tests

centralized_processing
2026-02-02 15:03:38 +00:00 · 2025-10-24 13:32:54 -07:00 · 2025-10-24 13:15:00 -07:00 · 2025-10-24 13:14:44 -07:00 · 2025-10-24 19:12:03 +00:00 · 2025-10-24 11:30:34 -07:00
330 changed files with 17527 additions and 14399 deletions
--- a/.github/workflows/rust-ci.yml
+++ b/.github/workflows/rust-ci.yml
@@ -201,7 +201,7 @@ jobs:
        # Tests take too long for release builds to run them on every PR.
        if: ${{ matrix.profile != 'release' }}
        continue-on-error: true
-        run: cargo nextest run --all-features --no-fail-fast --target ${{ matrix.target }}
+        run: cargo nextest run --all-features --no-fail-fast --target ${{ matrix.target }} --cargo-profile ci-test
        env:
          RUST_BACKTRACE: 1

--- a/.github/workflows/rust-release.yml
+++ b/.github/workflows/rust-release.yml
@@ -58,9 +58,9 @@ jobs:
      fail-fast: false
      matrix:
        include:
-          - runner: macos-14
+          - runner: macos-15-xlarge
            target: aarch64-apple-darwin
-          - runner: macos-14
+          - runner: macos-15-xlarge
            target: x86_64-apple-darwin
          - runner: ubuntu-24.04
            target: x86_64-unknown-linux-musl
@@ -100,7 +100,7 @@ jobs:
      - name: Cargo build
        run: cargo build --target ${{ matrix.target }} --release --bin codex --bin codex-responses-api-proxy

-      - if: ${{ matrix.runner == 'macos-14' }}
+      - if: ${{ matrix.runner == 'macos-15-xlarge' }}
        name: Configure Apple code signing
        shell: bash
        env:
@@ -185,7 +185,7 @@ jobs:
          echo "APPLE_CODESIGN_KEYCHAIN=$keychain_path" >> "$GITHUB_ENV"
          echo "::add-mask::$APPLE_CODESIGN_IDENTITY"

-      - if: ${{ matrix.runner == 'macos-14' }}
+      - if: ${{ matrix.runner == 'macos-15-xlarge' }}
        name: Sign macOS binaries
        shell: bash
        run: |
@@ -206,7 +206,7 @@ jobs:
            codesign --force --options runtime --timestamp --sign "$APPLE_CODESIGN_IDENTITY" "${keychain_args[@]}" "$path"
          done

-      - if: ${{ matrix.runner == 'macos-14' }}
+      - if: ${{ matrix.runner == 'macos-15-xlarge' }}
        name: Notarize macOS binaries
        shell: bash
        env:
@@ -328,7 +328,7 @@ jobs:
          done

      - name: Remove signing keychain
-        if: ${{ always() && matrix.runner == 'macos-14' }}
+        if: ${{ always() && matrix.runner == 'macos-15-xlarge' }}
        shell: bash
        env:
          APPLE_CODESIGN_KEYCHAIN: ${{ env.APPLE_CODESIGN_KEYCHAIN }}
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -3,6 +3,7 @@
    "rust-analyzer.check.command": "clippy",
    "rust-analyzer.check.extraArgs": ["--all-features", "--tests"],
    "rust-analyzer.rustfmt.extraArgs": ["--config", "imports_granularity=Item"],
+    "rust-analyzer.cargo.targetDir": "${workspaceFolder}/codex-rs/target/rust-analyzer",
    "[rust]": {
        "editor.defaultFormatter": "rust-lang.rust-analyzer",
        "editor.formatOnSave": true,
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -11,6 +11,7 @@ In the codex-rs folder where the rust code lives:
 - Always collapse if statements per https://rust-lang.github.io/rust-clippy/master/index.html#collapsible_if
 - Always inline format! args when possible per https://rust-lang.github.io/rust-clippy/master/index.html#uninlined_format_args
 - Use method references over closures when possible per https://rust-lang.github.io/rust-clippy/master/index.html#redundant_closure_for_method_calls
+- Do not use unsigned integer even if the number cannot be negative.
 - When writing tests, prefer comparing the equality of entire objects over fields one by one.
 - When making a change that adds or changes an API, ensure that the documentation in the `docs/` folder is up to date if applicable.

--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-<p align="center"><code>npm i -g @openai/codex</code><br />or <code>brew install codex</code></p>
+<p align="center"><code>npm i -g @openai/codex</code><br />or <code>brew install --cask codex</code></p>

 <p align="center"><strong>Codex CLI</strong> is a coding agent from OpenAI that runs locally on your computer.
 </br>
@@ -24,7 +24,7 @@ npm install -g @openai/codex
 Alternatively, if you use Homebrew:

 ```shell
-brew install codex
+brew install --cask codex
 ```

 Then simply run `codex` to get started:
@@ -33,6 +33,8 @@ Then simply run `codex` to get started:
 codex
 ```

+If you're running into upgrade issues with Homebrew, see the [FAQ entry on brew upgrade codex](./docs/faq.md#brew-update-codex-isnt-upgrading-me).
+
 <details>
 <summary>You can also go to the <a href="https://github.com/openai/codex/releases/latest">latest GitHub Release</a> and download the appropriate binary for your platform.</summary>

@@ -75,6 +77,7 @@ Codex CLI supports a rich set of configuration options, with preferences stored
  - [CLI usage](./docs/getting-started.md#cli-usage)
  - [Running with a prompt as input](./docs/getting-started.md#running-with-a-prompt-as-input)
  - [Example prompts](./docs/getting-started.md#example-prompts)
+  - [Custom prompts](./docs/prompts.md)
  - [Memory with AGENTS.md](./docs/getting-started.md#memory-with-agentsmd)
  - [Configuration](./docs/config.md)
 - [**Sandbox & approvals**](./docs/sandbox.md)
--- a/cliff.toml
+++ b/cliff.toml
@@ -4,7 +4,7 @@
 header = """
 # Changelog

-You can install any of these versions: `npm install -g codex@version`
+You can install any of these versions: `npm install -g @openai/codex@<version>`
 """

 body = """
--- a/codex-rs/.gitignore
+++ b/codex-rs/.gitignore
@@ -1,4 +1,5 @@
 /target/
+/target-*/

 # Recommended value of CARGO_TARGET_DIR when using Docker as explained in .devcontainer/README.md.
 /target-amd64/
--- a/codex-rs/Cargo.lock
+++ b/codex-rs/Cargo.lock
@@ -182,7 +182,10 @@ version = "0.0.0"
 dependencies = [
 "anyhow",
 "assert_cmd",
+ "base64",
+ "chrono",
 "codex-app-server-protocol",
+ "codex-core",
 "serde",
 "serde_json",
 "tokio",
@@ -834,8 +837,10 @@ dependencies = [
 "app_test_support",
 "assert_cmd",
 "base64",
+ "chrono",
 "codex-app-server-protocol",
 "codex-arg0",
+ "codex-backend-client",
 "codex-common",
 "codex-core",
 "codex-file-search",
@@ -843,6 +848,7 @@ dependencies = [
 "codex-protocol",
 "codex-utils-json-to-toml",
 "core_test_support",
+ "opentelemetry-appender-tracing",
 "os_info",
 "pretty_assertions",
 "serde",
@@ -861,9 +867,11 @@ name = "codex-app-server-protocol"
 version = "0.0.0"
 dependencies = [
 "anyhow",
+ "clap",
 "codex-protocol",
 "paste",
 "pretty_assertions",
+ "schemars 0.8.22",
 "serde",
 "serde_json",
 "strum_macros 0.27.2",
@@ -899,12 +907,24 @@ dependencies = [
 "tokio",
 ]

+[[package]]
+name = "codex-async-utils"
+version = "0.0.0"
+dependencies = [
+ "async-trait",
+ "pretty_assertions",
+ "tokio",
+ "tokio-util",
+]
+
 [[package]]
 name = "codex-backend-client"
 version = "0.0.0"
 dependencies = [
 "anyhow",
 "codex-backend-openapi-models",
+ "codex-core",
+ "codex-protocol",
 "pretty_assertions",
 "reqwest",
 "serde",
@@ -917,6 +937,7 @@ version = "0.0.0"
 dependencies = [
 "serde",
 "serde_json",
+ "serde_with",
 ]

 [[package]]
@@ -941,7 +962,6 @@ dependencies = [
 "anyhow",
 "assert_cmd",
 "assert_matches",
- "chrono",
 "clap",
 "clap_complete",
 "codex-app-server",
@@ -952,7 +972,6 @@ dependencies = [
 "codex-common",
 "codex-core",
 "codex-exec",
- "codex-infty",
 "codex-login",
 "codex-mcp-server",
 "codex-process-hardening",
@@ -960,21 +979,16 @@ dependencies = [
 "codex-protocol-ts",
 "codex-responses-api-proxy",
 "codex-rmcp-client",
+ "codex-stdio-to-uds",
 "codex-tui",
- "crossterm",
 "ctor 0.5.0",
 "owo-colors",
 "predicates",
 "pretty_assertions",
- "serde",
 "serde_json",
 "supports-color",
 "tempfile",
- "textwrap 0.16.2",
 "tokio",
- "tracing",
- "tracing-appender",
- "tracing-subscriber",
 ]

 [[package]]
@@ -1045,12 +1059,14 @@ dependencies = [
 "chrono",
 "codex-app-server-protocol",
 "codex-apply-patch",
+ "codex-async-utils",
 "codex-file-search",
- "codex-mcp-client",
 "codex-otel",
 "codex-protocol",
 "codex-rmcp-client",
+ "codex-utils-pty",
 "codex-utils-string",
+ "codex-utils-tokenizer",
 "core-foundation 0.9.4",
 "core_test_support",
 "dirs",
@@ -1059,6 +1075,7 @@ dependencies = [
 "escargot",
 "eventsource-stream",
 "futures",
+ "http",
 "indexmap 2.10.0",
 "landlock",
 "libc",
@@ -1066,7 +1083,6 @@ dependencies = [
 "mcp-types",
 "openssl-sys",
 "os_info",
- "portable-pty",
 "predicates",
 "pretty_assertions",
 "rand 0.9.2",
@@ -1081,10 +1097,10 @@ dependencies = [
 "similar",
 "strum_macros 0.27.2",
 "tempfile",
+ "test-log",
 "thiserror 2.0.16",
 "time",
 "tokio",
- "tokio-stream",
 "tokio-test",
 "tokio-util",
 "toml",
@@ -1197,27 +1213,6 @@ dependencies = [
 "walkdir",
 ]

-[[package]]
-name = "codex-infty"
-version = "0.0.0"
-dependencies = [
- "anyhow",
- "chrono",
- "codex-core",
- "codex-protocol",
- "core_test_support",
- "dirs",
- "futures",
- "serde",
- "serde_json",
- "tempfile",
- "tokio",
- "tokio-stream",
- "tokio-util",
- "tracing",
- "wiremock",
-]
-
 [[package]]
 name = "codex-linux-sandbox"
 version = "0.0.0"
@@ -1255,19 +1250,6 @@ dependencies = [
 "wiremock",
 ]

-[[package]]
-name = "codex-mcp-client"
-version = "0.0.0"
-dependencies = [
- "anyhow",
- "mcp-types",
- "serde",
- "serde_json",
- "tokio",
- "tracing",
- "tracing-subscriber",
-]
-
 [[package]]
 name = "codex-mcp-server"
 version = "0.0.0"
@@ -1349,6 +1331,7 @@ dependencies = [
 "icu_locale_core",
 "mcp-types",
 "mime_guess",
+ "schemars 0.8.22",
 "serde",
 "serde_json",
 "serde_with",
@@ -1415,6 +1398,17 @@ dependencies = [
 "webbrowser",
 ]

+[[package]]
+name = "codex-stdio-to-uds"
+version = "0.0.0"
+dependencies = [
+ "anyhow",
+ "assert_cmd",
+ "pretty_assertions",
+ "tempfile",
+ "uds_windows",
+]
+
 [[package]]
 name = "codex-tui"
 version = "0.0.0"
@@ -1449,12 +1443,12 @@ dependencies = [
 "libc",
 "mcp-types",
 "opentelemetry-appender-tracing",
- "path-clean",
 "pathdiff",
 "pretty_assertions",
 "pulldown-cmark",
 "rand 0.9.2",
 "ratatui",
+ "ratatui-macros",
 "regex-lite",
 "serde",
 "serde_json",
@@ -1487,6 +1481,15 @@ dependencies = [
 "toml",
 ]

+[[package]]
+name = "codex-utils-pty"
+version = "0.0.0"
+dependencies = [
+ "anyhow",
+ "portable-pty",
+ "tokio",
+]
+
 [[package]]
 name = "codex-utils-readiness"
 version = "0.0.0"
@@ -1502,6 +1505,16 @@ dependencies = [
 name = "codex-utils-string"
 version = "0.0.0"

+[[package]]
+name = "codex-utils-tokenizer"
+version = "0.0.0"
+dependencies = [
+ "anyhow",
+ "pretty_assertions",
+ "thiserror 2.0.16",
+ "tiktoken-rs",
+]
+
 [[package]]
 name = "color-eyre"
 version = "0.6.5"
@@ -1622,6 +1635,7 @@ dependencies = [
 "anyhow",
 "assert_cmd",
 "codex-core",
+ "codex-protocol",
 "notify",
 "regex-lite",
 "serde_json",
@@ -2299,6 +2313,17 @@ dependencies = [
 "once_cell",
 ]

+[[package]]
+name = "fancy-regex"
+version = "0.13.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "531e46835a22af56d1e3b66f04844bed63158bc094a628bec1d321d9b4c44bf2"
+dependencies = [
+ "bit-set",
+ "regex-automata",
+ "regex-syntax 0.8.5",
+]
+
 [[package]]
 name = "fastrand"
 version = "2.3.0"
@@ -3585,6 +3610,7 @@ checksum = "47e1ffaa40ddd1f3ed91f717a33c8c0ee23fff369e3aa8772b9605cc1d22f4c3"
 name = "mcp-types"
 version = "0.0.0"
 dependencies = [
+ "schemars 0.8.22",
 "serde",
 "serde_json",
 "ts-rs",
@@ -4270,12 +4296,6 @@ dependencies = [
 "path-dedot",
 ]

-[[package]]
-name = "path-clean"
-version = "1.0.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "17359afc20d7ab31fdb42bb844c8b3bb1dabd7dcf7e68428492da7f16966fcef"
-
 [[package]]
 name = "path-dedot"
 version = "3.1.1"
@@ -4621,7 +4641,7 @@ dependencies = [
 "pin-project-lite",
 "quinn-proto",
 "quinn-udp",
- "rustc-hash",
+ "rustc-hash 2.1.1",
 "rustls",
 "socket2 0.6.0",
 "thiserror 2.0.16",
@@ -4641,7 +4661,7 @@ dependencies = [
 "lru-slab",
 "rand 0.9.2",
 "ring",
- "rustc-hash",
+ "rustc-hash 2.1.1",
 "rustls",
 "rustls-pki-types",
 "slab",
@@ -4769,6 +4789,15 @@ dependencies = [
 "unicode-width 0.2.1",
 ]

+[[package]]
+name = "ratatui-macros"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6fef540f80dbe8a0773266fa6077788ceb65ef624cdbf36e131aaf90b4a52df4"
+dependencies = [
+ "ratatui",
+]
+
 [[package]]
 name = "redox_syscall"
 version = "0.5.15"
@@ -4926,9 +4955,9 @@ dependencies = [

 [[package]]
 name = "rmcp"
-version = "0.8.1"
+version = "0.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6f35acda8f89fca5fd8c96cae3c6d5b4c38ea0072df4c8030915f3b5ff469c1c"
+checksum = "1fdad1258f7259fdc0f2dfc266939c82c3b5d1fd72bcde274d600cdc27e60243"
 dependencies = [
 "base64",
 "bytes",
@@ -4960,9 +4989,9 @@ dependencies = [

 [[package]]
 name = "rmcp-macros"
-version = "0.8.1"
+version = "0.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c9f1d5220aaa23b79c3d02e18f7a554403b3ccea544bbb6c69d6bcb3e854a274"
+checksum = "ede0589a208cc7ce81d1be68aa7e74b917fcd03c81528408bab0457e187dcd9b"
 dependencies = [
 "darling 0.21.3",
 "proc-macro2",
@@ -4977,6 +5006,12 @@ version = "0.1.25"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "989e6739f80c4ad5b13e0fd7fe89531180375b18520cc8c82080e4dc4035b84f"

+[[package]]
+name = "rustc-hash"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2"
+
 [[package]]
 name = "rustc-hash"
 version = "2.1.1"
@@ -6052,6 +6087,28 @@ version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8f50febec83f5ee1df3015341d8bd429f2d1cc62bcba7ea2076759d315084683"

+[[package]]
+name = "test-log"
+version = "0.2.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e33b98a582ea0be1168eba097538ee8dd4bbe0f2b01b22ac92ea30054e5be7b"
+dependencies = [
+ "env_logger",
+ "test-log-macros",
+ "tracing-subscriber",
+]
+
+[[package]]
+name = "test-log-macros"
+version = "0.2.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "451b374529930d7601b1eef8d32bc79ae870b6079b069401709c2a8bf9e75f36"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.104",
+]
+
 [[package]]
 name = "textwrap"
 version = "0.11.0"
@@ -6135,6 +6192,21 @@ dependencies = [
 "zune-jpeg",
 ]

+[[package]]
+name = "tiktoken-rs"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "25563eeba904d770acf527e8b370fe9a5547bacd20ff84a0b6c3bc41288e5625"
+dependencies = [
+ "anyhow",
+ "base64",
+ "bstr",
+ "fancy-regex",
+ "lazy_static",
+ "regex",
+ "rustc-hash 1.1.0",
+]
+
 [[package]]
 name = "time"
 version = "0.3.44"
@@ -6274,7 +6346,6 @@ dependencies = [
 "futures-core",
 "pin-project-lite",
 "tokio",
- "tokio-util",
 ]

 [[package]]
--- a/codex-rs/Cargo.toml
+++ b/codex-rs/Cargo.toml
@@ -2,11 +2,12 @@
 members = [
    "backend-client",
    "ansi-escape",
+    "async-utils",
    "app-server",
    "app-server-protocol",
    "apply-patch",
    "arg0",
-    "codex-infty",
+    "feedback",
    "codex-backend-openapi-models",
    "cloud-tasks",
    "cloud-tasks-client",
@@ -15,12 +16,10 @@ members = [
    "core",
    "exec",
    "execpolicy",
-    "feedback",
    "file-search",
    "git-tooling",
    "linux-sandbox",
    "login",
-    "mcp-client",
    "mcp-server",
    "mcp-types",
    "ollama",
@@ -29,12 +28,15 @@ members = [
    "protocol-ts",
    "rmcp-client",
    "responses-api-proxy",
+    "stdio-to-uds",
    "otel",
    "tui",
    "git-apply",
    "utils/json-to-toml",
    "utils/readiness",
+    "utils/pty",
    "utils/string",
+    "utils/tokenizer",
 ]
 resolver = "2"

@@ -54,6 +56,8 @@ codex-app-server = { path = "app-server" }
 codex-app-server-protocol = { path = "app-server-protocol" }
 codex-apply-patch = { path = "apply-patch" }
 codex-arg0 = { path = "arg0" }
+codex-async-utils = { path = "async-utils" }
+codex-backend-client = { path = "backend-client" }
 codex-chatgpt = { path = "chatgpt" }
 codex-common = { path = "common" }
 codex-core = { path = "core" }
@@ -63,7 +67,6 @@ codex-file-search = { path = "file-search" }
 codex-git-tooling = { path = "git-tooling" }
 codex-linux-sandbox = { path = "linux-sandbox" }
 codex-login = { path = "login" }
-codex-mcp-client = { path = "mcp-client" }
 codex-mcp-server = { path = "mcp-server" }
 codex-ollama = { path = "ollama" }
 codex-otel = { path = "otel" }
@@ -72,10 +75,13 @@ codex-protocol = { path = "protocol" }
 codex-protocol-ts = { path = "protocol-ts" }
 codex-responses-api-proxy = { path = "responses-api-proxy" }
 codex-rmcp-client = { path = "rmcp-client" }
+codex-stdio-to-uds = { path = "stdio-to-uds" }
 codex-tui = { path = "tui" }
 codex-utils-json-to-toml = { path = "utils/json-to-toml" }
+codex-utils-pty = { path = "utils/pty" }
 codex-utils-readiness = { path = "utils/readiness" }
 codex-utils-string = { path = "utils/string" }
+codex-utils-tokenizer = { path = "utils/tokenizer" }
 core_test_support = { path = "core/tests/common" }
 mcp-types = { path = "mcp-types" }
 mcp_test_support = { path = "mcp-server/tests/common" }
@@ -110,6 +116,7 @@ env_logger = "0.11.5"
 escargot = "0.5"
 eventsource-stream = "0.2.3"
 futures = { version = "0.3", default-features = false }
+http = "1.3.1"
 icu_decimal = "2.0.0"
 icu_locale_core = "2.0.0"
 ignore = "0.4.23"
@@ -137,7 +144,6 @@ os_info = "3.12.0"
 owo-colors = "4.2.0"
 paste = "1.0.15"
 path-absolutize = "3.1.1"
-path-clean = "1.0.1"
 pathdiff = "0.2"
 portable-pty = "0.9.0"
 predicates = "3"
@@ -145,9 +151,10 @@ pretty_assertions = "1.4.1"
 pulldown-cmark = "0.10"
 rand = "0.9"
 ratatui = "0.29.0"
+ratatui-macros = "0.6.0"
 regex-lite = "0.1.7"
 reqwest = "0.12"
-rmcp = { version = "0.8.0", default-features = false }
+rmcp = { version = "0.8.3", default-features = false }
 schemars = "0.8.22"
 seccompiler = "0.5.0"
 sentry = "0.34.0"
@@ -165,6 +172,7 @@ strum_macros = "0.27.2"
 supports-color = "3.0.2"
 sys-locale = "0.3.2"
 tempfile = "3.23.0"
+test-log = "0.2.18"
 textwrap = "0.16.2"
 thiserror = "2.0.16"
 time = "0.3"
@@ -184,6 +192,7 @@ tree-sitter = "0.25.10"
 tree-sitter-bash = "0.25"
 tree-sitter-highlight = "0.25.10"
 ts-rs = "11"
+uds_windows = "1.1.0"
 unicode-segmentation = "1.12.0"
 unicode-width = "0.2"
 url = "2"
@@ -238,7 +247,7 @@ unwrap_used = "deny"
 # cargo-shear cannot see the platform-specific openssl-sys usage, so we
 # silence the false positive here instead of deleting a real dependency.
 [workspace.metadata.cargo-shear]
-ignored = ["openssl-sys", "codex-utils-readiness"]
+ignored = ["openssl-sys", "codex-utils-readiness", "codex-utils-tokenizer"]

 [profile.release]
 lto = "fat"
@@ -249,6 +258,11 @@ strip = "symbols"
 # See https://github.com/openai/codex/issues/1411 for details.
 codegen-units = 1

+[profile.ci-test]
+debug = 1         # Reduce debug symbol size
+inherits = "test"
+opt-level = 0
+
 [patch.crates-io]
 # Uncomment to debug local changes.
 # ratatui = { path = "../../ratatui" }
--- a/codex-rs/README.md
+++ b/codex-rs/README.md
@@ -11,7 +11,12 @@ npm i -g @openai/codex
 codex
 ```

-You can also install via Homebrew (`brew install codex`) or download a platform-specific release directly from our [GitHub Releases](https://github.com/openai/codex/releases).
+You can also install via Homebrew (`brew install --cask codex`) or download a platform-specific release directly from our [GitHub Releases](https://github.com/openai/codex/releases).
+
+## Documentation quickstart
+
+- First run with Codex? Follow the walkthrough in [`docs/getting-started.md`](../docs/getting-started.md) for prompts, keyboard shortcuts, and session management.
+- Already shipping with Codex and want deeper control? Jump to [`docs/advanced.md`](../docs/advanced.md) and the configuration reference at [`docs/config.md`](../docs/config.md).

 ## What's new in the Rust CLI

@@ -47,30 +52,6 @@ You can enable notifications by configuring a script that is run whenever the ag

 To run Codex non-interactively, run `codex exec PROMPT` (you can also pass the prompt via `stdin`) and Codex will work on your task until it decides that it is done and exits. Output is printed to the terminal directly. You can set the `RUST_LOG` environment variable to see more about what's going on.

-### Use `@` for file search
-
-Typing `@` triggers a fuzzy-filename search over the workspace root. Use up/down to select among the results and Tab or Enter to replace the `@` with the selected path. You can use Esc to cancel the search.
-
-### Esc–Esc to edit a previous message
-
-When the chat composer is empty, press Esc to prime “backtrack” mode. Press Esc again to open a transcript preview highlighting the last user message; press Esc repeatedly to step to older user messages. Press Enter to confirm and Codex will fork the conversation from that point, trim the visible transcript accordingly, and pre‑fill the composer with the selected user message so you can edit and resubmit it.
-
-In the transcript preview, the footer shows an `Esc edit prev` hint while editing is active.
-
-### `--cd`/`-C` flag
-
-Sometimes it is not convenient to `cd` to the directory you want Codex to use as the "working root" before running Codex. Fortunately, `codex` supports a `--cd` option so you can specify whatever folder you want. You can confirm that Codex is honoring `--cd` by double-checking the **workdir** it reports in the TUI at the start of a new session.
-
-### Shell completions
-
-Generate shell completion scripts via:
-
-```shell
-codex completion bash
-codex completion zsh
-codex completion fish
-```
-
 ### Experimenting with the Codex Sandbox

 To test to see what happens when a command is run under the sandbox provided by Codex, we provide the following subcommands in Codex CLI:
--- a/codex-rs/app-server-protocol/Cargo.toml
+++ b/codex-rs/app-server-protocol/Cargo.toml
@@ -11,8 +11,11 @@ path = "src/lib.rs"
 workspace = true

 [dependencies]
+anyhow = { workspace = true }
+clap = { workspace = true, features = ["derive"] }
 codex-protocol = { workspace = true }
 paste = { workspace = true }
+schemars = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 strum_macros = { workspace = true }
--- a/codex-rs/app-server-protocol/src/bin/export.rs
+++ b/codex-rs/app-server-protocol/src/bin/export.rs
@@ -0,0 +1,22 @@
+use anyhow::Result;
+use clap::Parser;
+use std::path::PathBuf;
+
+#[derive(Parser, Debug)]
+#[command(
+    about = "Generate TypeScript bindings and JSON Schemas for the Codex app-server protocol"
+)]
+struct Args {
+    /// Output directory where generated files will be written
+    #[arg(short = 'o', long = "out", value_name = "DIR")]
+    out_dir: PathBuf,
+
+    /// Optional Prettier executable path to format generated TypeScript files
+    #[arg(short = 'p', long = "prettier", value_name = "PRETTIER_BIN")]
+    prettier: Option<PathBuf>,
+}
+
+fn main() -> Result<()> {
+    let args = Args::parse();
+    codex_app_server_protocol::generate_types(&args.out_dir, args.prettier.as_deref())
+}
--- a/codex-rs/app-server-protocol/src/export.rs
+++ b/codex-rs/app-server-protocol/src/export.rs
@@ -0,0 +1,422 @@
+use crate::ClientNotification;
+use crate::ClientRequest;
+use crate::ServerNotification;
+use crate::ServerRequest;
+use crate::export_client_response_schemas;
+use crate::export_client_responses;
+use crate::export_server_response_schemas;
+use crate::export_server_responses;
+use anyhow::Context;
+use anyhow::Result;
+use anyhow::anyhow;
+use schemars::JsonSchema;
+use schemars::schema::RootSchema;
+use schemars::schema_for;
+use serde::Serialize;
+use serde_json::Map;
+use serde_json::Value;
+use std::collections::BTreeMap;
+use std::ffi::OsStr;
+use std::fs;
+use std::io::Read;
+use std::io::Write;
+use std::path::Path;
+use std::path::PathBuf;
+use std::process::Command;
+use ts_rs::ExportError;
+use ts_rs::TS;
+
+const HEADER: &str = "// GENERATED CODE! DO NOT MODIFY BY HAND!\n\n";
+
+macro_rules! for_each_schema_type {
+    ($macro:ident) => {
+        $macro!(crate::RequestId);
+        $macro!(crate::JSONRPCMessage);
+        $macro!(crate::JSONRPCRequest);
+        $macro!(crate::JSONRPCNotification);
+        $macro!(crate::JSONRPCResponse);
+        $macro!(crate::JSONRPCError);
+        $macro!(crate::JSONRPCErrorError);
+        $macro!(crate::AddConversationListenerParams);
+        $macro!(crate::AddConversationSubscriptionResponse);
+        $macro!(crate::ApplyPatchApprovalParams);
+        $macro!(crate::ApplyPatchApprovalResponse);
+        $macro!(crate::ArchiveConversationParams);
+        $macro!(crate::ArchiveConversationResponse);
+        $macro!(crate::AuthMode);
+        $macro!(crate::AuthStatusChangeNotification);
+        $macro!(crate::CancelLoginChatGptParams);
+        $macro!(crate::CancelLoginChatGptResponse);
+        $macro!(crate::ClientInfo);
+        $macro!(crate::ClientNotification);
+        $macro!(crate::ClientRequest);
+        $macro!(crate::ConversationSummary);
+        $macro!(crate::ExecCommandApprovalParams);
+        $macro!(crate::ExecCommandApprovalResponse);
+        $macro!(crate::ExecOneOffCommandParams);
+        $macro!(crate::ExecOneOffCommandResponse);
+        $macro!(crate::FuzzyFileSearchParams);
+        $macro!(crate::FuzzyFileSearchResponse);
+        $macro!(crate::FuzzyFileSearchResult);
+        $macro!(crate::GetAuthStatusParams);
+        $macro!(crate::GetAuthStatusResponse);
+        $macro!(crate::GetUserAgentResponse);
+        $macro!(crate::GetUserSavedConfigResponse);
+        $macro!(crate::GitDiffToRemoteParams);
+        $macro!(crate::GitDiffToRemoteResponse);
+        $macro!(crate::GitSha);
+        $macro!(crate::InitializeParams);
+        $macro!(crate::InitializeResponse);
+        $macro!(crate::InputItem);
+        $macro!(crate::InterruptConversationParams);
+        $macro!(crate::InterruptConversationResponse);
+        $macro!(crate::ListConversationsParams);
+        $macro!(crate::ListConversationsResponse);
+        $macro!(crate::LoginApiKeyParams);
+        $macro!(crate::LoginApiKeyResponse);
+        $macro!(crate::LoginChatGptCompleteNotification);
+        $macro!(crate::LoginChatGptResponse);
+        $macro!(crate::LogoutChatGptParams);
+        $macro!(crate::LogoutChatGptResponse);
+        $macro!(crate::NewConversationParams);
+        $macro!(crate::NewConversationResponse);
+        $macro!(crate::Profile);
+        $macro!(crate::RemoveConversationListenerParams);
+        $macro!(crate::RemoveConversationSubscriptionResponse);
+        $macro!(crate::ResumeConversationParams);
+        $macro!(crate::ResumeConversationResponse);
+        $macro!(crate::SandboxSettings);
+        $macro!(crate::SendUserMessageParams);
+        $macro!(crate::SendUserMessageResponse);
+        $macro!(crate::SendUserTurnParams);
+        $macro!(crate::SendUserTurnResponse);
+        $macro!(crate::ServerNotification);
+        $macro!(crate::ServerRequest);
+        $macro!(crate::SessionConfiguredNotification);
+        $macro!(crate::SetDefaultModelParams);
+        $macro!(crate::SetDefaultModelResponse);
+        $macro!(crate::Tools);
+        $macro!(crate::UserInfoResponse);
+        $macro!(crate::UserSavedConfig);
+        $macro!(codex_protocol::protocol::EventMsg);
+        $macro!(codex_protocol::protocol::FileChange);
+        $macro!(codex_protocol::parse_command::ParsedCommand);
+        $macro!(codex_protocol::protocol::SandboxPolicy);
+    };
+}
+
+fn export_ts_with_context<F>(label: &str, export: F) -> Result<()>
+where
+    F: FnOnce() -> std::result::Result<(), ExportError>,
+{
+    match export() {
+        Ok(()) => Ok(()),
+        Err(ExportError::CannotBeExported(ty)) => Err(anyhow!(
+            "failed to export {label}: dependency {ty} cannot be exported"
+        )),
+        Err(err) => Err(err.into()),
+    }
+}
+
+pub fn generate_types(out_dir: &Path, prettier: Option<&Path>) -> Result<()> {
+    generate_ts(out_dir, prettier)?;
+    generate_json(out_dir)?;
+    Ok(())
+}
+
+pub fn generate_ts(out_dir: &Path, prettier: Option<&Path>) -> Result<()> {
+    ensure_dir(out_dir)?;
+
+    export_ts_with_context("ClientRequest", || ClientRequest::export_all_to(out_dir))?;
+    export_ts_with_context("client responses", || export_client_responses(out_dir))?;
+    export_ts_with_context("ClientNotification", || {
+        ClientNotification::export_all_to(out_dir)
+    })?;
+
+    export_ts_with_context("ServerRequest", || ServerRequest::export_all_to(out_dir))?;
+    export_ts_with_context("server responses", || export_server_responses(out_dir))?;
+    export_ts_with_context("ServerNotification", || {
+        ServerNotification::export_all_to(out_dir)
+    })?;
+
+    generate_index_ts(out_dir)?;
+
+    let ts_files = ts_files_in(out_dir)?;
+    for file in &ts_files {
+        prepend_header_if_missing(file)?;
+    }
+
+    if let Some(prettier_bin) = prettier
+        && !ts_files.is_empty()
+    {
+        let status = Command::new(prettier_bin)
+            .arg("--write")
+            .args(ts_files.iter().map(|p| p.as_os_str()))
+            .status()
+            .with_context(|| format!("Failed to invoke Prettier at {}", prettier_bin.display()))?;
+        if !status.success() {
+            return Err(anyhow!("Prettier failed with status {status}"));
+        }
+    }
+
+    Ok(())
+}
+
+pub fn generate_json(out_dir: &Path) -> Result<()> {
+    ensure_dir(out_dir)?;
+    let mut bundle: BTreeMap<String, RootSchema> = BTreeMap::new();
+
+    macro_rules! add_schema {
+        ($ty:path) => {{
+            let name = type_basename(stringify!($ty));
+            let schema = write_json_schema_with_return::<$ty>(out_dir, &name)?;
+            bundle.insert(name, schema);
+        }};
+    }
+
+    for_each_schema_type!(add_schema);
+
+    export_client_response_schemas(out_dir)?;
+    export_server_response_schemas(out_dir)?;
+
+    let mut definitions = Map::new();
+
+    const SPECIAL_DEFINITIONS: &[&str] = &[
+        "ClientNotification",
+        "ClientRequest",
+        "EventMsg",
+        "FileChange",
+        "InputItem",
+        "ParsedCommand",
+        "SandboxPolicy",
+        "ServerNotification",
+        "ServerRequest",
+    ];
+
+    for (name, schema) in bundle {
+        let mut schema_value = serde_json::to_value(schema)?;
+        if let Value::Object(ref mut obj) = schema_value {
+            if let Some(defs) = obj.remove("definitions")
+                && let Value::Object(defs_obj) = defs
+            {
+                for (def_name, def_schema) in defs_obj {
+                    if !SPECIAL_DEFINITIONS.contains(&def_name.as_str()) {
+                        definitions.insert(def_name, def_schema);
+                    }
+                }
+            }
+
+            if let Some(Value::Array(one_of)) = obj.get_mut("oneOf") {
+                for variant in one_of.iter_mut() {
+                    if let Some(variant_name) = variant_definition_name(&name, variant)
+                        && let Value::Object(variant_obj) = variant
+                    {
+                        variant_obj.insert("title".into(), Value::String(variant_name));
+                    }
+                }
+            }
+        }
+        definitions.insert(name, schema_value);
+    }
+
+    let mut root = Map::new();
+    root.insert(
+        "$schema".to_string(),
+        Value::String("http://json-schema.org/draft-07/schema#".into()),
+    );
+    root.insert(
+        "title".to_string(),
+        Value::String("CodexAppServerProtocol".into()),
+    );
+    root.insert("type".to_string(), Value::String("object".into()));
+    root.insert("definitions".to_string(), Value::Object(definitions));
+
+    write_pretty_json(
+        out_dir.join("codex_app_server_protocol.schemas.json"),
+        &Value::Object(root),
+    )?;
+
+    Ok(())
+}
+
+fn write_json_schema_with_return<T>(out_dir: &Path, name: &str) -> Result<RootSchema>
+where
+    T: JsonSchema,
+{
+    let file_stem = name.trim();
+    let schema = schema_for!(T);
+    write_pretty_json(out_dir.join(format!("{file_stem}.json")), &schema)
+        .with_context(|| format!("Failed to write JSON schema for {file_stem}"))?;
+    Ok(schema)
+}
+
+pub(crate) fn write_json_schema<T>(out_dir: &Path, name: &str) -> Result<()>
+where
+    T: JsonSchema,
+{
+    write_json_schema_with_return::<T>(out_dir, name).map(|_| ())
+}
+
+fn write_pretty_json(path: PathBuf, value: &impl Serialize) -> Result<()> {
+    let json = serde_json::to_vec_pretty(value)
+        .with_context(|| format!("Failed to serialize JSON schema to {}", path.display()))?;
+    fs::write(&path, json).with_context(|| format!("Failed to write {}", path.display()))?;
+    Ok(())
+}
+fn type_basename(type_path: &str) -> String {
+    type_path
+        .rsplit_once("::")
+        .map(|(_, name)| name)
+        .unwrap_or(type_path)
+        .trim()
+        .to_string()
+}
+
+fn variant_definition_name(base: &str, variant: &Value) -> Option<String> {
+    if let Some(props) = variant.get("properties").and_then(Value::as_object) {
+        if let Some(method_literal) = literal_from_property(props, "method") {
+            let pascal = to_pascal_case(method_literal);
+            return Some(match base {
+                "ClientRequest" | "ServerRequest" => format!("{pascal}Request"),
+                "ClientNotification" | "ServerNotification" => format!("{pascal}Notification"),
+                _ => format!("{pascal}{base}"),
+            });
+        }
+
+        if let Some(type_literal) = literal_from_property(props, "type") {
+            let pascal = to_pascal_case(type_literal);
+            return Some(match base {
+                "EventMsg" => format!("{pascal}EventMsg"),
+                _ => format!("{pascal}{base}"),
+            });
+        }
+
+        if let Some(mode_literal) = literal_from_property(props, "mode") {
+            let pascal = to_pascal_case(mode_literal);
+            return Some(match base {
+                "SandboxPolicy" => format!("{pascal}SandboxPolicy"),
+                _ => format!("{pascal}{base}"),
+            });
+        }
+
+        if props.len() == 1
+            && let Some(key) = props.keys().next()
+        {
+            let pascal = to_pascal_case(key);
+            return Some(format!("{pascal}{base}"));
+        }
+    }
+
+    if let Some(required) = variant.get("required").and_then(Value::as_array)
+        && required.len() == 1
+        && let Some(key) = required[0].as_str()
+    {
+        let pascal = to_pascal_case(key);
+        return Some(format!("{pascal}{base}"));
+    }
+
+    None
+}
+
+fn literal_from_property<'a>(props: &'a Map<String, Value>, key: &str) -> Option<&'a str> {
+    props
+        .get(key)
+        .and_then(|value| value.get("enum"))
+        .and_then(Value::as_array)
+        .and_then(|arr| arr.first())
+        .and_then(Value::as_str)
+}
+
+fn to_pascal_case(input: &str) -> String {
+    let mut result = String::new();
+    let mut capitalize_next = true;
+
+    for c in input.chars() {
+        if c == '_' || c == '-' {
+            capitalize_next = true;
+            continue;
+        }
+
+        if capitalize_next {
+            result.extend(c.to_uppercase());
+            capitalize_next = false;
+        } else {
+            result.push(c);
+        }
+    }
+
+    result
+}
+
+fn ensure_dir(dir: &Path) -> Result<()> {
+    fs::create_dir_all(dir)
+        .with_context(|| format!("Failed to create output directory {}", dir.display()))
+}
+
+fn prepend_header_if_missing(path: &Path) -> Result<()> {
+    let mut content = String::new();
+    {
+        let mut f = fs::File::open(path)
+            .with_context(|| format!("Failed to open {} for reading", path.display()))?;
+        f.read_to_string(&mut content)
+            .with_context(|| format!("Failed to read {}", path.display()))?;
+    }
+
+    if content.starts_with(HEADER) {
+        return Ok(());
+    }
+
+    let mut f = fs::File::create(path)
+        .with_context(|| format!("Failed to open {} for writing", path.display()))?;
+    f.write_all(HEADER.as_bytes())
+        .with_context(|| format!("Failed to write header to {}", path.display()))?;
+    f.write_all(content.as_bytes())
+        .with_context(|| format!("Failed to write content to {}", path.display()))?;
+    Ok(())
+}
+
+fn ts_files_in(dir: &Path) -> Result<Vec<PathBuf>> {
+    let mut files = Vec::new();
+    for entry in
+        fs::read_dir(dir).with_context(|| format!("Failed to read dir {}", dir.display()))?
+    {
+        let entry = entry?;
+        let path = entry.path();
+        if path.is_file() && path.extension() == Some(OsStr::new("ts")) {
+            files.push(path);
+        }
+    }
+    files.sort();
+    Ok(files)
+}
+
+fn generate_index_ts(out_dir: &Path) -> Result<PathBuf> {
+    let mut entries: Vec<String> = Vec::new();
+    let mut stems: Vec<String> = ts_files_in(out_dir)?
+        .into_iter()
+        .filter_map(|p| {
+            let stem = p.file_stem()?.to_string_lossy().into_owned();
+            if stem == "index" { None } else { Some(stem) }
+        })
+        .collect();
+    stems.sort();
+    stems.dedup();
+
+    for name in stems {
+        entries.push(format!("export type {{ {name} }} from \"./{name}\";\n"));
+    }
+
+    let mut content =
+        String::with_capacity(HEADER.len() + entries.iter().map(String::len).sum::<usize>());
+    content.push_str(HEADER);
+    for line in &entries {
+        content.push_str(line);
+    }
+
+    let index_path = out_dir.join("index.ts");
+    let mut f = fs::File::create(&index_path)
+        .with_context(|| format!("Failed to create {}", index_path.display()))?;
+    f.write_all(content.as_bytes())
+        .with_context(|| format!("Failed to write {}", index_path.display()))?;
+    Ok(index_path)
+}
--- a/codex-rs/app-server-protocol/src/jsonrpc_lite.rs
+++ b/codex-rs/app-server-protocol/src/jsonrpc_lite.rs
@@ -1,13 +1,14 @@
 //! We do not do true JSON-RPC 2.0, as we neither send nor expect the
 //! "jsonrpc": "2.0" field.

