the npm package layout.
          # Passing the workflow URL directly avoids relying on old rust-v*
          # branches remaining discoverable via `gh run list --branch ...`.
-          CODEX_VERSION=0.133.0-alpha.4
-          WORKFLOW_URL="https://github.com/openai/codex/actions/runs/26201494185"
+          CODEX_VERSION=0.125.0
+          WORKFLOW_URL="https://github.com/openai/codex/actions/runs/24901475298"
          OUTPUT_DIR="${RUNNER_TEMP}"
          python3 ./scripts/stage_npm_packages.py \
            --release-version "$CODEX_VERSION" \
@@ -64,7 +61,7 @@ jobs:
          echo "pack_output=$PACK_OUTPUT" >> "$GITHUB_OUTPUT"

      - name: Upload staged npm package artifact
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: codex-npm-staging
          path: ${{ steps.stage_npm_package.outputs.pack_output }}
@@ -74,15 +71,5 @@ jobs:
      - name: Check root README ToC
        run: python3 scripts/readme_toc.py README.md

-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
-        with:
-          tool: just@1.51.0
-      - name: Install uv
-        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
-        with:
-          version: "0.11.3"
-      - name: Check formatting (run `just fmt` to fix)
-        run: just fmt-check
-
      - name: Prettier (run `pnpm run format:fix` to fix)
        run: pnpm run format
--- a/.github/workflows/close-stale-contributor-prs.yml
+++ b/.github/workflows/close-stale-contributor-prs.yml
@@ -17,7 +17,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Close inactive PRs from contributors
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
--- a/.github/workflows/codespell.yml
+++ b/.github/workflows/codespell.yml
@@ -18,12 +18,9 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - name: Annotate locations with typos
-        uses: codespell-project/codespell-problem-matcher@b80729f885d32f78a716c2f107b4db1025001c42 # v1.1.0
+        uses: codespell-project/codespell-problem-matcher@b80729f885d32f78a716c2f107b4db1025001c42 # v1
      - name: Codespell
        uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # v2.2
        with:
--- a/.github/workflows/issue-deduplicator.yml
+++ b/.github/workflows/issue-deduplicator.yml
@@ -12,12 +12,15 @@ jobs:
    # Prevent runs on forks (requires OpenAI API key, wastes Actions minutes)
    if: github.repository == 'openai/codex' && (github.event.action == 'opened' || (github.event.action == 'labeled' && github.event.label.name == 'codex-deduplicate'))
    runs-on: ubuntu-latest
-    environment: issue-triage
    permissions:
      contents: read
    outputs:
-      codex_output: ${{ steps.codex-all.outputs.final-message }}
+      issues_json: ${{ steps.normalize-all.outputs.issues_json }}
+      reason: ${{ steps.normalize-all.outputs.reason }}
+      has_matches: ${{ steps.normalize-all.outputs.has_matches }}
    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+
      - name: Prepare Codex inputs
        env:
          GH_TOKEN: ${{ github.token }}
@@ -62,8 +65,6 @@ jobs:
        with:
          openai-api-key: ${{ secrets.CODEX_OPENAI_API_KEY }}
          allow-users: "*"
-          safety-strategy: drop-sudo
-          sandbox: read-only
          prompt: |
            You are an assistant that triages new GitHub issues by identifying potential duplicates.

@@ -97,21 +98,10 @@ jobs:
              "additionalProperties": false
            }

-  normalize-duplicates-all:
-    name: Normalize pass 1 output
-    needs: gather-duplicates-all
-    if: ${{ needs.gather-duplicates-all.result == 'success' }}
-    runs-on: ubuntu-latest
-    permissions: {}
-    outputs:
-      issues_json: ${{ steps.normalize-all.outputs.issues_json }}
-      reason: ${{ steps.normalize-all.outputs.reason }}
-      has_matches: ${{ steps.normalize-all.outputs.has_matches }}
-    steps:
      - id: normalize-all
        name: Normalize pass 1 output
        env:
-          CODEX_OUTPUT: ${{ needs.gather-duplicates-all.outputs.codex_output }}
+          CODEX_OUTPUT: ${{ steps.codex-all.outputs.final-message }}
          CURRENT_ISSUE_NUMBER: ${{ github.event.issue.number }}
        run: |
          set -eo pipefail
@@ -154,16 +144,19 @@ jobs:

  gather-duplicates-open:
    name: Identify potential duplicates (open issues fallback)
-    # Pass 1 Codex execution drops sudo on its runner, so run the fallback in a fresh job.
-    needs: normalize-duplicates-all
-    if: ${{ needs.normalize-duplicates-all.result == 'success' && needs.normalize-duplicates-all.outputs.has_matches != 'true' }}
+    # Pass 1 may drop sudo on the runner, so run the fallback in a fresh job.
+    needs: gather-duplicates-all
+    if: ${{ needs.gather-duplicates-all.result == 'success' && needs.gather-duplicates-all.outputs.has_matches != 'true' }}
    runs-on: ubuntu-latest
-    environment: issue-triage
    permissions:
      contents: read
    outputs:
-      codex_output: ${{ steps.codex-open.outputs.final-message }}
+      issues_json: ${{ steps.normalize-open.outputs.issues_json }}
+      reason: ${{ steps.normalize-open.outputs.reason }}
+      has_matches: ${{ steps.normalize-open.outputs.has_matches }}
    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+
      - name: Prepare Codex inputs
        env:
          GH_TOKEN: ${{ github.token }}
@@ -206,8 +199,6 @@ jobs:
        with:
          openai-api-key: ${{ secrets.CODEX_OPENAI_API_KEY }}
          allow-users: "*"
-          safety-strategy: drop-sudo
-          sandbox: read-only
          prompt: |
            You are an assistant that triages new GitHub issues by identifying potential duplicates.

@@ -241,21 +232,10 @@ jobs:
              "additionalProperties": false
            }

-  normalize-duplicates-open:
-    name: Normalize pass 2 output
-    needs: gather-duplicates-open
-    if: ${{ needs.gather-duplicates-open.result == 'success' }}
-    runs-on: ubuntu-latest
-    permissions: {}
-    outputs:
-      issues_json: ${{ steps.normalize-open.outputs.issues_json }}
-      reason: ${{ steps.normalize-open.outputs.reason }}
-      has_matches: ${{ steps.normalize-open.outputs.has_matches }}
-    steps:
      - id: normalize-open
        name: Normalize pass 2 output
        env:
-          CODEX_OUTPUT: ${{ needs.gather-duplicates-open.outputs.codex_output }}
+          CODEX_OUTPUT: ${{ steps.codex-open.outputs.final-message }}
          CURRENT_ISSUE_NUMBER: ${{ github.event.issue.number }}
        run: |
          set -eo pipefail
@@ -299,9 +279,9 @@ jobs:
  select-final:
    name: Select final duplicate set
    needs:
-      - normalize-duplicates-all
-      - normalize-duplicates-open
-    if: ${{ always() && needs.normalize-duplicates-all.result == 'success' && (needs.normalize-duplicates-open.result == 'success' || needs.normalize-duplicates-open.result == 'skipped') }}
+      - gather-duplicates-all
+      - gather-duplicates-open
+    if: ${{ always() && needs.gather-duplicates-all.result == 'success' && (needs.gather-duplicates-open.result == 'success' || needs.gather-duplicates-open.result == 'skipped') }}
    runs-on: ubuntu-latest
    permissions:
      contents: read
@@ -311,12 +291,12 @@ jobs:
      - id: select-final
        name: Select final duplicate set
        env:
-          PASS1_ISSUES: ${{ needs.normalize-duplicates-all.outputs.issues_json }}
-          PASS1_REASON: ${{ needs.normalize-duplicates-all.outputs.reason }}
-          PASS2_ISSUES: ${{ needs.normalize-duplicates-open.outputs.issues_json }}
-          PASS2_REASON: ${{ needs.normalize-duplicates-open.outputs.reason }}
-          PASS1_HAS_MATCHES: ${{ needs.normalize-duplicates-all.outputs.has_matches }}
-          PASS2_HAS_MATCHES: ${{ needs.normalize-duplicates-open.outputs.has_matches }}
+          PASS1_ISSUES: ${{ needs.gather-duplicates-all.outputs.issues_json }}
+          PASS1_REASON: ${{ needs.gather-duplicates-all.outputs.reason }}
+          PASS2_ISSUES: ${{ needs.gather-duplicates-open.outputs.issues_json }}
+          PASS2_REASON: ${{ needs.gather-duplicates-open.outputs.reason }}
+          PASS1_HAS_MATCHES: ${{ needs.gather-duplicates-all.outputs.has_matches }}
+          PASS2_HAS_MATCHES: ${{ needs.gather-duplicates-open.outputs.has_matches }}
        run: |
          set -eo pipefail

@@ -362,7 +342,7 @@ jobs:
      issues: write
    steps:
      - name: Comment on issue
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
        env:
          CODEX_OUTPUT: ${{ needs.select-final.outputs.codex_output }}
        with:
--- a/.github/workflows/issue-labeler.yml
+++ b/.github/workflows/issue-labeler.yml
@@ -12,19 +12,18 @@ jobs:
    # Prevent runs on forks (requires OpenAI API key, wastes Actions minutes)
    if: github.repository == 'openai/codex' && (github.event.action == 'opened' || (github.event.action == 'labeled' && github.event.label.name == 'codex-label'))
    runs-on: ubuntu-latest
-    environment: issue-triage
    permissions:
      contents: read
    outputs:
      codex_output: ${{ steps.codex.outputs.final-message }}
    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+
      - id: codex
        uses: openai/codex-action@5c3f4ccdb2b8790f73d6b21751ac00e602aa0c02 # v1.7
        with:
          openai-api-key: ${{ secrets.CODEX_OPENAI_API_KEY }}
          allow-users: "*"
-          safety-strategy: drop-sudo
-          sandbox: read-only
          prompt: |
            You are an assistant that reviews GitHub issues for the repository.

--- a/.github/workflows/python-sdk-release.yml
+++ b/.github/workflows/python-sdk-release.yml
@@ -1,232 +0,0 @@
-name: python-sdk-release
-
-on:
-  push:
-    tags:
-      - "python-v*"
-  workflow_dispatch:
-    inputs:
-      runtime_version:
-        description: "Runtime version to publish before updating the SDK pin, for example 0.136.0 or 0.136.0a2."
-        required: true
-        type: string
-
-concurrency:
-  group: ${{ github.workflow }}
-  cancel-in-progress: false
-
-jobs:
-  # Publish the platform-specific Python runtime wheels before building the SDK
-  # package that pins them, or explicitly before updating the SDK runtime pin.
-  # PyPI project configuration must trust this workflow and job for publishing.
-  publish-python-runtime:
-    if: github.repository == 'openai/codex'
-    name: publish-python-runtime
-    runs-on: ubuntu-latest
-    environment: pypi
-    permissions:
-      contents: read
-      id-token: write # Required for PyPI trusted publishing.
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
-
-      - name: Validate SDK tag and resolve Python runtime release
-        id: python_runtime
-        shell: bash
-        env:
-          REQUESTED_RUNTIME_VERSION: ${{ inputs.runtime_version }}
-        run: |
-          set -euo pipefail
-          python3 - <<'PY'
-          import os
-          import re
-          import tomllib
-          from pathlib import Path
-
-          event_name = os.environ["GITHUB_EVENT_NAME"]
-          if event_name == "workflow_dispatch":
-              python_version = os.environ["REQUESTED_RUNTIME_VERSION"]
-          elif event_name == "push":
-              sdk_version = os.environ["GITHUB_REF_NAME"].removeprefix("python-v")
-              if not re.fullmatch(r"[0-9]+\.[0-9]+\.[0-9]+b[0-9]+", sdk_version):
-                  raise SystemExit(
-                      "Python SDK release tags must identify a beta release, "
-                      "for example python-v0.1.0b1."
-                  )
-
-              pyproject = tomllib.loads(Path("sdk/python/pyproject.toml").read_text())
-              prefix = "openai-codex-cli-bin=="
-              versions = [
-                  dependency.removeprefix(prefix)
-                  for dependency in pyproject["project"]["dependencies"]
-                  if dependency.startswith(prefix)
-              ]
-              if len(versions) != 1:
-                  raise SystemExit(f"Expected exactly one pinned {prefix} dependency, found {versions}")
-              python_version = versions[0]
-          else:
-              raise SystemExit(f"Unsupported workflow event: {event_name}")
-
-          if match := re.fullmatch(r"([0-9]+\.[0-9]+\.[0-9]+)a([0-9]+)", python_version):
-              release_version = f"{match.group(1)}-alpha.{match.group(2)}"
-          elif re.fullmatch(r"[0-9]+\.[0-9]+\.[0-9]+", python_version):
-              release_version = python_version
-          else:
-              raise SystemExit(
-                  "Python runtime version must be stable or a numbered alpha, "
-                  f"for example 0.136.0 or 0.136.0a2; found {python_version}"
-              )
-
-          with Path(os.environ["GITHUB_OUTPUT"]).open("a") as output:
-              print(f"python_version={python_version}", file=output)
-              print(f"release_tag=rust-v{release_version}", file=output)
-          PY
-
-      - name: Download Python runtime release artifacts
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          PYTHON_RUNTIME_VERSION: ${{ steps.python_runtime.outputs.python_version }}
-          RELEASE_TAG: ${{ steps.python_runtime.outputs.release_tag }}
-        run: |
-          set -euo pipefail
-          mkdir -p dist/python-runtime dist/python-runtime-packages
-          gh release download "$RELEASE_TAG" \
-            --repo "${GITHUB_REPOSITORY}" \
-            --pattern "openai_codex_cli_bin-${PYTHON_RUNTIME_VERSION}-*.whl" \
-            --dir dist/python-runtime
-          gh release download "$RELEASE_TAG" \
-            --repo "${GITHUB_REPOSITORY}" \
-            --pattern "codex-package-*-unknown-linux-musl.tar.gz" \
-            --dir dist/python-runtime-packages
-
-          shopt -s nullglob
-          wheels=(dist/python-runtime/*.whl)
-          if [[ "${#wheels[@]}" -ne 6 ]]; then
-            echo "Expected 6 Python runtime wheels for ${PYTHON_RUNTIME_VERSION}, found ${#wheels[@]}."
-            exit 1
-          fi
-          packages=(dist/python-runtime-packages/*.tar.gz)
-          if [[ "${#packages[@]}" -ne 2 ]]; then
-            echo "Expected 2 Linux package archives for ${PYTHON_RUNTIME_VERSION}, found ${#packages[@]}."
-            exit 1
-          fi
-
-      - name: Build musllinux Python runtime wheels
-        env:
-          RELEASE_TAG: ${{ steps.python_runtime.outputs.release_tag }}
-        run: |
-          set -euo pipefail
-
-          python3 -m venv "${RUNNER_TEMP}/python-runtime-build-venv"
-          "${RUNNER_TEMP}/python-runtime-build-venv/bin/python" -m pip install build
-
-          while read -r target platform_tag; do
-            stage_dir="${RUNNER_TEMP}/openai-codex-cli-bin-${target}-${platform_tag}"
-            python3 sdk/python/scripts/update_sdk_artifacts.py \
-              stage-runtime \
-              "$stage_dir" \
-              "dist/python-runtime-packages/codex-package-${target}.tar.gz" \
-              --codex-version "$RELEASE_TAG" \
-              --platform-tag "$platform_tag"
-            "${RUNNER_TEMP}/python-runtime-build-venv/bin/python" -m build \
-              --wheel \
-              --outdir dist/python-runtime \
-              "$stage_dir"
-          done <<'EOF'
-          aarch64-unknown-linux-musl musllinux_1_1_aarch64
-          x86_64-unknown-linux-musl musllinux_1_1_x86_64
-          EOF
-
-          shopt -s nullglob
-          wheels=(dist/python-runtime/*.whl)
-          if [[ "${#wheels[@]}" -ne 8 ]]; then
-            echo "Expected 8 Python runtime wheels, found ${#wheels[@]}."
-            exit 1
-          fi
-          ls -lh dist/python-runtime
-
-      - name: Publish Python runtime wheels to PyPI
-        uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
-        with:
-          packages-dir: dist/python-runtime
-          skip-existing: true
-
-  build-python-sdk:
-    if: github.event_name == 'push' && github.repository == 'openai/codex'
-    name: build-python-sdk
-    needs: publish-python-runtime
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
-
-      - name: Validate tag and build Python SDK package
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          sdk_version="${GITHUB_REF_NAME#python-v}"
-          # Build in a glibc Linux image so release type generation installs
-          # the pinned manylinux runtime wheel.
-          docker run --rm \
-            --user "$(id -u):$(id -g)" \
-            -e HOME=/tmp/codex-python-sdk-home \
-            -e UV_LINK_MODE=copy \
-            -e SDK_VERSION="${sdk_version}" \
-            -e SDK_STAGE_DIR="${RUNNER_TEMP}/openai-codex" \
-            -e SDK_DIST_DIR="${GITHUB_WORKSPACE}/dist/python-sdk" \
-            -v "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}" \
-            -v "${RUNNER_TEMP}:${RUNNER_TEMP}" \
-            -w "${GITHUB_WORKSPACE}/sdk/python" \
-            python:3.12-slim \
-            sh -euxc '
-              python -m venv /tmp/release-tools
-              /tmp/release-tools/bin/python -m pip install build twine uv==0.11.3
-              /tmp/release-tools/bin/uv sync --extra dev --frozen
-              /tmp/release-tools/bin/uv run --extra dev --frozen python scripts/update_sdk_artifacts.py \
-                stage-sdk "${SDK_STAGE_DIR}" \
-                --sdk-version "${SDK_VERSION}"
-              /tmp/release-tools/bin/python -m build \
-                --wheel \
-                --sdist \
-                --outdir "${SDK_DIST_DIR}" \
-                "${SDK_STAGE_DIR}"
-              /tmp/release-tools/bin/python -m twine check --strict "${SDK_DIST_DIR}/"*
-            '
-
-      - name: Upload Python SDK package
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: python-sdk-package
-          path: dist/python-sdk/*
-          if-no-files-found: error
-
-  publish-python-sdk:
-    name: publish-python-sdk
-    needs: build-python-sdk
-    runs-on: ubuntu-latest
-    environment: pypi
-    permissions:
-      contents: read
-      id-token: write # Required for PyPI trusted publishing.
-
-    steps:
-      - name: Download Python SDK package
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
-        with:
-          name: python-sdk-package
-          path: dist/python-sdk
-
-      - name: Publish Python SDK to PyPI
-        uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
-        with:
-          packages-dir: dist/python-sdk
--- a/.github/workflows/rust-ci-full-nextest-platform.yml
+++ b/.github/workflows/rust-ci-full-nextest-platform.yml
@@ -1,464 +0,0 @@
-name: rust-ci-full nextest platform
-
-on:
-  workflow_call:
-    inputs:
-      runner:
-        required: true
-        type: string
-      runner_group:
-        required: false
-        default: ""
-        type: string
-      runner_labels:
-        required: false
-        default: ""
-        type: string
-      archive_runner:
-        required: false
-        default: ""
-        type: string
-      archive_runner_group:
-        required: false
-        default: ""
-        type: string
-      archive_runner_labels:
-        required: false
-        default: ""
-        type: string
-      target:
-        required: true
-        type: string
-      profile:
-        required: true
-        type: string
-      artifact_id:
-        required: true
-        type: string
-      remote_env:
-        required: false
-        default: false
-        type: boolean
-      test_threads:
-        required: false
-        default: 0
-        type: number
-      use_sccache:
-        required: false
-        default: false
-        type: boolean
-
-# Caller workflow-level env does not flow through workflow_call, so keep the
-# Cargo git transport hardening on the archive and shard jobs directly here.
-env:
-  CARGO_NET_GIT_FETCH_WITH_CLI: "true"
-
-jobs:
-  archive:
-    name: Build nextest archive
-    runs-on: ${{ inputs.archive_runner_group != '' && fromJSON(format('{{"group":"{0}","labels":"{1}"}}', inputs.archive_runner_group, inputs.archive_runner_labels)) || inputs.archive_runner != '' && inputs.archive_runner || inputs.runner_group != '' && fromJSON(format('{{"group":"{0}","labels":"{1}"}}', inputs.runner_group, inputs.runner_labels)) || inputs.runner }}
-    timeout-minutes: 60
-    defaults:
-      run:
-        working-directory: codex-rs
-    env:
-      # Windows ARM64 archives are built on Windows x64, while their shards run
-      # on native Windows ARM64. Key producer-side caches by the archive runner
-      # so the cross-compile build reuses the Windows x64 cache lineage.
-      ARCHIVE_CACHE_RUNNER: ${{ inputs.archive_runner != '' && inputs.archive_runner || inputs.runner }}
-      USE_SCCACHE: ${{ inputs.use_sccache && 'true' || 'false' }}
-      CARGO_INCREMENTAL: "0"
-      SCCACHE_CACHE_SIZE: 10G
-      NEXTEST_ARCHIVE_FILE: nextest-${{ inputs.artifact_id }}.tar.zst
-      TEST_HELPERS_ARTIFACT: nextest-test-helpers-${{ inputs.artifact_id }}
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
-
-      - name: Configure Dev Drive (Windows)
-        if: ${{ runner.os == 'Windows' }}
-        shell: pwsh
-        run: ../.github/scripts/setup-dev-drive.ps1
-
-      - name: Install Linux build dependencies
-        if: ${{ runner.os == 'Linux' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          if command -v apt-get >/dev/null 2>&1; then
-            sudo apt-get update -y
-            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev bubblewrap
-          fi
-
-      - name: Install DotSlash
-        uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2
-
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
-        with:
-          targets: ${{ inputs.target }}
-
-      - name: Expose MSVC SDK environment (Windows)
-        if: ${{ runner.os == 'Windows' && inputs.target == 'aarch64-pc-windows-msvc' }}
-        uses: ./.github/actions/setup-msvc-env
-        with:
-          target: ${{ inputs.target }}
-
-      - name: Compute lockfile hash
-        id: lockhash
-        shell: bash
-        run: |
-          set -euo pipefail
-          echo "hash=$(sha256sum Cargo.lock | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
-          echo "toolchain_hash=$(sha256sum rust-toolchain.toml | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
-
-      - name: Restore cargo home cache
-        id: cache_cargo_home_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
-        with:
-          path: |
-            ~/.cargo/bin/
-            ~/.cargo/registry/index/
-            ~/.cargo/registry/cache/
-            ~/.cargo/git/db/
-          key: cargo-home-${{ env.ARCHIVE_CACHE_RUNNER }}-${{ inputs.target }}-${{ inputs.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
-          restore-keys: |
-            cargo-home-${{ env.ARCHIVE_CACHE_RUNNER }}-${{ inputs.target }}-${{ inputs.profile }}-
-
-      - name: Install sccache
-        if: ${{ env.USE_SCCACHE == 'true' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
-        with:
-          tool: sccache
-          version: 0.7.5
-
-      - name: Configure sccache backend
-        if: ${{ env.USE_SCCACHE == 'true' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          if [[ -n "${ACTIONS_CACHE_URL:-}" && -n "${ACTIONS_RUNTIME_TOKEN:-}" ]]; then
-            echo "SCCACHE_GHA_ENABLED=true" >> "$GITHUB_ENV"
-            echo "Using sccache GitHub backend"
-          else
-            echo "SCCACHE_GHA_ENABLED=false" >> "$GITHUB_ENV"
-            if [[ -n "${DEV_DRIVE:-}" ]]; then
-              echo "SCCACHE_DIR=${DEV_DRIVE}\\.sccache" >> "$GITHUB_ENV"
-            else
-              echo "SCCACHE_DIR=${{ github.workspace }}/.sccache" >> "$GITHUB_ENV"
-            fi
-            echo "Using sccache local disk + actions/cache fallback"
-          fi
-
-      - name: Enable sccache wrapper
-        if: ${{ env.USE_SCCACHE == 'true' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          wrapper="$(command -v sccache)"
-          if [[ "${RUNNER_OS}" == "Windows" ]] && command -v cygpath >/dev/null 2>&1; then
-            wrapper="$(cygpath -w "${wrapper}")"
-          fi
-          echo "RUSTC_WRAPPER=${wrapper}" >> "$GITHUB_ENV"
-          echo "CARGO_BUILD_RUSTC_WRAPPER=${wrapper}" >> "$GITHUB_ENV"
-
-      - name: Restore sccache cache (fallback)
-        if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
-        id: cache_sccache_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
-        with:
-          path: ${{ env.SCCACHE_DIR }}
-          key: sccache-${{ env.ARCHIVE_CACHE_RUNNER }}-${{ inputs.target }}-${{ inputs.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
-          restore-keys: |
-            sccache-${{ env.ARCHIVE_CACHE_RUNNER }}-${{ inputs.target }}-${{ inputs.profile }}-${{ steps.lockhash.outputs.hash }}-
-            sccache-${{ env.ARCHIVE_CACHE_RUNNER }}-${{ inputs.target }}-${{ inputs.profile }}-
-
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
-        with:
-          tool: nextest
-          version: 0.9.103
-
-      - name: Enable unprivileged user namespaces (Linux)
-        if: runner.os == 'Linux'
-        run: |
-          sudo sysctl -w kernel.unprivileged_userns_clone=1
-          if sudo sysctl -a 2>/dev/null | grep -q '^kernel.apparmor_restrict_unprivileged_userns'; then
-            sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
-          fi
-
-      - name: Build nextest archive
-        shell: bash
-        run: |
-          set -euo pipefail
-          archive_dir="${RUNNER_TEMP}/nextest-archive"
-          mkdir -p "${archive_dir}"
-          cargo nextest archive \
-            --target ${{ inputs.target }} \
-            --cargo-profile ${{ inputs.profile }} \
-            --timings \
-            --archive-file "${archive_dir}/${NEXTEST_ARCHIVE_FILE}"
-
-      - name: Build runtime test helpers
-        if: ${{ runner.os == 'Linux' || runner.os == 'Windows' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          helper_dir="${RUNNER_TEMP}/${TEST_HELPERS_ARTIFACT}"
-          mkdir -p "${helper_dir}"
-
-          if [[ "${RUNNER_OS}" == "Linux" ]]; then
-            cargo build \
-              --target ${{ inputs.target }} \
-              --profile ${{ inputs.profile }} \
-              -p codex-linux-sandbox \
-              --bin codex-linux-sandbox
-            cp "target/${{ inputs.target }}/${{ inputs.profile }}/codex-linux-sandbox" "${helper_dir}/"
-          else
-            cargo build \
-              --target ${{ inputs.target }} \
-              --profile ${{ inputs.profile }} \
-              -p codex-windows-sandbox \
-              --bin codex-windows-sandbox-setup \
-              --bin codex-command-runner
-            cp "target/${{ inputs.target }}/${{ inputs.profile }}/codex-windows-sandbox-setup.exe" "${helper_dir}/"
-            cp "target/${{ inputs.target }}/${{ inputs.profile }}/codex-command-runner.exe" "${helper_dir}/"
-          fi
-
-      - name: Upload Cargo timings (nextest)
-        if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: cargo-timings-rust-ci-nextest-${{ inputs.target }}-${{ inputs.profile }}
-          path: codex-rs/target/**/cargo-timings/cargo-timing.html
-          if-no-files-found: warn
-
-      - name: Upload nextest archive
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: nextest-archive-${{ inputs.artifact_id }}
-          path: ${{ runner.temp }}/nextest-archive/${{ env.NEXTEST_ARCHIVE_FILE }}
-          if-no-files-found: error
-          retention-days: 1
-
-      - name: Upload runtime test helpers
-        if: ${{ runner.os == 'Linux' || runner.os == 'Windows' }}
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: ${{ env.TEST_HELPERS_ARTIFACT }}
-          path: ${{ runner.temp }}/${{ env.TEST_HELPERS_ARTIFACT }}/*
-          if-no-files-found: error
-          retention-days: 1
-
-      - name: Save cargo home cache
-        if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
-        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
-        with:
-          path: |
-            ~/.cargo/bin/
-            ~/.cargo/registry/index/
-            ~/.cargo/registry/cache/
-            ~/.cargo/git/db/
-          key: cargo-home-${{ env.ARCHIVE_CACHE_RUNNER }}-${{ inputs.target }}-${{ inputs.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
-
-      - name: Save sccache cache (fallback)
-        if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
-        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
-        with:
-          path: ${{ env.SCCACHE_DIR }}
-          key: sccache-${{ env.ARCHIVE_CACHE_RUNNER }}-${{ inputs.target }}-${{ inputs.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
-
-      - name: sccache stats
-        if: always() && env.USE_SCCACHE == 'true'
-        continue-on-error: true
-        run: sccache --show-stats || true
-
-      - name: sccache summary
-        if: always() && env.USE_SCCACHE == 'true'
-        shell: bash
-        run: |
-          {
-            echo "### sccache stats — ${{ inputs.target }} (tests)";
-            echo;
-            echo '```';
-            sccache --show-stats || true;
-            echo '```';
-          } >> "$GITHUB_STEP_SUMMARY"
-
-  shard:
-    name: Tests shard ${{ matrix.shard }}/4
-    needs: archive
-    runs-on: ${{ inputs.runner_group != '' && fromJSON(format('{{"group":"{0}","labels":"{1}"}}', inputs.runner_group, inputs.runner_labels)) || inputs.runner }}
-    timeout-minutes: 60
-    defaults:
-      run:
-        working-directory: codex-rs
-    env:
-      NEXTEST_ARCHIVE_FILE: nextest-${{ inputs.artifact_id }}.tar.zst
-      TEST_HELPERS_ARTIFACT: nextest-test-helpers-${{ inputs.artifact_id }}
-    strategy:
-      fail-fast: false
-      matrix:
-        shard: [1, 2, 3, 4]
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
-
-      - name: Install Linux build dependencies
-        if: ${{ runner.os == 'Linux' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          if command -v apt-get >/dev/null 2>&1; then
-            sudo apt-get update -y
-            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev bubblewrap
-          fi
-
-      - name: Install DotSlash
-        uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2
-
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
-        with:
-          targets: ${{ inputs.target }}
-
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
-        with:
-          tool: nextest
-          version: 0.9.103
-
-      - name: Enable unprivileged user namespaces (Linux)
-        if: runner.os == 'Linux'
-        run: |
-          sudo sysctl -w kernel.unprivileged_userns_clone=1
-          if sudo sysctl -a 2>/dev/null | grep -q '^kernel.apparmor_restrict_unprivileged_userns'; then
-            sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
-          fi
-
-      - name: Set up remote test env (Docker)
-        if: ${{ runner.os == 'Linux' && inputs.remote_env }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          export CODEX_TEST_REMOTE_ENV_CONTAINER_NAME="codex-remote-test-env-${{ github.run_id }}-${{ matrix.shard }}"
-          source "${GITHUB_WORKSPACE}/scripts/test-remote-env.sh"
-          echo "CODEX_TEST_REMOTE_ENV=${CODEX_TEST_REMOTE_ENV}" >> "$GITHUB_ENV"
-          echo "CODEX_TEST_REMOTE_EXEC_SERVER_URL=${CODEX_TEST_REMOTE_EXEC_SERVER_URL}" >> "$GITHUB_ENV"
-
-      - name: Download nextest archive
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
-        with:
-          name: nextest-archive-${{ inputs.artifact_id }}
-          path: ${{ runner.temp }}/nextest-archive
-
-      - name: Download runtime test helpers
-        if: ${{ runner.os == 'Linux' || runner.os == 'Windows' }}
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
-        with:
-          name: ${{ env.TEST_HELPERS_ARTIFACT }}
-          path: ${{ runner.temp }}/${{ env.TEST_HELPERS_ARTIFACT }}
-
-      - name: tests
-        id: test
-        shell: bash
-        run: |
-          set -euo pipefail
-          archive_file="${RUNNER_TEMP}/nextest-archive/${NEXTEST_ARCHIVE_FILE}"
-          workspace_root="$(pwd)"
-
-          if [[ "${RUNNER_OS}" == "Windows" ]]; then
-            archive_file="$(cygpath -w "${archive_file}")"
-            workspace_root="$(cygpath -w "${workspace_root}")"
-          fi
-
-          if [[ "${RUNNER_OS}" == "Linux" ]]; then
-            helper_dir="${RUNNER_TEMP}/${TEST_HELPERS_ARTIFACT}"
-            helper_target_dir="$(pwd)/target/${{ inputs.target }}/${{ inputs.profile }}"
-            mkdir -p "${helper_target_dir}"
-            cp "${helper_dir}/codex-linux-sandbox" "${helper_target_dir}/"
-            chmod +x "${helper_target_dir}/codex-linux-sandbox"
-          elif [[ "${RUNNER_OS}" == "Windows" ]]; then
-            helper_dir="${RUNNER_TEMP}/${TEST_HELPERS_ARTIFACT}"
-            helper_target_dir="$(pwd)/target/${{ inputs.target }}/${{ inputs.profile }}"
-            mkdir -p "${helper_target_dir}"
-            cp "${helper_dir}/codex-windows-sandbox-setup.exe" "${helper_target_dir}/"
-            cp "${helper_dir}/codex-command-runner.exe" "${helper_target_dir}/"
-          fi
-
-          nextest_args=(
-            run
-            --no-fail-fast
-            --archive-file "${archive_file}"
-            --workspace-remap "${workspace_root}"
-            --partition "hash:${{ matrix.shard }}/4"
-          )
-          if [[ "${{ inputs.test_threads }}" != "0" ]]; then
-            nextest_args+=(--test-threads "${{ inputs.test_threads }}")
-          fi
-
-          test_command=(cargo nextest "${nextest_args[@]}")
-          if [[ "${RUNNER_OS}" == "Linux" ]]; then
-            sandbox_helper="${helper_target_dir}/codex-linux-sandbox"
-            test_command=(
-              env
-              "CARGO_BIN_EXE_codex-linux-sandbox=${sandbox_helper}"
-              "CARGO_BIN_EXE_codex_linux_sandbox=${sandbox_helper}"
-              cargo nextest "${nextest_args[@]}"
-            )
-          elif [[ "${RUNNER_OS}" == "Windows" ]]; then
-            setup_helper="$(cygpath -w "${helper_target_dir}/codex-windows-sandbox-setup.exe")"
-            command_runner="$(cygpath -w "${helper_target_dir}/codex-command-runner.exe")"
-            test_command=(
-              env
-              "CARGO_BIN_EXE_codex_windows_sandbox_setup=${setup_helper}"
-              "CARGO_BIN_EXE_codex_command_runner=${command_runner}"
-              cargo nextest "${nextest_args[@]}"
-            )
-          fi
-
-          "${test_command[@]}"
-        env:
-          RUST_BACKTRACE: 1
-          RUST_MIN_STACK: "8388608" # 8 MiB
-          NEXTEST_STATUS_LEVEL: leak
-
-      - name: Upload nextest JUnit report
-        if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: nextest-junit-rust-ci-${{ inputs.artifact_id }}-shard-${{ matrix.shard }}
-          path: codex-rs/target/nextest/default/junit.xml
-          if-no-files-found: warn
-
-      - name: Tear down remote test env
-        if: ${{ always() && runner.os == 'Linux' && inputs.remote_env }}
-        shell: bash
-        run: |
-          set +e
-          if [[ "${STEPS_TEST_OUTCOME}" != "success" ]]; then
-            docker logs "${CODEX_TEST_REMOTE_ENV}" || true
-          fi
-          docker rm -f "${CODEX_TEST_REMOTE_ENV}" >/dev/null 2>&1 || true
-        env:
-          STEPS_TEST_OUTCOME: ${{ steps.test.outcome }}
-
-      - name: verify tests passed
-        if: steps.test.outcome == 'failure'
-        run: |
-          echo "Tests failed. See logs for details."
-          exit 1
-
-  result:
-    name: Platform result
-    needs: shard
-    if: always()
-    runs-on: ubuntu-24.04
-    steps:
-      - name: Confirm test shards passed
-        shell: bash
-        run: |
-          if [[ "${{ needs.shard.result }}" != "success" ]]; then
-            echo "Nextest shards finished with result: ${{ needs.shard.result }}" >&2
-            exit 1
-          fi
--- a/.github/workflows/rust-ci-full.yml
+++ b/.github/workflows/rust-ci-full.yml
@@ -7,11 +7,6 @@ on:
  workflow_dispatch:

 # CI builds in debug (dev) for faster signal.
-env:
-  # Cargo's libgit2 transport has been flaky on macOS when fetching git
-  # dependencies with nested submodules. Use the system git CLI, which has
-  # better network/proxy behavior and matches Cargo's own suggested fallback.
-  CARGO_NET_GIT_FETCH_WITH_CLI: "true"

 jobs:
  # --- CI that doesn't need specific targets ---------------------------------
@@ -22,19 +17,12 @@ jobs:
      run:
        working-directory: codex-rs
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
          components: rustfmt
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
-        with:
-          tool: just
      - name: cargo fmt
        run: cargo fmt -- --config imports_granularity=Item --check
-      - name: Rust benchmark smoke test
-        run: just bench-smoke

  cargo_shear:
    name: cargo shear
@@ -43,15 +31,14 @@ jobs:
      run:
        working-directory: codex-rs
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
-          persist-credentials: false
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
-        with:
-          tool: cargo-shear@1.11.2
+          tool: cargo-shear
+          version: 1.5.1
      - name: cargo shear
-        run: cargo shear --deny-warnings
+        run: cargo shear

  argument_comment_lint_package:
    name: Argument comment lint package
@@ -60,16 +47,14 @@ jobs:
      CARGO_DYLINT_VERSION: 5.0.0
      DYLINT_LINK_VERSION: 5.0.0
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
          toolchain: nightly-2025-09-18
          components: llvm-tools-preview, rustc-dev, rust-src
      - name: Cache cargo-dylint tooling
        id: cargo_dylint_cache
-        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/cargo-dylint
@@ -112,9 +97,7 @@ jobs:
              group: codex-runners
              labels: codex-windows-x64
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: ./.github/actions/setup-bazel-ci
        with:
          target: ${{ runner.os }}
@@ -250,9 +233,7 @@ jobs:
              labels: codex-windows-arm64

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - name: Install Linux build dependencies
        if: ${{ runner.os == 'Linux' }}
        shell: bash
@@ -260,9 +241,13 @@ jobs:
          set -euo pipefail
          if command -v apt-get >/dev/null 2>&1; then
            sudo apt-get update -y
-            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev
+            packages=(pkg-config libcap-dev)
+            if [[ "${{ matrix.target }}" == 'x86_64-unknown-linux-musl' || "${{ matrix.target }}" == 'aarch64-unknown-linux-musl' ]]; then
+              packages+=(libubsan1)
+            fi
+            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends "${packages[@]}"
          fi
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
          targets: ${{ matrix.target }}
          components: clippy
@@ -291,7 +276,7 @@ jobs:
      # avoid caching the large target dir on the gnu-dev job.
      - name: Restore cargo home cache
        id: cache_cargo_home_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/
@@ -309,7 +294,7 @@ jobs:
      # Install and restore sccache cache
      - name: Install sccache
        if: ${{ env.USE_SCCACHE == 'true' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
          tool: sccache
          version: 0.7.5
@@ -336,7 +321,7 @@ jobs:
      - name: Restore sccache cache (fallback)
        if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
        id: cache_sccache_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ github.workspace }}/.sccache/
          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -344,6 +329,14 @@ jobs:
            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-
            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-

+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Disable sccache wrapper (musl)
+        shell: bash
+        run: |
+          set -euo pipefail
+          echo "RUSTC_WRAPPER=" >> "$GITHUB_ENV"
+          echo "RUSTC_WORKSPACE_WRAPPER=" >> "$GITHUB_ENV"
+
      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
        name: Prepare APT cache directories (musl)
        shell: bash
@@ -355,7 +348,7 @@ jobs:
      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
        name: Restore APT cache (musl)
        id: cache_apt_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            /var/cache/apt
@@ -363,7 +356,7 @@ jobs:

      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
        name: Install Zig
-        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2.2.1
+        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2
        with:
          version: 0.14.0

@@ -377,15 +370,67 @@ jobs:
        shell: bash
        run: bash "${GITHUB_WORKSPACE}/.github/scripts/install-musl-build-tools.sh"

-      - if: ${{ !contains(matrix.target, 'windows') }}
-        name: Configure rusty_v8 artifact overrides and verify checksums
-        uses: ./.github/actions/setup-rusty-v8
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Configure rustc UBSan wrapper (musl host)
+        shell: bash
+        run: |
+          set -euo pipefail
+          ubsan=""
+          if command -v ldconfig >/dev/null 2>&1; then
+            ubsan="$(ldconfig -p | grep -m1 'libubsan\.so\.1' | sed -E 's/.*=> (.*)$/\1/')"
+          fi
+          wrapper_root="${RUNNER_TEMP:-/tmp}"
+          wrapper="${wrapper_root}/rustc-ubsan-wrapper"
+          cat > "${wrapper}" <<EOF
+          #!/usr/bin/env bash
+          set -euo pipefail
+          if [[ -n "${ubsan}" ]]; then
+            export LD_PRELOAD="${ubsan}\${LD_PRELOAD:+:\${LD_PRELOAD}}"
+          fi
+          exec "\$1" "\${@:2}"
+          EOF
+          chmod +x "${wrapper}"
+          echo "RUSTC_WRAPPER=${wrapper}" >> "$GITHUB_ENV"
+          echo "RUSTC_WORKSPACE_WRAPPER=" >> "$GITHUB_ENV"
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Clear sanitizer flags (musl)
+        shell: bash
+        run: |
+          set -euo pipefail
+          # Clear global Rust flags so host/proc-macro builds don't pull in UBSan.
+          echo "RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_ENCODED_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "RUSTDOCFLAGS=" >> "$GITHUB_ENV"
+          # Override any runner-level Cargo config rustflags as well.
+          echo "CARGO_BUILD_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV"
+
+          sanitize_flags() {
+            local input="$1"
+            input="${input//-fsanitize=undefined/}"
+            input="${input//-fno-sanitize-recover=undefined/}"
+            input="${input//-fno-sanitize-trap=undefined/}"
+            echo "$input"
+          }
+
+          cflags="$(sanitize_flags "${CFLAGS-}")"
+          cxxflags="$(sanitize_flags "${CXXFLAGS-}")"
+          echo "CFLAGS=${cflags}" >> "$GITHUB_ENV"
+          echo "CXXFLAGS=${cxxflags}" >> "$GITHUB_ENV"
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl' }}
+        name: Configure musl rusty_v8 artifact overrides and verify checksums
+        uses: ./.github/actions/setup-rusty-v8-musl
        with:
          target: ${{ matrix.target }}

