Escape remembered session titles in history

Load source rollouts, extract visible conversation, persist a hidden remembered-context packet, and expose the v2 thread/remember RPC for UI integration.

Co-authored-by: Codex <noreply@openai.com>

.devcontainer/Dockerfile.secure

@@ -1,71 +0,0 @@
-FROM mcr.microsoft.com/devcontainers/base:ubuntu-24.04
-
-ARG TZ
-ARG DEBIAN_FRONTEND=noninteractive
-ARG NODE_MAJOR=22
-ARG RUST_TOOLCHAIN=1.92.0
-ARG CODEX_NPM_VERSION=latest
-
-ENV TZ="$TZ"
-
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-
-RUN apt-get update \
-    && apt-get install -y --no-install-recommends \
-        build-essential \
-        curl \
-        git \
-        ca-certificates \
-        pkg-config \
-        clang \
-        musl-tools \
-        libssl-dev \
-        libsqlite3-dev \
-        just \
-        python3 \
-        python3-pip \
-        jq \
-        less \
-        man-db \
-        unzip \
-        ripgrep \
-        fzf \
-        fd-find \
-        zsh \
-        dnsutils \
-        iproute2 \
-        ipset \
-        iptables \
-        aggregate \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-RUN curl -fsSL "https://deb.nodesource.com/setup_${NODE_MAJOR}.x" | bash - \
-    && apt-get update \
-    && apt-get install -y --no-install-recommends nodejs \
-    && npm install -g corepack@latest "@openai/codex@${CODEX_NPM_VERSION}" \
-    && corepack enable \
-    && corepack prepare pnpm@10.28.2 --activate \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-COPY .devcontainer/init-firewall.sh /usr/local/bin/init-firewall.sh
-COPY .devcontainer/post_install.py /opt/post_install.py
-COPY .devcontainer/post-start.sh /opt/post_start.sh
-
-RUN chmod 500 /usr/local/bin/init-firewall.sh \
-    && chmod 755 /opt/post_start.sh \
-    && chmod 644 /opt/post_install.py \
-    && chown vscode:vscode /opt/post_install.py
-
-RUN install -d -m 0775 -o vscode -g vscode /commandhistory /workspace \
-    && touch /commandhistory/.bash_history /commandhistory/.zsh_history \
-    && chown vscode:vscode /commandhistory/.bash_history /commandhistory/.zsh_history
-
-USER vscode
-ENV PATH="/home/vscode/.cargo/bin:${PATH}"
-WORKDIR /workspace
-
-RUN curl -sSf https://sh.rustup.rs | sh -s -- -y --profile minimal --default-toolchain "${RUST_TOOLCHAIN}" \
-    && rustup component add clippy rustfmt rust-src \
-    && rustup target add x86_64-unknown-linux-musl aarch64-unknown-linux-musl

.devcontainer/README.md

@@ -1,36 +1,10 @@
 # Containerized Development
 
-We provide two container paths:
-
-- `devcontainer.json` keeps the existing Codex contributor setup for working on this repository.
-- `devcontainer.secure.json` adds a customer-oriented profile with stricter outbound network controls.
-
-## Codex contributor profile
-
-Use `devcontainer.json` when you are developing Codex itself. This is the same lightweight arm64 container that already exists in the repo.
-
-## Secure customer profile
-
-Use `devcontainer.secure.json` when you want a stricter runtime profile for running Codex inside a project container:
-
-- installs the Codex CLI plus common build tools
-- enables firewall startup with an allowlist-driven outbound policy
-- blocks IPv6 by default so the allowlist cannot be bypassed over AAAA routes
-- requires `NET_ADMIN` and `NET_RAW` so the firewall can be installed at startup
-
-This profile keeps the stricter networking isolated to the customer path instead of changing the default Codex contributor container.
-
-Start it from the CLI with:
-
-```bash
-devcontainer up --workspace-folder . --config .devcontainer/devcontainer.secure.json
-```
-
-In VS Code, choose **Dev Containers: Open Folder in Container...** and select `.devcontainer/devcontainer.secure.json`.
+We provide the following options to facilitate Codex development in a container. This is particularly useful for verifying the Linux build when working on a macOS host.
 
 ## Docker
 
-To build the contributor image locally for x64 and then run it with the repo mounted under `/workspace`:
+To build the Docker image locally for x64 and then run it with the repo mounted under `/workspace`:
 
 ```shell
 CODEX_DOCKER_IMAGE_NAME=codex-linux-dev
@@ -40,6 +14,17 @@ docker run --platform=linux/amd64 --rm -it -e CARGO_TARGET_DIR=/workspace/codex-
 
 Note that `/workspace/target` will contain the binaries built for your host platform, so we include `-e CARGO_TARGET_DIR=/workspace/codex-rs/target-amd64` in the `docker run` command so that the binaries built inside your container are written to a separate directory.
 
-For arm64, specify `--platform=linux/arm64` instead for both `docker build` and `docker run`.
+For arm64, specify `--platform=linux/amd64` instead for both `docker build` and `docker run`.
 
-Currently, the contributor `Dockerfile` works for both x64 and arm64 Linux, though you need to run `rustup target add x86_64-unknown-linux-musl` yourself to install the musl toolchain for x64.
+Currently, the `Dockerfile` works for both x64 and arm64 Linux, though you need to run `rustup target add x86_64-unknown-linux-musl` yourself to install the musl toolchain for x64.
+
+## VS Code
+
+VS Code recognizes the `devcontainer.json` file and gives you the option to develop Codex in a container. Currently, `devcontainer.json` builds and runs the `arm64` flavor of the container.
+
+From the integrated terminal in VS Code, you can build either flavor of the `arm64` build (GNU or musl):
+
+```shell
+cargo build --target aarch64-unknown-linux-musl
+cargo build --target aarch64-unknown-linux-gnu
+```

.devcontainer/devcontainer.secure.json

@@ -1,76 +0,0 @@
-{
-  "$schema": "https://raw.githubusercontent.com/devcontainers/spec/main/schemas/devContainer.schema.json",
-  "name": "Codex (Secure)",
-  "build": {
-    "dockerfile": "Dockerfile.secure",
-    "context": "..",
-    "args": {
-      "TZ": "${localEnv:TZ:UTC}",
-      "NODE_MAJOR": "22",
-      "RUST_TOOLCHAIN": "1.92.0",
-      "CODEX_NPM_VERSION": "latest"
-    }
-  },
-  "runArgs": [
-    "--cap-add=NET_ADMIN",
-    "--cap-add=NET_RAW"
-  ],
-  "init": true,
-  "updateRemoteUserUID": true,
-  "remoteUser": "vscode",
-  "workspaceMount": "source=${localWorkspaceFolder},target=/workspace,type=bind,consistency=delegated",
-  "workspaceFolder": "/workspace",
-  "mounts": [
-    "source=codex-commandhistory-${devcontainerId},target=/commandhistory,type=volume",
-    "source=codex-home-${devcontainerId},target=/home/vscode/.codex,type=volume",
-    "source=codex-gh-${devcontainerId},target=/home/vscode/.config/gh,type=volume",
-    "source=codex-cargo-registry-${devcontainerId},target=/home/vscode/.cargo/registry,type=volume",
-    "source=codex-cargo-git-${devcontainerId},target=/home/vscode/.cargo/git,type=volume",
-    "source=codex-rustup-${devcontainerId},target=/home/vscode/.rustup,type=volume",
-    "source=${localEnv:HOME}/.gitconfig,target=/home/vscode/.gitconfig,type=bind,readonly"
-  ],
-  "containerEnv": {
-    "RUST_BACKTRACE": "1",
-    "CODEX_UNSAFE_ALLOW_NO_SANDBOX": "1",
-    "CODEX_ENABLE_FIREWALL": "1",
-    "CODEX_INCLUDE_GITHUB_META_RANGES": "1",
-    "OPENAI_ALLOWED_DOMAINS": "api.openai.com auth.openai.com github.com api.github.com codeload.github.com raw.githubusercontent.com objects.githubusercontent.com crates.io index.crates.io static.crates.io static.rust-lang.org registry.npmjs.org pypi.org files.pythonhosted.org",
-    "CARGO_TARGET_DIR": "/workspace/.cache/cargo-target",
-    "GIT_CONFIG_GLOBAL": "/home/vscode/.gitconfig.local",
-    "COREPACK_ENABLE_DOWNLOAD_PROMPT": "0",
-    "PYTHONDONTWRITEBYTECODE": "1",
-    "PIP_DISABLE_PIP_VERSION_CHECK": "1"
-  },
-  "remoteEnv": {
-    "OPENAI_API_KEY": "${localEnv:OPENAI_API_KEY}"
-  },
-  "postCreateCommand": "python3 /opt/post_install.py",
-  "postStartCommand": "bash /opt/post_start.sh",
-  "waitFor": "postStartCommand",
-  "customizations": {
-    "vscode": {
-      "settings": {
-        "terminal.integrated.defaultProfile.linux": "zsh",
-        "terminal.integrated.profiles.linux": {
-          "bash": {
-            "path": "bash",
-            "icon": "terminal-bash"
-          },
-          "zsh": {
-            "path": "zsh"
-          }
-        },
-        "files.trimTrailingWhitespace": true,
-        "files.insertFinalNewline": true,
-        "files.trimFinalNewlines": true
-      },
-      "extensions": [
-        "openai.chatgpt",
-        "rust-lang.rust-analyzer",
-        "tamasfe.even-better-toml",
-        "vadimcn.vscode-lldb",
-        "ms-azuretools.vscode-docker"
-      ]
-    }
-  }
-}

.devcontainer/init-firewall.sh

@@ -1,170 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-
-allowed_domains_file="/etc/codex/allowed_domains.txt"
-include_github_meta_ranges="${CODEX_INCLUDE_GITHUB_META_RANGES:-1}"
-
-if [ -f "$allowed_domains_file" ]; then
-  mapfile -t allowed_domains < <(sed '/^\s*#/d;/^\s*$/d' "$allowed_domains_file")
-else
-  allowed_domains=("api.openai.com")
-fi
-
-if [ "${#allowed_domains[@]}" -eq 0 ]; then
-  echo "ERROR: No allowed domains configured"
-  exit 1
-fi
-
-add_ipv4_cidr_to_allowlist() {
-  local source="$1"
-  local cidr="$2"
-
-  if [[ ! "$cidr" =~ ^[0-9]{1,3}(\.[0-9]{1,3}){3}/[0-9]{1,2}$ ]]; then
-    echo "ERROR: Invalid ${source} CIDR range: $cidr"
-    exit 1
-  fi
-
-  ipset add allowed-domains "$cidr" -exist
-}
-
-configure_ipv6_default_deny() {
-  if ! command -v ip6tables >/dev/null 2>&1; then
-    echo "ERROR: ip6tables is required to enforce IPv6 default-deny policy"
-    exit 1
-  fi
-
-  ip6tables -F
-  ip6tables -X
-  ip6tables -t mangle -F
-  ip6tables -t mangle -X
-  ip6tables -t nat -F 2>/dev/null || true
-  ip6tables -t nat -X 2>/dev/null || true
-
-  ip6tables -A INPUT -i lo -j ACCEPT
-  ip6tables -A OUTPUT -o lo -j ACCEPT
-  ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-  ip6tables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-
-  ip6tables -P INPUT DROP
-  ip6tables -P FORWARD DROP
-  ip6tables -P OUTPUT DROP
-
-  echo "IPv6 firewall policy configured (default-deny)"
-}
-
-# Preserve docker-managed DNS NAT rules before clearing tables.
-docker_dns_rules="$(iptables-save -t nat | grep "127\\.0\\.0\\.11" || true)"
-
-iptables -F
-iptables -X
-iptables -t nat -F
-iptables -t nat -X
-iptables -t mangle -F
-iptables -t mangle -X
-ipset destroy allowed-domains 2>/dev/null || true
-
-if [ -n "$docker_dns_rules" ]; then
-  echo "Restoring Docker DNS NAT rules"
-  iptables -t nat -N DOCKER_OUTPUT 2>/dev/null || true
-  iptables -t nat -N DOCKER_POSTROUTING 2>/dev/null || true
-  while IFS= read -r rule; do
-    [ -z "$rule" ] && continue
-    iptables -t nat $rule
-  done <<< "$docker_dns_rules"
-fi
-
-# Allow DNS resolution and localhost communication.
-iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
-iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
-iptables -A INPUT -p udp --sport 53 -j ACCEPT
-iptables -A INPUT -p tcp --sport 53 -j ACCEPT
-iptables -A INPUT -i lo -j ACCEPT
-iptables -A OUTPUT -o lo -j ACCEPT
-
-ipset create allowed-domains hash:net
-
-for domain in "${allowed_domains[@]}"; do
-  echo "Resolving $domain"
-  ips="$(dig +short A "$domain" | sed '/^\s*$/d')"
-  if [ -z "$ips" ]; then
-    echo "ERROR: Failed to resolve $domain"
-    exit 1
-  fi
-
-  while IFS= read -r ip; do
-    if [[ ! "$ip" =~ ^[0-9]{1,3}(\.[0-9]{1,3}){3}$ ]]; then
-      echo "ERROR: Invalid IPv4 address from DNS for $domain: $ip"
-      exit 1
-    fi
-    ipset add allowed-domains "$ip" -exist
-  done <<< "$ips"
-done
-
-if [ "$include_github_meta_ranges" = "1" ]; then
-  echo "Fetching GitHub meta ranges"
-  github_meta="$(curl -fsSL --connect-timeout 10 https://api.github.com/meta)"
-
-  if ! echo "$github_meta" | jq -e '.web and .api and .git' >/dev/null; then
-    echo "ERROR: GitHub meta response missing expected fields"
-    exit 1
-  fi
-
-  while IFS= read -r cidr; do
-    [ -z "$cidr" ] && continue
-    if [[ "$cidr" == *:* ]]; then
-      # Current policy enforces IPv4-only ipset entries.
-      continue
-    fi
-    add_ipv4_cidr_to_allowlist "GitHub" "$cidr"
-  done < <(echo "$github_meta" | jq -r '((.web // []) + (.api // []) + (.git // []))[]' | sort -u)
-fi
-
-host_ip="$(ip route | awk '/default/ {print $3; exit}')"
-if [ -z "$host_ip" ]; then
-  echo "ERROR: Failed to detect host IP"
-  exit 1
-fi
-
-host_network="$(echo "$host_ip" | sed 's/\.[0-9]*$/.0\/24/')"
-iptables -A INPUT -s "$host_network" -j ACCEPT
-iptables -A OUTPUT -d "$host_network" -j ACCEPT
-
-iptables -P INPUT DROP
-iptables -P FORWARD DROP
-iptables -P OUTPUT DROP
-
-iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-iptables -A OUTPUT -m set --match-set allowed-domains dst -j ACCEPT
-
-# Reject rather than silently drop to make policy failures obvious.
-iptables -A INPUT -j REJECT --reject-with icmp-admin-prohibited
-iptables -A OUTPUT -j REJECT --reject-with icmp-admin-prohibited
-iptables -A FORWARD -j REJECT --reject-with icmp-admin-prohibited
-
-configure_ipv6_default_deny
-
-echo "Firewall configuration complete"
-
-if curl --connect-timeout 5 https://example.com >/dev/null 2>&1; then
-  echo "ERROR: Firewall verification failed - was able to reach https://example.com"
-  exit 1
-fi
-
-if ! curl --connect-timeout 5 https://api.openai.com >/dev/null 2>&1; then
-  echo "ERROR: Firewall verification failed - unable to reach https://api.openai.com"
-  exit 1
-fi
-
-if [ "$include_github_meta_ranges" = "1" ] && ! curl --connect-timeout 5 https://api.github.com/zen >/dev/null 2>&1; then
-  echo "ERROR: Firewall verification failed - unable to reach https://api.github.com"
-  exit 1
-fi
-
-if curl --connect-timeout 5 -6 https://example.com >/dev/null 2>&1; then
-  echo "ERROR: Firewall verification failed - was able to reach https://example.com over IPv6"
-  exit 1
-fi
-
-echo "Firewall verification passed"

.devcontainer/post-start.sh

@@ -1,36 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-if [ "${CODEX_ENABLE_FIREWALL:-1}" != "1" ]; then
-  echo "[devcontainer] Firewall mode: permissive (CODEX_ENABLE_FIREWALL=${CODEX_ENABLE_FIREWALL:-unset})."
-  exit 0
-fi
-
-echo "[devcontainer] Firewall mode: strict"
-
-domains_raw="${OPENAI_ALLOWED_DOMAINS:-api.openai.com}"
-mapfile -t domains < <(printf '%s\n' "$domains_raw" | tr ', ' '\n\n' | sed '/^$/d' | sort -u)
-
-if [ "${#domains[@]}" -eq 0 ]; then
-  echo "[devcontainer] No allowed domains configured."
-  exit 1
-fi
-
-tmp_file="$(mktemp)"
-for domain in "${domains[@]}"; do
-  if [[ ! "$domain" =~ ^[a-zA-Z0-9][a-zA-Z0-9.-]*\.[a-zA-Z]{2,}$ ]]; then
-    echo "[devcontainer] Invalid domain in OPENAI_ALLOWED_DOMAINS: $domain"
-    rm -f "$tmp_file"
-    exit 1
-  fi
-  printf '%s\n' "$domain" >> "$tmp_file"
-done
-
-sudo install -d -m 0755 /etc/codex
-sudo cp "$tmp_file" /etc/codex/allowed_domains.txt
-sudo chown root:root /etc/codex/allowed_domains.txt
-sudo chmod 0444 /etc/codex/allowed_domains.txt
-rm -f "$tmp_file"
-
-echo "[devcontainer] Applying firewall policy for domains: ${domains[*]}"
-sudo --preserve-env=CODEX_INCLUDE_GITHUB_META_RANGES /usr/local/bin/init-firewall.sh

.devcontainer/post_install.py

@@ -1,113 +0,0 @@
-#!/usr/bin/env python3
-"""Post-install configuration for the Codex devcontainer."""
-
-from __future__ import annotations
-
-import os
-import subprocess
-import sys
-from pathlib import Path
-
-
-def ensure_history_files() -> None:
-    command_history_dir = Path("/commandhistory")
-    command_history_dir.mkdir(parents=True, exist_ok=True)
-
-    for filename in (".bash_history", ".zsh_history"):
-        (command_history_dir / filename).touch(exist_ok=True)
-
-
-def fix_directory_ownership() -> None:
-    uid = os.getuid()
-    gid = os.getgid()
-
-    paths = [
-        Path.home() / ".codex",
-        Path.home() / ".config" / "gh",
-        Path.home() / ".cargo",
-        Path.home() / ".rustup",
-        Path("/commandhistory"),
-    ]
-
-    for path in paths:
-        if not path.exists():
-            continue
-
-        stat_info = path.stat()
-        if stat_info.st_uid == uid and stat_info.st_gid == gid:
-            continue
-
-        try:
-            subprocess.run(
-                ["sudo", "chown", "-R", f"{uid}:{gid}", str(path)],
-                check=True,
-                capture_output=True,
-                text=True,
-            )
-            print(f"[post_install] fixed ownership: {path}", file=sys.stderr)
-        except subprocess.CalledProcessError as err:
-            print(
-                f"[post_install] warning: could not fix ownership of {path}: {err.stderr.strip()}",
-                file=sys.stderr,
-            )
-
-
-def setup_git_config() -> None:
-    home = Path.home()
-    host_gitconfig = home / ".gitconfig"
-    local_gitconfig = home / ".gitconfig.local"
-    gitignore_global = home / ".gitignore_global"
-
-    gitignore_global.write_text(
-        """# Codex
-.codex/
-
-# Rust
-/target/
-
-# Node
-node_modules/
-
-# Python
-__pycache__/
-*.pyc
-
-# Editors
-.vscode/
-.idea/
-
-# macOS
-.DS_Store
-""",
-        encoding="utf-8",
-    )
-
-    include_line = (
-        f"[include]\n    path = {host_gitconfig}\n\n" if host_gitconfig.exists() else ""
-    )
-
-    local_gitconfig.write_text(
-        f"""# Container-local git configuration
-{include_line}[core]
-    excludesfile = {gitignore_global}
-
-[merge]
-    conflictstyle = diff3
-
-[diff]
-    colorMoved = default
-""",
-        encoding="utf-8",
-    )
-
-
-def main() -> None:
-    print("[post_install] configuring devcontainer...", file=sys.stderr)
-    ensure_history_files()
-    fix_directory_ownership()
-    setup_git_config()
-    print("[post_install] complete", file=sys.stderr)
-
-
-if __name__ == "__main__":
-    main()

.github/scripts/verify_tui_core_boundary.py

@@ -1,89 +0,0 @@
-#!/usr/bin/env python3
-
-"""Verify codex-tui does not depend on or import codex-core directly."""