+use schemars::JsonSchema;
 use serde::Deserialize;
 use serde::Serialize;
 use ts_rs::TS;

 pub const JSONRPC_VERSION: &str = "2.0";

-#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Hash, Eq, TS)]
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, Hash, Eq, JsonSchema, TS)]
 #[serde(untagged)]
 pub enum RequestId {
    String(String),
@@ -18,7 +19,7 @@ pub enum RequestId {
 pub type Result = serde_json::Value;

 /// Refers to any valid JSON-RPC object that can be decoded off the wire, or encoded to be sent.
-#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, TS)]
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, JsonSchema, TS)]
 #[serde(untagged)]
 pub enum JSONRPCMessage {
    Request(JSONRPCRequest),
@@ -28,7 +29,7 @@ pub enum JSONRPCMessage {
 }

 /// A request that expects a response.
-#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, TS)]
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, JsonSchema, TS)]
 pub struct JSONRPCRequest {
    pub id: RequestId,
    pub method: String,
@@ -37,7 +38,7 @@ pub struct JSONRPCRequest {
 }

 /// A notification which does not expect a response.
-#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, TS)]
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, JsonSchema, TS)]
 pub struct JSONRPCNotification {
    pub method: String,
    #[serde(default, skip_serializing_if = "Option::is_none")]
@@ -45,20 +46,20 @@ pub struct JSONRPCNotification {
 }

 /// A successful (non-error) response to a request.
-#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, TS)]
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, JsonSchema, TS)]
 pub struct JSONRPCResponse {
    pub id: RequestId,
    pub result: Result,
 }

 /// A response to a request that indicates an error occurred.
-#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, TS)]
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, JsonSchema, TS)]
 pub struct JSONRPCError {
    pub error: JSONRPCErrorError,
    pub id: RequestId,
 }

-#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, TS)]
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize, JsonSchema, TS)]
 pub struct JSONRPCErrorError {
    pub code: i64,
    #[serde(default, skip_serializing_if = "Option::is_none")]
--- a/codex-rs/app-server-protocol/src/lib.rs
+++ b/codex-rs/app-server-protocol/src/lib.rs
@@ -1,5 +1,9 @@
+mod export;
 mod jsonrpc_lite;
 mod protocol;

+pub use export::generate_json;
+pub use export::generate_ts;
+pub use export::generate_types;
 pub use jsonrpc_lite::*;
 pub use protocol::*;
--- a/codex-rs/app-server-protocol/src/protocol.rs
+++ b/codex-rs/app-server-protocol/src/protocol.rs
@@ -5,6 +5,8 @@ use crate::JSONRPCNotification;
 use crate::JSONRPCRequest;
 use crate::RequestId;
 use codex_protocol::ConversationId;
+use codex_protocol::account::Account;
+use codex_protocol::config_types::ForcedLoginMethod;
 use codex_protocol::config_types::ReasoningEffort;
 use codex_protocol::config_types::ReasoningSummary;
 use codex_protocol::config_types::SandboxMode;
@@ -13,17 +15,19 @@ use codex_protocol::parse_command::ParsedCommand;
 use codex_protocol::protocol::AskForApproval;
 use codex_protocol::protocol::EventMsg;
 use codex_protocol::protocol::FileChange;
+use codex_protocol::protocol::RateLimitSnapshot;
 use codex_protocol::protocol::ReviewDecision;
 use codex_protocol::protocol::SandboxPolicy;
 use codex_protocol::protocol::TurnAbortReason;
 use paste::paste;
+use schemars::JsonSchema;
 use serde::Deserialize;
 use serde::Serialize;
 use strum_macros::Display;
 use ts_rs::TS;
 use uuid::Uuid;

-#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema, TS)]
 #[ts(type = "string")]
 pub struct GitSha(pub String);

@@ -33,7 +37,7 @@ impl GitSha {
    }
 }

-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, Display, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, Display, JsonSchema, TS)]
 #[serde(rename_all = "lowercase")]
 pub enum AuthMode {
    ApiKey,
@@ -55,7 +59,7 @@ macro_rules! client_request_definitions {
        ),* $(,)?
    ) => {
        /// Request from the client to the server.
-        #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+        #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
        #[serde(tag = "method", rename_all = "camelCase")]
        pub enum ClientRequest {
            $(
@@ -77,10 +81,56 @@ macro_rules! client_request_definitions {
            )*
            Ok(())
        }
+
+        pub fn export_client_response_schemas(
+            out_dir: &::std::path::Path,
+        ) -> ::anyhow::Result<()> {
+            $(
+                crate::export::write_json_schema::<$response>(out_dir, stringify!($response))?;
+            )*
+            Ok(())
+        }
    };
 }

 client_request_definitions! {
+    /// NEW APIs
+    #[serde(rename = "model/list")]
+    #[ts(rename = "model/list")]
+    ListModels {
+        params: ListModelsParams,
+        response: ListModelsResponse,
+    },
+
+    #[serde(rename = "account/login")]
+    #[ts(rename = "account/login")]
+    LoginAccount {
+        params: LoginAccountParams,
+        response: LoginAccountResponse,
+    },
+
+    #[serde(rename = "account/logout")]
+    #[ts(rename = "account/logout")]
+    LogoutAccount {
+        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
+        response: LogoutAccountResponse,
+    },
+
+    #[serde(rename = "account/rateLimits/read")]
+    #[ts(rename = "account/rateLimits/read")]
+    GetAccountRateLimits {
+        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
+        response: GetAccountRateLimitsResponse,
+    },
+
+    #[serde(rename = "account/read")]
+    #[ts(rename = "account/read")]
+    GetAccount {
+        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
+        response: GetAccountResponse,
+    },
+
+    /// DEPRECATED APIs below
    Initialize {
        params: InitializeParams,
        response: InitializeResponse,
@@ -174,13 +224,13 @@ client_request_definitions! {
    },
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct InitializeParams {
    pub client_info: ClientInfo,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ClientInfo {
    pub name: String,
@@ -189,13 +239,13 @@ pub struct ClientInfo {
    pub version: String,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct InitializeResponse {
    pub user_agent: String,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct NewConversationParams {
    /// Optional override for the model name (e.g. "o3", "o4-mini").
@@ -229,16 +279,12 @@ pub struct NewConversationParams {
    #[serde(skip_serializing_if = "Option::is_none")]
    pub base_instructions: Option<String>,

-    /// Whether to include the plan tool in the conversation.
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub include_plan_tool: Option<bool>,
-
    /// Whether to include the apply patch tool in the conversation.
    #[serde(skip_serializing_if = "Option::is_none")]
    pub include_apply_patch_tool: Option<bool>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct NewConversationResponse {
    pub conversation_id: ConversationId,
@@ -249,7 +295,7 @@ pub struct NewConversationResponse {
    pub rollout_path: PathBuf,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ResumeConversationResponse {
    pub conversation_id: ConversationId,
@@ -258,7 +304,7 @@ pub struct ResumeConversationResponse {
    pub initial_messages: Option<Vec<EventMsg>>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ListConversationsParams {
    /// Optional page size; defaults to a reasonable server-side value.
@@ -269,7 +315,7 @@ pub struct ListConversationsParams {
    pub cursor: Option<String>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ConversationSummary {
    pub conversation_id: ConversationId,
@@ -280,7 +326,7 @@ pub struct ConversationSummary {
    pub timestamp: Option<String>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ListConversationsResponse {
    pub items: Vec<ConversationSummary>,
@@ -290,7 +336,80 @@ pub struct ListConversationsResponse {
    pub next_cursor: Option<String>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+pub struct ListModelsParams {
+    /// Optional page size; defaults to a reasonable server-side value.
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub page_size: Option<usize>,
+    /// Opaque pagination cursor returned by a previous call.
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub cursor: Option<String>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+pub struct Model {
+    pub id: String,
+    pub model: String,
+    pub display_name: String,
+    pub description: String,
+    pub supported_reasoning_efforts: Vec<ReasoningEffortOption>,
+    pub default_reasoning_effort: ReasoningEffort,
+    // Only one model should be marked as default.
+    pub is_default: bool,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+pub struct ReasoningEffortOption {
+    pub reasoning_effort: ReasoningEffort,
+    pub description: String,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+pub struct ListModelsResponse {
+    pub items: Vec<Model>,
+    /// Opaque cursor to pass to the next call to continue after the last item.
+    /// if None, there are no more items to return.
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub next_cursor: Option<String>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(tag = "type")]
+#[ts(tag = "type")]
+pub enum LoginAccountParams {
+    #[serde(rename = "apiKey")]
+    #[ts(rename = "apiKey")]
+    ApiKey {
+        #[serde(rename = "apiKey")]
+        #[ts(rename = "apiKey")]
+        api_key: String,
+    },
+    #[serde(rename = "chatgpt")]
+    #[ts(rename = "chatgpt")]
+    ChatGpt,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+pub struct LoginAccountResponse {
+    /// Only set if the login method is ChatGPT.
+    #[schemars(with = "String")]
+    pub login_id: Option<Uuid>,
+
+    /// URL the client should open in a browser to initiate the OAuth flow.
+    /// Only set if the login method is ChatGPT.
+    pub auth_url: Option<String>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+pub struct LogoutAccountResponse {}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ResumeConversationParams {
    /// Absolute path to the rollout JSONL file.
@@ -300,78 +419,81 @@ pub struct ResumeConversationParams {
    pub overrides: Option<NewConversationParams>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct AddConversationSubscriptionResponse {
+    #[schemars(with = "String")]
    pub subscription_id: Uuid,
 }

 /// The [`ConversationId`] must match the `rollout_path`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ArchiveConversationParams {
    pub conversation_id: ConversationId,
    pub rollout_path: PathBuf,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ArchiveConversationResponse {}

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct RemoveConversationSubscriptionResponse {}

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct LoginApiKeyParams {
    pub api_key: String,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct LoginApiKeyResponse {}

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct LoginChatGptResponse {
+    #[schemars(with = "String")]
    pub login_id: Uuid,
    /// URL the client should open in a browser to initiate the OAuth flow.
    pub auth_url: String,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct GitDiffToRemoteResponse {
    pub sha: GitSha,
    pub diff: String,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct CancelLoginChatGptParams {
+    #[schemars(with = "String")]
    pub login_id: Uuid,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct GitDiffToRemoteParams {
    pub cwd: PathBuf,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct CancelLoginChatGptResponse {}

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct LogoutChatGptParams {}

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct LogoutChatGptResponse {}

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct GetAuthStatusParams {
    /// If true, include the current auth token (if available) in the response.
@@ -382,7 +504,7 @@ pub struct GetAuthStatusParams {
    pub refresh_token: Option<bool>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ExecOneOffCommandParams {
    /// Command argv to execute.
@@ -398,7 +520,7 @@ pub struct ExecOneOffCommandParams {
    pub sandbox_policy: Option<SandboxPolicy>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ExecOneOffCommandResponse {
    pub exit_code: i32,
@@ -406,7 +528,19 @@ pub struct ExecOneOffCommandResponse {
    pub stderr: String,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+pub struct GetAccountRateLimitsResponse {
+    pub rate_limits: RateLimitSnapshot,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(transparent)]
+#[ts(export)]
+#[ts(type = "Account | null")]
+pub struct GetAccountResponse(#[ts(type = "Account | null")] pub Option<Account>);
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct GetAuthStatusResponse {
    #[serde(skip_serializing_if = "Option::is_none")]
@@ -421,13 +555,13 @@ pub struct GetAuthStatusResponse {
    pub requires_openai_auth: Option<bool>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct GetUserAgentResponse {
    pub user_agent: String,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct UserInfoResponse {
    /// Note: `alleged_user_email` is not currently verified. We read it from
@@ -437,13 +571,13 @@ pub struct UserInfoResponse {
    pub alleged_user_email: Option<String>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct GetUserSavedConfigResponse {
    pub config: UserSavedConfig,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct SetDefaultModelParams {
    /// If set to None, this means `model` should be cleared in config.toml.
@@ -455,14 +589,14 @@ pub struct SetDefaultModelParams {
    pub reasoning_effort: Option<ReasoningEffort>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct SetDefaultModelResponse {}

 /// UserSavedConfig contains a subset of the config. It is meant to expose mcp
 /// client-configurable settings that can be specified in the NewConversation
 /// and SendUserTurn requests.
-#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, TS)]
+#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct UserSavedConfig {
    /// Approvals
@@ -473,6 +607,11 @@ pub struct UserSavedConfig {
    #[serde(skip_serializing_if = "Option::is_none")]
    pub sandbox_settings: Option<SandboxSettings>,

+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub forced_chatgpt_workspace_id: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub forced_login_method: Option<ForcedLoginMethod>,
+
    /// Model-specific configuration
    #[serde(skip_serializing_if = "Option::is_none")]
    pub model: Option<String>,
@@ -495,7 +634,7 @@ pub struct UserSavedConfig {
 }

 /// MCP representation of a [`codex_core::config_profile::ConfigProfile`].
-#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, TS)]
+#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct Profile {
    pub model: Option<String>,
@@ -509,7 +648,7 @@ pub struct Profile {
    pub chatgpt_base_url: Option<String>,
 }
 /// MCP representation of a [`codex_core::config::ToolsToml`].
-#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, TS)]
+#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct Tools {
    #[serde(skip_serializing_if = "Option::is_none")]
@@ -519,7 +658,7 @@ pub struct Tools {
 }

 /// MCP representation of a [`codex_core::config_types::SandboxWorkspaceWrite`].
-#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, TS)]
+#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct SandboxSettings {
    #[serde(default)]
@@ -532,14 +671,14 @@ pub struct SandboxSettings {
    pub exclude_slash_tmp: Option<bool>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct SendUserMessageParams {
    pub conversation_id: ConversationId,
    pub items: Vec<InputItem>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct SendUserTurnParams {
    pub conversation_id: ConversationId,
@@ -553,39 +692,40 @@ pub struct SendUserTurnParams {
    pub summary: ReasoningSummary,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct SendUserTurnResponse {}

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct InterruptConversationParams {
    pub conversation_id: ConversationId,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct InterruptConversationResponse {
    pub abort_reason: TurnAbortReason,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct SendUserMessageResponse {}

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct AddConversationListenerParams {
    pub conversation_id: ConversationId,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct RemoveConversationListenerParams {
+    #[schemars(with = "String")]
    pub subscription_id: Uuid,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[serde(tag = "type", content = "data")]
 pub enum InputItem {
@@ -617,7 +757,7 @@ macro_rules! server_request_definitions {
    ) => {
        paste! {
            /// Request initiated from the server and sent to the client.
-            #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+            #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
            #[serde(tag = "method", rename_all = "camelCase")]
            pub enum ServerRequest {
                $(
@@ -630,7 +770,7 @@ macro_rules! server_request_definitions {
                )*
            }

-            #[derive(Debug, Clone, PartialEq)]
+            #[derive(Debug, Clone, PartialEq, JsonSchema)]
            pub enum ServerRequestPayload {
                $( $variant([<$variant Params>]), )*
            }
@@ -652,6 +792,15 @@ macro_rules! server_request_definitions {
            }
            Ok(())
        }
+
+        pub fn export_server_response_schemas(
+            out_dir: &::std::path::Path,
+        ) -> ::anyhow::Result<()> {
+            paste! {
+                $(crate::export::write_json_schema::<[<$variant Response>]>(out_dir, stringify!([<$variant Response>]))?;)*
+            }
+            Ok(())
+        }
    };
 }

@@ -670,7 +819,7 @@ server_request_definitions! {
    ExecCommandApproval,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ApplyPatchApprovalParams {
    pub conversation_id: ConversationId,
@@ -687,7 +836,7 @@ pub struct ApplyPatchApprovalParams {
    pub grant_root: Option<PathBuf>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct ExecCommandApprovalParams {
    pub conversation_id: ConversationId,
@@ -701,17 +850,17 @@ pub struct ExecCommandApprovalParams {
    pub parsed_cmd: Vec<ParsedCommand>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 pub struct ExecCommandApprovalResponse {
    pub decision: ReviewDecision,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 pub struct ApplyPatchApprovalResponse {
    pub decision: ReviewDecision,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(rename_all = "camelCase")]
 pub struct FuzzyFileSearchParams {
@@ -723,7 +872,7 @@ pub struct FuzzyFileSearchParams {
 }

 /// Superset of [`codex_file_search::FileMatch`]
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 pub struct FuzzyFileSearchResult {
    pub root: String,
    pub path: String,
@@ -733,21 +882,22 @@ pub struct FuzzyFileSearchResult {
    pub indices: Option<Vec<u32>>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 pub struct FuzzyFileSearchResponse {
    pub files: Vec<FuzzyFileSearchResult>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct LoginChatGptCompleteNotification {
+    #[schemars(with = "String")]
    pub login_id: Uuid,
    pub success: bool,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub error: Option<String>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct SessionConfiguredNotification {
    /// Name left as session_id instead of conversation_id for backwards compatibility.
@@ -775,7 +925,7 @@ pub struct SessionConfiguredNotification {
    pub rollout_path: PathBuf,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 pub struct AuthStatusChangeNotification {
    /// Current authentication method; omitted if signed out.
@@ -784,10 +934,17 @@ pub struct AuthStatusChangeNotification {
 }

 /// Notification sent from the server to the client.
-#[derive(Serialize, Deserialize, Debug, Clone, TS, Display)]
+#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS, Display)]
 #[serde(tag = "method", content = "params", rename_all = "camelCase")]
 #[strum(serialize_all = "camelCase")]
 pub enum ServerNotification {
+    /// NEW NOTIFICATIONS
+    #[serde(rename = "account/rateLimits/updated")]
+    #[ts(rename = "account/rateLimits/updated")]
+    #[strum(serialize = "account/rateLimits/updated")]
+    AccountRateLimitsUpdated(RateLimitSnapshot),
+
+    /// DEPRECATED NOTIFICATIONS below
    /// Authentication status changed
    AuthStatusChange(AuthStatusChangeNotification),

@@ -801,6 +958,7 @@ pub enum ServerNotification {
 impl ServerNotification {
    pub fn to_params(self) -> Result<serde_json::Value, serde_json::Error> {
        match self {
+            ServerNotification::AccountRateLimitsUpdated(params) => serde_json::to_value(params),
            ServerNotification::AuthStatusChange(params) => serde_json::to_value(params),
            ServerNotification::LoginChatGptComplete(params) => serde_json::to_value(params),
            ServerNotification::SessionConfigured(params) => serde_json::to_value(params),
@@ -817,7 +975,7 @@ impl TryFrom<JSONRPCNotification> for ServerNotification {
 }

 /// Notification sent from the client to the server.
-#[derive(Serialize, Deserialize, Debug, Clone, TS, Display)]
+#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS, Display)]
 #[serde(tag = "method", content = "params", rename_all = "camelCase")]
 #[strum(serialize_all = "camelCase")]
 pub enum ClientNotification {
@@ -843,7 +1001,6 @@ mod tests {
                sandbox: None,
                config: None,
                base_instructions: None,
-                include_plan_tool: None,
                include_apply_patch_tool: None,
            },
        };
@@ -940,4 +1097,110 @@ mod tests {
        assert_eq!(payload.request_with_id(RequestId::Integer(7)), request);
        Ok(())
    }
+
+    #[test]
+    fn serialize_get_account_rate_limits() -> Result<()> {
+        let request = ClientRequest::GetAccountRateLimits {
+            request_id: RequestId::Integer(1),
+            params: None,
+        };
+        assert_eq!(
+            json!({
+                "method": "account/rateLimits/read",
+                "id": 1,
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
+    #[test]
+    fn serialize_account_login_api_key() -> Result<()> {
+        let request = ClientRequest::LoginAccount {
+            request_id: RequestId::Integer(2),
+            params: LoginAccountParams::ApiKey {
+                api_key: "secret".to_string(),
+            },
+        };
+        assert_eq!(
+            json!({
+                "method": "account/login",
+                "id": 2,
+                "params": {
+                    "type": "apiKey",
+                    "apiKey": "secret"
+                }
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
+    #[test]
+    fn serialize_account_login_chatgpt() -> Result<()> {
+        let request = ClientRequest::LoginAccount {
+            request_id: RequestId::Integer(3),
+            params: LoginAccountParams::ChatGpt,
+        };
+        assert_eq!(
+            json!({
+                "method": "account/login",
+                "id": 3,
+                "params": {
+                    "type": "chatgpt"
+                }
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
+    #[test]
+    fn serialize_account_logout() -> Result<()> {
+        let request = ClientRequest::LogoutAccount {
+            request_id: RequestId::Integer(4),
+            params: None,
+        };
+        assert_eq!(
+            json!({
+                "method": "account/logout",
+                "id": 4,
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
+    #[test]
+    fn serialize_get_account() -> Result<()> {
+        let request = ClientRequest::GetAccount {
+            request_id: RequestId::Integer(5),
+            params: None,
+        };
+        assert_eq!(
+            json!({
+                "method": "account/read",
+                "id": 5,
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
+    #[test]
+    fn serialize_list_models() -> Result<()> {
+        let request = ClientRequest::ListModels {
+            request_id: RequestId::Integer(6),
+            params: ListModelsParams::default(),
+        };
+        assert_eq!(
+            json!({
+                "method": "model/list",
+                "id": 6,
+                "params": {}
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
 }
--- a/codex-rs/app-server/Cargo.toml
+++ b/codex-rs/app-server/Cargo.toml
@@ -19,11 +19,13 @@ anyhow = { workspace = true }
 codex-arg0 = { workspace = true }
 codex-common = { workspace = true, features = ["cli"] }
 codex-core = { workspace = true }
+codex-backend-client = { workspace = true }
 codex-file-search = { workspace = true }
 codex-login = { workspace = true }
 codex-protocol = { workspace = true }
 codex-app-server-protocol = { workspace = true }
 codex-utils-json-to-toml = { workspace = true }
+chrono = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 tokio = { workspace = true, features = [
@@ -35,6 +37,7 @@ tokio = { workspace = true, features = [
 ] }
 tracing = { workspace = true, features = ["log"] }
 tracing-subscriber = { workspace = true, features = ["env-filter", "fmt"] }
+opentelemetry-appender-tracing = { workspace = true }
 uuid = { workspace = true, features = ["serde", "v7"] }

 [dev-dependencies]
--- a/codex-rs/app-server/src/codex_message_processor.rs
+++ b/codex-rs/app-server/src/codex_message_processor.rs
@@ -1,6 +1,7 @@
 use crate::error_code::INTERNAL_ERROR_CODE;
 use crate::error_code::INVALID_REQUEST_ERROR_CODE;
 use crate::fuzzy_file_search::run_fuzzy_file_search;
+use crate::models::supported_models;
 use crate::outgoing_message::OutgoingMessageSender;
 use crate::outgoing_message::OutgoingNotification;
 use codex_app_server_protocol::AddConversationListenerParams;
@@ -9,6 +10,7 @@ use codex_app_server_protocol::ApplyPatchApprovalParams;
 use codex_app_server_protocol::ApplyPatchApprovalResponse;
 use codex_app_server_protocol::ArchiveConversationParams;
 use codex_app_server_protocol::ArchiveConversationResponse;
+use codex_app_server_protocol::AuthMode;
 use codex_app_server_protocol::AuthStatusChangeNotification;
 use codex_app_server_protocol::ClientRequest;
 use codex_app_server_protocol::ConversationSummary;
@@ -18,6 +20,7 @@ use codex_app_server_protocol::ExecOneOffCommandParams;
 use codex_app_server_protocol::ExecOneOffCommandResponse;
 use codex_app_server_protocol::FuzzyFileSearchParams;
 use codex_app_server_protocol::FuzzyFileSearchResponse;
+use codex_app_server_protocol::GetAccountRateLimitsResponse;
 use codex_app_server_protocol::GetUserAgentResponse;
 use codex_app_server_protocol::GetUserSavedConfigResponse;
 use codex_app_server_protocol::GitDiffToRemoteResponse;
@@ -27,6 +30,8 @@ use codex_app_server_protocol::InterruptConversationResponse;
 use codex_app_server_protocol::JSONRPCErrorError;
 use codex_app_server_protocol::ListConversationsParams;
 use codex_app_server_protocol::ListConversationsResponse;
+use codex_app_server_protocol::ListModelsParams;
+use codex_app_server_protocol::ListModelsResponse;
 use codex_app_server_protocol::LoginApiKeyParams;
 use codex_app_server_protocol::LoginApiKeyResponse;
 use codex_app_server_protocol::LoginChatGptCompleteNotification;
@@ -49,6 +54,7 @@ use codex_app_server_protocol::SetDefaultModelParams;
 use codex_app_server_protocol::SetDefaultModelResponse;
 use codex_app_server_protocol::UserInfoResponse;
 use codex_app_server_protocol::UserSavedConfig;
+use codex_backend_client::Client as BackendClient;
 use codex_core::AuthManager;
 use codex_core::CodexConversation;
 use codex_core::ConversationManager;
@@ -77,17 +83,18 @@ use codex_core::protocol::ApplyPatchApprovalRequestEvent;
 use codex_core::protocol::Event;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::ExecApprovalRequestEvent;
-use codex_core::protocol::InputItem as CoreInputItem;
 use codex_core::protocol::Op;
 use codex_core::protocol::ReviewDecision;
 use codex_login::ServerOptions as LoginServerOptions;
 use codex_login::ShutdownHandle;
 use codex_login::run_login_server;
 use codex_protocol::ConversationId;
-use codex_protocol::models::ContentItem;
+use codex_protocol::config_types::ForcedLoginMethod;
+use codex_protocol::items::TurnItem;
 use codex_protocol::models::ResponseItem;
-use codex_protocol::protocol::InputMessageKind;
+use codex_protocol::protocol::RateLimitSnapshot;
 use codex_protocol::protocol::USER_MESSAGE_BEGIN;
+use codex_protocol::user_input::UserInput as CoreInputItem;
 use codex_utils_json_to_toml::json_to_toml;
 use std::collections::HashMap;
 use std::ffi::OsStr;
@@ -106,7 +113,6 @@ use uuid::Uuid;

 // Duration before a ChatGPT login attempt is abandoned.
 const LOGIN_CHATGPT_TIMEOUT: Duration = Duration::from_secs(10 * 60);
-
 struct ActiveLogin {
    shutdown_handle: ShutdownHandle,
    login_id: Uuid,
@@ -167,6 +173,30 @@ impl CodexMessageProcessor {
            ClientRequest::ListConversations { request_id, params } => {
                self.handle_list_conversations(request_id, params).await;
            }
+            ClientRequest::ListModels { request_id, params } => {
+                self.list_models(request_id, params).await;
+            }
+            ClientRequest::LoginAccount {
+                request_id,
+                params: _,
+            } => {
+                self.send_unimplemented_error(request_id, "account/login")
+                    .await;
+            }
+            ClientRequest::LogoutAccount {
+                request_id,
+                params: _,
+            } => {
+                self.send_unimplemented_error(request_id, "account/logout")
+                    .await;
+            }
+            ClientRequest::GetAccount {
+                request_id,
+                params: _,
+            } => {
+                self.send_unimplemented_error(request_id, "account/read")
+                    .await;
+            }
            ClientRequest::ResumeConversation { request_id, params } => {
                self.handle_resume_conversation(request_id, params).await;
            }
@@ -239,10 +269,38 @@ impl CodexMessageProcessor {
            ClientRequest::ExecOneOffCommand { request_id, params } => {
                self.exec_one_off_command(request_id, params).await;
            }
+            ClientRequest::GetAccountRateLimits {
+                request_id,
+                params: _,
+            } => {
+                self.get_account_rate_limits(request_id).await;
+            }
        }
    }

+    async fn send_unimplemented_error(&self, request_id: RequestId, method: &str) {
+        let error = JSONRPCErrorError {
+            code: INTERNAL_ERROR_CODE,
+            message: format!("{method} is not implemented yet"),
+            data: None,
+        };
+        self.outgoing.send_error(request_id, error).await;
+    }
+
    async fn login_api_key(&mut self, request_id: RequestId, params: LoginApiKeyParams) {
+        if matches!(
+            self.config.forced_login_method,
+            Some(ForcedLoginMethod::Chatgpt)
+        ) {
+            let error = JSONRPCErrorError {
+                code: INVALID_REQUEST_ERROR_CODE,
+                message: "API key login is disabled. Use ChatGPT login instead.".to_string(),
+                data: None,
+            };
+            self.outgoing.send_error(request_id, error).await;
+            return;
+        }
+
        {
            let mut guard = self.active_login.lock().await;
            if let Some(active) = guard.take() {
@@ -278,9 +336,23 @@ impl CodexMessageProcessor {
    async fn login_chatgpt(&mut self, request_id: RequestId) {
        let config = self.config.as_ref();

+        if matches!(config.forced_login_method, Some(ForcedLoginMethod::Api)) {
+            let error = JSONRPCErrorError {
+                code: INVALID_REQUEST_ERROR_CODE,
+                message: "ChatGPT login is disabled. Use API key login instead.".to_string(),
+                data: None,
+            };
+            self.outgoing.send_error(request_id, error).await;
+            return;
+        }
+
        let opts = LoginServerOptions {
            open_browser: false,
-            ..LoginServerOptions::new(config.codex_home.clone(), CLIENT_ID.to_string())
+            ..LoginServerOptions::new(
+                config.codex_home.clone(),
+                CLIENT_ID.to_string(),
+                config.forced_chatgpt_workspace_id.clone(),
+            )
        };

        enum LoginChatGptReply {
@@ -499,6 +571,53 @@ impl CodexMessageProcessor {
        self.outgoing.send_response(request_id, response).await;
    }

+    async fn get_account_rate_limits(&self, request_id: RequestId) {
+        match self.fetch_account_rate_limits().await {
+            Ok(rate_limits) => {
+                let response = GetAccountRateLimitsResponse { rate_limits };
+                self.outgoing.send_response(request_id, response).await;
+            }
+            Err(error) => {
+                self.outgoing.send_error(request_id, error).await;
+            }
+        }
+    }
+
+    async fn fetch_account_rate_limits(&self) -> Result<RateLimitSnapshot, JSONRPCErrorError> {
+        let Some(auth) = self.auth_manager.auth() else {
+            return Err(JSONRPCErrorError {
+                code: INVALID_REQUEST_ERROR_CODE,
+                message: "codex account authentication required to read rate limits".to_string(),
+                data: None,
+            });
+        };
+
+        if auth.mode != AuthMode::ChatGPT {
+            return Err(JSONRPCErrorError {
+                code: INVALID_REQUEST_ERROR_CODE,
+                message: "chatgpt authentication required to read rate limits".to_string(),
+                data: None,
+            });
+        }
+
+        let client = BackendClient::from_auth(self.config.chatgpt_base_url.clone(), &auth)
+            .await
+            .map_err(|err| JSONRPCErrorError {
+                code: INTERNAL_ERROR_CODE,
+                message: format!("failed to construct backend client: {err}"),
+                data: None,
+            })?;
+
+        client
+            .get_rate_limits()
+            .await
+            .map_err(|err| JSONRPCErrorError {
+                code: INTERNAL_ERROR_CODE,
+                message: format!("failed to fetch codex rate limits: {err}"),
+                data: None,
+            })
+    }
+
    async fn get_user_saved_config(&self, request_id: RequestId) {
        let toml_value = match load_config_as_toml(&self.config.codex_home).await {
            Ok(val) => val,
@@ -603,6 +722,7 @@ impl CodexMessageProcessor {
            env,
            with_escalated_permissions: None,
            justification: None,
+            arg0: None,
        };

        let effective_policy = params
@@ -745,6 +865,58 @@ impl CodexMessageProcessor {
        self.outgoing.send_response(request_id, response).await;
    }

+    async fn list_models(&self, request_id: RequestId, params: ListModelsParams) {
+        let ListModelsParams { page_size, cursor } = params;
+        let models = supported_models();
+        let total = models.len();
+
+        if total == 0 {
+            let response = ListModelsResponse {
+                items: Vec::new(),
+                next_cursor: None,
+            };
+            self.outgoing.send_response(request_id, response).await;
+            return;
+        }
+
+        let effective_page_size = page_size.unwrap_or(total).max(1).min(total);
+        let start = match cursor {
+            Some(cursor) => match cursor.parse::<usize>() {
+                Ok(idx) => idx,
+                Err(_) => {
+                    let error = JSONRPCErrorError {
+                        code: INVALID_REQUEST_ERROR_CODE,
+                        message: format!("invalid cursor: {cursor}"),
+                        data: None,
+                    };
+                    self.outgoing.send_error(request_id, error).await;
+                    return;
+                }
+            },
+            None => 0,
+        };
+
+        if start > total {
+            let error = JSONRPCErrorError {
+                code: INVALID_REQUEST_ERROR_CODE,
+                message: format!("cursor {start} exceeds total models {total}"),
+                data: None,
+            };
+            self.outgoing.send_error(request_id, error).await;
+            return;
+        }
+
+        let end = start.saturating_add(effective_page_size).min(total);
+        let items = models[start..end].to_vec();
+        let next_cursor = if end < total {
+            Some(end.to_string())
+        } else {
+            None
+        };
+        let response = ListModelsResponse { items, next_cursor };
+        self.outgoing.send_response(request_id, response).await;
+    }
+
    async fn handle_resume_conversation(
        &self,
        request_id: RequestId,
@@ -797,18 +969,9 @@ impl CodexMessageProcessor {
                        },
                    ))
                    .await;
-                let initial_messages = session_configured.initial_messages.map(|msgs| {
-                    msgs.into_iter()
-                        .filter(|event| {
-                            // Don't send non-plain user messages (like user instructions
-                            // or environment context) back so they don't get rendered.
-                            if let EventMsg::UserMessage(user_message) = event {
-                                return matches!(user_message.kind, Some(InputMessageKind::Plain));
-                            }
-                            true
-                        })
-                        .collect()
-                });
+                let initial_messages = session_configured
+                    .initial_messages
+                    .map(|msgs| msgs.into_iter().collect());

                // Reply with conversation id + model and initial messages (when present)
                let response = codex_app_server_protocol::ResumeConversationResponse {
@@ -1303,6 +1466,15 @@ async fn apply_bespoke_event_handling(
                on_exec_approval_response(event_id, rx, conversation).await;
            });
        }
+        EventMsg::TokenCount(token_count_event) => {
+            if let Some(rate_limits) = token_count_event.rate_limits {
+                outgoing
+                    .send_server_notification(ServerNotification::AccountRateLimitsUpdated(
+                        rate_limits,
+                    ))
+                    .await;
+            }
+        }
        // If this is a TurnAborted, reply to any pending interrupt requests.
        EventMsg::TurnAborted(turn_aborted_event) => {
            let pending = {
@@ -1335,7 +1507,6 @@ async fn derive_config_from_params(
        sandbox: sandbox_mode,
        config: cli_overrides,
        base_instructions,
-        include_plan_tool,
        include_apply_patch_tool,
    } = params;
    let overrides = ConfigOverrides {
@@ -1348,11 +1519,11 @@ async fn derive_config_from_params(
        model_provider: None,
        codex_linux_sandbox_exe,
        base_instructions,
-        include_plan_tool,
        include_apply_patch_tool,
        include_view_image_tool: None,
        show_raw_agent_reasoning: None,
        tools_web_search_request: None,
+        additional_writable_roots: Vec::new(),
    };

    let cli_overrides = cli_overrides
@@ -1454,18 +1625,8 @@ fn extract_conversation_summary(
    let preview = head
        .iter()
        .filter_map(|value| serde_json::from_value::<ResponseItem>(value.clone()).ok())
-        .find_map(|item| match item {
-            ResponseItem::Message { content, .. } => {
-                content.into_iter().find_map(|content| match content {
-                    ContentItem::InputText { text } => {
-                        match InputMessageKind::from(("user", &text)) {
-                            InputMessageKind::Plain => Some(text),
-                            _ => None,
-                        }
-                    }
-                    _ => None,
-                })
-            }
+        .find_map(|item| match codex_core::parse_turn_item(&item) {
+            Some(TurnItem::UserMessage(user)) => Some(user.message()),
            _ => None,
        })?;

--- a/codex-rs/app-server/src/fuzzy_file_search.rs
+++ b/codex-rs/app-server/src/fuzzy_file_search.rs
@@ -46,6 +46,7 @@ pub(crate) async fn run_fuzzy_file_search(
                threads,
                cancel_flag,
                COMPUTE_INDICES,
+                true,
            ) {
                Ok(res) => Ok((root, res)),
                Err(err) => Err((root, err)),
--- a/codex-rs/app-server/src/lib.rs
+++ b/codex-rs/app-server/src/lib.rs
@@ -1,13 +1,16 @@
 #![deny(clippy::print_stdout, clippy::print_stderr)]

-use std::io::ErrorKind;
-use std::io::Result as IoResult;
-use std::path::PathBuf;
-
 use codex_common::CliConfigOverrides;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
+use opentelemetry_appender_tracing::layer::OpenTelemetryTracingBridge;
+use std::io::ErrorKind;
+use std::io::Result as IoResult;
+use std::path::PathBuf;

+use crate::message_processor::MessageProcessor;
+use crate::outgoing_message::OutgoingMessage;
+use crate::outgoing_message::OutgoingMessageSender;
 use codex_app_server_protocol::JSONRPCMessage;
 use tokio::io::AsyncBufReadExt;
 use tokio::io::AsyncWriteExt;
@@ -18,15 +21,15 @@ use tracing::debug;
 use tracing::error;
 use tracing::info;
 use tracing_subscriber::EnvFilter;
-
-use crate::message_processor::MessageProcessor;
-use crate::outgoing_message::OutgoingMessage;
-use crate::outgoing_message::OutgoingMessageSender;
+use tracing_subscriber::Layer;
+use tracing_subscriber::layer::SubscriberExt;
+use tracing_subscriber::util::SubscriberInitExt;

 mod codex_message_processor;
 mod error_code;
 mod fuzzy_file_search;
 mod message_processor;
+mod models;
 mod outgoing_message;

 /// Size of the bounded channels used to communicate between tasks. The value
@@ -38,13 +41,6 @@ pub async fn run_main(
    codex_linux_sandbox_exe: Option<PathBuf>,
    cli_config_overrides: CliConfigOverrides,
 ) -> IoResult<()> {
-    // Install a simple subscriber so `tracing` output is visible.  Users can
-    // control the log level with `RUST_LOG`.
-    tracing_subscriber::fmt()
-        .with_writer(std::io::stderr)
-        .with_env_filter(EnvFilter::from_default_env())
-        .init();
-
    // Set up channels.
    let (incoming_tx, mut incoming_rx) = mpsc::channel::<JSONRPCMessage>(CHANNEL_CAPACITY);
    let (outgoing_tx, mut outgoing_rx) = mpsc::unbounded_channel::<OutgoingMessage>();
@@ -86,6 +82,29 @@ pub async fn run_main(
            std::io::Error::new(ErrorKind::InvalidData, format!("error loading config: {e}"))
        })?;