      - name: Install cargo-chef
        if: ${{ matrix.profile == 'release' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
          tool: cargo-chef
          version: 0.1.71
@@ -404,7 +449,7 @@ jobs:

      - name: Upload Cargo timings (clippy)
        if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: cargo-timings-rust-ci-clippy-${{ matrix.target }}-${{ matrix.profile }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -415,7 +460,7 @@ jobs:
      - name: Save cargo home cache
        if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/
@@ -431,7 +476,7 @@ jobs:
      - name: Save sccache cache (fallback)
        if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ github.workspace }}/.sccache/
          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -456,79 +501,237 @@ jobs:
      - name: Save APT cache (musl)
        if: always() && !cancelled() && (matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl') && steps.cache_apt_restore.outputs.cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            /var/cache/apt
          key: apt-${{ matrix.runner }}-${{ matrix.target }}-v1

-  tests_macos_aarch64:
-    name: Tests — macos-15-xlarge - aarch64-apple-darwin
-    uses: ./.github/workflows/rust-ci-full-nextest-platform.yml
-    with:
-      runner: macos-15-xlarge
-      target: aarch64-apple-darwin
-      profile: ci-test
-      artifact_id: macos-aarch64
-      use_sccache: true
-    secrets: inherit
+  tests:
+    name: Tests — ${{ matrix.runner }} - ${{ matrix.target }}${{ matrix.remote_env == 'true' && ' (remote)' || '' }}
+    runs-on: ${{ matrix.runs_on || matrix.runner }}
+    # Perhaps we can bring this back down to 30m once we finish the cutover
+    # from tui_app_server/ to tui/. Incidentally, windows-arm64 was the main
+    # offender for exceeding the timeout.
+    timeout-minutes: 45
+    defaults:
+      run:
+        working-directory: codex-rs
+    env:
+      # Speed up repeated builds across CI runs by caching compiled objects, except on
+      # arm64 macOS runners cross-targeting x86_64 where ring/cc-rs can produce
+      # mixed-architecture archives under sccache.
+      USE_SCCACHE: ${{ (startsWith(matrix.runner, 'windows') || (matrix.runner == 'macos-15-xlarge' && matrix.target == 'x86_64-apple-darwin')) && 'false' || 'true' }}
+      CARGO_INCREMENTAL: "0"
+      SCCACHE_CACHE_SIZE: 10G

-  tests_linux_x64_remote:
-    name: Tests — ubuntu-24.04 - x86_64-unknown-linux-gnu (remote)
-    uses: ./.github/workflows/rust-ci-full-nextest-platform.yml
-    with:
-      runner: ubuntu-24.04
-      runner_group: codex-runners
-      runner_labels: codex-linux-x64
-      target: x86_64-unknown-linux-gnu
-      profile: ci-test
-      artifact_id: linux-x64-remote
-      remote_env: true
-      use_sccache: true
-    secrets: inherit
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - runner: macos-15-xlarge
+            target: aarch64-apple-darwin
+            profile: dev
+          - runner: ubuntu-24.04
+            target: x86_64-unknown-linux-gnu
+            profile: dev
+            remote_env: "true"
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-x64
+          - runner: ubuntu-24.04-arm
+            target: aarch64-unknown-linux-gnu
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-arm64
+          - runner: windows-x64
+            target: x86_64-pc-windows-msvc
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-windows-x64
+          - runner: windows-arm64
+            target: aarch64-pc-windows-msvc
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-windows-arm64

-  tests_linux_arm64:
-    name: Tests — ubuntu-24.04-arm - aarch64-unknown-linux-gnu
-    uses: ./.github/workflows/rust-ci-full-nextest-platform.yml
-    with:
-      runner: ubuntu-24.04-arm
-      runner_group: codex-runners
-      runner_labels: codex-linux-arm64
-      target: aarch64-unknown-linux-gnu
-      profile: ci-test
-      artifact_id: linux-arm64
-      use_sccache: true
-    secrets: inherit
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - name: Install Linux build dependencies
+        if: ${{ runner.os == 'Linux' }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          if command -v apt-get >/dev/null 2>&1; then
+            sudo apt-get update -y
+            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev
+          fi

-  tests_windows_x64:
-    name: Tests — windows-x64 - x86_64-pc-windows-msvc
-    uses: ./.github/workflows/rust-ci-full-nextest-platform.yml
-    with:
-      runner: windows-x64
-      runner_group: codex-runners
-      runner_labels: codex-windows-x64
-      target: x86_64-pc-windows-msvc
-      profile: ci-test
-      artifact_id: windows-x64
-      test_threads: 8
-    secrets: inherit
+      # Some integration tests rely on DotSlash being installed.
+      # See https://github.com/openai/codex/pull/7617.
+      - name: Install DotSlash
+        uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2

-  tests_windows_arm64:
-    name: Tests — windows-arm64 - aarch64-pc-windows-msvc
-    uses: ./.github/workflows/rust-ci-full-nextest-platform.yml
-    with:
-      runner: windows-arm64
-      runner_group: codex-runners
-      runner_labels: codex-windows-arm64
-      archive_runner: windows-x64
-      archive_runner_group: codex-runners
-      archive_runner_labels: codex-windows-x64
-      target: aarch64-pc-windows-msvc
-      profile: ci-test
-      artifact_id: windows-arm64
-      test_threads: 8
-      use_sccache: true
-    secrets: inherit
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
+        with:
+          targets: ${{ matrix.target }}
+
+      - name: Compute lockfile hash
+        id: lockhash
+        working-directory: codex-rs
+        shell: bash
+        run: |
+          set -euo pipefail
+          echo "hash=$(sha256sum Cargo.lock | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
+          echo "toolchain_hash=$(sha256sum rust-toolchain.toml | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
+
+      - name: Restore cargo home cache
+        id: cache_cargo_home_restore
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cargo/bin/
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cargo/git/db/
+          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
+          restore-keys: |
+            cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
+
+      - name: Install sccache
+        if: ${{ env.USE_SCCACHE == 'true' }}
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        with:
+          tool: sccache
+          version: 0.7.5
+
+      - name: Configure sccache backend
+        if: ${{ env.USE_SCCACHE == 'true' }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          if [[ -n "${ACTIONS_CACHE_URL:-}" && -n "${ACTIONS_RUNTIME_TOKEN:-}" ]]; then
+            echo "SCCACHE_GHA_ENABLED=true" >> "$GITHUB_ENV"
+            echo "Using sccache GitHub backend"
+          else
+            echo "SCCACHE_GHA_ENABLED=false" >> "$GITHUB_ENV"
+            echo "SCCACHE_DIR=${{ github.workspace }}/.sccache" >> "$GITHUB_ENV"
+            echo "Using sccache local disk + actions/cache fallback"
+          fi
+
+      - name: Enable sccache wrapper
+        if: ${{ env.USE_SCCACHE == 'true' }}
+        shell: bash
+        run: echo "RUSTC_WRAPPER=sccache" >> "$GITHUB_ENV"
+
+      - name: Restore sccache cache (fallback)
+        if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
+        id: cache_sccache_restore
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: ${{ github.workspace }}/.sccache/
+          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
+          restore-keys: |
+            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-
+            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
+
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        with:
+          tool: nextest
+          version: 0.9.103
+
+      - name: Enable unprivileged user namespaces (Linux)
+        if: runner.os == 'Linux'
+        run: |
+          # Required for bubblewrap to work on Linux CI runners.
+          sudo sysctl -w kernel.unprivileged_userns_clone=1
+          # Ubuntu 24.04+ can additionally gate unprivileged user namespaces
+          # behind AppArmor.
+          if sudo sysctl -a 2>/dev/null | grep -q '^kernel.apparmor_restrict_unprivileged_userns'; then
+            sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
+          fi
+
+      - name: Set up remote test env (Docker)
+        if: ${{ runner.os == 'Linux' && matrix.remote_env == 'true' }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          export CODEX_TEST_REMOTE_ENV_CONTAINER_NAME=codex-remote-test-env
+          source "${GITHUB_WORKSPACE}/scripts/test-remote-env.sh"
+          echo "CODEX_TEST_REMOTE_ENV=${CODEX_TEST_REMOTE_ENV}" >> "$GITHUB_ENV"
+          echo "CODEX_TEST_REMOTE_EXEC_SERVER_URL=${CODEX_TEST_REMOTE_EXEC_SERVER_URL}" >> "$GITHUB_ENV"
+
+      - name: tests
+        id: test
+        run: cargo nextest run --no-fail-fast --target ${{ matrix.target }} --cargo-profile ci-test --timings
+        env:
+          RUST_BACKTRACE: 1
+          RUST_MIN_STACK: "8388608" # 8 MiB
+          NEXTEST_STATUS_LEVEL: leak
+
+      - name: Upload Cargo timings (nextest)
+        if: always()
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        with:
+          name: cargo-timings-rust-ci-nextest-${{ matrix.target }}-${{ matrix.profile }}
+          path: codex-rs/target/**/cargo-timings/cargo-timing.html
+          if-no-files-found: warn
+
+      - name: Save cargo home cache
+        if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cargo/bin/
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cargo/git/db/
+          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
+
+      - name: Save sccache cache (fallback)
+        if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: ${{ github.workspace }}/.sccache/
+          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
+
+      - name: sccache stats
+        if: always() && env.USE_SCCACHE == 'true'
+        continue-on-error: true
+        run: sccache --show-stats || true
+
+      - name: sccache summary
+        if: always() && env.USE_SCCACHE == 'true'
+        shell: bash
+        run: |
+          {
+            echo "### sccache stats — ${{ matrix.target }} (tests)";
+            echo;
+            echo '```';
+            sccache --show-stats || true;
+            echo '```';
+          } >> "$GITHUB_STEP_SUMMARY"
+
+      - name: Tear down remote test env
+        if: ${{ always() && runner.os == 'Linux' && matrix.remote_env == 'true' }}
+        shell: bash
+        run: |
+          set +e
+          if [[ "${{ steps.test.outcome }}" != "success" ]]; then
+            docker logs codex-remote-test-env || true
+          fi
+          docker rm -f codex-remote-test-env >/dev/null 2>&1 || true
+
+      - name: verify tests passed
+        if: steps.test.outcome == 'failure'
+        run: |
+          echo "Tests failed. See logs for details."
+          exit 1

  # --- Gatherer job for the full post-merge workflow --------------------------
  results:
@@ -540,11 +743,7 @@ jobs:
        argument_comment_lint_package,
        argument_comment_lint_prebuilt,
        lint_build,
-        tests_macos_aarch64,
-        tests_linux_x64_remote,
-        tests_linux_arm64,
-        tests_windows_x64,
-        tests_windows_arm64,
+        tests,
      ]
    if: always()
    runs-on: ubuntu-24.04
@@ -557,21 +756,13 @@ jobs:
          echo "general: ${{ needs.general.result }}"
          echo "shear  : ${{ needs.cargo_shear.result }}"
          echo "lint   : ${{ needs.lint_build.result }}"
-          echo "test macos : ${{ needs.tests_macos_aarch64.result }}"
-          echo "test linux : ${{ needs.tests_linux_x64_remote.result }}"
-          echo "test arm64 : ${{ needs.tests_linux_arm64.result }}"
-          echo "test winx64: ${{ needs.tests_windows_x64.result }}"
-          echo "test winarm: ${{ needs.tests_windows_arm64.result }}"
+          echo "tests  : ${{ needs.tests.result }}"
          [[ '${{ needs.argument_comment_lint_package.result }}' == 'success' ]] || { echo 'argument_comment_lint_package failed'; exit 1; }
          [[ '${{ needs.argument_comment_lint_prebuilt.result }}' == 'success' ]] || { echo 'argument_comment_lint_prebuilt failed'; exit 1; }
          [[ '${{ needs.general.result }}' == 'success' ]] || { echo 'general failed'; exit 1; }
          [[ '${{ needs.cargo_shear.result }}' == 'success' ]] || { echo 'cargo_shear failed'; exit 1; }
          [[ '${{ needs.lint_build.result }}' == 'success' ]] || { echo 'lint_build failed'; exit 1; }
-          [[ '${{ needs.tests_macos_aarch64.result }}' == 'success' ]] || { echo 'tests_macos_aarch64 failed'; exit 1; }
-          [[ '${{ needs.tests_linux_x64_remote.result }}' == 'success' ]] || { echo 'tests_linux_x64_remote failed'; exit 1; }
-          [[ '${{ needs.tests_linux_arm64.result }}' == 'success' ]] || { echo 'tests_linux_arm64 failed'; exit 1; }
-          [[ '${{ needs.tests_windows_x64.result }}' == 'success' ]] || { echo 'tests_windows_x64 failed'; exit 1; }
-          [[ '${{ needs.tests_windows_arm64.result }}' == 'success' ]] || { echo 'tests_windows_arm64 failed'; exit 1; }
+          [[ '${{ needs.tests.result }}' == 'success' ]] || { echo 'tests failed'; exit 1; }

      - name: sccache summary note
        if: always()
--- a/.github/workflows/rust-ci.yml
+++ b/.github/workflows/rust-ci.yml
@@ -3,11 +3,6 @@ on:
  pull_request: {}
  workflow_dispatch:

-# Cargo's libgit2 transport has been flaky when fetching git dependencies with
-# nested submodules. Prefer the system git CLI across every Cargo invocation.
-env:
-  CARGO_NET_GIT_FETCH_WITH_CLI: "true"
-
 jobs:
  # --- Detect what changed so the fast PR workflow only runs relevant jobs ----
  changed:
@@ -19,11 +14,9 @@ jobs:
      codex: ${{ steps.detect.outputs.codex }}
      workflows: ${{ steps.detect.outputs.workflows }}
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
          fetch-depth: 0
-          persist-credentials: false
      - name: Detect changed paths (no external action)
        id: detect
        shell: bash
@@ -68,20 +61,12 @@ jobs:
      run:
        working-directory: codex-rs
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
          components: rustfmt
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
-        with:
-          tool: just
      - name: cargo fmt
        run: cargo fmt -- --config imports_granularity=Item --check
-      - name: Rust benchmark smoke test
-        run: just bench-smoke

  cargo_shear:
    name: cargo shear
@@ -92,16 +77,14 @@ jobs:
      run:
        working-directory: codex-rs
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
-        with:
-          tool: cargo-shear@1.11.2
+          tool: cargo-shear
+          version: 1.5.1
      - name: cargo shear
-        run: cargo shear --deny-warnings
+        run: cargo shear

  argument_comment_lint_package:
    name: Argument comment lint package
@@ -112,11 +95,8 @@ jobs:
      CARGO_DYLINT_VERSION: 5.0.0
      DYLINT_LINK_VERSION: 5.0.0
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
      - name: Install nightly argument-comment-lint toolchain
        shell: bash
        run: |
@@ -129,7 +109,7 @@ jobs:
          rustup default nightly-2025-09-18
      - name: Cache cargo-dylint tooling
        id: cargo_dylint_cache
-        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/cargo-dylint
@@ -190,11 +170,8 @@ jobs:

          echo "No argument-comment-lint relevant changes."
          echo "run=false" >> "$GITHUB_OUTPUT"
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        if: ${{ steps.argument_comment_lint_gate.outputs.run == 'true' }}
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
      - name: Run argument comment lint on codex-rs via Bazel
        if: ${{ steps.argument_comment_lint_gate.outputs.run == 'true' }}
        uses: ./.github/actions/run-argument-comment-lint
@@ -226,25 +203,20 @@ jobs:

          # If nothing relevant changed (PR touching only root README, etc.),
          # declare success regardless of other jobs.
-          if [[ "${NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT}" != 'true' && "${NEEDS_CHANGED_OUTPUTS_CODEX}" != 'true' && "${NEEDS_CHANGED_OUTPUTS_WORKFLOWS}" != 'true' ]]; then
+          if [[ '${{ needs.changed.outputs.argument_comment_lint }}' != 'true' && '${{ needs.changed.outputs.codex }}' != 'true' && '${{ needs.changed.outputs.workflows }}' != 'true' ]]; then
            echo 'No relevant changes -> CI not required.'
            exit 0
          fi

-          if [[ "${NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT_PACKAGE}" == 'true' ]]; then
+          if [[ '${{ needs.changed.outputs.argument_comment_lint_package }}' == 'true' ]]; then
            [[ '${{ needs.argument_comment_lint_package.result }}' == 'success' ]] || { echo 'argument_comment_lint_package failed'; exit 1; }
          fi

-          if [[ "${NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT}" == 'true' || "${NEEDS_CHANGED_OUTPUTS_WORKFLOWS}" == 'true' ]]; then
+          if [[ '${{ needs.changed.outputs.argument_comment_lint }}' == 'true' || '${{ needs.changed.outputs.workflows }}' == 'true' ]]; then
            [[ '${{ needs.argument_comment_lint_prebuilt.result }}' == 'success' ]] || { echo 'argument_comment_lint_prebuilt failed'; exit 1; }
          fi

-          if [[ "${NEEDS_CHANGED_OUTPUTS_CODEX}" == 'true' || "${NEEDS_CHANGED_OUTPUTS_WORKFLOWS}" == 'true' ]]; then
+          if [[ '${{ needs.changed.outputs.codex }}' == 'true' || '${{ needs.changed.outputs.workflows }}' == 'true' ]]; then
            [[ '${{ needs.general.result }}' == 'success' ]] || { echo 'general failed'; exit 1; }
            [[ '${{ needs.cargo_shear.result }}' == 'success' ]] || { echo 'cargo_shear failed'; exit 1; }
          fi
-        env:
-          NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT: ${{ needs.changed.outputs.argument_comment_lint }}
-          NEEDS_CHANGED_OUTPUTS_CODEX: ${{ needs.changed.outputs.codex }}
-          NEEDS_CHANGED_OUTPUTS_WORKFLOWS: ${{ needs.changed.outputs.workflows }}
-          NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT_PACKAGE: ${{ needs.changed.outputs.argument_comment_lint_package }}
--- a/.github/workflows/rust-release-argument-comment-lint.yml
+++ b/.github/workflows/rust-release-argument-comment-lint.yml
@@ -7,11 +7,6 @@ on:
        required: true
        type: boolean

-# Cargo's libgit2 transport has been flaky when fetching git dependencies with
-# nested submodules. Prefer the system git CLI across every Cargo invocation.
-env:
-  CARGO_NET_GIT_FETCH_WITH_CLI: "true"
-
 jobs:
  skip:
    if: ${{ !inputs.publish }}
@@ -61,11 +56,9 @@ jobs:
              labels: codex-windows-x64

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
          toolchain: nightly-2025-09-18
          targets: ${{ matrix.target }}
@@ -107,7 +100,7 @@ jobs:
            (cd "${RUNNER_TEMP}" && tar -czf "$GITHUB_WORKSPACE/$archive_path" argument-comment-lint)
          fi

-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: argument-comment-lint-${{ matrix.target }}
          path: dist/argument-comment-lint/${{ matrix.target }}/*
--- a/.github/workflows/rust-release-prepare.yml
+++ b/.github/workflows/rust-release-prepare.yml
@@ -16,16 +16,12 @@ jobs:
  prepare:
    # Prevent scheduled runs on forks (no secrets, wastes Actions minutes)
    if: github.repository == 'openai/codex'
-    environment:
-      name: rust-release-prepare
-      deployment: false
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        with:
          ref: main
          fetch-depth: 0
-          persist-credentials: false

      - name: Update models.json
        env:
@@ -47,7 +43,7 @@ jobs:
          curl --http1.1 --fail --show-error --location "${headers[@]}" "${url}" | jq '.' > codex-rs/models-manager/models.json

      - name: Open pull request (if changed)
-        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
+        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8
        with:
          commit-message: "Update models.json"
          title: "Update models.json"
--- a/.github/workflows/rust-release-windows.yml
+++ b/.github/workflows/rust-release-windows.yml
@@ -20,11 +20,6 @@ on:
      AZURE_TRUSTED_SIGNING_CERTIFICATE_PROFILE_NAME:
        required: true

-# Cargo's libgit2 transport has been flaky when fetching git dependencies with
-# nested submodules. Prefer the system git CLI across every Cargo invocation.
-env:
-  CARGO_NET_GIT_FETCH_WITH_CLI: "true"
-
 jobs:
  build-windows-binaries:
    name: Build Windows binaries - ${{ matrix.runner }} - ${{ matrix.target }} - ${{ matrix.bundle }}
@@ -88,9 +83,7 @@ jobs:
              labels: codex-windows-arm64

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - name: Print runner specs (Windows)
        shell: powershell
        run: |
@@ -105,25 +98,21 @@ jobs:
          Write-Host "Total RAM: $ramGiB GiB"
          Write-Host "Disk usage:"
          Get-PSDrive -PSProvider FileSystem | Format-Table -AutoSize Name, @{Name='Size(GB)';Expression={[math]::Round(($_.Used + $_.Free) / 1GB, 1)}}, @{Name='Free(GB)';Expression={[math]::Round($_.Free / 1GB, 1)}}
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
          targets: ${{ matrix.target }}

      - name: Cargo build (Windows binaries)
        shell: bash
        run: |
-          target="${{ matrix.target }}"
-          if [[ "$target" == "x86_64-pc-windows-msvc" ]]; then
-            export LIBSQLITE3_FLAGS=SQLITE_DISABLE_INTRINSIC
-          fi
          build_args=()
          for binary in ${{ matrix.binaries }}; do
            build_args+=(--bin "$binary")
          done
-          cargo build --target "$target" --release --timings "${build_args[@]}"
+          cargo build --target ${{ matrix.target }} --release --timings "${build_args[@]}"

      - name: Upload Cargo timings
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: cargo-timings-rust-release-windows-${{ matrix.target }}-${{ matrix.bundle }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -139,7 +128,7 @@ jobs:
          done

      - name: Upload Windows binaries
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: windows-binaries-${{ matrix.target }}-${{ matrix.bundle }}
          path: |
@@ -176,24 +165,22 @@ jobs:
              labels: codex-windows-arm64

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Download prebuilt Windows primary binaries
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
        with:
          name: windows-binaries-${{ matrix.target }}-primary
          path: codex-rs/target/${{ matrix.target }}/release

      - name: Download prebuilt Windows helper binaries
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
        with:
          name: windows-binaries-${{ matrix.target }}-helpers
          path: codex-rs/target/${{ matrix.target }}/release

      - name: Download prebuilt Windows app-server binary
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
        with:
          name: windows-binaries-${{ matrix.target }}-app-server
          path: codex-rs/target/${{ matrix.target }}/release
@@ -232,56 +219,6 @@ jobs:
      - name: Install DotSlash
        uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2

-      - name: Build Codex package archives
-        shell: bash
-        run: |
-          set -euo pipefail
-          for bundle in primary app-server; do
-            bash "${GITHUB_WORKSPACE}/.github/scripts/build-codex-package-archive.sh" \
-              --target "${{ matrix.target }}" \
-              --bundle "$bundle" \
-              --entrypoint-dir "target/${{ matrix.target }}/release" \
-              --archive-dir "dist/${{ matrix.target }}"
-          done
-
-      - name: Build Python runtime wheel
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          case "${{ matrix.target }}" in
-            aarch64-pc-windows-msvc)
-              platform_tag="win_arm64"
-              ;;
-            x86_64-pc-windows-msvc)
-              platform_tag="win_amd64"
-              ;;
-            *)
-              echo "No Python runtime wheel platform tag for ${{ matrix.target }}"
-              exit 1
-              ;;
-          esac
-
-          python -m venv "${RUNNER_TEMP}/python-runtime-build-venv"
-          "${RUNNER_TEMP}/python-runtime-build-venv/Scripts/python.exe" -m pip install build
-
-          stage_dir="${RUNNER_TEMP}/openai-codex-cli-bin-${{ matrix.target }}"
-          wheel_dir="${GITHUB_WORKSPACE}/python-runtime-dist/${{ matrix.target }}"
-          python "${GITHUB_WORKSPACE}/sdk/python/scripts/update_sdk_artifacts.py" \
-            stage-runtime \
-            "$stage_dir" \
-            "dist/${{ matrix.target }}/codex-package-${{ matrix.target }}.tar.gz" \
-            --codex-version "${GITHUB_REF_NAME}" \
-            --platform-tag "$platform_tag"
-          "${RUNNER_TEMP}/python-runtime-build-venv/Scripts/python.exe" -m build --wheel --outdir "$wheel_dir" "$stage_dir"
-
-      - name: Upload Python runtime wheel
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: python-runtime-wheel-${{ matrix.target }}
-          path: python-runtime-dist/${{ matrix.target }}/*.whl
-          if-no-files-found: error
-
      - name: Compress artifacts
        shell: bash
        run: |
@@ -300,7 +237,7 @@ jobs:
            base="$(basename "$f")"
            # Skip files that are already archives (shouldn't happen, but be
            # safe).
-            if [[ "$base" == *.tar.gz || "$base" == *.tar.zst || "$base" == *.zip || "$base" == *.dmg ]]; then
+            if [[ "$base" == *.tar.gz || "$base" == *.zip || "$base" == *.dmg ]]; then
              continue
            fi

@@ -344,7 +281,7 @@ jobs:
            "${GITHUB_WORKSPACE}/.github/workflows/zstd" -T0 -19 "$dest/$base"
          done

-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: ${{ matrix.target }}
          path: |
--- a/.github/workflows/rust-release-zsh.yml
+++ b/.github/workflows/rust-release-zsh.yml
@@ -45,9 +45,7 @@ jobs:
            git \
            libncursesw5-dev

-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Build, smoke-test, and stage zsh artifact
        shell: bash
@@ -55,7 +53,7 @@ jobs:
          "${GITHUB_WORKSPACE}/.github/scripts/build-zsh-release-artifact.sh" \
            "dist/zsh/${{ matrix.target }}/${{ matrix.archive_name }}"

-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: codex-zsh-${{ matrix.target }}
          path: dist/zsh/${{ matrix.target }}/*
@@ -69,10 +67,6 @@ jobs:
      fail-fast: false
      matrix:
        include:
-          - runner: macos-15-large
-            target: x86_64-apple-darwin
-            variant: macos-15
-            archive_name: codex-zsh-x86_64-apple-darwin.tar.gz
          - runner: macos-15-xlarge
            target: aarch64-apple-darwin
            variant: macos-15
@@ -87,9 +81,7 @@ jobs:
            brew install autoconf
          fi

-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Build, smoke-test, and stage zsh artifact
        shell: bash
@@ -97,7 +89,7 @@ jobs:
          "${GITHUB_WORKSPACE}/.github/scripts/build-zsh-release-artifact.sh" \
            "dist/zsh/${{ matrix.target }}/${{ matrix.archive_name }}"

-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: codex-zsh-${{ matrix.target }}
          path: dist/zsh/${{ matrix.target }}/*
--- a/.github/workflows/rust-release.yml
+++ b/.github/workflows/rust-release.yml
--- a/.github/workflows/rusty-v8-release.yml
+++ b/.github/workflows/rusty-v8-release.yml
@@ -1,17 +1,20 @@
 name: rusty-v8-release

 on:
-  push:
-    tags:
-      - "rusty-v8-v*.*.*"
-
-# Cargo's libgit2 transport has been flaky when fetching git dependencies with
-# nested submodules. Prefer the system git CLI for Cargo smoke tests.
-env:
-  CARGO_NET_GIT_FETCH_WITH_CLI: "true"
+  workflow_dispatch:
+    inputs:
+      release_tag:
+        description: Optional release tag. Defaults to rusty-v8-v<resolved_v8_version>.
+        required: false
+        type: string
+      publish:
+        description: Publish the staged musl artifacts to a GitHub release.
+        required: false
+        default: true
+        type: boolean

 concurrency:
-  group: ${{ github.workflow }}::${{ github.ref_name }}
+  group: ${{ github.workflow }}::${{ inputs.release_tag || github.run_id }}
  cancel-in-progress: false

 jobs:
@@ -22,12 +25,10 @@ jobs:
      v8_version: ${{ steps.v8_version.outputs.version }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.12"

@@ -42,23 +43,21 @@ jobs:
      - name: Resolve release tag
        id: release_tag
        env:
-          GITHUB_REF_NAME: ${{ github.ref_name }}
+          RELEASE_TAG_INPUT: ${{ inputs.release_tag }}
          V8_VERSION: ${{ steps.v8_version.outputs.version }}
        shell: bash
        run: |
          set -euo pipefail

-          expected_release_tag="rusty-v8-v${V8_VERSION}"
-          release_tag="${GITHUB_REF_NAME}"
-          if [[ "${release_tag}" != "${expected_release_tag}" ]]; then
-            echo "Tag ${release_tag} does not match expected release tag ${expected_release_tag}." >&2
-            exit 1
+          release_tag="${RELEASE_TAG_INPUT}"
+          if [[ -z "${release_tag}" ]]; then
+            release_tag="rusty-v8-v${V8_VERSION}"
          fi

          echo "release_tag=${release_tag}" >> "$GITHUB_OUTPUT"

  build:
-    name: Build ${{ matrix.variant }} ${{ matrix.target }}
+    name: Build ${{ matrix.target }}
    needs: metadata
    runs-on: ${{ matrix.runner }}
    permissions:
@@ -69,82 +68,14 @@ jobs:
      matrix:
        include:
          - runner: ubuntu-24.04
-            bazel_config: ci-v8
-            platform: linux_amd64
-            sandbox: false
-            target: x86_64-unknown-linux-gnu
-            variant: release
-          - runner: ubuntu-24.04
-            bazel_config: ci-v8
-            platform: linux_amd64
-            sandbox: true
-            target: x86_64-unknown-linux-gnu
-            variant: ptrcomp-sandbox
-          - runner: ubuntu-24.04-arm
-            bazel_config: ci-v8
-            platform: linux_arm64
-            sandbox: false
-            target: aarch64-unknown-linux-gnu
-            variant: release
-          - runner: ubuntu-24.04-arm
-            bazel_config: ci-v8
-            platform: linux_arm64
-            sandbox: true
-            target: aarch64-unknown-linux-gnu
-            variant: ptrcomp-sandbox
-          - runner: macos-15-xlarge
-            bazel_config: ci-macos
-            platform: macos_amd64
-            sandbox: false
-            target: x86_64-apple-darwin
-            variant: release
-          - runner: macos-15-xlarge
-            bazel_config: ci-macos
-            platform: macos_amd64
-            sandbox: true
-            target: x86_64-apple-darwin
-            variant: ptrcomp-sandbox
-          - runner: macos-15-xlarge
-            bazel_config: ci-macos
-            platform: macos_arm64
-            sandbox: false
-            target: aarch64-apple-darwin
-            variant: release
-          - runner: macos-15-xlarge
-            bazel_config: ci-macos
-            platform: macos_arm64
-            sandbox: true
-            target: aarch64-apple-darwin
-            variant: ptrcomp-sandbox
-          - runner: ubuntu-24.04
-            bazel_config: ci-v8
            platform: linux_amd64_musl
-            sandbox: false
            target: x86_64-unknown-linux-musl
-            variant: release
          - runner: ubuntu-24.04-arm
-            bazel_config: ci-v8
            platform: linux_arm64_musl
-            sandbox: false
            target: aarch64-unknown-linux-musl
-            variant: release
-          - runner: ubuntu-24.04
-            bazel_config: ci-v8
-            platform: linux_amd64_musl
-            sandbox: true
-            target: x86_64-unknown-linux-musl
-            variant: ptrcomp-sandbox
-          - runner: ubuntu-24.04-arm
-            bazel_config: ci-v8
-            platform: linux_arm64_musl
-            sandbox: true
-            target: aarch64-unknown-linux-musl
-            variant: ptrcomp-sandbox

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Set up Bazel
        uses: ./.github/actions/setup-bazel-ci
@@ -152,121 +83,67 @@ jobs:
          target: ${{ matrix.target }}

      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.12"

-      - name: Set up Rust toolchain for Cargo smoke
-        uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
-        with:
-          toolchain: "1.95.0"
-
      - name: Build Bazel V8 release pair
        env:
          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
          PLATFORM: ${{ matrix.platform }}
-          SANDBOX: ${{ matrix.sandbox }}
          TARGET: ${{ matrix.target }}
        shell: bash
        run: |
          set -euo pipefail

          target_suffix="${TARGET//-/_}"
-          pair_kind="release_pair"
-          if [[ "${SANDBOX}" == "true" ]]; then
-            pair_kind="sandbox_release_pair"
+          pair_target="//third_party/v8:rusty_v8_release_pair_${target_suffix}"
+          extra_targets=()
+          if [[ "${TARGET}" == *-unknown-linux-musl ]]; then
+            extra_targets=(
+              "@llvm//runtimes/libcxx:libcxx.static"
+              "@llvm//runtimes/libcxx:libcxxabi.static"
+            )
          fi
-          pair_target="//third_party/v8:rusty_v8_${pair_kind}_${target_suffix}"

          bazel_args=(
            build
            -c
            opt
            "--platforms=@llvm//platforms:${PLATFORM}"
-            --config=rusty-v8-upstream-libcxx
            "${pair_target}"
+            "${extra_targets[@]}"
            --build_metadata=COMMIT_SHA=$(git rev-parse HEAD)
          )
-          if [[ "${SANDBOX}" != "true" ]]; then
-            bazel_args+=(--config=v8-release-compat)
-          fi

-          ./.github/scripts/run_bazel_with_buildbuddy.py \
+          bazel \
            --noexperimental_remote_repo_contents_cache \
            "${bazel_args[@]}" \
-            "--config=${{ matrix.bazel_config }}"
+            --config=ci-v8 \
+            "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"

      - name: Stage release pair
        env:
-          BAZEL_CONFIG: ${{ matrix.bazel_config }}
-          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
          PLATFORM: ${{ matrix.platform }}
-          SANDBOX: ${{ matrix.sandbox }}
          TARGET: ${{ matrix.target }}
        shell: bash
        run: |
          set -euo pipefail

-          stage_args=(
-            --platform "${PLATFORM}"
-            --target "${TARGET}"
-            --compilation-mode opt
+          python3 .github/scripts/rusty_v8_bazel.py stage-release-pair \
+            --platform "${PLATFORM}" \
+            --target "${TARGET}" \
+            --compilation-mode opt \
            --output-dir "dist/${TARGET}"
-            --bazel-config "${BAZEL_CONFIG}"
-          )
-          if [[ "${SANDBOX}" == "true" ]]; then
-            stage_args+=(--sandbox)
-          else
-            stage_args+=(--bazel-config v8-release-compat)
-          fi

-          python3 .github/scripts/rusty_v8_bazel.py stage-release-pair "${stage_args[@]}"
-
-      - name: Smoke test staged artifact with Cargo
-        env:
-          SANDBOX: ${{ matrix.sandbox }}
-          TARGET: ${{ matrix.target }}
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          host_arch="$(uname -m)"
-          case "${TARGET}:${host_arch}" in
-            x86_64-apple-darwin:x86_64|aarch64-apple-darwin:arm64|x86_64-unknown-linux-gnu:x86_64|aarch64-unknown-linux-gnu:aarch64)
-              ;;
-            *)
-              echo "Skipping non-native Cargo smoke for ${TARGET} on ${host_arch}."
-              exit 0
-              ;;
-          esac
-
-          archive="$(find "dist/${TARGET}" -maxdepth 1 -type f -name 'librusty_v8_*.a.gz' -print -quit)"
-          binding="$(find "dist/${TARGET}" -maxdepth 1 -type f -name 'src_binding_*.rs' -print -quit)"
-          if [[ -z "${archive}" || -z "${binding}" ]]; then
-            echo "Missing staged archive or binding for ${TARGET}." >&2
-            exit 1
-          fi
-
-          cargo_args=(test -p codex-v8-poc)
-          if [[ "${SANDBOX}" == "true" ]]; then
-            cargo_args+=(--features sandbox)
-          fi
-
-          (
-            cd codex-rs
-            CARGO_TARGET_DIR="${RUNNER_TEMP}/rusty-v8-cargo-smoke-${TARGET}-${SANDBOX}" \
-            RUSTY_V8_ARCHIVE="${GITHUB_WORKSPACE}/${archive}" \
-            RUSTY_V8_SRC_BINDING_PATH="${GITHUB_WORKSPACE}/${binding}" \
-            cargo "${cargo_args[@]}"
-          )
-
-      - name: Upload staged artifacts
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - name: Upload staged musl artifacts
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
-          name: rusty-v8-${{ needs.metadata.outputs.v8_version }}-${{ matrix.variant }}-${{ matrix.target }}
+          name: rusty-v8-${{ needs.metadata.outputs.v8_version }}-${{ matrix.target }}
          path: dist/${{ matrix.target }}/*

  publish-release:
+    if: ${{ inputs.publish }}
    needs:
      - metadata
      - build
@@ -276,8 +153,17 @@ jobs:
      actions: read

    steps:
-      - name: Check whether release already exists
-        id: release
+      - name: Ensure publishing from default branch
+        if: ${{ github.ref_name != github.event.repository.default_branch }}
+        env:
+          DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          echo "Publishing is only allowed from ${DEFAULT_BRANCH}; current ref is ${GITHUB_REF_NAME}." >&2
+          exit 1
+
+      - name: Ensure release tag is new
        env:
          GH_TOKEN: ${{ github.token }}
          RELEASE_TAG: ${{ needs.metadata.outputs.release_tag }}
@@ -286,32 +172,19 @@ jobs:
          set -euo pipefail

          if gh release view "${RELEASE_TAG}" --repo "${GITHUB_REPOSITORY}" > /dev/null 2>&1; then
-            echo "exists=true" >> "${GITHUB_OUTPUT}"
-          else
-            echo "exists=false" >> "${GITHUB_OUTPUT}"
+            echo "Release tag ${RELEASE_TAG} already exists; musl artifact tags are immutable." >&2
+            exit 1
          fi

-      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
        with:
          path: dist

      - name: Create GitHub Release
-        if: ${{ steps.release.outputs.exists != 'true' }}
-        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2
        with:
          tag_name: ${{ needs.metadata.outputs.release_tag }}
          name: ${{ needs.metadata.outputs.release_tag }}
          files: dist/**
          # Keep V8 artifact releases out of Codex's normal "latest release" channel.
          prerelease: true
-
-      - name: Amend existing GitHub Release
-        if: ${{ steps.release.outputs.exists == 'true' }}
-        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
-        with:
-          tag_name: ${{ needs.metadata.outputs.release_tag }}
-          name: ${{ needs.metadata.outputs.release_tag }}
-          files: dist/**
-          overwrite_files: true
-          # Keep V8 artifact releases out of Codex's normal "latest release" channel.
-          prerelease: true
--- a/.github/workflows/sdk.yml
+++ b/.github/workflows/sdk.yml
@@ -6,41 +6,6 @@ on:
  pull_request: {}

 jobs:
-  python-sdk:
-    runs-on:
-      group: codex-runners
-      labels: codex-linux-x64
-    timeout-minutes: 10
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
-
-      - name: Test Python SDK
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          # Run inside a glibc Linux image so dependency resolution exercises
-          # the pinned manylinux runtime wheel that users install.
-          docker run --rm \
-            --user "$(id -u):$(id -g)" \
-            -e HOME=/tmp/codex-python-sdk-home \
-            -e UV_LINK_MODE=copy \
-            -v "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}" \
-            -w "${GITHUB_WORKSPACE}/sdk/python" \
-            python:3.12-slim \
-            sh -euxc '
-              python -m venv /tmp/uv
-              /tmp/uv/bin/python -m pip install uv==0.11.3
-              /tmp/uv/bin/uv sync --extra dev --frozen
-              /tmp/uv/bin/uv run --extra dev ruff check --output-format=github .
-              /tmp/uv/bin/uv run --extra dev ruff format --check .
-              /tmp/uv/bin/uv run --extra dev pytest
-            '
-
  sdks:
    runs-on:
      group: codex-runners
@@ -48,10 +13,7 @@ jobs:
    timeout-minutes: 10
    steps:
      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Install Linux bwrap build dependencies
        shell: bash
@@ -66,7 +28,7 @@ jobs:
          run_install: false

      - name: Setup Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
        with:
          node-version: 22
          cache: pnpm
@@ -153,7 +115,7 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.setup_bazel.outputs.cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cache/bazel-repo-cache
--- a/.github/workflows/v8-canary.yml
+++ b/.github/workflows/v8-canary.yml
@@ -3,47 +3,32 @@ name: v8-canary
 on:
  pull_request:
    paths:
-      - ".bazelrc"
      - ".github/actions/setup-bazel-ci/**"
-      - ".github/scripts/run_bazel_with_buildbuddy.py"
      - ".github/scripts/rusty_v8_bazel.py"
-      - ".github/scripts/rusty_v8_module_bazel.py"
      - ".github/workflows/rusty-v8-release.yml"
      - ".github/workflows/v8-canary.yml"
      - "MODULE.bazel"
      - "MODULE.bazel.lock"
      - "codex-rs/Cargo.toml"
      - "patches/BUILD.bazel"
-      - "patches/llvm_*.patch"
-      - "patches/rules_cc_*.patch"
      - "patches/v8_*.patch"
      - "third_party/v8/**"
  push:
    branches:
      - main
    paths:
-      - ".bazelrc"
      - ".github/actions/setup-bazel-ci/**"
-      - ".github/scripts/run_bazel_with_buildbuddy.py"
      - ".github/scripts/rusty_v8_bazel.py"
-      - ".github/scripts/rusty_v8_module_bazel.py"
      - ".github/workflows/rusty-v8-release.yml"
      - ".github/workflows/v8-canary.yml"
      - "MODULE.bazel"
      - "MODULE.bazel.lock"
      - "codex-rs/Cargo.toml"
      - "patches/BUILD.bazel"
-      - "patches/llvm_*.patch"
-      - "patches/rules_cc_*.patch"
      - "patches/v8_*.patch"
      - "third_party/v8/**"
  workflow_dispatch:

-# Cargo's libgit2 transport has been flaky when fetching git dependencies with
-# nested submodules. Prefer the system git CLI for Cargo builds and smoke tests.
-env:
-  CARGO_NET_GIT_FETCH_WITH_CLI: "true"
-
 concurrency:
  group: ${{ github.workflow }}::${{ github.event.pull_request.number > 0 && format('pr-{0}', github.event.pull_request.number) || github.ref_name }}
  cancel-in-progress: ${{ github.ref_name != 'main' }}
@@ -55,13 +40,10 @@ jobs:
      v8_version: ${{ steps.v8_version.outputs.version }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.12"

@@ -74,7 +56,7 @@ jobs:
          echo "version=${version}" >> "$GITHUB_OUTPUT"

  build:
-    name: Build ${{ matrix.variant }} ${{ matrix.target }}
+    name: Build ${{ matrix.target }}
    needs: metadata
    runs-on: ${{ matrix.runner }}
    permissions:
@@ -85,82 +67,14 @@ jobs:
      matrix:
        include:
          - runner: ubuntu-24.04
-            bazel_config: ci-v8
-            platform: linux_amd64
-            sandbox: false
-            target: x86_64-unknown-linux-gnu
-            variant: release
-          - runner: ubuntu-24.04
-            bazel_config: ci-v8
-            platform: linux_amd64
-            sandbox: true
-            target: x86_64-unknown-linux-gnu
-            variant: ptrcomp-sandbox
-          - runner: ubuntu-24.04-arm
-            bazel_config: ci-v8
-            platform: linux_arm64
-            sandbox: false
-            target: aarch64-unknown-linux-gnu
-            variant: release
-          - runner: ubuntu-24.04-arm
-            bazel_config: ci-v8
-            platform: linux_arm64
-            sandbox: true
-            target: aarch64-unknown-linux-gnu
-            variant: ptrcomp-sandbox
-          - runner: macos-15-xlarge
-            bazel_config: ci-macos
-            platform: macos_amd64
-            sandbox: false
-            target: x86_64-apple-darwin
-            variant: release
-          - runner: macos-15-xlarge
-            bazel_config: ci-macos
-            platform: macos_amd64
-            sandbox: true
-            target: x86_64-apple-darwin
-            variant: ptrcomp-sandbox
-          - runner: macos-15-xlarge
-            bazel_config: ci-macos
-            platform: macos_arm64
-            sandbox: false
-            target: aarch64-apple-darwin
-            variant: release
-          - runner: macos-15-xlarge
-            bazel_config: ci-macos
-            platform: macos_arm64
-            sandbox: true
-            target: aarch64-apple-darwin
-            variant: ptrcomp-sandbox
-          - runner: ubuntu-24.04
-            bazel_config: ci-v8
            platform: linux_amd64_musl
-            sandbox: false
            target: x86_64-unknown-linux-musl
-            variant: release
-          - runner: ubuntu-24.04
-            bazel_config: ci-v8
-            platform: linux_amd64_musl
-            sandbox: true
-            target: x86_64-unknown-linux-musl
-            variant: ptrcomp-sandbox
          - runner: ubuntu-24.04-arm
-            bazel_config: ci-v8
            platform: linux_arm64_musl
-            sandbox: false
            target: aarch64-unknown-linux-musl
-            variant: release
-          - runner: ubuntu-24.04-arm
-            bazel_config: ci-v8
-            platform: linux_arm64_musl
-            sandbox: true
-            target: aarch64-unknown-linux-musl
-            variant: ptrcomp-sandbox
+
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Set up Bazel
        uses: ./.github/actions/setup-bazel-ci
@@ -168,250 +82,55 @@ jobs:
          target: ${{ matrix.target }}

      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.12"

-      - name: Set up Rust toolchain for Cargo smoke
-        uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
-        with:
-          toolchain: "1.95.0"
-
      - name: Build Bazel V8 release pair
        env:
          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
          PLATFORM: ${{ matrix.platform }}
-          SANDBOX: ${{ matrix.sandbox }}
          TARGET: ${{ matrix.target }}
        shell: bash
        run: |
          set -euo pipefail

          target_suffix="${TARGET//-/_}"
-          pair_kind="release_pair"
-          if [[ "${SANDBOX}" == "true" ]]; then
-            pair_kind="sandbox_release_pair"
-          fi
-          pair_target="//third_party/v8:rusty_v8_${pair_kind}_${target_suffix}"
+          pair_target="//third_party/v8:rusty_v8_release_pair_${target_suffix}"
+          extra_targets=(
+            "@llvm//runtimes/libcxx:libcxx.static"
+            "@llvm//runtimes/libcxx:libcxxabi.static"
+          )

          bazel_args=(
            build
            "--platforms=@llvm//platforms:${PLATFORM}"
-            --config=rusty-v8-upstream-libcxx
            "${pair_target}"
+            "${extra_targets[@]}"
            --build_metadata=COMMIT_SHA=$(git rev-parse HEAD)
          )
-          if [[ "${SANDBOX}" != "true" ]]; then
-            bazel_args+=(--config=v8-release-compat)
-          fi

-          ./.github/scripts/run_bazel_with_buildbuddy.py \
+          bazel \
            --noexperimental_remote_repo_contents_cache \
            "${bazel_args[@]}" \
-            "--config=${{ matrix.bazel_config }}"
+            --config=ci-v8 \
+            "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"

      - name: Stage release pair
        env:
-          BAZEL_CONFIG: ${{ matrix.bazel_config }}
-          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
          PLATFORM: ${{ matrix.platform }}
-          SANDBOX: ${{ matrix.sandbox }}
          TARGET: ${{ matrix.target }}
        shell: bash
        run: |
          set -euo pipefail

-          stage_args=(
-            --platform "${PLATFORM}"
-            --target "${TARGET}"
-            --output-dir "dist/${TARGET}"
-            --bazel-config "${BAZEL_CONFIG}"
-          )
-          if [[ "${SANDBOX}" == "true" ]]; then
-            stage_args+=(--sandbox)
-          else
-            stage_args+=(--bazel-config v8-release-compat)
-          fi
-
-          python3 .github/scripts/rusty_v8_bazel.py stage-release-pair "${stage_args[@]}"
-
-      - name: Smoke test staged artifact with Cargo
-        env:
-          SANDBOX: ${{ matrix.sandbox }}
-          TARGET: ${{ matrix.target }}
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          host_arch="$(uname -m)"
-          case "${TARGET}:${host_arch}" in
-            x86_64-apple-darwin:x86_64|aarch64-apple-darwin:arm64|x86_64-unknown-linux-gnu:x86_64|aarch64-unknown-linux-gnu:aarch64)
-              ;;
-            *)
-              echo "Skipping non-native Cargo smoke for ${TARGET} on ${host_arch}."
-              exit 0
-              ;;
-          esac
-
-          archive="$(find "dist/${TARGET}" -maxdepth 1 -type f -name 'librusty_v8_*.a.gz' -print -quit)"
-          binding="$(find "dist/${TARGET}" -maxdepth 1 -type f -name 'src_binding_*.rs' -print -quit)"
-          if [[ -z "${archive}" || -z "${binding}" ]]; then
-            echo "Missing staged archive or binding for ${TARGET}." >&2
-            exit 1
-          fi
-
-          cargo_args=(test -p codex-v8-poc)
-          if [[ "${SANDBOX}" == "true" ]]; then
-            cargo_args+=(--features sandbox)
-          fi
-
-          (
-            cd codex-rs
-            CARGO_TARGET_DIR="${RUNNER_TEMP}/rusty-v8-cargo-smoke-${TARGET}-${SANDBOX}" \
-            RUSTY_V8_ARCHIVE="${GITHUB_WORKSPACE}/${archive}" \
-            RUSTY_V8_SRC_BINDING_PATH="${GITHUB_WORKSPACE}/${binding}" \
-            cargo "${cargo_args[@]}"
-          )
-
-      - name: Upload staged artifacts
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
-        with:
-          name: v8-canary-${{ needs.metadata.outputs.v8_version }}-${{ matrix.variant }}-${{ matrix.target }}
-          path: dist/${{ matrix.target }}/*
-
-  build-windows-source:
-    name: Build ptrcomp-sandbox ${{ matrix.target }} from source
-    needs: metadata
-    runs-on: ${{ matrix.runner }}
-    permissions:
-      contents: read
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - runner: windows-2022
-            target: x86_64-pc-windows-msvc
-          - runner: windows-2022
-            target: aarch64-pc-windows-msvc
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Configure git for upstream checkout
-        shell: bash
-        run: git config --global core.symlinks true
-
-      - name: Check out upstream rusty_v8
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          repository: denoland/rusty_v8
-          ref: v${{ needs.metadata.outputs.v8_version }}
-          path: upstream-rusty-v8
-          submodules: recursive
-
-      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
-        with:
-          python-version: "3.11"
-          architecture: x64
-
-      - name: Set up Codex Rust toolchain for Cargo smoke
-        uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
-        with:
-          toolchain: "1.95.0"
-          targets: ${{ matrix.target }}
-
-      - name: Install rusty_v8 Rust toolchain
-        env:
-          TARGET: ${{ matrix.target }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          rustup toolchain install 1.91.0 --profile minimal --no-self-update
-          rustup target add --toolchain 1.91.0 "${TARGET}"
-
-      - name: Write upstream submodule status
-        shell: bash
-        working-directory: upstream-rusty-v8
-        run: git submodule status --recursive > git_submodule_status.txt
-
-      - name: Restore upstream source-build cache
-        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
-        with:
-          path: |
-            upstream-rusty-v8/target/sccache
-            upstream-rusty-v8/target/${{ matrix.target }}/release/gn_out
-          key: rusty-v8-source-${{ matrix.target }}-sandbox-${{ hashFiles('upstream-rusty-v8/Cargo.lock', 'upstream-rusty-v8/build.rs', 'upstream-rusty-v8/git_submodule_status.txt') }}
-          restore-keys: |
-            rusty-v8-source-${{ matrix.target }}-sandbox-
-
-      - name: Install and start sccache
-        shell: pwsh
-        env:
-          SCCACHE_CACHE_SIZE: 256M
-          SCCACHE_DIR: ${{ github.workspace }}/upstream-rusty-v8/target/sccache
-          SCCACHE_IDLE_TIMEOUT: 0
-        run: |
-          $version = "v0.8.2"
-          $platform = "x86_64-pc-windows-msvc"
-          $basename = "sccache-$version-$platform"
-          $url = "https://github.com/mozilla/sccache/releases/download/$version/$basename.tar.gz"
-          cd ~
-          curl -LO $url
-          tar -xzvf "$basename.tar.gz"
-          . $basename/sccache --start-server
-          echo "$(pwd)/$basename" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
-
-      - name: Install Chromium clang for ARM64 MSVC cross build
-        if: matrix.target == 'aarch64-pc-windows-msvc'
-        shell: bash
-        working-directory: upstream-rusty-v8
-        run: python3 tools/clang/scripts/update.py
-
-      - name: Build upstream rusty_v8 sandbox release pair
-        env:
-          SCCACHE_IDLE_TIMEOUT: 0
-          TARGET: ${{ matrix.target }}
-          V8_FROM_SOURCE: "1"
-        shell: bash
-        working-directory: upstream-rusty-v8
-        run: cargo +1.91.0 build --locked --release --target "${TARGET}" --features v8_enable_sandbox
-
-      - name: Stage upstream sandbox release pair
-        env:
-          TARGET: ${{ matrix.target }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          python3 .github/scripts/rusty_v8_bazel.py stage-upstream-release-pair \
-            --source-root upstream-rusty-v8 \
+          python3 .github/scripts/rusty_v8_bazel.py stage-release-pair \
+            --platform "${PLATFORM}" \
            --target "${TARGET}" \
-            --output-dir "dist/${TARGET}" \
-            --sandbox
+            --output-dir "dist/${TARGET}"

-      - name: Smoke link staged artifact with Cargo
-        env:
-          TARGET: ${{ matrix.target }}
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          archive="$(find "dist/${TARGET}" -maxdepth 1 -type f -name 'rusty_v8_*.lib.gz' -print -quit)"
-          binding="$(find "dist/${TARGET}" -maxdepth 1 -type f -name 'src_binding_*.rs' -print -quit)"
-          if [[ -z "${archive}" || -z "${binding}" ]]; then
-            echo "Missing staged archive or binding for ${TARGET}." >&2
-            exit 1
-          fi
-
-          (
-            cd codex-rs
-            RUSTY_V8_ARCHIVE="${GITHUB_WORKSPACE}/${archive}" \
-            RUSTY_V8_SRC_BINDING_PATH="${GITHUB_WORKSPACE}/${binding}" \
-            cargo +1.95.0 test -p codex-v8-poc --target "${TARGET}" --features sandbox --no-run
-          )
-
-      - name: Upload staged artifacts
+      - name: Upload staged musl artifacts
        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
-          name: v8-canary-${{ needs.metadata.outputs.v8_version }}-ptrcomp-sandbox-${{ matrix.target }}
+          name: v8-canary-${{ needs.metadata.outputs.v8_version }}-${{ matrix.target }}
          path: dist/${{ matrix.target }}/*
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -1,8 +1,6 @@
 {
    "recommendations": [
-        "BazelBuild.vscode-bazel",
        "rust-lang.rust-analyzer",
-        "charliermarsh.ruff",
        "tamasfe.even-better-toml",
        "vadimcn.vscode-lldb",

--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -12,14 +12,6 @@
        "editor.defaultFormatter": "tamasfe.even-better-toml",
        "editor.formatOnSave": true,
    },
-    "[python]": {
-        "editor.defaultFormatter": "charliermarsh.ruff",
-        "editor.formatOnSave": true,
-        "editor.codeActionsOnSave": {
-            "source.fixAll.ruff": "explicit",
-            "source.organizeImports.ruff": "explicit",
-        },
-    },
    // Array order for options in ~/.codex/config.toml such as `notify` and the
    // `args` for an MCP server is significant, so we disable reordering.
    "evenBetterToml.formatter.reorderArrays": false,
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -26,11 +26,10 @@ In the codex-rs folder where the rust code lives:
  - Implementations may still use `async fn foo(&self, ...) -> T` when they satisfy that contract.
  - Do not use `#[allow(async_fn_in_trait)]` as a shortcut around spelling the future contract explicitly.
 - When writing tests, prefer comparing the equality of entire objects over fields one by one.
- Do not add general product or user-facing documentation to the `docs/` folder. The official Codex documentation lives elsewhere. The exception is app-server API documentation, which is covered by the app-server guidance below.
+- When making a change that adds or changes an API, ensure that the documentation in the `docs/` folder is up to date if applicable.
 - Prefer private modules and explicitly exported public crate API.
 - If you change `ConfigToml` or nested config types, run `just write-config-schema` to update `codex-rs/core/config.schema.json`.
 - When working with MCP tool calls, prefer using `codex-rs/codex-mcp/src/mcp_connection_manager.rs` to handle mutation of tools and tool calls. Aim to minimize the footprint of changes and leverage existing abstractions rather than plumbing code through multiple levels of function calls.
- Do not call `reset_client_session` unnecessarily; let the incremental check logic decide whether to reuse the previous request.
 - If you change Rust dependencies (`Cargo.toml` or `Cargo.lock`), run `just bazel-lock-update` from the
  repo root to refresh `MODULE.bazel.lock`, and include that lockfile update in the same change.
 - After dependency changes, run `just bazel-lock-check` from the repo root so lockfile drift is caught
@@ -53,13 +52,12 @@ In the codex-rs folder where the rust code lives:
    the new implementation so the invariants stay close to the code that owns them.
  - Avoid adding new standalone methods to `codex-rs/tui/src/chatwidget.rs` unless the change is
    trivial; prefer new modules/files and keep `chatwidget.rs` focused on orchestration.
- When running Rust commands (e.g. `just fix` or `just test`) be patient with the command and never try to kill them using the PID. Rust lock can make the execution slow, this is expected.
+- When running Rust commands (e.g. `just fix` or `cargo test`) be patient with the command and never try to kill them using the PID. Rust lock can make the execution slow, this is expected.

-Run `just fmt` (in the `codex-rs` directory) automatically after you have finished making code changes anywhere in this repository; do not ask for approval to run it. Additionally, run the tests:
+Run `just fmt` (in `codex-rs` directory) automatically after you have finished making Rust code changes; do not ask for approval to run it. Additionally, run the tests:

-1. Do not run `cargo test` directly. Use `just test` so test execution follows the repo defaults.
-2. Run the test for the specific project that was changed. For example, if changes were made in `codex-rs/tui`, run `just test -p codex-tui`.
-3. Once those pass, if any changes were made in common, core, or protocol, run the complete test suite with `just test`. Avoid `--all-features` for routine local runs because it expands the build matrix and can significantly increase `target/` disk usage; use it only when you specifically need full feature coverage. project-specific or individual tests can be run without asking the user, but do ask the user before running the complete test suite.
+1. Run the test for the specific project that was changed. For example, if changes were made in `codex-rs/tui`, run `cargo test -p codex-tui`.
+2. Once those pass, if any changes were made in common, core, or protocol, run the complete test suite with `cargo test` (or `just test` if `cargo-nextest` is installed). Avoid `--all-features` for routine local runs because it expands the build matrix and can significantly increase `target/` disk usage; use it only when you specifically need full feature coverage. project-specific or individual tests can be run without asking the user, but do ask the user before running the complete test suite.

 Before finalizing a large change to `codex-rs`, run `just fix -p <project>` (in `codex-rs` directory) to fix any linter issues in the code. Prefer scoping with `-p` to avoid slow workspace‑wide Clippy builds; only run `just fix` without `-p` if you changed shared crates. Do not re-run tests after running `fix` or `fmt`.

@@ -76,49 +74,6 @@ Particularly when introducing a new concept/feature/API, before adding to `codex

 Likewise, when reviewing code, do not hesitate to push back on PRs that would unnecessarily add code to `codex-core`.

-## Code Review Rules
-
-### Model visible context
-
-Codex maintains a context (history of messages) that is sent to the model in inference requests.
-
-1. No history rewrite - the context must be built up incrementally.
-2. Avoid frequent changes to context that cause cache misses.
-3. No unbounded items - everything injected in the model context must have a bounded size and a hard cap.
-4. No items larger than 10K tokens.
-5. Highlight new individual items that can cross >1k tokens as P0. These need an additional manual review.
-6. All injected fragments must be defined as structs in `core/context` and implement ContextualUserFragment trait
-
-### Breaking changes
-
-Search for breaking changes in external integration surfaces:
-
- app-server APIs
- CLI parameters
- configuration loading
- resuming sessions from existing rollouts
-
-### Test authoring guidance
-
-For agent changes prefer integration tests over unit tests. Integration tests are under `core/suite` and use `test_codex` to set up a test instance of codex.
-
-Features that change the agent logic MUST add an integration test:
-
- Provide a list of major logic changes and user-facing behaviors that need to be tested.
-
-If unit tests are needed, put them in a dedicated test file (\*\_tests.rs).
-Avoid test-only functions in the main implementation.
-
-Check whether there are existing helpers to make tests more streamlined and readable.
-
-### Change size guidance (800 lines)
-
-Unless the change is mechanical the total number of changed lines should not exceed 800 lines.
-For complex logic changes the size should be under 500 lines.
-
-If the change is larger, explore whether it can be split into reviewable stages and identify the smallest coherent stage to land first.
-Base the staging suggestion on the actual diff, dependencies, and affected call sites.
-
 ## TUI style conventions

 See `codex-rs/tui/styles.md`.
@@ -153,19 +108,6 @@ See `codex-rs/tui/styles.md`.

 ## Tests

-### Test module organization
-
- When adding a new test module, define its contents in a separate sibling file rather than inline in the implementation file.
- Use an explicit `#[path = "..._tests.rs"]` attribute so the test filename is descriptive and easy to locate:
-
-  ```rust
-  #[cfg(test)]
-  #[path = "parser_tests.rs"]
-  mod tests;
-  ```
-
- This applies only when introducing a new test module. Do not move or rewrite existing inline `#[cfg(test)] mod tests { ... }` modules solely to follow this convention.
-
 ### Snapshot tests

 This repo uses snapshot tests (via `insta`), especially in `codex-rs/tui`, to validate rendered output.
@@ -178,7 +120,7 @@ is easy to review and future diffs stay visual.
 When UI or text output changes intentionally, update the snapshots as follows:

 - Run tests to generate any updated snapshots:
-  - `just test -p codex-tui`
+  - `cargo test -p codex-tui`
 - Check what’s pending:
  - `cargo insta pending-snapshots -p codex-tui`
 - Review changes by reading the generated `*.snap.new` files directly in the repo, or preview a specific file:
@@ -188,7 +130,7 @@ When UI or text output changes intentionally, update the snapshots as follows:

 If you don’t have the tool:

- `cargo install --locked cargo-insta`
+- `cargo install cargo-insta`

 ### Test assertions

@@ -268,19 +210,10 @@ These guidelines apply to app-server protocol work in `codex-rs`, especially:

 ### Development Workflow

- Update app-server docs/examples when API behavior changes (at minimum `app-server/README.md`).
+- Update docs/examples when API behavior changes (at minimum `app-server/README.md`).
 - Regenerate schema fixtures when API shapes change:
  `just write-app-server-schema`
  (and `just write-app-server-schema --experimental` when experimental API fixtures are affected).
- Validate with `just test -p codex-app-server-protocol`.
+- Validate with `cargo test -p codex-app-server-protocol`.
 - Avoid boilerplate tests that only assert experimental field markers for individual
  request fields in `common.rs`; rely on schema generation/tests and behavioral coverage instead.
-
-## Python Development Best Practices
-
-### Ignore Python 2 compatibility
-
-This project uses Python 3+. You should not use the `__future__` module.
-
-If you need to worry about feature compatibility between different 3.xx point releases, check the
-closest `pyproject.toml`'s `requires-python` field to see what minimum runtime version is supported.
--- a/MODULE.bazel
+++ b/MODULE.bazel
@@ -10,7 +10,6 @@ single_version_override(
    module_name = "llvm",
    patch_strip = 1,
    patches = [
-        "//patches:llvm_rusty_v8_custom_libcxx.patch",
        "//patches:llvm_windows_symlink_extract.patch",
    ],
 )
@@ -78,13 +77,6 @@ use_repo(osx, "macos_sdk")
 # Needed to disable xcode...
 bazel_dep(name = "apple_support", version = "2.1.0")
 bazel_dep(name = "rules_cc", version = "0.2.16")
-single_version_override(
-    module_name = "rules_cc",
-    patch_strip = 1,
-    patches = [
-        "//patches:rules_cc_rusty_v8_custom_libcxx.patch",
-    ],
-)
 bazel_dep(name = "rules_platform", version = "0.1.0")
 bazel_dep(name = "rules_rs", version = "0.0.58")
 # `rules_rs` still does not model `windows-gnullvm` as a distinct Windows exec
@@ -163,7 +155,7 @@ use_repo(nightly_rust, "rust_toolchains")
 toolchains = use_extension("@rules_rs//rs/experimental/toolchains:module_extension.bzl", "toolchains")
 toolchains.toolchain(
    edition = "2024",
-    version = "1.95.0",
+    version = "1.93.0",
 )
 use_repo(toolchains, "default_rust_toolchains")

@@ -335,18 +327,6 @@ crate.annotation(
        "RUSTY_V8_SRC_BINDING_PATH": "$(execpath @v8_targets//:rusty_v8_binding_for_target)",
    },
    crate = "v8",
-    # Keep the Rust feature aligned with the source-built Bazel artifacts.
-    # Windows MSVC still consumes upstream non-sandboxed prebuilts.
-    crate_features_select = {
-        "aarch64-apple-darwin": ["v8_enable_sandbox"],
-        "aarch64-pc-windows-gnullvm": ["v8_enable_sandbox"],
-        "aarch64-unknown-linux-gnu": ["v8_enable_sandbox"],
-        "aarch64-unknown-linux-musl": ["v8_enable_sandbox"],
-        "x86_64-apple-darwin": ["v8_enable_sandbox"],
-        "x86_64-pc-windows-gnullvm": ["v8_enable_sandbox"],
-        "x86_64-unknown-linux-gnu": ["v8_enable_sandbox"],
-        "x86_64-unknown-linux-musl": ["v8_enable_sandbox"],
-    },
    gen_build_script = "on",
    patch_args = ["-p1"],
    patches = [
@@ -415,18 +395,18 @@ crate.annotation(

 inject_repo(crate, "alsa_lib")

-bazel_dep(name = "v8", version = "14.7.173.20")
+bazel_dep(name = "v8", version = "14.6.202.9")
 archive_override(
    module_name = "v8",
-    integrity = "sha256-v/x6I4X38a2wckzUIft3Dh0SUdkuOTokwxyF7lzW8Lc=",
+    integrity = "sha256-JphDwLAzsd9KvgRZ7eQvNtPU6qGd3XjFt/a/1QITAJU=",
    patch_strip = 3,
    patches = [
        "//patches:v8_module_deps.patch",
        "//patches:v8_bazel_rules.patch",
        "//patches:v8_source_portability.patch",
    ],
-    strip_prefix = "v8-14.7.173.20",
-    urls = ["https://github.com/v8/v8/archive/refs/tags/14.7.173.20.tar.gz"],
+    strip_prefix = "v8-14.6.202.9",
+    urls = ["https://github.com/v8/v8/archive/refs/tags/14.6.202.9.tar.gz"],
 )

 http_archive(
@@ -438,53 +418,93 @@ http_archive(
    urls = ["https://static.crates.io/crates/v8/v8-146.4.0.crate"],
 )

-http_archive(
-    name = "v8_crate_147_4_0",
-    build_file = "//third_party/v8:v8_crate.BUILD.bazel",
-    sha256 = "2df8fffd507fb18ed000673a83d937f58e60fb07f3306b2274284125b15137cd",
-    strip_prefix = "v8-147.4.0",
-    type = "tar.gz",
-    urls = ["https://static.crates.io/crates/v8/v8-147.4.0.crate"],
-)
-
-git_repository = use_repo_rule("@bazel_tools//tools/build_defs/repo:git.bzl", "git_repository")
-
-git_repository(
-    name = "rusty_v8_libcxx",
-    build_file = "//third_party/v8:libcxx.BUILD.bazel",
-    commit = "7ab65651aed6802d2599dcb7a73b1f82d5179d05",
-    remote = "https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxx.git",
-)
-
-git_repository(
-    name = "rusty_v8_libcxxabi",
-    build_file = "//third_party/v8:libcxxabi.BUILD.bazel",
-    commit = "8f11bb1d4438d0239d0dfc1bd9456a9f31629dda",
-    remote = "https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi.git",
-)
-
-git_repository(
-    name = "rusty_v8_llvm_libc",
-    build_file = "//third_party/v8:llvm_libc.BUILD.bazel",
-    commit = "b3aa5bb702ff9e890179fd1e7d3ba346e17ecf8e",
-    remote = "https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libc.git",
-)
-
 http_file(
-    name = "rusty_v8_147_4_0_aarch64_pc_windows_msvc_archive",
-    downloaded_file_path = "rusty_v8_release_aarch64-pc-windows-msvc.lib.gz",
-    sha256 = "1fa3f94d9e09cff1f6bcce94c478e5cb072c0755f6a0357abadb9dd3b48d8127",
+    name = "rusty_v8_146_4_0_aarch64_apple_darwin_archive",
+    downloaded_file_path = "librusty_v8_release_aarch64-apple-darwin.a.gz",
+    sha256 = "bfe2c9be32a56c28546f0f965825ee68fbf606405f310cc4e17b448a568cf98a",
    urls = [
-        "https://github.com/denoland/rusty_v8/releases/download/v147.4.0/rusty_v8_release_aarch64-pc-windows-msvc.lib.gz",
+        "https://github.com/denoland/rusty_v8/releases/download/v146.4.0/librusty_v8_release_aarch64-apple-darwin.a.gz",
    ],
 )

 http_file(
-    name = "rusty_v8_147_4_0_x86_64_pc_windows_msvc_archive",
-    downloaded_file_path = "rusty_v8_release_x86_64-pc-windows-msvc.lib.gz",
-    sha256 = "e2827ff98b1a9d4c0343000fc5124ac30dfab3007bc0129c168c9355fc2fcd7c",
+    name = "rusty_v8_146_4_0_aarch64_unknown_linux_gnu_archive",
+    downloaded_file_path = "librusty_v8_release_aarch64-unknown-linux-gnu.a.gz",
+    sha256 = "dbf165b07c81bdb054bc046b43d23e69fcf7bcc1a4c1b5b4776983a71062ecd8",
    urls = [
-        "https://github.com/denoland/rusty_v8/releases/download/v147.4.0/rusty_v8_release_x86_64-pc-windows-msvc.lib.gz",
+        "https://github.com/denoland/rusty_v8/releases/download/v146.4.0/librusty_v8_release_aarch64-unknown-linux-gnu.a.gz",
+    ],
+)
+
+http_file(
+    name = "rusty_v8_146_4_0_aarch64_pc_windows_msvc_archive",
+    downloaded_file_path = "rusty_v8_release_aarch64-pc-windows-msvc.lib.gz",
+    sha256 = "ed13363659c6d08583ac8fdc40493445c5767d8b94955a4d5d7bb8d5a81f6bf8",
+    urls = [
+        "https://github.com/denoland/rusty_v8/releases/download/v146.4.0/rusty_v8_release_aarch64-pc-windows-msvc.lib.gz",
+    ],
+)
+
+http_file(
+    name = "rusty_v8_146_4_0_x86_64_apple_darwin_archive",
+    downloaded_file_path = "librusty_v8_release_x86_64-apple-darwin.a.gz",
+    sha256 = "630cd240f1bbecdb071417dc18387ab81cf67c549c1c515a0b4fcf9eba647bb7",
+    urls = [
+        "https://github.com/denoland/rusty_v8/releases/download/v146.4.0/librusty_v8_release_x86_64-apple-darwin.a.gz",
+    ],
+)
+
+http_file(
+    name = "rusty_v8_146_4_0_x86_64_unknown_linux_gnu_archive",
+    downloaded_file_path = "librusty_v8_release_x86_64-unknown-linux-gnu.a.gz",
+    sha256 = "e64b4d99e4ae293a2e846244a89b80178ba10382c13fb591c1fa6968f5291153",
+    urls = [
+        "https://github.com/denoland/rusty_v8/releases/download/v146.4.0/librusty_v8_release_x86_64-unknown-linux-gnu.a.gz",
+    ],
+)
+
+http_file(
+    name = "rusty_v8_146_4_0_x86_64_pc_windows_msvc_archive",
+    downloaded_file_path = "rusty_v8_release_x86_64-pc-windows-msvc.lib.gz",
+    sha256 = "90a9a2346acd3685a355e98df85c24dbe406cb124367d16259a4b5d522621862",
+    urls = [
+        "https://github.com/denoland/rusty_v8/releases/download/v146.4.0/rusty_v8_release_x86_64-pc-windows-msvc.lib.gz",
+    ],
+)
+
+http_file(
+    name = "rusty_v8_146_4_0_aarch64_unknown_linux_musl_archive",
+    downloaded_file_path = "librusty_v8_release_aarch64-unknown-linux-musl.a.gz",
+    sha256 = "27a08ed26c34297bfd93e514692ccc44b85f8b15c6aa39cf34e784f84fb37e8e",
+    urls = [
+        "https://github.com/openai/codex/releases/download/rusty-v8-v146.4.0/librusty_v8_release_aarch64-unknown-linux-musl.a.gz",
+    ],
+)
+
+http_file(
+    name = "rusty_v8_146_4_0_aarch64_unknown_linux_musl_binding",
+    downloaded_file_path = "src_binding_release_aarch64-unknown-linux-musl.rs",
+    sha256 = "09f8900ced8297c229246c7a50b2e0ec23c54d0a554f369619cc29863f38dd1a",
+    urls = [
+        "https://github.com/openai/codex/releases/download/rusty-v8-v146.4.0/src_binding_release_aarch64-unknown-linux-musl.rs",
+    ],
+)
+
+http_file(
+    name = "rusty_v8_146_4_0_x86_64_unknown_linux_musl_archive",
+    downloaded_file_path = "librusty_v8_release_x86_64-unknown-linux-musl.a.gz",
+    sha256 = "20d8271ad712323d352c1383c36e3c4b755abc41ece35819c49c75ec7134d2f8",
+    urls = [
+        "https://github.com/openai/codex/releases/download/rusty-v8-v146.4.0/librusty_v8_release_x86_64-unknown-linux-musl.a.gz",
+    ],
+)
+
+http_file(
+    name = "rusty_v8_146_4_0_x86_64_unknown_linux_musl_binding",
+    downloaded_file_path = "src_binding_release_x86_64-unknown-linux-musl.rs",
+    sha256 = "09f8900ced8297c229246c7a50b2e0ec23c54d0a554f369619cc29863f38dd1a",
+    urls = [
+        "https://github.com/openai/codex/releases/download/rusty-v8-v146.4.0/src_binding_release_x86_64-unknown-linux-musl.rs",
    ],
 )

--- a/MODULE.bazel.lock
+++ b/MODULE.bazel.lock
--- a/README.md
+++ b/README.md
@@ -1,3 +1,4 @@
+<p align="center"><code>npm i -g @openai/codex</code><br />or <code>brew install --cask codex</code></p>
 <p align="center"><strong>Codex CLI</strong> is a coding agent from OpenAI that runs locally on your computer.
 <p align="center">
  <img src="https://github.com/openai/codex/blob/main/.github/codex-cli-splash.png" alt="Codex CLI splash" width="80%" />
@@ -13,19 +14,7 @@ If you want Codex in your code editor (VS Code, Cursor, Windsurf), <a href="http

 ### Installing and running Codex CLI

-Run the following on Mac or Linux to install Codex CLI:
-
-```shell
-curl -fsSL https://chatgpt.com/codex/install.sh | sh
-```
-
-Run the following on Windows to install Codex CLI:
-
-```
-powershell -ExecutionPolicy ByPass -c "irm https://chatgpt.com/codex/install.ps1 | iex"
-```
-
-Codex CLI can also be installed via the following package managers:
+Install globally with your preferred package manager:

 ```shell
 # Install using npm
--- a/codex-cli/bin/codex.js
+++ b/codex-cli/bin/codex.js
@@ -2,7 +2,7 @@
 // Unified entry point for the Codex CLI.

 import { spawn } from "node:child_process";
-import { existsSync, realpathSync } from "fs";
+import { existsSync } from "fs";
 import { createRequire } from "node:module";
 import path from "path";
 import { fileURLToPath } from "url";
@@ -77,43 +77,33 @@ if (!platformPackage) {

 const codexBinaryName = process.platform === "win32" ? "codex.exe" : "codex";
 const localVendorRoot = path.join(__dirname, "..", "vendor");
-const packageBinaryPath = (vendorRoot) =>
-  path.join(vendorRoot, targetTriple, "bin", codexBinaryName);
-const legacyBinaryPath = (vendorRoot) =>
-  path.join(vendorRoot, targetTriple, "codex", codexBinaryName);
+const localBinaryPath = path.join(
+  localVendorRoot,
+  targetTriple,
+  "codex",
+  codexBinaryName,
+);

-function resolveNativePackage(vendorRoot) {
-  const packageRoot = path.join(vendorRoot, targetTriple);
-  const binaryPath = packageBinaryPath(vendorRoot);
-  if (existsSync(binaryPath)) {
-    return {
-      binaryPath,
-      pathDir: path.join(packageRoot, "codex-path"),
-    };
-  }
-
-  const legacyPath = legacyBinaryPath(vendorRoot);
-  if (existsSync(legacyPath)) {
-    return {
-      binaryPath: legacyPath,
-      pathDir: path.join(packageRoot, "path"),
-    };
-  }
-
-  return null;
-}
-
-let nativePackage;
+let vendorRoot;
 try {
  const packageJsonPath = require.resolve(`${platformPackage}/package.json`);
-  nativePackage = resolveNativePackage(
-    path.join(path.dirname(packageJsonPath), "vendor"),
-  );
+  vendorRoot = path.join(path.dirname(packageJsonPath), "vendor");
 } catch {
-  nativePackage = resolveNativePackage(localVendorRoot);
+  if (existsSync(localBinaryPath)) {
+    vendorRoot = localVendorRoot;
+  } else {
+    const packageManager = detectPackageManager();
+    const updateCommand =
+      packageManager === "bun"
+        ? "bun install -g @openai/codex@latest"
+        : "npm install -g @openai/codex@latest";
+    throw new Error(
+      `Missing optional dependency ${platformPackage}. Reinstall Codex: ${updateCommand}`,
+    );
+  }
 }

-if (!nativePackage) {
+if (!vendorRoot) {
  const packageManager = detectPackageManager();
  const updateCommand =
    packageManager === "bun"
@@ -124,7 +114,8 @@ if (!nativePackage) {
  );
 }

-const { binaryPath, pathDir } = nativePackage;
+const archRoot = path.join(vendorRoot, targetTriple);
+const binaryPath = path.join(archRoot, "codex", codexBinaryName);

 // Use an asynchronous spawn instead of spawnSync so that Node is able to
 // respond to signals (e.g. Ctrl-C / SIGINT) while the native binary is
@@ -168,6 +159,7 @@ function detectPackageManager() {
 }

 const additionalDirs = [];
+const pathDir = path.join(archRoot, "path");
 if (existsSync(pathDir)) {
  additionalDirs.push(pathDir);
 }
@@ -179,7 +171,6 @@ const packageManagerEnvVar =
    ? "CODEX_MANAGED_BY_BUN"
    : "CODEX_MANAGED_BY_NPM";
 env[packageManagerEnvVar] = "1";
-env.CODEX_MANAGED_PACKAGE_ROOT = realpathSync(path.join(__dirname, ".."));

 const child = spawn(binaryPath, process.argv.slice(2), {
  stdio: "inherit",
--- a/scripts/codex_package/rg
+++ b/scripts/codex_package/rg
--- a/codex-cli/package.json
+++ b/codex-cli/package.json
@@ -1,7 +1,6 @@
 {
  "name": "@openai/codex",
  "version": "0.0.0-dev",
-  "description": "Codex CLI is a coding agent from OpenAI that runs locally on your computer.",
  "license": "Apache-2.0",
  "bin": {
    "codex": "bin/codex.js"
@@ -11,7 +10,8 @@
    "node": ">=16"
  },
  "files": [
-    "bin/codex.js"
+    "bin",
+    "vendor"
  ],
  "repository": {
    "type": "git",
--- a/codex-cli/scripts/README.md
+++ b/codex-cli/scripts/README.md
@@ -11,13 +11,13 @@ example, to stage the CLI, responses proxy, and SDK packages for version `0.6.0`
  --package codex-sdk
 ```

-This downloads the required native package archive artifacts, hydrates `vendor/` for
-each package, and writes tarballs to `dist/npm/`.
+This downloads the native artifacts once, hydrates `vendor/` for each package, and writes
+tarballs to `dist/npm/`.

 When `--package codex` is provided, the staging helper builds the lightweight
 `@openai/codex` meta package plus all platform-native `@openai/codex` variants
 that are later published under platform-specific dist-tags.