-
-from __future__ import annotations
-
-import re
-import sys
-import tomllib
-from pathlib import Path
-
-
-ROOT = Path(__file__).resolve().parents[2]
-TUI_ROOT = ROOT / "codex-rs" / "tui"
-TUI_MANIFEST = TUI_ROOT / "Cargo.toml"
-FORBIDDEN_PACKAGE = "codex-core"
-FORBIDDEN_SOURCE_PATTERNS = (
-    re.compile(r"\bcodex_core::"),
-    re.compile(r"\buse\s+codex_core\b"),
-    re.compile(r"\bextern\s+crate\s+codex_core\b"),
-)
-
-
-def main() -> int:
-    failures = []
-    failures.extend(manifest_failures())
-    failures.extend(source_failures())
-
-    if not failures:
-        return 0
-
-    print("codex-tui must not depend on or import codex-core directly.")
-    print(
-        "Use the app-server protocol/client boundary instead; temporary embedded "
-        "startup gaps belong behind codex_app_server_client::legacy_core."
-    )
-    print()
-    for failure in failures:
-        print(f"- {failure}")
-
-    return 1
-
-
-def manifest_failures() -> list[str]:
-    manifest = tomllib.loads(TUI_MANIFEST.read_text())
-    failures = []
-    for section_name, dependencies in dependency_sections(manifest):
-        if FORBIDDEN_PACKAGE in dependencies:
-            failures.append(
-                f"{relative_path(TUI_MANIFEST)} declares `{FORBIDDEN_PACKAGE}` "
-                f"in `[{section_name}]`"
-            )
-    return failures
-
-
-def dependency_sections(manifest: dict) -> list[tuple[str, dict]]:
-    sections: list[tuple[str, dict]] = []
-    for section_name in ("dependencies", "dev-dependencies", "build-dependencies"):
-        dependencies = manifest.get(section_name)
-        if isinstance(dependencies, dict):
-            sections.append((section_name, dependencies))
-
-    for target_name, target in manifest.get("target", {}).items():
-        if not isinstance(target, dict):
-            continue
-        for section_name in ("dependencies", "dev-dependencies", "build-dependencies"):
-            dependencies = target.get(section_name)
-            if isinstance(dependencies, dict):
-                sections.append((f'target.{target_name}.{section_name}', dependencies))
-
-    return sections
-
-
-def source_failures() -> list[str]:
-    failures = []
-    for path in sorted(TUI_ROOT.glob("**/*.rs")):
-        text = path.read_text()
-        for line_number, line in enumerate(text.splitlines(), start=1):
-            if any(pattern.search(line) for pattern in FORBIDDEN_SOURCE_PATTERNS):
-                failures.append(f"{relative_path(path)}:{line_number} imports `codex_core`")
-    return failures
-
-
-def relative_path(path: Path) -> str:
-    return str(path.relative_to(ROOT))
-
-
-if __name__ == "__main__":
-    sys.exit(main())

.github/workflows/ci.yml

@@ -17,9 +17,6 @@ jobs:
       - name: Verify codex-rs Cargo manifests inherit workspace settings
         run: python3 .github/scripts/verify_cargo_workspace_manifests.py
 
-      - name: Verify codex-tui does not import codex-core directly
-        run: python3 .github/scripts/verify_tui_core_boundary.py
-
       - name: Verify Bazel clippy flags match Cargo workspace lints
         run: python3 .github/scripts/verify_bazel_clippy_lints.py
 

.github/workflows/issue-labeler.yml

@@ -44,7 +44,6 @@ jobs:
             6. iOS — Issues with the Codex iOS app.
 
             - Additionally add zero or more of the following labels that are relevant to the issue content. Prefer a small set of precise labels over many broad ones.
-            - For agent-area issues, prefer the most specific applicable label. Use "agent" only as a fallback for agent-related issues that do not fit a more specific agent-area label. Prefer "app-server" over "session" or "config" when the issue is about app-server protocol, API, RPC, schema, launch, or bridge behavior.
             1. windows-os — Bugs or friction specific to Windows environments (always when PowerShell is mentioned, path handling, copy/paste, OS-specific auth or tooling failures).
             2. mcp — Topics involving Model Context Protocol servers/clients.
             3. mcp-server — Problems related to the codex mcp-server command, where codex runs as an MCP server.
@@ -62,13 +61,6 @@ jobs:
             15. sandbox - Issues related to local sandbox environments or tool call approvals to override sandbox restrictions.
             16. tool-calls - Problems related to specific tool call invocations including unexpected errors, failures, or hangs.
             17. TUI - Problems with the terminal user interface (TUI) including keyboard shortcuts, copy & pasting, menus, or screen update issues.
-            18. app-server - Issues involving the app-server protocol or interfaces, including SDK/API payloads, thread/* and turn/* RPCs, app-server launch behavior, external app/controller bridges, and app-server protocol/schema behavior.
-            19. connectivity - Network connectivity or endpoint issues, including reconnecting messages, stream dropped/disconnected errors, websocket/SSE/transport failures, timeout/network/VPN/proxy/API endpoint failures, and related retry behavior.
-            20. subagent - Issues involving subagents, sub-agents, or multi-agent behavior, including spawn_agent, wait_agent, close_agent, worker/explorer roles, delegation, agent teams, lifecycle, model/config inheritance, quotas, and orchestration.
-            21. session - Issues involving session or thread management, including resume, fork, archive, rename/title, thread history, rollout persistence, compaction, checkpoints, retention, and cross-session state.
-            22. config - Issues involving config.toml, config keys, config key merging, config updates, profiles, hooks config, project config, agent role TOMLs, instruction/personality config, and config schema behavior.
-            23. plan - Issues involving plan mode, planning workflows, or plan-specific tools/behavior.
-            24. agent - Fallback only for core agent loop or agent-related issues that do not fit app-server, connectivity, subagent, session, config, or plan.
 
             Issue number: ${{ github.event.issue.number }}
 

codex-rs/Cargo.lock

@@ -1366,6 +1366,16 @@ dependencies = [
  "unicode-width 0.1.14",
 ]
 
+[[package]]
+name = "codex-account"
+version = "0.0.0"
+dependencies = [
+ "anyhow",
+ "codex-backend-client",
+ "codex-login",
+ "thiserror 2.0.18",
+]
+
 [[package]]
 name = "codex-analytics"
 version = "0.0.0"
@@ -1898,6 +1908,7 @@ dependencies = [
  "bm25",
  "chrono",
  "clap",
+ "codex-account",
  "codex-analytics",
  "codex-api",
  "codex-app-server-protocol",
@@ -2845,6 +2856,7 @@ dependencies = [
  "codex-cli",
  "codex-cloud-requirements",
  "codex-config",
+ "codex-core",
  "codex-exec-server",
  "codex-features",
  "codex-feedback",
@@ -2930,7 +2942,6 @@ name = "codex-utils-absolute-path"
 version = "0.0.0"
 dependencies = [
  "dirs",
- "dunce",
  "pretty_assertions",
  "schemars 0.8.22",
  "serde",

codex-rs/Cargo.toml

@@ -1,5 +1,6 @@
 [workspace]
 members = [
+    "account",
     "analytics",
     "backend-client",
     "ansi-escape",
@@ -104,6 +105,7 @@ license = "Apache-2.0"
 # Internal
 app_test_support = { path = "app-server/tests/common" }
 codex-analytics = { path = "analytics" }
+codex-account = { path = "account" }
 codex-ansi-escape = { path = "ansi-escape" }
 codex-api = { path = "codex-api" }
 codex-app-server = { path = "app-server" }

codex-rs/account/BUILD.bazel

@@ -0,0 +1,6 @@
+load("//:defs.bzl", "codex_rust_crate")
+
+codex_rust_crate(
+    name = "account",
+    crate_name = "codex_account",
+)

codex-rs/account/Cargo.toml

@@ -0,0 +1,19 @@
+[package]
+name = "codex-account"
+version.workspace = true
+edition.workspace = true
+license.workspace = true
+publish = false
+
+[lib]
+name = "codex_account"
+path = "src/lib.rs"
+
+[lints]
+workspace = true
+
+[dependencies]
+anyhow = { workspace = true }
+codex-backend-client = { workspace = true }
+codex-login = { workspace = true }
+thiserror = { workspace = true }

codex-rs/account/src/lib.rs

@@ -0,0 +1,121 @@
+use codex_backend_client::Client as BackendClient;
+use codex_backend_client::RequestError;
+use codex_backend_client::WorkspaceRole as BackendWorkspaceRole;
+use codex_login::AuthManager;
+use codex_login::CodexAuth;
+use thiserror::Error;
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
+pub enum WorkspaceRole {
+    AccountOwner,
+    AccountAdmin,
+    StandardUser,
+}
+
+impl WorkspaceRole {
+    fn is_workspace_owner(self) -> bool {
+        matches!(self, Self::AccountOwner | Self::AccountAdmin)
+    }
+}
+
+impl From<BackendWorkspaceRole> for WorkspaceRole {
+    fn from(value: BackendWorkspaceRole) -> Self {
+        match value {
+            BackendWorkspaceRole::AccountOwner => Self::AccountOwner,
+            BackendWorkspaceRole::AccountAdmin => Self::AccountAdmin,
+            BackendWorkspaceRole::StandardUser => Self::StandardUser,
+        }
+    }
+}
+
+#[derive(Debug, Clone, Copy, Default, PartialEq, Eq)]
+pub struct WorkspaceOwnership {
+    pub workspace_role: Option<WorkspaceRole>,
+    pub is_workspace_owner: Option<bool>,
+}
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
+pub enum AddCreditsNudgeEmailStatus {
+    Sent,
+    CooldownActive,
+}
+
+#[derive(Debug, Error)]
+pub enum SendAddCreditsNudgeEmailError {
+    #[error("codex account authentication required to notify workspace owner")]
+    AuthRequired,
+
+    #[error("chatgpt authentication required to notify workspace owner")]
+    ChatGptAuthRequired,
+
+    #[error("failed to construct backend client: {0}")]
+    CreateClient(#[from] anyhow::Error),
+
+    #[error("failed to notify workspace owner: {0}")]
+    Request(#[from] RequestError),
+}
+
+pub async fn send_add_credits_nudge_email(
+    chatgpt_base_url: impl Into<String>,
+    auth_manager: &AuthManager,
+) -> Result<AddCreditsNudgeEmailStatus, SendAddCreditsNudgeEmailError> {
+    let auth = auth_manager
+        .auth()
+        .await
+        .ok_or(SendAddCreditsNudgeEmailError::AuthRequired)?;
+    send_add_credits_nudge_email_for_auth(chatgpt_base_url, &auth).await
+}
+
+pub async fn send_add_credits_nudge_email_for_auth(
+    chatgpt_base_url: impl Into<String>,
+    auth: &CodexAuth,
+) -> Result<AddCreditsNudgeEmailStatus, SendAddCreditsNudgeEmailError> {
+    if !auth.is_chatgpt_auth() {
+        return Err(SendAddCreditsNudgeEmailError::ChatGptAuthRequired);
+    }
+
+    let client = BackendClient::from_auth(chatgpt_base_url, auth)?;
+    match client.send_add_credits_nudge_email().await {
+        Ok(()) => Ok(AddCreditsNudgeEmailStatus::Sent),
+        Err(err) if err.status().is_some_and(|status| status.as_u16() == 429) => {
+            Ok(AddCreditsNudgeEmailStatus::CooldownActive)
+        }
+        Err(err) => Err(err.into()),
+    }
+}
+
+pub async fn resolve_workspace_role_and_owner_for_auth(
+    chatgpt_base_url: &str,
+    auth: Option<&CodexAuth>,
+) -> WorkspaceOwnership {
+    let token_is_workspace_owner = auth.and_then(CodexAuth::is_workspace_owner);
+    let Some(auth) = auth else {
+        return WorkspaceOwnership::default();
+    };
+
+    let workspace_role = fetch_current_workspace_role_for_auth(chatgpt_base_url, auth).await;
+    let is_workspace_owner = workspace_role
+        .map(WorkspaceRole::is_workspace_owner)
+        .or(token_is_workspace_owner);
+    WorkspaceOwnership {
+        workspace_role,
+        is_workspace_owner,
+    }
+}
+
+async fn fetch_current_workspace_role_for_auth(
+    chatgpt_base_url: &str,
+    auth: &CodexAuth,
+) -> Option<WorkspaceRole> {
+    if !auth.is_chatgpt_auth() {
+        return None;
+    }
+
+    let client = BackendClient::from_auth(chatgpt_base_url.to_string(), auth).ok()?;
+    client
+        .get_current_workspace_role()
+        .await
+        .ok()
+        .flatten()
+        .map(WorkspaceRole::from)
+}

codex-rs/analytics/Cargo.toml

@@ -20,7 +20,6 @@ codex-plugin = { workspace = true }
 codex-protocol = { workspace = true }
 os_info = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
-serde_json = { workspace = true }
 sha1 = { workspace = true }
 tokio = { workspace = true, features = [
     "macros",
@@ -30,3 +29,4 @@ tracing = { workspace = true, features = ["log"] }
 
 [dev-dependencies]
 pretty_assertions = { workspace = true }
+serde_json = { workspace = true }

codex-rs/analytics/src/analytics_client_tests.rs

@@ -3,7 +3,6 @@ use crate::events::AppServerRpcTransport;
 use crate::events::CodexAppMentionedEventRequest;
 use crate::events::CodexAppServerClientMetadata;
 use crate::events::CodexAppUsedEventRequest;
-use crate::events::CodexCompactionEventRequest;
 use crate::events::CodexPluginEventRequest;
 use crate::events::CodexPluginUsedEventRequest;
 use crate::events::CodexRuntimeMetadata;
@@ -19,13 +18,6 @@ use crate::facts::AnalyticsFact;
 use crate::facts::AppInvocation;
 use crate::facts::AppMentionedInput;
 use crate::facts::AppUsedInput;
-use crate::facts::CodexCompactionEvent;
-use crate::facts::CompactionImplementation;
-use crate::facts::CompactionPhase;
-use crate::facts::CompactionReason;
-use crate::facts::CompactionStatus;
-use crate::facts::CompactionStrategy;
-use crate::facts::CompactionTrigger;
 use crate::facts::CustomAnalyticsFact;
 use crate::facts::InvocationType;
 use crate::facts::PluginState;
@@ -67,14 +59,6 @@ use std::sync::Mutex;
 use tokio::sync::mpsc;
 
 fn sample_thread(thread_id: &str, ephemeral: bool) -> Thread {
-    sample_thread_with_source(thread_id, ephemeral, AppServerSessionSource::Exec)
-}
-
-fn sample_thread_with_source(
-    thread_id: &str,
-    ephemeral: bool,
-    source: AppServerSessionSource,
-) -> Thread {
     Thread {
         id: thread_id.to_string(),
         forked_from_id: None,
@@ -87,7 +71,7 @@ fn sample_thread_with_source(
         path: None,
         cwd: PathBuf::from("/tmp"),
         cli_version: "0.0.0".to_string(),
-        source,
+        source: AppServerSessionSource::Exec,
         agent_nickname: None,
         agent_role: None,
         git_info: None,
@@ -113,44 +97,11 @@ fn sample_thread_start_response(thread_id: &str, ephemeral: bool, model: &str) -
     }
 }
 
-fn sample_app_server_client_metadata() -> CodexAppServerClientMetadata {
-    CodexAppServerClientMetadata {
-        product_client_id: DEFAULT_ORIGINATOR.to_string(),
-        client_name: Some("codex-tui".to_string()),
-        client_version: Some("1.0.0".to_string()),
-        rpc_transport: AppServerRpcTransport::Stdio,
-        experimental_api_enabled: Some(true),
-    }
-}
-
-fn sample_runtime_metadata() -> CodexRuntimeMetadata {
-    CodexRuntimeMetadata {
-        codex_rs_version: "0.1.0".to_string(),
-        runtime_os: "macos".to_string(),
-        runtime_os_version: "15.3.1".to_string(),
-        runtime_arch: "aarch64".to_string(),
-    }
-}
-
 fn sample_thread_resume_response(thread_id: &str, ephemeral: bool, model: &str) -> ClientResponse {
-    sample_thread_resume_response_with_source(
-        thread_id,
-        ephemeral,
-        model,
-        AppServerSessionSource::Exec,
-    )
-}
-
-fn sample_thread_resume_response_with_source(
-    thread_id: &str,
-    ephemeral: bool,
-    model: &str,
-    source: AppServerSessionSource,
-) -> ClientResponse {
     ClientResponse::ThreadResume {
         request_id: RequestId::Integer(2),
         response: ThreadResumeResponse {
-            thread: sample_thread_with_source(thread_id, ephemeral, source),
+            thread: sample_thread(thread_id, ephemeral),
             model: model.to_string(),
             model_provider: "openai".to_string(),
             service_tier: None,
@@ -303,77 +254,6 @@ fn app_used_event_serializes_expected_shape() {
     );
 }
 
-#[test]
-fn compaction_event_serializes_expected_shape() {
-    let event = TrackEventRequest::Compaction(Box::new(CodexCompactionEventRequest {
-        event_type: "codex_compaction_event",
-        event_params: crate::events::codex_compaction_event_params(
-            CodexCompactionEvent {
-                thread_id: "thread-1".to_string(),
-                turn_id: "turn-1".to_string(),
-                trigger: CompactionTrigger::Auto,
-                reason: CompactionReason::ContextLimit,
-                implementation: CompactionImplementation::ResponsesCompact,
-                phase: CompactionPhase::MidTurn,
-                strategy: CompactionStrategy::Memento,
-                status: CompactionStatus::Completed,
-                error: None,
-                active_context_tokens_before: 120_000,
-                active_context_tokens_after: 18_000,
-                started_at: 100,
-                completed_at: 106,
-                duration_ms: Some(6543),
-            },
-            sample_app_server_client_metadata(),
-            sample_runtime_metadata(),
-            Some("user"),
-            /*subagent_source*/ None,
-            /*parent_thread_id*/ None,
-        ),
-    }));
-
-    let payload = serde_json::to_value(&event).expect("serialize compaction event");
-
-    assert_eq!(
