[Codex][Codex CLI] Harden auth-failure telemetry delivery

Co-authored-by: Codex <noreply@openai.com>

.bazelrc

@@ -20,9 +20,6 @@ common:windows --host_platform=//:local_windows
 common --@rules_cc//cc/toolchains/args/archiver_flags:use_libtool_on_macos=False
 common --@llvm//config:experimental_stub_libgcc_s
 
-# We need to use the sh toolchain on windows so we don't send host bash paths to the linux executor.
-common:windows --@rules_rust//rust/settings:experimental_use_sh_toolchain_for_bootstrap_process_wrapper
-
 # TODO(zbarsky): rules_rust doesn't implement this flag properly with remote exec...
 # common --@rules_rust//rust/settings:pipelined_compilation
 
@@ -60,3 +57,61 @@ common:remote --jobs=800
 # Enable pipelined compilation since we are not bound by local CPU count.
 #common:remote --@rules_rust//rust/settings:pipelined_compilation
 
+# GitHub Actions CI configs.
+common:ci --remote_download_minimal
+common:ci --keep_going
+common:ci --verbose_failures
+common:ci --build_metadata=REPO_URL=https://github.com/openai/codex.git
+common:ci --build_metadata=ROLE=CI
+common:ci --build_metadata=VISIBILITY=PUBLIC
+
+# Disable disk cache in CI since we have a remote one and aren't using persistent workers.
+common:ci --disk_cache=
+
+# Shared config for the main Bazel CI workflow.
+common:ci-bazel --config=ci
+common:ci-bazel --build_metadata=TAG_workflow=bazel
+
+# Shared config for Bazel-backed Rust linting.
+build:clippy --aspects=@rules_rust//rust:defs.bzl%rust_clippy_aspect
+build:clippy --output_groups=+clippy_checks
+build:clippy --@rules_rust//rust/settings:clippy.toml=//codex-rs:clippy.toml
+
+# Shared config for Bazel-backed argument-comment-lint.
+build:argument-comment-lint --aspects=//tools/argument-comment-lint:lint_aspect.bzl%rust_argument_comment_lint_aspect
+build:argument-comment-lint --output_groups=argument_comment_lint_checks
+build:argument-comment-lint --@rules_rust//rust/toolchain/channel=nightly
+
+# Rearrange caches on Windows so they're on the same volume as the checkout.
+common:ci-windows --config=ci-bazel
+common:ci-windows --build_metadata=TAG_os=windows
+common:ci-windows --repo_contents_cache=D:/a/.cache/bazel-repo-contents-cache
+common:ci-windows --repository_cache=D:/a/.cache/bazel-repo-cache
+
+# We prefer to run the build actions entirely remotely so we can dial up the concurrency.
+# We have platform-specific tests, so we want to execute the tests on all platforms using the strongest sandboxing available on each platform.
+
+# On linux, we can do a full remote build/test, by targeting the right (x86/arm) runners, so we have coverage of both.
+# Linux crossbuilds don't work until we untangle the libc constraint mess.
+common:ci-linux --config=ci-bazel
+common:ci-linux --build_metadata=TAG_os=linux
+common:ci-linux --config=remote
+common:ci-linux --strategy=remote
+common:ci-linux --platforms=//:rbe
+
+# On mac, we can run all the build actions remotely but test actions locally.
+common:ci-macos --config=ci-bazel
+common:ci-macos --build_metadata=TAG_os=macos
+common:ci-macos --config=remote
+common:ci-macos --strategy=remote
+common:ci-macos --strategy=TestRunner=darwin-sandbox,local
+
+# Linux-only V8 CI config.
+common:ci-v8 --config=ci
+common:ci-v8 --build_metadata=TAG_workflow=v8
+common:ci-v8 --build_metadata=TAG_os=linux
+common:ci-v8 --config=remote
+common:ci-v8 --strategy=remote
+
+# Optional per-user local overrides.
+try-import %workspace%/user.bazelrc

.codespellrc

@@ -3,4 +3,4 @@
 skip = .git*,vendor,*-lock.yaml,*.lock,.codespellrc,*test.ts,*.jsonl,frame*.txt,*.snap,*.snap.new,*meriyah.umd.min.js
 check-hidden = true
 ignore-regex = ^\s*"image/\S+": ".*|\b(afterAll)\b
-ignore-words-list = ratatui,ser,iTerm,iterm2,iterm,te,TE
+ignore-words-list = ratatui,ser,iTerm,iterm2,iterm,te,TE,PASE,SEH

.codex/skills/babysit-pr/SKILL.md

@@ -29,14 +29,15 @@ Accept any of the following:
 4. If `diagnose_ci_failure` is present, inspect failed run logs and classify the failure.
 5. If the failure is likely caused by the current branch, patch code locally, commit, and push.
 6. If `process_review_comment` is present, inspect surfaced review items and decide whether to address them.
-7. If a review item is actionable and correct, patch code locally, commit, and push.
-8. If the failure is likely flaky/unrelated and `retry_failed_checks` is present, rerun failed jobs with `--retry-failed-now`.
-9. If both actionable review feedback and `retry_failed_checks` are present, prioritize review feedback first; a new commit will retrigger CI, so avoid rerunning flaky checks on the old SHA unless you intentionally defer the review change.
-10. On every loop, verify mergeability / merge-conflict status (for example via `gh pr view`) in addition to CI and review state.
-11. After any push or rerun action, immediately return to step 1 and continue polling on the updated SHA/state.
-12. If you had been using `--watch` before pausing to patch/commit/push, relaunch `--watch` yourself in the same turn immediately after the push (do not wait for the user to re-invoke the skill).
-13. Repeat polling until the PR is green + review-clean + mergeable, `stop_pr_closed` appears, or a user-help-required blocker is reached.
-14. Maintain terminal/session ownership: while babysitting is active, keep consuming watcher output in the same turn; do not leave a detached `--watch` process running and then end the turn as if monitoring were complete.
+7. If a review item is actionable and correct, patch code locally, commit, push, and then mark the associated review thread/comment as resolved once the fix is on GitHub.
+8. If a review item from another author is non-actionable, already addressed, or not valid, post one reply on the comment/thread explaining that decision (for example answering the question or explaining why no change is needed). If the watcher later surfaces your own reply, treat that self-authored item as already handled and do not reply again.
+9. If the failure is likely flaky/unrelated and `retry_failed_checks` is present, rerun failed jobs with `--retry-failed-now`.
+10. If both actionable review feedback and `retry_failed_checks` are present, prioritize review feedback first; a new commit will retrigger CI, so avoid rerunning flaky checks on the old SHA unless you intentionally defer the review change.
+11. On every loop, verify mergeability / merge-conflict status (for example via `gh pr view`) in addition to CI and review state.
+12. After any push or rerun action, immediately return to step 1 and continue polling on the updated SHA/state.
+13. If you had been using `--watch` before pausing to patch/commit/push, relaunch `--watch` yourself in the same turn immediately after the push (do not wait for the user to re-invoke the skill).
+14. Repeat polling until the PR is green + review-clean + mergeable, `stop_pr_closed` appears, or a user-help-required blocker is reached.
+15. Maintain terminal/session ownership: while babysitting is active, keep consuming watcher output in the same turn; do not leave a detached `--watch` process running and then end the turn as if monitoring were complete.
 
 ## Commands
 
@@ -94,10 +95,11 @@ When you agree with a comment and it is actionable:
 1. Patch code locally.
 2. Commit with `codex: address PR review feedback (#<n>)`.
 3. Push to the PR head branch.
-4. Resume watching on the new SHA immediately (do not stop after reporting the push).
-5. If monitoring was running in `--watch` mode, restart `--watch` immediately after the push in the same turn; do not wait for the user to ask again.
+4. After the push succeeds, mark the associated GitHub review thread/comment as resolved.
+5. Resume watching on the new SHA immediately (do not stop after reporting the push).
+6. If monitoring was running in `--watch` mode, restart `--watch` immediately after the push in the same turn; do not wait for the user to ask again.
 
-If you disagree or the comment is non-actionable/already addressed, record it as handled by continuing the watcher loop (the script de-duplicates surfaced items via state after surfacing them).
+If you disagree or the comment is non-actionable/already addressed, reply once directly on the GitHub comment/thread so the reviewer gets an explicit answer, then continue the watcher loop. If the watcher later surfaces your own reply because the authenticated operator is treated as a trusted review author, treat that self-authored item as already handled and do not reply again.
 If a code review comment/thread is already marked as resolved in GitHub, treat it as non-actionable and safely ignore it unless new unresolved follow-up feedback appears.
 
 ## Git Safety Rules
@@ -124,13 +126,14 @@ Use this loop in a live Codex session:
 3. First check whether the PR is now merged or otherwise closed; if so, report that terminal state and stop polling immediately.
 4. Check CI summary, new review items, and mergeability/conflict status.
 5. Diagnose CI failures and classify branch-related vs flaky/unrelated.
-6. Process actionable review comments before flaky reruns when both are present; if a review fix requires a commit, push it and skip rerunning failed checks on the old SHA.
-7. Retry failed checks only when `retry_failed_checks` is present and you are not about to replace the current SHA with a review/CI fix commit.
-8. If you pushed a commit or triggered a rerun, report the action briefly and continue polling (do not stop).
-9. After a review-fix push, proactively restart continuous monitoring (`--watch`) in the same turn unless a strict stop condition has already been reached.
-10. If everything is passing, mergeable, not blocked on required review approval, and there are no unaddressed review items, report success and stop.
-11. If blocked on a user-help-required issue (infra outage, exhausted flaky retries, unclear reviewer request, permissions), report the blocker and stop.
-12. Otherwise sleep according to the polling cadence below and repeat.
+6. For each surfaced review item from another author, either reply once with an explanation if it is non-actionable or patch/commit/push and then resolve it if it is actionable. If a later snapshot surfaces your own reply, treat it as informational and continue without responding again.
+7. Process actionable review comments before flaky reruns when both are present; if a review fix requires a commit, push it and skip rerunning failed checks on the old SHA.
+8. Retry failed checks only when `retry_failed_checks` is present and you are not about to replace the current SHA with a review/CI fix commit.
+9. If you pushed a commit, resolved a review thread, replied to a review comment, or triggered a rerun, report the action briefly and continue polling (do not stop).
+10. After a review-fix push, proactively restart continuous monitoring (`--watch`) in the same turn unless a strict stop condition has already been reached.
+11. If everything is passing, mergeable, not blocked on required review approval, and there are no unaddressed review items, report success and stop.
+12. If blocked on a user-help-required issue (infra outage, exhausted flaky retries, unclear reviewer request, permissions), report the blocker and stop.
+13. Otherwise sleep according to the polling cadence below and repeat.
 
 When the user explicitly asks to monitor/watch/babysit a PR, prefer `--watch` so polling continues autonomously in one command. Use repeated `--once` snapshots only for debugging, local testing, or when the user explicitly asks for a one-shot check.
 Do not stop to ask the user whether to continue polling; continue autonomously until a strict stop condition is met or the user explicitly interrupts.

.github/actions/setup-bazel-ci/action.yml

@@ -0,0 +1,133 @@
+name: setup-bazel-ci
+description: Prepare a Bazel CI runner with shared caches and optional test prerequisites.
+inputs:
+  target:
+    description: Target triple used for cache namespacing.
+    required: true
+  install-test-prereqs:
+    description: Install Node.js and DotSlash for Bazel-backed test jobs.
+    required: false
+    default: "false"
+outputs:
+  cache-hit:
+    description: Whether the Bazel repository cache key was restored exactly.
+    value: ${{ steps.cache_bazel_repository_restore.outputs.cache-hit }}
+
+runs:
+  using: composite
+  steps:
+    - name: Set up Node.js for js_repl tests
+      if: inputs.install-test-prereqs == 'true'
+      uses: actions/setup-node@v6
+      with:
+        node-version-file: codex-rs/node-version.txt
+
+    # Some integration tests rely on DotSlash being installed.
+    # See https://github.com/openai/codex/pull/7617.
+    - name: Install DotSlash
+      if: inputs.install-test-prereqs == 'true'
+      uses: facebook/install-dotslash@v2
+
+    - name: Make DotSlash available in PATH (Unix)
+      if: inputs.install-test-prereqs == 'true' && runner.os != 'Windows'
+      shell: bash
+      run: cp "$(which dotslash)" /usr/local/bin
+
+    - name: Make DotSlash available in PATH (Windows)
+      if: inputs.install-test-prereqs == 'true' && runner.os == 'Windows'
+      shell: pwsh
+      run: Copy-Item (Get-Command dotslash).Source -Destination "$env:LOCALAPPDATA\Microsoft\WindowsApps\dotslash.exe"
+
+    - name: Set up Bazel
+      uses: bazelbuild/setup-bazelisk@v3
+
+    # Restore bazel repository cache so we don't have to redownload all the external dependencies
+    # on every CI run.
+    - name: Restore bazel repository cache
+      id: cache_bazel_repository_restore
+      uses: actions/cache/restore@v5
+      with:
+        path: |
+          ~/.cache/bazel-repo-cache
+        key: bazel-cache-${{ inputs.target }}-${{ hashFiles('MODULE.bazel', 'codex-rs/Cargo.lock', 'codex-rs/Cargo.toml') }}
+        restore-keys: |
+          bazel-cache-${{ inputs.target }}
+
+    - name: Configure Bazel output root (Windows)
+      if: runner.os == 'Windows'
+      shell: pwsh
+      run: |
+        # Use the shortest available drive to reduce argv/path length issues,
+        # but avoid the drive root because some Windows test launchers mis-handle
+        # MANIFEST paths there.
+        $hasDDrive = Test-Path 'D:\'
+        $bazelOutputUserRoot = if ($hasDDrive) { 'D:\b' } else { 'C:\b' }
+        $repoContentsCache = Join-Path $env:RUNNER_TEMP "bazel-repo-contents-cache-$env:GITHUB_RUN_ID-$env:GITHUB_JOB"
+        "BAZEL_OUTPUT_USER_ROOT=$bazelOutputUserRoot" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+        "BAZEL_REPO_CONTENTS_CACHE=$repoContentsCache" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+        if (-not $hasDDrive) {
+          $repositoryCache = Join-Path $env:USERPROFILE '.cache\bazel-repo-cache'
+          "BAZEL_REPOSITORY_CACHE=$repositoryCache" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+        }
+
+    - name: Expose MSVC SDK environment (Windows)
+      if: runner.os == 'Windows'
+      shell: pwsh
+      run: |
+        # Bazel exec-side Rust build scripts do not reliably inherit the MSVC developer
+        # shell on GitHub-hosted Windows runners, so discover the latest VS install and
+        # ask `VsDevCmd.bat` to materialize the x64/x64 compiler + SDK environment.
+        $vswhere = "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe"
+        if (-not (Test-Path $vswhere)) {
+          throw "vswhere.exe not found"
+        }
+
+        $installPath = & $vswhere -latest -products * -requires Microsoft.VisualStudio.Component.VC.Tools.x86.x64 -property installationPath 2>$null
+        if (-not $installPath) {
+          throw "Could not locate a Visual Studio installation with VC tools"
+        }
+
+        $vsDevCmd = Join-Path $installPath 'Common7\Tools\VsDevCmd.bat'
+        if (-not (Test-Path $vsDevCmd)) {
+          throw "VsDevCmd.bat not found at $vsDevCmd"
+        }
+
+        # Keep the export surface explicit: these are the paths and SDK roots that the
+        # MSVC toolchain probes need later when Bazel runs Windows exec-platform build
+        # scripts such as `aws-lc-sys`.
+        $varsToExport = @(
+          'INCLUDE',
+          'LIB',
+          'LIBPATH',
+          'PATH',
+          'UCRTVersion',
+          'UniversalCRTSdkDir',
+          'VCINSTALLDIR',
+          'VCToolsInstallDir',
+          'WindowsLibPath',
+          'WindowsSdkBinPath',
+          'WindowsSdkDir',
+          'WindowsSDKLibVersion',
+          'WindowsSDKVersion'
+        )
+
+        # `VsDevCmd.bat` is a batch file, so invoke it under `cmd.exe`, suppress its
+        # banner, then dump the resulting environment with `set`. Re-export only the
+        # approved keys into `GITHUB_ENV` so later steps inherit the same MSVC context.
+        $envLines = & cmd.exe /c ('"{0}" -no_logo -arch=x64 -host_arch=x64 >nul && set' -f $vsDevCmd)
+        foreach ($line in $envLines) {
+          if ($line -notmatch '^(.*?)=(.*)$') {
+            continue
+          }
+
+          $name = $matches[1]
+          $value = $matches[2]
+          if ($varsToExport -contains $name) {
+            "$name=$value" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+          }
+        }
+
+    - name: Enable Git long paths (Windows)
+      if: runner.os == 'Windows'
+      shell: pwsh
+      run: git config --global core.longpaths true

.github/scripts/run-argument-comment-lint-bazel.sh

@@ -0,0 +1,115 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+ci_config=ci-linux
+case "${RUNNER_OS:-}" in
+  macOS)
+    ci_config=ci-macos
+    ;;
+  Windows)
+    ci_config=ci-windows
+    ;;
+esac
+
+bazel_lint_args=("$@")
+if [[ "${RUNNER_OS:-}" == "Windows" ]]; then
+  has_host_platform_override=0
+  for arg in "${bazel_lint_args[@]}"; do
+    if [[ "$arg" == --host_platform=* ]]; then
+      has_host_platform_override=1
+      break
+    fi
+  done
+
+  if [[ $has_host_platform_override -eq 0 ]]; then
+    # The nightly Windows lint toolchain is registered with an MSVC exec
+    # platform even though the lint target platform stays on `windows-gnullvm`.
+    # Override the host platform here so the exec-side helper binaries actually
+    # match the registered toolchain set.
+    bazel_lint_args+=("--host_platform=//:local_windows_msvc")
+  fi
+
+  # Native Windows lint runs need exec-side Rust helper binaries and proc-macros
+  # to use rust-lld instead of the C++ linker path. The default `none`
+  # preference resolves to `cc` when a cc_toolchain is present, which currently
+  # routes these exec actions through clang++ with an argument shape it cannot
+  # consume.
+  bazel_lint_args+=("--@rules_rust//rust/settings:toolchain_linker_preference=rust")
+
+  # Some Rust top-level targets are still intentionally incompatible with the
+  # local Windows MSVC exec platform. Skip those explicit targets so the native
+  # lint aspect can run across the compatible crate graph instead of failing the
+  # whole build after analysis.
+  bazel_lint_args+=("--skip_incompatible_explicit_targets")
+fi
+
+bazel_startup_args=()
+if [[ -n "${BAZEL_OUTPUT_USER_ROOT:-}" ]]; then
+  bazel_startup_args+=("--output_user_root=${BAZEL_OUTPUT_USER_ROOT}")
+fi
+
+run_bazel() {
+  if [[ "${RUNNER_OS:-}" == "Windows" ]]; then
+    MSYS2_ARG_CONV_EXCL='*' bazel "$@"
+    return
+  fi
+
+  bazel "$@"
+}
+
+run_bazel_with_startup_args() {
+  if [[ ${#bazel_startup_args[@]} -gt 0 ]]; then
+    run_bazel "${bazel_startup_args[@]}" "$@"
+    return
+  fi
+
+  run_bazel "$@"
+}
+
+read_query_labels() {
+  local query="$1"
+  local query_stdout
+  local query_stderr
+  query_stdout="$(mktemp)"
+  query_stderr="$(mktemp)"
+
+  if ! run_bazel_with_startup_args \
+    --noexperimental_remote_repo_contents_cache \
+    query \
+    --keep_going \
+    --output=label \
+    "$query" >"$query_stdout" 2>"$query_stderr"; then
+    cat "$query_stderr" >&2
+    rm -f "$query_stdout" "$query_stderr"
+    exit 1
+  fi
+
+  cat "$query_stdout"
+  rm -f "$query_stdout" "$query_stderr"
+}
+
+final_build_targets=(//codex-rs/...)
+if [[ "${RUNNER_OS:-}" == "Windows" ]]; then
+  # Bazel's local Windows platform currently lacks a default test toolchain for
+  # `rust_test`, so target the concrete Rust crate rules directly. The lint
+  # aspect still walks their crate graph, which preserves incremental reuse for
+  # non-test code while avoiding non-Rust wrapper targets such as platform_data.
+  final_build_targets=()
+  while IFS= read -r label; do
+    [[ -n "$label" ]] || continue
+    final_build_targets+=("$label")
+  done < <(read_query_labels 'kind("rust_(library|binary|proc_macro) rule", //codex-rs/...)')
+
+  if [[ ${#final_build_targets[@]} -eq 0 ]]; then
+    echo "Failed to discover Windows Bazel lint targets." >&2
+    exit 1
+  fi
+fi
+
+./.github/scripts/run-bazel-ci.sh \
+  -- \
+  build \
+  "${bazel_lint_args[@]}" \
+  -- \
+  "${final_build_targets[@]}"

.github/scripts/run-bazel-ci.sh

@@ -0,0 +1,246 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+print_failed_bazel_test_logs=0
+use_node_test_env=0
+remote_download_toplevel=0
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --print-failed-test-logs)
+      print_failed_bazel_test_logs=1
+      shift
+      ;;
+    --use-node-test-env)
+      use_node_test_env=1
+      shift
+      ;;
+    --remote-download-toplevel)
+      remote_download_toplevel=1
+      shift
+      ;;
+    --)
+      shift
+      break
+      ;;
+    *)
+      echo "Unknown option: $1" >&2
+      exit 1
+      ;;
+  esac
+done
+
+if [[ $# -eq 0 ]]; then
+  echo "Usage: $0 [--print-failed-test-logs] [--use-node-test-env] [--remote-download-toplevel] -- <bazel args> -- <targets>" >&2
+  exit 1
+fi
+
+bazel_startup_args=()
+if [[ -n "${BAZEL_OUTPUT_USER_ROOT:-}" ]]; then
+  bazel_startup_args+=("--output_user_root=${BAZEL_OUTPUT_USER_ROOT}")
+fi
+
+run_bazel() {
+  if [[ "${RUNNER_OS:-}" == "Windows" ]]; then
+    MSYS2_ARG_CONV_EXCL='*' bazel "$@"
+    return
+  fi
+
+  bazel "$@"
+}
+
+ci_config=ci-linux
+case "${RUNNER_OS:-}" in
+  macOS)
+    ci_config=ci-macos
+    ;;
+  Windows)
+    ci_config=ci-windows
+    ;;
+esac
+
+print_bazel_test_log_tails() {
+  local console_log="$1"
+  local testlogs_dir
+  local -a bazel_info_cmd=(bazel)
+
+  if (( ${#bazel_startup_args[@]} > 0 )); then
+    bazel_info_cmd+=("${bazel_startup_args[@]}")
+  fi
+
+  testlogs_dir="$(run_bazel "${bazel_info_cmd[@]:1}" info bazel-testlogs 2>/dev/null || echo bazel-testlogs)"
+
+  local failed_targets=()
+  while IFS= read -r target; do
+    failed_targets+=("$target")
+  done < <(
+    grep -E '^FAIL: //' "$console_log" \
+      | sed -E 's#^FAIL: (//[^ ]+).*#\1#' \
+      | sort -u
+  )
+
+  if [[ ${#failed_targets[@]} -eq 0 ]]; then
+    echo "No failed Bazel test targets were found in console output."
+    return
+  fi
+
+  for target in "${failed_targets[@]}"; do
+    local rel_path="${target#//}"
+    rel_path="${rel_path/:/\/}"
+    local test_log="${testlogs_dir}/${rel_path}/test.log"
+
+    echo "::group::Bazel test log tail for ${target}"
+    if [[ -f "$test_log" ]]; then
+      tail -n 200 "$test_log"
+    else
+      echo "Missing test log: $test_log"
+    fi
+    echo "::endgroup::"
+  done
+}
+
+bazel_args=()
+bazel_targets=()
+found_target_separator=0
+for arg in "$@"; do
+  if [[ "$arg" == "--" && $found_target_separator -eq 0 ]]; then
+    found_target_separator=1
+    continue
+  fi
+
+  if [[ $found_target_separator -eq 0 ]]; then
+    bazel_args+=("$arg")
+  else
+    bazel_targets+=("$arg")
+  fi
+done
+
+if [[ ${#bazel_args[@]} -eq 0 || ${#bazel_targets[@]} -eq 0 ]]; then
+  echo "Expected Bazel args and targets separated by --" >&2
+  exit 1
+fi
+
+if [[ $use_node_test_env -eq 1 && "${RUNNER_OS:-}" != "Windows" ]]; then
+  # Bazel test sandboxes on macOS may resolve an older Homebrew `node`
+  # before the `actions/setup-node` runtime on PATH.
+  node_bin="$(which node)"
+  bazel_args+=("--test_env=CODEX_JS_REPL_NODE_PATH=${node_bin}")
+fi
+
+post_config_bazel_args=()
+if [[ $remote_download_toplevel -eq 1 ]]; then
+  # Override the CI config's remote_download_minimal setting when callers need
+  # the built artifact to exist on disk after the command completes.
+  post_config_bazel_args+=(--remote_download_toplevel)
+fi
+
+if [[ -n "${BAZEL_REPO_CONTENTS_CACHE:-}" ]]; then
+  # Windows self-hosted runners can run multiple Bazel jobs concurrently. Give
+  # each job its own repo contents cache so they do not fight over the shared
+  # path configured in `ci-windows`.
+  post_config_bazel_args+=("--repo_contents_cache=${BAZEL_REPO_CONTENTS_CACHE}")
+fi
+
+if [[ -n "${BAZEL_REPOSITORY_CACHE:-}" ]]; then
+  post_config_bazel_args+=("--repository_cache=${BAZEL_REPOSITORY_CACHE}")
+fi
+
+if [[ "${RUNNER_OS:-}" == "Windows" ]]; then
+  windows_action_env_vars=(
+    INCLUDE
+    LIB
+    LIBPATH
+    PATH
+    UCRTVersion
+    UniversalCRTSdkDir
+    VCINSTALLDIR
+    VCToolsInstallDir
+    WindowsLibPath
+    WindowsSdkBinPath
+    WindowsSdkDir
+    WindowsSDKLibVersion
+    WindowsSDKVersion
+  )
+
+  for env_var in "${windows_action_env_vars[@]}"; do
+    if [[ -n "${!env_var:-}" ]]; then
+      post_config_bazel_args+=("--action_env=${env_var}" "--host_action_env=${env_var}")
+    fi
+  done
+fi
+
+bazel_console_log="$(mktemp)"
+trap 'rm -f "$bazel_console_log"' EXIT
+
+bazel_cmd=(bazel)
+if (( ${#bazel_startup_args[@]} > 0 )); then
+  bazel_cmd+=("${bazel_startup_args[@]}")
+fi
+
+if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then
+  echo "BuildBuddy API key is available; using remote Bazel configuration."
+  # Work around Bazel 9 remote repo contents cache / overlay materialization failures
+  # seen in CI (for example "is not a symlink" or permission errors while
+  # materializing external repos such as rules_perl). We still use BuildBuddy for
+  # remote execution/cache; this only disables the startup-level repo contents cache.
+  bazel_run_args=(
+    "${bazel_args[@]}"
+    "--config=${ci_config}"
+    "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"
+  )
+  if (( ${#post_config_bazel_args[@]} > 0 )); then
+    bazel_run_args+=("${post_config_bazel_args[@]}")
+  fi
+  set +e
+  run_bazel "${bazel_cmd[@]:1}" \
+    --noexperimental_remote_repo_contents_cache \
+    "${bazel_run_args[@]}" \
+    -- \
+    "${bazel_targets[@]}" \
+    2>&1 | tee "$bazel_console_log"
+  bazel_status=${PIPESTATUS[0]}
+  set -e
+else
+  echo "BuildBuddy API key is not available; using local Bazel configuration."
+  # Keep fork/community PRs on Bazel but disable remote services that are
+  # configured in .bazelrc and require auth.
+  #
+  # Flag docs:
+  # - Command-line reference: https://bazel.build/reference/command-line-reference
+  # - Remote caching overview: https://bazel.build/remote/caching
+  # - Remote execution overview: https://bazel.build/remote/rbe
+  # - Build Event Protocol overview: https://bazel.build/remote/bep
+  #
+  # --noexperimental_remote_repo_contents_cache:
+  #   disable remote repo contents cache enabled in .bazelrc startup options.
+  #   https://bazel.build/reference/command-line-reference#startup_options-flag--experimental_remote_repo_contents_cache
+  # --remote_cache= and --remote_executor=:
+  #   clear remote cache/execution endpoints configured in .bazelrc.
+  #   https://bazel.build/reference/command-line-reference#common_options-flag--remote_cache
+  #   https://bazel.build/reference/command-line-reference#common_options-flag--remote_executor
+  bazel_run_args=(
+    "${bazel_args[@]}"
+    --remote_cache=
+    --remote_executor=
+  )
+  if (( ${#post_config_bazel_args[@]} > 0 )); then
+    bazel_run_args+=("${post_config_bazel_args[@]}")
+  fi
+  set +e
+  run_bazel "${bazel_cmd[@]:1}" \
+    --noexperimental_remote_repo_contents_cache \
+    "${bazel_run_args[@]}" \
+    -- \
+    "${bazel_targets[@]}" \
+    2>&1 | tee "$bazel_console_log"
+  bazel_status=${PIPESTATUS[0]}
+  set -e
+fi
+
+if [[ ${bazel_status:-0} -ne 0 ]]; then
+  if [[ $print_failed_bazel_test_logs -eq 1 ]]; then
+    print_bazel_test_log_tails "$bazel_console_log"
+  fi
+  exit "$bazel_status"
+fi

.github/workflows/README.md

@@ -0,0 +1,33 @@
+# Workflow Strategy
+
+The workflows in this directory are split so that pull requests get fast, review-friendly signal while `main` still gets the full cross-platform verification pass.
+
+## Pull Requests
+
+- `bazel.yml` is the main pre-merge verification path for Rust code.
+  It runs Bazel `test` and Bazel `clippy` on the supported Bazel targets.
+- `rust-ci.yml` keeps the Cargo-native PR checks intentionally small:
+  - `cargo fmt --check`
+  - `cargo shear`
+  - `argument-comment-lint` on Linux, macOS, and Windows
+  - `tools/argument-comment-lint` package tests when the lint or its workflow wiring changes
+
+The PR workflow still keeps the Linux lint lane on the default-targets-only invocation for now, but the released linter runs on Linux, macOS, and Windows before merge.
+
+## Post-Merge On `main`
+
+- `bazel.yml` also runs on pushes to `main`.
+  This re-verifies the merged Bazel path and helps keep the BuildBuddy caches warm.
+- `rust-ci-full.yml` is the full Cargo-native verification workflow.
+  It keeps the heavier checks off the PR path while still validating them after merge:
+  - the full Cargo `clippy` matrix
+  - the full Cargo `nextest` matrix
+  - release-profile Cargo builds
+  - cross-platform `argument-comment-lint`
+  - Linux remote-env tests
+
+## Rule Of Thumb
+
+- If a build/test/clippy check can be expressed in Bazel, prefer putting the PR-time version in `bazel.yml`.
+- Keep `rust-ci.yml` fast enough that it usually does not dominate PR latency.
+- Reserve `rust-ci-full.yml` for heavyweight Cargo-native coverage that Bazel does not replace yet.

.github/workflows/bazel.yml

@@ -1,4 +1,4 @@
-name: Bazel (experimental)
+name: Bazel
 
 # Note this workflow was originally derived from:
 # https://github.com/cerisier/toolchains_llvm_bootstrapped/blob/main/.github/workflows/ci.yaml
@@ -17,6 +17,7 @@ concurrency:
   cancel-in-progress: ${{ github.ref_name != 'main' }}
 jobs:
   test:
+    timeout-minutes: 30
     strategy:
       fail-fast: false
       matrix:
@@ -39,193 +40,116 @@ jobs:
           # - os: ubuntu-24.04-arm
           #   target: aarch64-unknown-linux-gnu
 
-          # TODO: Enable Windows once we fix the toolchain issues there.
-          #- os: windows-latest
-          #  target: x86_64-pc-windows-gnullvm
+          # Windows
+          - os: windows-latest
+            target: x86_64-pc-windows-gnullvm
     runs-on: ${{ matrix.os }}
 
     # Configure a human readable name for each job
     name: Local Bazel build on ${{ matrix.os }} for ${{ matrix.target }}
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
-      - name: Set up Node.js for js_repl tests
-        uses: actions/setup-node@v6
+      - name: Set up Bazel CI
+        id: setup_bazel
+        uses: ./.github/actions/setup-bazel-ci
         with:
-          node-version-file: codex-rs/node-version.txt
-
-      # Some integration tests rely on DotSlash being installed.
-      # See https://github.com/openai/codex/pull/7617.
-      - name: Install DotSlash
-        uses: facebook/install-dotslash@v2
-
-      - name: Make DotSlash available in PATH (Unix)
-        if: runner.os != 'Windows'
-        run: cp "$(which dotslash)" /usr/local/bin
-
-      - name: Make DotSlash available in PATH (Windows)
-        if: runner.os == 'Windows'
-        shell: pwsh
-        run: Copy-Item (Get-Command dotslash).Source -Destination "$env:LOCALAPPDATA\Microsoft\WindowsApps\dotslash.exe"
-
-      # Install Bazel via Bazelisk
-      - name: Set up Bazel
-        uses: bazelbuild/setup-bazelisk@v3
+          target: ${{ matrix.target }}
+          install-test-prereqs: "true"
 
       - name: Check MODULE.bazel.lock is up to date
         if: matrix.os == 'ubuntu-24.04' && matrix.target == 'x86_64-unknown-linux-gnu'
         shell: bash
         run: ./scripts/check-module-bazel-lock.sh
 
-      # TODO(mbolin): Bring this back once we have caching working. Currently,
-      # we never seem to get a cache hit but we still end up paying the cost of
-      # uploading at the end of the build, which takes over a minute!
-      #
-      # Cache build and external artifacts so that the next ci build is incremental.
-      # Because github action caches cannot be updated after a build, we need to
-      # store the contents of each build in a unique cache key, then fall back to loading
-      # it on the next ci run. We use hashFiles(...) in the key and restore-keys- with
-      # the prefix to load the most recent cache for the branch on a cache miss. You
-      # should customize the contents of hashFiles to capture any bazel input sources,
-      # although this doesn't need to be perfect. If none of the input sources change
-      # then a cache hit will load an existing cache and bazel won't have to do any work.
-      # In the case of a cache miss, you want the fallback cache to contain most of the
-      # previously built artifacts to minimize build time. The more precise you are with
-      # hashFiles sources the less work bazel will have to do.
-      # - name: Mount bazel caches
-      #   uses: actions/cache@v5
-      #   with:
-      #     path: |
-      #       ~/.cache/bazel-repo-cache
-      #       ~/.cache/bazel-repo-contents-cache
-      #     key: bazel-cache-${{ matrix.os }}-${{ hashFiles('**/BUILD.bazel', '**/*.bzl', 'MODULE.bazel') }}
-      #     restore-keys: |
-      #       bazel-cache-${{ matrix.os }}
-
-      - name: Configure Bazel startup args (Windows)
-        if: runner.os == 'Windows'
-        shell: pwsh
-        run: |
-          # Use a very short path to reduce argv/path length issues.
-          "BAZEL_STARTUP_ARGS=--output_user_root=C:\" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
-
       - name: bazel test //...
         env:
           BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
         shell: bash
         run: |
-          set -o pipefail
-
-          bazel_console_log="$(mktemp)"
-
-          print_failed_bazel_test_logs() {
-            local console_log="$1"
-            local testlogs_dir
-
-            testlogs_dir="$(bazel $BAZEL_STARTUP_ARGS info bazel-testlogs 2>/dev/null || echo bazel-testlogs)"
-
-            local failed_targets=()
-            while IFS= read -r target; do
-              failed_targets+=("$target")
-            done < <(
-              grep -E '^FAIL: //' "$console_log" \
-                | sed -E 's#^FAIL: (//[^ ]+).*#\1#' \
-                | sort -u
-            )
-
-            if [[ ${#failed_targets[@]} -eq 0 ]]; then
-              echo "No failed Bazel test targets were found in console output."
-              return
-            fi
-
-            for target in "${failed_targets[@]}"; do
-              local rel_path="${target#//}"
-              rel_path="${rel_path/:/\/}"
-              local test_log="${testlogs_dir}/${rel_path}/test.log"
-
-              echo "::group::Bazel test log tail for ${target}"
-              if [[ -f "$test_log" ]]; then
-                tail -n 200 "$test_log"
-              else
-                echo "Missing test log: $test_log"
-              fi
-              echo "::endgroup::"
-            done
-          }
-
-          bazel_args=(
-            test
-            --test_verbose_timeout_warnings
-            --build_metadata=REPO_URL=https://github.com/openai/codex.git
-            --build_metadata=COMMIT_SHA=$(git rev-parse HEAD)
-            --build_metadata=ROLE=CI
-            --build_metadata=VISIBILITY=PUBLIC
-          )
-
           bazel_targets=(
             //...
-            # Keep V8 out of the ordinary Bazel CI path. Only the dedicated
-            # canary and release workflows should build `third_party/v8`.
+            # Keep standalone V8 library targets out of the ordinary Bazel CI
+            # path. V8 consumers under `//codex-rs/...` still participate
+            # transitively through `//...`.
             -//third_party/v8:all
           )
 
-          if [[ "${RUNNER_OS:-}" != "Windows" ]]; then
-            # Bazel test sandboxes on macOS may resolve an older Homebrew `node`
-            # before the `actions/setup-node` runtime on PATH.
-            node_bin="$(which node)"
-            bazel_args+=("--test_env=CODEX_JS_REPL_NODE_PATH=${node_bin}")
-          fi
+          ./.github/scripts/run-bazel-ci.sh \
+            --print-failed-test-logs \
+            --use-node-test-env \
+            -- \
+            test \
+            --test_tag_filters=-argument-comment-lint \
+            --test_verbose_timeout_warnings \
+            --build_metadata=COMMIT_SHA=${GITHUB_SHA} \
+            -- \
+            "${bazel_targets[@]}"
 
-          if [[ -n "${BUILDBUDDY_API_KEY:-}" ]]; then
-            echo "BuildBuddy API key is available; using remote Bazel configuration."
-            # Work around Bazel 9 remote repo contents cache / overlay materialization failures
-            # seen in CI (for example "is not a symlink" or permission errors while
-            # materializing external repos such as rules_perl). We still use BuildBuddy for
-            # remote execution/cache; this only disables the startup-level repo contents cache.
-            set +e
-            bazel $BAZEL_STARTUP_ARGS \
-              --noexperimental_remote_repo_contents_cache \
-              --bazelrc=.github/workflows/ci.bazelrc \
-              "${bazel_args[@]}" \
-              "--remote_header=x-buildbuddy-api-key=$BUILDBUDDY_API_KEY" \
-              -- \
-              "${bazel_targets[@]}" \
-              2>&1 | tee "$bazel_console_log"
-            bazel_status=${PIPESTATUS[0]}
-            set -e
-          else
-            echo "BuildBuddy API key is not available; using local Bazel configuration."
-            # Keep fork/community PRs on Bazel but disable remote services that are
-            # configured in .bazelrc and require auth.
-            #
-            # Flag docs:
-            # - Command-line reference: https://bazel.build/reference/command-line-reference
-            # - Remote caching overview: https://bazel.build/remote/caching
-            # - Remote execution overview: https://bazel.build/remote/rbe
-            # - Build Event Protocol overview: https://bazel.build/remote/bep
-            #
-            # --noexperimental_remote_repo_contents_cache:
-            #   disable remote repo contents cache enabled in .bazelrc startup options.
-            #   https://bazel.build/reference/command-line-reference#startup_options-flag--experimental_remote_repo_contents_cache
-            # --remote_cache= and --remote_executor=:
-            #   clear remote cache/execution endpoints configured in .bazelrc.
-            #   https://bazel.build/reference/command-line-reference#common_options-flag--remote_cache
-            #   https://bazel.build/reference/command-line-reference#common_options-flag--remote_executor
-            set +e
-            bazel $BAZEL_STARTUP_ARGS \
-              --noexperimental_remote_repo_contents_cache \
-              "${bazel_args[@]}" \
-              --remote_cache= \
-              --remote_executor= \
-              -- \
-              "${bazel_targets[@]}" \
-              2>&1 | tee "$bazel_console_log"
-            bazel_status=${PIPESTATUS[0]}
-            set -e
-          fi
+      # Save bazel repository cache explicitly; make non-fatal so cache uploading
+      # never fails the overall job. Only save when key wasn't hit.
+      - name: Save bazel repository cache
+        if: always() && !cancelled() && steps.setup_bazel.outputs.cache-hit != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cache/bazel-repo-cache
+          key: bazel-cache-${{ matrix.target }}-${{ hashFiles('MODULE.bazel', 'codex-rs/Cargo.lock', 'codex-rs/Cargo.toml') }}
 
-          if [[ ${bazel_status:-0} -ne 0 ]]; then
-            print_failed_bazel_test_logs "$bazel_console_log"
-            exit "$bazel_status"
-          fi
+  clippy:
+    timeout-minutes: 30
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          # Keep Linux lint coverage on x64 and add the arm64 macOS path that
+          # the Bazel test job already exercises. Add Windows gnullvm as well
+          # so PRs get Bazel-native lint signal on the same Windows toolchain
+          # that the Bazel test job uses.
+          - os: ubuntu-24.04
+            target: x86_64-unknown-linux-gnu
+          - os: macos-15-xlarge
+            target: aarch64-apple-darwin
+          - os: windows-latest
+            target: x86_64-pc-windows-gnullvm
+    runs-on: ${{ matrix.os }}
+    name: Bazel clippy on ${{ matrix.os }} for ${{ matrix.target }}
+
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+
+      - name: Set up Bazel CI
+        id: setup_bazel
+        uses: ./.github/actions/setup-bazel-ci
+        with:
+          target: ${{ matrix.target }}
+
+      - name: bazel build --config=clippy //codex-rs/...
+        env:
+          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
+        shell: bash
+        run: |
+          # Keep the initial Bazel clippy scope on codex-rs and out of the
+          # V8 proof-of-concept target for now.
+          ./.github/scripts/run-bazel-ci.sh \
+            -- \
+            build \
+            --config=clippy \
+            --build_metadata=COMMIT_SHA=${GITHUB_SHA} \
+            --build_metadata=TAG_job=clippy \
+            -- \
+            //codex-rs/... \
+            -//codex-rs/v8-poc:all
+
+      # Save bazel repository cache explicitly; make non-fatal so cache uploading
+      # never fails the overall job. Only save when key wasn't hit.
+      - name: Save bazel repository cache
+        if: always() && !cancelled() && steps.setup_bazel.outputs.cache-hit != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cache/bazel-repo-cache
+          key: bazel-cache-${{ matrix.target }}-${{ hashFiles('MODULE.bazel', 'codex-rs/Cargo.lock', 'codex-rs/Cargo.toml') }}

.github/workflows/blob-size-policy.yml

@@ -8,7 +8,7 @@ jobs:
     name: Blob size policy
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
 

.github/workflows/cargo-deny.yml

@@ -14,13 +14,13 @@ jobs:
         working-directory: ./codex-rs
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Install Rust toolchain
-        uses: dtolnay/rust-toolchain@stable
+        uses: dtolnay/rust-toolchain@631a55b12751854ce901bb631d5902ceb48146f7 # stable
 
       - name: Run cargo-deny
-        uses: EmbarkStudios/cargo-deny-action@v2
+        uses: EmbarkStudios/cargo-deny-action@82eb9f621fbc699dd0918f3ea06864c14cc84246 # v2
         with:
           rust-version: stable
           manifest-path: ./codex-rs/Cargo.toml

.github/workflows/ci.bazelrc

@@ -1,27 +0,0 @@
-common --remote_download_minimal
-common --keep_going
-common --verbose_failures
-
-# Disable disk cache since we have remote one and aren't using persistent workers.
-common --disk_cache=
-
-# Rearrange caches on Windows so they're on the same volume as the checkout.
-common:windows --repo_contents_cache=D:/a/.cache/bazel-repo-contents-cache
-common:windows --repository_cache=D:/a/.cache/bazel-repo-cache
-
-# We prefer to run the build actions entirely remotely so we can dial up the concurrency.
-# We have platform-specific tests, so we want to execute the tests on all platforms using the strongest sandboxing available on each platform.
-
-# On linux, we can do a full remote build/test, by targeting the right (x86/arm) runners, so we have coverage of both.
-# Linux crossbuilds don't work until we untangle the libc constraint mess.
-common:linux --config=remote
-common:linux --strategy=remote
-common:linux --platforms=//:rbe
-
-# On mac, we can run all the build actions remotely but test actions locally.
-common:macos --config=remote
-common:macos --strategy=remote
-common:macos --strategy=TestRunner=darwin-sandbox,local
-
-# On windows we cannot cross-build the tests but run them locally due to what appears to be a Bazel bug
-# (windows vs unix path confusion)

.github/workflows/ci.yml

@@ -12,15 +12,15 @@ jobs:
       NODE_OPTIONS: --max-old-space-size=4096
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Setup pnpm
-        uses: pnpm/action-setup@v5
+        uses: pnpm/action-setup@a8198c4bff370c8506180b035930dea56dbd5288 # v5
         with:
           run_install: false
 
       - name: Setup Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
         with:
           node-version: 22
 
@@ -28,7 +28,7 @@ jobs:
         run: pnpm install --frozen-lockfile
 
       # stage_npm_packages.py requires DotSlash when staging releases.
-      - uses: facebook/install-dotslash@v2
+      - uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2
 
       - name: Stage npm package
         id: stage_npm_package
@@ -47,7 +47,7 @@ jobs:
           echo "pack_output=$PACK_OUTPUT" >> "$GITHUB_OUTPUT"
 
       - name: Upload staged npm package artifact
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: codex-npm-staging
           path: ${{ steps.stage_npm_package.outputs.pack_output }}

.github/workflows/cla.yml

@@ -18,7 +18,7 @@ jobs:
     if: ${{ github.repository_owner == 'openai' }}
     runs-on: ubuntu-latest
     steps:
-      - uses: contributor-assistant/github-action@v2.6.1
+      - uses: contributor-assistant/github-action@ca4a40a7d1004f18d9960b404b97e5f30a505a08 # v2.6.1
         # Run on close only if the PR was merged. This will lock the PR to preserve
         # the CLA agreement. We don't want to lock PRs that have been closed without
         # merging because the contributor may want to respond with additional comments.

