Merge branch 'summary_op' into compact_cmd

Print the current login mode, sanitized key and return an appropriate
status.

README.md

@@ -95,6 +95,12 @@ codex login
 
 If you complete the process successfully, you should have a `~/.codex/auth.json` file that contains the credentials that Codex will use.
 
+To verify whether you are currently logged in, run:
+
+```
+codex login status
+```
+
 If you encounter problems with the login flow, please comment on <https://github.com/openai/codex/issues/1243>.
 
 <details>

codex-rs/Cargo.lock

@@ -463,18 +463,18 @@ checksum = "df8670b8c7b9dae1793364eafadf7239c40d669904660c5960d74cfd80b46a53"
 
 [[package]]
 name = "castaway"
-version = "0.2.3"
+version = "0.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0abae9be0aaf9ea96a3b1b8b1b55c602ca751eba1b1500220cea4ecbafe7c0d5"
+checksum = "dec551ab6e7578819132c713a93c022a05d60159dc86e7a7050223577484c55a"
 dependencies = [
  "rustversion",
 ]
 
 [[package]]
 name = "cc"
-version = "1.2.29"
+version = "1.2.30"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5c1599538de2394445747c8cf7935946e3cc27e9625f889d979bfb2aaf569362"
+checksum = "deec109607ca693028562ed836a5f1c4b8bd77755c4e132fc5ce11b0b6211ae7"
 dependencies = [
  "jobserver",
  "libc",
@@ -570,9 +570,9 @@ checksum = "b94f61472cee1439c0b966b47e3aca9ae07e45d070759512cd390ea2bebc6675"
 
 [[package]]
 name = "clipboard-win"
-version = "5.4.0"
+version = "5.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "15efe7a882b08f34e38556b14f2fb3daa98769d06c7f0c1b076dfd0d983bc892"
+checksum = "bde03770d3df201d4fb868f2c9c59e66a3e4e2bd06692a0fe701e7103c7e84d4"
 dependencies = [
  "error-code",
 ]
@@ -605,6 +605,18 @@ dependencies = [
  "tree-sitter-bash",
 ]
 
+[[package]]
+name = "codex-arg0"
+version = "0.0.0"
+dependencies = [
+ "anyhow",
+ "codex-apply-patch",
+ "codex-core",
+ "codex-linux-sandbox",
+ "dotenvy",
+ "tokio",
+]
+
 [[package]]
 name = "codex-chatgpt"
 version = "0.0.0"
@@ -628,11 +640,11 @@ dependencies = [
  "anyhow",
  "clap",
  "clap_complete",
+ "codex-arg0",
  "codex-chatgpt",
  "codex-common",
  "codex-core",
  "codex-exec",
- "codex-linux-sandbox",
  "codex-login",
  "codex-mcp-server",
  "codex-tui",
@@ -661,7 +673,9 @@ dependencies = [
  "async-channel",
  "base64 0.22.1",
  "bytes",
+ "chrono",
  "codex-apply-patch",
+ "codex-login",
  "codex-mcp-client",
  "core_test_support",
  "dirs",
@@ -683,6 +697,7 @@ dependencies = [
  "serde",
  "serde_json",
  "sha1",
+ "shlex",
  "strum_macros 0.27.2",
  "tempfile",
  "thiserror 2.0.12",
@@ -696,6 +711,7 @@ dependencies = [
  "tree-sitter-bash",
  "uuid",
  "walkdir",
+ "whoami",
  "wildmatch",
  "wiremock",
 ]
@@ -705,14 +721,17 @@ name = "codex-exec"
 version = "0.0.0"
 dependencies = [
  "anyhow",
+ "assert_cmd",
  "chrono",
  "clap",
+ "codex-arg0",
  "codex-common",
  "codex-core",
- "codex-linux-sandbox",
  "owo-colors",
+ "predicates",
  "serde_json",
  "shlex",
+ "tempfile",
  "tokio",
  "tracing",
  "tracing-subscriber",
@@ -759,7 +778,6 @@ dependencies = [
  "clap",
  "codex-common",
  "codex-core",
- "dotenvy",
  "landlock",
  "libc",
  "seccompiler",
@@ -797,8 +815,8 @@ version = "0.0.0"
 dependencies = [
  "anyhow",
  "assert_cmd",
+ "codex-arg0",
  "codex-core",
- "codex-linux-sandbox",
  "mcp-types",
  "mcp_test_support",
  "pretty_assertions",
@@ -806,6 +824,7 @@ dependencies = [
  "serde",
  "serde_json",
  "shlex",
+ "strum_macros 0.27.2",
  "tempfile",
  "tokio",
  "tokio-test",
@@ -824,10 +843,10 @@ dependencies = [
  "base64 0.22.1",
  "clap",
  "codex-ansi-escape",
+ "codex-arg0",
  "codex-common",
  "codex-core",
  "codex-file-search",
- "codex-linux-sandbox",
  "codex-login",
  "color-eyre",
  "crossterm",
@@ -976,9 +995,9 @@ dependencies = [
 
 [[package]]
 name = "crc32fast"
-version = "1.4.2"
+version = "1.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3"
+checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511"
 dependencies = [
  "cfg-if",
 ]
@@ -1525,7 +1544,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0ce92ff622d6dadf7349484f42c93271a0d49b7cc4d466a936405bacbe10aa78"
 dependencies = [
  "cfg-if",
- "rustix 1.0.7",
+ "rustix 1.0.8",
  "windows-sys 0.59.0",
 ]
 
@@ -1974,9 +1993,9 @@ dependencies = [
 
 [[package]]
 name = "hyper-util"
-version = "0.1.15"
+version = "0.1.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f66d5bd4c6f02bf0542fad85d626775bab9258cf795a4256dcaf3161114d1df"
+checksum = "8d9b05277c7e8da2c93a568989bb6207bef0112e8d17df7a6eda4a3cf143bc5e"
 dependencies = [
  "base64 0.22.1",
  "bytes",
@@ -1990,7 +2009,7 @@ dependencies = [
  "libc",
  "percent-encoding",
  "pin-project-lite",
- "socket2",
+ "socket2 0.6.0",
  "system-configuration",
  "tokio",
  "tower-service",
@@ -2243,9 +2262,9 @@ dependencies = [
 
 [[package]]
 name = "instability"
-version = "0.3.7"
+version = "0.3.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0bf9fed6d91cfb734e7476a06bde8300a1b94e217e1b523b6f0cd1a01998c71d"
+checksum = "435d80800b936787d62688c927b6490e887c7ef5ff9ce922c6c6050fca75eb9a"
 dependencies = [
  "darling",
  "indoc",
@@ -2276,9 +2295,9 @@ dependencies = [
 
 [[package]]
 name = "io-uring"
-version = "0.7.8"
+version = "0.7.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b86e202f00093dcba4275d4636b93ef9dd75d025ae560d2521b45ea28ab49013"
+checksum = "d93587f37623a1a17d94ef2bc9ada592f5465fe7732084ab7beefabe5c77c0c4"
 dependencies = [
  "bitflags 2.9.1",
  "cfg-if",
@@ -2482,9 +2501,9 @@ dependencies = [
 
 [[package]]
 name = "libredox"
-version = "0.1.4"
+version = "0.1.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1580801010e535496706ba011c15f8532df6b42297d2e471fec38ceadd8c0638"
+checksum = "4488594b9328dee448adb906d8b126d9b7deb7cf5c22161ee591610bb1be83c0"
 dependencies = [
  "bitflags 2.9.1",
  "libc",
@@ -3357,8 +3376,7 @@ dependencies = [
 [[package]]
 name = "ratatui"
 version = "0.29.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eabd94c2f37801c20583fc49dd5cd6b0ba68c716787c2dd6ed18571e1e63117b"
+source = "git+https://github.com/nornagon/ratatui?branch=nornagon-v0.29.0-patch#bca287ddc5d38fe088c79e2eda22422b96226f2e"
 dependencies = [
  "bitflags 2.9.1",
  "cassowary",
@@ -3463,9 +3481,9 @@ dependencies = [
 
 [[package]]
 name = "redox_syscall"
-version = "0.5.13"
+version = "0.5.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0d04b7d0ee6b4a0207a0a7adb104d23ecb0b47d6beae7152d0fa34b692b29fd6"
+checksum = "7e8af0dde094006011e6a740d4879319439489813bd0bcdc7d821beaeeff48ec"
 dependencies = [
  "bitflags 2.9.1",
 ]
@@ -3613,9 +3631,9 @@ dependencies = [
 
 [[package]]
 name = "rgb"
-version = "0.8.51"
+version = "0.8.52"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a457e416a0f90d246a4c3288bd7a25b2304ca727f253f95be383dd17af56be8f"
+checksum = "0c6a884d2998352bb4daf0183589aec883f16a6da1f4dde84d8e2e9a5409a1ce"
 
 [[package]]
 name = "ring"
@@ -3691,22 +3709,22 @@ dependencies = [
 
 [[package]]
 name = "rustix"
-version = "1.0.7"
+version = "1.0.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c71e83d6afe7ff64890ec6b71d6a69bb8a610ab78ce364b3352876bb4c801266"
+checksum = "11181fbabf243db407ef8df94a6ce0b2f9a733bd8be4ad02b4eda9602296cac8"
 dependencies = [
  "bitflags 2.9.1",
  "errno",
  "libc",
  "linux-raw-sys 0.9.4",
- "windows-sys 0.59.0",
+ "windows-sys 0.60.2",
 ]
 
 [[package]]
 name = "rustls"
-version = "0.23.28"
+version = "0.23.29"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7160e3e10bf4535308537f3c4e1641468cd0e485175d6163087c0393c7d46643"
+checksum = "2491382039b29b9b11ff08b76ff6c97cf287671dbb74f0be44bda389fffe9bd1"
 dependencies = [
  "once_cell",
  "rustls-pki-types",
@@ -3726,9 +3744,9 @@ dependencies = [
 
 [[package]]
 name = "rustls-webpki"
-version = "0.103.3"
+version = "0.103.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e4a72fe2bcf7a6ac6fd7d0b9e5cb68aeb7d4c0a0271730218b3e92d43b4eb435"
+checksum = "0a17884ae0c1b773f1ccd2bd4a8c72f16da897310a98b0e84bf349ad5ead92fc"
 dependencies = [
  "ring",
  "rustls-pki-types",
@@ -3954,9 +3972,9 @@ dependencies = [
 
 [[package]]
 name = "serde_json"
-version = "1.0.140"
+version = "1.0.141"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "20068b6e96dc6c9bd23e01df8827e6c7e1f2fddd43c21810382803c136b99373"
+checksum = "30b9eff21ebe718216c6ec64e1d9ac57087aad11efc64e32002bce4a0d4c03d3"
 dependencies = [
  "indexmap 2.10.0",
  "itoa",
@@ -4149,6 +4167,16 @@ dependencies = [
  "windows-sys 0.52.0",
 ]
 
+[[package]]
+name = "socket2"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "233504af464074f9d066d7b5416c5f9b894a5862a6506e306f7b816cdd6f1807"
+dependencies = [
+ "libc",
+ "windows-sys 0.59.0",
+]
+
 [[package]]
 name = "stable_deref_trait"
 version = "1.2.0"
@@ -4440,7 +4468,7 @@ dependencies = [
  "fastrand",
  "getrandom 0.3.3",
  "once_cell",
- "rustix 1.0.7",
+ "rustix 1.0.8",
  "windows-sys 0.59.0",
 ]
 
@@ -4461,7 +4489,7 @@ version = "0.4.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "45c6481c4829e4cc63825e62c49186a34538b7b2750b73b266581ffb612fb5ed"
 dependencies = [
- "rustix 1.0.7",
+ "rustix 1.0.8",
  "windows-sys 0.59.0",
 ]
 
@@ -4607,7 +4635,7 @@ dependencies = [
  "pin-project-lite",
  "signal-hook-registry",
  "slab",
- "socket2",
+ "socket2 0.5.10",
  "tokio-macros",
  "windows-sys 0.52.0",
 ]
@@ -4749,9 +4777,9 @@ dependencies = [
 
 [[package]]
 name = "toml_writer"
-version = "1.0.0"
+version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b679217f2848de74cabd3e8fc5e6d66f40b7da40f8e1954d92054d9010690fd5"
+checksum = "fcc842091f2def52017664b53082ecbbeb5c7731092bad69d2c63050401dfd64"
 
 [[package]]
 name = "tower"
@@ -5128,6 +5156,12 @@ dependencies = [
  "wit-bindgen-rt",
 ]
 
+[[package]]
+name = "wasite"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b8dad83b4f25e74f184f64c43b150b91efe7647395b42289f38e50566d82855b"
+
 [[package]]
 name = "wasm-bindgen"
 version = "0.2.100"
@@ -5228,6 +5262,17 @@ version = "0.1.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a751b3277700db47d3e574514de2eced5e54dc8a5436a3bf7a0b248b2cee16f3"
 
+[[package]]
+name = "whoami"
+version = "1.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6994d13118ab492c3c80c1f81928718159254c53c472bf9ce36f8dae4add02a7"
+dependencies = [
+ "redox_syscall",
+ "wasite",
+ "web-sys",
+]
+
 [[package]]
 name = "wildmatch"
 version = "2.4.0"
@@ -5556,9 +5601,9 @@ checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486"
 
 [[package]]
 name = "winnow"
-version = "0.7.11"
+version = "0.7.12"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "74c7b26e3480b707944fc872477815d29a8e429d2f93a1ce000f5fa84a15cbcd"
+checksum = "f3edebf492c8125044983378ecb5766203ad3b4c2f7a922bd7dd207f6d443e95"
 dependencies = [
  "memchr",
 ]

codex-rs/Cargo.toml

@@ -3,6 +3,7 @@ resolver = "2"
 members = [
     "ansi-escape",
     "apply-patch",
+    "arg0",
     "cli",
     "common",
     "core",
@@ -40,3 +41,8 @@ strip = "symbols"
 
 # See https://github.com/openai/codex/issues/1411 for details.
 codegen-units = 1
+
+[patch.crates-io]
+# ratatui = { path = "../../ratatui" }
+ratatui = { git = "https://github.com/nornagon/ratatui", branch = "nornagon-v0.29.0-patch" }
+

codex-rs/arg0/Cargo.toml

@@ -0,0 +1,19 @@
+[package]
+name = "codex-arg0"
+version = { workspace = true }
+edition = "2024"
+
+[lib]
+name = "codex_arg0"
+path = "src/lib.rs"
+
+[lints]
+workspace = true
+
+[dependencies]
+anyhow = "1"
+codex-apply-patch = { path = "../apply-patch" }
+codex-core = { path = "../core" }
+codex-linux-sandbox = { path = "../linux-sandbox" }
+dotenvy = "0.15.7"
+tokio = { version = "1", features = ["rt-multi-thread"] }

codex-rs/arg0/src/lib.rs

@@ -0,0 +1,89 @@
+use std::future::Future;
+use std::path::Path;
+use std::path::PathBuf;
+
+/// While we want to deploy the Codex CLI as a single executable for simplicity,
+/// we also want to expose some of its functionality as distinct CLIs, so we use
+/// the "arg0 trick" to determine which CLI to dispatch. This effectively allows
+/// us to simulate deploying multiple executables as a single binary on Mac and
+/// Linux (but not Windows).
+///
+/// When the current executable is invoked through the hard-link or alias named
+/// `codex-linux-sandbox` we *directly* execute
+/// [`codex_linux_sandbox::run_main`] (which never returns). Otherwise we:
+///
+/// 1.  Use [`dotenvy::from_path`] and [`dotenvy::dotenv`] to modify the
+///     environment before creating any threads.
+/// 2.  Construct a Tokio multi-thread runtime.
+/// 3.  Derive the path to the current executable (so children can re-invoke the
+///     sandbox) when running on Linux.
+/// 4.  Execute the provided async `main_fn` inside that runtime, forwarding any
+///     error. Note that `main_fn` receives `codex_linux_sandbox_exe:
+///     Option<PathBuf>`, as an argument, which is generally needed as part of
+///     constructing [`codex_core::config::Config`].
+///
+/// This function should be used to wrap any `main()` function in binary crates
+/// in this workspace that depends on these helper CLIs.
+pub fn arg0_dispatch_or_else<F, Fut>(main_fn: F) -> anyhow::Result<()>
+where
+    F: FnOnce(Option<PathBuf>) -> Fut,
+    Fut: Future<Output = anyhow::Result<()>>,
+{
+    // Determine if we were invoked via the special alias.
+    let mut args = std::env::args_os();
+    let argv0 = args.next().unwrap_or_default();
+    let exe_name = Path::new(&argv0)
+        .file_name()
+        .and_then(|s| s.to_str())
+        .unwrap_or("");
+
+    if exe_name == "codex-linux-sandbox" {
+        // Safety: [`run_main`] never returns.
+        codex_linux_sandbox::run_main();
+    }
+
+    let argv1 = args.next().unwrap_or_default();
+    if argv1 == "--codex-run-as-apply-patch" {
+        let patch_arg = args.next().and_then(|s| s.to_str().map(|s| s.to_owned()));
+        let exit_code = match patch_arg {
+            Some(patch_arg) => {
+                let mut stdout = std::io::stdout();
+                let mut stderr = std::io::stderr();
+                match codex_apply_patch::apply_patch(&patch_arg, &mut stdout, &mut stderr) {
+                    Ok(()) => 0,
+                    Err(_) => 1,
+                }
+            }
+            None => {
+                eprintln!("Error: --codex-run-as-apply-patch requires a UTF-8 PATCH argument.");
+                1
+            }
+        };
+        std::process::exit(exit_code);
+    }
+
+    // This modifies the environment, which is not thread-safe, so do this
+    // before creating any threads/the Tokio runtime.
+    load_dotenv();
+
+    // Regular invocation – create a Tokio runtime and execute the provided
+    // async entry-point.
+    let runtime = tokio::runtime::Runtime::new()?;
+    runtime.block_on(async move {
+        let codex_linux_sandbox_exe: Option<PathBuf> = if cfg!(target_os = "linux") {
+            std::env::current_exe().ok()
+        } else {
+            None
+        };
+
+        main_fn(codex_linux_sandbox_exe).await
+    })
+}
+
+/// Load env vars from ~/.codex/.env and `$(pwd)/.env`.
+fn load_dotenv() {
+    if let Ok(codex_home) = codex_core::config::find_codex_home() {
+        dotenvy::from_path(codex_home.join(".env")).ok();
+    }
+    dotenvy::dotenv().ok();
+}

codex-rs/chatgpt/src/chatgpt_client.rs

@@ -21,10 +21,14 @@ pub(crate) async fn chatgpt_get_request<T: DeserializeOwned>(
     let token =
         get_chatgpt_token_data().ok_or_else(|| anyhow::anyhow!("ChatGPT token not available"))?;
 
+    let account_id = token.account_id.ok_or_else(|| {
+        anyhow::anyhow!("ChatGPT account ID not available, please re-run `codex login`")
+    });
+
     let response = client
         .get(&url)
         .bearer_auth(&token.access_token)
-        .header("chatgpt-account-id", &token.account_id)
+        .header("chatgpt-account-id", account_id?)
         .header("Content-Type", "application/json")
         .header("User-Agent", "codex-cli")
         .send()

codex-rs/chatgpt/src/chatgpt_token.rs

@@ -18,7 +18,10 @@ pub fn set_chatgpt_token_data(value: TokenData) {
 
 /// Initialize the ChatGPT token from auth.json file
 pub async fn init_chatgpt_token_from_auth(codex_home: &Path) -> std::io::Result<()> {
-    let auth_json = codex_login::try_read_auth_json(codex_home).await?;
-    set_chatgpt_token_data(auth_json.tokens.clone());
+    let auth = codex_login::load_auth(codex_home)?;
+    if let Some(auth) = auth {
+        let token_data = auth.get_token_data().await?;
+        set_chatgpt_token_data(token_data);
+    }
     Ok(())
 }

codex-rs/cli/Cargo.toml

@@ -18,12 +18,12 @@ workspace = true
 anyhow = "1"
 clap = { version = "4", features = ["derive"] }
 clap_complete = "4"
+codex-arg0 = { path = "../arg0" }
 codex-chatgpt = { path = "../chatgpt" }
 codex-core = { path = "../core" }
 codex-common = { path = "../common", features = ["cli"] }
 codex-exec = { path = "../exec" }
 codex-login = { path = "../login" }
-codex-linux-sandbox = { path = "../linux-sandbox" }
 codex-mcp-server = { path = "../mcp-server" }
 codex-tui = { path = "../tui" }
 serde_json = "1"

codex-rs/cli/src/login.rs

@@ -1,25 +1,12 @@
 use codex_common::CliConfigOverrides;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
+use codex_login::AuthMode;
+use codex_login::load_auth;
 use codex_login::login_with_chatgpt;
 
 pub async fn run_login_with_chatgpt(cli_config_overrides: CliConfigOverrides) -> ! {
-    let cli_overrides = match cli_config_overrides.parse_overrides() {
-        Ok(v) => v,
-        Err(e) => {
-            eprintln!("Error parsing -c overrides: {e}");
-            std::process::exit(1);
-        }
-    };
-
-    let config_overrides = ConfigOverrides::default();
-    let config = match Config::load_with_cli_overrides(cli_overrides, config_overrides) {
-        Ok(config) => config,
-        Err(e) => {
-            eprintln!("Error loading configuration: {e}");
-            std::process::exit(1);
-        }
-    };
+    let config = load_config_or_exit(cli_config_overrides);
 
     let capture_output = false;
     match login_with_chatgpt(&config.codex_home, capture_output).await {
@@ -33,3 +20,77 @@ pub async fn run_login_with_chatgpt(cli_config_overrides: CliConfigOverrides) ->
         }
     }
 }
+
+pub async fn run_login_status(cli_config_overrides: CliConfigOverrides) -> ! {
+    let config = load_config_or_exit(cli_config_overrides);
+
+    match load_auth(&config.codex_home) {
+        Ok(Some(auth)) => match auth.mode {
+            AuthMode::ApiKey => {
+                if let Some(api_key) = auth.api_key.as_deref() {
+                    eprintln!("Logged in using an API key - {}", safe_format_key(api_key));
+                } else {
+                    eprintln!("Logged in using an API key");
+                }
+                std::process::exit(0);
+            }
+            AuthMode::ChatGPT => {
+                eprintln!("Logged in using ChatGPT");
+                std::process::exit(0);
+            }
+        },
+        Ok(None) => {
+            eprintln!("Not logged in");
+            std::process::exit(1);
+        }
+        Err(e) => {
+            eprintln!("Error checking login status: {e}");
+            std::process::exit(1);
+        }
+    }
+}
+
+fn load_config_or_exit(cli_config_overrides: CliConfigOverrides) -> Config {
+    let cli_overrides = match cli_config_overrides.parse_overrides() {
+        Ok(v) => v,
+        Err(e) => {
+            eprintln!("Error parsing -c overrides: {e}");
+            std::process::exit(1);
+        }
+    };
+
+    let config_overrides = ConfigOverrides::default();
+    match Config::load_with_cli_overrides(cli_overrides, config_overrides) {
+        Ok(config) => config,
+        Err(e) => {
+            eprintln!("Error loading configuration: {e}");
+            std::process::exit(1);
+        }
+    }
+}
+
+fn safe_format_key(key: &str) -> String {
+    if key.len() <= 13 {
+        return "***".to_string();
+    }
+    let prefix = &key[..8];
+    let suffix = &key[key.len() - 5..];
+    format!("{prefix}***{suffix}")
+}
+
+#[cfg(test)]
+mod tests {
+    use super::safe_format_key;
+
+    #[test]
+    fn formats_long_key() {
+        let key = "sk-proj-1234567890ABCDE";
+        assert_eq!(safe_format_key(key), "sk-proj-***ABCDE");
+    }
+
+    #[test]
+    fn short_key_returns_stars() {
+        let key = "sk-proj-12345";
+        assert_eq!(safe_format_key(key), "***");
+    }
+}

codex-rs/cli/src/main.rs

@@ -2,10 +2,12 @@ use clap::CommandFactory;
 use clap::Parser;
 use clap_complete::Shell;
 use clap_complete::generate;
+use codex_arg0::arg0_dispatch_or_else;
 use codex_chatgpt::apply_command::ApplyCommand;
 use codex_chatgpt::apply_command::run_apply_command;
 use codex_cli::LandlockCommand;
 use codex_cli::SeatbeltCommand;
+use codex_cli::login::run_login_status;
 use codex_cli::login::run_login_with_chatgpt;
 use codex_cli::proto;
 use codex_common::CliConfigOverrides;
@@ -42,7 +44,7 @@ enum Subcommand {
     #[clap(visible_alias = "e")]
     Exec(ExecCli),
 
-    /// Login with ChatGPT.
+    /// Manage login.
     Login(LoginCommand),
 
     /// Experimental: run Codex as an MCP server.
@@ -89,10 +91,19 @@ enum DebugCommand {
 struct LoginCommand {
     #[clap(skip)]
     config_overrides: CliConfigOverrides,
+
+    #[command(subcommand)]
+    action: Option<LoginSubcommand>,
+}
+
+#[derive(Debug, clap::Subcommand)]
+enum LoginSubcommand {
+    /// Show login status.
+    Status,
 }
 
 fn main() -> anyhow::Result<()> {
-    codex_linux_sandbox::run_with_sandbox(|codex_linux_sandbox_exe| async move {
+    arg0_dispatch_or_else(|codex_linux_sandbox_exe| async move {
         cli_main(codex_linux_sandbox_exe).await?;
         Ok(())
     })
@@ -105,7 +116,7 @@ async fn cli_main(codex_linux_sandbox_exe: Option<PathBuf>) -> anyhow::Result<()
         None => {
             let mut tui_cli = cli.interactive;
             prepend_config_flags(&mut tui_cli.config_overrides, cli.config_overrides);
-            let usage = codex_tui::run_main(tui_cli, codex_linux_sandbox_exe)?;
+            let usage = codex_tui::run_main(tui_cli, codex_linux_sandbox_exe).await?;
             println!("{}", codex_core::protocol::FinalOutput::from(usage));
         }
         Some(Subcommand::Exec(mut exec_cli)) => {
@@ -117,7 +128,14 @@ async fn cli_main(codex_linux_sandbox_exe: Option<PathBuf>) -> anyhow::Result<()
         }
         Some(Subcommand::Login(mut login_cli)) => {
             prepend_config_flags(&mut login_cli.config_overrides, cli.config_overrides);
-            run_login_with_chatgpt(login_cli.config_overrides).await;
+            match login_cli.action {
+                Some(LoginSubcommand::Status) => {
+                    run_login_status(login_cli.config_overrides).await;
+                }
+                None => {
+                    run_login_with_chatgpt(login_cli.config_overrides).await;
+                }
+            }
         }
         Some(Subcommand::Proto(mut proto_cli)) => {
             prepend_config_flags(&mut proto_cli.config_overrides, cli.config_overrides);

codex-rs/cli/src/proto.rs

@@ -4,10 +4,12 @@ use std::sync::Arc;
 use clap::Parser;
 use codex_common::CliConfigOverrides;
 use codex_core::Codex;
+use codex_core::CodexSpawnOk;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
 use codex_core::protocol::Submission;
 use codex_core::util::notify_on_sigint;
+use codex_login::load_auth;
 use tokio::io::AsyncBufReadExt;
 use tokio::io::BufReader;
 use tracing::error;
@@ -34,8 +36,9 @@ pub async fn run_main(opts: ProtoCli) -> anyhow::Result<()> {
         .map_err(anyhow::Error::msg)?;
 
     let config = Config::load_with_cli_overrides(overrides_vec, ConfigOverrides::default())?;
+    let auth = load_auth(&config.codex_home)?;
     let ctrl_c = notify_on_sigint();
-    let (codex, _init_id, _session_id) = Codex::spawn(config, ctrl_c.clone()).await?;
+    let CodexSpawnOk { codex, .. } = Codex::spawn(config, auth, ctrl_c.clone()).await?;
     let codex = Arc::new(codex);
 