-        payload,
-        json!({
-            "event_type": "codex_compaction_event",
-            "event_params": {
-                "thread_id": "thread-1",
-                "turn_id": "turn-1",
-                "app_server_client": {
-                    "product_client_id": DEFAULT_ORIGINATOR,
-                    "client_name": "codex-tui",
-                    "client_version": "1.0.0",
-                    "rpc_transport": "stdio",
-                    "experimental_api_enabled": true
-                },
-                "runtime": {
-                    "codex_rs_version": "0.1.0",
-                    "runtime_os": "macos",
-                    "runtime_os_version": "15.3.1",
-                    "runtime_arch": "aarch64"
-                },
-                "thread_source": "user",
-                "subagent_source": null,
-                "parent_thread_id": null,
-                "trigger": "auto",
-                "reason": "context_limit",
-                "implementation": "responses_compact",
-                "phase": "mid_turn",
-                "strategy": "memento",
-                "status": "completed",
-                "error": null,
-                "active_context_tokens_before": 120000,
-                "active_context_tokens_after": 18000,
-                "started_at": 100,
-                "completed_at": 106,
-                "duration_ms": 6543
-            }
-        })
-    );
-}
-
 #[test]
 fn app_used_dedupe_is_keyed_by_turn_and_connector() {
     let (sender, _receiver) = mpsc::channel(1);
@@ -569,120 +449,6 @@ async fn initialize_caches_client_and_thread_lifecycle_publishes_once_initialize
     assert_eq!(payload[0]["event_params"]["parent_thread_id"], json!(null));
 }
 
-#[tokio::test]
-async fn compaction_event_ingests_custom_fact() {
-    let mut reducer = AnalyticsReducer::default();
-    let mut events = Vec::new();
-    let parent_thread_id =
-        codex_protocol::ThreadId::from_string("22222222-2222-2222-2222-222222222222")
-            .expect("valid parent thread id");
-
-    reducer
-        .ingest(
-            AnalyticsFact::Initialize {
-                connection_id: 7,
-                params: InitializeParams {
-                    client_info: ClientInfo {
-                        name: "codex-tui".to_string(),
-                        title: None,
-                        version: "1.0.0".to_string(),
-                    },
-                    capabilities: Some(InitializeCapabilities {
-                        experimental_api: false,
-                        opt_out_notification_methods: None,
-                    }),
-                },
-                product_client_id: DEFAULT_ORIGINATOR.to_string(),
-                runtime: sample_runtime_metadata(),
-                rpc_transport: AppServerRpcTransport::Websocket,
-            },
-            &mut events,
-        )
-        .await;
-    reducer
-        .ingest(
-            AnalyticsFact::Response {
-                connection_id: 7,
-                response: Box::new(sample_thread_resume_response_with_source(
-                    "thread-1",
-                    /*ephemeral*/ false,
-                    "gpt-5",
-                    AppServerSessionSource::SubAgent(SubAgentSource::ThreadSpawn {
-                        parent_thread_id,
-                        depth: 1,
-                        agent_path: None,
-                        agent_nickname: None,
-                        agent_role: None,
-                    }),
-                )),
-            },
-            &mut events,
-        )
-        .await;
-    events.clear();
-
-    reducer
-        .ingest(
-            AnalyticsFact::Custom(CustomAnalyticsFact::Compaction(Box::new(
-                CodexCompactionEvent {
-                    thread_id: "thread-1".to_string(),
-                    turn_id: "turn-compact".to_string(),
-                    trigger: CompactionTrigger::Manual,
-                    reason: CompactionReason::UserRequested,
-                    implementation: CompactionImplementation::Responses,
-                    phase: CompactionPhase::StandaloneTurn,
-                    strategy: CompactionStrategy::Memento,
-                    status: CompactionStatus::Failed,
-                    error: Some("context limit exceeded".to_string()),
-                    active_context_tokens_before: 131_000,
-                    active_context_tokens_after: 131_000,
-                    started_at: 100,
-                    completed_at: 101,
-                    duration_ms: Some(1200),
-                },
-            ))),
-            &mut events,
-        )
-        .await;
-
-    let payload = serde_json::to_value(&events).expect("serialize events");
-    assert_eq!(payload.as_array().expect("events array").len(), 1);
-    assert_eq!(payload[0]["event_type"], "codex_compaction_event");
-    assert_eq!(payload[0]["event_params"]["thread_id"], "thread-1");
-    assert_eq!(payload[0]["event_params"]["turn_id"], "turn-compact");
-    assert_eq!(
-        payload[0]["event_params"]["app_server_client"]["product_client_id"],
-        DEFAULT_ORIGINATOR
-    );
-    assert_eq!(
-        payload[0]["event_params"]["app_server_client"]["client_name"],
-        "codex-tui"
-    );
-    assert_eq!(
-        payload[0]["event_params"]["app_server_client"]["rpc_transport"],
-        "websocket"
-    );
-    assert_eq!(
-        payload[0]["event_params"]["runtime"]["codex_rs_version"],
-        "0.1.0"
-    );
-    assert_eq!(payload[0]["event_params"]["thread_source"], "subagent");
-    assert_eq!(
-        payload[0]["event_params"]["subagent_source"],
-        "thread_spawn"
-    );
-    assert_eq!(
-        payload[0]["event_params"]["parent_thread_id"],
-        "22222222-2222-2222-2222-222222222222"
-    );
-    assert_eq!(payload[0]["event_params"]["trigger"], "manual");
-    assert_eq!(payload[0]["event_params"]["reason"], "user_requested");
-    assert_eq!(payload[0]["event_params"]["implementation"], "responses");
-    assert_eq!(payload[0]["event_params"]["phase"], "standalone_turn");
-    assert_eq!(payload[0]["event_params"]["strategy"], "memento");
-    assert_eq!(payload[0]["event_params"]["status"], "failed");
-}
-
 #[test]
 fn subagent_thread_started_review_serializes_expected_shape() {
     let event = TrackEventRequest::ThreadInitialized(subagent_thread_started_event_request(

codex-rs/analytics/src/client.rs

@@ -1,5 +1,4 @@
 use crate::events::AppServerRpcTransport;
-use crate::events::GuardianReviewEventParams;
 use crate::events::TrackEventRequest;
 use crate::events::TrackEventsRequest;
 use crate::events::current_runtime_metadata;
@@ -152,12 +151,6 @@ impl AnalyticsEventsClient {
         ));
     }
 
-    pub fn track_guardian_review(&self, input: GuardianReviewEventParams) {
-        self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::GuardianReview(
-            Box::new(input),
-        )));
-    }
-
     pub fn track_app_mentioned(&self, tracking: TrackEventsContext, mentions: Vec<AppInvocation>) {
         if mentions.is_empty() {
             return;
@@ -185,12 +178,6 @@ impl AnalyticsEventsClient {
         )));
     }
 
-    pub fn track_compaction(&self, event: crate::facts::CodexCompactionEvent) {
-        self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::Compaction(
-            Box::new(event),
-        )));
-    }
-
     pub fn track_plugin_installed(&self, plugin: PluginTelemetryMetadata) {
         self.record_fact(AnalyticsFact::Custom(
             CustomAnalyticsFact::PluginStateChanged(PluginStateChangedInput {

codex-rs/analytics/src/events.rs

@@ -1,14 +1,10 @@
 use crate::facts::AppInvocation;
-use crate::facts::CodexCompactionEvent;
 use crate::facts::InvocationType;
 use crate::facts::PluginState;
 use crate::facts::SubAgentThreadStartedInput;
 use crate::facts::TrackEventsContext;
 use codex_login::default_client::originator;
 use codex_plugin::PluginTelemetryMetadata;
-use codex_protocol::approvals::NetworkApprovalProtocol;
-use codex_protocol::models::PermissionProfile;
-use codex_protocol::models::SandboxPermissions;
 use codex_protocol::protocol::SessionSource;
 use codex_protocol::protocol::SubAgentSource;
 use serde::Serialize;
@@ -39,10 +35,8 @@ pub(crate) struct TrackEventsRequest {
 pub(crate) enum TrackEventRequest {
     SkillInvocation(SkillInvocationEventRequest),
     ThreadInitialized(ThreadInitializedEvent),
-    GuardianReview(Box<GuardianReviewEventRequest>),
     AppMentioned(CodexAppMentionedEventRequest),
     AppUsed(CodexAppUsedEventRequest),
-    Compaction(Box<CodexCompactionEventRequest>),
     PluginUsed(CodexPluginUsedEventRequest),
     PluginInstalled(CodexPluginEventRequest),
     PluginUninstalled(CodexPluginEventRequest),
@@ -105,179 +99,6 @@ pub(crate) struct ThreadInitializedEvent {
     pub(crate) event_params: ThreadInitializedEventParams,
 }
 
-#[derive(Serialize)]
-pub(crate) struct GuardianReviewEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: GuardianReviewEventPayload,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum GuardianReviewDecision {
-    Approved,
-    Denied,
-    Aborted,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum GuardianReviewTerminalStatus {
-    Approved,
-    Denied,
-    Aborted,
-    TimedOut,
-    FailedClosed,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum GuardianReviewFailureReason {
-    Timeout,
-    Cancelled,
-    PromptBuildError,
-    SessionError,
-    ParseError,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum GuardianReviewSessionKind {
-    TrunkNew,
-    TrunkReused,
-    EphemeralForked,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "lowercase")]
-pub enum GuardianReviewRiskLevel {
-    Low,
-    Medium,
-    High,
-    Critical,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "lowercase")]
-pub enum GuardianReviewUserAuthorization {
-    Unknown,
-    Low,
-    Medium,
-    High,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "lowercase")]
-pub enum GuardianReviewOutcome {
-    Allow,
-    Deny,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum GuardianApprovalRequestSource {
-    /// Approval requested directly by the main Codex turn.
-    MainTurn,
-    /// Approval requested by a delegated subagent and routed through the parent
-    /// session for guardian review.
-    DelegatedSubagent,
-}
-
-#[derive(Clone, Debug, Serialize)]
-#[serde(tag = "type", rename_all = "snake_case")]
-pub enum GuardianReviewedAction {
-    Shell {
-        command: Vec<String>,
-        command_display: String,
-        cwd: String,
-        sandbox_permissions: SandboxPermissions,
-        additional_permissions: Option<PermissionProfile>,
-        justification: Option<String>,
-    },
-    UnifiedExec {
-        command: Vec<String>,
-        command_display: String,
-        cwd: String,
-        sandbox_permissions: SandboxPermissions,
-        additional_permissions: Option<PermissionProfile>,
-        justification: Option<String>,
-        tty: bool,
-    },
-    Execve {
-        source: GuardianCommandSource,
-        program: String,
-        argv: Vec<String>,
-        cwd: String,
-        additional_permissions: Option<PermissionProfile>,
-    },
-    ApplyPatch {
-        cwd: String,
-        files: Vec<String>,
-    },
-    NetworkAccess {
-        target: String,
-        host: String,
-        protocol: NetworkApprovalProtocol,
-        port: u16,
-    },
-    McpToolCall {
-        server: String,
-        tool_name: String,
-        connector_id: Option<String>,
-        connector_name: Option<String>,
-        tool_title: Option<String>,
-    },
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum GuardianCommandSource {
-    Shell,
-    UnifiedExec,
-}
-
-#[derive(Clone, Serialize)]
-pub struct GuardianReviewEventParams {
-    pub thread_id: String,
-    pub turn_id: String,
-    pub review_id: String,
-    pub target_item_id: String,
-    pub retry_reason: Option<String>,
-    pub approval_request_source: GuardianApprovalRequestSource,
-    pub reviewed_action: GuardianReviewedAction,
-    pub reviewed_action_truncated: bool,
-    pub decision: GuardianReviewDecision,
-    pub terminal_status: GuardianReviewTerminalStatus,
-    pub failure_reason: Option<GuardianReviewFailureReason>,
-    pub risk_level: Option<GuardianReviewRiskLevel>,
-    pub user_authorization: Option<GuardianReviewUserAuthorization>,
-    pub outcome: Option<GuardianReviewOutcome>,
-    pub rationale: Option<String>,
-    pub guardian_thread_id: Option<String>,
-    pub guardian_session_kind: Option<GuardianReviewSessionKind>,
-    pub guardian_model: Option<String>,
-    pub guardian_reasoning_effort: Option<String>,
-    pub had_prior_review_context: Option<bool>,
-    pub review_timeout_ms: u64,
-    pub tool_call_count: u64,
-    pub time_to_first_token_ms: Option<u64>,
-    pub completion_latency_ms: Option<u64>,
-    pub started_at: u64,
-    pub completed_at: Option<u64>,
-    pub input_tokens: Option<i64>,
-    pub cached_input_tokens: Option<i64>,
-    pub output_tokens: Option<i64>,
-    pub reasoning_output_tokens: Option<i64>,
-    pub total_tokens: Option<i64>,
-}
-
-#[derive(Serialize)]
-pub(crate) struct GuardianReviewEventPayload {
-    pub(crate) app_server_client: CodexAppServerClientMetadata,
-    pub(crate) runtime: CodexRuntimeMetadata,
-    #[serde(flatten)]
-    pub(crate) guardian_review: GuardianReviewEventParams,
-}
-
 #[derive(Serialize)]
 pub(crate) struct CodexAppMetadata {
     pub(crate) connector_id: Option<String>,
@@ -301,35 +122,6 @@ pub(crate) struct CodexAppUsedEventRequest {
     pub(crate) event_params: CodexAppMetadata,
 }
 
-#[derive(Serialize)]
-pub(crate) struct CodexCompactionEventParams {
-    pub(crate) thread_id: String,
-    pub(crate) turn_id: String,
-    pub(crate) app_server_client: CodexAppServerClientMetadata,
-    pub(crate) runtime: CodexRuntimeMetadata,
-    pub(crate) thread_source: Option<&'static str>,
-    pub(crate) subagent_source: Option<String>,
-    pub(crate) parent_thread_id: Option<String>,
-    pub(crate) trigger: crate::facts::CompactionTrigger,
-    pub(crate) reason: crate::facts::CompactionReason,
-    pub(crate) implementation: crate::facts::CompactionImplementation,
-    pub(crate) phase: crate::facts::CompactionPhase,
-    pub(crate) strategy: crate::facts::CompactionStrategy,
-    pub(crate) status: crate::facts::CompactionStatus,
-    pub(crate) error: Option<String>,
-    pub(crate) active_context_tokens_before: i64,
-    pub(crate) active_context_tokens_after: i64,
-    pub(crate) started_at: u64,
-    pub(crate) completed_at: u64,
-    pub(crate) duration_ms: Option<u64>,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexCompactionEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexCompactionEventParams,
-}
-
 #[derive(Serialize)]
 pub(crate) struct CodexPluginMetadata {
     pub(crate) plugin_id: Option<String>,
@@ -409,37 +201,6 @@ pub(crate) fn codex_plugin_metadata(plugin: PluginTelemetryMetadata) -> CodexPlu
     }
 }
 
-pub(crate) fn codex_compaction_event_params(
-    input: CodexCompactionEvent,
-    app_server_client: CodexAppServerClientMetadata,
-    runtime: CodexRuntimeMetadata,
-    thread_source: Option<&'static str>,
-    subagent_source: Option<String>,
-    parent_thread_id: Option<String>,
-) -> CodexCompactionEventParams {
-    CodexCompactionEventParams {
-        thread_id: input.thread_id,
-        turn_id: input.turn_id,
-        app_server_client,
-        runtime,
-        thread_source,
-        subagent_source,
-        parent_thread_id,
-        trigger: input.trigger,
-        reason: input.reason,
-        implementation: input.implementation,
-        phase: input.phase,
-        strategy: input.strategy,
-        status: input.status,
-        error: input.error,
-        active_context_tokens_before: input.active_context_tokens_before,
-        active_context_tokens_after: input.active_context_tokens_after,
-        started_at: input.started_at,
-        completed_at: input.completed_at,
-        duration_ms: input.duration_ms,
-    }
-}
-
 pub(crate) fn codex_plugin_used_metadata(
     tracking: &TrackEventsContext,
     plugin: PluginTelemetryMetadata,
@@ -499,7 +260,7 @@ pub(crate) fn subagent_thread_started_event_request(
     }
 }
 
-pub(crate) fn subagent_source_name(subagent_source: &SubAgentSource) -> String {
+fn subagent_source_name(subagent_source: &SubAgentSource) -> String {
     match subagent_source {
         SubAgentSource::Review => "review".to_string(),
         SubAgentSource::Compact => "compact".to_string(),
@@ -509,7 +270,7 @@ pub(crate) fn subagent_source_name(subagent_source: &SubAgentSource) -> String {
     }
 }
 
-pub(crate) fn subagent_parent_thread_id(subagent_source: &SubAgentSource) -> Option<String> {
+fn subagent_parent_thread_id(subagent_source: &SubAgentSource) -> Option<String> {
     match subagent_source {
         SubAgentSource::ThreadSpawn {
             parent_thread_id, ..