.github/workflows/close-stale-contributor-prs.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Close inactive PRs from contributors
-        uses: actions/github-script@v8
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |

.github/workflows/codespell.yml

@@ -18,7 +18,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       - name: Annotate locations with typos
         uses: codespell-project/codespell-problem-matcher@b80729f885d32f78a716c2f107b4db1025001c42 # v1
       - name: Codespell

.github/workflows/issue-deduplicator.yml

@@ -19,7 +19,7 @@ jobs:
       reason: ${{ steps.normalize-all.outputs.reason }}
       has_matches: ${{ steps.normalize-all.outputs.has_matches }}
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Prepare Codex inputs
         env:
@@ -61,7 +61,7 @@ jobs:
       # .github/prompts/issue-deduplicator.txt file is obsolete and removed.
       - id: codex-all
         name: Find duplicates (pass 1, all issues)
-        uses: openai/codex-action@main
+        uses: openai/codex-action@0b91f4a2703c23df3102c3f0967d3c6db34eedef # v1
         with:
           openai-api-key: ${{ secrets.CODEX_OPENAI_API_KEY }}
           allow-users: "*"
@@ -155,7 +155,7 @@ jobs:
       reason: ${{ steps.normalize-open.outputs.reason }}
       has_matches: ${{ steps.normalize-open.outputs.has_matches }}
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Prepare Codex inputs
         env:
@@ -195,7 +195,7 @@ jobs:
 
       - id: codex-open
         name: Find duplicates (pass 2, open issues)
-        uses: openai/codex-action@main
+        uses: openai/codex-action@0b91f4a2703c23df3102c3f0967d3c6db34eedef # v1
         with:
           openai-api-key: ${{ secrets.CODEX_OPENAI_API_KEY }}
           allow-users: "*"
@@ -342,7 +342,7 @@ jobs:
       issues: write
     steps:
       - name: Comment on issue
-        uses: actions/github-script@v8
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         env:
           CODEX_OUTPUT: ${{ needs.select-final.outputs.codex_output }}
         with:

.github/workflows/issue-labeler.yml

@@ -17,10 +17,10 @@ jobs:
     outputs:
       codex_output: ${{ steps.codex.outputs.final-message }}
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - id: codex
-        uses: openai/codex-action@main
+        uses: openai/codex-action@0b91f4a2703c23df3102c3f0967d3c6db34eedef # v1
         with:
           openai-api-key: ${{ secrets.CODEX_OPENAI_API_KEY }}
           allow-users: "*"

.github/workflows/rust-ci-full.yml

@@ -0,0 +1,775 @@
+name: rust-ci-full
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+# CI builds in debug (dev) for faster signal.
+
+jobs:
+  # --- CI that doesn't need specific targets ---------------------------------
+  general:
+    name: Format / etc
+    runs-on: ubuntu-24.04
+    defaults:
+      run:
+        working-directory: codex-rs
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
+        with:
+          components: rustfmt
+      - name: cargo fmt
+        run: cargo fmt -- --config imports_granularity=Item --check
+
+  cargo_shear:
+    name: cargo shear
+    runs-on: ubuntu-24.04
+    defaults:
+      run:
+        working-directory: codex-rs
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        with:
+          tool: cargo-shear
+          version: 1.5.1
+      - name: cargo shear
+        run: cargo shear
+
+  argument_comment_lint_package:
+    name: Argument comment lint package
+    runs-on: ubuntu-24.04
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
+        with:
+          toolchain: nightly-2025-09-18
+          components: llvm-tools-preview, rustc-dev, rust-src
+      - name: Cache cargo-dylint tooling
+        id: cargo_dylint_cache
+        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cargo/bin/cargo-dylint
+            ~/.cargo/bin/dylint-link
+            ~/.cargo/registry/index
+            ~/.cargo/registry/cache
+            ~/.cargo/git/db
+          key: argument-comment-lint-${{ runner.os }}-${{ hashFiles('tools/argument-comment-lint/Cargo.lock', 'tools/argument-comment-lint/rust-toolchain', '.github/workflows/rust-ci.yml', '.github/workflows/rust-ci-full.yml') }}
+      - name: Install cargo-dylint tooling
+        if: ${{ steps.cargo_dylint_cache.outputs.cache-hit != 'true' }}
+        run: cargo install --locked cargo-dylint dylint-link
+      - name: Check Python wrapper syntax
+        run: python3 -m py_compile tools/argument-comment-lint/wrapper_common.py tools/argument-comment-lint/run.py tools/argument-comment-lint/run-prebuilt-linter.py tools/argument-comment-lint/test_wrapper_common.py
+      - name: Test Python wrapper helpers
+        run: python3 -m unittest discover -s tools/argument-comment-lint -p 'test_*.py'
+      - name: Test argument comment lint package
+        working-directory: tools/argument-comment-lint
+        run: cargo test
+
+  argument_comment_lint_prebuilt:
+    name: Argument comment lint - ${{ matrix.name }}
+    runs-on: ${{ matrix.runs_on || matrix.runner }}
+    timeout-minutes: 30
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - name: Linux
+            runner: ubuntu-24.04
+          - name: macOS
+            runner: macos-15-xlarge
+          - name: Windows
+            runner: windows-x64
+            runs_on:
+              group: codex-runners
+              labels: codex-windows-x64
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: ./.github/actions/setup-bazel-ci
+        with:
+          target: ${{ runner.os }}
+          install-test-prereqs: true
+      - name: Install Linux sandbox build dependencies
+        if: ${{ runner.os == 'Linux' }}
+        shell: bash
+        run: |
+          sudo DEBIAN_FRONTEND=noninteractive apt-get update
+          sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev
+      - name: Run argument comment lint on codex-rs via Bazel
+        if: ${{ runner.os != 'Windows' }}
+        env:
+          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
+        shell: bash
+        run: |
+          bazel_targets="$(./tools/argument-comment-lint/list-bazel-targets.sh)"
+          ./.github/scripts/run-bazel-ci.sh \
+            -- \
+            build \
+            --config=argument-comment-lint \
+            --keep_going \
+            --build_metadata=COMMIT_SHA=${GITHUB_SHA} \
+            -- \
+            ${bazel_targets}
+      - name: Run argument comment lint on codex-rs via Bazel
+        if: ${{ runner.os == 'Windows' }}
+        env:
+          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
+        shell: bash
+        run: |
+          ./.github/scripts/run-argument-comment-lint-bazel.sh \
+            --config=argument-comment-lint \
+            --platforms=//:local_windows \
+            --keep_going \
+            --build_metadata=COMMIT_SHA=${GITHUB_SHA}
+
+  # --- CI to validate on different os/targets --------------------------------
+  lint_build:
+    name: Lint/Build — ${{ matrix.runner }} - ${{ matrix.target }}${{ matrix.profile == 'release' && ' (release)' || '' }}
+    runs-on: ${{ matrix.runs_on || matrix.runner }}
+    timeout-minutes: 30
+    defaults:
+      run:
+        working-directory: codex-rs
+    env:
+      # Speed up repeated builds across CI runs by caching compiled objects, except on
+      # arm64 macOS runners cross-targeting x86_64 where ring/cc-rs can produce
+      # mixed-architecture archives under sccache.
+      USE_SCCACHE: ${{ (startsWith(matrix.runner, 'windows') || (matrix.runner == 'macos-15-xlarge' && matrix.target == 'x86_64-apple-darwin')) && 'false' || 'true' }}
+      CARGO_INCREMENTAL: "0"
+      SCCACHE_CACHE_SIZE: 10G
+      # In rust-ci, representative release-profile checks use thin LTO for faster feedback.
+      CARGO_PROFILE_RELEASE_LTO: ${{ matrix.profile == 'release' && 'thin' || 'fat' }}
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - runner: macos-15-xlarge
+            target: aarch64-apple-darwin
+            profile: dev
+          - runner: macos-15-xlarge
+            target: x86_64-apple-darwin
+            profile: dev
+          - runner: ubuntu-24.04
+            target: x86_64-unknown-linux-musl
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-x64
+          - runner: ubuntu-24.04
+            target: x86_64-unknown-linux-gnu
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-x64
+          - runner: ubuntu-24.04-arm
+            target: aarch64-unknown-linux-musl
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-arm64
+          - runner: ubuntu-24.04-arm
+            target: aarch64-unknown-linux-gnu
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-arm64
+          - runner: windows-x64
+            target: x86_64-pc-windows-msvc
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-windows-x64
+          - runner: windows-arm64
+            target: aarch64-pc-windows-msvc
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-windows-arm64
+
+          # Also run representative release builds on Mac and Linux because
+          # there could be release-only build errors we want to catch.
+          # Hopefully this also pre-populates the build cache to speed up
+          # releases.
+          - runner: macos-15-xlarge
+            target: aarch64-apple-darwin
+            profile: release
+          - runner: ubuntu-24.04
+            target: x86_64-unknown-linux-musl
+            profile: release
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-x64
+          - runner: ubuntu-24.04-arm
+            target: aarch64-unknown-linux-musl
+            profile: release
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-arm64
+          - runner: windows-x64
+            target: x86_64-pc-windows-msvc
+            profile: release
+            runs_on:
+              group: codex-runners
+              labels: codex-windows-x64
+          - runner: windows-arm64
+            target: aarch64-pc-windows-msvc
+            profile: release
+            runs_on:
+              group: codex-runners
+              labels: codex-windows-arm64
+
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - name: Install Linux build dependencies
+        if: ${{ runner.os == 'Linux' }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          if command -v apt-get >/dev/null 2>&1; then
+            sudo apt-get update -y
+            packages=(pkg-config libcap-dev)
+            if [[ "${{ matrix.target }}" == 'x86_64-unknown-linux-musl' || "${{ matrix.target }}" == 'aarch64-unknown-linux-musl' ]]; then
+              packages+=(libubsan1)
+            fi
+            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends "${packages[@]}"
+          fi
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
+        with:
+          targets: ${{ matrix.target }}
+          components: clippy
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Use hermetic Cargo home (musl)
+        shell: bash
+        run: |
+          set -euo pipefail
+          cargo_home="${GITHUB_WORKSPACE}/.cargo-home"
+          mkdir -p "${cargo_home}/bin"
+          echo "CARGO_HOME=${cargo_home}" >> "$GITHUB_ENV"
+          echo "${cargo_home}/bin" >> "$GITHUB_PATH"
+          : > "${cargo_home}/config.toml"
+
+      - name: Compute lockfile hash
+        id: lockhash
+        working-directory: codex-rs
+        shell: bash
+        run: |
+          set -euo pipefail
+          echo "hash=$(sha256sum Cargo.lock | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
+          echo "toolchain_hash=$(sha256sum rust-toolchain.toml | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
+
+      # Explicit cache restore: split cargo home vs target, so we can
+      # avoid caching the large target dir on the gnu-dev job.
+      - name: Restore cargo home cache
+        id: cache_cargo_home_restore
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cargo/bin/
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cargo/git/db/
+            ${{ github.workspace }}/.cargo-home/bin/
+            ${{ github.workspace }}/.cargo-home/registry/index/
+            ${{ github.workspace }}/.cargo-home/registry/cache/
+            ${{ github.workspace }}/.cargo-home/git/db/
+          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
+          restore-keys: |
+            cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
+
+      # Install and restore sccache cache
+      - name: Install sccache
+        if: ${{ env.USE_SCCACHE == 'true' }}
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        with:
+          tool: sccache
+          version: 0.7.5
+
+      - name: Configure sccache backend
+        if: ${{ env.USE_SCCACHE == 'true' }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          if [[ -n "${ACTIONS_CACHE_URL:-}" && -n "${ACTIONS_RUNTIME_TOKEN:-}" ]]; then
+            echo "SCCACHE_GHA_ENABLED=true" >> "$GITHUB_ENV"
+            echo "Using sccache GitHub backend"
+          else
+            echo "SCCACHE_GHA_ENABLED=false" >> "$GITHUB_ENV"
+            echo "SCCACHE_DIR=${{ github.workspace }}/.sccache" >> "$GITHUB_ENV"
+            echo "Using sccache local disk + actions/cache fallback"
+          fi
+
+      - name: Enable sccache wrapper
+        if: ${{ env.USE_SCCACHE == 'true' }}
+        shell: bash
+        run: echo "RUSTC_WRAPPER=sccache" >> "$GITHUB_ENV"
+
+      - name: Restore sccache cache (fallback)
+        if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
+        id: cache_sccache_restore
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: ${{ github.workspace }}/.sccache/
+          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
+          restore-keys: |
+            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-
+            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Disable sccache wrapper (musl)
+        shell: bash
+        run: |
+          set -euo pipefail
+          echo "RUSTC_WRAPPER=" >> "$GITHUB_ENV"
+          echo "RUSTC_WORKSPACE_WRAPPER=" >> "$GITHUB_ENV"
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Prepare APT cache directories (musl)
+        shell: bash
+        run: |
+          set -euo pipefail
+          sudo mkdir -p /var/cache/apt/archives /var/lib/apt/lists
+          sudo chown -R "$USER:$USER" /var/cache/apt /var/lib/apt/lists
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Restore APT cache (musl)
+        id: cache_apt_restore
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            /var/cache/apt
+          key: apt-${{ matrix.runner }}-${{ matrix.target }}-v1
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Install Zig
+        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2
+        with:
+          version: 0.14.0
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Install musl build tools
+        env:
+          DEBIAN_FRONTEND: noninteractive
+          TARGET: ${{ matrix.target }}
+          APT_UPDATE_ARGS: -o Acquire::Retries=3
+          APT_INSTALL_ARGS: --no-install-recommends
+        shell: bash
+        run: bash "${GITHUB_WORKSPACE}/.github/scripts/install-musl-build-tools.sh"
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Configure rustc UBSan wrapper (musl host)
+        shell: bash
+        run: |
+          set -euo pipefail
+          ubsan=""
+          if command -v ldconfig >/dev/null 2>&1; then
+            ubsan="$(ldconfig -p | grep -m1 'libubsan\.so\.1' | sed -E 's/.*=> (.*)$/\1/')"
+          fi
+          wrapper_root="${RUNNER_TEMP:-/tmp}"
+          wrapper="${wrapper_root}/rustc-ubsan-wrapper"
+          cat > "${wrapper}" <<EOF
+          #!/usr/bin/env bash
+          set -euo pipefail
+          if [[ -n "${ubsan}" ]]; then
+            export LD_PRELOAD="${ubsan}\${LD_PRELOAD:+:\${LD_PRELOAD}}"
+          fi
+          exec "\$1" "\${@:2}"
+          EOF
+          chmod +x "${wrapper}"
+          echo "RUSTC_WRAPPER=${wrapper}" >> "$GITHUB_ENV"
+          echo "RUSTC_WORKSPACE_WRAPPER=" >> "$GITHUB_ENV"
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Clear sanitizer flags (musl)
+        shell: bash
+        run: |
+          set -euo pipefail
+          # Clear global Rust flags so host/proc-macro builds don't pull in UBSan.
+          echo "RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_ENCODED_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "RUSTDOCFLAGS=" >> "$GITHUB_ENV"
+          # Override any runner-level Cargo config rustflags as well.
+          echo "CARGO_BUILD_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV"
+          echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV"
+
+          sanitize_flags() {
+            local input="$1"
+            input="${input//-fsanitize=undefined/}"
+            input="${input//-fno-sanitize-recover=undefined/}"
+            input="${input//-fno-sanitize-trap=undefined/}"
+            echo "$input"
+          }
+
+          cflags="$(sanitize_flags "${CFLAGS-}")"
+          cxxflags="$(sanitize_flags "${CXXFLAGS-}")"
+          echo "CFLAGS=${cflags}" >> "$GITHUB_ENV"
+          echo "CXXFLAGS=${cxxflags}" >> "$GITHUB_ENV"
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl' }}
+        name: Configure musl rusty_v8 artifact overrides
+        env:
+          TARGET: ${{ matrix.target }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          version="$(python3 "${GITHUB_WORKSPACE}/.github/scripts/rusty_v8_bazel.py" resolved-v8-crate-version)"
+          release_tag="rusty-v8-v${version}"
+          base_url="https://github.com/openai/codex/releases/download/${release_tag}"
+          archive="https://github.com/openai/codex/releases/download/rusty-v8-v${version}/librusty_v8_release_${TARGET}.a.gz"
+          binding_dir="${RUNNER_TEMP}/rusty_v8"
+          binding_path="${binding_dir}/src_binding_release_${TARGET}.rs"
+          mkdir -p "${binding_dir}"
+          curl -fsSL "${base_url}/src_binding_release_${TARGET}.rs" -o "${binding_path}"
+          echo "RUSTY_V8_ARCHIVE=${archive}" >> "$GITHUB_ENV"
+          echo "RUSTY_V8_SRC_BINDING_PATH=${binding_path}" >> "$GITHUB_ENV"
+
+      - name: Install cargo-chef
+        if: ${{ matrix.profile == 'release' }}
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        with:
+          tool: cargo-chef
+          version: 0.1.71
+
+      - name: Pre-warm dependency cache (cargo-chef)
+        if: ${{ matrix.profile == 'release' }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          RECIPE="${RUNNER_TEMP}/chef-recipe.json"
+          cargo chef prepare --recipe-path "$RECIPE"
+          cargo chef cook --recipe-path "$RECIPE" --target ${{ matrix.target }} --release --all-features
+
+      - name: cargo clippy
+        run: cargo clippy --target ${{ matrix.target }} --all-features --tests --profile ${{ matrix.profile }} --timings -- -D warnings
+
+      - name: Upload Cargo timings (clippy)
+        if: always()
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        with:
+          name: cargo-timings-rust-ci-clippy-${{ matrix.target }}-${{ matrix.profile }}
+          path: codex-rs/target/**/cargo-timings/cargo-timing.html
+          if-no-files-found: warn
+
+      # Save caches explicitly; make non-fatal so cache packaging
+      # never fails the overall job. Only save when key wasn't hit.
+      - name: Save cargo home cache
+        if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cargo/bin/
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cargo/git/db/
+            ${{ github.workspace }}/.cargo-home/bin/
+            ${{ github.workspace }}/.cargo-home/registry/index/
+            ${{ github.workspace }}/.cargo-home/registry/cache/
+            ${{ github.workspace }}/.cargo-home/git/db/
+          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
+
+      - name: Save sccache cache (fallback)
+        if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: ${{ github.workspace }}/.sccache/
+          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
+
+      - name: sccache stats
+        if: always() && env.USE_SCCACHE == 'true'
+        continue-on-error: true
+        run: sccache --show-stats || true
+
+      - name: sccache summary
+        if: always() && env.USE_SCCACHE == 'true'
+        shell: bash
+        run: |
+          {
+            echo "### sccache stats — ${{ matrix.target }} (${{ matrix.profile }})";
+            echo;
+            echo '```';
+            sccache --show-stats || true;
+            echo '```';
+          } >> "$GITHUB_STEP_SUMMARY"
+
+      - name: Save APT cache (musl)
+        if: always() && !cancelled() && (matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl') && steps.cache_apt_restore.outputs.cache-hit != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            /var/cache/apt
+          key: apt-${{ matrix.runner }}-${{ matrix.target }}-v1
+
+  tests:
+    name: Tests — ${{ matrix.runner }} - ${{ matrix.target }}${{ matrix.remote_env == 'true' && ' (remote)' || '' }}
+    runs-on: ${{ matrix.runs_on || matrix.runner }}
+    # Perhaps we can bring this back down to 30m once we finish the cutover
+    # from tui_app_server/ to tui/. Incidentally, windows-arm64 was the main
+    # offender for exceeding the timeout.
+    timeout-minutes: 45
+    defaults:
+      run:
+        working-directory: codex-rs
+    env:
+      # Speed up repeated builds across CI runs by caching compiled objects, except on
+      # arm64 macOS runners cross-targeting x86_64 where ring/cc-rs can produce
+      # mixed-architecture archives under sccache.
+      USE_SCCACHE: ${{ (startsWith(matrix.runner, 'windows') || (matrix.runner == 'macos-15-xlarge' && matrix.target == 'x86_64-apple-darwin')) && 'false' || 'true' }}
+      CARGO_INCREMENTAL: "0"
+      SCCACHE_CACHE_SIZE: 10G
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - runner: macos-15-xlarge
+            target: aarch64-apple-darwin
+            profile: dev
+          - runner: ubuntu-24.04
+            target: x86_64-unknown-linux-gnu
+            profile: dev
+            remote_env: "true"
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-x64
+          - runner: ubuntu-24.04-arm
+            target: aarch64-unknown-linux-gnu
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-linux-arm64
+          - runner: windows-x64
+            target: x86_64-pc-windows-msvc
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-windows-x64
+          - runner: windows-arm64
+            target: aarch64-pc-windows-msvc
+            profile: dev
+            runs_on:
+              group: codex-runners
+              labels: codex-windows-arm64
+
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - name: Set up Node.js for js_repl tests
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
+        with:
+          node-version-file: codex-rs/node-version.txt
+      - name: Install Linux build dependencies
+        if: ${{ runner.os == 'Linux' }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          if command -v apt-get >/dev/null 2>&1; then
+            sudo apt-get update -y
+            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev
+          fi
+
+      # Some integration tests rely on DotSlash being installed.
+      # See https://github.com/openai/codex/pull/7617.
+      - name: Install DotSlash
+        uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2
+
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
+        with:
+          targets: ${{ matrix.target }}
+
+      - name: Compute lockfile hash
+        id: lockhash
+        working-directory: codex-rs
+        shell: bash
+        run: |
+          set -euo pipefail
+          echo "hash=$(sha256sum Cargo.lock | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
+          echo "toolchain_hash=$(sha256sum rust-toolchain.toml | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
+
+      - name: Restore cargo home cache
+        id: cache_cargo_home_restore
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cargo/bin/
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cargo/git/db/
+          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
+          restore-keys: |
+            cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
+
+      - name: Install sccache
+        if: ${{ env.USE_SCCACHE == 'true' }}
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        with:
+          tool: sccache
+          version: 0.7.5
+
+      - name: Configure sccache backend
+        if: ${{ env.USE_SCCACHE == 'true' }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          if [[ -n "${ACTIONS_CACHE_URL:-}" && -n "${ACTIONS_RUNTIME_TOKEN:-}" ]]; then
+            echo "SCCACHE_GHA_ENABLED=true" >> "$GITHUB_ENV"
+            echo "Using sccache GitHub backend"
+          else
+            echo "SCCACHE_GHA_ENABLED=false" >> "$GITHUB_ENV"
+            echo "SCCACHE_DIR=${{ github.workspace }}/.sccache" >> "$GITHUB_ENV"
+            echo "Using sccache local disk + actions/cache fallback"
+          fi
+
+      - name: Enable sccache wrapper
+        if: ${{ env.USE_SCCACHE == 'true' }}
+        shell: bash
+        run: echo "RUSTC_WRAPPER=sccache" >> "$GITHUB_ENV"
+
+      - name: Restore sccache cache (fallback)
+        if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
+        id: cache_sccache_restore
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: ${{ github.workspace }}/.sccache/
+          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
+          restore-keys: |
+            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-
+            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
+
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        with:
+          tool: nextest
+          version: 0.9.103
+
+      - name: Enable unprivileged user namespaces (Linux)
+        if: runner.os == 'Linux'
+        run: |
+          # Required for bubblewrap to work on Linux CI runners.
+          sudo sysctl -w kernel.unprivileged_userns_clone=1
+          # Ubuntu 24.04+ can additionally gate unprivileged user namespaces
+          # behind AppArmor.
+          if sudo sysctl -a 2>/dev/null | grep -q '^kernel.apparmor_restrict_unprivileged_userns'; then
+            sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
+          fi
+
+      - name: Set up remote test env (Docker)
+        if: ${{ runner.os == 'Linux' && matrix.remote_env == 'true' }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          export CODEX_TEST_REMOTE_ENV_CONTAINER_NAME=codex-remote-test-env
+          source "${GITHUB_WORKSPACE}/scripts/test-remote-env.sh"
+          echo "CODEX_TEST_REMOTE_ENV=${CODEX_TEST_REMOTE_ENV}" >> "$GITHUB_ENV"
+
+      - name: tests
+        id: test
+        run: cargo nextest run --all-features --no-fail-fast --target ${{ matrix.target }} --cargo-profile ci-test --timings
+        env:
+          RUST_BACKTRACE: 1
+          NEXTEST_STATUS_LEVEL: leak
+
+      - name: Upload Cargo timings (nextest)
+        if: always()
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        with:
+          name: cargo-timings-rust-ci-nextest-${{ matrix.target }}-${{ matrix.profile }}
+          path: codex-rs/target/**/cargo-timings/cargo-timing.html
+          if-no-files-found: warn
+
+      - name: Save cargo home cache
+        if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cargo/bin/
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cargo/git/db/
+          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
+
+      - name: Save sccache cache (fallback)
+        if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: ${{ github.workspace }}/.sccache/
+          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
+
+      - name: sccache stats
+        if: always() && env.USE_SCCACHE == 'true'
+        continue-on-error: true
+        run: sccache --show-stats || true
+
+      - name: sccache summary
+        if: always() && env.USE_SCCACHE == 'true'
+        shell: bash
+        run: |
+          {
+            echo "### sccache stats — ${{ matrix.target }} (tests)";
+            echo;
+            echo '```';
+            sccache --show-stats || true;
+            echo '```';
+          } >> "$GITHUB_STEP_SUMMARY"
+
+      - name: Tear down remote test env
+        if: ${{ always() && runner.os == 'Linux' && matrix.remote_env == 'true' }}
+        shell: bash
+        run: |
+          set +e
+          if [[ "${{ steps.test.outcome }}" != "success" ]]; then
+            docker logs codex-remote-test-env || true
+          fi
+          docker rm -f codex-remote-test-env >/dev/null 2>&1 || true
+
+      - name: verify tests passed
+        if: steps.test.outcome == 'failure'
+        run: |
+          echo "Tests failed. See logs for details."
+          exit 1
+
+  # --- Gatherer job for the full post-merge workflow --------------------------
+  results:
+    name: Full CI results
+    needs:
+      [
+        general,
+        cargo_shear,
+        argument_comment_lint_package,
+        argument_comment_lint_prebuilt,
+        lint_build,
+        tests,
+      ]
+    if: always()
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Summarize
+        shell: bash
+        run: |
+          echo "argpkg : ${{ needs.argument_comment_lint_package.result }}"
+          echo "arglint: ${{ needs.argument_comment_lint_prebuilt.result }}"
+          echo "general: ${{ needs.general.result }}"
+          echo "shear  : ${{ needs.cargo_shear.result }}"
+          echo "lint   : ${{ needs.lint_build.result }}"
+          echo "tests  : ${{ needs.tests.result }}"
+          [[ '${{ needs.argument_comment_lint_package.result }}' == 'success' ]] || { echo 'argument_comment_lint_package failed'; exit 1; }
+          [[ '${{ needs.argument_comment_lint_prebuilt.result }}' == 'success' ]] || { echo 'argument_comment_lint_prebuilt failed'; exit 1; }
+          [[ '${{ needs.general.result }}' == 'success' ]] || { echo 'general failed'; exit 1; }
+          [[ '${{ needs.cargo_shear.result }}' == 'success' ]] || { echo 'cargo_shear failed'; exit 1; }
+          [[ '${{ needs.lint_build.result }}' == 'success' ]] || { echo 'lint_build failed'; exit 1; }
+          [[ '${{ needs.tests.result }}' == 'success' ]] || { echo 'tests failed'; exit 1; }
+
+      - name: sccache summary note
+        if: always()
+        run: |
+          echo "Per-job sccache stats are attached to each matrix job's Step Summary."

.github/workflows/rust-ci.yml

@@ -1,15 +1,10 @@
 name: rust-ci
 on:
   pull_request: {}
-  push:
-    branches:
-      - main
   workflow_dispatch:
 
-# CI builds in debug (dev) for faster signal.
-
 jobs:
-  # --- Detect what changed to detect which tests to run (always runs) -------------------------------------
+  # --- Detect what changed so the fast PR workflow only runs relevant jobs ----
   changed:
     name: Detect changed areas
     runs-on: ubuntu-24.04
@@ -19,7 +14,7 @@ jobs:
       codex: ${{ steps.detect.outputs.codex }}
       workflows: ${{ steps.detect.outputs.workflows }}
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
       - name: Detect changed paths (no external action)
@@ -33,11 +28,10 @@ jobs:
             HEAD_SHA='${{ github.event.pull_request.head.sha }}'
             echo "Base SHA: $BASE_SHA"
             echo "Head SHA: $HEAD_SHA"
-            # List files changed between base and PR head
             mapfile -t files < <(git diff --name-only --no-renames "$BASE_SHA" "$HEAD_SHA")
           else
-            # On push / manual runs, default to running everything
-            files=("codex-rs/force" ".github/force")
+            # On manual runs, default to the full fast-PR bundle.
+            files=("codex-rs/force" "tools/argument-comment-lint/force" ".github/force")
           fi
 
           codex=false
@@ -47,7 +41,7 @@ jobs:
           for f in "${files[@]}"; do
             [[ $f == codex-rs/* ]] && codex=true
             [[ $f == codex-rs/* || $f == tools/argument-comment-lint/* || $f == justfile ]] && argument_comment_lint=true
-            [[ $f == tools/argument-comment-lint/* || $f == .github/workflows/rust-ci.yml ]] && argument_comment_lint_package=true
+            [[ $f == tools/argument-comment-lint/* || $f == .github/workflows/rust-ci.yml || $f == .github/workflows/rust-ci-full.yml ]] && argument_comment_lint_package=true
             [[ $f == .github/* ]] && workflows=true
           done
 
@@ -56,18 +50,18 @@ jobs:
           echo "codex=$codex" >> "$GITHUB_OUTPUT"
           echo "workflows=$workflows" >> "$GITHUB_OUTPUT"
 