-Direct `build_npm_package.py` invocations are still useful for package-specific
-debugging, but native packages expect `--vendor-src` to point at a prehydrated
-`vendor/` tree. Release packaging should use `scripts/stage_npm_packages.py`.
+If you need to invoke `build_npm_package.py` directly, run
+`codex-cli/scripts/install_native_deps.py` first and pass `--vendor-src` pointing to the
+directory that contains the populated `vendor/` tree.
--- a/codex-cli/scripts/build_npm_package.py
+++ b/codex-cli/scripts/build_npm_package.py
@@ -3,7 +3,6 @@

 import argparse
 import json
-import os
 import shutil
 import subprocess
 import sys
@@ -16,7 +15,6 @@ REPO_ROOT = CODEX_CLI_ROOT.parent
 RESPONSES_API_PROXY_NPM_ROOT = REPO_ROOT / "codex-rs" / "responses-api-proxy" / "npm"
 CODEX_SDK_ROOT = REPO_ROOT / "sdk" / "typescript"
 CODEX_NPM_NAME = "@openai/codex"
-CODEX_PACKAGE_COMPONENT = "codex-package"

 # `npm_name` is the local optional-dependency alias consumed by `bin/codex.js`.
 # The underlying package published to npm is always `@openai/codex`.
@@ -71,12 +69,12 @@ PACKAGE_EXPANSIONS: dict[str, list[str]] = {

 PACKAGE_NATIVE_COMPONENTS: dict[str, list[str]] = {
    "codex": [],
-    "codex-linux-x64": [CODEX_PACKAGE_COMPONENT],
-    "codex-linux-arm64": [CODEX_PACKAGE_COMPONENT],
-    "codex-darwin-x64": [CODEX_PACKAGE_COMPONENT],
-    "codex-darwin-arm64": [CODEX_PACKAGE_COMPONENT],
-    "codex-win32-x64": [CODEX_PACKAGE_COMPONENT],
-    "codex-win32-arm64": [CODEX_PACKAGE_COMPONENT],
+    "codex-linux-x64": ["codex", "rg"],
+    "codex-linux-arm64": ["codex", "rg"],
+    "codex-darwin-x64": ["codex", "rg"],
+    "codex-darwin-arm64": ["codex", "rg"],
+    "codex-win32-x64": ["codex", "rg", "codex-windows-sandbox-setup", "codex-command-runner"],
+    "codex-win32-arm64": ["codex", "rg", "codex-windows-sandbox-setup", "codex-command-runner"],
    "codex-responses-api-proxy": ["codex-responses-api-proxy"],
    "codex-sdk": [],
 }
@@ -88,6 +86,15 @@ PACKAGE_TARGET_FILTERS: dict[str, str] = {

 PACKAGE_CHOICES = tuple(PACKAGE_NATIVE_COMPONENTS)

+COMPONENT_DEST_DIR: dict[str, str] = {
+    "codex": "codex",
+    "codex-responses-api-proxy": "codex-responses-api-proxy",
+    "codex-windows-sandbox-setup": "codex",
+    "codex-command-runner": "codex",
+    "rg": "path",
+}
+
+
 def parse_args() -> argparse.Namespace:
    parser = argparse.ArgumentParser(description="Build or stage the Codex CLI npm package.")
    parser.add_argument(
@@ -234,6 +241,9 @@ def stage_sources(staging_dir: Path, version: str, package: str) -> None:
        bin_dir = staging_dir / "bin"
        bin_dir.mkdir(parents=True, exist_ok=True)
        shutil.copy2(CODEX_CLI_ROOT / "bin" / "codex.js", bin_dir / "codex.js")
+        rg_manifest = CODEX_CLI_ROOT / "bin" / "rg"
+        if rg_manifest.exists():
+            shutil.copy2(rg_manifest, bin_dir / "rg")

        readme_src = REPO_ROOT / "README.md"
        if readme_src.exists():
@@ -292,7 +302,7 @@ def stage_sources(staging_dir: Path, version: str, package: str) -> None:
        package_json["version"] = version

    if package == "codex":
-        package_json["files"] = ["bin/codex.js"]
+        package_json["files"] = ["bin"]
        package_json["optionalDependencies"] = {
            CODEX_PLATFORM_PACKAGES[platform_package]["npm_name"]: (
                f"npm:{CODEX_NPM_NAME}@"
@@ -325,7 +335,7 @@ def compute_platform_package_version(version: str, platform_tag: str) -> str:


 def run_command(cmd: list[str], cwd: Path | None = None) -> None:
-    print("+", " ".join(cmd), flush=True)
+    print("+", " ".join(cmd))
    subprocess.run(cmd, cwd=cwd, check=True)


@@ -360,7 +370,7 @@ def copy_native_binaries(
    if not vendor_src.exists():
        raise RuntimeError(f"Vendor source directory not found: {vendor_src}")

-    components_set = set(components)
+    components_set = {component for component in components if component in COMPONENT_DEST_DIR}
    if not components_set:
        return

@@ -378,25 +388,22 @@ def copy_native_binaries(
        if target_filter is not None and target_dir.name not in target_filter:
            continue

+        dest_target_dir = vendor_dest / target_dir.name
+        dest_target_dir.mkdir(parents=True, exist_ok=True)
        copied_targets.add(target_dir.name)

-        dest_target_dir = vendor_dest / target_dir.name
+        for component in components_set:
+            dest_dir_name = COMPONENT_DEST_DIR.get(component)
+            if dest_dir_name is None:
+                continue

-        if CODEX_PACKAGE_COMPONENT in components_set:
-            if dest_target_dir.exists():
-                shutil.rmtree(dest_target_dir)
-            shutil.copytree(target_dir, dest_target_dir)
-        else:
-            dest_target_dir.mkdir(parents=True, exist_ok=True)
-
-        for component in sorted(components_set - {CODEX_PACKAGE_COMPONENT}):
-            src_component_dir = target_dir / component
+            src_component_dir = target_dir / dest_dir_name
            if not src_component_dir.exists():
                raise RuntimeError(
                    f"Missing native component '{component}' in vendor source: {src_component_dir}"
                )

-            dest_component_dir = dest_target_dir / component
+            dest_component_dir = dest_target_dir / dest_dir_name
            if dest_component_dir.exists():
                shutil.rmtree(dest_component_dir)
            shutil.copytree(src_component_dir, dest_component_dir)
@@ -407,23 +414,16 @@ def copy_native_binaries(
            missing_list = ", ".join(missing_targets)
            raise RuntimeError(f"Missing target directories in vendor source: {missing_list}")

+
 def run_npm_pack(staging_dir: Path, output_path: Path) -> Path:
    output_path = output_path.resolve()
    output_path.parent.mkdir(parents=True, exist_ok=True)

    with tempfile.TemporaryDirectory(prefix="codex-npm-pack-") as pack_dir_str:
        pack_dir = Path(pack_dir_str)
-        npm_cache_dir = pack_dir / "npm-cache"
-        npm_logs_dir = pack_dir / "npm-logs"
-        npm_cache_dir.mkdir()
-        npm_logs_dir.mkdir()
-        env = os.environ.copy()
-        env["NPM_CONFIG_CACHE"] = str(npm_cache_dir)
-        env["NPM_CONFIG_LOGS_DIR"] = str(npm_logs_dir)
        stdout = subprocess.check_output(
            ["npm", "pack", "--json", "--pack-destination", str(pack_dir)],
            cwd=staging_dir,
-            env=env,
            text=True,
        )
        try:
--- a/codex-cli/scripts/install_native_deps.py
+++ b/codex-cli/scripts/install_native_deps.py
@@ -0,0 +1,475 @@
+#!/usr/bin/env python3
+"""Install Codex native binaries (Rust CLI plus ripgrep helpers)."""
+
+import argparse
+from contextlib import contextmanager
+import json
+import os
+import shutil
+import subprocess
+import tarfile
+import tempfile
+import zipfile
+from dataclasses import dataclass
+from concurrent.futures import ThreadPoolExecutor, as_completed
+from pathlib import Path
+import sys
+from typing import Iterable, Sequence
+from urllib.parse import urlparse
+from urllib.request import urlopen
+
+SCRIPT_DIR = Path(__file__).resolve().parent
+CODEX_CLI_ROOT = SCRIPT_DIR.parent
+DEFAULT_WORKFLOW_URL = "https://github.com/openai/codex/actions/runs/17952349351"  # rust-v0.40.0
+VENDOR_DIR_NAME = "vendor"
+RG_MANIFEST = CODEX_CLI_ROOT / "bin" / "rg"
+BINARY_TARGETS = (
+    "x86_64-unknown-linux-musl",
+    "aarch64-unknown-linux-musl",
+    "x86_64-apple-darwin",
+    "aarch64-apple-darwin",
+    "x86_64-pc-windows-msvc",
+    "aarch64-pc-windows-msvc",
+)
+
+
+@dataclass(frozen=True)
+class BinaryComponent:
+    artifact_prefix: str  # matches the artifact filename prefix (e.g. codex-<target>.zst)
+    dest_dir: str  # directory under vendor/<target>/ where the binary is installed
+    binary_basename: str  # executable name inside dest_dir (before optional .exe)
+    targets: tuple[str, ...] | None = None  # limit installation to specific targets
+
+
+WINDOWS_TARGETS = tuple(target for target in BINARY_TARGETS if "windows" in target)
+
+BINARY_COMPONENTS = {
+    "codex": BinaryComponent(
+        artifact_prefix="codex",
+        dest_dir="codex",
+        binary_basename="codex",
+    ),
+    "codex-responses-api-proxy": BinaryComponent(
+        artifact_prefix="codex-responses-api-proxy",
+        dest_dir="codex-responses-api-proxy",
+        binary_basename="codex-responses-api-proxy",
+    ),
+    "codex-windows-sandbox-setup": BinaryComponent(
+        artifact_prefix="codex-windows-sandbox-setup",
+        dest_dir="codex",
+        binary_basename="codex-windows-sandbox-setup",
+        targets=WINDOWS_TARGETS,
+    ),
+    "codex-command-runner": BinaryComponent(
+        artifact_prefix="codex-command-runner",
+        dest_dir="codex",
+        binary_basename="codex-command-runner",
+        targets=WINDOWS_TARGETS,
+    ),
+}
+
+RG_TARGET_PLATFORM_PAIRS: list[tuple[str, str]] = [
+    ("x86_64-unknown-linux-musl", "linux-x86_64"),
+    ("aarch64-unknown-linux-musl", "linux-aarch64"),
+    ("x86_64-apple-darwin", "macos-x86_64"),
+    ("aarch64-apple-darwin", "macos-aarch64"),
+    ("x86_64-pc-windows-msvc", "windows-x86_64"),
+    ("aarch64-pc-windows-msvc", "windows-aarch64"),
+]
+RG_TARGET_TO_PLATFORM = {target: platform for target, platform in RG_TARGET_PLATFORM_PAIRS}
+DEFAULT_RG_TARGETS = [target for target, _ in RG_TARGET_PLATFORM_PAIRS]
+
+# urllib.request.urlopen() defaults to no timeout (can hang indefinitely), which is painful in CI.
+DOWNLOAD_TIMEOUT_SECS = 60
+
+
+def _gha_enabled() -> bool:
+    # GitHub Actions supports "workflow commands" (e.g. ::group:: / ::error::) that make logs
+    # much easier to scan: groups collapse noisy sections and error annotations surface the
+    # failure in the UI without changing the actual exception/traceback output.
+    return os.environ.get("GITHUB_ACTIONS") == "true"
+
+
+def _gha_escape(value: str) -> str:
+    # Workflow commands require percent/newline escaping.
+    return value.replace("%", "%25").replace("\r", "%0D").replace("\n", "%0A")
+
+
+def _gha_error(*, title: str, message: str) -> None:
+    # Emit a GitHub Actions error annotation. This does not replace stdout/stderr logs; it just
+    # adds a prominent summary line to the job UI so the root cause is easier to spot.
+    if not _gha_enabled():
+        return
+    print(
+        f"::error title={_gha_escape(title)}::{_gha_escape(message)}",
+        flush=True,
+    )
+
+
+@contextmanager
+def _gha_group(title: str):
+    # Wrap a block in a collapsible log group on GitHub Actions. Outside of GHA this is a no-op
+    # so local output remains unchanged.
+    if _gha_enabled():
+        print(f"::group::{_gha_escape(title)}", flush=True)
+    try:
+        yield
+    finally:
+        if _gha_enabled():
+            print("::endgroup::", flush=True)
+
+
+def parse_args() -> argparse.Namespace:
+    parser = argparse.ArgumentParser(description="Install native Codex binaries.")
+    parser.add_argument(
+        "--workflow-url",
+        help=(
+            "GitHub Actions workflow URL that produced the artifacts. Defaults to a "
+            "known good run when omitted."
+        ),
+    )
+    parser.add_argument(
+        "--component",
+        dest="components",
+        action="append",
+        choices=tuple(list(BINARY_COMPONENTS) + ["rg"]),
+        help=(
+            "Limit installation to the specified components."
+            " May be repeated. Defaults to codex, codex-windows-sandbox-setup,"
+            " codex-command-runner, and rg."
+        ),
+    )
+    parser.add_argument(
+        "root",
+        nargs="?",
+        type=Path,
+        help=(
+            "Directory containing package.json for the staged package. If omitted, the "
+            "repository checkout is used."
+        ),
+    )
+    return parser.parse_args()
+
+
+def main() -> int:
+    args = parse_args()
+
+    codex_cli_root = (args.root or CODEX_CLI_ROOT).resolve()
+    vendor_dir = codex_cli_root / VENDOR_DIR_NAME
+    vendor_dir.mkdir(parents=True, exist_ok=True)
+
+    components = args.components or [
+        "codex",
+        "codex-windows-sandbox-setup",
+        "codex-command-runner",
+        "rg",
+    ]
+
+    workflow_url = (args.workflow_url or DEFAULT_WORKFLOW_URL).strip()
+    if not workflow_url:
+        workflow_url = DEFAULT_WORKFLOW_URL
+
+    workflow_id = workflow_url.rstrip("/").split("/")[-1]
+    print(f"Downloading native artifacts from workflow {workflow_id}...")
+
+    with _gha_group(f"Download native artifacts from workflow {workflow_id}"):
+        with tempfile.TemporaryDirectory(prefix="codex-native-artifacts-") as artifacts_dir_str:
+            artifacts_dir = Path(artifacts_dir_str)
+            _download_artifacts(workflow_id, artifacts_dir)
+            install_binary_components(
+                artifacts_dir,
+                vendor_dir,
+                [BINARY_COMPONENTS[name] for name in components if name in BINARY_COMPONENTS],
+            )
+
+    if "rg" in components:
+        with _gha_group("Fetch ripgrep binaries"):
+            print("Fetching ripgrep binaries...")
+            fetch_rg(vendor_dir, DEFAULT_RG_TARGETS, manifest_path=RG_MANIFEST)
+
+    print(f"Installed native dependencies into {vendor_dir}")
+    return 0
+
+
+def fetch_rg(
+    vendor_dir: Path,
+    targets: Sequence[str] | None = None,
+    *,
+    manifest_path: Path,
+) -> list[Path]:
+    """Download ripgrep binaries described by the DotSlash manifest."""
+
+    if targets is None:
+        targets = DEFAULT_RG_TARGETS
+
+    if not manifest_path.exists():
+        raise FileNotFoundError(f"DotSlash manifest not found: {manifest_path}")
+
+    manifest = _load_manifest(manifest_path)
+    platforms = manifest.get("platforms", {})
+
+    vendor_dir.mkdir(parents=True, exist_ok=True)
+
+    targets = list(targets)
+    if not targets:
+        return []
+
+    task_configs: list[tuple[str, str, dict]] = []
+    for target in targets:
+        platform_key = RG_TARGET_TO_PLATFORM.get(target)
+        if platform_key is None:
+            raise ValueError(f"Unsupported ripgrep target '{target}'.")
+
+        platform_info = platforms.get(platform_key)
+        if platform_info is None:
+            raise RuntimeError(f"Platform '{platform_key}' not found in manifest {manifest_path}.")
+
+        task_configs.append((target, platform_key, platform_info))
+
+    results: dict[str, Path] = {}
+    max_workers = min(len(task_configs), max(1, (os.cpu_count() or 1)))
+
+    print("Installing ripgrep binaries for targets: " + ", ".join(targets))
+
+    with ThreadPoolExecutor(max_workers=max_workers) as executor:
+        future_map = {
+            executor.submit(
+                _fetch_single_rg,
+                vendor_dir,
+                target,
+                platform_key,
+                platform_info,
+                manifest_path,
+            ): target
+            for target, platform_key, platform_info in task_configs
+        }
+
+        for future in as_completed(future_map):
+            target = future_map[future]
+            try:
+                results[target] = future.result()
+            except Exception as exc:
+                _gha_error(
+                    title="ripgrep install failed",
+                    message=f"target={target} error={exc!r}",
+                )
+                raise RuntimeError(f"Failed to install ripgrep for target {target}.") from exc
+            print(f"  installed ripgrep for {target}")
+
+    return [results[target] for target in targets]
+
+
+def _download_artifacts(workflow_id: str, dest_dir: Path) -> None:
+    cmd = [
+        "gh",
+        "run",
+        "download",
+        "--dir",
+        str(dest_dir),
+        "--repo",
+        "openai/codex",
+        workflow_id,
+    ]
+    subprocess.check_call(cmd)
+
+
+def install_binary_components(
+    artifacts_dir: Path,
+    vendor_dir: Path,
+    selected_components: Sequence[BinaryComponent],
+) -> None:
+    if not selected_components:
+        return
+
+    for component in selected_components:
+        component_targets = list(component.targets or BINARY_TARGETS)
+
+        print(
+            f"Installing {component.binary_basename} binaries for targets: "
+            + ", ".join(component_targets)
+        )
+        max_workers = min(len(component_targets), max(1, (os.cpu_count() or 1)))
+        with ThreadPoolExecutor(max_workers=max_workers) as executor:
+            futures = {
+                executor.submit(
+                    _install_single_binary,
+                    artifacts_dir,
+                    vendor_dir,
+                    target,
+                    component,
+                ): target
+                for target in component_targets
+            }
+            for future in as_completed(futures):
+                installed_path = future.result()
+                print(f"  installed {installed_path}")
+
+
+def _install_single_binary(
+    artifacts_dir: Path,
+    vendor_dir: Path,
+    target: str,
+    component: BinaryComponent,
+) -> Path:
+    artifact_subdir = artifacts_dir / target
+    archive_name = _archive_name_for_target(component.artifact_prefix, target)
+    archive_path = artifact_subdir / archive_name
+    if not archive_path.exists():
+        raise FileNotFoundError(f"Expected artifact not found: {archive_path}")
+
+    dest_dir = vendor_dir / target / component.dest_dir
+    dest_dir.mkdir(parents=True, exist_ok=True)
+
+    binary_name = (
+        f"{component.binary_basename}.exe" if "windows" in target else component.binary_basename
+    )
+    dest = dest_dir / binary_name
+    dest.unlink(missing_ok=True)
+    extract_archive(archive_path, "zst", None, dest)
+    if "windows" not in target:
+        dest.chmod(0o755)
+    return dest
+
+
+def _archive_name_for_target(artifact_prefix: str, target: str) -> str:
+    if "windows" in target:
+        return f"{artifact_prefix}-{target}.exe.zst"
+    return f"{artifact_prefix}-{target}.zst"
+
+
+def _fetch_single_rg(
+    vendor_dir: Path,
+    target: str,
+    platform_key: str,
+    platform_info: dict,
+    manifest_path: Path,
+) -> Path:
+    providers = platform_info.get("providers", [])
+    if not providers:
+        raise RuntimeError(f"No providers listed for platform '{platform_key}' in {manifest_path}.")
+
+    url = providers[0]["url"]
+    archive_format = platform_info.get("format", "zst")
+    archive_member = platform_info.get("path")
+    digest = platform_info.get("digest")
+    expected_size = platform_info.get("size")
+
+    dest_dir = vendor_dir / target / "path"
+    dest_dir.mkdir(parents=True, exist_ok=True)
+
+    is_windows = platform_key.startswith("win")
+    binary_name = "rg.exe" if is_windows else "rg"
+    dest = dest_dir / binary_name
+
+    with tempfile.TemporaryDirectory() as tmp_dir_str:
+        tmp_dir = Path(tmp_dir_str)
+        archive_filename = os.path.basename(urlparse(url).path)
+        download_path = tmp_dir / archive_filename
+        print(
+            f"  downloading ripgrep for {target} ({platform_key}) from {url}",
+            flush=True,
+        )
+        try:
+            _download_file(url, download_path)
+        except Exception as exc:
+            _gha_error(
+                title="ripgrep download failed",
+                message=f"target={target} platform={platform_key} url={url} error={exc!r}",
+            )
+            raise RuntimeError(
+                "Failed to download ripgrep "
+                f"(target={target}, platform={platform_key}, format={archive_format}, "
+                f"expected_size={expected_size!r}, digest={digest!r}, url={url}, dest={download_path})."
+            ) from exc
+
+        dest.unlink(missing_ok=True)
+        try:
+            extract_archive(download_path, archive_format, archive_member, dest)
+        except Exception as exc:
+            raise RuntimeError(
+                "Failed to extract ripgrep "
+                f"(target={target}, platform={platform_key}, format={archive_format}, "
+                f"member={archive_member!r}, url={url}, archive={download_path})."
+            ) from exc
+
+    if not is_windows:
+        dest.chmod(0o755)
+
+    return dest
+
+
+def _download_file(url: str, dest: Path) -> None:
+    dest.parent.mkdir(parents=True, exist_ok=True)
+    dest.unlink(missing_ok=True)
+
+    with urlopen(url, timeout=DOWNLOAD_TIMEOUT_SECS) as response, open(dest, "wb") as out:
+        shutil.copyfileobj(response, out)
+
+
+def extract_archive(
+    archive_path: Path,
+    archive_format: str,
+    archive_member: str | None,
+    dest: Path,
+) -> None:
+    dest.parent.mkdir(parents=True, exist_ok=True)
+
+    if archive_format == "zst":
+        output_path = archive_path.parent / dest.name
+        subprocess.check_call(
+            ["zstd", "-f", "-d", str(archive_path), "-o", str(output_path)]
+        )
+        shutil.move(str(output_path), dest)
+        return
+
+    if archive_format == "tar.gz":
+        if not archive_member:
+            raise RuntimeError("Missing 'path' for tar.gz archive in DotSlash manifest.")
+        with tarfile.open(archive_path, "r:gz") as tar:
+            try:
+                member = tar.getmember(archive_member)
+            except KeyError as exc:
+                raise RuntimeError(
+                    f"Entry '{archive_member}' not found in archive {archive_path}."
+                ) from exc
+            tar.extract(member, path=archive_path.parent, filter="data")
+        extracted = archive_path.parent / archive_member
+        shutil.move(str(extracted), dest)
+        return
+
+    if archive_format == "zip":
+        if not archive_member:
+            raise RuntimeError("Missing 'path' for zip archive in DotSlash manifest.")
+        with zipfile.ZipFile(archive_path) as archive:
+            try:
+                with archive.open(archive_member) as src, open(dest, "wb") as out:
+                    shutil.copyfileobj(src, out)
+            except KeyError as exc:
+                raise RuntimeError(
+                    f"Entry '{archive_member}' not found in archive {archive_path}."
+                ) from exc
+        return
+
+    raise RuntimeError(f"Unsupported archive format '{archive_format}'.")
+
+
+def _load_manifest(manifest_path: Path) -> dict:
+    cmd = ["dotslash", "--", "parse", str(manifest_path)]
+    stdout = subprocess.check_output(cmd, text=True)
+    try:
+        manifest = json.loads(stdout)
+    except json.JSONDecodeError as exc:
+        raise RuntimeError(f"Invalid DotSlash manifest output from {manifest_path}.") from exc
+
+    if not isinstance(manifest, dict):
+        raise RuntimeError(
+            f"Unexpected DotSlash manifest structure for {manifest_path}: {type(manifest)!r}"
+        )
+
+    return manifest
+
+
+if __name__ == "__main__":
+    import sys
+
+    sys.exit(main())
--- a/codex-rs/.cargo/config.toml
+++ b/codex-rs/.cargo/config.toml
@@ -1,5 +1,5 @@
 [target.'cfg(all(windows, target_env = "msvc"))']
-rustflags = ["-C", "link-arg=/STACK:8388608", "-C", "target-feature=+crt-static"]
+rustflags = ["-C", "link-arg=/STACK:8388608"]

 # MSVC emits a warning about code that may trip "Cortex-A53 MPCore processor bug #843419" (see
 # https://developer.arm.com/documentation/epm048406/latest) which is sometimes emitted by LLVM.
--- a/codex-rs/.config/nextest.toml
+++ b/codex-rs/.config/nextest.toml
@@ -1,12 +1,6 @@
 [profile.default]
-# Retry once so one transient failure does not fail full-CI outright.
-# Fanout keeps the full-CI shards moving without treating every >30s test as
-# stuck. Keep this aligned with the broader timeout budget we give sharded CI.
-slow-timeout = { period = "30s", terminate-after = 2 }
-retries = 1
-
-[profile.default.junit]
-path = "junit.xml"
+# Do not increase, fix your test instead
+slow-timeout = { period = "15s", terminate-after = 2 }

 [test-groups.app_server_protocol_codegen]
 max-threads = 1
@@ -20,9 +14,6 @@ max-threads = 1
 [test-groups.windows_sandbox_legacy_sessions]
 max-threads = 1

-[test-groups.windows_process_heavy]
-max-threads = 2
-
 [[profile.default.overrides]]
 # Do not add new tests here
 filter = 'test(rmcp_client) | test(humanlike_typing_1000_chars_appears_live_no_placeholder)'
@@ -53,18 +44,3 @@ test-group = 'core_apply_patch_cli_integration'
 # Serialize them to avoid exhausting Windows session/global desktop resources in CI.
 filter = 'package(codex-windows-sandbox) & test(legacy_)'
 test-group = 'windows_sandbox_legacy_sessions'
-
-[[profile.default.overrides]]
-# This Codex-home startup path still exceeded the broader Windows-heavy ceiling
-# in both Windows full-CI lanes after contention was reduced.
-platform = 'cfg(windows)'
-filter = 'test(start_thread_uses_all_default_environments_from_codex_home)'
-slow-timeout = { period = "1m", terminate-after = 2 }
-
-[[profile.default.overrides]]
-# These Windows-heavy tests spawn subprocesses, session files, or JSON-RPC
-# clients and have been the dominant source of 30s full-CI timeouts.
-platform = 'cfg(windows)'
-filter = 'test(suite::resume::) | test(suite::cli_stream::) | test(suite::auth_env::) | test(start_thread_uses_all_default_environments_from_codex_home) | test(connect_stdio_command_initializes_json_rpc_client_on_windows)'
-test-group = 'windows_process_heavy'
-slow-timeout = { period = "45s", terminate-after = 2 }
--- a/codex-rs/.github/workflows/cargo-audit.yml
+++ b/codex-rs/.github/workflows/cargo-audit.yml
@@ -17,7 +17,7 @@ jobs:
        working-directory: codex-rs
    steps:
      - uses: actions/checkout@v4
-      - uses: dtolnay/rust-toolchain@e081816240890017053eacbb1bdf337761dc5582 # 1.95.0
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
      - name: Install cargo-audit
        uses: taiki-e/install-action@v2
        with:
--- a/codex-rs/Cargo.lock
+++ b/codex-rs/Cargo.lock
--- a/codex-rs/Cargo.toml
+++ b/codex-rs/Cargo.toml
@@ -5,15 +5,14 @@ members = [
    "agent-graph-store",
    "agent-identity",
    "backend-client",
-    "bwrap",
    "ansi-escape",
    "async-utils",
    "app-server",
    "app-server-transport",
-    "app-server-daemon",
    "app-server-client",
    "app-server-protocol",
    "app-server-test-client",
+    "debug-client",
    "apply-patch",
    "arg0",
    "feedback",
@@ -21,7 +20,7 @@ members = [
    "install-context",
    "codex-backend-openapi-models",
    "code-mode",
-    "cloud-config",
+    "cloud-requirements",
    "cloud-tasks",
    "cloud-tasks-client",
    "cloud-tasks-mock-client",
@@ -29,6 +28,7 @@ members = [
    "collaboration-mode-templates",
    "connectors",
    "config",
+    "device-key",
    "shell-command",
    "shell-escalation",
    "skills",
@@ -43,23 +43,16 @@ members = [
    "exec-server",
    "execpolicy",
    "execpolicy-legacy",
-    "ext/extension-api",
-    "ext/goal",
-    "ext/guardian",
-    "ext/image-generation",
-    "ext/memories",
-    "ext/skills",
-    "ext/web-search",
    "external-agent-migration",
    "external-agent-sessions",
    "keyring-store",
    "file-search",
-    "file-watcher",
    "linux-sandbox",
    "lmstudio",
    "login",
    "codex-mcp",
    "mcp-server",
+    "memories/mcp",
    "memories/read",
    "memories/write",
    "model-provider-info",
@@ -69,7 +62,6 @@ members = [
    "process-hardening",
    "protocol",
    "realtime-webrtc",
-    "prompts",
    "rollout",
    "rollout-trace",
    "rmcp-client",
@@ -138,7 +130,6 @@ codex-api = { path = "codex-api" }
 codex-aws-auth = { path = "aws-auth" }
 codex-app-server = { path = "app-server" }
 codex-app-server-transport = { path = "app-server-transport" }
-codex-app-server-daemon = { path = "app-server-daemon" }
 codex-app-server-client = { path = "app-server-client" }
 codex-app-server-protocol = { path = "app-server-protocol" }
 codex-app-server-test-client = { path = "app-server-test-client" }
@@ -150,7 +141,7 @@ codex-chatgpt = { path = "chatgpt" }
 codex-cli = { path = "cli" }
 codex-client = { path = "codex-client" }
 codex-collaboration-mode-templates = { path = "collaboration-mode-templates" }
-codex-cloud-config = { path = "cloud-config" }
+codex-cloud-requirements = { path = "cloud-requirements" }
 codex-cloud-tasks-client = { path = "cloud-tasks-client" }
 codex-cloud-tasks-mock-client = { path = "cloud-tasks-mock-client" }
 codex-code-mode = { path = "code-mode" }
@@ -160,14 +151,11 @@ codex-core = { path = "core" }
 codex-core-api = { path = "core-api" }
 codex-core-plugins = { path = "core-plugins" }
 codex-core-skills = { path = "core-skills" }
+codex-device-key = { path = "device-key" }
 codex-exec = { path = "exec" }
 codex-file-system = { path = "file-system" }
 codex-exec-server = { path = "exec-server" }
 codex-execpolicy = { path = "execpolicy" }
-codex-extension-api = { path = "ext/extension-api" }
-codex-goal-extension = { path = "ext/goal" }
-codex-guardian = { path = "ext/guardian" }
-codex-image-generation-extension = { path = "ext/image-generation" }
 codex-external-agent-migration = { path = "external-agent-migration" }
 codex-external-agent-sessions = { path = "external-agent-sessions" }
 codex-experimental-api-macros = { path = "codex-experimental-api-macros" }
@@ -175,16 +163,13 @@ codex-features = { path = "features" }
 codex-feedback = { path = "feedback" }
 codex-install-context = { path = "install-context" }
 codex-file-search = { path = "file-search" }
-codex-file-watcher = { path = "file-watcher" }
 codex-git-utils = { path = "git-utils" }
 codex-hooks = { path = "hooks" }
 codex-keyring-store = { path = "keyring-store" }
 codex-linux-sandbox = { path = "linux-sandbox" }
 codex-lmstudio = { path = "lmstudio" }
 codex-login = { path = "login" }
-codex-message-history = { path = "message-history" }
-codex-memories-extension = { path = "ext/memories" }
-codex-web-search-extension = { path = "ext/web-search" }
+codex-memories-mcp = { path = "memories/mcp" }
 codex-memories-read = { path = "memories/read" }
 codex-memories-write = { path = "memories/write" }
 codex-mcp = { path = "codex-mcp" }
@@ -199,7 +184,6 @@ codex-model-provider = { path = "model-provider" }
 codex-process-hardening = { path = "process-hardening" }
 codex-protocol = { path = "protocol" }
 codex-realtime-webrtc = { path = "realtime-webrtc" }
-codex-prompts = { path = "prompts" }
 codex-responses-api-proxy = { path = "responses-api-proxy" }
 codex-response-debug-context = { path = "response-debug-context" }
 codex-rmcp-client = { path = "rmcp-client" }
@@ -233,6 +217,7 @@ codex-utils-output-truncation = { path = "utils/output-truncation" }
 codex-utils-path = { path = "utils/path-utils" }
 codex-utils-plugins = { path = "utils/plugins" }
 codex-utils-pty = { path = "utils/pty" }
+codex-utils-readiness = { path = "utils/readiness" }
 codex-utils-rustls-provider = { path = "utils/rustls-provider" }
 codex-utils-sandbox-summary = { path = "utils/sandbox-summary" }
 codex-utils-sleep-inhibitor = { path = "utils/sleep-inhibitor" }
@@ -280,12 +265,12 @@ deno_core_icudata = "0.77.0"
 derive_more = "2"
 diffy = "0.4.2"
 dirs = "6"
-divan = "0.1.21"
 dns-lookup = "3.0.1"
 dotenvy = "0.15.7"
 dunce = "1.0.4"
 ed25519-dalek = { version = "2.2.0", features = ["pkcs8"] }
 encoding_rs = "0.8.35"
+env-flags = "0.1.1"
 env_logger = "0.11.9"
 eventsource-stream = "0.2.3"
 flate2 = "1.1.8"
@@ -307,7 +292,6 @@ indexmap = "2.12.0"
 insta = "1.46.3"
 inventory = "0.3.19"
 itertools = "0.14.0"
-jsonptr = { version = "0.7.1", default-features = false }
 jsonwebtoken = "9.3.1"
 keyring = { version = "3.6", default-features = false }
 landlock = "0.4.4"
@@ -331,6 +315,7 @@ os_info = "3.12.0"
 owo-colors = "4.3.0"
 path-absolutize = "3.1.1"
 pathdiff = "0.2"
+p256 = "0.13.2"
 portable-pty = "0.9.0"
 predicates = "3"
 pretty_assertions = "1.4.1"
@@ -346,7 +331,7 @@ rcgen = { version = "0.14.7", default-features = false, features = [
 regex = "1.12.3"
 regex-lite = "0.1.8"
 reqwest = { version = "0.12", features = ["cookies"] }
-rmcp = { version = "1.7.0", default-features = false }
+rmcp = { version = "0.15.0", default-features = false }
 runfiles = { git = "https://github.com/dzbarsky/rules_rust", rev = "b56cbaa8465e74127f1ea216f813cd377295ad81" }
 rustls = { version = "0.23", default-features = false, features = [
    "ring",
@@ -359,7 +344,6 @@ seccompiler = "0.5.0"
 semver = "1.0"
 sentry = "0.46.0"
 serde = "1"
-serde_ignored = "0.1.14"
 serde_json = "1"
 serde_path_to_error = "0.1.20"
 serde_with = "3.17"
@@ -370,14 +354,13 @@ sha2 = "0.10"
 shlex = "1.3.0"
 similar = "2.7.0"
 socket2 = "0.6.1"
-sqlx = { version = "0.9.0", default-features = false, features = [
+sqlx = { version = "0.8.6", default-features = false, features = [
    "chrono",
    "json",
    "macros",
    "migrate",
-    "runtime-tokio",
-    "tls-rustls",
-    "sqlite-bundled",
+    "runtime-tokio-rustls",
+    "sqlite",
    "time",
    "uuid",
 ] }
@@ -421,7 +404,7 @@ unicode-width = "0.2"
 url = "2"
 urlencoding = "2.1"
 uuid = "1"
-v8 = "=147.4.0"
+v8 = "=146.4.0"
 vt100 = "0.16.2"
 walkdir = "2.5.0"
 webbrowser = "1.0"
@@ -480,22 +463,24 @@ unwrap_used = "deny"
 [workspace.metadata.cargo-shear]
 ignored = [
    "codex-agent-graph-store",
-    "codex-goal-extension",
+    "codex-memories-mcp",
    "icu_provider",
    "openssl-sys",
+    "codex-utils-readiness",
+    "codex-utils-template",
    "codex-v8-poc",
 ]

 [profile.dev]
 # Keep line tables/backtraces while avoiding expensive full variable debug info
 # across local dev builds.
-debug = "limited"
+debug = 1

 [profile.dev-small]
 inherits = "dev"
 opt-level = 0
-debug = "none"
-strip = "symbols"
+debug = 0
+strip = true

 [profile.release]
 lto = "fat"
@@ -507,15 +492,8 @@ strip = "symbols"
 # See https://github.com/openai/codex/issues/1411 for details.
 codegen-units = 1

-[profile.profiling]
-inherits = "release"
-debug = "full"
-lto = false
-strip = false
-
 [profile.ci-test]
-# Reduce binary size to reduce disk pressure.
-debug = "limited"
+debug = 1         # Reduce debug symbol size
 inherits = "test"
 opt-level = 0

--- a/codex-rs/README.md
+++ b/codex-rs/README.md
@@ -46,7 +46,7 @@ Use `codex mcp` to add/list/get/remove MCP server launchers defined in `config.t

 ### Notifications

-You can enable notifications by configuring a script that is run whenever the agent finishes a turn. The [notify documentation](../docs/config.md#notify) includes a detailed example that explains how to get desktop notifications via [terminal-notifier](https://github.com/julienXX/terminal-notifier) on macOS. When Codex detects that it is running under WSL 2 inside Windows Terminal (`WT_SESSION` is set), the TUI automatically falls back to native Windows toast notifications so approval prompts and completed turns surface even though Windows Terminal does not implement OSC 9.
+The legacy `notify` setting is deprecated and will be removed in a future release. Existing configurations still work, but new automation should use lifecycle hooks instead. The [notify documentation](../docs/config.md#notify) explains the remaining compatibility behavior. When Codex detects that it is running under WSL 2 inside Windows Terminal (`WT_SESSION` is set), the TUI automatically falls back to native Windows toast notifications so approval prompts and completed turns surface even though Windows Terminal does not implement OSC 9.

 ### `codex exec` to run Codex programmatically/non-interactively

@@ -55,20 +55,25 @@ Use `codex exec --ephemeral ...` to run without persisting session rollout files

 ### Experimenting with the Codex Sandbox

-To test to see what happens when a command is run under the sandbox provided by Codex, use the `sandbox` subcommand in Codex CLI:
+To test to see what happens when a command is run under the sandbox provided by Codex, we provide the following subcommands in Codex CLI:

 ```
-# Uses the sandbox implementation for the current host OS:
-# Seatbelt on macOS, the Linux sandbox on Linux, and Windows restricted token on Windows.
-codex sandbox [COMMAND]...
+# macOS
+codex sandbox macos [--log-denials] [COMMAND]...

-# macOS-only diagnostic option
-codex sandbox --log-denials [COMMAND]...
+# Linux
+codex sandbox linux [COMMAND]...
+
+# Windows
+codex sandbox windows [COMMAND]...
+
+# Legacy aliases
+codex debug seatbelt [--log-denials] [COMMAND]...
+codex debug landlock [COMMAND]...
 ```

-`codex sandbox` also accepts `--profile NAME` (`-p NAME`) to layer
-`$CODEX_HOME/NAME.config.toml` onto the base user config for the sandboxed
-command.
+To try a writable legacy sandbox mode with these commands, pass an explicit config override such
+as `-c 'sandbox_mode="workspace-write"'`.