codex-rs/analytics/src/facts.rs

@@ -1,6 +1,5 @@
 use crate::events::AppServerRpcTransport;
 use crate::events::CodexRuntimeMetadata;
-use crate::events::GuardianReviewEventParams;
 use codex_app_server_protocol::ClientRequest;
 use codex_app_server_protocol::ClientResponse;
 use codex_app_server_protocol::InitializeParams;
@@ -65,69 +64,6 @@ pub struct SubAgentThreadStartedInput {
     pub created_at: u64,
 }
 
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum CompactionTrigger {
-    Manual,
-    Auto,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum CompactionReason {
-    UserRequested,
-    ContextLimit,
-    ModelDownshift,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum CompactionImplementation {
-    Responses,
-    ResponsesCompact,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum CompactionPhase {
-    StandaloneTurn,
-    PreTurn,
-    MidTurn,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum CompactionStrategy {
-    Memento,
-    PrefixCompaction,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub enum CompactionStatus {
-    Completed,
-    Failed,
-    Interrupted,
-}
-
-#[derive(Clone)]
-pub struct CodexCompactionEvent {
-    pub thread_id: String,
-    pub turn_id: String,
-    pub trigger: CompactionTrigger,
-    pub reason: CompactionReason,
-    pub implementation: CompactionImplementation,
-    pub phase: CompactionPhase,
-    pub strategy: CompactionStrategy,
-    pub status: CompactionStatus,
-    pub error: Option<String>,
-    pub active_context_tokens_before: i64,
-    pub active_context_tokens_after: i64,
-    pub started_at: u64,
-    pub completed_at: u64,
-    pub duration_ms: Option<u64>,
-}
-
 #[allow(dead_code)]
 pub(crate) enum AnalyticsFact {
     Initialize {
@@ -154,8 +90,6 @@ pub(crate) enum AnalyticsFact {
 
 pub(crate) enum CustomAnalyticsFact {
     SubAgentThreadStarted(SubAgentThreadStartedInput),
-    Compaction(Box<CodexCompactionEvent>),
-    GuardianReview(Box<GuardianReviewEventParams>),
     SkillInvoked(SkillInvokedInput),
     AppMentioned(AppMentionedInput),
     AppUsed(AppUsedInput),

codex-rs/analytics/src/lib.rs

@@ -5,25 +5,7 @@ mod reducer;
 
 pub use client::AnalyticsEventsClient;
 pub use events::AppServerRpcTransport;
-pub use events::GuardianApprovalRequestSource;
-pub use events::GuardianCommandSource;
-pub use events::GuardianReviewDecision;
-pub use events::GuardianReviewEventParams;
-pub use events::GuardianReviewFailureReason;
-pub use events::GuardianReviewOutcome;
-pub use events::GuardianReviewRiskLevel;
-pub use events::GuardianReviewSessionKind;
-pub use events::GuardianReviewTerminalStatus;
-pub use events::GuardianReviewUserAuthorization;
-pub use events::GuardianReviewedAction;
 pub use facts::AppInvocation;
-pub use facts::CodexCompactionEvent;
-pub use facts::CompactionImplementation;
-pub use facts::CompactionPhase;
-pub use facts::CompactionReason;
-pub use facts::CompactionStatus;
-pub use facts::CompactionStrategy;
-pub use facts::CompactionTrigger;
 pub use facts::InvocationType;
 pub use facts::SkillInvocation;
 pub use facts::SubAgentThreadStartedInput;

codex-rs/analytics/src/reducer.rs

@@ -2,13 +2,9 @@ use crate::events::AppServerRpcTransport;
 use crate::events::CodexAppMentionedEventRequest;
 use crate::events::CodexAppServerClientMetadata;
 use crate::events::CodexAppUsedEventRequest;
-use crate::events::CodexCompactionEventRequest;
 use crate::events::CodexPluginEventRequest;
 use crate::events::CodexPluginUsedEventRequest;
 use crate::events::CodexRuntimeMetadata;
-use crate::events::GuardianReviewEventParams;
-use crate::events::GuardianReviewEventPayload;
-use crate::events::GuardianReviewEventRequest;
 use crate::events::SkillInvocationEventParams;
 use crate::events::SkillInvocationEventRequest;
 use crate::events::ThreadInitializationMode;
@@ -16,18 +12,14 @@ use crate::events::ThreadInitializedEvent;
 use crate::events::ThreadInitializedEventParams;
 use crate::events::TrackEventRequest;
 use crate::events::codex_app_metadata;
-use crate::events::codex_compaction_event_params;
 use crate::events::codex_plugin_metadata;
 use crate::events::codex_plugin_used_metadata;
 use crate::events::plugin_state_event_type;
-use crate::events::subagent_parent_thread_id;
-use crate::events::subagent_source_name;
 use crate::events::subagent_thread_started_event_request;
 use crate::events::thread_source_name;
 use crate::facts::AnalyticsFact;
 use crate::facts::AppMentionedInput;
 use crate::facts::AppUsedInput;
-use crate::facts::CodexCompactionEvent;
 use crate::facts::CustomAnalyticsFact;
 use crate::facts::PluginState;
 use crate::facts::PluginStateChangedInput;
@@ -48,8 +40,6 @@ use std::path::Path;
 #[derive(Default)]
 pub(crate) struct AnalyticsReducer {
     connections: HashMap<u64, ConnectionState>,
-    thread_connections: HashMap<String, u64>,
-    thread_metadata: HashMap<String, ThreadMetadataState>,
 }
 
 struct ConnectionState {
@@ -57,35 +47,6 @@ struct ConnectionState {
     runtime: CodexRuntimeMetadata,
 }
 
-#[derive(Clone)]
-struct ThreadMetadataState {
-    thread_source: Option<&'static str>,
-    subagent_source: Option<String>,
-    parent_thread_id: Option<String>,
-}
-
-impl ThreadMetadataState {
-    fn from_session_source(session_source: &SessionSource) -> Self {
-        let (subagent_source, parent_thread_id) = match session_source {
-            SessionSource::SubAgent(subagent_source) => (
-                Some(subagent_source_name(subagent_source)),
-                subagent_parent_thread_id(subagent_source),
-            ),
-            SessionSource::Cli
-            | SessionSource::VSCode
-            | SessionSource::Exec
-            | SessionSource::Mcp
-            | SessionSource::Custom(_)
-            | SessionSource::Unknown => (None, None),
-        };
-        Self {
-            thread_source: thread_source_name(session_source),
-            subagent_source,
-            parent_thread_id,
-        }
-    }
-}
-
 impl AnalyticsReducer {
     pub(crate) async fn ingest(&mut self, input: AnalyticsFact, out: &mut Vec<TrackEventRequest>) {
         match input {
@@ -120,12 +81,6 @@ impl AnalyticsReducer {
                 CustomAnalyticsFact::SubAgentThreadStarted(input) => {
                     self.ingest_subagent_thread_started(input, out);
                 }
-                CustomAnalyticsFact::Compaction(input) => {
-                    self.ingest_compaction(*input, out);
-                }
-                CustomAnalyticsFact::GuardianReview(input) => {
-                    self.ingest_guardian_review(*input, out);
-                }
                 CustomAnalyticsFact::SkillInvoked(input) => {
                     self.ingest_skill_invoked(input, out).await;
                 }
@@ -180,42 +135,6 @@ impl AnalyticsReducer {
         ));
     }
 
-    fn ingest_guardian_review(
-        &mut self,
-        input: GuardianReviewEventParams,
-        out: &mut Vec<TrackEventRequest>,
-    ) {
-        let Some(connection_id) = self.thread_connections.get(&input.thread_id) else {
-            tracing::warn!(
-                thread_id = %input.thread_id,
-                turn_id = %input.turn_id,
-                review_id = %input.review_id,
-                "dropping guardian analytics event: missing thread connection metadata"
-            );
-            return;
-        };
-        let Some(connection_state) = self.connections.get(connection_id) else {
-            tracing::warn!(
-                thread_id = %input.thread_id,
-                turn_id = %input.turn_id,
-                review_id = %input.review_id,
-                connection_id,
-                "dropping guardian analytics event: missing connection metadata"
-            );
-            return;
-        };
-        out.push(TrackEventRequest::GuardianReview(Box::new(
-            GuardianReviewEventRequest {
-                event_type: "codex_guardian_review",
-                event_params: GuardianReviewEventPayload {
-                    app_server_client: connection_state.app_server_client.clone(),
-                    runtime: connection_state.runtime.clone(),
-                    guardian_review: input,
-                },
-            },
-        )));
-    }
-
     async fn ingest_skill_invoked(
         &mut self,
         input: SkillInvokedInput,
@@ -335,74 +254,27 @@ impl AnalyticsReducer {
             _ => return,
         };
         let thread_source: SessionSource = thread.source.into();
-        let thread_id = thread.id;
         let Some(connection_state) = self.connections.get(&connection_id) else {
             return;
         };
-        let thread_metadata = ThreadMetadataState::from_session_source(&thread_source);
-        self.thread_connections
-            .insert(thread_id.clone(), connection_id);
-        self.thread_metadata
-            .insert(thread_id.clone(), thread_metadata.clone());
         out.push(TrackEventRequest::ThreadInitialized(
             ThreadInitializedEvent {
                 event_type: "codex_thread_initialized",
                 event_params: ThreadInitializedEventParams {
-                    thread_id,
+                    thread_id: thread.id,
                     app_server_client: connection_state.app_server_client.clone(),
                     runtime: connection_state.runtime.clone(),
                     model,
                     ephemeral: thread.ephemeral,
-                    thread_source: thread_metadata.thread_source,
+                    thread_source: thread_source_name(&thread_source),
                     initialization_mode,
-                    subagent_source: thread_metadata.subagent_source,
-                    parent_thread_id: thread_metadata.parent_thread_id,
+                    subagent_source: None,
+                    parent_thread_id: None,
                     created_at: u64::try_from(thread.created_at).unwrap_or_default(),
                 },
             },
         ));
     }
-
-    fn ingest_compaction(&mut self, input: CodexCompactionEvent, out: &mut Vec<TrackEventRequest>) {
-        let Some(connection_id) = self.thread_connections.get(&input.thread_id) else {
-            tracing::warn!(
-                thread_id = %input.thread_id,
-                turn_id = %input.turn_id,
-                "dropping compaction analytics event: missing thread connection metadata"
-            );
-            return;
-        };
-        let Some(connection_state) = self.connections.get(connection_id) else {
-            tracing::warn!(
-                thread_id = %input.thread_id,
-                turn_id = %input.turn_id,
-                connection_id,
-                "dropping compaction analytics event: missing connection metadata"
-            );
-            return;
-        };
-        let Some(thread_metadata) = self.thread_metadata.get(&input.thread_id) else {
-            tracing::warn!(
-                thread_id = %input.thread_id,
-                turn_id = %input.turn_id,
-                "dropping compaction analytics event: missing thread lifecycle metadata"
-            );
-            return;
-        };
-        out.push(TrackEventRequest::Compaction(Box::new(
-            CodexCompactionEventRequest {
-                event_type: "codex_compaction_event",
-                event_params: codex_compaction_event_params(
-                    input,
-                    connection_state.app_server_client.clone(),
-                    connection_state.runtime.clone(),
-                    thread_metadata.thread_source,
-                    thread_metadata.subagent_source.clone(),
-                    thread_metadata.parent_thread_id.clone(),
-                ),
-            },
-        )));
-    }
 }
 
 pub(crate) fn skill_id_for_local_skill(

codex-rs/app-server-client/src/lib.rs

@@ -56,90 +56,6 @@ use tracing::warn;
 pub use crate::remote::RemoteAppServerClient;
 pub use crate::remote::RemoteAppServerConnectArgs;
 
-/// Transitional access to core-only embedded app-server types.
-///
-/// New TUI behavior should prefer the app-server protocol methods. This
-/// module exists so clients can remove a direct `codex-core` dependency
-/// while legacy startup/config paths are migrated to RPCs.
-pub mod legacy_core {
-    pub use codex_core::Cursor;
-    pub use codex_core::DEFAULT_PROJECT_DOC_FILENAME;
-    pub use codex_core::INTERACTIVE_SESSION_SOURCES;
-    pub use codex_core::LOCAL_PROJECT_DOC_FILENAME;
-    pub use codex_core::McpManager;
-    pub use codex_core::PLUGIN_TEXT_MENTION_SIGIL;
-    pub use codex_core::RolloutRecorder;
-    pub use codex_core::TOOL_MENTION_SIGIL;
-    pub use codex_core::ThreadItem;
-    pub use codex_core::ThreadSortKey;
-    pub use codex_core::ThreadsPage;
-    pub use codex_core::append_message_history_entry;
-    pub use codex_core::check_execpolicy_for_warnings;
-    pub use codex_core::discover_project_doc_paths;
-    pub use codex_core::find_thread_meta_by_name_str;
-    pub use codex_core::find_thread_name_by_id;
-    pub use codex_core::find_thread_names_by_ids;
-    pub use codex_core::format_exec_policy_error_with_source;
-    pub use codex_core::grant_read_root_non_elevated;
-    pub use codex_core::lookup_message_history_entry;
-    pub use codex_core::message_history_metadata;
-    pub use codex_core::path_utils;
-    pub use codex_core::read_session_meta_line;
-    pub use codex_core::web_search_detail;
-
-    pub mod config {
-        pub use codex_core::config::*;
-
-        pub mod edit {
-            pub use codex_core::config::edit::*;
-        }
-    }
-
-    pub mod config_loader {
-        pub use codex_core::config_loader::*;
-    }
-
-    pub mod connectors {
-        pub use codex_core::connectors::*;
-    }
-
-    pub mod otel_init {
-        pub use codex_core::otel_init::*;
-    }
-
-    pub mod personality_migration {
-        pub use codex_core::personality_migration::*;
-    }
-
-    pub mod plugins {
-        pub use codex_core::plugins::*;
-    }
-
-    pub mod review_format {
-        pub use codex_core::review_format::*;
-    }
-
-    pub mod review_prompts {
-        pub use codex_core::review_prompts::*;
-    }
-
-    pub mod skills {
-        pub use codex_core::skills::*;
-    }
-
-    pub mod test_support {
-        pub use codex_core::test_support::*;
-    }
-
-    pub mod util {
-        pub use codex_core::util::*;
-    }
-
-    pub mod windows_sandbox {
-        pub use codex_core::windows_sandbox::*;
-    }
-}
-
 const SHUTDOWN_TIMEOUT: Duration = Duration::from_secs(5);
 
 /// Raw app-server request result for typed in-process requests.
@@ -1371,6 +1287,8 @@ mod tests {
                     id: request.id,
                     result: serde_json::to_value(GetAccountResponse {
                         account: None,
+                        workspace_role: None,
+                        is_workspace_owner: None,
                         requires_openai_auth: false,
                     })
                     .expect("response should serialize"),
@@ -1479,6 +1397,8 @@ mod tests {
                     id: request.id,
                     result: serde_json::to_value(GetAccountResponse {
                         account: None,
+                        workspace_role: None,
+                        is_workspace_owner: None,
                         requires_openai_auth: false,
                     })
                     .expect("response should serialize"),
@@ -1532,6 +1452,8 @@ mod tests {
             first_response,
             GetAccountResponse {
                 account: None,
+                workspace_role: None,
+                is_workspace_owner: None,
                 requires_openai_auth: false,
             }
         );
@@ -1551,6 +1473,8 @@ mod tests {
                             AccountUpdatedNotification {
                                 auth_mode: None,
                                 plan_type: None,
+                                workspace_role: None,
+                                is_workspace_owner: None,
                             },
                         ))
                         .expect("notification should serialize"),

codex-rs/app-server-protocol/schema/json/ApplyPatchApprovalResponse.json

@@ -94,13 +94,6 @@
           ],
           "type": "string"
         },
-        {
-          "description": "Automatic approval review timed out before reaching a decision.",
-          "enum": [
-            "timed_out"
-          ],
-          "type": "string"
-        },
         {
           "description": "User has denied this command and the agent should not do anything until the user's next command.",
           "enum": [

codex-rs/app-server-protocol/schema/json/ClientRequest.json

@@ -647,15 +647,6 @@
             "null"
           ]
         },
-        "tags": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "type": [
-            "object",
-            "null"
-          ]
-        },
         "threadId": {
           "type": [
             "string",
@@ -1286,27 +1277,6 @@
       ],
       "type": "string"
     },
-    "McpServerToolCallParams": {
-      "properties": {
-        "_meta": true,
-        "arguments": true,
-        "server": {
-          "type": "string"
-        },
-        "threadId": {
-          "type": "string"
-        },
-        "tool": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "server",
-        "threadId",
-        "tool"
-      ],
-      "type": "object"
-    },
     "MergeStrategy": {
       "enum": [
         "replace",
@@ -2592,6 +2562,17 @@
       ],
       "type": "object"
     },
+    "ThreadAddCreditsNudgeEmailParams": {
+      "properties": {
+        "threadId": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "threadId"
+      ],
+      "type": "object"
+    },
     "ThreadArchiveParams": {
       "properties": {
         "threadId": {
@@ -2953,6 +2934,24 @@
         }
       ]
     },
+    "ThreadRememberParams": {
+      "properties": {
+        "sourceThreadIds": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "threadId": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "sourceThreadIds",
+        "threadId"
+      ],
+      "type": "object"
+    },
     "ThreadResumeParams": {
       "description": "There are three ways to resume a thread: 1. By thread_id: load the thread from disk by thread_id and resume it. 2. By history: instantiate the thread from memory and resume it. 3. By path: load the thread from disk by path and resume it.\n\nThe precedence is: history > path > thread_id. If using history or path, the thread_id param will be ignored.\n\nPrefer using thread_id whenever possible.",
       "properties": {
@@ -3240,27 +3239,10 @@
               "type": "null"
             }
           ]
-        },
-        "sessionStartSource": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ThreadStartSource"
-            },
-            {
-              "type": "null"
-            }
-          ]
         }
       },
       "type": "object"
     },
-    "ThreadStartSource": {
-      "enum": [
-        "startup",
-        "clear"
-      ],
-      "type": "string"
-    },
     "ThreadUnarchiveParams": {
       "properties": {
         "threadId": {
@@ -3856,6 +3838,30 @@
       "title": "Thread/shellCommandRequest",
       "type": "object"
     },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "thread/addCreditsNudgeEmail"
+          ],
+          "title": "Thread/addCreditsNudgeEmailRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/ThreadAddCreditsNudgeEmailParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Thread/addCreditsNudgeEmailRequest",
+      "type": "object"
+    },
     {
       "properties": {
         "id": {
@@ -3952,6 +3958,30 @@
       "title": "Thread/readRequest",
       "type": "object"
     },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "thread/remember"
+          ],
+          "title": "Thread/rememberRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/ThreadRememberParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Thread/rememberRequest",
+      "type": "object"
+    },
     {
       "properties": {
         "id": {
@@ -4599,30 +4629,6 @@
       "title": "McpServer/resource/readRequest",
       "type": "object"
     },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "mcpServer/tool/call"
-          ],
-          "title": "McpServer/tool/callRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/McpServerToolCallParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "McpServer/tool/callRequest",
-      "type": "object"
-    },
     {
       "properties": {
         "id": {

codex-rs/app-server-protocol/schema/json/ExecCommandApprovalResponse.json

@@ -94,13 +94,6 @@
           ],
           "type": "string"
         },
-        {
-          "description": "Automatic approval review timed out before reaching a decision.",
-          "enum": [
-            "timed_out"
-          ],
-          "type": "string"
-        },
         {
           "description": "User has denied this command and the agent should not do anything until the user's next command.",
           "enum": [

codex-rs/app-server-protocol/schema/json/ServerNotification.json

@@ -51,6 +51,12 @@
             }
           ]
         },
+        "isWorkspaceOwner": {
+          "type": [
+            "boolean",
+            "null"
+          ]
+        },
         "planType": {
           "anyOf": [
             {
@@ -60,10 +66,89 @@
               "type": "null"
             }
           ]
+        },
+        "workspaceRole": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/WorkspaceRole"
+            },
+            {
+              "type": "null"
+            }
+          ]
         }
       },
       "type": "object"
     },
+    "AddCreditsNudgeEmailNotification": {
+      "properties": {
+        "result": {
+          "$ref": "#/definitions/AddCreditsNudgeEmailResult"
+        },
+        "threadId": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "result",
+        "threadId"
+      ],
+      "type": "object"
+    },
+    "AddCreditsNudgeEmailResult": {
+      "oneOf": [
+        {
+          "properties": {
+            "status": {
+              "enum": [
+                "sent"
+              ],
+              "title": "SentAddCreditsNudgeEmailResultStatus",
+              "type": "string"
+            }
+          },
+          "required": [
+            "status"
+          ],
+          "title": "SentAddCreditsNudgeEmailResult",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "status": {
+              "enum": [
+                "cooldownActive"
+              ],
+              "title": "CooldownActiveAddCreditsNudgeEmailResultStatus",
+              "type": "string"
+            }
+          },
+          "required": [
+            "status"
+          ],
+          "title": "CooldownActiveAddCreditsNudgeEmailResult",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "message": {
+              "type": "string"
+            },
+            "status": {
+              "enum": [
+                "failed"
+              ],
+              "type": "string"
+            }
+          },
+          "required": [
+            "message",
+            "status"
+          ],
+          "type": "object"
+        }
+      ]
+    },
     "AgentMessageDeltaNotification": {
       "properties": {
         "delta": {
@@ -388,13 +473,6 @@
         }
       ]
     },