-  # --- CI that doesn't need specific targets ---------------------------------
+  # --- Fast Cargo-native PR checks -------------------------------------------
   general:
     name: Format / etc
     runs-on: ubuntu-24.04
     needs: changed
-    if: ${{ needs.changed.outputs.codex == 'true' || needs.changed.outputs.workflows == 'true' || github.event_name == 'push' }}
+    if: ${{ needs.changed.outputs.codex == 'true' || needs.changed.outputs.workflows == 'true' }}
     defaults:
       run:
         working-directory: codex-rs
     steps:
-      - uses: actions/checkout@v6
-      - uses: dtolnay/rust-toolchain@1.93.0
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
         with:
           components: rustfmt
       - name: cargo fmt
@@ -77,13 +71,13 @@ jobs:
     name: cargo shear
     runs-on: ubuntu-24.04
     needs: changed
-    if: ${{ needs.changed.outputs.codex == 'true' || needs.changed.outputs.workflows == 'true' || github.event_name == 'push' }}
+    if: ${{ needs.changed.outputs.codex == 'true' || needs.changed.outputs.workflows == 'true' }}
     defaults:
       run:
         working-directory: codex-rs
     steps:
-      - uses: actions/checkout@v6
-      - uses: dtolnay/rust-toolchain@1.93.0
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
       - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
         with:
           tool: cargo-shear
@@ -95,16 +89,23 @@ jobs:
     name: Argument comment lint package
     runs-on: ubuntu-24.04
     needs: changed
-    if: ${{ needs.changed.outputs.argument_comment_lint_package == 'true' || github.event_name == 'push' }}
+    if: ${{ needs.changed.outputs.argument_comment_lint_package == 'true' }}
     steps:
-      - uses: actions/checkout@v6
-      - uses: dtolnay/rust-toolchain@1.93.0
-        with:
-          toolchain: nightly-2025-09-18
-          components: llvm-tools-preview, rustc-dev, rust-src
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
+      - name: Install nightly argument-comment-lint toolchain
+        shell: bash
+        run: |
+          rustup toolchain install nightly-2025-09-18 \
+            --profile minimal \
+            --component llvm-tools-preview \
+            --component rustc-dev \
+            --component rust-src \
+            --no-self-update
+          rustup default nightly-2025-09-18
       - name: Cache cargo-dylint tooling
         id: cargo_dylint_cache
-        uses: actions/cache@v5
+        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
         with:
           path: |
             ~/.cargo/bin/cargo-dylint
@@ -112,12 +113,14 @@ jobs:
             ~/.cargo/registry/index
             ~/.cargo/registry/cache
             ~/.cargo/git/db
-          key: argument-comment-lint-${{ runner.os }}-${{ hashFiles('tools/argument-comment-lint/Cargo.lock', 'tools/argument-comment-lint/rust-toolchain', '.github/workflows/rust-ci.yml') }}
+          key: argument-comment-lint-${{ runner.os }}-${{ hashFiles('tools/argument-comment-lint/Cargo.lock', 'tools/argument-comment-lint/rust-toolchain', '.github/workflows/rust-ci.yml', '.github/workflows/rust-ci-full.yml') }}
       - name: Install cargo-dylint tooling
         if: ${{ steps.cargo_dylint_cache.outputs.cache-hit != 'true' }}
         run: cargo install --locked cargo-dylint dylint-link
-      - name: Check source wrapper syntax
-        run: bash -n tools/argument-comment-lint/run.sh
+      - name: Check Python wrapper syntax
+        run: python3 -m py_compile tools/argument-comment-lint/wrapper_common.py tools/argument-comment-lint/run.py tools/argument-comment-lint/run-prebuilt-linter.py tools/argument-comment-lint/test_wrapper_common.py
+      - name: Test Python wrapper helpers
+        run: python3 -m unittest discover -s tools/argument-comment-lint -p 'test_*.py'
       - name: Test argument comment lint package
         working-directory: tools/argument-comment-lint
         run: cargo test
@@ -125,651 +128,63 @@ jobs:
   argument_comment_lint_prebuilt:
     name: Argument comment lint - ${{ matrix.name }}
     runs-on: ${{ matrix.runs_on || matrix.runner }}
+    timeout-minutes: ${{ matrix.timeout_minutes }}
     needs: changed
-    if: ${{ needs.changed.outputs.argument_comment_lint == 'true' || needs.changed.outputs.workflows == 'true' || github.event_name == 'push' }}
+    if: ${{ needs.changed.outputs.argument_comment_lint == 'true' || needs.changed.outputs.workflows == 'true' }}
     strategy:
       fail-fast: false
       matrix:
         include:
           - name: Linux
             runner: ubuntu-24.04
+            timeout_minutes: 30
           - name: macOS
             runner: macos-15-xlarge
+            timeout_minutes: 30
           - name: Windows
             runner: windows-x64
+            timeout_minutes: 30
             runs_on:
               group: codex-runners
               labels: codex-windows-x64
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: ./.github/actions/setup-bazel-ci
+        with:
+          target: ${{ runner.os }}
+          install-test-prereqs: true
       - name: Install Linux sandbox build dependencies
         if: ${{ runner.os == 'Linux' }}
         shell: bash
         run: |
           sudo DEBIAN_FRONTEND=noninteractive apt-get update
           sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev
-      - uses: dtolnay/rust-toolchain@1.93.0
-        with:
-          toolchain: nightly-2025-09-18
-          components: llvm-tools-preview, rustc-dev, rust-src
-      - uses: facebook/install-dotslash@v2
-      - name: Run argument comment lint on codex-rs
-        shell: bash
-        run: ./tools/argument-comment-lint/run-prebuilt-linter.sh
-
-  # --- CI to validate on different os/targets --------------------------------
-  lint_build:
-    name: Lint/Build — ${{ matrix.runner }} - ${{ matrix.target }}${{ matrix.profile == 'release' && ' (release)' || '' }}
-    runs-on: ${{ matrix.runs_on || matrix.runner }}
-    timeout-minutes: 30
-    needs: changed
-    # Keep job-level if to avoid spinning up runners when not needed
-    if: ${{ needs.changed.outputs.codex == 'true' || needs.changed.outputs.workflows == 'true' || github.event_name == 'push' }}
-    defaults:
-      run:
-        working-directory: codex-rs
-    env:
-      # Speed up repeated builds across CI runs by caching compiled objects, except on
-      # arm64 macOS runners cross-targeting x86_64 where ring/cc-rs can produce
-      # mixed-architecture archives under sccache.
-      USE_SCCACHE: ${{ (startsWith(matrix.runner, 'windows') || (matrix.runner == 'macos-15-xlarge' && matrix.target == 'x86_64-apple-darwin')) && 'false' || 'true' }}
-      CARGO_INCREMENTAL: "0"
-      SCCACHE_CACHE_SIZE: 10G
-      # In rust-ci, representative release-profile checks use thin LTO for faster feedback.
-      CARGO_PROFILE_RELEASE_LTO: ${{ matrix.profile == 'release' && 'thin' || 'fat' }}
-
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - runner: macos-15-xlarge
-            target: aarch64-apple-darwin
-            profile: dev
-          - runner: macos-15-xlarge
-            target: x86_64-apple-darwin
-            profile: dev
-          - runner: ubuntu-24.04
-            target: x86_64-unknown-linux-musl
-            profile: dev
-            runs_on:
-              group: codex-runners
-              labels: codex-linux-x64
-          - runner: ubuntu-24.04
-            target: x86_64-unknown-linux-gnu
-            profile: dev
-            runs_on:
-              group: codex-runners
-              labels: codex-linux-x64
-          - runner: ubuntu-24.04-arm
-            target: aarch64-unknown-linux-musl
-            profile: dev
-            runs_on:
-              group: codex-runners
-              labels: codex-linux-arm64
-          - runner: ubuntu-24.04-arm
-            target: aarch64-unknown-linux-gnu
-            profile: dev
-            runs_on:
-              group: codex-runners
-              labels: codex-linux-arm64
-          - runner: windows-x64
-            target: x86_64-pc-windows-msvc
-            profile: dev
-            runs_on:
-              group: codex-runners
-              labels: codex-windows-x64
-          - runner: windows-arm64
-            target: aarch64-pc-windows-msvc
-            profile: dev
-            runs_on:
-              group: codex-runners
-              labels: codex-windows-arm64
-
-          # Also run representative release builds on Mac and Linux because
-          # there could be release-only build errors we want to catch.
-          # Hopefully this also pre-populates the build cache to speed up
-          # releases.
-          - runner: macos-15-xlarge
-            target: aarch64-apple-darwin
-            profile: release
-          - runner: ubuntu-24.04
-            target: x86_64-unknown-linux-musl
-            profile: release
-            runs_on:
-              group: codex-runners
-              labels: codex-linux-x64
-          - runner: ubuntu-24.04-arm
-            target: aarch64-unknown-linux-musl
-            profile: release
-            runs_on:
-              group: codex-runners
-              labels: codex-linux-arm64
-          - runner: windows-x64
-            target: x86_64-pc-windows-msvc
-            profile: release
-            runs_on:
-              group: codex-runners
-              labels: codex-windows-x64
-          - runner: windows-arm64
-            target: aarch64-pc-windows-msvc
-            profile: release
-            runs_on:
-              group: codex-runners
-              labels: codex-windows-arm64
-
-    steps:
-      - uses: actions/checkout@v6
-      - name: Install Linux build dependencies
-        if: ${{ runner.os == 'Linux' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          if command -v apt-get >/dev/null 2>&1; then
-            sudo apt-get update -y
-            packages=(pkg-config libcap-dev)
-            if [[ "${{ matrix.target }}" == 'x86_64-unknown-linux-musl' || "${{ matrix.target }}" == 'aarch64-unknown-linux-musl' ]]; then
-              packages+=(libubsan1)
-            fi
-            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends "${packages[@]}"
-          fi
-      - uses: dtolnay/rust-toolchain@1.93.0
-        with:
-          targets: ${{ matrix.target }}
-          components: clippy
-
-      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
-        name: Use hermetic Cargo home (musl)
-        shell: bash
-        run: |
-          set -euo pipefail
-          cargo_home="${GITHUB_WORKSPACE}/.cargo-home"
-          mkdir -p "${cargo_home}/bin"
-          echo "CARGO_HOME=${cargo_home}" >> "$GITHUB_ENV"
-          echo "${cargo_home}/bin" >> "$GITHUB_PATH"
-          : > "${cargo_home}/config.toml"
-
-      - name: Compute lockfile hash
-        id: lockhash
-        working-directory: codex-rs
-        shell: bash
-        run: |
-          set -euo pipefail
-          echo "hash=$(sha256sum Cargo.lock | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
-          echo "toolchain_hash=$(sha256sum rust-toolchain.toml | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
-
-      # Explicit cache restore: split cargo home vs target, so we can
-      # avoid caching the large target dir on the gnu-dev job.
-      - name: Restore cargo home cache
-        id: cache_cargo_home_restore
-        uses: actions/cache/restore@v5
-        with:
-          path: |
-            ~/.cargo/bin/
-            ~/.cargo/registry/index/
-            ~/.cargo/registry/cache/
-            ~/.cargo/git/db/
-            ${{ github.workspace }}/.cargo-home/bin/
-            ${{ github.workspace }}/.cargo-home/registry/index/
-            ${{ github.workspace }}/.cargo-home/registry/cache/
-            ${{ github.workspace }}/.cargo-home/git/db/
-          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
-          restore-keys: |
-            cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
-
-      # Install and restore sccache cache
-      - name: Install sccache
-        if: ${{ env.USE_SCCACHE == 'true' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
-        with:
-          tool: sccache
-          version: 0.7.5
-
-      - name: Configure sccache backend
-        if: ${{ env.USE_SCCACHE == 'true' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          if [[ -n "${ACTIONS_CACHE_URL:-}" && -n "${ACTIONS_RUNTIME_TOKEN:-}" ]]; then
-            echo "SCCACHE_GHA_ENABLED=true" >> "$GITHUB_ENV"
-            echo "Using sccache GitHub backend"
-          else
-            echo "SCCACHE_GHA_ENABLED=false" >> "$GITHUB_ENV"
-            echo "SCCACHE_DIR=${{ github.workspace }}/.sccache" >> "$GITHUB_ENV"
-            echo "Using sccache local disk + actions/cache fallback"
-          fi
-
-      - name: Enable sccache wrapper
-        if: ${{ env.USE_SCCACHE == 'true' }}
-        shell: bash
-        run: echo "RUSTC_WRAPPER=sccache" >> "$GITHUB_ENV"
-
-      - name: Restore sccache cache (fallback)
-        if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
-        id: cache_sccache_restore
-        uses: actions/cache/restore@v5
-        with:
-          path: ${{ github.workspace }}/.sccache/
-          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
-          restore-keys: |
-            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-
-            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
-
-      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
-        name: Disable sccache wrapper (musl)
-        shell: bash
-        run: |
-          set -euo pipefail
-          echo "RUSTC_WRAPPER=" >> "$GITHUB_ENV"
-          echo "RUSTC_WORKSPACE_WRAPPER=" >> "$GITHUB_ENV"
-
-      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
-        name: Prepare APT cache directories (musl)
-        shell: bash
-        run: |
-          set -euo pipefail
-          sudo mkdir -p /var/cache/apt/archives /var/lib/apt/lists
-          sudo chown -R "$USER:$USER" /var/cache/apt /var/lib/apt/lists
-
-      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
-        name: Restore APT cache (musl)
-        id: cache_apt_restore
-        uses: actions/cache/restore@v5
-        with:
-          path: |
-            /var/cache/apt
-          key: apt-${{ matrix.runner }}-${{ matrix.target }}-v1
-
-      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
-        name: Install Zig
-        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2
-        with:
-          version: 0.14.0
-
-      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
-        name: Install musl build tools
+      - name: Run argument comment lint on codex-rs via Bazel
+        if: ${{ runner.os != 'Windows' }}
         env:
-          DEBIAN_FRONTEND: noninteractive
-          TARGET: ${{ matrix.target }}
-          APT_UPDATE_ARGS: -o Acquire::Retries=3
-          APT_INSTALL_ARGS: --no-install-recommends
-        shell: bash
-        run: bash "${GITHUB_WORKSPACE}/.github/scripts/install-musl-build-tools.sh"
-
-      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
-        name: Configure rustc UBSan wrapper (musl host)
+          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
         shell: bash
         run: |
-          set -euo pipefail
-          ubsan=""
-          if command -v ldconfig >/dev/null 2>&1; then
-            ubsan="$(ldconfig -p | grep -m1 'libubsan\.so\.1' | sed -E 's/.*=> (.*)$/\1/')"
-          fi
-          wrapper_root="${RUNNER_TEMP:-/tmp}"
-          wrapper="${wrapper_root}/rustc-ubsan-wrapper"
-          cat > "${wrapper}" <<EOF
-          #!/usr/bin/env bash
-          set -euo pipefail
-          if [[ -n "${ubsan}" ]]; then
-            export LD_PRELOAD="${ubsan}\${LD_PRELOAD:+:\${LD_PRELOAD}}"
-          fi
-          exec "\$1" "\${@:2}"
-          EOF
-          chmod +x "${wrapper}"
-          echo "RUSTC_WRAPPER=${wrapper}" >> "$GITHUB_ENV"
-          echo "RUSTC_WORKSPACE_WRAPPER=" >> "$GITHUB_ENV"
-
-      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
-        name: Clear sanitizer flags (musl)
-        shell: bash
-        run: |
-          set -euo pipefail
-          # Clear global Rust flags so host/proc-macro builds don't pull in UBSan.
-          echo "RUSTFLAGS=" >> "$GITHUB_ENV"
-          echo "CARGO_ENCODED_RUSTFLAGS=" >> "$GITHUB_ENV"
-          echo "RUSTDOCFLAGS=" >> "$GITHUB_ENV"
-          # Override any runner-level Cargo config rustflags as well.
-          echo "CARGO_BUILD_RUSTFLAGS=" >> "$GITHUB_ENV"
-          echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV"
-          echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_RUSTFLAGS=" >> "$GITHUB_ENV"
-          echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV"
-          echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS=" >> "$GITHUB_ENV"
-
-          sanitize_flags() {
-            local input="$1"
-            input="${input//-fsanitize=undefined/}"
-            input="${input//-fno-sanitize-recover=undefined/}"
-            input="${input//-fno-sanitize-trap=undefined/}"
-            echo "$input"
-          }
-
-          cflags="$(sanitize_flags "${CFLAGS-}")"
-          cxxflags="$(sanitize_flags "${CXXFLAGS-}")"
-          echo "CFLAGS=${cflags}" >> "$GITHUB_ENV"
-          echo "CXXFLAGS=${cxxflags}" >> "$GITHUB_ENV"
-
-      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl' }}
-        name: Configure musl rusty_v8 artifact overrides
+          bazel_targets="$(./tools/argument-comment-lint/list-bazel-targets.sh)"
+          ./.github/scripts/run-bazel-ci.sh \
+            -- \
+            build \
+            --config=argument-comment-lint \
+            --keep_going \
+            --build_metadata=COMMIT_SHA=${GITHUB_SHA} \
+            -- \
+            ${bazel_targets}
+      - name: Run argument comment lint on codex-rs via Bazel
+        if: ${{ runner.os == 'Windows' }}
         env:
-          TARGET: ${{ matrix.target }}
+          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
         shell: bash
         run: |
-          set -euo pipefail
-          version="$(python3 "${GITHUB_WORKSPACE}/.github/scripts/rusty_v8_bazel.py" resolved-v8-crate-version)"
-          release_tag="rusty-v8-v${version}"
-          base_url="https://github.com/openai/codex/releases/download/${release_tag}"
-          archive="https://github.com/openai/codex/releases/download/rusty-v8-v${version}/librusty_v8_release_${TARGET}.a.gz"
-          binding_dir="${RUNNER_TEMP}/rusty_v8"
-          binding_path="${binding_dir}/src_binding_release_${TARGET}.rs"
-          mkdir -p "${binding_dir}"
-          curl -fsSL "${base_url}/src_binding_release_${TARGET}.rs" -o "${binding_path}"
-          echo "RUSTY_V8_ARCHIVE=${archive}" >> "$GITHUB_ENV"
-          echo "RUSTY_V8_SRC_BINDING_PATH=${binding_path}" >> "$GITHUB_ENV"
-
-      - name: Install cargo-chef
-        if: ${{ matrix.profile == 'release' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
-        with:
-          tool: cargo-chef
-          version: 0.1.71
-
-      - name: Pre-warm dependency cache (cargo-chef)
-        if: ${{ matrix.profile == 'release' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          RECIPE="${RUNNER_TEMP}/chef-recipe.json"
-          cargo chef prepare --recipe-path "$RECIPE"
-          cargo chef cook --recipe-path "$RECIPE" --target ${{ matrix.target }} --release --all-features
-
-      - name: cargo clippy
-        run: cargo clippy --target ${{ matrix.target }} --all-features --tests --profile ${{ matrix.profile }} --timings -- -D warnings
-
-      - name: Upload Cargo timings (clippy)
-        if: always()
-        uses: actions/upload-artifact@v7
-        with:
-          name: cargo-timings-rust-ci-clippy-${{ matrix.target }}-${{ matrix.profile }}
-          path: codex-rs/target/**/cargo-timings/cargo-timing.html
-          if-no-files-found: warn
-
-      # Save caches explicitly; make non-fatal so cache packaging
-      # never fails the overall job. Only save when key wasn't hit.
-      - name: Save cargo home cache
-        if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
-        continue-on-error: true
-        uses: actions/cache/save@v5
-        with:
-          path: |
-            ~/.cargo/bin/
-            ~/.cargo/registry/index/
-            ~/.cargo/registry/cache/
-            ~/.cargo/git/db/
-            ${{ github.workspace }}/.cargo-home/bin/
-            ${{ github.workspace }}/.cargo-home/registry/index/
-            ${{ github.workspace }}/.cargo-home/registry/cache/
-            ${{ github.workspace }}/.cargo-home/git/db/
-          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
-
-      - name: Save sccache cache (fallback)
-        if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
-        continue-on-error: true
-        uses: actions/cache/save@v5
-        with:
-          path: ${{ github.workspace }}/.sccache/
-          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
-
-      - name: sccache stats
-        if: always() && env.USE_SCCACHE == 'true'
-        continue-on-error: true
-        run: sccache --show-stats || true
-
-      - name: sccache summary
-        if: always() && env.USE_SCCACHE == 'true'
-        shell: bash
-        run: |
-          {
-            echo "### sccache stats — ${{ matrix.target }} (${{ matrix.profile }})";
-            echo;
-            echo '```';
-            sccache --show-stats || true;
-            echo '```';
-          } >> "$GITHUB_STEP_SUMMARY"
-
-      - name: Save APT cache (musl)
-        if: always() && !cancelled() && (matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl') && steps.cache_apt_restore.outputs.cache-hit != 'true'
-        continue-on-error: true
-        uses: actions/cache/save@v5
-        with:
-          path: |
-            /var/cache/apt
-          key: apt-${{ matrix.runner }}-${{ matrix.target }}-v1
-
-  tests:
-    name: Tests — ${{ matrix.runner }} - ${{ matrix.target }}${{ matrix.remote_env == 'true' && ' (remote)' || '' }}
-    runs-on: ${{ matrix.runs_on || matrix.runner }}
-    timeout-minutes: ${{ matrix.runner == 'windows-arm64' && 35 || 30 }}
-    needs: changed
-    if: ${{ needs.changed.outputs.codex == 'true' || needs.changed.outputs.workflows == 'true' || github.event_name == 'push' }}
-    defaults:
-      run:
-        working-directory: codex-rs
-    env:
-      # Speed up repeated builds across CI runs by caching compiled objects, except on
-      # arm64 macOS runners cross-targeting x86_64 where ring/cc-rs can produce
-      # mixed-architecture archives under sccache.
-      USE_SCCACHE: ${{ (startsWith(matrix.runner, 'windows') || (matrix.runner == 'macos-15-xlarge' && matrix.target == 'x86_64-apple-darwin')) && 'false' || 'true' }}
-      CARGO_INCREMENTAL: "0"
-      SCCACHE_CACHE_SIZE: 10G
-
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - runner: macos-15-xlarge
-            target: aarch64-apple-darwin
-            profile: dev
-          - runner: ubuntu-24.04
-            target: x86_64-unknown-linux-gnu
-            profile: dev
-            remote_env: "true"
-            runs_on:
-              group: codex-runners
-              labels: codex-linux-x64
-          - runner: ubuntu-24.04-arm
-            target: aarch64-unknown-linux-gnu
-            profile: dev
-            runs_on:
-              group: codex-runners
-              labels: codex-linux-arm64
-          - runner: windows-x64
-            target: x86_64-pc-windows-msvc
-            profile: dev
-            runs_on:
-              group: codex-runners
-              labels: codex-windows-x64
-          - runner: windows-arm64
-            target: aarch64-pc-windows-msvc
-            profile: dev
-            runs_on:
-              group: codex-runners
-              labels: codex-windows-arm64
-
-    steps:
-      - uses: actions/checkout@v6
-      - name: Set up Node.js for js_repl tests
-        uses: actions/setup-node@v6
-        with:
-          node-version-file: codex-rs/node-version.txt
-      - name: Install Linux build dependencies
-        if: ${{ runner.os == 'Linux' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          if command -v apt-get >/dev/null 2>&1; then
-            sudo apt-get update -y
-            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev
-          fi
-
-      # Some integration tests rely on DotSlash being installed.
-      # See https://github.com/openai/codex/pull/7617.
-      - name: Install DotSlash
-        uses: facebook/install-dotslash@v2
-
-      - uses: dtolnay/rust-toolchain@1.93.0
-        with:
-          targets: ${{ matrix.target }}
-
-      - name: Compute lockfile hash
-        id: lockhash
-        working-directory: codex-rs
-        shell: bash
-        run: |
-          set -euo pipefail
-          echo "hash=$(sha256sum Cargo.lock | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
-          echo "toolchain_hash=$(sha256sum rust-toolchain.toml | cut -d' ' -f1)" >> "$GITHUB_OUTPUT"
-
-      - name: Restore cargo home cache
-        id: cache_cargo_home_restore
-        uses: actions/cache/restore@v5
-        with:
-          path: |
-            ~/.cargo/bin/
-            ~/.cargo/registry/index/
-            ~/.cargo/registry/cache/
-            ~/.cargo/git/db/
-          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
-          restore-keys: |
-            cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
-
-      - name: Install sccache
-        if: ${{ env.USE_SCCACHE == 'true' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
-        with:
-          tool: sccache
-          version: 0.7.5
-
-      - name: Configure sccache backend
-        if: ${{ env.USE_SCCACHE == 'true' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          if [[ -n "${ACTIONS_CACHE_URL:-}" && -n "${ACTIONS_RUNTIME_TOKEN:-}" ]]; then
-            echo "SCCACHE_GHA_ENABLED=true" >> "$GITHUB_ENV"
-            echo "Using sccache GitHub backend"
-          else
-            echo "SCCACHE_GHA_ENABLED=false" >> "$GITHUB_ENV"
-            echo "SCCACHE_DIR=${{ github.workspace }}/.sccache" >> "$GITHUB_ENV"
-            echo "Using sccache local disk + actions/cache fallback"
-          fi
-
-      - name: Enable sccache wrapper
-        if: ${{ env.USE_SCCACHE == 'true' }}
-        shell: bash
-        run: echo "RUSTC_WRAPPER=sccache" >> "$GITHUB_ENV"
-
-      - name: Restore sccache cache (fallback)
-        if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
-        id: cache_sccache_restore
-        uses: actions/cache/restore@v5
-        with:
-          path: ${{ github.workspace }}/.sccache/
-          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
-          restore-keys: |
-            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-
-            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
-
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
-        with:
-          tool: nextest
-          version: 0.9.103
-
-      - name: Enable unprivileged user namespaces (Linux)
-        if: runner.os == 'Linux'
-        run: |
-          # Required for bubblewrap to work on Linux CI runners.
-          sudo sysctl -w kernel.unprivileged_userns_clone=1
-          # Ubuntu 24.04+ can additionally gate unprivileged user namespaces
-          # behind AppArmor.
-          if sudo sysctl -a 2>/dev/null | grep -q '^kernel.apparmor_restrict_unprivileged_userns'; then
-            sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
-          fi
-
-      - name: Set up remote test env (Docker)
-        if: ${{ runner.os == 'Linux' && matrix.remote_env == 'true' }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          export CODEX_TEST_REMOTE_ENV_CONTAINER_NAME=codex-remote-test-env
-          source "${GITHUB_WORKSPACE}/scripts/test-remote-env.sh"
-          echo "CODEX_TEST_REMOTE_ENV=${CODEX_TEST_REMOTE_ENV}" >> "$GITHUB_ENV"
-
-      - name: tests
-        id: test
-        run: cargo nextest run --all-features --no-fail-fast --target ${{ matrix.target }} --cargo-profile ci-test --timings
-        env:
-          RUST_BACKTRACE: 1
-          NEXTEST_STATUS_LEVEL: leak
-
-      - name: Upload Cargo timings (nextest)
-        if: always()
-        uses: actions/upload-artifact@v7
-        with:
-          name: cargo-timings-rust-ci-nextest-${{ matrix.target }}-${{ matrix.profile }}
-          path: codex-rs/target/**/cargo-timings/cargo-timing.html
-          if-no-files-found: warn
-
-      - name: Save cargo home cache
-        if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
-        continue-on-error: true
-        uses: actions/cache/save@v5
-        with:
-          path: |
-            ~/.cargo/bin/
-            ~/.cargo/registry/index/
-            ~/.cargo/registry/cache/
-            ~/.cargo/git/db/
-          key: cargo-home-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ steps.lockhash.outputs.toolchain_hash }}
-
-      - name: Save sccache cache (fallback)
-        if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
-        continue-on-error: true
-        uses: actions/cache/save@v5
-        with:
-          path: ${{ github.workspace }}/.sccache/
-          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
-
-      - name: sccache stats
-        if: always() && env.USE_SCCACHE == 'true'
-        continue-on-error: true
-        run: sccache --show-stats || true
-
-      - name: sccache summary
-        if: always() && env.USE_SCCACHE == 'true'
-        shell: bash
-        run: |
-          {
-            echo "### sccache stats — ${{ matrix.target }} (tests)";
-            echo;
-            echo '```';
-            sccache --show-stats || true;
-            echo '```';
-          } >> "$GITHUB_STEP_SUMMARY"
-
-      - name: Tear down remote test env
-        if: ${{ always() && runner.os == 'Linux' && matrix.remote_env == 'true' }}
-        shell: bash
-        run: |
-          set +e
-          if [[ "${{ steps.test.outcome }}" != "success" ]]; then
-            docker logs codex-remote-test-env || true
-          fi
-          docker rm -f codex-remote-test-env >/dev/null 2>&1 || true
-
-      - name: verify tests passed
-        if: steps.test.outcome == 'failure'
-        run: |
-          echo "Tests failed. See logs for details."
-          exit 1
+          ./.github/scripts/run-argument-comment-lint-bazel.sh \
+            --config=argument-comment-lint \
+            --platforms=//:local_windows \
+            --keep_going \
+            --build_metadata=COMMIT_SHA=${GITHUB_SHA}
 
   # --- Gatherer job that you mark as the ONLY required status -----------------
   results:
@@ -781,8 +196,6 @@ jobs:
         cargo_shear,
         argument_comment_lint_package,
         argument_comment_lint_prebuilt,
-        lint_build,
-        tests,
       ]
     if: always()
     runs-on: ubuntu-24.04
@@ -794,32 +207,23 @@ jobs:
           echo "arglint: ${{ needs.argument_comment_lint_prebuilt.result }}"
           echo "general: ${{ needs.general.result }}"
           echo "shear  : ${{ needs.cargo_shear.result }}"
-          echo "lint   : ${{ needs.lint_build.result }}"
-          echo "tests  : ${{ needs.tests.result }}"
 
           # If nothing relevant changed (PR touching only root README, etc.),
           # declare success regardless of other jobs.
-          if [[ '${{ needs.changed.outputs.argument_comment_lint }}' != 'true' && '${{ needs.changed.outputs.codex }}' != 'true' && '${{ needs.changed.outputs.workflows }}' != 'true' && '${{ github.event_name }}' != 'push' ]]; then
+          if [[ '${{ needs.changed.outputs.argument_comment_lint }}' != 'true' && '${{ needs.changed.outputs.codex }}' != 'true' && '${{ needs.changed.outputs.workflows }}' != 'true' ]]; then
             echo 'No relevant changes -> CI not required.'
             exit 0
           fi
 
-          if [[ '${{ needs.changed.outputs.argument_comment_lint_package }}' == 'true' || '${{ github.event_name }}' == 'push' ]]; then
+          if [[ '${{ needs.changed.outputs.argument_comment_lint_package }}' == 'true' ]]; then
             [[ '${{ needs.argument_comment_lint_package.result }}' == 'success' ]] || { echo 'argument_comment_lint_package failed'; exit 1; }
           fi
 
-          if [[ '${{ needs.changed.outputs.argument_comment_lint }}' == 'true' || '${{ needs.changed.outputs.workflows }}' == 'true' || '${{ github.event_name }}' == 'push' ]]; then
+          if [[ '${{ needs.changed.outputs.argument_comment_lint }}' == 'true' || '${{ needs.changed.outputs.workflows }}' == 'true' ]]; then
             [[ '${{ needs.argument_comment_lint_prebuilt.result }}' == 'success' ]] || { echo 'argument_comment_lint_prebuilt failed'; exit 1; }
           fi
 
-          if [[ '${{ needs.changed.outputs.codex }}' == 'true' || '${{ needs.changed.outputs.workflows }}' == 'true' || '${{ github.event_name }}' == 'push' ]]; then
+          if [[ '${{ needs.changed.outputs.codex }}' == 'true' || '${{ needs.changed.outputs.workflows }}' == 'true' ]]; then
             [[ '${{ needs.general.result }}' == 'success' ]] || { echo 'general failed'; exit 1; }
             [[ '${{ needs.cargo_shear.result }}' == 'success' ]] || { echo 'cargo_shear failed'; exit 1; }
-            [[ '${{ needs.lint_build.result }}' == 'success' ]] || { echo 'lint_build failed'; exit 1; }
-            [[ '${{ needs.tests.result }}' == 'success' ]] || { echo 'tests failed'; exit 1; }
           fi
-
-      - name: sccache summary note
-        if: always()
-        run: |
-          echo "Per-job sccache stats are attached to each matrix job's Step Summary."

.github/workflows/rust-release-argument-comment-lint.yml

@@ -53,9 +53,9 @@ jobs:
               labels: codex-windows-x64
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
-      - uses: dtolnay/rust-toolchain@1.93.0
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
         with:
           toolchain: nightly-2025-09-18
           targets: ${{ matrix.target }}
@@ -97,7 +97,7 @@ jobs:
             (cd "${RUNNER_TEMP}" && tar -czf "$GITHUB_WORKSPACE/$archive_path" argument-comment-lint)
           fi
 
-      - uses: actions/upload-artifact@v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: argument-comment-lint-${{ matrix.target }}
           path: dist/argument-comment-lint/${{ matrix.target }}/*

.github/workflows/rust-release-prepare.yml

@@ -18,7 +18,7 @@ jobs:
     if: github.repository == 'openai/codex'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           ref: main
           fetch-depth: 0
@@ -43,7 +43,7 @@ jobs:
           curl --http1.1 --fail --show-error --location "${headers[@]}" "${url}" | jq '.' > codex-rs/core/models.json
 
       - name: Open pull request (if changed)
-        uses: peter-evans/create-pull-request@v8
+        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8
         with:
           commit-message: "Update models.json"
           title: "Update models.json"

.github/workflows/rust-release-windows.yml

@@ -67,7 +67,7 @@ jobs:
               labels: codex-windows-arm64
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       - name: Print runner specs (Windows)
         shell: powershell
         run: |
@@ -82,7 +82,7 @@ jobs:
           Write-Host "Total RAM: $ramGiB GiB"
           Write-Host "Disk usage:"
           Get-PSDrive -PSProvider FileSystem | Format-Table -AutoSize Name, @{Name='Size(GB)';Expression={[math]::Round(($_.Used + $_.Free) / 1GB, 1)}}, @{Name='Free(GB)';Expression={[math]::Round($_.Free / 1GB, 1)}}
-      - uses: dtolnay/rust-toolchain@1.93.0
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
         with:
           targets: ${{ matrix.target }}
 
@@ -92,7 +92,7 @@ jobs:
           cargo build --target ${{ matrix.target }} --release --timings ${{ matrix.build_args }}
 
       - name: Upload Cargo timings
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: cargo-timings-rust-release-windows-${{ matrix.target }}-${{ matrix.bundle }}
           path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -112,7 +112,7 @@ jobs:
           fi
 
       - name: Upload Windows binaries
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: windows-binaries-${{ matrix.target }}-${{ matrix.bundle }}
           path: |
@@ -147,16 +147,16 @@ jobs:
               labels: codex-windows-arm64
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Download prebuilt Windows primary binaries
-        uses: actions/download-artifact@v8
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
         with:
           name: windows-binaries-${{ matrix.target }}-primary
           path: codex-rs/target/${{ matrix.target }}/release
 
       - name: Download prebuilt Windows helper binaries
-        uses: actions/download-artifact@v8
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
         with:
           name: windows-binaries-${{ matrix.target }}-helpers
           path: codex-rs/target/${{ matrix.target }}/release
@@ -193,7 +193,7 @@ jobs:
           cp target/${{ matrix.target }}/release/codex-command-runner.exe "$dest/codex-command-runner-${{ matrix.target }}.exe"
 
       - name: Install DotSlash
-        uses: facebook/install-dotslash@v2
+        uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2
 
       - name: Compress artifacts
         shell: bash
@@ -257,7 +257,7 @@ jobs:
             "${GITHUB_WORKSPACE}/.github/workflows/zstd" -T0 -19 "$dest/$base"
           done
 
-      - uses: actions/upload-artifact@v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: ${{ matrix.target }}
           path: |

.github/workflows/rust-release-zsh.yml

@@ -45,7 +45,7 @@ jobs:
             git \
             libncursesw5-dev
 
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Build, smoke-test, and stage zsh artifact
         shell: bash
@@ -53,7 +53,7 @@ jobs:
           "${GITHUB_WORKSPACE}/.github/scripts/build-zsh-release-artifact.sh" \
             "dist/zsh/${{ matrix.target }}/${{ matrix.archive_name }}"
 
-      - uses: actions/upload-artifact@v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: codex-zsh-${{ matrix.target }}
           path: dist/zsh/${{ matrix.target }}/*
@@ -81,7 +81,7 @@ jobs:
             brew install autoconf
           fi
 
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Build, smoke-test, and stage zsh artifact
         shell: bash
@@ -89,7 +89,7 @@ jobs:
           "${GITHUB_WORKSPACE}/.github/scripts/build-zsh-release-artifact.sh" \
             "dist/zsh/${{ matrix.target }}/${{ matrix.archive_name }}"
 
-      - uses: actions/upload-artifact@v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: codex-zsh-${{ matrix.target }}
           path: dist/zsh/${{ matrix.target }}/*

.github/workflows/rust-release.yml

@@ -19,8 +19,8 @@ jobs:
   tag-check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6
-      - uses: dtolnay/rust-toolchain@1.92
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: dtolnay/rust-toolchain@c2b55edffaf41a251c410bb32bed22afefa800f1 # 1.92
       - name: Validate tag matches Cargo.toml version
         shell: bash
         run: |
@@ -79,7 +79,7 @@ jobs:
             target: aarch64-unknown-linux-gnu
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       - name: Print runner specs (Linux)
         if: ${{ runner.os == 'Linux' }}
         shell: bash
@@ -125,7 +125,7 @@ jobs:
             sudo apt-get update -y
             sudo DEBIAN_FRONTEND=noninteractive apt-get install -y libubsan1
           fi
-      - uses: dtolnay/rust-toolchain@1.93.0
+      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
         with:
           targets: ${{ matrix.target }}
 
@@ -235,7 +235,7 @@ jobs:
           cargo build --target ${{ matrix.target }} --release --timings --bin codex --bin codex-responses-api-proxy
 
       - name: Upload Cargo timings
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: cargo-timings-rust-release-${{ matrix.target }}
           path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -374,7 +374,7 @@ jobs:
             zstd -T0 -19 --rm "$dest/$base"
           done
 
-      - uses: actions/upload-artifact@v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: ${{ matrix.target }}
           # Upload the per-binary .zst files as well as the new .tar.gz
@@ -420,7 +420,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Generate release notes from tag commit message
         id: release_notes
@@ -442,7 +442,7 @@ jobs:
 
           echo "path=${notes_path}" >> "${GITHUB_OUTPUT}"
 
-      - uses: actions/download-artifact@v8
+      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
         with:
           path: dist
 
@@ -492,12 +492,12 @@ jobs:
           fi
 
       - name: Setup pnpm
-        uses: pnpm/action-setup@v5
+        uses: pnpm/action-setup@a8198c4bff370c8506180b035930dea56dbd5288 # v5
         with:
           run_install: false
 
       - name: Setup Node.js for npm packaging
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
         with:
           node-version: 22
 
@@ -505,7 +505,7 @@ jobs:
         run: pnpm install --frozen-lockfile
 
       # stage_npm_packages.py requires DotSlash when staging releases.
-      - uses: facebook/install-dotslash@v2
+      - uses: facebook/install-dotslash@1e4e7b3e07eaca387acb98f1d4720e0bee8dbb6a # v2
       - name: Stage npm packages
         env:
           GH_TOKEN: ${{ github.token }}
@@ -523,7 +523,7 @@ jobs:
           cp scripts/install/install.ps1 dist/install.ps1
 
       - name: Create GitHub Release
-        uses: softprops/action-gh-release@v2
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2
         with:
           name: ${{ steps.release_name.outputs.name }}
           tag_name: ${{ github.ref_name }}
@@ -533,21 +533,21 @@ jobs:
           # (e.g. -alpha, -beta). Otherwise publish a normal release.
           prerelease: ${{ contains(steps.release_name.outputs.name, '-') }}
 
-      - uses: facebook/dotslash-publish-release@v2
+      - uses: facebook/dotslash-publish-release@9c9ec027515c34db9282a09a25a9cab5880b2c52 # v2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           tag: ${{ github.ref_name }}
           config: .github/dotslash-config.json
 
-      - uses: facebook/dotslash-publish-release@v2
+      - uses: facebook/dotslash-publish-release@9c9ec027515c34db9282a09a25a9cab5880b2c52 # v2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           tag: ${{ github.ref_name }}
           config: .github/dotslash-zsh-config.json
 
-      - uses: facebook/dotslash-publish-release@v2
+      - uses: facebook/dotslash-publish-release@9c9ec027515c34db9282a09a25a9cab5880b2c52 # v2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
@@ -582,7 +582,7 @@ jobs:
 
     steps:
       - name: Setup Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
         with:
           node-version: 22
           registry-url: "https://registry.npmjs.org"

.github/workflows/rusty-v8-release.yml

@@ -25,10 +25,10 @@ jobs:
       v8_version: ${{ steps.v8_version.outputs.version }}
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Set up Python
-        uses: actions/setup-python@v6
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
         with:
           python-version: "3.12"
 
@@ -75,13 +75,13 @@ jobs:
             target: aarch64-unknown-linux-musl
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Set up Bazel
-        uses: bazelbuild/setup-bazelisk@v3
+        uses: bazelbuild/setup-bazelisk@6ecf4fd8b7d1f9721785f1dd656a689acf9add47 # v3
 
       - name: Set up Python
-        uses: actions/setup-python@v6
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
         with:
           python-version: "3.12"
 
@@ -116,8 +116,8 @@ jobs:
 
           bazel \
             --noexperimental_remote_repo_contents_cache \
-            --bazelrc=.github/workflows/v8-ci.bazelrc \
             "${bazel_args[@]}" \
+            --config=ci-v8 \
             "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"
 
       - name: Stage release pair
@@ -135,7 +135,7 @@ jobs:
             --output-dir "dist/${TARGET}"
 
       - name: Upload staged musl artifacts
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: rusty-v8-${{ needs.metadata.outputs.v8_version }}-${{ matrix.target }}
           path: dist/${{ matrix.target }}/*
@@ -174,12 +174,12 @@ jobs:
             exit 1
           fi
 
-      - uses: actions/download-artifact@v8
+      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
         with:
           path: dist
 
       - name: Create GitHub Release
-        uses: softprops/action-gh-release@v2
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2
         with:
           tag_name: ${{ needs.metadata.outputs.release_tag }}
           name: ${{ needs.metadata.outputs.release_tag }}

.github/workflows/sdk.yml

@@ -13,7 +13,7 @@ jobs:
     timeout-minutes: 10
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Install Linux bwrap build dependencies
         shell: bash
@@ -23,21 +23,82 @@ jobs:
           sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev
 
       - name: Setup pnpm
-        uses: pnpm/action-setup@v5
+        uses: pnpm/action-setup@a8198c4bff370c8506180b035930dea56dbd5288 # v5
         with:
           run_install: false
 
       - name: Setup Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
         with:
           node-version: 22
           cache: pnpm
 
-      - uses: dtolnay/rust-toolchain@1.93.0
+      - name: Set up Bazel CI
+        id: setup_bazel
+        uses: ./.github/actions/setup-bazel-ci
+        with:
+          target: x86_64-unknown-linux-gnu
 
-      - name: build codex
-        run: cargo build --bin codex
-        working-directory: codex-rs
+      - name: Build codex with Bazel
+        env:
+          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
+        shell: bash
+        run: |
+          set -euo pipefail
+          # Use the shared CI wrapper so fork PRs fall back cleanly when
+          # BuildBuddy credentials are unavailable. This workflow needs the
+          # built `codex` binary on disk afterwards, so ask the wrapper to
+          # override CI's default remote_download_minimal behavior.
+          ./.github/scripts/run-bazel-ci.sh \
+            --remote-download-toplevel \
+            -- \
+            build \
+            --build_metadata=COMMIT_SHA=${GITHUB_SHA} \
+            --build_metadata=TAG_job=sdk \
+            -- \
+            //codex-rs/cli:codex
+
+          # Resolve the exact output file using the same wrapper/config path as
+          # the build instead of guessing which Bazel convenience symlink is
+          # available on the runner.
+          cquery_output="$(
+            ./.github/scripts/run-bazel-ci.sh \
+              -- \
+              cquery \
+              --output=files \
+              -- \
+              //codex-rs/cli:codex \
+              | grep -E '^(/|bazel-out/)' \
+              | tail -n 1
+          )"
+          if [[ "${cquery_output}" = /* ]]; then
+            codex_bazel_output_path="${cquery_output}"
+          else
+            codex_bazel_output_path="${GITHUB_WORKSPACE}/${cquery_output}"
+          fi
+          if [[ -z "${codex_bazel_output_path}" ]]; then
+            echo "Bazel did not report an output path for //codex-rs/cli:codex." >&2
+            exit 1
+          fi
+          if [[ ! -e "${codex_bazel_output_path}" ]]; then
+            echo "Unable to locate the Bazel-built codex binary at ${codex_bazel_output_path}." >&2
+            exit 1
+          fi
+
+          # Stage the binary into the workspace and point the SDK tests at that
+          # stable path. The tests spawn `codex` directly many times, so using a
+          # normal executable path is more reliable than invoking Bazel for each
+          # test process.
+          install_dir="${GITHUB_WORKSPACE}/.tmp/sdk-ci"
+          mkdir -p "${install_dir}"
+          install -m 755 "${codex_bazel_output_path}" "${install_dir}/codex"
+          echo "CODEX_EXEC_PATH=${install_dir}/codex" >> "$GITHUB_ENV"
+
+      - name: Warm up Bazel-built codex
+        shell: bash
+        run: |
+          set -euo pipefail
+          "${CODEX_EXEC_PATH}" --version
 
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
@@ -50,3 +111,12 @@ jobs:
 
       - name: Test SDK packages
         run: pnpm -r --filter ./sdk/typescript run test
+
+      - name: Save bazel repository cache
+        if: always() && !cancelled() && steps.setup_bazel.outputs.cache-hit != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        with:
+          path: |
+            ~/.cache/bazel-repo-cache
+          key: bazel-cache-x86_64-unknown-linux-gnu-${{ hashFiles('MODULE.bazel', 'codex-rs/Cargo.lock', 'codex-rs/Cargo.toml') }}

.github/workflows/v8-canary.yml

@@ -38,10 +38,10 @@ jobs:
       v8_version: ${{ steps.v8_version.outputs.version }}
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Set up Python
-        uses: actions/setup-python@v6
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
         with:
           python-version: "3.12"
 
@@ -72,13 +72,13 @@ jobs:
             target: aarch64-unknown-linux-musl
 
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Set up Bazel
-        uses: bazelbuild/setup-bazelisk@v3
+        uses: bazelbuild/setup-bazelisk@6ecf4fd8b7d1f9721785f1dd656a689acf9add47 # v3
 
       - name: Set up Python
-        uses: actions/setup-python@v6
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
         with:
           python-version: "3.12"
 
@@ -108,8 +108,8 @@ jobs:
 
           bazel \
             --noexperimental_remote_repo_contents_cache \
-            --bazelrc=.github/workflows/v8-ci.bazelrc \
             "${bazel_args[@]}" \
+            --config=ci-v8 \
             "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"
 
       - name: Stage release pair
@@ -126,7 +126,7 @@ jobs:
             --output-dir "dist/${TARGET}"
 
       - name: Upload staged musl artifacts
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
         with:
           name: v8-canary-${{ needs.metadata.outputs.v8_version }}-${{ matrix.target }}
           path: dist/${{ matrix.target }}/*

.github/workflows/v8-ci.bazelrc

@@ -1,5 +0,0 @@
-import %workspace%/.github/workflows/ci.bazelrc
-
-common --build_metadata=REPO_URL=https://github.com/openai/codex.git
-common --build_metadata=ROLE=CI
-common --build_metadata=VISIBILITY=PUBLIC

.gitignore

@@ -10,6 +10,7 @@ node_modules
 # build
 dist/
 bazel-*
+user.bazelrc
 build/
 out/
 storybook-static/

AGENTS.md

@@ -40,6 +40,7 @@ In the codex-rs folder where the rust code lives:
     `codex-rs/tui/src/bottom_pane/mod.rs`, and similarly central orchestration modules.
   - When extracting code from a large module, move the related tests and module/type docs toward
     the new implementation so the invariants stay close to the code that owns them.
+- When running Rust commands (e.g. `just fix` or `cargo test`) be patient with the command and never try to kill them using the PID. Rust lock can make the execution slow, this is expected.
 
 Run `just fmt` (in `codex-rs` directory) automatically after you have finished making Rust code changes; do not ask for approval to run it. Additionally, run the tests:
 
@@ -50,14 +51,25 @@ Before finalizing a large change to `codex-rs`, run `just fix -p <project>` (in
 
 Also run `just argument-comment-lint` to ensure the codebase is clean of comment lint errors.
 
+## The `codex-core` crate
+
+Over time, the `codex-core` crate (defined in `codex-rs/core/`) has become bloated because it is the largest crate, so it is often easier to add something new to `codex-core` rather than refactor out the library code you need so your new code neither takes a dependency on, nor contributes to the size of, `codex-core`.
+
+To that end: **resist adding code to codex-core**!
+
+Particularly when introducing a new concept/feature/API, before adding to `codex-core`, consider whether:
+
+- There is an existing crate other than `codex-core` that is an appropriate place for your new code to live.
+- It is time to introduce a new crate to the Cargo workspace for your new functionality. Refactor existing code as necessary to make this happen.
+
+Likewise, when reviewing code, do not hesitate to push back on PRs that would unnecessarily add code to `codex-core`.
+
 ## TUI style conventions
 
 See `codex-rs/tui/styles.md`.
 
 ## TUI code conventions
 
-- When a change lands in `codex-rs/tui` and `codex-rs/tui_app_server` has a parallel implementation of the same behavior, reflect the change in `codex-rs/tui_app_server` too unless there is a documented reason not to.
-
 - Use concise styling helpers from ratatui’s Stylize trait.
   - Basic spans: use "text".into()
   - Styled spans: use "text".red(), "text".green(), "text".magenta(), "text".dim(), etc.

BUILD.bazel

@@ -17,12 +17,19 @@ platform(
 platform(
     name = "local_windows",
     constraint_values = [
-        # We just need to pick one of the ABIs. Do the same one we target.
         "@rules_rs//rs/experimental/platforms/constraints:windows_gnullvm",
     ],
     parents = ["@platforms//host"],
 )
 
+platform(
+    name = "local_windows_msvc",
+    constraint_values = [
+        "@rules_rs//rs/experimental/platforms/constraints:windows_msvc",
+    ],
+    parents = ["@platforms//host"],
+)
+
 alias(
     name = "rbe",
     actual = "@rbe_platform",

MODULE.bazel

@@ -3,16 +3,35 @@ module(name = "codex")
 bazel_dep(name = "bazel_skylib", version = "1.8.2")
 bazel_dep(name = "platforms", version = "1.0.0")
 bazel_dep(name = "llvm", version = "0.6.8")
+# The upstream LLVM archive contains a few unix-only symlink entries and is
+# missing a couple of MinGW compatibility archives that windows-gnullvm needs
+# during extraction and linking, so patch it until upstream grows native support.
+single_version_override(
+    module_name = "llvm",
+    patch_strip = 1,
+    patches = [
+        "//patches:llvm_windows_symlink_extract.patch",
+    ],
+)
+# Abseil picks a MinGW pthread TLS path that does not match our hermetic
+# windows-gnullvm toolchain; force it onto the portable C++11 thread-local path.
+single_version_override(
+    module_name = "abseil-cpp",
+    patch_strip = 1,
+    patches = [
+        "//patches:abseil_windows_gnullvm_thread_identity.patch",
+    ],
+)
 
 register_toolchains("@llvm//toolchain:all")
 
 osx = use_extension("@llvm//extensions:osx.bzl", "osx")
 osx.from_archive(
-    sha256 = "6a4922f89487a96d7054ec6ca5065bfddd9f1d017c74d82f1d79cecf7feb8228",
-    strip_prefix = "Payload/Library/Developer/CommandLineTools/SDKs/MacOSX26.2.sdk",
+    sha256 = "1bde70c0b1c2ab89ff454acbebf6741390d7b7eb149ca2a3ca24cc9203a408b7",
+    strip_prefix = "Payload/Library/Developer/CommandLineTools/SDKs/MacOSX26.4.sdk",
     type = "pkg",
     urls = [
-        "https://swcdn.apple.com/content/downloads/26/44/047-81934-A_28TPKM5SD1/ps6pk6dk4x02vgfa5qsctq6tgf23t5f0w2/CLTools_macOSNMOS_SDK.pkg",
+        "https://swcdn.apple.com/content/downloads/32/53/047-96692-A_OAHIHT53YB/ybtshxmrcju8m2qvw3w5elr4rajtg1x3y3/CLTools_macOSNMOS_SDK.pkg",
     ],
 )
 osx.frameworks(names = [
@@ -44,10 +63,77 @@ bazel_dep(name = "apple_support", version = "2.1.0")
 bazel_dep(name = "rules_cc", version = "0.2.16")
 bazel_dep(name = "rules_platform", version = "0.1.0")
 bazel_dep(name = "rules_rs", version = "0.0.43")
+# `rules_rs` 0.0.43 does not model `windows-gnullvm` as a distinct Windows exec
+# platform, so patch it until upstream grows that support for both x86_64 and
+# aarch64.
+single_version_override(
+    module_name = "rules_rs",
+    patch_strip = 1,
+    patches = [
+        "//patches:rules_rs_windows_gnullvm_exec.patch",
+    ],
+    version = "0.0.43",
+)
 
 rules_rust = use_extension("@rules_rs//rs/experimental:rules_rust.bzl", "rules_rust")
+# Build-script probe binaries inherit CFLAGS/CXXFLAGS from Bazel's C++
+# toolchain. On `windows-gnullvm`, llvm-mingw does not ship
+# `libssp_nonshared`, so strip the forwarded stack-protector flags there.
+rules_rust.patch(
+    patches = [
+        "//patches:rules_rust_windows_gnullvm_build_script.patch",
+        "//patches:rules_rust_windows_exec_msvc_build_script_env.patch",
+        "//patches:rules_rust_windows_bootstrap_process_wrapper_linker.patch",
+        "//patches:rules_rust_windows_msvc_direct_link_args.patch",
+        "//patches:rules_rust_windows_exec_bin_target.patch",
+        "//patches:rules_rust_windows_exec_std.patch",
+        "//patches:rules_rust_windows_exec_rustc_dev_rlib.patch",
+        "//patches:rules_rust_repository_set_exec_constraints.patch",
+    ],
+    strip = 1,
+)
 use_repo(rules_rust, "rules_rust")
 
+nightly_rust = use_extension(
+    "@rules_rs//rs/experimental:rules_rust_reexported_extensions.bzl",
+    "rust",
+)
+nightly_rust.toolchain(
+    versions = ["nightly/2025-09-18"],
+    dev_components = True,
+    edition = "2024",
+)
+# Keep Windows exec tools on MSVC so Bazel helper binaries link correctly, but
+# lint crate targets as `windows-gnullvm` to preserve the repo's actual cfgs.
+nightly_rust.repository_set(
+    name = "rust_windows_x86_64",
+    dev_components = True,
+    edition = "2024",
+    exec_triple = "x86_64-pc-windows-msvc",
+    exec_compatible_with = [
+        "@platforms//cpu:x86_64",
+        "@platforms//os:windows",
+        "@rules_rs//rs/experimental/platforms/constraints:windows_msvc",
+    ],
+    target_compatible_with = [
+        "@platforms//cpu:x86_64",
+        "@platforms//os:windows",
+        "@rules_rs//rs/experimental/platforms/constraints:windows_msvc",
+    ],
+    target_triple = "x86_64-pc-windows-msvc",
+    versions = ["nightly/2025-09-18"],
+)
+nightly_rust.repository_set(
+    name = "rust_windows_x86_64",
+    target_compatible_with = [
+        "@platforms//cpu:x86_64",
+        "@platforms//os:windows",
+        "@rules_rs//rs/experimental/platforms/constraints:windows_gnullvm",
+    ],
+    target_triple = "x86_64-pc-windows-gnullvm",
+)
+use_repo(nightly_rust, "rust_toolchains")
+
 toolchains = use_extension("@rules_rs//rs/experimental/toolchains:module_extension.bzl", "toolchains")
 toolchains.toolchain(
     edition = "2024",
@@ -56,6 +142,7 @@ toolchains.toolchain(
 use_repo(toolchains, "default_rust_toolchains")
 
 register_toolchains("@default_rust_toolchains//:all")
+register_toolchains("@rust_toolchains//:all")
 
 crate = use_extension("@rules_rs//rs:extensions.bzl", "crate")
 crate.from_cargo(
@@ -65,10 +152,33 @@ crate.from_cargo(
         "aarch64-unknown-linux-gnu",
         "aarch64-unknown-linux-musl",
         "aarch64-apple-darwin",
+        # Keep both Windows ABIs in the generated Cargo metadata: the V8
+        # experiment still consumes release assets that only exist under the
+        # MSVC names while targeting the GNU toolchain.
+        "aarch64-pc-windows-msvc",
         "aarch64-pc-windows-gnullvm",
         "x86_64-unknown-linux-gnu",
         "x86_64-unknown-linux-musl",
         "x86_64-apple-darwin",
+        "x86_64-pc-windows-msvc",
+        "x86_64-pc-windows-gnullvm",
+    ],
+    use_experimental_platforms = True,
+)
+crate.from_cargo(
+    name = "argument_comment_lint_crates",
+    cargo_lock = "//tools/argument-comment-lint:Cargo.lock",
+    cargo_toml = "//tools/argument-comment-lint:Cargo.toml",
+    platform_triples = [
+        "aarch64-unknown-linux-gnu",
+        "aarch64-unknown-linux-musl",
+        "aarch64-apple-darwin",
+        "aarch64-pc-windows-msvc",
+        "aarch64-pc-windows-gnullvm",
+        "x86_64-unknown-linux-gnu",
+        "x86_64-unknown-linux-musl",
+        "x86_64-apple-darwin",
+        "x86_64-pc-windows-msvc",
         "x86_64-pc-windows-gnullvm",
     ],
     use_experimental_platforms = True,
@@ -89,10 +199,19 @@ crate.annotation(
     patch_args = ["-p1"],
     patches = [
         "//patches:aws-lc-sys_memcmp_check.patch",
+        "//patches:aws-lc-sys_windows_msvc_prebuilt_nasm.patch",
+        "//patches:aws-lc-sys_windows_msvc_memcmp_probe.patch",
     ],
 )
 