+    let otel =
+        codex_core::otel_init::build_provider(&config, env!("CARGO_PKG_VERSION")).map_err(|e| {
+            std::io::Error::new(
+                ErrorKind::InvalidData,
+                format!("error loading otel config: {e}"),
+            )
+        })?;
+
+    // Install a simple subscriber so `tracing` output is visible.  Users can
+    // control the log level with `RUST_LOG`.
+    let stderr_fmt = tracing_subscriber::fmt::layer()
+        .with_writer(std::io::stderr)
+        .with_filter(EnvFilter::from_default_env());
+
+    let _ = tracing_subscriber::registry()
+        .with(stderr_fmt)
+        .with(otel.as_ref().map(|provider| {
+            OpenTelemetryTracingBridge::new(&provider.logger).with_filter(
+                tracing_subscriber::filter::filter_fn(codex_core::otel_init::codex_export_filter),
+            )
+        }))
+        .try_init();
+
    // Task: process incoming messages.
    let processor_handle = tokio::spawn({
        let outgoing_message_sender = OutgoingMessageSender::new(outgoing_tx);
--- a/codex-rs/app-server/src/models.rs
+++ b/codex-rs/app-server/src/models.rs
@@ -0,0 +1,38 @@
+use codex_app_server_protocol::Model;
+use codex_app_server_protocol::ReasoningEffortOption;
+use codex_common::model_presets::ModelPreset;
+use codex_common::model_presets::ReasoningEffortPreset;
+use codex_common::model_presets::builtin_model_presets;
+
+pub fn supported_models() -> Vec<Model> {
+    builtin_model_presets(None)
+        .into_iter()
+        .map(model_from_preset)
+        .collect()
+}
+
+fn model_from_preset(preset: ModelPreset) -> Model {
+    Model {
+        id: preset.id.to_string(),
+        model: preset.model.to_string(),
+        display_name: preset.display_name.to_string(),
+        description: preset.description.to_string(),
+        supported_reasoning_efforts: reasoning_efforts_from_preset(
+            preset.supported_reasoning_efforts,
+        ),
+        default_reasoning_effort: preset.default_reasoning_effort,
+        is_default: preset.is_default,
+    }
+}
+
+fn reasoning_efforts_from_preset(
+    efforts: &'static [ReasoningEffortPreset],
+) -> Vec<ReasoningEffortOption> {
+    efforts
+        .iter()
+        .map(|preset| ReasoningEffortOption {
+            reasoning_effort: preset.effort,
+            description: preset.description.to_string(),
+        })
+        .collect()
+}
--- a/codex-rs/app-server/src/outgoing_message.rs
+++ b/codex-rs/app-server/src/outgoing_message.rs
@@ -142,6 +142,8 @@ pub(crate) struct OutgoingError {
 #[cfg(test)]
 mod tests {
    use codex_app_server_protocol::LoginChatGptCompleteNotification;
+    use codex_protocol::protocol::RateLimitSnapshot;
+    use codex_protocol::protocol::RateLimitWindow;
    use pretty_assertions::assert_eq;
    use serde_json::json;
    use uuid::Uuid;
@@ -171,4 +173,34 @@ mod tests {
            "ensure the strum macros serialize the method field correctly"
        );
    }
+
+    #[test]
+    fn verify_account_rate_limits_notification_serialization() {
+        let notification = ServerNotification::AccountRateLimitsUpdated(RateLimitSnapshot {
+            primary: Some(RateLimitWindow {
+                used_percent: 25.0,
+                window_minutes: Some(15),
+                resets_at: Some(123),
+            }),
+            secondary: None,
+        });
+
+        let jsonrpc_notification = OutgoingMessage::AppServerNotification(notification);
+        assert_eq!(
+            json!({
+                "method": "account/rateLimits/updated",
+                "params": {
+                    "primary": {
+                        "used_percent": 25.0,
+                        "window_minutes": 15,
+                        "resets_at": 123,
+                    },
+                    "secondary": null,
+                },
+            }),
+            serde_json::to_value(jsonrpc_notification)
+                .expect("ensure the notification serializes correctly"),
+            "ensure the notification serializes correctly"
+        );
+    }
 }
--- a/codex-rs/app-server/tests/common/Cargo.toml
+++ b/codex-rs/app-server/tests/common/Cargo.toml
@@ -9,7 +9,10 @@ path = "lib.rs"
 [dependencies]
 anyhow = { workspace = true }
 assert_cmd = { workspace = true }
+base64 = { workspace = true }
+chrono = { workspace = true }
 codex-app-server-protocol = { workspace = true }
+codex-core = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 tokio = { workspace = true, features = [
--- a/codex-rs/app-server/tests/common/auth_fixtures.rs
+++ b/codex-rs/app-server/tests/common/auth_fixtures.rs
@@ -0,0 +1,131 @@
+use std::path::Path;
+
+use anyhow::Context;
+use anyhow::Result;
+use base64::Engine;
+use base64::engine::general_purpose::URL_SAFE_NO_PAD;
+use chrono::DateTime;
+use chrono::Utc;
+use codex_core::auth::AuthDotJson;
+use codex_core::auth::get_auth_file;
+use codex_core::auth::write_auth_json;
+use codex_core::token_data::TokenData;
+use codex_core::token_data::parse_id_token;
+use serde_json::json;
+
+/// Builder for writing a fake ChatGPT auth.json in tests.
+#[derive(Debug, Clone)]
+pub struct ChatGptAuthFixture {
+    access_token: String,
+    refresh_token: String,
+    account_id: Option<String>,
+    claims: ChatGptIdTokenClaims,
+    last_refresh: Option<Option<DateTime<Utc>>>,
+}
+
+impl ChatGptAuthFixture {
+    pub fn new(access_token: impl Into<String>) -> Self {
+        Self {
+            access_token: access_token.into(),
+            refresh_token: "refresh-token".to_string(),
+            account_id: None,
+            claims: ChatGptIdTokenClaims::default(),
+            last_refresh: None,
+        }
+    }
+
+    pub fn refresh_token(mut self, refresh_token: impl Into<String>) -> Self {
+        self.refresh_token = refresh_token.into();
+        self
+    }
+
+    pub fn account_id(mut self, account_id: impl Into<String>) -> Self {
+        self.account_id = Some(account_id.into());
+        self
+    }
+
+    pub fn plan_type(mut self, plan_type: impl Into<String>) -> Self {
+        self.claims.plan_type = Some(plan_type.into());
+        self
+    }
+
+    pub fn email(mut self, email: impl Into<String>) -> Self {
+        self.claims.email = Some(email.into());
+        self
+    }
+
+    pub fn last_refresh(mut self, last_refresh: Option<DateTime<Utc>>) -> Self {
+        self.last_refresh = Some(last_refresh);
+        self
+    }
+
+    pub fn claims(mut self, claims: ChatGptIdTokenClaims) -> Self {
+        self.claims = claims;
+        self
+    }
+}
+
+#[derive(Debug, Clone, Default)]
+pub struct ChatGptIdTokenClaims {
+    pub email: Option<String>,
+    pub plan_type: Option<String>,
+}
+
+impl ChatGptIdTokenClaims {
+    pub fn new() -> Self {
+        Self::default()
+    }
+
+    pub fn email(mut self, email: impl Into<String>) -> Self {
+        self.email = Some(email.into());
+        self
+    }
+
+    pub fn plan_type(mut self, plan_type: impl Into<String>) -> Self {
+        self.plan_type = Some(plan_type.into());
+        self
+    }
+}
+
+pub fn encode_id_token(claims: &ChatGptIdTokenClaims) -> Result<String> {
+    let header = json!({ "alg": "none", "typ": "JWT" });
+    let mut payload = serde_json::Map::new();
+    if let Some(email) = &claims.email {
+        payload.insert("email".to_string(), json!(email));
+    }
+    if let Some(plan_type) = &claims.plan_type {
+        payload.insert(
+            "https://api.openai.com/auth".to_string(),
+            json!({ "chatgpt_plan_type": plan_type }),
+        );
+    }
+    let payload = serde_json::Value::Object(payload);
+
+    let header_b64 =
+        URL_SAFE_NO_PAD.encode(serde_json::to_vec(&header).context("serialize jwt header")?);
+    let payload_b64 =
+        URL_SAFE_NO_PAD.encode(serde_json::to_vec(&payload).context("serialize jwt payload")?);
+    let signature_b64 = URL_SAFE_NO_PAD.encode(b"signature");
+    Ok(format!("{header_b64}.{payload_b64}.{signature_b64}"))
+}
+
+pub fn write_chatgpt_auth(codex_home: &Path, fixture: ChatGptAuthFixture) -> Result<()> {
+    let id_token_raw = encode_id_token(&fixture.claims)?;
+    let id_token = parse_id_token(&id_token_raw).context("parse id token")?;
+    let tokens = TokenData {
+        id_token,
+        access_token: fixture.access_token,
+        refresh_token: fixture.refresh_token,
+        account_id: fixture.account_id,
+    };
+
+    let last_refresh = fixture.last_refresh.unwrap_or_else(|| Some(Utc::now()));
+
+    let auth = AuthDotJson {
+        openai_api_key: None,
+        tokens: Some(tokens),
+        last_refresh,
+    };
+
+    write_auth_json(&get_auth_file(codex_home), &auth).context("write auth.json")
+}
--- a/codex-rs/app-server/tests/common/lib.rs
+++ b/codex-rs/app-server/tests/common/lib.rs
@@ -1,7 +1,12 @@
+mod auth_fixtures;
 mod mcp_process;
 mod mock_model_server;
 mod responses;

+pub use auth_fixtures::ChatGptAuthFixture;
+pub use auth_fixtures::ChatGptIdTokenClaims;
+pub use auth_fixtures::encode_id_token;
+pub use auth_fixtures::write_chatgpt_auth;
 use codex_app_server_protocol::JSONRPCResponse;
 pub use mcp_process::McpProcess;
 pub use mock_model_server::create_mock_chat_completions_server;
--- a/codex-rs/app-server/tests/common/mcp_process.rs
+++ b/codex-rs/app-server/tests/common/mcp_process.rs
@@ -21,6 +21,7 @@ use codex_app_server_protocol::GetAuthStatusParams;
 use codex_app_server_protocol::InitializeParams;
 use codex_app_server_protocol::InterruptConversationParams;
 use codex_app_server_protocol::ListConversationsParams;
+use codex_app_server_protocol::ListModelsParams;
 use codex_app_server_protocol::LoginApiKeyParams;
 use codex_app_server_protocol::NewConversationParams;
 use codex_app_server_protocol::RemoveConversationListenerParams;
@@ -236,6 +237,11 @@ impl McpProcess {
        self.send_request("getUserAgent", None).await
    }

+    /// Send an `account/rateLimits/read` JSON-RPC request.
+    pub async fn send_get_account_rate_limits_request(&mut self) -> anyhow::Result<i64> {
+        self.send_request("account/rateLimits/read", None).await
+    }
+
    /// Send a `userInfo` JSON-RPC request.
    pub async fn send_user_info_request(&mut self) -> anyhow::Result<i64> {
        self.send_request("userInfo", None).await
@@ -259,6 +265,15 @@ impl McpProcess {
        self.send_request("listConversations", params).await
    }

+    /// Send a `model/list` JSON-RPC request.
+    pub async fn send_list_models_request(
+        &mut self,
+        params: ListModelsParams,
+    ) -> anyhow::Result<i64> {
+        let params = Some(serde_json::to_value(params)?);
+        self.send_request("model/list", params).await
+    }
+
    /// Send a `resumeConversation` JSON-RPC request.
    pub async fn send_resume_conversation_request(
        &mut self,
--- a/codex-rs/app-server/tests/suite/auth.rs
+++ b/codex-rs/app-server/tests/suite/auth.rs
@@ -5,6 +5,7 @@ use app_test_support::to_response;
 use codex_app_server_protocol::AuthMode;
 use codex_app_server_protocol::GetAuthStatusParams;
 use codex_app_server_protocol::GetAuthStatusResponse;
+use codex_app_server_protocol::JSONRPCError;
 use codex_app_server_protocol::JSONRPCResponse;
 use codex_app_server_protocol::LoginApiKeyParams;
 use codex_app_server_protocol::LoginApiKeyResponse;
@@ -57,6 +58,19 @@ sandbox_mode = "danger-full-access"
    )
 }

+fn create_config_toml_forced_login(codex_home: &Path, forced_method: &str) -> std::io::Result<()> {
+    let config_toml = codex_home.join("config.toml");
+    let contents = format!(
+        r#"
+model = "mock-model"
+approval_policy = "never"
+sandbox_mode = "danger-full-access"
+forced_login_method = "{forced_method}"
+"#
+    );
+    std::fs::write(config_toml, contents)
+}
+
 async fn login_with_api_key_via_request(mcp: &mut McpProcess, api_key: &str) {
    let request_id = mcp
        .send_login_api_key_request(LoginApiKeyParams {
@@ -221,3 +235,38 @@ async fn get_auth_status_with_api_key_no_include_token() {
    assert_eq!(status.auth_method, Some(AuthMode::ApiKey));
    assert!(status.auth_token.is_none(), "token must be omitted");
 }
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn login_api_key_rejected_when_forced_chatgpt() {
+    let codex_home = TempDir::new().unwrap_or_else(|e| panic!("create tempdir: {e}"));
+    create_config_toml_forced_login(codex_home.path(), "chatgpt")
+        .unwrap_or_else(|err| panic!("write config.toml: {err}"));
+
+    let mut mcp = McpProcess::new(codex_home.path())
+        .await
+        .expect("spawn mcp process");
+    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize())
+        .await
+        .expect("init timeout")
+        .expect("init failed");
+
+    let request_id = mcp
+        .send_login_api_key_request(LoginApiKeyParams {
+            api_key: "sk-test-key".to_string(),
+        })
+        .await
+        .expect("send loginApiKey");
+
+    let err: JSONRPCError = timeout(
+        DEFAULT_READ_TIMEOUT,
+        mcp.read_stream_until_error_message(RequestId::Integer(request_id)),
+    )
+    .await
+    .expect("loginApiKey error timeout")
+    .expect("loginApiKey error");
+
+    assert_eq!(
+        err.error.message,
+        "API key login is disabled. Use ChatGPT login instead."
+    );
+}
--- a/codex-rs/app-server/tests/suite/codex_message_processor_flow.rs
+++ b/codex-rs/app-server/tests/suite/codex_message_processor_flow.rs
@@ -30,7 +30,6 @@ use codex_protocol::config_types::SandboxMode;
 use codex_protocol::parse_command::ParsedCommand;
 use codex_protocol::protocol::Event;
 use codex_protocol::protocol::EventMsg;
-use codex_protocol::protocol::InputMessageKind;
 use pretty_assertions::assert_eq;
 use std::env;
 use tempfile::TempDir;
@@ -528,43 +527,6 @@ async fn test_send_user_turn_updates_sandbox_and_cwd_between_turns() {
    .expect("sendUserTurn 2 timeout")
    .expect("sendUserTurn 2 resp");

-    let mut env_message: Option<String> = None;
-    let second_cwd_str = second_cwd.to_string_lossy().into_owned();
-    for _ in 0..10 {
-        let notification = timeout(
-            DEFAULT_READ_TIMEOUT,
-            mcp.read_stream_until_notification_message("codex/event/user_message"),
-        )
-        .await
-        .expect("user_message timeout")
-        .expect("user_message notification");
-        let params = notification
-            .params
-            .clone()
-            .expect("user_message should include params");
-        let event: Event = serde_json::from_value(params).expect("deserialize user_message event");
-        if let EventMsg::UserMessage(user) = event.msg
-            && matches!(user.kind, Some(InputMessageKind::EnvironmentContext))
-            && user.message.contains(&second_cwd_str)
-        {
-            env_message = Some(user.message);
-            break;
-        }
-    }
-    let env_message = env_message.expect("expected environment context update");
-    assert!(
-        env_message.contains("<sandbox_mode>danger-full-access</sandbox_mode>"),
-        "env context should reflect new sandbox mode: {env_message}"
-    );
-    assert!(
-        env_message.contains("<network_access>enabled</network_access>"),
-        "env context should enable network access for danger-full-access policy: {env_message}"
-    );
-    assert!(
-        env_message.contains(&second_cwd_str),
-        "env context should include updated cwd: {env_message}"
-    );
-
    let exec_begin_notification = timeout(
        DEFAULT_READ_TIMEOUT,
        mcp.read_stream_until_notification_message("codex/event/exec_command_begin"),
--- a/codex-rs/app-server/tests/suite/config.rs
+++ b/codex-rs/app-server/tests/suite/config.rs
@@ -11,6 +11,7 @@ use codex_app_server_protocol::SandboxSettings;
 use codex_app_server_protocol::Tools;
 use codex_app_server_protocol::UserSavedConfig;
 use codex_core::protocol::AskForApproval;
+use codex_protocol::config_types::ForcedLoginMethod;
 use codex_protocol::config_types::ReasoningEffort;
 use codex_protocol::config_types::ReasoningSummary;
 use codex_protocol::config_types::SandboxMode;
@@ -33,6 +34,8 @@ model_reasoning_summary = "detailed"
 model_reasoning_effort = "high"
 model_verbosity = "medium"
 profile = "test"
+forced_chatgpt_workspace_id = "12345678-0000-0000-0000-000000000000"
+forced_login_method = "chatgpt"

 [sandbox_workspace_write]
 writable_roots = ["/tmp"]
@@ -92,6 +95,8 @@ async fn get_config_toml_parses_all_fields() {
                exclude_tmpdir_env_var: Some(true),
                exclude_slash_tmp: Some(true),
            }),
+            forced_chatgpt_workspace_id: Some("12345678-0000-0000-0000-000000000000".into()),
+            forced_login_method: Some(ForcedLoginMethod::Chatgpt),
            model: Some("gpt-5-codex".into()),
            model_reasoning_effort: Some(ReasoningEffort::High),
            model_reasoning_summary: Some(ReasoningSummary::Detailed),
@@ -149,6 +154,8 @@ async fn get_config_toml_empty() {
            approval_policy: None,
            sandbox_mode: None,
            sandbox_settings: None,
+            forced_chatgpt_workspace_id: None,
+            forced_login_method: None,
            model: None,
            model_reasoning_effort: None,
            model_reasoning_summary: None,
--- a/codex-rs/app-server/tests/suite/login.rs
+++ b/codex-rs/app-server/tests/suite/login.rs
@@ -7,6 +7,7 @@ use codex_app_server_protocol::CancelLoginChatGptParams;
 use codex_app_server_protocol::CancelLoginChatGptResponse;
 use codex_app_server_protocol::GetAuthStatusParams;
 use codex_app_server_protocol::GetAuthStatusResponse;
+use codex_app_server_protocol::JSONRPCError;
 use codex_app_server_protocol::JSONRPCResponse;
 use codex_app_server_protocol::LoginChatGptResponse;
 use codex_app_server_protocol::LogoutChatGptResponse;
@@ -144,3 +145,97 @@ async fn login_and_cancel_chatgpt() {
        eprintln!("warning: did not observe login_chat_gpt_complete notification after cancel");
    }
 }
+
+fn create_config_toml_forced_login(codex_home: &Path, forced_method: &str) -> std::io::Result<()> {
+    let config_toml = codex_home.join("config.toml");
+    let contents = format!(
+        r#"
+model = "mock-model"
+approval_policy = "never"
+sandbox_mode = "danger-full-access"
+forced_login_method = "{forced_method}"
+"#
+    );
+    std::fs::write(config_toml, contents)
+}
+
+fn create_config_toml_forced_workspace(
+    codex_home: &Path,
+    workspace_id: &str,
+) -> std::io::Result<()> {
+    let config_toml = codex_home.join("config.toml");
+    let contents = format!(
+        r#"
+model = "mock-model"
+approval_policy = "never"
+sandbox_mode = "danger-full-access"
+forced_chatgpt_workspace_id = "{workspace_id}"
+"#
+    );
+    std::fs::write(config_toml, contents)
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn login_chatgpt_rejected_when_forced_api() {
+    let codex_home = TempDir::new().unwrap_or_else(|e| panic!("create tempdir: {e}"));
+    create_config_toml_forced_login(codex_home.path(), "api")
+        .unwrap_or_else(|err| panic!("write config.toml: {err}"));
+
+    let mut mcp = McpProcess::new(codex_home.path())
+        .await
+        .expect("spawn mcp process");
+    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize())
+        .await
+        .expect("init timeout")
+        .expect("init failed");
+
+    let request_id = mcp
+        .send_login_chat_gpt_request()
+        .await
+        .expect("send loginChatGpt");
+    let err: JSONRPCError = timeout(
+        DEFAULT_READ_TIMEOUT,
+        mcp.read_stream_until_error_message(RequestId::Integer(request_id)),
+    )
+    .await
+    .expect("loginChatGpt error timeout")
+    .expect("loginChatGpt error");
+
+    assert_eq!(
+        err.error.message,
+        "ChatGPT login is disabled. Use API key login instead."
+    );
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn login_chatgpt_includes_forced_workspace_query_param() {
+    let codex_home = TempDir::new().unwrap_or_else(|e| panic!("create tempdir: {e}"));
+    create_config_toml_forced_workspace(codex_home.path(), "ws-forced")
+        .unwrap_or_else(|err| panic!("write config.toml: {err}"));
+
+    let mut mcp = McpProcess::new(codex_home.path())
+        .await
+        .expect("spawn mcp process");
+    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize())
+        .await
+        .expect("init timeout")
+        .expect("init failed");
+
+    let request_id = mcp
+        .send_login_chat_gpt_request()
+        .await
+        .expect("send loginChatGpt");
+    let resp: JSONRPCResponse = timeout(
+        DEFAULT_READ_TIMEOUT,
+        mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
+    )
+    .await
+    .expect("loginChatGpt timeout")
+    .expect("loginChatGpt response");
+
+    let login: LoginChatGptResponse = to_response(resp).expect("deserialize login resp");
+    assert!(
+        login.auth_url.contains("allowed_workspace_id=ws-forced"),
+        "auth URL should include forced workspace"
+    );
+}
--- a/codex-rs/app-server/tests/suite/mod.rs
+++ b/codex-rs/app-server/tests/suite/mod.rs
@@ -7,6 +7,8 @@ mod fuzzy_file_search;
 mod interrupt;
 mod list_resume;
 mod login;
+mod model_list;
+mod rate_limits;
 mod send_message;
 mod set_default_model;
 mod user_agent;
--- a/codex-rs/app-server/tests/suite/model_list.rs
+++ b/codex-rs/app-server/tests/suite/model_list.rs
@@ -0,0 +1,183 @@
+use std::time::Duration;
+
+use anyhow::Result;
+use anyhow::anyhow;
+use app_test_support::McpProcess;
+use app_test_support::to_response;
+use codex_app_server_protocol::JSONRPCError;
+use codex_app_server_protocol::JSONRPCResponse;
+use codex_app_server_protocol::ListModelsParams;
+use codex_app_server_protocol::ListModelsResponse;
+use codex_app_server_protocol::Model;
+use codex_app_server_protocol::ReasoningEffortOption;
+use codex_app_server_protocol::RequestId;
+use codex_protocol::config_types::ReasoningEffort;
+use pretty_assertions::assert_eq;
+use tempfile::TempDir;
+use tokio::time::timeout;
+
+const DEFAULT_TIMEOUT: Duration = Duration::from_secs(10);
+const INVALID_REQUEST_ERROR_CODE: i64 = -32600;
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn list_models_returns_all_models_with_large_limit() -> Result<()> {
+    let codex_home = TempDir::new()?;
+    let mut mcp = McpProcess::new(codex_home.path()).await?;
+
+    timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??;
+
+    let request_id = mcp
+        .send_list_models_request(ListModelsParams {
+            page_size: Some(100),
+            cursor: None,
+        })
+        .await?;
+
+    let response: JSONRPCResponse = timeout(
+        DEFAULT_TIMEOUT,
+        mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
+    )
+    .await??;
+
+    let ListModelsResponse { items, next_cursor } = to_response::<ListModelsResponse>(response)?;
+
+    let expected_models = vec![
+        Model {
+            id: "gpt-5-codex".to_string(),
+            model: "gpt-5-codex".to_string(),
+            display_name: "gpt-5-codex".to_string(),
+            description: "Optimized for coding tasks with many tools.".to_string(),
+            supported_reasoning_efforts: vec![
+                ReasoningEffortOption {
+                    reasoning_effort: ReasoningEffort::Low,
+                    description: "Fastest responses with limited reasoning".to_string(),
+                },
+                ReasoningEffortOption {
+                    reasoning_effort: ReasoningEffort::Medium,
+                    description: "Dynamically adjusts reasoning based on the task".to_string(),
+                },
+                ReasoningEffortOption {
+                    reasoning_effort: ReasoningEffort::High,
+                    description: "Maximizes reasoning depth for complex or ambiguous problems"
+                        .to_string(),
+                },
+            ],
+            default_reasoning_effort: ReasoningEffort::Medium,
+            is_default: true,
+        },
+        Model {
+            id: "gpt-5".to_string(),
+            model: "gpt-5".to_string(),
+            display_name: "gpt-5".to_string(),
+            description: "Broad world knowledge with strong general reasoning.".to_string(),
+            supported_reasoning_efforts: vec![
+                ReasoningEffortOption {
+                    reasoning_effort: ReasoningEffort::Minimal,
+                    description: "Fastest responses with little reasoning".to_string(),
+                },
+                ReasoningEffortOption {
+                    reasoning_effort: ReasoningEffort::Low,
+                    description: "Balances speed with some reasoning; useful for straightforward \
+                                   queries and short explanations"
+                        .to_string(),
+                },
+                ReasoningEffortOption {
+                    reasoning_effort: ReasoningEffort::Medium,
+                    description: "Provides a solid balance of reasoning depth and latency for \
+                         general-purpose tasks"
+                        .to_string(),
+                },
+                ReasoningEffortOption {
+                    reasoning_effort: ReasoningEffort::High,
+                    description: "Maximizes reasoning depth for complex or ambiguous problems"
+                        .to_string(),
+                },
+            ],
+            default_reasoning_effort: ReasoningEffort::Medium,
+            is_default: false,
+        },
+    ];
+
+    assert_eq!(items, expected_models);
+    assert!(next_cursor.is_none());
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn list_models_pagination_works() -> Result<()> {
+    let codex_home = TempDir::new()?;
+    let mut mcp = McpProcess::new(codex_home.path()).await?;
+
+    timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??;
+
+    let first_request = mcp
+        .send_list_models_request(ListModelsParams {
+            page_size: Some(1),
+            cursor: None,
+        })
+        .await?;
+
+    let first_response: JSONRPCResponse = timeout(
+        DEFAULT_TIMEOUT,
+        mcp.read_stream_until_response_message(RequestId::Integer(first_request)),
+    )
+    .await??;
+
+    let ListModelsResponse {
+        items: first_items,
+        next_cursor: first_cursor,
+    } = to_response::<ListModelsResponse>(first_response)?;
+
+    assert_eq!(first_items.len(), 1);
+    assert_eq!(first_items[0].id, "gpt-5-codex");
+    let next_cursor = first_cursor.ok_or_else(|| anyhow!("cursor for second page"))?;
+
+    let second_request = mcp
+        .send_list_models_request(ListModelsParams {
+            page_size: Some(1),
+            cursor: Some(next_cursor.clone()),
+        })
+        .await?;
+
+    let second_response: JSONRPCResponse = timeout(
+        DEFAULT_TIMEOUT,
+        mcp.read_stream_until_response_message(RequestId::Integer(second_request)),
+    )
+    .await??;
+
+    let ListModelsResponse {
+        items: second_items,
+        next_cursor: second_cursor,
+    } = to_response::<ListModelsResponse>(second_response)?;
+
+    assert_eq!(second_items.len(), 1);
+    assert_eq!(second_items[0].id, "gpt-5");
+    assert!(second_cursor.is_none());
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn list_models_rejects_invalid_cursor() -> Result<()> {
+    let codex_home = TempDir::new()?;
+    let mut mcp = McpProcess::new(codex_home.path()).await?;
+
+    timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??;
+
+    let request_id = mcp
+        .send_list_models_request(ListModelsParams {
+            page_size: None,
+            cursor: Some("invalid".to_string()),
+        })
+        .await?;
+
+    let error: JSONRPCError = timeout(
+        DEFAULT_TIMEOUT,
+        mcp.read_stream_until_error_message(RequestId::Integer(request_id)),
+    )
+    .await??;
+
+    assert_eq!(error.id, RequestId::Integer(request_id));
+    assert_eq!(error.error.code, INVALID_REQUEST_ERROR_CODE);
+    assert_eq!(error.error.message, "invalid cursor: invalid");
+    Ok(())
+}
--- a/codex-rs/app-server/tests/suite/rate_limits.rs
+++ b/codex-rs/app-server/tests/suite/rate_limits.rs
@@ -0,0 +1,215 @@
+use anyhow::Context;
+use anyhow::Result;
+use app_test_support::ChatGptAuthFixture;
+use app_test_support::McpProcess;
+use app_test_support::to_response;
+use app_test_support::write_chatgpt_auth;
+use codex_app_server_protocol::GetAccountRateLimitsResponse;
+use codex_app_server_protocol::JSONRPCError;
+use codex_app_server_protocol::JSONRPCResponse;
+use codex_app_server_protocol::LoginApiKeyParams;
+use codex_app_server_protocol::RequestId;
+use codex_protocol::protocol::RateLimitSnapshot;
+use codex_protocol::protocol::RateLimitWindow;
+use pretty_assertions::assert_eq;
+use serde_json::json;
+use std::path::Path;
+use tempfile::TempDir;
+use tokio::time::timeout;
+use wiremock::Mock;
+use wiremock::MockServer;
+use wiremock::ResponseTemplate;
+use wiremock::matchers::header;
+use wiremock::matchers::method;
+use wiremock::matchers::path;
+
+const DEFAULT_READ_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(10);
+const INVALID_REQUEST_ERROR_CODE: i64 = -32600;
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn get_account_rate_limits_requires_auth() -> Result<()> {
+    let codex_home = TempDir::new().context("create codex home tempdir")?;
+
+    let mut mcp = McpProcess::new_with_env(codex_home.path(), &[("OPENAI_API_KEY", None)])
+        .await
+        .context("spawn mcp process")?;
+    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize())
+        .await
+        .context("initialize timeout")?
+        .context("initialize request")?;
+
+    let request_id = mcp
+        .send_get_account_rate_limits_request()
+        .await
+        .context("send account/rateLimits/read")?;
+
+    let error: JSONRPCError = timeout(
+        DEFAULT_READ_TIMEOUT,
+        mcp.read_stream_until_error_message(RequestId::Integer(request_id)),
+    )
+    .await
+    .context("account/rateLimits/read timeout")?
+    .context("account/rateLimits/read error")?;
+
+    assert_eq!(error.id, RequestId::Integer(request_id));
+    assert_eq!(error.error.code, INVALID_REQUEST_ERROR_CODE);
+    assert_eq!(
+        error.error.message,
+        "codex account authentication required to read rate limits"
+    );
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn get_account_rate_limits_requires_chatgpt_auth() -> Result<()> {
+    let codex_home = TempDir::new().context("create codex home tempdir")?;
+
+    let mut mcp = McpProcess::new(codex_home.path())
+        .await
+        .context("spawn mcp process")?;
+    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize())
+        .await
+        .context("initialize timeout")?
+        .context("initialize request")?;
+
+    login_with_api_key(&mut mcp, "sk-test-key").await?;
+
+    let request_id = mcp
+        .send_get_account_rate_limits_request()
+        .await
+        .context("send account/rateLimits/read")?;
+
+    let error: JSONRPCError = timeout(
+        DEFAULT_READ_TIMEOUT,
+        mcp.read_stream_until_error_message(RequestId::Integer(request_id)),
+    )
+    .await
+    .context("account/rateLimits/read timeout")?
+    .context("account/rateLimits/read error")?;
+
+    assert_eq!(error.id, RequestId::Integer(request_id));
+    assert_eq!(error.error.code, INVALID_REQUEST_ERROR_CODE);
+    assert_eq!(
+        error.error.message,
+        "chatgpt authentication required to read rate limits"
+    );
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn get_account_rate_limits_returns_snapshot() -> Result<()> {
+    let codex_home = TempDir::new().context("create codex home tempdir")?;
+    write_chatgpt_auth(
+        codex_home.path(),
+        ChatGptAuthFixture::new("chatgpt-token")
+            .account_id("account-123")
+            .plan_type("pro"),
+    )
+    .context("write chatgpt auth")?;
+
+    let server = MockServer::start().await;
+    let server_url = server.uri();
+    write_chatgpt_base_url(codex_home.path(), &server_url).context("write chatgpt base url")?;
+
+    let primary_reset_timestamp = chrono::DateTime::parse_from_rfc3339("2025-01-01T00:02:00Z")
+        .expect("parse primary reset timestamp")
+        .timestamp();
+    let secondary_reset_timestamp = chrono::DateTime::parse_from_rfc3339("2025-01-01T01:00:00Z")
+        .expect("parse secondary reset timestamp")
+        .timestamp();
+    let response_body = json!({
+        "plan_type": "pro",
+        "rate_limit": {
+            "allowed": true,
+            "limit_reached": false,
+            "primary_window": {
+                "used_percent": 42,
+                "limit_window_seconds": 3600,
+                "reset_after_seconds": 120,
+                "reset_at": primary_reset_timestamp,
+            },
+            "secondary_window": {
+                "used_percent": 5,
+                "limit_window_seconds": 86400,
+                "reset_after_seconds": 43200,
+                "reset_at": secondary_reset_timestamp,
+            }
+        }
+    });
+
+    Mock::given(method("GET"))
+        .and(path("/api/codex/usage"))
+        .and(header("authorization", "Bearer chatgpt-token"))
+        .and(header("chatgpt-account-id", "account-123"))
+        .respond_with(ResponseTemplate::new(200).set_body_json(response_body))
+        .mount(&server)
+        .await;
+
+    let mut mcp = McpProcess::new_with_env(codex_home.path(), &[("OPENAI_API_KEY", None)])
+        .await
+        .context("spawn mcp process")?;
+    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize())
+        .await
+        .context("initialize timeout")?
+        .context("initialize request")?;
+
+    let request_id = mcp
+        .send_get_account_rate_limits_request()
+        .await
+        .context("send account/rateLimits/read")?;
+
+    let response: JSONRPCResponse = timeout(
+        DEFAULT_READ_TIMEOUT,
+        mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
+    )
+    .await
+    .context("account/rateLimits/read timeout")?
+    .context("account/rateLimits/read response")?;
+
+    let received: GetAccountRateLimitsResponse =
+        to_response(response).context("deserialize rate limit response")?;
+
+    let expected = GetAccountRateLimitsResponse {
+        rate_limits: RateLimitSnapshot {
+            primary: Some(RateLimitWindow {
+                used_percent: 42.0,
+                window_minutes: Some(60),
+                resets_at: Some(primary_reset_timestamp),
+            }),
+            secondary: Some(RateLimitWindow {
+                used_percent: 5.0,
+                window_minutes: Some(1440),
+                resets_at: Some(secondary_reset_timestamp),
+            }),
+        },
+    };
+    assert_eq!(received, expected);
+
+    Ok(())
+}
+
+async fn login_with_api_key(mcp: &mut McpProcess, api_key: &str) -> Result<()> {
+    let request_id = mcp
+        .send_login_api_key_request(LoginApiKeyParams {
+            api_key: api_key.to_string(),
+        })
+        .await
+        .context("send loginApiKey")?;
+
+    timeout(
+        DEFAULT_READ_TIMEOUT,
+        mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
+    )
+    .await
+    .context("loginApiKey timeout")?
+    .context("loginApiKey response")?;
+
+    Ok(())
+}
+
+fn write_chatgpt_base_url(codex_home: &Path, base_url: &str) -> std::io::Result<()> {
+    let config_toml = codex_home.join("config.toml");
+    std::fs::write(config_toml, format!("chatgpt_base_url = \"{base_url}\"\n"))
+}
--- a/codex-rs/app-server/tests/suite/user_info.rs
+++ b/codex-rs/app-server/tests/suite/user_info.rs
@@ -1,20 +1,13 @@
 use std::time::Duration;

-use anyhow::Context;
+use app_test_support::ChatGptAuthFixture;
 use app_test_support::McpProcess;
 use app_test_support::to_response;
-use base64::Engine;
-use base64::engine::general_purpose::URL_SAFE_NO_PAD;
+use app_test_support::write_chatgpt_auth;
 use codex_app_server_protocol::JSONRPCResponse;
 use codex_app_server_protocol::RequestId;
 use codex_app_server_protocol::UserInfoResponse;
-use codex_core::auth::AuthDotJson;
-use codex_core::auth::get_auth_file;
-use codex_core::auth::write_auth_json;
-use codex_core::token_data::IdTokenInfo;
-use codex_core::token_data::TokenData;
 use pretty_assertions::assert_eq;
-use serde_json::json;
 use tempfile::TempDir;
 use tokio::time::timeout;

@@ -24,22 +17,13 @@ const DEFAULT_READ_TIMEOUT: Duration = Duration::from_secs(10);
 async fn user_info_returns_email_from_auth_json() {
    let codex_home = TempDir::new().expect("create tempdir");