 ### Selecting a sandbox policy via `--sandbox`

@@ -85,6 +90,7 @@ codex --sandbox workspace-write
 codex --sandbox danger-full-access
 ```

+The same setting can be persisted in `~/.codex/config.toml` via the top-level `sandbox_mode = "MODE"` key, e.g. `sandbox_mode = "workspace-write"`.
 In `workspace-write`, Codex also includes `~/.codex/memories` in its writable roots so memory maintenance does not require an extra approval.

 ## Code Organization
--- a/codex-rs/agent-graph-store/Cargo.toml
+++ b/codex-rs/agent-graph-store/Cargo.toml
@@ -7,7 +7,6 @@ version.workspace = true
 [lib]
 name = "codex_agent_graph_store"
 path = "src/lib.rs"
-doctest = false

 [lints]
 workspace = true
--- a/codex-rs/analytics/src/accepted_lines.rs
+++ b/codex-rs/analytics/src/accepted_lines.rs
@@ -1,256 +0,0 @@
-use crate::events::CodexAcceptedLineFingerprintsEventParams;
-use crate::events::CodexAcceptedLineFingerprintsEventRequest;
-use crate::events::TrackEventRequest;
-use crate::facts::AcceptedLineFingerprint;
-use codex_git_utils::canonicalize_git_remote_url;
-use codex_git_utils::get_git_remote_urls_assume_git_repo;
-use sha1::Digest;
-use std::path::Path;
-
-#[derive(Clone, Debug, PartialEq, Eq)]
-pub struct AcceptedLineFingerprintSummary {
-    pub accepted_added_lines: u64,
-    pub accepted_deleted_lines: u64,
-    pub line_fingerprints: Vec<AcceptedLineFingerprint>,
-}
-
-pub(crate) struct AcceptedLineFingerprintEventInput {
-    pub(crate) event_type: &'static str,
-    pub(crate) turn_id: String,
-    pub(crate) thread_id: String,
-    pub(crate) product_surface: Option<String>,
-    pub(crate) model_slug: Option<String>,
-    pub(crate) completed_at: u64,
-    pub(crate) repo_hash: Option<String>,
-    pub(crate) accepted_added_lines: u64,
-    pub(crate) accepted_deleted_lines: u64,
-    pub(crate) line_fingerprints: Vec<AcceptedLineFingerprint>,
-}
-
-pub fn accepted_line_fingerprints_from_unified_diff(
-    unified_diff: &str,
-) -> AcceptedLineFingerprintSummary {
-    let mut current_path: Option<String> = None;
-    let mut in_hunk = false;
-    let mut accepted_added_lines = 0;
-    let mut accepted_deleted_lines = 0;
-    let mut line_fingerprints = Vec::new();
-
-    for line in unified_diff.lines() {
-        if line.starts_with("diff --git ") {
-            current_path = None;
-            in_hunk = false;
-            continue;
-        }
-
-        if line.starts_with("@@ ") {
-            in_hunk = true;
-            continue;
-        }
-
-        if !in_hunk && let Some(path) = line.strip_prefix("+++ ") {
-            current_path = normalize_diff_path(path);
-            continue;
-        }
-
-        if !in_hunk && line.starts_with("--- ") {
-            continue;
-        }
-
-        if let Some(added_line) = line.strip_prefix('+') {
-            accepted_added_lines += 1;
-            if let Some(path) = current_path.as_deref()
-                && let Some(normalized_line) = normalize_effective_line(added_line)
-            {
-                line_fingerprints.push(AcceptedLineFingerprint {
-                    path_hash: fingerprint_hash("path", path),
-                    line_hash: fingerprint_hash("line", &normalized_line),
-                });
-            }
-            continue;
-        }
-
-        if line.starts_with('-') {
-            accepted_deleted_lines += 1;
-        }
-    }
-
-    AcceptedLineFingerprintSummary {
-        accepted_added_lines,
-        accepted_deleted_lines,
-        line_fingerprints,
-    }
-}
-
-pub fn fingerprint_hash(domain: &str, value: &str) -> String {
-    let mut hasher = sha1::Sha1::new();
-    hasher.update(b"file-line-v1\0");
-    hasher.update(domain.as_bytes());
-    hasher.update(b"\0");
-    hasher.update(value.as_bytes());
-    format!("{:x}", hasher.finalize())
-}
-
-pub(crate) fn accepted_line_fingerprint_event_requests(
-    input: AcceptedLineFingerprintEventInput,
-) -> Vec<TrackEventRequest> {
-    let AcceptedLineFingerprintEventInput {
-        event_type,
-        turn_id,
-        thread_id,
-        product_surface,
-        model_slug,
-        completed_at,
-        repo_hash,
-        accepted_added_lines,
-        accepted_deleted_lines,
-        line_fingerprints: _line_fingerprints,
-    } = input;
-
-    vec![TrackEventRequest::AcceptedLineFingerprints(Box::new(
-        CodexAcceptedLineFingerprintsEventRequest {
-            event_type: "codex_accepted_line_fingerprints",
-            event_params: CodexAcceptedLineFingerprintsEventParams {
-                event_type,
-                turn_id,
-                thread_id,
-                product_surface,
-                model_slug,
-                completed_at,
-                repo_hash,
-                accepted_added_lines,
-                accepted_deleted_lines,
-                // Keep computing local fingerprints for parsing tests and future attribution,
-                // but do not upload path/line hashes in the analytics event payload.
-                line_fingerprints: Vec::new(),
-            },
-        },
-    ))]
-}
-
-pub async fn accepted_line_repo_hash_for_cwd(cwd: &Path) -> Option<String> {
-    let remotes = get_git_remote_urls_assume_git_repo(cwd).await?;
-    remotes
-        .get("origin")
-        .or_else(|| remotes.values().next())
-        .map(|remote_url| {
-            let canonical_remote_url =
-                canonicalize_git_remote_url(remote_url).unwrap_or_else(|| remote_url.to_string());
-            fingerprint_hash("repo", &canonical_remote_url)
-        })
-}
-
-fn normalize_diff_path(path: &str) -> Option<String> {
-    let path = path.trim();
-    if path == "/dev/null" {
-        return None;
-    }
-
-    Some(
-        path.strip_prefix("b/")
-            .or_else(|| path.strip_prefix("a/"))
-            .unwrap_or(path)
-            .to_string(),
-    )
-}
-
-fn normalize_effective_line(line: &str) -> Option<String> {
-    let normalized = line.split_whitespace().collect::<Vec<_>>().join(" ");
-    if normalized.len() <= 3 {
-        return None;
-    }
-    if !normalized
-        .chars()
-        .any(|ch| ch.is_alphanumeric() || ch == '_')
-    {
-        return None;
-    }
-    Some(normalized)
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn parses_counts_and_effective_added_fingerprints() {
-        let diff = "\
-diff --git a/src/lib.rs b/src/lib.rs
-index 1111111..2222222
--- a/src/lib.rs
-+++ b/src/lib.rs
-@@ -1,3 +1,5 @@
-old line
-+fn useful() {
-+}
-+    return user.id;
- context
-";
-
-        let summary = accepted_line_fingerprints_from_unified_diff(diff);
-
-        assert_eq!(
-            summary,
-            AcceptedLineFingerprintSummary {
-                accepted_added_lines: 3,
-                accepted_deleted_lines: 1,
-                line_fingerprints: vec![
-                    AcceptedLineFingerprint {
-                        path_hash: fingerprint_hash("path", "src/lib.rs"),
-                        line_hash: fingerprint_hash("line", "fn useful() {"),
-                    },
-                    AcceptedLineFingerprint {
-                        path_hash: fingerprint_hash("path", "src/lib.rs"),
-                        line_hash: fingerprint_hash("line", "return user.id;"),
-                    },
-                ],
-            }
-        );
-    }
-
-    #[test]
-    fn skips_added_file_metadata_headers() {
-        let diff = "\
-diff --git a/new.py b/new.py
-new file mode 100644
-index 0000000..1111111
--- /dev/null
-+++ b/new.py
-@@ -0,0 +1 @@
-+print('hello')
-";
-
-        let summary = accepted_line_fingerprints_from_unified_diff(diff);
-
-        assert_eq!(summary.accepted_added_lines, 1);
-        assert_eq!(summary.accepted_deleted_lines, 0);
-        assert_eq!(summary.line_fingerprints.len(), 1);
-    }
-
-    #[test]
-    fn parses_hunk_lines_that_look_like_file_headers() {
-        let diff = "\
-diff --git a/src/lib.rs b/src/lib.rs
-index 1111111..2222222
--- a/src/lib.rs
-+++ b/src/lib.rs
-@@ -1,2 +1,2 @@
--- old value
-+++ new value
-";
-
-        let summary = accepted_line_fingerprints_from_unified_diff(diff);
-
-        assert_eq!(
-            summary,
-            AcceptedLineFingerprintSummary {
-                accepted_added_lines: 1,
-                accepted_deleted_lines: 1,
-                line_fingerprints: vec![AcceptedLineFingerprint {
-                    path_hash: fingerprint_hash("path", "src/lib.rs"),
-                    line_hash: fingerprint_hash("line", "++ new value"),
-                }],
-            }
-        );
-    }
-}
--- a/codex-rs/analytics/src/analytics_client_tests.rs
+++ b/codex-rs/analytics/src/analytics_client_tests.rs
--- a/codex-rs/analytics/src/client.rs
+++ b/codex-rs/analytics/src/client.rs
@@ -18,7 +18,6 @@ use crate::facts::SkillInvocation;
 use crate::facts::SkillInvokedInput;
 use crate::facts::SubAgentThreadStartedInput;
 use crate::facts::TrackEventsContext;
-use crate::facts::TurnCodexErrorFact;
 use crate::facts::TurnResolvedConfigFact;
 use crate::facts::TurnTokenUsageFact;
 use crate::reducer::AnalyticsReducer;
@@ -31,10 +30,8 @@ use codex_app_server_protocol::ServerNotification;
 use codex_app_server_protocol::ServerRequest;
 use codex_app_server_protocol::ServerResponse;
 use codex_login::AuthManager;
-use codex_login::CodexAuth;
 use codex_login::default_client::create_client;
 use codex_plugin::PluginTelemetryMetadata;
-use codex_protocol::request_permissions::RequestPermissionsResponse;
 use std::collections::HashSet;
 use std::sync::Arc;
 use std::sync::Mutex;
@@ -174,10 +171,9 @@ impl AnalyticsEventsClient {
        &self,
        tracking: &GuardianReviewTrackContext,
        result: GuardianReviewAnalyticsResult,
-        completed_at_ms: u64,
    ) {
        self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::GuardianReview(
-            Box::new(tracking.event_params(result, completed_at_ms)),
+            Box::new(tracking.event_params(result)),
        )));
    }

@@ -257,12 +253,6 @@ impl AnalyticsEventsClient {
        )));
    }

-    pub fn track_turn_codex_error(&self, fact: TurnCodexErrorFact) {
-        self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::TurnCodexError(
-            Box::new(fact),
-        )));
-    }
-
    pub fn track_plugin_installed(&self, plugin: PluginTelemetryMetadata) {
        self.record_fact(AnalyticsFact::Custom(
            CustomAnalyticsFact::PluginStateChanged(PluginStateChangedInput {
@@ -343,6 +333,10 @@ impl AnalyticsEventsClient {
        });
    }

+    pub fn track_notification(&self, notification: ServerNotification) {
+        self.record_fact(AnalyticsFact::Notification(Box::new(notification)));
+    }
+
    pub fn track_server_request(&self, connection_id: u64, request: ServerRequest) {
        self.record_fact(AnalyticsFact::ServerRequest {
            connection_id,
@@ -350,48 +344,11 @@ impl AnalyticsEventsClient {
        });
    }

-    pub fn track_server_response(&self, completed_at_ms: u64, response: ServerResponse) {
+    pub fn track_server_response(&self, response: ServerResponse) {
        self.record_fact(AnalyticsFact::ServerResponse {
-            completed_at_ms,
            response: Box::new(response),
        });
    }
-
-    pub fn track_effective_permissions_approval_response(
-        &self,
-        completed_at_ms: u64,
-        request_id: RequestId,
-        response: RequestPermissionsResponse,
-    ) {
-        self.record_fact(AnalyticsFact::EffectivePermissionsApprovalResponse {
-            completed_at_ms,
-            request_id,
-            response: Box::new(response),
-        });
-    }
-
-    pub fn track_server_request_aborted(&self, completed_at_ms: u64, request_id: RequestId) {
-        self.record_fact(AnalyticsFact::ServerRequestAborted {
-            completed_at_ms,
-            request_id,
-        });
-    }
-
-    pub fn track_notification(&self, notification: ServerNotification) {
-        if !matches!(
-            notification,
-            ServerNotification::TurnStarted(_)
-                | ServerNotification::TurnCompleted(_)
-                | ServerNotification::TurnDiffUpdated(_)
-                | ServerNotification::ItemStarted(_)
-                | ServerNotification::ItemCompleted(_)
-                | ServerNotification::ItemGuardianApprovalReviewStarted(_)
-                | ServerNotification::ItemGuardianApprovalReviewCompleted(_)
-        ) {
-            return;
-        }
-        self.record_fact(AnalyticsFact::Notification(Box::new(notification)));
-    }
 }

 async fn send_track_events(
@@ -402,7 +359,6 @@ async fn send_track_events(
    if events.is_empty() {
        return;
    }
-
    let Some(auth) = auth_manager.auth().await else {
        return;
    };
@@ -412,45 +368,12 @@ async fn send_track_events(

    let base_url = base_url.trim_end_matches('/');
    let url = format!("{base_url}/codex/analytics-events/events");
-    for events in track_event_request_batches(events) {
-        send_track_events_request(&auth, &url, events).await;
-    }
-}
-
-fn track_event_request_batches(events: Vec<TrackEventRequest>) -> Vec<Vec<TrackEventRequest>> {
-    let mut batches = Vec::new();
-    let mut current_batch = Vec::new();
-
-    for event in events {
-        if event.should_send_in_isolated_request() {
-            if !current_batch.is_empty() {
-                batches.push(current_batch);
-                current_batch = Vec::new();
-            }
-            batches.push(vec![event]);
-        } else {
-            current_batch.push(event);
-        }
-    }
-
-    if !current_batch.is_empty() {
-        batches.push(current_batch);
-    }
-
-    batches
-}
-
-async fn send_track_events_request(auth: &CodexAuth, url: &str, events: Vec<TrackEventRequest>) {
-    if events.is_empty() {
-        return;
-    }
-
    let payload = TrackEventsRequest { events };

    let response = create_client()
-        .post(url)
+        .post(&url)
        .timeout(ANALYTICS_EVENTS_TIMEOUT)
-        .headers(codex_model_provider::auth_provider_from_auth(auth).to_auth_headers())
+        .headers(codex_model_provider::auth_provider_from_auth(&auth).to_auth_headers())
        .header("Content-Type", "application/json")
        .json(&payload)
        .send()
--- a/codex-rs/analytics/src/client_tests.rs
+++ b/codex-rs/analytics/src/client_tests.rs
@@ -1,17 +1,11 @@
 use super::AnalyticsEventsClient;
 use super::AnalyticsEventsQueue;
-use super::track_event_request_batches;
-use crate::events::CodexAcceptedLineFingerprintsEventParams;
-use crate::events::CodexAcceptedLineFingerprintsEventRequest;
-use crate::events::SkillInvocationEventParams;
-use crate::events::SkillInvocationEventRequest;
-use crate::events::TrackEventRequest;
 use crate::facts::AnalyticsFact;
-use crate::facts::InvocationType;
 use codex_app_server_protocol::ApprovalsReviewer as AppServerApprovalsReviewer;
 use codex_app_server_protocol::AskForApproval as AppServerAskForApproval;
 use codex_app_server_protocol::ClientRequest;
 use codex_app_server_protocol::ClientResponsePayload;
+use codex_app_server_protocol::PermissionProfile as AppServerPermissionProfile;
 use codex_app_server_protocol::RequestId;
 use codex_app_server_protocol::SandboxPolicy as AppServerSandboxPolicy;
 use codex_app_server_protocol::SessionSource as AppServerSessionSource;
@@ -28,6 +22,7 @@ use codex_app_server_protocol::TurnStartResponse;
 use codex_app_server_protocol::TurnStatus as AppServerTurnStatus;
 use codex_app_server_protocol::TurnSteerParams;
 use codex_app_server_protocol::TurnSteerResponse;
+use codex_protocol::models::PermissionProfile as CorePermissionProfile;
 use codex_utils_absolute_path::test_support::PathBufExt;
 use codex_utils_absolute_path::test_support::test_path_buf;
 use std::collections::HashSet;
@@ -36,44 +31,6 @@ use std::sync::Mutex;
 use tokio::sync::mpsc;
 use tokio::sync::mpsc::error::TryRecvError;

-fn sample_accepted_line_fingerprint_event(thread_id: &str) -> TrackEventRequest {
-    TrackEventRequest::AcceptedLineFingerprints(Box::new(
-        CodexAcceptedLineFingerprintsEventRequest {
-            event_type: "codex_accepted_line_fingerprints",
-            event_params: CodexAcceptedLineFingerprintsEventParams {
-                event_type: "codex.accepted_line_fingerprints",
-                turn_id: "turn-1".to_string(),
-                thread_id: thread_id.to_string(),
-                product_surface: Some("codex".to_string()),
-                model_slug: Some("gpt-5.1-codex".to_string()),
-                completed_at: 1,
-                repo_hash: None,
-                accepted_added_lines: 1,
-                accepted_deleted_lines: 0,
-                line_fingerprints: Vec::new(),
-            },
-        },
-    ))
-}
-
-fn sample_regular_track_event(thread_id: &str) -> TrackEventRequest {
-    TrackEventRequest::SkillInvocation(SkillInvocationEventRequest {
-        event_type: "skill_invocation",
-        skill_id: format!("skill-{thread_id}"),
-        skill_name: "doc".to_string(),
-        event_params: SkillInvocationEventParams {
-            product_client_id: None,
-            skill_scope: None,
-            plugin_id: None,
-            repo_url: None,
-            thread_id: Some(thread_id.to_string()),
-            turn_id: Some("turn-1".to_string()),
-            invoke_type: Some(InvocationType::Explicit),
-            model_slug: Some("gpt-5.1-codex".to_string()),
-        },
-    })
-}
-
 fn client_with_receiver() -> (AnalyticsEventsClient, mpsc::Receiver<AnalyticsFact>) {
    let (sender, receiver) = mpsc::channel(8);
    let queue = AnalyticsEventsQueue {
@@ -89,7 +46,6 @@ fn sample_turn_start_request() -> ClientRequest {
        request_id: RequestId::Integer(1),
        params: TurnStartParams {
            thread_id: "thread-1".to_string(),
-            client_user_message_id: None,
            input: Vec::new(),
            ..Default::default()
        },
@@ -102,10 +58,8 @@ fn sample_turn_steer_request() -> ClientRequest {
        params: TurnSteerParams {
            thread_id: "thread-1".to_string(),
            expected_turn_id: "turn-1".to_string(),
-            client_user_message_id: None,
            input: Vec::new(),
            responsesapi_client_metadata: None,
-            additional_context: None,
        },
    }
 }
@@ -122,9 +76,7 @@ fn sample_thread_archive_request() -> ClientRequest {
 fn sample_thread(thread_id: &str) -> Thread {
    Thread {
        id: thread_id.to_string(),
-        session_id: format!("session-{thread_id}"),
        forked_from_id: None,
-        parent_thread_id: None,
        preview: "first prompt".to_string(),
        ephemeral: false,
        model_provider: "openai".to_string(),
@@ -135,7 +87,6 @@ fn sample_thread(thread_id: &str) -> Thread {
        cwd: test_path_buf("/tmp").abs(),
        cli_version: "0.0.0".to_string(),
        source: AppServerSessionSource::Exec,
-        thread_source: None,
        agent_nickname: None,
        agent_role: None,
        git_info: None,
@@ -144,6 +95,10 @@ fn sample_thread(thread_id: &str) -> Thread {
    }
 }

+fn sample_permission_profile() -> AppServerPermissionProfile {
+    CorePermissionProfile::Disabled.into()
+}
+
 fn sample_thread_start_response() -> ClientResponsePayload {
    ClientResponsePayload::ThreadStart(ThreadStartResponse {
        thread: sample_thread("thread-1"),
@@ -151,11 +106,11 @@ fn sample_thread_start_response() -> ClientResponsePayload {
        model_provider: "openai".to_string(),
        service_tier: None,
        cwd: test_path_buf("/tmp").abs(),
-        runtime_workspace_roots: Vec::new(),
        instruction_sources: Vec::new(),
        approval_policy: AppServerAskForApproval::OnFailure,
        approvals_reviewer: AppServerApprovalsReviewer::User,
        sandbox: AppServerSandboxPolicy::DangerFullAccess,
+        permission_profile: Some(sample_permission_profile()),
        active_permission_profile: None,
        reasoning_effort: None,
    })
@@ -168,14 +123,13 @@ fn sample_thread_resume_response() -> ClientResponsePayload {
        model_provider: "openai".to_string(),
        service_tier: None,
        cwd: test_path_buf("/tmp").abs(),
-        runtime_workspace_roots: Vec::new(),
        instruction_sources: Vec::new(),
        approval_policy: AppServerAskForApproval::OnFailure,
        approvals_reviewer: AppServerApprovalsReviewer::User,
        sandbox: AppServerSandboxPolicy::DangerFullAccess,
+        permission_profile: Some(sample_permission_profile()),
        active_permission_profile: None,
        reasoning_effort: None,
-        initial_turns_page: None,
    })
 }

@@ -186,11 +140,11 @@ fn sample_thread_fork_response() -> ClientResponsePayload {
        model_provider: "openai".to_string(),
        service_tier: None,
        cwd: test_path_buf("/tmp").abs(),
-        runtime_workspace_roots: Vec::new(),
        instruction_sources: Vec::new(),
        approval_policy: AppServerAskForApproval::OnFailure,
        approvals_reviewer: AppServerApprovalsReviewer::User,
        sandbox: AppServerSandboxPolicy::DangerFullAccess,
+        permission_profile: Some(sample_permission_profile()),
        active_permission_profile: None,
        reasoning_effort: None,
    })
@@ -200,7 +154,6 @@ fn sample_turn_start_response() -> ClientResponsePayload {
    ClientResponsePayload::TurnStart(TurnStartResponse {
        turn: Turn {
            id: "turn-1".to_string(),
-            items_view: codex_app_server_protocol::TurnItemsView::Full,
            items: Vec::new(),
            status: AppServerTurnStatus::InProgress,
            error: None,
@@ -266,23 +219,3 @@ fn track_response_only_enqueues_analytics_relevant_responses() {
    );
    assert!(matches!(receiver.try_recv(), Err(TryRecvError::Empty)));
 }
-
-#[test]
-fn track_event_request_batches_only_isolates_accepted_line_fingerprint_events() {
-    let batches = track_event_request_batches(vec![
-        sample_regular_track_event("thread-1"),
-        sample_regular_track_event("thread-2"),
-        sample_accepted_line_fingerprint_event("thread-3"),
-        sample_accepted_line_fingerprint_event("thread-4"),
-        sample_regular_track_event("thread-5"),
-        sample_regular_track_event("thread-6"),
-    ]);
-
-    assert_eq!(batches.len(), 4);
-    assert_eq!(batches[0].len(), 2);
-    assert_eq!(batches[1].len(), 1);
-    assert_eq!(batches[2].len(), 1);
-    assert_eq!(batches[3].len(), 2);
-    assert!(batches[1][0].should_send_in_isolated_request());
-    assert!(batches[2][0].should_send_in_isolated_request());
-}
--- a/codex-rs/analytics/src/events.rs
+++ b/codex-rs/analytics/src/events.rs
@@ -1,9 +1,7 @@
 use std::time::Instant;

-use crate::facts::AcceptedLineFingerprint;
 use crate::facts::AppInvocation;
 use crate::facts::CodexCompactionEvent;
-use crate::facts::CodexErrKind;
 use crate::facts::CompactionImplementation;
 use crate::facts::CompactionPhase;
 use crate::facts::CompactionReason;
@@ -20,9 +18,8 @@ use crate::facts::TurnStatus;
 use crate::facts::TurnSteerRejectionReason;
 use crate::facts::TurnSteerResult;
 use crate::facts::TurnSubmissionType;
-use crate::now_unix_millis;
+use crate::now_unix_seconds;
 use codex_app_server_protocol::CodexErrorInfo;
-use codex_app_server_protocol::CommandExecutionSource;
 use codex_login::default_client::originator;
 use codex_plugin::PluginTelemetryMetadata;
 use codex_protocol::approvals::NetworkApprovalProtocol;
@@ -36,7 +33,6 @@ use codex_protocol::protocol::HookEventName;
 use codex_protocol::protocol::HookRunStatus;
 use codex_protocol::protocol::HookSource;
 use codex_protocol::protocol::SubAgentSource;
-use codex_protocol::protocol::ThreadSource;
 use codex_protocol::protocol::TokenUsage;
 use serde::Serialize;

@@ -65,16 +61,6 @@ pub(crate) enum TrackEventRequest {
    Compaction(Box<CodexCompactionEventRequest>),
    TurnEvent(Box<CodexTurnEventRequest>),
    TurnSteer(CodexTurnSteerEventRequest),
-    CommandExecution(CodexCommandExecutionEventRequest),
-    FileChange(CodexFileChangeEventRequest),
-    McpToolCall(CodexMcpToolCallEventRequest),
-    DynamicToolCall(CodexDynamicToolCallEventRequest),
-    CollabAgentToolCall(CodexCollabAgentToolCallEventRequest),
-    WebSearch(CodexWebSearchEventRequest),
-    ImageGeneration(CodexImageGenerationEventRequest),
-    AcceptedLineFingerprints(Box<CodexAcceptedLineFingerprintsEventRequest>),
-    #[allow(dead_code)]
-    ReviewEvent(CodexReviewEventRequest),
    PluginUsed(CodexPluginUsedEventRequest),
    PluginInstalled(CodexPluginEventRequest),
    PluginUninstalled(CodexPluginEventRequest),
@@ -82,32 +68,6 @@ pub(crate) enum TrackEventRequest {
    PluginDisabled(CodexPluginEventRequest),
 }

-impl TrackEventRequest {
-    pub(crate) fn should_send_in_isolated_request(&self) -> bool {
-        matches!(self, Self::AcceptedLineFingerprints(_))
-    }
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexAcceptedLineFingerprintsEventParams {
-    pub(crate) event_type: &'static str,
-    pub(crate) turn_id: String,
-    pub(crate) thread_id: String,
-    pub(crate) product_surface: Option<String>,
-    pub(crate) model_slug: Option<String>,
-    pub(crate) completed_at: u64,
-    pub(crate) repo_hash: Option<String>,
-    pub(crate) accepted_added_lines: u64,
-    pub(crate) accepted_deleted_lines: u64,
-    pub(crate) line_fingerprints: Vec<AcceptedLineFingerprint>,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexAcceptedLineFingerprintsEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexAcceptedLineFingerprintsEventParams,
-}
-
 #[derive(Serialize)]
 pub(crate) struct SkillInvocationEventRequest {
    pub(crate) event_type: &'static str,
@@ -120,10 +80,8 @@ pub(crate) struct SkillInvocationEventRequest {
 pub(crate) struct SkillInvocationEventParams {
    pub(crate) product_client_id: Option<String>,
    pub(crate) skill_scope: Option<String>,
-    pub(crate) plugin_id: Option<String>,
    pub(crate) repo_url: Option<String>,
    pub(crate) thread_id: Option<String>,
-    pub(crate) turn_id: Option<String>,
    pub(crate) invoke_type: Option<InvocationType>,
    pub(crate) model_slug: Option<String>,
 }
@@ -148,12 +106,11 @@ pub(crate) struct CodexRuntimeMetadata {
 #[derive(Serialize)]
 pub(crate) struct ThreadInitializedEventParams {
    pub(crate) thread_id: String,
-    pub(crate) session_id: String,
    pub(crate) app_server_client: CodexAppServerClientMetadata,
    pub(crate) runtime: CodexRuntimeMetadata,
    pub(crate) model: String,
    pub(crate) ephemeral: bool,
-    pub(crate) thread_source: Option<ThreadSource>,
+    pub(crate) thread_source: Option<&'static str>,
    pub(crate) initialization_mode: ThreadInitializationMode,
    pub(crate) subagent_source: Option<String>,
    pub(crate) parent_thread_id: Option<String>,
@@ -291,7 +248,7 @@ pub struct GuardianReviewTrackContext {
    approval_request_source: GuardianApprovalRequestSource,
    reviewed_action: GuardianReviewedAction,
    review_timeout_ms: u64,
-    pub started_at_ms: u64,
+    started_at: u64,
    started_instant: Instant,
 }

@@ -313,7 +270,7 @@ impl GuardianReviewTrackContext {
            approval_request_source,
            reviewed_action,
            review_timeout_ms,
-            started_at_ms: now_unix_millis(),
+            started_at: now_unix_seconds(),
            started_instant: Instant::now(),
        }
    }
@@ -321,7 +278,6 @@ impl GuardianReviewTrackContext {
    pub(crate) fn event_params(
        &self,
        result: GuardianReviewAnalyticsResult,
-        completed_at_ms: u64,
    ) -> GuardianReviewEventParams {
        GuardianReviewEventParams {
            thread_id: self.thread_id.clone(),
@@ -347,8 +303,8 @@ impl GuardianReviewTrackContext {
            tool_call_count: None,
            time_to_first_token_ms: result.time_to_first_token_ms,
            completion_latency_ms: Some(self.started_instant.elapsed().as_millis() as u64),
-            started_at: self.started_at_ms / 1_000,
-            completed_at: Some(completed_at_ms / 1_000),
+            started_at: self.started_at,
+            completed_at: Some(now_unix_seconds()),
            input_tokens: result.token_usage.as_ref().map(|usage| usage.input_tokens),
            cached_input_tokens: result
                .token_usage
@@ -422,283 +378,12 @@ impl GuardianReviewAnalyticsResult {

 #[derive(Serialize)]
 pub(crate) struct GuardianReviewEventPayload {
-    pub(crate) session_id: String,
    pub(crate) app_server_client: CodexAppServerClientMetadata,
    pub(crate) runtime: CodexRuntimeMetadata,
    #[serde(flatten)]
    pub(crate) guardian_review: GuardianReviewEventParams,
 }

-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum FinalApprovalOutcome {
-    Unknown,
-    NotNeeded,
-    ConfigAllowed,
-    PolicyForbidden,
-    GuardianApproved,
-    GuardianDenied,
-    GuardianAborted,
-    UserApproved,
-    UserApprovedForSession,
-    UserDenied,
-    UserAborted,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum ToolItemTerminalStatus {
-    Completed,
-    Failed,
-    Rejected,
-    Interrupted,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum ToolItemFailureKind {
-    ToolError,
-    ApprovalDenied,
-    ApprovalAborted,
-    SandboxDenied,
-    PolicyForbidden,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexToolItemEventBase {
-    pub(crate) thread_id: String,
-    pub(crate) turn_id: String,
-    /// App-server ThreadItem.id. For tool-originated items this generally
-    /// corresponds to the originating core call_id.
-    pub(crate) item_id: String,
-    pub(crate) app_server_client: CodexAppServerClientMetadata,
-    pub(crate) runtime: CodexRuntimeMetadata,
-    pub(crate) thread_source: Option<ThreadSource>,
-    pub(crate) subagent_source: Option<String>,
-    pub(crate) parent_thread_id: Option<String>,
-    pub(crate) tool_name: String,
-    pub(crate) started_at_ms: u64,
-    pub(crate) completed_at_ms: u64,
-    // Observed item lifecycle duration. This may undercount end-to-end execution
-    // for tools where app-server only sees part of the upstream flow.
-    pub(crate) duration_ms: Option<u64>,
-    pub(crate) execution_duration_ms: Option<u64>,
-    pub(crate) review_count: u64,
-    pub(crate) guardian_review_count: u64,
-    pub(crate) user_review_count: u64,
-    pub(crate) final_approval_outcome: FinalApprovalOutcome,
-    pub(crate) terminal_status: ToolItemTerminalStatus,
-    pub(crate) failure_kind: Option<ToolItemFailureKind>,
-    pub(crate) requested_additional_permissions: bool,
-    pub(crate) requested_network_access: bool,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum ReviewSubjectKind {
-    CommandExecution,
-    FileChange,
-    McpToolCall,
-    Permissions,
-    NetworkAccess,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum Reviewer {
-    Guardian,
-    User,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum ReviewTrigger {
-    Initial,
-    SandboxDenial,
-    NetworkPolicyDenial,
-    ExecveIntercept,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum ReviewStatus {
-    Approved,
-    Denied,
-    Aborted,
-    TimedOut,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum ReviewResolution {
-    None,
-    SessionApproval,
-    ExecPolicyAmendment,
-    NetworkPolicyAmendment,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexReviewEventParams {
-    pub(crate) thread_id: String,
-    pub(crate) turn_id: String,
-    pub(crate) item_id: Option<String>,
-    pub(crate) review_id: String,
-    pub(crate) app_server_client: CodexAppServerClientMetadata,
-    pub(crate) runtime: CodexRuntimeMetadata,
-    pub(crate) thread_source: Option<ThreadSource>,
-    pub(crate) subagent_source: Option<String>,
-    pub(crate) parent_thread_id: Option<String>,
-    pub(crate) subject_kind: ReviewSubjectKind,
-    pub(crate) subject_name: String,
-    pub(crate) reviewer: Reviewer,
-    pub(crate) trigger: ReviewTrigger,
-    pub(crate) status: ReviewStatus,
-    pub(crate) resolution: ReviewResolution,
-    pub(crate) started_at_ms: u64,
-    pub(crate) completed_at_ms: u64,
-    pub(crate) duration_ms: Option<u64>,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexReviewEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexReviewEventParams,
-}
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum WebSearchActionKind {
-    Search,
-    OpenPage,
-    FindInPage,
-    Other,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexCommandExecutionEventParams {
-    #[serde(flatten)]
-    pub(crate) base: CodexToolItemEventBase,
-    pub(crate) command_execution_source: CommandExecutionSource,
-    pub(crate) exit_code: Option<i32>,
-    pub(crate) command_total_action_count: u64,
-    pub(crate) command_read_action_count: u64,
-    pub(crate) command_list_files_action_count: u64,
-    pub(crate) command_search_action_count: u64,
-    pub(crate) command_unknown_action_count: u64,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexCommandExecutionEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexCommandExecutionEventParams,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexFileChangeEventParams {
-    #[serde(flatten)]
-    pub(crate) base: CodexToolItemEventBase,
-    pub(crate) file_change_count: u64,
-    pub(crate) file_add_count: u64,
-    pub(crate) file_update_count: u64,
-    pub(crate) file_delete_count: u64,
-    pub(crate) file_move_count: u64,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexFileChangeEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexFileChangeEventParams,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexMcpToolCallEventParams {
-    #[serde(flatten)]
-    pub(crate) base: CodexToolItemEventBase,
-    pub(crate) mcp_server_name: String,
-    pub(crate) mcp_tool_name: String,
-    pub(crate) mcp_error_present: bool,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexMcpToolCallEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexMcpToolCallEventParams,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexDynamicToolCallEventParams {
-    #[serde(flatten)]
-    pub(crate) base: CodexToolItemEventBase,
-    pub(crate) dynamic_tool_name: String,
-    pub(crate) success: Option<bool>,
-    pub(crate) output_content_item_count: Option<u64>,
-    pub(crate) output_text_item_count: Option<u64>,
-    pub(crate) output_image_item_count: Option<u64>,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexDynamicToolCallEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexDynamicToolCallEventParams,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexCollabAgentToolCallEventParams {
-    #[serde(flatten)]
-    pub(crate) base: CodexToolItemEventBase,
-    pub(crate) sender_thread_id: String,
-    pub(crate) receiver_thread_count: u64,
-    pub(crate) receiver_thread_ids: Option<Vec<String>>,
-    pub(crate) requested_model: Option<String>,
-    pub(crate) requested_reasoning_effort: Option<String>,
-    pub(crate) agent_state_count: Option<u64>,
-    pub(crate) completed_agent_count: Option<u64>,
-    pub(crate) failed_agent_count: Option<u64>,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexCollabAgentToolCallEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexCollabAgentToolCallEventParams,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexWebSearchEventParams {
-    #[serde(flatten)]
-    pub(crate) base: CodexToolItemEventBase,
-    pub(crate) web_search_action: Option<WebSearchActionKind>,
-    pub(crate) query_present: bool,
-    pub(crate) query_count: Option<u64>,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexWebSearchEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexWebSearchEventParams,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexImageGenerationEventParams {
-    #[serde(flatten)]
-    pub(crate) base: CodexToolItemEventBase,
-    pub(crate) revised_prompt_present: bool,
-    pub(crate) saved_path_present: bool,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexImageGenerationEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexImageGenerationEventParams,
-}
-
 #[derive(Serialize)]
 pub(crate) struct CodexAppMetadata {
    pub(crate) connector_id: Option<String>,
@@ -741,11 +426,10 @@ pub(crate) struct CodexHookRunEventRequest {
 #[derive(Serialize)]
 pub(crate) struct CodexCompactionEventParams {
    pub(crate) thread_id: String,
-    pub(crate) session_id: String,
    pub(crate) turn_id: String,
    pub(crate) app_server_client: CodexAppServerClientMetadata,
    pub(crate) runtime: CodexRuntimeMetadata,
-    pub(crate) thread_source: Option<ThreadSource>,
+    pub(crate) thread_source: Option<&'static str>,
    pub(crate) subagent_source: Option<String>,
    pub(crate) parent_thread_id: Option<String>,
    pub(crate) trigger: CompactionTrigger,
@@ -771,7 +455,6 @@ pub(crate) struct CodexCompactionEventRequest {
 #[derive(Serialize)]
 pub(crate) struct CodexTurnEventParams {
    pub(crate) thread_id: String,
-    pub(crate) session_id: String,
    pub(crate) turn_id: String,
    // TODO(rhan-oai): Populate once queued/default submission type is plumbed from
    // the turn/start callsites instead of always being reported as None.
@@ -779,7 +462,7 @@ pub(crate) struct CodexTurnEventParams {
    pub(crate) app_server_client: CodexAppServerClientMetadata,
    pub(crate) runtime: CodexRuntimeMetadata,
    pub(crate) ephemeral: bool,
-    pub(crate) thread_source: Option<ThreadSource>,
+    pub(crate) thread_source: Option<String>,
    pub(crate) initialization_mode: ThreadInitializationMode,
    pub(crate) subagent_source: Option<String>,
    pub(crate) parent_thread_id: Option<String>,
@@ -794,15 +477,13 @@ pub(crate) struct CodexTurnEventParams {
    pub(crate) sandbox_network_access: bool,
    pub(crate) collaboration_mode: Option<&'static str>,
    pub(crate) personality: Option<String>,
-    pub(crate) workspace_kind: Option<String>,
    pub(crate) num_input_images: usize,
    pub(crate) is_first_turn: bool,
    pub(crate) status: Option<TurnStatus>,
    pub(crate) turn_error: Option<CodexErrorInfo>,
-    pub(crate) codex_error_kind: Option<CodexErrKind>,
-    pub(crate) codex_error_subreason: Option<String>,
-    pub(crate) codex_error_http_status_code: Option<u16>,
    pub(crate) steer_count: Option<usize>,
+    // TODO(rhan-oai): Populate these once tool-call accounting is emitted from
+    // core; the schema is reserved but these fields are currently always None.
    pub(crate) total_tool_call_count: Option<usize>,
    pub(crate) shell_command_count: Option<usize>,
    pub(crate) file_change_count: Option<usize>,
@@ -830,12 +511,11 @@ pub(crate) struct CodexTurnEventRequest {
 #[derive(Serialize)]
 pub(crate) struct CodexTurnSteerEventParams {
    pub(crate) thread_id: String,
-    pub(crate) session_id: String,
    pub(crate) expected_turn_id: Option<String>,
    pub(crate) accepted_turn_id: Option<String>,
    pub(crate) app_server_client: CodexAppServerClientMetadata,
    pub(crate) runtime: CodexRuntimeMetadata,
-    pub(crate) thread_source: Option<ThreadSource>,
+    pub(crate) thread_source: Option<String>,
    pub(crate) subagent_source: Option<String>,
    pub(crate) parent_thread_id: Option<String>,
    pub(crate) num_input_images: usize,
@@ -936,16 +616,14 @@ pub(crate) fn codex_plugin_metadata(plugin: PluginTelemetryMetadata) -> CodexPlu

 pub(crate) fn codex_compaction_event_params(
    input: CodexCompactionEvent,
-    session_id: String,
    app_server_client: CodexAppServerClientMetadata,
    runtime: CodexRuntimeMetadata,
-    thread_source: Option<ThreadSource>,
+    thread_source: Option<&'static str>,
    subagent_source: Option<String>,
    parent_thread_id: Option<String>,
 ) -> CodexCompactionEventParams {
    CodexCompactionEventParams {
        thread_id: input.thread_id,
-        session_id,
        turn_id: input.turn_id,
        app_server_client,
        runtime,
@@ -998,12 +676,8 @@ fn analytics_hook_event_name(event_name: HookEventName) -> &'static str {
        HookEventName::PreToolUse => "PreToolUse",
        HookEventName::PermissionRequest => "PermissionRequest",
        HookEventName::PostToolUse => "PostToolUse",
-        HookEventName::PreCompact => "PreCompact",
-        HookEventName::PostCompact => "PostCompact",
        HookEventName::SessionStart => "SessionStart",
        HookEventName::UserPromptSubmit => "UserPromptSubmit",
-        HookEventName::SubagentStart => "SubagentStart",
-        HookEventName::SubagentStop => "SubagentStop",
        HookEventName::Stop => "Stop",
    }
 }
@@ -1017,7 +691,6 @@ fn analytics_hook_source(source: HookSource) -> &'static str {
        HookSource::SessionFlags => "session_flags",
        HookSource::Plugin => "plugin",
        HookSource::CloudRequirements => "cloud_requirements",
-        HookSource::CloudManagedConfig => "cloud_managed_config",
        HookSource::LegacyManagedConfigFile => "legacy_managed_config_file",
        HookSource::LegacyManagedConfigMdm => "legacy_managed_config_mdm",
        HookSource::Unknown => "unknown",
@@ -1039,7 +712,6 @@ pub(crate) fn subagent_thread_started_event_request(
 ) -> ThreadInitializedEvent {
    let event_params = ThreadInitializedEventParams {
        thread_id: input.thread_id,
-        session_id: input.session_id,
        app_server_client: CodexAppServerClientMetadata {
            product_client_id: input.product_client_id,
            client_name: Some(input.client_name),
@@ -1050,10 +722,12 @@ pub(crate) fn subagent_thread_started_event_request(
        runtime: current_runtime_metadata(),
        model: input.model,
        ephemeral: input.ephemeral,
-        thread_source: Some(ThreadSource::Subagent),
+        thread_source: Some("subagent"),
        initialization_mode: ThreadInitializationMode::New,
        subagent_source: Some(subagent_source_name(&input.subagent_source)),
-        parent_thread_id: input.parent_thread_id,
+        parent_thread_id: input
+            .parent_thread_id
+            .or_else(|| subagent_parent_thread_id(&input.subagent_source)),
        created_at: input.created_at,
    };
    ThreadInitializedEvent {
@@ -1063,7 +737,22 @@ pub(crate) fn subagent_thread_started_event_request(
 }

 pub(crate) fn subagent_source_name(subagent_source: &SubAgentSource) -> String {
-    subagent_source.kind().to_string()
+    match subagent_source {
+        SubAgentSource::Review => "review".to_string(),
+        SubAgentSource::Compact => "compact".to_string(),
+        SubAgentSource::ThreadSpawn { .. } => "thread_spawn".to_string(),
+        SubAgentSource::MemoryConsolidation => "memory_consolidation".to_string(),
+        SubAgentSource::Other(other) => other.clone(),
+    }
+}
+
+pub(crate) fn subagent_parent_thread_id(subagent_source: &SubAgentSource) -> Option<String> {
+    match subagent_source {
+        SubAgentSource::ThreadSpawn {
+            parent_thread_id, ..
+        } => Some(parent_thread_id.to_string()),
+        _ => None,
+    }
 }

 fn analytics_hook_status(status: HookRunStatus) -> HookRunStatus {
--- a/codex-rs/analytics/src/facts.rs
+++ b/codex-rs/analytics/src/facts.rs
@@ -15,7 +15,6 @@ use codex_protocol::config_types::ModeKind;
 use codex_protocol::config_types::Personality;
 use codex_protocol::config_types::ReasoningSummary;
 use codex_protocol::config_types::ServiceTier;
-use codex_protocol::error::CodexErr;
 use codex_protocol::models::PermissionProfile;
 use codex_protocol::openai_models::ReasoningEffort;