-    "AutoReviewDecisionSource": {
-      "description": "[UNSTABLE] Source that produced a terminal guardian approval review decision.",
-      "enum": [
-        "agent"
-      ],
-      "type": "string"
-    },
     "ByteRange": {
       "properties": {
         "end": {
@@ -1348,7 +1426,6 @@
         "inProgress",
         "approved",
         "denied",
-        "timedOut",
         "aborted"
       ],
       "type": "string"
@@ -1596,27 +1673,16 @@
       "type": "object"
     },
     "ItemGuardianApprovalReviewCompletedNotification": {
-      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
+      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
       "properties": {
         "action": {
           "$ref": "#/definitions/GuardianApprovalReviewAction"
         },
-        "decisionSource": {
-          "$ref": "#/definitions/AutoReviewDecisionSource"
-        },
         "review": {
           "$ref": "#/definitions/GuardianApprovalReview"
         },
-        "reviewId": {
-          "description": "Stable identifier for this review.",
-          "type": "string"
-        },
         "targetItemId": {
-          "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
-          "type": [
-            "string",
-            "null"
-          ]
+          "type": "string"
         },
         "threadId": {
           "type": "string"
@@ -1627,16 +1693,15 @@
       },
       "required": [
         "action",
-        "decisionSource",
         "review",
-        "reviewId",
+        "targetItemId",
         "threadId",
         "turnId"
       ],
       "type": "object"
     },
     "ItemGuardianApprovalReviewStartedNotification": {
-      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
+      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
       "properties": {
         "action": {
           "$ref": "#/definitions/GuardianApprovalReviewAction"
@@ -1644,16 +1709,8 @@
         "review": {
           "$ref": "#/definitions/GuardianApprovalReview"
         },
-        "reviewId": {
-          "description": "Stable identifier for this review.",
-          "type": "string"
-        },
         "targetItemId": {
-          "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
-          "type": [
-            "string",
-            "null"
-          ]
+          "type": "string"
         },
         "threadId": {
           "type": "string"
@@ -1665,7 +1722,7 @@
       "required": [
         "action",
         "review",
-        "reviewId",
+        "targetItemId",
         "threadId",
         "turnId"
       ],
@@ -2010,7 +2067,6 @@
         "go",
         "plus",
         "pro",
-        "prolite",
         "team",
         "self_serve_business_usage_based",
         "business",
@@ -2074,6 +2130,16 @@
               "type": "null"
             }
           ]
+        },
+        "spendControl": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/SpendControlSnapshot"
+            },
+            {
+              "type": "null"
+            }
+          ]
         }
       },
       "type": "object"
@@ -2273,6 +2339,17 @@
       "description": "Notification emitted when watched local skill files change.\n\nTreat this as an invalidation signal and re-run `skills/list` with the client's current parameters when refreshed skill metadata is needed.",
       "type": "object"
     },
+    "SpendControlSnapshot": {
+      "properties": {
+        "reached": {
+          "type": "boolean"
+        }
+      },
+      "required": [
+        "reached"
+      ],
+      "type": "object"
+    },
     "SubAgentSource": {
       "oneOf": [
         {
@@ -4057,6 +4134,14 @@
         "samplePaths"
       ],
       "type": "object"
+    },
+    "WorkspaceRole": {
+      "enum": [
+        "account-owner",
+        "account-admin",
+        "standard-user"
+      ],
+      "type": "string"
     }
   },
   "description": "Notification sent from the server to the client.",
@@ -4684,6 +4769,26 @@
       "title": "Account/rateLimits/updatedNotification",
       "type": "object"
     },
+    {
+      "properties": {
+        "method": {
+          "enum": [
+            "account/addCreditsNudgeEmail/completed"
+          ],
+          "title": "Account/addCreditsNudgeEmail/completedNotificationMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/AddCreditsNudgeEmailNotification"
+        }
+      },
+      "required": [
+        "method",
+        "params"
+      ],
+      "title": "Account/addCreditsNudgeEmail/completedNotification",
+      "type": "object"
+    },
     {
       "properties": {
         "method": {

codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json

@@ -482,6 +482,30 @@
           "title": "Thread/shellCommandRequest",
           "type": "object"
         },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/v2/RequestId"
+            },
+            "method": {
+              "enum": [
+                "thread/addCreditsNudgeEmail"
+              ],
+              "title": "Thread/addCreditsNudgeEmailRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/v2/ThreadAddCreditsNudgeEmailParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Thread/addCreditsNudgeEmailRequest",
+          "type": "object"
+        },
         {
           "properties": {
             "id": {
@@ -578,6 +602,30 @@
           "title": "Thread/readRequest",
           "type": "object"
         },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/v2/RequestId"
+            },
+            "method": {
+              "enum": [
+                "thread/remember"
+              ],
+              "title": "Thread/rememberRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/v2/ThreadRememberParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Thread/rememberRequest",
+          "type": "object"
+        },
         {
           "properties": {
             "id": {
@@ -1225,30 +1273,6 @@
           "title": "McpServer/resource/readRequest",
           "type": "object"
         },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "mcpServer/tool/call"
-              ],
-              "title": "McpServer/tool/callRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/McpServerToolCallParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "McpServer/tool/callRequest",
-          "type": "object"
-        },
         {
           "properties": {
             "id": {
@@ -3422,13 +3446,6 @@
           ],
           "type": "string"
         },
-        {
-          "description": "Automatic approval review timed out before reaching a decision.",
-          "enum": [
-            "timed_out"
-          ],
-          "type": "string"
-        },
         {
           "description": "User has denied this command and the agent should not do anything until the user's next command.",
           "enum": [
@@ -4065,6 +4082,26 @@
           "title": "Account/rateLimits/updatedNotification",
           "type": "object"
         },
+        {
+          "properties": {
+            "method": {
+              "enum": [
+                "account/addCreditsNudgeEmail/completed"
+              ],
+              "title": "Account/addCreditsNudgeEmail/completedNotificationMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/v2/AddCreditsNudgeEmailNotification"
+            }
+          },
+          "required": [
+            "method",
+            "params"
+          ],
+          "title": "Account/addCreditsNudgeEmail/completedNotification",
+          "type": "object"
+        },
         {
           "properties": {
             "method": {
@@ -4952,6 +4989,12 @@
               }
             ]
           },
+          "isWorkspaceOwner": {
+            "type": [
+              "boolean",
+              "null"
+            ]
+          },
           "planType": {
             "anyOf": [
               {
@@ -4961,11 +5004,92 @@
                 "type": "null"
               }
             ]
+          },
+          "workspaceRole": {
+            "anyOf": [
+              {
+                "$ref": "#/definitions/v2/WorkspaceRole"
+              },
+              {
+                "type": "null"
+              }
+            ]
           }
         },
         "title": "AccountUpdatedNotification",
         "type": "object"
       },
+      "AddCreditsNudgeEmailNotification": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "properties": {
+          "result": {
+            "$ref": "#/definitions/v2/AddCreditsNudgeEmailResult"
+          },
+          "threadId": {
+            "type": "string"
+          }
+        },
+        "required": [
+          "result",
+          "threadId"
+        ],
+        "title": "AddCreditsNudgeEmailNotification",
+        "type": "object"
+      },
+      "AddCreditsNudgeEmailResult": {
+        "oneOf": [
+          {
+            "properties": {
+              "status": {
+                "enum": [
+                  "sent"
+                ],
+                "title": "SentAddCreditsNudgeEmailResultStatus",
+                "type": "string"
+              }
+            },
+            "required": [
+              "status"
+            ],
+            "title": "SentAddCreditsNudgeEmailResult",
+            "type": "object"
+          },
+          {
+            "properties": {
+              "status": {
+                "enum": [
+                  "cooldownActive"
+                ],
+                "title": "CooldownActiveAddCreditsNudgeEmailResultStatus",
+                "type": "string"
+              }
+            },
+            "required": [
+              "status"
+            ],
+            "title": "CooldownActiveAddCreditsNudgeEmailResult",
+            "type": "object"
+          },
+          {
+            "properties": {
+              "message": {
+                "type": "string"
+              },
+              "status": {
+                "enum": [
+                  "failed"
+                ],
+                "type": "string"
+              }
+            },
+            "required": [
+              "message",
+              "status"
+            ],
+            "type": "object"
+          }
+        ]
+      },
       "AgentMessageDeltaNotification": {
         "$schema": "http://json-schema.org/draft-07/schema#",
         "properties": {
@@ -5567,13 +5691,6 @@
           }
         ]
       },
-      "AutoReviewDecisionSource": {
-        "description": "[UNSTABLE] Source that produced a terminal guardian approval review decision.",
-        "enum": [
-          "agent"
-        ],
-        "type": "string"
-      },
       "ByteRange": {
         "properties": {
           "end": {
@@ -7479,15 +7596,6 @@
               "null"
             ]
           },
-          "tags": {
-            "additionalProperties": {
-              "type": "string"
-            },
-            "type": [
-              "object",
-              "null"
-            ]
-          },
           "threadId": {
             "type": [
               "string",
@@ -8058,8 +8166,24 @@
               }
             ]
           },
+          "isWorkspaceOwner": {
+            "type": [
+              "boolean",
+              "null"
+            ]
+          },
           "requiresOpenaiAuth": {
             "type": "boolean"
+          },
+          "workspaceRole": {
+            "anyOf": [
+              {
+                "$ref": "#/definitions/v2/WorkspaceRole"
+              },
+              {
+                "type": "null"
+              }
+            ]
           }
         },
         "required": [
@@ -8337,7 +8461,6 @@
           "inProgress",
           "approved",
           "denied",
-          "timedOut",
           "aborted"
         ],
         "type": "string"
@@ -8620,27 +8743,16 @@
       },
       "ItemGuardianApprovalReviewCompletedNotification": {
         "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
+        "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
         "properties": {
           "action": {
             "$ref": "#/definitions/v2/GuardianApprovalReviewAction"
           },
-          "decisionSource": {
-            "$ref": "#/definitions/v2/AutoReviewDecisionSource"
-          },
           "review": {
             "$ref": "#/definitions/v2/GuardianApprovalReview"
           },
-          "reviewId": {
-            "description": "Stable identifier for this review.",
-            "type": "string"
-          },
           "targetItemId": {
-            "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
-            "type": [
-              "string",
-              "null"
-            ]
+            "type": "string"
           },
           "threadId": {
             "type": "string"
@@ -8651,9 +8763,8 @@
         },
         "required": [
           "action",
-          "decisionSource",
           "review",
-          "reviewId",
+          "targetItemId",
           "threadId",
           "turnId"
         ],
@@ -8662,7 +8773,7 @@
       },
       "ItemGuardianApprovalReviewStartedNotification": {
         "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
+        "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
         "properties": {
           "action": {
             "$ref": "#/definitions/v2/GuardianApprovalReviewAction"
@@ -8670,16 +8781,8 @@
           "review": {
             "$ref": "#/definitions/v2/GuardianApprovalReview"
           },
-          "reviewId": {
-            "description": "Stable identifier for this review.",
-            "type": "string"
-          },
           "targetItemId": {
-            "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
-            "type": [
-              "string",
-              "null"
-            ]
+            "type": "string"
           },
           "threadId": {
             "type": "string"
@@ -8691,7 +8794,7 @@
         "required": [
           "action",
           "review",
-          "reviewId",
+          "targetItemId",
           "threadId",
           "turnId"
         ],
@@ -9247,51 +9350,6 @@
         "title": "McpServerStatusUpdatedNotification",
         "type": "object"
       },
-      "McpServerToolCallParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "properties": {
-          "_meta": true,
-          "arguments": true,
-          "server": {
-            "type": "string"
-          },
-          "threadId": {
-            "type": "string"
-          },
-          "tool": {
-            "type": "string"
-          }
-        },
-        "required": [
-          "server",
-          "threadId",
-          "tool"
-        ],
-        "title": "McpServerToolCallParams",
-        "type": "object"
-      },
-      "McpServerToolCallResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "properties": {
-          "_meta": true,
-          "content": {
-            "items": true,
-            "type": "array"
-          },
-          "isError": {
-            "type": [
-              "boolean",
-              "null"
-            ]
-          },
-          "structuredContent": true
-        },
-        "required": [
-          "content"
-        ],
-        "title": "McpServerToolCallResponse",
-        "type": "object"
-      },
       "McpToolCallError": {
         "properties": {
           "message": {
@@ -9924,7 +9982,6 @@
           "go",
           "plus",
           "pro",
-          "prolite",
           "team",
           "self_serve_business_usage_based",
           "business",
@@ -10510,6 +10567,16 @@
                 "type": "null"
               }
             ]
+          },
+          "spendControl": {
+            "anyOf": [
+              {
+                "$ref": "#/definitions/v2/SpendControlSnapshot"
+              },
+              {
+                "type": "null"
+              }
+            ]
           }
         },
         "type": "object"
@@ -12333,6 +12400,17 @@
         "title": "SkillsListResponse",
         "type": "object"
       },
+      "SpendControlSnapshot": {
+        "properties": {
+          "reached": {
+            "type": "boolean"
+          }
+        },
+        "required": [
+          "reached"
+        ],
+        "type": "object"
+      },
       "SubAgentSource": {
         "oneOf": [
           {
@@ -12624,6 +12702,24 @@
         ],
         "type": "string"
       },
+      "ThreadAddCreditsNudgeEmailParams": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "properties": {
+          "threadId": {
+            "type": "string"
+          }
+        },
+        "required": [
+          "threadId"
+        ],
+        "title": "ThreadAddCreditsNudgeEmailParams",
+        "type": "object"
+      },
+      "ThreadAddCreditsNudgeEmailResponse": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "title": "ThreadAddCreditsNudgeEmailResponse",
+        "type": "object"
+      },
       "ThreadArchiveParams": {
         "$schema": "http://json-schema.org/draft-07/schema#",
         "properties": {
@@ -13968,6 +14064,46 @@
         "title": "ThreadRealtimeTranscriptUpdatedNotification",
         "type": "object"
       },
+      "ThreadRememberParams": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "properties": {
+          "sourceThreadIds": {
+            "items": {
+              "type": "string"
+            },
+            "type": "array"
+          },
+          "threadId": {
+            "type": "string"
+          }
+        },
+        "required": [
+          "sourceThreadIds",
+          "threadId"
+        ],
+        "title": "ThreadRememberParams",
+        "type": "object"
+      },
+      "ThreadRememberResponse": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "properties": {
+          "contextPreview": {
+            "type": "string"
+          },
+          "rememberedThreadIds": {
+            "items": {
+              "type": "string"
+            },
+            "type": "array"
+          }
+        },
+        "required": [
+          "contextPreview",
+          "rememberedThreadIds"
+        ],
+        "title": "ThreadRememberResponse",
+        "type": "object"
+      },
       "ThreadResumeParams": {
         "$schema": "http://json-schema.org/draft-07/schema#",
         "description": "There are three ways to resume a thread: 1. By thread_id: load the thread from disk by thread_id and resume it. 2. By history: instantiate the thread from memory and resume it. 3. By path: load the thread from disk by path and resume it.\n\nThe precedence is: history > path > thread_id. If using history or path, the thread_id param will be ignored.\n\nPrefer using thread_id whenever possible.",
@@ -14354,16 +14490,6 @@
                 "type": "null"
               }
             ]
-          },
-          "sessionStartSource": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/ThreadStartSource"
-              },
-              {
-                "type": "null"
-              }
-            ]
           }
         },
         "title": "ThreadStartParams",
@@ -14431,13 +14557,6 @@
         "title": "ThreadStartResponse",
         "type": "object"
       },
-      "ThreadStartSource": {
-        "enum": [
-          "startup",
-          "clear"
-        ],
-        "type": "string"
-      },
       "ThreadStartedNotification": {
         "$schema": "http://json-schema.org/draft-07/schema#",
         "properties": {
@@ -15549,6 +15668,14 @@
         "title": "WindowsWorldWritableWarningNotification",
         "type": "object"
       },
+      "WorkspaceRole": {
+        "enum": [
+          "account-owner",
+          "account-admin",
+          "standard-user"
+        ],
+        "type": "string"
+      },
       "WriteStatus": {
         "enum": [
           "ok",

codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json

@@ -100,6 +100,12 @@
             }
           ]
         },
+        "isWorkspaceOwner": {
+          "type": [
+            "boolean",
+            "null"
+          ]
+        },
         "planType": {
           "anyOf": [
             {
@@ -109,11 +115,92 @@
               "type": "null"
             }
           ]
+        },
+        "workspaceRole": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/WorkspaceRole"
+            },
+            {
+              "type": "null"
+            }
+          ]
         }
       },
       "title": "AccountUpdatedNotification",
       "type": "object"
     },
+    "AddCreditsNudgeEmailNotification": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "properties": {
+        "result": {
+          "$ref": "#/definitions/AddCreditsNudgeEmailResult"
+        },
+        "threadId": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "result",
+        "threadId"
+      ],
+      "title": "AddCreditsNudgeEmailNotification",
+      "type": "object"
+    },
+    "AddCreditsNudgeEmailResult": {
+      "oneOf": [
+        {
+          "properties": {
+            "status": {
+              "enum": [
+                "sent"
+              ],
+              "title": "SentAddCreditsNudgeEmailResultStatus",
+              "type": "string"
+            }
+          },
+          "required": [
+            "status"
+          ],
+          "title": "SentAddCreditsNudgeEmailResult",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "status": {
+              "enum": [
+                "cooldownActive"
+              ],
+              "title": "CooldownActiveAddCreditsNudgeEmailResultStatus",
+              "type": "string"
+            }
+          },
+          "required": [
+            "status"
+          ],
+          "title": "CooldownActiveAddCreditsNudgeEmailResult",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "message": {
+              "type": "string"
+            },
+            "status": {
+              "enum": [
+                "failed"
+              ],
+              "type": "string"
+            }
+          },
+          "required": [
+            "message",
+            "status"
+          ],
+          "type": "object"
+        }
+      ]
+    },
     "AgentMessageDeltaNotification": {
       "$schema": "http://json-schema.org/draft-07/schema#",
       "properties": {
@@ -715,13 +802,6 @@
         }
       ]
     },
-    "AutoReviewDecisionSource": {
-      "description": "[UNSTABLE] Source that produced a terminal guardian approval review decision.",
-      "enum": [
-        "agent"
-      ],
-      "type": "string"
-    },
     "ByteRange": {
       "properties": {
         "end": {
@@ -1064,6 +1144,30 @@
           "title": "Thread/shellCommandRequest",
           "type": "object"
         },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/RequestId"
+            },
+            "method": {
+              "enum": [
+                "thread/addCreditsNudgeEmail"
+              ],
+              "title": "Thread/addCreditsNudgeEmailRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/ThreadAddCreditsNudgeEmailParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Thread/addCreditsNudgeEmailRequest",
+          "type": "object"
+        },
         {
           "properties": {
             "id": {
@@ -1160,6 +1264,30 @@
           "title": "Thread/readRequest",
           "type": "object"
         },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/RequestId"
+            },
+            "method": {
+              "enum": [
+                "thread/remember"
+              ],