     // Task that reads JSON lines from stdin and forwards to Submission Queue

codex-rs/config.md

@@ -110,12 +110,15 @@ stream_idle_timeout_ms = 300000    # 5m idle timeout
 ```
 
 #### request_max_retries
+
 How many times Codex will retry a failed HTTP request to the model provider. Defaults to `4`.
 
 #### stream_max_retries
+
 Number of times Codex will attempt to reconnect when a streaming response is interrupted. Defaults to `10`.
 
 #### stream_idle_timeout_ms
+
 How long Codex will wait for activity on a streaming response before treating the connection as lost. Defaults to `300_000` (5 minutes).
 
 ## model_provider

codex-rs/core/Cargo.toml

@@ -17,6 +17,8 @@ base64 = "0.22"
 bytes = "1.10.1"
 codex-apply-patch = { path = "../apply-patch" }
 codex-mcp-client = { path = "../mcp-client" }
+chrono = { version = "0.4", features = ["serde"] }
+codex-login = { path = "../login" }
 dirs = "6"
 env-flags = "0.1.1"
 eventsource-stream = "0.2.3"
@@ -30,6 +32,7 @@ reqwest = { version = "0.12", features = ["json", "stream"] }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 sha1 = "0.10.6"
+shlex = "1.3.0"
 strum_macros = "0.27.2"
 thiserror = "2.0.12"
 time = { version = "0.3", features = ["formatting", "local-offset", "macros"] }
@@ -47,6 +50,8 @@ tree-sitter = "0.25.8"
 tree-sitter-bash = "0.25.0"
 uuid = { version = "1", features = ["serde", "v4"] }
 wildmatch = "2.4.0"
+whoami = "1.6.0"
+
 
 [target.'cfg(target_os = "linux")'.dependencies]
 landlock = "0.4.1"

codex-rs/core/README.md

@@ -2,9 +2,18 @@
 
 This crate implements the business logic for Codex. It is designed to be used by the various Codex UIs written in Rust.
 
-Though for non-Rust UIs, we are also working to define a _protocol_ for talking to Codex. See:
+## Dependencies
 
-- [Specification](../docs/protocol_v1.md)
-- [Rust types](./src/protocol.rs)
+Note that `codex-core` makes some assumptions about certain helper utilities being available in the environment. Currently, this
 
-You can use the `proto` subcommand using the executable in the [`cli` crate](../cli) to speak the protocol using newline-delimited-JSON over stdin/stdout.
+### macOS
+
+Expects `/usr/bin/sandbox-exec` to be present.
+
+### Linux
+
+Expects the binary containing `codex-core` to run the equivalent of `codex debug landlock` when `arg0` is `codex-linux-sandbox`. See the `codex-arg0` crate for details.
+
+### All Platforms
+
+Expects the binary containing `codex-core` to simulate the virtual `apply_patch` CLI when `arg1` is `--codex-run-as-apply-patch`. See the `codex-arg0` crate for details.

codex-rs/core/src/apply_patch.rs

@@ -0,0 +1,406 @@
+use crate::codex::Session;
+use crate::models::FunctionCallOutputPayload;
+use crate::models::ResponseInputItem;
+use crate::protocol::Event;
+use crate::protocol::EventMsg;
+use crate::protocol::FileChange;
+use crate::protocol::PatchApplyBeginEvent;
+use crate::protocol::PatchApplyEndEvent;
+use crate::protocol::ReviewDecision;
+use crate::safety::SafetyCheck;
+use crate::safety::assess_patch_safety;
+use anyhow::Context;
+use codex_apply_patch::AffectedPaths;
+use codex_apply_patch::ApplyPatchAction;
+use codex_apply_patch::ApplyPatchFileChange;
+use codex_apply_patch::print_summary;
+use std::collections::HashMap;
+use std::path::Path;
+use std::path::PathBuf;
+
+pub(crate) async fn apply_patch(
+    sess: &Session,
+    sub_id: String,
+    call_id: String,
+    action: ApplyPatchAction,
+) -> ResponseInputItem {
+    let writable_roots_snapshot = {
+        #[allow(clippy::unwrap_used)]
+        let guard = sess.writable_roots.lock().unwrap();
+        guard.clone()
+    };
+
+    let auto_approved = match assess_patch_safety(
+        &action,
+        sess.approval_policy,
+        &writable_roots_snapshot,
+        &sess.cwd,
+    ) {
+        SafetyCheck::AutoApprove { .. } => true,
+        SafetyCheck::AskUser => {
+            // Compute a readable summary of path changes to include in the
+            // approval request so the user can make an informed decision.
+            let rx_approve = sess
+                .request_patch_approval(sub_id.clone(), call_id.clone(), &action, None, None)
+                .await;
+            match rx_approve.await.unwrap_or_default() {
+                ReviewDecision::Approved | ReviewDecision::ApprovedForSession => false,
+                ReviewDecision::Denied | ReviewDecision::Abort => {
+                    return ResponseInputItem::FunctionCallOutput {
+                        call_id,
+                        output: FunctionCallOutputPayload {
+                            content: "patch rejected by user".to_string(),
+                            success: Some(false),
+                        },
+                    };
+                }
+            }
+        }
+        SafetyCheck::Reject { reason } => {
+            return ResponseInputItem::FunctionCallOutput {
+                call_id,
+                output: FunctionCallOutputPayload {
+                    content: format!("patch rejected: {reason}"),
+                    success: Some(false),
+                },
+            };
+        }
+    };
+
+    // Verify write permissions before touching the filesystem.
+    let writable_snapshot = {
+        #[allow(clippy::unwrap_used)]
+        sess.writable_roots.lock().unwrap().clone()
+    };
+
+    if let Some(offending) = first_offending_path(&action, &writable_snapshot, &sess.cwd) {
+        let root = offending.parent().unwrap_or(&offending).to_path_buf();
+
+        let reason = Some(format!(
+            "grant write access to {} for this session",
+            root.display()
+        ));
+
+        let rx = sess
+            .request_patch_approval(
+                sub_id.clone(),
+                call_id.clone(),
+                &action,
+                reason.clone(),
+                Some(root.clone()),
+            )
+            .await;
+
+        if !matches!(
+            rx.await.unwrap_or_default(),
+            ReviewDecision::Approved | ReviewDecision::ApprovedForSession
+        ) {
+            return ResponseInputItem::FunctionCallOutput {
+                call_id,
+                output: FunctionCallOutputPayload {
+                    content: "patch rejected by user".to_string(),
+                    success: Some(false),
+                },
+            };
+        }
+
+        // user approved, extend writable roots for this session
+        #[allow(clippy::unwrap_used)]
+        sess.writable_roots.lock().unwrap().push(root);
+    }
+
+    let _ = sess
+        .tx_event
+        .send(Event {
+            id: sub_id.clone(),
+            msg: EventMsg::PatchApplyBegin(PatchApplyBeginEvent {
+                call_id: call_id.clone(),
+                auto_approved,
+                changes: convert_apply_patch_to_protocol(&action),
+            }),
+        })
+        .await;
+
+    let mut stdout = Vec::new();
+    let mut stderr = Vec::new();
+    // Enforce writable roots. If a write is blocked, collect offending root
+    // and prompt the user to extend permissions.
+    let mut result = apply_changes_from_apply_patch_and_report(&action, &mut stdout, &mut stderr);
+
+    if let Err(err) = &result {
+        if err.kind() == std::io::ErrorKind::PermissionDenied {
+            // Determine first offending path.
+            let offending_opt = action
+                .changes()
+                .iter()
+                .flat_map(|(path, change)| match change {
+                    ApplyPatchFileChange::Add { .. } => vec![path.as_ref()],
+                    ApplyPatchFileChange::Delete => vec![path.as_ref()],
+                    ApplyPatchFileChange::Update {
+                        move_path: Some(move_path),
+                        ..
+                    } => {
+                        vec![path.as_ref(), move_path.as_ref()]
+                    }
+                    ApplyPatchFileChange::Update {
+                        move_path: None, ..
+                    } => vec![path.as_ref()],
+                })
+                .find_map(|path: &Path| {
+                    // ApplyPatchAction promises to guarantee absolute paths.
+                    if !path.is_absolute() {
+                        panic!("apply_patch invariant failed: path is not absolute: {path:?}");
+                    }
+
+                    let writable = {
+                        #[allow(clippy::unwrap_used)]
+                        let roots = sess.writable_roots.lock().unwrap();
+                        roots.iter().any(|root| path.starts_with(root))
+                    };
+                    if writable {
+                        None
+                    } else {
+                        Some(path.to_path_buf())
+                    }
+                });
+
+            if let Some(offending) = offending_opt {
+                let root = offending.parent().unwrap_or(&offending).to_path_buf();
+
+                let reason = Some(format!(
+                    "grant write access to {} for this session",
+                    root.display()
+                ));
+                let rx = sess
+                    .request_patch_approval(
+                        sub_id.clone(),
+                        call_id.clone(),
+                        &action,
+                        reason.clone(),
+                        Some(root.clone()),
+                    )
+                    .await;
+                if matches!(
+                    rx.await.unwrap_or_default(),
+                    ReviewDecision::Approved | ReviewDecision::ApprovedForSession
+                ) {
+                    // Extend writable roots.
+                    #[allow(clippy::unwrap_used)]
+                    sess.writable_roots.lock().unwrap().push(root);
+                    stdout.clear();
+                    stderr.clear();
+                    result = apply_changes_from_apply_patch_and_report(
+                        &action,
+                        &mut stdout,
+                        &mut stderr,
+                    );
+                }
+            }
+        }
+    }
+
+    // Emit PatchApplyEnd event.
+    let success_flag = result.is_ok();
+    let _ = sess
+        .tx_event
+        .send(Event {
+            id: sub_id.clone(),
+            msg: EventMsg::PatchApplyEnd(PatchApplyEndEvent {
+                call_id: call_id.clone(),
+                stdout: String::from_utf8_lossy(&stdout).to_string(),
+                stderr: String::from_utf8_lossy(&stderr).to_string(),
+                success: success_flag,
+            }),
+        })
+        .await;
+
+    match result {
+        Ok(_) => ResponseInputItem::FunctionCallOutput {
+            call_id,
+            output: FunctionCallOutputPayload {
+                content: String::from_utf8_lossy(&stdout).to_string(),
+                success: None,
+            },
+        },
+        Err(e) => ResponseInputItem::FunctionCallOutput {
+            call_id,
+            output: FunctionCallOutputPayload {
+                content: format!("error: {e:#}, stderr: {}", String::from_utf8_lossy(&stderr)),
+                success: Some(false),
+            },
+        },
+    }
+}
+
+/// Return the first path in `hunks` that is NOT under any of the
+/// `writable_roots` (after normalising). If all paths are acceptable,
+/// returns None.
+fn first_offending_path(
+    action: &ApplyPatchAction,
+    writable_roots: &[PathBuf],
+    cwd: &Path,
+) -> Option<PathBuf> {
+    let changes = action.changes();
+    for (path, change) in changes {
+        let candidate = match change {
+            ApplyPatchFileChange::Add { .. } => path,
+            ApplyPatchFileChange::Delete => path,
+            ApplyPatchFileChange::Update { move_path, .. } => move_path.as_ref().unwrap_or(path),
+        };
+
+        let abs = if candidate.is_absolute() {
+            candidate.clone()
+        } else {
+            cwd.join(candidate)
+        };
+
+        let mut allowed = false;
+        for root in writable_roots {
+            let root_abs = if root.is_absolute() {
+                root.clone()
+            } else {
+                cwd.join(root)
+            };
+            if abs.starts_with(&root_abs) {
+                allowed = true;
+                break;
+            }
+        }
+
+        if !allowed {
+            return Some(candidate.clone());
+        }
+    }
+    None
+}
+
+pub(crate) fn convert_apply_patch_to_protocol(
+    action: &ApplyPatchAction,
+) -> HashMap<PathBuf, FileChange> {
+    let changes = action.changes();
+    let mut result = HashMap::with_capacity(changes.len());
+    for (path, change) in changes {
+        let protocol_change = match change {
+            ApplyPatchFileChange::Add { content } => FileChange::Add {
+                content: content.clone(),
+            },
+            ApplyPatchFileChange::Delete => FileChange::Delete,
+            ApplyPatchFileChange::Update {
+                unified_diff,
+                move_path,
+                new_content: _new_content,
+            } => FileChange::Update {
+                unified_diff: unified_diff.clone(),
+                move_path: move_path.clone(),
+            },
+        };
+        result.insert(path.clone(), protocol_change);
+    }
+    result
+}
+
+fn apply_changes_from_apply_patch_and_report(
+    action: &ApplyPatchAction,
+    stdout: &mut impl std::io::Write,
+    stderr: &mut impl std::io::Write,
+) -> std::io::Result<()> {
+    match apply_changes_from_apply_patch(action) {
+        Ok(affected_paths) => {
+            print_summary(&affected_paths, stdout)?;
+        }
+        Err(err) => {
+            writeln!(stderr, "{err:?}")?;
+        }
+    }
+
+    Ok(())
+}
+
+fn apply_changes_from_apply_patch(action: &ApplyPatchAction) -> anyhow::Result<AffectedPaths> {
+    let mut added: Vec<PathBuf> = Vec::new();
+    let mut modified: Vec<PathBuf> = Vec::new();
+    let mut deleted: Vec<PathBuf> = Vec::new();
+
+    let changes = action.changes();
+    for (path, change) in changes {
+        match change {
+            ApplyPatchFileChange::Add { content } => {
+                if let Some(parent) = path.parent() {
+                    if !parent.as_os_str().is_empty() {
+                        std::fs::create_dir_all(parent).with_context(|| {
+                            format!("Failed to create parent directories for {}", path.display())
+                        })?;
+                    }
+                }
+                std::fs::write(path, content)
+                    .with_context(|| format!("Failed to write file {}", path.display()))?;
+                added.push(path.clone());
+            }
+            ApplyPatchFileChange::Delete => {
+                std::fs::remove_file(path)
+                    .with_context(|| format!("Failed to delete file {}", path.display()))?;
+                deleted.push(path.clone());
+            }
+            ApplyPatchFileChange::Update {
+                unified_diff: _unified_diff,
+                move_path,
+                new_content,
+            } => {
+                if let Some(move_path) = move_path {
+                    if let Some(parent) = move_path.parent() {
+                        if !parent.as_os_str().is_empty() {
+                            std::fs::create_dir_all(parent).with_context(|| {
+                                format!(
+                                    "Failed to create parent directories for {}",
+                                    move_path.display()
+                                )
+                            })?;
+                        }
+                    }
+
+                    std::fs::rename(path, move_path)
+                        .with_context(|| format!("Failed to rename file {}", path.display()))?;
+                    std::fs::write(move_path, new_content)?;
+                    modified.push(move_path.clone());
+                    deleted.push(path.clone());
+                } else {
+                    std::fs::write(path, new_content)?;
+                    modified.push(path.clone());
+                }
+            }
+        }
+    }
+
+    Ok(AffectedPaths {
+        added,
+        modified,
+        deleted,
+    })
+}
+
+pub(crate) fn get_writable_roots(cwd: &Path) -> Vec<PathBuf> {
+    let mut writable_roots = Vec::new();
+    if cfg!(target_os = "macos") {
+        // On macOS, $TMPDIR is private to the user.
+        writable_roots.push(std::env::temp_dir());
+
+        // Allow pyenv to update its shims directory. Without this, any tool
+        // that happens to be managed by `pyenv` will fail with an error like:
+        //
+        //   pyenv: cannot rehash: $HOME/.pyenv/shims isn't writable
+        //
+        // which is emitted every time `pyenv` tries to run `rehash` (for
+        // example, after installing a new Python package that drops an entry
+        // point). Although the sandbox is intentionally read‑only by default,
+        // writing to the user's local `pyenv` directory is safe because it
+        // is already user‑writable and scoped to the current user account.
+        if let Ok(home_dir) = std::env::var("HOME") {
+            let pyenv_dir = PathBuf::from(home_dir).join(".pyenv");
+            writable_roots.push(pyenv_dir);
+        }
+    }
+
+    writable_roots.push(cwd.to_path_buf());
+
+    writable_roots
+}

codex-rs/core/src/chat_completions.rs

@@ -30,6 +30,7 @@ use crate::util::backoff;
 pub(crate) async fn stream_chat_completions(
     prompt: &Prompt,
     model: &str,
+    include_plan_tool: bool,
     client: &reqwest::Client,
     provider: &ModelProviderInfo,
 ) -> Result<ResponseStream> {
@@ -39,6 +40,10 @@ pub(crate) async fn stream_chat_completions(
     let full_instructions = prompt.get_full_instructions(model);
     messages.push(json!({"role": "system", "content": full_instructions}));
 
+    if let Some(instr) = &prompt.user_instructions {
+        messages.push(json!({"role": "user", "content": instr}));
+    }
+
     for item in &prompt.input {
         match item {
             ResponseItem::Message { role, content, .. } => {
@@ -105,7 +110,7 @@ pub(crate) async fn stream_chat_completions(
         }
     }
 
-    let tools_json = create_tools_json_for_chat_completions_api(prompt, model)?;
+    let tools_json = create_tools_json_for_chat_completions_api(prompt, model, include_plan_tool)?;
     let payload = json!({
         "model": model,
         "messages": messages,

codex-rs/core/src/client.rs

@@ -3,6 +3,8 @@ use std::path::Path;
 use std::time::Duration;
 
 use bytes::Bytes;
+use codex_login::AuthMode;
+use codex_login::CodexAuth;
 use eventsource_stream::Eventsource;
 use futures::prelude::*;
 use reqwest::StatusCode;
@@ -28,10 +30,12 @@ use crate::config::Config;
 use crate::config_types::ReasoningEffort as ReasoningEffortConfig;
 use crate::config_types::ReasoningSummary as ReasoningSummaryConfig;
 use crate::error::CodexErr;
+use crate::error::EnvVarError;
 use crate::error::Result;
 use crate::flags::CODEX_RS_SSE_FIXTURE;
 use crate::model_provider_info::ModelProviderInfo;
 use crate::model_provider_info::WireApi;
+use crate::models::ContentItem;
 use crate::models::ResponseItem;
 use crate::openai_tools::create_tools_json_for_responses_api;
 use crate::protocol::TokenUsage;
@@ -41,6 +45,7 @@ use std::sync::Arc;
 #[derive(Clone)]
 pub struct ModelClient {
     config: Arc<Config>,
+    auth: Option<CodexAuth>,
     client: reqwest::Client,
     provider: ModelProviderInfo,
     session_id: Uuid,
@@ -51,6 +56,7 @@ pub struct ModelClient {
 impl ModelClient {
     pub fn new(
         config: Arc<Config>,
+        auth: Option<CodexAuth>,
         provider: ModelProviderInfo,
         effort: ReasoningEffortConfig,
         summary: ReasoningSummaryConfig,
@@ -58,6 +64,7 @@ impl ModelClient {
     ) -> Self {
         Self {
             config,
+            auth,
             client: reqwest::Client::new(),
             provider,
             session_id,
@@ -77,6 +84,7 @@ impl ModelClient {
                 let response_stream = stream_chat_completions(
                     prompt,
                     &self.config.model,
+                    self.config.include_plan_tool,
                     &self.client,
                     &self.provider,
                 )
@@ -114,28 +122,60 @@ impl ModelClient {
             return stream_from_fixture(path, self.provider.clone()).await;
         }
 
+        let auth = self.auth.as_ref().ok_or_else(|| {
+            CodexErr::EnvVar(EnvVarError {
+                var: "OPENAI_API_KEY".to_string(),
+                instructions: Some("Create an API key (https://platform.openai.com) and export it as an environment variable.".to_string()),
+            })
+        })?;
+
+        let store = prompt.store && auth.mode != AuthMode::ChatGPT;
+
+        let base_url = match self.provider.base_url.clone() {
+            Some(url) => url,
+            None => match auth.mode {
+                AuthMode::ChatGPT => "https://chatgpt.com/backend-api/codex".to_string(),
+                AuthMode::ApiKey => "https://api.openai.com/v1".to_string(),
+            },
+        };
+
+        let token = auth.get_token().await?;
+
         let full_instructions = prompt.get_full_instructions(&self.config.model);
-        let tools_json = create_tools_json_for_responses_api(prompt, &self.config.model)?;
+        let tools_json = create_tools_json_for_responses_api(
+            prompt,
+            &self.config.model,
+            self.config.include_plan_tool,
+        )?;
         let reasoning = create_reasoning_param_for_request(&self.config, self.effort, self.summary);
 
         // Request encrypted COT if we are not storing responses,
         // otherwise reasoning items will be referenced by ID
-        let include = if !prompt.store && reasoning.is_some() {
+        let include: Vec<String> = if !store && reasoning.is_some() {
             vec!["reasoning.encrypted_content".to_string()]
         } else {
             vec![]
         };
 
+        let mut input_with_instructions = Vec::with_capacity(prompt.input.len() + 1);
+        if let Some(ui) = &prompt.user_instructions {
+            input_with_instructions.push(ResponseItem::Message {
+                id: None,
+                role: "user".to_string(),
+                content: vec![ContentItem::InputText { text: ui.clone() }],
+            });
+        }
+        input_with_instructions.extend(prompt.input.clone());
+
         let payload = ResponsesApiRequest {
             model: &self.config.model,
             instructions: &full_instructions,
-            input: &prompt.input,
+            input: &input_with_instructions,
             tools: &tools_json,
             tool_choice: "auto",
             parallel_tool_calls: false,
             reasoning,
-            store: prompt.store,
-            // TODO: make this configurable
+            store,
             stream: true,
             include,
         };
@@ -148,17 +188,21 @@ impl ModelClient {
 
         let mut attempt = 0;
         let max_retries = self.provider.request_max_retries();
+
         loop {
             attempt += 1;
 
             let req_builder = self
-                .provider
-                .create_request_builder(&self.client)?
+                .client
+                .post(format!("{base_url}/responses"))
                 .header("OpenAI-Beta", "responses=experimental")
                 .header("session_id", self.session_id.to_string())
+                .bearer_auth(&token)
                 .header(reqwest::header::ACCEPT, "text/event-stream")
                 .json(&payload);
 
+            let req_builder = self.provider.apply_http_headers(req_builder);
+
             let res = req_builder.send().await;
             if let Ok(resp) = &res {
                 trace!(
@@ -567,7 +611,7 @@ mod tests {
 
         let provider = ModelProviderInfo {
             name: "test".to_string(),
-            base_url: "https://test.com".to_string(),
+            base_url: Some("https://test.com".to_string()),
             env_key: Some("TEST_API_KEY".to_string()),
             env_key_instructions: None,
             wire_api: WireApi::Responses,
@@ -577,6 +621,7 @@ mod tests {
             request_max_retries: Some(0),
             stream_max_retries: Some(0),
             stream_idle_timeout_ms: Some(1000),
+            requires_auth: false,
         };
 
         let events = collect_events(
@@ -626,7 +671,7 @@ mod tests {
         let sse1 = format!("event: response.output_item.done\ndata: {item1}\n\n");
         let provider = ModelProviderInfo {
             name: "test".to_string(),
-            base_url: "https://test.com".to_string(),
+            base_url: Some("https://test.com".to_string()),
             env_key: Some("TEST_API_KEY".to_string()),
             env_key_instructions: None,
             wire_api: WireApi::Responses,
@@ -636,6 +681,7 @@ mod tests {
             request_max_retries: Some(0),
             stream_max_retries: Some(0),
             stream_idle_timeout_ms: Some(1000),
+            requires_auth: false,
         };
 
         let events = collect_events(&[sse1.as_bytes()], provider).await;
@@ -728,7 +774,7 @@ mod tests {
 
             let provider = ModelProviderInfo {
                 name: "test".to_string(),
-                base_url: "https://test.com".to_string(),
+                base_url: Some("https://test.com".to_string()),
                 env_key: Some("TEST_API_KEY".to_string()),
                 env_key_instructions: None,
                 wire_api: WireApi::Responses,
@@ -738,6 +784,7 @@ mod tests {
                 request_max_retries: Some(0),
                 stream_max_retries: Some(0),
                 stream_idle_timeout_ms: Some(1000),
+                requires_auth: false,
             };
 
             let out = run_sse(evs, provider).await;

codex-rs/core/src/client_common.rs

@@ -44,9 +44,6 @@ impl Prompt {
             .as_deref()
             .unwrap_or(BASE_INSTRUCTIONS);
         let mut sections: Vec<&str> = vec![base];
-        if let Some(ref user) = self.user_instructions {
-            sections.push(user);
-        }
         if model.starts_with("gpt-4.1") {
             sections.push(APPLY_PATCH_TOOL_INSTRUCTIONS);
         }
@@ -188,3 +185,19 @@ impl Stream for ResponseStream {
         self.rx_event.poll_recv(cx)
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn get_full_instructions_no_user_content() {
+        let prompt = Prompt {
+            user_instructions: Some("custom instruction".to_string()),
+            ..Default::default()
+        };
+        let expected = format!("{BASE_INSTRUCTIONS}\n{APPLY_PATCH_TOOL_INSTRUCTIONS}");
+        let full = prompt.get_full_instructions("gpt-4.1");
+        assert_eq!(full, expected);
+    }
+}

codex-rs/core/src/codex.rs

@@ -4,22 +4,18 @@
 use std::borrow::Cow;
 use std::collections::HashMap;
 use std::collections::HashSet;
-use std::path::Path;
 use std::path::PathBuf;
 use std::sync::Arc;
 use std::sync::Mutex;
 use std::sync::atomic::AtomicU64;
 use std::time::Duration;
 
-use anyhow::Context;
 use async_channel::Receiver;
 use async_channel::Sender;
-use codex_apply_patch::AffectedPaths;
 use codex_apply_patch::ApplyPatchAction;
-use codex_apply_patch::ApplyPatchFileChange;
 use codex_apply_patch::MaybeApplyPatchVerified;
 use codex_apply_patch::maybe_parse_apply_patch_verified;
-use codex_apply_patch::print_summary;
+use codex_login::CodexAuth;
 use futures::prelude::*;
 use mcp_types::CallToolResult;
 use serde::Serialize;
@@ -34,6 +30,9 @@ use tracing::trace;
 use tracing::warn;
 use uuid::Uuid;
 
+use crate::apply_patch::convert_apply_patch_to_protocol;
+use crate::apply_patch::get_writable_roots;
+use crate::apply_patch::{self};
 use crate::client::ModelClient;
 use crate::client_common::Prompt;
 use crate::client_common::ResponseEvent;
@@ -57,6 +56,7 @@ use crate::models::ReasoningItemReasoningSummary;
 use crate::models::ResponseInputItem;
 use crate::models::ResponseItem;
 use crate::models::ShellToolCallParams;
+use crate::plan_tool::handle_update_plan;
 use crate::project_doc::get_user_instructions;
 use crate::protocol::AgentMessageDeltaEvent;
 use crate::protocol::AgentMessageEvent;
@@ -71,11 +71,8 @@ use crate::protocol::EventMsg;
 use crate::protocol::ExecApprovalRequestEvent;
 use crate::protocol::ExecCommandBeginEvent;
 use crate::protocol::ExecCommandEndEvent;
-use crate::protocol::FileChange;
 use crate::protocol::InputItem;
 use crate::protocol::Op;
-use crate::protocol::PatchApplyBeginEvent;
-use crate::protocol::PatchApplyEndEvent;
 use crate::protocol::ReviewDecision;
 use crate::protocol::SandboxPolicy;
 use crate::protocol::SessionConfiguredEvent;
@@ -84,7 +81,7 @@ use crate::protocol::TaskCompleteEvent;
 use crate::rollout::RolloutRecorder;
 use crate::safety::SafetyCheck;
 use crate::safety::assess_command_safety;
-use crate::safety::assess_patch_safety;
+use crate::shell;
 use crate::user_notification::UserNotification;
 use crate::util::backoff;
 
@@ -96,11 +93,22 @@ pub struct Codex {
     rx_event: Receiver<Event>,
 }
 
+/// Wrapper returned by [`Codex::spawn`] containing the spawned [`Codex`],
+/// the submission id for the initial `ConfigureSession` request and the
+/// unique session id.
+pub struct CodexSpawnOk {
+    pub codex: Codex,
+    pub init_id: String,
+    pub session_id: Uuid,
+}
+
 impl Codex {
-    /// Spawn a new [`Codex`] and initialize the session. Returns the instance
-    /// of `Codex` and the ID of the `SessionInitialized` event that was
-    /// submitted to start the session.
-    pub async fn spawn(config: Config, ctrl_c: Arc<Notify>) -> CodexResult<(Codex, String, Uuid)> {
+    /// Spawn a new [`Codex`] and initialize the session.
+    pub async fn spawn(
+        config: Config,
+        auth: Option<CodexAuth>,
+        ctrl_c: Arc<Notify>,
+    ) -> CodexResult<CodexSpawnOk> {
         // experimental resume path (undocumented)
         let resume_path = config.experimental_resume.clone();
         info!("resume_path: {resume_path:?}");
@@ -129,7 +137,7 @@ impl Codex {
         // Generate a unique ID for the lifetime of this Codex session.
         let session_id = Uuid::new_v4();
         tokio::spawn(submission_loop(
-            session_id, config, rx_sub, tx_event, ctrl_c,
+            session_id, config, auth, rx_sub, tx_event, ctrl_c,
         ));
         let codex = Codex {
             next_id: AtomicU64::new(0),
@@ -138,7 +146,11 @@ impl Codex {
         };
         let init_id = codex.submit(configure_session).await?;
 
-        Ok((codex, init_id, session_id))
+        Ok(CodexSpawnOk {
+            codex,
+            init_id,
+            session_id,
+        })
     }
 
     /// Submit the `op` wrapped in a `Submission` with a unique ID.
@@ -177,19 +189,19 @@ impl Codex {
 /// A session has at most 1 running task at a time, and can be interrupted by user input.
 pub(crate) struct Session {
     client: ModelClient,
-    tx_event: Sender<Event>,
+    pub(crate) tx_event: Sender<Event>,
     ctrl_c: Arc<Notify>,
 
     /// The session's current working directory. All relative paths provided by
     /// the model as well as sandbox policies are resolved against this path
     /// instead of `std::env::current_dir()`.
-    cwd: PathBuf,
+    pub(crate) cwd: PathBuf,
     base_instructions: Option<String>,
     user_instructions: Option<String>,
-    approval_policy: AskForApproval,
+    pub(crate) approval_policy: AskForApproval,
     sandbox_policy: SandboxPolicy,
     shell_environment_policy: ShellEnvironmentPolicy,
-    writable_roots: Mutex<Vec<PathBuf>>,
+    pub(crate) writable_roots: Mutex<Vec<PathBuf>>,
     disable_response_storage: bool,
 
     /// Manager for external MCP servers/tools.
@@ -204,6 +216,7 @@ pub(crate) struct Session {
     rollout: Mutex<Option<RolloutRecorder>>,
     state: Mutex<State>,
     codex_linux_sandbox_exe: Option<PathBuf>,
+    user_shell: shell::Shell,
 }
 
 impl Session {
@@ -517,6 +530,7 @@ impl AgentTask {
 async fn submission_loop(
     mut session_id: Uuid,
     config: Arc<Config>,
+    auth: Option<CodexAuth>,
     rx_sub: Receiver<Submission>,
     tx_event: Sender<Event>,
     ctrl_c: Arc<Notify>,
@@ -628,6 +642,7 @@ async fn submission_loop(
 
                 let client = ModelClient::new(
                     config.clone(),
+                    auth.clone(),
                     provider.clone(),
                     model_reasoning_effort,
                     model_reasoning_summary,
@@ -676,6 +691,7 @@ async fn submission_loop(
                         });
                     }
                 }
+                let default_shell = shell::default_user_shell().await;
                 sess = Some(Arc::new(Session {
                     client,
                     tx_event: tx_event.clone(),
@@ -693,6 +709,7 @@ async fn submission_loop(
                     rollout: Mutex::new(rollout_recorder),
                     codex_linux_sandbox_exe: config.codex_linux_sandbox_exe.clone(),
                     disable_response_storage,
+                    user_shell: default_shell,
                 }));
 
                 // Patch restored state into the newly created session.
@@ -812,6 +829,79 @@ async fn submission_loop(
                     }
                 });
             }
+            Op::SummarizeContext => {
+                let sess = match sess.as_ref() {
+                    Some(sess) => sess,
+                    None => {
+                        send_no_session_event(sub.id).await;
+                        continue;
+                    }
+                };
+
+                // Create a summarization request as user input
+                const SUMMARIZATION_PROMPT: &str = r#"
+                    You are the component that compacts a long coding session log into a structured memory object.
+
+                    This memory will become the ONLY reference for continuing the task.  
+                    All critical facts, user intentions, tool results, and file operations must be captured.  
+                    Omit filler talk and commentary. Do not invent information; use "none" if evidence is missing.  
+                    Output ONLY the XML object below. No extra text.
+
+                    <project_memory>
+                    <mission>
+                        <!-- One concise line describing the user’s main goal. -->
+                    </mission>
+
+                    <essentials>
+                        <!-- Bullet-like facts the agent must retain: commands, APIs, paths, configs, tickets, rules. -->
+                        <!-- Example:
+                            - Build cmd: `npm run build`
+                            - Repo branch: `feature/auth-refactor`
+                            - API version: v2
+                        -->
+                    </essentials>
+
+                    <workspace>
+                        <!-- Record file interactions and key observations. -->
+                        <!-- Example:
+                            - CREATED: `tests/login.test.ts` – initial test
+                            - MODIFIED: `src/auth.ts` – swapped jwt library
+                            - DELETED: none
+                        -->
+                    </workspace>
+
+                    <activity_log>
+                        <!-- Key actions and tool outputs in the recent session. -->
+                        <!-- Example:
+                            - Ran `npm test` – 1 failure in `User.test.ts`
+                            - Queried `grep 'oldAPI'` – 2 matches
+                        -->
+                    </activity_log>
+
+                    <next_steps>
+                        <!-- Stepwise plan; mark status. -->
+                        <!-- Example:
+                            1. [DONE] Identify old API usage
+                            2. [NEXT] Refactor `auth.ts` to new API
+                            3. [TODO] Update tests
+                        -->
+                    </next_steps>
+                    </project_memory>
+                "#;
+
+                let summarization_prompt = vec![InputItem::Text {
+                    text: SUMMARIZATION_PROMPT.to_string(),
+                }];
+
+                // Attempt to inject input into current task
+                if let Err(items) = sess.inject_input(summarization_prompt) {
+                    run_task(sess.clone(), sub.id, items).await;
+                    // only keep the last input item and clear the rest
+                    let mut pending_input = sess.state.lock().unwrap().pending_input.clone();
+                    pending_input.truncate(1);
+                    sess.state.lock().unwrap().pending_input = pending_input;
+                }
+            }
             Op::Shutdown => {
                 info!("Shutting down Codex instance");
 
@@ -1327,6 +1417,7 @@ async fn handle_function_call(
             };
             handle_container_exec_with_params(params, sess, sub_id, call_id).await
         }
+        "update_plan" => handle_update_plan(sess, arguments, sub_id, call_id).await,
         _ => {
             match sess.mcp_connection_manager.parse_tool_name(&name) {
                 Some((server, tool_name)) => {
@@ -1383,6 +1474,18 @@ fn parse_container_exec_arguments(
     }
 }
 
+fn maybe_run_with_user_profile(params: ExecParams, sess: &Session) -> ExecParams {
+    if sess.shell_environment_policy.use_profile {
+        let command = sess
+            .user_shell
+            .format_default_shell_invocation(params.command.clone());
+        if let Some(command) = command {
+            return ExecParams { command, ..params };
+        }
+    }
+    params
+}
+
 async fn handle_container_exec_with_params(
     params: ExecParams,
     sess: &Session,
@@ -1392,7 +1495,7 @@ async fn handle_container_exec_with_params(
     // check if this was a patch, and apply it if so
     match maybe_parse_apply_patch_verified(&params.command, &params.cwd) {
         MaybeApplyPatchVerified::Body(changes) => {
-            return apply_patch(sess, sub_id, call_id, changes).await;
+            return apply_patch::apply_patch(sess, sub_id, call_id, changes).await;
         }
         MaybeApplyPatchVerified::CorrectnessError(parse_error) => {
             // It looks like an invocation of `apply_patch`, but we
@@ -1469,6 +1572,7 @@ async fn handle_container_exec_with_params(
     sess.notify_exec_command_begin(&sub_id, &call_id, &params)
         .await;
 
+    let params = maybe_run_with_user_profile(params, sess);
     let output_result = process_exec_tool_call(
         params.clone(),
         sandbox_type,
@@ -1640,384 +1744,6 @@ async fn handle_sandbox_error(
     }
 }
 
-async fn apply_patch(
-    sess: &Session,
-    sub_id: String,
-    call_id: String,
-    action: ApplyPatchAction,
-) -> ResponseInputItem {
-    let writable_roots_snapshot = {
-        let guard = sess.writable_roots.lock().unwrap();
-        guard.clone()
-    };
-
-    let auto_approved = match assess_patch_safety(
-        &action,
-        sess.approval_policy,
-        &writable_roots_snapshot,
-        &sess.cwd,
-    ) {
-        SafetyCheck::AutoApprove { .. } => true,
-        SafetyCheck::AskUser => {
-            // Compute a readable summary of path changes to include in the
-            // approval request so the user can make an informed decision.
-            let rx_approve = sess
-                .request_patch_approval(sub_id.clone(), call_id.clone(), &action, None, None)
-                .await;
-            match rx_approve.await.unwrap_or_default() {
-                ReviewDecision::Approved | ReviewDecision::ApprovedForSession => false,
-                ReviewDecision::Denied | ReviewDecision::Abort => {
-                    return ResponseInputItem::FunctionCallOutput {
-                        call_id,
-                        output: FunctionCallOutputPayload {
-                            content: "patch rejected by user".to_string(),
-                            success: Some(false),
-                        },
-                    };
-                }
-            }
-        }
-        SafetyCheck::Reject { reason } => {
-            return ResponseInputItem::FunctionCallOutput {
-                call_id,
-                output: FunctionCallOutputPayload {
-                    content: format!("patch rejected: {reason}"),
-                    success: Some(false),
-                },
-            };
-        }
-    };
-
-    // Verify write permissions before touching the filesystem.
-    let writable_snapshot = { sess.writable_roots.lock().unwrap().clone() };
-
-    if let Some(offending) = first_offending_path(&action, &writable_snapshot, &sess.cwd) {
-        let root = offending.parent().unwrap_or(&offending).to_path_buf();
-
-        let reason = Some(format!(
-            "grant write access to {} for this session",
-            root.display()
-        ));
-
-        let rx = sess
-            .request_patch_approval(
-                sub_id.clone(),
-                call_id.clone(),
-                &action,
-                reason.clone(),
-                Some(root.clone()),
-            )
-            .await;
-
-        if !matches!(
-            rx.await.unwrap_or_default(),
-            ReviewDecision::Approved | ReviewDecision::ApprovedForSession
-        ) {
-            return ResponseInputItem::FunctionCallOutput {
-                call_id,
-                output: FunctionCallOutputPayload {
-                    content: "patch rejected by user".to_string(),
-                    success: Some(false),
-                },
-            };
-        }
-
-        // user approved, extend writable roots for this session
-        sess.writable_roots.lock().unwrap().push(root);
-    }
-
-    let _ = sess
-        .tx_event
-        .send(Event {
-            id: sub_id.clone(),
-            msg: EventMsg::PatchApplyBegin(PatchApplyBeginEvent {
-                call_id: call_id.clone(),
-                auto_approved,
-                changes: convert_apply_patch_to_protocol(&action),
-            }),
-        })
-        .await;
-
-    let mut stdout = Vec::new();
-    let mut stderr = Vec::new();
-    // Enforce writable roots. If a write is blocked, collect offending root
-    // and prompt the user to extend permissions.
-    let mut result = apply_changes_from_apply_patch_and_report(&action, &mut stdout, &mut stderr);
-
-    if let Err(err) = &result {
-        if err.kind() == std::io::ErrorKind::PermissionDenied {
-            // Determine first offending path.
-            let offending_opt = action
-                .changes()
-                .iter()
-                .flat_map(|(path, change)| match change {
-                    ApplyPatchFileChange::Add { .. } => vec![path.as_ref()],
-                    ApplyPatchFileChange::Delete => vec![path.as_ref()],
-                    ApplyPatchFileChange::Update {
-                        move_path: Some(move_path),
-                        ..
-                    } => {
-                        vec![path.as_ref(), move_path.as_ref()]
-                    }
-                    ApplyPatchFileChange::Update {
-                        move_path: None, ..
-                    } => vec![path.as_ref()],
-                })
-                .find_map(|path: &Path| {
-                    // ApplyPatchAction promises to guarantee absolute paths.
-                    if !path.is_absolute() {
-                        panic!("apply_patch invariant failed: path is not absolute: {path:?}");
-                    }
-
-                    let writable = {
-                        let roots = sess.writable_roots.lock().unwrap();
-                        roots.iter().any(|root| path.starts_with(root))
-                    };
-                    if writable {
-                        None
-                    } else {
-                        Some(path.to_path_buf())
-                    }
-                });
-
-            if let Some(offending) = offending_opt {
-                let root = offending.parent().unwrap_or(&offending).to_path_buf();
-
-                let reason = Some(format!(
-                    "grant write access to {} for this session",
-                    root.display()
-                ));
-                let rx = sess
-                    .request_patch_approval(
-                        sub_id.clone(),
-                        call_id.clone(),
-                        &action,
-                        reason.clone(),
-                        Some(root.clone()),
-                    )
-                    .await;
-                if matches!(
-                    rx.await.unwrap_or_default(),
-                    ReviewDecision::Approved | ReviewDecision::ApprovedForSession
-                ) {
-                    // Extend writable roots.
-                    sess.writable_roots.lock().unwrap().push(root);
-                    stdout.clear();
-                    stderr.clear();
-                    result = apply_changes_from_apply_patch_and_report(
-                        &action,
-                        &mut stdout,
-                        &mut stderr,
-                    );
-                }
-            }
-        }
-    }
-