-    let auth_path = get_auth_file(codex_home.path());
-    let mut id_token = IdTokenInfo::default();
-    id_token.email = Some("user@example.com".to_string());
-    id_token.raw_jwt = encode_id_token_with_email("user@example.com").expect("encode id token");
-
-    let auth = AuthDotJson {
-        openai_api_key: None,
-        tokens: Some(TokenData {
-            id_token,
-            access_token: "access".to_string(),
-            refresh_token: "refresh".to_string(),
-            account_id: None,
-        }),
-        last_refresh: None,
-    };
-    write_auth_json(&auth_path, &auth).expect("write auth.json");
+    write_chatgpt_auth(
+        codex_home.path(),
+        ChatGptAuthFixture::new("access")
+            .refresh_token("refresh")
+            .email("user@example.com"),
+    )
+    .expect("write chatgpt auth");

    let mut mcp = McpProcess::new(codex_home.path())
        .await
@@ -65,14 +49,3 @@ async fn user_info_returns_email_from_auth_json() {

    assert_eq!(received, expected);
 }
-
-fn encode_id_token_with_email(email: &str) -> anyhow::Result<String> {
-    let header_b64 = URL_SAFE_NO_PAD.encode(
-        serde_json::to_vec(&json!({ "alg": "none", "typ": "JWT" }))
-            .context("serialize jwt header")?,
-    );
-    let payload =
-        serde_json::to_vec(&json!({ "email": email })).context("serialize jwt payload")?;
-    let payload_b64 = URL_SAFE_NO_PAD.encode(payload);
-    Ok(format!("{header_b64}.{payload_b64}.signature"))
-}
--- a/codex-rs/apply-patch/tests/suite/mod.rs
+++ b/codex-rs/apply-patch/tests/suite/mod.rs
@@ -1 +1,3 @@
 mod cli;
+#[cfg(not(target_os = "windows"))]
+mod tool;
--- a/codex-rs/apply-patch/tests/suite/tool.rs
+++ b/codex-rs/apply-patch/tests/suite/tool.rs
@@ -0,0 +1,257 @@
+use assert_cmd::Command;
+use pretty_assertions::assert_eq;
+use std::fs;
+use std::path::Path;
+use tempfile::tempdir;
+
+fn run_apply_patch_in_dir(dir: &Path, patch: &str) -> anyhow::Result<assert_cmd::assert::Assert> {
+    let mut cmd = Command::cargo_bin("apply_patch")?;
+    cmd.current_dir(dir);
+    Ok(cmd.arg(patch).assert())
+}
+
+fn apply_patch_command(dir: &Path) -> anyhow::Result<Command> {
+    let mut cmd = Command::cargo_bin("apply_patch")?;
+    cmd.current_dir(dir);
+    Ok(cmd)
+}
+
+#[test]
+fn test_apply_patch_cli_applies_multiple_operations() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    let modify_path = tmp.path().join("modify.txt");
+    let delete_path = tmp.path().join("delete.txt");
+
+    fs::write(&modify_path, "line1\nline2\n")?;
+    fs::write(&delete_path, "obsolete\n")?;
+
+    let patch = "*** Begin Patch\n*** Add File: nested/new.txt\n+created\n*** Delete File: delete.txt\n*** Update File: modify.txt\n@@\n-line2\n+changed\n*** End Patch";
+
+    run_apply_patch_in_dir(tmp.path(), patch)?.success().stdout(
+        "Success. Updated the following files:\nA nested/new.txt\nM modify.txt\nD delete.txt\n",
+    );
+
+    assert_eq!(
+        fs::read_to_string(tmp.path().join("nested/new.txt"))?,
+        "created\n"
+    );
+    assert_eq!(fs::read_to_string(&modify_path)?, "line1\nchanged\n");
+    assert!(!delete_path.exists());
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_applies_multiple_chunks() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    let target_path = tmp.path().join("multi.txt");
+    fs::write(&target_path, "line1\nline2\nline3\nline4\n")?;
+
+    let patch = "*** Begin Patch\n*** Update File: multi.txt\n@@\n-line2\n+changed2\n@@\n-line4\n+changed4\n*** End Patch";
+
+    run_apply_patch_in_dir(tmp.path(), patch)?
+        .success()
+        .stdout("Success. Updated the following files:\nM multi.txt\n");
+
+    assert_eq!(
+        fs::read_to_string(&target_path)?,
+        "line1\nchanged2\nline3\nchanged4\n"
+    );
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_moves_file_to_new_directory() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    let original_path = tmp.path().join("old/name.txt");
+    let new_path = tmp.path().join("renamed/dir/name.txt");
+    fs::create_dir_all(original_path.parent().expect("parent should exist"))?;
+    fs::write(&original_path, "old content\n")?;
+
+    let patch = "*** Begin Patch\n*** Update File: old/name.txt\n*** Move to: renamed/dir/name.txt\n@@\n-old content\n+new content\n*** End Patch";
+
+    run_apply_patch_in_dir(tmp.path(), patch)?
+        .success()
+        .stdout("Success. Updated the following files:\nM renamed/dir/name.txt\n");
+
+    assert!(!original_path.exists());
+    assert_eq!(fs::read_to_string(&new_path)?, "new content\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_rejects_empty_patch() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+
+    apply_patch_command(tmp.path())?
+        .arg("*** Begin Patch\n*** End Patch")
+        .assert()
+        .failure()
+        .stderr("No files were modified.\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_reports_missing_context() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    let target_path = tmp.path().join("modify.txt");
+    fs::write(&target_path, "line1\nline2\n")?;
+
+    apply_patch_command(tmp.path())?
+        .arg("*** Begin Patch\n*** Update File: modify.txt\n@@\n-missing\n+changed\n*** End Patch")
+        .assert()
+        .failure()
+        .stderr("Failed to find expected lines in modify.txt:\nmissing\n");
+    assert_eq!(fs::read_to_string(&target_path)?, "line1\nline2\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_rejects_missing_file_delete() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+
+    apply_patch_command(tmp.path())?
+        .arg("*** Begin Patch\n*** Delete File: missing.txt\n*** End Patch")
+        .assert()
+        .failure()
+        .stderr("Failed to delete file missing.txt\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_rejects_empty_update_hunk() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+
+    apply_patch_command(tmp.path())?
+        .arg("*** Begin Patch\n*** Update File: foo.txt\n*** End Patch")
+        .assert()
+        .failure()
+        .stderr("Invalid patch hunk on line 2: Update file hunk for path 'foo.txt' is empty\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_requires_existing_file_for_update() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+
+    apply_patch_command(tmp.path())?
+        .arg("*** Begin Patch\n*** Update File: missing.txt\n@@\n-old\n+new\n*** End Patch")
+        .assert()
+        .failure()
+        .stderr(
+            "Failed to read file to update missing.txt: No such file or directory (os error 2)\n",
+        );
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_move_overwrites_existing_destination() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    let original_path = tmp.path().join("old/name.txt");
+    let destination = tmp.path().join("renamed/dir/name.txt");
+    fs::create_dir_all(original_path.parent().expect("parent should exist"))?;
+    fs::create_dir_all(destination.parent().expect("parent should exist"))?;
+    fs::write(&original_path, "from\n")?;
+    fs::write(&destination, "existing\n")?;
+
+    run_apply_patch_in_dir(
+        tmp.path(),
+        "*** Begin Patch\n*** Update File: old/name.txt\n*** Move to: renamed/dir/name.txt\n@@\n-from\n+new\n*** End Patch",
+    )?
+    .success()
+    .stdout("Success. Updated the following files:\nM renamed/dir/name.txt\n");
+
+    assert!(!original_path.exists());
+    assert_eq!(fs::read_to_string(&destination)?, "new\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_add_overwrites_existing_file() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    let path = tmp.path().join("duplicate.txt");
+    fs::write(&path, "old content\n")?;
+
+    run_apply_patch_in_dir(
+        tmp.path(),
+        "*** Begin Patch\n*** Add File: duplicate.txt\n+new content\n*** End Patch",
+    )?
+    .success()
+    .stdout("Success. Updated the following files:\nA duplicate.txt\n");
+
+    assert_eq!(fs::read_to_string(&path)?, "new content\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_delete_directory_fails() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    fs::create_dir(tmp.path().join("dir"))?;
+
+    apply_patch_command(tmp.path())?
+        .arg("*** Begin Patch\n*** Delete File: dir\n*** End Patch")
+        .assert()
+        .failure()
+        .stderr("Failed to delete file dir\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_rejects_invalid_hunk_header() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+
+    apply_patch_command(tmp.path())?
+        .arg("*** Begin Patch\n*** Frobnicate File: foo\n*** End Patch")
+        .assert()
+        .failure()
+        .stderr("Invalid patch hunk on line 2: '*** Frobnicate File: foo' is not a valid hunk header. Valid hunk headers: '*** Add File: {path}', '*** Delete File: {path}', '*** Update File: {path}'\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_updates_file_appends_trailing_newline() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    let target_path = tmp.path().join("no_newline.txt");
+    fs::write(&target_path, "no newline at end")?;
+
+    run_apply_patch_in_dir(
+        tmp.path(),
+        "*** Begin Patch\n*** Update File: no_newline.txt\n@@\n-no newline at end\n+first line\n+second line\n*** End Patch",
+    )?
+    .success()
+    .stdout("Success. Updated the following files:\nM no_newline.txt\n");
+
+    let contents = fs::read_to_string(&target_path)?;
+    assert!(contents.ends_with('\n'));
+    assert_eq!(contents, "first line\nsecond line\n");
+
+    Ok(())
+}
+
+#[test]
+fn test_apply_patch_cli_failure_after_partial_success_leaves_changes() -> anyhow::Result<()> {
+    let tmp = tempdir()?;
+    let new_file = tmp.path().join("created.txt");
+
+    apply_patch_command(tmp.path())?
+        .arg("*** Begin Patch\n*** Add File: created.txt\n+hello\n*** Update File: missing.txt\n@@\n-old\n+new\n*** End Patch")
+        .assert()
+        .failure()
+        .stdout("")
+        .stderr("Failed to read file to update missing.txt: No such file or directory (os error 2)\n");
+
+    assert_eq!(fs::read_to_string(&new_file)?, "hello\n");
+
+    Ok(())
+}
--- a/codex-rs/async-utils/Cargo.toml
+++ b/codex-rs/async-utils/Cargo.toml
@@ -0,0 +1,15 @@
+[package]
+edition.workspace = true
+name = "codex-async-utils"
+version.workspace = true
+
+[lints]
+workspace = true
+
+[dependencies]
+async-trait.workspace = true
+tokio = { workspace = true, features = ["macros", "rt", "rt-multi-thread", "time"] }
+tokio-util.workspace = true
+
+[dev-dependencies]
+pretty_assertions.workspace = true
--- a/codex-rs/async-utils/src/lib.rs
+++ b/codex-rs/async-utils/src/lib.rs
@@ -0,0 +1,86 @@
+use async_trait::async_trait;
+use std::future::Future;
+use tokio_util::sync::CancellationToken;
+
+#[derive(Debug, PartialEq, Eq)]
+pub enum CancelErr {
+    Cancelled,
+}
+
+#[async_trait]
+pub trait OrCancelExt: Sized {
+    type Output;
+
+    async fn or_cancel(self, token: &CancellationToken) -> Result<Self::Output, CancelErr>;
+}
+
+#[async_trait]
+impl<F> OrCancelExt for F
+where
+    F: Future + Send,
+    F::Output: Send,
+{
+    type Output = F::Output;
+
+    async fn or_cancel(self, token: &CancellationToken) -> Result<Self::Output, CancelErr> {
+        tokio::select! {
+            _ = token.cancelled() => Err(CancelErr::Cancelled),
+            res = self => Ok(res),
+        }
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use pretty_assertions::assert_eq;
+    use std::time::Duration;
+    use tokio::task;
+    use tokio::time::sleep;
+
+    #[tokio::test]
+    async fn returns_ok_when_future_completes_first() {
+        let token = CancellationToken::new();
+        let value = async { 42 };
+
+        let result = value.or_cancel(&token).await;
+
+        assert_eq!(Ok(42), result);
+    }
+
+    #[tokio::test]
+    async fn returns_err_when_token_cancelled_first() {
+        let token = CancellationToken::new();
+        let token_clone = token.clone();
+
+        let cancel_handle = task::spawn(async move {
+            sleep(Duration::from_millis(10)).await;
+            token_clone.cancel();
+        });
+
+        let result = async {
+            sleep(Duration::from_millis(100)).await;
+            7
+        }
+        .or_cancel(&token)
+        .await;
+
+        cancel_handle.await.expect("cancel task panicked");
+        assert_eq!(Err(CancelErr::Cancelled), result);
+    }
+
+    #[tokio::test]
+    async fn returns_err_when_token_already_cancelled() {
+        let token = CancellationToken::new();
+        token.cancel();
+
+        let result = async {
+            sleep(Duration::from_millis(50)).await;
+            5
+        }
+        .or_cancel(&token)
+        .await;
+
+        assert_eq!(Err(CancelErr::Cancelled), result);
+    }
+}
--- a/codex-rs/backend-client/Cargo.toml
+++ b/codex-rs/backend-client/Cargo.toml
@@ -13,6 +13,8 @@ serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls"] }
 codex-backend-openapi-models = { path = "../codex-backend-openapi-models" }
+codex-protocol = { workspace = true }
+codex-core = { workspace = true }

 [dev-dependencies]
 pretty_assertions = "1"
--- a/codex-rs/backend-client/src/client.rs
+++ b/codex-rs/backend-client/src/client.rs
@@ -1,7 +1,13 @@
 use crate::types::CodeTaskDetailsResponse;
 use crate::types::PaginatedListTaskListItem;
+use crate::types::RateLimitStatusPayload;
+use crate::types::RateLimitWindowSnapshot;
 use crate::types::TurnAttemptsSiblingTurnsResponse;
 use anyhow::Result;
+use codex_core::auth::CodexAuth;
+use codex_core::default_client::get_codex_user_agent;
+use codex_protocol::protocol::RateLimitSnapshot;
+use codex_protocol::protocol::RateLimitWindow;
 use reqwest::header::AUTHORIZATION;
 use reqwest::header::CONTENT_TYPE;
 use reqwest::header::HeaderMap;
@@ -64,6 +70,17 @@ impl Client {
        })
    }

+    pub async fn from_auth(base_url: impl Into<String>, auth: &CodexAuth) -> Result<Self> {
+        let token = auth.get_token().await.map_err(anyhow::Error::from)?;
+        let mut client = Self::new(base_url)?
+            .with_user_agent(get_codex_user_agent())
+            .with_bearer_token(token);
+        if let Some(account_id) = auth.get_account_id() {
+            client = client.with_chatgpt_account_id(account_id);
+        }
+        Ok(client)
+    }
+
    pub fn with_bearer_token(mut self, token: impl Into<String>) -> Self {
        self.bearer_token = Some(token.into());
        self
@@ -138,6 +155,17 @@ impl Client {
        }
    }

+    pub async fn get_rate_limits(&self) -> Result<RateLimitSnapshot> {
+        let url = match self.path_style {
+            PathStyle::CodexApi => format!("{}/api/codex/usage", self.base_url),
+            PathStyle::ChatGptApi => format!("{}/wham/usage", self.base_url),
+        };
+        let req = self.http.get(&url).headers(self.headers());
+        let (body, ct) = self.exec_request(req, "GET", &url).await?;
+        let payload: RateLimitStatusPayload = self.decode_json(&url, &ct, &body)?;
+        Ok(Self::rate_limit_snapshot_from_payload(payload))
+    }
+
    pub async fn list_tasks(
        &self,
        limit: Option<i32>,
@@ -241,4 +269,49 @@ impl Client {
            Err(e) => anyhow::bail!("Decode error for {url}: {e}; content-type={ct}; body={body}"),
        }
    }
+
+    // rate limit helpers
+    fn rate_limit_snapshot_from_payload(payload: RateLimitStatusPayload) -> RateLimitSnapshot {
+        let Some(details) = payload
+            .rate_limit
+            .and_then(|inner| inner.map(|boxed| *boxed))
+        else {
+            return RateLimitSnapshot {
+                primary: None,
+                secondary: None,
+            };
+        };
+
+        RateLimitSnapshot {
+            primary: Self::map_rate_limit_window(details.primary_window),
+            secondary: Self::map_rate_limit_window(details.secondary_window),
+        }
+    }
+
+    fn map_rate_limit_window(
+        window: Option<Option<Box<RateLimitWindowSnapshot>>>,
+    ) -> Option<RateLimitWindow> {
+        let snapshot = match window {
+            Some(Some(snapshot)) => *snapshot,
+            _ => return None,
+        };
+
+        let used_percent = f64::from(snapshot.used_percent);
+        let window_minutes = Self::window_minutes_from_seconds(snapshot.limit_window_seconds);
+        let resets_at = Some(i64::from(snapshot.reset_at));
+        Some(RateLimitWindow {
+            used_percent,
+            window_minutes,
+            resets_at,
+        })
+    }
+
+    fn window_minutes_from_seconds(seconds: i32) -> Option<i64> {
+        if seconds <= 0 {
+            return None;
+        }
+
+        let seconds_i64 = i64::from(seconds);
+        Some((seconds_i64 + 59) / 60)
+    }
 }
--- a/codex-rs/backend-client/src/types.rs
+++ b/codex-rs/backend-client/src/types.rs
@@ -1,4 +1,8 @@
 pub use codex_backend_openapi_models::models::PaginatedListTaskListItem;
+pub use codex_backend_openapi_models::models::PlanType;
+pub use codex_backend_openapi_models::models::RateLimitStatusDetails;
+pub use codex_backend_openapi_models::models::RateLimitStatusPayload;
+pub use codex_backend_openapi_models::models::RateLimitWindowSnapshot;
 pub use codex_backend_openapi_models::models::TaskListItem;

 use serde::Deserialize;
--- a/codex-rs/cli/Cargo.toml
+++ b/codex-rs/cli/Cargo.toml
@@ -19,8 +19,10 @@ anyhow = { workspace = true }
 clap = { workspace = true, features = ["derive"] }
 clap_complete = { workspace = true }
 codex-app-server = { workspace = true }
+codex-app-server-protocol = { workspace = true }
 codex-arg0 = { workspace = true }
 codex-chatgpt = { workspace = true }
+codex-cloud-tasks = { path = "../cloud-tasks" }
 codex-common = { workspace = true, features = ["cli"] }
 codex-core = { workspace = true }
 codex-exec = { workspace = true }
@@ -28,14 +30,12 @@ codex-login = { workspace = true }
 codex-mcp-server = { workspace = true }
 codex-process-hardening = { workspace = true }
 codex-protocol = { workspace = true }
-codex-app-server-protocol = { workspace = true }
 codex-protocol-ts = { workspace = true }
 codex-responses-api-proxy = { workspace = true }
-codex-tui = { workspace = true }
 codex-rmcp-client = { workspace = true }
-codex-cloud-tasks = { path = "../cloud-tasks" }
+codex-stdio-to-uds = { workspace = true }
+codex-tui = { workspace = true }
 ctor = { workspace = true }
-crossterm = { workspace = true }
 owo-colors = { workspace = true }
 serde_json = { workspace = true }
 supports-color = { workspace = true }
@@ -46,17 +46,10 @@ tokio = { workspace = true, features = [
    "rt-multi-thread",
    "signal",
 ] }
-codex-infty = { path = "../codex-infty" }
-chrono = { workspace = true }
-serde = { workspace = true, features = ["derive"] }
-tracing = "0.1.41"
-tracing-appender = "0.2.3"
-tracing-subscriber = { version = "0.3.19", features = ["env-filter"] }
-textwrap = { workspace = true }

 [dev-dependencies]
-assert_matches = { workspace = true }
 assert_cmd = { workspace = true }
+assert_matches = { workspace = true }
 predicates = { workspace = true }
 pretty_assertions = { workspace = true }
 tempfile = { workspace = true }
--- a/codex-rs/cli/src/infty/args.rs
+++ b/codex-rs/cli/src/infty/args.rs
@@ -1,115 +0,0 @@
-use std::path::PathBuf;
-
-use anyhow::Result;
-use clap::Parser;
-use clap::Subcommand;
-use codex_common::CliConfigOverrides;
-use codex_protocol::config_types::ReasoningEffort;
-
-use super::commands;
-
-#[derive(Debug, Parser)]
-pub struct InftyCli {
-    #[clap(flatten)]
-    pub config_overrides: CliConfigOverrides,
-
-    /// Override the default runs root (`~/.codex/infty`).
-    #[arg(long = "runs-root", value_name = "DIR")]
-    pub runs_root: Option<PathBuf>,
-
-    #[command(subcommand)]
-    command: InftyCommand,
-}
-
-#[derive(Debug, Subcommand)]
-enum InftyCommand {
-    /// Create a new run store and spawn solver/director sessions.
-    Create(CreateArgs),
-
-    /// List stored runs.
-    List(ListArgs),
-
-    /// Show metadata for a stored run.
-    Show(ShowArgs),
-    // resumable runs are disabled; Drive command removed
-}
-
-#[derive(Debug, Parser)]
-pub(crate) struct CreateArgs {
-    /// Explicit run id. If omitted, a timestamp-based id is generated.
-    #[arg(long = "run-id", value_name = "RUN_ID")]
-    pub run_id: Option<String>,
-
-    /// Optional objective to send to the solver immediately after creation.
-    #[arg(long)]
-    pub objective: Option<String>,
-
-    /// Timeout in seconds when waiting for the solver reply to --objective.
-    #[arg(long = "timeout-secs", default_value_t = super::commands::DEFAULT_TIMEOUT_SECS)]
-    pub timeout_secs: u64,
-
-    /// Override only the Director's model (solver and verifiers keep defaults).
-    #[arg(long = "director-model", value_name = "MODEL")]
-    pub director_model: Option<String>,
-
-    /// Override only the Director's reasoning effort (minimal|low|medium|high).
-    #[arg(
-        long = "director-effort",
-        value_name = "LEVEL",
-        value_parser = parse_reasoning_effort
-    )]
-    pub director_effort: Option<ReasoningEffort>,
-}
-
-#[derive(Debug, Parser)]
-pub(crate) struct ListArgs {
-    /// Emit JSON describing the stored runs.
-    #[arg(long)]
-    pub json: bool,
-}
-
-#[derive(Debug, Parser)]
-pub(crate) struct ShowArgs {
-    /// Run id to display.
-    #[arg(value_name = "RUN_ID")]
-    pub run_id: String,
-
-    /// Emit JSON metadata instead of human-readable text.
-    #[arg(long)]
-    pub json: bool,
-}
-
-// resumable runs are disabled; DriveArgs removed
-
-impl InftyCli {
-    pub async fn run(self) -> Result<()> {
-        let InftyCli {
-            config_overrides,
-            runs_root,
-            command,
-        } = self;
-
-        match command {
-            InftyCommand::Create(args) => {
-                commands::run_create(config_overrides, runs_root, args).await?;
-            }
-            InftyCommand::List(args) => commands::run_list(runs_root, args)?,
-            InftyCommand::Show(args) => commands::run_show(runs_root, args)?,
-            // Drive removed
-        }
-
-        Ok(())
-    }
-}
-
-fn parse_reasoning_effort(s: &str) -> Result<ReasoningEffort, String> {
-    match s.trim().to_ascii_lowercase().as_str() {
-        "minimal" => Ok(ReasoningEffort::Minimal),
-        "low" => Ok(ReasoningEffort::Low),
-        "medium" => Ok(ReasoningEffort::Medium),
-        "high" => Ok(ReasoningEffort::High),
-        _ => Err(format!(
-            "invalid reasoning effort: {s}. Expected one of: minimal|low|medium|high"
-        )),
-    }
-}
--- a/codex-rs/cli/src/infty/commands.rs
+++ b/codex-rs/cli/src/infty/commands.rs
@@ -1,438 +0,0 @@
-use std::fs;
-use std::fs::OpenOptions;
-use std::io;
-use std::path::Path;
-use std::path::PathBuf;
-use std::sync::Arc;
-use std::time::Duration;
-use std::time::Instant;
-
-use anyhow::Context;
-use anyhow::Result;
-use anyhow::anyhow;
-use anyhow::bail;
-use chrono::SecondsFormat;
-use chrono::Utc;
-use codex_common::CliConfigOverrides;
-use codex_core::CodexAuth;
-use codex_core::auth::read_codex_api_key_from_env;
-use codex_core::auth::read_openai_api_key_from_env;
-use codex_core::config::Config;
-use codex_core::config::ConfigOverrides;
-use codex_infty::InftyOrchestrator;
-use codex_infty::RoleConfig;
-use codex_infty::RunExecutionOptions;
-use codex_infty::RunParams;
-use codex_infty::RunStore;
-use owo_colors::OwoColorize;
-use serde::Serialize;
-use std::sync::OnceLock;
-use supports_color::Stream;
-use tracing_appender::non_blocking;
-use tracing_subscriber::EnvFilter;
-use tracing_subscriber::prelude::*;
-
-use super::args::CreateArgs;
-use super::args::ListArgs;
-use super::args::ShowArgs;
-use super::progress::TerminalProgressReporter;
-use super::summary::print_run_summary_box;
-
-const DEFAULT_VERIFIER_ROLES: [&str; 3] = ["verifier-alpha", "verifier-beta", "verifier-gamma"];
-
-pub(crate) const DEFAULT_TIMEOUT_SECS: u64 = 6000;
-
-#[derive(Debug, Serialize)]
-struct RunSummary {
-    run_id: String,
-    path: String,
-    created_at: String,
-    updated_at: String,
-    roles: Vec<String>,
-}
-
-pub(crate) async fn run_create(
-    config_overrides: CliConfigOverrides,
-    runs_root_override: Option<PathBuf>,
-    args: CreateArgs,
-) -> Result<()> {
-    let config = load_config(config_overrides).await?;
-    init_infty_logging(&config)?;
-    let auth = load_auth(&config)?;
-    let runs_root = resolve_runs_root(runs_root_override)?;
-    let color_enabled = supports_color::on(Stream::Stdout).is_some();
-
-    let mut run_id = if let Some(id) = args.run_id {
-        id
-    } else {
-        generate_run_id()
-    };
-    run_id = run_id.trim().to_string();
-    validate_run_id(&run_id)?;
-
-    let run_path = runs_root.join(&run_id);
-    if run_path.exists() {
-        bail!("run {run_id} already exists at {}", run_path.display());
-    }
-
-    let orchestrator = InftyOrchestrator::with_runs_root(auth, runs_root).with_progress(Arc::new(
-        TerminalProgressReporter::with_color(color_enabled),
-    ));
-    let verifiers: Vec<RoleConfig> = DEFAULT_VERIFIER_ROLES
-        .iter()
-        .map(|role| RoleConfig::new(role.to_string(), config.clone()))
-        .collect();
-    let mut director_config = config.clone();
-    if let Some(model) = args.director_model.as_deref() {
-        director_config.model = model.to_string();
-    }
-    if let Some(effort) = args.director_effort {
-        director_config.model_reasoning_effort = Some(effort);
-    }
-    let run_params = RunParams {
-        run_id: run_id.clone(),
-        run_root: Some(run_path.clone()),
-        solver: RoleConfig::new("solver", config.clone()),
-        director: RoleConfig::new("director", director_config),
-        verifiers,
-    };
-
-    if let Some(objective) = args.objective {
-        let timeout = Duration::from_secs(args.timeout_secs);
-        let options = RunExecutionOptions {
-            objective: Some(objective),
-            director_timeout: timeout,
-            verifier_timeout: timeout,
-        };
-
-        let start = Instant::now();
-        let start_header = format!("Starting run {run_id}");
-        if color_enabled {
-            println!("{}", start_header.blue().bold());
-        } else {
-            println!("{start_header}");
-        }
-        let location_line = format!("  run directory: {}", run_path.display());
-        if color_enabled {
-            println!("{}", location_line.dimmed());
-        } else {
-            println!("{location_line}");
-        }
-        if let Some(objective_text) = options.objective.as_deref()
-            && !objective_text.trim().is_empty()
-        {
-            let objective_line = format!("  objective: {objective_text}");
-            if color_enabled {
-                println!("{}", objective_line.dimmed());
-            } else {
-                println!("{objective_line}");
-            }
-        }
-        println!();
-
-        let objective_snapshot = options.objective.clone();
-        let outcome = orchestrator
-            .execute_new_run(run_params, options)
-            .await
-            .with_context(|| format!("failed to execute run {run_id}"))?;
-        let duration = start.elapsed();
-        print_run_summary_box(
-            color_enabled,
-            &run_id,
-            &run_path,
-            &outcome.deliverable_path,
-            outcome.summary.as_deref(),
-            objective_snapshot.as_deref(),
-            duration,
-        );
-    } else {
-        let sessions = orchestrator
-            .spawn_run(run_params)
-            .await
-            .with_context(|| format!("failed to create run {run_id}"))?;
-
-        println!(
-            "Created run {run_id} at {}",
-            sessions.store.path().display()
-        );
-    }
-
-    Ok(())
-}
-
-pub(crate) fn run_list(runs_root_override: Option<PathBuf>, args: ListArgs) -> Result<()> {
-    // Initialize logging using default Codex home discovery.
-    let _ = init_infty_logging_from_home();
-    let runs_root = resolve_runs_root(runs_root_override)?;
-    let listings = collect_run_summaries(&runs_root)?;
-
-    if args.json {
-        println!("{}", serde_json::to_string_pretty(&listings)?);
-        return Ok(());
-    }
-
-    if listings.is_empty() {
-        println!("No runs found under {}", runs_root.display());
-        return Ok(());
-    }
-
-    println!("Runs in {}", runs_root.display());
-    for summary in listings {
-        println!(
-            "{}\t{}\t{}",
-            summary.run_id, summary.updated_at, summary.path
-        );
-    }
-
-    Ok(())
-}
-
-pub(crate) fn run_show(runs_root_override: Option<PathBuf>, args: ShowArgs) -> Result<()> {
-    validate_run_id(&args.run_id)?;
-    let _ = init_infty_logging_from_home();
-    let runs_root = resolve_runs_root(runs_root_override)?;
-    let run_path = runs_root.join(&args.run_id);
-    let store =
-        RunStore::load(&run_path).with_context(|| format!("failed to load run {}", args.run_id))?;
-    let metadata = store.metadata();
-
-    let summary = RunSummary {
-        run_id: metadata.run_id.clone(),
-        path: run_path.display().to_string(),
-        created_at: metadata
-            .created_at
-            .to_rfc3339_opts(SecondsFormat::Secs, true),
-        updated_at: metadata
-            .updated_at
-            .to_rfc3339_opts(SecondsFormat::Secs, true),
-        roles: metadata
-            .roles
-            .iter()
-            .map(|role| role.role.clone())
-            .collect(),
-    };
-
-    if args.json {
-        println!("{}", serde_json::to_string_pretty(&summary)?);
-        return Ok(());
-    }
-
-    println!("Run: {}", summary.run_id);
-    println!("Path: {}", summary.path);
-    println!("Created: {}", summary.created_at);
-    println!("Updated: {}", summary.updated_at);
-    println!("Roles: {}", summary.roles.join(", "));
-
-    Ok(())
-}
-
-// resumable runs are disabled; run_drive removed
-
-fn generate_run_id() -> String {
-    let timestamp = Utc::now().format("run-%Y%m%d-%H%M%S");
-    format!("{timestamp}")
-}
-
-pub(crate) fn validate_run_id(run_id: &str) -> Result<()> {
-    if run_id.is_empty() {
-        bail!("run id must not be empty");
-    }
-    if run_id.starts_with('.') || run_id.ends_with('.') {
-        bail!("run id must not begin or end with '.'");
-    }
-    if run_id
-        .chars()
-        .any(|c| !(c.is_ascii_alphanumeric() || matches!(c, '-' | '_' | '.')))
-    {
-        bail!("run id may only contain ASCII alphanumerics, '-', '_', or '.'");
-    }
-    Ok(())
-}
-
-async fn load_config(cli_overrides: CliConfigOverrides) -> Result<Config> {
-    let overrides = cli_overrides
-        .parse_overrides()
-        .map_err(|err| anyhow!("failed to parse -c overrides: {err}"))?;
-    Config::load_with_cli_overrides(overrides, ConfigOverrides::default())
-        .await
-        .context("failed to load Codex configuration")
-}
-
-fn load_auth(config: &Config) -> Result<CodexAuth> {
-    if let Some(auth) =
-        CodexAuth::from_codex_home(&config.codex_home).context("failed to read auth.json")?
-    {
-        return Ok(auth);
-    }
-    if let Some(api_key) = read_codex_api_key_from_env() {
-        return Ok(CodexAuth::from_api_key(&api_key));
-    }
-    if let Some(api_key) = read_openai_api_key_from_env() {
-        return Ok(CodexAuth::from_api_key(&api_key));
-    }
-    bail!("no Codex authentication found. Run `codex login` or set OPENAI_API_KEY.");
-}
-
-fn resolve_runs_root(override_path: Option<PathBuf>) -> Result<PathBuf> {
-    if let Some(path) = override_path {
-        return Ok(path);
-    }
-    codex_infty::default_runs_root()
-}
-
-fn collect_run_summaries(root: &Path) -> Result<Vec<RunSummary>> {
-    let mut summaries = Vec::new();
-    let iter = match fs::read_dir(root) {
-        Ok(read_dir) => read_dir,
-        Err(err) if err.kind() == io::ErrorKind::NotFound => return Ok(summaries),
-        Err(err) => {
-            return Err(
-                anyhow!(err).context(format!("failed to read runs root {}", root.display()))
-            );
-        }
-    };
-
-    for entry in iter {
-        let entry = entry?;
-        if !entry.file_type()?.is_dir() {
-            continue;
-        }
-        let run_path = entry.path();
-        let store = match RunStore::load(&run_path) {
-            Ok(store) => store,
-            Err(err) => {
-                eprintln!(
-                    "Skipping {}: failed to load run metadata: {err}",
-                    run_path.display()
-                );
-                continue;
-            }
-        };
-        let metadata = store.metadata();
-        summaries.push(RunSummary {
-            run_id: metadata.run_id.clone(),
-            path: run_path.display().to_string(),
-            created_at: metadata
-                .created_at
-                .to_rfc3339_opts(SecondsFormat::Secs, true),
-            updated_at: metadata
-                .updated_at
-                .to_rfc3339_opts(SecondsFormat::Secs, true),
-            roles: metadata
-                .roles
-                .iter()
-                .map(|role| role.role.clone())
-                .collect(),
-        });
-    }
-
-    summaries.sort_by(|a, b| b.updated_at.cmp(&a.updated_at));
-    Ok(summaries)
-}
-
-fn init_infty_logging(config: &codex_core::config::Config) -> std::io::Result<()> {
-    let log_dir = codex_core::config::log_dir(config)?;
-    std::fs::create_dir_all(&log_dir)?;
-
-    let mut log_file_opts = OpenOptions::new();
-    log_file_opts.create(true).append(true);
-
-    #[cfg(unix)]
-    {
-        use std::os::unix::fs::OpenOptionsExt;
-        log_file_opts.mode(0o600);
-    }
-
-    let log_file = log_file_opts.open(log_dir.join("codex-infty.log"))?;
-    let (non_blocking, guard) = non_blocking(log_file);
-    static INFTY_LOG_GUARD: OnceLock<tracing_appender::non_blocking::WorkerGuard> = OnceLock::new();
-    let _ = INFTY_LOG_GUARD.set(guard);
-
-    // Use RUST_LOG if set, otherwise default to info for common codex crates
-    let env_filter = || {
-        EnvFilter::try_from_default_env()
-            .unwrap_or_else(|_| EnvFilter::new("codex_core=info,codex_infty=info,codex_cli=info"))
-    };
-
-    let file_layer = tracing_subscriber::fmt::layer()
-        .with_writer(non_blocking)
-        .with_target(false)
-        .with_span_events(tracing_subscriber::fmt::format::FmtSpan::CLOSE)
-        .with_filter(env_filter());
-
-    // Initialize once; subsequent calls are no‑ops.
-    let _ = tracing_subscriber::registry().with(file_layer).try_init();
-    Ok(())
-}
-
-fn init_infty_logging_from_home() -> std::io::Result<()> {
-    let mut log_dir = codex_core::config::find_codex_home()?;
-    log_dir.push("log");
-    std::fs::create_dir_all(&log_dir)?;
-
-    let mut log_file_opts = OpenOptions::new();
-    log_file_opts.create(true).append(true);
-
-    #[cfg(unix)]
-    {
-        use std::os::unix::fs::OpenOptionsExt;
-        log_file_opts.mode(0o600);
-    }
-
-    let log_file = log_file_opts.open(log_dir.join("codex-infty.log"))?;
-    let (non_blocking, guard) = non_blocking(log_file);
-    static INFTY_LOG_GUARD: OnceLock<tracing_appender::non_blocking::WorkerGuard> = OnceLock::new();
-    let _ = INFTY_LOG_GUARD.set(guard);
-
-    let env_filter = || {
-        EnvFilter::try_from_default_env()
-            .unwrap_or_else(|_| EnvFilter::new("codex_core=info,codex_infty=info,codex_cli=info"))
-    };
-
-    let file_layer = tracing_subscriber::fmt::layer()
-        .with_writer(non_blocking)
-        .with_target(false)
-        .with_span_events(tracing_subscriber::fmt::format::FmtSpan::CLOSE)
-        .with_filter(env_filter());
-
-    let _ = tracing_subscriber::registry().with(file_layer).try_init();
-    Ok(())
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use tempfile::TempDir;
-
-    #[test]
-    fn default_verifier_roles_are_stable() {
-        assert_eq!(
-            DEFAULT_VERIFIER_ROLES,
-            ["verifier-alpha", "verifier-beta", "verifier-gamma"]
-        );
-    }
-
-    #[test]
-    fn validates_run_ids() {
-        assert!(validate_run_id("run-20241030-123000").is_ok());
-        assert!(validate_run_id("run.alpha").is_ok());
-        assert!(validate_run_id("").is_err());
-        assert!(validate_run_id("..bad").is_err());
-        assert!(validate_run_id("bad/value").is_err());
-    }
-
-    #[test]
-    fn generates_timestamped_run_id() {
-        let run_id = generate_run_id();
-        assert!(run_id.starts_with("run-"));
-        assert_eq!(run_id.len(), "run-YYYYMMDD-HHMMSS".len());
-    }
-
-    #[test]
-    fn collect_summaries_returns_empty_for_missing_root() {
-        let temp = TempDir::new().expect("temp dir");
-        let missing = temp.path().join("not-present");
-        let summaries = collect_run_summaries(&missing).expect("collect");
-        assert!(summaries.is_empty());
-    }
-}
--- a/codex-rs/cli/src/infty/mod.rs
+++ b/codex-rs/cli/src/infty/mod.rs
@@ -1,6 +0,0 @@
-mod args;
-mod commands;
-mod progress;
-mod summary;
-
-pub use args::InftyCli;
--- a/codex-rs/cli/src/infty/progress.rs
+++ b/codex-rs/cli/src/infty/progress.rs
@@ -1,194 +0,0 @@
-use chrono::Local;
-use codex_core::protocol::AgentMessageEvent;
-use codex_core::protocol::EventMsg;
-use codex_infty::AggregatedVerifierVerdict;
-use codex_infty::DirectiveResponse;
-use codex_infty::ProgressReporter;
-use codex_infty::VerifierDecision;
-use codex_infty::VerifierVerdict;
-use crossterm::style::Stylize;
-use std::path::Path;
-use supports_color::Stream;
-
-#[derive(Debug, Default, Clone)]
-pub(crate) struct TerminalProgressReporter;
-
-impl TerminalProgressReporter {
-    pub(crate) fn with_color(_color_enabled: bool) -> Self {
-        Self
-    }
-
-    fn format_role_label(&self, role: &str) -> String {
-        let lower = role.to_ascii_lowercase();
-        if lower == "solver" {
-            return "[solver]".magenta().bold().to_string();
-        }
-        if lower == "director" {
-            return "[director]".blue().bold().to_string();
-        }
-        if lower == "user" {
-            return "[user]".cyan().bold().to_string();
-        }
-        if lower.contains("verifier") {
-            return format!("[{role}]").green().bold().to_string();
-        }
-        format!("[{role}]").magenta().bold().to_string()
-    }
-
-    fn timestamp(&self) -> String {
-        let timestamp = Local::now().format("%H:%M:%S");
-        let display = format!("[{timestamp}]");
-        if supports_color::on(Stream::Stdout).is_some() {
-            format!("{}", display.dim())
-        } else {
-            display
-        }
-    }
-
-    fn print_exchange(
-        &self,
-        from_role: &str,
-        to_role: &str,
-        lines: Vec<String>,
-        trailing_blank_line: bool,
-    ) {
-        let header = format!(
-            "{} ----> {}",
-            self.format_role_label(from_role),
-            self.format_role_label(to_role)
-        );
-        println!("{} {header}", self.timestamp());
-        for line in lines {
-            println!("{line}");
-        }
-        if trailing_blank_line {
-            println!();
-        }
-    }
-
-    fn format_decision(&self, decision: VerifierDecision) -> String {
-        match decision {
-            VerifierDecision::Pass => "pass".green().bold().to_string(),
-            VerifierDecision::Fail => "fail".red().bold().to_string(),
-        }
-    }
-}
-
-impl ProgressReporter for TerminalProgressReporter {
-    fn objective_posted(&self, objective: &str) {
-        let objective_line = format!("{}", format!("→ objective: {objective}").dim());
-        self.print_exchange("user", "solver", vec![objective_line], true);
-    }
-
-    fn solver_event(&self, event: &EventMsg) {
-        match serde_json::to_string_pretty(event) {
-            Ok(json) => {
-                tracing::debug!("[solver:event]\n{json}");
-            }
-            Err(err) => {
-                tracing::warn!("[solver:event] (failed to serialize: {err}) {event:?}");
-            }
-        }
-    }
-
-    fn role_event(&self, role: &str, event: &EventMsg) {
-        match serde_json::to_string_pretty(event) {
-            Ok(json) => {
-                tracing::debug!("[{role}:event]\n{json}");
-            }
-            Err(err) => {
-                tracing::warn!("[{role}:event] (failed to serialize: {err}) {event:?}");
-            }
-        }
-    }
-
-    fn solver_agent_message(&self, agent_msg: &AgentMessageEvent) {
-        tracing::info!("Agent Message: {agent_msg:?}");
-    }
-
-    fn invalid_solver_signal(&self, raw_message: &str) {
-        let heading = "Warning".yellow().bold();
-        let body = format!(
-            "solver reply did not match expected JSON signal; got: {}",
-            raw_message
-        );
-        println!("{} {} {}", self.timestamp(), heading, body);
-    }
-
-    fn direction_request(&self, prompt: &str) {
-        let prompt_line = format!("{}", prompt.yellow());
-        self.print_exchange("solver", "director", vec![prompt_line], true);
-    }
-
-    fn director_response(&self, directive: &DirectiveResponse) {
-        let suffix = directive
-            .rationale
-            .as_deref()
-            .filter(|rationale| !rationale.is_empty())
-            .map(|rationale| format!(" (rationale: {rationale})"))
-            .unwrap_or_default();
-        let directive_line = format!("{}{}", directive.directive, suffix);
-        self.print_exchange("director", "solver", vec![directive_line], true);
-    }
-
-    fn verification_request(&self, claim_path: &str, notes: Option<&str>) {
-        let mut lines = Vec::new();
-        let path_line = format!("→ path: {claim_path}");
-        lines.push(format!("{}", path_line.dim()));
-        if let Some(notes) = notes.filter(|notes| !notes.is_empty()) {
-            let note_line = format!("→ note: {notes}");
-            lines.push(format!("{}", note_line.dim()));
-        }
-        self.print_exchange("solver", "verifier", lines, true);
-    }
-
-    fn verifier_verdict(&self, role: &str, verdict: &VerifierVerdict) {
-        let decision = self.format_decision(verdict.verdict);
-        let mut lines = Vec::new();
-        lines.push(format!("verdict: {decision}"));
-        if !verdict.reasons.is_empty() {
-            let reasons = verdict.reasons.join("; ");
-            let reason_line = format!("→ reasons: {reasons}");
-            lines.push(format!("{}", reason_line.dim()));
-        }
-        if !verdict.suggestions.is_empty() {
-            let suggestions = verdict.suggestions.join("; ");
-            let suggestion_line = format!("→ suggestions: {suggestions}");
-            lines.push(format!("{}", suggestion_line.dim()));
-        }
-        self.print_exchange(role, "solver", lines, false);
-    }
-
-    fn verification_summary(&self, summary: &AggregatedVerifierVerdict) {
-        let decision = self.format_decision(summary.overall);
-        let heading = "Verification summary".bold();
-        let summary_line = format!("{heading}: {decision}");
-        self.print_exchange("verifier", "solver", vec![summary_line], true);
-    }
-
-    fn final_delivery(&self, deliverable_path: &Path, summary: Option<&str>) {
-        let delivery_line = format!(
-            "{}",
-            format!("→ path: {}", deliverable_path.display()).dim()
-        );
-        let summary_line = format!(
-            "{}",
-            format!("→ summary: {}", summary.unwrap_or("<none>")).dim()
-        );
-        self.print_exchange(
-            "solver",
-            "verifier",
-            vec![delivery_line, summary_line],
-            true,
-        );
-    }
-
-    fn run_interrupted(&self) {
-        println!(
-            "{}",
-            "Run interrupted by Ctrl+C. Shutting down sessions…"
-                .red()
-                .bold(),
-        );
-    }
-}
--- a/codex-rs/cli/src/infty/summary.rs
+++ b/codex-rs/cli/src/infty/summary.rs
@@ -1,123 +0,0 @@
-use std::path::Path;
-use std::time::Duration;
-
-use codex_common::elapsed::format_duration;
-use crossterm::terminal;
-use owo_colors::OwoColorize;
-use textwrap::Options as WrapOptions;
-use textwrap::wrap;
-
-pub(crate) fn print_run_summary_box(
-    color_enabled: bool,
-    run_id: &str,
-    run_path: &Path,
-    deliverable_path: &Path,
-    summary: Option<&str>,
-    objective: Option<&str>,
-    duration: Duration,
-) {
-    let mut items = Vec::new();
-    items.push(("Run ID".to_string(), run_id.to_string()));
-    items.push(("Run Directory".to_string(), run_path.display().to_string()));
-    if let Some(objective) = objective
-        && !objective.trim().is_empty()
-    {
-        items.push(("Objective".to_string(), objective.trim().to_string()));
-    }
-    items.push((
-        "Deliverable".to_string(),
-        deliverable_path.display().to_string(),
-    ));
-    items.push(("Total Time".to_string(), format_duration(duration)));
-    if let Some(summary) = summary {
-        let trimmed = summary.trim();
-        if !trimmed.is_empty() {
-            items.push(("Summary".to_string(), trimmed.to_string()));
-        }
-    }
-
-    let label_width = items
-        .iter()
-        .map(|(label, _)| label.len())
-        .max()
-        .unwrap_or(0)
-        .max(12);
-
-    const DEFAULT_MAX_WIDTH: usize = 84;
-    const MIN_VALUE_WIDTH: usize = 20;
-    let label_padding = label_width + 7;
-    let min_total_width = label_padding + MIN_VALUE_WIDTH;
-    let available_width = terminal::size()
-        .ok()
-        .map(|(cols, _)| usize::from(cols).saturating_sub(2))
-        .unwrap_or(DEFAULT_MAX_WIDTH);
-    let max_width = available_width.min(DEFAULT_MAX_WIDTH);
-    let lower_bound = min_total_width.min(available_width);
-    let mut total_width = max_width.max(lower_bound).max(label_padding + 1);
-    let mut value_width = total_width.saturating_sub(label_padding);
-    if value_width < MIN_VALUE_WIDTH {
-        value_width = MIN_VALUE_WIDTH;
-        total_width = label_padding + value_width;
-    }
-
-    let inner_width = total_width.saturating_sub(4);
-    let top_border = format!("+{}+", "=".repeat(total_width.saturating_sub(2)));
-    let separator = format!("+{}+", "-".repeat(total_width.saturating_sub(2)));
-    let title_line = format!(
-        "| {:^inner_width$} |",
-        "Run Summary",
-        inner_width = inner_width
-    );
-
-    println!();
-    println!("{top_border}");
-    if color_enabled {
-        println!("{}", title_line.bold());
-    } else {
-        println!("{title_line}");
-    }
-    println!("{separator}");
-
-    for (index, (label, value)) in items.iter().enumerate() {
-        let mut rows = Vec::new();
-        for (idx, paragraph) in value.split('\n').enumerate() {
-            let trimmed = paragraph.trim();
-            if trimmed.is_empty() {
-                if idx > 0 {
-                    rows.push(String::new());
-                }
-                continue;
-            }
-            let wrapped = wrap(trimmed, WrapOptions::new(value_width).break_words(false));
-            if wrapped.is_empty() {
-                rows.push(String::new());
-            } else {
-                rows.extend(wrapped.into_iter().map(std::borrow::Cow::into_owned));
-            }
-        }
-        if rows.is_empty() {
-            rows.push(String::new());
-        }
-
-        for (line_idx, line) in rows.iter().enumerate() {
-            let label_cell = if line_idx == 0 { label.as_str() } else { "" };
-            let row_line = format!("| {label_cell:<label_width$} | {line:<value_width$} |");
-            if color_enabled {
-                match label.as_str() {
-                    "Deliverable" => println!("{}", row_line.green()),
-                    "Summary" => println!("{}", row_line.bold()),
-                    _ => println!("{row_line}"),
-                }
-            } else {
-                println!("{row_line}");
-            }
-        }
-
-        if index + 1 < items.len() {
-            println!("{separator}");
-        }
-    }
-
-    println!("{top_border}");
-    println!();
-}
--- a/codex-rs/cli/src/login.rs
+++ b/codex-rs/cli/src/login.rs
@@ -9,12 +9,20 @@ use codex_core::config::ConfigOverrides;
 use codex_login::ServerOptions;
 use codex_login::run_device_code_login;
 use codex_login::run_login_server;
+use codex_protocol::config_types::ForcedLoginMethod;
 use std::io::IsTerminal;
 use std::io::Read;
 use std::path::PathBuf;