+crate.annotation(
+    # The build script only validates embedded source/version metadata.
+    crate = "rustc_apfloat",
+    gen_build_script = "off",
+)
+
 inject_repo(crate, "zstd")
+use_repo(crate, "argument_comment_lint_crates")
 
 bazel_dep(name = "bzip2", version = "1.0.8.bcr.3")
 

codex-rs/BUILD.bazel

@@ -1,3 +1,18 @@
 exports_files([
+    "clippy.toml",
     "node-version.txt",
 ])
+
+filegroup(
+    name = "workspace-files",
+    srcs = glob(
+        [
+            "*",
+            ".cargo/**",
+        ],
+        exclude = [
+            "BUILD.bazel",
+        ],
+    ),
+    visibility = ["//visibility:public"],
+)

codex-rs/Cargo.lock

@@ -410,6 +410,7 @@ dependencies = [
  "codex-app-server-protocol",
  "codex-core",
  "codex-features",
+ "codex-login",
  "codex-protocol",
  "codex-utils-cargo-bin",
  "core_test_support",
@@ -453,9 +454,9 @@ dependencies = [
 
 [[package]]
 name = "arc-swap"
-version = "1.8.2"
+version = "1.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f9f3647c145568cec02c42054e07bdf9a5a698e15b466fb2341bfc393cd24aa5"
+checksum = "a07d1f37ff60921c83bdfc7407723bdefe89b44b98a9b772f225c8f9d67141a6"
 dependencies = [
  "rustversion",
 ]
@@ -481,58 +482,6 @@ dependencies = [
  "term",
 ]
 
-[[package]]
-name = "askama"
-version = "0.15.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "08e1676b346cadfec169374f949d7490fd80a24193d37d2afce0c047cf695e57"
-dependencies = [
- "askama_macros",
- "itoa",
- "percent-encoding",
- "serde",
- "serde_json",
-]
-
-[[package]]
-name = "askama_derive"
-version = "0.15.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7661ff56517787343f376f75db037426facd7c8d3049cef8911f1e75016f3a37"
-dependencies = [
- "askama_parser",
- "basic-toml",
- "memchr",
- "proc-macro2",
- "quote",
- "rustc-hash 2.1.1",
- "serde",
- "serde_derive",
- "syn 2.0.114",
-]
-
-[[package]]
-name = "askama_macros"
-version = "0.15.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "713ee4dbfd1eb719c2dab859465b01fa1d21cb566684614a713a6b7a99a4e47b"
-dependencies = [
- "askama_derive",
-]
-
-[[package]]
-name = "askama_parser"
-version = "0.15.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1d62d674238a526418b30c0def480d5beadb9d8964e7f38d635b03bf639c704c"
-dependencies = [
- "rustc-hash 2.1.1",
- "serde",
- "serde_derive",
- "unicode-ident",
- "winnow",
-]
-
 [[package]]
 name = "asn1-rs"
 version = "0.7.1"
@@ -1388,10 +1337,12 @@ checksum = "e9b18233253483ce2f65329a24072ec414db782531bdbb7d0bbc4bd2ce6b7e21"
 name = "codex-analytics"
 version = "0.0.0"
 dependencies = [
+ "codex-app-server-protocol",
  "codex-git-utils",
  "codex-login",
  "codex-plugin",
  "codex-protocol",
+ "os_info",
  "pretty_assertions",
  "serde",
  "serde_json",
@@ -1468,13 +1419,17 @@ dependencies = [
  "codex-sandboxing",
  "codex-shell-command",
  "codex-state",
+ "codex-tools",
  "codex-utils-absolute-path",
  "codex-utils-cargo-bin",
  "codex-utils-cli",
  "codex-utils-json-to-toml",
  "codex-utils-pty",
+ "constant_time_eq",
  "core_test_support",
  "futures",
+ "hmac",
+ "jsonwebtoken",
  "opentelemetry",
  "opentelemetry_sdk",
  "owo-colors",
@@ -1484,6 +1439,7 @@ dependencies = [
  "serde",
  "serde_json",
  "serial_test",
+ "sha2",
  "shlex",
  "tempfile",
  "time",
@@ -1591,6 +1547,7 @@ dependencies = [
  "anyhow",
  "codex-apply-patch",
  "codex-linux-sandbox",
+ "codex-sandboxing",
  "codex-shell-escalation",
  "codex-utils-home-dir",
  "dotenvy",
@@ -1598,27 +1555,6 @@ dependencies = [
  "tokio",
 ]
 
-[[package]]
-name = "codex-artifacts"
-version = "0.0.0"
-dependencies = [
- "codex-package-manager",
- "flate2",
- "pretty_assertions",
- "reqwest",
- "serde",
- "serde_json",
- "sha2",
- "tar",
- "tempfile",
- "thiserror 2.0.18",
- "tokio",
- "url",
- "which 8.0.0",
- "wiremock",
- "zip",
-]
-
 [[package]]
 name = "codex-async-utils"
 version = "0.0.0"
@@ -1662,6 +1598,7 @@ dependencies = [
  "codex-connectors",
  "codex-core",
  "codex-git-utils",
+ "codex-login",
  "codex-utils-cargo-bin",
  "codex-utils-cli",
  "pretty_assertions",
@@ -1701,7 +1638,6 @@ dependencies = [
  "codex-stdio-to-uds",
  "codex-terminal-detection",
  "codex-tui",
- "codex-tui-app-server",
  "codex-utils-cargo-bin",
  "codex-utils-cli",
  "codex-windows-sandbox",
@@ -1846,6 +1782,7 @@ dependencies = [
  "futures",
  "multimap",
  "pretty_assertions",
+ "schemars 0.8.22",
  "serde",
  "serde_json",
  "serde_path_to_error",
@@ -1875,7 +1812,6 @@ version = "0.0.0"
 dependencies = [
  "anyhow",
  "arc-swap",
- "askama",
  "assert_cmd",
  "assert_matches",
  "async-channel",
@@ -1890,11 +1826,11 @@ dependencies = [
  "codex-app-server-protocol",
  "codex-apply-patch",
  "codex-arg0",
- "codex-artifacts",
  "codex-async-utils",
  "codex-code-mode",
  "codex-config",
  "codex-connectors",
+ "codex-core-skills",
  "codex-exec-server",
  "codex-execpolicy",
  "codex-features",
@@ -1912,10 +1848,9 @@ dependencies = [
  "codex-secrets",
  "codex-shell-command",
  "codex-shell-escalation",
- "codex-skills",
  "codex-state",
  "codex-terminal-detection",
- "codex-test-macros",
+ "codex-tools",
  "codex-utils-absolute-path",
  "codex-utils-cache",
  "codex-utils-cargo-bin",
@@ -1928,6 +1863,7 @@ dependencies = [
  "codex-utils-readiness",
  "codex-utils-stream-parser",
  "codex-utils-string",
+ "codex-utils-template",
  "codex-windows-sandbox",
  "core-foundation 0.9.4",
  "core_test_support",
@@ -1962,7 +1898,6 @@ dependencies = [
  "seccompiler",
  "serde",
  "serde_json",
- "serde_yaml",
  "serial_test",
  "sha1",
  "shlex",
@@ -1991,6 +1926,35 @@ dependencies = [
  "zstd",
 ]
 
+[[package]]
+name = "codex-core-skills"
+version = "0.0.0"
+dependencies = [
+ "anyhow",
+ "codex-analytics",
+ "codex-app-server-protocol",
+ "codex-config",
+ "codex-instructions",
+ "codex-login",
+ "codex-otel",
+ "codex-protocol",
+ "codex-skills",
+ "codex-utils-absolute-path",
+ "codex-utils-plugins",
+ "dirs",
+ "dunce",
+ "pretty_assertions",
+ "serde",
+ "serde_json",
+ "serde_yaml",
+ "shlex",
+ "tempfile",
+ "tokio",
+ "toml 0.9.11+spec-1.1.0",
+ "tracing",
+ "zip",
+]
+
 [[package]]
 name = "codex-debug-client"
 version = "0.0.0"
@@ -2050,6 +2014,7 @@ name = "codex-exec-server"
 version = "0.0.0"
 dependencies = [
  "anyhow",
+ "arc-swap",
  "async-trait",
  "base64 0.22.1",
  "clap",
@@ -2219,6 +2184,7 @@ dependencies = [
  "clap",
  "codex-core",
  "codex-protocol",
+ "codex-sandboxing",
  "codex-utils-absolute-path",
  "landlock",
  "libc",
@@ -2259,6 +2225,7 @@ dependencies = [
  "codex-keyring-store",
  "codex-protocol",
  "codex-terminal-detection",
+ "codex-utils-template",
  "core_test_support",
  "keyring",
  "once_cell",
@@ -2290,7 +2257,9 @@ dependencies = [
  "anyhow",
  "codex-arg0",
  "codex-core",
+ "codex-exec-server",
  "codex-features",
+ "codex-feedback",
  "codex-protocol",
  "codex-shell-command",
  "codex-utils-cli",
@@ -2392,34 +2361,12 @@ dependencies = [
  "tracing-subscriber",
 ]
 
-[[package]]
-name = "codex-package-manager"
-version = "0.0.0"
-dependencies = [
- "fd-lock",
- "flate2",
- "pretty_assertions",
- "reqwest",
- "serde",
- "serde_json",
- "sha2",
- "tar",
- "tempfile",
- "thiserror 2.0.18",
- "tokio",
- "url",
- "wiremock",
- "zip",
-]
-
 [[package]]
 name = "codex-plugin"
 version = "0.0.0"
 dependencies = [
  "codex-utils-absolute-path",
  "codex-utils-plugins",
- "serde",
- "serde_json",
  "thiserror 2.0.18",
 ]
 
@@ -2441,6 +2388,7 @@ dependencies = [
  "codex-utils-absolute-path",
  "codex-utils-image",
  "codex-utils-string",
+ "codex-utils-template",
  "icu_decimal",
  "icu_locale_core",
  "icu_provider",
@@ -2541,7 +2489,6 @@ dependencies = [
  "codex-network-proxy",
  "codex-protocol",
  "codex-utils-absolute-path",
- "dirs",
  "dunce",
  "libc",
  "pretty_assertions",
@@ -2549,6 +2496,7 @@ dependencies = [
  "tempfile",
  "tracing",
  "url",
+ "which 8.0.0",
 ]
 
 [[package]]
@@ -2665,12 +2613,16 @@ dependencies = [
 ]
 
 [[package]]
-name = "codex-test-macros"
+name = "codex-tools"
 version = "0.0.0"
 dependencies = [
- "proc-macro2",
- "quote",
- "syn 2.0.114",
+ "codex-app-server-protocol",
+ "codex-code-mode",
+ "codex-protocol",
+ "pretty_assertions",
+ "rmcp",
+ "serde",
+ "serde_json",
 ]
 
 [[package]]
@@ -2687,104 +2639,8 @@ dependencies = [
  "codex-app-server-client",
  "codex-app-server-protocol",
  "codex-arg0",
- "codex-backend-client",
  "codex-chatgpt",
  "codex-cli",
- "codex-client",
- "codex-cloud-requirements",
- "codex-core",
- "codex-features",
- "codex-feedback",
- "codex-file-search",
- "codex-git-utils",
- "codex-login",
- "codex-otel",
- "codex-protocol",
- "codex-shell-command",
- "codex-state",
- "codex-terminal-detection",
- "codex-tui-app-server",
- "codex-utils-absolute-path",
- "codex-utils-approval-presets",
- "codex-utils-cargo-bin",
- "codex-utils-cli",
- "codex-utils-elapsed",
- "codex-utils-fuzzy-match",
- "codex-utils-oss",
- "codex-utils-pty",
- "codex-utils-sandbox-summary",
- "codex-utils-sleep-inhibitor",
- "codex-utils-string",
- "codex-windows-sandbox",
- "color-eyre",
- "cpal",
- "crossterm",
- "derive_more 2.1.1",
- "diffy",
- "dirs",
- "dunce",
- "hound",
- "image",
- "insta",
- "itertools 0.14.0",
- "lazy_static",
- "libc",
- "pathdiff",
- "pretty_assertions",
- "pulldown-cmark",
- "rand 0.9.2",
- "ratatui",
- "ratatui-macros",
- "regex-lite",
- "reqwest",
- "rmcp",
- "serde",
- "serde_json",
- "serial_test",
- "shlex",
- "strum 0.27.2",
- "strum_macros 0.28.0",
- "supports-color 3.0.2",
- "syntect",
- "tempfile",
- "textwrap 0.16.2",
- "thiserror 2.0.18",
- "tokio",
- "tokio-stream",
- "tokio-util",
- "toml 0.9.11+spec-1.1.0",
- "tracing",
- "tracing-appender",
- "tracing-subscriber",
- "two-face",
- "unicode-segmentation",
- "unicode-width 0.2.1",
- "url",
- "uuid",
- "vt100",
- "webbrowser",
- "which 8.0.0",
- "windows-sys 0.52.0",
- "winsplit",
-]
-
-[[package]]
-name = "codex-tui-app-server"
-version = "0.0.0"
-dependencies = [
- "anyhow",
- "arboard",
- "assert_matches",
- "base64 0.22.1",
- "chrono",
- "clap",
- "codex-ansi-escape",
- "codex-app-server-client",
- "codex-app-server-protocol",
- "codex-arg0",
- "codex-chatgpt",
- "codex-cli",
- "codex-client",
  "codex-cloud-requirements",
  "codex-core",
  "codex-features",
@@ -2816,7 +2672,6 @@ dependencies = [
  "diffy",
  "dirs",
  "dunce",
- "hound",
  "image",
  "insta",
  "itertools 0.14.0",
@@ -4322,17 +4177,6 @@ dependencies = [
  "winapi",
 ]
 
-[[package]]
-name = "filetime"
-version = "0.2.27"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f98844151eee8917efc50bd9e8318cb963ae8b297431495d3f758616ea5c57db"
-dependencies = [
- "cfg-if",
- "libc",
- "libredox",
-]
-
 [[package]]
 name = "find-crate"
 version = "0.6.3"
@@ -4977,12 +4821,6 @@ dependencies = [
  "windows-link",
 ]
 
-[[package]]
-name = "hound"
-version = "3.5.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "62adaabb884c94955b19907d60019f4e145d091c75345379e70d1ee696f7854f"
-
 [[package]]
 name = "http"
 version = "0.2.12"
@@ -5759,6 +5597,21 @@ dependencies = [
  "wasm-bindgen",
 ]
 
+[[package]]
+name = "jsonwebtoken"
+version = "9.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5a87cc7a48537badeae96744432de36f4be2b4a34a05a5ef32e9dd8a1c169dde"
+dependencies = [
+ "base64 0.22.1",
+ "js-sys",
+ "pem",
+ "ring",
+ "serde",
+ "serde_json",
+ "simple_asn1",
+]
+
 [[package]]
 name = "keyring"
 version = "3.6.3"
@@ -8234,7 +8087,6 @@ dependencies = [
  "js-sys",
  "log",
  "mime",
- "mime_guess",
  "native-tls",
  "percent-encoding",
  "pin-project-lite",
@@ -9249,6 +9101,18 @@ version = "2.7.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bbbb5d9659141646ae647b42fe094daf6c6192d1620870b449d9557f748b2daa"
 
+[[package]]
+name = "simple_asn1"
+version = "0.6.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0d585997b0ac10be3c5ee635f1bab02d512760d14b7c468801ac8a01d9ae5f1d"
+dependencies = [
+ "num-bigint",
+ "num-traits",
+ "thiserror 2.0.18",
+ "time",
+]
+
 [[package]]
 name = "siphasher"
 version = "1.0.2"
@@ -9880,17 +9744,6 @@ version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7b2093cf4c8eb1e67749a6762251bc9cd836b6fc171623bd0a9d324d37af2417"
 
-[[package]]
-name = "tar"
-version = "0.4.45"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22692a6476a21fa75fdfc11d452fda482af402c008cdbaf3476414e122040973"
-dependencies = [
- "filetime",
- "libc",
- "xattr",
-]
-
 [[package]]
 name = "tempfile"
 version = "3.24.0"
@@ -12017,16 +11870,6 @@ dependencies = [
  "time",
 ]
 
-[[package]]
-name = "xattr"
-version = "1.6.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "32e45ad4206f6d2479085147f02bc2ef834ac85886624a23575ae137c8aa8156"
-dependencies = [
- "libc",
- "rustix 1.1.3",
-]
-
 [[package]]
 name = "xdg-home"
 version = "1.3.0"

codex-rs/Cargo.toml

@@ -25,6 +25,7 @@ members = [
     "shell-escalation",
     "skills",
     "core",
+    "core-skills",
     "hooks",
     "instructions",
     "secrets",
@@ -49,7 +50,7 @@ members = [
     "stdio-to-uds",
     "otel",
     "tui",
-    "tui_app_server",
+    "tools",
     "v8-poc",
     "utils/absolute-path",
     "utils/cargo-bin",
@@ -79,10 +80,7 @@ members = [
     "state",
     "terminal-detection",
     "codex-experimental-api-macros",
-    "test-macros",
-    "package-manager",
     "plugin",
-    "artifacts",
 ]
 resolver = "2"
 
@@ -101,9 +99,7 @@ app_test_support = { path = "app-server/tests/common" }
 codex-ansi-escape = { path = "ansi-escape" }
 codex-analytics = { path = "analytics" }
 codex-api = { path = "codex-api" }
-codex-artifacts = { path = "artifacts" }
 codex-code-mode = { path = "code-mode" }
-codex-package-manager = { path = "package-manager" }
 codex-app-server = { path = "app-server" }
 codex-app-server-client = { path = "app-server-client" }
 codex-app-server-protocol = { path = "app-server-protocol" }
@@ -119,6 +115,7 @@ codex-cloud-requirements = { path = "cloud-requirements" }
 codex-connectors = { path = "connectors" }
 codex-config = { path = "config" }
 codex-core = { path = "core" }
+codex-core-skills = { path = "core-skills" }
 codex-exec = { path = "exec" }
 codex-exec-server = { path = "exec-server" }
 codex-execpolicy = { path = "execpolicy" }
@@ -150,10 +147,9 @@ codex-shell-escalation = { path = "shell-escalation" }
 codex-skills = { path = "skills" }
 codex-state = { path = "state" }
 codex-stdio-to-uds = { path = "stdio-to-uds" }
-codex-test-macros = { path = "test-macros" }
 codex-terminal-detection = { path = "terminal-detection" }
+codex-tools = { path = "tools" }
 codex-tui = { path = "tui" }
-codex-tui-app-server = { path = "tui_app_server" }
 codex-v8-poc = { path = "v8-poc" }
 codex-utils-absolute-path = { path = "utils/absolute-path" }
 codex-utils-approval-presets = { path = "utils/approval-presets" }
@@ -187,7 +183,7 @@ allocative = "0.3.3"
 ansi-to-tui = "7.0.0"
 anyhow = "1"
 arboard = { version = "3", features = ["wayland-data-control"] }
-askama = "0.15.4"
+arc-swap = "1.9.0"
 assert_cmd = "2"
 assert_matches = "1.5.0"
 async-channel = "2.3.1"
@@ -202,6 +198,7 @@ chrono = "0.4.43"
 clap = "4"
 clap_complete = "4"
 color-eyre = "0.6.3"
+constant_time_eq = "0.3.1"
 crossbeam-channel = "0.5.15"
 crossterm = "0.28.1"
 csv = "1.3.1"
@@ -212,14 +209,13 @@ dirs = "6"
 dotenvy = "0.15.7"
 dunce = "1.0.4"
 encoding_rs = "0.8.35"
-fd-lock = "4.0.4"
 env-flags = "0.1.1"
 env_logger = "0.11.9"
 eventsource-stream = "0.2.3"
-flate2 = "1.1.4"
 futures = { version = "0.3", default-features = false }
 gethostname = "1.1.0"
 globset = "0.4"
+hmac = "0.12.1"
 http = "1.3.1"
 icu_decimal = "2.1"
 icu_locale_core = "2.1"
@@ -232,6 +228,7 @@ indexmap = "2.12.0"
 insta = "1.46.3"
 inventory = "0.3.19"
 itertools = "0.14.0"
+jsonwebtoken = "9.3.1"
 keyring = { version = "3.6", default-features = false }
 landlock = "0.4.4"
 lazy_static = "1"
@@ -306,7 +303,6 @@ supports-color = "3.0.2"
 syntect = "5"
 sys-locale = "0.3.2"
 tempfile = "3.23.0"
-tar = "0.4.45"
 test-log = "0.2.19"
 textwrap = "0.16.2"
 thiserror = "2.0.17"

codex-rs/README.md

@@ -50,7 +50,7 @@ You can enable notifications by configuring a script that is run whenever the ag
 
 ### `codex exec` to run Codex programmatically/non-interactively
 
-To run Codex non-interactively, run `codex exec PROMPT` (you can also pass the prompt via `stdin`) and Codex will work on your task until it decides that it is done and exits. Output is printed to the terminal directly. You can set the `RUST_LOG` environment variable to see more about what's going on.
+To run Codex non-interactively, run `codex exec PROMPT` (you can also pass the prompt via `stdin`) and Codex will work on your task until it decides that it is done and exits. If you provide both a prompt argument and piped stdin, Codex appends stdin as a `<stdin>` block after the prompt so patterns like `echo "my output" | codex exec "Summarize this concisely"` work naturally. Output is printed to the terminal directly. You can set the `RUST_LOG` environment variable to see more about what's going on.
 Use `codex exec --ephemeral ...` to run without persisting session rollout files to disk.
 
 ### Experimenting with the Codex Sandbox

codex-rs/analytics/Cargo.toml

@@ -13,10 +13,12 @@ path = "src/lib.rs"
 workspace = true
 
 [dependencies]
+codex-app-server-protocol = { workspace = true }
 codex-git-utils = { workspace = true }
 codex-login = { workspace = true }
 codex-plugin = { workspace = true }
 codex-protocol = { workspace = true }
+os_info = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 sha1 = { workspace = true }
 tokio = { workspace = true, features = [

codex-rs/analytics/src/analytics_client.rs

@@ -1,797 +0,0 @@
-use codex_git_utils::collect_git_info;
-use codex_git_utils::get_git_repo_root;
-use codex_login::AuthManager;
-use codex_login::default_client::create_client;
-use codex_login::default_client::originator;
-use codex_plugin::PluginTelemetryMetadata;
-use codex_protocol::protocol::SkillScope;
-use serde::Serialize;
-use sha1::Digest;
-use sha1::Sha1;
-use std::collections::HashSet;
-use std::path::Path;
-use std::path::PathBuf;
-use std::sync::Arc;
-use std::sync::Mutex;
-use std::time::Duration;
-use tokio::sync::mpsc;
-
-#[derive(Clone)]
-pub struct TrackEventsContext {
-    pub model_slug: String,
-    pub thread_id: String,
-    pub turn_id: String,
-}
-
-pub fn build_track_events_context(
-    model_slug: String,
-    thread_id: String,
-    turn_id: String,
-) -> TrackEventsContext {
-    TrackEventsContext {
-        model_slug,
-        thread_id,
-        turn_id,
-    }
-}
-
-#[derive(Clone, Debug)]
-pub struct SkillInvocation {
-    pub skill_name: String,
-    pub skill_scope: SkillScope,
-    pub skill_path: PathBuf,
-    pub invocation_type: InvocationType,
-}
-
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "lowercase")]
-pub enum InvocationType {
-    Explicit,
-    Implicit,
-}
-
-pub struct AppInvocation {
-    pub connector_id: Option<String>,
-    pub app_name: Option<String>,
-    pub invocation_type: Option<InvocationType>,
-}
-
-#[derive(Clone)]
-pub(crate) struct AnalyticsEventsQueue {
-    sender: mpsc::Sender<TrackEventsJob>,
-    app_used_emitted_keys: Arc<Mutex<HashSet<(String, String)>>>,
-    plugin_used_emitted_keys: Arc<Mutex<HashSet<(String, String)>>>,
-}
-
-#[derive(Clone)]
-pub struct AnalyticsEventsClient {
-    queue: AnalyticsEventsQueue,
-    analytics_enabled: Option<bool>,
-}
-
-impl AnalyticsEventsQueue {
-    pub(crate) fn new(auth_manager: Arc<AuthManager>, base_url: String) -> Self {
-        let (sender, mut receiver) = mpsc::channel(ANALYTICS_EVENTS_QUEUE_SIZE);
-        tokio::spawn(async move {
-            while let Some(job) = receiver.recv().await {
-                match job {
-                    TrackEventsJob::SkillInvocations(job) => {
-                        send_track_skill_invocations(&auth_manager, &base_url, job).await;
-                    }
-                    TrackEventsJob::AppMentioned(job) => {
-                        send_track_app_mentioned(&auth_manager, &base_url, job).await;
-                    }
-                    TrackEventsJob::AppUsed(job) => {
-                        send_track_app_used(&auth_manager, &base_url, job).await;
-                    }
-                    TrackEventsJob::PluginUsed(job) => {
-                        send_track_plugin_used(&auth_manager, &base_url, job).await;
-                    }
-                    TrackEventsJob::PluginInstalled(job) => {
-                        send_track_plugin_installed(&auth_manager, &base_url, job).await;
-                    }
-                    TrackEventsJob::PluginUninstalled(job) => {
-                        send_track_plugin_uninstalled(&auth_manager, &base_url, job).await;
-                    }
-                    TrackEventsJob::PluginEnabled(job) => {
-                        send_track_plugin_enabled(&auth_manager, &base_url, job).await;
-                    }
-                    TrackEventsJob::PluginDisabled(job) => {
-                        send_track_plugin_disabled(&auth_manager, &base_url, job).await;
-                    }
-                }
-            }
-        });
-        Self {
-            sender,
-            app_used_emitted_keys: Arc::new(Mutex::new(HashSet::new())),
-            plugin_used_emitted_keys: Arc::new(Mutex::new(HashSet::new())),
-        }
-    }
-
-    fn try_send(&self, job: TrackEventsJob) {
-        if self.sender.try_send(job).is_err() {
-            //TODO: add a metric for this
-            tracing::warn!("dropping analytics events: queue is full");
-        }
-    }
-
-    fn should_enqueue_app_used(&self, tracking: &TrackEventsContext, app: &AppInvocation) -> bool {
-        let Some(connector_id) = app.connector_id.as_ref() else {
-            return true;
-        };
-        let mut emitted = self
-            .app_used_emitted_keys
-            .lock()
-            .unwrap_or_else(std::sync::PoisonError::into_inner);
-        if emitted.len() >= ANALYTICS_EVENT_DEDUPE_MAX_KEYS {
-            emitted.clear();
-        }
-        emitted.insert((tracking.turn_id.clone(), connector_id.clone()))
-    }
-
-    fn should_enqueue_plugin_used(
-        &self,
-        tracking: &TrackEventsContext,
-        plugin: &PluginTelemetryMetadata,
-    ) -> bool {
-        let mut emitted = self
-            .plugin_used_emitted_keys
-            .lock()
-            .unwrap_or_else(std::sync::PoisonError::into_inner);
-        if emitted.len() >= ANALYTICS_EVENT_DEDUPE_MAX_KEYS {
-            emitted.clear();
-        }
-        emitted.insert((tracking.turn_id.clone(), plugin.plugin_id.as_key()))
-    }
-}
-
-impl AnalyticsEventsClient {
-    pub fn new(
-        auth_manager: Arc<AuthManager>,
-        base_url: String,
-        analytics_enabled: Option<bool>,
-    ) -> Self {
-        Self {
-            queue: AnalyticsEventsQueue::new(Arc::clone(&auth_manager), base_url),
-            analytics_enabled,
-        }
-    }
-
-    pub fn track_skill_invocations(
-        &self,
-        tracking: TrackEventsContext,
-        invocations: Vec<SkillInvocation>,
-    ) {
-        track_skill_invocations(
-            &self.queue,
-            self.analytics_enabled,
-            Some(tracking),
-            invocations,
-        );
-    }
-
-    pub fn track_app_mentioned(&self, tracking: TrackEventsContext, mentions: Vec<AppInvocation>) {
-        track_app_mentioned(
-            &self.queue,
-            self.analytics_enabled,
-            Some(tracking),
-            mentions,
-        );
-    }
-
-    pub fn track_app_used(&self, tracking: TrackEventsContext, app: AppInvocation) {
-        track_app_used(&self.queue, self.analytics_enabled, Some(tracking), app);
-    }
-
-    pub fn track_plugin_used(&self, tracking: TrackEventsContext, plugin: PluginTelemetryMetadata) {
-        track_plugin_used(&self.queue, self.analytics_enabled, Some(tracking), plugin);
-    }
-
-    pub fn track_plugin_installed(&self, plugin: PluginTelemetryMetadata) {
-        track_plugin_management(
-            &self.queue,
-            self.analytics_enabled,
-            PluginManagementEventType::Installed,
-            plugin,
-        );
-    }
-
-    pub fn track_plugin_uninstalled(&self, plugin: PluginTelemetryMetadata) {
-        track_plugin_management(
-            &self.queue,
-            self.analytics_enabled,
-            PluginManagementEventType::Uninstalled,
-            plugin,
-        );
-    }
-
-    pub fn track_plugin_enabled(&self, plugin: PluginTelemetryMetadata) {
-        track_plugin_management(
-            &self.queue,
-            self.analytics_enabled,
-            PluginManagementEventType::Enabled,
-            plugin,
-        );
-    }
-
-    pub fn track_plugin_disabled(&self, plugin: PluginTelemetryMetadata) {
-        track_plugin_management(
-            &self.queue,
-            self.analytics_enabled,
-            PluginManagementEventType::Disabled,
-            plugin,
-        );
-    }
-}
-
-enum TrackEventsJob {
-    SkillInvocations(TrackSkillInvocationsJob),
-    AppMentioned(TrackAppMentionedJob),
-    AppUsed(TrackAppUsedJob),
-    PluginUsed(TrackPluginUsedJob),
-    PluginInstalled(TrackPluginManagementJob),
-    PluginUninstalled(TrackPluginManagementJob),
-    PluginEnabled(TrackPluginManagementJob),
-    PluginDisabled(TrackPluginManagementJob),
-}
-
-struct TrackSkillInvocationsJob {
-    analytics_enabled: Option<bool>,
-    tracking: TrackEventsContext,
-    invocations: Vec<SkillInvocation>,
-}
-
-struct TrackAppMentionedJob {
-    analytics_enabled: Option<bool>,
-    tracking: TrackEventsContext,
-    mentions: Vec<AppInvocation>,
-}
-
-struct TrackAppUsedJob {
-    analytics_enabled: Option<bool>,
-    tracking: TrackEventsContext,
-    app: AppInvocation,
-}
-
-struct TrackPluginUsedJob {
-    analytics_enabled: Option<bool>,
-    tracking: TrackEventsContext,
-    plugin: PluginTelemetryMetadata,
-}
-
-struct TrackPluginManagementJob {
-    analytics_enabled: Option<bool>,
-    plugin: PluginTelemetryMetadata,
-}
-
-#[derive(Clone, Copy)]
-enum PluginManagementEventType {
-    Installed,
-    Uninstalled,
-    Enabled,
-    Disabled,
-}
-
-const ANALYTICS_EVENTS_QUEUE_SIZE: usize = 256;
-const ANALYTICS_EVENTS_TIMEOUT: Duration = Duration::from_secs(10);
-const ANALYTICS_EVENT_DEDUPE_MAX_KEYS: usize = 4096;
-
-#[derive(Serialize)]
-struct TrackEventsRequest {
-    events: Vec<TrackEventRequest>,
-}
-
-#[derive(Serialize)]
-#[serde(untagged)]
-enum TrackEventRequest {
-    SkillInvocation(SkillInvocationEventRequest),
-    AppMentioned(CodexAppMentionedEventRequest),
-    AppUsed(CodexAppUsedEventRequest),
-    PluginUsed(CodexPluginUsedEventRequest),
-    PluginInstalled(CodexPluginEventRequest),
-    PluginUninstalled(CodexPluginEventRequest),
-    PluginEnabled(CodexPluginEventRequest),
-    PluginDisabled(CodexPluginEventRequest),
-}
-
-#[derive(Serialize)]
-struct SkillInvocationEventRequest {
-    event_type: &'static str,
-    skill_id: String,
-    skill_name: String,
-    event_params: SkillInvocationEventParams,
-}
-
-#[derive(Serialize)]
-struct SkillInvocationEventParams {
-    product_client_id: Option<String>,
-    skill_scope: Option<String>,
-    repo_url: Option<String>,
-    thread_id: Option<String>,
-    invoke_type: Option<InvocationType>,
-    model_slug: Option<String>,
-}
-
-#[derive(Serialize)]
-struct CodexAppMetadata {
-    connector_id: Option<String>,
-    thread_id: Option<String>,
-    turn_id: Option<String>,
-    app_name: Option<String>,
-    product_client_id: Option<String>,
-    invoke_type: Option<InvocationType>,
-    model_slug: Option<String>,
-}
-
-#[derive(Serialize)]
-struct CodexAppMentionedEventRequest {
-    event_type: &'static str,
-    event_params: CodexAppMetadata,
-}
-
-#[derive(Serialize)]
-struct CodexAppUsedEventRequest {
-    event_type: &'static str,
-    event_params: CodexAppMetadata,
-}
-
-#[derive(Serialize)]
-struct CodexPluginMetadata {
-    plugin_id: Option<String>,
-    plugin_name: Option<String>,
-    marketplace_name: Option<String>,
-    has_skills: Option<bool>,
-    mcp_server_count: Option<usize>,
-    connector_ids: Option<Vec<String>>,
-    product_client_id: Option<String>,
-}
-
-#[derive(Serialize)]
-struct CodexPluginUsedMetadata {
-    #[serde(flatten)]
-    plugin: CodexPluginMetadata,
-    thread_id: Option<String>,
-    turn_id: Option<String>,
-    model_slug: Option<String>,
-}
-
-#[derive(Serialize)]
-struct CodexPluginEventRequest {
-    event_type: &'static str,
-    event_params: CodexPluginMetadata,
-}
-
-#[derive(Serialize)]
-struct CodexPluginUsedEventRequest {
-    event_type: &'static str,
-    event_params: CodexPluginUsedMetadata,
-}
-
-pub(crate) fn track_skill_invocations(
-    queue: &AnalyticsEventsQueue,
-    analytics_enabled: Option<bool>,
-    tracking: Option<TrackEventsContext>,
-    invocations: Vec<SkillInvocation>,
-) {
-    if analytics_enabled == Some(false) {
-        return;
-    }
-    let Some(tracking) = tracking else {
-        return;
-    };
-    if invocations.is_empty() {
-        return;
-    }
-    let job = TrackEventsJob::SkillInvocations(TrackSkillInvocationsJob {
-        analytics_enabled,
-        tracking,
-        invocations,
-    });
-    queue.try_send(job);
-}
-
-pub(crate) fn track_app_mentioned(
-    queue: &AnalyticsEventsQueue,
-    analytics_enabled: Option<bool>,
-    tracking: Option<TrackEventsContext>,
-    mentions: Vec<AppInvocation>,
-) {
-    if analytics_enabled == Some(false) {
-        return;
-    }
-    let Some(tracking) = tracking else {
-        return;
-    };
-    if mentions.is_empty() {
-        return;
-    }
-    let job = TrackEventsJob::AppMentioned(TrackAppMentionedJob {
-        analytics_enabled,
-        tracking,
-        mentions,
-    });
-    queue.try_send(job);
-}
-
-pub(crate) fn track_app_used(
-    queue: &AnalyticsEventsQueue,
-    analytics_enabled: Option<bool>,
-    tracking: Option<TrackEventsContext>,
-    app: AppInvocation,
-) {
-    if analytics_enabled == Some(false) {
-        return;
-    }
-    let Some(tracking) = tracking else {
-        return;
-    };
-    if !queue.should_enqueue_app_used(&tracking, &app) {
-        return;
-    }
-    let job = TrackEventsJob::AppUsed(TrackAppUsedJob {
-        analytics_enabled,
-        tracking,
-        app,
-    });
-    queue.try_send(job);
-}
-
-pub(crate) fn track_plugin_used(
-    queue: &AnalyticsEventsQueue,
-    analytics_enabled: Option<bool>,
-    tracking: Option<TrackEventsContext>,
-    plugin: PluginTelemetryMetadata,
-) {
-    if analytics_enabled == Some(false) {
-        return;
-    }
-    let Some(tracking) = tracking else {
-        return;
-    };
-    if !queue.should_enqueue_plugin_used(&tracking, &plugin) {
-        return;
-    }
-    let job = TrackEventsJob::PluginUsed(TrackPluginUsedJob {
-        analytics_enabled,
-        tracking,
-        plugin,
-    });
-    queue.try_send(job);
-}
-
-fn track_plugin_management(
-    queue: &AnalyticsEventsQueue,
-    analytics_enabled: Option<bool>,
-    event_type: PluginManagementEventType,
-    plugin: PluginTelemetryMetadata,
-) {
-    if analytics_enabled == Some(false) {
-        return;
-    }
-    let job = TrackPluginManagementJob {
-        analytics_enabled,
-        plugin,
-    };
-    let job = match event_type {
-        PluginManagementEventType::Installed => TrackEventsJob::PluginInstalled(job),
-        PluginManagementEventType::Uninstalled => TrackEventsJob::PluginUninstalled(job),
-        PluginManagementEventType::Enabled => TrackEventsJob::PluginEnabled(job),
-        PluginManagementEventType::Disabled => TrackEventsJob::PluginDisabled(job),
-    };
-    queue.try_send(job);
-}
-
-async fn send_track_skill_invocations(
-    auth_manager: &AuthManager,
-    base_url: &str,
-    job: TrackSkillInvocationsJob,
-) {
-    let TrackSkillInvocationsJob {
-        analytics_enabled,
-        tracking,
-        invocations,
-    } = job;
-    let mut events = Vec::with_capacity(invocations.len());
-    for invocation in invocations {
-        let skill_scope = match invocation.skill_scope {
-            SkillScope::User => "user",
-            SkillScope::Repo => "repo",
-            SkillScope::System => "system",
-            SkillScope::Admin => "admin",
-        };
-        let repo_root = get_git_repo_root(invocation.skill_path.as_path());
-        let repo_url = if let Some(root) = repo_root.as_ref() {
-            collect_git_info(root)
-                .await
-                .and_then(|info| info.repository_url)
-        } else {
-            None
-        };
-        let skill_id = skill_id_for_local_skill(
-            repo_url.as_deref(),
-            repo_root.as_deref(),
-            invocation.skill_path.as_path(),
-            invocation.skill_name.as_str(),
-        );
-        events.push(TrackEventRequest::SkillInvocation(
-            SkillInvocationEventRequest {
-                event_type: "skill_invocation",
-                skill_id,
-                skill_name: invocation.skill_name.clone(),
-                event_params: SkillInvocationEventParams {
-                    thread_id: Some(tracking.thread_id.clone()),
-                    invoke_type: Some(invocation.invocation_type),
-                    model_slug: Some(tracking.model_slug.clone()),
-                    product_client_id: Some(originator().value),
-                    repo_url,
-                    skill_scope: Some(skill_scope.to_string()),
-                },
-            },
-        ));
-    }
-
-    send_track_events(auth_manager, analytics_enabled, base_url, events).await;
-}
-
-async fn send_track_app_mentioned(
-    auth_manager: &AuthManager,
-    base_url: &str,
-    job: TrackAppMentionedJob,
-) {
-    let TrackAppMentionedJob {
-        analytics_enabled,
-        tracking,
-        mentions,
-    } = job;
-    let events = mentions
-        .into_iter()
-        .map(|mention| {
-            let event_params = codex_app_metadata(&tracking, mention);
-            TrackEventRequest::AppMentioned(CodexAppMentionedEventRequest {
-                event_type: "codex_app_mentioned",
-                event_params,
-            })
-        })
-        .collect::<Vec<_>>();
-
-    send_track_events(auth_manager, analytics_enabled, base_url, events).await;
-}
-
-async fn send_track_app_used(auth_manager: &AuthManager, base_url: &str, job: TrackAppUsedJob) {
-    let TrackAppUsedJob {
-        analytics_enabled,
-        tracking,
-        app,
-    } = job;
-    let event_params = codex_app_metadata(&tracking, app);
-    let events = vec![TrackEventRequest::AppUsed(CodexAppUsedEventRequest {
-        event_type: "codex_app_used",
-        event_params,
-    })];
-
-    send_track_events(auth_manager, analytics_enabled, base_url, events).await;
-}
-
-async fn send_track_plugin_used(
-    auth_manager: &AuthManager,
-    base_url: &str,
-    job: TrackPluginUsedJob,
-) {
-    let TrackPluginUsedJob {
-        analytics_enabled,
-        tracking,
-        plugin,
-    } = job;
-    let events = vec![TrackEventRequest::PluginUsed(CodexPluginUsedEventRequest {
-        event_type: "codex_plugin_used",
-        event_params: codex_plugin_used_metadata(&tracking, plugin),
-    })];
-
-    send_track_events(auth_manager, analytics_enabled, base_url, events).await;
-}
-
-async fn send_track_plugin_installed(
-    auth_manager: &AuthManager,
-    base_url: &str,
-    job: TrackPluginManagementJob,
-) {
-    send_track_plugin_management_event(auth_manager, base_url, job, "codex_plugin_installed").await;
-}
-
-async fn send_track_plugin_uninstalled(
-    auth_manager: &AuthManager,
-    base_url: &str,
-    job: TrackPluginManagementJob,
-) {
-    send_track_plugin_management_event(auth_manager, base_url, job, "codex_plugin_uninstalled")
-        .await;
-}
-
-async fn send_track_plugin_enabled(
-    auth_manager: &AuthManager,
-    base_url: &str,
-    job: TrackPluginManagementJob,
-) {
-    send_track_plugin_management_event(auth_manager, base_url, job, "codex_plugin_enabled").await;
-}
-
-async fn send_track_plugin_disabled(
-    auth_manager: &AuthManager,
-    base_url: &str,
-    job: TrackPluginManagementJob,
-) {
-    send_track_plugin_management_event(auth_manager, base_url, job, "codex_plugin_disabled").await;
-}
-
-async fn send_track_plugin_management_event(
-    auth_manager: &AuthManager,
-    base_url: &str,
-    job: TrackPluginManagementJob,
-    event_type: &'static str,
-) {
-    let TrackPluginManagementJob {
-        analytics_enabled,
-        plugin,
-    } = job;
-    let event_params = codex_plugin_metadata(plugin);
-    let event = CodexPluginEventRequest {
-        event_type,
-        event_params,
-    };
-    let events = vec![match event_type {
-        "codex_plugin_installed" => TrackEventRequest::PluginInstalled(event),
-        "codex_plugin_uninstalled" => TrackEventRequest::PluginUninstalled(event),
-        "codex_plugin_enabled" => TrackEventRequest::PluginEnabled(event),
-        "codex_plugin_disabled" => TrackEventRequest::PluginDisabled(event),
-        _ => unreachable!("unknown plugin management event type"),
-    }];
-
-    send_track_events(auth_manager, analytics_enabled, base_url, events).await;
-}
-
-fn codex_app_metadata(tracking: &TrackEventsContext, app: AppInvocation) -> CodexAppMetadata {
-    CodexAppMetadata {
-        connector_id: app.connector_id,
-        thread_id: Some(tracking.thread_id.clone()),
-        turn_id: Some(tracking.turn_id.clone()),
-        app_name: app.app_name,
-        product_client_id: Some(originator().value),
-        invoke_type: app.invocation_type,
-        model_slug: Some(tracking.model_slug.clone()),
-    }
-}
-
-fn codex_plugin_metadata(plugin: PluginTelemetryMetadata) -> CodexPluginMetadata {
-    let capability_summary = plugin.capability_summary;
-    CodexPluginMetadata {
-        plugin_id: Some(plugin.plugin_id.as_key()),
-        plugin_name: Some(plugin.plugin_id.plugin_name),
-        marketplace_name: Some(plugin.plugin_id.marketplace_name),
-        has_skills: capability_summary
-            .as_ref()
-            .map(|summary| summary.has_skills),
-        mcp_server_count: capability_summary
-            .as_ref()
-            .map(|summary| summary.mcp_server_names.len()),
-        connector_ids: capability_summary.map(|summary| {
-            summary
-                .app_connector_ids
-                .into_iter()
-                .map(|connector_id| connector_id.0)
-                .collect()
-        }),
-        product_client_id: Some(originator().value),
-    }
-}
-
-fn codex_plugin_used_metadata(
-    tracking: &TrackEventsContext,
-    plugin: PluginTelemetryMetadata,
-) -> CodexPluginUsedMetadata {
-    CodexPluginUsedMetadata {
-        plugin: codex_plugin_metadata(plugin),
-        thread_id: Some(tracking.thread_id.clone()),
-        turn_id: Some(tracking.turn_id.clone()),
-        model_slug: Some(tracking.model_slug.clone()),
-    }
-}
-
-async fn send_track_events(
-    auth_manager: &AuthManager,
-    analytics_enabled: Option<bool>,
-    base_url: &str,
-    events: Vec<TrackEventRequest>,
-) {
-    if analytics_enabled == Some(false) {
-        return;
-    }
-    if events.is_empty() {
-        return;
-    }
-    let Some(auth) = auth_manager.auth().await else {
-        return;
-    };
-    if !auth.is_chatgpt_auth() {
-        return;
-    }
-    let access_token = match auth.get_token() {
-        Ok(token) => token,
-        Err(_) => return,
-    };
-    let Some(account_id) = auth.get_account_id() else {
-        return;
-    };
-
-    let base_url = base_url.trim_end_matches('/');
-    let url = format!("{base_url}/codex/analytics-events/events");
-    let payload = TrackEventsRequest { events };
-
-    let response = create_client()
-        .post(&url)
-        .timeout(ANALYTICS_EVENTS_TIMEOUT)
-        .bearer_auth(&access_token)
-        .header("chatgpt-account-id", &account_id)
-        .header("Content-Type", "application/json")
-        .json(&payload)
-        .send()
-        .await;
-
-    match response {
-        Ok(response) if response.status().is_success() => {}
-        Ok(response) => {
-            let status = response.status();
-            let body = response.text().await.unwrap_or_default();
-            tracing::warn!("events failed with status {status}: {body}");
-        }
-        Err(err) => {
-            tracing::warn!("failed to send events request: {err}");
-        }
-    }
-}
-
-pub(crate) fn skill_id_for_local_skill(
-    repo_url: Option<&str>,
-    repo_root: Option<&Path>,
-    skill_path: &Path,
-    skill_name: &str,
-) -> String {
-    let path = normalize_path_for_skill_id(repo_url, repo_root, skill_path);
-    let prefix = if let Some(url) = repo_url {
-        format!("repo_{url}")
-    } else {
-        "personal".to_string()
-    };
-    let raw_id = format!("{prefix}_{path}_{skill_name}");
-    let mut hasher = Sha1::new();
-    hasher.update(raw_id.as_bytes());
-    format!("{:x}", hasher.finalize())
-}
-
-/// Returns a normalized path for skill ID construction.
-///
-/// - Repo-scoped skills use a path relative to the repo root.
-/// - User/admin/system skills use an absolute path.
-fn normalize_path_for_skill_id(
-    repo_url: Option<&str>,
-    repo_root: Option<&Path>,
-    skill_path: &Path,
-) -> String {
-    let resolved_path =
-        std::fs::canonicalize(skill_path).unwrap_or_else(|_| skill_path.to_path_buf());
-    match (repo_url, repo_root) {
-        (Some(_), Some(root)) => {
-            let resolved_root = std::fs::canonicalize(root).unwrap_or_else(|_| root.to_path_buf());
-            resolved_path
-                .strip_prefix(&resolved_root)
-                .unwrap_or(resolved_path.as_path())
-                .to_string_lossy()
-                .replace('\\', "/")
-        }
-        _ => resolved_path.to_string_lossy().replace('\\', "/"),
-    }
-}
-
-#[cfg(test)]
-#[path = "analytics_client_tests.rs"]
-mod tests;