-    // Emit PatchApplyEnd event.
-    let success_flag = result.is_ok();
-    let _ = sess
-        .tx_event
-        .send(Event {
-            id: sub_id.clone(),
-            msg: EventMsg::PatchApplyEnd(PatchApplyEndEvent {
-                call_id: call_id.clone(),
-                stdout: String::from_utf8_lossy(&stdout).to_string(),
-                stderr: String::from_utf8_lossy(&stderr).to_string(),
-                success: success_flag,
-            }),
-        })
-        .await;
-
-    match result {
-        Ok(_) => ResponseInputItem::FunctionCallOutput {
-            call_id,
-            output: FunctionCallOutputPayload {
-                content: String::from_utf8_lossy(&stdout).to_string(),
-                success: None,
-            },
-        },
-        Err(e) => ResponseInputItem::FunctionCallOutput {
-            call_id,
-            output: FunctionCallOutputPayload {
-                content: format!("error: {e:#}, stderr: {}", String::from_utf8_lossy(&stderr)),
-                success: Some(false),
-            },
-        },
-    }
-}
-
-/// Return the first path in `hunks` that is NOT under any of the
-/// `writable_roots` (after normalising). If all paths are acceptable,
-/// returns None.
-fn first_offending_path(
-    action: &ApplyPatchAction,
-    writable_roots: &[PathBuf],
-    cwd: &Path,
-) -> Option<PathBuf> {
-    let changes = action.changes();
-    for (path, change) in changes {
-        let candidate = match change {
-            ApplyPatchFileChange::Add { .. } => path,
-            ApplyPatchFileChange::Delete => path,
-            ApplyPatchFileChange::Update { move_path, .. } => move_path.as_ref().unwrap_or(path),
-        };
-
-        let abs = if candidate.is_absolute() {
-            candidate.clone()
-        } else {
-            cwd.join(candidate)
-        };
-
-        let mut allowed = false;
-        for root in writable_roots {
-            let root_abs = if root.is_absolute() {
-                root.clone()
-            } else {
-                cwd.join(root)
-            };
-            if abs.starts_with(&root_abs) {
-                allowed = true;
-                break;
-            }
-        }
-
-        if !allowed {
-            return Some(candidate.clone());
-        }
-    }
-    None
-}
-
-fn convert_apply_patch_to_protocol(action: &ApplyPatchAction) -> HashMap<PathBuf, FileChange> {
-    let changes = action.changes();
-    let mut result = HashMap::with_capacity(changes.len());
-    for (path, change) in changes {
-        let protocol_change = match change {
-            ApplyPatchFileChange::Add { content } => FileChange::Add {
-                content: content.clone(),
-            },
-            ApplyPatchFileChange::Delete => FileChange::Delete,
-            ApplyPatchFileChange::Update {
-                unified_diff,
-                move_path,
-                new_content: _new_content,
-            } => FileChange::Update {
-                unified_diff: unified_diff.clone(),
-                move_path: move_path.clone(),
-            },
-        };
-        result.insert(path.clone(), protocol_change);
-    }
-    result
-}
-
-fn apply_changes_from_apply_patch_and_report(
-    action: &ApplyPatchAction,
-    stdout: &mut impl std::io::Write,
-    stderr: &mut impl std::io::Write,
-) -> std::io::Result<()> {
-    match apply_changes_from_apply_patch(action) {
-        Ok(affected_paths) => {
-            print_summary(&affected_paths, stdout)?;
-        }
-        Err(err) => {
-            writeln!(stderr, "{err:?}")?;
-        }
-    }
-
-    Ok(())
-}
-
-fn apply_changes_from_apply_patch(action: &ApplyPatchAction) -> anyhow::Result<AffectedPaths> {
-    let mut added: Vec<PathBuf> = Vec::new();
-    let mut modified: Vec<PathBuf> = Vec::new();
-    let mut deleted: Vec<PathBuf> = Vec::new();
-
-    let changes = action.changes();
-    for (path, change) in changes {
-        match change {
-            ApplyPatchFileChange::Add { content } => {
-                if let Some(parent) = path.parent() {
-                    if !parent.as_os_str().is_empty() {
-                        std::fs::create_dir_all(parent).with_context(|| {
-                            format!("Failed to create parent directories for {}", path.display())
-                        })?;
-                    }
-                }
-                std::fs::write(path, content)
-                    .with_context(|| format!("Failed to write file {}", path.display()))?;
-                added.push(path.clone());
-            }
-            ApplyPatchFileChange::Delete => {
-                std::fs::remove_file(path)
-                    .with_context(|| format!("Failed to delete file {}", path.display()))?;
-                deleted.push(path.clone());
-            }
-            ApplyPatchFileChange::Update {
-                unified_diff: _unified_diff,
-                move_path,
-                new_content,
-            } => {
-                if let Some(move_path) = move_path {
-                    if let Some(parent) = move_path.parent() {
-                        if !parent.as_os_str().is_empty() {
-                            std::fs::create_dir_all(parent).with_context(|| {
-                                format!(
-                                    "Failed to create parent directories for {}",
-                                    move_path.display()
-                                )
-                            })?;
-                        }
-                    }
-
-                    std::fs::rename(path, move_path)
-                        .with_context(|| format!("Failed to rename file {}", path.display()))?;
-                    std::fs::write(move_path, new_content)?;
-                    modified.push(move_path.clone());
-                    deleted.push(path.clone());
-                } else {
-                    std::fs::write(path, new_content)?;
-                    modified.push(path.clone());
-                }
-            }
-        }
-    }
-
-    Ok(AffectedPaths {
-        added,
-        modified,
-        deleted,
-    })
-}
-
-fn get_writable_roots(cwd: &Path) -> Vec<PathBuf> {
-    let mut writable_roots = Vec::new();
-    if cfg!(target_os = "macos") {
-        // On macOS, $TMPDIR is private to the user.
-        writable_roots.push(std::env::temp_dir());
-
-        // Allow pyenv to update its shims directory. Without this, any tool
-        // that happens to be managed by `pyenv` will fail with an error like:
-        //
-        //   pyenv: cannot rehash: $HOME/.pyenv/shims isn't writable
-        //
-        // which is emitted every time `pyenv` tries to run `rehash` (for
-        // example, after installing a new Python package that drops an entry
-        // point). Although the sandbox is intentionally read‑only by default,
-        // writing to the user's local `pyenv` directory is safe because it
-        // is already user‑writable and scoped to the current user account.
-        if let Ok(home_dir) = std::env::var("HOME") {
-            let pyenv_dir = PathBuf::from(home_dir).join(".pyenv");
-            writable_roots.push(pyenv_dir);
-        }
-    }
-
-    writable_roots.push(cwd.to_path_buf());
-
-    writable_roots
-}
-
 /// Exec output is a pre-serialized JSON payload
 fn format_exec_output(output: &str, exit_code: i32, duration: Duration) -> String {
     #[derive(Serialize)]

codex-rs/core/src/codex_wrapper.rs

@@ -1,21 +1,37 @@
 use std::sync::Arc;
 
 use crate::Codex;
+use crate::CodexSpawnOk;
 use crate::config::Config;
 use crate::protocol::Event;
 use crate::protocol::EventMsg;
 use crate::util::notify_on_sigint;
+use codex_login::load_auth;
 use tokio::sync::Notify;
 use uuid::Uuid;
 
+/// Represents an active Codex conversation, including the first event
+/// (which is [`EventMsg::SessionConfigured`]).
+pub struct CodexConversation {
+    pub codex: Codex,
+    pub session_id: Uuid,
+    pub session_configured: Event,
+    pub ctrl_c: Arc<Notify>,
+}
+
 /// Spawn a new [`Codex`] and initialize the session.
 ///
 /// Returns the wrapped [`Codex`] **and** the `SessionInitialized` event that
 /// is received as a response to the initial `ConfigureSession` submission so
 /// that callers can surface the information to the UI.
-pub async fn init_codex(config: Config) -> anyhow::Result<(Codex, Event, Arc<Notify>, Uuid)> {
+pub async fn init_codex(config: Config) -> anyhow::Result<CodexConversation> {
     let ctrl_c = notify_on_sigint();
-    let (codex, init_id, session_id) = Codex::spawn(config, ctrl_c.clone()).await?;
+    let auth = load_auth(&config.codex_home)?;
+    let CodexSpawnOk {
+        codex,
+        init_id,
+        session_id,
+    } = Codex::spawn(config, auth, ctrl_c.clone()).await?;
 
     // The first event must be `SessionInitialized`. Validate and forward it to
     // the caller so that they can display it in the conversation history.
@@ -34,5 +50,10 @@ pub async fn init_codex(config: Config) -> anyhow::Result<(Codex, Event, Arc<Not
         ));
     }
 
-    Ok((codex, event, ctrl_c, session_id))
+    Ok(CodexConversation {
+        codex,
+        session_id,
+        session_configured: event,
+        ctrl_c,
+    })
 }

codex-rs/core/src/config.rs

@@ -143,6 +143,9 @@ pub struct Config {
 
     /// Experimental rollout resume path (absolute path to .jsonl; undocumented).
     pub experimental_resume: Option<PathBuf>,
+
+    /// Include an experimental plan tool that the model can use to update its current plan and status of each step.
+    pub include_plan_tool: bool,
 }
 
 impl Config {
@@ -366,6 +369,7 @@ pub struct ConfigOverrides {
     pub config_profile: Option<String>,
     pub codex_linux_sandbox_exe: Option<PathBuf>,
     pub base_instructions: Option<String>,
+    pub include_plan_tool: Option<bool>,
 }
 
 impl Config {
@@ -388,6 +392,7 @@ impl Config {
             config_profile: config_profile_key,
             codex_linux_sandbox_exe,
             base_instructions,
+            include_plan_tool,
         } = overrides;
 
         let config_profile = match config_profile_key.as_ref().or(cfg.profile.as_ref()) {
@@ -465,9 +470,14 @@ impl Config {
 
         let experimental_resume = cfg.experimental_resume;
 
-        let base_instructions = base_instructions.or(Self::get_base_instructions(
+        // Load base instructions override from a file if specified. If the
+        // path is relative, resolve it against the effective cwd so the
+        // behaviour matches other path-like config values.
+        let file_base_instructions = Self::get_base_instructions(
             cfg.experimental_instructions_file.as_ref(),
-        ));
+            &resolved_cwd,
+        )?;
+        let base_instructions = base_instructions.or(file_base_instructions);
 
         let config = Self {
             model,
@@ -518,6 +528,7 @@ impl Config {
                 .unwrap_or("https://chatgpt.com/backend-api/".to_string()),
 
             experimental_resume,
+            include_plan_tool: include_plan_tool.unwrap_or(false),
         };
         Ok(config)
     }
@@ -539,13 +550,46 @@ impl Config {
         })
     }
 
-    fn get_base_instructions(path: Option<&PathBuf>) -> Option<String> {
-        let path = path.as_ref()?;
+    fn get_base_instructions(
+        path: Option<&PathBuf>,
+        cwd: &Path,
+    ) -> std::io::Result<Option<String>> {
+        let p = match path.as_ref() {
+            None => return Ok(None),
+            Some(p) => p,
+        };
 
-        std::fs::read_to_string(path)
-            .ok()
-            .map(|s| s.trim().to_string())
-            .filter(|s| !s.is_empty())
+        // Resolve relative paths against the provided cwd to make CLI
+        // overrides consistent regardless of where the process was launched
+        // from.
+        let full_path = if p.is_relative() {
+            cwd.join(p)
+        } else {
+            p.to_path_buf()
+        };
+
+        let contents = std::fs::read_to_string(&full_path).map_err(|e| {
+            std::io::Error::new(
+                e.kind(),
+                format!(
+                    "failed to read experimental instructions file {}: {e}",
+                    full_path.display()
+                ),
+            )
+        })?;
+
+        let s = contents.trim().to_string();
+        if s.is_empty() {
+            Err(std::io::Error::new(
+                std::io::ErrorKind::InvalidData,
+                format!(
+                    "experimental instructions file is empty: {}",
+                    full_path.display()
+                ),
+            ))
+        } else {
+            Ok(Some(s))
+        }
     }
 }
 
@@ -751,7 +795,7 @@ disable_response_storage = true
 
         let openai_chat_completions_provider = ModelProviderInfo {
             name: "OpenAI using Chat Completions".to_string(),
-            base_url: "https://api.openai.com/v1".to_string(),
+            base_url: Some("https://api.openai.com/v1".to_string()),
             env_key: Some("OPENAI_API_KEY".to_string()),
             wire_api: crate::WireApi::Chat,
             env_key_instructions: None,
@@ -761,6 +805,7 @@ disable_response_storage = true
             request_max_retries: Some(4),
             stream_max_retries: Some(10),
             stream_idle_timeout_ms: Some(300_000),
+            requires_auth: false,
         };
         let model_provider_map = {
             let mut model_provider_map = built_in_model_providers();
@@ -791,7 +836,7 @@ disable_response_storage = true
     ///
     /// 1. custom command-line argument, e.g. `--model o3`
     /// 2. as part of a profile, where the `--profile` is specified via a CLI
-    ///    (or in the config file itelf)
+    ///    (or in the config file itself)
     /// 3. as an entry in `config.toml`, e.g. `model = "o3"`
     /// 4. the default value for a required field defined in code, e.g.,
     ///    `crate::flags::OPENAI_DEFAULT_MODEL`
@@ -841,6 +886,7 @@ disable_response_storage = true
                 chatgpt_base_url: "https://chatgpt.com/backend-api/".to_string(),
                 experimental_resume: None,
                 base_instructions: None,
+                include_plan_tool: false,
             },
             o3_profile_config
         );
@@ -889,6 +935,7 @@ disable_response_storage = true
             chatgpt_base_url: "https://chatgpt.com/backend-api/".to_string(),
             experimental_resume: None,
             base_instructions: None,
+            include_plan_tool: false,
         };
 
         assert_eq!(expected_gpt3_profile_config, gpt3_profile_config);
@@ -952,6 +999,7 @@ disable_response_storage = true
             chatgpt_base_url: "https://chatgpt.com/backend-api/".to_string(),
             experimental_resume: None,
             base_instructions: None,
+            include_plan_tool: false,
         };
 
         assert_eq!(expected_zdr_profile_config, zdr_profile_config);

codex-rs/core/src/config_types.rs

@@ -78,7 +78,7 @@ pub enum HistoryPersistence {
 #[derive(Deserialize, Debug, Clone, PartialEq, Default)]
 pub struct Tui {}
 
-#[derive(Deserialize, Debug, Clone, Copy, PartialEq, Default)]
+#[derive(Deserialize, Debug, Clone, Copy, PartialEq, Default, Serialize)]
 #[serde(rename_all = "kebab-case")]
 pub enum SandboxMode {
     #[serde(rename = "read-only")]
@@ -130,6 +130,8 @@ pub struct ShellEnvironmentPolicyToml {
 
     /// List of regular expressions.
     pub include_only: Option<Vec<String>>,
+
+    pub experimental_use_profile: Option<bool>,
 }
 
 pub type EnvironmentVariablePattern = WildMatchPattern<'*', '?'>;
@@ -158,6 +160,9 @@ pub struct ShellEnvironmentPolicy {
 
     /// Environment variable names to retain in the environment.
     pub include_only: Vec<EnvironmentVariablePattern>,
+
+    /// If true, the shell profile will be used to run the command.
+    pub use_profile: bool,
 }
 
 impl From<ShellEnvironmentPolicyToml> for ShellEnvironmentPolicy {
@@ -177,6 +182,7 @@ impl From<ShellEnvironmentPolicyToml> for ShellEnvironmentPolicy {
             .into_iter()
             .map(|s| EnvironmentVariablePattern::new_case_insensitive(&s))
             .collect();
+        let use_profile = toml.experimental_use_profile.unwrap_or(false);
 
         Self {
             inherit,
@@ -184,6 +190,7 @@ impl From<ShellEnvironmentPolicyToml> for ShellEnvironmentPolicy {
             exclude,
             r#set,
             include_only,
+            use_profile,
         }
     }
 }

codex-rs/core/src/exec.rs

@@ -17,6 +17,7 @@ use tokio::io::BufReader;
 use tokio::process::Child;
 use tokio::process::Command;
 use tokio::sync::Notify;
+use tracing::trace;
 
 use crate::error::CodexErr;
 use crate::error::Result;
@@ -82,7 +83,8 @@ pub async fn process_exec_tool_call(
 ) -> Result<ExecToolCallOutput> {
     let start = Instant::now();
 
-    let raw_output_result = match sandbox_type {
+    let raw_output_result: std::result::Result<RawExecToolCallOutput, CodexErr> = match sandbox_type
+    {
         SandboxType::None => exec(params, sandbox_policy, ctrl_c).await,
         SandboxType::MacosSeatbelt => {
             let ExecParams {
@@ -372,6 +374,10 @@ async fn spawn_child_async(
     stdio_policy: StdioPolicy,
     env: HashMap<String, String>,
 ) -> std::io::Result<Child> {
+    trace!(
+        "spawn_child_async: {program:?} {args:?} {arg0:?} {cwd:?} {sandbox_policy:?} {stdio_policy:?} {env:?}"
+    );
+
     let mut cmd = Command::new(&program);
     #[cfg(unix)]
     cmd.arg0(arg0.map_or_else(|| program.to_string_lossy().to_string(), String::from));

codex-rs/core/src/lib.rs

@@ -5,12 +5,14 @@
 // the TUI or the tracing stack).
 #![deny(clippy::print_stdout, clippy::print_stderr)]
 
+mod apply_patch;
 mod bash;
 mod chat_completions;
 mod client;
 mod client_common;
 pub mod codex;
 pub use codex::Codex;
+pub use codex::CodexSpawnOk;
 pub mod codex_wrapper;
 pub mod config;
 pub mod config_profile;
@@ -28,14 +30,16 @@ mod message_history;
 mod model_provider_info;
 pub use model_provider_info::ModelProviderInfo;
 pub use model_provider_info::WireApi;
+pub use model_provider_info::built_in_model_providers;
 mod models;
-pub mod openai_api_key;
 mod openai_model_info;
 mod openai_tools;
+pub mod plan_tool;
 mod project_doc;
 pub mod protocol;
 mod rollout;
 mod safety;
+pub mod shell;
 mod user_notification;
 pub mod util;
 

codex-rs/core/src/mcp_connection_manager.rs

@@ -8,6 +8,7 @@
 
 use std::collections::HashMap;
 use std::collections::HashSet;
+use std::ffi::OsString;
 use std::time::Duration;
 
 use anyhow::Context;
@@ -127,7 +128,12 @@ impl McpConnectionManager {
 
             join_set.spawn(async move {
                 let McpServerConfig { command, args, env } = cfg;
-                let client_res = McpClient::new_stdio_client(command, args, env).await;
+                let client_res = McpClient::new_stdio_client(
+                    command.into(),
+                    args.into_iter().map(OsString::from).collect(),
+                    env,
+                )
+                .await;
                 match client_res {
                     Ok(client) => {
                         // Initialize the client.

codex-rs/core/src/mcp_tool_call.rs

@@ -1,4 +1,5 @@
 use std::time::Duration;
+use std::time::Instant;
 
 use tracing::error;
 
@@ -7,6 +8,7 @@ use crate::models::FunctionCallOutputPayload;
 use crate::models::ResponseInputItem;
 use crate::protocol::Event;
 use crate::protocol::EventMsg;
+use crate::protocol::McpInvocation;
 use crate::protocol::McpToolCallBeginEvent;
 use crate::protocol::McpToolCallEndEvent;
 
@@ -41,21 +43,28 @@ pub(crate) async fn handle_mcp_tool_call(
         }
     };
 
-    let tool_call_begin_event = EventMsg::McpToolCallBegin(McpToolCallBeginEvent {
-        call_id: call_id.clone(),
+    let invocation = McpInvocation {
         server: server.clone(),
         tool: tool_name.clone(),
         arguments: arguments_value.clone(),
+    };
+
+    let tool_call_begin_event = EventMsg::McpToolCallBegin(McpToolCallBeginEvent {
+        call_id: call_id.clone(),
+        invocation: invocation.clone(),
     });
     notify_mcp_tool_call_event(sess, sub_id, tool_call_begin_event).await;
 
+    let start = Instant::now();
     // Perform the tool call.
     let result = sess
-        .call_tool(&server, &tool_name, arguments_value, timeout)
+        .call_tool(&server, &tool_name, arguments_value.clone(), timeout)
         .await
         .map_err(|e| format!("tool call error: {e}"));
     let tool_call_end_event = EventMsg::McpToolCallEnd(McpToolCallEndEvent {
         call_id: call_id.clone(),
+        invocation,
+        duration: start.elapsed(),
         result: result.clone(),
     });
 

codex-rs/core/src/model_provider_info.rs

@@ -12,7 +12,6 @@ use std::env::VarError;
 use std::time::Duration;
 
 use crate::error::EnvVarError;
-use crate::openai_api_key::get_openai_api_key;
 
 /// Value for the `OpenAI-Originator` header that is sent with requests to
 /// OpenAI.
@@ -30,7 +29,7 @@ const DEFAULT_REQUEST_MAX_RETRIES: u64 = 4;
 #[derive(Debug, Clone, Copy, Default, PartialEq, Eq, Serialize, Deserialize)]
 #[serde(rename_all = "lowercase")]
 pub enum WireApi {
-    /// The experimental "Responses" API exposed by OpenAI at `/v1/responses`.
+    /// The Responses API exposed by OpenAI at `/v1/responses`.
     Responses,
 
     /// Regular Chat Completions compatible with `/v1/chat/completions`.
@@ -44,7 +43,7 @@ pub struct ModelProviderInfo {
     /// Friendly display name.
     pub name: String,
     /// Base URL for the provider's OpenAI-compatible API.
-    pub base_url: String,
+    pub base_url: Option<String>,
     /// Environment variable that stores the user's API key for this provider.
     pub env_key: Option<String>,
 
@@ -78,6 +77,10 @@ pub struct ModelProviderInfo {
     /// Idle timeout (in milliseconds) to wait for activity on a streaming response before treating
     /// the connection as lost.
     pub stream_idle_timeout_ms: Option<u64>,
+
+    /// Whether this provider requires some form of standard authentication (API key, ChatGPT token).
+    #[serde(default)]
+    pub requires_auth: bool,
 }
 
 impl ModelProviderInfo {
@@ -93,11 +96,11 @@ impl ModelProviderInfo {
         &'a self,
         client: &'a reqwest::Client,
     ) -> crate::error::Result<reqwest::RequestBuilder> {
-        let api_key = self.api_key()?;
-
         let url = self.get_full_url();
 
         let mut builder = client.post(url);
+
+        let api_key = self.api_key()?;
         if let Some(key) = api_key {
             builder = builder.bearer_auth(key);
         }
@@ -117,9 +120,15 @@ impl ModelProviderInfo {
                     .join("&");
                 format!("?{full_params}")
             });
-        let base_url = &self.base_url;
+        let base_url = self
+            .base_url
+            .clone()
+            .unwrap_or("https://api.openai.com/v1".to_string());
+
         match self.wire_api {
-            WireApi::Responses => format!("{base_url}/responses{query_string}"),
+            WireApi::Responses => {
+                format!("{base_url}/responses{query_string}")
+            }
             WireApi::Chat => format!("{base_url}/chat/completions{query_string}"),
         }
     }
@@ -127,7 +136,10 @@ impl ModelProviderInfo {
     /// Apply provider-specific HTTP headers (both static and environment-based)
     /// onto an existing `reqwest::RequestBuilder` and return the updated
     /// builder.
-    fn apply_http_headers(&self, mut builder: reqwest::RequestBuilder) -> reqwest::RequestBuilder {
+    pub fn apply_http_headers(
+        &self,
+        mut builder: reqwest::RequestBuilder,
+    ) -> reqwest::RequestBuilder {
         if let Some(extra) = &self.http_headers {
             for (k, v) in extra {
                 builder = builder.header(k, v);
@@ -152,11 +164,7 @@ impl ModelProviderInfo {
     fn api_key(&self) -> crate::error::Result<Option<String>> {
         match &self.env_key {
             Some(env_key) => {
-                let env_value = if env_key == crate::openai_api_key::OPENAI_API_KEY_ENV_VAR {
-                    get_openai_api_key().map_or_else(|| Err(VarError::NotPresent), Ok)
-                } else {
-                    std::env::var(env_key)
-                };
+                let env_value = std::env::var(env_key);
                 env_value
                     .and_then(|v| {
                         if v.trim().is_empty() {
@@ -204,47 +212,51 @@ pub fn built_in_model_providers() -> HashMap<String, ModelProviderInfo> {
     // providers are bundled with Codex CLI, so we only include the OpenAI
     // provider by default. Users are encouraged to add to `model_providers`
     // in config.toml to add their own providers.
-    [
-        (
-            "openai",
-            P {
-                name: "OpenAI".into(),
-                // Allow users to override the default OpenAI endpoint by
-                // exporting `OPENAI_BASE_URL`. This is useful when pointing
-                // Codex at a proxy, mock server, or Azure-style deployment
-                // without requiring a full TOML override for the built-in
-                // OpenAI provider.
-                base_url: std::env::var("OPENAI_BASE_URL")
-                    .ok()
-                    .filter(|v| !v.trim().is_empty())
-                    .unwrap_or_else(|| "https://api.openai.com/v1".to_string()),
-                env_key: Some("OPENAI_API_KEY".into()),
-                env_key_instructions: Some("Create an API key (https://platform.openai.com) and export it as an environment variable.".into()),
-                wire_api: WireApi::Responses,
-                query_params: None,
-                http_headers: Some(
-                    [
-                        ("originator".to_string(), OPENAI_ORIGINATOR_HEADER.to_string()),
-                        ("version".to_string(), env!("CARGO_PKG_VERSION").to_string()),
-                    ]
-                        .into_iter()
-                        .collect(),
-                ),
-                env_http_headers: Some(
-                    [
-                        ("OpenAI-Organization".to_string(), "OPENAI_ORGANIZATION".to_string()),
-                        ("OpenAI-Project".to_string(), "OPENAI_PROJECT".to_string()),
-                    ]
-                        .into_iter()
-                        .collect(),
-                ),
-                // Use global defaults for retry/timeout unless overridden in config.toml.
-                request_max_retries: None,
-                stream_max_retries: None,
-                stream_idle_timeout_ms: None,
-            },
-        ),
-    ]
+    [(
+        "openai",
+        P {
+            name: "OpenAI".into(),
+            // Allow users to override the default OpenAI endpoint by
+            // exporting `OPENAI_BASE_URL`. This is useful when pointing
+            // Codex at a proxy, mock server, or Azure-style deployment
+            // without requiring a full TOML override for the built-in
+            // OpenAI provider.
+            base_url: std::env::var("OPENAI_BASE_URL")
+                .ok()
+                .filter(|v| !v.trim().is_empty()),
+            env_key: None,
+            env_key_instructions: None,
+            wire_api: WireApi::Responses,
+            query_params: None,
+            http_headers: Some(
+                [
+                    (
+                        "originator".to_string(),
+                        OPENAI_ORIGINATOR_HEADER.to_string(),
+                    ),
+                    ("version".to_string(), env!("CARGO_PKG_VERSION").to_string()),
+                ]
+                .into_iter()
+                .collect(),
+            ),
+            env_http_headers: Some(
+                [
+                    (
+                        "OpenAI-Organization".to_string(),
+                        "OPENAI_ORGANIZATION".to_string(),
+                    ),
+                    ("OpenAI-Project".to_string(), "OPENAI_PROJECT".to_string()),
+                ]
+                .into_iter()
+                .collect(),
+            ),
+            // Use global defaults for retry/timeout unless overridden in config.toml.
+            request_max_retries: None,
+            stream_max_retries: None,
+            stream_idle_timeout_ms: None,
+            requires_auth: true,
+        },
+    )]
     .into_iter()
     .map(|(k, v)| (k.to_string(), v))
     .collect()
@@ -264,7 +276,7 @@ base_url = "http://localhost:11434/v1"
         "#;
         let expected_provider = ModelProviderInfo {
             name: "Ollama".into(),
-            base_url: "http://localhost:11434/v1".into(),
+            base_url: Some("http://localhost:11434/v1".into()),
             env_key: None,
             env_key_instructions: None,
             wire_api: WireApi::Chat,
@@ -274,6 +286,7 @@ base_url = "http://localhost:11434/v1"
             request_max_retries: None,
             stream_max_retries: None,
             stream_idle_timeout_ms: None,
+            requires_auth: false,
         };
 
         let provider: ModelProviderInfo = toml::from_str(azure_provider_toml).unwrap();
@@ -290,7 +303,7 @@ query_params = { api-version = "2025-04-01-preview" }
         "#;
         let expected_provider = ModelProviderInfo {
             name: "Azure".into(),
-            base_url: "https://xxxxx.openai.azure.com/openai".into(),
+            base_url: Some("https://xxxxx.openai.azure.com/openai".into()),
             env_key: Some("AZURE_OPENAI_API_KEY".into()),
             env_key_instructions: None,
             wire_api: WireApi::Chat,
@@ -302,6 +315,7 @@ query_params = { api-version = "2025-04-01-preview" }
             request_max_retries: None,
             stream_max_retries: None,
             stream_idle_timeout_ms: None,
+            requires_auth: false,
         };
 
         let provider: ModelProviderInfo = toml::from_str(azure_provider_toml).unwrap();
@@ -319,7 +333,7 @@ env_http_headers = { "X-Example-Env-Header" = "EXAMPLE_ENV_VAR" }
         "#;
         let expected_provider = ModelProviderInfo {
             name: "Example".into(),
-            base_url: "https://example.com".into(),
+            base_url: Some("https://example.com".into()),
             env_key: Some("API_KEY".into()),
             env_key_instructions: None,
             wire_api: WireApi::Chat,
@@ -333,6 +347,7 @@ env_http_headers = { "X-Example-Env-Header" = "EXAMPLE_ENV_VAR" }
             request_max_retries: None,
             stream_max_retries: None,
             stream_idle_timeout_ms: None,
+            requires_auth: false,
         };
 
         let provider: ModelProviderInfo = toml::from_str(azure_provider_toml).unwrap();

codex-rs/core/src/openai_api_key.rs

@@ -1,24 +0,0 @@
-use std::env;
-use std::sync::LazyLock;
-use std::sync::RwLock;
-
-pub const OPENAI_API_KEY_ENV_VAR: &str = "OPENAI_API_KEY";
-
-static OPENAI_API_KEY: LazyLock<RwLock<Option<String>>> = LazyLock::new(|| {
-    let val = env::var(OPENAI_API_KEY_ENV_VAR)
-        .ok()
-        .and_then(|s| if s.is_empty() { None } else { Some(s) });
-    RwLock::new(val)
-});
-
-pub fn get_openai_api_key() -> Option<String> {
-    #![allow(clippy::unwrap_used)]
-    OPENAI_API_KEY.read().unwrap().clone()
-}
-
-pub fn set_openai_api_key(value: String) {
-    #![allow(clippy::unwrap_used)]
-    if !value.is_empty() {
-        *OPENAI_API_KEY.write().unwrap() = Some(value);
-    }
-}

codex-rs/core/src/openai_tools.rs

@@ -4,13 +4,14 @@ use std::collections::BTreeMap;
 use std::sync::LazyLock;
 
 use crate::client_common::Prompt;
+use crate::plan_tool::PLAN_TOOL;
 
 #[derive(Debug, Clone, Serialize)]
 pub(crate) struct ResponsesApiTool {
-    name: &'static str,
-    description: &'static str,
-    strict: bool,
-    parameters: JsonSchema,
+    pub(crate) name: &'static str,
+    pub(crate) description: &'static str,
+    pub(crate) strict: bool,
+    pub(crate) parameters: JsonSchema,
 }
 
 /// When serialized as JSON, this produces a valid "Tool" in the OpenAI
@@ -74,6 +75,7 @@ static DEFAULT_CODEX_MODEL_TOOLS: LazyLock<Vec<OpenAiTool>> =
 pub(crate) fn create_tools_json_for_responses_api(
     prompt: &Prompt,
     model: &str,
+    include_plan_tool: bool,
 ) -> crate::error::Result<Vec<serde_json::Value>> {
     // Assemble tool list: built-in tools + any extra tools from the prompt.
     let default_tools = if model.starts_with("codex") {
@@ -93,6 +95,10 @@ pub(crate) fn create_tools_json_for_responses_api(
             .map(|(name, tool)| mcp_tool_to_openai_tool(name, tool)),
     );
 
+    if include_plan_tool {
+        tools_json.push(serde_json::to_value(PLAN_TOOL.clone())?);
+    }
+
     Ok(tools_json)
 }
 
@@ -102,10 +108,12 @@ pub(crate) fn create_tools_json_for_responses_api(
 pub(crate) fn create_tools_json_for_chat_completions_api(
     prompt: &Prompt,
     model: &str,
+    include_plan_tool: bool,
 ) -> crate::error::Result<Vec<serde_json::Value>> {
     // We start with the JSON for the Responses API and than rewrite it to match
     // the chat completions tool call format.
-    let responses_api_tools_json = create_tools_json_for_responses_api(prompt, model)?;
+    let responses_api_tools_json =
+        create_tools_json_for_responses_api(prompt, model, include_plan_tool)?;
     let tools_json = responses_api_tools_json
         .into_iter()
         .filter_map(|mut tool| {

codex-rs/core/src/plan_tool.rs

@@ -0,0 +1,126 @@
+use std::collections::BTreeMap;
+use std::sync::LazyLock;
+
+use serde::Deserialize;
+use serde::Serialize;
+
+use crate::codex::Session;
+use crate::models::FunctionCallOutputPayload;
+use crate::models::ResponseInputItem;
+use crate::openai_tools::JsonSchema;
+use crate::openai_tools::OpenAiTool;
+use crate::openai_tools::ResponsesApiTool;
+use crate::protocol::Event;
+use crate::protocol::EventMsg;
+
+// Types for the TODO tool arguments matching codex-vscode/todo-mcp/src/main.rs
+#[derive(Debug, Clone, Serialize, Deserialize)]
+#[serde(rename_all = "snake_case")]
+pub enum StepStatus {
+    Pending,
+    InProgress,
+    Completed,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+#[serde(deny_unknown_fields)]
+pub struct PlanItemArg {
+    pub step: String,
+    pub status: StepStatus,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+#[serde(deny_unknown_fields)]
+pub struct UpdatePlanArgs {
+    #[serde(default)]
+    pub explanation: Option<String>,
+    pub plan: Vec<PlanItemArg>,
+}
+
+pub(crate) static PLAN_TOOL: LazyLock<OpenAiTool> = LazyLock::new(|| {
+    let mut plan_item_props = BTreeMap::new();
+    plan_item_props.insert("step".to_string(), JsonSchema::String);
+    plan_item_props.insert("status".to_string(), JsonSchema::String);
+
+    let plan_items_schema = JsonSchema::Array {
+        items: Box::new(JsonSchema::Object {
+            properties: plan_item_props,
+            required: &["step", "status"],
+            additional_properties: false,
+        }),
+    };
+
+    let mut properties = BTreeMap::new();
+    properties.insert("explanation".to_string(), JsonSchema::String);
+    properties.insert("plan".to_string(), plan_items_schema);
+
+    OpenAiTool::Function(ResponsesApiTool {
+        name: "update_plan",
+        description: r#"Use the update_plan tool to keep the user updated on the current plan for the task.
+After understanding the user's task, call the update_plan tool with an initial plan. An example of a plan:
+1. Explore the codebase to find relevant files (status: in_progress)
+2. Implement the feature in the XYZ component (status: pending)
+3. Commit changes and make a pull request (status: pending)
+Each step should be a short, 1-sentence description.
+Until all the steps are finished, there should always be exactly one in_progress step in the plan.
+Call the update_plan tool whenever you finish a step, marking the completed step as `completed` and marking the next step as `in_progress`.
+Before running a command, consider whether or not you have completed the previous step, and make sure to mark it as completed before moving on to the next step.
+Sometimes, you may need to change plans in the middle of a task: call `update_plan` with the updated plan and make sure to provide an `explanation` of the rationale when doing so.
+When all steps are completed, call update_plan one last time with all steps marked as `completed`."#,
+        strict: false,
+        parameters: JsonSchema::Object {
+            properties,
+            required: &["plan"],
+            additional_properties: false,
+        },
+    })
+});
+
+/// This function doesn't do anything useful. However, it gives the model a structured way to record its plan that clients can read and render.
+/// So it's the _inputs_ to this function that are useful to clients, not the outputs and neither are actually useful for the model other
+/// than forcing it to come up and document a plan (TBD how that affects performance).
+pub(crate) async fn handle_update_plan(
+    session: &Session,
+    arguments: String,
+    sub_id: String,
+    call_id: String,
+) -> ResponseInputItem {
+    match parse_update_plan_arguments(arguments, &call_id) {
+        Ok(args) => {
+            let output = ResponseInputItem::FunctionCallOutput {
+                call_id,
+                output: FunctionCallOutputPayload {
+                    content: "Plan updated".to_string(),
+                    success: Some(true),
+                },
+            };
+            session
+                .send_event(Event {
+                    id: sub_id.to_string(),
+                    msg: EventMsg::PlanUpdate(args),
+                })
+                .await;
+            output
+        }
+        Err(output) => *output,
+    }
+}
+
+fn parse_update_plan_arguments(
+    arguments: String,
+    call_id: &str,
+) -> Result<UpdatePlanArgs, Box<ResponseInputItem>> {
+    match serde_json::from_str::<UpdatePlanArgs>(&arguments) {
+        Ok(args) => Ok(args),
+        Err(e) => {
+            let output = ResponseInputItem::FunctionCallOutput {
+                call_id: call_id.to_string(),
+                output: FunctionCallOutputPayload {
+                    content: format!("failed to parse function arguments: {e}"),
+                    success: None,
+                },
+            };
+            Err(Box::new(output))
+        }
+    }
+}

codex-rs/core/src/protocol.rs

@@ -7,7 +7,8 @@ use std::collections::HashMap;
 use std::fmt;
 use std::path::Path;
 use std::path::PathBuf;
-use std::str::FromStr; // Added for FinalOutput Display implementation
+use std::str::FromStr;
+use std::time::Duration;
 
 use mcp_types::CallToolResult;
 use serde::Deserialize;
@@ -19,6 +20,7 @@ use crate::config_types::ReasoningEffort as ReasoningEffortConfig;
 use crate::config_types::ReasoningSummary as ReasoningSummaryConfig;
 use crate::message_history::HistoryEntry;
 use crate::model_provider_info::ModelProviderInfo;
+use crate::plan_tool::UpdatePlanArgs;
 
 /// Submission Queue Entry - requests from user
 #[derive(Debug, Clone, Deserialize, Serialize)]
@@ -119,6 +121,10 @@ pub enum Op {
     /// Request a single history entry identified by `log_id` + `offset`.
     GetHistoryEntryRequest { offset: usize, log_id: u64 },
 
+    /// Request the agent to summarize the current conversation context.
+    /// The agent will use its existing context (either conversation history or previous response id)
+    /// to generate a summary which will be returned as an AgentMessage event.
+    SummarizeContext,
     /// Request to shut down codex instance.
     Shutdown,
 }
@@ -278,8 +284,9 @@ pub struct Event {
 }
 
 /// Response event from the agent
-#[derive(Debug, Clone, Deserialize, Serialize)]
+#[derive(Debug, Clone, Deserialize, Serialize, Display)]
 #[serde(tag = "type", rename_all = "snake_case")]
+#[strum(serialize_all = "snake_case")]
 pub enum EventMsg {
     /// Error while executing a submission
     Error(ErrorEvent),
@@ -334,6 +341,8 @@ pub enum EventMsg {
     /// Response to GetHistoryEntryRequest.
     GetHistoryEntryResponse(GetHistoryEntryResponseEvent),
 
+    PlanUpdate(UpdatePlanArgs),
+
     /// Notification that the agent is shutting down.
     ShutdownComplete,
 }
@@ -410,9 +419,7 @@ pub struct AgentReasoningDeltaEvent {
 }
 
 #[derive(Debug, Clone, Deserialize, Serialize)]
-pub struct McpToolCallBeginEvent {
-    /// Identifier so this can be paired with the McpToolCallEnd event.
-    pub call_id: String,
+pub struct McpInvocation {
     /// Name of the MCP server as defined in the config.
     pub server: String,
     /// Name of the tool as given by the MCP server.
@@ -421,10 +428,19 @@ pub struct McpToolCallBeginEvent {
     pub arguments: Option<serde_json::Value>,
 }
 
+#[derive(Debug, Clone, Deserialize, Serialize)]
+pub struct McpToolCallBeginEvent {
+    /// Identifier so this can be paired with the McpToolCallEnd event.
+    pub call_id: String,
+    pub invocation: McpInvocation,
+}
+
 #[derive(Debug, Clone, Deserialize, Serialize)]
 pub struct McpToolCallEndEvent {
     /// Identifier for the corresponding McpToolCallBegin that finished.
     pub call_id: String,
+    pub invocation: McpInvocation,
+    pub duration: Duration,
     /// Result of the tool call. Note this could be an error.
     pub result: Result<CallToolResult, String>,
 }

codex-rs/core/src/rollout.rs

@@ -288,11 +288,13 @@ fn create_log_file(config: &Config, session_id: Uuid) -> std::io::Result<LogFile
 }
 
 async fn rollout_writer(
-    mut file: tokio::fs::File,
+    file: tokio::fs::File,
     mut rx: mpsc::Receiver<RolloutCmd>,
     mut meta: Option<SessionMeta>,
     cwd: std::path::PathBuf,
-) {
+) -> std::io::Result<()> {
+    let mut writer = JsonlWriter { file };
+
     // If we have a meta, collect git info asynchronously and write meta first
     if let Some(session_meta) = meta.take() {
         let git_info = collect_git_info(&cwd).await;
@@ -302,11 +304,7 @@ async fn rollout_writer(
         };
 
         // Write the SessionMeta as the first item in the file
-        if let Ok(json) = serde_json::to_string(&session_meta_with_git) {
-            let _ = file.write_all(json.as_bytes()).await;
-            let _ = file.write_all(b"\n").await;
-            let _ = file.flush().await;
-        }
+        writer.write_line(&session_meta_with_git).await?;
     }
 
     // Process rollout commands
@@ -320,15 +318,11 @@ async fn rollout_writer(
                         | ResponseItem::FunctionCall { .. }
                         | ResponseItem::FunctionCallOutput { .. }
                         | ResponseItem::Reasoning { .. } => {
-                            if let Ok(json) = serde_json::to_string(&item) {
-                                let _ = file.write_all(json.as_bytes()).await;
-                                let _ = file.write_all(b"\n").await;
-                            }
+                            writer.write_line(&item).await?;
                         }
                         ResponseItem::Other => {}
                     }
                 }
-                let _ = file.flush().await;
             }
             RolloutCmd::UpdateState(state) => {
                 #[derive(Serialize)]
@@ -337,18 +331,32 @@ async fn rollout_writer(
                     #[serde(flatten)]
                     state: &'a SessionStateSnapshot,
                 }
-                if let Ok(json) = serde_json::to_string(&StateLine {
-                    record_type: "state",
-                    state: &state,
-                }) {
-                    let _ = file.write_all(json.as_bytes()).await;
-                    let _ = file.write_all(b"\n").await;
-                    let _ = file.flush().await;
-                }
+                writer
+                    .write_line(&StateLine {
+                        record_type: "state",
+                        state: &state,
+                    })
+                    .await?;
             }
             RolloutCmd::Shutdown { ack } => {
                 let _ = ack.send(());
             }
         }
     }
+
+    Ok(())
+}
+
+struct JsonlWriter {
+    file: tokio::fs::File,
+}
+
+impl JsonlWriter {
+    async fn write_line(&mut self, item: &impl serde::Serialize) -> std::io::Result<()> {
+        let mut json = serde_json::to_string(item)?;
+        json.push('\n');
+        let _ = self.file.write_all(json.as_bytes()).await;
+        self.file.flush().await?;
+        Ok(())
+    }
 }

codex-rs/core/src/shell.rs

@@ -0,0 +1,236 @@
+use shlex;
+
+#[derive(Debug, PartialEq, Eq)]
+pub struct ZshShell {
+    shell_path: String,
+    zshrc_path: String,
+}
+
+#[derive(Debug, PartialEq, Eq)]
+pub enum Shell {
+    Zsh(ZshShell),
+    Unknown,
+}
+
+impl Shell {
+    pub fn format_default_shell_invocation(&self, command: Vec<String>) -> Option<Vec<String>> {
+        match self {
+            Shell::Zsh(zsh) => {
+                if !std::path::Path::new(&zsh.zshrc_path).exists() {
+                    return None;
+                }
+
+                let mut result = vec![zsh.shell_path.clone()];
+                result.push("-lc".to_string());
+
+                let joined = strip_bash_lc(&command)
+                    .or_else(|| shlex::try_join(command.iter().map(|s| s.as_str())).ok());
+