+              "title": "Thread/rememberRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/ThreadRememberParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Thread/rememberRequest",
+          "type": "object"
+        },
         {
           "properties": {
             "id": {
@@ -1807,30 +1935,6 @@
           "title": "McpServer/resource/readRequest",
           "type": "object"
         },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "mcpServer/tool/call"
-              ],
-              "title": "McpServer/tool/callRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/McpServerToolCallParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "McpServer/tool/callRequest",
-          "type": "object"
-        },
         {
           "properties": {
             "id": {
@@ -4120,15 +4224,6 @@
             "null"
           ]
         },
-        "tags": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "type": [
-            "object",
-            "null"
-          ]
-        },
         "threadId": {
           "type": [
             "string",
@@ -4810,8 +4905,24 @@
             }
           ]
         },
+        "isWorkspaceOwner": {
+          "type": [
+            "boolean",
+            "null"
+          ]
+        },
         "requiresOpenaiAuth": {
           "type": "boolean"
+        },
+        "workspaceRole": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/WorkspaceRole"
+            },
+            {
+              "type": "null"
+            }
+          ]
         }
       },
       "required": [
@@ -5089,7 +5200,6 @@
         "inProgress",
         "approved",
         "denied",
-        "timedOut",
         "aborted"
       ],
       "type": "string"
@@ -5416,27 +5526,16 @@
     },
     "ItemGuardianApprovalReviewCompletedNotification": {
       "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
+      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
       "properties": {
         "action": {
           "$ref": "#/definitions/GuardianApprovalReviewAction"
         },
-        "decisionSource": {
-          "$ref": "#/definitions/AutoReviewDecisionSource"
-        },
         "review": {
           "$ref": "#/definitions/GuardianApprovalReview"
         },
-        "reviewId": {
-          "description": "Stable identifier for this review.",
-          "type": "string"
-        },
         "targetItemId": {
-          "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
-          "type": [
-            "string",
-            "null"
-          ]
+          "type": "string"
         },
         "threadId": {
           "type": "string"
@@ -5447,9 +5546,8 @@
       },
       "required": [
         "action",
-        "decisionSource",
         "review",
-        "reviewId",
+        "targetItemId",
         "threadId",
         "turnId"
       ],
@@ -5458,7 +5556,7 @@
     },
     "ItemGuardianApprovalReviewStartedNotification": {
       "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
+      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
       "properties": {
         "action": {
           "$ref": "#/definitions/GuardianApprovalReviewAction"
@@ -5466,16 +5564,8 @@
         "review": {
           "$ref": "#/definitions/GuardianApprovalReview"
         },
-        "reviewId": {
-          "description": "Stable identifier for this review.",
-          "type": "string"
-        },
         "targetItemId": {
-          "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
-          "type": [
-            "string",
-            "null"
-          ]
+          "type": "string"
         },
         "threadId": {
           "type": "string"
@@ -5487,7 +5577,7 @@
       "required": [
         "action",
         "review",
-        "reviewId",
+        "targetItemId",
         "threadId",
         "turnId"
       ],
@@ -6043,51 +6133,6 @@
       "title": "McpServerStatusUpdatedNotification",
       "type": "object"
     },
-    "McpServerToolCallParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "properties": {
-        "_meta": true,
-        "arguments": true,
-        "server": {
-          "type": "string"
-        },
-        "threadId": {
-          "type": "string"
-        },
-        "tool": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "server",
-        "threadId",
-        "tool"
-      ],
-      "title": "McpServerToolCallParams",
-      "type": "object"
-    },
-    "McpServerToolCallResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "properties": {
-        "_meta": true,
-        "content": {
-          "items": true,
-          "type": "array"
-        },
-        "isError": {
-          "type": [
-            "boolean",
-            "null"
-          ]
-        },
-        "structuredContent": true
-      },
-      "required": [
-        "content"
-      ],
-      "title": "McpServerToolCallResponse",
-      "type": "object"
-    },
     "McpToolCallError": {
       "properties": {
         "message": {
@@ -6720,7 +6765,6 @@
         "go",
         "plus",
         "pro",
-        "prolite",
         "team",
         "self_serve_business_usage_based",
         "business",
@@ -7306,6 +7350,16 @@
               "type": "null"
             }
           ]
+        },
+        "spendControl": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/SpendControlSnapshot"
+            },
+            {
+              "type": "null"
+            }
+          ]
         }
       },
       "type": "object"
@@ -9315,6 +9369,26 @@
           "title": "Account/rateLimits/updatedNotification",
           "type": "object"
         },
+        {
+          "properties": {
+            "method": {
+              "enum": [
+                "account/addCreditsNudgeEmail/completed"
+              ],
+              "title": "Account/addCreditsNudgeEmail/completedNotificationMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/AddCreditsNudgeEmailNotification"
+            }
+          },
+          "required": [
+            "method",
+            "params"
+          ],
+          "title": "Account/addCreditsNudgeEmail/completedNotification",
+          "type": "object"
+        },
         {
           "properties": {
             "method": {
@@ -10181,6 +10255,17 @@
       "title": "SkillsListResponse",
       "type": "object"
     },
+    "SpendControlSnapshot": {
+      "properties": {
+        "reached": {
+          "type": "boolean"
+        }
+      },
+      "required": [
+        "reached"
+      ],
+      "type": "object"
+    },
     "SubAgentSource": {
       "oneOf": [
         {
@@ -10472,6 +10557,24 @@
       ],
       "type": "string"
     },
+    "ThreadAddCreditsNudgeEmailParams": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "properties": {
+        "threadId": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "threadId"
+      ],
+      "title": "ThreadAddCreditsNudgeEmailParams",
+      "type": "object"
+    },
+    "ThreadAddCreditsNudgeEmailResponse": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "title": "ThreadAddCreditsNudgeEmailResponse",
+      "type": "object"
+    },
     "ThreadArchiveParams": {
       "$schema": "http://json-schema.org/draft-07/schema#",
       "properties": {
@@ -11816,6 +11919,46 @@
       "title": "ThreadRealtimeTranscriptUpdatedNotification",
       "type": "object"
     },
+    "ThreadRememberParams": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "properties": {
+        "sourceThreadIds": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "threadId": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "sourceThreadIds",
+        "threadId"
+      ],
+      "title": "ThreadRememberParams",
+      "type": "object"
+    },
+    "ThreadRememberResponse": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "properties": {
+        "contextPreview": {
+          "type": "string"
+        },
+        "rememberedThreadIds": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "required": [
+        "contextPreview",
+        "rememberedThreadIds"
+      ],
+      "title": "ThreadRememberResponse",
+      "type": "object"
+    },
     "ThreadResumeParams": {
       "$schema": "http://json-schema.org/draft-07/schema#",
       "description": "There are three ways to resume a thread: 1. By thread_id: load the thread from disk by thread_id and resume it. 2. By history: instantiate the thread from memory and resume it. 3. By path: load the thread from disk by path and resume it.\n\nThe precedence is: history > path > thread_id. If using history or path, the thread_id param will be ignored.\n\nPrefer using thread_id whenever possible.",
@@ -12202,16 +12345,6 @@
               "type": "null"
             }
           ]
-        },
-        "sessionStartSource": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ThreadStartSource"
-            },
-            {
-              "type": "null"
-            }
-          ]
         }
       },
       "title": "ThreadStartParams",
@@ -12279,13 +12412,6 @@
       "title": "ThreadStartResponse",
       "type": "object"
     },
-    "ThreadStartSource": {
-      "enum": [
-        "startup",
-        "clear"
-      ],
-      "type": "string"
-    },
     "ThreadStartedNotification": {
       "$schema": "http://json-schema.org/draft-07/schema#",
       "properties": {
@@ -13397,6 +13523,14 @@
       "title": "WindowsWorldWritableWarningNotification",
       "type": "object"
     },
+    "WorkspaceRole": {
+      "enum": [
+        "account-owner",
+        "account-admin",
+        "standard-user"
+      ],
+      "type": "string"
+    },
     "WriteStatus": {
       "enum": [
         "ok",

codex-rs/app-server-protocol/schema/json/v2/AccountRateLimitsUpdatedNotification.json

@@ -28,7 +28,6 @@
         "go",
         "plus",
         "pro",
-        "prolite",
         "team",
         "self_serve_business_usage_based",
         "business",
@@ -92,6 +91,16 @@
               "type": "null"
             }
           ]
+        },
+        "spendControl": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/SpendControlSnapshot"
+            },
+            {
+              "type": "null"
+            }
+          ]
         }
       },
       "type": "object"
@@ -121,6 +130,17 @@
         "usedPercent"
       ],
       "type": "object"
+    },
+    "SpendControlSnapshot": {
+      "properties": {
+        "reached": {
+          "type": "boolean"
+        }
+      },
+      "required": [
+        "reached"
+      ],
+      "type": "object"
     }
   },
   "properties": {

codex-rs/app-server-protocol/schema/json/v2/AccountUpdatedNotification.json

@@ -33,7 +33,6 @@
         "go",
         "plus",
         "pro",
-        "prolite",
         "team",
         "self_serve_business_usage_based",
         "business",
@@ -43,6 +42,14 @@
         "unknown"
       ],
       "type": "string"
+    },
+    "WorkspaceRole": {
+      "enum": [
+        "account-owner",
+        "account-admin",
+        "standard-user"
+      ],
+      "type": "string"
     }
   },
   "properties": {
@@ -56,6 +63,12 @@
         }
       ]
     },
+    "isWorkspaceOwner": {
+      "type": [
+        "boolean",
+        "null"
+      ]
+    },
     "planType": {
       "anyOf": [
         {
@@ -65,6 +78,16 @@
           "type": "null"
         }
       ]
+    },
+    "workspaceRole": {
+      "anyOf": [
+        {
+          "$ref": "#/definitions/WorkspaceRole"
+        },
+        {
+          "type": "null"
+        }
+      ]
     }
   },
   "title": "AccountUpdatedNotification",

codex-rs/app-server-protocol/schema/json/v2/AddCreditsNudgeEmailNotification.json

@@ -0,0 +1,73 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "definitions": {
+    "AddCreditsNudgeEmailResult": {
+      "oneOf": [
+        {
+          "properties": {
+            "status": {
+              "enum": [
+                "sent"
+              ],
+              "title": "SentAddCreditsNudgeEmailResultStatus",
+              "type": "string"
+            }
+          },
+          "required": [
+            "status"
+          ],
+          "title": "SentAddCreditsNudgeEmailResult",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "status": {
+              "enum": [
+                "cooldownActive"
+              ],
+              "title": "CooldownActiveAddCreditsNudgeEmailResultStatus",
+              "type": "string"
+            }
+          },
+          "required": [
+            "status"
+          ],
+          "title": "CooldownActiveAddCreditsNudgeEmailResult",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "message": {
+              "type": "string"
+            },
+            "status": {
+              "enum": [
+                "failed"
+              ],
+              "type": "string"
+            }
+          },
+          "required": [
+            "message",
+            "status"
+          ],
+          "type": "object"
+        }
+      ]
+    }
+  },
+  "properties": {
+    "result": {
+      "$ref": "#/definitions/AddCreditsNudgeEmailResult"
+    },
+    "threadId": {
+      "type": "string"
+    }
+  },
+  "required": [
+    "result",
+    "threadId"
+  ],
+  "title": "AddCreditsNudgeEmailNotification",
+  "type": "object"
+}

codex-rs/app-server-protocol/schema/json/v2/FeedbackUploadParams.json

@@ -22,15 +22,6 @@
         "null"
       ]
     },
-    "tags": {
-      "additionalProperties": {
-        "type": "string"
-      },
-      "type": [
-        "object",
-        "null"
-      ]
-    },
     "threadId": {
       "type": [
         "string",

codex-rs/app-server-protocol/schema/json/v2/GetAccountRateLimitsResponse.json

@@ -28,7 +28,6 @@
         "go",
         "plus",
         "pro",
-        "prolite",
         "team",
         "self_serve_business_usage_based",
         "business",
@@ -92,6 +91,16 @@
               "type": "null"
             }
           ]
+        },
+        "spendControl": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/SpendControlSnapshot"
+            },
+            {
+              "type": "null"
+            }
+          ]
         }
       },
       "type": "object"
@@ -121,6 +130,17 @@
         "usedPercent"
       ],
       "type": "object"
+    },
+    "SpendControlSnapshot": {
+      "properties": {
+        "reached": {
+          "type": "boolean"
+        }
+      },
+      "required": [
+        "reached"
+      ],
+      "type": "object"
     }
   },
   "properties": {

codex-rs/app-server-protocol/schema/json/v2/GetAccountResponse.json

@@ -51,7 +51,6 @@
         "go",
         "plus",
         "pro",
-        "prolite",
         "team",
         "self_serve_business_usage_based",
         "business",
@@ -61,6 +60,14 @@
         "unknown"
       ],
       "type": "string"
+    },
+    "WorkspaceRole": {
+      "enum": [
+        "account-owner",
+        "account-admin",
+        "standard-user"
+      ],
+      "type": "string"
     }
   },
   "properties": {
@@ -74,8 +81,24 @@
         }
       ]
     },
+    "isWorkspaceOwner": {
+      "type": [
+        "boolean",
+        "null"
+      ]
+    },
     "requiresOpenaiAuth": {
       "type": "boolean"
+    },
+    "workspaceRole": {
+      "anyOf": [
+        {
+          "$ref": "#/definitions/WorkspaceRole"
+        },
+        {
+          "type": "null"
+        }
+      ]
     }
   },
   "required": [

codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json

@@ -1,13 +1,6 @@
 {
   "$schema": "http://json-schema.org/draft-07/schema#",
   "definitions": {
-    "AutoReviewDecisionSource": {
-      "description": "[UNSTABLE] Source that produced a terminal guardian approval review decision.",
-      "enum": [
-        "agent"
-      ],
-      "type": "string"
-    },
     "GuardianApprovalReview": {
       "description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
       "properties": {
@@ -222,7 +215,6 @@
         "inProgress",
         "approved",
         "denied",
-        "timedOut",
         "aborted"
       ],
       "type": "string"
@@ -264,27 +256,16 @@
       "type": "string"
     }
   },
-  "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
+  "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
   "properties": {
     "action": {
       "$ref": "#/definitions/GuardianApprovalReviewAction"
     },
-    "decisionSource": {
-      "$ref": "#/definitions/AutoReviewDecisionSource"
-    },
     "review": {
       "$ref": "#/definitions/GuardianApprovalReview"
     },
-    "reviewId": {
-      "description": "Stable identifier for this review.",
-      "type": "string"
-    },
     "targetItemId": {
-      "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
-      "type": [
-        "string",
-        "null"
-      ]
+      "type": "string"
     },
     "threadId": {
       "type": "string"
@@ -295,9 +276,8 @@
   },
   "required": [
     "action",
-    "decisionSource",
     "review",
-    "reviewId",
+    "targetItemId",
     "threadId",
     "turnId"
   ],

codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json

@@ -215,7 +215,6 @@
         "inProgress",
         "approved",
         "denied",
-        "timedOut",
         "aborted"
       ],
       "type": "string"
@@ -257,7 +256,7 @@
       "type": "string"
     }
   },
-  "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.",
+  "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
   "properties": {
     "action": {
       "$ref": "#/definitions/GuardianApprovalReviewAction"
@@ -265,16 +264,8 @@
     "review": {
       "$ref": "#/definitions/GuardianApprovalReview"
     },
-    "reviewId": {
-      "description": "Stable identifier for this review.",
-      "type": "string"
-    },
     "targetItemId": {
-      "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
-      "type": [
-        "string",
-        "null"
-      ]
+      "type": "string"
     },
     "threadId": {
       "type": "string"
@@ -286,7 +277,7 @@
   "required": [
     "action",
     "review",
-    "reviewId",
+    "targetItemId",
     "threadId",
     "turnId"
   ],

codex-rs/app-server-protocol/schema/json/v2/McpServerToolCallParams.json

@@ -1,23 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "properties": {
-    "_meta": true,
-    "arguments": true,
-    "server": {
-      "type": "string"
-    },
-    "threadId": {
-      "type": "string"
-    },
-    "tool": {
-      "type": "string"
-    }
-  },
-  "required": [
-    "server",
-    "threadId",
-    "tool"
-  ],
-  "title": "McpServerToolCallParams",
-  "type": "object"
-}

codex-rs/app-server-protocol/schema/json/v2/McpServerToolCallResponse.json

@@ -1,22 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "properties": {
-    "_meta": true,
-    "content": {
-      "items": true,
-      "type": "array"
-    },
-    "isError": {
-      "type": [
-        "boolean",
-        "null"
-      ]
-    },
-    "structuredContent": true
-  },
-  "required": [
-    "content"
-  ],
-  "title": "McpServerToolCallResponse",
-  "type": "object"
-}

codex-rs/app-server-protocol/schema/json/v2/ThreadAddCreditsNudgeEmailParams.json

@@ -0,0 +1,13 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "properties": {
+    "threadId": {
+      "type": "string"
+    }
+  },
+  "required": [
+    "threadId"
+  ],
+  "title": "ThreadAddCreditsNudgeEmailParams",
+  "type": "object"
+}

codex-rs/app-server-protocol/schema/json/v2/ThreadAddCreditsNudgeEmailResponse.json

@@ -0,0 +1,5 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "ThreadAddCreditsNudgeEmailResponse",
+  "type": "object"
+}

codex-rs/app-server-protocol/schema/json/v2/ThreadRememberParams.json

@@ -0,0 +1,20 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "properties": {
+    "sourceThreadIds": {
+      "items": {
+        "type": "string"
+      },
+      "type": "array"
+    },
+    "threadId": {
+      "type": "string"
+    }
+  },
+  "required": [
+    "sourceThreadIds",
+    "threadId"
+  ],
+  "title": "ThreadRememberParams",
+  "type": "object"
+}

codex-rs/app-server-protocol/schema/json/v2/ThreadRememberResponse.json

@@ -0,0 +1,20 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "properties": {
+    "contextPreview": {
+      "type": "string"
+    },
+    "rememberedThreadIds": {
+      "items": {
+        "type": "string"
+      },
+      "type": "array"
+    }
+  },
+  "required": [
+    "contextPreview",
+    "rememberedThreadIds"
+  ],
+  "title": "ThreadRememberResponse",
+  "type": "object"
+}

codex-rs/app-server-protocol/schema/json/v2/ThreadStartParams.json

@@ -101,13 +101,6 @@
         "flex"
       ],
       "type": "string"
-    },
-    "ThreadStartSource": {
-      "enum": [
-        "startup",
-        "clear"
-      ],
-      "type": "string"
     }
   },
   "properties": {
@@ -217,16 +210,6 @@
           "type": "null"
         }
       ]
-    },
-    "sessionStartSource": {
-      "anyOf": [
-        {
-          "$ref": "#/definitions/ThreadStartSource"
-        },
-        {
-          "type": "null"
-        }
-      ]
     }
   },
   "title": "ThreadStartParams",

codex-rs/app-server-protocol/schema/typescript/ApplyPatchApprovalParams.ts

@@ -4,16 +4,16 @@
 import type { FileChange } from "./FileChange";
 import type { ThreadId } from "./ThreadId";
 
-export type ApplyPatchApprovalParams = { conversationId: ThreadId,
+export type ApplyPatchApprovalParams = { conversationId: ThreadId, 
 /**
  * Use to correlate this with [codex_protocol::protocol::PatchApplyBeginEvent]
  * and [codex_protocol::protocol::PatchApplyEndEvent].
  */
-callId: string, fileChanges: { [key in string]?: FileChange },
+callId: string, fileChanges: { [key in string]?: FileChange }, 
 /**
  * Optional explanatory reason (e.g. request for extra write access).
  */
-reason: string | null,
+reason: string | null, 
 /**
  * When set, the agent is asking the user to allow writes under this root
  * for the remainder of the session (unclear if this is honored today).

codex-rs/app-server-protocol/schema/typescript/ExecCommandApprovalParams.ts

@@ -4,12 +4,12 @@
 import type { ParsedCommand } from "./ParsedCommand";
 import type { ThreadId } from "./ThreadId";
 
-export type ExecCommandApprovalParams = { conversationId: ThreadId,
+export type ExecCommandApprovalParams = { conversationId: ThreadId, 
 /**
  * Use to correlate this with [codex_protocol::protocol::ExecCommandBeginEvent]
  * and [codex_protocol::protocol::ExecCommandEndEvent].
  */
-callId: string,
+callId: string, 
 /**
  * Identifier for this specific approval callback.
  */

codex-rs/app-server-protocol/schema/typescript/InitializeCapabilities.ts

@@ -5,11 +5,11 @@
 /**
  * Client-declared capabilities negotiated during initialize.
  */
-export type InitializeCapabilities = {
+export type InitializeCapabilities = { 
 /**
  * Opt into receiving experimental API methods and fields.
  */
-experimentalApi: boolean,
+experimentalApi: boolean, 
 /**
  * Exact notification method names that should be suppressed for this
  * connection (for example `thread/started`).

codex-rs/app-server-protocol/schema/typescript/InitializeResponse.ts

@@ -3,16 +3,16 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { AbsolutePathBuf } from "./AbsolutePathBuf";
 
-export type InitializeResponse = { userAgent: string,
+export type InitializeResponse = { userAgent: string, 
 /**
  * Absolute path to the server's $CODEX_HOME directory.
  */
-codexHome: AbsolutePathBuf,
+codexHome: AbsolutePathBuf, 
 /**
  * Platform family for the running app-server target, for example
  * `"unix"` or `"windows"`.