-pub async fn login_with_chatgpt(codex_home: PathBuf) -> std::io::Result<()> {
-    let opts = ServerOptions::new(codex_home, CLIENT_ID.to_string());
+pub async fn login_with_chatgpt(
+    codex_home: PathBuf,
+    forced_chatgpt_workspace_id: Option<String>,
+) -> std::io::Result<()> {
+    let opts = ServerOptions::new(
+        codex_home,
+        CLIENT_ID.to_string(),
+        forced_chatgpt_workspace_id,
+    );
    let server = run_login_server(opts)?;

    eprintln!(
@@ -28,7 +36,14 @@ pub async fn login_with_chatgpt(codex_home: PathBuf) -> std::io::Result<()> {
 pub async fn run_login_with_chatgpt(cli_config_overrides: CliConfigOverrides) -> ! {
    let config = load_config_or_exit(cli_config_overrides).await;

-    match login_with_chatgpt(config.codex_home).await {
+    if matches!(config.forced_login_method, Some(ForcedLoginMethod::Api)) {
+        eprintln!("ChatGPT login is disabled. Use API key login instead.");
+        std::process::exit(1);
+    }
+
+    let forced_chatgpt_workspace_id = config.forced_chatgpt_workspace_id.clone();
+
+    match login_with_chatgpt(config.codex_home, forced_chatgpt_workspace_id).await {
        Ok(_) => {
            eprintln!("Successfully logged in");
            std::process::exit(0);
@@ -46,6 +61,11 @@ pub async fn run_login_with_api_key(
 ) -> ! {
    let config = load_config_or_exit(cli_config_overrides).await;

+    if matches!(config.forced_login_method, Some(ForcedLoginMethod::Chatgpt)) {
+        eprintln!("API key login is disabled. Use ChatGPT login instead.");
+        std::process::exit(1);
+    }
+
    match login_with_api_key(&config.codex_home, &api_key) {
        Ok(_) => {
            eprintln!("Successfully logged in");
@@ -92,9 +112,15 @@ pub async fn run_login_with_device_code(
    client_id: Option<String>,
 ) -> ! {
    let config = load_config_or_exit(cli_config_overrides).await;
+    if matches!(config.forced_login_method, Some(ForcedLoginMethod::Api)) {
+        eprintln!("ChatGPT login is disabled. Use API key login instead.");
+        std::process::exit(1);
+    }
+    let forced_chatgpt_workspace_id = config.forced_chatgpt_workspace_id.clone();
    let mut opts = ServerOptions::new(
        config.codex_home,
        client_id.unwrap_or(CLIENT_ID.to_string()),
+        forced_chatgpt_workspace_id,
    );
    if let Some(iss) = issuer_base_url {
        opts.issuer = iss;
--- a/codex-rs/cli/src/main.rs
+++ b/codex-rs/cli/src/main.rs
@@ -19,15 +19,13 @@ use codex_exec::Cli as ExecCli;
 use codex_responses_api_proxy::Args as ResponsesApiProxyArgs;
 use codex_tui::AppExitInfo;
 use codex_tui::Cli as TuiCli;
-use codex_tui::UpdateAction;
+use codex_tui::updates::UpdateAction;
 use owo_colors::OwoColorize;
 use std::path::PathBuf;
 use supports_color::Stream;

-mod infty;
 mod mcp_cmd;

-use crate::infty::InftyCli;
 use crate::mcp_cmd::McpCli;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
@@ -44,7 +42,8 @@ use codex_core::config::ConfigOverrides;
    // The executable is sometimes invoked via a platform‑specific name like
    // `codex-x86_64-unknown-linux-musl`, but the help output should always use
    // the generic `codex` command name that users run.
-    bin_name = "codex"
+    bin_name = "codex",
+    override_usage = "codex [OPTIONS] [PROMPT]\n       codex [OPTIONS] <COMMAND> [ARGS]"
 )]
 struct MultitoolCli {
    #[clap(flatten)]
@@ -106,12 +105,12 @@ enum Subcommand {
    #[clap(hide = true)]
    ResponsesApiProxy(ResponsesApiProxyArgs),

+    /// Internal: relay stdio to a Unix domain socket.
+    #[clap(hide = true, name = "stdio-to-uds")]
+    StdioToUds(StdioToUdsCommand),
+
    /// Inspect feature flags.
    Features(FeaturesCli),
-
-    /// [experimental] Manage Codex Infty long-running task runs.
-    #[clap(name = "infty")]
-    Infty(InftyCli),
 }

 #[derive(Debug, Parser)]
@@ -211,6 +210,13 @@ struct GenerateTsCommand {
    prettier: Option<PathBuf>,
 }

+#[derive(Debug, Parser)]
+struct StdioToUdsCommand {
+    /// Path to the Unix domain socket to connect to.
+    #[arg(value_name = "SOCKET_PATH")]
+    socket_path: PathBuf,
+}
+
 fn format_exit_messages(exit_info: AppExitInfo, color_enabled: bool) -> Vec<String> {
    let AppExitInfo {
        token_usage,
@@ -433,13 +439,6 @@ async fn cli_main(codex_linux_sandbox_exe: Option<PathBuf>) -> anyhow::Result<()
            );
            codex_cloud_tasks::run_main(cloud_cli, codex_linux_sandbox_exe).await?;
        }
-        Some(Subcommand::Infty(mut infty_cli)) => {
-            prepend_config_flags(
-                &mut infty_cli.config_overrides,
-                root_config_overrides.clone(),
-            );
-            infty_cli.run().await?;
-        }
        Some(Subcommand::Sandbox(sandbox_args)) => match sandbox_args.cmd {
            SandboxCommand::Macos(mut seatbelt_cli) => {
                prepend_config_flags(
@@ -475,6 +474,11 @@ async fn cli_main(codex_linux_sandbox_exe: Option<PathBuf>) -> anyhow::Result<()
            tokio::task::spawn_blocking(move || codex_responses_api_proxy::run_main(args))
                .await??;
        }
+        Some(Subcommand::StdioToUds(cmd)) => {
+            let socket_path = cmd.socket_path;
+            tokio::task::spawn_blocking(move || codex_stdio_to_uds::run(socket_path.as_path()))
+                .await??;
+        }
        Some(Subcommand::GenerateTs(gen_cli)) => {
            codex_protocol_ts::generate_ts(&gen_cli.out_dir, gen_cli.prettier.as_deref())?;
        }
@@ -576,6 +580,9 @@ fn merge_resume_cli_flags(interactive: &mut TuiCli, resume_cli: TuiCli) {
    if !resume_cli.images.is_empty() {
        interactive.images = resume_cli.images;
    }
+    if !resume_cli.add_dir.is_empty() {
+        interactive.add_dir.extend(resume_cli.add_dir);
+    }
    if let Some(prompt) = resume_cli.prompt {
        interactive.prompt = Some(prompt);
    }
--- a/codex-rs/cli/src/mcp_cmd.rs
+++ b/codex-rs/cli/src/mcp_cmd.rs
@@ -150,6 +150,10 @@ pub struct RemoveArgs {
 pub struct LoginArgs {
    /// Name of the MCP server to authenticate with oauth.
    pub name: String,
+
+    /// Comma-separated list of OAuth scopes to request.
+    #[arg(long, value_delimiter = ',', value_name = "SCOPE,SCOPE")]
+    pub scopes: Vec<String>,
 }

 #[derive(Debug, clap::Parser)]
@@ -253,6 +257,8 @@ async fn run_add(config_overrides: &CliConfigOverrides, add_args: AddArgs) -> Re
        enabled: true,
        startup_timeout_sec: None,
        tool_timeout_sec: None,
+        enabled_tools: None,
+        disabled_tools: None,
    };

    servers.insert(name.clone(), new_entry);
@@ -277,6 +283,7 @@ async fn run_add(config_overrides: &CliConfigOverrides, add_args: AddArgs) -> Re
            config.mcp_oauth_credentials_store_mode,
            http_headers.clone(),
            env_http_headers.clone(),
+            &Vec::new(),
        )
        .await?;
        println!("Successfully logged in.");
@@ -325,7 +332,7 @@ async fn run_login(config_overrides: &CliConfigOverrides, login_args: LoginArgs)
        );
    }

-    let LoginArgs { name } = login_args;
+    let LoginArgs { name, scopes } = login_args;

    let Some(server) = config.mcp_servers.get(&name) else {
        bail!("No MCP server named '{name}' found.");
@@ -347,6 +354,7 @@ async fn run_login(config_overrides: &CliConfigOverrides, login_args: LoginArgs)
        config.mcp_oauth_credentials_store_mode,
        http_headers,
        env_http_headers,
+        &scopes,
    )
    .await?;
    println!("Successfully logged in to MCP server '{name}'.");
@@ -400,7 +408,7 @@ async fn run_list(config_overrides: &CliConfigOverrides, list_args: ListArgs) ->
            .map(|(name, cfg)| {
                let auth_status = auth_statuses
                    .get(name.as_str())
-                    .copied()
+                    .map(|entry| entry.auth_status)
                    .unwrap_or(McpAuthStatus::Unsupported);
                let transport = match &cfg.transport {
                    McpServerTransportConfig::Stdio {
@@ -487,7 +495,7 @@ async fn run_list(config_overrides: &CliConfigOverrides, list_args: ListArgs) ->
                };
                let auth_status = auth_statuses
                    .get(name.as_str())
-                    .copied()
+                    .map(|entry| entry.auth_status)
                    .unwrap_or(McpAuthStatus::Unsupported)
                    .to_string();
                stdio_rows.push([
@@ -512,7 +520,7 @@ async fn run_list(config_overrides: &CliConfigOverrides, list_args: ListArgs) ->
                };
                let auth_status = auth_statuses
                    .get(name.as_str())
-                    .copied()
+                    .map(|entry| entry.auth_status)
                    .unwrap_or(McpAuthStatus::Unsupported)
                    .to_string();
                http_rows.push([
@@ -676,6 +684,8 @@ async fn run_get(config_overrides: &CliConfigOverrides, get_args: GetArgs) -> Re
            "name": get_args.name,
            "enabled": server.enabled,
            "transport": transport,
+            "enabled_tools": server.enabled_tools.clone(),
+            "disabled_tools": server.disabled_tools.clone(),
            "startup_timeout_sec": server
                .startup_timeout_sec
                .map(|timeout| timeout.as_secs_f64()),
@@ -687,8 +697,28 @@ async fn run_get(config_overrides: &CliConfigOverrides, get_args: GetArgs) -> Re
        return Ok(());
    }

+    if !server.enabled {
+        println!("{} (disabled)", get_args.name);
+        return Ok(());
+    }
+
    println!("{}", get_args.name);
    println!("  enabled: {}", server.enabled);
+    let format_tool_list = |tools: &Option<Vec<String>>| -> String {
+        match tools {
+            Some(list) if list.is_empty() => "[]".to_string(),
+            Some(list) => list.join(", "),
+            None => "-".to_string(),
+        }
+    };
+    if server.enabled_tools.is_some() {
+        let enabled_tools_display = format_tool_list(&server.enabled_tools);
+        println!("  enabled_tools: {enabled_tools_display}");
+    }
+    if server.disabled_tools.is_some() {
+        let disabled_tools_display = format_tool_list(&server.disabled_tools);
+        println!("  disabled_tools: {disabled_tools_display}");
+    }
    match &server.transport {
        McpServerTransportConfig::Stdio {
            command,
--- a/codex-rs/cli/tests/mcp_list.rs
+++ b/codex-rs/cli/tests/mcp_list.rs
@@ -134,3 +134,28 @@ async fn list_and_get_render_expected_output() -> Result<()> {

    Ok(())
 }
+
+#[tokio::test]
+async fn get_disabled_server_shows_single_line() -> Result<()> {
+    let codex_home = TempDir::new()?;
+
+    let mut add = codex_command(codex_home.path())?;
+    add.args(["mcp", "add", "docs", "--", "docs-server"])
+        .assert()
+        .success();
+
+    let mut servers = load_global_mcp_servers(codex_home.path()).await?;
+    let docs = servers
+        .get_mut("docs")
+        .expect("docs server should exist after add");
+    docs.enabled = false;
+    write_global_mcp_servers(codex_home.path(), &servers)?;
+
+    let mut get_cmd = codex_command(codex_home.path())?;
+    let get_output = get_cmd.args(["mcp", "get", "docs"]).output()?;
+    assert!(get_output.status.success());
+    let stdout = String::from_utf8(get_output.stdout)?;
+    assert_eq!(stdout.trim_end(), "docs (disabled)");
+
+    Ok(())
+}
--- a/codex-rs/clippy.toml
+++ b/codex-rs/clippy.toml
@@ -7,3 +7,7 @@ disallowed-methods = [
    { path = "ratatui::style::Stylize::black", reason = "Avoid hardcoding black; prefer default fg or dim/bold. Exception: Disable this rule if rendering over a hardcoded ANSI background." },
    { path = "ratatui::style::Stylize::yellow", reason = "Avoid yellow; prefer other colors in `tui/styles.md`." },
 ]
+
+# Increase the size threshold for result_large_err to accommodate
+# richer error variants.
+large-error-threshold = 256
--- a/codex-rs/codex-backend-openapi-models/Cargo.toml
+++ b/codex-rs/codex-backend-openapi-models/Cargo.toml
@@ -15,3 +15,4 @@ path = "src/lib.rs"
 [dependencies]
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
+serde_with = "3"
--- a/codex-rs/codex-backend-openapi-models/src/models/mod.rs
+++ b/codex-rs/codex-backend-openapi-models/src/models/mod.rs
@@ -3,6 +3,7 @@
 // Currently export only the types referenced by the workspace
 // The process for this will change

+// Cloud Tasks
 pub mod code_task_details_response;
 pub use self::code_task_details_response::CodeTaskDetailsResponse;

@@ -20,3 +21,14 @@ pub use self::task_list_item::TaskListItem;