+                if let Some(joined) = joined {
+                    result.push(format!("source {} && ({joined})", zsh.zshrc_path));
+                } else {
+                    return None;
+                }
+                Some(result)
+            }
+            Shell::Unknown => None,
+        }
+    }
+}
+
+fn strip_bash_lc(command: &Vec<String>) -> Option<String> {
+    match command.as_slice() {
+        // exactly three items
+        [first, second, third]
+            // first two must be "bash", "-lc"
+            if first == "bash" && second == "-lc" =>
+        {
+            Some(third.clone())
+        }
+        _ => None,
+    }
+}
+
+#[cfg(target_os = "macos")]
+pub async fn default_user_shell() -> Shell {
+    use tokio::process::Command;
+    use whoami;
+
+    let user = whoami::username();
+    let home = format!("/Users/{user}");
+    let output = Command::new("dscl")
+        .args([".", "-read", &home, "UserShell"])
+        .output()
+        .await
+        .ok();
+    match output {
+        Some(o) => {
+            if !o.status.success() {
+                return Shell::Unknown;
+            }
+            let stdout = String::from_utf8_lossy(&o.stdout);
+            for line in stdout.lines() {
+                if let Some(shell_path) = line.strip_prefix("UserShell: ") {
+                    if shell_path.ends_with("/zsh") {
+                        return Shell::Zsh(ZshShell {
+                            shell_path: shell_path.to_string(),
+                            zshrc_path: format!("{home}/.zshrc"),
+                        });
+                    }
+                }
+            }
+
+            Shell::Unknown
+        }
+        _ => Shell::Unknown,
+    }
+}
+
+#[cfg(not(target_os = "macos"))]
+pub async fn default_user_shell() -> Shell {
+    Shell::Unknown
+}
+
+#[cfg(test)]
+#[cfg(target_os = "macos")]
+mod tests {
+    use super::*;
+    use std::process::Command;
+
+    #[tokio::test]
+    #[expect(clippy::unwrap_used)]
+    async fn test_current_shell_detects_zsh() {
+        let shell = Command::new("sh")
+            .arg("-c")
+            .arg("echo $SHELL")
+            .output()
+            .unwrap();
+
+        let home = std::env::var("HOME").unwrap();
+        let shell_path = String::from_utf8_lossy(&shell.stdout).trim().to_string();
+        if shell_path.ends_with("/zsh") {
+            assert_eq!(
+                default_user_shell().await,
+                Shell::Zsh(ZshShell {
+                    shell_path: shell_path.to_string(),
+                    zshrc_path: format!("{home}/.zshrc",),
+                })
+            );
+        }
+    }
+
+    #[tokio::test]
+    async fn test_run_with_profile_zshrc_not_exists() {
+        let shell = Shell::Zsh(ZshShell {
+            shell_path: "/bin/zsh".to_string(),
+            zshrc_path: "/does/not/exist/.zshrc".to_string(),
+        });
+        let actual_cmd = shell.format_default_shell_invocation(vec!["myecho".to_string()]);
+        assert_eq!(actual_cmd, None);
+    }
+
+    #[expect(clippy::unwrap_used)]
+    #[tokio::test]
+    async fn test_run_with_profile_escaping_and_execution() {
+        let shell_path = "/bin/zsh";
+
+        let cases = vec![
+            (
+                vec!["myecho"],
+                vec![shell_path, "-lc", "source ZSHRC_PATH && (myecho)"],
+                Some("It works!\n"),
+            ),
+            (
+                vec!["myecho"],
+                vec![shell_path, "-lc", "source ZSHRC_PATH && (myecho)"],
+                Some("It works!\n"),
+            ),
+            (
+                vec!["bash", "-c", "echo 'single' \"double\""],
+                vec![
+                    shell_path,
+                    "-lc",
+                    "source ZSHRC_PATH && (bash -c \"echo 'single' \\\"double\\\"\")",
+                ],
+                Some("single double\n"),
+            ),
+            (
+                vec!["bash", "-lc", "echo 'single' \"double\""],
+                vec![
+                    shell_path,
+                    "-lc",
+                    "source ZSHRC_PATH && (echo 'single' \"double\")",
+                ],
+                Some("single double\n"),
+            ),
+        ];
+        for (input, expected_cmd, expected_output) in cases {
+            use std::collections::HashMap;
+            use std::path::PathBuf;
+            use std::sync::Arc;
+
+            use tokio::sync::Notify;
+
+            use crate::exec::ExecParams;
+            use crate::exec::SandboxType;
+            use crate::exec::process_exec_tool_call;
+            use crate::protocol::SandboxPolicy;
+
+            // create a temp directory with a zshrc file in it
+            let temp_home = tempfile::tempdir().unwrap();
+            let zshrc_path = temp_home.path().join(".zshrc");
+            std::fs::write(
+                &zshrc_path,
+                r#"
+                    set -x
+                    function myecho {
+                        echo 'It works!'
+                    }
+                    "#,
+            )
+            .unwrap();
+            let shell = Shell::Zsh(ZshShell {
+                shell_path: shell_path.to_string(),
+                zshrc_path: zshrc_path.to_str().unwrap().to_string(),
+            });
+
+            let actual_cmd = shell
+                .format_default_shell_invocation(input.iter().map(|s| s.to_string()).collect());
+            let expected_cmd = expected_cmd
+                .iter()
+                .map(|s| {
+                    s.replace("ZSHRC_PATH", zshrc_path.to_str().unwrap())
+                        .to_string()
+                })
+                .collect();
+
+            assert_eq!(actual_cmd, Some(expected_cmd));
+            // Actually run the command and check output/exit code
+            let output = process_exec_tool_call(
+                ExecParams {
+                    command: actual_cmd.unwrap(),
+                    cwd: PathBuf::from(temp_home.path()),
+                    timeout_ms: None,
+                    env: HashMap::from([(
+                        "HOME".to_string(),
+                        temp_home.path().to_str().unwrap().to_string(),
+                    )]),
+                },
+                SandboxType::None,
+                Arc::new(Notify::new()),
+                &SandboxPolicy::DangerFullAccess,
+                &None,
+            )
+            .await
+            .unwrap();
+
+            assert_eq!(output.exit_code, 0, "input: {input:?} output: {output:?}");
+            if let Some(expected) = expected_output {
+                assert_eq!(
+                    output.stdout, expected,
+                    "input: {input:?} output: {output:?}"
+                );
+            }
+        }
+    }
+}

codex-rs/core/tests/cli_stream.rs

@@ -81,6 +81,96 @@ async fn chat_mode_stream_cli() {
     server.verify().await;
 }
 
+/// Verify that passing `-c experimental_instructions_file=...` to the CLI
+/// overrides the built-in base instructions by inspecting the request body
+/// received by a mock OpenAI Responses endpoint.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn exec_cli_applies_experimental_instructions_file() {
+    if std::env::var(CODEX_SANDBOX_NETWORK_DISABLED_ENV_VAR).is_ok() {
+        println!(
+            "Skipping test because it cannot execute when network is disabled in a Codex sandbox."
+        );
+        return;
+    }
+
+    // Start mock server which will capture the request and return a minimal
+    // SSE stream for a single turn.
+    let server = MockServer::start().await;
+    let sse = concat!(
+        "data: {\"type\":\"response.created\",\"response\":{}}\n\n",
+        "data: {\"type\":\"response.completed\",\"response\":{\"id\":\"r1\"}}\n\n"
+    );
+    Mock::given(method("POST"))
+        .and(path("/v1/responses"))
+        .respond_with(
+            ResponseTemplate::new(200)
+                .insert_header("content-type", "text/event-stream")
+                .set_body_raw(sse, "text/event-stream"),
+        )
+        .expect(1)
+        .mount(&server)
+        .await;
+
+    // Create a temporary instructions file with a unique marker we can assert
+    // appears in the outbound request payload.
+    let custom = TempDir::new().unwrap();
+    let marker = "cli-experimental-instructions-marker";
+    let custom_path = custom.path().join("instr.md");
+    std::fs::write(&custom_path, marker).unwrap();
+    let custom_path_str = custom_path.to_string_lossy().replace('\\', "/");
+
+    // Build a provider override that points at the mock server and instructs
+    // Codex to use the Responses API with the dummy env var.
+    let provider_override = format!(
+        "model_providers.mock={{ name = \"mock\", base_url = \"{}/v1\", env_key = \"PATH\", wire_api = \"responses\" }}",
+        server.uri()
+    );
+
+    let home = TempDir::new().unwrap();
+    let mut cmd = AssertCommand::new("cargo");
+    cmd.arg("run")
+        .arg("-p")
+        .arg("codex-cli")
+        .arg("--quiet")
+        .arg("--")
+        .arg("exec")
+        .arg("--skip-git-repo-check")
+        .arg("-c")
+        .arg(&provider_override)
+        .arg("-c")
+        .arg("model_provider=\"mock\"")
+        .arg("-c")
+        .arg(format!(
+            "experimental_instructions_file=\"{custom_path_str}\""
+        ))
+        .arg("-C")
+        .arg(env!("CARGO_MANIFEST_DIR"))
+        .arg("hello?\n");
+    cmd.env("CODEX_HOME", home.path())
+        .env("OPENAI_API_KEY", "dummy")
+        .env("OPENAI_BASE_URL", format!("{}/v1", server.uri()));
+
+    let output = cmd.output().unwrap();
+    println!("Status: {}", output.status);
+    println!("Stdout:\n{}", String::from_utf8_lossy(&output.stdout));
+    println!("Stderr:\n{}", String::from_utf8_lossy(&output.stderr));
+    assert!(output.status.success());
+
+    // Inspect the captured request and verify our custom base instructions were
+    // included in the `instructions` field.
+    let request = &server.received_requests().await.unwrap()[0];
+    let body = request.body_json::<serde_json::Value>().unwrap();
+    let instructions = body
+        .get("instructions")
+        .and_then(|v| v.as_str())
+        .unwrap_or_default()
+        .to_string();
+    assert!(
+        instructions.contains(marker),
+        "instructions did not contain custom marker; got: {instructions}"
+    );
+}
+
 /// Tests streaming responses through the CLI using a local SSE fixture file.
 /// This test:
 /// 1. Uses a pre-recorded SSE response fixture instead of a live server

codex-rs/core/tests/client.rs

@@ -1,10 +1,19 @@
+use std::path::PathBuf;
+
+use chrono::Utc;
 use codex_core::Codex;
+use codex_core::CodexSpawnOk;
 use codex_core::ModelProviderInfo;
+use codex_core::built_in_model_providers;
 use codex_core::exec::CODEX_SANDBOX_NETWORK_DISABLED_ENV_VAR;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::InputItem;
 use codex_core::protocol::Op;
 use codex_core::protocol::SessionConfiguredEvent;
+use codex_login::AuthDotJson;
+use codex_login::AuthMode;
+use codex_login::CodexAuth;
+use codex_login::TokenData;
 use core_test_support::load_default_config_for_test;
 use core_test_support::load_sse_fixture_with_id;
 use core_test_support::wait_for_event;
@@ -47,32 +56,23 @@ async fn includes_session_id_and_model_headers_in_request() {
         .await;
 
     let model_provider = ModelProviderInfo {
-        name: "openai".into(),
-        base_url: format!("{}/v1", server.uri()),
-        // Environment variable that should exist in the test environment.
-        // ModelClient will return an error if the environment variable for the
-        // provider is not set.
-        env_key: Some("PATH".into()),
-        env_key_instructions: None,
-        wire_api: codex_core::WireApi::Responses,
-        query_params: None,
-        http_headers: Some(
-            [("originator".to_string(), "codex_cli_rs".to_string())]
-                .into_iter()
-                .collect(),
-        ),
-        env_http_headers: None,
-        request_max_retries: Some(0),
-        stream_max_retries: Some(0),
-        stream_idle_timeout_ms: None,
+        base_url: Some(format!("{}/v1", server.uri())),
+        ..built_in_model_providers()["openai"].clone()
     };
 
     // Init session
     let codex_home = TempDir::new().unwrap();
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider = model_provider;
+
     let ctrl_c = std::sync::Arc::new(tokio::sync::Notify::new());
-    let (codex, _init_id, _session_id) = Codex::spawn(config, ctrl_c.clone()).await.unwrap();
+    let CodexSpawnOk { codex, .. } = Codex::spawn(
+        config,
+        Some(CodexAuth::from_api_key("Test API Key".to_string())),
+        ctrl_c.clone(),
+    )
+    .await
+    .unwrap();
 
     codex
         .submit(Op::UserInput {
@@ -94,15 +94,20 @@ async fn includes_session_id_and_model_headers_in_request() {
 
     // get request from the server
     let request = &server.received_requests().await.unwrap()[0];
-    let request_body = request.headers.get("session_id").unwrap();
-    let originator = request.headers.get("originator").unwrap();
+    let request_session_id = request.headers.get("session_id").unwrap();
+    let request_originator = request.headers.get("originator").unwrap();
+    let request_authorization = request.headers.get("authorization").unwrap();
 
     assert!(current_session_id.is_some());
     assert_eq!(
-        request_body.to_str().unwrap(),
+        request_session_id.to_str().unwrap(),
         current_session_id.as_ref().unwrap()
     );
-    assert_eq!(originator.to_str().unwrap(), "codex_cli_rs");
+    assert_eq!(request_originator.to_str().unwrap(), "codex_cli_rs");
+    assert_eq!(
+        request_authorization.to_str().unwrap(),
+        "Bearer Test API Key"
+    );
 }
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -125,22 +130,9 @@ async fn includes_base_instructions_override_in_request() {
         .await;
 
     let model_provider = ModelProviderInfo {
-        name: "openai".into(),
-        base_url: format!("{}/v1", server.uri()),
-        // Environment variable that should exist in the test environment.
-        // ModelClient will return an error if the environment variable for the
-        // provider is not set.
-        env_key: Some("PATH".into()),
-        env_key_instructions: None,
-        wire_api: codex_core::WireApi::Responses,
-        query_params: None,
-        http_headers: None,
-        env_http_headers: None,
-        request_max_retries: Some(0),
-        stream_max_retries: Some(0),
-        stream_idle_timeout_ms: None,
+        base_url: Some(format!("{}/v1", server.uri())),
+        ..built_in_model_providers()["openai"].clone()
     };
-
     let codex_home = TempDir::new().unwrap();
     let mut config = load_default_config_for_test(&codex_home);
 
@@ -148,7 +140,13 @@ async fn includes_base_instructions_override_in_request() {
     config.model_provider = model_provider;
 
     let ctrl_c = std::sync::Arc::new(tokio::sync::Notify::new());
-    let (codex, ..) = Codex::spawn(config, ctrl_c.clone()).await.unwrap();
+    let CodexSpawnOk { codex, .. } = Codex::spawn(
+        config,
+        Some(CodexAuth::from_api_key("Test API Key".to_string())),
+        ctrl_c.clone(),
+    )
+    .await
+    .unwrap();
 
     codex
         .submit(Op::UserInput {
@@ -171,3 +169,172 @@ async fn includes_base_instructions_override_in_request() {
             .contains("test instructions")
     );
 }
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn chatgpt_auth_sends_correct_request() {
+    #![allow(clippy::unwrap_used)]
+
+    if std::env::var(CODEX_SANDBOX_NETWORK_DISABLED_ENV_VAR).is_ok() {
+        println!(
+            "Skipping test because it cannot execute when network is disabled in a Codex sandbox."
+        );
+        return;
+    }
+
+    // Mock server
+    let server = MockServer::start().await;
+
+    // First request – must NOT include `previous_response_id`.
+    let first = ResponseTemplate::new(200)
+        .insert_header("content-type", "text/event-stream")
+        .set_body_raw(sse_completed("resp1"), "text/event-stream");
+
+    Mock::given(method("POST"))
+        .and(path("/api/codex/responses"))
+        .respond_with(first)
+        .expect(1)
+        .mount(&server)
+        .await;
+
+    let model_provider = ModelProviderInfo {
+        base_url: Some(format!("{}/api/codex", server.uri())),
+        ..built_in_model_providers()["openai"].clone()
+    };
+
+    // Init session
+    let codex_home = TempDir::new().unwrap();
+    let mut config = load_default_config_for_test(&codex_home);
+    config.model_provider = model_provider;
+    let ctrl_c = std::sync::Arc::new(tokio::sync::Notify::new());
+    let CodexSpawnOk { codex, .. } = Codex::spawn(
+        config,
+        Some(auth_from_token("Access Token".to_string())),
+        ctrl_c.clone(),
+    )
+    .await
+    .unwrap();
+
+    codex
+        .submit(Op::UserInput {
+            items: vec![InputItem::Text {
+                text: "hello".into(),
+            }],
+        })
+        .await
+        .unwrap();
+
+    let EventMsg::SessionConfigured(SessionConfiguredEvent { session_id, .. }) =
+        wait_for_event(&codex, |ev| matches!(ev, EventMsg::SessionConfigured(_))).await
+    else {
+        unreachable!()
+    };
+
+    let current_session_id = Some(session_id.to_string());
+    wait_for_event(&codex, |ev| matches!(ev, EventMsg::TaskComplete(_))).await;
+
+    // get request from the server
+    let request = &server.received_requests().await.unwrap()[0];
+    let request_session_id = request.headers.get("session_id").unwrap();
+    let request_originator = request.headers.get("originator").unwrap();
+    let request_authorization = request.headers.get("authorization").unwrap();
+    let request_body = request.body_json::<serde_json::Value>().unwrap();
+
+    assert!(current_session_id.is_some());
+    assert_eq!(
+        request_session_id.to_str().unwrap(),
+        current_session_id.as_ref().unwrap()
+    );
+    assert_eq!(request_originator.to_str().unwrap(), "codex_cli_rs");
+    assert_eq!(
+        request_authorization.to_str().unwrap(),
+        "Bearer Access Token"
+    );
+    assert!(!request_body["store"].as_bool().unwrap());
+    assert!(request_body["stream"].as_bool().unwrap());
+    assert_eq!(
+        request_body["include"][0].as_str().unwrap(),
+        "reasoning.encrypted_content"
+    );
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn includes_user_instructions_message_in_request() {
+    #![allow(clippy::unwrap_used)]
+
+    let server = MockServer::start().await;
+
+    let first = ResponseTemplate::new(200)
+        .insert_header("content-type", "text/event-stream")
+        .set_body_raw(sse_completed("resp1"), "text/event-stream");
+
+    Mock::given(method("POST"))
+        .and(path("/v1/responses"))
+        .respond_with(first)
+        .expect(1)
+        .mount(&server)
+        .await;
+
+    let model_provider = ModelProviderInfo {
+        base_url: Some(format!("{}/v1", server.uri())),
+        ..built_in_model_providers()["openai"].clone()
+    };
+
+    let codex_home = TempDir::new().unwrap();
+    let mut config = load_default_config_for_test(&codex_home);
+    config.model_provider = model_provider;
+    config.user_instructions = Some("be nice".to_string());
+
+    let ctrl_c = std::sync::Arc::new(tokio::sync::Notify::new());
+    let CodexSpawnOk { codex, .. } = Codex::spawn(
+        config,
+        Some(CodexAuth::from_api_key("Test API Key".to_string())),
+        ctrl_c.clone(),
+    )
+    .await
+    .unwrap();
+
+    codex
+        .submit(Op::UserInput {
+            items: vec![InputItem::Text {
+                text: "hello".into(),
+            }],
+        })
+        .await
+        .unwrap();
+
+    wait_for_event(&codex, |ev| matches!(ev, EventMsg::TaskComplete(_))).await;
+
+    let request = &server.received_requests().await.unwrap()[0];
+    let request_body = request.body_json::<serde_json::Value>().unwrap();
+
+    assert!(
+        !request_body["instructions"]
+            .as_str()
+            .unwrap()
+            .contains("be nice")
+    );
+    assert_eq!(request_body["input"][0]["role"], "user");
+    assert!(
+        request_body["input"][0]["content"][0]["text"]
+            .as_str()
+            .unwrap()
+            .starts_with("be nice")
+    );
+}
+fn auth_from_token(id_token: String) -> CodexAuth {
+    CodexAuth::new(
+        None,
+        AuthMode::ChatGPT,
+        PathBuf::new(),
+        Some(AuthDotJson {
+            tokens: TokenData {
+                id_token,
+                access_token: "Access Token".to_string(),
+                refresh_token: "test".to_string(),
+                account_id: None,
+            },
+            last_refresh: Utc::now(),
+            openai_api_key: None,
+        }),
+    )
+}

codex-rs/core/tests/live_agent.rs

@@ -20,6 +20,7 @@
 use std::time::Duration;
 
 use codex_core::Codex;
+use codex_core::CodexSpawnOk;
 use codex_core::error::CodexErr;
 use codex_core::protocol::AgentMessageEvent;
 use codex_core::protocol::ErrorEvent;
@@ -48,8 +49,8 @@ async fn spawn_codex() -> Result<Codex, CodexErr> {
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider.request_max_retries = Some(2);
     config.model_provider.stream_max_retries = Some(2);
-    let (agent, _init_id, _session_id) =
-        Codex::spawn(config, std::sync::Arc::new(Notify::new())).await?;
+    let CodexSpawnOk { codex: agent, .. } =
+        Codex::spawn(config, None, std::sync::Arc::new(Notify::new())).await?;
 
     Ok(agent)
 }

codex-rs/core/tests/stream_no_completed.rs

@@ -4,11 +4,13 @@
 use std::time::Duration;
 
 use codex_core::Codex;
+use codex_core::CodexSpawnOk;
 use codex_core::ModelProviderInfo;
 use codex_core::exec::CODEX_SANDBOX_NETWORK_DISABLED_ENV_VAR;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::InputItem;
 use codex_core::protocol::Op;
+use codex_login::CodexAuth;
 use core_test_support::load_default_config_for_test;
 use core_test_support::load_sse_fixture;
 use core_test_support::load_sse_fixture_with_id;
@@ -74,7 +76,7 @@ async fn retries_on_early_close() {
 
     let model_provider = ModelProviderInfo {
         name: "openai".into(),
-        base_url: format!("{}/v1", server.uri()),
+        base_url: Some(format!("{}/v1", server.uri())),
         // Environment variable that should exist in the test environment.
         // ModelClient will return an error if the environment variable for the
         // provider is not set.
@@ -88,13 +90,20 @@ async fn retries_on_early_close() {
         request_max_retries: Some(0),
         stream_max_retries: Some(1),
         stream_idle_timeout_ms: Some(2000),
+        requires_auth: false,
     };
 
     let ctrl_c = std::sync::Arc::new(tokio::sync::Notify::new());
     let codex_home = TempDir::new().unwrap();
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider = model_provider;
-    let (codex, _init_id, _session_id) = Codex::spawn(config, ctrl_c).await.unwrap();
+    let CodexSpawnOk { codex, .. } = Codex::spawn(
+        config,
+        Some(CodexAuth::from_api_key("Test API Key".to_string())),
+        ctrl_c,
+    )
+    .await
+    .unwrap();
 
     codex
         .submit(Op::UserInput {

codex-rs/core/tests/summarize_context.rs

@@ -0,0 +1,41 @@
+#![expect(clippy::unwrap_used, clippy::expect_used)]
+
+//! Tests for the `Op::SummarizeContext` operation added to verify that
+//! summarization requests are properly handled and injected as user input.
+
+use std::time::Duration;
+
+use codex_core::Codex;
+use codex_core::protocol::EventMsg;
+use codex_core::protocol::Op;
+use core_test_support::load_default_config_for_test;
+use tempfile::TempDir;
+use tokio::time::timeout;
+
+/// Helper function to set up a codex session and wait for it to be configured
+async fn setup_configured_codex_session() -> Codex {
+    let codex_home = TempDir::new().unwrap();
+    let config = load_default_config_for_test(&codex_home);
+    let codex_conversation = codex_core::codex_wrapper::init_codex(config).await.unwrap();
+    codex_conversation.codex
+}
+
+#[tokio::test]
+async fn test_summarize_context_spawns_new_agent_task() {
+    // Test the specific behavior: when there's no current task,
+    // SummarizeContext should spawn a new AgentTask with the summarization prompt
+    let codex = setup_configured_codex_session().await;
+
+    // At this point, there should be no current task running
+    let _sub_id = codex.submit(Op::SummarizeContext).await.unwrap();
+
+    let event = timeout(Duration::from_secs(5), codex.next_event())
+        .await
+        .expect("timeout waiting for task started event")
+        .expect("codex closed");
+
+    assert!(
+        matches!(event.msg, EventMsg::TaskStarted),
+        "Expected TaskStarted when no current task exists - should spawn new AgentTask"
+    );
+}

codex-rs/exec/Cargo.toml

@@ -18,13 +18,13 @@ workspace = true
 anyhow = "1"
 chrono = "0.4.40"
 clap = { version = "4", features = ["derive"] }
+codex-arg0 = { path = "../arg0" }
 codex-core = { path = "../core" }
 codex-common = { path = "../common", features = [
     "cli",
     "elapsed",
     "sandbox_summary",
 ] }
-codex-linux-sandbox = { path = "../linux-sandbox" }
 owo-colors = "4.2.0"
 serde_json = "1"
 shlex = "1.3.0"
@@ -37,3 +37,8 @@ tokio = { version = "1", features = [
 ] }
 tracing = { version = "0.1.41", features = ["log"] }
 tracing-subscriber = { version = "0.3.19", features = ["env-filter"] }
+
+[dev-dependencies]
+assert_cmd = "2"
+predicates = "3"
+tempfile = "3.13.0"

codex-rs/exec/src/event_processor_with_human_output.rs

@@ -1,5 +1,7 @@
+use codex_common::elapsed::format_duration;
 use codex_common::elapsed::format_elapsed;
 use codex_core::config::Config;
+use codex_core::plan_tool::UpdatePlanArgs;
 use codex_core::protocol::AgentMessageDeltaEvent;
 use codex_core::protocol::AgentMessageEvent;
 use codex_core::protocol::AgentReasoningDeltaEvent;
@@ -10,6 +12,7 @@ use codex_core::protocol::EventMsg;
 use codex_core::protocol::ExecCommandBeginEvent;
 use codex_core::protocol::ExecCommandEndEvent;
 use codex_core::protocol::FileChange;
+use codex_core::protocol::McpInvocation;
 use codex_core::protocol::McpToolCallBeginEvent;
 use codex_core::protocol::McpToolCallEndEvent;
 use codex_core::protocol::PatchApplyBeginEvent;
@@ -37,11 +40,6 @@ pub(crate) struct EventProcessorWithHumanOutput {
     call_id_to_command: HashMap<String, ExecCommandBegin>,
     call_id_to_patch: HashMap<String, PatchApplyBegin>,
 
-    /// Tracks in-flight MCP tool calls so we can calculate duration and print
-    /// a concise summary when the corresponding `McpToolCallEnd` event is
-    /// received.
-    call_id_to_tool_call: HashMap<String, McpToolCallBegin>,
-
     // To ensure that --color=never is respected, ANSI escapes _must_ be added
     // using .style() with one of these fields. If you need a new style, add a
     // new field here.
@@ -69,7 +67,6 @@ impl EventProcessorWithHumanOutput {
     ) -> Self {
         let call_id_to_command = HashMap::new();
         let call_id_to_patch = HashMap::new();
-        let call_id_to_tool_call = HashMap::new();
 
         if with_ansi {
             Self {
@@ -82,7 +79,6 @@ impl EventProcessorWithHumanOutput {
                 red: Style::new().red(),
                 green: Style::new().green(),
                 cyan: Style::new().cyan(),
-                call_id_to_tool_call,
                 show_agent_reasoning: !config.hide_agent_reasoning,
                 answer_started: false,
                 reasoning_started: false,
@@ -99,7 +95,6 @@ impl EventProcessorWithHumanOutput {
                 red: Style::new(),
                 green: Style::new(),
                 cyan: Style::new(),
-                call_id_to_tool_call,
                 show_agent_reasoning: !config.hide_agent_reasoning,
                 answer_started: false,
                 reasoning_started: false,
@@ -114,14 +109,6 @@ struct ExecCommandBegin {
     start_time: Instant,
 }
 
-/// Metadata captured when an `McpToolCallBegin` event is received.
-struct McpToolCallBegin {
-    /// Formatted invocation string, e.g. `server.tool({"city":"sf"})`.
-    invocation: String,
-    /// Timestamp when the call started so we can compute duration later.
-    start_time: Instant,
-}
-
 struct PatchApplyBegin {
     start_time: Instant,
     auto_approved: bool,
@@ -291,63 +278,33 @@ impl EventProcessor for EventProcessorWithHumanOutput {
                 println!("{}", truncated_output.style(self.dimmed));
             }
             EventMsg::McpToolCallBegin(McpToolCallBeginEvent {
-                call_id,
-                server,
-                tool,
-                arguments,
+                call_id: _,
+                invocation,
             }) => {
-                // Build fully-qualified tool name: server.tool
-                let fq_tool_name = format!("{server}.{tool}");
-
-                // Format arguments as compact JSON so they fit on one line.
-                let args_str = arguments
-                    .as_ref()
-                    .map(|v: &serde_json::Value| {
-                        serde_json::to_string(v).unwrap_or_else(|_| v.to_string())
-                    })
-                    .unwrap_or_default();
-
-                let invocation = if args_str.is_empty() {
-                    format!("{fq_tool_name}()")
-                } else {
-                    format!("{fq_tool_name}({args_str})")
-                };
-
-                self.call_id_to_tool_call.insert(
-                    call_id.clone(),
-                    McpToolCallBegin {
-                        invocation: invocation.clone(),
-                        start_time: Instant::now(),
-                    },
-                );
-
                 ts_println!(
                     self,
                     "{} {}",
                     "tool".style(self.magenta),
-                    invocation.style(self.bold),
+                    format_mcp_invocation(&invocation).style(self.bold),
                 );
             }
             EventMsg::McpToolCallEnd(tool_call_end_event) => {
                 let is_success = tool_call_end_event.is_success();
-                let McpToolCallEndEvent { call_id, result } = tool_call_end_event;
-                // Retrieve start time and invocation for duration calculation and labeling.
-                let info = self.call_id_to_tool_call.remove(&call_id);
-
-                let (duration, invocation) = if let Some(McpToolCallBegin {
+                let McpToolCallEndEvent {
+                    call_id: _,
+                    result,
                     invocation,
-                    start_time,
-                    ..
-                }) = info
-                {
-                    (format!(" in {}", format_elapsed(start_time)), invocation)
-                } else {
-                    (String::new(), format!("tool('{call_id}')"))
-                };
+                    duration,
+                } = tool_call_end_event;
+
+                let duration = format!(" in {}", format_duration(duration));
 
                 let status_str = if is_success { "success" } else { "failed" };
                 let title_style = if is_success { self.green } else { self.red };
-                let title = format!("{invocation} {status_str}{duration}:");
+                let title = format!(
+                    "{} {status_str}{duration}:",
+                    format_mcp_invocation(&invocation)
+                );
 
                 ts_println!(self, "{}", title.style(title_style));
 
@@ -513,6 +470,11 @@ impl EventProcessor for EventProcessorWithHumanOutput {
                 ts_println!(self, "model: {}", model);
                 println!();
             }
+            EventMsg::PlanUpdate(plan_update_event) => {
+                let UpdatePlanArgs { explanation, plan } = plan_update_event;
+                ts_println!(self, "explanation: {explanation:?}");
+                ts_println!(self, "plan: {plan:?}");
+            }
             EventMsg::GetHistoryEntryResponse(_) => {
                 // Currently ignored in exec output.
             }
@@ -538,3 +500,21 @@ fn format_file_change(change: &FileChange) -> &'static str {
         } => "M",
     }
 }
+
+fn format_mcp_invocation(invocation: &McpInvocation) -> String {
+    // Build fully-qualified tool name: server.tool
+    let fq_tool_name = format!("{}.{}", invocation.server, invocation.tool);
+
+    // Format arguments as compact JSON so they fit on one line.
+    let args_str = invocation
+        .arguments
+        .as_ref()
+        .map(|v: &serde_json::Value| serde_json::to_string(v).unwrap_or_else(|_| v.to_string()))
+        .unwrap_or_default();
+
+    if args_str.is_empty() {
+        format!("{fq_tool_name}()")
+    } else {
+        format!("{fq_tool_name}({args_str})")
+    }
+}

codex-rs/exec/src/lib.rs

@@ -9,7 +9,8 @@ use std::path::PathBuf;
 use std::sync::Arc;
 
 pub use cli::Cli;
-use codex_core::codex_wrapper;
+use codex_core::codex_wrapper::CodexConversation;
+use codex_core::codex_wrapper::{self};
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
 use codex_core::config_types::SandboxMode;
@@ -91,6 +92,20 @@ pub async fn run_main(cli: Cli, codex_linux_sandbox_exe: Option<PathBuf>) -> any
         ),
     };
 
+    // TODO(mbolin): Take a more thoughtful approach to logging.
+    let default_level = "error";
+    let _ = tracing_subscriber::fmt()
+        // Fallback to the `default_level` log filter if the environment
+        // variable is not set _or_ contains an invalid value
+        .with_env_filter(
+            EnvFilter::try_from_default_env()
+                .or_else(|_| EnvFilter::try_new(default_level))
+                .unwrap_or_else(|_| EnvFilter::new(default_level)),
+        )
+        .with_ansi(stderr_with_ansi)
+        .with_writer(std::io::stderr)
+        .try_init();
+
     let sandbox_mode = if full_auto {
         Some(SandboxMode::WorkspaceWrite)
     } else if dangerously_bypass_approvals_and_sandbox {
@@ -111,6 +126,7 @@ pub async fn run_main(cli: Cli, codex_linux_sandbox_exe: Option<PathBuf>) -> any
         model_provider: None,
         codex_linux_sandbox_exe,
         base_instructions: None,
+        include_plan_tool: None,
     };
     // Parse `-c` overrides.
     let cli_kv_overrides = match config_overrides.parse_overrides() {
@@ -141,23 +157,14 @@ pub async fn run_main(cli: Cli, codex_linux_sandbox_exe: Option<PathBuf>) -> any
         std::process::exit(1);
     }
 
-    // TODO(mbolin): Take a more thoughtful approach to logging.
-    let default_level = "error";
-    let _ = tracing_subscriber::fmt()
-        // Fallback to the `default_level` log filter if the environment
-        // variable is not set _or_ contains an invalid value
-        .with_env_filter(
-            EnvFilter::try_from_default_env()
-                .or_else(|_| EnvFilter::try_new(default_level))
-                .unwrap_or_else(|_| EnvFilter::new(default_level)),
-        )
-        .with_ansi(stderr_with_ansi)
-        .with_writer(std::io::stderr)
-        .try_init();
-
-    let (codex_wrapper, event, ctrl_c, _session_id) = codex_wrapper::init_codex(config).await?;
+    let CodexConversation {
+        codex: codex_wrapper,
+        session_configured,
+        ctrl_c,
+        ..
+    } = codex_wrapper::init_codex(config).await?;
     let codex = Arc::new(codex_wrapper);
-    info!("Codex initialized with event: {event:?}");
+    info!("Codex initialized with event: {session_configured:?}");
 
     let (tx, mut rx) = tokio::sync::mpsc::unbounded_channel::<Event>();
     {

codex-rs/exec/src/main.rs

@@ -10,6 +10,7 @@
 //! This allows us to ship a completely separate set of functionality as part
 //! of the `codex-exec` binary.
 use clap::Parser;
+use codex_arg0::arg0_dispatch_or_else;
 use codex_common::CliConfigOverrides;
 use codex_exec::Cli;
 use codex_exec::run_main;
@@ -24,7 +25,7 @@ struct TopCli {
 }
 
 fn main() -> anyhow::Result<()> {
-    codex_linux_sandbox::run_with_sandbox(|codex_linux_sandbox_exe| async move {
+    arg0_dispatch_or_else(|codex_linux_sandbox_exe| async move {
         let top_cli = TopCli::parse();
         // Merge root-level overrides into inner CLI struct so downstream logic remains unchanged.
         let mut inner = top_cli.inner;

codex-rs/exec/tests/apply_patch.rs

@@ -0,0 +1,38 @@
+use anyhow::Context;
+use assert_cmd::prelude::*;
+use std::fs;
+use std::process::Command;
+use tempfile::tempdir;
+
+/// While we may add an `apply-patch` subcommand to the `codex` CLI multitool
+/// at some point, we must ensure that the smaller `codex-exec` CLI can still
+/// emulate the `apply_patch` CLI.
+#[test]
+fn test_standalone_exec_cli_can_use_apply_patch() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    let relative_path = "source.txt";
+    let absolute_path = tmp.path().join(relative_path);
+    fs::write(&absolute_path, "original content\n")?;
+
+    Command::cargo_bin("codex-exec")
+        .context("should find binary for codex-exec")?
+        .arg("--codex-run-as-apply-patch")
+        .arg(
+            r#"*** Begin Patch
+*** Update File: source.txt
+@@
+-original content
++modified by apply_patch
+*** End Patch"#,
+        )
+        .current_dir(tmp.path())
+        .assert()
+        .success()
+        .stdout("Success. Updated the following files:\nM source.txt\n")
+        .stderr(predicates::str::is_empty());
+    assert_eq!(
+        fs::read_to_string(absolute_path)?,
+        "modified by apply_patch\n"
+    );
+    Ok(())
+}

codex-rs/linux-sandbox/Cargo.toml

@@ -14,15 +14,16 @@ path = "src/lib.rs"
 [lints]
 workspace = true
 
-[dependencies]
+[target.'cfg(target_os = "linux")'.dependencies]
 anyhow = "1"
 clap = { version = "4", features = ["derive"] }
 codex-common = { path = "../common", features = ["cli"] }
 codex-core = { path = "../core" }
-dotenvy = "0.15.7"
-tokio = { version = "1", features = ["rt-multi-thread"] }
+libc = "0.2.172"
+landlock = "0.4.1"
+seccompiler = "0.5.0"
 
-[dev-dependencies]
+[target.'cfg(target_os = "linux")'.dev-dependencies]
 tempfile = "3"
 tokio = { version = "1", features = [
     "io-std",
@@ -31,8 +32,3 @@ tokio = { version = "1", features = [
     "rt-multi-thread",
     "signal",
 ] }
-
-[target.'cfg(target_os = "linux")'.dependencies]
-libc = "0.2.172"
-landlock = "0.4.1"
-seccompiler = "0.5.0"

codex-rs/linux-sandbox/src/lib.rs

@@ -4,72 +4,11 @@ mod landlock;
 mod linux_run_main;
 
 #[cfg(target_os = "linux")]
-pub use linux_run_main::run_main;
-
-use std::future::Future;
-use std::path::PathBuf;
-
-/// Helper that consolidates the common boilerplate found in several Codex
-/// binaries (`codex`, `codex-exec`, `codex-tui`) around dispatching to the
-/// `codex-linux-sandbox` sub-command.
-///
-/// When the current executable is invoked through the hard-link or alias
-/// named `codex-linux-sandbox` we *directly* execute [`run_main`](crate::run_main)
-/// (which never returns). Otherwise we:
-/// 1.  Construct a Tokio multi-thread runtime.
-/// 2.  Derive the path to the current executable (so children can re-invoke
-///     the sandbox) when running on Linux.
-/// 3.  Execute the provided async `main_fn` inside that runtime, forwarding
-///     any error.
-///
-/// This function eliminates duplicated code across the various `main.rs`
-/// entry-points.
-pub fn run_with_sandbox<F, Fut>(main_fn: F) -> anyhow::Result<()>
-where
-    F: FnOnce(Option<PathBuf>) -> Fut,
-    Fut: Future<Output = anyhow::Result<()>>,
-{
-    use std::path::Path;
-
-    // Determine if we were invoked via the special alias.
-    let argv0 = std::env::args().next().unwrap_or_default();
-    let exe_name = Path::new(&argv0)
-        .file_name()
-        .and_then(|s| s.to_str())
-        .unwrap_or("");
-
-    if exe_name == "codex-linux-sandbox" {
-        // Safety: [`run_main`] never returns.
-        crate::run_main();
-    }
-
-    // This modifies the environment, which is not thread-safe, so do this
-    // before creating any threads/the Tokio runtime.
-    load_dotenv();
-
-    // Regular invocation – create a Tokio runtime and execute the provided
-    // async entry-point.
-    let runtime = tokio::runtime::Runtime::new()?;
-    runtime.block_on(async move {
-        let codex_linux_sandbox_exe: Option<PathBuf> = if cfg!(target_os = "linux") {
-            std::env::current_exe().ok()
-        } else {
-            None
-        };
-
-        main_fn(codex_linux_sandbox_exe).await
-    })
+pub fn run_main() -> ! {
+    linux_run_main::run_main();
 }
 
 #[cfg(not(target_os = "linux"))]
 pub fn run_main() -> ! {
     panic!("codex-linux-sandbox is only supported on Linux");
 }
-
-/// Load env vars from ~/.codex/.env and `$(pwd)/.env`.
-fn load_dotenv() {
-    if let Ok(codex_home) = codex_core::config::find_codex_home() {
-        dotenvy::from_path(codex_home.join(".env")).ok();
-    }
-    dotenvy::dotenv().ok();
-}

codex-rs/login/src/lib.rs

@@ -1,19 +1,152 @@
 use chrono::DateTime;
+
 use chrono::Utc;
 use serde::Deserialize;
 use serde::Serialize;
+use std::env;
 use std::fs::OpenOptions;
 use std::io::Read;
 use std::io::Write;
 #[cfg(unix)]
 use std::os::unix::fs::OpenOptionsExt;
 use std::path::Path;
+use std::path::PathBuf;
 use std::process::Stdio;
+use std::sync::Arc;
+use std::sync::Mutex;
+use std::time::Duration;
 use tokio::process::Command;
 
 const SOURCE_FOR_PYTHON_SERVER: &str = include_str!("./login_with_chatgpt.py");
 
 const CLIENT_ID: &str = "app_EMoamEEZ73f0CkXaXp7hrann";
+const OPENAI_API_KEY_ENV_VAR: &str = "OPENAI_API_KEY";
+
+#[derive(Clone, Debug, PartialEq)]
+pub enum AuthMode {
+    ApiKey,
+    ChatGPT,
+}
+
+#[derive(Debug, Clone)]
+pub struct CodexAuth {
+    pub api_key: Option<String>,
+    pub mode: AuthMode,
+    auth_dot_json: Arc<Mutex<Option<AuthDotJson>>>,
+    auth_file: PathBuf,
+}
+
+impl PartialEq for CodexAuth {
+    fn eq(&self, other: &Self) -> bool {
+        self.mode == other.mode
+    }
+}
+
+impl CodexAuth {
+    pub fn new(
+        api_key: Option<String>,
+        mode: AuthMode,
+        auth_file: PathBuf,
+        auth_dot_json: Option<AuthDotJson>,
+    ) -> Self {
+        let auth_dot_json = Arc::new(Mutex::new(auth_dot_json));
+        Self {
+            api_key,
+            mode,
+            auth_file,
+            auth_dot_json,
+        }
+    }
+
+    pub fn from_api_key(api_key: String) -> Self {
+        Self {
+            api_key: Some(api_key),
+            mode: AuthMode::ApiKey,
+            auth_file: PathBuf::new(),
+            auth_dot_json: Arc::new(Mutex::new(None)),
+        }
+    }
+
+    pub async fn get_token_data(&self) -> Result<TokenData, std::io::Error> {
+        #[expect(clippy::unwrap_used)]
+        let auth_dot_json = self.auth_dot_json.lock().unwrap().clone();
+
+        match auth_dot_json {
+            Some(auth_dot_json) => {
+                if auth_dot_json.last_refresh < Utc::now() - chrono::Duration::days(28) {
+                    let refresh_response = tokio::time::timeout(
+                        Duration::from_secs(60),
+                        try_refresh_token(auth_dot_json.tokens.refresh_token.clone()),
+                    )
+                    .await
+                    .map_err(|_| {
+                        std::io::Error::other("timed out while refreshing OpenAI API key")
+                    })?
+                    .map_err(std::io::Error::other)?;
+
+                    let updated_auth_dot_json = update_tokens(
+                        &self.auth_file,
+                        refresh_response.id_token,
+                        refresh_response.access_token,
+                        refresh_response.refresh_token,
+                    )
+                    .await?;
+
+                    #[expect(clippy::unwrap_used)]
+                    let mut auth_dot_json = self.auth_dot_json.lock().unwrap();
+                    *auth_dot_json = Some(updated_auth_dot_json);
+                }
+                Ok(auth_dot_json.tokens.clone())
+            }
+            None => Err(std::io::Error::other("Token data is not available.")),
+        }
+    }
+
+    pub async fn get_token(&self) -> Result<String, std::io::Error> {
+        match self.mode {
+            AuthMode::ApiKey => Ok(self.api_key.clone().unwrap_or_default()),
+            AuthMode::ChatGPT => {
+                let id_token = self.get_token_data().await?.access_token;
+
+                Ok(id_token)
+            }
+        }
+    }
+}
+
+// Loads the available auth information from the auth.json or OPENAI_API_KEY environment variable.
+pub fn load_auth(codex_home: &Path) -> std::io::Result<Option<CodexAuth>> {
+    let auth_file = codex_home.join("auth.json");
+
+    let auth_dot_json = try_read_auth_json(&auth_file).ok();
+
+    let auth_json_api_key = auth_dot_json
+        .as_ref()
+        .and_then(|a| a.openai_api_key.clone())
+        .filter(|s| !s.is_empty());
+
+    let openai_api_key = env::var(OPENAI_API_KEY_ENV_VAR)
+        .ok()
+        .filter(|s| !s.is_empty())
+        .or(auth_json_api_key);
+
+    if openai_api_key.is_none() && auth_dot_json.is_none() {