  */
-platformFamily: string,
+platformFamily: string, 
 /**
  * Operating system for the running app-server target, for example
  * `"macos"`, `"linux"`, or `"windows"`.

codex-rs/app-server-protocol/schema/typescript/ParsedCommand.ts

@@ -2,7 +2,7 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type ParsedCommand = { "type": "read", cmd: string, name: string,
+export type ParsedCommand = { "type": "read", cmd: string, name: string, 
 /**
  * (Best effort) Path to the file being read by the command. When
  * possible, this is an absolute path, though when relative, it should

codex-rs/app-server-protocol/schema/typescript/PlanType.ts

@@ -2,4 +2,4 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type PlanType = "free" | "go" | "plus" | "pro" | "prolite" | "team" | "self_serve_business_usage_based" | "business" | "enterprise_cbp_usage_based" | "enterprise" | "edu" | "unknown";
+export type PlanType = "free" | "go" | "plus" | "pro" | "team" | "self_serve_business_usage_based" | "business" | "enterprise_cbp_usage_based" | "enterprise" | "edu" | "unknown";

codex-rs/app-server-protocol/schema/typescript/ResourceContent.ts

@@ -6,11 +6,11 @@ import type { JsonValue } from "./serde_json/JsonValue";
 /**
  * Contents returned when reading a resource from an MCP server.
  */
-export type ResourceContent = {
+export type ResourceContent = { 
 /**
  * The URI of this resource.
  */
-uri: string, mimeType?: string, text: string, _meta?: JsonValue, } | {
+uri: string, mimeType?: string, text: string, _meta?: JsonValue, } | { 
 /**
  * The URI of this resource.
  */

codex-rs/app-server-protocol/schema/typescript/ResponseItem.ts

@@ -11,7 +11,7 @@ import type { ReasoningItemContent } from "./ReasoningItemContent";
 import type { ReasoningItemReasoningSummary } from "./ReasoningItemReasoningSummary";
 import type { WebSearchAction } from "./WebSearchAction";
 
-export type ResponseItem = { "type": "message", role: string, content: Array<ContentItem>, end_turn?: boolean, phase?: MessagePhase, } | { "type": "reasoning", summary: Array<ReasoningItemReasoningSummary>, content?: Array<ReasoningItemContent>, encrypted_content: string | null, } | { "type": "local_shell_call",
+export type ResponseItem = { "type": "message", role: string, content: Array<ContentItem>, end_turn?: boolean, phase?: MessagePhase, } | { "type": "reasoning", summary: Array<ReasoningItemReasoningSummary>, content?: Array<ReasoningItemContent>, encrypted_content: string | null, } | { "type": "local_shell_call", 
 /**
  * Set when using the Responses API.
  */

codex-rs/app-server-protocol/schema/typescript/ReviewDecision.ts

@@ -7,4 +7,4 @@ import type { NetworkPolicyAmendment } from "./NetworkPolicyAmendment";
 /**
  * User's decision in response to an ExecApprovalRequest.
  */
-export type ReviewDecision = "approved" | { "approved_execpolicy_amendment": { proposed_execpolicy_amendment: ExecPolicyAmendment, } } | "approved_for_session" | { "network_policy_amendment": { network_policy_amendment: NetworkPolicyAmendment, } } | "denied" | "timed_out" | "abort";
+export type ReviewDecision = "approved" | { "approved_execpolicy_amendment": { proposed_execpolicy_amendment: ExecPolicyAmendment, } } | "approved_for_session" | { "network_policy_amendment": { network_policy_amendment: NetworkPolicyAmendment, } } | "denied" | "abort";

codex-rs/app-server-protocol/schema/typescript/ServerNotification.ts

@@ -6,6 +6,7 @@ import type { FuzzyFileSearchSessionUpdatedNotification } from "./FuzzyFileSearc
 import type { AccountLoginCompletedNotification } from "./v2/AccountLoginCompletedNotification";
 import type { AccountRateLimitsUpdatedNotification } from "./v2/AccountRateLimitsUpdatedNotification";
 import type { AccountUpdatedNotification } from "./v2/AccountUpdatedNotification";
+import type { AddCreditsNudgeEmailNotification } from "./v2/AddCreditsNudgeEmailNotification";
 import type { AgentMessageDeltaNotification } from "./v2/AgentMessageDeltaNotification";
 import type { AppListUpdatedNotification } from "./v2/AppListUpdatedNotification";
 import type { CommandExecOutputDeltaNotification } from "./v2/CommandExecOutputDeltaNotification";
@@ -58,4 +59,4 @@ import type { WindowsWorldWritableWarningNotification } from "./v2/WindowsWorldW
 /**
  * Notification sent from the server to the client.
  */
-export type ServerNotification = { "method": "error", "params": ErrorNotification } | { "method": "thread/started", "params": ThreadStartedNotification } | { "method": "thread/status/changed", "params": ThreadStatusChangedNotification } | { "method": "thread/archived", "params": ThreadArchivedNotification } | { "method": "thread/unarchived", "params": ThreadUnarchivedNotification } | { "method": "thread/closed", "params": ThreadClosedNotification } | { "method": "skills/changed", "params": SkillsChangedNotification } | { "method": "thread/name/updated", "params": ThreadNameUpdatedNotification } | { "method": "thread/tokenUsage/updated", "params": ThreadTokenUsageUpdatedNotification } | { "method": "turn/started", "params": TurnStartedNotification } | { "method": "hook/started", "params": HookStartedNotification } | { "method": "turn/completed", "params": TurnCompletedNotification } | { "method": "hook/completed", "params": HookCompletedNotification } | { "method": "turn/diff/updated", "params": TurnDiffUpdatedNotification } | { "method": "turn/plan/updated", "params": TurnPlanUpdatedNotification } | { "method": "item/started", "params": ItemStartedNotification } | { "method": "item/autoApprovalReview/started", "params": ItemGuardianApprovalReviewStartedNotification } | { "method": "item/autoApprovalReview/completed", "params": ItemGuardianApprovalReviewCompletedNotification } | { "method": "item/completed", "params": ItemCompletedNotification } | { "method": "rawResponseItem/completed", "params": RawResponseItemCompletedNotification } | { "method": "item/agentMessage/delta", "params": AgentMessageDeltaNotification } | { "method": "item/plan/delta", "params": PlanDeltaNotification } | { "method": "command/exec/outputDelta", "params": CommandExecOutputDeltaNotification } | { "method": "item/commandExecution/outputDelta", "params": CommandExecutionOutputDeltaNotification } | { "method": "item/commandExecution/terminalInteraction", "params": TerminalInteractionNotification } | { "method": "item/fileChange/outputDelta", "params": FileChangeOutputDeltaNotification } | { "method": "serverRequest/resolved", "params": ServerRequestResolvedNotification } | { "method": "item/mcpToolCall/progress", "params": McpToolCallProgressNotification } | { "method": "mcpServer/oauthLogin/completed", "params": McpServerOauthLoginCompletedNotification } | { "method": "mcpServer/startupStatus/updated", "params": McpServerStatusUpdatedNotification } | { "method": "account/updated", "params": AccountUpdatedNotification } | { "method": "account/rateLimits/updated", "params": AccountRateLimitsUpdatedNotification } | { "method": "app/list/updated", "params": AppListUpdatedNotification } | { "method": "fs/changed", "params": FsChangedNotification } | { "method": "item/reasoning/summaryTextDelta", "params": ReasoningSummaryTextDeltaNotification } | { "method": "item/reasoning/summaryPartAdded", "params": ReasoningSummaryPartAddedNotification } | { "method": "item/reasoning/textDelta", "params": ReasoningTextDeltaNotification } | { "method": "thread/compacted", "params": ContextCompactedNotification } | { "method": "model/rerouted", "params": ModelReroutedNotification } | { "method": "deprecationNotice", "params": DeprecationNoticeNotification } | { "method": "configWarning", "params": ConfigWarningNotification } | { "method": "fuzzyFileSearch/sessionUpdated", "params": FuzzyFileSearchSessionUpdatedNotification } | { "method": "fuzzyFileSearch/sessionCompleted", "params": FuzzyFileSearchSessionCompletedNotification } | { "method": "thread/realtime/started", "params": ThreadRealtimeStartedNotification } | { "method": "thread/realtime/itemAdded", "params": ThreadRealtimeItemAddedNotification } | { "method": "thread/realtime/transcriptUpdated", "params": ThreadRealtimeTranscriptUpdatedNotification } | { "method": "thread/realtime/outputAudio/delta", "params": ThreadRealtimeOutputAudioDeltaNotification } | { "method": "thread/realtime/sdp", "params": ThreadRealtimeSdpNotification } | { "method": "thread/realtime/error", "params": ThreadRealtimeErrorNotification } | { "method": "thread/realtime/closed", "params": ThreadRealtimeClosedNotification } | { "method": "windows/worldWritableWarning", "params": WindowsWorldWritableWarningNotification } | { "method": "windowsSandbox/setupCompleted", "params": WindowsSandboxSetupCompletedNotification } | { "method": "account/login/completed", "params": AccountLoginCompletedNotification };
+export type ServerNotification = { "method": "error", "params": ErrorNotification } | { "method": "thread/started", "params": ThreadStartedNotification } | { "method": "thread/status/changed", "params": ThreadStatusChangedNotification } | { "method": "thread/archived", "params": ThreadArchivedNotification } | { "method": "thread/unarchived", "params": ThreadUnarchivedNotification } | { "method": "thread/closed", "params": ThreadClosedNotification } | { "method": "skills/changed", "params": SkillsChangedNotification } | { "method": "thread/name/updated", "params": ThreadNameUpdatedNotification } | { "method": "thread/tokenUsage/updated", "params": ThreadTokenUsageUpdatedNotification } | { "method": "turn/started", "params": TurnStartedNotification } | { "method": "hook/started", "params": HookStartedNotification } | { "method": "turn/completed", "params": TurnCompletedNotification } | { "method": "hook/completed", "params": HookCompletedNotification } | { "method": "turn/diff/updated", "params": TurnDiffUpdatedNotification } | { "method": "turn/plan/updated", "params": TurnPlanUpdatedNotification } | { "method": "item/started", "params": ItemStartedNotification } | { "method": "item/autoApprovalReview/started", "params": ItemGuardianApprovalReviewStartedNotification } | { "method": "item/autoApprovalReview/completed", "params": ItemGuardianApprovalReviewCompletedNotification } | { "method": "item/completed", "params": ItemCompletedNotification } | { "method": "rawResponseItem/completed", "params": RawResponseItemCompletedNotification } | { "method": "item/agentMessage/delta", "params": AgentMessageDeltaNotification } | { "method": "item/plan/delta", "params": PlanDeltaNotification } | { "method": "command/exec/outputDelta", "params": CommandExecOutputDeltaNotification } | { "method": "item/commandExecution/outputDelta", "params": CommandExecutionOutputDeltaNotification } | { "method": "item/commandExecution/terminalInteraction", "params": TerminalInteractionNotification } | { "method": "item/fileChange/outputDelta", "params": FileChangeOutputDeltaNotification } | { "method": "serverRequest/resolved", "params": ServerRequestResolvedNotification } | { "method": "item/mcpToolCall/progress", "params": McpToolCallProgressNotification } | { "method": "mcpServer/oauthLogin/completed", "params": McpServerOauthLoginCompletedNotification } | { "method": "mcpServer/startupStatus/updated", "params": McpServerStatusUpdatedNotification } | { "method": "account/updated", "params": AccountUpdatedNotification } | { "method": "account/rateLimits/updated", "params": AccountRateLimitsUpdatedNotification } | { "method": "account/addCreditsNudgeEmail/completed", "params": AddCreditsNudgeEmailNotification } | { "method": "app/list/updated", "params": AppListUpdatedNotification } | { "method": "fs/changed", "params": FsChangedNotification } | { "method": "item/reasoning/summaryTextDelta", "params": ReasoningSummaryTextDeltaNotification } | { "method": "item/reasoning/summaryPartAdded", "params": ReasoningSummaryPartAddedNotification } | { "method": "item/reasoning/textDelta", "params": ReasoningTextDeltaNotification } | { "method": "thread/compacted", "params": ContextCompactedNotification } | { "method": "model/rerouted", "params": ModelReroutedNotification } | { "method": "deprecationNotice", "params": DeprecationNoticeNotification } | { "method": "configWarning", "params": ConfigWarningNotification } | { "method": "fuzzyFileSearch/sessionUpdated", "params": FuzzyFileSearchSessionUpdatedNotification } | { "method": "fuzzyFileSearch/sessionCompleted", "params": FuzzyFileSearchSessionCompletedNotification } | { "method": "thread/realtime/started", "params": ThreadRealtimeStartedNotification } | { "method": "thread/realtime/itemAdded", "params": ThreadRealtimeItemAddedNotification } | { "method": "thread/realtime/transcriptUpdated", "params": ThreadRealtimeTranscriptUpdatedNotification } | { "method": "thread/realtime/outputAudio/delta", "params": ThreadRealtimeOutputAudioDeltaNotification } | { "method": "thread/realtime/sdp", "params": ThreadRealtimeSdpNotification } | { "method": "thread/realtime/error", "params": ThreadRealtimeErrorNotification } | { "method": "thread/realtime/closed", "params": ThreadRealtimeClosedNotification } | { "method": "windows/worldWritableWarning", "params": WindowsWorldWritableWarningNotification } | { "method": "windowsSandbox/setupCompleted", "params": WindowsSandboxSetupCompletedNotification } | { "method": "account/login/completed", "params": AccountLoginCompletedNotification };

codex-rs/app-server-protocol/schema/typescript/v2/AccountUpdatedNotification.ts

@@ -3,5 +3,6 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { AuthMode } from "../AuthMode";
 import type { PlanType } from "../PlanType";
+import type { WorkspaceRole } from "./WorkspaceRole";
 
-export type AccountUpdatedNotification = { authMode: AuthMode | null, planType: PlanType | null, };
+export type AccountUpdatedNotification = { authMode: AuthMode | null, planType: PlanType | null, workspaceRole: WorkspaceRole | null, isWorkspaceOwner: boolean | null, };

codex-rs/app-server-protocol/schema/typescript/v2/AddCreditsNudgeEmailNotification.ts

@@ -0,0 +1,6 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { AddCreditsNudgeEmailResult } from "./AddCreditsNudgeEmailResult";
+
+export type AddCreditsNudgeEmailNotification = { threadId: string, result: AddCreditsNudgeEmailResult, };

codex-rs/app-server-protocol/schema/typescript/v2/AddCreditsNudgeEmailResult.ts

@@ -0,0 +1,5 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type AddCreditsNudgeEmailResult = { "status": "sent" } | { "status": "cooldownActive" } | { "status": "failed", message: string, };

codex-rs/app-server-protocol/schema/typescript/v2/AppInfo.ts

@@ -7,7 +7,7 @@ import type { AppMetadata } from "./AppMetadata";
 /**
  * EXPERIMENTAL - app metadata returned by app-list APIs.
  */
-export type AppInfo = { id: string, name: string, description: string | null, logoUrl: string | null, logoUrlDark: string | null, distributionChannel: string | null, branding: AppBranding | null, appMetadata: AppMetadata | null, labels: { [key in string]?: string } | null, installUrl: string | null, isAccessible: boolean,
+export type AppInfo = { id: string, name: string, description: string | null, logoUrl: string | null, logoUrlDark: string | null, distributionChannel: string | null, branding: AppBranding | null, appMetadata: AppMetadata | null, labels: { [key in string]?: string } | null, installUrl: string | null, isAccessible: boolean, 
 /**
  * Whether this app is enabled in config.toml.
  * Example:

codex-rs/app-server-protocol/schema/typescript/v2/AppsListParams.ts

@@ -5,19 +5,19 @@
 /**
  * EXPERIMENTAL - list available apps/connectors.
  */
-export type AppsListParams = {
+export type AppsListParams = { 
 /**
  * Opaque pagination cursor returned by a previous call.
  */
-cursor?: string | null,
+cursor?: string | null, 
 /**
  * Optional page size; defaults to a reasonable server-side value.
  */
-limit?: number | null,
+limit?: number | null, 
 /**
  * Optional thread id used to evaluate app feature gating from that thread's config.
  */
-threadId?: string | null,
+threadId?: string | null, 
 /**
  * When true, bypass app caches and fetch the latest data from sources.
  */

codex-rs/app-server-protocol/schema/typescript/v2/AppsListResponse.ts

@@ -6,7 +6,7 @@ import type { AppInfo } from "./AppInfo";
 /**
  * EXPERIMENTAL - app list response.
  */
-export type AppsListResponse = { data: Array<AppInfo>,
+export type AppsListResponse = { data: Array<AppInfo>, 
 /**
  * Opaque cursor to pass to the next call to continue after the last item.
  * If None, there are no more items to return.

codex-rs/app-server-protocol/schema/typescript/v2/ChatgptAuthTokensRefreshParams.ts

@@ -3,7 +3,7 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ChatgptAuthTokensRefreshReason } from "./ChatgptAuthTokensRefreshReason";
 
-export type ChatgptAuthTokensRefreshParams = { reason: ChatgptAuthTokensRefreshReason,
+export type ChatgptAuthTokensRefreshParams = { reason: ChatgptAuthTokensRefreshReason, 
 /**
  * Workspace/account identifier that Codex was previously using.
  *

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecOutputDeltaNotification.ts

@@ -9,20 +9,20 @@ import type { CommandExecOutputStream } from "./CommandExecOutputStream";
  * These notifications are connection-scoped. If the originating connection
  * closes, the server terminates the process.
  */
-export type CommandExecOutputDeltaNotification = {
+export type CommandExecOutputDeltaNotification = { 
 /**
  * Client-supplied, connection-scoped `processId` from the original
  * `command/exec` request.
  */
-processId: string,
+processId: string, 
 /**
  * Output stream for this chunk.
  */
-stream: CommandExecOutputStream,
+stream: CommandExecOutputStream, 
 /**
  * Base64-encoded output bytes.
  */
-deltaBase64: string,
+deltaBase64: string, 
 /**
  * `true` on the final streamed chunk for a stream when `outputBytesCap`
  * truncated later output on that stream.

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecParams.ts

@@ -12,11 +12,11 @@ import type { SandboxPolicy } from "./SandboxPolicy";
  * sent only after all `command/exec/outputDelta` notifications for that
  * connection have been emitted.
  */
-export type CommandExecParams = {
+export type CommandExecParams = { 
 /**
  * Command argv vector. Empty arrays are rejected.
  */
-command: Array<string>,
+command: Array<string>, 
 /**
  * Optional client-supplied, connection-scoped process id.
  *
@@ -25,56 +25,56 @@ command: Array<string>,
  * `command/exec/terminate` calls. When omitted, buffered execution gets an
  * internal id that is not exposed to the client.
  */
-processId?: string | null,
+processId?: string | null, 
 /**
  * Enable PTY mode.
  *
  * This implies `streamStdin` and `streamStdoutStderr`.
  */
-tty?: boolean,
+tty?: boolean, 
 /**
  * Allow follow-up `command/exec/write` requests to write stdin bytes.
  *
  * Requires a client-supplied `processId`.
  */
-streamStdin?: boolean,
+streamStdin?: boolean, 
 /**
  * Stream stdout/stderr via `command/exec/outputDelta` notifications.
  *
  * Streamed bytes are not duplicated into the final response and require a
  * client-supplied `processId`.
  */
-streamStdoutStderr?: boolean,
+streamStdoutStderr?: boolean, 
 /**
  * Optional per-stream stdout/stderr capture cap in bytes.
  *
  * When omitted, the server default applies. Cannot be combined with
  * `disableOutputCap`.