 pub mod paginated_list_task_list_item_;
 pub use self::paginated_list_task_list_item_::PaginatedListTaskListItem;
+
+// Rate Limits
+pub mod rate_limit_status_payload;
+pub use self::rate_limit_status_payload::PlanType;
+pub use self::rate_limit_status_payload::RateLimitStatusPayload;
+
+pub mod rate_limit_status_details;
+pub use self::rate_limit_status_details::RateLimitStatusDetails;
+
+pub mod rate_limit_window_snapshot;
+pub use self::rate_limit_window_snapshot::RateLimitWindowSnapshot;
--- a/codex-rs/codex-backend-openapi-models/src/models/rate_limit_status_details.rs
+++ b/codex-rs/codex-backend-openapi-models/src/models/rate_limit_status_details.rs
@@ -0,0 +1,46 @@
+/*
+ * codex-backend
+ *
+ * codex-backend
+ *
+ * The version of the OpenAPI document: 0.0.1
+ *
+ * Generated by: https://openapi-generator.tech
+ */
+
+use crate::models;
+use serde::Deserialize;
+use serde::Serialize;
+
+#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
+pub struct RateLimitStatusDetails {
+    #[serde(rename = "allowed")]
+    pub allowed: bool,
+    #[serde(rename = "limit_reached")]
+    pub limit_reached: bool,
+    #[serde(
+        rename = "primary_window",
+        default,
+        with = "::serde_with::rust::double_option",
+        skip_serializing_if = "Option::is_none"
+    )]
+    pub primary_window: Option<Option<Box<models::RateLimitWindowSnapshot>>>,
+    #[serde(
+        rename = "secondary_window",
+        default,
+        with = "::serde_with::rust::double_option",
+        skip_serializing_if = "Option::is_none"
+    )]
+    pub secondary_window: Option<Option<Box<models::RateLimitWindowSnapshot>>>,
+}
+
+impl RateLimitStatusDetails {
+    pub fn new(allowed: bool, limit_reached: bool) -> RateLimitStatusDetails {
+        RateLimitStatusDetails {
+            allowed,
+            limit_reached,
+            primary_window: None,
+            secondary_window: None,
+        }
+    }
+}
--- a/codex-rs/codex-backend-openapi-models/src/models/rate_limit_status_payload.rs
+++ b/codex-rs/codex-backend-openapi-models/src/models/rate_limit_status_payload.rs
@@ -0,0 +1,65 @@
+/*
+ * codex-backend
+ *
+ * codex-backend
+ *
+ * The version of the OpenAPI document: 0.0.1
+ *
+ * Generated by: https://openapi-generator.tech
+ */
+
+use crate::models;
+use serde::Deserialize;
+use serde::Serialize;
+
+#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
+pub struct RateLimitStatusPayload {
+    #[serde(rename = "plan_type")]
+    pub plan_type: PlanType,
+    #[serde(
+        rename = "rate_limit",
+        default,
+        with = "::serde_with::rust::double_option",
+        skip_serializing_if = "Option::is_none"
+    )]
+    pub rate_limit: Option<Option<Box<models::RateLimitStatusDetails>>>,
+}
+
+impl RateLimitStatusPayload {
+    pub fn new(plan_type: PlanType) -> RateLimitStatusPayload {
+        RateLimitStatusPayload {
+            plan_type,
+            rate_limit: None,
+        }
+    }
+}
+
+#[derive(Clone, Copy, Debug, Eq, PartialEq, Ord, PartialOrd, Hash, Serialize, Deserialize)]
+pub enum PlanType {
+    #[serde(rename = "free")]
+    Free,
+    #[serde(rename = "go")]
+    Go,
+    #[serde(rename = "plus")]
+    Plus,
+    #[serde(rename = "pro")]
+    Pro,
+    #[serde(rename = "team")]
+    Team,
+    #[serde(rename = "business")]
+    Business,
+    #[serde(rename = "education")]
+    Education,
+    #[serde(rename = "quorum")]
+    Quorum,
+    #[serde(rename = "enterprise")]
+    Enterprise,
+    #[serde(rename = "edu")]
+    Edu,
+}
+
+impl Default for PlanType {
+    fn default() -> PlanType {
+        Self::Free
+    }
+}
--- a/codex-rs/codex-backend-openapi-models/src/models/rate_limit_window_snapshot.rs
+++ b/codex-rs/codex-backend-openapi-models/src/models/rate_limit_window_snapshot.rs
@@ -0,0 +1,40 @@
+/*
+ * codex-backend
+ *
+ * codex-backend
+ *
+ * The version of the OpenAPI document: 0.0.1
+ *
+ * Generated by: https://openapi-generator.tech
+ */
+
+use serde::Deserialize;
+use serde::Serialize;
+
+#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
+pub struct RateLimitWindowSnapshot {
+    #[serde(rename = "used_percent")]
+    pub used_percent: i32,
+    #[serde(rename = "limit_window_seconds")]
+    pub limit_window_seconds: i32,
+    #[serde(rename = "reset_after_seconds")]
+    pub reset_after_seconds: i32,
+    #[serde(rename = "reset_at")]
+    pub reset_at: i32,
+}
+
+impl RateLimitWindowSnapshot {
+    pub fn new(
+        used_percent: i32,
+        limit_window_seconds: i32,
+        reset_after_seconds: i32,
+        reset_at: i32,
+    ) -> RateLimitWindowSnapshot {
+        RateLimitWindowSnapshot {
+            used_percent,
+            limit_window_seconds,
+            reset_after_seconds,
+            reset_at,
+        }
+    }
+}
--- a/codex-rs/codex-infty/Cargo.toml
+++ b/codex-rs/codex-infty/Cargo.toml
@@ -1,24 +0,0 @@
-[package]
-name = "codex-infty"
-version = { workspace = true }
-edition = "2024"
-
-[dependencies]
-anyhow = { workspace = true }
-chrono = { workspace = true, features = ["serde"] }
-codex-core = { path = "../core" }
-codex-protocol = { path = "../protocol" }
-dirs = { workspace = true }
-serde = { workspace = true, features = ["derive"] }
-serde_json = { workspace = true }
-tempfile = { workspace = true }
-tokio = { workspace = true, features = ["macros", "rt", "rt-multi-thread", "signal"] }
-tokio-stream = { workspace = true }
-tokio-util = { workspace = true }
-tracing = { workspace = true, features = ["log"] }
-futures = "0.3"
-
-[dev-dependencies]
-core_test_support = { path = "../core/tests/common" }
-tempfile = { workspace = true }
-wiremock = { workspace = true }
--- a/codex-rs/codex-infty/README.md
+++ b/codex-rs/codex-infty/README.md
@@ -1,196 +0,0 @@
-# Codex Infty
-
-Codex Infty is a small orchestration layer that coordinates multiple Codex roles (Solver, Director, Verifier(s)) to drive longer, multi‑step objectives with minimal human intervention. It provides:
-
- A run orchestrator that routes messages between roles and advances the workflow.
- A durable run store on disk with metadata and standard subfolders.
- Default role prompts for Solver/Director/Verifier.
- A lightweight progress reporting hook for UIs/CLIs.
-
-The crate is designed to be embedded (via the library API) and also powers the `codex infty` CLI commands.
-
-## High‑Level Flow
-
-```
-objective → Solver
-  Solver → direction_request → Director → directive → Solver
-  … (iterate) …
-  Solver → final_delivery → Orchestrator returns RunOutcome
-```
-
- The Solver always speaks structured JSON. The orchestrator parses those messages and decides the next hop.
- The Director provides crisp guidance (also JSON) that is forwarded back to the Solver.
- One or more Verifiers may assess the final deliverable; the orchestrator aggregates results and reports a summary to the Solver.
- On final_delivery, the orchestrator resolves and validates the deliverable path and returns the `RunOutcome`.
-
-## Directory Layout (Run Store)
-
-When a run is created, a directory is initialized with this structure:
-
-```
-<runs_root>/<run_id>/
-  artifacts/      # long‑lived artifacts produced by the Solver
-  memory/         # durable notes, claims, context
-  index/          # indexes and caches
-  deliverable/    # final output(s) assembled by the Solver
-  run.json        # run metadata (id, timestamps, roles)
-```
-
-See: `codex-infty/src/run_store.rs`.
-
- The orchestrator persists rollout paths and optional config paths for each role into `run.json`.
- Metadata timestamps are updated on significant events (role spawns, handoffs, final delivery).
- Final deliverables must remain within the run directory. Paths are canonicalized and validated.
-
-## Roles and Prompts
-
-Default base instructions are injected per role if the provided `Config` has none:
-
- Solver: `codex-infty/src/prompts/solver.md`
- Director: `codex-infty/src/prompts/director.md`
- Verifier: `codex-infty/src/prompts/verifier.md`
-
-You can provide your own instructions by pre‑populating `Config.base_instructions`.
-
-## Solver Signal Contract
-
-The Solver communicates intent using JSON messages (possibly wrapped in a fenced block). The orchestrator accepts two shapes:
-
- Direction request (sent to Director):
-
-```json
-{"type":"direction_request","prompt":"<question or decision>"}
-```
-
- Final delivery (completes the run):
-
-```json
-{"type":"final_delivery","deliverable_path":"deliverable/summary.txt","summary":"<short text>"}
-```
-
-JSON may be fenced as ```json … ```; the orchestrator will strip the fence.
-
-## Key Types and Modules
-
- Orchestrator: `codex-infty/src/orchestrator.rs`
-  - `InftyOrchestrator`: spawns/resumes role sessions, drives the event loop, and routes signals.
-  - `execute_new_run`: one‑shot helper that spawns and then drives.
-  - `spawn_run`: set up sessions and the run store.
-  - `call_role`, `relay_assistant_to_role`, `post_to_role`, `await_first_assistant`, `stream_events`: utilities when integrating custom flows.
-
- Run store: `codex-infty/src/run_store.rs`
-  - `RunStore`, `RunMetadata`, `RoleMetadata`: metadata and persistence helpers.
-
- Types: `codex-infty/src/types.rs`
-  - `RoleConfig`: wraps a `Config` and sets sensible defaults for autonomous flows (no approvals, full sandbox access). Also used to persist optional config paths.
-  - `RunParams`: input to spawn runs.
-  - `RunExecutionOptions`: per‑run options (objective, timeouts).
-  - `RunOutcome`: returned on successful final delivery.
-
- Signals: `codex-infty/src/signals.rs`
-  - DTOs for director responses and verifier verdicts, and the aggregated summary type.
-
- Progress: `codex-infty/src/progress.rs`
-  - `ProgressReporter` trait: hook for UIs/CLIs to observe solver/director/verifier activity.
-
-## Orchestrator Workflow (Details)
-
-1. Spawn or resume role sessions (Solver, Director, and zero or more Verifiers). Default prompts are applied if the role’s `Config` has no base instructions.
-2. Optionally post an `objective` to the Solver. The progress reporter is notified and the orchestrator waits for the first Solver signal.
-3. On `direction_request`:
-   - Post a structured request to the Director and await the first assistant message.
-   - Parse it into a `DirectiveResponse` and forward the normalized JSON to the Solver.
-4. On `final_delivery`:
-   - Canonicalize and validate that `deliverable_path` stays within the run directory.
-   - Optionally run a verification pass using configured Verifier(s), aggregate results, and post a summary back to the Solver.
-   - Notify the progress reporter, touch the run store, and return `RunOutcome`.
-
-## Library Usage
-
-```rust
-use std::sync::Arc;
-use codex_core::{CodexAuth, config::Config};
-use codex_infty::{InftyOrchestrator, RoleConfig, RunParams, RunExecutionOptions};
-
-#[tokio::main]
-async fn main() -> anyhow::Result<()> {
-    // 1) Load or build a Config for each role
-    let solver_cfg: Config = load_config();
-    let mut director_cfg = solver_cfg.clone();
-    director_cfg.model = "o4-mini".into();
-
-    // 2) Build role configs
-    let solver = RoleConfig::new("solver", solver_cfg.clone());
-    let director = RoleConfig::new("director", director_cfg);
-    let verifiers = vec![RoleConfig::new("verifier-alpha", solver_cfg.clone())];
-
-    // 3) Create an orchestrator (using default runs root)
-    let auth = CodexAuth::from_api_key("sk-…");
-    let orchestrator = InftyOrchestrator::new(auth)?;
-
-    // 4) Execute a new run with an objective
-    let params = RunParams {
-        run_id: "my-run".into(),
-        run_root: None, // use default ~/.codex/infty/<run_id>
-        solver,
-        director,
-        verifiers,
-    };
-    let mut opts = RunExecutionOptions::default();
-    opts.objective = Some("Implement feature X".into());
-
-    let outcome = orchestrator.execute_new_run(params, opts).await?;
-    println!("deliverable: {}", outcome.deliverable_path.display());
-    Ok(())
-}
-# fn load_config() -> codex_core::config::Config { codex_core::config::Config::default() }
-```
-
-Note: Resuming runs is currently disabled.
-
-## CLI Quickstart
-
-The CLI (`codex`) exposes Infty helpers under the `infty` subcommand. Examples:
-
-```bash
-# Create a run and immediately drive toward completion
-codex infty create --run-id demo --objective "Build and test feature"
-
-# Inspect runs
-codex infty list
-codex infty show demo
-
-# Sending one-off messages to stored runs is currently disabled
-```
-
-Flags allow customizing the Director’s model and reasoning effort; see `codex infty create --help`.
-
-## Progress Reporting
-
-Integrate your UI by implementing `ProgressReporter` and attaching it with `InftyOrchestrator::with_progress(...)`. You’ll receive callbacks on key milestones (objective posted, solver messages, director response, verification summaries, final delivery, etc.).
-
-## Safety and Guardrails
-
- `RoleConfig::new` sets `SandboxPolicy::DangerFullAccess` and `AskForApproval::Never` to support autonomous flows. Adjust if your environment requires stricter policies.
- Deliverable paths are validated to stay inside the run directory and are fully canonicalized.
- JSON payloads are schema‑checked where applicable (e.g., solver signals and final delivery shape).
-
-## Tests
-
-Run the crate’s tests:
-
-```bash
-cargo test -p codex-infty
-```
-
-Many tests rely on mocked SSE streams and will auto‑skip in sandboxes where network is disabled.
-
-## When to Use This Crate
-
-Use `codex-infty` when you want a minimal, pragmatic multi‑role loop with:
-
- Clear role separation and routing.
- Durable, restart‑resilient state on disk.
- Simple integration points (progress hooks and helper APIs).
-
-It’s intentionally small and focused so it can be embedded into larger tools or extended to meet your workflows.
--- a/codex-rs/codex-infty/src/lib.rs
+++ b/codex-rs/codex-infty/src/lib.rs
@@ -1,38 +0,0 @@
-#![deny(clippy::print_stdout, clippy::print_stderr)]
-
-mod orchestrator;
-mod progress;
-mod prompts;
-mod roles;
-mod run_store;
-mod session;
-mod signals;
-mod types;
-pub(crate) mod utils;
-
-pub use orchestrator::InftyOrchestrator;
-pub use progress::ProgressReporter;
-pub use run_store::RoleMetadata;
-pub use run_store::RunMetadata;
-pub use run_store::RunStore;
-pub use signals::AggregatedVerifierVerdict;
-pub use signals::DirectiveResponse;
-pub use signals::VerifierDecision;
-pub use signals::VerifierReport;
-pub use signals::VerifierVerdict;
-pub use types::RoleConfig;
-pub use types::RoleSession;
-pub use types::RunExecutionOptions;
-pub use types::RunOutcome;
-pub use types::RunParams;
-pub use types::RunSessions;
-
-use anyhow::Result;
-use anyhow::anyhow;
-use dirs::home_dir;
-use std::path::PathBuf;
-
-pub fn default_runs_root() -> Result<PathBuf> {
-    let home = home_dir().ok_or_else(|| anyhow!("failed to determine home directory"))?;
-    Ok(home.join(".codex").join("infty"))
-}
--- a/codex-rs/codex-infty/src/orchestrator.rs
+++ b/codex-rs/codex-infty/src/orchestrator.rs
@@ -1,552 +0,0 @@
-use std::fs;
-use std::path::Path;
-use std::path::PathBuf;
-use std::sync::Arc;
-
-use anyhow::Context;
-use anyhow::Result;
-use anyhow::anyhow;
-use anyhow::bail;
-use codex_core::CodexAuth;
-use codex_core::CodexConversation;
-use codex_core::ConversationManager;
-use codex_core::cross_session::CrossSessionHub;
-use codex_core::protocol::EventMsg;
-use codex_core::protocol::Op;
-use codex_protocol::ConversationId;
-use tokio::signal;
-use tokio_stream::StreamExt;
-use tokio_util::sync::CancellationToken;
-use tracing::warn;
-
-use crate::progress::ProgressReporter;
-use crate::prompts;
-use crate::roles::Role;
-use crate::roles::director::DirectionRequestPayload;
-use crate::roles::director::DirectorRole;
-use crate::roles::solver::SolverRequest;
-use crate::roles::solver::SolverRole;
-use crate::roles::solver::SolverSignal;
-use crate::roles::solver::parse_solver_signal;
-use crate::roles::verifier::VerificationRequestPayload;
-use crate::roles::verifier_pool::VerifierPool;
-use crate::run_store::RoleMetadata;
-use crate::run_store::RunStore;
-use crate::session;
-use crate::signals::AggregatedVerifierVerdict;
-use crate::types::RoleConfig;
-use crate::types::RoleSession;
-use crate::types::RunExecutionOptions;
-use crate::types::RunOutcome;
-use crate::types::RunParams;
-use crate::types::RunSessions;
-
-#[derive(Default)]
-struct LoopState {
-    waiting_for_signal: bool,
-    pending_solver_turn_completion: bool,
-}
-
-struct SessionCleanup {
-    conversation_id: ConversationId,
-    conversation: Arc<CodexConversation>,
-}
-
-impl SessionCleanup {
-    fn new(session: &RoleSession) -> Self {
-        Self {
-            conversation_id: session.conversation_id,
-            conversation: Arc::clone(&session.conversation),
-        }
-    }
-}
-
-pub struct InftyOrchestrator {
-    hub: Arc<CrossSessionHub>,
-    conversation_manager: ConversationManager,
-    runs_root: PathBuf,
-    progress: Option<Arc<dyn ProgressReporter>>,
-}
-
-impl InftyOrchestrator {
-    fn progress_ref(&self) -> Option<&dyn ProgressReporter> {
-        self.progress.as_deref()
-    }
-    pub fn new(auth: CodexAuth) -> Result<Self> {
-        let runs_root = crate::default_runs_root()?;
-        Ok(Self::with_runs_root(auth, runs_root))
-    }
-
-    pub fn with_runs_root(auth: CodexAuth, runs_root: impl Into<PathBuf>) -> Self {
-        Self {
-            hub: Arc::new(CrossSessionHub::new()),
-            conversation_manager: ConversationManager::with_auth(auth),
-            runs_root: runs_root.into(),
-            progress: None,
-        }
-    }
-
-    pub fn runs_root(&self) -> &PathBuf {
-        &self.runs_root
-    }
-
-    pub fn hub(&self) -> Arc<CrossSessionHub> {
-        Arc::clone(&self.hub)
-    }
-
-    pub fn with_progress(mut self, reporter: Arc<dyn ProgressReporter>) -> Self {
-        self.progress = Some(reporter);
-        self
-    }
-
-    pub async fn execute_new_run(
-        &self,
-        params: RunParams,
-        options: RunExecutionOptions,
-    ) -> Result<RunOutcome> {
-        let sessions = self.spawn_run(params).await?;
-        self.drive_run(sessions, options).await
-    }
-
-    // resumable runs are disabled; execute_existing_run removed
-
-    pub async fn spawn_run(&self, params: RunParams) -> Result<RunSessions> {
-        let RunParams {
-            run_id,
-            run_root,
-            solver,
-            director,
-            verifiers,
-        } = params;
-
-        let run_path = run_root.unwrap_or_else(|| self.runs_root.join(&run_id));
-        let role_metadata = collect_role_metadata(&solver, &director, &verifiers);
-        let mut store = RunStore::initialize(&run_path, &run_id, &role_metadata)?;
-        let mut cleanup = Vec::new();
-
-        let solver_session = match self
-            .spawn_and_register_role(&run_id, &run_path, &solver, &mut store, &mut cleanup)
-            .await
-        {
-            Ok(session) => session,
-            Err(err) => {
-                self.cleanup_failed_spawn(cleanup, &run_path).await;
-                return Err(err);
-            }
-        };
-
-        let director_session = match self
-            .spawn_and_register_role(&run_id, &run_path, &director, &mut store, &mut cleanup)
-            .await
-        {
-            Ok(session) => session,
-            Err(err) => {
-                self.cleanup_failed_spawn(cleanup, &run_path).await;
-                return Err(err);
-            }
-        };
-
-        let mut verifier_sessions = Vec::with_capacity(verifiers.len());
-        for verifier in verifiers {
-            let session = match self
-                .spawn_and_register_role(&run_id, &run_path, &verifier, &mut store, &mut cleanup)
-                .await
-            {
-                Ok(session) => session,
-                Err(err) => {
-                    self.cleanup_failed_spawn(cleanup, &run_path).await;
-                    return Err(err);
-                }
-            };
-            verifier_sessions.push(session);
-        }
-
-        Ok(RunSessions {
-            run_id,
-            solver: solver_session,
-            director: director_session,
-            verifiers: verifier_sessions,
-            store,
-        })
-    }
-
-    // resumable runs are disabled; resume_run removed
-
-    async fn drive_run(
-        &self,
-        mut sessions: RunSessions,
-        options: RunExecutionOptions,
-    ) -> Result<RunOutcome> {
-        let result = self.inner_drive_run(&mut sessions, &options).await;
-        let cleanup = collect_session_cleanup(&sessions);
-        self.shutdown_sessions(cleanup).await;
-        result
-    }
-
-    async fn inner_drive_run(
-        &self,
-        sessions: &mut RunSessions,
-        options: &RunExecutionOptions,
-    ) -> Result<RunOutcome> {
-        let solver_role = SolverRole::new(
-            Arc::clone(&self.hub),
-            sessions.run_id.clone(),
-            sessions.solver.role.clone(),
-            sessions.solver.conversation_id,
-            self.progress.clone(),
-        );
-        let director_role = DirectorRole::new(
-            Arc::clone(&self.hub),
-            sessions.run_id.clone(),
-            sessions.director.role.clone(),
-            options.director_timeout,
-            self.progress.clone(),
-        );
-        let mut verifier_pool = VerifierPool::from_sessions(
-            Arc::clone(&self.hub),
-            sessions,
-            options.verifier_timeout,
-            self.progress.clone(),
-        );
-
-        let mut solver_events = solver_role.stream_events()?;
-        let mut state = LoopState::default();
-        self.maybe_post_objective(&solver_role, sessions, &mut state, options)
-            .await?;
-
-        // Cancellation token that propagates Ctrl+C to nested awaits
-        let cancel = CancellationToken::new();
-        let cancel_on_ctrl_c = cancel.clone();
-        tokio::spawn(async move {
-            let _ = signal::ctrl_c().await;
-            cancel_on_ctrl_c.cancel();
-        });
-
-        'event_loop: loop {
-            tokio::select! {
-                maybe_event = solver_events.next() => {
-                    let Some(event) = maybe_event else {
-                        break 'event_loop;
-                    };
-                    if let Some(p) = self.progress_ref() { p.solver_event(&event.event.msg); }
-                    match &event.event.msg {
-                        EventMsg::AgentMessage(agent_msg) => {
-                            if let Some(p) = self.progress_ref() { p.solver_agent_message(agent_msg); }
-                            if let Some(signal) = parse_solver_signal(&agent_msg.message) {
-                                state.waiting_for_signal = false;
-                                match signal {
-                                    SolverSignal::DirectionRequest { prompt } => {
-                                        let prompt = crate::utils::required_trimmed(
-                                            prompt,
-                                            "solver direction_request missing prompt text",
-                                        )?;
-                                        if let Some(p) = self.progress_ref() { p.direction_request(&prompt); }
-                                        self
-                                            .handle_direction_request(
-                                                &prompt,
-                                                options,
-                                                &director_role,
-                                                &solver_role,
-                                                cancel.clone(),
-                                            )
-                                            .await?;
-                                        sessions.store.touch()?;
-                                        state.pending_solver_turn_completion = true;
-                                    }
-                                    SolverSignal::FinalDelivery {
-                                        deliverable_path,
-                                        summary,
-                                    } => {
-                                        let deliverable_path = crate::utils::required_trimmed(
-                                            deliverable_path,
-                                            "solver final_delivery missing deliverable_path",
-                                        )?;
-                                        if deliverable_path.is_empty() { bail!("solver final_delivery provided empty path"); }
-
-                                        // Minimal behavior: if the provided path cannot be resolved,
-                                        // send a placeholder claim so verifiers can fail it.
-                                        let resolved = crate::utils::resolve_deliverable_path(
-                                            sessions.store.path(),
-                                            &deliverable_path,
-                                        )
-                                        .unwrap_or_else(|_| std::path::PathBuf::from("file not existing"));
-
-                                        let summary_clean = crate::utils::trim_to_non_empty(summary);
-                                        let summary_ref = summary_clean.as_deref();
-                                        if let Some(p) = self.progress_ref() { p.final_delivery(&resolved, summary_ref); }
-                                        let verified = self
-                                            .run_final_verification(
-                                                sessions,
-                                                &mut verifier_pool,
-                                                &resolved,
-                                                summary_ref,
-                                                options,
-                                                &solver_role,
-                                                cancel.clone(),
-                                            )
-                                            .await?;
-                                        if !verified { state.pending_solver_turn_completion = true; continue; }
-                                        sessions.store.touch()?;
-                                        return Ok(RunOutcome {
-                                            run_id: sessions.run_id.clone(),
-                                            deliverable_path: resolved,
-                                            summary: summary_clean,
-                                            raw_message: agent_msg.message.clone(),
-                                        });
-                                    }
-                                }
-                            }
-                        }
-                        EventMsg::TaskComplete(..) => {
-                            if state.waiting_for_signal {
-                                // The solver completed its turn without issuing a signal; ask for one now.
-                                solver_role.request_finalization_signal().await?;
-                            } else if state.pending_solver_turn_completion {
-                                // We handled a signal earlier in the loop; this completion corresponds to it.
-                                state.pending_solver_turn_completion = false;
-                            }
-                        }
-                        EventMsg::Error(error) => {
-                            tracing::error!("Error: {:?}", error);
-                        }
-                        EventMsg::StreamError(error) => {
-                            tracing::error!("Stream error: {:?}", error);
-                        }
-                        e => {
-                            tracing::info!("Unhandled event: {:?}", e); // todo move to trace
-                        }
-                    }
-                }
-                _ = cancel.cancelled() => {
-                    if let Some(progress) = self.progress.as_ref() { progress.run_interrupted(); }
-                    // Proactively interrupt any in-flight role turns for fast shutdown.
-                    let _ = sessions.solver.conversation.submit(Op::Interrupt).await;
-                    let _ = sessions.director.conversation.submit(Op::Interrupt).await;
-                    for v in &sessions.verifiers { let _ = v.conversation.submit(Op::Interrupt).await; }
-                    // Cleanup is handled by the caller (drive_run) to avoid double-shutdown
-                    bail!("run interrupted by Ctrl+C");
-                }
-            }
-        }
-
-        Err(anyhow!(
-            "run {} ended before emitting final_delivery message",
-            sessions.run_id
-        ))
-    }
-
-    async fn maybe_post_objective(
-        &self,
-        solver: &crate::roles::solver::SolverRole,
-        sessions: &mut RunSessions,
-        state: &mut LoopState,
-        options: &RunExecutionOptions,
-    ) -> Result<()> {
-        if let Some(objective) = options.objective.as_deref()
-            && !objective.trim().is_empty()
-        {
-            solver
-                .post(objective, Some(SolverRole::solver_signal_schema()))
-                .await?;
-            sessions.store.touch()?;
-            state.waiting_for_signal = true;
-            if let Some(p) = self.progress_ref() {
-                p.objective_posted(objective);
-            }
-        }
-        Ok(())
-    }
-
-    async fn handle_direction_request(
-        &self,
-        prompt: &str,
-        options: &RunExecutionOptions,
-        director_role: &DirectorRole,
-        solver_role: &SolverRole,
-        cancel: CancellationToken,
-    ) -> Result<()> {
-        let request = DirectionRequestPayload::new(prompt, options.objective.as_deref());
-        let directive_payload = tokio::select! {
-            r = director_role.call(&request) => {
-                r.context("director response was not valid directive JSON")?
-            }
-            _ = cancel.cancelled() => {
-                bail!("interrupted")
-            }
-        };
-        if let Some(progress) = self.progress.as_ref() {
-            progress.director_response(&directive_payload);
-        }
-        let req = SolverRequest::from(directive_payload);
-        tokio::select! {
-            r = solver_role.call(&req) => { r?; }
-            _ = cancel.cancelled() => { bail!("interrupted"); }
-        }
-        Ok(())
-    }
-
-    #[allow(clippy::too_many_arguments)]
-    async fn run_final_verification(
-        &self,
-        sessions: &mut RunSessions,
-        verifier_pool: &mut VerifierPool,
-        deliverable_path: &Path,
-        summary: Option<&str>,
-        options: &RunExecutionOptions,
-        solver_role: &SolverRole,
-        cancel: CancellationToken,
-    ) -> Result<bool> {
-        let relative = deliverable_path
-            .strip_prefix(sessions.store.path())
-            .ok()
-            .and_then(|p| p.to_str().map(|s| s.to_string()));
-        let claim_path = relative.unwrap_or_else(|| deliverable_path.display().to_string());
-
-        let objective = crate::utils::objective_as_str(options);
-
-        let request = VerificationRequestPayload::new(claim_path.as_str(), summary, objective);
-        if verifier_pool.is_empty() {
-            return Ok(true);
-        }
-        let round = tokio::select! {
-            r = verifier_pool.collect_round(&request) => { r? }
-            _ = cancel.cancelled() => { bail!("interrupted"); }
-        };
-        verifier_pool
-            .rotate_passing(sessions, &self.conversation_manager, &round.passing_roles)
-            .await?;
-        let summary_result = round.summary;
-        self.emit_verification_summary(&summary_result);
-        let req = SolverRequest::from(&summary_result);
-        tokio::select! {
-            r = solver_role.call(&req) => { r?; }
-            _ = cancel.cancelled() => { bail!("interrupted"); }
-        }
-        Ok(summary_result.overall.is_pass())
-    }
-
-    fn emit_verification_summary(&self, summary: &AggregatedVerifierVerdict) {
-        if let Some(progress) = self.progress.as_ref() {
-            progress.verification_summary(summary);
-        }
-    }
-
-    async fn cleanup_failed_spawn(&self, sessions: Vec<SessionCleanup>, run_path: &Path) {
-        self.shutdown_sessions(sessions).await;
-        if run_path.exists()
-            && let Err(err) = fs::remove_dir_all(run_path)
-        {
-            warn!(
-                path = %run_path.display(),
-                ?err,
-                "failed to remove run directory after spawn failure"
-            );
-        }
-    }
-
-    // resumable runs are disabled; cleanup_failed_resume removed
-
-    async fn shutdown_sessions(&self, sessions: Vec<SessionCleanup>) {
-        for session in sessions {
-            if let Err(err) = session.conversation.submit(Op::Shutdown).await {
-                warn!(
-                    %session.conversation_id,
-                    ?err,
-                    "failed to shutdown session during cleanup"
-                );
-            }
-            let _ = self
-                .conversation_manager
-                .remove_conversation(&session.conversation_id)
-                .await;
-        }
-    }
-
-    async fn spawn_and_register_role(
-        &self,
-        run_id: &str,
-        run_path: &Path,
-        role_config: &RoleConfig,
-        store: &mut RunStore,
-        cleanup: &mut Vec<SessionCleanup>,
-    ) -> Result<RoleSession> {
-        let session = session::spawn_role(
-            Arc::clone(&self.hub),
-            &self.conversation_manager,
-            run_id,
-            run_path,
-            role_config.clone(),
-            prompts::ensure_instructions,
-        )
-        .await?;
-        cleanup.push(SessionCleanup::new(&session));
-        store.update_rollout_path(&session.role, session.rollout_path.clone())?;
-        if let Some(path) = role_config.config_path.clone() {
-            store.set_role_config_path(&session.role, path)?;
-        }
-        Ok(session)
-    }
-
-    // resumable runs are disabled; resume_and_register_role removed
-}
-
-impl InftyOrchestrator {
-    /// Test-only helper to run a single verification round against all verifiers,
-    /// applying the replacement policy (replace passes, keep failures).
-    pub async fn verify_round_for_test(
-        &self,
-        sessions: &mut RunSessions,
-        claim_path: &str,
-        options: &RunExecutionOptions,
-    ) -> Result<AggregatedVerifierVerdict> {
-        let mut pool = VerifierPool::from_sessions(
-            Arc::clone(&self.hub),
-            sessions,
-            options.verifier_timeout,
-            self.progress.clone(),
-        );
-        let req = VerificationRequestPayload::new(claim_path, None, None);
-        let round = pool.collect_round(&req).await?;
-        pool.rotate_passing(sessions, &self.conversation_manager, &round.passing_roles)
-            .await?;
-        Ok(round.summary)
-    }
-}
-
-fn collect_role_metadata(
-    solver: &RoleConfig,
-    director: &RoleConfig,
-    verifiers: &[RoleConfig],
-) -> Vec<RoleMetadata> {
-    solver_and_director_metadata(solver, director)
-        .into_iter()
-        .chain(verifiers.iter().map(|verifier| RoleMetadata {
-            role: verifier.role.clone(),
-            rollout_path: None,
-            config_path: verifier.config_path.clone(),
-        }))
-        .collect()
-}
-
-fn solver_and_director_metadata(solver: &RoleConfig, director: &RoleConfig) -> Vec<RoleMetadata> {
-    vec![
-        RoleMetadata {
-            role: solver.role.clone(),
-            rollout_path: None,
-            config_path: solver.config_path.clone(),
-        },
-        RoleMetadata {
-            role: director.role.clone(),
-            rollout_path: None,
-            config_path: director.config_path.clone(),
-        },
-    ]
-}
-
-fn collect_session_cleanup(sessions: &RunSessions) -> Vec<SessionCleanup> {
-    let mut cleanup = Vec::with_capacity(2 + sessions.verifiers.len());
-    cleanup.push(SessionCleanup::new(&sessions.solver));
-    cleanup.push(SessionCleanup::new(&sessions.director));
-    cleanup.extend(sessions.verifiers.iter().map(SessionCleanup::new));
-    cleanup
-}
--- a/codex-rs/codex-infty/src/progress.rs
+++ b/codex-rs/codex-infty/src/progress.rs
@@ -1,25 +0,0 @@
-use std::path::Path;
-
-use codex_core::protocol::AgentMessageEvent;
-use codex_core::protocol::EventMsg;
-
-use crate::signals::AggregatedVerifierVerdict;
-use crate::signals::DirectiveResponse;
-use crate::signals::VerifierVerdict;
-
-pub trait ProgressReporter: Send + Sync {
-    fn objective_posted(&self, _objective: &str) {}
-    fn solver_event(&self, _event: &EventMsg) {}
-    fn role_event(&self, _role: &str, _event: &EventMsg) {}
-    fn solver_agent_message(&self, _message: &AgentMessageEvent) {}
-    /// Called when the solver emits a message that failed to parse as a valid
-    /// JSON signal according to the expected `solver_signal_schema`.
-    fn invalid_solver_signal(&self, _raw_message: &str) {}
-    fn direction_request(&self, _prompt: &str) {}
-    fn director_response(&self, _directive: &DirectiveResponse) {}
-    fn verification_request(&self, _claim_path: &str, _notes: Option<&str>) {}
-    fn verifier_verdict(&self, _role: &str, _verdict: &VerifierVerdict) {}
-    fn verification_summary(&self, _summary: &AggregatedVerifierVerdict) {}
-    fn final_delivery(&self, _deliverable_path: &Path, _summary: Option<&str>) {}
-    fn run_interrupted(&self) {}
-}
--- a/codex-rs/codex-infty/src/prompts/director.md
+++ b/codex-rs/codex-infty/src/prompts/director.md
@@ -1,20 +0,0 @@
-You are the **Director**. Your role is to pilot/manage an agent to resolve a given objective in its totality.
-
-## Guidelines:
- The objective needs to be solved in its original format. If the agent propose a simplification or a partial resolution, this is not sufficient. You must tell the agent to solve the total objective.
- The agent often just report you some results before moving to the next step. In this case, just encourage him to move with a simple "Go ahead", "Keep going" or this kind of message. In this case, no need for a rationale.
- If the agent propose multiple approach, choose the approach which is the most likely to solve the objective.
- If the agent is stuck or think he cannot resolve the objective, encourage him and try to find a solution together. Your role is to support the agent in his quest. It's sometimes necessary to slightly cheer him up
- No infinite loop!!! If you detect that the agent sends multiple times the exact same message/question, you are probably in an infinite loop. Try to break it by re-focusing on the objective and how to approach it.
- You must always be crip and inflexible. Keep in mind the objective
- Remember that the agent should do the following. If you feel this is not the case, remember him:
-  * Document his work
-  * Have a very rigorous and clean approach
-  * Focus on the total resolution of the objective.
- Challenge the Solver whenever they drift toward summarising existing work instead of advancing the concrete proof or solution.
-
-Respond **only** with JSON in this exact shape:
-```json
-{"directive":"<directive or next step>","rationale":"<why this is the right move>"}
-```
-Keep `directive` actionable and concise. Use `rationale` for supporting detail. Leave `rationale` empty if it adds no value.
--- a/codex-rs/codex-infty/src/prompts/mod.rs
+++ b/codex-rs/codex-infty/src/prompts/mod.rs
@@ -1,80 +0,0 @@
-use codex_core::config::Config;
-pub(crate) const DIRECTOR_PROMPT: &str = include_str!("director.md");
-pub(crate) const SOLVER_PROMPT: &str = include_str!("solver.md");
-pub(crate) const VERIFIER_PROMPT: &str = include_str!("verifier.md");
-
-pub fn ensure_instructions(role: &str, config: &mut Config) {
-    if config.base_instructions.is_none()
-        && let Some(text) = default_instructions_for_role(role)
-    {
-        config.base_instructions = Some(text.to_string());
-    }
-}
-
-fn default_instructions_for_role(role: &str) -> Option<&'static str> {
-    let normalized = role.to_ascii_lowercase();
-    if normalized == "solver" {
-        Some(SOLVER_PROMPT)
-    } else if normalized == "director" {
-        Some(DIRECTOR_PROMPT)
-    } else if normalized.starts_with("verifier") {
-        Some(VERIFIER_PROMPT)
-    } else {
-        None
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use core_test_support::load_default_config_for_test;
-    use tempfile::TempDir;
-
-    #[test]
-    fn provides_prompts_for_known_roles() {
-        let home = TempDir::new().unwrap();
-        let mut config = load_default_config_for_test(&home);
-        config.base_instructions = None;
-        ensure_instructions("solver", &mut config);
-        assert!(
-            config
-                .base_instructions
-                .as_ref()
-                .unwrap()
-                .contains("You are a brilliant mathematician")
-        );
-
-        let home = TempDir::new().unwrap();
-        let mut config = load_default_config_for_test(&home);
-        config.base_instructions = None;
-        ensure_instructions("director", &mut config);
-        assert!(
-            config
-                .base_instructions
-                .as_ref()
-                .unwrap()
-                .contains("You are the **Director**")
-        );
-
-        let home = TempDir::new().unwrap();
-        let mut config = load_default_config_for_test(&home);
-        config.base_instructions = None;
-        ensure_instructions("verifier-alpha", &mut config);
-        assert!(
-            config
-                .base_instructions
-                .as_ref()
-                .unwrap()
-                .contains("You are the **Verifier**")
-        );
-    }
-
-    #[test]
-    fn does_not_override_existing_instructions() {
-        let home = TempDir::new().unwrap();
-        let mut config = load_default_config_for_test(&home);
-        config.base_instructions = Some("custom".to_string());
-        ensure_instructions("solver", &mut config);
-        assert_eq!(config.base_instructions.as_deref(), Some("custom"));
-    }
-}
--- a/codex-rs/codex-infty/src/prompts/solver.md
+++ b/codex-rs/codex-infty/src/prompts/solver.md
@@ -1,40 +0,0 @@
-You are a brilliant mathematician tasked with producing **new** reasoning, proof, construction, or counterexample that resolves the stated objective. Your goal is to make actual progress in science while being rigorous and innovative.
-
-You MUST solve the provided objective in its totality. If not known solutions exist, it is your job to find a new one or to propose an intelligent approach.
-A result stating that this is not possible is not acceptable. If the solution does not exist, make it happen.
-
-## Responsibilities
- Understand the objective and break it into a living execution plan.
- Produce artifacts under `artifacts/`, durable notes under `memory/`, and supporting indexes under `index/`. Prefer `apply_patch` for text edits and use `shell` for other filesystem work.
- When you exit a task or take a dependency on external evidence, write JSON notes in `memory/claims/` that link to the supporting artifacts.
- Run verification steps (tests, linters, proofs) under the sandbox before claiming completion.
- Every deliverable must include the actual solution or proof (not just a literature review) and enough detail for the Verifier to reproduce or scrutinise it.
- Your goal is to find new solutions to problems for which humans does not have solution yet. So do not focus on looking over the internet or in the literature and try building your own proofs.
- You are very rigorous in your approach.
- You do not fear new challenges. If a problem seems to be impossible to solve, try!
-
-Available Codex tools mirror standard Codex sessions (e.g. `shell`, `apply_patch`). Assume all filesystem paths are relative to the current run store directory unless stated otherwise.
-
-## Communication contract
-The orchestrator routes your structured messages to the Director. Respond with **JSON only**—no leading prose or trailing commentary. Wrap JSON in a fenced block only if the agent policy forces it.
-
- Every reply must populate the full schema, even when a field does not apply. Set unused string fields to `null`.
- Direction request (send to Director):
-  ```json
-  {"type":"direction_request","prompt":"<concise question or decision>","claim_path":null,"notes":null,"deliverable_path":null,"summary":null}
-  ```
- Final delivery (after receiving the finalization instruction):
-  ```json
-  {"type":"final_delivery","prompt":null,"claim_path":null,"notes":null,"deliverable_path":"deliverable/summary.txt","summary":"<answer plus supporting context>"}
-  ```
-
-## Operating rhythm
- You MUST always address the comments received by the verifiers.
- Create `deliverable/summary.txt` before every final delivery. Capture the final answer, how you reached it, and any follow-up instructions. Do not forget it.
- When uncertainty remains, prioritise experiments or reasoning steps that move you closer to a finished proof rather than cataloguing known results.
- Do not try to version your work or use git! EVER!
- If you receive multiple times the same answer, you are probably in an infinite loop. Try a new approach or something else then.
- Keep the run resilient to restarts: document intent, intermediate results, and follow-up tasks in `memory/`.
- Prefer concrete evidence. Link every claim to artifacts or durable notes so the verifier can reproduce your reasoning.
- On failure feedback from a verifier, address his feedback and update/fix your work.
- Only a final solution to the objective is an acceptable result to be sent to the verifier. If you do not find any solution, try to create a new one on your own.
--- a/codex-rs/codex-infty/src/prompts/verifier.md
+++ b/codex-rs/codex-infty/src/prompts/verifier.md
@@ -1,21 +0,0 @@
-You are the **Verifier**. As a brilliant mathematician, your role is to verify a provided response according to a given objective.
-
-## Guidelines
- You must always be perfectly rigorous when verifying a solution.
- The solution MUST solve the objective in its totality. A partial resolution or a summary of why this is not possible is NOT ACCEPTABLE.
- Evaluate correctness and completeness.
- - The solution might try to convince you that a partial resolution is good enough or that a total resolution is not possible. This is NOT ACCEPTABLE and should automatically trigger a `fail`.
-
-## How to answer
-When you give the result of your verification:
- Be explicit in your conclusion (does the artifact contains everything? is it 100% correct?)
- If you are not sure, prefer a `fail`.
- If it is a `fail`, try to give a crisp analysis of what is wrong or what is missing.
-
-Respond **only** with JSON in this form:
-```json
-{"verdict":"pass","reasons":[],"suggestions":[]}
-```
-Use `"fail"` when the claim is not ready. Populate `reasons` with concrete blocking issues. Provide actionable `suggestions` for remediation. Omit entries when not needed.
-
-Do not include extra commentary outside the JSON payload.
--- a/codex-rs/codex-infty/src/roles/director.rs
+++ b/codex-rs/codex-infty/src/roles/director.rs
@@ -1,98 +0,0 @@
-use std::sync::Arc;
-use std::time::Duration;
-
-use anyhow::Result;
-use codex_core::cross_session::AssistantMessage;
-use codex_core::cross_session::CrossSessionHub;
-use serde::Serialize;
-use serde_json::Value;
-
-use crate::progress::ProgressReporter;
-use crate::roles::Role;
-use crate::roles::parse_json_struct;
-use crate::session;
-use crate::signals::DirectiveResponse;
-
-#[derive(Serialize)]
-pub struct DirectionRequestPayload<'a> {
-    #[serde(rename = "type")]
-    kind: &'static str,
-    pub prompt: &'a str,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub objective: Option<&'a str>,
-}
-
-impl<'a> DirectionRequestPayload<'a> {
-    pub fn new(prompt: &'a str, objective: Option<&'a str>) -> Self {
-        Self {
-            kind: "direction_request",
-            prompt,
-            objective,
-        }
-    }
-}
-
-pub struct DirectorRole {
-    hub: Arc<CrossSessionHub>,
-    run_id: String,
-    role: String,
-    timeout: Duration,
-    progress: Option<Arc<dyn ProgressReporter>>,
-}
-
-impl DirectorRole {
-    pub fn new(
-        hub: Arc<CrossSessionHub>,
-        run_id: impl Into<String>,
-        role: impl Into<String>,
-        timeout: Duration,
-        progress: Option<Arc<dyn ProgressReporter>>,
-    ) -> Self {
-        Self {
-            hub,
-            run_id: run_id.into(),
-            role: role.into(),
-            timeout,
-            progress,
-        }
-    }
-
-    pub fn response_schema() -> Value {
-        serde_json::json!({
-            "type": "object",
-            "required": ["directive", "rationale"],
-            "properties": {
-                "directive": { "type": "string" },
-                "rationale": { "type": ["string", "null"] }
-            },
-            "additionalProperties": false
-        })
-    }
-}
-
-impl Role<DirectionRequestPayload<'_>, DirectiveResponse> for DirectorRole {
-    fn call<'a>(
-        &'a self,
-        req: &'a DirectionRequestPayload<'a>,
-    ) -> futures::future::BoxFuture<'a, Result<DirectiveResponse>> {
-        Box::pin(async move {
-            let request_text = serde_json::to_string_pretty(req)?;
-            let handle = session::post_turn(
-                self.hub.as_ref(),
-                &self.run_id,
-                &self.role,
-                request_text,
-                Some(Self::response_schema()),
-            )
-            .await?;
-            let progress = self
-                .progress
-                .as_deref()
-                .map(|reporter| (reporter, self.role.as_str()));
-            let response: AssistantMessage =
-                session::await_first_idle(self.hub.as_ref(), &handle, self.timeout, progress)
-                    .await?;
-            parse_json_struct(&response.message.message)
-        })
-    }
-}
--- a/codex-rs/codex-infty/src/roles/mod.rs
+++ b/codex-rs/codex-infty/src/roles/mod.rs
@@ -1,49 +0,0 @@
-use anyhow::Result;
-use futures::future::BoxFuture;
-
-pub mod director;
-pub mod solver;
-pub mod verifier;
-pub mod verifier_pool;
-
-pub trait Role<Req, Resp> {
-    fn call<'a>(&'a self, req: &'a Req) -> BoxFuture<'a, Result<Resp>>;
-}
-
-// Shared helpers used by role implementations
-use anyhow::Context as _;
-use anyhow::anyhow;
-use std::any::type_name;
-
-pub(crate) fn strip_json_code_fence(text: &str) -> Option<&str> {
-    let trimmed = text.trim();
-    if let Some(rest) = trimmed.strip_prefix("```json") {
-        return rest.strip_suffix("```").map(str::trim);
-    }
-    if let Some(rest) = trimmed.strip_prefix("```JSON") {
-        return rest.strip_suffix("```").map(str::trim);
-    }
-    if let Some(rest) = trimmed.strip_prefix("```") {
-        return rest.strip_suffix("```").map(str::trim);
-    }
-    None
-}
-
-pub(crate) fn parse_json_struct<T>(message: &str) -> Result<T>
-where
-    T: serde::de::DeserializeOwned,
-{
-    let trimmed = message.trim();
-    if trimmed.is_empty() {
-        return Err(anyhow!("message was empty"));
-    }
-
-    serde_json::from_str(trimmed)
-        .or_else(|err| {
-            strip_json_code_fence(trimmed)
-                .map(|inner| serde_json::from_str(inner))
-                .unwrap_or_else(|| Err(err))
-        })
-        .map_err(|err| anyhow!(err))
-        .with_context(|| format!("failed to parse message as {}", type_name::<T>()))
-}
--- a/codex-rs/codex-infty/src/roles/solver.rs
+++ b/codex-rs/codex-infty/src/roles/solver.rs
@@ -1,202 +0,0 @@
-use std::sync::Arc;
-use std::time::Duration;
-
-use anyhow::Result;
-use codex_core::cross_session::AssistantMessage;
-use codex_core::cross_session::CrossSessionHub;
-use codex_core::cross_session::SessionEventStream;
-use codex_protocol::ConversationId;
-use serde::de::Error as _;
-use serde_json::Value;
-
-use crate::progress::ProgressReporter;
-use crate::roles::Role;
-use crate::session;
-use crate::signals::AggregatedVerifierVerdict;
-use crate::signals::DirectiveResponse;
-
-pub struct SolverRole {
-    hub: Arc<CrossSessionHub>,
-    run_id: String,
-    role: String,
-    conversation_id: ConversationId,
-    progress: Option<Arc<dyn ProgressReporter>>,
-}
-
-impl SolverRole {
-    pub fn new(
-        hub: Arc<CrossSessionHub>,
-        run_id: impl Into<String>,
-        role: impl Into<String>,
-        conversation_id: ConversationId,
-        progress: Option<Arc<dyn ProgressReporter>>,
-    ) -> Self {
-        Self {
-            hub,
-            run_id: run_id.into(),
-            role: role.into(),
-            conversation_id,
-            progress,
-        }
-    }
-
-    pub fn solver_signal_schema() -> Value {
-        // Only allow asking the director or sending the final result.
-        serde_json::json!({
-            "type": "object",
-            "properties": {
-                "type": { "type": "string", "enum": ["direction_request", "final_delivery"] },
-                "prompt": { "type": ["string", "null"] },
-                "deliverable_path": { "type": ["string", "null"] },
-                "summary": { "type": ["string", "null"] }
-            },
-            "required": ["type", "prompt", "deliverable_path", "summary"],
-            "additionalProperties": false
-        })
-    }
-
-    pub fn final_delivery_schema() -> Value {
-        serde_json::json!({
-            "type": "object",
-            "required": ["type", "deliverable_path", "summary"],
-            "properties": {
-                "type": { "const": "final_delivery" },
-                "deliverable_path": { "type": "string" },
-                "summary": { "type": ["string", "null"] }
-            },
-            "additionalProperties": false
-        })
-    }
-
-    pub async fn post(
-        &self,
-        text: impl Into<String>,
-        final_output_json_schema: Option<Value>,
-    ) -> Result<()> {
-        let _ = session::post_turn(
-            self.hub.as_ref(),
-            &self.run_id,
-            &self.role,
-            text,
-            final_output_json_schema,
-        )
-        .await?;
-        Ok(())
-    }
-
-    pub fn stream_events(
-        &self,
-    ) -> Result<SessionEventStream, codex_core::cross_session::CrossSessionError> {
-        self.hub.stream_events(self.conversation_id)
-    }
-
-    pub async fn request_finalization_signal(&self) -> Result<()> {
-        let handle = session::post_turn(
-            self.hub.as_ref(),
-            &self.run_id,
-            &self.role,
-            crate::types::FINALIZATION_PROMPT,
-            Some(Self::final_delivery_schema()),
-        )
-        .await?;
-        // Allow more time for the solver to start emitting the
-        // finalization signal before timing out as "idle".
-        let _ =
-            session::await_first_idle(self.hub.as_ref(), &handle, Duration::from_secs(120), None)
-                .await?;
-        Ok(())
-    }
-}
-
-pub struct SolverPost {
-    pub text: String,
-    pub final_output_json_schema: Option<Value>,
-    pub timeout: Duration,
-}
-
-pub enum SolverRequest {
-    Directive(DirectiveResponse),
-    VerificationSummary(AggregatedVerifierVerdict),
-}
-
-impl From<DirectiveResponse> for SolverRequest {
-    fn from(d: DirectiveResponse) -> Self {
-        SolverRequest::Directive(d)
-    }
-}
-
-impl From<&AggregatedVerifierVerdict> for SolverRequest {
-    fn from(v: &AggregatedVerifierVerdict) -> Self {
-        SolverRequest::VerificationSummary(v.clone())
-    }
-}
-
-impl SolverRequest {
-    fn to_text(&self) -> Result<String> {
-        match self {
-            SolverRequest::Directive(d) => Ok(serde_json::to_string_pretty(d)?),
-            SolverRequest::VerificationSummary(s) => Ok(serde_json::to_string_pretty(s)?),
-        }
-    }
-}
-
-impl Role<SolverPost, AssistantMessage> for SolverRole {
-    fn call<'a>(
-        &'a self,
-        req: &'a SolverPost,
-    ) -> futures::future::BoxFuture<'a, Result<AssistantMessage>> {
-        Box::pin(async move {
-            let handle = session::post_turn(
-                self.hub.as_ref(),
-                &self.run_id,
-                &self.role,
-                req.text.clone(),
-                req.final_output_json_schema.clone(),
-            )
-            .await?;
-            let progress = self
-                .progress
-                .as_deref()
-                .map(|reporter| (reporter, self.role.as_str()));
-            session::await_first_idle(self.hub.as_ref(), &handle, req.timeout, progress).await
-        })
-    }
-}
-
-impl Role<SolverRequest, ()> for SolverRole {
-    fn call<'a>(&'a self, req: &'a SolverRequest) -> futures::future::BoxFuture<'a, Result<()>> {
-        Box::pin(async move {
-            let text = req.to_text()?;
-            self.post(text, Some(Self::solver_signal_schema())).await
-        })
-    }
-}
-
-#[derive(Debug, serde::Deserialize)]
-#[serde(tag = "type", rename_all = "snake_case")]
-pub enum SolverSignal {
-    DirectionRequest {
-        #[serde(default)]
-        prompt: Option<String>,
-    },
-    FinalDelivery {
-        #[serde(default)]
-        deliverable_path: Option<String>,
-        #[serde(default)]
-        summary: Option<String>,
-    },
-}
-
-pub fn parse_solver_signal(message: &str) -> Option<SolverSignal> {
-    let trimmed = message.trim();
-    if trimmed.is_empty() {
-        return None;
-    }
-    serde_json::from_str(trimmed)
-        .or_else(|_| {
-            crate::roles::strip_json_code_fence(trimmed)
-                .map(|inner| serde_json::from_str(inner.trim()))
-                .unwrap_or_else(|| Err(serde_json::Error::custom("invalid payload")))
-        })
-        .ok()
-}
--- a/codex-rs/codex-infty/src/roles/verifier.rs
+++ b/codex-rs/codex-infty/src/roles/verifier.rs
@@ -1,132 +0,0 @@
-use std::sync::Arc;
-use std::time::Duration;
-
-use anyhow::Result;
-use codex_core::cross_session::AssistantMessage;
-use codex_core::cross_session::CrossSessionHub;
-use serde::Serialize;
-use serde_json::Value;
-
-use crate::progress::ProgressReporter;
-use crate::roles::Role;
-use crate::roles::parse_json_struct;
-use crate::session;
-use crate::signals::VerifierVerdict;
-
-#[derive(Serialize)]
-pub struct VerificationRequestPayload<'a> {
-    #[serde(rename = "type")]
-    kind: &'static str,
-    pub claim_path: &'a str,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub notes: Option<&'a str>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub objective: Option<&'a str>,
-}
-
-impl<'a> VerificationRequestPayload<'a> {
-    pub fn new(claim_path: &'a str, notes: Option<&'a str>, objective: Option<&'a str>) -> Self {
-        Self {
-            kind: "verification_request",
-            claim_path,
-            notes,
-            objective,
-        }
-    }
-}
-
-pub struct VerifierRole {
-    hub: Arc<CrossSessionHub>,
-    run_id: String,
-    role: String,
-    timeout: Duration,
-    progress: Option<Arc<dyn ProgressReporter>>,
-}
-
-impl VerifierRole {
-    pub fn new(
-        hub: Arc<CrossSessionHub>,
-        run_id: impl Into<String>,
-        role: impl Into<String>,
-        timeout: Duration,
-        progress: Option<Arc<dyn ProgressReporter>>,
-    ) -> Self {
-        Self {
-            hub,
-            run_id: run_id.into(),
-            role: role.into(),
-            timeout,
-            progress,
-        }
-    }
-
-    pub fn role(&self) -> &str {
-        &self.role
-    }
-
-    pub fn response_schema() -> Value {
-        serde_json::json!({
-            "type": "object",
-            "required": ["verdict", "reasons", "suggestions"],
-            "properties": {
-                "verdict": { "type": "string", "enum": ["pass", "fail"] },
-                "reasons": { "type": "array", "items": { "type": "string" } },
-                "suggestions": { "type": "array", "items": { "type": "string" } }
-            },
-            "additionalProperties": false
-        })
-    }
-}
-
-impl Role<VerificationRequestPayload<'_>, VerifierVerdict> for VerifierRole {
-    fn call<'a>(
-        &'a self,
-        req: &'a VerificationRequestPayload<'a>,
-    ) -> futures::future::BoxFuture<'a, Result<VerifierVerdict>> {
-        Box::pin(async move {
-            let request_text = serde_json::to_string_pretty(req)?;
-            let handle = session::post_turn(
-                self.hub.as_ref(),
-                &self.run_id,
-                &self.role,
-                request_text,
-                Some(Self::response_schema()),
-            )
-            .await?;
-            let progress = self
-                .progress
-                .as_deref()
-                .map(|reporter| (reporter, self.role.as_str()));
-            let response: AssistantMessage =
-                session::await_first_idle(self.hub.as_ref(), &handle, self.timeout, progress)
-                    .await?;
-            parse_json_struct(&response.message.message)
-        })
-    }
-}
-
-pub fn aggregate_verdicts(items: Vec<(String, VerifierVerdict)>) -> AggregatedVerifierVerdict {
-    let mut overall = VerifierDecision::Pass;
-    let mut verdicts = Vec::with_capacity(items.len());
-
-    for (role, verdict) in items {
-        if !verdict.verdict.is_pass() {
-            overall = VerifierDecision::Fail;
-        }
-        verdicts.push(VerifierReport {
-            role,
-            verdict: verdict.verdict,
-            reasons: verdict.reasons,
-            suggestions: verdict.suggestions,
-        });
-    }
-
-    AggregatedVerifierVerdict {
-        kind: "verification_feedback",
-        overall,
-        verdicts,
-    }
-}
-use crate::signals::AggregatedVerifierVerdict;
-use crate::signals::VerifierDecision;
-use crate::signals::VerifierReport;
--- a/codex-rs/codex-infty/src/roles/verifier_pool.rs
+++ b/codex-rs/codex-infty/src/roles/verifier_pool.rs
@@ -1,153 +0,0 @@
-use std::sync::Arc;
-use std::time::Duration;
-
-use anyhow::Context as _;
-use anyhow::Result;
-use codex_core::ConversationManager;
-use codex_core::cross_session::CrossSessionHub;
-use codex_core::protocol::Op;
-
-use crate::progress::ProgressReporter;
-use crate::prompts;
-use crate::roles::Role;
-use crate::roles::verifier::VerificationRequestPayload;
-use crate::roles::verifier::VerifierRole;
-use crate::roles::verifier::aggregate_verdicts;
-use crate::session;
-use crate::signals::AggregatedVerifierVerdict;
-use crate::signals::VerifierVerdict;
-use crate::types::RoleConfig;
-use crate::types::RunSessions;
-
-pub struct VerificationRound {
-    pub summary: AggregatedVerifierVerdict,
-    pub passing_roles: Vec<String>,
-}
-
-pub struct VerifierPool {
-    hub: Arc<CrossSessionHub>,
-    run_id: String,
-    timeout: Duration,
-    progress: Option<Arc<dyn ProgressReporter>>,
-    roles: Vec<VerifierRole>,
-}
-
-impl VerifierPool {
-    pub fn from_sessions(
-        hub: Arc<CrossSessionHub>,
-        sessions: &RunSessions,
-        timeout: Duration,
-        progress: Option<Arc<dyn ProgressReporter>>,
-    ) -> Self {
-        let roles = sessions
-            .verifiers
-            .iter()
-            .map(|v| {
-                VerifierRole::new(
-                    Arc::clone(&hub),
-                    sessions.run_id.clone(),
-                    v.role.clone(),
-                    timeout,
-                    progress.clone(),
-                )
-            })
-            .collect();
-        Self {
-            hub,
-            run_id: sessions.run_id.clone(),
-            timeout,
-            progress,
-            roles,
-        }
-    }
-
-    pub fn is_empty(&self) -> bool {
-        self.roles.is_empty()
-    }
-
-    pub async fn collect_round(
-        &self,
-        request: &VerificationRequestPayload<'_>,
-    ) -> Result<VerificationRound> {
-        let futures = self
-            .roles
-            .iter()
-            .map(|role| async {
-                let name = role.role().to_string();
-                let verdict = role.call(request).await;
-                (name, verdict)
-            })
-            .collect::<Vec<_>>();
-        let joined = futures::future::join_all(futures).await;
-
-        let mut results: Vec<(String, VerifierVerdict)> = Vec::with_capacity(joined.len());
-        let mut passing_roles: Vec<String> = Vec::new();
-        for (name, verdict_res) in joined.into_iter() {
-            let verdict = verdict_res
-                .with_context(|| format!("verifier {} returned invalid verdict JSON", name))?;
-            if let Some(progress) = self.progress.as_ref() {
-                progress.verifier_verdict(&name, &verdict);
-            }
-            if verdict.verdict.is_pass() {
-                passing_roles.push(name.clone());
-            }
-            results.push((name, verdict));
-        }
-        let summary = aggregate_verdicts(results);
-        Ok(VerificationRound {
-            summary,
-            passing_roles,
-        })
-    }
-
-    pub fn replace_role(&mut self, role_name: &str) {
-        if let Some(idx) = self.roles.iter().position(|v| v.role() == role_name) {
-            self.roles[idx] = VerifierRole::new(
-                Arc::clone(&self.hub),
-                self.run_id.clone(),
-                role_name.to_string(),
-                self.timeout,
-                self.progress.clone(),
-            );
-        }
-    }
-
-    pub async fn rotate_passing(
-        &mut self,
-        sessions: &mut RunSessions,
-        manager: &ConversationManager,
-        passing_roles: &[String],
-    ) -> Result<()> {
-        for role in passing_roles {
-            // find existing index
-            let Some(idx) = sessions.verifiers.iter().position(|s| &s.role == role) else {
-                continue;
-            };
-            let old = &sessions.verifiers[idx];
-            // best-effort shutdown and unregister
-            let _ = old.conversation.submit(Op::Shutdown).await;
-            let _ = manager.remove_conversation(&old.conversation_id).await;
-
-            // Reuse the existing verifier's config so overrides (e.g., base_url in tests)
-            // are preserved when respawning a passing verifier.
-            let config = old.config.clone();
-            let role_config = RoleConfig::new(role.to_string(), config);
-            let run_path = sessions.store.path();
-            let session = session::spawn_role(
-                Arc::clone(&self.hub),
-                manager,
-                &self.run_id,
-                run_path,
-                role_config,
-                prompts::ensure_instructions,
-            )
-            .await?;
-            sessions
-                .store
-                .update_rollout_path(&session.role, session.rollout_path.clone())?;
-            sessions.verifiers[idx] = session;
-            self.replace_role(role);
-        }
-        Ok(())
-    }
-}
--- a/codex-rs/codex-infty/src/run_store.rs
+++ b/codex-rs/codex-infty/src/run_store.rs
@@ -1,211 +0,0 @@
-use std::fs;
-use std::io::Write;
-use std::path::Path;
-use std::path::PathBuf;
-
-use anyhow::Context;
-use anyhow::Result;
-use anyhow::anyhow;
-use chrono::DateTime;
-use chrono::Utc;
-use serde::Deserialize;
-use serde::Serialize;
-use tempfile::NamedTempFile;
-
-const ARTIFACTS_DIR: &str = "artifacts";
-const MEMORY_DIR: &str = "memory";
-const INDEX_DIR: &str = "index";
-const DELIVERABLE_DIR: &str = "deliverable";
-const METADATA_FILE: &str = "run.json";
-
-#[derive(Debug, Clone, Serialize, Deserialize)]
-pub struct RoleMetadata {
-    pub role: String,
-    #[serde(default, skip_serializing_if = "Option::is_none")]
-    pub rollout_path: Option<PathBuf>,
-    #[serde(default, skip_serializing_if = "Option::is_none")]
-    pub config_path: Option<PathBuf>,
-}
-
-#[derive(Debug, Clone, Serialize, Deserialize)]
-pub struct RunMetadata {
-    pub run_id: String,
-    pub created_at: DateTime<Utc>,
-    pub updated_at: DateTime<Utc>,
-    pub roles: Vec<RoleMetadata>,
-}
-
-#[derive(Debug, Clone)]
-pub struct RunStore {
-    path: PathBuf,
-    metadata: RunMetadata,
-}
-
-impl RunStore {
-    pub fn initialize(
-        run_path: impl AsRef<Path>,
-        run_id: &str,
-        roles: &[RoleMetadata],
-    ) -> Result<Self> {
-        let run_path = run_path.as_ref().to_path_buf();
-        fs::create_dir_all(&run_path)
-            .with_context(|| format!("failed to create run directory {}", run_path.display()))?;
-
-        for child in [ARTIFACTS_DIR, MEMORY_DIR, INDEX_DIR, DELIVERABLE_DIR] {
-            fs::create_dir_all(run_path.join(child))
-                .with_context(|| format!("failed to create subdirectory {child}"))?;
-        }
-
-        let metadata_path = run_path.join(METADATA_FILE);
-        if metadata_path.exists() {
-            return Err(anyhow!(
-                "run metadata already exists at {}",
-                metadata_path.display()
-            ));
-        }
-
-        let now = Utc::now();
-        let metadata = RunMetadata {
-            run_id: run_id.to_string(),
-            created_at: now,
-            updated_at: now,
-            roles: roles.to_vec(),
-        };
-        write_metadata(&metadata_path, &metadata)?;
-
-        Ok(Self {
-            path: run_path,
-            metadata,
-        })
-    }
-
-    pub fn load(run_path: impl AsRef<Path>) -> Result<Self> {
-        let run_path = run_path.as_ref().to_path_buf();
-        let metadata_path = run_path.join(METADATA_FILE);
-        let metadata: RunMetadata = serde_json::from_slice(
-            &fs::read(&metadata_path)
-                .with_context(|| format!("failed to read {}", metadata_path.display()))?,
-        )
-        .with_context(|| format!("failed to parse {}", metadata_path.display()))?;
-
-        Ok(Self {
-            path: run_path,
-            metadata,
-        })
-    }
-
-    pub fn path(&self) -> &Path {
-        &self.path
-    }
-
-    pub fn metadata(&self) -> &RunMetadata {
-        &self.metadata
-    }
-
-    pub fn role_metadata(&self, role: &str) -> Option<&RoleMetadata> {
-        self.metadata.roles.iter().find(|meta| meta.role == role)
-    }
-
-    pub fn update_rollout_path(&mut self, role: &str, rollout_path: PathBuf) -> Result<()> {
-        if let Some(meta) = self
-            .metadata
-            .roles
-            .iter_mut()
-            .find(|meta| meta.role == role)
-        {
-            meta.rollout_path = Some(rollout_path);
-            self.commit_metadata()
-        } else {
-            Err(anyhow!("role {role} not found in run store"))
-        }
-    }
-
-    pub fn set_role_config_path(&mut self, role: &str, path: PathBuf) -> Result<()> {
-        if let Some(meta) = self
-            .metadata
-            .roles
-            .iter_mut()
-            .find(|meta| meta.role == role)
-        {
-            meta.config_path = Some(path);
-            self.commit_metadata()
-        } else {
-            Err(anyhow!("role {role} not found in run store"))
-        }
-    }
-
-    pub fn touch(&mut self) -> Result<()> {
-        self.metadata.updated_at = Utc::now();
-        self.commit_metadata()
-    }
-
-    fn commit_metadata(&mut self) -> Result<()> {
-        self.metadata.updated_at = Utc::now();
-        let metadata_path = self.path.join(METADATA_FILE);
-        write_metadata(&metadata_path, &self.metadata)
-    }
-}
-
-fn write_metadata(path: &Path, metadata: &RunMetadata) -> Result<()> {
-    let parent = path
-        .parent()
-        .ok_or_else(|| anyhow!("metadata path must have parent"))?;
-    let mut temp = NamedTempFile::new_in(parent)
-        .with_context(|| format!("failed to create temp file in {}", parent.display()))?;
-    serde_json::to_writer_pretty(&mut temp, metadata)?;
-    temp.flush()?;
-    temp.persist(path)
-        .with_context(|| format!("failed to persist metadata to {}", path.display()))?;
-    Ok(())
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use tempfile::TempDir;
-
-    #[test]
-    fn initialize_creates_directories_and_metadata() {
-        let temp = TempDir::new().unwrap();
-        let run_path = temp.path().join("run_1");
-        let roles = vec![
-            RoleMetadata {
-                role: "solver".into(),
-                rollout_path: None,
-                config_path: None,
-            },
-            RoleMetadata {
-                role: "director".into(),
-                rollout_path: None,
-                config_path: None,
-            },
-        ];
-
-        let store = RunStore::initialize(&run_path, "run_1", &roles).unwrap();
-        assert!(store.path().join(ARTIFACTS_DIR).is_dir());
-        assert!(store.path().join(MEMORY_DIR).is_dir());
-        assert!(store.path().join(INDEX_DIR).is_dir());
-        assert!(store.path().join(DELIVERABLE_DIR).is_dir());
-        assert_eq!(store.metadata().roles.len(), 2);
-    }
-
-    #[test]
-    fn update_rollout_persists_metadata() {
-        let temp = TempDir::new().unwrap();
-        let run_path = temp.path().join("run_2");
-        let roles = vec![RoleMetadata {
-            role: "solver".into(),
-            rollout_path: None,
-            config_path: None,
-        }];
-        let mut store = RunStore::initialize(&run_path, "run_2", &roles).unwrap();
-        let rollout = PathBuf::from("/tmp/rollout.jsonl");
-        store
-            .update_rollout_path("solver", rollout.clone())
-            .unwrap();
-
-        let loaded = RunStore::load(&run_path).unwrap();
-        let solver = loaded.role_metadata("solver").unwrap();
-        assert_eq!(solver.rollout_path.as_ref().unwrap(), &rollout);
-    }
-}
--- a/codex-rs/codex-infty/src/session.rs
+++ b/codex-rs/codex-infty/src/session.rs
@@ -1,112 +0,0 @@
-use std::path::Path;
-use std::sync::Arc;
-use std::time::Duration;
-
-use anyhow::Result;
-use anyhow::anyhow;
-use anyhow::bail;
-use codex_core::ConversationManager;
-use codex_core::CrossSessionSpawnParams;
-use codex_core::config::Config;
-use codex_core::cross_session::AssistantMessage;
-use codex_core::cross_session::CrossSessionError;
-use codex_core::cross_session::CrossSessionHub;
-use codex_core::cross_session::PostUserTurnRequest;
-use codex_core::cross_session::RoleOrId;
-use codex_core::cross_session::TurnHandle;
-use serde_json::Value;
-use tokio::time::Instant;
-use tokio_stream::StreamExt as _;
-
-use crate::progress::ProgressReporter;
-use crate::types::RoleConfig;
-use crate::types::RoleSession;
-
-pub async fn spawn_role(
-    hub: Arc<CrossSessionHub>,
-    manager: &ConversationManager,
-    run_id: &str,
-    run_path: &Path,
-    role_config: RoleConfig,
-    ensure_instructions: impl FnOnce(&str, &mut Config),
-) -> Result<RoleSession> {
-    let RoleConfig {
-        role, mut config, ..
-    } = role_config;
-    config.cwd = run_path.to_path_buf();
-    ensure_instructions(&role, &mut config);
-    let cfg_for_session = config.clone();
-    let session = manager
-        .new_conversation_with_cross_session(
-            cfg_for_session,
-            CrossSessionSpawnParams {
-                hub: Arc::clone(&hub),
-                run_id: Some(run_id.to_string()),
-                role: Some(role.clone()),
-            },
-        )
-        .await?;
-    // Note: include the final config used to spawn the session
-    Ok(RoleSession::from_new(role, session, config))
-}
-
-// resumable runs are disabled for now; resume_role removed
-
-pub async fn post_turn(
-    hub: &CrossSessionHub,
-    run_id: &str,
-    role: &str,
-    text: impl Into<String>,
-    final_output_json_schema: Option<Value>,
-) -> Result<TurnHandle, CrossSessionError> {
-    hub.post_user_turn(PostUserTurnRequest {
-        target: RoleOrId::RunRole {
-            run_id: run_id.to_string(),
-            role: role.to_string(),
-        },
-        text: text.into(),
-        final_output_json_schema,
-    })
-    .await
-}
-
-pub async fn await_first_idle(
-    hub: &CrossSessionHub,
-    handle: &TurnHandle,
-    idle_timeout: Duration,
-    progress: Option<(&dyn ProgressReporter, &str)>,
-) -> Result<AssistantMessage> {
-    let mut events = hub.stream_events(handle.conversation_id())?;
-    let wait_first = hub.await_first_assistant(handle, idle_timeout);
-    tokio::pin!(wait_first);
-
-    let idle = tokio::time::sleep(idle_timeout);
-    tokio::pin!(idle);
-
-    let submission_id = handle.submission_id().to_string();
-
-    loop {
-        tokio::select! {
-            result = &mut wait_first => {
-                return result.map_err(|err| anyhow!(err));
-            }
-            maybe_event = events.next() => {
-                let Some(event) = maybe_event else {
-                    bail!(CrossSessionError::SessionClosed);
-                };
-                if event.event.id == submission_id {
-                    if let Some((reporter, role)) = progress {
-                        reporter.role_event(role, &event.event.msg);
-                    }
-                    if let codex_core::protocol::EventMsg::Error(err) = &event.event.msg {
-                        bail!(anyhow!(err.message.clone()));
-                    }
-                    idle.as_mut().reset(Instant::now() + idle_timeout);
-                }
-            }
-            _ = &mut idle => {
-                bail!(CrossSessionError::AwaitTimeout(idle_timeout));
-            }
-        }
-    }
-}
--- a/codex-rs/codex-infty/src/signals.rs
+++ b/codex-rs/codex-infty/src/signals.rs
@@ -1,55 +0,0 @@
-use serde::Deserialize;
-use serde::Serialize;
-
-#[derive(Debug, Deserialize, Serialize)]
-pub struct DirectiveResponse {
-    pub directive: String,
-    #[serde(default)]
-    pub rationale: Option<String>,
-}
-
-#[derive(Debug, Clone, Copy, Deserialize, Serialize, PartialEq, Eq)]
-#[serde(rename_all = "snake_case")]
-pub enum VerifierDecision {
-    Pass,
-    Fail,
-}
-
-impl VerifierDecision {
-    pub fn is_pass(self) -> bool {
-        matches!(self, VerifierDecision::Pass)
-    }
-}
-
-#[derive(Debug, Deserialize, Serialize, Clone)]
-pub struct VerifierVerdict {
-    pub verdict: VerifierDecision,
-    #[serde(default)]
-    pub reasons: Vec<String>,
-    #[serde(default)]
-    pub suggestions: Vec<String>,
-}
-
-#[derive(Debug, Serialize, Clone)]
-pub struct VerifierReport {
-    pub role: String,
-    pub verdict: VerifierDecision,
-    #[serde(default)]
-    pub reasons: Vec<String>,
-    #[serde(default)]
-    pub suggestions: Vec<String>,
-}
-
-#[derive(Debug, Serialize, Clone)]
-pub struct AggregatedVerifierVerdict {
-    #[serde(rename = "type")]
-    pub kind: &'static str,
-    pub overall: VerifierDecision,
-    pub verdicts: Vec<VerifierReport>,
-}
-
-impl From<&AggregatedVerifierVerdict> for String {
-    fn from(value: &AggregatedVerifierVerdict) -> Self {
-        serde_json::to_string_pretty(value).unwrap_or_else(|_| "{}".to_string())
-    }
-}
--- a/codex-rs/codex-infty/src/types.rs
+++ b/codex-rs/codex-infty/src/types.rs
@@ -1,103 +0,0 @@
-use std::path::PathBuf;
-use std::sync::Arc;
-use std::time::Duration;
-
-use codex_core::CodexConversation;
-use codex_core::NewConversation;
-use codex_core::config::Config;
-use codex_core::protocol::AskForApproval;
-use codex_core::protocol::SandboxPolicy;
-use codex_protocol::ConversationId;
-
-pub(crate) const DEFAULT_DIRECTOR_TIMEOUT: Duration = Duration::from_secs(1200);
-pub(crate) const DEFAULT_VERIFIER_TIMEOUT: Duration = Duration::from_secs(1800);
-pub(crate) const FINALIZATION_PROMPT: &str = "Create deliverable/: include compiled artifacts or scripts, usage docs, and tests. Write deliverable/summary.txt capturing the final answer, evidence, and follow-up steps. Also provide deliverable/README.md with overview, manifest (paths and sizes), verification steps, and limitations. Remove scratch files. Reply with JSON: {\"type\":\"final_delivery\",\"deliverable_path\":\"deliverable/summary.txt\",\"summary\":\"<answer plus supporting context>\"}.";
-
-#[derive(Clone)]
-pub struct RoleConfig {
-    pub role: String,
-    pub config: Config,
-    pub config_path: Option<PathBuf>,
-}
-
-impl RoleConfig {
-    pub fn new(role: impl Into<String>, mut config: Config) -> Self {
-        config.sandbox_policy = SandboxPolicy::DangerFullAccess;
-        config.approval_policy = AskForApproval::Never;
-        Self {
-            role: role.into(),
-            config,
-            config_path: None,
-        }
-    }
-
-    pub fn with_path(role: impl Into<String>, config: Config, config_path: PathBuf) -> Self {
-        Self {
-            role: role.into(),
-            config,
-            config_path: Some(config_path),
-        }
-    }
-}
-
-pub struct RunParams {
-    pub run_id: String,
-    pub run_root: Option<PathBuf>,
-    pub solver: RoleConfig,
-    pub director: RoleConfig,
-    pub verifiers: Vec<RoleConfig>,
-}
-
-#[derive(Clone)]
-pub struct RunExecutionOptions {
-    pub objective: Option<String>,
-    pub director_timeout: Duration,
-    pub verifier_timeout: Duration,
-}
-
-impl Default for RunExecutionOptions {
-    fn default() -> Self {
-        Self {
-            objective: None,
-            director_timeout: DEFAULT_DIRECTOR_TIMEOUT,
-            verifier_timeout: DEFAULT_VERIFIER_TIMEOUT,
-        }
-    }
-}
-
-pub struct RunOutcome {
-    pub run_id: String,
-    pub deliverable_path: PathBuf,
-    pub summary: Option<String>,
-    pub raw_message: String,
-}
-
-pub struct RoleSession {
-    pub role: String,
-    pub conversation_id: ConversationId,
-    pub conversation: Arc<CodexConversation>,
-    pub session_configured: codex_core::protocol::SessionConfiguredEvent,
-    pub rollout_path: PathBuf,
-    pub config: Config,
-}
-
-impl RoleSession {
-    pub(crate) fn from_new(role: String, session: NewConversation, config: Config) -> Self {
-        Self {
-            role,
-            conversation_id: session.conversation_id,
-            conversation: session.conversation,
-            session_configured: session.session_configured.clone(),
-            rollout_path: session.session_configured.rollout_path.clone(),
-            config,
-        }
-    }
-}
-
-pub struct RunSessions {
-    pub run_id: String,
-    pub solver: RoleSession,
-    pub director: RoleSession,
-    pub verifiers: Vec<RoleSession>,
-    pub store: crate::RunStore,
-}
--- a/codex-rs/codex-infty/src/utils.rs
+++ b/codex-rs/codex-infty/src/utils.rs
@@ -1,91 +0,0 @@
-use std::path::Path;
-use std::path::PathBuf;
-
-use anyhow::Context;
-use anyhow::Result;
-use anyhow::anyhow;
-use anyhow::bail;
-
-pub fn trim_to_non_empty(opt: Option<String>) -> Option<String> {
-    opt.and_then(|s| {
-        let trimmed = s.trim();
-        if trimmed.is_empty() {
-            None
-        } else {
-            Some(trimmed.to_string())
-        }
-    })
-}
-
-pub fn required_trimmed(opt: Option<String>, err_msg: &str) -> Result<String> {
-    trim_to_non_empty(opt).ok_or_else(|| anyhow!(err_msg.to_string()))
-}
-
-pub fn resolve_deliverable_path(base: &Path, candidate: &str) -> Result<PathBuf> {
-    let base_abs = base
-        .canonicalize()
-        .with_context(|| format!("failed to canonicalize run store {}", base.display()))?;
-
-    let candidate_path = Path::new(candidate);
-    let joined = if candidate_path.is_absolute() {
-        candidate_path.to_path_buf()
-    } else {
-        base_abs.join(candidate_path)
-    };
-
-    let resolved = joined.canonicalize().with_context(|| {
-        format!(
-            "failed to canonicalize deliverable path {}",
-            joined.display()
-        )
-    })?;
-
-    if !resolved.starts_with(&base_abs) {
-        bail!(
-            "deliverable path {} escapes run store {}",
-            resolved.display(),
-            base_abs.display()
-        );
-    }
-
-    Ok(resolved)
-}
-
-pub fn objective_as_str(options: &crate::types::RunExecutionOptions) -> Option<&str> {
-    options
-        .objective
-        .as_deref()
-        .map(str::trim)
-        .filter(|s| !s.is_empty())
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use tempfile::TempDir;
-
-    #[test]
-    fn resolve_deliverable_within_base() {
-        let tmp = TempDir::new().unwrap();
-        let base = tmp.path();
-        std::fs::create_dir_all(base.join("deliverable")).unwrap();
-        std::fs::write(base.join("deliverable").join("a.txt"), "ok").unwrap();
-        let resolved = resolve_deliverable_path(base, "deliverable/a.txt").unwrap();
-        let base_abs = base.canonicalize().unwrap();
-        assert!(resolved.starts_with(&base_abs));
-    }
-
-    #[test]
-    fn resolve_deliverable_rejects_escape() {
-        let tmp = TempDir::new().unwrap();
-        let base = tmp.path();
-        // Create a real file outside of base so canonicalization succeeds
-        let outside = TempDir::new().unwrap();
-        let outside_file = outside.path().join("outside.txt");
-        std::fs::write(&outside_file, "nope").unwrap();
-
-        let err = resolve_deliverable_path(base, outside_file.to_str().unwrap()).unwrap_err();
-        let msg = format!("{err}");
-        assert!(msg.contains("escapes run store"));
-    }
-}
--- a/codex-rs/codex-infty/tests/orchestrator.rs
+++ b/codex-rs/codex-infty/tests/orchestrator.rs
@@ -1,327 +0,0 @@
-#![cfg(not(target_os = "windows"))]
-
-use std::time::Duration;
-
-use codex_core::CodexAuth;
-use codex_core::built_in_model_providers;
-use codex_core::config::Config;
-use codex_core::cross_session::AssistantMessage;
-use codex_core::cross_session::PostUserTurnRequest;
-use codex_core::cross_session::RoleOrId;
-use codex_core::protocol::Op;
-use codex_infty::InftyOrchestrator;
-use codex_infty::RoleConfig;
-use codex_infty::RunExecutionOptions;
-use codex_infty::RunParams;
-use core_test_support::load_default_config_for_test;
-use core_test_support::responses;
-use core_test_support::skip_if_no_network;
-use tempfile::TempDir;
-use wiremock::MockServer;
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn orchestrator_routes_between_roles_and_records_store() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-    let bodies = vec![
-        responses::sse(vec![
-            responses::ev_response_created("solver-resp-1"),
-            responses::ev_assistant_message("solver-msg-1", "Need direction"),
-            responses::ev_completed("solver-resp-1"),
-        ]),
-        responses::sse(vec![
-            responses::ev_response_created("director-resp-1"),
-            responses::ev_assistant_message("director-msg-1", "Proceed iteratively"),
-            responses::ev_completed("director-resp-1"),
-        ]),
-        responses::sse(vec![
-            responses::ev_response_created("solver-resp-2"),
-            responses::ev_assistant_message("solver-msg-2", "Acknowledged"),
-            responses::ev_completed("solver-resp-2"),
-        ]),
-    ];
-    let response_mock = responses::mount_sse_sequence(&server, bodies).await;
-
-    let runs_root = TempDir::new()?;
-    let orchestrator =
-        InftyOrchestrator::with_runs_root(CodexAuth::from_api_key("dummy-key"), runs_root.path());
-    let run_id = "run-orchestrator".to_string();
-
-    let solver_config = build_config(&server).await?;
-    let director_config = build_config(&server).await?;
-
-    let sessions = orchestrator
-        .spawn_run(RunParams {
-            run_id: run_id.clone(),
-            run_root: Some(runs_root.path().join("runs").join(&run_id)),
-            solver: RoleConfig::new("solver", solver_config.clone()),
-            director: RoleConfig::new("director", director_config.clone()),
-            verifiers: Vec::new(),
-        })
-        .await?;
-
-    let solver_message = call_role(
-        &orchestrator,
-        &sessions.run_id,
-        "solver",
-        "kick off plan",
-        Duration::from_secs(1),
-    )
-    .await?;
-    assert_eq!(solver_message.message.message, "Need direction");
-
-    let director_message = relay_assistant_to_role(
-        &orchestrator,
-        &sessions.run_id,
-        "director",
-        &solver_message,
-        Duration::from_secs(1),
-    )
-    .await?;
-    assert_eq!(director_message.message.message, "Proceed iteratively");
-
-    let solver_reply = relay_assistant_to_role(
-        &orchestrator,
-        &sessions.run_id,
-        "solver",
-        &director_message,
-        Duration::from_secs(1),
-    )
-    .await?;
-    assert_eq!(solver_reply.message.message, "Acknowledged");
-
-    assert_eq!(response_mock.requests().len(), 3);
-    let first_request = response_mock.requests().first().unwrap().body_json();
-    let instructions = first_request["instructions"]
-        .as_str()
-        .expect("request should set instructions");
-    assert!(
-        instructions.contains("brilliant mathematician"),
-        "missing solver prompt: {instructions}"
-    );
-    assert!(sessions.store.path().is_dir());
-    let solver_meta = sessions.store.role_metadata("solver").unwrap();
-    assert!(solver_meta.rollout_path.is_some());
-
-    Ok(())
-}
-
-// resumable runs are disabled; resume test removed
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn execute_new_run_drives_to_completion() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-    let bodies = vec![
-        responses::sse(vec![
-            responses::ev_response_created("solver-resp-1"),
-            responses::ev_assistant_message(
-                "solver-msg-1",
-                r#"{"type":"direction_request","prompt":"Need directive","claim_path":null,"notes":null,"deliverable_path":null,"summary":null}"#,
-            ),
-            responses::ev_completed("solver-resp-1"),
-        ]),
-        responses::sse(vec![
-            responses::ev_response_created("director-resp-1"),
-            responses::ev_assistant_message(
-                "director-msg-1",
-                r#"{"directive":"Proceed","rationale":"Follow the plan"}"#,
-            ),
-            responses::ev_completed("director-resp-1"),
-        ]),
-        responses::sse(vec![
-            responses::ev_response_created("solver-resp-2"),
-            responses::ev_assistant_message("solver-msg-2", "Acknowledged"),
-            responses::ev_assistant_message(
-                "solver-msg-4",
-                r#"{"type":"final_delivery","prompt":null,"claim_path":null,"notes":null,"deliverable_path":"deliverable","summary":"done"}"#,
-            ),
-            responses::ev_completed("solver-resp-2"),
-        ]),
-        // Final verification of the deliverable
-        responses::sse(vec![
-            responses::ev_response_created("verifier-resp-3"),
-            responses::ev_assistant_message(
-                "verifier-msg-3",
-                r#"{"verdict":"pass","reasons":[],"suggestions":[]}"#,
-            ),
-            responses::ev_completed("verifier-resp-3"),
-        ]),
-        // Feedback turn summarizing the verification outcome back to the solver
-        responses::sse(vec![
-            responses::ev_response_created("solver-resp-5"),
-            responses::ev_completed("solver-resp-5"),
-        ]),
-    ];
-    for body in bodies {
-        responses::mount_sse_once(&server, body).await;
-    }
-
-    let runs_root = TempDir::new()?;
-    let orchestrator =
-        InftyOrchestrator::with_runs_root(CodexAuth::from_api_key("dummy-key"), runs_root.path());
-    let run_id = "run-auto".to_string();
-    let run_root = runs_root.path().join("runs").join(&run_id);
-
-    let solver_config = build_config(&server).await?;
-    let director_config = build_config(&server).await?;
-    let verifier_config = build_config(&server).await?;
-
-    let options = RunExecutionOptions {
-        objective: Some("Implement feature".to_string()),
-        ..RunExecutionOptions::default()
-    };
-
-    let outcome = orchestrator
-        .execute_new_run(
-            RunParams {
-                run_id: run_id.clone(),
-                run_root: Some(run_root.clone()),
-                solver: RoleConfig::new("solver", solver_config),
-                director: RoleConfig::new("director", director_config),
-                verifiers: vec![RoleConfig::new("verifier", verifier_config)],
-            },
-            options,
-        )
-        .await?;
-
-    assert_eq!(outcome.run_id, run_id);
-    assert_eq!(outcome.summary.as_deref(), Some("done"));
-    assert!(outcome.raw_message.contains("final_delivery"));
-    let canonical_run_root = std::fs::canonicalize(&run_root)?;
-    let canonical_deliverable = std::fs::canonicalize(&outcome.deliverable_path)?;
-    assert!(canonical_deliverable.starts_with(&canonical_run_root));
-
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn spawn_run_cleans_up_on_failure() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-    let bodies = vec![
-        responses::sse(vec![
-            responses::ev_response_created("solver-resp-1"),
-            responses::ev_completed("solver-resp-1"),
-        ]),
-        responses::sse(vec![
-            responses::ev_response_created("director-resp-1"),
-            responses::ev_completed("director-resp-1"),
-        ]),
-        responses::sse(vec![
-            responses::ev_response_created("dup-resp"),
-            responses::ev_completed("dup-resp"),
-        ]),
-    ];
-    for body in bodies {
-        responses::mount_sse_once(&server, body).await;
-    }
-
-    let runs_root = TempDir::new()?;
-    let orchestrator =
-        InftyOrchestrator::with_runs_root(CodexAuth::from_api_key("dummy-key"), runs_root.path());
-    let run_id = "run-cleanup".to_string();
-    let run_path = runs_root.path().join("runs").join(&run_id);
-
-    let solver_config = build_config(&server).await?;
-    let director_config = build_config(&server).await?;
-
-    let result = orchestrator
-        .spawn_run(RunParams {
-            run_id: run_id.clone(),
-            run_root: Some(run_path.clone()),
-            solver: RoleConfig::new("solver", solver_config.clone()),
-            director: RoleConfig::new("director", director_config.clone()),
-            verifiers: vec![RoleConfig::new("solver", solver_config.clone())],
-        })
-        .await;
-    assert!(result.is_err());
-    assert!(!run_path.exists(), "failed run should remove run directory");
-
-    let bodies = vec![
-        responses::sse(vec![
-            responses::ev_response_created("solver-resp-2"),
-            responses::ev_completed("solver-resp-2"),
-        ]),
-        responses::sse(vec![
-            responses::ev_response_created("director-resp-2"),
-            responses::ev_completed("director-resp-2"),
-        ]),
-    ];
-    for body in bodies {
-        responses::mount_sse_once(&server, body).await;
-    }
-
-    let sessions = orchestrator
-        .spawn_run(RunParams {
-            run_id: run_id.clone(),
-            run_root: Some(run_path.clone()),
-            solver: RoleConfig::new("solver", solver_config),
-            director: RoleConfig::new("director", director_config),
-            verifiers: Vec::new(),
-        })
-        .await?;
-
-    sessions.solver.conversation.submit(Op::Shutdown).await.ok();
-    sessions
-        .director
-        .conversation
-        .submit(Op::Shutdown)
-        .await
-        .ok();
-
-    Ok(())
-}
-
-async fn build_config(server: &MockServer) -> anyhow::Result<Config> {
-    let home = TempDir::new()?;
-    let cwd = TempDir::new()?;
-    let mut config = load_default_config_for_test(&home);
-    config.cwd = cwd.path().to_path_buf();
-    let mut provider = built_in_model_providers()["openai"].clone();
-    provider.base_url = Some(format!("{}/v1", server.uri()));
-    config.model_provider = provider;
-    Ok(config)
-}
-
-async fn call_role(
-    orchestrator: &InftyOrchestrator,
-    run_id: &str,
-    role: &str,
-    text: &str,
-    timeout: Duration,
-) -> anyhow::Result<AssistantMessage> {
-    let hub = orchestrator.hub();
-    let handle = hub
-        .post_user_turn(PostUserTurnRequest {
-            target: RoleOrId::RunRole {
-                run_id: run_id.to_string(),
-                role: role.to_string(),
-            },
-            text: text.to_string(),
-            final_output_json_schema: None,
-        })
-        .await?;
-    let reply = hub.await_first_assistant(&handle, timeout).await?;
-    Ok(reply)
-}
-
-async fn relay_assistant_to_role(
-    orchestrator: &InftyOrchestrator,
-    run_id: &str,
-    target_role: &str,
-    assistant: &AssistantMessage,
-    timeout: Duration,
-) -> anyhow::Result<AssistantMessage> {
-    call_role(
-        orchestrator,
-        run_id,
-        target_role,
-        &assistant.message.message,
-        timeout,
-    )
-    .await
-}
--- a/codex-rs/codex-infty/tests/schemas.rs
+++ b/codex-rs/codex-infty/tests/schemas.rs
@@ -1,324 +0,0 @@
-#![cfg(not(target_os = "windows"))]
-
-use std::time::Duration;
-
-use codex_core::CodexAuth;
-use codex_core::built_in_model_providers;
-use codex_core::config::Config;
-use codex_infty::InftyOrchestrator;
-use codex_infty::RoleConfig;
-use codex_infty::RunExecutionOptions;
-use codex_infty::RunParams;
-use core_test_support::load_default_config_for_test;
-use core_test_support::responses;
-use core_test_support::skip_if_no_network;
-use tempfile::TempDir;
-use wiremock::MockServer;
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn director_request_includes_output_schema() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-
-    // 1) Solver: emit a direction_request so the orchestrator calls Director.
-    let body_solver = responses::sse(vec![
-        responses::ev_response_created("solver-resp-1"),
-        responses::ev_assistant_message(
-            "solver-msg-1",
-            r#"{"type":"direction_request","prompt":"Need directive","claim_path":null,"notes":null,"deliverable_path":null,"summary":null}"#,
-        ),
-        responses::ev_completed("solver-resp-1"),
-    ]);
-    let _mock_solver = responses::mount_sse_once(&server, body_solver).await;
-
-    // 2) Director: reply with a directive JSON.
-    let body_director = responses::sse(vec![
-        responses::ev_response_created("director-resp-1"),
-        responses::ev_assistant_message(
-            "director-msg-1",
-            r#"{"directive":"Proceed","rationale":"Follow the plan"}"#,
-        ),
-        responses::ev_completed("director-resp-1"),
-    ]);
-    let mock_director = responses::mount_sse_once(&server, body_director).await;
-
-    // 3) After relaying directive back to Solver, we do not need to continue the run.
-    // Provide a short empty solver completion body to avoid hanging HTTP calls.
-    let body_solver_after = responses::sse(vec![
-        responses::ev_response_created("solver-resp-2"),
-        responses::ev_completed("solver-resp-2"),
-    ]);
-    let _mock_solver_after = responses::mount_sse_once(&server, body_solver_after).await;
-
-    let runs_root = TempDir::new()?;
-    let orchestrator =
-        InftyOrchestrator::with_runs_root(CodexAuth::from_api_key("dummy-key"), runs_root.path());
-    let run_id = "run-director-schema".to_string();
-
-    let solver_config = build_config(&server).await?;
-    let director_config = build_config(&server).await?;
-
-    let params = RunParams {
-        run_id: run_id.clone(),
-        run_root: Some(runs_root.path().join("runs").join(&run_id)),
-        solver: RoleConfig::new("solver", solver_config),
-        director: RoleConfig::new("director", director_config),
-        verifiers: Vec::new(),
-    };
-
-    let options = RunExecutionOptions {
-        objective: Some("Kick off".to_string()),
-        ..Default::default()
-    };
-
-    // Drive the run in the background; we'll assert the request shape then cancel.
-    let fut = tokio::spawn(async move {
-        let _ = orchestrator.execute_new_run(params, options).await;
-    });
-
-    // Wait until the Director request is captured.
-    wait_for_requests(&mock_director, 1, Duration::from_secs(2)).await;
-    let req = mock_director.single_request();
-    let body = req.body_json();
-
-    // Assert that a JSON schema was sent under text.format.
-    let text = &body["text"]; // Optional; present when using schemas
-    assert!(text.is_object(), "missing text controls in request body");
-    let fmt = &text["format"];
-    assert!(fmt.is_object(), "missing text.format in request body");
-    assert_eq!(fmt["type"], "json_schema");
-    let schema = &fmt["schema"];
-    assert!(schema.is_object(), "missing text.format.schema");
-    assert_eq!(schema["type"], "object");
-    // Ensure the directive property exists and is a string.
-    assert_eq!(schema["properties"]["directive"]["type"], "string");
-    // Enforce strictness: required must include all properties.
-    let required = schema["required"]
-        .as_array()
-        .expect("required must be array");
-    let props = schema["properties"]
-        .as_object()
-        .expect("properties must be object");
-    for key in props.keys() {
-        assert!(
-            required.iter().any(|v| v == key),
-            "missing {key} in required"
-        );
-    }
-    // Ensure the objective text appears in the serialized request body
-    let raw = serde_json::to_string(&body).expect("serialize body");
-    assert!(
-        raw.contains("Kick off"),
-        "objective missing from director request body"
-    );
-
-    // Stop the background task to end the test.
-    fut.abort();
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn final_delivery_request_includes_output_schema() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-
-    // 1) Solver: emit empty message so orchestrator asks for final_delivery via schema.
-    let body_solver = responses::sse(vec![
-        responses::ev_response_created("solver-resp-1"),
-        // No signal -> orchestrator will prompt with final_output schema.
-        responses::ev_completed("solver-resp-1"),
-    ]);
-    let _mock_solver = responses::mount_sse_once(&server, body_solver).await;
-
-    // 2) Capture the schema-bearing request to Solver.
-    let body_solver_prompt = responses::sse(vec![
-        responses::ev_response_created("solver-resp-2"),
-        responses::ev_assistant_message(
-            "solver-msg-2",
-            r#"{"type":"final_delivery","deliverable_path":"deliverable/summary.txt","summary":null}"#,
-        ),
-        responses::ev_completed("solver-resp-2"),
-    ]);
-    let mock_solver_prompt = responses::mount_sse_once(&server, body_solver_prompt).await;
-
-    // 3) Keep any follow-up quiet.
-    let body_solver_done = responses::sse(vec![
-        responses::ev_response_created("solver-resp-3"),
-        responses::ev_completed("solver-resp-3"),
-    ]);
-    let _mock_solver_done = responses::mount_sse_once(&server, body_solver_done).await;
-
-    let runs_root = TempDir::new()?;
-    let orchestrator =
-        InftyOrchestrator::with_runs_root(CodexAuth::from_api_key("dummy-key"), runs_root.path());
-    let run_id = "run-final-schema".to_string();
-
-    let solver_config = build_config(&server).await?;
-    let director_config = build_config(&server).await?;
-
-    let params = RunParams {
-        run_id: run_id.clone(),
-        run_root: Some(runs_root.path().join("runs").join(&run_id)),
-        solver: RoleConfig::new("solver", solver_config),
-        director: RoleConfig::new("director", director_config),
-        verifiers: Vec::new(),
-    };
-
-    let options = RunExecutionOptions {
-        objective: Some("Kick off".to_string()),
-        ..Default::default()
-    };
-
-    let fut = tokio::spawn(async move {
-        let _ = orchestrator.execute_new_run(params, options).await;
-    });
-
-    wait_for_requests(&mock_solver_prompt, 1, Duration::from_secs(2)).await;
-    let req = mock_solver_prompt.single_request();
-    let body = req.body_json();
-    let text = &body["text"];
-    assert!(text.is_object(), "missing text controls in request body");
-    let fmt = &text["format"];
-    assert!(fmt.is_object(), "missing text.format in request body");
-    assert_eq!(fmt["type"], "json_schema");
-    let schema = &fmt["schema"];
-    assert!(schema.is_object(), "missing text.format.schema");
-    let required = schema["required"]
-        .as_array()
-        .expect("required must be array");
-    let props = schema["properties"]
-        .as_object()
-        .expect("properties must be object");
-    for key in props.keys() {
-        assert!(
-            required.iter().any(|v| v == key),
-            "missing {key} in required"
-        );
-    }
-
-    fut.abort();
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn verifier_request_includes_output_schema() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-
-    // 1) Solver: issue a final_delivery which triggers verifier requests.
-    let body_solver = responses::sse(vec![
-        responses::ev_response_created("solver-resp-1"),
-        responses::ev_assistant_message(
-            "solver-msg-1",
-            r#"{"type":"final_delivery","deliverable_path":"deliverable/summary.txt","summary":null}"#,
-        ),
-        responses::ev_completed("solver-resp-1"),
-    ]);
-    let _mock_solver = responses::mount_sse_once(&server, body_solver).await;
-
-    // 2) Verifier: reply with a verdict JSON.
-    let body_verifier = responses::sse(vec![
-        responses::ev_response_created("verifier-resp-1"),
-        responses::ev_assistant_message(
-            "verifier-msg-1",
-            r#"{"verdict":"pass","reasons":[],"suggestions":[]}"#,
-        ),
-        responses::ev_completed("verifier-resp-1"),
-    ]);
-    let mock_verifier = responses::mount_sse_once(&server, body_verifier).await;
-
-    // 3) After posting the summary back to Solver, let the request complete.
-    let body_solver_after = responses::sse(vec![
-        responses::ev_response_created("solver-resp-2"),
-        responses::ev_completed("solver-resp-2"),
-    ]);
-    let _mock_solver_after = responses::mount_sse_once(&server, body_solver_after).await;
-
-    let runs_root = TempDir::new()?;
-    let orchestrator =
-        InftyOrchestrator::with_runs_root(CodexAuth::from_api_key("dummy-key"), runs_root.path());
-    let run_id = "run-verifier-schema".to_string();
-
-    let solver_config = build_config(&server).await?;
-    let director_config = build_config(&server).await?;
-    let verifier_config = build_config(&server).await?;
-
-    let params = RunParams {
-        run_id: run_id.clone(),
-        run_root: Some(runs_root.path().join("runs").join(&run_id)),
-        solver: RoleConfig::new("solver", solver_config),
-        director: RoleConfig::new("director", director_config),
-        verifiers: vec![RoleConfig::new("verifier", verifier_config)],
-    };
-
-    let options = RunExecutionOptions {
-        objective: Some("Kick off".to_string()),
-        ..Default::default()
-    };
-
-    let fut = tokio::spawn(async move {
-        let _ = orchestrator.execute_new_run(params, options).await;
-    });
-
-    // Wait until the Verifier request is captured.
-    wait_for_requests(&mock_verifier, 1, Duration::from_secs(2)).await;
-    let req = mock_verifier.single_request();
-    let body = req.body_json();
-
-    // Assert that a JSON schema was sent under text.format.
-    let text = &body["text"]; // Optional; present when using schemas
-    assert!(text.is_object(), "missing text controls in request body");
-    let fmt = &text["format"];
-    assert!(fmt.is_object(), "missing text.format in request body");
-    assert_eq!(fmt["type"], "json_schema");
-    let schema = &fmt["schema"];
-    assert!(schema.is_object(), "missing text.format.schema");
-    assert_eq!(schema["type"], "object");
-    // Ensure the verdict property exists and is an enum of pass/fail.
-    assert!(schema["properties"]["verdict"].is_object());
-    // Enforce strictness: required must include all properties.
-    let required = schema["required"]
-        .as_array()
-        .expect("required must be array");
-    let props = schema["properties"]
-        .as_object()
-        .expect("properties must be object");
-    for key in props.keys() {
-        assert!(
-            required.iter().any(|v| v == key),
-            "missing {key} in required"
-        );
-    }
-
-    fut.abort();
-    Ok(())
-}
-
-async fn build_config(server: &MockServer) -> anyhow::Result<Config> {
-    let home = TempDir::new()?;
-    let cwd = TempDir::new()?;
-    let mut config = load_default_config_for_test(&home);
-    config.cwd = cwd.path().to_path_buf();
-    let mut provider = built_in_model_providers()["openai"].clone();
-    provider.base_url = Some(format!("{}/v1", server.uri()));
-    config.model_provider = provider;
-    Ok(config)
-}
-
-async fn wait_for_requests(mock: &responses::ResponseMock, min: usize, timeout: Duration) {
-    use tokio::time::Instant;
-    use tokio::time::sleep;
-    let start = Instant::now();
-    loop {
-        if mock.requests().len() >= min {
-            return;
-        }
-        if start.elapsed() > timeout {
-            return;
-        }
-        sleep(Duration::from_millis(25)).await;
-    }
-}
--- a/codex-rs/codex-infty/tests/timeouts.rs
+++ b/codex-rs/codex-infty/tests/timeouts.rs
@@ -1,98 +0,0 @@
-#![cfg(not(target_os = "windows"))]
-
-use std::time::Duration;
-
-use codex_core::CodexAuth;
-use codex_core::built_in_model_providers;
-use codex_core::config::Config;
-use codex_infty::InftyOrchestrator;
-use codex_infty::RoleConfig;
-use codex_infty::RunExecutionOptions;
-use codex_infty::RunParams;
-use core_test_support::load_default_config_for_test;
-use core_test_support::responses;
-use core_test_support::skip_if_no_network;
-use tempfile::TempDir;
-use wiremock::MockServer;
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn direction_request_times_out_when_director_is_silent() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-
-    // Solver emits a direction_request.
-    let body_solver = responses::sse(vec![
-        responses::ev_response_created("solver-resp-1"),
-        responses::ev_assistant_message(
-            "solver-msg-1",
-            r#"{"type":"direction_request","prompt":"Need directive","claim_path":null,"notes":null,"deliverable_path":null,"summary":null}"#,
-        ),
-        responses::ev_completed("solver-resp-1"),
-    ]);
-    let _mock_solver = responses::mount_sse_once(&server, body_solver).await;
-
-    // Director remains silent (no assistant message); the model completes immediately.
-    let body_director_silent = responses::sse(vec![
-        responses::ev_response_created("director-resp-1"),
-        // intentionally no message
-        responses::ev_completed("director-resp-1"),
-    ]);
-    let _mock_director = responses::mount_sse_once(&server, body_director_silent).await;
-
-    // After attempting to relay a directive back to the solver, orchestrator won't proceed
-    // as we will time out waiting for the director; however, the solver will still receive
-    // a follow-up post later in the flow, so we pre-mount an empty completion to satisfy it
-    // if the code ever reaches that point in future changes.
-    let body_solver_after = responses::sse(vec![
-        responses::ev_response_created("solver-resp-2"),
-        responses::ev_completed("solver-resp-2"),
-    ]);
-    let _mock_solver_after = responses::mount_sse_once(&server, body_solver_after).await;
-
-    let runs_root = TempDir::new()?;
-    let orchestrator =
-        InftyOrchestrator::with_runs_root(CodexAuth::from_api_key("dummy-key"), runs_root.path());
-    let run_id = "run-director-timeout".to_string();
-
-    let solver_config = build_config(&server).await?;
-    let director_config = build_config(&server).await?;
-
-    let params = RunParams {
-        run_id: run_id.clone(),
-        run_root: Some(runs_root.path().join("runs").join(&run_id)),
-        solver: RoleConfig::new("solver", solver_config),
-        director: RoleConfig::new("director", director_config),
-        verifiers: Vec::new(),
-    };
-
-    let options = RunExecutionOptions {
-        objective: Some("Kick off".to_string()),
-        director_timeout: Duration::from_millis(50),
-        ..Default::default()
-    };
-
-    let err = orchestrator
-        .execute_new_run(params, options)
-        .await
-        .err()
-        .expect("expected timeout error");
-    let msg = format!("{err:#}");
-    assert!(
-        msg.contains("timed out waiting") || msg.contains("AwaitTimeout"),
-        "unexpected error: {msg}"
-    );
-
-    Ok(())
-}
-
-async fn build_config(server: &MockServer) -> anyhow::Result<Config> {
-    let home = TempDir::new()?;
-    let cwd = TempDir::new()?;
-    let mut config = load_default_config_for_test(&home);
-    config.cwd = cwd.path().to_path_buf();
-    let mut provider = built_in_model_providers()["openai"].clone();
-    provider.base_url = Some(format!("{}/v1", server.uri()));
-    config.model_provider = provider;
-    Ok(config)
-}
--- a/codex-rs/codex-infty/tests/verifier_replacement.rs
+++ b/codex-rs/codex-infty/tests/verifier_replacement.rs
@@ -1,157 +0,0 @@
-#![cfg(not(target_os = "windows"))]
-
-use std::time::Duration;
-
-use codex_core::CodexAuth;
-use codex_core::built_in_model_providers;
-use codex_core::config::Config;
-use codex_infty::InftyOrchestrator;
-use codex_infty::RoleConfig;
-use codex_infty::RunExecutionOptions;
-use codex_infty::RunParams;
-use core_test_support::load_default_config_for_test;
-use core_test_support::responses;
-use core_test_support::skip_if_no_network;
-use tempfile::TempDir;
-use wiremock::MockServer;
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn replaces_passing_verifiers_and_keeps_failing() -> anyhow::Result<()> {
-    skip_if_no_network!(Ok(()));
-
-    let server = responses::start_mock_server().await;
-
-    // Round 1: alpha passes, beta fails
-    let body_verifier_alpha_r1 = responses::sse(vec![
-        responses::ev_response_created("verifier-alpha-r1"),
-        responses::ev_assistant_message(
-            "verifier-alpha-msg-r1",
-            r#"{"verdict":"pass","reasons":[],"suggestions":[]}"#,
-        ),
-        responses::ev_completed("verifier-alpha-r1"),
-    ]);
-    let body_verifier_beta_r1 = responses::sse(vec![
-        responses::ev_response_created("verifier-beta-r1"),
-        responses::ev_assistant_message(
-            "verifier-beta-msg-r1",
-            r#"{"verdict":"fail","reasons":["missing"],"suggestions":[]}"#,
-        ),
-        responses::ev_completed("verifier-beta-r1"),
-    ]);
-
-    // Round 2: both pass
-    let body_verifier_alpha_r2 = responses::sse(vec![
-        responses::ev_response_created("verifier-alpha-r2"),
-        responses::ev_assistant_message(
-            "verifier-alpha-msg-r2",
-            r#"{"verdict":"pass","reasons":[],"suggestions":[]}"#,
-        ),
-        responses::ev_completed("verifier-alpha-r2"),
-    ]);
-    let body_verifier_beta_r2 = responses::sse(vec![
-        responses::ev_response_created("verifier-beta-r2"),
-        responses::ev_assistant_message(
-            "verifier-beta-msg-r2",
-            r#"{"verdict":"pass","reasons":[],"suggestions":[]}"#,
-        ),
-        responses::ev_completed("verifier-beta-r2"),
-    ]);
-
-    // Mount verifier SSE bodies in the exact order collect_verification_summary posts to verifiers.
-    // The implementation posts sequentially in the order of sessions.verifiers.
-    let _m1 = responses::mount_sse_once(&server, body_verifier_alpha_r1).await;
-    let _m2 = responses::mount_sse_once(&server, body_verifier_beta_r1).await;
-    let _m3 = responses::mount_sse_once(&server, body_verifier_alpha_r2).await;
-    let _m4 = responses::mount_sse_once(&server, body_verifier_beta_r2).await;
-
-    let runs_root = TempDir::new()?;
-    let orchestrator =
-        InftyOrchestrator::with_runs_root(CodexAuth::from_api_key("dummy-key"), runs_root.path());
-    let run_id = "run-verifier-replacement".to_string();
-
-    let solver_config = build_config(&server).await?;
-    let director_config = build_config(&server).await?;
-    let verifier_config = build_config(&server).await?;
-
-    // Spawn run with two verifiers in known order.
-    let mut sessions = orchestrator
-        .spawn_run(RunParams {
-            run_id: run_id.clone(),
-            run_root: Some(runs_root.path().join("runs").join(&run_id)),
-            solver: RoleConfig::new("solver", solver_config),
-            director: RoleConfig::new("director", director_config),
-            verifiers: vec![
-                RoleConfig::new("verifier-alpha", verifier_config.clone()),
-                RoleConfig::new("verifier-beta", verifier_config),
-            ],
-        })
-        .await?;
-
-    let alpha_initial = sessions
-        .store
-        .role_metadata("verifier-alpha")
-        .and_then(|m| m.rollout_path.clone())
-        .expect("alpha initial rollout path");
-    let beta_initial = sessions
-        .store
-        .role_metadata("verifier-beta")
-        .and_then(|m| m.rollout_path.clone())
-        .expect("beta initial rollout path");
-
-    let options = RunExecutionOptions {
-        verifier_timeout: Duration::from_secs(2),
-        ..Default::default()
-    };
-
-    // Round 1: alpha pass (should be replaced), beta fail (should be kept)
-    let _summary1 = orchestrator
-        .verify_round_for_test(&mut sessions, "memory/claims/c1.json", &options)
-        .await?;
-
-    let alpha_after_r1 = sessions
-        .store
-        .role_metadata("verifier-alpha")
-        .and_then(|m| m.rollout_path.clone())
-        .expect("alpha rollout after r1");
-    let beta_after_r1 = sessions
-        .store
-        .role_metadata("verifier-beta")
-        .and_then(|m| m.rollout_path.clone())
-        .expect("beta rollout after r1");
-
-    assert_ne!(
-        alpha_initial, alpha_after_r1,
-        "alpha should be replaced after pass"
-    );
-    assert_eq!(
-        beta_initial, beta_after_r1,
-        "beta should be kept after fail"
-    );
-
-    // Round 2: both pass; beta should be replaced now.
-    let _summary2 = orchestrator
-        .verify_round_for_test(&mut sessions, "memory/claims/c2.json", &options)
-        .await?;
-    let beta_after_r2 = sessions
-        .store
-        .role_metadata("verifier-beta")
-        .and_then(|m| m.rollout_path.clone())
-        .expect("beta rollout after r2");
-    assert_ne!(
-        beta_initial, beta_after_r2,
-        "beta should be replaced after pass in r2"
-    );
-
-    Ok(())
-}
-
-async fn build_config(server: &MockServer) -> anyhow::Result<Config> {
-    let home = TempDir::new()?;
-    let cwd = TempDir::new()?;
-    let mut config = load_default_config_for_test(&home);
-    config.cwd = cwd.path().to_path_buf();
-    let mut provider = built_in_model_providers()["openai"].clone();
-    provider.base_url = Some(format!("{}/v1", server.uri()));
-    config.model_provider = provider;
-    Ok(config)
-}
--- a/codex-rs/common/src/model_presets.rs
+++ b/codex-rs/common/src/model_presets.rs
@@ -1,73 +1,96 @@
 use codex_app_server_protocol::AuthMode;
 use codex_core::protocol_config_types::ReasoningEffort;