+        return Ok(None);
+    }
+
+    let mode = if openai_api_key.is_some() {
+        AuthMode::ApiKey
+    } else {
+        AuthMode::ChatGPT
+    };
+
+    Ok(Some(CodexAuth {
+        api_key: openai_api_key,
+        mode,
+        auth_file,
+        auth_dot_json: Arc::new(Mutex::new(auth_dot_json)),
+    }))
+}
 
 /// Run `python3 -c {{SOURCE_FOR_PYTHON_SERVER}}` with the CODEX_HOME
 /// environment variable set to the provided `codex_home` path. If the
@@ -24,14 +157,12 @@ const CLIENT_ID: &str = "app_EMoamEEZ73f0CkXaXp7hrann";
 /// If `capture_output` is true, the subprocess's output will be captured and
 /// recorded in memory. Otherwise, the subprocess's output will be sent to the
 /// current process's stdout/stderr.
-pub async fn login_with_chatgpt(
-    codex_home: &Path,
-    capture_output: bool,
-) -> std::io::Result<String> {
+pub async fn login_with_chatgpt(codex_home: &Path, capture_output: bool) -> std::io::Result<()> {
     let child = Command::new("python3")
         .arg("-c")
         .arg(SOURCE_FOR_PYTHON_SERVER)
         .env("CODEX_HOME", codex_home)
+        .env("CODEX_CLIENT_ID", CLIENT_ID)
         .stdin(Stdio::null())
         .stdout(if capture_output {
             Stdio::piped()
@@ -47,7 +178,7 @@ pub async fn login_with_chatgpt(
 
     let output = child.wait_with_output().await?;
     if output.status.success() {
-        try_read_openai_api_key(codex_home).await
+        Ok(())
     } else {
         let stderr = String::from_utf8_lossy(&output.stderr);
         Err(std::io::Error::other(format!(
@@ -56,61 +187,54 @@ pub async fn login_with_chatgpt(
     }
 }
 
-/// Attempt to read the `OPENAI_API_KEY` from the `auth.json` file in the given
-/// `CODEX_HOME` directory, refreshing it, if necessary.
-pub async fn try_read_openai_api_key(codex_home: &Path) -> std::io::Result<String> {
-    let auth_dot_json = try_read_auth_json(codex_home).await?;
-    Ok(auth_dot_json.openai_api_key)
-}
-
 /// Attempt to read and refresh the `auth.json` file in the given `CODEX_HOME` directory.
 /// Returns the full AuthDotJson structure after refreshing if necessary.
-pub async fn try_read_auth_json(codex_home: &Path) -> std::io::Result<AuthDotJson> {
-    let auth_path = codex_home.join("auth.json");
-    let mut file = std::fs::File::open(&auth_path)?;
+pub fn try_read_auth_json(auth_file: &Path) -> std::io::Result<AuthDotJson> {
+    let mut file = std::fs::File::open(auth_file)?;
     let mut contents = String::new();
     file.read_to_string(&mut contents)?;
     let auth_dot_json: AuthDotJson = serde_json::from_str(&contents)?;
 
-    if is_expired(&auth_dot_json) {
-        let refresh_response = try_refresh_token(&auth_dot_json).await?;
-        let mut auth_dot_json = auth_dot_json;
-        auth_dot_json.tokens.id_token = refresh_response.id_token;
-        if let Some(refresh_token) = refresh_response.refresh_token {
-            auth_dot_json.tokens.refresh_token = refresh_token;
-        }
-        auth_dot_json.last_refresh = Utc::now();
+    Ok(auth_dot_json)
+}
 
-        let mut options = OpenOptions::new();
-        options.truncate(true).write(true).create(true);
-        #[cfg(unix)]
-        {
-            options.mode(0o600);
-        }
-
-        let json_data = serde_json::to_string(&auth_dot_json)?;
-        {
-            let mut file = options.open(&auth_path)?;
-            file.write_all(json_data.as_bytes())?;
-            file.flush()?;
-        }
-
-        Ok(auth_dot_json)
-    } else {
-        Ok(auth_dot_json)
+async fn update_tokens(
+    auth_file: &Path,
+    id_token: String,
+    access_token: Option<String>,
+    refresh_token: Option<String>,
+) -> std::io::Result<AuthDotJson> {
+    let mut options = OpenOptions::new();
+    options.truncate(true).write(true).create(true);
+    #[cfg(unix)]
+    {
+        options.mode(0o600);
     }
+    let mut auth_dot_json = try_read_auth_json(auth_file)?;
+
+    auth_dot_json.tokens.id_token = id_token.to_string();
+    if let Some(access_token) = access_token {
+        auth_dot_json.tokens.access_token = access_token.to_string();
+    }
+    if let Some(refresh_token) = refresh_token {
+        auth_dot_json.tokens.refresh_token = refresh_token.to_string();
+    }
+    auth_dot_json.last_refresh = Utc::now();
+
+    let json_data = serde_json::to_string_pretty(&auth_dot_json)?;
+    {
+        let mut file = options.open(auth_file)?;
+        file.write_all(json_data.as_bytes())?;
+        file.flush()?;
+    }
+    Ok(auth_dot_json)
 }
 
-fn is_expired(auth_dot_json: &AuthDotJson) -> bool {
-    let last_refresh = auth_dot_json.last_refresh;
-    last_refresh < Utc::now() - chrono::Duration::days(28)
-}
-
-async fn try_refresh_token(auth_dot_json: &AuthDotJson) -> std::io::Result<RefreshResponse> {
+async fn try_refresh_token(refresh_token: String) -> std::io::Result<RefreshResponse> {
     let refresh_request = RefreshRequest {
         client_id: CLIENT_ID,
         grant_type: "refresh_token",
-        refresh_token: auth_dot_json.tokens.refresh_token.clone(),
+        refresh_token,
         scope: "openid profile email",
     };
 
@@ -145,24 +269,25 @@ struct RefreshRequest {
     scope: &'static str,
 }
 
-#[derive(Deserialize)]
+#[derive(Deserialize, Clone)]
 struct RefreshResponse {
     id_token: String,
+    access_token: Option<String>,
     refresh_token: Option<String>,
 }
 
 /// Expected structure for $CODEX_HOME/auth.json.
-#[derive(Deserialize, Serialize)]
+#[derive(Deserialize, Serialize, Clone, Debug, PartialEq)]
 pub struct AuthDotJson {
     #[serde(rename = "OPENAI_API_KEY")]
-    pub openai_api_key: String,
+    pub openai_api_key: Option<String>,
 
     pub tokens: TokenData,
 
     pub last_refresh: DateTime<Utc>,
 }
 
-#[derive(Deserialize, Serialize, Clone)]
+#[derive(Deserialize, Serialize, Clone, Debug, PartialEq)]
 pub struct TokenData {
     /// This is a JWT.
     pub id_token: String,
@@ -172,5 +297,5 @@ pub struct TokenData {
 
     pub refresh_token: String,
 
-    pub account_id: String,
+    pub account_id: Option<String>,
 }

codex-rs/login/src/login_with_chatgpt.py

@@ -41,7 +41,6 @@ from typing import Any, Dict  # for type hints
 REQUIRED_PORT = 1455
 URL_BASE = f"http://localhost:{REQUIRED_PORT}"
 DEFAULT_ISSUER = "https://auth.openai.com"
-DEFAULT_CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann"
 
 EXIT_CODE_WHEN_ADDRESS_ALREADY_IN_USE = 13
 
@@ -58,7 +57,7 @@ class TokenData:
 class AuthBundle:
     """Aggregates authentication data produced after successful OAuth flow."""
 
-    api_key: str
+    api_key: str | None
     token_data: TokenData
     last_refresh: str
 
@@ -78,12 +77,18 @@ def main() -> None:
         eprint("ERROR: CODEX_HOME environment variable is not set")
         sys.exit(1)
 
+    client_id = os.getenv("CODEX_CLIENT_ID")
+    if not client_id:
+        eprint("ERROR: CODEX_CLIENT_ID environment variable is not set")
+        sys.exit(1)
+
     # Spawn server.
     try:
         httpd = _ApiKeyHTTPServer(
             ("127.0.0.1", REQUIRED_PORT),
             _ApiKeyHTTPHandler,
             codex_home=codex_home,
+            client_id=client_id,
             verbose=args.verbose,
         )
     except OSError as e:
@@ -157,7 +162,7 @@ class _ApiKeyHTTPHandler(http.server.BaseHTTPRequestHandler):
                 return
 
             try:
-                auth_bundle, success_url = self._exchange_code_for_api_key(code)
+                auth_bundle, success_url = self._exchange_code(code)
             except Exception as exc:  # noqa: BLE001 – propagate to client
                 self.send_error(500, f"Token exchange failed: {exc}")
                 return
@@ -211,68 +216,22 @@ class _ApiKeyHTTPHandler(http.server.BaseHTTPRequestHandler):
         if getattr(self.server, "verbose", False):  # type: ignore[attr-defined]
             super().log_message(fmt, *args)
 
-    def _exchange_code_for_api_key(self, code: str) -> tuple[AuthBundle, str]:
-        """Perform token + token-exchange to obtain an OpenAI API key.
+    def _obtain_api_key(
+        self,
+        token_claims: Dict[str, Any],
+        access_claims: Dict[str, Any],
+        token_data: TokenData,
+    ) -> tuple[str | None, str | None]:
+        """Obtain an API key from the auth service.
 
-        Returns (AuthBundle, success_url).
+        Returns (api_key, success_url) if successful, None otherwise.
         """
 
-        token_endpoint = f"{self.server.issuer}/oauth/token"
-
-        # 1. Authorization-code -> (id_token, access_token, refresh_token)
-        data = urllib.parse.urlencode(
-            {
-                "grant_type": "authorization_code",
-                "code": code,
-                "redirect_uri": self.server.redirect_uri,
-                "client_id": self.server.client_id,
-                "code_verifier": self.server.pkce.code_verifier,
-            }
-        ).encode()
-
-        token_data: TokenData
-
-        with urllib.request.urlopen(
-            urllib.request.Request(
-                token_endpoint,
-                data=data,
-                method="POST",
-                headers={"Content-Type": "application/x-www-form-urlencoded"},
-            )
-        ) as resp:
-            payload = json.loads(resp.read().decode())
-            
-            # Extract chatgpt_account_id from id_token
-            id_token_parts = payload["id_token"].split(".")
-            if len(id_token_parts) != 3:
-                raise ValueError("Invalid ID token")
-            id_token_claims = _decode_jwt_segment(id_token_parts[1])
-            auth_claims = id_token_claims.get("https://api.openai.com/auth", {})
-            chatgpt_account_id = auth_claims.get("chatgpt_account_id", "")
-            
-            token_data = TokenData(
-                id_token=payload["id_token"],
-                access_token=payload["access_token"],
-                refresh_token=payload["refresh_token"],
-                account_id=chatgpt_account_id,
-            )
-
-        access_token_parts = token_data.access_token.split(".")
-        if len(access_token_parts) != 3:
-            raise ValueError("Invalid access token")
-
-        access_token_claims = _decode_jwt_segment(access_token_parts[1])
-
-        token_claims = id_token_claims.get("https://api.openai.com/auth", {})
-        access_claims = access_token_claims.get("https://api.openai.com/auth", {})
-
         org_id = token_claims.get("organization_id")
-        if not org_id:
-            raise ValueError("Missing organization in id_token claims")
-
         project_id = token_claims.get("project_id")
-        if not project_id:
-            raise ValueError("Missing project in id_token claims")
+
+        if not org_id or not project_id:
+            return (None, None)
 
         random_id = secrets.token_hex(6)
 
@@ -292,7 +251,7 @@ class _ApiKeyHTTPHandler(http.server.BaseHTTPRequestHandler):
         exchanged_access_token: str
         with urllib.request.urlopen(
             urllib.request.Request(
-                token_endpoint,
+                self.server.token_endpoint,
                 data=exchange_data,
                 method="POST",
                 headers={"Content-Type": "application/x-www-form-urlencoded"},
@@ -340,6 +299,65 @@ class _ApiKeyHTTPHandler(http.server.BaseHTTPRequestHandler):
         except Exception as exc:  # pragma: no cover – best-effort only
             eprint(f"Unable to redeem ChatGPT subscriber API credits: {exc}")
 
+        return (exchanged_access_token, success_url)
+
+    def _exchange_code(self, code: str) -> tuple[AuthBundle, str]:
+        """Perform token + token-exchange to obtain an OpenAI API key.
+
+        Returns (AuthBundle, success_url).
+        """
+
+        # 1. Authorization-code -> (id_token, access_token, refresh_token)
+        data = urllib.parse.urlencode(
+            {
+                "grant_type": "authorization_code",
+                "code": code,
+                "redirect_uri": self.server.redirect_uri,
+                "client_id": self.server.client_id,
+                "code_verifier": self.server.pkce.code_verifier,
+            }
+        ).encode()
+
+        token_data: TokenData
+
+        with urllib.request.urlopen(
+            urllib.request.Request(
+                self.server.token_endpoint,
+                data=data,
+                method="POST",
+                headers={"Content-Type": "application/x-www-form-urlencoded"},
+            )
+        ) as resp:
+            payload = json.loads(resp.read().decode())
+
+            # Extract chatgpt_account_id from id_token
+            id_token_parts = payload["id_token"].split(".")
+            if len(id_token_parts) != 3:
+                raise ValueError("Invalid ID token")
+            id_token_claims = _decode_jwt_segment(id_token_parts[1])
+            auth_claims = id_token_claims.get("https://api.openai.com/auth", {})
+            chatgpt_account_id = auth_claims.get("chatgpt_account_id", "")
+
+            token_data = TokenData(
+                id_token=payload["id_token"],
+                access_token=payload["access_token"],
+                refresh_token=payload["refresh_token"],
+                account_id=chatgpt_account_id,
+            )
+
+        access_token_parts = token_data.access_token.split(".")
+        if len(access_token_parts) != 3:
+            raise ValueError("Invalid access token")
+
+        access_token_claims = _decode_jwt_segment(access_token_parts[1])
+
+        token_claims = id_token_claims.get("https://api.openai.com/auth", {})
+        access_claims = access_token_claims.get("https://api.openai.com/auth", {})
+
+        exchanged_access_token, success_url = self._obtain_api_key(
+            token_claims, access_claims, token_data
+        )
+
         # Persist refresh_token/id_token for future use (redeem credits etc.)
         last_refresh_str = (
             datetime.datetime.now(datetime.timezone.utc)
@@ -353,7 +371,7 @@ class _ApiKeyHTTPHandler(http.server.BaseHTTPRequestHandler):
             last_refresh=last_refresh_str,
         )
 
-        return (auth_bundle, success_url)
+        return (auth_bundle, success_url or f"{URL_BASE}/success")
 
     def request_shutdown(self) -> None:
         # shutdown() must be invoked from another thread to avoid
@@ -413,6 +431,7 @@ class _ApiKeyHTTPServer(http.server.HTTPServer):
         request_handler_class: type[http.server.BaseHTTPRequestHandler],
         *,
         codex_home: str,
+        client_id: str,
         verbose: bool = False,
     ) -> None:
         super().__init__(server_address, request_handler_class, bind_and_activate=True)
@@ -422,7 +441,8 @@ class _ApiKeyHTTPServer(http.server.HTTPServer):
         self.verbose: bool = verbose
 
         self.issuer: str = DEFAULT_ISSUER
-        self.client_id: str = DEFAULT_CLIENT_ID
+        self.token_endpoint: str = f"{self.issuer}/oauth/token"
+        self.client_id: str = client_id
         port = server_address[1]
         self.redirect_uri: str = f"http://localhost:{port}/auth/callback"
         self.pkce: PkceCodes = _generate_pkce()
@@ -581,8 +601,8 @@ def maybe_redeem_credits(
         granted = redeem_data.get("granted_chatgpt_subscriber_api_credits", 0)
         if granted and granted > 0:
             eprint(
-                f"""Thanks for being a ChatGPT {'Plus' if plan_type=='plus' else 'Pro'} subscriber!
-If you haven't already redeemed, you should receive {'$5' if plan_type=='plus' else '$50'} in API credits.
+                f"""Thanks for being a ChatGPT {"Plus" if plan_type == "plus" else "Pro"} subscriber!
+If you haven't already redeemed, you should receive {"$5" if plan_type == "plus" else "$50"} in API credits.
 
 Credits: https://platform.openai.com/settings/organization/billing/credit-grants
 More info: https://help.openai.com/en/articles/11381614""",

codex-rs/mcp-client/src/main.rs

@@ -10,6 +10,7 @@
 //! program. The utility connects, issues a `tools/list` request and prints the
 //! server's response as pretty JSON.
 
+use std::ffi::OsString;
 use std::time::Duration;
 
 use anyhow::Context;
@@ -37,7 +38,7 @@ async fn main() -> Result<()> {
         .try_init();
 
     // Collect command-line arguments excluding the program name itself.
-    let mut args: Vec<String> = std::env::args().skip(1).collect();
+    let mut args: Vec<OsString> = std::env::args_os().skip(1).collect();
 
     if args.is_empty() || args[0] == "--help" || args[0] == "-h" {
         eprintln!("Usage: mcp-client <program> [args..]\n\nExample: mcp-client codex-mcp-server");

codex-rs/mcp-client/src/mcp_client.rs

@@ -12,6 +12,7 @@
 //! issue requests and receive strongly-typed results.
 
 use std::collections::HashMap;
+use std::ffi::OsString;
 use std::sync::Arc;
 use std::sync::atomic::AtomicI64;
 use std::sync::atomic::Ordering;
@@ -82,8 +83,8 @@ impl McpClient {
     /// Caller is responsible for sending the `initialize` request. See
     /// [`initialize`](Self::initialize) for details.
     pub async fn new_stdio_client(
-        program: String,
-        args: Vec<String>,
+        program: OsString,
+        args: Vec<OsString>,
         env: Option<HashMap<String, String>>,
     ) -> std::io::Result<Self> {
         let mut child = Command::new(program)

codex-rs/mcp-server/Cargo.toml

@@ -16,8 +16,8 @@ workspace = true
 
 [dependencies]
 anyhow = "1"
+codex-arg0 = { path = "../arg0" }
 codex-core = { path = "../core" }
-codex-linux-sandbox = { path = "../linux-sandbox" }
 mcp-types = { path = "../mcp-types" }
 schemars = "0.8.22"
 serde = { version = "1", features = ["derive"] }
@@ -34,6 +34,7 @@ tokio = { version = "1", features = [
     "signal",
 ] }
 uuid = { version = "1", features = ["serde", "v4"] }
+strum_macros = "0.27.2"
 
 [dev-dependencies]
 assert_cmd = "2"

codex-rs/mcp-server/src/codex_tool_config.rs

@@ -50,6 +50,10 @@ pub struct CodexToolCallParam {
     /// The set of instructions to use instead of the default ones.
     #[serde(default, skip_serializing_if = "Option::is_none")]
     pub base_instructions: Option<String>,
+
+    /// Whether to include the plan tool in the conversation.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub include_plan_tool: Option<bool>,
 }
 
 /// Custom enum mirroring [`AskForApproval`], but has an extra dependency on
@@ -140,9 +144,10 @@ impl CodexToolCallParam {
             sandbox,
             config: cli_overrides,
             base_instructions,
+            include_plan_tool,
         } = self;
 
-        // Build the `ConfigOverrides` recognised by codex-core.
+        // Build the `ConfigOverrides` recognized by codex-core.
         let overrides = codex_core::config::ConfigOverrides {
             model,
             config_profile: profile,
@@ -152,6 +157,7 @@ impl CodexToolCallParam {
             model_provider: None,
             codex_linux_sandbox_exe,
             base_instructions,
+            include_plan_tool,
         };
 
         let cli_overrides = cli_overrides
@@ -262,6 +268,10 @@ mod tests {
                 "description": "Working directory for the session. If relative, it is resolved against the server process's current working directory.",
                 "type": "string"
               },
+              "include-plan-tool": {
+                "description": "Whether to include the plan tool in the conversation.",
+                "type": "boolean"
+              },
               "model": {
                 "description": "Optional override for the model name (e.g. \"o3\", \"o4-mini\").",
                 "type": "string"

codex-rs/mcp-server/src/codex_tool_runner.rs

@@ -6,6 +6,7 @@ use std::collections::HashMap;
 use std::sync::Arc;
 
 use codex_core::Codex;
+use codex_core::codex_wrapper::CodexConversation;
 use codex_core::codex_wrapper::init_codex;
 use codex_core::config::Config as CodexConfig;
 use codex_core::protocol::AgentMessageEvent;
@@ -26,6 +27,7 @@ use uuid::Uuid;
 
 use crate::exec_approval::handle_exec_approval_request;
 use crate::outgoing_message::OutgoingMessageSender;
+use crate::outgoing_message::OutgoingNotificationMeta;
 use crate::patch_approval::handle_patch_approval_request;
 
 pub(crate) const INVALID_PARAMS_ERROR_CODE: i64 = -32602;
@@ -42,7 +44,12 @@ pub async fn run_codex_tool_session(
     session_map: Arc<Mutex<HashMap<Uuid, Arc<Codex>>>>,
     running_requests_id_to_codex_uuid: Arc<Mutex<HashMap<RequestId, Uuid>>>,
 ) {
-    let (codex, first_event, _ctrl_c, session_id) = match init_codex(config).await {
+    let CodexConversation {
+        codex,
+        session_configured,
+        session_id,
+        ..
+    } = match init_codex(config).await {
         Ok(res) => res,
         Err(e) => {
             let result = CallToolResult {
@@ -65,8 +72,12 @@ pub async fn run_codex_tool_session(
     session_map.lock().await.insert(session_id, codex.clone());
     drop(session_map);
 
-    // Send initial SessionConfigured event.
-    outgoing.send_event_as_notification(&first_event).await;
+    outgoing
+        .send_event_as_notification(
+            &session_configured,
+            Some(OutgoingNotificationMeta::new(Some(id.clone()))),
+        )
+        .await;
 
     // Use the original MCP request ID as the `sub_id` for the Codex submission so that
     // any events emitted for this tool-call can be correlated with the
@@ -150,7 +161,12 @@ async fn run_codex_tool_session_inner(
     loop {
         match codex.next_event().await {
             Ok(event) => {
-                outgoing.send_event_as_notification(&event).await;
+                outgoing
+                    .send_event_as_notification(
+                        &event,
+                        Some(OutgoingNotificationMeta::new(Some(request_id.clone()))),
+                    )
+                    .await;
 
                 match event.msg {
                     EventMsg::ExecApprovalRequest(ExecApprovalRequestEvent {
@@ -247,6 +263,7 @@ async fn run_codex_tool_session_inner(
                     | EventMsg::PatchApplyBegin(_)
                     | EventMsg::PatchApplyEnd(_)
                     | EventMsg::GetHistoryEntryResponse(_)
+                    | EventMsg::PlanUpdate(_)
                     | EventMsg::ShutdownComplete => {
                         // For now, we do not do anything extra for these
                         // events. Note that

codex-rs/mcp-server/src/lib.rs

@@ -13,11 +13,13 @@ use tokio::sync::mpsc;
 use tracing::debug;
 use tracing::error;
 use tracing::info;
+use tracing_subscriber::EnvFilter;
 
 mod codex_tool_config;
 mod codex_tool_runner;
 mod exec_approval;
 mod json_to_toml;
+mod mcp_protocol;
 mod message_processor;
 mod outgoing_message;
 mod patch_approval;
@@ -43,6 +45,7 @@ pub async fn run_main(codex_linux_sandbox_exe: Option<PathBuf>) -> IoResult<()>
     // control the log level with `RUST_LOG`.
     tracing_subscriber::fmt()
         .with_writer(std::io::stderr)
+        .with_env_filter(EnvFilter::from_default_env())
         .init();
 
     // Set up channels.

codex-rs/mcp-server/src/main.rs

@@ -1,7 +1,8 @@
+use codex_arg0::arg0_dispatch_or_else;
 use codex_mcp_server::run_main;
 
 fn main() -> anyhow::Result<()> {
-    codex_linux_sandbox::run_with_sandbox(|codex_linux_sandbox_exe| async move {
+    arg0_dispatch_or_else(|codex_linux_sandbox_exe| async move {
         run_main(codex_linux_sandbox_exe).await?;
         Ok(())
     })

codex-rs/mcp-server/src/mcp_protocol.rs

@@ -0,0 +1,962 @@
+use codex_core::config_types::SandboxMode;
+use codex_core::protocol::AskForApproval;
+use codex_core::protocol::EventMsg;
+use codex_core::protocol::InputItem;
+use serde::Deserialize;
+use serde::Serialize;
+use strum_macros::Display;
+use uuid::Uuid;
+
+use mcp_types::RequestId;
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(transparent)]
+pub struct ConversationId(pub Uuid);
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(transparent)]
+pub struct MessageId(pub Uuid);
+
+// Requests
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct ToolCallRequest {
+    #[serde(rename = "jsonrpc")]
+    pub jsonrpc: &'static str,
+    pub id: RequestId,
+    pub method: &'static str,
+    pub params: ToolCallRequestParams,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+#[serde(tag = "name", content = "arguments", rename_all = "camelCase")]
+pub enum ToolCallRequestParams {
+    ConversationCreate(ConversationCreateArgs),
+    ConversationStream(ConversationStreamArgs),
+    ConversationSendMessage(ConversationSendMessageArgs),
+    ConversationsList(ConversationsListArgs),
+}
+
+impl ToolCallRequestParams {
+    /// Wrap this request in a JSON-RPC request.
+    #[allow(dead_code)]
+    pub fn into_request(self, id: RequestId) -> ToolCallRequest {
+        ToolCallRequest {
+            jsonrpc: "2.0",
+            id,
+            method: "tools/call",
+            params: self,
+        }
+    }
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationCreateArgs {
+    pub prompt: String,
+    pub model: String,
+    pub cwd: String,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub approval_policy: Option<AskForApproval>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub sandbox: Option<SandboxMode>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub config: Option<serde_json::Value>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub profile: Option<String>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub base_instructions: Option<String>,
+}
+
+/// Optional overrides for an existing conversation's execution context when sending a message.
+/// Fields left as `None` inherit the current conversation/session settings.
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationOverrides {
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub model: Option<String>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub cwd: Option<String>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub approval_policy: Option<AskForApproval>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub sandbox: Option<SandboxMode>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub config: Option<serde_json::Value>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub profile: Option<String>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub base_instructions: Option<String>,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationStreamArgs {
+    pub conversation_id: ConversationId,
+}
+
+/// If omitted, the message continues from the latest turn.
+/// Set to resume/edit from an earlier parent message in the thread.
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationSendMessageArgs {
+    pub conversation_id: ConversationId,
+    pub content: Vec<InputItem>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub parent_message_id: Option<MessageId>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[serde(flatten)]
+    pub conversation_overrides: Option<ConversationOverrides>,
+}
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationsListArgs {
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub limit: Option<u32>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub cursor: Option<String>,
+}
+
+// Responses
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct ToolCallResponse {
+    pub request_id: RequestId,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub is_error: Option<bool>,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub result: Option<ToolCallResponseResult>,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+#[serde(untagged)]
+pub enum ToolCallResponseResult {
+    ConversationCreate(ConversationCreateResult),
+    ConversationStream(ConversationStreamResult),
+    ConversationSendMessage(ConversationSendMessageResult),
+    ConversationsList(ConversationsListResult),
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationCreateResult {
+    pub conversation_id: ConversationId,
+    pub model: String,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationStreamResult {}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationSendMessageResult {
+    pub success: bool,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationsListResult {
+    pub conversations: Vec<ConversationSummary>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub next_cursor: Option<String>,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct ConversationSummary {
+    pub conversation_id: ConversationId,
+    pub title: String,
+}
+
+// Notifications
+#[derive(Debug, Clone, Deserialize, Display)]
+pub enum ServerNotification {
+    InitialState(InitialStateNotificationParams),
+    StreamDisconnected(StreamDisconnectedNotificationParams),
+    CodexEvent(Box<CodexEventNotificationParams>),
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct NotificationMeta {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub conversation_id: Option<ConversationId>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub request_id: Option<RequestId>,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct InitialStateNotificationParams {
+    #[serde(rename = "_meta", skip_serializing_if = "Option::is_none")]
+    pub meta: Option<NotificationMeta>,
+    pub initial_state: InitialStatePayload,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct InitialStatePayload {
+    #[serde(default)]
+    pub events: Vec<CodexEventNotificationParams>,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct StreamDisconnectedNotificationParams {
+    #[serde(rename = "_meta", skip_serializing_if = "Option::is_none")]
+    pub meta: Option<NotificationMeta>,
+    pub reason: String,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct CodexEventNotificationParams {
+    #[serde(rename = "_meta", skip_serializing_if = "Option::is_none")]
+    pub meta: Option<NotificationMeta>,
+    pub msg: EventMsg,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct CancelNotificationParams {
+    pub request_id: RequestId,
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub reason: Option<String>,
+}
+
+impl Serialize for ServerNotification {
+    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+    where
+        S: serde::Serializer,
+    {
+        use serde::ser::SerializeMap;
+
+        let mut map = serializer.serialize_map(Some(2))?;
+        match self {
+            ServerNotification::CodexEvent(p) => {
+                map.serialize_entry("method", &format!("notifications/{}", p.msg))?;
+                map.serialize_entry("params", p)?;
+            }
+            ServerNotification::InitialState(p) => {
+                map.serialize_entry("method", "notifications/initial_state")?;
+                map.serialize_entry("params", p)?;
+            }
+            ServerNotification::StreamDisconnected(p) => {
+                map.serialize_entry("method", "notifications/stream_disconnected")?;
+                map.serialize_entry("params", p)?;
+            }
+        }
+        map.end()
+    }
+}
+
+#[derive(Debug, Clone, Deserialize, Serialize)]
+#[serde(tag = "method", content = "params", rename_all = "camelCase")]
+pub enum ClientNotification {
+    #[serde(rename = "notifications/cancelled")]
+    Cancelled(CancelNotificationParams),
+}
+
+#[cfg(test)]
+#[allow(clippy::expect_used)]
+#[allow(clippy::unwrap_used)]
+mod tests {
+    use std::path::PathBuf;
+
+    use super::*;
+    use codex_core::protocol::McpInvocation;
+    use codex_core::protocol::McpToolCallBeginEvent;
+    use pretty_assertions::assert_eq;
+    use serde::Serialize;
+    use serde_json::Value;
+    use serde_json::json;
+    use uuid::uuid;
+
+    fn to_val<T: Serialize>(v: &T) -> Value {
+        serde_json::to_value(v).expect("serialize to Value")
+    }
+
+    // ----- Requests -----
+
+    #[test]
+    fn serialize_tool_call_request_params_conversation_create_minimal() {
+        let req = ToolCallRequestParams::ConversationCreate(ConversationCreateArgs {
+            prompt: "".into(),
+            model: "o3".into(),
+            cwd: "/repo".into(),
+            approval_policy: None,
+            sandbox: None,
+            config: None,
+            profile: None,
+            base_instructions: None,
+        });
+
+        let observed = to_val(&req.into_request(mcp_types::RequestId::Integer(2)));
+        let expected = json!({
+            "jsonrpc": "2.0",
+            "id": 2,
+            "method": "tools/call",
+            "params": {
+                "name": "conversationCreate",
+                "arguments": {
+                    "prompt": "",
+                    "model": "o3",
+                    "cwd": "/repo"
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_tool_call_request_params_conversation_send_message_with_overrides_and_parent_message_id()
+     {
+        let req = ToolCallRequestParams::ConversationSendMessage(ConversationSendMessageArgs {
+            conversation_id: ConversationId(uuid!("d0f6ecbe-84a2-41c1-b23d-b20473b25eab")),
+            content: vec![
+                InputItem::Text { text: "Hi".into() },
+                InputItem::Image {
+                    image_url: "https://example.com/cat.jpg".into(),
+                },
+                InputItem::LocalImage {
+                    path: "notes.txt".into(),
+                },
+            ],
+            parent_message_id: Some(MessageId(uuid!("67e55044-10b1-426f-9247-bb680e5fe0c8"))),
+            conversation_overrides: Some(ConversationOverrides {
+                model: Some("o4-mini".into()),
+                cwd: Some("/workdir".into()),
+                approval_policy: None,
+                sandbox: Some(SandboxMode::DangerFullAccess),
+                config: Some(json!({"temp": 0.2})),
+                profile: Some("eng".into()),
+                base_instructions: Some("Be terse".into()),
+            }),
+        });
+
+        let observed = to_val(&req.into_request(mcp_types::RequestId::Integer(2)));
+        let expected = json!({
+            "jsonrpc": "2.0",
+            "id": 2,
+            "method": "tools/call",
+            "params": {
+                "name": "conversationSendMessage",
+                "arguments": {
+                    "conversation_id": "d0f6ecbe-84a2-41c1-b23d-b20473b25eab",
+                    "content": [
+                        { "type": "text", "text": "Hi" },
+                        { "type": "image", "image_url": "https://example.com/cat.jpg" },
+                        { "type": "local_image", "path": "notes.txt" }
+                    ],
+                    "parent_message_id": "67e55044-10b1-426f-9247-bb680e5fe0c8",
+                    "model": "o4-mini",
+                    "cwd": "/workdir",
+                    "sandbox": "danger-full-access",
+                    "config": { "temp": 0.2 },
+                    "profile": "eng",
+                    "base_instructions": "Be terse"
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_tool_call_request_params_conversations_list_with_opts() {
+        let req = ToolCallRequestParams::ConversationsList(ConversationsListArgs {
+            limit: Some(50),
+            cursor: Some("abc".into()),
+        });
+
+        let observed = to_val(&req.into_request(RequestId::Integer(2)));
+        let expected = json!({
+            "jsonrpc": "2.0",
+            "id": 2,
+            "method": "tools/call",
+            "params": {
+                "name": "conversationsList",
+                "arguments": {
+                    "limit": 50,
+                    "cursor": "abc"
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_tool_call_request_params_conversation_stream() {
+        let req = ToolCallRequestParams::ConversationStream(ConversationStreamArgs {
+            conversation_id: ConversationId(uuid!("67e55044-10b1-426f-9247-bb680e5fe0c8")),
+        });
+
+        let observed = to_val(&req.into_request(mcp_types::RequestId::Integer(2)));
+        let expected = json!({
+            "jsonrpc": "2.0",
+            "id": 2,
+            "method": "tools/call",
+            "params": {
+                "name": "conversationStream",
+                "arguments": {
+                    "conversation_id": "67e55044-10b1-426f-9247-bb680e5fe0c8"
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    // ----- Message inputs / sources -----
+
+    #[test]
+    fn serialize_message_input_image_url() {
+        let item = InputItem::Image {
+            image_url: "https://example.com/x.png".into(),
+        };
+        let observed = to_val(&item);
+        let expected = json!({
+            "type": "image",
+            "image_url": "https://example.com/x.png"
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_message_input_local_image_path() {
+        let url = InputItem::LocalImage {
+            path: PathBuf::from("https://example.com/a.pdf"),
+        };
+        let id = InputItem::LocalImage {
+            path: PathBuf::from("file_456"),
+        };
+        let observed_url = to_val(&url);
+        let expected_url = json!({"type":"local_image","path":"https://example.com/a.pdf"});
+        assert_eq!(
+            observed_url, expected_url,
+            "LocalImage with URL path should serialize as image_url"
+        );
+        let observed_id = to_val(&id);
+        let expected_id = json!({"type":"local_image","path":"file_456"});
+        assert_eq!(
+            observed_id, expected_id,
+            "LocalImage with file id should serialize as image_url"
+        );
+    }
+
+    #[test]
+    fn serialize_message_input_image_url_without_detail() {
+        let item = InputItem::Image {
+            image_url: "https://example.com/x.png".into(),
+        };
+        let observed = to_val(&item);
+        let expected = json!({
+            "type": "image",
+            "image_url": "https://example.com/x.png"
+        });
+        assert_eq!(observed, expected);
+    }
+
+    // ----- Responses -----
+
+    #[test]
+    fn response_success_conversation_create_full_schema() {
+        let env = ToolCallResponse {
+            request_id: RequestId::Integer(1),
+            is_error: None,
+            result: Some(ToolCallResponseResult::ConversationCreate(
+                ConversationCreateResult {
+                    conversation_id: ConversationId(uuid!("d0f6ecbe-84a2-41c1-b23d-b20473b25eab")),
+                    model: "o3".into(),
+                },
+            )),
+        };
+        let observed = to_val(&env);
+        let expected = json!({
+            "requestId": 1,
+            "result": {
+                "conversation_id": "d0f6ecbe-84a2-41c1-b23d-b20473b25eab",
+                "model": "o3"
+            }
+        });
+        assert_eq!(
+            observed, expected,
+            "response (ConversationCreate) must match"
+        );
+    }
+
+    #[test]
+    fn response_success_conversation_stream_empty_result_object() {
+        let env = ToolCallResponse {
+            request_id: RequestId::Integer(2),
+            is_error: None,
+            result: Some(ToolCallResponseResult::ConversationStream(
+                ConversationStreamResult {},
+            )),
+        };
+        let observed = to_val(&env);
+        let expected = json!({
+            "requestId": 2,
+            "result": {}
+        });
+        assert_eq!(
+            observed, expected,
+            "response (ConversationStream) must have empty object result"
+        );
+    }
+
+    #[test]
+    fn response_success_send_message_accepted_full_schema() {
+        let env = ToolCallResponse {
+            request_id: RequestId::Integer(3),
+            is_error: None,
+            result: Some(ToolCallResponseResult::ConversationSendMessage(
+                ConversationSendMessageResult { success: true },
+            )),
+        };
+        let observed = to_val(&env);
+        let expected = json!({
+            "requestId": 3,
+            "result": { "success": true }
+        });
+        assert_eq!(
+            observed, expected,
+            "response (ConversationSendMessageAccepted) must match"
+        );
+    }
+
+    #[test]
+    fn response_success_conversations_list_with_next_cursor_full_schema() {
+        let env = ToolCallResponse {
+            request_id: RequestId::Integer(4),
+            is_error: None,
+            result: Some(ToolCallResponseResult::ConversationsList(
+                ConversationsListResult {
+                    conversations: vec![ConversationSummary {
+                        conversation_id: ConversationId(uuid!(
+                            "67e55044-10b1-426f-9247-bb680e5fe0c8"
+                        )),
+                        title: "Refactor config loader".into(),
+                    }],
+                    next_cursor: Some("next123".into()),
+                },
+            )),
+        };
+        let observed = to_val(&env);
+        let expected = json!({
+            "requestId": 4,
+            "result": {
+                "conversations": [
+                    {
+                        "conversation_id": "67e55044-10b1-426f-9247-bb680e5fe0c8",
+                        "title": "Refactor config loader"
+                    }
+                ],
+                "next_cursor": "next123"
+            }
+        });
+        assert_eq!(
+            observed, expected,
+            "response (ConversationsList with cursor) must match"
+        );
+    }
+
+    #[test]
+    fn response_error_only_is_error_and_request_id_string() {
+        let env = ToolCallResponse {
+            request_id: RequestId::Integer(4),
+            is_error: Some(true),
+            result: None,
+        };
+        let observed = to_val(&env);
+        let expected = json!({
+            "requestId": 4,
+            "isError": true
+        });
+        assert_eq!(
+            observed, expected,
+            "error response must omit `result` and include `isError`"
+        );
+    }
+
+    // ----- Notifications -----
+
+    #[test]
+    fn serialize_notification_initial_state_minimal() {
+        let params = InitialStateNotificationParams {
+            meta: Some(NotificationMeta {
+                conversation_id: Some(ConversationId(uuid!(
+                    "67e55044-10b1-426f-9247-bb680e5fe0c8"
+                ))),
+                request_id: Some(RequestId::Integer(44)),
+            }),
+            initial_state: InitialStatePayload {
+                events: vec![
+                    CodexEventNotificationParams {
+                        meta: None,
+                        msg: EventMsg::TaskStarted,
+                    },
+                    CodexEventNotificationParams {
+                        meta: None,
+                        msg: EventMsg::AgentMessageDelta(
+                            codex_core::protocol::AgentMessageDeltaEvent {
+                                delta: "Loading...".into(),
+                            },
+                        ),
+                    },
+                ],
+            },
+        };
+
+        let observed = to_val(&ServerNotification::InitialState(params.clone()));
+        let expected = json!({
+            "method": "notifications/initial_state",
+            "params": {
+                "_meta": {
+                    "conversationId": "67e55044-10b1-426f-9247-bb680e5fe0c8",
+                    "requestId": 44
+                },
+                "initial_state": {
+                    "events": [
+                        { "msg": { "type": "task_started" } },
+                        { "msg": { "type": "agent_message_delta", "delta": "Loading..." } }
+                    ]
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_initial_state_omits_empty_events_full_json() {
+        let params = InitialStateNotificationParams {
+            meta: None,
+            initial_state: InitialStatePayload { events: vec![] },
+        };
+
+        let observed = to_val(&ServerNotification::InitialState(params));
+        let expected = json!({
+            "method": "notifications/initial_state",
+            "params": {
+                "initial_state": { "events": [] }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_stream_disconnected() {
+        let params = StreamDisconnectedNotificationParams {
+            meta: Some(NotificationMeta {
+                conversation_id: Some(ConversationId(uuid!(
+                    "67e55044-10b1-426f-9247-bb680e5fe0c8"
+                ))),
+                request_id: None,
+            }),
+            reason: "New stream() took over".into(),
+        };
+
+        let observed = to_val(&ServerNotification::StreamDisconnected(params));
+        let expected = json!({
+            "method": "notifications/stream_disconnected",
+            "params": {
+                "_meta": { "conversationId": "67e55044-10b1-426f-9247-bb680e5fe0c8" },
+                "reason": "New stream() took over"
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_uses_eventmsg_type_in_method() {
+        let params = CodexEventNotificationParams {
+            meta: Some(NotificationMeta {
+                conversation_id: Some(ConversationId(uuid!(
+                    "67e55044-10b1-426f-9247-bb680e5fe0c8"
+                ))),
+                request_id: Some(RequestId::Integer(44)),
+            }),
+            msg: EventMsg::AgentMessage(codex_core::protocol::AgentMessageEvent {