  */
-outputBytesCap?: number | null,
+outputBytesCap?: number | null, 
 /**
  * Disable stdout/stderr capture truncation for this request.
  *
  * Cannot be combined with `outputBytesCap`.
  */
-disableOutputCap?: boolean,
+disableOutputCap?: boolean, 
 /**
  * Disable the timeout entirely for this request.
  *
  * Cannot be combined with `timeoutMs`.
  */
-disableTimeout?: boolean,
+disableTimeout?: boolean, 
 /**
  * Optional timeout in milliseconds.
  *
  * When omitted, the server default applies. Cannot be combined with
  * `disableTimeout`.
  */
-timeoutMs?: number | null,
+timeoutMs?: number | null, 
 /**
  * Optional working directory. Defaults to the server cwd.
  */
-cwd?: string | null,
+cwd?: string | null, 
 /**
  * Optional environment overrides merged into the server-computed
  * environment.
@@ -82,12 +82,12 @@ cwd?: string | null,
  * Matching names override inherited values. Set a key to `null` to unset
  * an inherited variable.
  */
-env?: { [key in string]?: string | null } | null,
+env?: { [key in string]?: string | null } | null, 
 /**
  * Optional initial PTY size in character cells. Only valid when `tty` is
  * true.
  */
-size?: CommandExecTerminalSize | null,
+size?: CommandExecTerminalSize | null, 
 /**
  * Optional sandbox policy for this command.
  *

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecResizeParams.ts

@@ -6,12 +6,12 @@ import type { CommandExecTerminalSize } from "./CommandExecTerminalSize";
 /**
  * Resize a running PTY-backed `command/exec` session.
  */
-export type CommandExecResizeParams = {
+export type CommandExecResizeParams = { 
 /**
  * Client-supplied, connection-scoped `processId` from the original
  * `command/exec` request.
  */
-processId: string,
+processId: string, 
 /**
  * New PTY size in character cells.
  */

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecResponse.ts

@@ -5,17 +5,17 @@
 /**
  * Final buffered result for `command/exec`.
  */
-export type CommandExecResponse = {
+export type CommandExecResponse = { 
 /**
  * Process exit code.
  */
-exitCode: number,
+exitCode: number, 
 /**
  * Buffered stdout capture.
  *
  * Empty when stdout was streamed via `command/exec/outputDelta`.
  */
-stdout: string,
+stdout: string, 
 /**
  * Buffered stderr capture.
  *

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecTerminalSize.ts

@@ -5,11 +5,11 @@
 /**
  * PTY size in character cells for `command/exec` PTY sessions.
  */
-export type CommandExecTerminalSize = {
+export type CommandExecTerminalSize = { 
 /**
  * Terminal height in character cells.
  */
-rows: number,
+rows: number, 
 /**
  * Terminal width in character cells.
  */

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecTerminateParams.ts

@@ -5,7 +5,7 @@
 /**
  * Terminate a running `command/exec` session.
  */
-export type CommandExecTerminateParams = {
+export type CommandExecTerminateParams = { 
 /**
  * Client-supplied, connection-scoped `processId` from the original
  * `command/exec` request.

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecWriteParams.ts

@@ -6,16 +6,16 @@
  * Write stdin bytes to a running `command/exec` session, close stdin, or
  * both.
  */
-export type CommandExecWriteParams = {
+export type CommandExecWriteParams = { 
 /**
  * Client-supplied, connection-scoped `processId` from the original
  * `command/exec` request.
  */
-processId: string,
+processId: string, 
 /**
  * Optional base64-encoded stdin bytes to write.
  */
-deltaBase64?: string | null,
+deltaBase64?: string | null, 
 /**
  * Close stdin after writing `deltaBase64`, if present.
  */

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecutionRequestApprovalParams.ts

@@ -8,7 +8,7 @@ import type { ExecPolicyAmendment } from "./ExecPolicyAmendment";
 import type { NetworkApprovalContext } from "./NetworkApprovalContext";
 import type { NetworkPolicyAmendment } from "./NetworkPolicyAmendment";
 
-export type CommandExecutionRequestApprovalParams = { threadId: string, turnId: string, itemId: string,
+export type CommandExecutionRequestApprovalParams = { threadId: string, turnId: string, itemId: string, 
 /**
  * Unique identifier for this specific approval callback.
  *
@@ -18,39 +18,39 @@ export type CommandExecutionRequestApprovalParams = { threadId: string, turnId:
  * one parent `itemId`, so `approvalId` is a distinct opaque callback id
  * (a UUID) used to disambiguate routing.
  */
-approvalId?: string | null,
+approvalId?: string | null, 
 /**
  * Optional explanatory reason (e.g. request for network access).
  */
-reason?: string | null,
+reason?: string | null, 
 /**
  * Optional context for a managed-network approval prompt.
  */
-networkApprovalContext?: NetworkApprovalContext | null,
+networkApprovalContext?: NetworkApprovalContext | null, 
 /**
  * The command to be executed.
  */
-command?: string | null,
+command?: string | null, 
 /**
  * The command's working directory.
  */
-cwd?: string | null,
+cwd?: string | null, 
 /**
  * Best-effort parsed command actions for friendly display.
  */
-commandActions?: Array<CommandAction> | null,
+commandActions?: Array<CommandAction> | null, 
 /**
  * Optional additional permissions requested for this command.
  */
-additionalPermissions?: AdditionalPermissionProfile | null,
+additionalPermissions?: AdditionalPermissionProfile | null, 
 /**
  * Optional proposed execpolicy amendment to allow similar commands without prompting.
  */
-proposedExecpolicyAmendment?: ExecPolicyAmendment | null,
+proposedExecpolicyAmendment?: ExecPolicyAmendment | null, 
 /**
  * Optional proposed network policy amendments (allow/deny host) for future requests.
  */
-proposedNetworkPolicyAmendments?: Array<NetworkPolicyAmendment> | null,
+proposedNetworkPolicyAmendments?: Array<NetworkPolicyAmendment> | null, 
 /**
  * Ordered list of decisions the client may present for this prompt.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ConfigBatchWriteParams.ts

@@ -3,11 +3,11 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ConfigEdit } from "./ConfigEdit";
 
-export type ConfigBatchWriteParams = { edits: Array<ConfigEdit>,
+export type ConfigBatchWriteParams = { edits: Array<ConfigEdit>, 
 /**
  * Path to the config file to write; defaults to the user's `config.toml` when omitted.
  */
-filePath?: string | null, expectedVersion?: string | null,
+filePath?: string | null, expectedVersion?: string | null, 
 /**
  * When true, hot-reload the updated user config into all loaded threads after writing.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ConfigLayerSource.ts

@@ -3,12 +3,12 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 
-export type ConfigLayerSource = { "type": "mdm", domain: string, key: string, } | { "type": "system",
+export type ConfigLayerSource = { "type": "mdm", domain: string, key: string, } | { "type": "system", 
 /**
  * This is the path to the system config.toml file, though it is not
  * guaranteed to exist.
  */
-file: AbsolutePathBuf, } | { "type": "user",
+file: AbsolutePathBuf, } | { "type": "user", 
 /**
  * This is the path to the user's config.toml file, though it is not
  * guaranteed to exist.

codex-rs/app-server-protocol/schema/typescript/v2/ConfigReadParams.ts

@@ -2,7 +2,7 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type ConfigReadParams = { includeLayers: boolean,
+export type ConfigReadParams = { includeLayers: boolean, 
 /**
  * Optional working directory to resolve project config layers. If specified,
  * return the effective config as seen from that directory (i.e., including any

codex-rs/app-server-protocol/schema/typescript/v2/ConfigRequirementsReadResponse.ts

@@ -3,7 +3,7 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ConfigRequirements } from "./ConfigRequirements";
 
-export type ConfigRequirementsReadResponse = {
+export type ConfigRequirementsReadResponse = { 
 /**
  * Null if no requirements are configured (e.g. no requirements.toml/MDM entries).
  */

codex-rs/app-server-protocol/schema/typescript/v2/ConfigValueWriteParams.ts

@@ -4,7 +4,7 @@
 import type { JsonValue } from "../serde_json/JsonValue";
 import type { MergeStrategy } from "./MergeStrategy";
 
-export type ConfigValueWriteParams = { keyPath: string, value: JsonValue, mergeStrategy: MergeStrategy,
+export type ConfigValueWriteParams = { keyPath: string, value: JsonValue, mergeStrategy: MergeStrategy, 
 /**
  * Path to the config file to write; defaults to the user's `config.toml` when omitted.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ConfigWarningNotification.ts

@@ -3,19 +3,19 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { TextRange } from "./TextRange";
 
-export type ConfigWarningNotification = {
+export type ConfigWarningNotification = { 
 /**
  * Concise summary of the warning.
  */
-summary: string,
+summary: string, 
 /**
  * Optional extra guidance or error details.
  */
-details: string | null,
+details: string | null, 
 /**
  * Optional path to the config file that triggered the warning.
  */
-path?: string,
+path?: string, 
 /**
  * Optional range for the error location inside the config file.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ConfigWriteResponse.ts

@@ -5,7 +5,7 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 import type { OverriddenMetadata } from "./OverriddenMetadata";
 import type { WriteStatus } from "./WriteStatus";
 
-export type ConfigWriteResponse = { status: WriteStatus, version: string,
+export type ConfigWriteResponse = { status: WriteStatus, version: string, 
 /**
  * Canonical path to the config file that was written.
  */

codex-rs/app-server-protocol/schema/typescript/v2/DeprecationNoticeNotification.ts

@@ -2,11 +2,11 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type DeprecationNoticeNotification = {
+export type DeprecationNoticeNotification = { 
 /**
  * Concise summary of what is deprecated.
  */
-summary: string,
+summary: string, 
 /**
  * Optional extra guidance, such as migration steps or rationale.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ExperimentalFeature.ts

@@ -3,34 +3,34 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ExperimentalFeatureStage } from "./ExperimentalFeatureStage";
 
-export type ExperimentalFeature = {
+export type ExperimentalFeature = { 
 /**
  * Stable key used in config.toml and CLI flag toggles.
  */
-name: string,
+name: string, 
 /**
  * Lifecycle stage of this feature flag.
  */
-stage: ExperimentalFeatureStage,
+stage: ExperimentalFeatureStage, 
 /**
  * User-facing display name shown in the experimental features UI.
  * Null when this feature is not in beta.
  */
-displayName: string | null,
+displayName: string | null, 
 /**
  * Short summary describing what the feature does.
  * Null when this feature is not in beta.
  */
-description: string | null,
+description: string | null, 
 /**
  * Announcement copy shown to users when the feature is introduced.
  * Null when this feature is not in beta.
  */
-announcement: string | null,
+announcement: string | null, 
 /**
  * Whether this feature is currently enabled in the loaded config.
  */
-enabled: boolean,
+enabled: boolean, 
 /**
  * Whether this feature is enabled by default.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ExperimentalFeatureEnablementSetParams.ts

@@ -2,7 +2,7 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type ExperimentalFeatureEnablementSetParams = {
+export type ExperimentalFeatureEnablementSetParams = { 
 /**
  * Process-wide runtime feature enablement keyed by canonical feature name.
  *

codex-rs/app-server-protocol/schema/typescript/v2/ExperimentalFeatureEnablementSetResponse.ts

@@ -2,7 +2,7 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type ExperimentalFeatureEnablementSetResponse = {
+export type ExperimentalFeatureEnablementSetResponse = { 
 /**
  * Feature enablement entries updated by this request.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ExperimentalFeatureListParams.ts

@@ -2,11 +2,11 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type ExperimentalFeatureListParams = {
+export type ExperimentalFeatureListParams = { 
 /**
  * Opaque pagination cursor returned by a previous call.
  */
-cursor?: string | null,
+cursor?: string | null, 
 /**
  * Optional page size; defaults to a reasonable server-side value.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ExperimentalFeatureListResponse.ts

@@ -3,7 +3,7 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ExperimentalFeature } from "./ExperimentalFeature";
 
-export type ExperimentalFeatureListResponse = { data: Array<ExperimentalFeature>,
+export type ExperimentalFeatureListResponse = { data: Array<ExperimentalFeature>, 
 /**
  * Opaque cursor to pass to the next call to continue after the last item.
  * If None, there are no more items to return.

codex-rs/app-server-protocol/schema/typescript/v2/ExternalAgentConfigDetectParams.ts

@@ -2,11 +2,11 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type ExternalAgentConfigDetectParams = {
+export type ExternalAgentConfigDetectParams = { 
 /**
  * If true, include detection under the user's home (~/.claude, ~/.codex, etc.).
  */
-includeHome?: boolean,
+includeHome?: boolean, 
 /**
  * Zero or more working directories to include for repo-scoped detection.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ExternalAgentConfigMigrationItem.ts

@@ -3,7 +3,7 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ExternalAgentConfigMigrationItemType } from "./ExternalAgentConfigMigrationItemType";
 
-export type ExternalAgentConfigMigrationItem = { itemType: ExternalAgentConfigMigrationItemType, description: string,
+export type ExternalAgentConfigMigrationItem = { itemType: ExternalAgentConfigMigrationItemType, description: string, 
 /**
  * Null or empty means home-scoped migration; non-empty means repo-scoped migration.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FeedbackUploadParams.ts

@@ -2,4 +2,4 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type FeedbackUploadParams = { classification: string, reason?: string | null, threadId?: string | null, includeLogs: boolean, extraLogFiles?: Array<string> | null, tags?: { [key in string]?: string } | null, };
+export type FeedbackUploadParams = { classification: string, reason?: string | null, threadId?: string | null, includeLogs: boolean, extraLogFiles?: Array<string> | null, };

codex-rs/app-server-protocol/schema/typescript/v2/FileChangeRequestApprovalParams.ts

@@ -2,11 +2,11 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type FileChangeRequestApprovalParams = { threadId: string, turnId: string, itemId: string,
+export type FileChangeRequestApprovalParams = { threadId: string, turnId: string, itemId: string, 
 /**
  * Optional explanatory reason (e.g. request for extra write access).
  */
-reason?: string | null,
+reason?: string | null, 
 /**
  * [UNSTABLE] When set, the agent is asking the user to allow writes under this root
  * for the remainder of the session (unclear if this is honored today).

codex-rs/app-server-protocol/schema/typescript/v2/FsChangedNotification.ts

@@ -6,11 +6,11 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 /**
  * Filesystem watch notification emitted for `fs/watch` subscribers.
  */
-export type FsChangedNotification = {
+export type FsChangedNotification = { 
 /**
  * Watch identifier previously provided to `fs/watch`.
  */
-watchId: string,
+watchId: string, 
 /**
  * File or directory paths associated with this event.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsCopyParams.ts

@@ -6,15 +6,15 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 /**
  * Copy a file or directory tree on the host filesystem.
  */
-export type FsCopyParams = {
+export type FsCopyParams = { 
 /**
  * Absolute source path.
  */
-sourcePath: AbsolutePathBuf,
+sourcePath: AbsolutePathBuf, 
 /**
  * Absolute destination path.
  */
-destinationPath: AbsolutePathBuf,
+destinationPath: AbsolutePathBuf, 
 /**
  * Required for directory copies; ignored for file copies.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsCreateDirectoryParams.ts

@@ -6,11 +6,11 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 /**
  * Create a directory on the host filesystem.
  */
-export type FsCreateDirectoryParams = {
+export type FsCreateDirectoryParams = { 
 /**
  * Absolute directory path to create.
  */
-path: AbsolutePathBuf,
+path: AbsolutePathBuf, 
 /**
  * Whether parent directories should also be created. Defaults to `true`.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsGetMetadataParams.ts

@@ -6,7 +6,7 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 /**
  * Request metadata for an absolute path.
  */
-export type FsGetMetadataParams = {
+export type FsGetMetadataParams = { 
 /**
  * Absolute path to inspect.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsGetMetadataResponse.ts

@@ -5,19 +5,19 @@
 /**
  * Metadata returned by `fs/getMetadata`.
  */
-export type FsGetMetadataResponse = {
+export type FsGetMetadataResponse = { 
 /**
  * Whether the path currently resolves to a directory.
  */
-isDirectory: boolean,
+isDirectory: boolean, 
 /**
  * Whether the path currently resolves to a regular file.
  */
-isFile: boolean,
+isFile: boolean, 
 /**
  * File creation time in Unix milliseconds when available, otherwise `0`.
  */
-createdAtMs: number,
+createdAtMs: number, 
 /**
  * File modification time in Unix milliseconds when available, otherwise `0`.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsReadDirectoryEntry.ts

@@ -5,15 +5,15 @@
 /**
  * A directory entry returned by `fs/readDirectory`.
  */
-export type FsReadDirectoryEntry = {
+export type FsReadDirectoryEntry = { 
 /**
  * Direct child entry name only, not an absolute or relative path.
  */
-fileName: string,
+fileName: string, 
 /**
  * Whether this entry resolves to a directory.
  */
-isDirectory: boolean,
+isDirectory: boolean, 
 /**
  * Whether this entry resolves to a regular file.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsReadDirectoryParams.ts

@@ -6,7 +6,7 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 /**
  * List direct child names for a directory.
  */
-export type FsReadDirectoryParams = {
+export type FsReadDirectoryParams = { 
 /**
  * Absolute directory path to read.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsReadDirectoryResponse.ts

@@ -6,7 +6,7 @@ import type { FsReadDirectoryEntry } from "./FsReadDirectoryEntry";
 /**
  * Directory entries returned by `fs/readDirectory`.
  */
-export type FsReadDirectoryResponse = {
+export type FsReadDirectoryResponse = { 
 /**
  * Direct child entries in the requested directory.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsReadFileParams.ts

@@ -6,7 +6,7 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 /**
  * Read a file from the host filesystem.
  */
-export type FsReadFileParams = {
+export type FsReadFileParams = { 
 /**
  * Absolute path to read.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsReadFileResponse.ts

@@ -5,7 +5,7 @@
 /**
  * Base64-encoded file contents returned by `fs/readFile`.
  */
-export type FsReadFileResponse = {
+export type FsReadFileResponse = { 
 /**
  * File contents encoded as base64.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsRemoveParams.ts

@@ -6,15 +6,15 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 /**
  * Remove a file or directory tree from the host filesystem.
  */
-export type FsRemoveParams = {
+export type FsRemoveParams = { 
 /**
  * Absolute path to remove.
  */
-path: AbsolutePathBuf,
+path: AbsolutePathBuf, 
 /**
  * Whether directory removal should recurse. Defaults to `true`.
  */
-recursive?: boolean | null,
+recursive?: boolean | null, 
 /**
  * Whether missing paths should be ignored. Defaults to `true`.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsUnwatchParams.ts

@@ -5,7 +5,7 @@
 /**
  * Stop filesystem watch notifications for a prior `fs/watch`.
  */
-export type FsUnwatchParams = {
+export type FsUnwatchParams = { 
 /**
  * Watch identifier previously provided to `fs/watch`.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsWatchParams.ts

@@ -6,11 +6,11 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 /**
  * Start filesystem watch notifications for an absolute path.
  */
-export type FsWatchParams = {
+export type FsWatchParams = { 
 /**
  * Connection-scoped watch identifier used for `fs/unwatch` and `fs/changed`.
  */
-watchId: string,
+watchId: string, 
 /**
  * Absolute file or directory path to watch.
  */

codex-rs/app-server-protocol/schema/typescript/v2/FsWatchResponse.ts

@@ -6,7 +6,7 @@ import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 /**
  * Successful response for `fs/watch`.
  */
-export type FsWatchResponse = {
+export type FsWatchResponse = { 
 /**
  * Canonicalized path associated with the watch.
  */