-/// A simple preset pairing a model slug with a reasoning effort.
+/// A reasoning effort option that can be surfaced for a model.
+#[derive(Debug, Clone, Copy)]
+pub struct ReasoningEffortPreset {
+    /// Effort level that the model supports.
+    pub effort: ReasoningEffort,
+    /// Short human description shown next to the effort in UIs.
+    pub description: &'static str,
+}
+
+/// Metadata describing a Codex-supported model.
 #[derive(Debug, Clone, Copy)]
 pub struct ModelPreset {
    /// Stable identifier for the preset.
    pub id: &'static str,
-    /// Display label shown in UIs.
-    pub label: &'static str,
-    /// Short human description shown next to the label in UIs.
-    pub description: &'static str,
    /// Model slug (e.g., "gpt-5").
    pub model: &'static str,
-    /// Reasoning effort to apply for this preset.
-    pub effort: Option<ReasoningEffort>,
+    /// Display name shown in UIs.
+    pub display_name: &'static str,
+    /// Short human description shown in UIs.
+    pub description: &'static str,
+    /// Reasoning effort applied when none is explicitly chosen.
+    pub default_reasoning_effort: ReasoningEffort,
+    /// Supported reasoning effort options.
+    pub supported_reasoning_efforts: &'static [ReasoningEffortPreset],
+    /// Whether this is the default model for new users.
+    pub is_default: bool,
 }