+                message: "hi".into(),
+            }),
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/agent_message",
+            "params": {
+                "_meta": {
+                    "conversationId": "67e55044-10b1-426f-9247-bb680e5fe0c8",
+                    "requestId": 44
+                },
+                "msg": { "type": "agent_message", "message": "hi" }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_task_started_full_json() {
+        let params = CodexEventNotificationParams {
+            meta: Some(NotificationMeta {
+                conversation_id: Some(ConversationId(uuid!(
+                    "67e55044-10b1-426f-9247-bb680e5fe0c8"
+                ))),
+                request_id: Some(RequestId::Integer(7)),
+            }),
+            msg: EventMsg::TaskStarted,
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/task_started",
+            "params": {
+                "_meta": {
+                    "conversationId": "67e55044-10b1-426f-9247-bb680e5fe0c8",
+                    "requestId": 7
+                },
+                "msg": { "type": "task_started" }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_agent_message_delta_full_json() {
+        let params = CodexEventNotificationParams {
+            meta: None,
+            msg: EventMsg::AgentMessageDelta(codex_core::protocol::AgentMessageDeltaEvent {
+                delta: "stream...".into(),
+            }),
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/agent_message_delta",
+            "params": {
+                "msg": { "type": "agent_message_delta", "delta": "stream..." }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_agent_message_full_json() {
+        let params = CodexEventNotificationParams {
+            meta: Some(NotificationMeta {
+                conversation_id: Some(ConversationId(uuid!(
+                    "67e55044-10b1-426f-9247-bb680e5fe0c8"
+                ))),
+                request_id: Some(RequestId::Integer(44)),
+            }),
+            msg: EventMsg::AgentMessage(codex_core::protocol::AgentMessageEvent {
+                message: "hi".into(),
+            }),
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/agent_message",
+            "params": {
+                "_meta": {
+                    "conversationId": "67e55044-10b1-426f-9247-bb680e5fe0c8",
+                    "requestId": 44
+                },
+                "msg": { "type": "agent_message", "message": "hi" }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_agent_reasoning_full_json() {
+        let params = CodexEventNotificationParams {
+            meta: None,
+            msg: EventMsg::AgentReasoning(codex_core::protocol::AgentReasoningEvent {
+                text: "thinking…".into(),
+            }),
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/agent_reasoning",
+            "params": {
+                "msg": { "type": "agent_reasoning", "text": "thinking…" }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_token_count_full_json() {
+        let usage = codex_core::protocol::TokenUsage {
+            input_tokens: 10,
+            cached_input_tokens: Some(2),
+            output_tokens: 5,
+            reasoning_output_tokens: Some(1),
+            total_tokens: 16,
+        };
+        let params = CodexEventNotificationParams {
+            meta: None,
+            msg: EventMsg::TokenCount(usage),
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/token_count",
+            "params": {
+                "msg": {
+                    "type": "token_count",
+                    "input_tokens": 10,
+                    "cached_input_tokens": 2,
+                    "output_tokens": 5,
+                    "reasoning_output_tokens": 1,
+                    "total_tokens": 16
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_session_configured_full_json() {
+        let params = CodexEventNotificationParams {
+            meta: Some(NotificationMeta {
+                conversation_id: Some(ConversationId(uuid!(
+                    "67e55044-10b1-426f-9247-bb680e5fe0c8"
+                ))),
+                request_id: None,
+            }),
+            msg: EventMsg::SessionConfigured(codex_core::protocol::SessionConfiguredEvent {
+                session_id: uuid!("67e55044-10b1-426f-9247-bb680e5fe0c8"),
+                model: "codex-mini-latest".into(),
+                history_log_id: 42,
+                history_entry_count: 3,
+            }),
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/session_configured",
+            "params": {
+                "_meta": { "conversationId": "67e55044-10b1-426f-9247-bb680e5fe0c8" },
+                "msg": {
+                    "type": "session_configured",
+                    "session_id": "67e55044-10b1-426f-9247-bb680e5fe0c8",
+                    "model": "codex-mini-latest",
+                    "history_log_id": 42,
+                    "history_entry_count": 3
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_exec_command_begin_full_json() {
+        let params = CodexEventNotificationParams {
+            meta: None,
+            msg: EventMsg::ExecCommandBegin(codex_core::protocol::ExecCommandBeginEvent {
+                call_id: "c1".into(),
+                command: vec!["bash".into(), "-lc".into(), "echo hi".into()],
+                cwd: std::path::PathBuf::from("/work"),
+            }),
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/exec_command_begin",
+            "params": {
+                "msg": {
+                    "type": "exec_command_begin",
+                    "call_id": "c1",
+                    "command": ["bash", "-lc", "echo hi"],
+                    "cwd": "/work"
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_mcp_tool_call_begin_full_json() {
+        let params = CodexEventNotificationParams {
+            meta: None,
+            msg: EventMsg::McpToolCallBegin(McpToolCallBeginEvent {
+                call_id: "m1".into(),
+                invocation: McpInvocation {
+                    server: "calc".into(),
+                    tool: "add".into(),
+                    arguments: Some(json!({"a":1,"b":2})),
+                },
+            }),
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/mcp_tool_call_begin",
+            "params": {
+                "msg": {
+                    "type": "mcp_tool_call_begin",
+                    "call_id": "m1",
+                    "invocation": {
+                        "server": "calc",
+                        "tool": "add",
+                        "arguments": { "a": 1, "b": 2 }
+                    }
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_codex_event_patch_apply_end_full_json() {
+        let params = CodexEventNotificationParams {
+            meta: None,
+            msg: EventMsg::PatchApplyEnd(codex_core::protocol::PatchApplyEndEvent {
+                call_id: "p1".into(),
+                stdout: "ok".into(),
+                stderr: "".into(),
+                success: true,
+            }),
+        };
+
+        let observed = to_val(&ServerNotification::CodexEvent(Box::new(params)));
+        let expected = json!({
+            "method": "notifications/patch_apply_end",
+            "params": {
+                "msg": {
+                    "type": "patch_apply_end",
+                    "call_id": "p1",
+                    "stdout": "ok",
+                    "stderr": "",
+                    "success": true
+                }
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    // ----- Cancelled notifications -----
+
+    #[test]
+    fn serialize_notification_cancelled_with_reason_full_json() {
+        let params = CancelNotificationParams {
+            request_id: RequestId::String("r-123".into()),
+            reason: Some("user_cancelled".into()),
+        };
+
+        let observed = to_val(&ClientNotification::Cancelled(params));
+        let expected = json!({
+            "method": "notifications/cancelled",
+            "params": {
+                "requestId": "r-123",
+                "reason": "user_cancelled"
+            }
+        });
+        assert_eq!(observed, expected);
+    }
+
+    #[test]
+    fn serialize_notification_cancelled_without_reason_full_json() {
+        let params = CancelNotificationParams {
+            request_id: RequestId::Integer(77),
+            reason: None,
+        };
+
+        let observed = to_val(&ClientNotification::Cancelled(params));
+
+        // Check exact structure: reason must be omitted.
+        assert_eq!(observed["method"], "notifications/cancelled");
+        assert_eq!(observed["params"]["requestId"], 77);
+        assert!(
+            observed["params"].get("reason").is_none(),
+            "reason must be omitted when None"
+        );
+    }
+}

codex-rs/mcp-server/src/outgoing_message.rs

@@ -18,6 +18,7 @@ use tokio::sync::mpsc;
 use tokio::sync::oneshot;
 use tracing::warn;
 
+/// Sends messages to the client and manages request callbacks.
 pub(crate) struct OutgoingMessageSender {
     next_request_id: AtomicI64,
     sender: mpsc::Sender<OutgoingMessage>,
@@ -78,16 +79,47 @@ impl OutgoingMessageSender {
         let _ = self.sender.send(outgoing_message).await;
     }
 
-    pub(crate) async fn send_event_as_notification(&self, event: &Event) {
-        #[expect(clippy::expect_used)]
-        let params = Some(serde_json::to_value(event).expect("Event must serialize"));
+    pub(crate) async fn send_event_as_notification(
+        &self,
+        event: &Event,
+        meta: Option<OutgoingNotificationMeta>,
+    ) {
+        #[allow(clippy::expect_used)]
+        let event_json = serde_json::to_value(event).expect("Event must serialize");
+
+        let params = if let Ok(params) = serde_json::to_value(OutgoingNotificationParams {
+            meta,
+            event: event_json.clone(),
+        }) {
+            params
+        } else {
+            warn!("Failed to serialize event as OutgoingNotificationParams");
+            event_json
+        };
+
         let outgoing_message = OutgoingMessage::Notification(OutgoingNotification {
             method: "codex/event".to_string(),
+            params: Some(params.clone()),
+        });
+        let _ = self.sender.send(outgoing_message).await;
+
+        self.send_event_as_notification_new_schema(event, Some(params.clone()))
+            .await;
+    }
+
+    // should be backwards compatible.
+    // it will replace send_event_as_notification eventually.
+    async fn send_event_as_notification_new_schema(
+        &self,
+        event: &Event,
+        params: Option<serde_json::Value>,
+    ) {
+        let outgoing_message = OutgoingMessage::Notification(OutgoingNotification {
+            method: event.msg.to_string(),
             params,
         });
         let _ = self.sender.send(outgoing_message).await;
     }
-
     pub(crate) async fn send_error(&self, id: RequestId, error: JSONRPCErrorError) {
         let outgoing_message = OutgoingMessage::Error(OutgoingError { id, error });
         let _ = self.sender.send(outgoing_message).await;
@@ -152,6 +184,30 @@ pub(crate) struct OutgoingNotification {
     pub params: Option<serde_json::Value>,
 }
 
+#[derive(Debug, Clone, PartialEq, Serialize)]
+pub(crate) struct OutgoingNotificationParams {
+    #[serde(rename = "_meta", default, skip_serializing_if = "Option::is_none")]
+    pub meta: Option<OutgoingNotificationMeta>,
+
+    #[serde(flatten)]
+    pub event: serde_json::Value,
+}
+
+// Additional mcp-specific data to be added to a [`codex_core::protocol::Event`] as notification.params._meta
+// MCP Spec: https://modelcontextprotocol.io/specification/2025-06-18/basic#meta
+// Typescript Schema: https://github.com/modelcontextprotocol/modelcontextprotocol/blob/0695a497eb50a804fc0e88c18a93a21a675d6b3e/schema/2025-06-18/schema.ts
+#[derive(Debug, Clone, PartialEq, Serialize)]
+#[serde(rename_all = "camelCase")]
+pub(crate) struct OutgoingNotificationMeta {
+    pub request_id: Option<RequestId>,
+}
+
+impl OutgoingNotificationMeta {
+    pub(crate) fn new(request_id: Option<RequestId>) -> Self {
+        Self { request_id }
+    }
+}
+
 #[derive(Debug, Clone, PartialEq, Serialize)]
 pub(crate) struct OutgoingResponse {
     pub id: RequestId,
@@ -163,3 +219,113 @@ pub(crate) struct OutgoingError {
     pub error: JSONRPCErrorError,
     pub id: RequestId,
 }
+
+#[cfg(test)]
+mod tests {
+    #![allow(clippy::unwrap_used)]
+
+    use codex_core::protocol::EventMsg;
+    use codex_core::protocol::SessionConfiguredEvent;
+    use pretty_assertions::assert_eq;
+    use serde_json::json;
+    use uuid::Uuid;
+
+    use super::*;
+
+    #[tokio::test]
+    async fn test_send_event_as_notification() {
+        let (outgoing_tx, mut outgoing_rx) = mpsc::channel::<OutgoingMessage>(2);
+        let outgoing_message_sender = OutgoingMessageSender::new(outgoing_tx);
+
+        let event = Event {
+            id: "1".to_string(),
+            msg: EventMsg::SessionConfigured(SessionConfiguredEvent {
+                session_id: Uuid::new_v4(),
+                model: "gpt-4o".to_string(),
+                history_log_id: 1,
+                history_entry_count: 1000,
+            }),
+        };
+
+        outgoing_message_sender
+            .send_event_as_notification(&event, None)
+            .await;
+
+        let result = outgoing_rx.recv().await.unwrap();
+        let OutgoingMessage::Notification(OutgoingNotification { method, params }) = result else {
+            panic!("expected Notification for first message");
+        };
+        assert_eq!(method, "codex/event");
+
+        let Ok(expected_params) = serde_json::to_value(&event) else {
+            panic!("Event must serialize");
+        };
+        assert_eq!(params, Some(expected_params.clone()));
+
+        let result2 = outgoing_rx.recv().await.unwrap();
+        let OutgoingMessage::Notification(OutgoingNotification {
+            method: method2,
+            params: params2,
+        }) = result2
+        else {
+            panic!("expected Notification for second message");
+        };
+        assert_eq!(method2, event.msg.to_string());
+        assert_eq!(params2, Some(expected_params));
+    }
+
+    #[tokio::test]
+    async fn test_send_event_as_notification_with_meta() {
+        let (outgoing_tx, mut outgoing_rx) = mpsc::channel::<OutgoingMessage>(2);
+        let outgoing_message_sender = OutgoingMessageSender::new(outgoing_tx);
+
+        let session_configured_event = SessionConfiguredEvent {
+            session_id: Uuid::new_v4(),
+            model: "gpt-4o".to_string(),
+            history_log_id: 1,
+            history_entry_count: 1000,
+        };
+        let event = Event {
+            id: "1".to_string(),
+            msg: EventMsg::SessionConfigured(session_configured_event.clone()),
+        };
+        let meta = OutgoingNotificationMeta {
+            request_id: Some(RequestId::String("123".to_string())),
+        };
+
+        outgoing_message_sender
+            .send_event_as_notification(&event, Some(meta))
+            .await;
+
+        let result = outgoing_rx.recv().await.unwrap();
+        let OutgoingMessage::Notification(OutgoingNotification { method, params }) = result else {
+            panic!("expected Notification for first message");
+        };
+        assert_eq!(method, "codex/event");
+        let expected_params = json!({
+            "_meta": {
+                "requestId": "123",
+            },
+            "id": "1",
+            "msg": {
+                "session_id": session_configured_event.session_id,
+                "model": session_configured_event.model,
+                "history_log_id": session_configured_event.history_log_id,
+                "history_entry_count": session_configured_event.history_entry_count,
+                "type": "session_configured",
+            }
+        });
+        assert_eq!(params.unwrap(), expected_params);
+
+        let result2 = outgoing_rx.recv().await.unwrap();
+        let OutgoingMessage::Notification(OutgoingNotification {
+            method: method2,
+            params: params2,
+        }) = result2
+        else {
+            panic!("expected Notification for second message");
+        };
+        assert_eq!(method2, event.msg.to_string());
+        assert_eq!(params2.unwrap(), expected_params);
+    }
+}

codex-rs/mcp-server/tests/common/mcp_process.rs

@@ -270,27 +270,49 @@ impl McpProcess {
     pub async fn read_stream_until_configured_response_message(
         &mut self,
     ) -> anyhow::Result<String> {
+        let mut sid_old: Option<String> = None;
+        let mut sid_new: Option<String> = None;
         loop {
             let message = self.read_jsonrpc_message().await?;
             eprint!("message: {message:?}");
 
             match message {
                 JSONRPCMessage::Notification(notification) => {
-                    if notification.method == "codex/event" {
-                        if let Some(params) = notification.params {
+                    if let Some(params) = notification.params {
+                        // Back-compat schema: method == "codex/event" and msg.type == "session_configured"
+                        if notification.method == "codex/event" {
                             if let Some(msg) = params.get("msg") {
-                                if let Some(msg_type) = msg.get("type") {
-                                    if msg_type == "session_configured" {
-                                        if let Some(session_id) = msg.get("session_id") {
-                                            return Ok(session_id
-                                                .to_string()
-                                                .trim_matches('"')
-                                                .to_string());
-                                        }
+                                if msg.get("type").and_then(|v| v.as_str())
+                                    == Some("session_configured")
+                                {
+                                    if let Some(session_id) =
+                                        msg.get("session_id").and_then(|v| v.as_str())
+                                    {
+                                        sid_old = Some(session_id.to_string());
                                     }
                                 }
                             }
                         }
+                        // New schema: method is the Display of EventMsg::SessionConfigured => "SessionConfigured"
+                        if notification.method == "session_configured" {
+                            if let Some(msg) = params.get("msg") {
+                                if let Some(session_id) =
+                                    msg.get("session_id").and_then(|v| v.as_str())
+                                {
+                                    sid_new = Some(session_id.to_string());
+                                }
+                            }
+                        }
+                    }
+
+                    if sid_old.is_some() && sid_new.is_some() {
+                        // Both seen, they must match
+                        assert_eq!(
+                            sid_old.as_ref().unwrap(),
+                            sid_new.as_ref().unwrap(),
+                            "session_id mismatch between old and new schema"
+                        );
+                        return Ok(sid_old.unwrap());
                     }
                 }
                 JSONRPCMessage::Request(_) => {

codex-rs/mcp-server/tests/interrupt.rs

@@ -81,6 +81,7 @@ async fn shell_command_interruption() -> anyhow::Result<()> {
             sandbox: None,
             config: None,
             base_instructions: None,
+            include_plan_tool: None,
         })
         .await?;
 

codex-rs/tui/Cargo.toml

@@ -19,6 +19,7 @@ anyhow = "1"
 base64 = "0.22.1"
 clap = { version = "4", features = ["derive"] }
 codex-ansi-escape = { path = "../ansi-escape" }
+codex-arg0 = { path = "../arg0" }
 codex-core = { path = "../core" }
 codex-common = { path = "../common", features = [
     "cli",
@@ -26,7 +27,6 @@ codex-common = { path = "../common", features = [
     "sandbox_summary",
 ] }
 codex-file-search = { path = "../file-search" }
-codex-linux-sandbox = { path = "../linux-sandbox" }
 codex-login = { path = "../login" }
 color-eyre = "0.6.3"
 crossterm = { version = "0.28.1", features = ["bracketed-paste"] }
@@ -35,8 +35,9 @@ lazy_static = "1"
 mcp-types = { path = "../mcp-types" }
 path-clean = "1.0.1"
 ratatui = { version = "0.29.0", features = [
-    "unstable-widget-ref",
+    "scrolling-regions",
     "unstable-rendered-line-info",
+    "unstable-widget-ref",
 ] }
 ratatui-image = "8.0.0"
 regex-lite = "0.1"

codex-rs/tui/src/app.rs

@@ -5,17 +5,15 @@ use crate::file_search::FileSearchManager;
 use crate::get_git_diff::get_git_diff;
 use crate::git_warning_screen::GitWarningOutcome;
 use crate::git_warning_screen::GitWarningScreen;
-use crate::login_screen::LoginScreen;
-use crate::scroll_event_helper::ScrollEventHelper;
 use crate::slash_command::SlashCommand;
 use crate::tui;
 use codex_core::config::Config;
 use codex_core::protocol::Event;
+use codex_core::protocol::EventMsg;
+use codex_core::protocol::Op;
 use color_eyre::eyre::Result;
 use crossterm::event::KeyCode;
 use crossterm::event::KeyEvent;
-use crossterm::event::MouseEvent;
-use crossterm::event::MouseEventKind;
 use std::path::PathBuf;
 use std::sync::Arc;
 use std::sync::atomic::AtomicBool;
@@ -37,8 +35,6 @@ enum AppState<'a> {
         /// `AppState`.
         widget: Box<ChatWidget<'a>>,
     },
-    /// The login screen for the OpenAI provider.
-    Login { screen: LoginScreen },
     /// The start-up warning that recommends running codex inside a Git repo.
     GitWarning { screen: GitWarningScreen },
 }
@@ -59,78 +55,66 @@ pub(crate) struct App<'a> {
     /// Stored parameters needed to instantiate the ChatWidget later, e.g.,
     /// after dismissing the Git-repo warning.
     chat_args: Option<ChatWidgetArgs>,
-}
 
-/// Aggregate parameters needed to create a `ChatWidget`, as creation may be
-/// deferred until after the Git warning screen is dismissed.
-#[derive(Clone)]
-struct ChatWidgetArgs {
-    config: Config,
-    initial_prompt: Option<String>,
-    initial_images: Vec<PathBuf>,
+    /// Tracks pending summarization requests for the compact feature.
+    pending_summarization: Option<PendingSummarization>,
 }
 
 impl App<'_> {
     pub(crate) fn new(
         config: Config,
         initial_prompt: Option<String>,
-        show_login_screen: bool,
         show_git_warning: bool,
         initial_images: Vec<std::path::PathBuf>,
     ) -> Self {
         let (app_event_tx, app_event_rx) = channel();
         let app_event_tx = AppEventSender::new(app_event_tx);
         let pending_redraw = Arc::new(AtomicBool::new(false));
-        let scroll_event_helper = ScrollEventHelper::new(app_event_tx.clone());
 
         // Spawn a dedicated thread for reading the crossterm event loop and
         // re-publishing the events as AppEvents, as appropriate.
         {
             let app_event_tx = app_event_tx.clone();
             std::thread::spawn(move || {
-                while let Ok(event) = crossterm::event::read() {
-                    match event {
-                        crossterm::event::Event::Key(key_event) => {
-                            app_event_tx.send(AppEvent::KeyEvent(key_event));
-                        }
-                        crossterm::event::Event::Resize(_, _) => {
-                            app_event_tx.send(AppEvent::RequestRedraw);
-                        }
-                        crossterm::event::Event::Mouse(MouseEvent {
-                            kind: MouseEventKind::ScrollUp,
-                            ..
-                        }) => {
-                            scroll_event_helper.scroll_up();
-                        }
-                        crossterm::event::Event::Mouse(MouseEvent {
-                            kind: MouseEventKind::ScrollDown,
-                            ..
-                        }) => {
-                            scroll_event_helper.scroll_down();
-                        }
-                        crossterm::event::Event::Paste(pasted) => {
-                            app_event_tx.send(AppEvent::Paste(pasted));
-                        }
-                        _ => {
-                            // Ignore any other events.
+                loop {
+                    // This timeout is necessary to avoid holding the event lock
+                    // that crossterm::event::read() acquires. In particular,
+                    // reading the cursor position (crossterm::cursor::position())
+                    // needs to acquire the event lock, and so will fail if it
+                    // can't acquire it within 2 sec. Resizing the terminal
+                    // crashes the app if the cursor position can't be read.
+                    if let Ok(true) = crossterm::event::poll(Duration::from_millis(100)) {
+                        if let Ok(event) = crossterm::event::read() {
+                            match event {
+                                crossterm::event::Event::Key(key_event) => {
+                                    app_event_tx.send(AppEvent::KeyEvent(key_event));
+                                }
+                                crossterm::event::Event::Resize(_, _) => {
+                                    app_event_tx.send(AppEvent::RequestRedraw);
+                                }
+                                crossterm::event::Event::Paste(pasted) => {
+                                    // Many terminals convert newlines to \r when
+                                    // pasting, e.g. [iTerm2][]. But [tui-textarea
+                                    // expects \n][tui-textarea]. This seems like a bug
+                                    // in tui-textarea IMO, but work around it for now.
+                                    // [tui-textarea]: https://github.com/rhysd/tui-textarea/blob/4d18622eeac13b309e0ff6a55a46ac6706da68cf/src/textarea.rs#L782-L783
+                                    // [iTerm2]: https://github.com/gnachman/iTerm2/blob/5d0c0d9f68523cbd0494dad5422998964a2ecd8d/sources/iTermPasteHelper.m#L206-L216
+                                    let pasted = pasted.replace("\r", "\n");
+                                    app_event_tx.send(AppEvent::Paste(pasted));
+                                }
+                                _ => {
+                                    // Ignore any other events.
+                                }
+                            }
                         }
+                    } else {
+                        // Timeout expired, no `Event` is available
                     }
                 }
             });
         }
 
-        let (app_state, chat_args) = if show_login_screen {
-            (
-                AppState::Login {
-                    screen: LoginScreen::new(app_event_tx.clone(), config.codex_home.clone()),
-                },
-                Some(ChatWidgetArgs {
-                    config: config.clone(),
-                    initial_prompt,
-                    initial_images,
-                }),
-            )
-        } else if show_git_warning {
+        let (app_state, chat_args) = if show_git_warning {
             (
                 AppState::GitWarning {
                     screen: GitWarningScreen::new(),
@@ -165,6 +149,7 @@ impl App<'_> {
             file_search,
             pending_redraw,
             chat_args,
+            pending_summarization: None,
         }
     }
 
@@ -224,7 +209,7 @@ impl App<'_> {
                                 AppState::Chat { widget } => {
                                     widget.on_ctrl_c();
                                 }
-                                AppState::Login { .. } | AppState::GitWarning { .. } => {
+                                AppState::GitWarning { .. } => {
                                     // No-op.
                                 }
                             }
@@ -245,7 +230,7 @@ impl App<'_> {
                                         self.dispatch_key_event(key_event);
                                     }
                                 }
-                                AppState::Login { .. } | AppState::GitWarning { .. } => {
+                                AppState::GitWarning { .. } => {
                                     self.app_event_tx.send(AppEvent::ExitRequest);
                                 }
                             }
@@ -255,9 +240,6 @@ impl App<'_> {
                         }
                     };
                 }
-                AppEvent::Scroll(scroll_delta) => {
-                    self.dispatch_scroll_event(scroll_delta);
-                }
                 AppEvent::Paste(text) => {
                     self.dispatch_paste_event(text);
                 }
@@ -269,11 +251,11 @@ impl App<'_> {
                 }
                 AppEvent::CodexOp(op) => match &mut self.app_state {
                     AppState::Chat { widget } => widget.submit_op(op),
-                    AppState::Login { .. } | AppState::GitWarning { .. } => {}
+                    AppState::GitWarning { .. } => {}
                 },
                 AppEvent::LatestLog(line) => match &mut self.app_state {
                     AppState::Chat { widget } => widget.update_latest_log(line),
-                    AppState::Login { .. } | AppState::GitWarning { .. } => {}
+                    AppState::GitWarning { .. } => {}
                 },
                 AppEvent::DispatchCommand(command) => match command {
                     SlashCommand::New => {
@@ -286,6 +268,18 @@ impl App<'_> {
                         self.app_state = AppState::Chat { widget: new_widget };
                         self.app_event_tx.send(AppEvent::RequestRedraw);
                     }
+                    SlashCommand::Compact => {
+                        if let AppState::Chat { widget } = &mut self.app_state {
+                            // Submit the summarization request to the current widget
+                            widget.submit_op(Op::SummarizeContext);
+
+                            // Set up tracking for the summary response
+                            self.pending_summarization = Some(PendingSummarization {
+                                summary_buffer: String::new(),
+                                started_receiving: false,
+                            });
+                        }
+                    }
                     SlashCommand::Quit => {
                         break;
                     }
@@ -329,9 +323,7 @@ impl App<'_> {
     pub(crate) fn token_usage(&self) -> codex_core::protocol::TokenUsage {
         match &self.app_state {
             AppState::Chat { widget } => widget.token_usage().clone(),
-            AppState::Login { .. } | AppState::GitWarning { .. } => {
-                codex_core::protocol::TokenUsage::default()
-            }
+            AppState::GitWarning { .. } => codex_core::protocol::TokenUsage::default(),
         }
     }
 
@@ -342,9 +334,6 @@ impl App<'_> {
             AppState::Chat { widget } => {
                 terminal.draw(|frame| frame.render_widget_ref(&**widget, frame.area()))?;
             }
-            AppState::Login { screen } => {
-                terminal.draw(|frame| frame.render_widget_ref(&*screen, frame.area()))?;
-            }
             AppState::GitWarning { screen } => {
                 terminal.draw(|frame| frame.render_widget_ref(&*screen, frame.area()))?;
             }
@@ -359,7 +348,6 @@ impl App<'_> {
             AppState::Chat { widget } => {
                 widget.handle_key_event(key_event);
             }
-            AppState::Login { screen } => screen.handle_key_event(key_event),
             AppState::GitWarning { screen } => match screen.handle_key_event(key_event) {
                 GitWarningOutcome::Continue => {
                     // User accepted – switch to chat view.
@@ -390,21 +378,118 @@ impl App<'_> {
     fn dispatch_paste_event(&mut self, pasted: String) {
         match &mut self.app_state {
             AppState::Chat { widget } => widget.handle_paste(pasted),
-            AppState::Login { .. } | AppState::GitWarning { .. } => {}
-        }
-    }
-
-    fn dispatch_scroll_event(&mut self, scroll_delta: i32) {
-        match &mut self.app_state {
-            AppState::Chat { widget } => widget.handle_scroll_delta(scroll_delta),
-            AppState::Login { .. } | AppState::GitWarning { .. } => {}
+            AppState::GitWarning { .. } => {}
         }
     }
 
     fn dispatch_codex_event(&mut self, event: Event) {
+        // First check if we're waiting for a summarization response
+        if self.pending_summarization.is_some() {
+            self.handle_summarization_response(event);
+            return;
+        }
+
+        // Otherwise dispatch to the current app state
         match &mut self.app_state {
             AppState::Chat { widget } => widget.handle_codex_event(event),
-            AppState::Login { .. } | AppState::GitWarning { .. } => {}
+            AppState::GitWarning { .. } => {}
+        }
+    }
+
+    /// Handles responses during a summarization request.
+    fn handle_summarization_response(&mut self, event: Event) {
+        match &event.msg {
+            EventMsg::AgentMessage(msg) => {
+                // Only collect messages once we've started receiving the summarization
+                if let Some(ref mut pending) = self.pending_summarization {
+                    // Start collecting once we see a message that looks like a summary
+                    if !pending.started_receiving && msg.message.contains("summarize") {
+                        pending.started_receiving = true;
+                    }
+
+                    if pending.started_receiving {
+                        pending.summary_buffer.push_str(&msg.message);
+                        pending.summary_buffer.push('\n');
+                    }
+                }
+            }
+            EventMsg::TaskComplete(_) => {
+                // Task is complete, now create a new widget with the summary
+                if let Some(pending) = self.pending_summarization.take() {
+                    let summary = create_compact_summary_prompt(&pending.summary_buffer);
+
+                    // Create new widget with summary as initial prompt
+                    let new_widget = Box::new(ChatWidget::new(
+                        self.config.clone(),
+                        self.app_event_tx.clone(),
+                        Some(summary),
+                        Vec::new(),
+                    ));
+                    self.app_state = AppState::Chat { widget: new_widget };
+                    self.app_event_tx.send(AppEvent::Redraw);
+                }
+            }
+            _ => {}
         }
     }
 }
+
+/// State for tracking a pending summarization request.
+struct PendingSummarization {
+    /// Buffer to collect the summary response.
+    summary_buffer: String,
+    /// Whether we've received the first message of the summarization response.
+    started_receiving: bool,
+}
+
+/// Aggregate parameters needed to create a `ChatWidget`, as creation may be
+/// deferred until after the Git warning screen is dismissed.
+#[derive(Clone)]
+struct ChatWidgetArgs {
+    config: Config,
+    initial_prompt: Option<String>,
+    initial_images: Vec<PathBuf>,
+}
+
+/// Creates the initial prompt for a compacted conversation.
+fn create_compact_summary_prompt(summary_text: &str) -> String {
+    if summary_text.trim().is_empty() {
+        "Previous conversation has been summarized.".to_string()
+    } else {
+        format!(
+            r#"This chat is a continuation of a previous conversation. After providing the summary, acknowledge that /compact command has been applied. Here is the summary of the previous conversation:
+
+{}"#,
+            summary_text.trim()
+        )
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    #![allow(clippy::unwrap_used)]
+    use super::*;
+
+    #[test]
+    fn test_summary_buffer_accumulation() {
+        let mut buffer = String::new();
+
+        // Simulate the way we accumulate messages in pending_summarization
+        buffer.push_str("First message part");
+        buffer.push('\n');
+        buffer.push_str("Second message part");
+        buffer.push('\n');
+        buffer.push_str("Final message part");
+
+        let prompt = create_compact_summary_prompt(&buffer);
+
+        // Should contain all parts
+        assert!(prompt.contains("First message part"));
+        assert!(prompt.contains("Second message part"));
+        assert!(prompt.contains("Final message part"));
+
+        // Should preserve newlines in the content
+        let trimmed_buffer = buffer.trim();
+        assert!(prompt.contains(trimmed_buffer));
+    }
+}

codex-rs/tui/src/app_event.rs

@@ -6,7 +6,7 @@ use ratatui::text::Line;
 use crate::slash_command::SlashCommand;
 
 #[allow(clippy::large_enum_variant)]
-pub(crate) enum AppEvent {
+pub enum AppEvent {
     CodexEvent(Event),
 
     /// Request a redraw which will be debounced by the [`App`].
@@ -20,10 +20,6 @@ pub(crate) enum AppEvent {
     /// Text pasted from the terminal clipboard.
     Paste(String),
 
-    /// Scroll event with a value representing the "scroll delta" as the net
-    /// scroll up/down events within a short time window.
-    Scroll(i32),
-
     /// Request to exit the application gracefully.
     ExitRequest,
 

codex-rs/tui/src/app_event_sender.rs

@@ -3,18 +3,18 @@ use std::sync::mpsc::Sender;
 use crate::app_event::AppEvent;
 
 #[derive(Clone, Debug)]
-pub(crate) struct AppEventSender {
+pub struct AppEventSender {
     app_event_tx: Sender<AppEvent>,
 }
 
 impl AppEventSender {
-    pub(crate) fn new(app_event_tx: Sender<AppEvent>) -> Self {
+    pub fn new(app_event_tx: Sender<AppEvent>) -> Self {
         Self { app_event_tx }
     }
 
     /// Send an event to the app event channel. If it fails, we swallow the
     /// error and log it.
-    pub(crate) fn send(&self, event: AppEvent) {
+    pub fn send(&self, event: AppEvent) {
         if let Err(e) = self.app_event_tx.send(event) {
             tracing::error!("failed to send event: {e}");
         }

codex-rs/tui/src/bottom_pane/approval_modal_view.rs

@@ -9,6 +9,7 @@ use crate::user_approval_widget::UserApprovalWidget;
 
 use super::BottomPane;
 use super::BottomPaneView;
+use super::CancellationEvent;
 
 /// Modal overlay asking the user to approve/deny a sequence of requests.
 pub(crate) struct ApprovalModalView<'a> {
@@ -46,6 +47,12 @@ impl<'a> BottomPaneView<'a> for ApprovalModalView<'a> {
         self.maybe_advance();
     }
 
+    fn on_ctrl_c(&mut self, _pane: &mut BottomPane<'a>) -> CancellationEvent {
+        self.current.on_ctrl_c();
+        self.queue.clear();
+        CancellationEvent::Handled
+    }
+
     fn is_complete(&self) -> bool {
         self.current.is_complete() && self.queue.is_empty()
     }
@@ -59,3 +66,39 @@ impl<'a> BottomPaneView<'a> for ApprovalModalView<'a> {
         None
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::app_event::AppEvent;
+    use std::path::PathBuf;
+    use std::sync::mpsc::channel;
+
+    fn make_exec_request() -> ApprovalRequest {
+        ApprovalRequest::Exec {
+            id: "test".to_string(),
+            command: vec!["echo".to_string(), "hi".to_string()],
+            cwd: PathBuf::from("/tmp"),
+            reason: None,
+        }
+    }
+
+    #[test]
+    fn ctrl_c_aborts_and_clears_queue() {
+        let (tx_raw, _rx) = channel::<AppEvent>();
+        let tx = AppEventSender::new(tx_raw);
+        let first = make_exec_request();
+        let mut view = ApprovalModalView::new(first, tx);
+        view.enqueue_request(make_exec_request());
+
+        let (tx_raw2, _rx2) = channel::<AppEvent>();
+        let mut pane = BottomPane::new(super::super::BottomPaneParams {
+            app_event_tx: AppEventSender::new(tx_raw2),
+            has_input_focus: true,
+        });
+        assert_eq!(CancellationEvent::Handled, view.on_ctrl_c(&mut pane));
+        assert!(view.queue.is_empty());
+        assert!(view.current.is_complete());
+        assert!(view.is_complete());
+    }
+}

codex-rs/tui/src/bottom_pane/bottom_pane_view.rs

@@ -4,6 +4,7 @@ use ratatui::buffer::Buffer;
 use ratatui::layout::Rect;
 
 use super::BottomPane;
+use super::CancellationEvent;
 
 /// Type to use for a method that may require a redraw of the UI.
 pub(crate) enum ConditionalUpdate {
@@ -22,6 +23,11 @@ pub(crate) trait BottomPaneView<'a> {
         false
     }
 
+    /// Handle Ctrl-C while this view is active.
+    fn on_ctrl_c(&mut self, _pane: &mut BottomPane<'a>) -> CancellationEvent {
+        CancellationEvent::Ignored
+    }
+
     /// Render the view: this will be displayed in place of the composer.
     fn render(&self, area: Rect, buf: &mut Buffer);
 

codex-rs/tui/src/bottom_pane/chat_composer.rs

@@ -33,7 +33,7 @@ pub enum InputResult {
     None,
 }
 
-pub(crate) struct ChatComposer<'a> {
+pub struct ChatComposer<'a> {
     textarea: TextArea<'a>,
     active_popup: ActivePopup,
     app_event_tx: AppEventSender,
@@ -127,10 +127,6 @@ impl ChatComposer<'_> {
             .on_entry_response(log_id, offset, entry, &mut self.textarea)
     }
 
-    pub fn set_input_focus(&mut self, has_focus: bool) {
-        self.update_border(has_focus);
-    }
-
     pub fn handle_paste(&mut self, pasted: String) -> bool {
         let char_count = pasted.chars().count();
         if char_count > LARGE_PASTE_CHAR_THRESHOLD {
@@ -481,6 +477,17 @@ impl ChatComposer<'_> {
             }
         }
 
+        if let Input {
+            key: Key::Char('u'),
+            ctrl: true,
+            alt: false,
+            ..
+        } = input
+        {
+            self.textarea.delete_line_by_head();
+            return (InputResult::None, true);
+        }
+
         // Normal input handling
         self.textarea.input(input);
         let text_after = self.textarea.lines().join("\n");
@@ -638,13 +645,6 @@ impl ChatComposer<'_> {
                 .border_style(bs.border_style),
         );
     }
-
-    pub(crate) fn is_popup_visible(&self) -> bool {
-        match self.active_popup {
-            ActivePopup::Command(_) | ActivePopup::File(_) => true,
-            ActivePopup::None => false,
-        }
-    }
 }
 
 impl WidgetRef for &ChatComposer<'_> {

codex-rs/tui/src/bottom_pane/mod.rs

@@ -14,12 +14,18 @@ use ratatui::widgets::WidgetRef;
 
 mod approval_modal_view;
 mod bottom_pane_view;
-mod chat_composer;
+pub mod chat_composer;
 mod chat_composer_history;
 mod command_popup;
 mod file_search_popup;
 mod status_indicator_view;
 
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
+pub(crate) enum CancellationEvent {
+    Ignored,
+    Handled,
+}
+
 pub(crate) use chat_composer::ChatComposer;
 pub(crate) use chat_composer::InputResult;
 
@@ -80,6 +86,33 @@ impl BottomPane<'_> {
         }
     }
 
+    /// Handle Ctrl-C in the bottom pane. If a modal view is active it gets a
+    /// chance to consume the event (e.g. to dismiss itself).
+    pub(crate) fn on_ctrl_c(&mut self) -> CancellationEvent {
+        let mut view = match self.active_view.take() {
+            Some(view) => view,
+            None => return CancellationEvent::Ignored,
+        };
+
+        let event = view.on_ctrl_c(self);
+        match event {
+            CancellationEvent::Handled => {
+                if !view.is_complete() {
+                    self.active_view = Some(view);
+                } else if self.is_task_running {
+                    self.active_view = Some(Box::new(StatusIndicatorView::new(
+                        self.app_event_tx.clone(),
+                    )));
+                }
+                self.show_ctrl_c_quit_hint();
+            }
+            CancellationEvent::Ignored => {
+                self.active_view = Some(view);
+            }
+        }
+        event
+    }
+
     pub fn handle_paste(&mut self, pasted: String) {
         if self.active_view.is_none() {
             let needs_redraw = self.composer.handle_paste(pasted);
@@ -104,12 +137,6 @@ impl BottomPane<'_> {
         }
     }
 
-    /// Update the UI to reflect whether this `BottomPane` has input focus.
-    pub(crate) fn set_input_focus(&mut self, has_focus: bool) {
-        self.has_input_focus = has_focus;
-        self.composer.set_input_focus(has_focus);
-    }
-
     pub(crate) fn show_ctrl_c_quit_hint(&mut self) {
         self.ctrl_c_quit_hint = true;
         self.composer
@@ -203,11 +230,6 @@ impl BottomPane<'_> {
         self.app_event_tx.send(AppEvent::RequestRedraw)
     }
 
-    /// Returns true when a popup inside the composer is visible.
-    pub(crate) fn is_popup_visible(&self) -> bool {
-        self.active_view.is_none() && self.composer.is_popup_visible()
-    }
-
     // --- History helpers ---
 
     pub(crate) fn set_history_metadata(&mut self, log_id: u64, entry_count: usize) {