codex-rs/analytics/src/analytics_client_tests.rs

@@ -1,16 +1,47 @@
-use super::AnalyticsEventsQueue;
-use super::AppInvocation;
-use super::CodexAppMentionedEventRequest;
-use super::CodexAppUsedEventRequest;
-use super::CodexPluginEventRequest;
-use super::CodexPluginUsedEventRequest;
-use super::InvocationType;
-use super::TrackEventRequest;
-use super::TrackEventsContext;
-use super::codex_app_metadata;
-use super::codex_plugin_metadata;
-use super::codex_plugin_used_metadata;
-use super::normalize_path_for_skill_id;
+use crate::client::AnalyticsEventsQueue;
+use crate::events::AppServerRpcTransport;
+use crate::events::CodexAppMentionedEventRequest;
+use crate::events::CodexAppServerClientMetadata;
+use crate::events::CodexAppUsedEventRequest;
+use crate::events::CodexPluginEventRequest;
+use crate::events::CodexPluginUsedEventRequest;
+use crate::events::CodexRuntimeMetadata;
+use crate::events::ThreadInitializationMode;
+use crate::events::ThreadInitializedEvent;
+use crate::events::ThreadInitializedEventParams;
+use crate::events::TrackEventRequest;
+use crate::events::codex_app_metadata;
+use crate::events::codex_plugin_metadata;
+use crate::events::codex_plugin_used_metadata;
+use crate::facts::AnalyticsFact;
+use crate::facts::AppInvocation;
+use crate::facts::AppMentionedInput;
+use crate::facts::AppUsedInput;
+use crate::facts::CustomAnalyticsFact;
+use crate::facts::InvocationType;
+use crate::facts::PluginState;
+use crate::facts::PluginStateChangedInput;
+use crate::facts::PluginUsedInput;
+use crate::facts::SkillInvocation;
+use crate::facts::SkillInvokedInput;
+use crate::facts::TrackEventsContext;
+use crate::reducer::AnalyticsReducer;
+use crate::reducer::normalize_path_for_skill_id;
+use crate::reducer::skill_id_for_local_skill;
+use codex_app_server_protocol::ApprovalsReviewer as AppServerApprovalsReviewer;
+use codex_app_server_protocol::AskForApproval as AppServerAskForApproval;
+use codex_app_server_protocol::ClientInfo;
+use codex_app_server_protocol::ClientResponse;
+use codex_app_server_protocol::InitializeCapabilities;
+use codex_app_server_protocol::InitializeParams;
+use codex_app_server_protocol::RequestId;
+use codex_app_server_protocol::SandboxPolicy as AppServerSandboxPolicy;
+use codex_app_server_protocol::SessionSource as AppServerSessionSource;
+use codex_app_server_protocol::Thread;
+use codex_app_server_protocol::ThreadResumeResponse;
+use codex_app_server_protocol::ThreadStartResponse;
+use codex_app_server_protocol::ThreadStatus as AppServerThreadStatus;
+use codex_login::default_client::DEFAULT_ORIGINATOR;
 use codex_login::default_client::originator;
 use codex_plugin::AppConnectorId;
 use codex_plugin::PluginCapabilitySummary;
@@ -24,6 +55,61 @@ use std::sync::Arc;
 use std::sync::Mutex;
 use tokio::sync::mpsc;
 
+fn sample_thread(thread_id: &str, ephemeral: bool) -> Thread {
+    Thread {
+        id: thread_id.to_string(),
+        preview: "first prompt".to_string(),
+        ephemeral,
+        model_provider: "openai".to_string(),
+        created_at: 1,
+        updated_at: 2,
+        status: AppServerThreadStatus::Idle,
+        path: None,
+        cwd: PathBuf::from("/tmp"),
+        cli_version: "0.0.0".to_string(),
+        source: AppServerSessionSource::Exec,
+        agent_nickname: None,
+        agent_role: None,
+        git_info: None,
+        name: None,
+        turns: Vec::new(),
+    }
+}
+
+fn sample_thread_start_response(thread_id: &str, ephemeral: bool, model: &str) -> ClientResponse {
+    ClientResponse::ThreadStart {
+        request_id: RequestId::Integer(1),
+        response: ThreadStartResponse {
+            thread: sample_thread(thread_id, ephemeral),
+            model: model.to_string(),
+            model_provider: "openai".to_string(),
+            service_tier: None,
+            cwd: PathBuf::from("/tmp"),
+            approval_policy: AppServerAskForApproval::OnFailure,
+            approvals_reviewer: AppServerApprovalsReviewer::User,
+            sandbox: AppServerSandboxPolicy::DangerFullAccess,
+            reasoning_effort: None,
+        },
+    }
+}
+
+fn sample_thread_resume_response(thread_id: &str, ephemeral: bool, model: &str) -> ClientResponse {
+    ClientResponse::ThreadResume {
+        request_id: RequestId::Integer(2),
+        response: ThreadResumeResponse {
+            thread: sample_thread(thread_id, ephemeral),
+            model: model.to_string(),
+            model_provider: "openai".to_string(),
+            service_tier: None,
+            cwd: PathBuf::from("/tmp"),
+            approval_policy: AppServerAskForApproval::OnFailure,
+            approvals_reviewer: AppServerApprovalsReviewer::User,
+            sandbox: AppServerSandboxPolicy::DangerFullAccess,
+            reasoning_effort: None,
+        },
+    }
+}
+
 fn expected_absolute_path(path: &PathBuf) -> String {
     std::fs::canonicalize(path)
         .unwrap_or_else(|_| path.to_path_buf())
@@ -49,7 +135,11 @@ fn normalize_path_for_skill_id_repo_scoped_uses_relative_path() {
 fn normalize_path_for_skill_id_user_scoped_uses_absolute_path() {
     let skill_path = PathBuf::from("/Users/abc/.codex/skills/doc/SKILL.md");
 
-    let path = normalize_path_for_skill_id(None, None, skill_path.as_path());
+    let path = normalize_path_for_skill_id(
+        /*repo_url*/ None,
+        /*repo_root*/ None,
+        skill_path.as_path(),
+    );
     let expected = expected_absolute_path(&skill_path);
 
     assert_eq!(path, expected);
@@ -59,7 +149,11 @@ fn normalize_path_for_skill_id_user_scoped_uses_absolute_path() {
 fn normalize_path_for_skill_id_admin_scoped_uses_absolute_path() {
     let skill_path = PathBuf::from("/etc/codex/skills/doc/SKILL.md");
 
-    let path = normalize_path_for_skill_id(None, None, skill_path.as_path());
+    let path = normalize_path_for_skill_id(
+        /*repo_url*/ None,
+        /*repo_root*/ None,
+        skill_path.as_path(),
+    );
     let expected = expected_absolute_path(&skill_path);
 
     assert_eq!(path, expected);
@@ -186,6 +280,171 @@ fn app_used_dedupe_is_keyed_by_turn_and_connector() {
     assert_eq!(queue.should_enqueue_app_used(&turn_2, &app), true);
 }
 
+#[test]
+fn thread_initialized_event_serializes_expected_shape() {
+    let event = TrackEventRequest::ThreadInitialized(ThreadInitializedEvent {
+        event_type: "codex_thread_initialized",
+        event_params: ThreadInitializedEventParams {
+            thread_id: "thread-0".to_string(),
+            app_server_client: CodexAppServerClientMetadata {
+                product_client_id: DEFAULT_ORIGINATOR.to_string(),
+                client_name: Some("codex-tui".to_string()),
+                client_version: Some("1.0.0".to_string()),
+                rpc_transport: AppServerRpcTransport::Stdio,
+                experimental_api_enabled: Some(true),
+            },
+            runtime: CodexRuntimeMetadata {
+                codex_rs_version: "0.1.0".to_string(),
+                runtime_os: "macos".to_string(),
+                runtime_os_version: "15.3.1".to_string(),
+                runtime_arch: "aarch64".to_string(),
+            },
+            model: "gpt-5".to_string(),
+            ephemeral: true,
+            thread_source: Some("user"),
+            initialization_mode: ThreadInitializationMode::New,
+            subagent_source: None,
+            parent_thread_id: None,
+            created_at: 1,
+        },
+    });
+
+    let payload = serde_json::to_value(&event).expect("serialize thread initialized event");
+
+    assert_eq!(
+        payload,
+        json!({
+            "event_type": "codex_thread_initialized",
+            "event_params": {
+                "thread_id": "thread-0",
+                "app_server_client": {
+                    "product_client_id": DEFAULT_ORIGINATOR,
+                    "client_name": "codex-tui",
+                    "client_version": "1.0.0",
+                    "rpc_transport": "stdio",
+                    "experimental_api_enabled": true
+                },
+                "runtime": {
+                    "codex_rs_version": "0.1.0",
+                    "runtime_os": "macos",
+                    "runtime_os_version": "15.3.1",
+                    "runtime_arch": "aarch64"
+                },
+                "model": "gpt-5",
+                "ephemeral": true,
+                "thread_source": "user",
+                "initialization_mode": "new",
+                "subagent_source": null,
+                "parent_thread_id": null,
+                "created_at": 1
+            }
+        })
+    );
+}
+
+#[tokio::test]
+async fn initialize_caches_client_and_thread_lifecycle_publishes_once_initialized() {
+    let mut reducer = AnalyticsReducer::default();
+    let mut events = Vec::new();
+
+    reducer
+        .ingest(
+            AnalyticsFact::Response {
+                connection_id: 7,
+                response: Box::new(sample_thread_start_response(
+                    "thread-no-client",
+                    /*ephemeral*/ false,
+                    "gpt-5",
+                )),
+            },
+            &mut events,
+        )
+        .await;
+    assert!(events.is_empty(), "thread events should require initialize");
+
+    reducer
+        .ingest(
+            AnalyticsFact::Initialize {
+                connection_id: 7,
+                params: InitializeParams {
+                    client_info: ClientInfo {
+                        name: "codex-tui".to_string(),
+                        title: None,
+                        version: "1.0.0".to_string(),
+                    },
+                    capabilities: Some(InitializeCapabilities {
+                        experimental_api: false,
+                        opt_out_notification_methods: None,
+                    }),
+                },
+                product_client_id: DEFAULT_ORIGINATOR.to_string(),
+                runtime: CodexRuntimeMetadata {
+                    codex_rs_version: "0.99.0".to_string(),
+                    runtime_os: "linux".to_string(),
+                    runtime_os_version: "24.04".to_string(),
+                    runtime_arch: "x86_64".to_string(),
+                },
+                rpc_transport: AppServerRpcTransport::Websocket,
+            },
+            &mut events,
+        )
+        .await;
+    assert!(events.is_empty(), "initialize should not publish by itself");
+
+    reducer
+        .ingest(
+            AnalyticsFact::Response {
+                connection_id: 7,
+                response: Box::new(sample_thread_resume_response(
+                    "thread-1", /*ephemeral*/ true, "gpt-5",
+                )),
+            },
+            &mut events,
+        )
+        .await;
+
+    let payload = serde_json::to_value(&events).expect("serialize events");
+    assert_eq!(payload.as_array().expect("events array").len(), 1);
+    assert_eq!(payload[0]["event_type"], "codex_thread_initialized");
+    assert_eq!(
+        payload[0]["event_params"]["app_server_client"]["product_client_id"],
+        DEFAULT_ORIGINATOR
+    );
+    assert_eq!(
+        payload[0]["event_params"]["app_server_client"]["client_name"],
+        "codex-tui"
+    );
+    assert_eq!(
+        payload[0]["event_params"]["app_server_client"]["client_version"],
+        "1.0.0"
+    );
+    assert_eq!(
+        payload[0]["event_params"]["app_server_client"]["rpc_transport"],
+        "websocket"
+    );
+    assert_eq!(
+        payload[0]["event_params"]["app_server_client"]["experimental_api_enabled"],
+        false
+    );
+    assert_eq!(
+        payload[0]["event_params"]["runtime"]["codex_rs_version"],
+        "0.99.0"
+    );
+    assert_eq!(payload[0]["event_params"]["runtime"]["runtime_os"], "linux");
+    assert_eq!(
+        payload[0]["event_params"]["runtime"]["runtime_os_version"],
+        "24.04"
+    );
+    assert_eq!(
+        payload[0]["event_params"]["runtime"]["runtime_arch"],
+        "x86_64"
+    );
+    assert_eq!(payload[0]["event_params"]["initialization_mode"], "resumed");
+    assert_eq!(payload[0]["event_params"]["thread_source"], "user");
+    assert_eq!(payload[0]["event_params"]["subagent_source"], json!(null));
+    assert_eq!(payload[0]["event_params"]["parent_thread_id"], json!(null));
+}
+
 #[test]
 fn plugin_used_event_serializes_expected_shape() {
     let tracking = TrackEventsContext {
@@ -272,6 +531,145 @@ fn plugin_used_dedupe_is_keyed_by_turn_and_plugin() {
     assert_eq!(queue.should_enqueue_plugin_used(&turn_2, &plugin), true);
 }
 
+#[tokio::test]
+async fn reducer_ingests_skill_invoked_fact() {
+    let mut reducer = AnalyticsReducer::default();
+    let mut events = Vec::new();
+    let tracking = TrackEventsContext {
+        model_slug: "gpt-5".to_string(),
+        thread_id: "thread-1".to_string(),
+        turn_id: "turn-1".to_string(),
+    };
+    let skill_path = PathBuf::from("/Users/abc/.codex/skills/doc/SKILL.md");
+    let expected_skill_id = skill_id_for_local_skill(
+        /*repo_url*/ None,
+        /*repo_root*/ None,
+        skill_path.as_path(),
+        "doc",
+    );
+
+    reducer
+        .ingest(
+            AnalyticsFact::Custom(CustomAnalyticsFact::SkillInvoked(SkillInvokedInput {
+                tracking,
+                invocations: vec![SkillInvocation {
+                    skill_name: "doc".to_string(),
+                    skill_scope: codex_protocol::protocol::SkillScope::User,
+                    skill_path,
+                    invocation_type: InvocationType::Explicit,
+                }],
+            })),
+            &mut events,
+        )
+        .await;
+
+    let payload = serde_json::to_value(&events).expect("serialize events");
+    assert_eq!(
+        payload,
+        json!([{
+            "event_type": "skill_invocation",
+            "skill_id": expected_skill_id,
+            "skill_name": "doc",
+            "event_params": {
+                "product_client_id": originator().value,
+                "skill_scope": "user",
+                "repo_url": null,
+                "thread_id": "thread-1",
+                "invoke_type": "explicit",
+                "model_slug": "gpt-5"
+            }
+        }])
+    );
+}
+
+#[tokio::test]
+async fn reducer_ingests_app_and_plugin_facts() {
+    let mut reducer = AnalyticsReducer::default();
+    let mut events = Vec::new();
+    let tracking = TrackEventsContext {
+        model_slug: "gpt-5".to_string(),
+        thread_id: "thread-1".to_string(),
+        turn_id: "turn-1".to_string(),
+    };
+
+    reducer
+        .ingest(
+            AnalyticsFact::Custom(CustomAnalyticsFact::AppMentioned(AppMentionedInput {
+                tracking: tracking.clone(),
+                mentions: vec![AppInvocation {
+                    connector_id: Some("calendar".to_string()),
+                    app_name: Some("Calendar".to_string()),
+                    invocation_type: Some(InvocationType::Explicit),
+                }],
+            })),
+            &mut events,
+        )
+        .await;
+    reducer
+        .ingest(
+            AnalyticsFact::Custom(CustomAnalyticsFact::AppUsed(AppUsedInput {
+                tracking: tracking.clone(),
+                app: AppInvocation {
+                    connector_id: Some("drive".to_string()),
+                    app_name: Some("Drive".to_string()),
+                    invocation_type: Some(InvocationType::Implicit),
+                },
+            })),
+            &mut events,
+        )
+        .await;
+    reducer
+        .ingest(
+            AnalyticsFact::Custom(CustomAnalyticsFact::PluginUsed(PluginUsedInput {
+                tracking,
+                plugin: sample_plugin_metadata(),
+            })),
+            &mut events,
+        )
+        .await;
+
+    let payload = serde_json::to_value(&events).expect("serialize events");
+    assert_eq!(payload.as_array().expect("events array").len(), 3);
+    assert_eq!(payload[0]["event_type"], "codex_app_mentioned");
+    assert_eq!(payload[1]["event_type"], "codex_app_used");
+    assert_eq!(payload[2]["event_type"], "codex_plugin_used");
+}
+
+#[tokio::test]
+async fn reducer_ingests_plugin_state_changed_fact() {
+    let mut reducer = AnalyticsReducer::default();
+    let mut events = Vec::new();
+
+    reducer
+        .ingest(
+            AnalyticsFact::Custom(CustomAnalyticsFact::PluginStateChanged(
+                PluginStateChangedInput {
+                    plugin: sample_plugin_metadata(),
+                    state: PluginState::Disabled,
+                },
+            )),
+            &mut events,
+        )
+        .await;
+
+    let payload = serde_json::to_value(&events).expect("serialize events");
+    assert_eq!(
+        payload,
+        json!([{
+            "event_type": "codex_plugin_disabled",
+            "event_params": {
+                "plugin_id": "sample@test",
+                "plugin_name": "sample",
+                "marketplace_name": "test",
+                "has_skills": true,
+                "mcp_server_count": 2,
+                "connector_ids": ["calendar", "drive"],
+                "product_client_id": originator().value
+            }
+        }])
+    );
+}
+
 fn sample_plugin_metadata() -> PluginTelemetryMetadata {
     PluginTelemetryMetadata {
         plugin_id: PluginId::parse("sample@test").expect("valid plugin id"),

codex-rs/analytics/src/client.rs

@@ -0,0 +1,272 @@
+use crate::events::AppServerRpcTransport;
+use crate::events::TrackEventRequest;
+use crate::events::TrackEventsRequest;
+use crate::events::current_runtime_metadata;
+use crate::facts::AnalyticsFact;
+use crate::facts::AppInvocation;
+use crate::facts::AppMentionedInput;
+use crate::facts::AppUsedInput;
+use crate::facts::CustomAnalyticsFact;
+use crate::facts::PluginState;
+use crate::facts::PluginStateChangedInput;
+use crate::facts::SkillInvocation;
+use crate::facts::SkillInvokedInput;
+use crate::facts::TrackEventsContext;
+use crate::reducer::AnalyticsReducer;
+use codex_app_server_protocol::ClientResponse;
+use codex_app_server_protocol::InitializeParams;
+use codex_login::AuthManager;
+use codex_login::default_client::create_client;
+use codex_plugin::PluginTelemetryMetadata;
+use std::collections::HashSet;
+use std::sync::Arc;
+use std::sync::Mutex;
+use std::time::Duration;
+use tokio::sync::mpsc;
+
+const ANALYTICS_EVENTS_QUEUE_SIZE: usize = 256;
+const ANALYTICS_EVENTS_TIMEOUT: Duration = Duration::from_secs(10);
+const ANALYTICS_EVENT_DEDUPE_MAX_KEYS: usize = 4096;
+
+#[derive(Clone)]
+pub(crate) struct AnalyticsEventsQueue {
+    pub(crate) sender: mpsc::Sender<AnalyticsFact>,
+    pub(crate) app_used_emitted_keys: Arc<Mutex<HashSet<(String, String)>>>,
+    pub(crate) plugin_used_emitted_keys: Arc<Mutex<HashSet<(String, String)>>>,
+}
+
+#[derive(Clone)]
+pub struct AnalyticsEventsClient {
+    queue: AnalyticsEventsQueue,
+    analytics_enabled: Option<bool>,
+}
+
+impl AnalyticsEventsQueue {
+    pub(crate) fn new(auth_manager: Arc<AuthManager>, base_url: String) -> Self {
+        let (sender, mut receiver) = mpsc::channel(ANALYTICS_EVENTS_QUEUE_SIZE);
+        tokio::spawn(async move {
+            let mut reducer = AnalyticsReducer::default();
+            while let Some(input) = receiver.recv().await {
+                let mut events = Vec::new();
+                reducer.ingest(input, &mut events).await;
+                send_track_events(&auth_manager, &base_url, events).await;
+            }
+        });
+        Self {
+            sender,
+            app_used_emitted_keys: Arc::new(Mutex::new(HashSet::new())),
+            plugin_used_emitted_keys: Arc::new(Mutex::new(HashSet::new())),
+        }
+    }
+
+    fn try_send(&self, input: AnalyticsFact) {
+        if self.sender.try_send(input).is_err() {
+            //TODO: add a metric for this
+            tracing::warn!("dropping analytics events: queue is full");
+        }
+    }
+
+    pub(crate) fn should_enqueue_app_used(
+        &self,
+        tracking: &TrackEventsContext,
+        app: &AppInvocation,
+    ) -> bool {
+        let Some(connector_id) = app.connector_id.as_ref() else {
+            return true;
+        };
+        let mut emitted = self
+            .app_used_emitted_keys
+            .lock()
+            .unwrap_or_else(std::sync::PoisonError::into_inner);
+        if emitted.len() >= ANALYTICS_EVENT_DEDUPE_MAX_KEYS {
+            emitted.clear();
+        }
+        emitted.insert((tracking.turn_id.clone(), connector_id.clone()))
+    }
+
+    pub(crate) fn should_enqueue_plugin_used(
+        &self,
+        tracking: &TrackEventsContext,
+        plugin: &PluginTelemetryMetadata,
+    ) -> bool {
+        let mut emitted = self
+            .plugin_used_emitted_keys
+            .lock()
+            .unwrap_or_else(std::sync::PoisonError::into_inner);
+        if emitted.len() >= ANALYTICS_EVENT_DEDUPE_MAX_KEYS {
+            emitted.clear();
+        }
+        emitted.insert((tracking.turn_id.clone(), plugin.plugin_id.as_key()))
+    }
+}
+
+impl AnalyticsEventsClient {
+    pub fn new(
+        auth_manager: Arc<AuthManager>,
+        base_url: String,
+        analytics_enabled: Option<bool>,
+    ) -> Self {
+        Self {
+            queue: AnalyticsEventsQueue::new(Arc::clone(&auth_manager), base_url),
+            analytics_enabled,
+        }
+    }
+
+    pub fn track_skill_invocations(
+        &self,
+        tracking: TrackEventsContext,
+        invocations: Vec<SkillInvocation>,
+    ) {
+        if invocations.is_empty() {
+            return;
+        }
+        self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::SkillInvoked(
+            SkillInvokedInput {
+                tracking,
+                invocations,
+            },
+        )));
+    }
+
+    pub fn track_initialize(
+        &self,
+        connection_id: u64,
+        params: InitializeParams,
+        product_client_id: String,
+        rpc_transport: AppServerRpcTransport,
+    ) {
+        self.record_fact(AnalyticsFact::Initialize {
+            connection_id,
+            params,
+            product_client_id,
+            runtime: current_runtime_metadata(),
+            rpc_transport,
+        });
+    }
+
+    pub fn track_app_mentioned(&self, tracking: TrackEventsContext, mentions: Vec<AppInvocation>) {
+        if mentions.is_empty() {
+            return;
+        }
+        self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::AppMentioned(
+            AppMentionedInput { tracking, mentions },
+        )));
+    }
+
+    pub fn track_app_used(&self, tracking: TrackEventsContext, app: AppInvocation) {
+        if !self.queue.should_enqueue_app_used(&tracking, &app) {
+            return;
+        }
+        self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::AppUsed(
+            AppUsedInput { tracking, app },
+        )));
+    }
+
+    pub fn track_plugin_used(&self, tracking: TrackEventsContext, plugin: PluginTelemetryMetadata) {
+        if !self.queue.should_enqueue_plugin_used(&tracking, &plugin) {
+            return;
+        }
+        self.record_fact(AnalyticsFact::Custom(CustomAnalyticsFact::PluginUsed(
+            crate::facts::PluginUsedInput { tracking, plugin },
+        )));
+    }
+
+    pub fn track_plugin_installed(&self, plugin: PluginTelemetryMetadata) {
+        self.record_fact(AnalyticsFact::Custom(
+            CustomAnalyticsFact::PluginStateChanged(PluginStateChangedInput {
+                plugin,
+                state: PluginState::Installed,
+            }),
+        ));
+    }
+
+    pub fn track_plugin_uninstalled(&self, plugin: PluginTelemetryMetadata) {
+        self.record_fact(AnalyticsFact::Custom(
+            CustomAnalyticsFact::PluginStateChanged(PluginStateChangedInput {
+                plugin,
+                state: PluginState::Uninstalled,
+            }),
+        ));
+    }
+
+    pub fn track_plugin_enabled(&self, plugin: PluginTelemetryMetadata) {
+        self.record_fact(AnalyticsFact::Custom(
+            CustomAnalyticsFact::PluginStateChanged(PluginStateChangedInput {
+                plugin,
+                state: PluginState::Enabled,
+            }),
+        ));
+    }
+
+    pub fn track_plugin_disabled(&self, plugin: PluginTelemetryMetadata) {
+        self.record_fact(AnalyticsFact::Custom(
+            CustomAnalyticsFact::PluginStateChanged(PluginStateChangedInput {
+                plugin,
+                state: PluginState::Disabled,
+            }),
+        ));
+    }
+
+    pub(crate) fn record_fact(&self, input: AnalyticsFact) {
+        if self.analytics_enabled == Some(false) {
+            return;
+        }
+        self.queue.try_send(input);
+    }
+
+    pub fn track_response(&self, connection_id: u64, response: ClientResponse) {
+        self.record_fact(AnalyticsFact::Response {
+            connection_id,
+            response: Box::new(response),
+        });
+    }
+}
+
+async fn send_track_events(
+    auth_manager: &AuthManager,
+    base_url: &str,
+    events: Vec<TrackEventRequest>,
+) {
+    if events.is_empty() {
+        return;
+    }
+    let Some(auth) = auth_manager.auth().await else {
+        return;
+    };
+    if !auth.is_chatgpt_auth() {
+        return;
+    }
+    let access_token = match auth.get_token() {
+        Ok(token) => token,
+        Err(_) => return,
+    };
+    let Some(account_id) = auth.get_account_id() else {
+        return;
+    };
+
+    let base_url = base_url.trim_end_matches('/');
+    let url = format!("{base_url}/codex/analytics-events/events");
+    let payload = TrackEventsRequest { events };
+
+    let response = create_client()
+        .post(&url)
+        .timeout(ANALYTICS_EVENTS_TIMEOUT)
+        .bearer_auth(&access_token)
+        .header("chatgpt-account-id", &account_id)
+        .header("Content-Type", "application/json")
+        .json(&payload)
+        .send()
+        .await;
+
+    match response {
+        Ok(response) if response.status().is_success() => {}
+        Ok(response) => {
+            let status = response.status();
+            let body = response.text().await.unwrap_or_default();
+            tracing::warn!("events failed with status {status}: {body}");
+        }
+        Err(err) => {
+            tracing::warn!("failed to send events request: {err}");
+        }
+    }
+}

codex-rs/analytics/src/events.rs

@@ -0,0 +1,230 @@
+use crate::facts::AppInvocation;
+use crate::facts::InvocationType;
+use crate::facts::PluginState;
+use crate::facts::TrackEventsContext;
+use codex_login::default_client::originator;
+use codex_plugin::PluginTelemetryMetadata;
+use codex_protocol::protocol::SessionSource;
+use serde::Serialize;
+
+#[derive(Clone, Copy, Debug, Serialize)]
+#[serde(rename_all = "snake_case")]
+pub enum AppServerRpcTransport {
+    Stdio,
+    Websocket,
+    InProcess,
+}
+
+#[derive(Clone, Copy, Debug, Serialize)]
+#[serde(rename_all = "snake_case")]
+pub(crate) enum ThreadInitializationMode {
+    New,
+    Forked,
+    Resumed,
+}
+
+#[derive(Serialize)]
+pub(crate) struct TrackEventsRequest {
+    pub(crate) events: Vec<TrackEventRequest>,
+}
+
+#[derive(Serialize)]
+#[serde(untagged)]
+pub(crate) enum TrackEventRequest {
+    SkillInvocation(SkillInvocationEventRequest),
+    ThreadInitialized(ThreadInitializedEvent),
+    AppMentioned(CodexAppMentionedEventRequest),
+    AppUsed(CodexAppUsedEventRequest),
+    PluginUsed(CodexPluginUsedEventRequest),
+    PluginInstalled(CodexPluginEventRequest),
+    PluginUninstalled(CodexPluginEventRequest),
+    PluginEnabled(CodexPluginEventRequest),
+    PluginDisabled(CodexPluginEventRequest),
+}
+
+#[derive(Serialize)]
+pub(crate) struct SkillInvocationEventRequest {
+    pub(crate) event_type: &'static str,
+    pub(crate) skill_id: String,
+    pub(crate) skill_name: String,
+    pub(crate) event_params: SkillInvocationEventParams,
+}
+
+#[derive(Serialize)]
+pub(crate) struct SkillInvocationEventParams {
+    pub(crate) product_client_id: Option<String>,
+    pub(crate) skill_scope: Option<String>,
+    pub(crate) repo_url: Option<String>,
+    pub(crate) thread_id: Option<String>,
+    pub(crate) invoke_type: Option<InvocationType>,
+    pub(crate) model_slug: Option<String>,
+}
+
+#[derive(Clone, Serialize)]
+pub(crate) struct CodexAppServerClientMetadata {
+    pub(crate) product_client_id: String,
+    pub(crate) client_name: Option<String>,
+    pub(crate) client_version: Option<String>,
+    pub(crate) rpc_transport: AppServerRpcTransport,
+    pub(crate) experimental_api_enabled: Option<bool>,
+}
+
+#[derive(Clone, Serialize)]
+pub(crate) struct CodexRuntimeMetadata {
+    pub(crate) codex_rs_version: String,
+    pub(crate) runtime_os: String,
+    pub(crate) runtime_os_version: String,
+    pub(crate) runtime_arch: String,
+}
+
+#[derive(Serialize)]
+pub(crate) struct ThreadInitializedEventParams {
+    pub(crate) thread_id: String,
+    pub(crate) app_server_client: CodexAppServerClientMetadata,
+    pub(crate) runtime: CodexRuntimeMetadata,
+    pub(crate) model: String,
+    pub(crate) ephemeral: bool,
+    pub(crate) thread_source: Option<&'static str>,
+    pub(crate) initialization_mode: ThreadInitializationMode,
+    pub(crate) subagent_source: Option<String>,
+    pub(crate) parent_thread_id: Option<String>,
+    pub(crate) created_at: u64,
+}
+
+#[derive(Serialize)]
+pub(crate) struct ThreadInitializedEvent {
+    pub(crate) event_type: &'static str,
+    pub(crate) event_params: ThreadInitializedEventParams,
+}
+
+#[derive(Serialize)]
+pub(crate) struct CodexAppMetadata {
+    pub(crate) connector_id: Option<String>,
+    pub(crate) thread_id: Option<String>,
+    pub(crate) turn_id: Option<String>,
+    pub(crate) app_name: Option<String>,
+    pub(crate) product_client_id: Option<String>,
+    pub(crate) invoke_type: Option<InvocationType>,
+    pub(crate) model_slug: Option<String>,
+}
+
+#[derive(Serialize)]
+pub(crate) struct CodexAppMentionedEventRequest {
+    pub(crate) event_type: &'static str,
+    pub(crate) event_params: CodexAppMetadata,
+}
+
+#[derive(Serialize)]
+pub(crate) struct CodexAppUsedEventRequest {
+    pub(crate) event_type: &'static str,
+    pub(crate) event_params: CodexAppMetadata,
+}
+
+#[derive(Serialize)]
+pub(crate) struct CodexPluginMetadata {
+    pub(crate) plugin_id: Option<String>,
+    pub(crate) plugin_name: Option<String>,
+    pub(crate) marketplace_name: Option<String>,
+    pub(crate) has_skills: Option<bool>,
+    pub(crate) mcp_server_count: Option<usize>,
+    pub(crate) connector_ids: Option<Vec<String>>,
+    pub(crate) product_client_id: Option<String>,
+}
+
+#[derive(Serialize)]
+pub(crate) struct CodexPluginUsedMetadata {
+    #[serde(flatten)]
+    pub(crate) plugin: CodexPluginMetadata,
+    pub(crate) thread_id: Option<String>,
+    pub(crate) turn_id: Option<String>,
+    pub(crate) model_slug: Option<String>,
+}
+
+#[derive(Serialize)]
+pub(crate) struct CodexPluginEventRequest {
+    pub(crate) event_type: &'static str,
+    pub(crate) event_params: CodexPluginMetadata,
+}
+
+#[derive(Serialize)]
+pub(crate) struct CodexPluginUsedEventRequest {
+    pub(crate) event_type: &'static str,
+    pub(crate) event_params: CodexPluginUsedMetadata,
+}
+
+pub(crate) fn plugin_state_event_type(state: PluginState) -> &'static str {
+    match state {
+        PluginState::Installed => "codex_plugin_installed",
+        PluginState::Uninstalled => "codex_plugin_uninstalled",
+        PluginState::Enabled => "codex_plugin_enabled",
+        PluginState::Disabled => "codex_plugin_disabled",
+    }
+}
+
+pub(crate) fn codex_app_metadata(
+    tracking: &TrackEventsContext,
+    app: AppInvocation,
+) -> CodexAppMetadata {
+    CodexAppMetadata {
+        connector_id: app.connector_id,
+        thread_id: Some(tracking.thread_id.clone()),
+        turn_id: Some(tracking.turn_id.clone()),
+        app_name: app.app_name,
+        product_client_id: Some(originator().value),
+        invoke_type: app.invocation_type,
+        model_slug: Some(tracking.model_slug.clone()),
+    }
+}
+
+pub(crate) fn codex_plugin_metadata(plugin: PluginTelemetryMetadata) -> CodexPluginMetadata {
+    let capability_summary = plugin.capability_summary;
+    CodexPluginMetadata {
+        plugin_id: Some(plugin.plugin_id.as_key()),
+        plugin_name: Some(plugin.plugin_id.plugin_name),
+        marketplace_name: Some(plugin.plugin_id.marketplace_name),
+        has_skills: capability_summary
+            .as_ref()
+            .map(|summary| summary.has_skills),
+        mcp_server_count: capability_summary
+            .as_ref()
+            .map(|summary| summary.mcp_server_names.len()),
+        connector_ids: capability_summary.map(|summary| {
+            summary
+                .app_connector_ids
+                .into_iter()
+                .map(|connector_id| connector_id.0)
+                .collect()
+        }),
+        product_client_id: Some(originator().value),
+    }
+}
+
+pub(crate) fn codex_plugin_used_metadata(
+    tracking: &TrackEventsContext,
+    plugin: PluginTelemetryMetadata,
+) -> CodexPluginUsedMetadata {
+    CodexPluginUsedMetadata {
+        plugin: codex_plugin_metadata(plugin),
+        thread_id: Some(tracking.thread_id.clone()),
+        turn_id: Some(tracking.turn_id.clone()),
+        model_slug: Some(tracking.model_slug.clone()),
+    }
+}
+
+pub(crate) fn thread_source_name(thread_source: &SessionSource) -> Option<&'static str> {
+    match thread_source {
+        SessionSource::Cli | SessionSource::VSCode | SessionSource::Exec => Some("user"),
+        SessionSource::SubAgent(_) => Some("subagent"),
+        SessionSource::Mcp | SessionSource::Custom(_) | SessionSource::Unknown => None,
+    }
+}
+
+pub(crate) fn current_runtime_metadata() -> CodexRuntimeMetadata {
+    let os_info = os_info::get();
+    CodexRuntimeMetadata {
+        codex_rs_version: env!("CARGO_PKG_VERSION").to_string(),
+        runtime_os: std::env::consts::OS.to_string(),
+        runtime_os_version: os_info.version().to_string(),
+        runtime_arch: std::env::consts::ARCH.to_string(),
+    }
+}

codex-rs/analytics/src/facts.rs

@@ -0,0 +1,116 @@
+use crate::events::AppServerRpcTransport;
+use crate::events::CodexRuntimeMetadata;
+use codex_app_server_protocol::ClientRequest;
+use codex_app_server_protocol::ClientResponse;
+use codex_app_server_protocol::InitializeParams;
+use codex_app_server_protocol::RequestId;
+use codex_app_server_protocol::ServerNotification;
+use codex_plugin::PluginTelemetryMetadata;
+use codex_protocol::protocol::SkillScope;
+use serde::Serialize;
+use std::path::PathBuf;
+
+#[derive(Clone)]
+pub struct TrackEventsContext {
+    pub model_slug: String,
+    pub thread_id: String,
+    pub turn_id: String,
+}
+
+pub fn build_track_events_context(
+    model_slug: String,
+    thread_id: String,
+    turn_id: String,
+) -> TrackEventsContext {
+    TrackEventsContext {
+        model_slug,
+        thread_id,
+        turn_id,
+    }
+}
+
+#[derive(Clone, Debug)]
+pub struct SkillInvocation {
+    pub skill_name: String,
+    pub skill_scope: SkillScope,
+    pub skill_path: PathBuf,
+    pub invocation_type: InvocationType,
+}
+
+#[derive(Clone, Copy, Debug, Serialize)]
+#[serde(rename_all = "lowercase")]
+pub enum InvocationType {
+    Explicit,
+    Implicit,
+}
+
+pub struct AppInvocation {
+    pub connector_id: Option<String>,
+    pub app_name: Option<String>,
+    pub invocation_type: Option<InvocationType>,
+}
+
+#[allow(dead_code)]
+pub(crate) enum AnalyticsFact {
+    Initialize {
+        connection_id: u64,
+        params: InitializeParams,
+        product_client_id: String,
+        runtime: CodexRuntimeMetadata,
+        rpc_transport: AppServerRpcTransport,
+    },
+    Request {
+        connection_id: u64,
+        request_id: RequestId,
+        request: Box<ClientRequest>,
+    },
+    Response {
+        connection_id: u64,
+        response: Box<ClientResponse>,
+    },
+    Notification(Box<ServerNotification>),
+    // Facts that do not naturally exist on the app-server protocol surface, or
+    // would require non-trivial protocol reshaping on this branch.
+    Custom(CustomAnalyticsFact),
+}
+
+pub(crate) enum CustomAnalyticsFact {
+    SkillInvoked(SkillInvokedInput),
+    AppMentioned(AppMentionedInput),
+    AppUsed(AppUsedInput),
+    PluginUsed(PluginUsedInput),
+    PluginStateChanged(PluginStateChangedInput),
+}
+
+pub(crate) struct SkillInvokedInput {
+    pub tracking: TrackEventsContext,
+    pub invocations: Vec<SkillInvocation>,
+}
+
+pub(crate) struct AppMentionedInput {
+    pub tracking: TrackEventsContext,
+    pub mentions: Vec<AppInvocation>,
+}
+
+pub(crate) struct AppUsedInput {
+    pub tracking: TrackEventsContext,
+    pub app: AppInvocation,
+}
+
+pub(crate) struct PluginUsedInput {
+    pub tracking: TrackEventsContext,
+    pub plugin: PluginTelemetryMetadata,
+}
+
+pub(crate) struct PluginStateChangedInput {
+    pub plugin: PluginTelemetryMetadata,
+    pub state: PluginState,
+}
+
+#[derive(Clone, Copy)]
+pub(crate) enum PluginState {
+    Installed,
+    Uninstalled,
+    Enabled,
+    Disabled,
+}

codex-rs/analytics/src/lib.rs

@@ -1,8 +1,15 @@
-mod analytics_client;
+mod client;
+mod events;
+mod facts;
+mod reducer;
 