 use codex_protocol::protocol::AskForApproval;
@@ -26,19 +25,9 @@ use codex_protocol::protocol::SessionSource;
 use codex_protocol::protocol::SkillScope;
 use codex_protocol::protocol::SubAgentSource;
 use codex_protocol::protocol::TokenUsage;
-use codex_protocol::request_permissions::RequestPermissionsResponse;
 use serde::Serialize;
 use std::path::PathBuf;

-const INVALID_REQUEST_SUBREASON_MAX_BYTES: usize = 512;
-const INVALID_REQUEST_SUBREASON_TRUNCATION_SUFFIX: &str = "...";
-
-#[derive(Clone, Debug, PartialEq, Eq, Serialize)]
-pub struct AcceptedLineFingerprint {
-    pub path_hash: String,
-    pub line_hash: String,
-}
-
 #[derive(Clone)]
 pub struct TrackEventsContext {
    pub model_slug: String,
@@ -85,7 +74,6 @@ pub struct TurnResolvedConfigFact {
    pub sandbox_network_access: bool,
    pub collaboration_mode: ModeKind,
    pub personality: Option<Personality>,
-    pub workspace_kind: Option<String>,
    pub is_first_turn: bool,
 }

@@ -104,147 +92,6 @@ pub struct TurnTokenUsageFact {
    pub token_usage: TokenUsage,
 }

-#[derive(Clone)]
-pub struct TurnCodexErrorFact {
-    pub(crate) turn_id: String,
-    pub(crate) thread_id: String,
-    pub(crate) error: TurnCodexError,
-}
-
-impl TurnCodexErrorFact {
-    pub fn from_codex_err(thread_id: String, turn_id: String, error: &CodexErr) -> Self {
-        Self {
-            turn_id,
-            thread_id,
-            error: TurnCodexError::from_codex_err(error),
-        }
-    }
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum CodexErrKind {
-    TurnAborted,
-    Stream,
-    ContextWindowExceeded,
-    ThreadNotFound,
-    AgentLimitReached,
-    SessionConfiguredNotFirstEvent,
-    Timeout,
-    RequestTimeout,
-    Spawn,
-    Interrupted,
-    UnexpectedStatus,
-    InvalidRequest,
-    InvalidImageRequest,
-    UsageLimitReached,
-    ServerOverloaded,
-    CyberPolicy,
-    ResponseStreamFailed,
-    ConnectionFailed,
-    QuotaExceeded,
-    UsageNotIncluded,
-    InternalServerError,
-    RetryLimit,
-    InternalAgentDied,
-    Sandbox,
-    LandlockSandboxExecutableNotProvided,
-    UnsupportedOperation,
-    RefreshTokenFailed,
-    Fatal,
-    Io,
-    Json,
-    #[cfg(target_os = "linux")]
-    LandlockRuleset,
-    #[cfg(target_os = "linux")]
-    LandlockPathFd,
-    TokioJoin,
-    EnvVar,
-}
-
-#[derive(Clone)]
-pub(crate) struct TurnCodexError {
-    pub(crate) kind: CodexErrKind,
-    pub(crate) subreason: Option<String>,
-    pub(crate) http_status_code: Option<u16>,
-}
-
-impl TurnCodexError {
-    fn from_codex_err(error: &CodexErr) -> Self {
-        Self {
-            kind: error.into(),
-            subreason: match error {
-                CodexErr::InvalidRequest(message) => {
-                    // InvalidRequest can contain raw provider response bodies, so bound the
-                    // analytics copy without changing the source CodexErr.
-                    let subreason = if message.len() <= INVALID_REQUEST_SUBREASON_MAX_BYTES {
-                        message.clone()
-                    } else {
-                        let truncated_len = message.floor_char_boundary(
-                            INVALID_REQUEST_SUBREASON_MAX_BYTES
-                                .saturating_sub(INVALID_REQUEST_SUBREASON_TRUNCATION_SUFFIX.len()),
-                        );
-                        format!(
-                            "{}{INVALID_REQUEST_SUBREASON_TRUNCATION_SUFFIX}",
-                            &message[..truncated_len]
-                        )
-                    };
-                    Some(subreason)
-                }
-                _ => None,
-            },
-            http_status_code: error.http_status_code_value(),
-        }
-    }
-}
-
-impl From<&CodexErr> for CodexErrKind {
-    fn from(error: &CodexErr) -> Self {
-        match error {
-            CodexErr::TurnAborted => CodexErrKind::TurnAborted,
-            CodexErr::Stream(..) => CodexErrKind::Stream,
-            CodexErr::ContextWindowExceeded => CodexErrKind::ContextWindowExceeded,
-            CodexErr::ThreadNotFound(_) => CodexErrKind::ThreadNotFound,
-            CodexErr::AgentLimitReached { .. } => CodexErrKind::AgentLimitReached,
-            CodexErr::SessionConfiguredNotFirstEvent => {
-                CodexErrKind::SessionConfiguredNotFirstEvent
-            }
-            CodexErr::Timeout => CodexErrKind::Timeout,
-            CodexErr::RequestTimeout => CodexErrKind::RequestTimeout,
-            CodexErr::Spawn => CodexErrKind::Spawn,
-            CodexErr::Interrupted => CodexErrKind::Interrupted,
-            CodexErr::UnexpectedStatus(_) => CodexErrKind::UnexpectedStatus,
-            CodexErr::InvalidRequest(_) => CodexErrKind::InvalidRequest,
-            CodexErr::InvalidImageRequest() => CodexErrKind::InvalidImageRequest,
-            CodexErr::UsageLimitReached(_) => CodexErrKind::UsageLimitReached,
-            CodexErr::ServerOverloaded => CodexErrKind::ServerOverloaded,
-            CodexErr::CyberPolicy { .. } => CodexErrKind::CyberPolicy,
-            CodexErr::ResponseStreamFailed(_) => CodexErrKind::ResponseStreamFailed,
-            CodexErr::ConnectionFailed(_) => CodexErrKind::ConnectionFailed,
-            CodexErr::QuotaExceeded => CodexErrKind::QuotaExceeded,
-            CodexErr::UsageNotIncluded => CodexErrKind::UsageNotIncluded,
-            CodexErr::InternalServerError => CodexErrKind::InternalServerError,
-            CodexErr::RetryLimit(_) => CodexErrKind::RetryLimit,
-            CodexErr::InternalAgentDied => CodexErrKind::InternalAgentDied,
-            CodexErr::Sandbox(_) => CodexErrKind::Sandbox,
-            CodexErr::LandlockSandboxExecutableNotProvided => {
-                CodexErrKind::LandlockSandboxExecutableNotProvided
-            }
-            CodexErr::UnsupportedOperation(_) => CodexErrKind::UnsupportedOperation,
-            CodexErr::RefreshTokenFailed(_) => CodexErrKind::RefreshTokenFailed,
-            CodexErr::Fatal(_) => CodexErrKind::Fatal,
-            CodexErr::Io(_) => CodexErrKind::Io,
-            CodexErr::Json(_) => CodexErrKind::Json,
-            #[cfg(target_os = "linux")]
-            CodexErr::LandlockRuleset(_) => CodexErrKind::LandlockRuleset,
-            #[cfg(target_os = "linux")]
-            CodexErr::LandlockPathFd(_) => CodexErrKind::LandlockPathFd,
-            CodexErr::TokioJoin(_) => CodexErrKind::TokioJoin,
-            CodexErr::EnvVar(_) => CodexErrKind::EnvVar,
-        }
-    }
-}
-
 #[derive(Clone, Copy, Debug, Serialize)]
 #[serde(rename_all = "snake_case")]
 pub enum TurnStatus {
@@ -326,7 +173,6 @@ pub struct SkillInvocation {
    pub skill_name: String,
    pub skill_scope: SkillScope,
    pub skill_path: PathBuf,
-    pub plugin_id: Option<String>,
    pub invocation_type: InvocationType,
 }

@@ -345,7 +191,6 @@ pub struct AppInvocation {

 #[derive(Clone)]
 pub struct SubAgentThreadStartedInput {
-    pub session_id: String,
    pub thread_id: String,
    pub parent_thread_id: Option<String>,
    pub product_client_id: String,
@@ -376,7 +221,6 @@ pub enum CompactionReason {
 #[serde(rename_all = "snake_case")]
 pub enum CompactionImplementation {
    Responses,
-    ResponsesCompactionV2,
    ResponsesCompact,
 }

@@ -451,18 +295,8 @@ pub(crate) enum AnalyticsFact {
        request: Box<ServerRequest>,
    },
    ServerResponse {
-        completed_at_ms: u64,
        response: Box<ServerResponse>,
    },
-    EffectivePermissionsApprovalResponse {
-        completed_at_ms: u64,
-        request_id: RequestId,
-        response: Box<RequestPermissionsResponse>,
-    },
-    ServerRequestAborted {
-        completed_at_ms: u64,
-        request_id: RequestId,
-    },
    Notification(Box<ServerNotification>),
    // Facts that do not naturally exist on the app-server protocol surface, or
    // would require non-trivial protocol reshaping on this branch.
@@ -475,7 +309,6 @@ pub(crate) enum CustomAnalyticsFact {
    GuardianReview(Box<GuardianReviewEventParams>),
    TurnResolvedConfig(Box<TurnResolvedConfigFact>),
    TurnTokenUsage(Box<TurnTokenUsageFact>),
-    TurnCodexError(Box<TurnCodexErrorFact>),
    SkillInvoked(SkillInvokedInput),
    AppMentioned(AppMentionedInput),
    AppUsed(AppUsedInput),
--- a/codex-rs/analytics/src/lib.rs
+++ b/codex-rs/analytics/src/lib.rs
@@ -1,4 +1,3 @@
-mod accepted_lines;
 mod client;
 mod events;
 mod facts;
@@ -7,8 +6,6 @@ mod reducer;
 use std::time::SystemTime;
 use std::time::UNIX_EPOCH;

-pub use accepted_lines::accepted_line_fingerprints_from_unified_diff;
-pub use accepted_lines::fingerprint_hash;
 pub use client::AnalyticsEventsClient;
 pub use events::AppServerRpcTransport;
 pub use events::GuardianApprovalRequestSource;
@@ -20,7 +17,6 @@ pub use events::GuardianReviewSessionKind;
 pub use events::GuardianReviewTerminalStatus;
 pub use events::GuardianReviewTrackContext;
 pub use events::GuardianReviewedAction;
-pub use facts::AcceptedLineFingerprint;
 pub use facts::AnalyticsJsonRpcError;
 pub use facts::AppInvocation;
 pub use facts::CodexCompactionEvent;
@@ -38,7 +34,6 @@ pub use facts::SkillInvocation;
 pub use facts::SubAgentThreadStartedInput;
 pub use facts::ThreadInitializationMode;
 pub use facts::TrackEventsContext;
-pub use facts::TurnCodexErrorFact;
 pub use facts::TurnResolvedConfigFact;
 pub use facts::TurnStatus;
 pub use facts::TurnSteerRejectionReason;
@@ -56,27 +51,3 @@ pub fn now_unix_seconds() -> u64 {
        .unwrap_or_default()
        .as_secs()
 }
-
-pub fn now_unix_millis() -> u64 {
-    u64::try_from(
-        SystemTime::now()
-            .duration_since(UNIX_EPOCH)
-            .unwrap_or_default()
-            .as_millis(),
-    )
-    .unwrap_or(u64::MAX)
-}
-
-pub(crate) fn serialize_enum_as_string<T: serde::Serialize>(value: &T) -> Option<String> {
-    serde_json::to_value(value)
-        .ok()
-        .and_then(|value| value.as_str().map(str::to_string))
-}
-
-pub(crate) fn usize_to_u64(value: usize) -> u64 {
-    u64::try_from(value).unwrap_or(u64::MAX)
-}
-
-pub(crate) fn option_i64_to_u64(value: Option<i64>) -> Option<u64> {
-    value.and_then(|value| u64::try_from(value).ok())
-}
--- a/codex-rs/analytics/src/reducer.rs
+++ b/codex-rs/analytics/src/reducer.rs
--- a/codex-rs/ansi-escape/Cargo.toml
+++ b/codex-rs/ansi-escape/Cargo.toml
@@ -7,8 +7,6 @@ license.workspace = true
 [lib]
 name = "codex_ansi_escape"
 path = "src/lib.rs"
-test = false
-doctest = false

 [lints]
 workspace = true
--- a/codex-rs/app-server-client/Cargo.toml
+++ b/codex-rs/app-server-client/Cargo.toml
@@ -7,7 +7,6 @@ license.workspace = true
 [lib]
 name = "codex_app_server_client"
 path = "src/lib.rs"
-doctest = false

 [lints]
 workspace = true
@@ -21,8 +20,6 @@ codex-core = { workspace = true }
 codex-exec-server = { workspace = true }
 codex-feedback = { workspace = true }
 codex-protocol = { workspace = true }
-codex-uds = { workspace = true }
-codex-utils-absolute-path = { workspace = true }
 codex-utils-rustls-provider = { workspace = true }
 futures = { workspace = true }
 serde = { workspace = true }
@@ -36,5 +33,4 @@ url = { workspace = true }
 [dev-dependencies]
 pretty_assertions = { workspace = true }
 serde_json = { workspace = true }
-tempfile = { workspace = true }
 tokio = { workspace = true, features = ["macros", "rt-multi-thread"] }
--- a/codex-rs/app-server-client/src/lib.rs
+++ b/codex-rs/app-server-client/src/lib.rs
@@ -25,7 +25,6 @@ use std::io::Result as IoResult;
 use std::sync::Arc;
 use std::time::Duration;

-pub use codex_app_server::app_server_control_socket_path;
 pub use codex_app_server::in_process::DEFAULT_IN_PROCESS_CHANNEL_CAPACITY;
 pub use codex_app_server::in_process::InProcessServerEvent;
 use codex_app_server::in_process::InProcessStartArgs;
@@ -43,13 +42,14 @@ use codex_app_server_protocol::Result as JsonRpcResult;
 use codex_app_server_protocol::ServerNotification;
 use codex_app_server_protocol::ServerRequest;
 use codex_arg0::Arg0DispatchPaths;
-use codex_config::CloudConfigBundleLoader;
+use codex_config::CloudRequirementsLoader;
 use codex_config::LoaderOverrides;
 use codex_config::NoopThreadConfigLoader;
 use codex_config::RemoteThreadConfigLoader;
 use codex_config::ThreadConfigLoader;
 use codex_core::config::Config;
 pub use codex_exec_server::EnvironmentManager;
+pub use codex_exec_server::EnvironmentManagerArgs;
 pub use codex_exec_server::ExecServerRuntimePaths;
 use codex_feedback::CodexFeedback;
 use codex_protocol::protocol::SessionSource;
@@ -62,7 +62,6 @@ use tracing::warn;

 pub use crate::remote::RemoteAppServerClient;
 pub use crate::remote::RemoteAppServerConnectArgs;
-pub use crate::remote::RemoteAppServerEndpoint;

 /// Transitional access to core-only embedded app-server types.
 ///
@@ -73,9 +72,12 @@ pub mod legacy_core {
    pub use codex_core::DEFAULT_AGENTS_MD_FILENAME;
    pub use codex_core::LOCAL_AGENTS_MD_FILENAME;
    pub use codex_core::McpManager;
+    pub use codex_core::append_message_history_entry;
    pub use codex_core::check_execpolicy_for_warnings;
    pub use codex_core::format_exec_policy_error_with_source;
    pub use codex_core::grant_read_root_non_elevated;
+    pub use codex_core::lookup_message_history_entry;
+    pub use codex_core::message_history_metadata;
    pub use codex_core::web_search_detail;

    pub mod config {
@@ -176,7 +178,6 @@ pub(crate) fn server_notification_requires_delivery(notification: &ServerNotific
    matches!(
        notification,
        ServerNotification::TurnCompleted(_)
-            | ServerNotification::ThreadSettingsUpdated(_)
            | ServerNotification::ItemCompleted(_)
            | ServerNotification::AgentMessageDelta(_)
            | ServerNotification::PlanDelta(_)
@@ -337,10 +338,8 @@ pub struct InProcessClientStartArgs {
    pub cli_overrides: Vec<(String, TomlValue)>,
    /// Loader override knobs used by config API paths.
    pub loader_overrides: LoaderOverrides,
-    /// Whether config API paths should reject unknown config fields.
-    pub strict_config: bool,
-    /// Preloaded cloud config bundle provider.
-    pub cloud_config_bundle: CloudConfigBundleLoader,
+    /// Preloaded cloud requirements provider.
+    pub cloud_requirements: CloudRequirementsLoader,
    /// Feedback sink used by app-server/core telemetry and logs.
    pub feedback: CodexFeedback,
    /// SQLite tracing layer used to flush recently emitted logs before feedback upload.
@@ -379,7 +378,6 @@ impl InProcessClientStartArgs {
    pub fn initialize_params(&self) -> InitializeParams {
        let capabilities = InitializeCapabilities {
            experimental_api: self.experimental_api,
-            request_attestation: false,
            opt_out_notification_methods: if self.opt_out_notification_methods.is_empty() {
                None
            } else {
@@ -405,8 +403,7 @@ impl InProcessClientStartArgs {
            config: self.config,
            cli_overrides: self.cli_overrides,
            loader_overrides: self.loader_overrides,
-            strict_config: self.strict_config,
-            cloud_config_bundle: self.cloud_config_bundle,
+            cloud_requirements: self.cloud_requirements,
            thread_config_loader,
            feedback: self.feedback,
            log_db: self.log_db,
@@ -957,19 +954,12 @@ mod tests {
    use codex_app_server_protocol::ToolRequestUserInputParams;
    use codex_app_server_protocol::ToolRequestUserInputQuestion;
    use codex_core::config::ConfigBuilder;
-    use codex_core::init_state_db;
-    use codex_uds::UnixListener;
-    use codex_utils_absolute_path::AbsolutePathBuf;
    use futures::SinkExt;
    use futures::StreamExt;
    use pretty_assertions::assert_eq;
-    use std::ops::Deref;
-    use std::path::Path;
-    use tempfile::TempDir;
    use tokio::net::TcpListener;
    use tokio::time::Duration;
    use tokio::time::timeout;
-    use tokio_tungstenite::accept_async;
    use tokio_tungstenite::accept_hdr_async;
    use tokio_tungstenite::tungstenite::Message;
    use tokio_tungstenite::tungstenite::handshake::server::Request as WebSocketRequest;
@@ -985,60 +975,19 @@ mod tests {
        }
    }

-    async fn build_test_config_for_codex_home(codex_home: &Path) -> Config {
-        match ConfigBuilder::default()
-            .codex_home(codex_home.to_path_buf())
-            .build()
-            .await
-        {
-            Ok(config) => config,
-            Err(_) => Config::load_default_with_cli_overrides_for_codex_home(
-                codex_home.to_path_buf(),
-                Vec::new(),
-            )
-            .await
-            .expect("default config should load"),
-        }
-    }
-
-    struct TestClient {
-        _codex_home: TempDir,
-        client: InProcessAppServerClient,
-    }
-
-    impl Deref for TestClient {
-        type Target = InProcessAppServerClient;
-
-        fn deref(&self) -> &Self::Target {
-            &self.client
-        }
-    }
-
-    impl TestClient {
-        async fn shutdown(self) -> IoResult<()> {
-            self.client.shutdown().await
-        }
-    }
-
    async fn start_test_client_with_capacity(
        session_source: SessionSource,
        channel_capacity: usize,
-    ) -> TestClient {
-        let codex_home = TempDir::new().expect("temp dir");
-        let config = Arc::new(build_test_config_for_codex_home(codex_home.path()).await);
-        let state_db = init_state_db(config.as_ref())
-            .await
-            .expect("state db should initialize for in-process test");
-        let client = InProcessAppServerClient::start(InProcessClientStartArgs {
+    ) -> InProcessAppServerClient {
+        InProcessAppServerClient::start(InProcessClientStartArgs {
            arg0_paths: Arg0DispatchPaths::default(),
-            config,
+            config: Arc::new(build_test_config().await),
            cli_overrides: Vec::new(),
            loader_overrides: LoaderOverrides::default(),
-            strict_config: false,
-            cloud_config_bundle: CloudConfigBundleLoader::default(),
+            cloud_requirements: CloudRequirementsLoader::default(),
            feedback: CodexFeedback::new(),
            log_db: None,
-            state_db: Some(state_db),
+            state_db: None,
            environment_manager: Arc::new(EnvironmentManager::default_for_tests()),
            config_warnings: Vec::new(),
            session_source,
@@ -1050,15 +999,10 @@ mod tests {
            channel_capacity,
        })
        .await
-        .expect("in-process app-server client should start");
-
-        TestClient {
-            _codex_home: codex_home,
-            client,
-        }
+        .expect("in-process app-server client should start")
    }

-    async fn start_test_client(session_source: SessionSource) -> TestClient {
+    async fn start_test_client(session_source: SessionSource) -> InProcessAppServerClient {
        start_test_client_with_capacity(session_source, DEFAULT_IN_PROCESS_CHANNEL_CAPACITY).await
    }

@@ -1110,10 +1054,9 @@ mod tests {
        format!("ws://{addr}")
    }

-    async fn expect_remote_initialize<S>(websocket: &mut tokio_tungstenite::WebSocketStream<S>)
-    where
-        S: tokio::io::AsyncRead + tokio::io::AsyncWrite + Unpin,
-    {
+    async fn expect_remote_initialize(
+        websocket: &mut tokio_tungstenite::WebSocketStream<tokio::net::TcpStream>,
+    ) {
        let JSONRPCMessage::Request(request) = read_websocket_message(websocket).await else {
            panic!("expected initialize request");
        };
@@ -1122,9 +1065,7 @@ mod tests {
            websocket,
            JSONRPCMessage::Response(JSONRPCResponse {
                id: request.id,
-                result: serde_json::json!({
-                    "userAgent": "codex_cli_rs/9.8.7-test (Test OS; x86_64) rust",
-                }),
+                result: serde_json::json!({}),
            }),
        )
        .await;
@@ -1136,12 +1077,9 @@ mod tests {
        assert_eq!(notification.method, "initialized");
    }

-    async fn read_websocket_message<S>(
-        websocket: &mut tokio_tungstenite::WebSocketStream<S>,
-    ) -> JSONRPCMessage
-    where
-        S: tokio::io::AsyncRead + tokio::io::AsyncWrite + Unpin,
-    {
+    async fn read_websocket_message(
+        websocket: &mut tokio_tungstenite::WebSocketStream<tokio::net::TcpStream>,
+    ) -> JSONRPCMessage {
        loop {
            let frame = websocket
                .next()
@@ -1161,12 +1099,10 @@ mod tests {
        }
    }

-    async fn write_websocket_message<S>(
-        websocket: &mut tokio_tungstenite::WebSocketStream<S>,
+    async fn write_websocket_message(
+        websocket: &mut tokio_tungstenite::WebSocketStream<tokio::net::TcpStream>,
        message: JSONRPCMessage,
-    ) where
-        S: tokio::io::AsyncRead + tokio::io::AsyncWrite + Unpin,
-    {
+    ) {
        websocket
            .send(Message::Text(
                serde_json::to_string(&message)
@@ -1203,7 +1139,6 @@ mod tests {
        ServerNotification::ItemCompleted(codex_app_server_protocol::ItemCompletedNotification {
            thread_id: "thread".to_string(),
            turn_id: "turn".to_string(),
-            completed_at_ms: 0,
            item: codex_app_server_protocol::ThreadItem::AgentMessage {
                id: "item".to_string(),
                text: text.to_string(),
@@ -1218,7 +1153,6 @@ mod tests {
            thread_id: "thread".to_string(),
            turn: codex_app_server_protocol::Turn {
                id: "turn".to_string(),
-                items_view: codex_app_server_protocol::TurnItemsView::Full,
                items: Vec::new(),
                status: codex_app_server_protocol::TurnStatus::Completed,
                error: None,
@@ -1231,10 +1165,8 @@ mod tests {

    fn test_remote_connect_args(websocket_url: String) -> RemoteAppServerConnectArgs {
        RemoteAppServerConnectArgs {
-            endpoint: RemoteAppServerEndpoint::WebSocket {
-                websocket_url,
-                auth_token: None,
-            },
+            websocket_url,
+            auth_token: None,
            client_name: "codex-app-server-client-test".to_string(),
            client_version: "0.0.0-test".to_string(),
            experimental_api: true,
@@ -1459,65 +1391,6 @@ mod tests {
            .await
            .expect("remote client should connect");

-        assert_eq!(client.server_version(), Some("9.8.7-test"));
-        let response: GetAccountResponse = client
-            .request_typed(ClientRequest::GetAccount {
-                request_id: RequestId::Integer(1),
-                params: codex_app_server_protocol::GetAccountParams {
-                    refresh_token: false,
-                },
-            })
-            .await
-            .expect("typed request should succeed");
-        assert_eq!(response.account, None);
-
-        client.shutdown().await.expect("shutdown should complete");
-    }
-
-    #[tokio::test]
-    async fn remote_unix_socket_typed_request_roundtrip_works() {
-        let socket_dir = TempDir::new().expect("socket dir");
-        let socket_path = AbsolutePathBuf::from_absolute_path(socket_dir.path().join("codex.sock"))
-            .expect("socket path should resolve");
-        let mut listener = UnixListener::bind(socket_path.as_path())
-            .await
-            .expect("listener should bind");
-        tokio::spawn(async move {
-            let stream = listener.accept().await.expect("accept should succeed");
-            let mut websocket = accept_async(stream)
-                .await
-                .expect("websocket upgrade should succeed");
-            expect_remote_initialize(&mut websocket).await;
-            let JSONRPCMessage::Request(request) = read_websocket_message(&mut websocket).await
-            else {
-                panic!("expected account/read request");
-            };
-            assert_eq!(request.method, "account/read");
-            write_websocket_message(
-                &mut websocket,
-                JSONRPCMessage::Response(JSONRPCResponse {
-                    id: request.id,
-                    result: serde_json::to_value(GetAccountResponse {
-                        account: None,
-                        requires_openai_auth: false,
-                    })
-                    .expect("response should serialize"),
-                }),
-            )
-            .await;
-            websocket.close(None).await.expect("close should succeed");
-        });
-        let client = RemoteAppServerClient::connect(RemoteAppServerConnectArgs {
-            endpoint: RemoteAppServerEndpoint::UnixSocket { socket_path },
-            client_name: "codex-app-server-client-test".to_string(),
-            client_version: "0.0.0-test".to_string(),
-            experimental_api: true,
-            opt_out_notification_methods: Vec::new(),
-            channel_capacity: 8,
-        })
-        .await
-        .expect("remote client should connect");
-
        let response: GetAccountResponse = client
            .request_typed(ClientRequest::GetAccount {
                request_id: RequestId::Integer(1),
@@ -1593,15 +1466,8 @@ mod tests {
        )
        .await;
        let client = RemoteAppServerClient::connect(RemoteAppServerConnectArgs {
-            endpoint: RemoteAppServerEndpoint::WebSocket {
-                websocket_url,
-                auth_token: Some(auth_token),
-            },
-            client_name: "codex-app-server-client-test".to_string(),
-            client_version: "0.0.0-test".to_string(),
-            experimental_api: true,
-            opt_out_notification_methods: Vec::new(),
-            channel_capacity: 8,
+            auth_token: Some(auth_token),
+            ..test_remote_connect_args(websocket_url)
        })
        .await
        .expect("remote client should connect");
@@ -1612,15 +1478,9 @@ mod tests {
    #[tokio::test]
    async fn remote_connect_rejects_non_loopback_ws_when_auth_configured() {
        let result = RemoteAppServerClient::connect(RemoteAppServerConnectArgs {
-            endpoint: RemoteAppServerEndpoint::WebSocket {
-                websocket_url: "ws://example.com:4500".to_string(),
-                auth_token: Some("remote-bearer-token".to_string()),
-            },
-            client_name: "codex-app-server-client-test".to_string(),
-            client_version: "0.0.0-test".to_string(),
-            experimental_api: true,
-            opt_out_notification_methods: Vec::new(),
-            channel_capacity: 8,
+            websocket_url: "ws://example.com:4500".to_string(),
+            auth_token: Some("remote-bearer-token".to_string()),
+            ..test_remote_connect_args("ws://127.0.0.1:1".to_string())
        })
        .await;
        let err = match result {
@@ -1798,8 +1658,13 @@ mod tests {
        })
        .await;
        let mut client = RemoteAppServerClient::connect(RemoteAppServerConnectArgs {
+            websocket_url,
+            auth_token: None,
+            client_name: "codex-app-server-client-test".to_string(),
+            client_version: "0.0.0-test".to_string(),
+            experimental_api: true,
+            opt_out_notification_methods: Vec::new(),
            channel_capacity: 1,
-            ..test_remote_connect_args(websocket_url)
        })
        .await
        .expect("remote client should connect");
@@ -2118,7 +1983,6 @@ mod tests {
                        thread_id: "thread".to_string(),
                        turn: codex_app_server_protocol::Turn {
                            id: "turn".to_string(),
-                            items_view: codex_app_server_protocol::TurnItemsView::Full,
                            items: Vec::new(),
                            status: codex_app_server_protocol::TurnStatus::Completed,
                            error: None,
@@ -2148,7 +2012,6 @@ mod tests {
                    codex_app_server_protocol::ItemCompletedNotification {
                        thread_id: "thread".to_string(),
                        turn_id: "turn".to_string(),
-                        completed_at_ms: 0,
                        item: codex_app_server_protocol::ThreadItem::AgentMessage {
                            id: "item".to_string(),
                            text: "hello".to_string(),
@@ -2182,13 +2045,11 @@ mod tests {
        let environment_manager = Arc::new(
            EnvironmentManager::create_for_tests(
                Some("ws://127.0.0.1:8765".to_string()),
-                Some(
-                    ExecServerRuntimePaths::new(
-                        std::env::current_exe().expect("current exe"),
-                        /*codex_linux_sandbox_exe*/ None,
-                    )
-                    .expect("runtime paths"),
-                ),
+                ExecServerRuntimePaths::new(
+                    std::env::current_exe().expect("current exe"),
+                    /*codex_linux_sandbox_exe*/ None,
+                )
+                .expect("runtime paths"),
            )
            .await,
        );
@@ -2198,8 +2059,7 @@ mod tests {
            config: config.clone(),
            cli_overrides: Vec::new(),
            loader_overrides: LoaderOverrides::default(),
-            strict_config: false,
-            cloud_config_bundle: CloudConfigBundleLoader::default(),
+            cloud_requirements: CloudRequirementsLoader::default(),
            feedback: CodexFeedback::new(),
            log_db: None,
            state_db: None,
@@ -2239,8 +2099,7 @@ mod tests {
            config: Arc::new(config),
            cli_overrides: Vec::new(),
            loader_overrides: LoaderOverrides::default(),
-            strict_config: false,
-            cloud_config_bundle: CloudConfigBundleLoader::default(),
+            cloud_requirements: CloudRequirementsLoader::default(),
            feedback: CodexFeedback::new(),
            log_db: None,
            state_db: None,
--- a/codex-rs/app-server-client/src/remote.rs
+++ b/codex-rs/app-server-client/src/remote.rs
@@ -1,13 +1,11 @@
 /*
-This module implements the remote app-server client transport.
+This module implements the websocket-backed app-server client transport.

 It owns the remote connection lifecycle, including the initialize/initialized
 handshake, JSON-RPC request/response routing, server-request resolution, and
-notification streaming. Remote connections always carry WebSocket frames, over
-either TCP WebSocket URLs or local Unix sockets. The rest of the crate uses the
-same `AppServerEvent` surface for both in-process and remote transports, so
-callers such as the TUI can switch between them without changing their
-higher-level session logic.
+notification streaming. The rest of the crate uses the same `AppServerEvent`
+surface for both in-process and remote transports, so callers such as the TUI
+can switch between them without changing their higher-level session logic.
 */

 use std::collections::HashMap;
@@ -37,23 +35,17 @@ use codex_app_server_protocol::RequestId;
 use codex_app_server_protocol::Result as JsonRpcResult;
 use codex_app_server_protocol::ServerNotification;
 use codex_app_server_protocol::ServerRequest;
-use codex_uds::UnixStream;
-use codex_utils_absolute_path::AbsolutePathBuf;
 use codex_utils_rustls_provider::ensure_rustls_crypto_provider;
 use futures::SinkExt;
 use futures::StreamExt;
 use serde::de::DeserializeOwned;
-use tokio::io::AsyncRead;
-use tokio::io::AsyncWrite;
 use tokio::net::TcpStream;
 use tokio::sync::mpsc;
 use tokio::sync::oneshot;
 use tokio::time::timeout;
 use tokio_tungstenite::MaybeTlsStream;
 use tokio_tungstenite::WebSocketStream;
-use tokio_tungstenite::client_async_with_config;
 use tokio_tungstenite::connect_async_with_config;
-use tokio_tungstenite::tungstenite::Error as TungsteniteError;
 use tokio_tungstenite::tungstenite::Message;
 use tokio_tungstenite::tungstenite::client::IntoClientRequest;
 use tokio_tungstenite::tungstenite::http::HeaderValue;
@@ -65,35 +57,22 @@ use url::Url;
 const CONNECT_TIMEOUT: Duration = Duration::from_secs(10);
 const INITIALIZE_TIMEOUT: Duration = Duration::from_secs(10);
 const REMOTE_APP_SERVER_MAX_WEBSOCKET_MESSAGE_SIZE: usize = 128 << 20;
-// Tungstenite still needs an HTTP request URI for the WebSocket handshake;
-// the bytes travel over the Unix socket, not TCP.
-const UDS_WEBSOCKET_HANDSHAKE_URL: &str = "ws://localhost/rpc";
-
-#[derive(Debug, Clone, PartialEq, Eq)]
-pub enum RemoteAppServerEndpoint {
-    WebSocket {
-        websocket_url: String,
-        auth_token: Option<String>,
-    },
-    UnixSocket {
-        socket_path: AbsolutePathBuf,
-    },
-}

 #[derive(Debug, Clone)]
 pub struct RemoteAppServerConnectArgs {
-    pub endpoint: RemoteAppServerEndpoint,
+    pub websocket_url: String,
+    pub auth_token: Option<String>,
    pub client_name: String,
    pub client_version: String,
    pub experimental_api: bool,
    pub opt_out_notification_methods: Vec<String>,
    pub channel_capacity: usize,
 }
+
 impl RemoteAppServerConnectArgs {
    fn initialize_params(&self) -> InitializeParams {
        let capabilities = InitializeCapabilities {
            experimental_api: self.experimental_api,
-            request_attestation: false,
            opt_out_notification_methods: if self.opt_out_notification_methods.is_empty() {
                None
            } else {
@@ -150,7 +129,6 @@ pub struct RemoteAppServerClient {
    command_tx: mpsc::Sender<RemoteClientCommand>,
    event_rx: mpsc::UnboundedReceiver<AppServerEvent>,
    pending_events: VecDeque<AppServerEvent>,
-    server_version: Option<String>,
    worker_handle: tokio::task::JoinHandle<()>,
 }

@@ -162,43 +140,69 @@ pub struct RemoteAppServerRequestHandle {
 impl RemoteAppServerClient {
    pub async fn connect(args: RemoteAppServerConnectArgs) -> IoResult<Self> {
        let channel_capacity = args.channel_capacity.max(1);
-        let initialize_params = args.initialize_params();
-        match args.endpoint {
-            RemoteAppServerEndpoint::WebSocket {
-                websocket_url,
-                auth_token,
-            } => {
-                let (endpoint, stream) =
-                    connect_websocket_endpoint(websocket_url, auth_token).await?;
-                Self::connect_with_stream(channel_capacity, endpoint, stream, initialize_params)
-                    .await
-            }
-            RemoteAppServerEndpoint::UnixSocket { socket_path } => {
-                let (endpoint, stream) = connect_unix_socket_endpoint(socket_path).await?;
-                Self::connect_with_stream(channel_capacity, endpoint, stream, initialize_params)
-                    .await
-            }
+        let websocket_url = args.websocket_url.clone();
+        let url = Url::parse(&websocket_url).map_err(|err| {
+            IoError::new(
+                ErrorKind::InvalidInput,
+                format!("invalid websocket URL `{websocket_url}`: {err}"),
+            )
+        })?;
+        if args.auth_token.is_some() && !websocket_url_supports_auth_token(&url) {
+            return Err(IoError::new(
+                ErrorKind::InvalidInput,
+                format!(
+                    "remote auth tokens require `wss://` or loopback `ws://` URLs; got `{websocket_url}`"
+                ),
+            ));
        }
-    }
-
-    pub fn server_version(&self) -> Option<&str> {
-        self.server_version.as_deref()
-    }
-
-    async fn connect_with_stream<S>(
-        channel_capacity: usize,
-        endpoint: String,
-        stream: WebSocketStream<S>,
-        initialize_params: InitializeParams,
-    ) -> IoResult<Self>
-    where
-        S: AsyncRead + AsyncWrite + Unpin + Send + 'static,
-    {
+        let mut request = url.as_str().into_client_request().map_err(|err| {
+            IoError::new(
+                ErrorKind::InvalidInput,
+                format!("invalid websocket URL `{websocket_url}`: {err}"),
+            )
+        })?;
+        if let Some(auth_token) = args.auth_token.as_deref() {
+            let header_value =
+                HeaderValue::from_str(&format!("Bearer {auth_token}")).map_err(|err| {
+                    IoError::new(
+                        ErrorKind::InvalidInput,
+                        format!("invalid remote authorization header value: {err}"),
+                    )
+                })?;
+            request.headers_mut().insert(AUTHORIZATION, header_value);
+        }
+        ensure_rustls_crypto_provider();
+        // Remote resume responses can legitimately carry large thread histories.
+        // Keep a bounded cap, but raise it above tungstenite's 16 MiB frame default.
+        let websocket_config = WebSocketConfig::default()
+            .max_frame_size(Some(REMOTE_APP_SERVER_MAX_WEBSOCKET_MESSAGE_SIZE))
+            .max_message_size(Some(REMOTE_APP_SERVER_MAX_WEBSOCKET_MESSAGE_SIZE));
+        let stream = timeout(
+            CONNECT_TIMEOUT,
+            connect_async_with_config(
+                request,
+                Some(websocket_config),
+                /*disable_nagle*/ false,
+            ),
+        )
+        .await
+        .map_err(|_| {
+            IoError::new(
+                ErrorKind::TimedOut,
+                format!("timed out connecting to remote app server at `{websocket_url}`"),
+            )
+        })?
+        .map(|(stream, _response)| stream)
+        .map_err(|err| {
+            IoError::other(format!(
+                "failed to connect to remote app server at `{websocket_url}`: {err}"
+            ))
+        })?;
        let mut stream = stream;
-        let (pending_events, server_version) = initialize_remote_connection(
+        let pending_events = initialize_remote_connection(
            &mut stream,
-            &endpoint,
-            initialize_params,
+            &websocket_url,
+            args.initialize_params(),
            INITIALIZE_TIMEOUT,
        )
        .await?;
@@ -230,13 +234,13 @@ impl RemoteAppServerClient {
                                if let Err(err) = write_jsonrpc_message(
                                    &mut stream,
                                    JSONRPCMessage::Request(jsonrpc_request_from_client_request(*request)),
-                                    &endpoint,
+                                    &websocket_url,
                                )
                                .await
                                {
                                    let err_message = err.to_string();
                                    let message = format!(
-                                        "remote app server at `{endpoint}` write failed: {err_message}"
+                                        "remote app server at `{websocket_url}` write failed: {err_message}"
                                    );
                                    if let Some(response_tx) = pending_requests.remove(&request_id) {
                                        let _ = response_tx.send(Err(err));
@@ -257,7 +261,7 @@ impl RemoteAppServerClient {
                                    JSONRPCMessage::Notification(
                                        jsonrpc_notification_from_client_notification(notification),
                                    ),
-                                    &endpoint,
+                                    &websocket_url,
                                )
                                .await;
                                let _ = response_tx.send(result);
@@ -273,7 +277,7 @@ impl RemoteAppServerClient {
                                        id: request_id,
                                        result,
                                    }),
-                                    &endpoint,
+                                    &websocket_url,
                                )
                                .await;
                                let _ = response_tx.send(result);
@@ -289,20 +293,16 @@ impl RemoteAppServerClient {
                                        error,
                                        id: request_id,
                                    }),
-                                    &endpoint,
+                                    &websocket_url,
                                )
                                .await;
                                let _ = response_tx.send(result);
                            }
                            RemoteClientCommand::Shutdown { response_tx } => {
-                                let close_result = stream.close(None).await.or_else(|err| {
-                                    if websocket_close_error_is_already_closed(&err) {
-                                        Ok(())
-                                    } else {
-                                        Err(IoError::other(format!(
-                                            "failed to close websocket app server `{endpoint}`: {err}"
-                                        )))
-                                    }
+                                let close_result = stream.close(None).await.map_err(|err| {
+                                    IoError::other(format!(
+                                        "failed to close websocket app server `{websocket_url}`: {err}"
+                                    ))
                                });
                                let _ = response_tx.send(close_result);
                                break;
@@ -363,13 +363,13 @@ impl RemoteAppServerClient {
                                                        },
                                                        id: request_id,
                                                    }),
-                                                    &endpoint,
+                                                    &websocket_url,
                                                )
                                                .await
                                                {
                                                    let err_message = reject_err.to_string();
                                                    let message = format!(
-                                                        "remote app server at `{endpoint}` write failed: {err_message}"
+                                                        "remote app server at `{websocket_url}` write failed: {err_message}"
                                                    );
                                                    let _ = deliver_event(
                                                        &event_tx,
@@ -386,7 +386,7 @@ impl RemoteAppServerClient {
                                    }
                                    Err(err) => {
                                        let message = format!(
-                                            "remote app server at `{endpoint}` sent invalid JSON-RPC: {err}"
+                                            "remote app server at `{websocket_url}` sent invalid JSON-RPC: {err}"
                                        );
                                        let _ = deliver_event(
                                            &event_tx,
@@ -407,7 +407,7 @@ impl RemoteAppServerClient {
                                    .filter(|reason| !reason.is_empty())
                                    .unwrap_or_else(|| "connection closed".to_string());
                                let message = format!(