@@ -245,3 +267,34 @@ impl WidgetRef for &BottomPane<'_> {
         }
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::app_event::AppEvent;
+    use std::path::PathBuf;
+    use std::sync::mpsc::channel;
+
+    fn exec_request() -> ApprovalRequest {
+        ApprovalRequest::Exec {
+            id: "1".to_string(),
+            command: vec!["echo".into(), "ok".into()],
+            cwd: PathBuf::from("."),
+            reason: None,
+        }
+    }
+
+    #[test]
+    fn ctrl_c_on_modal_consumes_and_shows_quit_hint() {
+        let (tx_raw, _rx) = channel::<AppEvent>();
+        let tx = AppEventSender::new(tx_raw);
+        let mut pane = BottomPane::new(BottomPaneParams {
+            app_event_tx: tx,
+            has_input_focus: true,
+        });
+        pane.push_approval_request(exec_request());
+        assert_eq!(CancellationEvent::Handled, pane.on_ctrl_c());
+        assert!(pane.ctrl_c_quit_hint_visible());
+        assert_eq!(CancellationEvent::Ignored, pane.on_ctrl_c());
+    }
+}

codex-rs/tui/src/cell_widget.rs

@@ -1,20 +0,0 @@
-use ratatui::prelude::*;
-
-/// Trait implemented by every type that can live inside the conversation
-/// history list.  It provides two primitives that the parent scroll-view
-/// needs: how *tall* the widget is at a given width and how to render an
-/// arbitrary contiguous *window* of that widget.
-///
-/// The `first_visible_line` argument to [`render_window`] allows partial
-/// rendering when the top of the widget is scrolled off-screen.  The caller
-/// guarantees that `first_visible_line + area.height as usize` never exceeds
-/// the total height previously returned by [`height`].
-pub(crate) trait CellWidget {
-    /// Total height measured in wrapped terminal lines when drawn with the
-    /// given *content* width (no scrollbar column included).
-    fn height(&self, width: u16) -> usize;
-
-    /// Render a *window* that starts `first_visible_line` lines below the top
-    /// of the widget. The window’s size is given by `area`.
-    fn render_window(&self, first_visible_line: usize, area: Rect, buf: &mut Buffer);
-}

codex-rs/tui/src/chatwidget.rs

@@ -1,6 +1,8 @@
 use std::path::PathBuf;
 use std::sync::Arc;
+use std::time::Duration;
 
+use codex_core::codex_wrapper::CodexConversation;
 use codex_core::codex_wrapper::init_codex;
 use codex_core::config::Config;
 use codex_core::protocol::AgentMessageDeltaEvent;
@@ -33,8 +35,11 @@ use crate::app_event::AppEvent;
 use crate::app_event_sender::AppEventSender;
 use crate::bottom_pane::BottomPane;
 use crate::bottom_pane::BottomPaneParams;
+use crate::bottom_pane::CancellationEvent;
 use crate::bottom_pane::InputResult;
-use crate::conversation_history_widget::ConversationHistoryWidget;
+use crate::exec_command::strip_bash_lc_and_escape;
+use crate::history_cell::CommandOutput;
+use crate::history_cell::HistoryCell;
 use crate::history_cell::PatchEventType;
 use crate::user_approval_widget::ApprovalRequest;
 use codex_file_search::FileMatch;
@@ -42,9 +47,7 @@ use codex_file_search::FileMatch;
 pub(crate) struct ChatWidget<'a> {
     app_event_tx: AppEventSender,
     codex_op_tx: UnboundedSender<Op>,
-    conversation_history: ConversationHistoryWidget,
     bottom_pane: BottomPane<'a>,
-    input_focus: InputFocus,
     config: Config,
     initial_user_message: Option<UserMessage>,
     token_usage: TokenUsage,
@@ -55,12 +58,6 @@ pub(crate) struct ChatWidget<'a> {
     answer_buffer: String,
 }
 
-#[derive(Clone, Copy, Eq, PartialEq)]
-enum InputFocus {
-    HistoryPane,
-    BottomPane,
-}
-
 struct UserMessage {
     text: String,
     image_paths: Vec<PathBuf>,
@@ -96,19 +93,22 @@ impl ChatWidget<'_> {
         // Create the Codex asynchronously so the UI loads as quickly as possible.
         let config_for_agent_loop = config.clone();
         tokio::spawn(async move {
-            let (codex, session_event, _ctrl_c, _session_id) =
-                match init_codex(config_for_agent_loop).await {
-                    Ok(vals) => vals,
-                    Err(e) => {
-                        // TODO: surface this error to the user.
-                        tracing::error!("failed to initialize codex: {e}");
-                        return;
-                    }
-                };
+            let CodexConversation {
+                codex,
+                session_configured,
+                ..
+            } = match init_codex(config_for_agent_loop).await {
+                Ok(vals) => vals,
+                Err(e) => {
+                    // TODO: surface this error to the user.
+                    tracing::error!("failed to initialize codex: {e}");
+                    return;
+                }
+            };
 
             // Forward the captured `SessionInitialized` event that was consumed
             // inside `init_codex()` so it can be rendered in the UI.
-            app_event_tx_clone.send(AppEvent::CodexEvent(session_event.clone()));
+            app_event_tx_clone.send(AppEvent::CodexEvent(session_configured.clone()));
             let codex = Arc::new(codex);
             let codex_clone = codex.clone();
             tokio::spawn(async move {
@@ -128,12 +128,10 @@ impl ChatWidget<'_> {
         Self {
             app_event_tx: app_event_tx.clone(),
             codex_op_tx,
-            conversation_history: ConversationHistoryWidget::new(),
             bottom_pane: BottomPane::new(BottomPaneParams {
                 app_event_tx,
                 has_input_focus: true,
             }),
-            input_focus: InputFocus::BottomPane,
             config,
             initial_user_message: create_initial_user_message(
                 initial_prompt.unwrap_or_default(),
@@ -147,51 +145,22 @@ impl ChatWidget<'_> {
 
     pub(crate) fn handle_key_event(&mut self, key_event: KeyEvent) {
         self.bottom_pane.clear_ctrl_c_quit_hint();
-        // Special-case <Tab>: normally toggles focus between history and bottom panes.
-        // However, when the slash-command popup is visible we forward the key
-        // to the bottom pane so it can handle auto-completion.
-        if matches!(key_event.code, crossterm::event::KeyCode::Tab)
-            && !self.bottom_pane.is_popup_visible()
-        {
-            self.input_focus = match self.input_focus {
-                InputFocus::HistoryPane => InputFocus::BottomPane,
-                InputFocus::BottomPane => InputFocus::HistoryPane,
-            };
-            self.conversation_history
-                .set_input_focus(self.input_focus == InputFocus::HistoryPane);
-            self.bottom_pane
-                .set_input_focus(self.input_focus == InputFocus::BottomPane);
-            self.request_redraw();
-            return;
-        }
 
-        match self.input_focus {
-            InputFocus::HistoryPane => {
-                let needs_redraw = self.conversation_history.handle_key_event(key_event);
-                if needs_redraw {
-                    self.request_redraw();
-                }
+        match self.bottom_pane.handle_key_event(key_event) {
+            InputResult::Submitted(text) => {
+                self.submit_user_message(text.into());
             }
-            InputFocus::BottomPane => match self.bottom_pane.handle_key_event(key_event) {
-                InputResult::Submitted(text) => {
-                    self.submit_user_message(text.into());
-                }
-                InputResult::None => {}
-            },
+            InputResult::None => {}
         }
     }
 
     pub(crate) fn handle_paste(&mut self, text: String) {
-        if matches!(self.input_focus, InputFocus::BottomPane) {
-            self.bottom_pane.handle_paste(text);
-        }
+        self.bottom_pane.handle_paste(text);
     }
 
-    /// Emits the last entry's plain lines from conversation_history, if any.
-    fn emit_last_history_entry(&mut self) {
-        if let Some(lines) = self.conversation_history.last_entry_plain_lines() {
-            self.app_event_tx.send(AppEvent::InsertHistory(lines));
-        }
+    pub(crate) fn add_to_history(&mut self, cell: HistoryCell) {
+        self.app_event_tx
+            .send(AppEvent::InsertHistory(cell.plain_lines()));
     }
 
     fn submit_user_message(&mut self, user_message: UserMessage) {
@@ -227,28 +196,18 @@ impl ChatWidget<'_> {
 
         // Only show text portion in conversation history for now.
         if !text.is_empty() {
-            self.conversation_history.add_user_message(text.clone());
-            self.emit_last_history_entry();
+            self.add_to_history(HistoryCell::new_user_prompt(text.clone()));
         }
-        self.conversation_history.scroll_to_bottom();
     }
 
     pub(crate) fn handle_codex_event(&mut self, event: Event) {
         let Event { id, msg } = event;
         match msg {
             EventMsg::SessionConfigured(event) => {
-                // Record session information at the top of the conversation.
-                self.conversation_history
-                    .add_session_info(&self.config, event.clone());
-                // Immediately surface the session banner / settings summary in
-                // scrollback so the user can review configuration (model,
-                // sandbox, approvals, etc.) before interacting.
-                self.emit_last_history_entry();
-
-                // Forward history metadata to the bottom pane so the chat
-                // composer can navigate through past messages.
                 self.bottom_pane
                     .set_history_metadata(event.history_log_id, event.history_entry_count);
+                // Record session information at the top of the conversation.
+                self.add_to_history(HistoryCell::new_session_info(&self.config, event, true));
 
                 if let Some(user_message) = self.initial_user_message.take() {
                     // If the user provided an initial message, add it to the
@@ -270,9 +229,7 @@ impl ChatWidget<'_> {
                     message
                 };
                 if !full.is_empty() {
-                    self.conversation_history
-                        .add_agent_message(&self.config, full);
-                    self.emit_last_history_entry();
+                    self.add_to_history(HistoryCell::new_agent_message(&self.config, full));
                 }
                 self.request_redraw();
             }
@@ -299,9 +256,7 @@ impl ChatWidget<'_> {
                     text
                 };
                 if !full.is_empty() {
-                    self.conversation_history
-                        .add_agent_reasoning(&self.config, full);
-                    self.emit_last_history_entry();
+                    self.add_to_history(HistoryCell::new_agent_reasoning(&self.config, full));
                 }
                 self.request_redraw();
             }
@@ -322,8 +277,7 @@ impl ChatWidget<'_> {
                     .set_token_usage(self.token_usage.clone(), self.config.model_context_window);
             }
             EventMsg::Error(ErrorEvent { message }) => {
-                self.conversation_history.add_error(message.clone());
-                self.emit_last_history_entry();
+                self.add_to_history(HistoryCell::new_error_event(message.clone()));
                 self.bottom_pane.set_task_running(false);
             }
             EventMsg::ExecApprovalRequest(ExecApprovalRequestEvent {
@@ -332,6 +286,18 @@ impl ChatWidget<'_> {
                 cwd,
                 reason,
             }) => {
+                // Print the command to the history so it is visible in the
+                // transcript *before* the modal asks for approval.
+                let cmdline = strip_bash_lc_and_escape(&command);
+                let text = format!(
+                    "command requires approval:\n$ {cmdline}{reason}",
+                    reason = reason
+                        .as_ref()
+                        .map(|r| format!("\n{r}"))
+                        .unwrap_or_default()
+                );
+                self.add_to_history(HistoryCell::new_background_event(text));
+
                 let request = ApprovalRequest::Exec {
                     id,
                     command,
@@ -339,6 +305,7 @@ impl ChatWidget<'_> {
                     reason,
                 };
                 self.bottom_pane.push_approval_request(request);
+                self.request_redraw();
             }
             EventMsg::ApplyPatchApprovalRequest(ApplyPatchApprovalRequestEvent {
                 call_id: _,
@@ -357,11 +324,10 @@ impl ChatWidget<'_> {
                 // prompt before they have seen *what* is being requested.
                 // ------------------------------------------------------------------
 
-                self.conversation_history
-                    .add_patch_event(PatchEventType::ApprovalRequest, changes);
-                self.emit_last_history_entry();
-
-                self.conversation_history.scroll_to_bottom();
+                self.add_to_history(HistoryCell::new_patch_event(
+                    PatchEventType::ApprovalRequest,
+                    changes,
+                ));
 
                 // Now surface the approval request in the BottomPane as before.
                 let request = ApprovalRequest::ApplyPatch {
@@ -373,13 +339,11 @@ impl ChatWidget<'_> {
                 self.request_redraw();
             }
             EventMsg::ExecCommandBegin(ExecCommandBeginEvent {
-                call_id,
+                call_id: _,
                 command,
                 cwd: _,
             }) => {
-                self.conversation_history
-                    .add_active_exec_command(call_id, command);
-                self.emit_last_history_entry();
+                self.add_to_history(HistoryCell::new_active_exec_command(command));
                 self.request_redraw();
             }
             EventMsg::PatchApplyBegin(PatchApplyBeginEvent {
@@ -389,12 +353,10 @@ impl ChatWidget<'_> {
             }) => {
                 // Even when a patch is auto‑approved we still display the
                 // summary so the user can follow along.
-                self.conversation_history
-                    .add_patch_event(PatchEventType::ApplyBegin { auto_approved }, changes);
-                self.emit_last_history_entry();
-                if !auto_approved {
-                    self.conversation_history.scroll_to_bottom();
-                }
+                self.add_to_history(HistoryCell::new_patch_event(
+                    PatchEventType::ApplyBegin { auto_approved },
+                    changes,
+                ));
                 self.request_redraw();
             }
             EventMsg::ExecCommandEnd(ExecCommandEndEvent {
@@ -403,27 +365,39 @@ impl ChatWidget<'_> {
                 stdout,
                 stderr,
             }) => {
-                self.conversation_history
-                    .record_completed_exec_command(call_id, stdout, stderr, exit_code);
-                self.request_redraw();
+                self.add_to_history(HistoryCell::new_completed_exec_command(
+                    call_id,
+                    CommandOutput {
+                        exit_code,
+                        stdout,
+                        stderr,
+                        duration: Duration::from_secs(0),
+                    },
+                ));
             }
             EventMsg::McpToolCallBegin(McpToolCallBeginEvent {
-                call_id,
-                server,
-                tool,
-                arguments,
+                call_id: _,
+                invocation,
             }) => {
-                self.conversation_history
-                    .add_active_mcp_tool_call(call_id, server, tool, arguments);
-                self.emit_last_history_entry();
+                self.add_to_history(HistoryCell::new_active_mcp_tool_call(invocation));
                 self.request_redraw();
             }
-            EventMsg::McpToolCallEnd(mcp_tool_call_end_event) => {
-                let success = mcp_tool_call_end_event.is_success();
-                let McpToolCallEndEvent { call_id, result } = mcp_tool_call_end_event;
-                self.conversation_history
-                    .record_completed_mcp_tool_call(call_id, success, result);
-                self.request_redraw();
+            EventMsg::McpToolCallEnd(McpToolCallEndEvent {
+                call_id: _,
+                duration,
+                invocation,
+                result,
+            }) => {
+                self.add_to_history(HistoryCell::new_completed_mcp_tool_call(
+                    80,
+                    invocation,
+                    duration,
+                    result
+                        .as_ref()
+                        .map(|r| r.is_error.unwrap_or(false))
+                        .unwrap_or(false),
+                    result,
+                ));
             }
             EventMsg::GetHistoryEntryResponse(event) => {
                 let codex_core::protocol::GetHistoryEntryResponseEvent {
@@ -440,9 +414,7 @@ impl ChatWidget<'_> {
                 self.app_event_tx.send(AppEvent::ExitRequest);
             }
             event => {
-                self.conversation_history
-                    .add_background_event(format!("{event:?}"));
-                self.emit_last_history_entry();
+                self.add_to_history(HistoryCell::new_background_event(format!("{event:?}")));
                 self.request_redraw();
             }
         }
@@ -459,22 +431,7 @@ impl ChatWidget<'_> {
     }
 
     pub(crate) fn add_diff_output(&mut self, diff_output: String) {
-        self.conversation_history
-            .add_diff_output(diff_output.clone());
-        self.emit_last_history_entry();
-        self.request_redraw();
-    }
-
-    pub(crate) fn handle_scroll_delta(&mut self, scroll_delta: i32) {
-        // If the user is trying to scroll exactly one line, we let them, but
-        // otherwise we assume they are trying to scroll in larger increments.
-        let magnified_scroll_delta = if scroll_delta == 1 {
-            1
-        } else {
-            // Play with this: perhaps it should be non-linear?
-            scroll_delta * 2
-        };
-        self.conversation_history.scroll(magnified_scroll_delta);
+        self.add_to_history(HistoryCell::new_diff_output(diff_output.clone()));
         self.request_redraw();
     }
 
@@ -484,21 +441,25 @@ impl ChatWidget<'_> {
     }
 
     /// Handle Ctrl-C key press.
-    /// Returns true if the key press was handled, false if it was not.
-    /// If the key press was not handled, the caller should handle it (likely by exiting the process).
-    pub(crate) fn on_ctrl_c(&mut self) -> bool {
+    /// Returns CancellationEvent::Handled if the event was consumed by the UI, or
+    /// CancellationEvent::Ignored if the caller should handle it (e.g. exit).
+    pub(crate) fn on_ctrl_c(&mut self) -> CancellationEvent {
+        match self.bottom_pane.on_ctrl_c() {
+            CancellationEvent::Handled => return CancellationEvent::Handled,
+            CancellationEvent::Ignored => {}
+        }
         if self.bottom_pane.is_task_running() {
             self.bottom_pane.clear_ctrl_c_quit_hint();
             self.submit_op(Op::Interrupt);
             self.answer_buffer.clear();
             self.reasoning_buffer.clear();
-            false
+            CancellationEvent::Ignored
         } else if self.bottom_pane.ctrl_c_quit_hint_visible() {
             self.submit_op(Op::Shutdown);
-            true
+            CancellationEvent::Handled
         } else {
             self.bottom_pane.show_ctrl_c_quit_hint();
-            false
+            CancellationEvent::Ignored
         }
     }
 

codex-rs/tui/src/conversation_history_widget.rs

@@ -1,505 +0,0 @@
-use crate::cell_widget::CellWidget;
-use crate::history_cell::CommandOutput;
-use crate::history_cell::HistoryCell;
-use crate::history_cell::PatchEventType;
-use codex_core::config::Config;
-use codex_core::protocol::FileChange;
-use codex_core::protocol::SessionConfiguredEvent;
-use crossterm::event::KeyCode;
-use crossterm::event::KeyEvent;
-use ratatui::prelude::*;
-use ratatui::style::Style;
-use ratatui::widgets::*;
-use serde_json::Value as JsonValue;
-use std::cell::Cell as StdCell;
-use std::cell::Cell;
-use std::collections::HashMap;
-use std::path::PathBuf;
-
-/// A single history entry plus its cached wrapped-line count.
-struct Entry {
-    cell: HistoryCell,
-    line_count: Cell<usize>,
-}
-
-pub struct ConversationHistoryWidget {
-    entries: Vec<Entry>,
-    /// The width (in terminal cells/columns) that [`Entry::line_count`] was
-    /// computed for. When the available width changes we recompute counts.
-    cached_width: StdCell<u16>,
-    scroll_position: usize,
-    /// Number of lines the last time render_ref() was called
-    num_rendered_lines: StdCell<usize>,
-    /// The height of the viewport last time render_ref() was called
-    last_viewport_height: StdCell<usize>,
-    has_input_focus: bool,
-}
-
-impl ConversationHistoryWidget {
-    pub fn new() -> Self {
-        Self {
-            entries: Vec::new(),
-            cached_width: StdCell::new(0),
-            scroll_position: usize::MAX,
-            num_rendered_lines: StdCell::new(0),
-            last_viewport_height: StdCell::new(0),
-            has_input_focus: false,
-        }
-    }
-
-    pub(crate) fn set_input_focus(&mut self, has_input_focus: bool) {
-        self.has_input_focus = has_input_focus;
-    }
-
-    /// Returns true if it needs a redraw.
-    pub(crate) fn handle_key_event(&mut self, key_event: KeyEvent) -> bool {
-        match key_event.code {
-            KeyCode::Up | KeyCode::Char('k') => {
-                self.scroll_up(1);
-                true
-            }
-            KeyCode::Down | KeyCode::Char('j') => {
-                self.scroll_down(1);
-                true
-            }
-            KeyCode::PageUp | KeyCode::Char('b') => {
-                self.scroll_page_up();
-                true
-            }
-            KeyCode::PageDown | KeyCode::Char(' ') => {
-                self.scroll_page_down();
-                true
-            }
-            _ => false,
-        }
-    }
-
-    /// Negative delta scrolls up; positive delta scrolls down.
-    pub(crate) fn scroll(&mut self, delta: i32) {
-        match delta.cmp(&0) {
-            std::cmp::Ordering::Less => self.scroll_up(-delta as u32),
-            std::cmp::Ordering::Greater => self.scroll_down(delta as u32),
-            std::cmp::Ordering::Equal => {}
-        }
-    }
-
-    fn scroll_up(&mut self, num_lines: u32) {
-        // If a user is scrolling up from the "stick to bottom" mode, we need to
-        // map this to a specific scroll position so we can calculate the delta.
-        // This requires us to care about how tall the screen is.
-        if self.scroll_position == usize::MAX {
-            self.scroll_position = self
-                .num_rendered_lines
-                .get()
-                .saturating_sub(self.last_viewport_height.get());
-        }
-
-        self.scroll_position = self.scroll_position.saturating_sub(num_lines as usize);
-    }
-
-    fn scroll_down(&mut self, num_lines: u32) {
-        // If we're already pinned to the bottom there's nothing to do.
-        if self.scroll_position == usize::MAX {
-            return;
-        }
-
-        let viewport_height = self.last_viewport_height.get().max(1);
-        let num_rendered_lines = self.num_rendered_lines.get();
-
-        // Compute the maximum explicit scroll offset that still shows a full
-        // viewport. This mirrors the calculation in `scroll_page_down()` and
-        // in the render path.
-        let max_scroll = num_rendered_lines.saturating_sub(viewport_height);
-
-        let new_pos = self.scroll_position.saturating_add(num_lines as usize);
-
-        if new_pos >= max_scroll {
-            // Reached (or passed) the bottom – switch to stick‑to‑bottom mode
-            // so that additional output keeps the view pinned automatically.
-            self.scroll_position = usize::MAX;
-        } else {
-            self.scroll_position = new_pos;
-        }
-    }
-
-    /// Scroll up by one full viewport height (Page Up).
-    fn scroll_page_up(&mut self) {
-        let viewport_height = self.last_viewport_height.get().max(1);
-
-        // If we are currently in the "stick to bottom" mode, first convert the
-        // implicit scroll position (`usize::MAX`) into an explicit offset that
-        // represents the very bottom of the scroll region.  This mirrors the
-        // logic from `scroll_up()`.
-        if self.scroll_position == usize::MAX {
-            self.scroll_position = self
-                .num_rendered_lines
-                .get()
-                .saturating_sub(viewport_height);
-        }
-
-        // Move up by a full page.
-        self.scroll_position = self.scroll_position.saturating_sub(viewport_height);
-    }
-
-    /// Scroll down by one full viewport height (Page Down).
-    fn scroll_page_down(&mut self) {
-        // Nothing to do if we're already stuck to the bottom.
-        if self.scroll_position == usize::MAX {
-            return;
-        }
-
-        let viewport_height = self.last_viewport_height.get().max(1);
-        let num_lines = self.num_rendered_lines.get();
-
-        // Calculate the maximum explicit scroll offset that is still within
-        // range. This matches the logic in `scroll_down()` and the render
-        // method.
-        let max_scroll = num_lines.saturating_sub(viewport_height);
-
-        // Attempt to move down by a full page.
-        let new_pos = self.scroll_position.saturating_add(viewport_height);
-
-        if new_pos >= max_scroll {
-            // We have reached (or passed) the bottom – switch back to
-            // automatic stick‑to‑bottom mode so that subsequent output keeps
-            // the viewport pinned.
-            self.scroll_position = usize::MAX;
-        } else {
-            self.scroll_position = new_pos;
-        }
-    }
-
-    pub fn scroll_to_bottom(&mut self) {
-        self.scroll_position = usize::MAX;
-    }
-
-    /// Note `model` could differ from `config.model` if the agent decided to
-    /// use a different model than the one requested by the user.
-    pub fn add_session_info(&mut self, config: &Config, event: SessionConfiguredEvent) {
-        // In practice, SessionConfiguredEvent should always be the first entry
-        // in the history, but it is possible that an error could be sent
-        // before the session info.
-        let has_welcome_message = self
-            .entries
-            .iter()
-            .any(|entry| matches!(entry.cell, HistoryCell::WelcomeMessage { .. }));
-        self.add_to_history(HistoryCell::new_session_info(
-            config,
-            event,
-            !has_welcome_message,
-        ));
-    }
-
-    pub fn add_user_message(&mut self, message: String) {
-        self.add_to_history(HistoryCell::new_user_prompt(message));
-    }
-
-    pub fn add_agent_message(&mut self, config: &Config, message: String) {
-        self.add_to_history(HistoryCell::new_agent_message(config, message));
-    }
-
-    pub fn add_agent_reasoning(&mut self, config: &Config, text: String) {
-        self.add_to_history(HistoryCell::new_agent_reasoning(config, text));
-    }
-
-    pub fn add_background_event(&mut self, message: String) {
-        self.add_to_history(HistoryCell::new_background_event(message));
-    }
-
-    pub fn add_diff_output(&mut self, diff_output: String) {
-        self.add_to_history(HistoryCell::new_diff_output(diff_output));
-    }
-
-    pub fn add_error(&mut self, message: String) {
-        self.add_to_history(HistoryCell::new_error_event(message));
-    }
-
-    /// Add a pending patch entry (before user approval).
-    pub fn add_patch_event(
-        &mut self,
-        event_type: PatchEventType,
-        changes: HashMap<PathBuf, FileChange>,
-    ) {
-        self.add_to_history(HistoryCell::new_patch_event(event_type, changes));
-    }
-
-    pub fn add_active_exec_command(&mut self, call_id: String, command: Vec<String>) {
-        self.add_to_history(HistoryCell::new_active_exec_command(call_id, command));
-    }
-
-    pub fn add_active_mcp_tool_call(
-        &mut self,
-        call_id: String,
-        server: String,
-        tool: String,
-        arguments: Option<JsonValue>,
-    ) {
-        self.add_to_history(HistoryCell::new_active_mcp_tool_call(
-            call_id, server, tool, arguments,
-        ));
-    }
-
-    fn add_to_history(&mut self, cell: HistoryCell) {
-        let width = self.cached_width.get();
-        let count = if width > 0 { cell.height(width) } else { 0 };
-
-        self.entries.push(Entry {
-            cell,
-            line_count: Cell::new(count),
-        });
-    }
-
-    /// Return the lines for the most recently appended entry (if any) so the
-    /// parent widget can surface them via the new scrollback insertion path.
-    pub(crate) fn last_entry_plain_lines(&self) -> Option<Vec<Line<'static>>> {
-        self.entries.last().map(|e| e.cell.plain_lines())
-    }
-
-    pub fn record_completed_exec_command(
-        &mut self,
-        call_id: String,
-        stdout: String,
-        stderr: String,
-        exit_code: i32,
-    ) {
-        let width = self.cached_width.get();
-        for entry in self.entries.iter_mut() {
-            let cell = &mut entry.cell;
-            if let HistoryCell::ActiveExecCommand {
-                call_id: history_id,
-                command,
-                start,
-                ..
-            } = cell
-            {
-                if &call_id == history_id {
-                    *cell = HistoryCell::new_completed_exec_command(
-                        command.clone(),
-                        CommandOutput {
-                            exit_code,
-                            stdout,
-                            stderr,
-                            duration: start.elapsed(),
-                        },
-                    );
-
-                    // Update cached line count.
-                    if width > 0 {
-                        entry.line_count.set(cell.height(width));
-                    }
-                    break;
-                }
-            }
-        }
-    }
-
-    pub fn record_completed_mcp_tool_call(
-        &mut self,
-        call_id: String,
-        success: bool,
-        result: Result<mcp_types::CallToolResult, String>,
-    ) {
-        let width = self.cached_width.get();
-        for entry in self.entries.iter_mut() {
-            if let HistoryCell::ActiveMcpToolCall {
-                call_id: history_id,
-                invocation,
-                start,
-                ..
-            } = &entry.cell
-            {
-                if &call_id == history_id {
-                    let completed = HistoryCell::new_completed_mcp_tool_call(
-                        width,
-                        invocation.clone(),
-                        *start,
-                        success,
-                        result,
-                    );
-                    entry.cell = completed;
-
-                    if width > 0 {
-                        entry.line_count.set(entry.cell.height(width));
-                    }
-
-                    break;
-                }
-            }
-        }
-    }
-}
-
-impl WidgetRef for ConversationHistoryWidget {
-    fn render_ref(&self, area: Rect, buf: &mut Buffer) {
-        let (title, border_style) = if self.has_input_focus {
-            (
-                "Messages (↑/↓ or j/k = line,  b/space = page)",
-                Style::default().fg(Color::LightYellow),
-            )
-        } else {
-            ("Messages (tab to focus)", Style::default().dim())
-        };
-
-        let block = Block::default()
-            .title(title)
-            .borders(Borders::ALL)
-            .border_type(BorderType::Rounded)
-            .border_style(border_style);
-
-        // Compute the inner area that will be available for the list after
-        // the surrounding `Block` is drawn.
-        let inner = block.inner(area);
-        let viewport_height = inner.height as usize;
-
-        // Cache (and if necessary recalculate) the wrapped line counts for every
-        // [`HistoryCell`] so that our scrolling math accounts for text
-        // wrapping.  We always reserve one column on the right-hand side for the
-        // scrollbar so that the content never renders "under" the scrollbar.
-        let effective_width = inner.width.saturating_sub(1);
-
-        if effective_width == 0 {
-            return; // Nothing to draw – avoid division by zero.
-        }
-
-        // Recompute cache if the effective width changed.
-        let num_lines: usize = if self.cached_width.get() != effective_width {
-            self.cached_width.set(effective_width);
-
-            let mut num_lines: usize = 0;
-            for entry in &self.entries {
-                let count = entry.cell.height(effective_width);
-                num_lines += count;
-                entry.line_count.set(count);
-            }
-            num_lines
-        } else {
-            self.entries.iter().map(|e| e.line_count.get()).sum()
-        };
-
-        // Determine the scroll position. Note the existing value of
-        // `self.scroll_position` could exceed the maximum scroll offset if the
-        // user made the window wider since the last render.
-        let max_scroll = num_lines.saturating_sub(viewport_height);
-        let scroll_pos = if self.scroll_position == usize::MAX {
-            max_scroll
-        } else {
-            self.scroll_position.min(max_scroll)
-        };
-
-        // ------------------------------------------------------------------
-        // Render order:
-        //   1. Clear full widget area (avoid artifacts from prior frame).
-        //   2. Draw the surrounding Block (border and title).
-        //   3. Render *each* visible HistoryCell into its own sub-Rect while
-        //      respecting partial visibility at the top and bottom.
-        //   4. Draw the scrollbar track / thumb in the reserved column.
-        // ------------------------------------------------------------------
-
-        // Clear entire widget area first.
-        Clear.render(area, buf);
-
-        // Draw border + title.
-        block.render(area, buf);
-
-        // ------------------------------------------------------------------
-        // Calculate which cells are visible for the current scroll position
-        // and paint them one by one.
-        // ------------------------------------------------------------------
-
-        let mut y_cursor = inner.y; // first line inside viewport
-        let mut remaining_height = inner.height as usize;
-        let mut lines_to_skip = scroll_pos; // number of wrapped lines to skip (above viewport)
-
-        for entry in &self.entries {
-            let cell_height = entry.line_count.get();
-
-            // Completely above viewport? Skip whole cell.
-            if lines_to_skip >= cell_height {
-                lines_to_skip -= cell_height;
-                continue;
-            }
-
-            // Determine how much of this cell is visible.
-            let visible_height = (cell_height - lines_to_skip).min(remaining_height);
-
-            if visible_height == 0 {
-                break; // no space left
-            }
-
-            let cell_rect = Rect {
-                x: inner.x,
-                y: y_cursor,
-                width: effective_width,
-                height: visible_height as u16,
-            };
-
-            entry.cell.render_window(lines_to_skip, cell_rect, buf);
-
-            // Advance cursor inside viewport.
-            y_cursor += visible_height as u16;
-            remaining_height -= visible_height;
-
-            // After the first (possibly partially skipped) cell, we no longer
-            // need to skip lines at the top.
-            lines_to_skip = 0;
-
-            if remaining_height == 0 {
-                break; // viewport filled
-            }
-        }
-
-        // Always render a scrollbar *track* so the reserved column is filled.
-        let overflow = num_lines.saturating_sub(viewport_height);
-
-        let mut scroll_state = ScrollbarState::default()
-            // The Scrollbar widget expects the *content* height minus the
-            // viewport height.  When there is no overflow we still provide 0
-            // so that the widget renders only the track without a thumb.
-            .content_length(overflow)
-            .position(scroll_pos);
-
-        {
-            // Choose a thumb color that stands out only when this pane has focus so that the
-            // user's attention is naturally drawn to the active viewport. When unfocused we show
-            // a low-contrast thumb so the scrollbar fades into the background without becoming
-            // invisible.
-            let thumb_style = if self.has_input_focus {
-                Style::reset().fg(Color::LightYellow)
-            } else {
-                Style::reset().fg(Color::Gray)
-            };
-
-            // By default the Scrollbar widget inherits any style that was
-            // present in the underlying buffer cells. That means if a colored
-            // line happens to be underneath the scrollbar, the track (and
-            // potentially the thumb) adopt that color. Explicitly setting the
-            // track/thumb styles ensures we always draw the scrollbar with a
-            // consistent palette regardless of what content is behind it.
-            StatefulWidget::render(
-                Scrollbar::new(ScrollbarOrientation::VerticalRight)
-                    .begin_symbol(Some("↑"))
-                    .end_symbol(Some("↓"))
-                    .begin_style(Style::reset().fg(Color::DarkGray))
-                    .end_style(Style::reset().fg(Color::DarkGray))
-                    .thumb_symbol("█")
-                    .thumb_style(thumb_style)
-                    .track_symbol(Some("│"))
-                    .track_style(Style::reset().fg(Color::DarkGray)),
-                inner,
-                buf,
-                &mut scroll_state,
-            );
-        }
-
-        // Update auxiliary stats that the scroll handlers rely on.
-        self.num_rendered_lines.set(num_lines);
-        self.last_viewport_height.set(viewport_height);
-    }
-}
-
-/// Common [`Wrap`] configuration used for both measurement and rendering so
-/// they stay in sync.
-#[inline]
-pub(crate) const fn wrap_cfg() -> ratatui::widgets::Wrap {
-    ratatui::widgets::Wrap { trim: false }
-}

codex-rs/tui/src/history_cell.rs

@@ -1,4 +1,3 @@
-use crate::cell_widget::CellWidget;
 use crate::exec_command::escape_command;
 use crate::markdown::append_markdown;
 use crate::text_block::TextBlock;
@@ -11,11 +10,10 @@ use codex_core::WireApi;
 use codex_core::config::Config;
 use codex_core::model_supports_reasoning_summaries;
 use codex_core::protocol::FileChange;
+use codex_core::protocol::McpInvocation;
 use codex_core::protocol::SessionConfiguredEvent;
 use image::DynamicImage;
-use image::GenericImageView;
 use image::ImageReader;
-use lazy_static::lazy_static;
 use mcp_types::EmbeddedResourceResource;
 use mcp_types::ResourceLink;
 use ratatui::prelude::*;
@@ -24,14 +22,10 @@ use ratatui::style::Modifier;
 use ratatui::style::Style;
 use ratatui::text::Line as RtLine;
 use ratatui::text::Span as RtSpan;
-use ratatui_image::Image as TuiImage;
-use ratatui_image::Resize as ImgResize;
-use ratatui_image::picker::ProtocolType;
 use std::collections::HashMap;
 use std::io::Cursor;
 use std::path::PathBuf;
 use std::time::Duration;
-use std::time::Instant;
 use tracing::error;
 
 pub(crate) struct CommandOutput {
@@ -46,6 +40,21 @@ pub(crate) enum PatchEventType {
     ApplyBegin { auto_approved: bool },
 }
 
+fn span_to_static(span: &Span) -> Span<'static> {
+    Span {
+        style: span.style,
+        content: std::borrow::Cow::Owned(span.content.clone().into_owned()),
+    }
+}
+
+fn line_to_static(line: &Line) -> Line<'static> {
+    Line {
+        style: line.style,
+        alignment: line.alignment,
+        spans: line.spans.iter().map(span_to_static).collect(),
+    }
+}
+
 /// Represents an event to display in the conversation history. Returns its
 /// `Vec<Line<'static>>` representation to make it easier to display in a
 /// scrollable list.
@@ -63,25 +72,13 @@ pub(crate) enum HistoryCell {
     AgentReasoning { view: TextBlock },
 
     /// An exec tool call that has not finished yet.
-    ActiveExecCommand {
-        call_id: String,
-        /// The shell command, escaped and formatted.
-        command: String,
-        start: Instant,
-        view: TextBlock,
-    },
+    ActiveExecCommand { view: TextBlock },
 
     /// Completed exec tool call.
     CompletedExecCommand { view: TextBlock },
 
     /// An MCP tool call that has not finished yet.
-    ActiveMcpToolCall {
-        call_id: String,
-        /// Formatted line that shows the command name and arguments
-        invocation: Line<'static>,
-        start: Instant,
-        view: TextBlock,
-    },
+    ActiveMcpToolCall { view: TextBlock },
 
     /// Completed MCP tool call where we show the result serialized as JSON.
     CompletedMcpToolCall { view: TextBlock },
@@ -94,13 +91,7 @@ pub(crate) enum HistoryCell {
     // resized version avoids doing the potentially expensive rescale twice
     // because the scroll-view first calls `height()` for layouting and then
     // `render_window()` for painting.
-    CompletedMcpToolCallWithImageOutput {
-        image: DynamicImage,
-        /// Cached data derived from the current terminal width.  The cache is
-        /// invalidated whenever the width changes (e.g. when the user
-        /// resizes the window).
-        render_cache: std::cell::RefCell<Option<ImageRenderCache>>,
-    },
+    CompletedMcpToolCallWithImageOutput { _image: DynamicImage },
 
     /// Background event.
     BackgroundEvent { view: TextBlock },
@@ -140,7 +131,9 @@ impl HistoryCell {
             | HistoryCell::CompletedMcpToolCall { view }
             | HistoryCell::PendingPatch { view }
             | HistoryCell::ActiveExecCommand { view, .. }
-            | HistoryCell::ActiveMcpToolCall { view, .. } => view.lines.clone(),
+            | HistoryCell::ActiveMcpToolCall { view, .. } => {
+                view.lines.iter().map(line_to_static).collect()
+            }
             HistoryCell::CompletedMcpToolCallWithImageOutput { .. } => vec![
                 Line::from("tool result (image output omitted)"),
                 Line::from(""),
@@ -252,9 +245,8 @@ impl HistoryCell {
         }
     }
 
-    pub(crate) fn new_active_exec_command(call_id: String, command: Vec<String>) -> Self {
+    pub(crate) fn new_active_exec_command(command: Vec<String>) -> Self {
         let command_escaped = escape_command(&command);
-        let start = Instant::now();
 
         let lines: Vec<Line<'static>> = vec![
             Line::from(vec!["command".magenta(), " running...".dim()]),
@@ -263,9 +255,6 @@ impl HistoryCell {
         ];
 
         HistoryCell::ActiveExecCommand {
-            call_id,
-            command: command_escaped,
-            start,
             view: TextBlock::new(lines),
         }
     }
@@ -310,41 +299,15 @@ impl HistoryCell {
         }
     }
 
-    pub(crate) fn new_active_mcp_tool_call(
-        call_id: String,
-        server: String,
-        tool: String,
-        arguments: Option<serde_json::Value>,
-    ) -> Self {
-        // Format the arguments as compact JSON so they roughly fit on one
-        // line. If there are no arguments we keep it empty so the invocation
-        // mirrors a function-style call.
-        let args_str = arguments
-            .as_ref()
-            .map(|v| {
-                // Use compact form to keep things short but readable.
-                serde_json::to_string(v).unwrap_or_else(|_| v.to_string())
-            })
-            .unwrap_or_default();
-
-        let invocation_spans = vec![
-            Span::styled(server, Style::default().fg(Color::Blue)),
-            Span::raw("."),
-            Span::styled(tool, Style::default().fg(Color::Blue)),
-            Span::raw("("),
-            Span::styled(args_str, Style::default().fg(Color::Gray)),
-            Span::raw(")"),
-        ];
-        let invocation = Line::from(invocation_spans);
-
-        let start = Instant::now();
+    pub(crate) fn new_active_mcp_tool_call(invocation: McpInvocation) -> Self {
         let title_line = Line::from(vec!["tool".magenta(), " running...".dim()]);
-        let lines: Vec<Line<'static>> = vec![title_line, invocation.clone(), Line::from("")];
+        let lines: Vec<Line> = vec![
+            title_line,
+            format_mcp_invocation(invocation.clone()),
+            Line::from(""),
+        ];
 
         HistoryCell::ActiveMcpToolCall {
-            call_id,
-            invocation,
-            start,
             view: TextBlock::new(lines),
         }