-pub use analytics_client::AnalyticsEventsClient;
-pub use analytics_client::AppInvocation;
-pub use analytics_client::InvocationType;
-pub use analytics_client::SkillInvocation;
-pub use analytics_client::TrackEventsContext;
-pub use analytics_client::build_track_events_context;
+pub use client::AnalyticsEventsClient;
+pub use events::AppServerRpcTransport;
+pub use facts::AppInvocation;
+pub use facts::InvocationType;
+pub use facts::SkillInvocation;
+pub use facts::TrackEventsContext;
+pub use facts::build_track_events_context;
+
+#[cfg(test)]
+mod analytics_client_tests;

codex-rs/analytics/src/reducer.rs

@@ -0,0 +1,305 @@
+use crate::events::AppServerRpcTransport;
+use crate::events::CodexAppMentionedEventRequest;
+use crate::events::CodexAppServerClientMetadata;
+use crate::events::CodexAppUsedEventRequest;
+use crate::events::CodexPluginEventRequest;
+use crate::events::CodexPluginUsedEventRequest;
+use crate::events::CodexRuntimeMetadata;
+use crate::events::SkillInvocationEventParams;
+use crate::events::SkillInvocationEventRequest;
+use crate::events::ThreadInitializationMode;
+use crate::events::ThreadInitializedEvent;
+use crate::events::ThreadInitializedEventParams;
+use crate::events::TrackEventRequest;
+use crate::events::codex_app_metadata;
+use crate::events::codex_plugin_metadata;
+use crate::events::codex_plugin_used_metadata;
+use crate::events::plugin_state_event_type;
+use crate::events::thread_source_name;
+use crate::facts::AnalyticsFact;
+use crate::facts::AppMentionedInput;
+use crate::facts::AppUsedInput;
+use crate::facts::CustomAnalyticsFact;
+use crate::facts::PluginState;
+use crate::facts::PluginStateChangedInput;
+use crate::facts::PluginUsedInput;
+use crate::facts::SkillInvokedInput;
+use codex_app_server_protocol::ClientResponse;
+use codex_app_server_protocol::InitializeParams;
+use codex_git_utils::collect_git_info;
+use codex_git_utils::get_git_repo_root;
+use codex_login::default_client::originator;
+use codex_protocol::protocol::SessionSource;
+use codex_protocol::protocol::SkillScope;
+use sha1::Digest;
+use std::collections::HashMap;
+use std::path::Path;
+
+#[derive(Default)]
+pub(crate) struct AnalyticsReducer {
+    connections: HashMap<u64, ConnectionState>,
+}
+
+struct ConnectionState {
+    app_server_client: CodexAppServerClientMetadata,
+    runtime: CodexRuntimeMetadata,
+}
+
+impl AnalyticsReducer {
+    pub(crate) async fn ingest(&mut self, input: AnalyticsFact, out: &mut Vec<TrackEventRequest>) {
+        match input {
+            AnalyticsFact::Initialize {
+                connection_id,
+                params,
+                product_client_id,
+                runtime,
+                rpc_transport,
+            } => {
+                self.ingest_initialize(
+                    connection_id,
+                    params,
+                    product_client_id,
+                    runtime,
+                    rpc_transport,
+                );
+            }
+            AnalyticsFact::Request {
+                connection_id: _connection_id,
+                request_id: _request_id,
+                request: _request,
+            } => {}
+            AnalyticsFact::Response {
+                connection_id,
+                response,
+            } => {
+                self.ingest_response(connection_id, *response, out);
+            }
+            AnalyticsFact::Notification(_notification) => {}
+            AnalyticsFact::Custom(input) => match input {
+                CustomAnalyticsFact::SkillInvoked(input) => {
+                    self.ingest_skill_invoked(input, out).await;
+                }
+                CustomAnalyticsFact::AppMentioned(input) => {
+                    self.ingest_app_mentioned(input, out);
+                }
+                CustomAnalyticsFact::AppUsed(input) => {
+                    self.ingest_app_used(input, out);
+                }
+                CustomAnalyticsFact::PluginUsed(input) => {
+                    self.ingest_plugin_used(input, out);
+                }
+                CustomAnalyticsFact::PluginStateChanged(input) => {
+                    self.ingest_plugin_state_changed(input, out);
+                }
+            },
+        }
+    }
+
+    fn ingest_initialize(
+        &mut self,
+        connection_id: u64,
+        params: InitializeParams,
+        product_client_id: String,
+        runtime: CodexRuntimeMetadata,
+        rpc_transport: AppServerRpcTransport,
+    ) {
+        self.connections.insert(
+            connection_id,
+            ConnectionState {
+                app_server_client: CodexAppServerClientMetadata {
+                    product_client_id,
+                    client_name: Some(params.client_info.name),
+                    client_version: Some(params.client_info.version),
+                    rpc_transport,
+                    experimental_api_enabled: params
+                        .capabilities
+                        .map(|capabilities| capabilities.experimental_api),
+                },
+                runtime,
+            },
+        );
+    }
+
+    async fn ingest_skill_invoked(
+        &mut self,
+        input: SkillInvokedInput,
+        out: &mut Vec<TrackEventRequest>,
+    ) {
+        let SkillInvokedInput {
+            tracking,
+            invocations,
+        } = input;
+        for invocation in invocations {
+            let skill_scope = match invocation.skill_scope {
+                SkillScope::User => "user",
+                SkillScope::Repo => "repo",
+                SkillScope::System => "system",
+                SkillScope::Admin => "admin",
+            };
+            let repo_root = get_git_repo_root(invocation.skill_path.as_path());
+            let repo_url = if let Some(root) = repo_root.as_ref() {
+                collect_git_info(root)
+                    .await
+                    .and_then(|info| info.repository_url)
+            } else {
+                None
+            };
+            let skill_id = skill_id_for_local_skill(
+                repo_url.as_deref(),
+                repo_root.as_deref(),
+                invocation.skill_path.as_path(),
+                invocation.skill_name.as_str(),
+            );
+            out.push(TrackEventRequest::SkillInvocation(
+                SkillInvocationEventRequest {
+                    event_type: "skill_invocation",
+                    skill_id,
+                    skill_name: invocation.skill_name.clone(),
+                    event_params: SkillInvocationEventParams {
+                        thread_id: Some(tracking.thread_id.clone()),
+                        invoke_type: Some(invocation.invocation_type),
+                        model_slug: Some(tracking.model_slug.clone()),
+                        product_client_id: Some(originator().value),
+                        repo_url,
+                        skill_scope: Some(skill_scope.to_string()),
+                    },
+                },
+            ));
+        }
+    }
+
+    fn ingest_app_mentioned(&mut self, input: AppMentionedInput, out: &mut Vec<TrackEventRequest>) {
+        let AppMentionedInput { tracking, mentions } = input;
+        out.extend(mentions.into_iter().map(|mention| {
+            let event_params = codex_app_metadata(&tracking, mention);
+            TrackEventRequest::AppMentioned(CodexAppMentionedEventRequest {
+                event_type: "codex_app_mentioned",
+                event_params,
+            })
+        }));
+    }
+
+    fn ingest_app_used(&mut self, input: AppUsedInput, out: &mut Vec<TrackEventRequest>) {
+        let AppUsedInput { tracking, app } = input;
+        let event_params = codex_app_metadata(&tracking, app);
+        out.push(TrackEventRequest::AppUsed(CodexAppUsedEventRequest {
+            event_type: "codex_app_used",
+            event_params,
+        }));
+    }
+
+    fn ingest_plugin_used(&mut self, input: PluginUsedInput, out: &mut Vec<TrackEventRequest>) {
+        let PluginUsedInput { tracking, plugin } = input;
+        out.push(TrackEventRequest::PluginUsed(CodexPluginUsedEventRequest {
+            event_type: "codex_plugin_used",
+            event_params: codex_plugin_used_metadata(&tracking, plugin),
+        }));
+    }
+
+    fn ingest_plugin_state_changed(
+        &mut self,
+        input: PluginStateChangedInput,
+        out: &mut Vec<TrackEventRequest>,
+    ) {
+        let PluginStateChangedInput { plugin, state } = input;
+        let event = CodexPluginEventRequest {
+            event_type: plugin_state_event_type(state),
+            event_params: codex_plugin_metadata(plugin),
+        };
+        out.push(match state {
+            PluginState::Installed => TrackEventRequest::PluginInstalled(event),
+            PluginState::Uninstalled => TrackEventRequest::PluginUninstalled(event),
+            PluginState::Enabled => TrackEventRequest::PluginEnabled(event),
+            PluginState::Disabled => TrackEventRequest::PluginDisabled(event),
+        });
+    }
+
+    fn ingest_response(
+        &mut self,
+        connection_id: u64,
+        response: ClientResponse,
+        out: &mut Vec<TrackEventRequest>,
+    ) {
+        let (thread, model, initialization_mode) = match response {
+            ClientResponse::ThreadStart { response, .. } => (
+                response.thread,
+                response.model,
+                ThreadInitializationMode::New,
+            ),
+            ClientResponse::ThreadResume { response, .. } => (
+                response.thread,
+                response.model,
+                ThreadInitializationMode::Resumed,
+            ),
+            ClientResponse::ThreadFork { response, .. } => (
+                response.thread,
+                response.model,
+                ThreadInitializationMode::Forked,
+            ),
+            _ => return,
+        };
+        let thread_source: SessionSource = thread.source.into();
+        let Some(connection_state) = self.connections.get(&connection_id) else {
+            return;
+        };
+        out.push(TrackEventRequest::ThreadInitialized(
+            ThreadInitializedEvent {
+                event_type: "codex_thread_initialized",
+                event_params: ThreadInitializedEventParams {
+                    thread_id: thread.id,
+                    app_server_client: connection_state.app_server_client.clone(),
+                    runtime: connection_state.runtime.clone(),
+                    model,
+                    ephemeral: thread.ephemeral,
+                    thread_source: thread_source_name(&thread_source),
+                    initialization_mode,
+                    subagent_source: None,
+                    parent_thread_id: None,
+                    created_at: u64::try_from(thread.created_at).unwrap_or_default(),
+                },
+            },
+        ));
+    }
+}
+
+pub(crate) fn skill_id_for_local_skill(
+    repo_url: Option<&str>,
+    repo_root: Option<&Path>,
+    skill_path: &Path,
+    skill_name: &str,
+) -> String {
+    let path = normalize_path_for_skill_id(repo_url, repo_root, skill_path);
+    let prefix = if let Some(url) = repo_url {
+        format!("repo_{url}")
+    } else {
+        "personal".to_string()
+    };
+    let raw_id = format!("{prefix}_{path}_{skill_name}");
+    let mut hasher = sha1::Sha1::new();
+    sha1::Digest::update(&mut hasher, raw_id.as_bytes());
+    format!("{:x}", sha1::Digest::finalize(hasher))
+}
+
+/// Returns a normalized path for skill ID construction.
+///
+/// - Repo-scoped skills use a path relative to the repo root.
+/// - User/admin/system skills use an absolute path.
+pub(crate) fn normalize_path_for_skill_id(
+    repo_url: Option<&str>,
+    repo_root: Option<&Path>,
+    skill_path: &Path,
+) -> String {
+    let resolved_path =
+        std::fs::canonicalize(skill_path).unwrap_or_else(|_| skill_path.to_path_buf());
+    match (repo_url, repo_root) {
+        (Some(_), Some(root)) => {
+            let resolved_root = std::fs::canonicalize(root).unwrap_or_else(|_| root.to_path_buf());
+            resolved_path
+                .strip_prefix(&resolved_root)
+                .unwrap_or(resolved_path.as_path())
+                .to_string_lossy()
+                .replace('\\', "/")
+        }
+        _ => resolved_path.to_string_lossy().replace('\\', "/"),
+    }
+}

codex-rs/app-server-client/src/lib.rs

@@ -85,17 +85,128 @@ impl From<InProcessServerEvent> for AppServerEvent {
 }
 
 fn event_requires_delivery(event: &InProcessServerEvent) -> bool {
-    // These terminal events drive surface shutdown/completion state. Dropping
-    // them under backpressure can leave exec/TUI waiting forever even though
-    // the underlying turn has already ended.
+    // These transcript and terminal events must remain lossless. Dropping
+    // streamed assistant text or the authoritative completed item can leave
+    // the TUI with permanently corrupted markdown, while dropping completion
+    // notifications can leave surfaces waiting forever.
+    match event {
+        InProcessServerEvent::ServerNotification(notification) => {
+            server_notification_requires_delivery(notification)
+        }
+        _ => false,
+    }
+}
+
+/// Returns `true` for notifications that must survive backpressure.
+///
+/// Transcript events (`AgentMessageDelta`, `PlanDelta`, reasoning deltas) and
+/// the authoritative `ItemCompleted` / `TurnCompleted` form the lossless tier
+/// of the event stream. Dropping any of these corrupts the visible assistant
+/// output or leaves surfaces waiting for a completion signal that already
+/// fired. Everything else (`CommandExecutionOutputDelta`, progress, etc.) is
+/// best-effort and may be dropped with only cosmetic impact.
+///
+/// Both the in-process and remote transports delegate to this function so the
+/// classification stays in sync.
+pub(crate) fn server_notification_requires_delivery(notification: &ServerNotification) -> bool {
     matches!(
-        event,
-        InProcessServerEvent::ServerNotification(
-            codex_app_server_protocol::ServerNotification::TurnCompleted(_),
-        )
+        notification,
+        ServerNotification::TurnCompleted(_)
+            | ServerNotification::ItemCompleted(_)
+            | ServerNotification::AgentMessageDelta(_)
+            | ServerNotification::PlanDelta(_)
+            | ServerNotification::ReasoningSummaryTextDelta(_)
+            | ServerNotification::ReasoningTextDelta(_)
     )
 }
 
+/// Outcome of attempting to forward a single event to the consumer channel.
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
+enum ForwardEventResult {
+    /// The event was delivered (or intentionally dropped); the stream is healthy.
+    Continue,
+    /// The consumer channel is closed; the caller should stop producing events.
+    DisableStream,
+}
+
+/// Forwards a single in-process event to the consumer, respecting the
+/// lossless/best-effort split.
+///
+/// Lossless events (transcript deltas, item/turn completions) block until the
+/// consumer drains capacity. Best-effort events use `try_send` and increment
+/// `skipped_events` on failure. When a lag marker needs to be flushed before a
+/// lossless event, the flush itself blocks so the marker is never lost.
+///
+/// If a dropped event is a `ServerRequest`, `reject_server_request` is called
+/// so the server does not wait for a response that will never come.
+async fn forward_in_process_event<F>(
+    event_tx: &mpsc::Sender<InProcessServerEvent>,
+    skipped_events: &mut usize,
+    event: InProcessServerEvent,
+    mut reject_server_request: F,
+) -> ForwardEventResult
+where
+    F: FnMut(ServerRequest),
+{
+    if *skipped_events > 0 {
+        if event_requires_delivery(&event) {
+            // Surface lag before the lossless event, but do not let the lag marker itself cause
+            // us to drop the transcript/completion notification the caller is blocked on.
+            if event_tx
+                .send(InProcessServerEvent::Lagged {
+                    skipped: *skipped_events,
+                })
+                .await
+                .is_err()
+            {
+                return ForwardEventResult::DisableStream;
+            }
+            *skipped_events = 0;
+        } else {
+            match event_tx.try_send(InProcessServerEvent::Lagged {
+                skipped: *skipped_events,
+            }) {
+                Ok(()) => {
+                    *skipped_events = 0;
+                }
+                Err(mpsc::error::TrySendError::Full(_)) => {
+                    *skipped_events = skipped_events.saturating_add(1);
+                    warn!("dropping in-process app-server event because consumer queue is full");
+                    if let InProcessServerEvent::ServerRequest(request) = event {
+                        reject_server_request(request);
+                    }
+                    return ForwardEventResult::Continue;
+                }
+                Err(mpsc::error::TrySendError::Closed(_)) => {
+                    return ForwardEventResult::DisableStream;
+                }
+            }
+        }
+    }
+
+    if event_requires_delivery(&event) {
+        // Block until the consumer catches up for transcript/completion notifications; this
+        // preserves the visible assistant output even when the queue is otherwise saturated.
+        if event_tx.send(event).await.is_err() {
+            return ForwardEventResult::DisableStream;
+        }
+        return ForwardEventResult::Continue;
+    }
+
+    match event_tx.try_send(event) {
+        Ok(()) => ForwardEventResult::Continue,
+        Err(mpsc::error::TrySendError::Full(event)) => {
+            *skipped_events = skipped_events.saturating_add(1);
+            warn!("dropping in-process app-server event because consumer queue is full");
+            if let InProcessServerEvent::ServerRequest(request) = event {
+                reject_server_request(request);
+            }
+            ForwardEventResult::Continue
+        }
+        Err(mpsc::error::TrySendError::Closed(_)) => ForwardEventResult::DisableStream,
+    }
+}
+
 /// Layered error for [`InProcessAppServerClient::request_typed`].
 ///
 /// This keeps transport failures, server-side JSON-RPC failures, and response
@@ -366,83 +477,26 @@ impl InProcessAppServerClient {
                             continue;
                         }
 
-                        if skipped_events > 0 {
-                            if event_requires_delivery(&event) {
-                                // Surface lag before the terminal event, but
-                                // do not let the lag marker itself cause us to
-                                // drop the completion/abort notification that
-                                // the caller is blocked on.
-                                if event_tx
-                                    .send(InProcessServerEvent::Lagged {
-                                        skipped: skipped_events,
-                                    })
-                                    .await
-                                    .is_err()
-                                {
-                                    event_stream_enabled = false;
-                                    continue;
-                                }
-                                skipped_events = 0;
-                            } else {
-                                match event_tx.try_send(InProcessServerEvent::Lagged {
-                                    skipped: skipped_events,
-                                }) {
-                                    Ok(()) => {
-                                        skipped_events = 0;
-                                    }
-                                    Err(mpsc::error::TrySendError::Full(_)) => {
-                                        skipped_events = skipped_events.saturating_add(1);
-                                        warn!(
-                                            "dropping in-process app-server event because consumer queue is full"
-                                        );
-                                        if let InProcessServerEvent::ServerRequest(request) = event {
-                                            let _ = request_sender.fail_server_request(
-                                                request.id().clone(),
-                                                JSONRPCErrorError {
-                                                    code: -32001,
-                                                    message: "in-process app-server event queue is full".to_string(),
-                                                    data: None,
-                                                },
-                                            );
-                                        }
-                                        continue;
-                                    }
-                                    Err(mpsc::error::TrySendError::Closed(_)) => {
-                                        event_stream_enabled = false;
-                                        continue;
-                                    }
-                                }
-                            }
-                        }
-
-                        if event_requires_delivery(&event) {
-                            // Block until the consumer catches up for
-                            // terminal notifications; this preserves the
-                            // completion signal even when the queue is
-                            // otherwise saturated.
-                            if event_tx.send(event).await.is_err() {
-                                event_stream_enabled = false;
-                            }
-                            continue;
-                        }
-
-                        match event_tx.try_send(event) {
-                            Ok(()) => {}
-                            Err(mpsc::error::TrySendError::Full(event)) => {
-                                skipped_events = skipped_events.saturating_add(1);
-                                warn!("dropping in-process app-server event because consumer queue is full");
-                                if let InProcessServerEvent::ServerRequest(request) = event {
-                                    let _ = request_sender.fail_server_request(
-                                        request.id().clone(),
-                                        JSONRPCErrorError {
-                                            code: -32001,
-                                            message: "in-process app-server event queue is full".to_string(),
-                                            data: None,
-                                        },
-                                    );
-                                }
-                            }
-                            Err(mpsc::error::TrySendError::Closed(_)) => {
+                        match forward_in_process_event(
+                            &event_tx,
+                            &mut skipped_events,
+                            event,
+                            |request| {
+                                let _ = request_sender.fail_server_request(
+                                    request.id().clone(),
+                                    JSONRPCErrorError {
+                                        code: -32001,
+                                        message: "in-process app-server event queue is full"
+                                            .to_string(),
+                                        data: None,
+                                    },
+                                );
+                            },
+                        )
+                        .await
+                        {
+                            ForwardEventResult::Continue => {}
+                            ForwardEventResult::DisableStream => {
                                 event_stream_enabled = false;
                             }
                         }
@@ -814,8 +868,11 @@ mod tests {
     use tokio::net::TcpListener;
     use tokio::time::Duration;
     use tokio::time::timeout;
-    use tokio_tungstenite::accept_async;
+    use tokio_tungstenite::accept_hdr_async;
     use tokio_tungstenite::tungstenite::Message;
+    use tokio_tungstenite::tungstenite::handshake::server::Request as WebSocketRequest;
+    use tokio_tungstenite::tungstenite::handshake::server::Response as WebSocketResponse;
+    use tokio_tungstenite::tungstenite::http::header::AUTHORIZATION;
 
     async fn build_test_config() -> Config {
         match ConfigBuilder::default().build().await {
@@ -854,6 +911,19 @@ mod tests {
     }
 
     async fn start_test_remote_server<F, Fut>(handler: F) -> String
+    where
+        F: FnOnce(tokio_tungstenite::WebSocketStream<tokio::net::TcpStream>) -> Fut
+            + Send
+            + 'static,
+        Fut: std::future::Future<Output = ()> + Send + 'static,
+    {
+        start_test_remote_server_with_auth(/*expected_auth_token*/ None, handler).await
+    }
+
+    async fn start_test_remote_server_with_auth<F, Fut>(
+        expected_auth_token: Option<String>,
+        handler: F,
+    ) -> String
     where
         F: FnOnce(tokio_tungstenite::WebSocketStream<tokio::net::TcpStream>) -> Fut
             + Send
@@ -866,9 +936,23 @@ mod tests {
         let addr = listener.local_addr().expect("listener address");
         tokio::spawn(async move {
             let (stream, _) = listener.accept().await.expect("accept should succeed");
-            let websocket = accept_async(stream)
-                .await
-                .expect("websocket upgrade should succeed");
+            let websocket = accept_hdr_async(
+                stream,
+                move |request: &WebSocketRequest, response: WebSocketResponse| {
+                    let provided_auth_token = request
+                        .headers()
+                        .get(AUTHORIZATION)
+                        .and_then(|value| value.to_str().ok())
+                        .map(str::to_owned);
+                    let expected_auth_token = expected_auth_token
+                        .as_ref()
+                        .map(|token| format!("Bearer {token}"));
+                    assert_eq!(provided_auth_token, expected_auth_token);
+                    Ok(response)
+                },
+            )
+            .await
+            .expect("websocket upgrade should succeed");
             handler(websocket).await;
         });
         format!("ws://{addr}")
@@ -933,9 +1017,57 @@ mod tests {
             .expect("message should send");
     }
 
+    fn command_execution_output_delta_notification(delta: &str) -> ServerNotification {
+        ServerNotification::CommandExecutionOutputDelta(
+            codex_app_server_protocol::CommandExecutionOutputDeltaNotification {
+                thread_id: "thread".to_string(),
+                turn_id: "turn".to_string(),
+                item_id: "item".to_string(),
+                delta: delta.to_string(),
+            },
+        )
+    }
+
+    fn agent_message_delta_notification(delta: &str) -> ServerNotification {
+        ServerNotification::AgentMessageDelta(
+            codex_app_server_protocol::AgentMessageDeltaNotification {
+                thread_id: "thread".to_string(),
+                turn_id: "turn".to_string(),
+                item_id: "item".to_string(),
+                delta: delta.to_string(),
+            },
+        )
+    }
+
+    fn item_completed_notification(text: &str) -> ServerNotification {
+        ServerNotification::ItemCompleted(codex_app_server_protocol::ItemCompletedNotification {
+            thread_id: "thread".to_string(),
+            turn_id: "turn".to_string(),
+            item: codex_app_server_protocol::ThreadItem::AgentMessage {
+                id: "item".to_string(),
+                text: text.to_string(),
+                phase: None,
+                memory_citation: None,
+            },
+        })
+    }
+
+    fn turn_completed_notification() -> ServerNotification {
+        ServerNotification::TurnCompleted(codex_app_server_protocol::TurnCompletedNotification {
+            thread_id: "thread".to_string(),
+            turn: codex_app_server_protocol::Turn {
+                id: "turn".to_string(),
+                items: Vec::new(),
+                status: codex_app_server_protocol::TurnStatus::Completed,
+                error: None,
+            },
+        })
+    }
+
     fn test_remote_connect_args(websocket_url: String) -> RemoteAppServerConnectArgs {
         RemoteAppServerConnectArgs {
             websocket_url,
+            auth_token: None,
             client_name: "codex-app-server-client-test".to_string(),
             client_version: "0.0.0-test".to_string(),
             experimental_api: true,
@@ -1032,7 +1164,8 @@ mod tests {
 
     #[tokio::test]
     async fn tiny_channel_capacity_still_supports_request_roundtrip() {
-        let client = start_test_client_with_capacity(SessionSource::Exec, 1).await;
+        let client =
+            start_test_client_with_capacity(SessionSource::Exec, /*channel_capacity*/ 1).await;
         let _response: ConfigRequirementsReadResponse = client
             .request_typed(ClientRequest::ConfigRequirementsRead {
                 request_id: RequestId::Integer(1),
@@ -1043,6 +1176,94 @@ mod tests {
         client.shutdown().await.expect("shutdown should complete");
     }
 
+    #[tokio::test]
+    async fn forward_in_process_event_preserves_transcript_notifications_under_backpressure() {
+        let (event_tx, mut event_rx) = mpsc::channel(1);
+        event_tx
+            .send(InProcessServerEvent::ServerNotification(
+                command_execution_output_delta_notification("stdout-1"),
+            ))
+            .await
+            .expect("initial event should enqueue");
+
+        let mut skipped_events = 0usize;
+        let result = forward_in_process_event(
+            &event_tx,
+            &mut skipped_events,
+            InProcessServerEvent::ServerNotification(command_execution_output_delta_notification(
+                "stdout-2",
+            )),
+            |_| {},
+        )
+        .await;
+        assert_eq!(result, ForwardEventResult::Continue);
+        assert_eq!(skipped_events, 1);
+
+        let receive_task = tokio::spawn(async move {
+            let mut events = Vec::new();
+            for _ in 0..5 {
+                events.push(
+                    timeout(Duration::from_secs(2), event_rx.recv())
+                        .await
+                        .expect("event should arrive before timeout")
+                        .expect("event stream should stay open"),
+                );
+            }
+            events
+        });
+
+        for notification in [
+            agent_message_delta_notification("hello"),
+            item_completed_notification("hello"),
+            turn_completed_notification(),
+        ] {
+            let result = forward_in_process_event(
+                &event_tx,
+                &mut skipped_events,
+                InProcessServerEvent::ServerNotification(notification),
+                |_| {},
+            )
+            .await;
+            assert_eq!(result, ForwardEventResult::Continue);
+        }
+        assert_eq!(skipped_events, 0);
+
+        let events = receive_task
+            .await
+            .expect("receiver task should join successfully");
+        assert!(matches!(
+            &events[0],
+            InProcessServerEvent::ServerNotification(
+                ServerNotification::CommandExecutionOutputDelta(notification)
+            ) if notification.delta == "stdout-1"
+        ));
+        assert!(matches!(
+            &events[1],
+            InProcessServerEvent::Lagged { skipped: 1 }
+        ));
+        assert!(matches!(
+            &events[2],
+            InProcessServerEvent::ServerNotification(ServerNotification::AgentMessageDelta(
+                notification
+            )) if notification.delta == "hello"
+        ));
+        assert!(matches!(
+            &events[3],
+            InProcessServerEvent::ServerNotification(ServerNotification::ItemCompleted(
+                notification
+            )) if matches!(
+                &notification.item,
+                codex_app_server_protocol::ThreadItem::AgentMessage { text, .. } if text == "hello"
+            )
+        ));
+        assert!(matches!(
+            &events[4],
+            InProcessServerEvent::ServerNotification(ServerNotification::TurnCompleted(
+                notification
+            )) if notification.turn.status == codex_app_server_protocol::TurnStatus::Completed
+        ));
+    }
+
     #[tokio::test]
     async fn remote_typed_request_roundtrip_works() {
         let websocket_url = start_test_remote_server(|mut websocket| async move {
@@ -1064,6 +1285,7 @@ mod tests {
                 }),
             )
             .await;
+            websocket.close(None).await.expect("close should succeed");
         })
         .await;
         let client = RemoteAppServerClient::connect(test_remote_connect_args(websocket_url))
@@ -1084,6 +1306,59 @@ mod tests {
         client.shutdown().await.expect("shutdown should complete");
     }
 
+    #[tokio::test]
+    async fn remote_connect_includes_auth_header_when_configured() {
+        let auth_token = "remote-bearer-token".to_string();
+        let websocket_url = start_test_remote_server_with_auth(
+            Some(auth_token.clone()),
+            |mut websocket| async move {
+                expect_remote_initialize(&mut websocket).await;
+                websocket.close(None).await.expect("close should succeed");
+            },
+        )
+        .await;
+        let client = RemoteAppServerClient::connect(RemoteAppServerConnectArgs {
+            auth_token: Some(auth_token),
+            ..test_remote_connect_args(websocket_url)
+        })
+        .await
+        .expect("remote client should connect");
+
+        client.shutdown().await.expect("shutdown should complete");
+    }
+
+    #[tokio::test]
+    async fn remote_connect_rejects_non_loopback_ws_when_auth_configured() {
+        let result = RemoteAppServerClient::connect(RemoteAppServerConnectArgs {
+            websocket_url: "ws://example.com:4500".to_string(),
+            auth_token: Some("remote-bearer-token".to_string()),
+            ..test_remote_connect_args("ws://127.0.0.1:1".to_string())
+        })
+        .await;
+        let err = match result {
+            Ok(_) => panic!("non-loopback ws should be rejected before connect"),
+            Err(err) => err,
+        };
+        assert_eq!(err.kind(), ErrorKind::InvalidInput);
+        assert!(
+            err.to_string()
+                .contains("remote auth tokens require `wss://` or loopback `ws://` URLs")
+        );
+    }
+
+    #[test]
+    fn remote_auth_token_transport_policy_allows_wss_and_loopback_ws() {
+        assert!(crate::remote::websocket_url_supports_auth_token(
+            &url::Url::parse("wss://example.com:443").expect("wss URL should parse")
+        ));
+        assert!(crate::remote::websocket_url_supports_auth_token(
+            &url::Url::parse("ws://127.0.0.1:4500").expect("loopback ws URL should parse")
+        ));
+        assert!(!crate::remote::websocket_url_supports_auth_token(
+            &url::Url::parse("ws://example.com:4500").expect("non-loopback ws URL should parse")
+        ));
+    }
+
     #[tokio::test]
     async fn remote_duplicate_request_id_keeps_original_waiter() {
         let (first_request_seen_tx, first_request_seen_rx) = tokio::sync::oneshot::channel();
@@ -1207,6 +1482,108 @@ mod tests {
         client.shutdown().await.expect("shutdown should complete");
     }
 
+    #[tokio::test]
+    async fn remote_backpressure_preserves_transcript_notifications() {
+        let (done_tx, done_rx) = tokio::sync::oneshot::channel();
+        let websocket_url = start_test_remote_server(|mut websocket| async move {
+            expect_remote_initialize(&mut websocket).await;
+            for notification in [
+                command_execution_output_delta_notification("stdout-1"),
+                command_execution_output_delta_notification("stdout-2"),
+                agent_message_delta_notification("hello"),
+                item_completed_notification("hello"),
+                turn_completed_notification(),
+            ] {
+                write_websocket_message(
+                    &mut websocket,
+                    JSONRPCMessage::Notification(
+                        serde_json::from_value(
+                            serde_json::to_value(notification)
+                                .expect("notification should serialize"),
+                        )
+                        .expect("notification should convert to JSON-RPC"),
+                    ),
+                )
+                .await;
+            }
+            let _ = done_rx.await;
+        })
+        .await;
+        let mut client = RemoteAppServerClient::connect(RemoteAppServerConnectArgs {
+            websocket_url,
+            auth_token: None,
+            client_name: "codex-app-server-client-test".to_string(),
+            client_version: "0.0.0-test".to_string(),
+            experimental_api: true,
+            opt_out_notification_methods: Vec::new(),
+            channel_capacity: 1,
+        })
+        .await
+        .expect("remote client should connect");
+
+        let first_event = timeout(Duration::from_secs(2), client.next_event())
+            .await
+            .expect("first event should arrive before timeout")
+            .expect("event stream should stay open");
+        assert!(matches!(
+            first_event,
+            AppServerEvent::ServerNotification(ServerNotification::CommandExecutionOutputDelta(
+                notification
+            )) if notification.delta == "stdout-1"
+        ));
+
+        let mut remaining_events = Vec::new();
+        for _ in 0..4 {
+            remaining_events.push(
+                timeout(Duration::from_secs(2), client.next_event())
+                    .await
+                    .expect("event should arrive before timeout")
+                    .expect("event stream should stay open"),
+            );
+        }
+
+        let mut transcript_event_names = Vec::new();
+        for event in &remaining_events {
+            match event {
+                AppServerEvent::Lagged { skipped: 1 } => {}
+                AppServerEvent::ServerNotification(
+                    ServerNotification::CommandExecutionOutputDelta(notification),
+                ) if notification.delta == "stdout-2" => {}
+                AppServerEvent::ServerNotification(ServerNotification::AgentMessageDelta(
+                    notification,
+                )) if notification.delta == "hello" => {
+                    transcript_event_names.push("agent_message_delta");
+                }
+                AppServerEvent::ServerNotification(ServerNotification::ItemCompleted(
+                    notification,
+                )) if matches!(
+                    &notification.item,
+                    codex_app_server_protocol::ThreadItem::AgentMessage { text, .. } if text == "hello"
+                ) =>
+                {
+                    transcript_event_names.push("item_completed");
+                }
+                AppServerEvent::ServerNotification(ServerNotification::TurnCompleted(
+                    notification,
+                )) if notification.turn.status
+                    == codex_app_server_protocol::TurnStatus::Completed =>
+                {
+                    transcript_event_names.push("turn_completed");
+                }
+                _ => panic!("unexpected remaining event: {event:?}"),
+            }
+        }
+        assert_eq!(
+            transcript_event_names,
+            vec!["agent_message_delta", "item_completed", "turn_completed"]
+        );
+
+        done_tx
+            .send(())
+            .expect("server completion signal should send");
+        client.shutdown().await.expect("shutdown should complete");
+    }
+
     #[tokio::test]
     async fn remote_server_request_resolution_roundtrip_works() {
         let websocket_url = start_test_remote_server(|mut websocket| async move {
@@ -1446,7 +1823,7 @@ mod tests {
     }
 
     #[test]
-    fn event_requires_delivery_marks_terminal_events() {
+    fn event_requires_delivery_marks_transcript_and_terminal_events() {
         assert!(event_requires_delivery(
             &InProcessServerEvent::ServerNotification(
                 codex_app_server_protocol::ServerNotification::TurnCompleted(
@@ -1462,9 +1839,49 @@ mod tests {
                 )
             )
         ));
+        assert!(event_requires_delivery(
+            &InProcessServerEvent::ServerNotification(
+                codex_app_server_protocol::ServerNotification::AgentMessageDelta(
+                    codex_app_server_protocol::AgentMessageDeltaNotification {
+                        thread_id: "thread".to_string(),
+                        turn_id: "turn".to_string(),
+                        item_id: "item".to_string(),
+                        delta: "hello".to_string(),
+                    }
+                )
+            )
+        ));
+        assert!(event_requires_delivery(
+            &InProcessServerEvent::ServerNotification(
+                codex_app_server_protocol::ServerNotification::ItemCompleted(
+                    codex_app_server_protocol::ItemCompletedNotification {
+                        thread_id: "thread".to_string(),
+                        turn_id: "turn".to_string(),
+                        item: codex_app_server_protocol::ThreadItem::AgentMessage {
+                            id: "item".to_string(),
+                            text: "hello".to_string(),
+                            phase: None,
+                            memory_citation: None,
+                        },
+                    }
+                )
+            )
+        ));
         assert!(!event_requires_delivery(&InProcessServerEvent::Lagged {
             skipped: 1
         }));
+        assert!(!event_requires_delivery(
+            &InProcessServerEvent::ServerNotification(
+                codex_app_server_protocol::ServerNotification::CommandExecutionOutputDelta(
+                    codex_app_server_protocol::CommandExecutionOutputDeltaNotification {
+                        thread_id: "thread".to_string(),
+                        turn_id: "turn".to_string(),
+                        item_id: "item".to_string(),
+                        delta: "stdout".to_string(),
+                    }
+                )
+            )
+        ));
     }
 
     #[tokio::test]

codex-rs/app-server-client/src/remote.rs

@@ -4,9 +4,8 @@ This module implements the websocket-backed app-server client transport.
 It owns the remote connection lifecycle, including the initialize/initialized
 handshake, JSON-RPC request/response routing, server-request resolution, and
 notification streaming. The rest of the crate uses the same `AppServerEvent`
-surface for both in-process and remote transports, so callers such as
-`tui_app_server` can switch between them without changing their higher-level
-session logic.
+surface for both in-process and remote transports, so callers such as the TUI
+can switch between them without changing their higher-level session logic.
 */
 
 use std::collections::HashMap;
@@ -21,6 +20,7 @@ use crate::RequestResult;
 use crate::SHUTDOWN_TIMEOUT;
 use crate::TypedRequestError;
 use crate::request_method_name;
+use crate::server_notification_requires_delivery;
 use codex_app_server_protocol::ClientInfo;
 use codex_app_server_protocol::ClientNotification;
 use codex_app_server_protocol::ClientRequest;
@@ -47,6 +47,9 @@ use tokio_tungstenite::MaybeTlsStream;
 use tokio_tungstenite::WebSocketStream;
 use tokio_tungstenite::connect_async;
 use tokio_tungstenite::tungstenite::Message;
+use tokio_tungstenite::tungstenite::client::IntoClientRequest;
+use tokio_tungstenite::tungstenite::http::HeaderValue;
+use tokio_tungstenite::tungstenite::http::header::AUTHORIZATION;
 use tracing::warn;
 use url::Url;
 
@@ -56,6 +59,7 @@ const INITIALIZE_TIMEOUT: Duration = Duration::from_secs(10);
 #[derive(Debug, Clone)]
 pub struct RemoteAppServerConnectArgs {
     pub websocket_url: String,
+    pub auth_token: Option<String>,
     pub client_name: String,
     pub client_version: String,
     pub experimental_api: bool,
@@ -85,6 +89,16 @@ impl RemoteAppServerConnectArgs {
     }
 }
 
+pub(crate) fn websocket_url_supports_auth_token(url: &Url) -> bool {
+    match (url.scheme(), url.host()) {
+        ("wss", Some(_)) => true,
+        ("ws", Some(url::Host::Domain(domain))) => domain.eq_ignore_ascii_case("localhost"),
+        ("ws", Some(url::Host::Ipv4(addr))) => addr.is_loopback(),
+        ("ws", Some(url::Host::Ipv6(addr))) => addr.is_loopback(),
+        _ => false,
+    }
+}
+
 enum RemoteClientCommand {
     Request {
         request: Box<ClientRequest>,
@@ -131,7 +145,31 @@ impl RemoteAppServerClient {
                 format!("invalid websocket URL `{websocket_url}`: {err}"),
             )
         })?;
-        let stream = timeout(CONNECT_TIMEOUT, connect_async(url.as_str()))
+        if args.auth_token.is_some() && !websocket_url_supports_auth_token(&url) {
+            return Err(IoError::new(
+                ErrorKind::InvalidInput,
+                format!(
+                    "remote auth tokens require `wss://` or loopback `ws://` URLs; got `{websocket_url}`"
+                ),
+            ));
+        }
+        let mut request = url.as_str().into_client_request().map_err(|err| {
+            IoError::new(
+                ErrorKind::InvalidInput,
+                format!("invalid websocket URL `{websocket_url}`: {err}"),
+            )
+        })?;
+        if let Some(auth_token) = args.auth_token.as_deref() {
+            let header_value =
+                HeaderValue::from_str(&format!("Bearer {auth_token}")).map_err(|err| {
+                    IoError::new(
+                        ErrorKind::InvalidInput,
+                        format!("invalid remote authorization header value: {err}"),
+                    )
+                })?;
+            request.headers_mut().insert(AUTHORIZATION, header_value);
+        }
+        let stream = timeout(CONNECT_TIMEOUT, connect_async(request))
             .await
             .map_err(|_| {
                 IoError::new(
@@ -854,11 +892,11 @@ async fn reject_if_server_request_dropped(
 
 fn event_requires_delivery(event: &AppServerEvent) -> bool {
     match event {
-        AppServerEvent::ServerNotification(ServerNotification::TurnCompleted(_)) => true,
+        AppServerEvent::ServerNotification(notification) => {
+            server_notification_requires_delivery(notification)
+        }
         AppServerEvent::Disconnected { .. } => true,
-        AppServerEvent::Lagged { .. }
-        | AppServerEvent::ServerNotification(_)
-        | AppServerEvent::ServerRequest(_) => false,
+        AppServerEvent::Lagged { .. } | AppServerEvent::ServerRequest(_) => false,
     }
 }
 
@@ -905,3 +943,40 @@ async fn write_jsonrpc_message(
             ))
         })
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn event_requires_delivery_marks_transcript_and_disconnect_events() {
+        assert!(event_requires_delivery(
+            &AppServerEvent::ServerNotification(ServerNotification::AgentMessageDelta(
+                codex_app_server_protocol::AgentMessageDeltaNotification {
+                    thread_id: "thread".to_string(),
+                    turn_id: "turn".to_string(),
+                    item_id: "item".to_string(),
+                    delta: "hello".to_string(),
+                },
+            ),)
+        ));
+        assert!(event_requires_delivery(
+            &AppServerEvent::ServerNotification(ServerNotification::ItemCompleted(
+                codex_app_server_protocol::ItemCompletedNotification {
+                    thread_id: "thread".to_string(),
+                    turn_id: "turn".to_string(),
+                    item: codex_app_server_protocol::ThreadItem::Plan {
+                        id: "item".to_string(),
+                        text: "step".to_string(),
+                    },
+                }
+            ),)
+        ));
+        assert!(event_requires_delivery(&AppServerEvent::Disconnected {
+            message: "closed".to_string(),
+        }));
+        assert!(!event_requires_delivery(&AppServerEvent::Lagged {
+            skipped: 1
+        }));
+    }
+}

codex-rs/app-server-protocol/schema/json/ClientRequest.json

@@ -1156,6 +1156,22 @@
           "title": "ChatgptLoginAccountParams",
           "type": "object"
         },
+        {
+          "properties": {
+            "type": {
+              "enum": [
+                "chatgptDeviceCode"
+              ],
+              "title": "ChatgptDeviceCodeLoginAccountParamsType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "type"
+          ],
+          "title": "ChatgptDeviceCodeLoginAccountParams",
+          "type": "object"
+        },
         {
           "description": "[UNSTABLE] FOR OPENAI INTERNAL USE ONLY - DO NOT USE. The access token must contain the same scopes that Codex-managed ChatGPT auth tokens have.",
           "properties": {
@@ -2554,15 +2570,6 @@
         "ephemeral": {
           "type": "boolean"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "type": [
-            "object",
-            "null"
-          ]
-        },
         "model": {
           "description": "Configuration overrides for the forked thread, if any.",
           "type": [
@@ -2745,16 +2752,6 @@
           ],
           "description": "Patch the stored Git metadata for this thread. Omit a field to leave it unchanged, set it to `null` to clear it, or provide a string to replace the stored value."
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "description": "Replace the stored client-defined metadata for this thread.",
-          "type": [
-            "object",
-            "null"
-          ]
-        },
         "threadId": {
           "type": "string"
         }
@@ -3051,15 +3048,6 @@
             "null"
           ]
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "type": [
-            "object",
-            "null"
-          ]
-        },
         "model": {
           "type": [
             "string",

codex-rs/app-server-protocol/schema/json/CommandExecutionRequestApprovalParams.json

@@ -28,41 +28,6 @@
       },
       "type": "object"
     },
-    "AdditionalMacOsPermissions": {
-      "properties": {
-        "accessibility": {
-          "type": "boolean"
-        },
-        "automations": {
-          "$ref": "#/definitions/MacOsAutomationPermission"
-        },
-        "calendar": {
-          "type": "boolean"
-        },
-        "contacts": {
-          "$ref": "#/definitions/MacOsContactsPermission"
-        },
-        "launchServices": {
-          "type": "boolean"
-        },
-        "preferences": {
-          "$ref": "#/definitions/MacOsPreferencesPermission"
-        },
-        "reminders": {
-          "type": "boolean"
-        }
-      },
-      "required": [
-        "accessibility",
-        "automations",
-        "calendar",
-        "contacts",
-        "launchServices",
-        "preferences",
-        "reminders"
-      ],
-      "type": "object"
-    },
     "AdditionalNetworkPermissions": {
       "properties": {
         "enabled": {
@@ -86,16 +51,6 @@
             }
           ]
         },
-        "macos": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/AdditionalMacOsPermissions"
-            },
-            {
-              "type": "null"
-            }
-          ]
-        },
         "network": {
           "anyOf": [
             {
@@ -298,60 +253,6 @@
         }
       ]
     },
-    "CommandExecutionRequestApprovalSkillMetadata": {
-      "properties": {
-        "pathToSkillsMd": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "pathToSkillsMd"
-      ],
-      "type": "object"
-    },
-    "MacOsAutomationPermission": {
-      "oneOf": [
-        {
-          "enum": [
-            "none",
-            "all"
-          ],
-          "type": "string"
-        },
-        {
-          "additionalProperties": false,
-          "properties": {
-            "bundle_ids": {
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            }
-          },
-          "required": [
-            "bundle_ids"
-          ],
-          "title": "BundleIdsMacOsAutomationPermission",
-          "type": "object"
-        }
-      ]
-    },
-    "MacOsContactsPermission": {
-      "enum": [
-        "none",
-        "read_only",
-        "read_write"
-      ],
-      "type": "string"
-    },
-    "MacOsPreferencesPermission": {
-      "enum": [
-        "none",
-        "read_only",
-        "read_write"
-      ],
-      "type": "string"
-    },
     "NetworkApprovalContext": {
       "properties": {
         "host": {

codex-rs/app-server-protocol/schema/json/ServerNotification.json

@@ -1206,6 +1206,7 @@
     "HookEventName": {
       "enum": [
         "preToolUse",
+        "postToolUse",
         "sessionStart",
         "userPromptSubmit",
         "stop"
@@ -1776,7 +1777,9 @@
         "plus",
         "pro",
         "team",
+        "self_serve_business_usage_based",
         "business",
+        "enterprise_cbp_usage_based",
         "enterprise",
         "edu",
         "unknown"
@@ -2244,14 +2247,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/json/ServerRequest.json