-                                    "remote app server at `{endpoint}` disconnected: {reason}"
+                                    "remote app server at `{websocket_url}` disconnected: {reason}"
                                );
                                let _ = deliver_event(
                                    &event_tx,
@@ -427,7 +427,7 @@ impl RemoteAppServerClient {
                            | Some(Ok(Message::Frame(_))) => {}
                            Some(Err(err)) => {
                                let message = format!(
-                                    "remote app server at `{endpoint}` transport failed: {err}"
+                                    "remote app server at `{websocket_url}` transport failed: {err}"
                                );
                                let _ = deliver_event(
                                    &event_tx,
@@ -440,7 +440,7 @@ impl RemoteAppServerClient {
                            }
                            None => {
                                let message = format!(
-                                    "remote app server at `{endpoint}` closed the connection"
+                                    "remote app server at `{websocket_url}` closed the connection"
                                );
                                let _ = deliver_event(
                                    &event_tx,
@@ -471,7 +471,6 @@ impl RemoteAppServerClient {
            command_tx,
            event_rx,
            pending_events: pending_events.into(),
-            server_version,
            worker_handle,
        })
    }
@@ -612,7 +611,6 @@ impl RemoteAppServerClient {
            command_tx,
            event_rx,
            pending_events: _pending_events,
-            server_version: _server_version,
            worker_handle,
        } = self;
        let mut worker_handle = worker_handle;
@@ -679,134 +677,14 @@ impl RemoteAppServerRequestHandle {
    }
 }

-async fn connect_websocket_endpoint(
-    websocket_url: String,
-    auth_token: Option<String>,
-) -> IoResult<(String, WebSocketStream<MaybeTlsStream<TcpStream>>)> {
-    let url = Url::parse(&websocket_url).map_err(|err| {
-        IoError::new(
-            ErrorKind::InvalidInput,
-            format!("invalid websocket URL `{websocket_url}`: {err}"),
-        )
-    })?;
-    if auth_token.is_some() && !websocket_url_supports_auth_token(&url) {
-        return Err(IoError::new(
-            ErrorKind::InvalidInput,
-            format!(
-                "remote auth tokens require `wss://` or loopback `ws://` URLs; got `{websocket_url}`"
-            ),
-        ));
-    }
-
-    let mut request = url.as_str().into_client_request().map_err(|err| {
-        IoError::new(
-            ErrorKind::InvalidInput,
-            format!("invalid websocket URL `{websocket_url}`: {err}"),
-        )
-    })?;
-    if let Some(auth_token) = auth_token.as_deref() {
-        let header_value =
-            HeaderValue::from_str(&format!("Bearer {auth_token}")).map_err(|err| {
-                IoError::new(
-                    ErrorKind::InvalidInput,
-                    format!("invalid remote authorization header value: {err}"),
-                )
-            })?;
-        request.headers_mut().insert(AUTHORIZATION, header_value);
-    }
-
-    ensure_rustls_crypto_provider();
-    let websocket_config = remote_websocket_config();
-    let stream = timeout(
-        CONNECT_TIMEOUT,
-        connect_async_with_config(
-            request,
-            Some(websocket_config),
-            /*disable_nagle*/ false,
-        ),
-    )
-    .await
-    .map_err(|_| {
-        IoError::new(
-            ErrorKind::TimedOut,
-            format!("timed out connecting to remote app server at `{websocket_url}`"),
-        )
-    })?
-    .map(|(stream, _response)| stream)
-    .map_err(|err| {
-        IoError::other(format!(
-            "failed to connect to remote app server at `{websocket_url}`: {err}"
-        ))
-    })?;
-
-    Ok((websocket_url, stream))
-}
-
-async fn connect_unix_socket_endpoint(
-    socket_path: AbsolutePathBuf,
-) -> IoResult<(String, WebSocketStream<UnixStream>)> {
-    let endpoint = format!("unix://{}", socket_path.display());
-    let request = UDS_WEBSOCKET_HANDSHAKE_URL
-        .into_client_request()
-        .map_err(|err| {
-            IoError::new(
-                ErrorKind::InvalidInput,
-                format!("invalid UDS websocket handshake URL: {err}"),
-            )
-        })?;
-    let stream = timeout(CONNECT_TIMEOUT, UnixStream::connect(socket_path.as_path()))
-        .await
-        .map_err(|_| {
-            IoError::new(
-                ErrorKind::TimedOut,
-                format!("timed out connecting to remote app server at `{endpoint}`"),
-            )
-        })?
-        .map_err(|err| {
-            IoError::other(format!(
-                "failed to connect to remote app server at `{endpoint}`: {err}"
-            ))
-        })?;
-    let websocket_config = remote_websocket_config();
-    let stream = timeout(
-        CONNECT_TIMEOUT,
-        client_async_with_config(request, stream, Some(websocket_config)),
-    )
-    .await
-    .map_err(|_| {
-        IoError::new(
-            ErrorKind::TimedOut,
-            format!("timed out upgrading remote app server at `{endpoint}`"),
-        )
-    })?
-    .map(|(stream, _response)| stream)
-    .map_err(|err| {
-        IoError::other(format!(
-            "failed to upgrade remote app server at `{endpoint}`: {err}"
-        ))
-    })?;
-
-    Ok((endpoint, stream))
-}
-
-fn remote_websocket_config() -> WebSocketConfig {
-    WebSocketConfig::default()
-        .max_frame_size(Some(REMOTE_APP_SERVER_MAX_WEBSOCKET_MESSAGE_SIZE))
-        .max_message_size(Some(REMOTE_APP_SERVER_MAX_WEBSOCKET_MESSAGE_SIZE))
-}
-
-async fn initialize_remote_connection<S>(
-    stream: &mut WebSocketStream<S>,
-    endpoint: &str,
+async fn initialize_remote_connection(
+    stream: &mut WebSocketStream<MaybeTlsStream<TcpStream>>,
+    websocket_url: &str,
    params: InitializeParams,
    initialize_timeout: Duration,
-) -> IoResult<(Vec<AppServerEvent>, Option<String>)>
-where
-    S: AsyncRead + AsyncWrite + Unpin,
-{
+) -> IoResult<Vec<AppServerEvent>> {
    let initialize_request_id = RequestId::String("initialize".to_string());
    let mut pending_events = Vec::new();
-    let mut server_version = None;
    write_jsonrpc_message(
        stream,
        JSONRPCMessage::Request(jsonrpc_request_from_client_request(
@@ -815,7 +693,7 @@ where
                params,
            },
        )),
-        endpoint,
+        websocket_url,
    )
    .await?;

@@ -825,24 +703,16 @@ where
                Some(Ok(Message::Text(text))) => {
                    let message = serde_json::from_str::<JSONRPCMessage>(&text).map_err(|err| {
                        IoError::other(format!(
-                            "remote app server at `{endpoint}` sent invalid initialize response: {err}"
+                            "remote app server at `{websocket_url}` sent invalid initialize response: {err}"
                        ))
                    })?;
                    match message {
                        JSONRPCMessage::Response(response) if response.id == initialize_request_id => {
-                            server_version = response
-                                .result
-                                .get("userAgent")
-                                .and_then(serde_json::Value::as_str)
-                                .and_then(|user_agent| {
-                                    let (_, rest) = user_agent.split_once('/')?;
-                                    rest.split_whitespace().next().map(str::to_string)
-                                });
                            break Ok(());
                        }
                        JSONRPCMessage::Error(error) if error.id == initialize_request_id => {
                            break Err(IoError::other(format!(
-                                "remote app server at `{endpoint}` rejected initialize: {}",
+                                "remote app server at `{websocket_url}` rejected initialize: {}",
                                error.error.message
                            )));
                        }
@@ -872,7 +742,7 @@ where
                                            },
                                            id: request_id,
                                        }),
-                                        endpoint,
+                                        websocket_url,
                                    )
                                    .await?;
                                }
@@ -894,19 +764,19 @@ where
                    break Err(IoError::new(
                        ErrorKind::ConnectionAborted,
                        format!(
-                            "remote app server at `{endpoint}` closed during initialize: {reason}"
+                            "remote app server at `{websocket_url}` closed during initialize: {reason}"
                        ),
                    ));
                }
                Some(Err(err)) => {
                    break Err(IoError::other(format!(
-                        "remote app server at `{endpoint}` transport failed during initialize: {err}"
+                        "remote app server at `{websocket_url}` transport failed during initialize: {err}"
                    )));
                }
                None => {
                    break Err(IoError::new(
                        ErrorKind::UnexpectedEof,
-                        format!("remote app server at `{endpoint}` closed during initialize"),
+                        format!("remote app server at `{websocket_url}` closed during initialize"),
                    ));
                }
            }
@@ -916,7 +786,7 @@ where
    .map_err(|_| {
        IoError::new(
            ErrorKind::TimedOut,
-            format!("timed out waiting for initialize response from `{endpoint}`"),
+            format!("timed out waiting for initialize response from `{websocket_url}`"),
        )
    })??;

@@ -925,11 +795,11 @@ where
        JSONRPCMessage::Notification(jsonrpc_notification_from_client_notification(
            ClientNotification::Initialized,
        )),
-        endpoint,
+        websocket_url,
    )
    .await?;

-    Ok((pending_events, server_version))
+    Ok(pending_events)
 }

 fn app_server_event_from_notification(notification: JSONRPCNotification) -> Option<AppServerEvent> {
@@ -979,35 +849,21 @@ fn jsonrpc_notification_from_client_notification(
    }
 }

-async fn write_jsonrpc_message<S>(
-    stream: &mut WebSocketStream<S>,
+async fn write_jsonrpc_message(
+    stream: &mut WebSocketStream<MaybeTlsStream<TcpStream>>,
    message: JSONRPCMessage,
-    endpoint: &str,
-) -> IoResult<()>
-where
-    S: AsyncRead + AsyncWrite + Unpin,
-{
+    websocket_url: &str,
+) -> IoResult<()> {
    let payload = serde_json::to_string(&message).map_err(IoError::other)?;
    stream
        .send(Message::Text(payload.into()))
        .await
        .map_err(|err| {
            IoError::other(format!(
-                "failed to write websocket message to `{endpoint}`: {err}"
+                "failed to write websocket message to `{websocket_url}`: {err}"
            ))
        })
 }
-
-fn websocket_close_error_is_already_closed(err: &TungsteniteError) -> bool {
-    match err {
-        TungsteniteError::ConnectionClosed | TungsteniteError::AlreadyClosed => true,
-        TungsteniteError::Io(err) => matches!(
-            err.kind(),
-            ErrorKind::BrokenPipe | ErrorKind::ConnectionReset | ErrorKind::NotConnected
-        ),
-        _ => false,
-    }
-}
 #[cfg(test)]
 mod tests {
    use super::*;
@@ -1023,7 +879,6 @@ mod tests {
            command_tx,
            event_rx,
            pending_events: VecDeque::new(),
-            server_version: None,
            worker_handle,
        };

--- a/codex-rs/app-server-daemon/BUILD.bazel
+++ b/codex-rs/app-server-daemon/BUILD.bazel
@@ -1,6 +0,0 @@
-load("//:defs.bzl", "codex_rust_crate")
-
-codex_rust_crate(
-    name = "app-server-daemon",
-    crate_name = "codex_app_server_daemon",
-)
--- a/codex-rs/app-server-daemon/Cargo.toml
+++ b/codex-rs/app-server-daemon/Cargo.toml
@@ -1,40 +0,0 @@
-[package]
-name = "codex-app-server-daemon"
-version.workspace = true
-edition.workspace = true
-license.workspace = true
-
-[lib]
-name = "codex_app_server_daemon"
-path = "src/lib.rs"
-doctest = false
-
-[lints]
-workspace = true
-
-[dependencies]
-anyhow = { workspace = true }
-codex-app-server-protocol = { workspace = true }
-codex-app-server-transport = { workspace = true }
-codex-utils-home-dir = { workspace = true }
-codex-uds = { workspace = true }
-futures = { workspace = true }
-libc = { workspace = true }
-reqwest = { workspace = true, features = ["rustls-tls"] }
-serde = { workspace = true, features = ["derive"] }
-serde_json = { workspace = true }
-sha2 = { workspace = true }
-tokio = { workspace = true, features = [
-    "fs",
-    "io-util",
-    "macros",
-    "process",
-    "rt-multi-thread",
-    "signal",
-    "time",
-] }
-tokio-tungstenite = { workspace = true }
-
-[dev-dependencies]
-pretty_assertions = { workspace = true }
-tempfile = { workspace = true }
--- a/codex-rs/app-server-daemon/README.md
+++ b/codex-rs/app-server-daemon/README.md
@@ -1,113 +0,0 @@
-# codex-app-server-daemon
-
-> `codex-app-server-daemon` is experimental and its lifecycle contract may
-> change while the remote-management flow is still being developed.
-
-`codex-app-server-daemon` backs the machine-readable `codex app-server`
-lifecycle commands used by remote clients such as the desktop and mobile apps.
-It is intended for Codex instances launched over SSH, including fresh developer
-machines that should expose app-server with `remote_control` enabled.
-
-## Platform support
-
-The current daemon implementation is Unix-only. It uses pidfile-backed
-daemonization plus Unix process and file-locking primitives, and does not yet
-support Windows lifecycle management.
-
-## Commands
-
-```sh
-codex app-server daemon start
-codex app-server daemon restart
-codex app-server daemon enable-remote-control
-codex app-server daemon disable-remote-control
-codex app-server daemon stop
-codex app-server daemon version
-codex app-server daemon bootstrap --remote-control
-```
-
-On success, every command writes exactly one JSON object to stdout. Consumers
-should parse that JSON rather than relying on human-readable text. Lifecycle
-responses report the resolved backend, socket path, local CLI version, and
-running app-server version when applicable.
-
-## Bootstrap flow
-
-For a new remote machine:
-
-```sh
-curl -fsSL https://chatgpt.com/codex/install.sh | sh
-$HOME/.codex/packages/standalone/current/codex app-server daemon bootstrap --remote-control
-```
-
-`bootstrap` requires the standalone managed install. It records the daemon
-settings under `CODEX_HOME/app-server-daemon/`, starts app-server as a
-pidfile-backed detached process, and launches a detached updater loop.
-
-## Installation and update cases
-
-The daemon assumes Codex is installed through `install.sh` and always launches
-the standalone managed binary under `CODEX_HOME`.
-
-| Situation | What starts | Does this daemon fetch new binaries? | Does a running app-server eventually move to a newer binary on its own? |
-| --- | --- | --- | --- |
-| `install.sh` has run, but only `start` is used | `start` uses `CODEX_HOME/packages/standalone/current/codex` | No | No. The managed path is used when starting or restarting, but no updater is installed. |
-| `install.sh` has run, then `bootstrap` is used | The pidfile backend uses `CODEX_HOME/packages/standalone/current/codex` | Yes. Bootstrap launches a detached updater loop that runs `install.sh` hourly. | Yes, while that updater process is alive and app-server is already running. After a successful fetch, the updater restarts app-server with the refreshed binary and only then replaces its own process image. |
-| Some other tool updates the managed binary path | The next fresh start or restart uses the updated file at that path | Only if `bootstrap` is active, because the updater still runs `install.sh` on its normal cadence. | Without `bootstrap`, no. With `bootstrap`, the next successful updater pass compares the managed binary contents after `install.sh` runs; if app-server is running and they differ from the updater's current image, it refreshes app-server first and then itself. |
-
-### Standalone installs
-
-For installs created by `install.sh`:
-
- lifecycle commands always use the standalone managed binary path
- `bootstrap` is supported
- `bootstrap` starts a detached pid-backed updater loop that fetches via
-  `install.sh`
- after a successful refresh, if app-server is running and the managed binary
-  contents changed, the updater restarts app-server with that binary first and
-  only then replaces its own process image
- the updater loop is not reboot-persistent; it must be started again by
-  rerunning `bootstrap` after a reboot
-
-### Out-of-band updates
-
-This daemon does not watch arbitrary executable files for replacement. If some
-other tool updates the managed binary path:
-
- without `bootstrap`, a currently running app-server remains on the old
-  executable image until an explicit `restart`
- with `bootstrap`, the detached updater loop notices the changed managed
-  binary on its next successful scheduled pass after running `install.sh`; if
-  app-server is running, it refreshes app-server first and then refreshes itself
-  once that replacement starts successfully
-
-## Lifecycle semantics
-
-`start` is idempotent and returns after app-server is ready to answer the normal
-JSON-RPC initialize handshake on the Unix control socket.
-
-`restart` stops any managed daemon and starts it again.
-
-`enable-remote-control` and `disable-remote-control` persist the launch setting
-for future starts. If a managed app-server is already running, they restart it
-so the new setting takes effect immediately.
-
-Top-level `codex remote-control` bootstraps with `--remote-control` when the
-updater loop is not running. Otherwise it enables remote control and starts the
-daemon normally.
-
-`stop` sends a graceful termination request first, then sends a second
-termination signal after the grace window if the process is still alive.
-
-All mutating lifecycle commands are serialized per `CODEX_HOME`, so a concurrent
-`start`, `restart`, `enable-remote-control`, `disable-remote-control`, `stop`,
-or `bootstrap` does not race another in-flight lifecycle operation.
-
-## State
-
-The daemon stores its local state under `CODEX_HOME/app-server-daemon/`:
-
- `settings.json` for persisted launch settings
- `app-server.pid` for the app-server process record
- `app-server-updater.pid` for the pid-backed standalone updater loop
- `daemon.lock` for daemon-wide lifecycle serialization
--- a/codex-rs/app-server-daemon/src/backend/mod.rs
+++ b/codex-rs/app-server-daemon/src/backend/mod.rs
@@ -1,46 +0,0 @@
-mod pid;
-
-use std::path::Path;
-use std::path::PathBuf;
-
-use serde::Serialize;
-
-pub(crate) use pid::PidBackend;
-
-#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize)]
-#[serde(rename_all = "camelCase")]
-pub enum BackendKind {
-    Pid,
-}
-
-#[derive(Debug, Clone)]
-pub(crate) struct BackendPaths {
-    pub(crate) codex_bin: PathBuf,
-    pub(crate) pid_file: PathBuf,
-    pub(crate) update_pid_file: PathBuf,
-    pub(crate) remote_control_enabled: bool,
-}
-
-pub(crate) fn pid_backend(paths: BackendPaths) -> PidBackend {
-    PidBackend::new(
-        paths.codex_bin,
-        paths.pid_file,
-        paths.remote_control_enabled,
-    )
-}
-
-pub(crate) fn pid_update_loop_backend(paths: BackendPaths) -> PidBackend {
-    PidBackend::new_update_loop(paths.codex_bin, paths.update_pid_file)
-}
-
-pub(crate) async fn append_stderr_log_tail_context(pid_file: &Path, context: &mut String) {
-    match pid::read_stderr_log_tail(pid_file).await {
-        Ok(Some(tail)) => tail.append_to_context(context),
-        Ok(None) => {}
-        Err(err) => {
-            context.push_str(&format!(
-                "\n\nFailed to read managed app-server stderr log: {err:#}"
-            ));
-        }
-    }
-}
--- a/codex-rs/app-server-daemon/src/backend/pid.rs
+++ b/codex-rs/app-server-daemon/src/backend/pid.rs
@@ -1,694 +0,0 @@
-use std::io::SeekFrom;
-use std::path::Path;
-use std::path::PathBuf;
-#[cfg(unix)]
-use std::process::Stdio;
-use std::time::Duration;
-
-use anyhow::Context;
-use anyhow::Result;
-use anyhow::bail;
-use serde::Deserialize;
-use serde::Serialize;
-use tokio::fs;
-use tokio::io::AsyncReadExt;
-use tokio::io::AsyncSeekExt;
-#[cfg(unix)]
-use tokio::process::Command;
-use tokio::time::sleep;
-
-const STOP_POLL_INTERVAL: Duration = Duration::from_millis(50);
-const STOP_GRACE_PERIOD: Duration = Duration::from_secs(60);
-const STOP_TIMEOUT: Duration = Duration::from_secs(70);
-const START_TIMEOUT: Duration = Duration::from_secs(10);
-const STDERR_LOG_TAIL_BYTES: u64 = 4096;
-
-#[derive(Debug)]
-#[cfg_attr(not(unix), allow(dead_code))]
-pub(crate) struct PidBackend {
-    codex_bin: PathBuf,
-    pid_file: PathBuf,
-    lock_file: PathBuf,
-    command_kind: PidCommandKind,
-}
-
-#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
-#[serde(rename_all = "camelCase")]
-struct PidRecord {
-    pid: u32,
-    process_start_time: String,
-}
-
-#[derive(Debug, Clone, PartialEq, Eq)]
-pub(crate) struct PidLogTail {
-    pub(crate) path: PathBuf,
-    pub(crate) contents: String,
-}
-
-impl PidLogTail {
-    pub(crate) fn append_to_context(&self, context: &mut String) {
-        context.push_str(&format!(
-            "\n\nManaged app-server stderr ({}):",
-            self.path.display()
-        ));
-        for line in self.contents.lines() {
-            context.push_str("\n  ");
-            context.push_str(line);
-        }
-    }
-}
-
-#[derive(Debug, Clone, PartialEq, Eq)]
-enum PidFileState {
-    Missing,
-    Starting,
-    Running(PidRecord),
-}
-
-#[derive(Debug, Clone, Copy)]
-#[cfg_attr(not(unix), allow(dead_code))]
-enum PidCommandKind {
-    AppServer { remote_control_enabled: bool },
-    UpdateLoop,
-}
-
-impl PidBackend {
-    pub(crate) fn new(codex_bin: PathBuf, pid_file: PathBuf, remote_control_enabled: bool) -> Self {
-        let lock_file = pid_file.with_extension("pid.lock");
-        Self {
-            codex_bin,
-            pid_file,
-            lock_file,
-            command_kind: PidCommandKind::AppServer {
-                remote_control_enabled,
-            },
-        }
-    }
-
-    pub(crate) fn new_update_loop(codex_bin: PathBuf, pid_file: PathBuf) -> Self {
-        let lock_file = pid_file.with_extension("pid.lock");
-        Self {
-            codex_bin,
-            pid_file,
-            lock_file,
-            command_kind: PidCommandKind::UpdateLoop,
-        }
-    }
-
-    pub(crate) async fn is_starting_or_running(&self) -> Result<bool> {
-        loop {
-            match self.read_pid_file_state().await? {
-                PidFileState::Missing => return Ok(false),
-                PidFileState::Starting => return Ok(true),
-                PidFileState::Running(record) => {
-                    if self.record_is_active(&record).await? {
-                        return Ok(true);
-                    }
-                    match self.refresh_after_stale_record(&record).await? {
-                        PidFileState::Missing => return Ok(false),
-                        PidFileState::Starting | PidFileState::Running(_) => continue,
-                    }
-                }
-            }
-        }
-    }
-
-    #[cfg(unix)]
-    pub(crate) async fn start(&self) -> Result<Option<u32>> {
-        if let Some(parent) = self.pid_file.parent() {
-            fs::create_dir_all(parent)
-                .await
-                .with_context(|| format!("failed to create pid directory {}", parent.display()))?;
-        }
-        let reservation_lock = self.acquire_reservation_lock().await?;
-        let _pid_file = loop {
-            match fs::OpenOptions::new()
-                .create_new(true)
-                .write(true)
-                .open(&self.pid_file)
-                .await
-            {
-                Ok(pid_file) => break pid_file,
-                Err(err) if err.kind() == std::io::ErrorKind::AlreadyExists => {
-                    match self.read_pid_file_state_with_lock_held().await? {
-                        PidFileState::Missing => continue,
-                        PidFileState::Running(record) => {
-                            if self.record_is_active(&record).await? {
-                                return Ok(None);
-                            }
-                            let _ = fs::remove_file(&self.pid_file).await;
-                            continue;
-                        }
-                        PidFileState::Starting => {
-                            unreachable!("lock holder cannot observe starting")
-                        }
-                    }
-                }
-                Err(err) => {
-                    return Err(err).with_context(|| {
-                        format!("failed to reserve pid file {}", self.pid_file.display())
-                    });
-                }
-            }
-        };
-        let mut command = Command::new(&self.codex_bin);
-        let stderr_log = match self.open_stderr_log().await {
-            Ok(stderr_log) => stderr_log,
-            Err(err) => {
-                let _ = fs::remove_file(&self.pid_file).await;
-                return Err(err);
-            }
-        };
-        command
-            .args(self.command_args())
-            .stdin(Stdio::null())
-            .stdout(Stdio::null())
-            .stderr(Stdio::from(stderr_log.into_std().await));
-
-        #[cfg(unix)]
-        {
-            unsafe {
-                command.pre_exec(|| {
-                    if libc::setsid() == -1 {
-                        return Err(std::io::Error::last_os_error());
-                    }
-                    Ok(())
-                });
-            }
-        }
-
-        let child = match command.spawn() {
-            Ok(child) => child,
-            Err(err) => {
-                let _ = fs::remove_file(&self.pid_file).await;
-                return Err(err).with_context(|| {
-                    format!(
-                        "failed to spawn detached app-server process using {}",
-                        self.codex_bin.display()
-                    )
-                });
-            }
-        };
-        let pid = child
-            .id()
-            .context("spawned app-server process has no pid")?;
-        let record = match read_process_start_time(pid).await {
-            Ok(process_start_time) => PidRecord {
-                pid,
-                process_start_time,
-            },
-            Err(err) => {
-                let _ = self.terminate_process(pid);
-                let mut context =
-                    format!("failed to record pid-managed app-server process {pid} startup");
-                super::append_stderr_log_tail_context(&self.pid_file, &mut context).await;
-                let _ = fs::remove_file(&self.pid_file).await;
-                return Err(err).context(context);
-            }
-        };
-        let contents = serde_json::to_vec(&record).context("failed to serialize pid record")?;
-        let temp_pid_file = self.pid_file.with_extension("pid.tmp");
-        if let Err(err) = fs::write(&temp_pid_file, &contents).await {
-            let _ = self.terminate_process(pid);
-            let _ = fs::remove_file(&self.pid_file).await;
-            return Err(err).with_context(|| {
-                format!("failed to write pid temp file {}", temp_pid_file.display())
-            });
-        }
-        if let Err(err) = fs::rename(&temp_pid_file, &self.pid_file).await {
-            let _ = self.terminate_process(pid);
-            let _ = fs::remove_file(&temp_pid_file).await;
-            let _ = fs::remove_file(&self.pid_file).await;
-            return Err(err).with_context(|| {
-                format!("failed to publish pid file {}", self.pid_file.display())
-            });
-        }
-        drop(reservation_lock);
-        Ok(Some(pid))
-    }
-
-    #[cfg(not(unix))]
-    pub(crate) async fn start(&self) -> Result<Option<u32>> {
-        bail!("pid-managed app-server startup is unsupported on this platform")
-    }
-
-    pub(crate) async fn stop(&self) -> Result<()> {
-        loop {
-            let Some(record) = self.wait_for_pid_start().await? else {
-                return Ok(());
-            };
-            if !self.record_is_active(&record).await? {
-                match self.refresh_after_stale_record(&record).await? {
-                    PidFileState::Missing => return Ok(()),
-                    PidFileState::Starting | PidFileState::Running(_) => continue,
-                }
-            }
-
-            let pid = record.pid;
-            self.terminate_process(pid)?;
-            let started_at = tokio::time::Instant::now();
-            let deadline = tokio::time::Instant::now() + STOP_TIMEOUT;
-            let mut forced = false;
-            while tokio::time::Instant::now() < deadline {
-                if !self.record_is_active(&record).await? {
-                    match self.refresh_after_stale_record(&record).await? {
-                        PidFileState::Missing => return Ok(()),
-                        PidFileState::Starting | PidFileState::Running(_) => break,
-                    }
-                }
-                if !forced && started_at.elapsed() >= STOP_GRACE_PERIOD {
-                    self.force_terminate_process(pid)?;
-                    forced = true;
-                }
-                sleep(STOP_POLL_INTERVAL).await;
-            }
-
-            if self.record_is_active(&record).await? {
-                bail!("timed out waiting for pid-managed app server {pid} to stop");
-            }
-        }
-    }
-
-    async fn wait_for_pid_start(&self) -> Result<Option<PidRecord>> {
-        let deadline = tokio::time::Instant::now() + START_TIMEOUT;
-        loop {
-            match self.read_pid_file_state().await? {
-                PidFileState::Missing => return Ok(None),
-                PidFileState::Running(record) => return Ok(Some(record)),
-                PidFileState::Starting if tokio::time::Instant::now() < deadline => {
-                    sleep(STOP_POLL_INTERVAL).await;
-                }
-                PidFileState::Starting => {
-                    bail!(
-                        "timed out waiting for pid reservation in {} to finish initializing",
-                        self.pid_file.display()
-                    );
-                }
-            }
-        }
-    }
-
-    async fn read_pid_file_state(&self) -> Result<PidFileState> {
-        let contents = match fs::read_to_string(&self.pid_file).await {
-            Ok(contents) => contents,
-            Err(err) if err.kind() == std::io::ErrorKind::NotFound => {
-                return if reservation_lock_is_active(&self.lock_file).await? {
-                    Ok(PidFileState::Starting)
-                } else {
-                    Ok(PidFileState::Missing)
-                };
-            }
-            Err(err) => {
-                return Err(err).with_context(|| {
-                    format!("failed to read pid file {}", self.pid_file.display())
-                });
-            }
-        };
-        if contents.trim().is_empty() {
-            match inspect_empty_pid_reservation(&self.pid_file, &self.lock_file).await? {
-                EmptyPidReservation::Active => {
-                    return Ok(PidFileState::Starting);
-                }
-                EmptyPidReservation::Stale => {
-                    return Ok(PidFileState::Missing);
-                }
-                EmptyPidReservation::Record(record) => return Ok(PidFileState::Running(record)),
-            }
-        }
-        let record = serde_json::from_str(&contents)
-            .with_context(|| format!("invalid pid file contents in {}", self.pid_file.display()))?;
-        Ok(PidFileState::Running(record))
-    }
-
-    async fn read_pid_file_state_with_lock_held(&self) -> Result<PidFileState> {
-        let contents = match fs::read_to_string(&self.pid_file).await {
-            Ok(contents) => contents,
-            Err(err) if err.kind() == std::io::ErrorKind::NotFound => {
-                return Ok(PidFileState::Missing);
-            }
-            Err(err) => {
-                return Err(err).with_context(|| {
-                    format!("failed to read pid file {}", self.pid_file.display())
-                });
-            }
-        };
-        if contents.trim().is_empty() {
-            let _ = fs::remove_file(&self.pid_file).await;
-            return Ok(PidFileState::Missing);
-        }
-        let record = serde_json::from_str(&contents)
-            .with_context(|| format!("invalid pid file contents in {}", self.pid_file.display()))?;
-        Ok(PidFileState::Running(record))
-    }
-
-    async fn refresh_after_stale_record(&self, expected: &PidRecord) -> Result<PidFileState> {
-        let reservation_lock = self.acquire_reservation_lock().await?;
-        let state = match self.read_pid_file_state_with_lock_held().await? {
-            PidFileState::Running(record) if record == *expected => {
-                let _ = fs::remove_file(&self.pid_file).await;
-                PidFileState::Missing
-            }
-            state => state,
-        };
-        drop(reservation_lock);
-        Ok(state)
-    }
-
-    async fn acquire_reservation_lock(&self) -> Result<fs::File> {
-        let reservation_lock = fs::OpenOptions::new()
-            .create(true)
-            .truncate(false)
-            .write(true)
-            .open(&self.lock_file)
-            .await
-            .with_context(|| {
-                format!("failed to open pid lock file {}", self.lock_file.display())
-            })?;
-        let lock_deadline = tokio::time::Instant::now() + START_TIMEOUT;
-        while !try_lock_file(&reservation_lock)? {
-            if tokio::time::Instant::now() >= lock_deadline {
-                bail!(
-                    "timed out waiting for pid lock {}",
-                    self.lock_file.display()
-                );
-            }
-            sleep(STOP_POLL_INTERVAL).await;
-        }
-        Ok(reservation_lock)
-    }
-
-    #[cfg(unix)]
-    async fn open_stderr_log(&self) -> Result<fs::File> {
-        let stderr_log_file = stderr_log_file_for_pid_file(&self.pid_file);
-        fs::OpenOptions::new()
-            .create(true)
-            .truncate(true)
-            .write(true)
-            .open(&stderr_log_file)
-            .await
-            .with_context(|| {
-                format!(
-                    "failed to open stderr log for pid-managed app server {}",
-                    stderr_log_file.display()
-                )
-            })
-    }
-
-    #[cfg(unix)]
-    fn command_args(&self) -> Vec<&'static str> {
-        match self.command_kind {
-            PidCommandKind::AppServer {
-                remote_control_enabled: true,
-            } => vec!["app-server", "--remote-control", "--listen", "unix://"],
-            PidCommandKind::AppServer {
-                remote_control_enabled: false,
-            } => vec!["app-server", "--listen", "unix://"],
-            PidCommandKind::UpdateLoop => vec!["app-server", "daemon", "pid-update-loop"],
-        }
-    }
-
-    fn terminate_process(&self, pid: u32) -> Result<()> {
-        match self.command_kind {
-            PidCommandKind::AppServer { .. } => terminate_process(pid),
-            PidCommandKind::UpdateLoop => terminate_process(pid),
-        }
-    }
-
-    fn force_terminate_process(&self, pid: u32) -> Result<()> {
-        match self.command_kind {
-            PidCommandKind::AppServer { .. } => force_terminate_process(pid),
-            PidCommandKind::UpdateLoop => force_terminate_process_group(pid),
-        }
-    }
-
-    async fn record_is_active(&self, record: &PidRecord) -> Result<bool> {
-        process_matches_record(record).await
-    }
-}
-
-pub(crate) async fn read_stderr_log_tail(pid_file: &Path) -> Result<Option<PidLogTail>> {
-    let path = stderr_log_file_for_pid_file(pid_file);
-    let Some(contents) = read_log_tail(&path, STDERR_LOG_TAIL_BYTES).await? else {
-        return Ok(None);
-    };
-    Ok(Some(PidLogTail { path, contents }))
-}
-
-fn stderr_log_file_for_pid_file(pid_file: &Path) -> PathBuf {
-    pid_file.with_extension("stderr.log")
-}
-
-async fn read_log_tail(path: &Path, byte_limit: u64) -> Result<Option<String>> {
-    let mut file = match fs::File::open(path).await {
-        Ok(file) => file,
-        Err(err) if err.kind() == std::io::ErrorKind::NotFound => return Ok(None),
-        Err(err) => {
-            return Err(err)
-                .with_context(|| format!("failed to open stderr log {}", path.display()));
-        }
-    };
-    let len = file
-        .metadata()
-        .await
-        .with_context(|| format!("failed to inspect stderr log {}", path.display()))?
-        .len();
-    if len == 0 {
-        return Ok(None);
-    }
-
-    let start = len.saturating_sub(byte_limit);
-    file.seek(SeekFrom::Start(start))
-        .await
-        .with_context(|| format!("failed to seek stderr log {}", path.display()))?;
-    let mut bytes = Vec::new();
-    file.read_to_end(&mut bytes)
-        .await
-        .with_context(|| format!("failed to read stderr log {}", path.display()))?;
-    if start > 0
-        && let Some(newline_index) = bytes.iter().position(|byte| *byte == b'\n')
-    {
-        bytes.drain(..=newline_index);
-    }
-    let contents = String::from_utf8_lossy(&bytes).trim_end().to_string();
-    if contents.is_empty() {
-        return Ok(None);
-    }
-    Ok(Some(contents))
-}
-
-#[cfg(unix)]
-fn process_exists(pid: u32) -> bool {
-    let Ok(pid) = libc::pid_t::try_from(pid) else {
-        return false;
-    };
-    let result = unsafe { libc::kill(pid, 0) };
-    result == 0 || std::io::Error::last_os_error().raw_os_error() == Some(libc::EPERM)
-}
-
-#[cfg(unix)]
-fn terminate_process(pid: u32) -> Result<()> {
-    let raw_pid = libc::pid_t::try_from(pid)
-        .with_context(|| format!("pid-managed app server pid {pid} is out of range"))?;
-    let result = unsafe { libc::kill(raw_pid, libc::SIGTERM) };
-    if result == 0 {
-        return Ok(());
-    }
-    let err = std::io::Error::last_os_error();
-    if err.raw_os_error() == Some(libc::ESRCH) {
-        return Ok(());
-    }
-    Err(err).with_context(|| format!("failed to terminate pid-managed app server {pid}"))
-}
-
-#[cfg(unix)]
-fn force_terminate_process(pid: u32) -> Result<()> {
-    let raw_pid = libc::pid_t::try_from(pid)
-        .with_context(|| format!("pid-managed app server pid {pid} is out of range"))?;
-    let result = unsafe { libc::kill(raw_pid, libc::SIGKILL) };
-    if result == 0 {
-        return Ok(());
-    }
-    let err = std::io::Error::last_os_error();
-    if err.raw_os_error() == Some(libc::ESRCH) {
-        return Ok(());
-    }
-    Err(err).with_context(|| format!("failed to force terminate pid-managed app server {pid}"))
-}
-
-#[cfg(unix)]
-fn force_terminate_process_group(pid: u32) -> Result<()> {
-    let raw_pid = libc::pid_t::try_from(pid)
-        .with_context(|| format!("pid-managed updater pid {pid} is out of range"))?;
-    let result = unsafe { libc::kill(-raw_pid, libc::SIGKILL) };
-    if result == 0 {
-        return Ok(());
-    }
-    let err = std::io::Error::last_os_error();
-    if err.raw_os_error() == Some(libc::ESRCH) {
-        return Ok(());
-    }
-    Err(err).with_context(|| format!("failed to force terminate pid-managed updater group {pid}"))
-}
-
-#[cfg(not(unix))]
-fn terminate_process(_pid: u32) -> Result<()> {
-    bail!("pid-managed app-server shutdown is unsupported on this platform")
-}
-
-#[cfg(not(unix))]
-fn force_terminate_process(_pid: u32) -> Result<()> {
-    bail!("pid-managed app-server shutdown is unsupported on this platform")
-}
-
-#[cfg(not(unix))]
-fn force_terminate_process_group(_pid: u32) -> Result<()> {
-    bail!("pid-managed updater shutdown is unsupported on this platform")
-}
-
-#[cfg(unix)]
-async fn process_matches_record(record: &PidRecord) -> Result<bool> {
-    if !process_exists(record.pid) {
-        return Ok(false);
-    }
-
-    match read_process_start_time(record.pid).await {
-        Ok(start_time) => Ok(start_time == record.process_start_time),
-        Err(_err) if !process_exists(record.pid) => Ok(false),
-        Err(err) => Err(err),
-    }
-}
-
-#[cfg(not(unix))]
-async fn process_matches_record(_record: &PidRecord) -> Result<bool> {
-    Ok(false)
-}
-
-#[derive(Debug, Clone, PartialEq, Eq)]
-#[cfg_attr(not(unix), allow(dead_code))]
-enum EmptyPidReservation {
-    Active,
-    Stale,
-    Record(PidRecord),
-}
-
-#[cfg(unix)]
-fn try_lock_file(file: &fs::File) -> Result<bool> {
-    use std::os::fd::AsRawFd;
-
-    let result = unsafe { libc::flock(file.as_raw_fd(), libc::LOCK_EX | libc::LOCK_NB) };
-    if result == 0 {
-        return Ok(true);
-    }
-
-    let err = std::io::Error::last_os_error();
-    if err.raw_os_error() == Some(libc::EWOULDBLOCK) {
-        return Ok(false);
-    }
-    Err(err).context("failed to lock pid reservation")
-}
-
-#[cfg(not(unix))]
-fn try_lock_file(_file: &fs::File) -> Result<bool> {
-    bail!("pid-managed app-server startup is unsupported on this platform")
-}
-
-#[cfg(unix)]
-async fn reservation_lock_is_active(path: &Path) -> Result<bool> {
-    let file = match fs::OpenOptions::new()
-        .write(true)
-        .create(true)
-        .truncate(false)
-        .open(path)
-        .await
-    {
-        Ok(file) => file,
-        Err(err) if err.kind() == std::io::ErrorKind::NotFound => {
-            return Ok(false);
-        }
-        Err(err) => {
-            return Err(err)
-                .with_context(|| format!("failed to inspect pid lock file {}", path.display()));
-        }
-    };
-    Ok(!try_lock_file(&file)?)
-}
-
-#[cfg(not(unix))]
-async fn reservation_lock_is_active(_path: &Path) -> Result<bool> {
-    Ok(false)
-}
-
-#[cfg(unix)]
-async fn inspect_empty_pid_reservation(
-    pid_path: &Path,
-    lock_path: &Path,
-) -> Result<EmptyPidReservation> {
-    let file = match fs::OpenOptions::new()
-        .write(true)
-        .create(true)
-        .truncate(false)
-        .open(lock_path)
-        .await
-    {
-        Ok(file) => file,
-        Err(err) => {
-            return Err(err).with_context(|| {
-                format!("failed to inspect pid lock file {}", lock_path.display())
-            });
-        }
-    };
-    if !try_lock_file(&file)? {
-        return Ok(EmptyPidReservation::Active);
-    }
-
-    let contents = match fs::read_to_string(pid_path).await {
-        Ok(contents) => contents,
-        Err(err) if err.kind() == std::io::ErrorKind::NotFound => {
-            return Ok(EmptyPidReservation::Stale);
-        }
-        Err(err) => {