     }
@@ -382,10 +345,7 @@ impl HistoryCell {
                         }
                     };
 
-                    Some(HistoryCell::CompletedMcpToolCallWithImageOutput {
-                        image,
-                        render_cache: std::cell::RefCell::new(None),
-                    })
+                    Some(HistoryCell::CompletedMcpToolCallWithImageOutput { _image: image })
                 } else {
                     None
                 }
@@ -396,8 +356,8 @@ impl HistoryCell {
 
     pub(crate) fn new_completed_mcp_tool_call(
         num_cols: u16,
-        invocation: Line<'static>,
-        start: Instant,
+        invocation: McpInvocation,
+        duration: Duration,
         success: bool,
         result: Result<mcp_types::CallToolResult, String>,
     ) -> Self {
@@ -405,7 +365,7 @@ impl HistoryCell {
             return cell;
         }
 
-        let duration = format_duration(start.elapsed());
+        let duration = format_duration(duration);
         let status_str = if success { "success" } else { "failed" };
         let title_line = Line::from(vec![
             "tool".magenta(),
@@ -420,7 +380,7 @@ impl HistoryCell {
 
         let mut lines: Vec<Line<'static>> = Vec::new();
         lines.push(title_line);
-        lines.push(invocation);
+        lines.push(format_mcp_invocation(invocation));
 
         match result {
             Ok(mcp_types::CallToolResult { content, .. }) => {
@@ -581,85 +541,6 @@ impl HistoryCell {
     }
 }
 
-// ---------------------------------------------------------------------------
-// `CellWidget` implementation – most variants delegate to their internal
-// `TextBlock`.  Variants that need custom painting can add their own logic in
-// the match arms.
-// ---------------------------------------------------------------------------
-
-impl CellWidget for HistoryCell {
-    fn height(&self, width: u16) -> usize {
-        match self {
-            HistoryCell::WelcomeMessage { view }
-            | HistoryCell::UserPrompt { view }
-            | HistoryCell::AgentMessage { view }
-            | HistoryCell::AgentReasoning { view }
-            | HistoryCell::BackgroundEvent { view }
-            | HistoryCell::GitDiffOutput { view }
-            | HistoryCell::ErrorEvent { view }
-            | HistoryCell::SessionInfo { view }
-            | HistoryCell::CompletedExecCommand { view }
-            | HistoryCell::CompletedMcpToolCall { view }
-            | HistoryCell::PendingPatch { view }
-            | HistoryCell::ActiveExecCommand { view, .. }
-            | HistoryCell::ActiveMcpToolCall { view, .. } => view.height(width),
-            HistoryCell::CompletedMcpToolCallWithImageOutput {
-                image,
-                render_cache,
-            } => ensure_image_cache(image, width, render_cache),
-        }
-    }
-
-    fn render_window(&self, first_visible_line: usize, area: Rect, buf: &mut Buffer) {
-        match self {
-            HistoryCell::WelcomeMessage { view }
-            | HistoryCell::UserPrompt { view }
-            | HistoryCell::AgentMessage { view }
-            | HistoryCell::AgentReasoning { view }
-            | HistoryCell::BackgroundEvent { view }
-            | HistoryCell::GitDiffOutput { view }
-            | HistoryCell::ErrorEvent { view }
-            | HistoryCell::SessionInfo { view }
-            | HistoryCell::CompletedExecCommand { view }
-            | HistoryCell::CompletedMcpToolCall { view }
-            | HistoryCell::PendingPatch { view }
-            | HistoryCell::ActiveExecCommand { view, .. }
-            | HistoryCell::ActiveMcpToolCall { view, .. } => {
-                view.render_window(first_visible_line, area, buf)
-            }
-            HistoryCell::CompletedMcpToolCallWithImageOutput {
-                image,
-                render_cache,
-            } => {
-                // Ensure we have a cached, resized copy that matches the current width.
-                // `height()` should have prepared the cache, but if something invalidated it
-                // (e.g. the first `render_window()` call happens *before* `height()` after a
-                // resize) we rebuild it here.
-
-                let width_cells = area.width;
-
-                // Ensure the cache is up-to-date and extract the scaled image.
-                let _ = ensure_image_cache(image, width_cells, render_cache);
-
-                let Some(resized) = render_cache
-                    .borrow()
-                    .as_ref()
-                    .map(|c| c.scaled_image.clone())
-                else {
-                    return;
-                };
-
-                let picker = &*TERMINAL_PICKER;
-
-                if let Ok(protocol) = picker.new_protocol(resized, area, ImgResize::Fit(None)) {
-                    let img_widget = TuiImage::new(&protocol);
-                    img_widget.render(area, buf);
-                }
-            }
-        }
-    }
-}
-
 fn create_diff_summary(changes: HashMap<PathBuf, FileChange>) -> Vec<String> {
     // Build a concise, human‑readable summary list similar to the
     // `git status` short format so the user can reason about the
@@ -692,119 +573,23 @@ fn create_diff_summary(changes: HashMap<PathBuf, FileChange>) -> Vec<String> {
     summaries
 }
 
-// -------------------------------------
-// Helper types for image rendering
-// -------------------------------------
+fn format_mcp_invocation<'a>(invocation: McpInvocation) -> Line<'a> {
+    let args_str = invocation
+        .arguments
+        .as_ref()
+        .map(|v| {
+            // Use compact form to keep things short but readable.
+            serde_json::to_string(v).unwrap_or_else(|_| v.to_string())
+        })
+        .unwrap_or_default();
 
-/// Cached information for rendering an image inside a conversation cell.
-///
-/// The cache ties the resized image to a *specific* content width (in
-/// terminal cells).  Whenever the terminal is resized and the width changes
-/// we need to re-compute the scaled variant so that it still fits the
-/// available space.  Keeping the resized copy around saves a costly rescale
-/// between the back-to-back `height()` and `render_window()` calls that the
-/// scroll-view performs while laying out the UI.
-pub(crate) struct ImageRenderCache {
-    /// Width in *terminal cells* the cached image was generated for.
-    width_cells: u16,
-    /// Height in *terminal rows* that the conversation cell must occupy so
-    /// the whole image becomes visible.
-    height_rows: usize,
-    /// The resized image that fits the given width / height constraints.
-    scaled_image: DynamicImage,
-}
-
-lazy_static! {
-    static ref TERMINAL_PICKER: ratatui_image::picker::Picker = {
-        use ratatui_image::picker::Picker;
-        use ratatui_image::picker::cap_parser::QueryStdioOptions;
-
-        // Ask the terminal for capabilities and explicit font size.  Request the
-        // Kitty *text-sizing protocol* as a fallback mechanism for terminals
-        // (like iTerm2) that do not reply to the standard CSI 16/18 queries.
-        match Picker::from_query_stdio_with_options(QueryStdioOptions {
-            text_sizing_protocol: true,
-        }) {
-            Ok(picker) => picker,
-            Err(err) => {
-                // Fall back to the conservative default that assumes ~8×16 px cells.
-                // Still better than breaking the build in a headless test run.
-                tracing::warn!("terminal capability query failed: {err:?}; using default font size");
-                Picker::from_fontsize((8, 16))
-            }
-        }
-    };
-}
-
-/// Resize `image` to fit into `width_cells`×10-rows keeping the original aspect
-/// ratio. The function updates `render_cache` and returns the number of rows
-/// (<= 10) the picture will occupy.
-fn ensure_image_cache(
-    image: &DynamicImage,
-    width_cells: u16,
-    render_cache: &std::cell::RefCell<Option<ImageRenderCache>>,
-) -> usize {
-    if let Some(cache) = render_cache.borrow().as_ref() {
-        if cache.width_cells == width_cells {
-            return cache.height_rows;
-        }
-    }
-
-    let picker = &*TERMINAL_PICKER;
-    let (char_w_px, char_h_px) = picker.font_size();
-
-    // Heuristic to compensate for Hi-DPI terminals (iTerm2 on Retina Mac) that
-    // report logical pixels (≈ 8×16) while the iTerm2 graphics protocol
-    // expects *device* pixels.  Empirically the device-pixel-ratio is almost
-    // always 2 on macOS Retina panels.
-    let hidpi_scale = if picker.protocol_type() == ProtocolType::Iterm2 {
-        2.0f64
-    } else {
-        1.0
-    };
-
-    // The fallback Halfblocks protocol encodes two pixel rows per cell, so each
-    // terminal *row* represents only half the (possibly scaled) font height.
-    let effective_char_h_px: f64 = if picker.protocol_type() == ProtocolType::Halfblocks {
-        (char_h_px as f64) * hidpi_scale / 2.0
-    } else {
-        (char_h_px as f64) * hidpi_scale
-    };
-
-    let char_w_px_f64 = (char_w_px as f64) * hidpi_scale;
-
-    const MAX_ROWS: f64 = 10.0;
-    let max_height_px: f64 = effective_char_h_px * MAX_ROWS;
-
-    let (orig_w_px, orig_h_px) = {
-        let (w, h) = image.dimensions();
-        (w as f64, h as f64)
-    };
-
-    if orig_w_px == 0.0 || orig_h_px == 0.0 || width_cells == 0 {
-        *render_cache.borrow_mut() = None;
-        return 0;
-    }
-
-    let max_w_px = char_w_px_f64 * width_cells as f64;
-    let scale_w = max_w_px / orig_w_px;
-    let scale_h = max_height_px / orig_h_px;
-    let scale = scale_w.min(scale_h).min(1.0);
-
-    use image::imageops::FilterType;
-    let scaled_w_px = (orig_w_px * scale).round().max(1.0) as u32;
-    let scaled_h_px = (orig_h_px * scale).round().max(1.0) as u32;
-
-    let scaled_image = image.resize(scaled_w_px, scaled_h_px, FilterType::Lanczos3);
-
-    let height_rows = ((scaled_h_px as f64 / effective_char_h_px).ceil()) as usize;
-
-    let new_cache = ImageRenderCache {
-        width_cells,
-        height_rows,
-        scaled_image,
-    };
-    *render_cache.borrow_mut() = Some(new_cache);
-
-    height_rows
+    let invocation_spans = vec![
+        Span::styled(invocation.server.clone(), Style::default().fg(Color::Blue)),
+        Span::raw("."),
+        Span::styled(invocation.tool.clone(), Style::default().fg(Color::Blue)),
+        Span::raw("("),
+        Span::styled(args_str, Style::default().fg(Color::Gray)),
+        Span::raw(")"),
+    ];
+    Line::from(invocation_spans)
 }

codex-rs/tui/src/insert_history.rs

@@ -1,178 +1,245 @@
+use std::fmt;
+use std::io;
+use std::io::Write;
+
 use crate::tui;
-use ratatui::layout::Rect;
-use ratatui::style::Style;
+use crossterm::Command;
+use crossterm::queue;
+use crossterm::style::Color as CColor;
+use crossterm::style::Colors;
+use crossterm::style::Print;
+use crossterm::style::SetAttribute;
+use crossterm::style::SetBackgroundColor;
+use crossterm::style::SetColors;
+use crossterm::style::SetForegroundColor;
+use ratatui::layout::Position;
+use ratatui::layout::Size;
+use ratatui::prelude::Backend;
+use ratatui::style::Color;
+use ratatui::style::Modifier;
 use ratatui::text::Line;
 use ratatui::text::Span;
-use ratatui::widgets::Paragraph;
-use ratatui::widgets::Widget;
-use unicode_width::UnicodeWidthChar;
 
-/// Insert a batch of history lines into the terminal scrollback above the
-/// inline viewport.
-///
-/// The incoming `lines` are the logical lines supplied by the
-/// `ConversationHistory`. They may contain embedded newlines and arbitrary
-/// runs of whitespace inside individual [`Span`]s. All of that must be
-/// normalised before writing to the backing terminal buffer because the
-/// ratatui [`Paragraph`] widget does not perform soft‑wrapping when used in
-/// conjunction with [`Terminal::insert_before`].
-///
-/// This function performs a minimal wrapping / normalisation pass:
-///
-/// * A terminal width is determined via `Terminal::size()` (falling back to
-///   80 columns if the size probe fails).
-/// * Each logical line is broken into words and whitespace. Consecutive
-///   whitespace is collapsed to a single space; leading whitespace is
-///   discarded.
-/// * Words that do not fit on the current line cause a soft wrap. Extremely
-///   long words (longer than the terminal width) are split character by
-///   character so they still populate the display instead of overflowing the
-///   line.
-/// * Explicit `\n` characters inside a span force a hard line break.
-/// * Empty lines (including a trailing newline at the end of the batch) are
-///   preserved so vertical spacing remains faithful to the logical history.
-///
-/// Finally the physical lines are rendered directly into the terminal's
-/// scrollback region using [`Terminal::insert_before`]. Any backend error is
-/// ignored: failing to insert history is non‑fatal and a subsequent redraw
-/// will eventually repaint a consistent view.
-fn display_width(s: &str) -> usize {
-    s.chars()
-        .map(|c| UnicodeWidthChar::width(c).unwrap_or(0))
-        .sum()
-}
+/// Insert `lines` above the viewport.
+pub(crate) fn insert_history_lines(terminal: &mut tui::Tui, lines: Vec<Line>) {
+    let screen_size = terminal.backend().size().unwrap_or(Size::new(0, 0));
 
-struct LineBuilder {
-    term_width: usize,
-    spans: Vec<Span<'static>>,
-    width: usize,
-}
+    let mut area = terminal.get_frame().area();
 
-impl LineBuilder {
-    fn new(term_width: usize) -> Self {
-        Self {
-            term_width,
-            spans: Vec::new(),
-            width: 0,
-        }
-    }
+    let wrapped_lines = wrapped_line_count(&lines, area.width);
+    let cursor_top = if area.bottom() < screen_size.height {
+        // If the viewport is not at the bottom of the screen, scroll it down to make room.
+        // Don't scroll it past the bottom of the screen.
+        let scroll_amount = wrapped_lines.min(screen_size.height - area.bottom());
+        terminal
+            .backend_mut()
+            .scroll_region_down(area.top()..screen_size.height, scroll_amount)
+            .ok();
+        let cursor_top = area.top() - 1;
+        area.y += scroll_amount;
+        terminal.set_viewport_area(area);
+        cursor_top
+    } else {
+        area.top() - 1
+    };
 
-    fn flush_line(&mut self, out: &mut Vec<Line<'static>>) {
-        out.push(Line::from(std::mem::take(&mut self.spans)));
-        self.width = 0;
-    }
+    // Limit the scroll region to the lines from the top of the screen to the
+    // top of the viewport. With this in place, when we add lines inside this
+    // area, only the lines in this area will be scrolled. We place the cursor
+    // at the end of the scroll region, and add lines starting there.
+    //
+    // ┌─Screen───────────────────────┐
+    // │┌╌Scroll region╌╌╌╌╌╌╌╌╌╌╌╌╌╌┐│
+    // │┆                            ┆│
+    // │┆                            ┆│
+    // │┆                            ┆│
+    // │█╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌╌┘│
+    // │╭─Viewport───────────────────╮│
+    // ││                            ││
+    // │╰────────────────────────────╯│
+    // └──────────────────────────────┘
+    queue!(std::io::stdout(), SetScrollRegion(1..area.top())).ok();
 
-    fn push_segment(&mut self, text: String, style: Style) {
-        self.width += display_width(&text);
-        self.spans.push(Span::styled(text, style));
-    }
-
-    fn push_word(&mut self, word: &mut String, style: Style, out: &mut Vec<Line<'static>>) {
-        if word.is_empty() {
-            return;
-        }
-        let w_len = display_width(word);
-        if self.width > 0 && self.width + w_len > self.term_width {
-            self.flush_line(out);
-        }
-        if w_len > self.term_width && self.width == 0 {
-            // Split an overlong word across multiple lines.
-            let mut cur = String::new();
-            let mut cur_w = 0;
-            for ch in word.chars() {
-                let ch_w = UnicodeWidthChar::width(ch).unwrap_or(0);
-                if cur_w + ch_w > self.term_width && cur_w > 0 {
-                    self.push_segment(cur.clone(), style);
-                    self.flush_line(out);
-                    cur.clear();
-                    cur_w = 0;
-                }
-                cur.push(ch);
-                cur_w += ch_w;
-            }
-            if !cur.is_empty() {
-                self.push_segment(cur, style);
-            }
-        } else {
-            self.push_segment(word.clone(), style);
-        }
-        word.clear();
-    }
-
-    fn consume_whitespace(&mut self, ws: &mut String, style: Style, out: &mut Vec<Line<'static>>) {
-        if ws.is_empty() {
-            return;
-        }
-        let space_w = display_width(ws);
-        if self.width > 0 && self.width + space_w > self.term_width {
-            self.flush_line(out);
-        }
-        if self.width > 0 {
-            self.push_segment(" ".to_string(), style);
-        }
-        ws.clear();
-    }
-}
-
-pub(crate) fn insert_history_lines(terminal: &mut tui::Tui, lines: Vec<Line<'static>>) {
-    let term_width = terminal.size().map(|a| a.width).unwrap_or(80) as usize;
-    let mut physical: Vec<Line<'static>> = Vec::new();
-
-    for logical in lines.into_iter() {
-        if logical.spans.is_empty() {
-            physical.push(logical);
-            continue;
-        }
-
-        let mut builder = LineBuilder::new(term_width);
-        let mut buf_space = String::new();
-
-        for span in logical.spans.into_iter() {
-            let style = span.style;
-            let mut buf_word = String::new();
-
-            for ch in span.content.chars() {
-                if ch == '\n' {
-                    builder.push_word(&mut buf_word, style, &mut physical);
-                    buf_space.clear();
-                    builder.flush_line(&mut physical);
-                    continue;
-                }
-                if ch.is_whitespace() {
-                    builder.push_word(&mut buf_word, style, &mut physical);
-                    buf_space.push(ch);
-                } else {
-                    builder.consume_whitespace(&mut buf_space, style, &mut physical);
-                    buf_word.push(ch);
-                }
-                if builder.width >= term_width {
-                    builder.flush_line(&mut physical);
-                }
-            }
-            builder.push_word(&mut buf_word, style, &mut physical);
-            // whitespace intentionally left to allow collapsing across spans
-        }
-        if !builder.spans.is_empty() {
-            physical.push(Line::from(std::mem::take(&mut builder.spans)));
-        } else {
-            // Preserve explicit blank line (e.g. due to a trailing newline).
-            physical.push(Line::from(Vec::<Span<'static>>::new()));
-        }
-    }
-
-    let total = physical.len() as u16;
     terminal
-        .insert_before(total, |buf| {
-            let width = buf.area.width;
-            for (i, line) in physical.into_iter().enumerate() {
-                let area = Rect {
-                    x: 0,
-                    y: i as u16,
-                    width,
-                    height: 1,
-                };
-                Paragraph::new(line).render(area, buf);
-            }
-        })
+        .set_cursor_position(Position::new(0, cursor_top))
         .ok();
+
+    for line in lines {
+        queue!(std::io::stdout(), Print("\r\n")).ok();
+        write_spans(&mut std::io::stdout(), line.iter()).ok();
+    }
+
+    queue!(std::io::stdout(), ResetScrollRegion).ok();
+}
+
+fn wrapped_line_count(lines: &[Line], width: u16) -> u16 {
+    let mut count = 0;
+    for line in lines {
+        count += line_height(line, width);
+    }
+    count
+}
+
+fn line_height(line: &Line, width: u16) -> u16 {
+    use unicode_width::UnicodeWidthStr;
+    // get the total display width of the line, accounting for double-width chars
+    let total_width = line
+        .spans
+        .iter()
+        .map(|span| span.content.width())
+        .sum::<usize>();
+    // divide by width to get the number of lines, rounding up
+    if width == 0 {
+        1
+    } else {
+        (total_width as u16).div_ceil(width).max(1)
+    }
+}
+
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct SetScrollRegion(pub std::ops::Range<u16>);
+
+impl Command for SetScrollRegion {
+    fn write_ansi(&self, f: &mut impl fmt::Write) -> fmt::Result {
+        write!(f, "\x1b[{};{}r", self.0.start, self.0.end)
+    }
+
+    #[cfg(windows)]
+    fn execute_winapi(&self) -> std::io::Result<()> {
+        panic!("tried to execute SetScrollRegion command using WinAPI, use ANSI instead");
+    }
+
+    #[cfg(windows)]
+    fn is_ansi_code_supported(&self) -> bool {
+        // TODO(nornagon): is this supported on Windows?
+        true
+    }
+}
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
+pub struct ResetScrollRegion;
+
+impl Command for ResetScrollRegion {
+    fn write_ansi(&self, f: &mut impl fmt::Write) -> fmt::Result {
+        write!(f, "\x1b[r")
+    }
+
+    #[cfg(windows)]
+    fn execute_winapi(&self) -> std::io::Result<()> {
+        panic!("tried to execute ResetScrollRegion command using WinAPI, use ANSI instead");
+    }
+
+    #[cfg(windows)]
+    fn is_ansi_code_supported(&self) -> bool {
+        // TODO(nornagon): is this supported on Windows?
+        true
+    }
+}
+
+struct ModifierDiff {
+    pub from: Modifier,
+    pub to: Modifier,
+}
+
+impl ModifierDiff {
+    fn queue<W>(self, mut w: W) -> io::Result<()>
+    where
+        W: io::Write,
+    {
+        use crossterm::style::Attribute as CAttribute;
+        let removed = self.from - self.to;
+        if removed.contains(Modifier::REVERSED) {
+            queue!(w, SetAttribute(CAttribute::NoReverse))?;
+        }
+        if removed.contains(Modifier::BOLD) {
+            queue!(w, SetAttribute(CAttribute::NormalIntensity))?;
+            if self.to.contains(Modifier::DIM) {
+                queue!(w, SetAttribute(CAttribute::Dim))?;
+            }
+        }
+        if removed.contains(Modifier::ITALIC) {
+            queue!(w, SetAttribute(CAttribute::NoItalic))?;
+        }
+        if removed.contains(Modifier::UNDERLINED) {
+            queue!(w, SetAttribute(CAttribute::NoUnderline))?;
+        }
+        if removed.contains(Modifier::DIM) {
+            queue!(w, SetAttribute(CAttribute::NormalIntensity))?;
+        }
+        if removed.contains(Modifier::CROSSED_OUT) {
+            queue!(w, SetAttribute(CAttribute::NotCrossedOut))?;
+        }
+        if removed.contains(Modifier::SLOW_BLINK) || removed.contains(Modifier::RAPID_BLINK) {
+            queue!(w, SetAttribute(CAttribute::NoBlink))?;
+        }
+
+        let added = self.to - self.from;
+        if added.contains(Modifier::REVERSED) {
+            queue!(w, SetAttribute(CAttribute::Reverse))?;
+        }
+        if added.contains(Modifier::BOLD) {
+            queue!(w, SetAttribute(CAttribute::Bold))?;
+        }
+        if added.contains(Modifier::ITALIC) {
+            queue!(w, SetAttribute(CAttribute::Italic))?;
+        }
+        if added.contains(Modifier::UNDERLINED) {
+            queue!(w, SetAttribute(CAttribute::Underlined))?;
+        }
+        if added.contains(Modifier::DIM) {
+            queue!(w, SetAttribute(CAttribute::Dim))?;
+        }
+        if added.contains(Modifier::CROSSED_OUT) {
+            queue!(w, SetAttribute(CAttribute::CrossedOut))?;
+        }
+        if added.contains(Modifier::SLOW_BLINK) {
+            queue!(w, SetAttribute(CAttribute::SlowBlink))?;
+        }
+        if added.contains(Modifier::RAPID_BLINK) {
+            queue!(w, SetAttribute(CAttribute::RapidBlink))?;
+        }
+
+        Ok(())
+    }
+}
+
+fn write_spans<'a, I>(mut writer: &mut impl Write, content: I) -> io::Result<()>
+where
+    I: Iterator<Item = &'a Span<'a>>,
+{
+    let mut fg = Color::Reset;
+    let mut bg = Color::Reset;
+    let mut modifier = Modifier::empty();
+    for span in content {
+        let mut next_modifier = modifier;
+        next_modifier.insert(span.style.add_modifier);
+        next_modifier.remove(span.style.sub_modifier);
+        if next_modifier != modifier {
+            let diff = ModifierDiff {
+                from: modifier,
+                to: next_modifier,
+            };
+            diff.queue(&mut writer)?;
+            modifier = next_modifier;
+        }
+        let next_fg = span.style.fg.unwrap_or(Color::Reset);
+        let next_bg = span.style.bg.unwrap_or(Color::Reset);
+        if next_fg != fg || next_bg != bg {
+            queue!(
+                writer,
+                SetColors(Colors::new(next_fg.into(), next_bg.into()))
+            )?;
+            fg = next_fg;
+            bg = next_bg;
+        }
+
+        queue!(writer, Print(span.content.clone()))?;
+    }
+
+    queue!(
+        writer,
+        SetForegroundColor(CColor::Reset),
+        SetBackgroundColor(CColor::Reset),
+        SetAttribute(crossterm::style::Attribute::Reset),
+    )
 }

codex-rs/tui/src/lib.rs

@@ -6,15 +6,14 @@ use app::App;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
 use codex_core::config_types::SandboxMode;
-use codex_core::openai_api_key::OPENAI_API_KEY_ENV_VAR;
-use codex_core::openai_api_key::get_openai_api_key;
-use codex_core::openai_api_key::set_openai_api_key;
 use codex_core::protocol::AskForApproval;
 use codex_core::util::is_inside_git_repo;
-use codex_login::try_read_openai_api_key;
+use codex_login::load_auth;
 use log_layer::TuiLogLayer;
 use std::fs::OpenOptions;
+use std::io::Write;
 use std::path::PathBuf;
+use tracing::error;
 use tracing_appender::non_blocking;
 use tracing_subscriber::EnvFilter;
 use tracing_subscriber::prelude::*;
@@ -23,11 +22,9 @@ mod app;
 mod app_event;
 mod app_event_sender;
 mod bottom_pane;
-mod cell_widget;
 mod chatwidget;
 mod citation_regex;
 mod cli;
-mod conversation_history_widget;
 mod exec_command;
 mod file_search;
 mod get_git_diff;
@@ -35,9 +32,7 @@ mod git_warning_screen;
 mod history_cell;
 mod insert_history;
 mod log_layer;
-mod login_screen;
 mod markdown;
-mod scroll_event_helper;
 mod slash_command;
 mod status_indicator_widget;
 mod text_block;
@@ -47,7 +42,7 @@ mod user_approval_widget;
 
 pub use cli::Cli;
 
-pub fn run_main(
+pub async fn run_main(
     cli: Cli,
     codex_linux_sandbox_exe: Option<PathBuf>,
 ) -> std::io::Result<codex_core::protocol::TokenUsage> {
@@ -79,6 +74,7 @@ pub fn run_main(
             config_profile: cli.config_profile.clone(),
             codex_linux_sandbox_exe,
             base_instructions: None,
+            include_plan_tool: None,
         };
         // Parse `-c` overrides from the CLI.
         let cli_kv_overrides = match cli.config_overrides.parse_overrides() {
@@ -143,6 +139,22 @@ pub fn run_main(
         .try_init();
 
     let show_login_screen = should_show_login_screen(&config);
+    if show_login_screen {
+        std::io::stdout()
+            .write_all(b"No API key detected.\nLogin with your ChatGPT account? [Yn] ")?;
+        std::io::stdout().flush()?;
+        let mut input = String::new();
+        std::io::stdin().read_line(&mut input)?;
+        let trimmed = input.trim();
+        if !(trimmed.is_empty() || trimmed.eq_ignore_ascii_case("y")) {
+            std::process::exit(1);
+        }
+        // Spawn a task to run the login command.
+        // Block until the login command is finished.
+        codex_login::login_with_chatgpt(&config.codex_home, false).await?;
+
+        std::io::stdout().write_all(b"Login successful.\n")?;
+    }
 
     // Determine whether we need to display the "not a git repo" warning
     // modal. The flag is shown when the current working directory is *not*
@@ -150,14 +162,13 @@ pub fn run_main(
     // `--allow-no-git-exec` flag.
     let show_git_warning = !cli.skip_git_repo_check && !is_inside_git_repo(&config);
 
-    run_ratatui_app(cli, config, show_login_screen, show_git_warning, log_rx)
+    run_ratatui_app(cli, config, show_git_warning, log_rx)
         .map_err(|err| std::io::Error::other(err.to_string()))
 }
 
 fn run_ratatui_app(
     cli: Cli,
     config: Config,
-    show_login_screen: bool,
     show_git_warning: bool,
     mut log_rx: tokio::sync::mpsc::UnboundedReceiver<String>,
 ) -> color_eyre::Result<codex_core::protocol::TokenUsage> {
@@ -172,13 +183,7 @@ fn run_ratatui_app(
     terminal.clear()?;
 
     let Cli { prompt, images, .. } = cli;
-    let mut app = App::new(
-        config.clone(),
-        prompt,
-        show_login_screen,
-        show_git_warning,
-        images,
-    );
+    let mut app = App::new(config.clone(), prompt, show_git_warning, images);
 
     // Bridge log receiver into the AppEvent channel so latest log lines update the UI.
     {
@@ -212,35 +217,19 @@ fn restore() {
 
 #[allow(clippy::unwrap_used)]
 fn should_show_login_screen(config: &Config) -> bool {
-    if is_in_need_of_openai_api_key(config) {
+    if config.model_provider.requires_auth {
         // Reading the OpenAI API key is an async operation because it may need
         // to refresh the token. Block on it.
         let codex_home = config.codex_home.clone();
-        let (tx, rx) = tokio::sync::oneshot::channel();
-        tokio::spawn(async move {
-            match try_read_openai_api_key(&codex_home).await {
-                Ok(openai_api_key) => {
-                    set_openai_api_key(openai_api_key);
-                    tx.send(false).unwrap();
-                }
-                Err(_) => {
-                    tx.send(true).unwrap();
-                }
+        match load_auth(&codex_home) {
+            Ok(Some(_)) => false,
+            Ok(None) => true,
+            Err(err) => {
+                error!("Failed to read auth.json: {err}");
+                true
             }
-        });
-        // TODO(mbolin): Impose some sort of timeout.
-        tokio::task::block_in_place(|| rx.blocking_recv()).unwrap()
+        }
     } else {
         false
     }
 }
-
-fn is_in_need_of_openai_api_key(config: &Config) -> bool {
-    let is_using_openai_key = config
-        .model_provider
-        .env_key
-        .as_ref()
-        .map(|s| s == OPENAI_API_KEY_ENV_VAR)
-        .unwrap_or(false);
-    is_using_openai_key && get_openai_api_key().is_none()
-}

codex-rs/tui/src/login_screen.rs

@@ -1,46 +0,0 @@
-use std::path::PathBuf;
-
-use crossterm::event::KeyCode;
-use crossterm::event::KeyEvent;
-use ratatui::buffer::Buffer;
-use ratatui::layout::Rect;
-use ratatui::widgets::Paragraph;
-use ratatui::widgets::Widget as _;
-use ratatui::widgets::WidgetRef;
-
-use crate::app_event::AppEvent;
-use crate::app_event_sender::AppEventSender;
-
-pub(crate) struct LoginScreen {
-    app_event_tx: AppEventSender,
-
-    /// Use this with login_with_chatgpt() in login/src/lib.rs and, if
-    /// successful, update the in-memory config via
-    /// codex_core::openai_api_key::set_openai_api_key().
-    #[allow(dead_code)]
-    codex_home: PathBuf,
-}
-
-impl LoginScreen {
-    pub(crate) fn new(app_event_tx: AppEventSender, codex_home: PathBuf) -> Self {
-        Self {
-            app_event_tx,
-            codex_home,
-        }
-    }
-
-    pub(crate) fn handle_key_event(&mut self, key_event: KeyEvent) {
-        if let KeyCode::Char('q') = key_event.code {
-            self.app_event_tx.send(AppEvent::ExitRequest);
-        }
-    }
-}
-
-impl WidgetRef for &LoginScreen {
-    fn render_ref(&self, area: Rect, buf: &mut Buffer) {
-        let text = Paragraph::new(
-            "Login using `codex login` and then run this command again. 'q' to quit.",
-        );
-        text.render(area, buf);
-    }
-}

codex-rs/tui/src/main.rs

@@ -1,4 +1,5 @@
 use clap::Parser;
+use codex_arg0::arg0_dispatch_or_else;
 use codex_common::CliConfigOverrides;
 use codex_tui::Cli;
 use codex_tui::run_main;
@@ -13,14 +14,14 @@ struct TopCli {
 }
 
 fn main() -> anyhow::Result<()> {
-    codex_linux_sandbox::run_with_sandbox(|codex_linux_sandbox_exe| async move {
+    arg0_dispatch_or_else(|codex_linux_sandbox_exe| async move {
         let top_cli = TopCli::parse();
         let mut inner = top_cli.inner;
         inner
             .config_overrides
             .raw_overrides
             .splice(0..0, top_cli.config_overrides.raw_overrides);
-        let usage = run_main(inner, codex_linux_sandbox_exe)?;
+        let usage = run_main(inner, codex_linux_sandbox_exe).await?;
         println!("{}", codex_core::protocol::FinalOutput::from(usage));
         Ok(())
     })

codex-rs/tui/src/scroll_event_helper.rs

@@ -1,77 +0,0 @@
-use std::sync::Arc;
-use std::sync::atomic::AtomicBool;
-use std::sync::atomic::AtomicI32;
-use std::sync::atomic::Ordering;
-
-use tokio::runtime::Handle;
-use tokio::time::Duration;
-use tokio::time::sleep;
-
-use crate::app_event::AppEvent;
-use crate::app_event_sender::AppEventSender;
-
-pub(crate) struct ScrollEventHelper {
-    app_event_tx: AppEventSender,
-    scroll_delta: Arc<AtomicI32>,
-    timer_scheduled: Arc<AtomicBool>,
-    runtime: Handle,
-}
-
-/// How long to wait after the first scroll event before sending the
-/// accumulated scroll delta to the main thread.
-const DEBOUNCE_WINDOW: Duration = Duration::from_millis(100);
-
-/// Utility to debounce scroll events so we can determine the **magnitude** of
-/// each scroll burst by accumulating individual wheel events over a short
-/// window.  The debounce timer now runs on Tokio so we avoid spinning up a new
-/// operating-system thread for every burst.
-impl ScrollEventHelper {
-    pub(crate) fn new(app_event_tx: AppEventSender) -> Self {
-        Self {
-            app_event_tx,
-            scroll_delta: Arc::new(AtomicI32::new(0)),
-            timer_scheduled: Arc::new(AtomicBool::new(false)),
-            runtime: Handle::current(),
-        }
-    }
-
-    pub(crate) fn scroll_up(&self) {
-        self.scroll_delta.fetch_sub(1, Ordering::Relaxed);
-        self.schedule_notification();
-    }
-
-    pub(crate) fn scroll_down(&self) {
-        self.scroll_delta.fetch_add(1, Ordering::Relaxed);
-        self.schedule_notification();
-    }
-
-    /// Starts a one-shot timer **only once** per burst of wheel events.
-    fn schedule_notification(&self) {
-        // If the timer is already scheduled, do nothing.
-        if self
-            .timer_scheduled
-            .compare_exchange(false, true, Ordering::SeqCst, Ordering::SeqCst)
-            .is_err()
-        {
-            return;
-        }
-
-        // Otherwise, schedule a new timer.
-        let tx = self.app_event_tx.clone();
-        let delta = Arc::clone(&self.scroll_delta);
-        let timer_flag = Arc::clone(&self.timer_scheduled);
-
-        // Use self.runtime instead of tokio::spawn() because the calling thread
-        // in app.rs is not part of the Tokio runtime: it is a plain OS thread.
-        self.runtime.spawn(async move {
-            sleep(DEBOUNCE_WINDOW).await;
-
-            let accumulated = delta.swap(0, Ordering::SeqCst);
-            if accumulated != 0 {
-                tx.send(AppEvent::Scroll(accumulated));
-            }
-
-            timer_flag.store(false, Ordering::SeqCst);
-        });
-    }
-}

codex-rs/tui/src/slash_command.rs

@@ -13,6 +13,7 @@ pub enum SlashCommand {
     // DO NOT ALPHA-SORT! Enum order is presentation order in the popup, so
     // more frequently used commands should be listed first.
     New,
+    Compact,
     Diff,
     Quit,
 }
@@ -22,6 +23,9 @@ impl SlashCommand {
     pub fn description(self) -> &'static str {
         match self {
             SlashCommand::New => "Start a new chat.",
+            SlashCommand::Compact => {
+                "Summarize and compact the current conversation to free up context."
+            }
             SlashCommand::Quit => "Exit the application.",
             SlashCommand::Diff => {
                 "Show git diff of the working directory (including untracked files)"
@@ -40,3 +44,58 @@ impl SlashCommand {
 pub fn built_in_slash_commands() -> Vec<(&'static str, SlashCommand)> {
     SlashCommand::iter().map(|c| (c.command(), c)).collect()
 }
+
+#[cfg(test)]
+mod tests {
+    use crate::app_event_sender::AppEventSender;
+    use crate::bottom_pane::chat_composer::ChatComposer;
+    use crossterm::event::KeyCode;
+    use insta::assert_snapshot;
+    use ratatui::Terminal;
+    use ratatui::backend::TestBackend;
+    use std::sync::mpsc;
+
+    #[test]
+    fn test_slash_commands() {
+        let (tx, _rx) = mpsc::channel();
+        let sender = AppEventSender::new(tx);
+        let mut composer = ChatComposer::new(true, sender);
+
+        let mut terminal = match Terminal::new(TestBackend::new(100, 10)) {
+            Ok(t) => t,
+            Err(e) => panic!("Failed to create terminal: {e}"),
+        };
+
+        // Initial empty state
+        if let Err(e) = terminal.draw(|f| f.render_widget_ref(&composer, f.area())) {
+            panic!("Failed to draw empty composer: {e}");
+        }
+        assert_snapshot!("empty_slash", terminal.backend());
+
+        // Type slash to show commands
+        let _ = composer.handle_key_event(crossterm::event::KeyEvent::new(
+            KeyCode::Char('/'),
+            crossterm::event::KeyModifiers::empty(),
+        ));
+        if let Err(e) = terminal.draw(|f| f.render_widget_ref(&composer, f.area())) {
+            panic!("Failed to draw slash commands: {e}");
+        }
+        assert_snapshot!("slash_commands", terminal.backend());
+
+        // Type 'c' to filter to compact
+        let _ = composer.handle_key_event(crossterm::event::KeyEvent::new(
+            KeyCode::Char('c'),
+            crossterm::event::KeyModifiers::empty(),
+        ));
+        if let Err(e) = terminal.draw(|f| f.render_widget_ref(&composer, f.area())) {
+            panic!("Failed to draw filtered commands: {e}");
+        }
+        assert_snapshot!("compact_filtered", terminal.backend());
+
+        // Select compact command - we don't check the final state since it's handled by the app layer
+        let _ = composer.handle_key_event(crossterm::event::KeyEvent::new(
+            KeyCode::Enter,
+            crossterm::event::KeyModifiers::empty(),
+        ));
+    }
+}

codex-rs/tui/src/snapshots/codex_tui__slash_command__tests__compact_filtered.snap

@@ -0,0 +1,14 @@
+---
+source: tui/src/slash_command.rs
+expression: terminal.backend()
+---
+"╭──────────────────────────────────────────────────────────────────────────────────────────────────╮"
+"│/compact            Summarize and compact the current conversation to free up context.            │"
+"╰──────────────────────────────────────────────────────────────────────────────────────────────────╯"
+"╭──────────────────────────────────────────────────────────────────────────────────────────────────╮"
+"│/c                                                                                                │"
+"│                                                                                                  │"
+"│                                                                                                  │"
+"│                                                                                                  │"
+"│                                                                                                  │"
+"╰───────────────────────────────────────────────Enter to send | Ctrl+D to quit | Ctrl+J for newline╯"

codex-rs/tui/src/snapshots/codex_tui__slash_command__tests__empty_slash.snap

@@ -0,0 +1,14 @@
+---
+source: tui/src/slash_command.rs
+expression: terminal.backend()
+---
+"╭──────────────────────────────────────────────────────────────────────────────────────────────────╮"
+"│ send a message                                                                                   │"
+"│                                                                                                  │"
+"│                                                                                                  │"
+"│                                                                                                  │"
+"│                                                                                                  │"
+"│                                                                                                  │"
+"│                                                                                                  │"
+"│                                                                                                  │"
+"╰───────────────────────────────────────────────Enter to send | Ctrl+D to quit | Ctrl+J for newline╯"

codex-rs/tui/src/snapshots/codex_tui__slash_command__tests__slash_commands.snap

@@ -0,0 +1,14 @@
+---
+source: tui/src/slash_command.rs
+expression: terminal.backend()
+---
+"╭──────────────────────────────────────────────────────────────────────────────────────────────────╮"
+"│/new                Start a new chat.                                                             │"
+"│/compact            Summarize and compact the current conversation to free up context.            │"
+"│/diff               Show git diff of the working directory (including untracked files)            │"
+"│/quit               Exit the application.                                                         │"
+"│/toggle-mouse-mode  Toggle mouse mode (enable for scrolling, disable for text selection)          │"
+"╰──────────────────────────────────────────────────────────────────────────────────────────────────╯"
+"╭──────────────────────────────────────────────────────────────────────────────────────────────────╮"
+"│/                                                                                                 │"
+"╰───────────────────────────────────────────────Enter to send | Ctrl+D to quit | Ctrl+J for newline╯"

codex-rs/tui/src/text_block.rs

@@ -1,4 +1,3 @@
-use crate::cell_widget::CellWidget;
 use ratatui::prelude::*;
 
 /// A simple widget that just displays a list of `Line`s via a `Paragraph`.
@@ -13,20 +12,3 @@ impl TextBlock {
         Self { lines }
     }
 }
-
-impl CellWidget for TextBlock {
-    fn height(&self, width: u16) -> usize {
-        // Use the same wrapping configuration as ConversationHistoryWidget so
-        // measurement stays in sync with rendering.
-        ratatui::widgets::Paragraph::new(self.lines.clone())
-            .wrap(crate::conversation_history_widget::wrap_cfg())
-            .line_count(width)
-    }
-
-    fn render_window(&self, first_visible_line: usize, area: Rect, buf: &mut Buffer) {
-        ratatui::widgets::Paragraph::new(self.lines.clone())
-            .wrap(crate::conversation_history_widget::wrap_cfg())
-            .scroll((first_visible_line as u16, 0))
-            .render(area, buf);
-    }
-}

codex-rs/tui/src/user_approval_widget.rs

@@ -203,6 +203,12 @@ impl UserApprovalWidget<'_> {
         }
     }
 
+    /// Handle Ctrl-C pressed by the user while the modal is visible.
+    /// Behaves like pressing Escape: abort the request and close the modal.
+    pub(crate) fn on_ctrl_c(&mut self) {
+        self.send_decision(ReviewDecision::Abort);
+    }
+
     fn handle_select_key(&mut self, key_event: KeyEvent) {
         match key_event.code {
             KeyCode::Up => {
@@ -265,7 +271,28 @@ impl UserApprovalWidget<'_> {
         self.send_decision_with_feedback(decision, String::new())
     }
 
-    fn send_decision_with_feedback(&mut self, decision: ReviewDecision, _feedback: String) {
+    fn send_decision_with_feedback(&mut self, decision: ReviewDecision, feedback: String) {
+        let mut lines: Vec<Line<'static>> = Vec::new();
+        match &self.approval_request {
+            ApprovalRequest::Exec { command, .. } => {
+                let cmd = strip_bash_lc_and_escape(command);
+                lines.push(Line::from("approval decision"));
+                lines.push(Line::from(format!("$ {cmd}")));
+                lines.push(Line::from(format!("decision: {decision:?}")));
+            }
+            ApprovalRequest::ApplyPatch { .. } => {
+                lines.push(Line::from(format!("patch approval decision: {decision:?}")));
+            }
+        }
+        if !feedback.trim().is_empty() {
+            lines.push(Line::from("feedback:"));
+            for l in feedback.lines() {
+                lines.push(Line::from(l.to_string()));
+            }
+        }
+        lines.push(Line::from(""));
+        self.app_event_tx.send(AppEvent::InsertHistory(lines));
+
         let op = match &self.approval_request {
             ApprovalRequest::Exec { id, .. } => Op::ExecApproval {
                 id: id.clone(),
@@ -277,12 +304,6 @@ impl UserApprovalWidget<'_> {
             },
         };
 
-        // Ignore feedback for now – the current `Op` variants do not carry it.
-
-        // Forward the Op to the agent. The caller (ChatWidget) will trigger a
-        // redraw after it processes the resulting state change, so we avoid
-        // issuing an extra Redraw here to prevent a transient frame where the
-        // modal is still visible.
         self.app_event_tx.send(AppEvent::CodexOp(op));
         self.done = true;
     }