@@ -28,41 +28,6 @@
       },
       "type": "object"
     },
-    "AdditionalMacOsPermissions": {
-      "properties": {
-        "accessibility": {
-          "type": "boolean"
-        },
-        "automations": {
-          "$ref": "#/definitions/MacOsAutomationPermission"
-        },
-        "calendar": {
-          "type": "boolean"
-        },
-        "contacts": {
-          "$ref": "#/definitions/MacOsContactsPermission"
-        },
-        "launchServices": {
-          "type": "boolean"
-        },
-        "preferences": {
-          "$ref": "#/definitions/MacOsPreferencesPermission"
-        },
-        "reminders": {
-          "type": "boolean"
-        }
-      },
-      "required": [
-        "accessibility",
-        "automations",
-        "calendar",
-        "contacts",
-        "launchServices",
-        "preferences",
-        "reminders"
-      ],
-      "type": "object"
-    },
     "AdditionalNetworkPermissions": {
       "properties": {
         "enabled": {
@@ -86,16 +51,6 @@
             }
           ]
         },
-        "macos": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/AdditionalMacOsPermissions"
-            },
-            {
-              "type": "null"
-            }
-          ]
-        },
         "network": {
           "anyOf": [
             {
@@ -452,17 +407,6 @@
       ],
       "type": "object"
     },
-    "CommandExecutionRequestApprovalSkillMetadata": {
-      "properties": {
-        "pathToSkillsMd": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "pathToSkillsMd"
-      ],
-      "type": "object"
-    },
     "DynamicToolCallParams": {
       "properties": {
         "arguments": true,
@@ -638,49 +582,6 @@
       ],
       "type": "object"
     },
-    "MacOsAutomationPermission": {
-      "oneOf": [
-        {
-          "enum": [
-            "none",
-            "all"
-          ],
-          "type": "string"
-        },
-        {
-          "additionalProperties": false,
-          "properties": {
-            "bundle_ids": {
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            }
-          },
-          "required": [
-            "bundle_ids"
-          ],
-          "title": "BundleIdsMacOsAutomationPermission",
-          "type": "object"
-        }
-      ]
-    },
-    "MacOsContactsPermission": {
-      "enum": [
-        "none",
-        "read_only",
-        "read_write"
-      ],
-      "type": "string"
-    },
-    "MacOsPreferencesPermission": {
-      "enum": [
-        "none",
-        "read_only",
-        "read_write"
-      ],
-      "type": "string"
-    },
     "McpElicitationArrayType": {
       "enum": [
         "array"

codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json

@@ -28,41 +28,6 @@
       },
       "type": "object"
     },
-    "AdditionalMacOsPermissions": {
-      "properties": {
-        "accessibility": {
-          "type": "boolean"
-        },
-        "automations": {
-          "$ref": "#/definitions/MacOsAutomationPermission"
-        },
-        "calendar": {
-          "type": "boolean"
-        },
-        "contacts": {
-          "$ref": "#/definitions/MacOsContactsPermission"
-        },
-        "launchServices": {
-          "type": "boolean"
-        },
-        "preferences": {
-          "$ref": "#/definitions/MacOsPreferencesPermission"
-        },
-        "reminders": {
-          "type": "boolean"
-        }
-      },
-      "required": [
-        "accessibility",
-        "automations",
-        "calendar",
-        "contacts",
-        "launchServices",
-        "preferences",
-        "reminders"
-      ],
-      "type": "object"
-    },
     "AdditionalNetworkPermissions": {
       "properties": {
         "enabled": {
@@ -86,16 +51,6 @@
             }
           ]
         },
-        "macos": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/AdditionalMacOsPermissions"
-            },
-            {
-              "type": "null"
-            }
-          ]
-        },
         "network": {
           "anyOf": [
             {
@@ -1864,17 +1819,6 @@
       "title": "CommandExecutionRequestApprovalResponse",
       "type": "object"
     },
-    "CommandExecutionRequestApprovalSkillMetadata": {
-      "properties": {
-        "pathToSkillsMd": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "pathToSkillsMd"
-      ],
-      "type": "object"
-    },
     "DynamicToolCallParams": {
       "$schema": "http://json-schema.org/draft-07/schema#",
       "properties": {
@@ -2479,49 +2423,6 @@
       "title": "JSONRPCResponse",
       "type": "object"
     },
-    "MacOsAutomationPermission": {
-      "oneOf": [
-        {
-          "enum": [
-            "none",
-            "all"
-          ],
-          "type": "string"
-        },
-        {
-          "additionalProperties": false,
-          "properties": {
-            "bundle_ids": {
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            }
-          },
-          "required": [
-            "bundle_ids"
-          ],
-          "title": "BundleIdsMacOsAutomationPermission",
-          "type": "object"
-        }
-      ]
-    },
-    "MacOsContactsPermission": {
-      "enum": [
-        "none",
-        "read_only",
-        "read_write"
-      ],
-      "type": "string"
-    },
-    "MacOsPreferencesPermission": {
-      "enum": [
-        "none",
-        "read_only",
-        "read_write"
-      ],
-      "type": "string"
-    },
     "McpElicitationArrayType": {
       "enum": [
         "array"
@@ -8221,6 +8122,7 @@
       "HookEventName": {
         "enum": [
           "preToolUse",
+          "postToolUse",
           "sessionStart",
           "userPromptSubmit",
           "stop"
@@ -8667,6 +8569,22 @@
             "title": "Chatgptv2::LoginAccountParams",
             "type": "object"
           },
+          {
+            "properties": {
+              "type": {
+                "enum": [
+                  "chatgptDeviceCode"
+                ],
+                "title": "ChatgptDeviceCodev2::LoginAccountParamsType",
+                "type": "string"
+              }
+            },
+            "required": [
+              "type"
+            ],
+            "title": "ChatgptDeviceCodev2::LoginAccountParams",
+            "type": "object"
+          },
           {
             "description": "[UNSTABLE] FOR OPENAI INTERNAL USE ONLY - DO NOT USE. The access token must contain the same scopes that Codex-managed ChatGPT auth tokens have.",
             "properties": {
@@ -8748,6 +8666,36 @@
             "title": "Chatgptv2::LoginAccountResponse",
             "type": "object"
           },
+          {
+            "properties": {
+              "loginId": {
+                "type": "string"
+              },
+              "type": {
+                "enum": [
+                  "chatgptDeviceCode"
+                ],
+                "title": "ChatgptDeviceCodev2::LoginAccountResponseType",
+                "type": "string"
+              },
+              "userCode": {
+                "description": "One-time code the user must enter after signing in.",
+                "type": "string"
+              },
+              "verificationUrl": {
+                "description": "URL the client should open in a browser to complete device code authorization.",
+                "type": "string"
+              }
+            },
+            "required": [
+              "loginId",
+              "type",
+              "userCode",
+              "verificationUrl"
+            ],
+            "title": "ChatgptDeviceCodev2::LoginAccountResponse",
+            "type": "object"
+          },
           {
             "properties": {
               "type": {
@@ -9301,6 +9249,13 @@
         ],
         "type": "string"
       },
+      "NetworkDomainPermission": {
+        "enum": [
+          "allow",
+          "deny"
+        ],
+        "type": "string"
+      },
       "NetworkRequirements": {
         "properties": {
           "allowLocalBinding": {
@@ -9310,6 +9265,7 @@
             ]
           },
           "allowUnixSockets": {
+            "description": "Legacy compatibility view derived from `unix_sockets`.",
             "items": {
               "type": "string"
             },
@@ -9325,6 +9281,7 @@
             ]
           },
           "allowedDomains": {
+            "description": "Legacy compatibility view derived from `domains`.",
             "items": {
               "type": "string"
             },
@@ -9346,6 +9303,7 @@
             ]
           },
           "deniedDomains": {
+            "description": "Legacy compatibility view derived from `domains`.",
             "items": {
               "type": "string"
             },
@@ -9354,6 +9312,16 @@
               "null"
             ]
           },
+          "domains": {
+            "additionalProperties": {
+              "$ref": "#/definitions/v2/NetworkDomainPermission"
+            },
+            "description": "Canonical network permission map for `experimental_network`.",
+            "type": [
+              "object",
+              "null"
+            ]
+          },
           "enabled": {
             "type": [
               "boolean",
@@ -9368,6 +9336,13 @@
               "null"
             ]
           },
+          "managedAllowedDomainsOnly": {
+            "description": "When true, only managed allowlist entries are respected while managed network enforcement is active.",
+            "type": [
+              "boolean",
+              "null"
+            ]
+          },
           "socksPort": {
             "format": "uint16",
             "minimum": 0.0,
@@ -9375,10 +9350,27 @@
               "integer",
               "null"
             ]
+          },
+          "unixSockets": {
+            "additionalProperties": {
+              "$ref": "#/definitions/v2/NetworkUnixSocketPermission"
+            },
+            "description": "Canonical unix socket permission map for `experimental_network`.",
+            "type": [
+              "object",
+              "null"
+            ]
           }
         },
         "type": "object"
       },
+      "NetworkUnixSocketPermission": {
+        "enum": [
+          "allow",
+          "none"
+        ],
+        "type": "string"
+      },
       "NonSteerableTurnKind": {
         "enum": [
           "review",
@@ -9511,7 +9503,9 @@
           "plus",
           "pro",
           "team",
+          "self_serve_business_usage_based",
           "business",
+          "enterprise_cbp_usage_based",
           "enterprise",
           "edu",
           "unknown"
@@ -12023,14 +12017,6 @@
           "id": {
             "type": "string"
           },
-          "metadata": {
-            "additionalProperties": {
-              "type": "string"
-            },
-            "default": {},
-            "description": "Arbitrary client-defined metadata.",
-            "type": "object"
-          },
           "modelProvider": {
             "description": "Model provider used for this thread (for example, 'openai').",
             "type": "string"
@@ -12219,15 +12205,6 @@
           "ephemeral": {
             "type": "boolean"
           },
-          "metadata": {
-            "additionalProperties": {
-              "type": "string"
-            },
-            "type": [
-              "object",
-              "null"
-            ]
-          },
           "model": {
             "description": "Configuration overrides for the forked thread, if any.",
             "type": [
@@ -13168,16 +13145,6 @@
             ],
             "description": "Patch the stored Git metadata for this thread. Omit a field to leave it unchanged, set it to `null` to clear it, or provide a string to replace the stored value."
           },
-          "metadata": {
-            "additionalProperties": {
-              "type": "string"
-            },
-            "description": "Replace the stored client-defined metadata for this thread.",
-            "type": [
-              "object",
-              "null"
-            ]
-          },
           "threadId": {
             "type": "string"
           }
@@ -13739,15 +13706,6 @@
               "null"
             ]
           },
-          "metadata": {
-            "additionalProperties": {
-              "type": "string"
-            },
-            "type": [
-              "object",
-              "null"
-            ]
-          },
           "model": {
             "type": [
               "string",

codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json

@@ -4892,6 +4892,7 @@
     "HookEventName": {
       "enum": [
         "preToolUse",
+        "postToolUse",
         "sessionStart",
         "userPromptSubmit",
         "stop"
@@ -5382,6 +5383,22 @@
           "title": "Chatgptv2::LoginAccountParams",
           "type": "object"
         },
+        {
+          "properties": {
+            "type": {
+              "enum": [
+                "chatgptDeviceCode"
+              ],
+              "title": "ChatgptDeviceCodev2::LoginAccountParamsType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "type"
+          ],
+          "title": "ChatgptDeviceCodev2::LoginAccountParams",
+          "type": "object"
+        },
         {
           "description": "[UNSTABLE] FOR OPENAI INTERNAL USE ONLY - DO NOT USE. The access token must contain the same scopes that Codex-managed ChatGPT auth tokens have.",
           "properties": {
@@ -5463,6 +5480,36 @@
           "title": "Chatgptv2::LoginAccountResponse",
           "type": "object"
         },
+        {
+          "properties": {
+            "loginId": {
+              "type": "string"
+            },
+            "type": {
+              "enum": [
+                "chatgptDeviceCode"
+              ],
+              "title": "ChatgptDeviceCodev2::LoginAccountResponseType",
+              "type": "string"
+            },
+            "userCode": {
+              "description": "One-time code the user must enter after signing in.",
+              "type": "string"
+            },
+            "verificationUrl": {
+              "description": "URL the client should open in a browser to complete device code authorization.",
+              "type": "string"
+            }
+          },
+          "required": [
+            "loginId",
+            "type",
+            "userCode",
+            "verificationUrl"
+          ],
+          "title": "ChatgptDeviceCodev2::LoginAccountResponse",
+          "type": "object"
+        },
         {
           "properties": {
             "type": {
@@ -6016,6 +6063,13 @@
       ],
       "type": "string"
     },
+    "NetworkDomainPermission": {
+      "enum": [
+        "allow",
+        "deny"
+      ],
+      "type": "string"
+    },
     "NetworkRequirements": {
       "properties": {
         "allowLocalBinding": {
@@ -6025,6 +6079,7 @@
           ]
         },
         "allowUnixSockets": {
+          "description": "Legacy compatibility view derived from `unix_sockets`.",
           "items": {
             "type": "string"
           },
@@ -6040,6 +6095,7 @@
           ]
         },
         "allowedDomains": {
+          "description": "Legacy compatibility view derived from `domains`.",
           "items": {
             "type": "string"
           },
@@ -6061,6 +6117,7 @@
           ]
         },
         "deniedDomains": {
+          "description": "Legacy compatibility view derived from `domains`.",
           "items": {
             "type": "string"
           },
@@ -6069,6 +6126,16 @@
             "null"
           ]
         },
+        "domains": {
+          "additionalProperties": {
+            "$ref": "#/definitions/NetworkDomainPermission"
+          },
+          "description": "Canonical network permission map for `experimental_network`.",
+          "type": [
+            "object",
+            "null"
+          ]
+        },
         "enabled": {
           "type": [
             "boolean",
@@ -6083,6 +6150,13 @@
             "null"
           ]
         },
+        "managedAllowedDomainsOnly": {
+          "description": "When true, only managed allowlist entries are respected while managed network enforcement is active.",
+          "type": [
+            "boolean",
+            "null"
+          ]
+        },
         "socksPort": {
           "format": "uint16",
           "minimum": 0.0,
@@ -6090,10 +6164,27 @@
             "integer",
             "null"
           ]
+        },
+        "unixSockets": {
+          "additionalProperties": {
+            "$ref": "#/definitions/NetworkUnixSocketPermission"
+          },
+          "description": "Canonical unix socket permission map for `experimental_network`.",
+          "type": [
+            "object",
+            "null"
+          ]
         }
       },
       "type": "object"
     },
+    "NetworkUnixSocketPermission": {
+      "enum": [
+        "allow",
+        "none"
+      ],
+      "type": "string"
+    },
     "NonSteerableTurnKind": {
       "enum": [
         "review",
@@ -6226,7 +6317,9 @@
         "plus",
         "pro",
         "team",
+        "self_serve_business_usage_based",
         "business",
+        "enterprise_cbp_usage_based",
         "enterprise",
         "edu",
         "unknown"
@@ -9770,14 +9863,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"
@@ -9966,15 +10051,6 @@
         "ephemeral": {
           "type": "boolean"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "type": [
-            "object",
-            "null"
-          ]
-        },
         "model": {
           "description": "Configuration overrides for the forked thread, if any.",
           "type": [
@@ -10915,16 +10991,6 @@
           ],
           "description": "Patch the stored Git metadata for this thread. Omit a field to leave it unchanged, set it to `null` to clear it, or provide a string to replace the stored value."
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "description": "Replace the stored client-defined metadata for this thread.",
-          "type": [
-            "object",
-            "null"
-          ]
-        },
         "threadId": {
           "type": "string"
         }
@@ -11486,15 +11552,6 @@
             "null"
           ]
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "type": [
-            "object",
-            "null"
-          ]
-        },
         "model": {
           "type": [
             "string",

codex-rs/app-server-protocol/schema/json/v2/AccountRateLimitsUpdatedNotification.json

@@ -29,7 +29,9 @@
         "plus",
         "pro",
         "team",
+        "self_serve_business_usage_based",
         "business",
+        "enterprise_cbp_usage_based",
         "enterprise",
         "edu",
         "unknown"

codex-rs/app-server-protocol/schema/json/v2/AccountUpdatedNotification.json

@@ -34,7 +34,9 @@
         "plus",
         "pro",
         "team",
+        "self_serve_business_usage_based",
         "business",
+        "enterprise_cbp_usage_based",
         "enterprise",
         "edu",
         "unknown"

codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json

@@ -102,6 +102,13 @@
       },
       "type": "object"
     },
+    "NetworkDomainPermission": {
+      "enum": [
+        "allow",
+        "deny"
+      ],
+      "type": "string"
+    },
     "NetworkRequirements": {
       "properties": {
         "allowLocalBinding": {
@@ -111,6 +118,7 @@
           ]
         },
         "allowUnixSockets": {
+          "description": "Legacy compatibility view derived from `unix_sockets`.",
           "items": {
             "type": "string"
           },
@@ -126,6 +134,7 @@
           ]
         },
         "allowedDomains": {
+          "description": "Legacy compatibility view derived from `domains`.",
           "items": {
             "type": "string"
           },
@@ -147,6 +156,7 @@
           ]
         },
         "deniedDomains": {
+          "description": "Legacy compatibility view derived from `domains`.",
           "items": {
             "type": "string"
           },
@@ -155,6 +165,16 @@
             "null"
           ]
         },
+        "domains": {
+          "additionalProperties": {
+            "$ref": "#/definitions/NetworkDomainPermission"
+          },
+          "description": "Canonical network permission map for `experimental_network`.",
+          "type": [
+            "object",
+            "null"
+          ]
+        },
         "enabled": {
           "type": [
             "boolean",
@@ -169,6 +189,13 @@
             "null"
           ]
         },
+        "managedAllowedDomainsOnly": {
+          "description": "When true, only managed allowlist entries are respected while managed network enforcement is active.",
+          "type": [
+            "boolean",
+            "null"
+          ]
+        },
         "socksPort": {
           "format": "uint16",
           "minimum": 0.0,
@@ -176,10 +203,27 @@
             "integer",
             "null"
           ]
+        },
+        "unixSockets": {
+          "additionalProperties": {
+            "$ref": "#/definitions/NetworkUnixSocketPermission"
+          },
+          "description": "Canonical unix socket permission map for `experimental_network`.",
+          "type": [
+            "object",
+            "null"
+          ]
         }
       },
       "type": "object"
     },
+    "NetworkUnixSocketPermission": {
+      "enum": [
+        "allow",
+        "none"
+      ],
+      "type": "string"
+    },
     "ResidencyRequirement": {
       "enum": [
         "us"

codex-rs/app-server-protocol/schema/json/v2/GetAccountRateLimitsResponse.json

@@ -29,7 +29,9 @@
         "plus",
         "pro",
         "team",
+        "self_serve_business_usage_based",
         "business",
+        "enterprise_cbp_usage_based",
         "enterprise",
         "edu",
         "unknown"

codex-rs/app-server-protocol/schema/json/v2/GetAccountResponse.json

@@ -52,7 +52,9 @@
         "plus",
         "pro",
         "team",
+        "self_serve_business_usage_based",
         "business",
+        "enterprise_cbp_usage_based",
         "enterprise",
         "edu",
         "unknown"

codex-rs/app-server-protocol/schema/json/v2/HookCompletedNotification.json

@@ -4,6 +4,7 @@
     "HookEventName": {
       "enum": [
         "preToolUse",
+        "postToolUse",
         "sessionStart",
         "userPromptSubmit",
         "stop"

codex-rs/app-server-protocol/schema/json/v2/HookStartedNotification.json

@@ -4,6 +4,7 @@
     "HookEventName": {
       "enum": [
         "preToolUse",
+        "postToolUse",
         "sessionStart",
         "userPromptSubmit",
         "stop"

codex-rs/app-server-protocol/schema/json/v2/LoginAccountParams.json

@@ -37,6 +37,22 @@
       "title": "Chatgptv2::LoginAccountParams",
       "type": "object"
     },
+    {
+      "properties": {
+        "type": {
+          "enum": [
+            "chatgptDeviceCode"
+          ],
+          "title": "ChatgptDeviceCodev2::LoginAccountParamsType",
+          "type": "string"
+        }
+      },
+      "required": [
+        "type"
+      ],
+      "title": "ChatgptDeviceCodev2::LoginAccountParams",
+      "type": "object"
+    },
     {
       "description": "[UNSTABLE] FOR OPENAI INTERNAL USE ONLY - DO NOT USE. The access token must contain the same scopes that Codex-managed ChatGPT auth tokens have.",
       "properties": {

codex-rs/app-server-protocol/schema/json/v2/LoginAccountResponse.json

@@ -42,6 +42,36 @@
       "title": "Chatgptv2::LoginAccountResponse",
       "type": "object"
     },
+    {
+      "properties": {
+        "loginId": {
+          "type": "string"
+        },
+        "type": {
+          "enum": [
+            "chatgptDeviceCode"
+          ],
+          "title": "ChatgptDeviceCodev2::LoginAccountResponseType",
+          "type": "string"
+        },
+        "userCode": {
+          "description": "One-time code the user must enter after signing in.",
+          "type": "string"
+        },
+        "verificationUrl": {
+          "description": "URL the client should open in a browser to complete device code authorization.",
+          "type": "string"
+        }
+      },
+      "required": [
+        "loginId",
+        "type",
+        "userCode",
+        "verificationUrl"
+      ],
+      "title": "ChatgptDeviceCodev2::LoginAccountResponse",
+      "type": "object"
+    },
     {
       "properties": {
         "type": {

codex-rs/app-server-protocol/schema/json/v2/ThreadForkParams.json

@@ -126,15 +126,6 @@
     "ephemeral": {
       "type": "boolean"
     },
-    "metadata": {
-      "additionalProperties": {
-        "type": "string"
-      },
-      "type": [
-        "object",
-        "null"
-      ]
-    },
     "model": {
       "description": "Configuration overrides for the forked thread, if any.",
       "type": [

codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json

@@ -1056,14 +1056,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/json/v2/ThreadListResponse.json

@@ -814,14 +814,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/json/v2/ThreadMetadataUpdateParams.json

@@ -40,16 +40,6 @@
       ],
       "description": "Patch the stored Git metadata for this thread. Omit a field to leave it unchanged, set it to `null` to clear it, or provide a string to replace the stored value."
     },
-    "metadata": {
-      "additionalProperties": {
-        "type": "string"
-      },
-      "description": "Replace the stored client-defined metadata for this thread.",
-      "type": [
-        "object",
-        "null"
-      ]
-    },
     "threadId": {
       "type": "string"
     }

codex-rs/app-server-protocol/schema/json/v2/ThreadMetadataUpdateResponse.json

@@ -814,14 +814,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/json/v2/ThreadReadResponse.json

@@ -814,14 +814,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json

@@ -1056,14 +1056,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/json/v2/ThreadRollbackResponse.json

@@ -814,14 +814,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/json/v2/ThreadStartParams.json

@@ -156,15 +156,6 @@
         "null"
       ]
     },
-    "metadata": {
-      "additionalProperties": {
-        "type": "string"
-      },
-      "type": [
-        "object",
-        "null"
-      ]
-    },
     "model": {
       "type": [
         "string",

codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json

@@ -1056,14 +1056,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/json/v2/ThreadStartedNotification.json

@@ -814,14 +814,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/json/v2/ThreadUnarchiveResponse.json

@@ -814,14 +814,6 @@
         "id": {
           "type": "string"
         },
-        "metadata": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "default": {},
-          "description": "Arbitrary client-defined metadata.",
-          "type": "object"
-        },
         "modelProvider": {
           "description": "Model provider used for this thread (for example, 'openai').",
           "type": "string"

codex-rs/app-server-protocol/schema/typescript/MacOsAutomationPermission.ts

@@ -1,5 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-export type MacOsAutomationPermission = "none" | "all" | { "bundle_ids": Array<string> };

codex-rs/app-server-protocol/schema/typescript/PlanType.ts

@@ -2,4 +2,4 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type PlanType = "free" | "go" | "plus" | "pro" | "team" | "business" | "enterprise" | "edu" | "unknown";
+export type PlanType = "free" | "go" | "plus" | "pro" | "team" | "self_serve_business_usage_based" | "business" | "enterprise_cbp_usage_based" | "enterprise" | "edu" | "unknown";

codex-rs/app-server-protocol/schema/typescript/index.ts

@@ -41,9 +41,6 @@ export type { InputModality } from "./InputModality";
 export type { LocalShellAction } from "./LocalShellAction";
 export type { LocalShellExecAction } from "./LocalShellExecAction";
 export type { LocalShellStatus } from "./LocalShellStatus";
-export type { MacOsAutomationPermission } from "./MacOsAutomationPermission";
-export type { MacOsContactsPermission } from "./MacOsContactsPermission";
-export type { MacOsPreferencesPermission } from "./MacOsPreferencesPermission";
 export type { MessagePhase } from "./MessagePhase";
 export type { ModeKind } from "./ModeKind";
 export type { NetworkPolicyAmendment } from "./NetworkPolicyAmendment";

codex-rs/app-server-protocol/schema/typescript/v2/AdditionalMacOsPermissions.ts

@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { MacOsAutomationPermission } from "../MacOsAutomationPermission";
-import type { MacOsContactsPermission } from "../MacOsContactsPermission";
-import type { MacOsPreferencesPermission } from "../MacOsPreferencesPermission";
-
-export type AdditionalMacOsPermissions = { preferences: MacOsPreferencesPermission, automations: MacOsAutomationPermission, launchServices: boolean, accessibility: boolean, calendar: boolean, reminders: boolean, contacts: MacOsContactsPermission, };

codex-rs/app-server-protocol/schema/typescript/v2/AdditionalPermissionProfile.ts

@@ -2,7 +2,6 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { AdditionalFileSystemPermissions } from "./AdditionalFileSystemPermissions";
-import type { AdditionalMacOsPermissions } from "./AdditionalMacOsPermissions";
 import type { AdditionalNetworkPermissions } from "./AdditionalNetworkPermissions";
 
-export type AdditionalPermissionProfile = { network: AdditionalNetworkPermissions | null, fileSystem: AdditionalFileSystemPermissions | null, macos: AdditionalMacOsPermissions | null, };
+export type AdditionalPermissionProfile = { network: AdditionalNetworkPermissions | null, fileSystem: AdditionalFileSystemPermissions | null, };

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecutionRequestApprovalParams.ts

@@ -4,7 +4,6 @@
 import type { AdditionalPermissionProfile } from "./AdditionalPermissionProfile";
 import type { CommandAction } from "./CommandAction";
 import type { CommandExecutionApprovalDecision } from "./CommandExecutionApprovalDecision";
-import type { CommandExecutionRequestApprovalSkillMetadata } from "./CommandExecutionRequestApprovalSkillMetadata";
 import type { ExecPolicyAmendment } from "./ExecPolicyAmendment";
 import type { NetworkApprovalContext } from "./NetworkApprovalContext";
 import type { NetworkPolicyAmendment } from "./NetworkPolicyAmendment";
@@ -44,10 +43,6 @@ commandActions?: Array<CommandAction> | null,
  * Optional additional permissions requested for this command.
  */
 additionalPermissions?: AdditionalPermissionProfile | null, 
-/**
- * Optional skill metadata when the approval was triggered by a skill script.
- */
-skillMetadata?: CommandExecutionRequestApprovalSkillMetadata | null, 
 /**
  * Optional proposed execpolicy amendment to allow similar commands without prompting.
  */

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecutionRequestApprovalSkillMetadata.ts

@@ -1,5 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-export type CommandExecutionRequestApprovalSkillMetadata = { pathToSkillsMd: string, };

codex-rs/app-server-protocol/schema/typescript/v2/HookEventName.ts

@@ -2,4 +2,4 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type HookEventName = "preToolUse" | "sessionStart" | "userPromptSubmit" | "stop";
+export type HookEventName = "preToolUse" | "postToolUse" | "sessionStart" | "userPromptSubmit" | "stop";

codex-rs/app-server-protocol/schema/typescript/v2/LoginAccountParams.ts

@@ -2,7 +2,7 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type LoginAccountParams = { "type": "apiKey", apiKey: string, } | { "type": "chatgpt" } | { "type": "chatgptAuthTokens", 
+export type LoginAccountParams = { "type": "apiKey", apiKey: string, } | { "type": "chatgpt" } | { "type": "chatgptDeviceCode" } | { "type": "chatgptAuthTokens", 
 /**
  * Access token (JWT) supplied by the client.
  * This token is used for backend API requests and email extraction.

codex-rs/app-server-protocol/schema/typescript/v2/LoginAccountResponse.ts

@@ -6,4 +6,12 @@ export type LoginAccountResponse = { "type": "apiKey", } | { "type": "chatgpt",
 /**
  * URL the client should open in a browser to initiate the OAuth flow.
  */
-authUrl: string, } | { "type": "chatgptAuthTokens", };
+authUrl: string, } | { "type": "chatgptDeviceCode", loginId: string, 
+/**
+ * URL the client should open in a browser to complete device code authorization.
+ */
+verificationUrl: string, 
+/**
+ * One-time code the user must enter after signing in.
+ */
+userCode: string, } | { "type": "chatgptAuthTokens", };

codex-rs/app-server-protocol/schema/typescript/v2/NetworkDomainPermission.ts

@@ -2,4 +2,4 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type MacOsContactsPermission = "none" | "read_only" | "read_write";
+export type NetworkDomainPermission = "allow" | "deny";

codex-rs/app-server-protocol/schema/typescript/v2/NetworkRequirements.ts

@@ -1,5 +1,32 @@
 // GENERATED CODE! DO NOT MODIFY BY HAND!
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { NetworkDomainPermission } from "./NetworkDomainPermission";
+import type { NetworkUnixSocketPermission } from "./NetworkUnixSocketPermission";
 
-export type NetworkRequirements = { enabled: boolean | null, httpPort: number | null, socksPort: number | null, allowUpstreamProxy: boolean | null, dangerouslyAllowNonLoopbackProxy: boolean | null, dangerouslyAllowAllUnixSockets: boolean | null, allowedDomains: Array<string> | null, deniedDomains: Array<string> | null, allowUnixSockets: Array<string> | null, allowLocalBinding: boolean | null, };
+export type NetworkRequirements = { enabled: boolean | null, httpPort: number | null, socksPort: number | null, allowUpstreamProxy: boolean | null, dangerouslyAllowNonLoopbackProxy: boolean | null, dangerouslyAllowAllUnixSockets: boolean | null, 
+/**
+ * Canonical network permission map for `experimental_network`.
+ */
+domains: { [key in string]?: NetworkDomainPermission } | null, 
+/**
+ * When true, only managed allowlist entries are respected while managed
+ * network enforcement is active.
+ */
+managedAllowedDomainsOnly: boolean | null, 
+/**
+ * Legacy compatibility view derived from `domains`.
+ */
+allowedDomains: Array<string> | null, 
+/**
+ * Legacy compatibility view derived from `domains`.
+ */
+deniedDomains: Array<string> | null, 
+/**
+ * Canonical unix socket permission map for `experimental_network`.
+ */
+unixSockets: { [key in string]?: NetworkUnixSocketPermission } | null, 
+/**
+ * Legacy compatibility view derived from `unix_sockets`.
+ */
+allowUnixSockets: Array<string> | null, allowLocalBinding: boolean | null, };

codex-rs/app-server-protocol/schema/typescript/v2/NetworkUnixSocketPermission.ts

@@ -2,4 +2,4 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type MacOsPreferencesPermission = "none" | "read_only" | "read_write";
+export type NetworkUnixSocketPermission = "allow" | "none";

codex-rs/app-server-protocol/schema/typescript/v2/Thread.ts

@@ -63,10 +63,6 @@ gitInfo: GitInfo | null,
  * Optional user-facing thread title.
  */
 name: string | null, 
-/**
- * Arbitrary client-defined metadata.
- */
-metadata: { [key in string]?: string }, 
 /**
  * Only populated on `thread/resume`, `thread/rollback`, `thread/fork`, and `thread/read`
  * (when `includeTurns` is true) responses.

codex-rs/app-server-protocol/schema/typescript/v2/ThreadForkParams.ts

@@ -27,7 +27,7 @@ model?: string | null, modelProvider?: string | null, serviceTier?: ServiceTier
  * Override where approval requests are routed for review on this thread
  * and subsequent turns.
  */
-approvalsReviewer?: ApprovalsReviewer | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, baseInstructions?: string | null, developerInstructions?: string | null, metadata?: { [key in string]?: string } | null, ephemeral?: boolean, /**
+approvalsReviewer?: ApprovalsReviewer | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, baseInstructions?: string | null, developerInstructions?: string | null, ephemeral?: boolean, /**
  * If true, persist additional rollout EventMsg variants required to
  * reconstruct a richer thread history on subsequent resume/fork/read.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ThreadMetadataUpdateParams.ts

@@ -4,10 +4,6 @@
 import type { ThreadMetadataGitInfoUpdateParams } from "./ThreadMetadataGitInfoUpdateParams";
 
 export type ThreadMetadataUpdateParams = { threadId: string, 
-/**
- * Replace the stored client-defined metadata for this thread.
- */
-metadata?: { [key in string]?: string } | null, 
 /**
  * Patch the stored Git metadata for this thread.
  * Omit a field to leave it unchanged, set it to `null` to clear it, or

codex-rs/app-server-protocol/schema/typescript/v2/ThreadStartParams.ts

@@ -12,7 +12,7 @@ export type ThreadStartParams = {model?: string | null, modelProvider?: string |
  * Override where approval requests are routed for review on this thread
  * and subsequent turns.
  */
-approvalsReviewer?: ApprovalsReviewer | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, serviceName?: string | null, baseInstructions?: string | null, developerInstructions?: string | null, personality?: Personality | null, metadata?: { [key in string]?: string } | null, ephemeral?: boolean | null, /**
+approvalsReviewer?: ApprovalsReviewer | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, serviceName?: string | null, baseInstructions?: string | null, developerInstructions?: string | null, personality?: Personality | null, ephemeral?: boolean | null, /**
  * If true, opt into emitting raw Responses API items on the event stream.
  * This is for internal use only (e.g. Codex Cloud).
  */

codex-rs/app-server-protocol/schema/typescript/v2/index.ts

@@ -5,7 +5,6 @@ export type { AccountLoginCompletedNotification } from "./AccountLoginCompletedN
 export type { AccountRateLimitsUpdatedNotification } from "./AccountRateLimitsUpdatedNotification";
 export type { AccountUpdatedNotification } from "./AccountUpdatedNotification";
 export type { AdditionalFileSystemPermissions } from "./AdditionalFileSystemPermissions";
-export type { AdditionalMacOsPermissions } from "./AdditionalMacOsPermissions";
 export type { AdditionalNetworkPermissions } from "./AdditionalNetworkPermissions";
 export type { AdditionalPermissionProfile } from "./AdditionalPermissionProfile";
 export type { AgentMessageDeltaNotification } from "./AgentMessageDeltaNotification";
@@ -54,7 +53,6 @@ export type { CommandExecutionApprovalDecision } from "./CommandExecutionApprova
 export type { CommandExecutionOutputDeltaNotification } from "./CommandExecutionOutputDeltaNotification";
 export type { CommandExecutionRequestApprovalParams } from "./CommandExecutionRequestApprovalParams";
 export type { CommandExecutionRequestApprovalResponse } from "./CommandExecutionRequestApprovalResponse";
-export type { CommandExecutionRequestApprovalSkillMetadata } from "./CommandExecutionRequestApprovalSkillMetadata";
 export type { CommandExecutionSource } from "./CommandExecutionSource";
 export type { CommandExecutionStatus } from "./CommandExecutionStatus";
 export type { Config } from "./Config";
@@ -199,9 +197,11 @@ export type { ModelUpgradeInfo } from "./ModelUpgradeInfo";
 export type { NetworkAccess } from "./NetworkAccess";
 export type { NetworkApprovalContext } from "./NetworkApprovalContext";
 export type { NetworkApprovalProtocol } from "./NetworkApprovalProtocol";
+export type { NetworkDomainPermission } from "./NetworkDomainPermission";
 export type { NetworkPolicyAmendment } from "./NetworkPolicyAmendment";
 export type { NetworkPolicyRuleAction } from "./NetworkPolicyRuleAction";
 export type { NetworkRequirements } from "./NetworkRequirements";
+export type { NetworkUnixSocketPermission } from "./NetworkUnixSocketPermission";
 export type { NonSteerableTurnKind } from "./NonSteerableTurnKind";
 export type { OverriddenMetadata } from "./OverriddenMetadata";
 export type { PatchApplyStatus } from "./PatchApplyStatus";

codex-rs/app-server-protocol/src/export.rs

@@ -2298,10 +2298,6 @@ mod tests {
             command_execution_request_approval_ts.contains("additionalPermissions"),
             true
         );
-        assert_eq!(
-            command_execution_request_approval_ts.contains("skillMetadata"),
-            true
-        );
 
         Ok(())
     }
@@ -2694,7 +2690,7 @@ export type Config = { stableField: Keep, unstableField: string | null } & ({ [k
     fn generate_json_filters_experimental_fields_and_methods() -> Result<()> {
         let output_dir = std::env::temp_dir().join(format!("codex_schema_{}", Uuid::now_v7()));
         fs::create_dir(&output_dir)?;
-        generate_json_with_experimental(&output_dir, false)?;
+        generate_json_with_experimental(&output_dir, /*experimental_api*/ false)?;
 
         let thread_start_json =
             fs::read_to_string(output_dir.join("v2").join("ThreadStartParams.json"))?;
@@ -2705,10 +2701,6 @@ export type Config = { stableField: Keep, unstableField: string | null } & ({ [k
             command_execution_request_approval_json.contains("additionalPermissions"),
             false
         );
-        assert_eq!(
-            command_execution_request_approval_json.contains("skillMetadata"),
-            false
-        );
 
         let client_request_json = fs::read_to_string(output_dir.join("ClientRequest.json"))?;
         assert_eq!(
@@ -2721,7 +2713,6 @@ export type Config = { stableField: Keep, unstableField: string | null } & ({ [k
             fs::read_to_string(output_dir.join("codex_app_server_protocol.schemas.json"))?;
         assert_eq!(bundle_json.contains("mockExperimentalField"), false);
         assert_eq!(bundle_json.contains("additionalPermissions"), false);
-        assert_eq!(bundle_json.contains("skillMetadata"), false);
         assert_eq!(bundle_json.contains("MockExperimentalMethodParams"), false);
         assert_eq!(
             bundle_json.contains("MockExperimentalMethodResponse"),
@@ -2731,7 +2722,6 @@ export type Config = { stableField: Keep, unstableField: string | null } & ({ [k
             fs::read_to_string(output_dir.join("codex_app_server_protocol.v2.schemas.json"))?;
         assert_eq!(flat_v2_bundle_json.contains("mockExperimentalField"), false);
         assert_eq!(flat_v2_bundle_json.contains("additionalPermissions"), false);
-        assert_eq!(flat_v2_bundle_json.contains("skillMetadata"), false);
         assert_eq!(
             flat_v2_bundle_json.contains("MockExperimentalMethodParams"),
             false

codex-rs/app-server-protocol/src/protocol/common.rs

@@ -120,6 +120,41 @@ macro_rules! client_request_definitions {
             }
         }
 
+        /// Typed response from the server to the client.
+        #[derive(Serialize, Deserialize, Debug, Clone)]
+        #[serde(tag = "method", rename_all = "camelCase")]
+        pub enum ClientResponse {
+            $(
+                $(#[doc = $variant_doc])*
+                $(#[serde(rename = $wire)])?
+                $variant {
+                    #[serde(rename = "id")]
+                    request_id: RequestId,
+                    response: $response,
+                },
+            )*
+        }
+
+        impl ClientResponse {
+            pub fn id(&self) -> &RequestId {
+                match self {
+                    $(Self::$variant { request_id, .. } => request_id,)*
+                }
+            }
+
+            pub fn method(&self) -> String {
+                serde_json::to_value(self)
+                    .ok()
+                    .and_then(|value| {
+                        value
+                            .get("method")
+                            .and_then(serde_json::Value::as_str)
+                            .map(str::to_owned)
+                    })
+                    .unwrap_or_else(|| "<unknown>".to_string())
+            }
+        }
+
         impl crate::experimental_api::ExperimentalApi for ClientRequest {
             fn experimental_reason(&self) -> Option<&'static str> {
                 match self {
@@ -1265,6 +1300,84 @@ mod tests {
         Ok(())
     }
 
+    #[test]
+    fn serialize_client_response() -> Result<()> {
+        let response = ClientResponse::ThreadStart {
+            request_id: RequestId::Integer(7),
+            response: v2::ThreadStartResponse {
+                thread: v2::Thread {
+                    id: "67e55044-10b1-426f-9247-bb680e5fe0c8".to_string(),
+                    preview: "first prompt".to_string(),
+                    ephemeral: true,
+                    model_provider: "openai".to_string(),
+                    created_at: 1,
+                    updated_at: 2,
+                    status: v2::ThreadStatus::Idle,
+                    path: None,
+                    cwd: PathBuf::from("/tmp"),
+                    cli_version: "0.0.0".to_string(),
+                    source: v2::SessionSource::Exec,
+                    agent_nickname: None,
+                    agent_role: None,
+                    git_info: None,
+                    name: None,
+                    turns: Vec::new(),
+                },
+                model: "gpt-5".to_string(),
+                model_provider: "openai".to_string(),
+                service_tier: None,
+                cwd: PathBuf::from("/tmp"),
+                approval_policy: v2::AskForApproval::OnFailure,
+                approvals_reviewer: v2::ApprovalsReviewer::User,
+                sandbox: v2::SandboxPolicy::DangerFullAccess,
+                reasoning_effort: None,
+            },
+        };
+
+        assert_eq!(response.id(), &RequestId::Integer(7));
+        assert_eq!(response.method(), "thread/start");
+        assert_eq!(
+            json!({
+                "method": "thread/start",
+                "id": 7,
+                "response": {
+                    "thread": {
+                        "id": "67e55044-10b1-426f-9247-bb680e5fe0c8",
+                        "preview": "first prompt",
+                        "ephemeral": true,
+                        "modelProvider": "openai",
+                        "createdAt": 1,
+                        "updatedAt": 2,
+                        "status": {
+                            "type": "idle"
+                        },
+                        "path": null,
+                        "cwd": "/tmp",
+                        "cliVersion": "0.0.0",
+                        "source": "exec",
+                        "agentNickname": null,
+                        "agentRole": null,
+                        "gitInfo": null,
+                        "name": null,
+                        "turns": []
+                    },
+                    "model": "gpt-5",
+                    "modelProvider": "openai",
+                    "serviceTier": null,
+                    "cwd": "/tmp",
+                    "approvalPolicy": "on-failure",
+                    "approvalsReviewer": "user",
+                    "sandbox": {
+                        "type": "dangerFullAccess"
+                    },
+                    "reasoningEffort": null
+                }
+            }),
+            serde_json::to_value(&response)?,
+        );
+        Ok(())
+    }
+
     #[test]
     fn serialize_config_requirements_read() -> Result<()> {
         let request = ClientRequest::ConfigRequirementsRead {
@@ -1322,16 +1435,35 @@ mod tests {
         Ok(())
     }
 