-            return Err(err)
-                .with_context(|| format!("failed to reread pid file {}", pid_path.display()));
-        }
-    };
-    if contents.trim().is_empty() {
-        let _ = fs::remove_file(pid_path).await;
-        return Ok(EmptyPidReservation::Stale);
-    }
-
-    let record = serde_json::from_str(&contents)
-        .with_context(|| format!("invalid pid file contents in {}", pid_path.display()))?;
-    Ok(EmptyPidReservation::Record(record))
-}
-
-#[cfg(not(unix))]
-async fn inspect_empty_pid_reservation(
-    _pid_path: &Path,
-    _lock_path: &Path,
-) -> Result<EmptyPidReservation> {
-    Ok(EmptyPidReservation::Stale)
-}
-
-#[cfg(unix)]
-async fn read_process_start_time(pid: u32) -> Result<String> {
-    let output = Command::new("ps")
-        .args(["-p", &pid.to_string(), "-o", "lstart="])
-        .output()
-        .await
-        .context("failed to invoke ps for pid-managed app server")?;
-    if !output.status.success() {
-        bail!("failed to read start time for pid-managed app server {pid}");
-    }
-
-    let start_time = String::from_utf8(output.stdout)
-        .context("pid-managed app server start time was not utf-8")?;
-    let start_time = start_time.trim();
-    if start_time.is_empty() {
-        bail!("pid-managed app server {pid} has no recorded start time");
-    }
-    Ok(start_time.to_string())
-}
-
-#[cfg(all(test, unix))]
-#[path = "pid_tests.rs"]
-mod tests;
--- a/codex-rs/app-server-daemon/src/backend/pid_tests.rs
+++ b/codex-rs/app-server-daemon/src/backend/pid_tests.rs
@@ -1,196 +0,0 @@
-use std::time::Duration;
-
-use pretty_assertions::assert_eq;
-use tempfile::TempDir;
-
-use super::PidBackend;
-use super::PidCommandKind;
-use super::PidFileState;
-use super::PidLogTail;
-use super::PidRecord;
-use super::read_stderr_log_tail;
-use super::stderr_log_file_for_pid_file;
-use super::try_lock_file;
-
-#[tokio::test]
-async fn locked_empty_pid_file_is_treated_as_active_reservation() {
-    let temp_dir = TempDir::new().expect("temp dir");
-    let pid_file = temp_dir.path().join("app-server.pid");
-    tokio::fs::write(&pid_file, "")
-        .await
-        .expect("write pid file");
-    let backend = PidBackend::new(
-        temp_dir.path().join("codex"),
-        pid_file.clone(),
-        /*remote_control_enabled*/ false,
-    );
-    let reservation = tokio::fs::OpenOptions::new()
-        .create(true)
-        .truncate(false)
-        .write(true)
-        .open(&backend.lock_file)
-        .await
-        .expect("open pid lock file");
-    assert!(try_lock_file(&reservation).expect("lock reservation"));
-
-    assert_eq!(
-        backend.read_pid_file_state().await.expect("read pid"),
-        PidFileState::Starting
-    );
-    assert!(pid_file.exists());
-}
-
-#[tokio::test]
-async fn unlocked_empty_pid_file_is_treated_as_stale_reservation() {
-    let temp_dir = TempDir::new().expect("temp dir");
-    let pid_file = temp_dir.path().join("app-server.pid");
-    tokio::fs::write(&pid_file, "")
-        .await
-        .expect("write pid file");
-    let backend = PidBackend::new(
-        temp_dir.path().join("codex"),
-        pid_file.clone(),
-        /*remote_control_enabled*/ false,
-    );
-
-    assert_eq!(
-        backend.read_pid_file_state().await.expect("read pid"),
-        PidFileState::Missing
-    );
-    assert!(!pid_file.exists());
-}
-
-#[tokio::test]
-async fn stop_waits_for_live_reservation_to_resolve() {
-    let temp_dir = TempDir::new().expect("temp dir");
-    let pid_file = temp_dir.path().join("app-server.pid");
-    tokio::fs::write(&pid_file, "")
-        .await
-        .expect("write pid file");
-    let backend = PidBackend::new(
-        temp_dir.path().join("codex"),
-        pid_file.clone(),
-        /*remote_control_enabled*/ false,
-    );
-    let reservation = tokio::fs::OpenOptions::new()
-        .create(true)
-        .truncate(false)
-        .write(true)
-        .open(&backend.lock_file)
-        .await
-        .expect("open pid lock file");
-    assert!(try_lock_file(&reservation).expect("lock reservation"));
-    let cleanup = tokio::spawn(async move {
-        tokio::time::sleep(Duration::from_millis(50)).await;
-        drop(reservation);
-        tokio::fs::remove_file(pid_file)
-            .await
-            .expect("remove pid file");
-    });
-
-    backend.stop().await.expect("stop");
-    cleanup.await.expect("cleanup task");
-}
-
-#[tokio::test]
-async fn start_retries_stale_empty_pid_file_under_its_own_lock() {
-    let temp_dir = TempDir::new().expect("temp dir");
-    let pid_file = temp_dir.path().join("app-server.pid");
-    tokio::fs::write(&pid_file, "")
-        .await
-        .expect("write pid file");
-    let backend = PidBackend::new(
-        temp_dir.path().join("missing-codex"),
-        pid_file,
-        /*remote_control_enabled*/ false,
-    );
-
-    let err = backend.start().await.expect_err("start");
-    assert!(
-        err.to_string()
-            .starts_with("failed to spawn detached app-server process using ")
-    );
-}
-
-#[tokio::test]
-async fn stale_record_cleanup_preserves_replacement_record() {
-    let temp_dir = TempDir::new().expect("temp dir");
-    let pid_file = temp_dir.path().join("app-server.pid");
-    let backend = PidBackend::new(
-        temp_dir.path().join("codex"),
-        pid_file.clone(),
-        /*remote_control_enabled*/ false,
-    );
-    let stale = PidRecord {
-        pid: 1,
-        process_start_time: "old".to_string(),
-    };
-    let replacement = PidRecord {
-        pid: 2,
-        process_start_time: "new".to_string(),
-    };
-    tokio::fs::write(
-        &pid_file,
-        serde_json::to_vec(&replacement).expect("serialize replacement"),
-    )
-    .await
-    .expect("write replacement pid file");
-
-    assert_eq!(
-        backend
-            .refresh_after_stale_record(&stale)
-            .await
-            .expect("cleanup"),
-        PidFileState::Running(replacement)
-    );
-}
-
-#[test]
-fn update_loop_uses_hidden_app_server_subcommand() {
-    let backend = PidBackend {
-        codex_bin: "codex".into(),
-        pid_file: "updater.pid".into(),
-        lock_file: "updater.pid.lock".into(),
-        command_kind: PidCommandKind::UpdateLoop,
-    };
-
-    assert_eq!(
-        backend.command_args(),
-        vec!["app-server", "daemon", "pid-update-loop"]
-    );
-}
-
-#[test]
-fn app_server_remote_control_uses_runtime_flag() {
-    let backend = PidBackend::new(
-        "codex".into(),
-        "app-server.pid".into(),
-        /*remote_control_enabled*/ true,
-    );
-
-    assert_eq!(
-        backend.command_args(),
-        vec!["app-server", "--remote-control", "--listen", "unix://"]
-    );
-}
-
-#[tokio::test]
-async fn read_stderr_log_tail_returns_recent_complete_lines() {
-    let temp_dir = TempDir::new().expect("temp dir");
-    let pid_file = temp_dir.path().join("app-server.pid");
-    let log_file = stderr_log_file_for_pid_file(&pid_file);
-    let contents = format!("{}\nrecent error\nusage", "x".repeat(4100));
-    tokio::fs::write(&log_file, contents)
-        .await
-        .expect("write stderr log");
-
-    assert_eq!(
-        read_stderr_log_tail(&pid_file)
-            .await
-            .expect("read stderr log"),
-        Some(PidLogTail {
-            path: log_file,
-            contents: "recent error\nusage".to_string(),
-        })
-    );
-}
--- a/codex-rs/app-server-daemon/src/client.rs
+++ b/codex-rs/app-server-daemon/src/client.rs
@@ -1,181 +0,0 @@
-use std::path::Path;
-use std::time::Duration;
-
-use anyhow::Context;
-use anyhow::Result;
-use anyhow::anyhow;
-use codex_app_server_protocol::ClientInfo;
-use codex_app_server_protocol::InitializeCapabilities;
-use codex_app_server_protocol::InitializeParams;
-use codex_app_server_protocol::InitializeResponse;
-use codex_app_server_protocol::JSONRPCMessage;
-use codex_app_server_protocol::JSONRPCNotification;
-use codex_app_server_protocol::JSONRPCRequest;
-use codex_app_server_protocol::RequestId;
-use codex_uds::UnixStream;
-use futures::SinkExt;
-use futures::StreamExt;
-use tokio::io::AsyncRead;
-use tokio::io::AsyncWrite;
-use tokio::time::timeout;
-use tokio_tungstenite::WebSocketStream;
-use tokio_tungstenite::client_async;
-use tokio_tungstenite::tungstenite::Message;
-
-pub(crate) const CONTROL_SOCKET_RESPONSE_TIMEOUT: Duration = Duration::from_secs(2);
-const CLIENT_NAME: &str = "codex_app_server_daemon";
-const INITIALIZE_REQUEST_ID: RequestId = RequestId::Integer(1);
-
-#[derive(Debug, Clone, PartialEq, Eq)]
-pub(crate) struct ProbeInfo {
-    pub(crate) app_server_version: String,
-}
-
-pub(crate) async fn probe(socket_path: &Path) -> Result<ProbeInfo> {
-    timeout(CONTROL_SOCKET_RESPONSE_TIMEOUT, probe_inner(socket_path))
-        .await
-        .with_context(|| {
-            format!(
-                "timed out probing app-server control socket {}",
-                socket_path.display()
-            )
-        })?
-}
-
-async fn probe_inner(socket_path: &Path) -> Result<ProbeInfo> {
-    let mut websocket = connect(socket_path).await?;
-
-    let initialize_response = initialize(&mut websocket, /*experimental_api*/ false).await?;
-    let initialized = JSONRPCMessage::Notification(JSONRPCNotification {
-        method: "initialized".to_string(),
-        params: None,
-    });
-    send_message(&mut websocket, &initialized)
-        .await
-        .context("failed to send initialized notification")?;
-    websocket.close(None).await.ok();
-
-    Ok(ProbeInfo {
-        app_server_version: parse_version_from_user_agent(&initialize_response.user_agent)?,
-    })
-}
-
-pub(crate) async fn connect(socket_path: &Path) -> Result<WebSocketStream<UnixStream>> {
-    let stream = UnixStream::connect(socket_path)
-        .await
-        .with_context(|| format!("failed to connect to {}", socket_path.display()))?;
-    let (websocket, _response) = client_async("ws://localhost/", stream)
-        .await
-        .with_context(|| format!("failed to upgrade {}", socket_path.display()))?;
-    Ok(websocket)
-}
-
-pub(crate) async fn initialize<S>(
-    websocket: &mut WebSocketStream<S>,
-    experimental_api: bool,
-) -> Result<InitializeResponse>
-where
-    S: AsyncRead + AsyncWrite + Unpin,
-{
-    let initialize = JSONRPCMessage::Request(JSONRPCRequest {
-        id: INITIALIZE_REQUEST_ID,
-        method: "initialize".to_string(),
-        params: Some(serde_json::to_value(InitializeParams {
-            client_info: ClientInfo {
-                name: CLIENT_NAME.to_string(),
-                title: Some("Codex App Server Daemon".to_string()),
-                version: env!("CARGO_PKG_VERSION").to_string(),
-            },
-            capabilities: if experimental_api {
-                Some(InitializeCapabilities {
-                    experimental_api: true,
-                    ..Default::default()
-                })
-            } else {
-                None
-            },
-        })?),
-        trace: None,
-    });
-    send_message(websocket, &initialize)
-        .await
-        .context("failed to send initialize request")?;
-
-    let response = loop {
-        let message = timeout(CONTROL_SOCKET_RESPONSE_TIMEOUT, read_message(websocket))
-            .await
-            .context("timed out waiting for initialize response")??;
-        if let JSONRPCMessage::Response(response) = message
-            && response.id == INITIALIZE_REQUEST_ID
-        {
-            break response;
-        }
-    };
-    serde_json::from_value::<InitializeResponse>(response.result)
-        .context("failed to parse initialize response")
-}
-
-pub(crate) async fn send_message<S>(
-    websocket: &mut WebSocketStream<S>,
-    message: &JSONRPCMessage,
-) -> Result<()>
-where
-    S: AsyncRead + AsyncWrite + Unpin,
-{
-    websocket
-        .send(Message::Text(serde_json::to_string(message)?.into()))
-        .await?;
-    Ok(())
-}
-
-pub(crate) async fn read_message<S>(websocket: &mut WebSocketStream<S>) -> Result<JSONRPCMessage>
-where
-    S: AsyncRead + AsyncWrite + Unpin,
-{
-    loop {
-        let frame = websocket
-            .next()
-            .await
-            .ok_or_else(|| anyhow!("app-server closed the control socket"))??;
-        let Message::Text(payload) = frame else {
-            continue;
-        };
-        return serde_json::from_str::<JSONRPCMessage>(&payload)
-            .context("failed to parse app-server JSON-RPC message");
-    }
-}
-
-fn parse_version_from_user_agent(user_agent: &str) -> Result<String> {
-    let (_originator, rest) = user_agent
-        .split_once('/')
-        .ok_or_else(|| anyhow!("app-server user-agent omitted version separator"))?;
-    let version = rest
-        .split_whitespace()
-        .next()
-        .filter(|version| !version.is_empty())
-        .ok_or_else(|| anyhow!("app-server user-agent omitted version"))?;
-    Ok(version.to_string())
-}
-
-#[cfg(all(test, unix))]
-mod tests {
-    use pretty_assertions::assert_eq;
-
-    use super::parse_version_from_user_agent;
-
-    #[test]
-    fn parses_version_from_codex_user_agent() {
-        assert_eq!(
-            parse_version_from_user_agent(
-                "codex_app_server_daemon/1.2.3 (Linux 6.8.0; x86_64) codex_cli_rs/1.2.3",
-            )
-            .expect("version"),
-            "1.2.3"
-        );
-    }
-
-    #[test]
-    fn rejects_user_agent_without_version() {
-        assert!(parse_version_from_user_agent("codex_app_server_daemon").is_err());
-    }
-}
--- a/codex-rs/app-server-daemon/src/lib.rs
+++ b/codex-rs/app-server-daemon/src/lib.rs
--- a/codex-rs/app-server-daemon/src/managed_install.rs
+++ b/codex-rs/app-server-daemon/src/managed_install.rs
@@ -1,103 +0,0 @@
-use std::path::Path;
-use std::path::PathBuf;
-
-#[cfg(unix)]
-use anyhow::Context;
-#[cfg(unix)]
-use anyhow::Result;
-#[cfg(unix)]
-use anyhow::anyhow;
-#[cfg(unix)]
-use sha2::Digest;
-#[cfg(unix)]
-use sha2::Sha256;
-#[cfg(unix)]
-use tokio::fs;
-#[cfg(unix)]
-use tokio::process::Command;
-
-pub(crate) fn managed_codex_bin(codex_home: &Path) -> PathBuf {
-    codex_home
-        .join("packages")
-        .join("standalone")
-        .join("current")
-        .join(managed_codex_file_name())
-}
-
-#[cfg(unix)]
-pub(crate) async fn resolved_managed_codex_bin(codex_bin: &Path) -> Result<PathBuf> {
-    fs::canonicalize(codex_bin).await.with_context(|| {
-        format!(
-            "failed to resolve managed Codex binary {}",
-            codex_bin.display()
-        )
-    })
-}
-
-#[cfg(unix)]
-pub(crate) async fn managed_codex_version(codex_bin: &Path) -> Result<String> {
-    let output = Command::new(codex_bin)
-        .arg("--version")
-        .output()
-        .await
-        .with_context(|| {
-            format!(
-                "failed to invoke managed Codex binary {}",
-                codex_bin.display()
-            )
-        })?;
-    if !output.status.success() {
-        return Err(anyhow!(
-            "managed Codex binary {} exited with status {}",
-            codex_bin.display(),
-            output.status
-        ));
-    }
-
-    let stdout = String::from_utf8(output.stdout).with_context(|| {
-        format!(
-            "managed Codex version was not utf-8: {}",
-            codex_bin.display()
-        )
-    })?;
-    parse_codex_version(&stdout)
-}
-
-#[cfg(unix)]
-#[derive(Debug, Clone, PartialEq, Eq)]
-pub(crate) struct ExecutableIdentity {
-    digest: [u8; 32],
-}
-
-#[cfg(unix)]
-pub(crate) async fn executable_identity(executable: &Path) -> Result<ExecutableIdentity> {
-    let bytes = fs::read(executable)
-        .await
-        .with_context(|| format!("failed to read executable {}", executable.display()))?;
-    Ok(executable_identity_from_bytes(&bytes))
-}
-
-#[cfg(unix)]
-pub(crate) fn executable_identity_from_bytes(bytes: &[u8]) -> ExecutableIdentity {
-    ExecutableIdentity {
-        digest: Sha256::digest(bytes).into(),
-    }
-}
-
-fn managed_codex_file_name() -> &'static str {
-    if cfg!(windows) { "codex.exe" } else { "codex" }
-}
-
-#[cfg(unix)]
-fn parse_codex_version(output: &str) -> Result<String> {
-    let version = output
-        .split_whitespace()
-        .nth(1)
-        .filter(|version| !version.is_empty())
-        .ok_or_else(|| anyhow!("managed Codex version output was malformed"))?;
-    Ok(version.to_string())
-}
-
-#[cfg(all(test, unix))]
-#[path = "managed_install_tests.rs"]
-mod tests;
--- a/codex-rs/app-server-daemon/src/managed_install_tests.rs
+++ b/codex-rs/app-server-daemon/src/managed_install_tests.rs
@@ -1,27 +0,0 @@
-use pretty_assertions::assert_eq;
-
-use super::executable_identity_from_bytes;
-use super::parse_codex_version;
-
-#[test]
-fn parses_codex_cli_version_output() {
-    assert_eq!(
-        parse_codex_version("codex 1.2.3\n").expect("version"),
-        "1.2.3"
-    );
-}
-
-#[test]
-fn rejects_malformed_codex_cli_version_output() {
-    assert!(parse_codex_version("codex\n").is_err());
-}
-
-#[test]
-fn executable_identity_uses_binary_contents() {
-    let old = executable_identity_from_bytes(b"old");
-    let same = executable_identity_from_bytes(b"old");
-    let new = executable_identity_from_bytes(b"new");
-
-    assert_eq!(old, same);
-    assert_ne!(old, new);
-}
--- a/codex-rs/app-server-daemon/src/remote_control_client.rs
+++ b/codex-rs/app-server-daemon/src/remote_control_client.rs
@@ -1,459 +0,0 @@
-use std::path::Path;
-use std::time::Duration;
-
-use anyhow::Context;
-use anyhow::Result;
-use anyhow::anyhow;
-use codex_app_server_protocol::JSONRPCMessage;
-use codex_app_server_protocol::JSONRPCNotification;
-use codex_app_server_protocol::JSONRPCRequest;
-use codex_app_server_protocol::RemoteControlConnectionStatus;
-use codex_app_server_protocol::RemoteControlEnableResponse;
-use codex_app_server_protocol::RemoteControlStatusChangedNotification;
-use codex_app_server_protocol::RequestId;
-use tokio::io::AsyncRead;
-use tokio::io::AsyncWrite;
-use tokio::time::Instant;
-use tokio::time::sleep;
-use tokio::time::timeout;
-use tokio_tungstenite::WebSocketStream;
-
-use crate::RemoteControlReadyStatus;
-use crate::client;
-
-const REMOTE_CONTROL_READY_TIMEOUT: Duration = Duration::from_secs(10);
-const REMOTE_CONTROL_ENABLE_REQUEST_ID: RequestId = RequestId::Integer(2);
-
-pub(crate) async fn enable_remote_control(socket_path: &Path) -> Result<RemoteControlReadyStatus> {
-    let mut websocket = client::connect(socket_path).await?;
-    enable_remote_control_with_timeout(&mut websocket, REMOTE_CONTROL_READY_TIMEOUT).await
-}
-
-pub(crate) async fn enable_remote_control_with_connect_retry(
-    socket_path: &Path,
-    connect_timeout: Duration,
-    connect_retry_delay: Duration,
-) -> Result<RemoteControlReadyStatus> {
-    let mut websocket =
-        connect_with_retry(socket_path, connect_timeout, connect_retry_delay).await?;
-    enable_remote_control_with_timeout(&mut websocket, REMOTE_CONTROL_READY_TIMEOUT).await
-}
-
-async fn enable_remote_control_with_timeout<S>(
-    websocket: &mut WebSocketStream<S>,
-    ready_timeout: Duration,
-) -> Result<RemoteControlReadyStatus>
-where
-    S: AsyncRead + AsyncWrite + Unpin,
-{
-    client::initialize(websocket, /*experimental_api*/ true).await?;
-    let initialized = JSONRPCMessage::Notification(JSONRPCNotification {
-        method: "initialized".to_string(),
-        params: None,
-    });
-    client::send_message(websocket, &initialized)
-        .await
-        .context("failed to send initialized notification")?;
-
-    let enable = JSONRPCMessage::Request(JSONRPCRequest {
-        id: REMOTE_CONTROL_ENABLE_REQUEST_ID,
-        method: "remoteControl/enable".to_string(),
-        params: None,
-        trace: None,
-    });
-    client::send_message(websocket, &enable)
-        .await
-        .context("failed to send remoteControl/enable request")?;
-
-    let mut latest = read_enable_response(websocket).await?;
-    if latest.status == RemoteControlConnectionStatus::Connecting {
-        latest = wait_for_remote_control_status(websocket, latest, ready_timeout).await?;
-    }
-    websocket.close(None).await.ok();
-    Ok(latest)
-}
-
-async fn connect_with_retry(
-    socket_path: &Path,
-    connect_timeout: Duration,
-    connect_retry_delay: Duration,
-) -> Result<WebSocketStream<codex_uds::UnixStream>> {
-    let deadline = Instant::now() + connect_timeout;
-    loop {
-        match client::connect(socket_path).await {
-            Ok(websocket) => return Ok(websocket),
-            Err(_) if Instant::now() < deadline => {
-                sleep(connect_retry_delay).await;
-            }
-            Err(error) => {
-                return Err(error).with_context(|| {
-                    format!(
-                        "app server did not become ready on {}",
-                        socket_path.display()
-                    )
-                });
-            }
-        }
-    }
-}
-
-async fn read_enable_response<S>(
-    websocket: &mut WebSocketStream<S>,
-) -> Result<RemoteControlReadyStatus>
-where
-    S: AsyncRead + AsyncWrite + Unpin,
-{
-    loop {
-        let message = timeout(
-            client::CONTROL_SOCKET_RESPONSE_TIMEOUT,
-            client::read_message(websocket),
-        )
-        .await
-        .context("timed out waiting for remoteControl/enable response")??;
-        match message {
-            JSONRPCMessage::Response(response)
-                if response.id == REMOTE_CONTROL_ENABLE_REQUEST_ID =>
-            {
-                let response =
-                    serde_json::from_value::<RemoteControlEnableResponse>(response.result)
-                        .context("failed to parse remoteControl/enable response")?;
-                return Ok(RemoteControlReadyStatus::from(response));
-            }
-            JSONRPCMessage::Error(err) if err.id == REMOTE_CONTROL_ENABLE_REQUEST_ID => {
-                return Err(anyhow!(
-                    "remoteControl/enable failed: {}",
-                    err.error.message
-                ));
-            }
-            JSONRPCMessage::Notification(notification)
-                if remote_control_status_notification(&notification).is_some() =>
-            {
-                continue;
-            }
-            _ => {}
-        }
-    }
-}
-
-async fn wait_for_remote_control_status<S>(
-    websocket: &mut WebSocketStream<S>,
-    mut latest: RemoteControlReadyStatus,
-    ready_timeout: Duration,
-) -> Result<RemoteControlReadyStatus>
-where
-    S: AsyncRead + AsyncWrite + Unpin,
-{
-    let deadline = tokio::time::Instant::now() + ready_timeout;
-    while tokio::time::Instant::now() < deadline {
-        let remaining = deadline.saturating_duration_since(tokio::time::Instant::now());
-        let message = match timeout(remaining, client::read_message(websocket)).await {
-            Ok(Ok(message)) => message,
-            Ok(Err(err)) => return Err(err),
-            Err(_) => {
-                latest.timed_out = true;
-                return Ok(latest);
-            }
-        };
-        let JSONRPCMessage::Notification(notification) = message else {
-            continue;
-        };
-        let Some(status) = remote_control_status_notification(&notification) else {
-            continue;
-        };
-        latest = RemoteControlReadyStatus::from(status);
-        if latest.status != RemoteControlConnectionStatus::Connecting {
-            return Ok(latest);
-        }
-    }
-    latest.timed_out = true;
-    Ok(latest)
-}
-
-fn remote_control_status_notification(
-    notification: &JSONRPCNotification,
-) -> Option<RemoteControlStatusChangedNotification> {
-    if notification.method != "remoteControl/status/changed" {
-        return None;
-    }
-    let params = notification.params.clone()?;
-    serde_json::from_value(params).ok()
-}
-
-impl From<RemoteControlEnableResponse> for RemoteControlReadyStatus {
-    fn from(response: RemoteControlEnableResponse) -> Self {
-        let RemoteControlEnableResponse {
-            status,
-            server_name,
-            installation_id: _,
-            environment_id,
-        } = response;
-        Self {
-            status,
-            server_name,
-            environment_id,
-            timed_out: false,
-        }
-    }
-}
-
-impl From<RemoteControlStatusChangedNotification> for RemoteControlReadyStatus {
-    fn from(notification: RemoteControlStatusChangedNotification) -> Self {
-        let RemoteControlStatusChangedNotification {
-            status,
-            server_name,
-            installation_id: _,
-            environment_id,
-        } = notification;
-        Self {
-            status,
-            server_name,
-            environment_id,
-            timed_out: false,
-        }
-    }
-}
-
-#[cfg(all(test, unix))]
-mod tests {
-    use anyhow::Result;
-    use codex_app_server_protocol::JSONRPCResponse;
-    use codex_uds::UnixListener;
-    use pretty_assertions::assert_eq;
-    use tempfile::TempDir;
-    use tokio_tungstenite::accept_async;
-
-    use super::*;
-
-    const INITIALIZE_REQUEST_ID: RequestId = RequestId::Integer(1);
-    const TEST_INSTALLATION_ID: &str = "11111111-1111-4111-8111-111111111111";
-    const TEST_SERVER_NAME: &str = "owen-mbp";
-    const TEST_CODEX_HOME: &str = "/tmp/codex-home";
-
-    #[tokio::test]
-    async fn enable_remote_control_uses_connected_enable_response_without_later_notification()
-    -> Result<()> {
-        let status = run_enable_remote_control_scenario(EnableScenario {
-            initial_notification: Some(remote_control_status(
-                RemoteControlConnectionStatus::Connected,
-                Some("env_test"),
-            )),
-            enable_response: remote_control_status(
-                RemoteControlConnectionStatus::Connected,
-                Some("env_test"),
-            ),
-            after_enable_notification: None,
-            ready_timeout: Duration::from_millis(20),
-        })
-        .await?;
-
-        assert_eq!(
-            status,
-            RemoteControlReadyStatus {
-                status: RemoteControlConnectionStatus::Connected,
-                server_name: TEST_SERVER_NAME.to_string(),
-                environment_id: Some("env_test".to_string()),
-                timed_out: false,
-            }
-        );
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn enable_remote_control_waits_for_connected_notification() -> Result<()> {
-        let status = run_enable_remote_control_scenario(EnableScenario {
-            initial_notification: None,
-            enable_response: remote_control_status(
-                RemoteControlConnectionStatus::Connecting,
-                /*environment_id*/ None,
-            ),
-            after_enable_notification: Some(remote_control_status(
-                RemoteControlConnectionStatus::Connected,
-                Some("env_test"),
-            )),
-            ready_timeout: Duration::from_secs(1),
-        })
-        .await?;
-
-        assert_eq!(
-            status,
-            RemoteControlReadyStatus {
-                status: RemoteControlConnectionStatus::Connected,
-                server_name: TEST_SERVER_NAME.to_string(),
-                environment_id: Some("env_test".to_string()),
-                timed_out: false,
-            }
-        );
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn enable_remote_control_reports_connecting_after_timeout() -> Result<()> {
-        let status = run_enable_remote_control_scenario(EnableScenario {
-            initial_notification: None,
-            enable_response: remote_control_status(
-                RemoteControlConnectionStatus::Connecting,
-                /*environment_id*/ None,
-            ),
-            after_enable_notification: None,
-            ready_timeout: Duration::from_millis(20),
-        })
-        .await?;
-
-        assert_eq!(
-            status,
-            RemoteControlReadyStatus {
-                status: RemoteControlConnectionStatus::Connecting,
-                server_name: TEST_SERVER_NAME.to_string(),
-                environment_id: None,
-                timed_out: true,
-            }
-        );
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn enable_remote_control_returns_errored_enable_response() -> Result<()> {
-        let status = run_enable_remote_control_scenario(EnableScenario {
-            initial_notification: None,
-            enable_response: remote_control_status(
-                RemoteControlConnectionStatus::Errored,
-                /*environment_id*/ None,
-            ),
-            after_enable_notification: None,
-            ready_timeout: Duration::from_millis(20),
-        })
-        .await?;
-
-        assert_eq!(
-            status,
-            RemoteControlReadyStatus {
-                status: RemoteControlConnectionStatus::Errored,
-                server_name: TEST_SERVER_NAME.to_string(),
-                environment_id: None,
-                timed_out: false,
-            }
-        );
-        Ok(())
-    }
-
-    struct EnableScenario {
-        initial_notification: Option<RemoteControlStatusChangedNotification>,
-        enable_response: RemoteControlStatusChangedNotification,
-        after_enable_notification: Option<RemoteControlStatusChangedNotification>,
-        ready_timeout: Duration,
-    }
-
-    async fn run_enable_remote_control_scenario(
-        scenario: EnableScenario,
-    ) -> Result<RemoteControlReadyStatus> {
-        let dir = TempDir::new()?;
-        let socket_path = dir.path().join("app-server.sock");
-        let listener = UnixListener::bind(&socket_path).await?;
-        let ready_timeout = scenario.ready_timeout;
-        let server_task = tokio::spawn(serve_enable_remote_control_scenario(listener, scenario));
-
-        let mut websocket = client::connect(&socket_path).await?;
-        let status = enable_remote_control_with_timeout(&mut websocket, ready_timeout).await?;
-        server_task.await??;
-        Ok(status)
-    }
-
-    async fn serve_enable_remote_control_scenario(
-        mut listener: UnixListener,
-        scenario: EnableScenario,
-    ) -> Result<()> {
-        let stream = listener.accept().await?;
-        let mut websocket = accept_async(stream).await?;
-
-        let initialize = client::read_message(&mut websocket).await?;
-        let JSONRPCMessage::Request(initialize) = initialize else {
-            panic!("expected initialize request");
-        };
-        assert_eq!(initialize.id, INITIALIZE_REQUEST_ID);
-        assert_eq!(initialize.method, "initialize");
-        let Some(initialize_params) = initialize.params else {
-            panic!("expected initialize params");
-        };
-        assert_eq!(
-            initialize_params["capabilities"]["experimentalApi"],
-            serde_json::Value::Bool(true)
-        );
-        client::send_message(
-            &mut websocket,
-            &JSONRPCMessage::Response(JSONRPCResponse {
-                id: INITIALIZE_REQUEST_ID,
-                result: serde_json::json!({
-                    "userAgent": "codex_app_server/1.2.3",
-                    "codexHome": TEST_CODEX_HOME,
-                    "platformFamily": "unix",
-                    "platformOs": "macos",
-                }),
-            }),
-        )
-        .await?;
-
-        let initialized = client::read_message(&mut websocket).await?;
-        let JSONRPCMessage::Notification(initialized) = initialized else {
-            panic!("expected initialized notification");
-        };
-        assert_eq!(initialized.method, "initialized");
-
-        if let Some(status) = scenario.initial_notification {
-            send_remote_control_status(&mut websocket, status).await?;
-        }
-
-        let enable = client::read_message(&mut websocket).await?;
-        let JSONRPCMessage::Request(enable) = enable else {
-            panic!("expected remoteControl/enable request");
-        };
-        assert_eq!(enable.id, REMOTE_CONTROL_ENABLE_REQUEST_ID);
-        assert_eq!(enable.method, "remoteControl/enable");
-        client::send_message(
-            &mut websocket,
-            &JSONRPCMessage::Response(JSONRPCResponse {
-                id: REMOTE_CONTROL_ENABLE_REQUEST_ID,
-                result: serde_json::to_value(RemoteControlEnableResponse::from(
-                    scenario.enable_response,
-                ))?,
-            }),
-        )
-        .await?;
-
-        if let Some(status) = scenario.after_enable_notification {
-            send_remote_control_status(&mut websocket, status).await?;
-        } else {
-            tokio::time::sleep(Duration::from_millis(50)).await;
-        }
-
-        Ok(())
-    }
-
-    async fn send_remote_control_status<S>(
-        websocket: &mut WebSocketStream<S>,
-        status: RemoteControlStatusChangedNotification,
-    ) -> Result<()>
-    where
-        S: tokio::io::AsyncRead + tokio::io::AsyncWrite + Unpin,
-    {
-        client::send_message(
-            websocket,
-            &JSONRPCMessage::Notification(JSONRPCNotification {
-                method: "remoteControl/status/changed".to_string(),
-                params: Some(serde_json::to_value(status)?),
-            }),
-        )
-        .await
-    }
-
-    fn remote_control_status(
-        status: RemoteControlConnectionStatus,
-        environment_id: Option<&str>,
-    ) -> RemoteControlStatusChangedNotification {
-        RemoteControlStatusChangedNotification {
-            status,
-            server_name: TEST_SERVER_NAME.to_string(),
-            installation_id: TEST_INSTALLATION_ID.to_string(),
-            environment_id: environment_id.map(str::to_string),
-        }
-    }
-}
--- a/codex-rs/app-server-daemon/src/settings.rs
+++ b/codex-rs/app-server-daemon/src/settings.rs
@@ -1,63 +0,0 @@
-use std::path::Path;
-
-use anyhow::Context;
-use anyhow::Result;
-use serde::Deserialize;
-use serde::Serialize;
-use tokio::fs;
-
-#[derive(Debug, Clone, Default, PartialEq, Eq, Serialize, Deserialize)]
-#[serde(rename_all = "camelCase")]
-pub(crate) struct DaemonSettings {
-    pub(crate) remote_control_enabled: bool,
-}
-
-impl DaemonSettings {
-    pub(crate) async fn load(path: &Path) -> Result<Self> {
-        let contents = match fs::read_to_string(path).await {
-            Ok(contents) => contents,
-            Err(err) if err.kind() == std::io::ErrorKind::NotFound => return Ok(Self::default()),
-            Err(err) => {
-                return Err(err)
-                    .with_context(|| format!("failed to read daemon settings {}", path.display()));
-            }
-        };
-
-        serde_json::from_str(&contents)
-            .with_context(|| format!("failed to parse daemon settings {}", path.display()))
-    }
-
-    pub(crate) async fn save(&self, path: &Path) -> Result<()> {
-        if let Some(parent) = path.parent() {
-            fs::create_dir_all(parent).await.with_context(|| {
-                format!(
-                    "failed to create daemon settings directory {}",
-                    parent.display()
-                )
-            })?;
-        }
-
-        let contents = serde_json::to_vec_pretty(self).context("failed to serialize settings")?;
-        fs::write(path, contents)
-            .await
-            .with_context(|| format!("failed to write daemon settings {}", path.display()))
-    }
-}
-
-#[cfg(all(test, unix))]
-mod tests {
-    use pretty_assertions::assert_eq;
-
-    use super::DaemonSettings;
-
-    #[test]
-    fn daemon_settings_use_camel_case_json() {
-        assert_eq!(
-            serde_json::to_string(&DaemonSettings {
-                remote_control_enabled: true,
-            })
-            .expect("serialize"),
-            r#"{"remoteControlEnabled":true}"#
-        );
-    }
-}
--- a/codex-rs/app-server-daemon/src/update_loop.rs
+++ b/codex-rs/app-server-daemon/src/update_loop.rs
@@ -1,197 +0,0 @@
-#[cfg(unix)]
-use std::process::Command as StdCommand;
-#[cfg(unix)]
-use std::process::Stdio;
-#[cfg(unix)]
-use std::time::Duration;
-
-#[cfg(unix)]
-use anyhow::Context;
-use anyhow::Result;
-#[cfg(not(unix))]
-use anyhow::bail;
-#[cfg(unix)]
-use futures::FutureExt;
-#[cfg(unix)]
-use std::os::unix::process::CommandExt;
-#[cfg(unix)]
-use tokio::io::AsyncWriteExt;
-#[cfg(unix)]
-use tokio::process::Command;
-#[cfg(unix)]
-use tokio::signal::unix::Signal;
-#[cfg(unix)]
-use tokio::signal::unix::SignalKind;
-#[cfg(unix)]
-use tokio::signal::unix::signal;
-#[cfg(unix)]
-use tokio::time::sleep;
-
-#[cfg(unix)]
-use crate::Daemon;
-#[cfg(unix)]
-use crate::RestartIfRunningOutcome;
-#[cfg(unix)]
-use crate::RestartMode;
-#[cfg(unix)]
-use crate::UpdaterRefreshMode;
-#[cfg(unix)]
-use crate::managed_install::ExecutableIdentity;
-#[cfg(unix)]
-use crate::managed_install::executable_identity;
-#[cfg(unix)]
-use crate::managed_install::resolved_managed_codex_bin;
-
-#[cfg(unix)]
-const INITIAL_UPDATE_DELAY: Duration = Duration::from_secs(5 * 60);
-#[cfg(unix)]
-const RESTART_RETRY_INTERVAL: Duration = Duration::from_millis(50);
-#[cfg(unix)]
-const UPDATE_INTERVAL: Duration = Duration::from_secs(60 * 60);
-
-#[cfg(unix)]
-pub(crate) async fn run() -> Result<()> {
-    let mut terminate =
-        signal(SignalKind::terminate()).context("failed to install updater shutdown handler")?;
-    let running_updater_identity = current_updater_identity().await?;
-    if sleep_or_terminate(INITIAL_UPDATE_DELAY, &mut terminate).await {
-        return Ok(());
-    }
-    loop {
-        match update_once(&running_updater_identity, &mut terminate).await {
-            Ok(UpdateLoopControl::Continue) | Err(_) => {}
-            Ok(UpdateLoopControl::Stop) => return Ok(()),
-        }
-        if sleep_or_terminate(UPDATE_INTERVAL, &mut terminate).await {
-            return Ok(());
-        }
-    }
-}
-
-#[cfg(not(unix))]
-pub(crate) async fn run() -> Result<()> {
-    bail!("pid-managed updater loop is unsupported on this platform")
-}
-
-#[cfg(unix)]
-async fn sleep_or_terminate(duration: Duration, terminate: &mut Signal) -> bool {
-    tokio::select! {
-        _ = sleep(duration) => false,
-        _ = terminate.recv() => true,
-    }
-}
-
-#[cfg(unix)]
-enum UpdateLoopControl {
-    Continue,
-    Stop,
-}
-
-#[cfg(unix)]
-async fn update_once(
-    running_updater_identity: &ExecutableIdentity,
-    terminate: &mut Signal,
-) -> Result<UpdateLoopControl> {
-    install_latest_standalone().await?;
-
-    let daemon = Daemon::from_environment()?;
-    let managed_codex_bin = resolved_managed_codex_bin(&daemon.managed_codex_bin).await?;
-    let managed_identity = executable_identity(&managed_codex_bin).await?;
-    let (restart_mode, updater_refresh_mode) =
-        update_modes_for_identities(running_updater_identity, &managed_identity);
-
-    loop {
-        if terminate.recv().now_or_never().flatten().is_some() {
-            return Ok(UpdateLoopControl::Stop);
-        }
-        match daemon
-            .try_restart_if_running(restart_mode, updater_refresh_mode, &managed_codex_bin)
-            .await?
-        {
-            RestartIfRunningOutcome::Busy => {
-                if sleep_or_terminate(RESTART_RETRY_INTERVAL, terminate).await {
-                    return Ok(UpdateLoopControl::Stop);
-                }
-            }
-            _ => return Ok(UpdateLoopControl::Continue),
-        }
-    }
-}
-
-#[cfg(unix)]
-async fn current_updater_identity() -> Result<ExecutableIdentity> {
-    let current_exe =
-        std::env::current_exe().context("failed to resolve current updater executable")?;
-    executable_identity(&current_exe).await
-}
-
-#[cfg(unix)]
-fn update_modes_for_identities(
-    running_updater_identity: &ExecutableIdentity,
-    managed_identity: &ExecutableIdentity,
-) -> (RestartMode, UpdaterRefreshMode) {
-    if running_updater_identity == managed_identity {
-        (RestartMode::IfVersionChanged, UpdaterRefreshMode::None)
-    } else {
-        (
-            RestartMode::Always,
-            UpdaterRefreshMode::ReexecIfManagedBinaryChanged,
-        )
-    }
-}
-
-#[cfg(unix)]
-pub(crate) fn reexec_managed_updater(managed_codex_bin: &std::path::Path) -> Result<()> {
-    let err = StdCommand::new(managed_codex_bin)
-        .args(["app-server", "daemon", "pid-update-loop"])
-        .exec();
-    Err(err).with_context(|| {
-        format!(
-            "failed to replace updater with managed Codex binary {}",
-            managed_codex_bin.display()
-        )
-    })
-}
-
-#[cfg(unix)]
-async fn install_latest_standalone() -> Result<()> {
-    let script = reqwest::get("https://chatgpt.com/codex/install.sh")
-        .await
-        .context("failed to fetch standalone Codex updater")?
-        .error_for_status()
-        .context("standalone Codex updater request failed")?
-        .bytes()
-        .await
-        .context("failed to read standalone Codex updater")?;
-
-    let mut child = Command::new("/bin/sh")
-        .arg("-s")
-        .stdin(Stdio::piped())
-        .stdout(Stdio::null())
-        .stderr(Stdio::null())
-        .spawn()
-        .context("failed to invoke standalone Codex updater")?;
-    let mut stdin = child
-        .stdin
-        .take()
-        .context("standalone Codex updater stdin was unavailable")?;
-    stdin
-        .write_all(&script)
-        .await
-        .context("failed to pass standalone Codex updater to shell")?;
-    drop(stdin);
-    let status = child
-        .wait()
-        .await
-        .context("failed to wait for standalone Codex updater")?;
-
-    if status.success() {
-        Ok(())
-    } else {
-        anyhow::bail!("standalone Codex updater exited with status {status}")
-    }
-}
-
-#[cfg(all(test, unix))]
-#[path = "update_loop_tests.rs"]
-mod tests;
--- a/codex-rs/app-server-daemon/src/update_loop_tests.rs
+++ b/codex-rs/app-server-daemon/src/update_loop_tests.rs
@@ -1,31 +0,0 @@
-use pretty_assertions::assert_eq;
-
-use super::update_modes_for_identities;
-use crate::RestartMode;
-use crate::UpdaterRefreshMode;
-use crate::managed_install::executable_identity_from_bytes;
-
-#[test]
-fn unchanged_updater_uses_version_based_restart() {
-    assert_eq!(
-        update_modes_for_identities(
-            &executable_identity_from_bytes(b"same"),
-            &executable_identity_from_bytes(b"same"),
-        ),
-        (RestartMode::IfVersionChanged, UpdaterRefreshMode::None)
-    );
-}
-
-#[test]
-fn changed_updater_forces_refresh_even_when_version_may_match() {
-    assert_eq!(
-        update_modes_for_identities(
-            &executable_identity_from_bytes(b"old"),
-            &executable_identity_from_bytes(b"new"),
-        ),
-        (
-            RestartMode::Always,
-            UpdaterRefreshMode::ReexecIfManagedBinaryChanged,
-        )
-    );
-}
--- a/codex-rs/app-server-protocol/Cargo.toml
+++ b/codex-rs/app-server-protocol/Cargo.toml
@@ -7,7 +7,6 @@ license.workspace = true
 [lib]
 name = "codex_app_server_protocol"
 path = "src/lib.rs"
-doctest = false

 [lints]
 workspace = true
--- a/codex-rs/app-server-protocol/schema/json/AttestationGenerateParams.json
+++ b/codex-rs/app-server-protocol/schema/json/AttestationGenerateParams.json
@@ -1,5 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "title": "AttestationGenerateParams",
-  "type": "object"
-}
--- a/Show More
+++ b/Show More