+    #[test]
+    fn serialize_account_login_chatgpt_device_code() -> Result<()> {
+        let request = ClientRequest::LoginAccount {
+            request_id: RequestId::Integer(4),
+            params: v2::LoginAccountParams::ChatgptDeviceCode,
+        };
+        assert_eq!(
+            json!({
+                "method": "account/login/start",
+                "id": 4,
+                "params": {
+                    "type": "chatgptDeviceCode"
+                }
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
     #[test]
     fn serialize_account_logout() -> Result<()> {
         let request = ClientRequest::LogoutAccount {
-            request_id: RequestId::Integer(4),
+            request_id: RequestId::Integer(5),
             params: None,
         };
         assert_eq!(
             json!({
                 "method": "account/logout",
-                "id": 4,
+                "id": 5,
             }),
             serde_json::to_value(&request)?,
         );
@@ -1341,7 +1473,7 @@ mod tests {
     #[test]
     fn serialize_account_login_chatgpt_auth_tokens() -> Result<()> {
         let request = ClientRequest::LoginAccount {
-            request_id: RequestId::Integer(5),
+            request_id: RequestId::Integer(6),
             params: v2::LoginAccountParams::ChatgptAuthTokens {
                 access_token: "access-token".to_string(),
                 chatgpt_account_id: "org-123".to_string(),
@@ -1351,7 +1483,7 @@ mod tests {
         assert_eq!(
             json!({
                 "method": "account/login/start",
-                "id": 5,
+                "id": 6,
                 "params": {
                     "type": "chatgptAuthTokens",
                     "accessToken": "access-token",
@@ -1703,9 +1835,7 @@ mod tests {
                     read: Some(vec![absolute_path("/tmp/allowed")]),
                     write: None,
                 }),
-                macos: None,
             }),
-            skill_metadata: None,
             proposed_execpolicy_amendment: None,
             proposed_network_policy_amendments: None,
             available_decisions: None,
@@ -1716,31 +1846,4 @@ mod tests {
             Some("item/commandExecution/requestApproval.additionalPermissions")
         );
     }
-
-    #[test]
-    fn command_execution_request_approval_skill_metadata_is_marked_experimental() {
-        let params = v2::CommandExecutionRequestApprovalParams {
-            thread_id: "thr_123".to_string(),
-            turn_id: "turn_123".to_string(),
-            item_id: "call_123".to_string(),
-            approval_id: None,
-            reason: None,
-            network_approval_context: None,
-            command: Some("cat file".to_string()),
-            cwd: None,
-            command_actions: None,
-            additional_permissions: None,
-            skill_metadata: Some(v2::CommandExecutionRequestApprovalSkillMetadata {
-                path_to_skills_md: PathBuf::from("/tmp/SKILLS.md"),
-            }),
-            proposed_execpolicy_amendment: None,
-            proposed_network_policy_amendments: None,
-            available_decisions: None,
-        };
-        let reason = crate::experimental_api::ExperimentalApi::experimental_reason(&params);
-        assert_eq!(
-            reason,
-            Some("item/commandExecution/requestApproval.skillMetadata")
-        );
-    }
 }

codex-rs/app-server-protocol/src/protocol/v2.rs

@@ -7,7 +7,6 @@ use crate::protocol::common::AuthMode;
 use codex_experimental_api_macros::ExperimentalApi;
 use codex_protocol::account::PlanType;
 use codex_protocol::approvals::ElicitationRequest as CoreElicitationRequest;
-use codex_protocol::approvals::ExecApprovalRequestSkillMetadata as CoreExecApprovalRequestSkillMetadata;
 use codex_protocol::approvals::ExecPolicyAmendment as CoreExecPolicyAmendment;
 use codex_protocol::approvals::NetworkApprovalContext as CoreNetworkApprovalContext;
 use codex_protocol::approvals::NetworkApprovalProtocol as CoreNetworkApprovalProtocol;
@@ -33,10 +32,6 @@ use codex_protocol::mcp::Tool as McpTool;
 use codex_protocol::memory_citation::MemoryCitation as CoreMemoryCitation;
 use codex_protocol::memory_citation::MemoryCitationEntry as CoreMemoryCitationEntry;
 use codex_protocol::models::FileSystemPermissions as CoreFileSystemPermissions;
-use codex_protocol::models::MacOsAutomationPermission as CoreMacOsAutomationPermission;
-use codex_protocol::models::MacOsContactsPermission as CoreMacOsContactsPermission;
-use codex_protocol::models::MacOsPreferencesPermission as CoreMacOsPreferencesPermission;
-use codex_protocol::models::MacOsSeatbeltProfileExtensions as CoreMacOsSeatbeltProfileExtensions;
 use codex_protocol::models::MessagePhase;
 use codex_protocol::models::NetworkPermissions as CoreNetworkPermissions;
 use codex_protocol::models::PermissionProfile as CorePermissionProfile;
@@ -377,7 +372,7 @@ v2_enum_from_core!(
 
 v2_enum_from_core!(
     pub enum HookEventName from CoreHookEventName {
-        PreToolUse, SessionStart, UserPromptSubmit, Stop
+        PreToolUse, PostToolUse, SessionStart, UserPromptSubmit, Stop
     }
 );
 
@@ -871,12 +866,38 @@ pub struct NetworkRequirements {
     pub allow_upstream_proxy: Option<bool>,
     pub dangerously_allow_non_loopback_proxy: Option<bool>,
     pub dangerously_allow_all_unix_sockets: Option<bool>,
+    /// Canonical network permission map for `experimental_network`.
+    pub domains: Option<BTreeMap<String, NetworkDomainPermission>>,
+    /// When true, only managed allowlist entries are respected while managed
+    /// network enforcement is active.
+    pub managed_allowed_domains_only: Option<bool>,
+    /// Legacy compatibility view derived from `domains`.
     pub allowed_domains: Option<Vec<String>>,
+    /// Legacy compatibility view derived from `domains`.
     pub denied_domains: Option<Vec<String>>,
+    /// Canonical unix socket permission map for `experimental_network`.
+    pub unix_sockets: Option<BTreeMap<String, NetworkUnixSocketPermission>>,
+    /// Legacy compatibility view derived from `unix_sockets`.
     pub allow_unix_sockets: Option<Vec<String>>,
     pub allow_local_binding: Option<bool>,
 }
 
+#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "lowercase")]
+#[ts(export_to = "v2/")]
+pub enum NetworkDomainPermission {
+    Allow,
+    Deny,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "lowercase")]
+#[ts(export_to = "v2/")]
+pub enum NetworkUnixSocketPermission {
+    Allow,
+    None,
+}
+
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]
@@ -1086,47 +1107,6 @@ impl From<AdditionalFileSystemPermissions> for CoreFileSystemPermissions {
     }
 }
 
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct AdditionalMacOsPermissions {
-    pub preferences: CoreMacOsPreferencesPermission,
-    pub automations: CoreMacOsAutomationPermission,
-    pub launch_services: bool,
-    pub accessibility: bool,
-    pub calendar: bool,
-    pub reminders: bool,
-    pub contacts: CoreMacOsContactsPermission,
-}
-
-impl From<CoreMacOsSeatbeltProfileExtensions> for AdditionalMacOsPermissions {
-    fn from(value: CoreMacOsSeatbeltProfileExtensions) -> Self {
-        Self {
-            preferences: value.macos_preferences,
-            automations: value.macos_automation,
-            launch_services: value.macos_launch_services,
-            accessibility: value.macos_accessibility,
-            calendar: value.macos_calendar,
-            reminders: value.macos_reminders,
-            contacts: value.macos_contacts,
-        }
-    }
-}
-
-impl From<AdditionalMacOsPermissions> for CoreMacOsSeatbeltProfileExtensions {
-    fn from(value: AdditionalMacOsPermissions) -> Self {
-        Self {
-            macos_preferences: value.preferences,
-            macos_automation: value.automations,
-            macos_launch_services: value.launch_services,
-            macos_accessibility: value.accessibility,
-            macos_calendar: value.calendar,
-            macos_reminders: value.reminders,
-            macos_contacts: value.contacts,
-        }
-    }
-}
-
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]
@@ -1183,7 +1163,6 @@ impl From<RequestPermissionProfile> for CoreRequestPermissionProfile {
 pub struct AdditionalPermissionProfile {
     pub network: Option<AdditionalNetworkPermissions>,
     pub file_system: Option<AdditionalFileSystemPermissions>,
-    pub macos: Option<AdditionalMacOsPermissions>,
 }
 
 impl From<CorePermissionProfile> for AdditionalPermissionProfile {
@@ -1191,7 +1170,6 @@ impl From<CorePermissionProfile> for AdditionalPermissionProfile {
         Self {
             network: value.network.map(AdditionalNetworkPermissions::from),
             file_system: value.file_system.map(AdditionalFileSystemPermissions::from),
-            macos: value.macos.map(AdditionalMacOsPermissions::from),
         }
     }
 }
@@ -1201,7 +1179,6 @@ impl From<AdditionalPermissionProfile> for CorePermissionProfile {
         Self {
             network: value.network.map(CoreNetworkPermissions::from),
             file_system: value.file_system.map(CoreFileSystemPermissions::from),
-            macos: value.macos.map(CoreMacOsSeatbeltProfileExtensions::from),
         }
     }
 }
@@ -1223,7 +1200,6 @@ impl From<GrantedPermissionProfile> for CorePermissionProfile {
         Self {
             network: value.network.map(CoreNetworkPermissions::from),
             file_system: value.file_system.map(CoreFileSystemPermissions::from),
-            macos: None,
         }
     }
 }
@@ -1613,6 +1589,9 @@ pub enum LoginAccountParams {
     #[serde(rename = "chatgpt")]
     #[ts(rename = "chatgpt")]
     Chatgpt,
+    #[serde(rename = "chatgptDeviceCode")]
+    #[ts(rename = "chatgptDeviceCode")]
+    ChatgptDeviceCode,
     /// [UNSTABLE] FOR OPENAI INTERNAL USE ONLY - DO NOT USE.
     /// The access token must contain the same scopes that Codex-managed ChatGPT auth tokens have.
     #[experimental("account/login/start.chatgptAuthTokens")]
@@ -1650,6 +1629,17 @@ pub enum LoginAccountResponse {
         /// URL the client should open in a browser to initiate the OAuth flow.
         auth_url: String,
     },
+    #[serde(rename = "chatgptDeviceCode", rename_all = "camelCase")]
+    #[ts(rename = "chatgptDeviceCode", rename_all = "camelCase")]
+    ChatgptDeviceCode {
+        // Use plain String for identifiers to avoid TS/JSON Schema quirks around uuid-specific types.
+        // Convert to/from UUIDs at the application layer as needed.
+        login_id: String,
+        /// URL the client should open in a browser to complete device code authorization.
+        verification_url: String,
+        /// One-time code the user must enter after signing in.
+        user_code: String,
+    },
     #[serde(rename = "chatgptAuthTokens", rename_all = "camelCase")]
     #[ts(rename = "chatgptAuthTokens", rename_all = "camelCase")]
     ChatgptAuthTokens {},
@@ -2586,8 +2576,6 @@ pub struct ThreadStartParams {
     #[ts(optional = nullable)]
     pub personality: Option<Personality>,
     #[ts(optional = nullable)]
-    pub metadata: Option<BTreeMap<String, String>>,
-    #[ts(optional = nullable)]
     pub ephemeral: Option<bool>,
     #[experimental("thread/start.dynamicTools")]
     #[ts(optional = nullable)]
@@ -2780,8 +2768,6 @@ pub struct ThreadForkParams {
     pub base_instructions: Option<String>,
     #[ts(optional = nullable)]
     pub developer_instructions: Option<String>,
-    #[ts(optional = nullable)]
-    pub metadata: Option<BTreeMap<String, String>>,
     #[serde(default, skip_serializing_if = "std::ops::Not::not")]
     pub ephemeral: bool,
     /// If true, persist additional rollout EventMsg variants required to
@@ -2908,9 +2894,6 @@ pub struct ThreadSetNameResponse {}
 #[ts(export_to = "v2/")]
 pub struct ThreadMetadataUpdateParams {
     pub thread_id: String,
-    /// Replace the stored client-defined metadata for this thread.
-    #[ts(optional = nullable)]
-    pub metadata: Option<BTreeMap<String, String>>,
     /// Patch the stored Git metadata for this thread.
     /// Omit a field to leave it unchanged, set it to `null` to clear it, or
     /// provide a string to replace the stored value.
@@ -3526,14 +3509,6 @@ impl From<CoreSkillMetadata> for SkillMetadata {
     }
 }
 
-impl From<CoreExecApprovalRequestSkillMetadata> for CommandExecutionRequestApprovalSkillMetadata {
-    fn from(value: CoreExecApprovalRequestSkillMetadata) -> Self {
-        Self {
-            path_to_skills_md: value.path_to_skills_md,
-        }
-    }
-}
-
 impl From<CoreSkillInterface> for SkillInterface {
     fn from(value: CoreSkillInterface) -> Self {
         Self {
@@ -3627,9 +3602,6 @@ pub struct Thread {
     pub git_info: Option<GitInfo>,
     /// Optional user-facing thread title.
     pub name: Option<String>,
-    /// Arbitrary client-defined metadata.
-    #[serde(default)]
-    pub metadata: BTreeMap<String, String>,
     /// Only populated on `thread/resume`, `thread/rollback`, `thread/fork`, and `thread/read`
     /// (when `includeTurns` is true) responses.
     /// For all other responses and notifications returning a Thread,
@@ -5250,11 +5222,6 @@ pub struct CommandExecutionRequestApprovalParams {
     #[serde(default, skip_serializing_if = "Option::is_none")]
     #[ts(optional = nullable)]
     pub additional_permissions: Option<AdditionalPermissionProfile>,
-    /// Optional skill metadata when the approval was triggered by a skill script.
-    #[experimental("item/commandExecution/requestApproval.skillMetadata")]
-    #[serde(default, skip_serializing_if = "Option::is_none")]
-    #[ts(optional = nullable)]
-    pub skill_metadata: Option<CommandExecutionRequestApprovalSkillMetadata>,
     /// Optional proposed execpolicy amendment to allow similar commands without prompting.
     #[serde(default, skip_serializing_if = "Option::is_none")]
     #[ts(optional = nullable)]
@@ -5276,17 +5243,9 @@ impl CommandExecutionRequestApprovalParams {
         // We need a generic outbound compatibility design for stripping or
         // otherwise handling experimental server->client payloads.
         self.additional_permissions = None;
-        self.skill_metadata = None;
     }
 }
 
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct CommandExecutionRequestApprovalSkillMetadata {
-    pub path_to_skills_md: PathBuf,
-}
-
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]
@@ -6107,10 +6066,8 @@ mod tests {
                 "fileSystem": {
                     "read": ["relative/path"],
                     "write": null
-                },
-                "macos": null
+                }
             },
-            "skillMetadata": null,
             "proposedExecpolicyAmendment": null,
             "proposedNetworkPolicyAmendments": null,
             "availableDecisions": null
@@ -6123,121 +6080,6 @@ mod tests {
         );
     }
 
-    #[test]
-    fn command_execution_request_approval_accepts_macos_automation_bundle_ids_object() {
-        let params = serde_json::from_value::<CommandExecutionRequestApprovalParams>(json!({
-            "threadId": "thr_123",
-            "turnId": "turn_123",
-            "itemId": "call_123",
-            "command": "cat file",
-            "cwd": "/tmp",
-            "commandActions": null,
-            "reason": null,
-            "networkApprovalContext": null,
-            "additionalPermissions": {
-                "network": null,
-                "fileSystem": null,
-                "macos": {
-                    "preferences": "read_only",
-                    "automations": {
-                        "bundle_ids": ["com.apple.Notes"]
-                    },
-                    "launchServices": false,
-                    "accessibility": false,
-                    "calendar": false,
-                    "reminders": false,
-                    "contacts": "read_only"
-                }
-            },
-            "skillMetadata": null,
-            "proposedExecpolicyAmendment": null,
-            "proposedNetworkPolicyAmendments": null,
-            "availableDecisions": null
-        }))
-        .expect("bundle_ids object should deserialize");
-
-        assert_eq!(
-            params
-                .additional_permissions
-                .and_then(|permissions| permissions.macos)
-                .map(|macos| (macos.automations, macos.launch_services, macos.contacts)),
-            Some((
-                CoreMacOsAutomationPermission::BundleIds(vec!["com.apple.Notes".to_string(),]),
-                false,
-                CoreMacOsContactsPermission::ReadOnly,
-            ))
-        );
-    }
-
-    #[test]
-    fn command_execution_request_approval_accepts_macos_reminders_permission() {
-        let params = serde_json::from_value::<CommandExecutionRequestApprovalParams>(json!({
-            "threadId": "thr_123",
-            "turnId": "turn_123",
-            "itemId": "call_123",
-            "command": "cat file",
-            "cwd": "/tmp",
-            "commandActions": null,
-            "reason": null,
-            "networkApprovalContext": null,
-            "additionalPermissions": {
-                "network": null,
-                "fileSystem": null,
-                "macos": {
-                    "preferences": "read_only",
-                    "automations": "none",
-                    "launchServices": false,
-                    "accessibility": false,
-                    "calendar": false,
-                    "reminders": true,
-                    "contacts": "none"
-                }
-            },
-            "skillMetadata": null,
-            "proposedExecpolicyAmendment": null,
-            "proposedNetworkPolicyAmendments": null,
-            "availableDecisions": null
-        }))
-        .expect("reminders permission should deserialize");
-
-        assert_eq!(
-            params
-                .additional_permissions
-                .and_then(|permissions| permissions.macos)
-                .map(|macos| macos.reminders),
-            Some(true)
-        );
-    }
-
-    #[test]
-    fn command_execution_request_approval_accepts_skill_metadata() {
-        let params = serde_json::from_value::<CommandExecutionRequestApprovalParams>(json!({
-            "threadId": "thr_123",
-            "turnId": "turn_123",
-            "itemId": "call_123",
-            "command": "cat file",
-            "cwd": "/tmp",
-            "commandActions": null,
-            "reason": null,
-            "networkApprovalContext": null,
-            "additionalPermissions": null,
-            "skillMetadata": {
-                "pathToSkillsMd": "/tmp/SKILLS.md"
-            },
-            "proposedExecpolicyAmendment": null,
-            "proposedNetworkPolicyAmendments": null,
-            "availableDecisions": null
-        }))
-        .expect("skill metadata should deserialize");
-
-        assert_eq!(
-            params.skill_metadata,
-            Some(CommandExecutionRequestApprovalSkillMetadata {
-                path_to_skills_md: PathBuf::from("/tmp/SKILLS.md"),
-            })
-        );
-    }
-
     #[test]
     fn permissions_request_approval_uses_request_permission_profile() {
         let read_only_path = if cfg!(windows) {
@@ -6395,7 +6237,6 @@ mod tests {
                             .expect("path must be absolute"),
                     ]),
                 }),
-                macos: None,
             }
         );
     }
@@ -7686,6 +7527,94 @@ mod tests {
         );
     }
 
+    #[test]
+    fn network_requirements_deserializes_legacy_fields() {
+        let requirements: NetworkRequirements = serde_json::from_value(json!({
+            "allowedDomains": ["api.openai.com"],
+            "deniedDomains": ["blocked.example.com"],
+            "allowUnixSockets": ["/tmp/proxy.sock"]
+        }))
+        .expect("legacy network requirements should deserialize");
+
+        assert_eq!(
+            requirements,
+            NetworkRequirements {
+                enabled: None,
+                http_port: None,
+                socks_port: None,
+                allow_upstream_proxy: None,
+                dangerously_allow_non_loopback_proxy: None,
+                dangerously_allow_all_unix_sockets: None,
+                domains: None,
+                managed_allowed_domains_only: None,
+                allowed_domains: Some(vec!["api.openai.com".to_string()]),
+                denied_domains: Some(vec!["blocked.example.com".to_string()]),
+                unix_sockets: None,
+                allow_unix_sockets: Some(vec!["/tmp/proxy.sock".to_string()]),
+                allow_local_binding: None,
+            }
+        );
+    }
+
+    #[test]
+    fn network_requirements_serializes_canonical_and_legacy_fields() {
+        let requirements = NetworkRequirements {
+            enabled: Some(true),
+            http_port: Some(8080),
+            socks_port: Some(1080),
+            allow_upstream_proxy: Some(false),
+            dangerously_allow_non_loopback_proxy: Some(false),
+            dangerously_allow_all_unix_sockets: Some(true),
+            domains: Some(BTreeMap::from([
+                ("api.openai.com".to_string(), NetworkDomainPermission::Allow),
+                (
+                    "blocked.example.com".to_string(),
+                    NetworkDomainPermission::Deny,
+                ),
+            ])),
+            managed_allowed_domains_only: Some(true),
+            allowed_domains: Some(vec!["api.openai.com".to_string()]),
+            denied_domains: Some(vec!["blocked.example.com".to_string()]),
+            unix_sockets: Some(BTreeMap::from([
+                (
+                    "/tmp/proxy.sock".to_string(),
+                    NetworkUnixSocketPermission::Allow,
+                ),
+                (
+                    "/tmp/ignored.sock".to_string(),
+                    NetworkUnixSocketPermission::None,
+                ),
+            ])),
+            allow_unix_sockets: Some(vec!["/tmp/proxy.sock".to_string()]),
+            allow_local_binding: Some(true),
+        };
+
+        assert_eq!(
+            serde_json::to_value(requirements).expect("network requirements should serialize"),
+            json!({
+                "enabled": true,
+                "httpPort": 8080,
+                "socksPort": 1080,
+                "allowUpstreamProxy": false,
+                "dangerouslyAllowNonLoopbackProxy": false,
+                "dangerouslyAllowAllUnixSockets": true,
+                "domains": {
+                    "api.openai.com": "allow",
+                    "blocked.example.com": "deny"
+                },
+                "managedAllowedDomainsOnly": true,
+                "allowedDomains": ["api.openai.com"],
+                "deniedDomains": ["blocked.example.com"],
+                "unixSockets": {
+                    "/tmp/ignored.sock": "none",
+                    "/tmp/proxy.sock": "allow"
+                },
+                "allowUnixSockets": ["/tmp/proxy.sock"],
+                "allowLocalBinding": true
+            })
+        );
+    }
+
     #[test]
     fn core_turn_item_into_thread_item_converts_supported_variants() {
         let user_item = TurnItem::UserMessage(UserMessageItem {

codex-rs/app-server-protocol/tests/schema_fixtures.rs

@@ -23,7 +23,7 @@ fn typescript_schema_fixtures_match_generated() -> Result<()> {
 #[test]
 fn json_schema_fixtures_match_generated() -> Result<()> {
     assert_schema_fixtures_match_generated("json", |output_dir| {
-        generate_json_with_experimental(output_dir, false)
+        generate_json_with_experimental(output_dir, /*experimental_api*/ false)
     })
 }
 

codex-rs/app-server-test-client/src/lib.rs

@@ -225,7 +225,11 @@ enum CliCommand {
         abort_on: Option<usize>,
     },
     /// Trigger the ChatGPT login flow and wait for completion.
-    TestLogin,
+    TestLogin {
+        /// Use the device-code login flow instead of the browser callback flow.
+        #[arg(long, default_value_t = false)]
+        device_code: bool,
+    },
     /// Fetch the current account rate limits from the Codex app-server.
     GetAccountRateLimits,
     /// List the available models from the Codex app-server.
@@ -372,10 +376,10 @@ pub async fn run() -> Result<()> {
             )
             .await
         }
-        CliCommand::TestLogin => {
+        CliCommand::TestLogin { device_code } => {
             ensure_dynamic_tools_unused(&dynamic_tools, "test-login")?;
             let endpoint = resolve_endpoint(codex_bin, url)?;
-            test_login(&endpoint, &config_overrides).await
+            test_login(&endpoint, &config_overrides, device_code).await
         }
         CliCommand::GetAccountRateLimits => {
             ensure_dynamic_tools_unused(&dynamic_tools, "get-account-rate-limits")?;
@@ -1028,17 +1032,38 @@ async fn send_follow_up_v2(
     .await
 }
 
-async fn test_login(endpoint: &Endpoint, config_overrides: &[String]) -> Result<()> {
+async fn test_login(
+    endpoint: &Endpoint,
+    config_overrides: &[String],
+    device_code: bool,
+) -> Result<()> {
     with_client("test-login", endpoint, config_overrides, |client| {
         let initialize = client.initialize()?;
         println!("< initialize response: {initialize:?}");
 
-        let login_response = client.login_account_chatgpt()?;
-        println!("< account/login/start response: {login_response:?}");
-        let LoginAccountResponse::Chatgpt { login_id, auth_url } = login_response else {
-            bail!("expected chatgpt login response");
+        let login_response = if device_code {
+            client.login_account_chatgpt_device_code()?
+        } else {
+            client.login_account_chatgpt()?
+        };
+        println!("< account/login/start response: {login_response:?}");
+        let login_id = match login_response {
+            LoginAccountResponse::Chatgpt { login_id, auth_url } => {
+                println!("Open the following URL in your browser to continue:\n{auth_url}");
+                login_id
+            }
+            LoginAccountResponse::ChatgptDeviceCode {
+                login_id,
+                verification_url,
+                user_code,
+            } => {
+                println!(
+                    "Open the following URL and enter the code to continue:\n{verification_url}\n\nCode: {user_code}"
+                );
+                login_id
+            }
+            _ => bail!("expected chatgpt login response"),
         };
-        println!("Open the following URL in your browser to continue:\n{auth_url}");
 
         let completion = client.wait_for_account_login_completion(&login_id)?;
         println!("< account/login/completed notification: {completion:?}");
@@ -1590,6 +1615,16 @@ impl CodexClient {
         self.send_request(request, request_id, "account/login/start")
     }
 
+    fn login_account_chatgpt_device_code(&mut self) -> Result<LoginAccountResponse> {
+        let request_id = self.request_id();
+        let request = ClientRequest::LoginAccount {
+            request_id: request_id.clone(),
+            params: codex_app_server_protocol::LoginAccountParams::ChatgptDeviceCode,
+        };
+
+        self.send_request(request, request_id, "account/login/start")
+    }
+
     fn get_account_rate_limits(&mut self) -> Result<GetAccountRateLimitsResponse> {
         let request_id = self.request_id();
         let request = ClientRequest::GetAccountRateLimits {
@@ -1917,7 +1952,6 @@ impl CodexClient {
             cwd,
             command_actions,
             additional_permissions,
-            skill_metadata,
             proposed_execpolicy_amendment,
             proposed_network_policy_amendments,
             available_decisions,
@@ -1952,9 +1986,6 @@ impl CodexClient {
         if let Some(additional_permissions) = additional_permissions.as_ref() {
             println!("< additional permissions: {additional_permissions:?}");
         }
-        if let Some(skill_metadata) = skill_metadata.as_ref() {
-            println!("< skill metadata: {skill_metadata:?}");
-        }
         if let Some(execpolicy_amendment) = proposed_execpolicy_amendment.as_ref() {
             println!("< proposed execpolicy amendment: {execpolicy_amendment:?}");
         }

codex-rs/app-server/Cargo.toml

@@ -49,14 +49,19 @@ codex-feedback = { workspace = true }
 codex-rmcp-client = { workspace = true }
 codex-sandboxing = { workspace = true }
 codex-state = { workspace = true }
+codex-tools = { workspace = true }
 codex-utils-absolute-path = { workspace = true }
 codex-utils-json-to-toml = { workspace = true }
 chrono = { workspace = true }
 clap = { workspace = true, features = ["derive"] }
+constant_time_eq = { workspace = true }
 futures = { workspace = true }
+hmac = { workspace = true }
+jsonwebtoken = { workspace = true }
 owo-colors = { workspace = true, features = ["supports-colors"] }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
+sha2 = { workspace = true }
 tempfile = { workspace = true }
 time = { workspace = true }
 toml = { workspace = true }

codex-rs/app-server/README.md

@@ -34,6 +34,15 @@ When running with `--listen ws://IP:PORT`, the same listener also serves basic H
 
 Websocket transport is currently experimental and unsupported. Do not rely on it for production workloads.
 
+Security note:
+
+- Loopback websocket listeners (`ws://127.0.0.1:PORT`) remain appropriate for localhost and SSH port-forwarding workflows.
+- Non-loopback websocket listeners currently allow unauthenticated connections by default during rollout. If you expose one remotely, configure websocket auth explicitly now.
+- Supported auth modes are app-server flags:
+  - `--ws-auth capability-token --ws-token-file /absolute/path`
+  - `--ws-auth signed-bearer-token --ws-shared-secret-file /absolute/path` for HMAC-signed JWT/JWS bearer tokens, with optional `--ws-issuer`, `--ws-audience`, `--ws-max-clock-skew-seconds`
+- Clients present the credential as `Authorization: Bearer <token>` during the websocket handshake. Auth is enforced before JSON-RPC `initialize`.
+
 Tracing/log output:
 
 - `RUST_LOG` controls log filtering/verbosity.
@@ -123,13 +132,13 @@ Example with notification opt-out:
 
 ## API Overview
 
-- `thread/start` — create a new thread; accepts optional client-defined `metadata` (`string -> string`, up to 16 entries with keys/values <= 512 chars), emits `thread/started` (including the current `thread.status`), and auto-subscribes you to turn/item events for that thread.
+- `thread/start` — create a new thread; emits `thread/started` (including the current `thread.status`) and auto-subscribes you to turn/item events for that thread.
 - `thread/resume` — reopen an existing thread by id so subsequent `turn/start` calls append to it.
-- `thread/fork` — fork an existing thread into a new thread id by copying the stored history; if the source thread is currently mid-turn, the fork records the same interruption marker as `turn/interrupt` instead of inheriting an unmarked partial turn suffix. Accepts optional client-defined `metadata` plus `ephemeral: true` for an in-memory temporary fork, emits `thread/started` (including the current `thread.status`), and auto-subscribes you to turn/item events for the new thread.
-- `thread/list` — page through stored rollouts; supports cursor-based pagination and optional `modelProviders`, `sourceKinds`, `archived`, `cwd`, and `searchTerm` filters. Each returned `thread` includes `status` (`ThreadStatus`), defaulting to `notLoaded` when the thread is not currently loaded, plus any stored client `metadata`.
+- `thread/fork` — fork an existing thread into a new thread id by copying the stored history; if the source thread is currently mid-turn, the fork records the same interruption marker as `turn/interrupt` instead of inheriting an unmarked partial turn suffix. Accepts `ephemeral: true` for an in-memory temporary fork, emits `thread/started` (including the current `thread.status`), and auto-subscribes you to turn/item events for the new thread.
+- `thread/list` — page through stored rollouts; supports cursor-based pagination and optional `modelProviders`, `sourceKinds`, `archived`, `cwd`, and `searchTerm` filters. Each returned `thread` includes `status` (`ThreadStatus`), defaulting to `notLoaded` when the thread is not currently loaded.
 - `thread/loaded/list` — list the thread ids currently loaded in memory.
-- `thread/read` — read a stored thread by id without resuming it; optionally include turns via `includeTurns`. The returned `thread` includes `status` (`ThreadStatus`), defaulting to `notLoaded` when the thread is not currently loaded, plus any stored client `metadata`.
-- `thread/metadata/update` — replace stored client `metadata` and/or patch stored `gitInfo` fields in sqlite, then return the refreshed `thread`.
+- `thread/read` — read a stored thread by id without resuming it; optionally include turns via `includeTurns`. The returned `thread` includes `status` (`ThreadStatus`), defaulting to `notLoaded` when the thread is not currently loaded.
+- `thread/metadata/update` — patch stored thread metadata in sqlite; currently supports updating persisted `gitInfo` fields and returns the refreshed `thread`.
 - `thread/status/changed` — notification emitted when a loaded thread’s status changes (`threadId` + new `status`).
 - `thread/archive` — move a thread’s rollout file into the archived directory; returns `{}` on success and emits `thread/archived`.
 - `thread/unsubscribe` — unsubscribe this connection from thread turn/item events. If this was the last subscriber, the server shuts down and unloads the thread, then emits `thread/closed`.
@@ -185,7 +194,7 @@ Example with notification opt-out:
 - `externalAgentConfig/import` — apply selected external-agent migration items by passing explicit `migrationItems` with `cwd` (`null` for home).
 - `config/value/write` — write a single config key/value to the user's config.toml on disk.
 - `config/batchWrite` — apply multiple config edits atomically to the user's config.toml on disk, with optional `reloadUserConfig: true` to hot-reload loaded threads.
-- `configRequirements/read` — fetch loaded requirements constraints from `requirements.toml` and/or MDM (or `null` if none are configured), including allow-lists (`allowedApprovalPolicies`, `allowedSandboxModes`, `allowedWebSearchModes`), pinned feature values (`featureRequirements`), `enforceResidency`, and `network` constraints.
+- `configRequirements/read` — fetch loaded requirements constraints from `requirements.toml` and/or MDM (or `null` if none are configured), including allow-lists (`allowedApprovalPolicies`, `allowedSandboxModes`, `allowedWebSearchModes`), pinned feature values (`featureRequirements`), `enforceResidency`, and `network` constraints such as canonical domain/socket permissions plus `managedAllowedDomainsOnly`.
 
 ### Example: Start or resume a thread
 
@@ -201,7 +210,6 @@ Start a fresh thread when you need a new Codex conversation.
     "sandbox": "workspaceWrite",
     "personality": "friendly",
     "serviceName": "my_app_server_client", // optional metrics tag (`service_name`)
-    "metadata": { "client": "vscode", "surface": "chat" },
     // Experimental: requires opt-in
     "dynamicTools": [
         {
@@ -223,8 +231,7 @@ Start a fresh thread when you need a new Codex conversation.
         "id": "thr_123",
         "preview": "",
         "modelProvider": "openai",
-        "createdAt": 1730910000,
-        "metadata": { "client": "vscode", "surface": "chat" }
+        "createdAt": 1730910000
     }
 } }
 { "method": "thread/started", "params": { "thread": { … } } }
@@ -246,14 +253,10 @@ Example:
 { "id": 11, "result": { "thread": { "id": "thr_123", … } } }
 ```
 
-To branch from a stored session, call `thread/fork` with the `thread.id`. This creates a new thread id and emits a `thread/started` notification for it. If the source thread is actively running, the fork snapshots it as if the current turn had been interrupted first. You can also set replacement client `metadata` on the fork. Pass `ephemeral: true` when the fork should stay in-memory only:
+To branch from a stored session, call `thread/fork` with the `thread.id`. This creates a new thread id and emits a `thread/started` notification for it. If the source thread is actively running, the fork snapshots it as if the current turn had been interrupted first. Pass `ephemeral: true` when the fork should stay in-memory only:
 
 ```json
-{ "method": "thread/fork", "id": 12, "params": {
-    "threadId": "thr_123",
-    "metadata": { "origin": "review" },
-    "ephemeral": true
-} }
+{ "method": "thread/fork", "id": 12, "params": { "threadId": "thr_123", "ephemeral": true } }
 { "id": 12, "result": { "thread": { "id": "thr_456", … } } }
 { "method": "thread/started", "params": { "thread": { … } } }
 ```
@@ -344,7 +347,7 @@ If this was the last subscriber, the server unloads the thread and emits `thread
 
 ### Example: Read a thread
 
-Use `thread/read` to fetch a stored thread by id without resuming it. Pass `includeTurns` when you want the rollout history loaded into `thread.turns`. The returned thread includes `agentNickname` and `agentRole` for AgentControl-spawned thread sub-agents when available, plus stored client `metadata` when present.
+Use `thread/read` to fetch a stored thread by id without resuming it. Pass `includeTurns` when you want the rollout history loaded into `thread.turns`. The returned thread includes `agentNickname` and `agentRole` for AgentControl-spawned thread sub-agents when available.
 
 ```json
 { "method": "thread/read", "id": 22, "params": { "threadId": "thr_123" } }
@@ -362,38 +365,25 @@ Use `thread/read` to fetch a stored thread by id without resuming it. Pass `incl
 
 ### Example: Update stored thread metadata
 
-Use `thread/metadata/update` to update sqlite-backed metadata for a thread without resuming it. `metadata` replaces the stored client-defined key/value map. `gitInfo` remains patch-style: omitted fields are left unchanged, while explicit `null` clears a stored value.
+Use `thread/metadata/update` to patch sqlite-backed metadata for a thread without resuming it. Today this supports persisted `gitInfo`; omitted fields are left unchanged, while explicit `null` clears a stored value.
 
 ```json
 { "method": "thread/metadata/update", "id": 24, "params": {
-    "threadId": "thr_123",
-    "metadata": { "client": "desktop", "surface": "composer" }
-} }
-{ "id": 24, "result": {
-    "thread": {
-        "id": "thr_123",
-        "metadata": { "client": "desktop", "surface": "composer" }
-    }
-} }
-```
-
-```json
-{ "method": "thread/metadata/update", "id": 25, "params": {
     "threadId": "thr_123",
     "gitInfo": { "branch": "feature/sidebar-pr" }
 } }
-{ "id": 25, "result": {
+{ "id": 24, "result": {
     "thread": {
         "id": "thr_123",
         "gitInfo": { "sha": null, "branch": "feature/sidebar-pr", "originUrl": null }
     }
 } }
 
-{ "method": "thread/metadata/update", "id": 26, "params": {
+{ "method": "thread/metadata/update", "id": 25, "params": {
     "threadId": "thr_123",
     "gitInfo": { "branch": null }
 } }
-{ "id": 26, "result": {
+{ "id": 25, "result": {
     "thread": {
         "id": "thr_123",
         "gitInfo": null
@@ -1022,9 +1012,14 @@ Order of messages:
 
 `turnId` is best-effort. When the elicitation is correlated with an active turn, the request includes that turn id; otherwise it is `null`.
 
+For MCP tool approval elicitations, form request `meta` includes
+`codex_approval_kind: "mcp_tool_call"` and may include `persist: "session"`,
+`persist: "always"`, or `persist: ["session", "always"]` to advertise whether
+the client can offer session-scoped and/or persistent approval choices.
+
 ### Permission requests
 
-The built-in `request_permissions` tool sends an `item/permissions/requestApproval` JSON-RPC request to the client with the requested permission profile. This v2 payload mirrors the standalone tool's narrower permission shape, so it can request network access and additional filesystem access but does not include the broader `macos` branch used by command-execution `additionalPermissions`.
+The built-in `request_permissions` tool sends an `item/permissions/requestApproval` JSON-RPC request to the client with the requested permission profile. This v2 payload mirrors the command-execution `additionalPermissions` shape: it can request network access and additional filesystem access.
 
 ```json
 {
@@ -1060,7 +1055,7 @@ The client responds with `result.permissions`, which should be the granted subse
 }
 ```
 
-Only the granted subset matters on the wire. Any permissions omitted from `result.permissions` are treated as denied, including omitted nested keys inside `result.permissions.macos`, so a sparse response like `{ "permissions": { "macos": { "accessibility": true } } }` grants only accessibility. Any permissions not present in the original request are ignored by the server.
+Only the granted subset matters on the wire. Any permissions omitted from `result.permissions` are treated as denied. Any permissions not present in the original request are ignored by the server.
 
 Within the same turn, granted permissions are sticky: later shell-like tool calls can automatically reuse the granted subset without reissuing a separate permission request.
 
@@ -1314,14 +1309,14 @@ The JSON-RPC auth/account surface exposes request/response methods plus server-i
 Codex supports these authentication modes. The current mode is surfaced in `account/updated` (`authMode`), which also includes the current ChatGPT `planType` when available, and can be inferred from `account/read`.
 
 - **API key (`apiKey`)**: Caller supplies an OpenAI API key via `account/login/start` with `type: "apiKey"`. The API key is saved and used for API requests.
-- **ChatGPT managed (`chatgpt`)** (recommended): Codex owns the ChatGPT OAuth flow and refresh tokens. Start via `account/login/start` with `type: "chatgpt"`; Codex persists tokens to disk and refreshes them automatically.
+- **ChatGPT managed (`chatgpt`)** (recommended): Codex owns the ChatGPT OAuth flow and refresh tokens. Start via `account/login/start` with `type: "chatgpt"` for the browser flow or `type: "chatgptDeviceCode"` for device code; Codex persists tokens to disk and refreshes them automatically.
 
 ### API Overview
 
 - `account/read` — fetch current account info; optionally refresh tokens.
-- `account/login/start` — begin login (`apiKey`, `chatgpt`).
+- `account/login/start` — begin login (`apiKey`, `chatgpt`, `chatgptDeviceCode`).
 - `account/login/completed` (notify) — emitted when a login attempt finishes (success or error).
-- `account/login/cancel` — cancel a pending ChatGPT login by `loginId`.
+- `account/login/cancel` — cancel a pending managed ChatGPT login by `loginId`.
 - `account/logout` — sign out; triggers `account/updated`.
 - `account/updated` (notify) — emitted whenever auth mode changes (`authMode`: `apikey`, `chatgpt`, or `null`) and includes the current ChatGPT `planType` when available.
 - `account/rateLimits/read` — fetch ChatGPT rate limits; updates arrive via `account/rateLimits/updated` (notify).
@@ -1385,26 +1380,40 @@ Field notes:
    { "method": "account/updated", "params": { "authMode": "chatgpt", "planType": "plus" } }
    ```
 
-### 4) Cancel a ChatGPT login
+### 4) Log in with ChatGPT (device code flow)
+
+1. Start:
+   ```json
+   { "method": "account/login/start", "id": 4, "params": { "type": "chatgptDeviceCode" } }
+   { "id": 4, "result": { "type": "chatgptDeviceCode", "loginId": "<uuid>", "verificationUrl": "https://auth.openai.com/codex/device", "userCode": "ABCD-1234" } }
+   ```
+2. Show `verificationUrl` and `userCode` to the user; the frontend owns the UX.
+3. Wait for notifications:
+   ```json
+   { "method": "account/login/completed", "params": { "loginId": "<uuid>", "success": true, "error": null } }
+   { "method": "account/updated", "params": { "authMode": "chatgpt", "planType": "plus" } }
+   ```
+
+### 5) Cancel a ChatGPT login
 
 ```json
-{ "method": "account/login/cancel", "id": 4, "params": { "loginId": "<uuid>" } }
+{ "method": "account/login/cancel", "id": 5, "params": { "loginId": "<uuid>" } }
 { "method": "account/login/completed", "params": { "loginId": "<uuid>", "success": false, "error": "…" } }
 ```
 
-### 5) Logout
+### 6) Logout
 
 ```json
-{ "method": "account/logout", "id": 5 }
-{ "id": 5, "result": {} }
+{ "method": "account/logout", "id": 6 }
+{ "id": 6, "result": {} }
 { "method": "account/updated", "params": { "authMode": null, "planType": null } }
 ```
 
-### 6) Rate limits (ChatGPT)
+### 7) Rate limits (ChatGPT)
 
 ```json
-{ "method": "account/rateLimits/read", "id": 6 }
-{ "id": 6, "result": { "rateLimits": { "primary": { "usedPercent": 25, "windowDurationMins": 15, "resetsAt": 1730947200 }, "secondary": null } } }
+{ "method": "account/rateLimits/read", "id": 7 }
+{ "id": 7, "result": { "rateLimits": { "primary": { "usedPercent": 25, "windowDurationMins": 15, "resetsAt": 1730947200 }, "secondary": null } } }
 { "method": "account/rateLimits/updated", "params": { "rateLimits": { … } } }
 ```
 

codex-rs/app-server/src/bespoke_event_handling.rs

@@ -1,8 +1,7 @@
 use crate::codex_message_processor::ApiVersion;
-use crate::codex_message_processor::merge_thread_metadata_from_state_db_context;
-use crate::codex_message_processor::project_thread_from_summary;
 use crate::codex_message_processor::read_rollout_items_from_rollout;
 use crate::codex_message_processor::read_summary_from_rollout;
+use crate::codex_message_processor::summary_to_thread;
 use crate::error_code::INTERNAL_ERROR_CODE;
 use crate::error_code::INVALID_REQUEST_ERROR_CODE;
 use crate::outgoing_message::ClientRequestResult;
@@ -27,7 +26,6 @@ use codex_app_server_protocol::CommandExecutionApprovalDecision;
 use codex_app_server_protocol::CommandExecutionOutputDeltaNotification;
 use codex_app_server_protocol::CommandExecutionRequestApprovalParams;
 use codex_app_server_protocol::CommandExecutionRequestApprovalResponse;
-use codex_app_server_protocol::CommandExecutionRequestApprovalSkillMetadata;
 use codex_app_server_protocol::CommandExecutionSource;
 use codex_app_server_protocol::CommandExecutionStatus;
 use codex_app_server_protocol::ContextCompactedNotification;
@@ -609,7 +607,6 @@ pub(crate) async fn apply_bespoke_event_handling(
                 proposed_execpolicy_amendment,
                 proposed_network_policy_amendments,
                 additional_permissions,
-                skill_metadata,
                 parsed_cmd,
                 ..
             } = ev;
@@ -681,8 +678,6 @@ pub(crate) async fn apply_bespoke_event_handling(
                         });
                     let additional_permissions =
                         additional_permissions.map(V2AdditionalPermissionProfile::from);
-                    let skill_metadata =
-                        skill_metadata.map(CommandExecutionRequestApprovalSkillMetadata::from);
 
                     let params = CommandExecutionRequestApprovalParams {
                         thread_id: conversation_id.to_string(),
@@ -695,7 +690,6 @@ pub(crate) async fn apply_bespoke_event_handling(
                         cwd,
                         command_actions,
                         additional_permissions,
-                        skill_metadata,
                         proposed_execpolicy_amendment: proposed_execpolicy_amendment_v2,
                         proposed_network_policy_amendments: proposed_network_policy_amendments_v2,
                         available_decisions: Some(available_decisions),
@@ -1810,15 +1804,7 @@ pub(crate) async fn apply_bespoke_event_handling(
                 .await
                 {
                     Ok(summary) => {
-                        let mut thread = project_thread_from_summary(
-                            summary, /*metadata*/ None, /*persisted_metadata*/ None,
-                        );
-                        merge_thread_metadata_from_state_db_context(
-                            &mut thread,
-                            conversation.state_db().as_ref(),
-                            conversation_id,
-                        )
-                        .await;
+                        let mut thread = summary_to_thread(summary);
                         match read_rollout_items_from_rollout(rollout_path.as_path()).await {
                             Ok(items) => {
                                 thread.turns = build_turns_from_rollout_items(&items);