 const PRESETS: &[ModelPreset] = &[
    ModelPreset {
-        id: "gpt-5-codex-low",
-        label: "gpt-5-codex low",
-        description: "Fastest responses with limited reasoning",
+        id: "gpt-5-codex",
        model: "gpt-5-codex",
-        effort: Some(ReasoningEffort::Low),
+        display_name: "gpt-5-codex",
+        description: "Optimized for coding tasks with many tools.",
+        default_reasoning_effort: ReasoningEffort::Medium,
+        supported_reasoning_efforts: &[
+            ReasoningEffortPreset {
+                effort: ReasoningEffort::Low,
+                description: "Fastest responses with limited reasoning",
+            },
+            ReasoningEffortPreset {
+                effort: ReasoningEffort::Medium,
+                description: "Dynamically adjusts reasoning based on the task",
+            },
+            ReasoningEffortPreset {
+                effort: ReasoningEffort::High,
+                description: "Maximizes reasoning depth for complex or ambiguous problems",
+            },
+        ],
+        is_default: true,
    },
    ModelPreset {
-        id: "gpt-5-codex-medium",
-        label: "gpt-5-codex medium",
-        description: "Dynamically adjusts reasoning based on the task",
-        model: "gpt-5-codex",
-        effort: Some(ReasoningEffort::Medium),
-    },
-    ModelPreset {
-        id: "gpt-5-codex-high",
-        label: "gpt-5-codex high",
-        description: "Maximizes reasoning depth for complex or ambiguous problems",
-        model: "gpt-5-codex",
-        effort: Some(ReasoningEffort::High),
-    },
-    ModelPreset {
-        id: "gpt-5-minimal",
-        label: "gpt-5 minimal",
-        description: "Fastest responses with little reasoning",
+        id: "gpt-5",
        model: "gpt-5",
-        effort: Some(ReasoningEffort::Minimal),
-    },
-    ModelPreset {
-        id: "gpt-5-low",
-        label: "gpt-5 low",
-        description: "Balances speed with some reasoning; useful for straightforward queries and short explanations",
-        model: "gpt-5",
-        effort: Some(ReasoningEffort::Low),
-    },
-    ModelPreset {
-        id: "gpt-5-medium",
-        label: "gpt-5 medium",
-        description: "Provides a solid balance of reasoning depth and latency for general-purpose tasks",
-        model: "gpt-5",
-        effort: Some(ReasoningEffort::Medium),
-    },
-    ModelPreset {
-        id: "gpt-5-high",
-        label: "gpt-5 high",
-        description: "Maximizes reasoning depth for complex or ambiguous problems",
-        model: "gpt-5",
-        effort: Some(ReasoningEffort::High),
+        display_name: "gpt-5",
+        description: "Broad world knowledge with strong general reasoning.",
+        default_reasoning_effort: ReasoningEffort::Medium,
+        supported_reasoning_efforts: &[
+            ReasoningEffortPreset {
+                effort: ReasoningEffort::Minimal,
+                description: "Fastest responses with little reasoning",
+            },
+            ReasoningEffortPreset {
+                effort: ReasoningEffort::Low,
+                description: "Balances speed with some reasoning; useful for straightforward queries and short explanations",
+            },
+            ReasoningEffortPreset {
+                effort: ReasoningEffort::Medium,
+                description: "Provides a solid balance of reasoning depth and latency for general-purpose tasks",
+            },
+            ReasoningEffortPreset {
+                effort: ReasoningEffort::High,
+                description: "Maximizes reasoning depth for complex or ambiguous problems",
+            },
+        ],
+        is_default: false,
    },
 ];

 pub fn builtin_model_presets(_auth_mode: Option<AuthMode>) -> Vec<ModelPreset> {
    PRESETS.to_vec()
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn only_one_default_model_is_configured() {
+        let default_models = PRESETS.iter().filter(|preset| preset.is_default).count();
+        assert!(default_models == 1);
+    }
+}
--- a/codex-rs/config.md
+++ b/codex-rs/config.md
@@ -3,4 +3,4 @@
 This file has moved. Please see the latest configuration documentation here:

 - Full config docs: [docs/config.md](../docs/config.md)
- MCP servers section: [docs/config.md#mcp_servers](../docs/config.md#mcp_servers) 
+- MCP servers section: [docs/config.md#connecting-to-mcp-servers](../docs/config.md#connecting-to-mcp-servers)
--- a/codex-rs/core/Cargo.toml
+++ b/codex-rs/core/Cargo.toml
@@ -22,21 +22,23 @@ chrono = { workspace = true, features = ["serde"] }
 codex-app-server-protocol = { workspace = true }
 codex-apply-patch = { workspace = true }
 codex-file-search = { workspace = true }
-codex-mcp-client = { workspace = true }
 codex-otel = { workspace = true, features = ["otel"] }
 codex-protocol = { workspace = true }
 codex-rmcp-client = { workspace = true }
+codex-async-utils = { workspace = true }
 codex-utils-string = { workspace = true }
+codex-utils-pty = { workspace = true }
+codex-utils-tokenizer = { workspace = true }
 dirs = { workspace = true }
 dunce = { workspace = true }
 env-flags = { workspace = true }
 eventsource-stream = { workspace = true }
 futures = { workspace = true }
+http = { workspace = true }
 indexmap = { workspace = true }
 libc = { workspace = true }
 mcp-types = { workspace = true }
 os_info = { workspace = true }
-portable-pty = { workspace = true }
 rand = { workspace = true }
 regex-lite = { workspace = true }
 reqwest = { workspace = true, features = ["json", "stream"] }
@@ -47,6 +49,7 @@ shlex = { workspace = true }
 similar = { workspace = true }
 strum_macros = { workspace = true }
 tempfile = { workspace = true }
+test-log = { workspace = true }
 thiserror = { workspace = true }
 time = { workspace = true, features = [
    "formatting",
@@ -62,7 +65,6 @@ tokio = { workspace = true, features = [
    "signal",
 ] }
 tokio-util = { workspace = true, features = ["rt"] }
-tokio-stream = { workspace = true, features = ["sync"] }
 toml = { workspace = true }
 toml_edit = { workspace = true }
 tracing = { workspace = true, features = ["log"] }
--- a/codex-rs/core/README.md
+++ b/codex-rs/core/README.md
@@ -4,7 +4,7 @@ This crate implements the business logic for Codex. It is designed to be used by

 ## Dependencies

-Note that `codex-core` makes some assumptions about certain helper utilities being available in the environment. Currently, this
+Note that `codex-core` makes some assumptions about certain helper utilities being available in the environment. Currently, this support matrix is:

 ### macOS

--- a/codex-rs/core/src/apply_patch.rs
+++ b/codex-rs/core/src/apply_patch.rs
@@ -36,7 +36,6 @@ pub(crate) struct ApplyPatchExec {
 pub(crate) async fn apply_patch(
    sess: &Session,
    turn_context: &TurnContext,
-    sub_id: &str,
    call_id: &str,
    action: ApplyPatchAction,
 ) -> InternalApplyPatchInvocation {
@@ -62,7 +61,7 @@ pub(crate) async fn apply_patch(
            // that similar patches can be auto-approved in the future during
            // this session.
            let rx_approve = sess
-                .request_patch_approval(sub_id.to_owned(), call_id.to_owned(), &action, None, None)
+                .request_patch_approval(turn_context, call_id.to_owned(), &action, None, None)
                .await;
            match rx_approve.await.unwrap_or_default() {
                ReviewDecision::Approved | ReviewDecision::ApprovedForSession => {
--- a/codex-rs/core/src/auth.rs
+++ b/codex-rs/core/src/auth.rs
@@ -2,6 +2,8 @@ use chrono::DateTime;
 use chrono::Utc;
 use serde::Deserialize;
 use serde::Serialize;
+#[cfg(test)]
+use serial_test::serial;
 use std::env;
 use std::fs::File;
 use std::fs::OpenOptions;
@@ -16,7 +18,10 @@ use std::sync::Mutex;
 use std::time::Duration;

 use codex_app_server_protocol::AuthMode;
+use codex_protocol::config_types::ForcedLoginMethod;

+use crate::config::Config;
+use crate::default_client::CodexHttpClient;
 use crate::token_data::PlanType;
 use crate::token_data::TokenData;
 use crate::token_data::parse_id_token;
@@ -28,7 +33,7 @@ pub struct CodexAuth {
    pub(crate) api_key: Option<String>,
    pub(crate) auth_dot_json: Arc<Mutex<Option<AuthDotJson>>>,
    pub(crate) auth_file: PathBuf,
-    pub(crate) client: reqwest::Client,
+    pub(crate) client: CodexHttpClient,
 }

 impl PartialEq for CodexAuth {
@@ -39,6 +44,8 @@ impl PartialEq for CodexAuth {

 impl CodexAuth {
    pub async fn refresh_token(&self) -> Result<String, std::io::Error> {
+        tracing::info!("Refreshing token");
+
        let token_data = self
            .get_current_token_data()
            .ok_or(std::io::Error::other("Token data is not available."))?;
@@ -176,7 +183,7 @@ impl CodexAuth {
        }
    }

-    fn from_api_key_with_client(api_key: &str, client: reqwest::Client) -> Self {
+    fn from_api_key_with_client(api_key: &str, client: CodexHttpClient) -> Self {
        Self {
            api_key: Some(api_key.to_owned()),
            mode: AuthMode::ApiKey,
@@ -233,6 +240,74 @@ pub fn login_with_api_key(codex_home: &Path, api_key: &str) -> std::io::Result<(
    write_auth_json(&get_auth_file(codex_home), &auth_dot_json)
 }

+pub async fn enforce_login_restrictions(config: &Config) -> std::io::Result<()> {
+    let Some(auth) = load_auth(&config.codex_home, true)? else {
+        return Ok(());
+    };
+
+    if let Some(required_method) = config.forced_login_method {
+        let method_violation = match (required_method, auth.mode) {
+            (ForcedLoginMethod::Api, AuthMode::ApiKey) => None,
+            (ForcedLoginMethod::Chatgpt, AuthMode::ChatGPT) => None,
+            (ForcedLoginMethod::Api, AuthMode::ChatGPT) => Some(
+                "API key login is required, but ChatGPT is currently being used. Logging out."
+                    .to_string(),
+            ),
+            (ForcedLoginMethod::Chatgpt, AuthMode::ApiKey) => Some(
+                "ChatGPT login is required, but an API key is currently being used. Logging out."
+                    .to_string(),
+            ),
+        };
+
+        if let Some(message) = method_violation {
+            return logout_with_message(&config.codex_home, message);
+        }
+    }
+
+    if let Some(expected_account_id) = config.forced_chatgpt_workspace_id.as_deref() {
+        if auth.mode != AuthMode::ChatGPT {
+            return Ok(());
+        }
+
+        let token_data = match auth.get_token_data().await {
+            Ok(data) => data,
+            Err(err) => {
+                return logout_with_message(
+                    &config.codex_home,
+                    format!(
+                        "Failed to load ChatGPT credentials while enforcing workspace restrictions: {err}. Logging out."
+                    ),
+                );
+            }
+        };
+
+        // workspace is the external identifier for account id.
+        let chatgpt_account_id = token_data.id_token.chatgpt_account_id.as_deref();
+        if chatgpt_account_id != Some(expected_account_id) {
+            let message = match chatgpt_account_id {
+                Some(actual) => format!(
+                    "Login is restricted to workspace {expected_account_id}, but current credentials belong to {actual}. Logging out."
+                ),
+                None => format!(
+                    "Login is restricted to workspace {expected_account_id}, but current credentials lack a workspace identifier. Logging out."
+                ),
+            };
+            return logout_with_message(&config.codex_home, message);
+        }
+    }
+
+    Ok(())
+}
+
+fn logout_with_message(codex_home: &Path, message: String) -> std::io::Result<()> {
+    match logout(codex_home) {
+        Ok(_) => Err(std::io::Error::other(message)),
+        Err(err) => Err(std::io::Error::other(format!(
+            "{message}. Failed to remove auth.json: {err}"
+        ))),
+    }
+}
+
 fn load_auth(
    codex_home: &Path,
    enable_codex_api_key_env: bool,
@@ -249,9 +324,8 @@ fn load_auth(
    let client = crate::default_client::create_client();
    let auth_dot_json = match try_read_auth_json(&auth_file) {
        Ok(auth) => auth,
-        Err(e) => {
-            return Err(e);
-        }
+        Err(err) if err.kind() == std::io::ErrorKind::NotFound => return Ok(None),
+        Err(err) => return Err(err),
    };

    let AuthDotJson {
@@ -329,7 +403,7 @@ async fn update_tokens(

 async fn try_refresh_token(
    refresh_token: String,
-    client: &reqwest::Client,
+    client: &CodexHttpClient,
 ) -> std::io::Result<RefreshResponse> {
    let refresh_request = RefreshRequest {
        client_id: CLIENT_ID,
@@ -403,17 +477,19 @@ struct CachedAuth {
 #[cfg(test)]
 mod tests {
    use super::*;
+    use crate::config::Config;
+    use crate::config::ConfigOverrides;
+    use crate::config::ConfigToml;
    use crate::token_data::IdTokenInfo;
    use crate::token_data::KnownPlan;
    use crate::token_data::PlanType;
    use base64::Engine;
+    use codex_protocol::config_types::ForcedLoginMethod;
    use pretty_assertions::assert_eq;
    use serde::Serialize;
    use serde_json::json;
    use tempfile::tempdir;

-    const LAST_REFRESH: &str = "2025-08-06T20:41:36.232376Z";
-
    #[tokio::test]
    async fn roundtrip_auth_dot_json() {
        let codex_home = tempdir().unwrap();
@@ -421,6 +497,7 @@ mod tests {
            AuthFileParams {
                openai_api_key: None,
                chatgpt_plan_type: "pro".to_string(),
+                chatgpt_account_id: None,
            },
            codex_home.path(),
        )
@@ -460,13 +537,22 @@ mod tests {
        assert!(auth.tokens.is_none(), "tokens should be cleared");
    }

+    #[test]
+    fn missing_auth_json_returns_none() {
+        let dir = tempdir().unwrap();
+        let auth = CodexAuth::from_codex_home(dir.path()).expect("call should succeed");
+        assert_eq!(auth, None);
+    }
+
    #[tokio::test]
+    #[serial(codex_api_key)]
    async fn pro_account_with_no_api_key_uses_chatgpt_auth() {
        let codex_home = tempdir().unwrap();
        let fake_jwt = write_auth_file(
            AuthFileParams {
                openai_api_key: None,
                chatgpt_plan_type: "pro".to_string(),
+                chatgpt_account_id: None,
            },
            codex_home.path(),
        )
@@ -484,6 +570,10 @@ mod tests {

        let guard = auth_dot_json.lock().unwrap();
        let auth_dot_json = guard.as_ref().expect("AuthDotJson should exist");
+        let last_refresh = auth_dot_json
+            .last_refresh
+            .expect("last_refresh should be recorded");
+
        assert_eq!(
            &AuthDotJson {
                openai_api_key: None,
@@ -491,23 +581,21 @@ mod tests {
                    id_token: IdTokenInfo {
                        email: Some("user@example.com".to_string()),
                        chatgpt_plan_type: Some(PlanType::Known(KnownPlan::Pro)),
+                        chatgpt_account_id: None,
                        raw_jwt: fake_jwt,
                    },
                    access_token: "test-access-token".to_string(),
                    refresh_token: "test-refresh-token".to_string(),
                    account_id: None,
                }),
-                last_refresh: Some(
-                    DateTime::parse_from_rfc3339(LAST_REFRESH)
-                        .unwrap()
-                        .with_timezone(&Utc)
-                ),
+                last_refresh: Some(last_refresh),
            },
            auth_dot_json
-        )
+        );
    }

    #[tokio::test]
+    #[serial(codex_api_key)]
    async fn loads_api_key_from_auth_json() {
        let dir = tempdir().unwrap();
        let auth_file = dir.path().join("auth.json");
@@ -543,6 +631,7 @@ mod tests {
    struct AuthFileParams {
        openai_api_key: Option<String>,
        chatgpt_plan_type: String,
+        chatgpt_account_id: Option<String>,
    }

    fn write_auth_file(params: AuthFileParams, codex_home: &Path) -> std::io::Result<String> {
@@ -557,15 +646,21 @@ mod tests {
            alg: "none",
            typ: "JWT",
        };
+        let mut auth_payload = serde_json::json!({
+            "chatgpt_plan_type": params.chatgpt_plan_type,
+            "chatgpt_user_id": "user-12345",
+            "user_id": "user-12345",
+        });
+
+        if let Some(chatgpt_account_id) = params.chatgpt_account_id {
+            let org_value = serde_json::Value::String(chatgpt_account_id);
+            auth_payload["chatgpt_account_id"] = org_value;
+        }
+
        let payload = serde_json::json!({
            "email": "user@example.com",
            "email_verified": true,
-            "https://api.openai.com/auth": {
-                "chatgpt_account_id": "bc3618e3-489d-4d49-9362-1561dc53ba53",
-                "chatgpt_plan_type": params.chatgpt_plan_type,
-                "chatgpt_user_id": "user-12345",
-                "user_id": "user-12345",
-            }
+            "https://api.openai.com/auth": auth_payload,
        });
        let b64 = |b: &[u8]| base64::engine::general_purpose::URL_SAFE_NO_PAD.encode(b);
        let header_b64 = b64(&serde_json::to_vec(&header)?);
@@ -580,12 +675,161 @@ mod tests {
                "access_token": "test-access-token",
                "refresh_token": "test-refresh-token"
            },
-            "last_refresh": LAST_REFRESH,
+            "last_refresh": Utc::now(),
        });
        let auth_json = serde_json::to_string_pretty(&auth_json_data)?;
        std::fs::write(auth_file, auth_json)?;
        Ok(fake_jwt)
    }
+
+    fn build_config(
+        codex_home: &Path,
+        forced_login_method: Option<ForcedLoginMethod>,
+        forced_chatgpt_workspace_id: Option<String>,
+    ) -> Config {
+        let mut config = Config::load_from_base_config_with_overrides(
+            ConfigToml::default(),
+            ConfigOverrides::default(),
+            codex_home.to_path_buf(),
+        )
+        .expect("config should load");
+        config.forced_login_method = forced_login_method;
+        config.forced_chatgpt_workspace_id = forced_chatgpt_workspace_id;
+        config
+    }
+
+    /// Use sparingly.
+    /// TODO (gpeal): replace this with an injectable env var provider.
+    #[cfg(test)]
+    struct EnvVarGuard {
+        key: &'static str,
+        original: Option<std::ffi::OsString>,
+    }
+
+    #[cfg(test)]
+    impl EnvVarGuard {
+        fn set(key: &'static str, value: &str) -> Self {
+            let original = env::var_os(key);
+            unsafe {
+                env::set_var(key, value);
+            }
+            Self { key, original }
+        }
+    }
+
+    #[cfg(test)]
+    impl Drop for EnvVarGuard {
+        fn drop(&mut self) {
+            unsafe {
+                match &self.original {
+                    Some(value) => env::set_var(self.key, value),
+                    None => env::remove_var(self.key),
+                }
+            }
+        }
+    }
+
+    #[tokio::test]
+    async fn enforce_login_restrictions_logs_out_for_method_mismatch() {
+        let codex_home = tempdir().unwrap();
+        login_with_api_key(codex_home.path(), "sk-test").expect("seed api key");
+
+        let config = build_config(codex_home.path(), Some(ForcedLoginMethod::Chatgpt), None);
+
+        let err = super::enforce_login_restrictions(&config)
+            .await
+            .expect_err("expected method mismatch to error");
+        assert!(err.to_string().contains("ChatGPT login is required"));
+        assert!(
+            !codex_home.path().join("auth.json").exists(),
+            "auth.json should be removed on mismatch"
+        );
+    }
+
+    #[tokio::test]
+    #[serial(codex_api_key)]
+    async fn enforce_login_restrictions_logs_out_for_workspace_mismatch() {
+        let codex_home = tempdir().unwrap();
+        let _jwt = write_auth_file(
+            AuthFileParams {
+                openai_api_key: None,
+                chatgpt_plan_type: "pro".to_string(),
+                chatgpt_account_id: Some("org_another_org".to_string()),
+            },
+            codex_home.path(),
+        )
+        .expect("failed to write auth file");
+
+        let config = build_config(codex_home.path(), None, Some("org_mine".to_string()));
+
+        let err = super::enforce_login_restrictions(&config)
+            .await
+            .expect_err("expected workspace mismatch to error");
+        assert!(err.to_string().contains("workspace org_mine"));
+        assert!(
+            !codex_home.path().join("auth.json").exists(),
+            "auth.json should be removed on mismatch"
+        );
+    }
+
+    #[tokio::test]
+    #[serial(codex_api_key)]
+    async fn enforce_login_restrictions_allows_matching_workspace() {
+        let codex_home = tempdir().unwrap();
+        let _jwt = write_auth_file(
+            AuthFileParams {
+                openai_api_key: None,
+                chatgpt_plan_type: "pro".to_string(),
+                chatgpt_account_id: Some("org_mine".to_string()),
+            },
+            codex_home.path(),
+        )
+        .expect("failed to write auth file");
+
+        let config = build_config(codex_home.path(), None, Some("org_mine".to_string()));
+
+        super::enforce_login_restrictions(&config)
+            .await
+            .expect("matching workspace should succeed");
+        assert!(
+            codex_home.path().join("auth.json").exists(),
+            "auth.json should remain when restrictions pass"
+        );
+    }
+
+    #[tokio::test]
+    async fn enforce_login_restrictions_allows_api_key_if_login_method_not_set_but_forced_chatgpt_workspace_id_is_set()
+     {
+        let codex_home = tempdir().unwrap();
+        login_with_api_key(codex_home.path(), "sk-test").expect("seed api key");
+
+        let config = build_config(codex_home.path(), None, Some("org_mine".to_string()));
+
+        super::enforce_login_restrictions(&config)
+            .await
+            .expect("matching workspace should succeed");
+        assert!(
+            codex_home.path().join("auth.json").exists(),
+            "auth.json should remain when restrictions pass"
+        );
+    }
+
+    #[tokio::test]
+    #[serial(codex_api_key)]
+    async fn enforce_login_restrictions_blocks_env_api_key_when_chatgpt_required() {
+        let _guard = EnvVarGuard::set(CODEX_API_KEY_ENV_VAR, "sk-env");
+        let codex_home = tempdir().unwrap();
+
+        let config = build_config(codex_home.path(), Some(ForcedLoginMethod::Chatgpt), None);
+
+        let err = super::enforce_login_restrictions(&config)
+            .await
+            .expect_err("environment API key should not satisfy forced ChatGPT login");
+        assert!(
+            err.to_string()
+                .contains("ChatGPT login is required, but an API key is currently being used.")
+        );
+    }
 }

 /// Central manager providing a single source of truth for auth.json derived
@@ -675,7 +919,10 @@ impl AuthManager {
                self.reload();
                Ok(Some(token))
            }
-            Err(e) => Err(e),
+            Err(e) => {
+                tracing::error!("Failed to refresh token: {}", e);
+                Err(e)
+            }
        }
    }

--- a/codex-rs/core/src/bash.rs
+++ b/codex-rs/core/src/bash.rs
@@ -5,13 +5,13 @@ use tree_sitter_bash::LANGUAGE as BASH;

 /// Parse the provided bash source using tree-sitter-bash, returning a Tree on
 /// success or None if parsing failed.
-pub fn try_parse_bash(bash_lc_arg: &str) -> Option<Tree> {
+pub fn try_parse_shell(shell_lc_arg: &str) -> Option<Tree> {
    let lang = BASH.into();
    let mut parser = Parser::new();
    #[expect(clippy::expect_used)]
    parser.set_language(&lang).expect("load bash grammar");
    let old_tree: Option<&Tree> = None;
-    parser.parse(bash_lc_arg, old_tree)
+    parser.parse(shell_lc_arg, old_tree)
 }

 /// Parse a script which may contain multiple simple commands joined only by
@@ -88,18 +88,19 @@ pub fn try_parse_word_only_commands_sequence(tree: &Tree, src: &str) -> Option<V
    Some(commands)
 }

-/// Returns the sequence of plain commands within a `bash -lc "..."` invocation
-/// when the script only contains word-only commands joined by safe operators.
-pub fn parse_bash_lc_plain_commands(command: &[String]) -> Option<Vec<Vec<String>>> {
-    let [bash, flag, script] = command else {
+/// Returns the sequence of plain commands within a `bash -lc "..."` or
+/// `zsh -lc "..."` invocation when the script only contains word-only commands
+/// joined by safe operators.
+pub fn parse_shell_lc_plain_commands(command: &[String]) -> Option<Vec<Vec<String>>> {
+    let [shell, flag, script] = command else {
        return None;
    };

-    if bash != "bash" || flag != "-lc" {
+    if flag != "-lc" || !(shell == "bash" || shell == "zsh") {
        return None;
    }

-    let tree = try_parse_bash(script)?;
+    let tree = try_parse_shell(script)?;
    try_parse_word_only_commands_sequence(&tree, script)
 }

@@ -154,7 +155,7 @@ mod tests {
    use super::*;

    fn parse_seq(src: &str) -> Option<Vec<Vec<String>>> {
-        let tree = try_parse_bash(src)?;
+        let tree = try_parse_shell(src)?;
        try_parse_word_only_commands_sequence(&tree, src)
    }

@@ -234,4 +235,11 @@ mod tests {
    fn rejects_trailing_operator_parse_error() {
        assert!(parse_seq("ls &&").is_none());
    }
+
+    #[test]
+    fn parse_zsh_lc_plain_commands() {
+        let command = vec!["zsh".to_string(), "-lc".to_string(), "ls".to_string()];
+        let parsed = parse_shell_lc_plain_commands(&command).unwrap();
+        assert_eq!(parsed, vec![vec!["ls".to_string()]]);
+    }
 }
--- a/codex-rs/core/src/chat_completions.rs
+++ b/codex-rs/core/src/chat_completions.rs
@@ -4,6 +4,7 @@ use crate::ModelProviderInfo;
 use crate::client_common::Prompt;
 use crate::client_common::ResponseEvent;
 use crate::client_common::ResponseStream;
+use crate::default_client::CodexHttpClient;
 use crate::error::CodexErr;
 use crate::error::ConnectionFailedError;
 use crate::error::ResponseStreamFailed;
@@ -11,7 +12,7 @@ use crate::error::Result;
 use crate::error::RetryLimitReachedError;
 use crate::error::UnexpectedResponseError;
 use crate::model_family::ModelFamily;
-use crate::openai_tools::create_tools_json_for_chat_completions_api;
+use crate::tools::spec::create_tools_json_for_chat_completions_api;
 use crate::util::backoff;
 use bytes::Bytes;
 use codex_otel::otel_event_manager::OtelEventManager;
@@ -36,7 +37,7 @@ use tracing::trace;
 pub(crate) async fn stream_chat_completions(
    prompt: &Prompt,
    model_family: &ModelFamily,
-    client: &reqwest::Client,
+    client: &CodexHttpClient,
    provider: &ModelProviderInfo,
    otel_event_manager: &OtelEventManager,
 ) -> Result<ResponseStream> {
@@ -104,10 +105,10 @@ pub(crate) async fn stream_chat_completions(
            } = item
            {
                let mut text = String::new();
-                for c in items {
-                    match c {
-                        ReasoningItemContent::ReasoningText { text: t }
-                        | ReasoningItemContent::Text { text: t } => text.push_str(t),
+                for entry in items {
+                    match entry {
+                        ReasoningItemContent::ReasoningText { text: segment }
+                        | ReasoningItemContent::Text { text: segment } => text.push_str(segment),
                    }
                }
                if text.trim().is_empty() {
--- a/codex-rs/core/src/client.rs
+++ b/codex-rs/core/src/client.rs
@@ -1,17 +1,18 @@
 use std::io::BufRead;
 use std::path::Path;
+use std::sync::Arc;
 use std::sync::OnceLock;
 use std::time::Duration;

-use crate::AuthManager;
-use crate::auth::CodexAuth;
-use crate::error::ConnectionFailedError;
-use crate::error::ResponseStreamFailed;
-use crate::error::RetryLimitReachedError;
-use crate::error::UnexpectedResponseError;
 use bytes::Bytes;
+use chrono::DateTime;
+use chrono::Utc;
 use codex_app_server_protocol::AuthMode;
+use codex_otel::otel_event_manager::OtelEventManager;
 use codex_protocol::ConversationId;
+use codex_protocol::config_types::ReasoningEffort as ReasoningEffortConfig;
+use codex_protocol::config_types::ReasoningSummary as ReasoningSummaryConfig;
+use codex_protocol::models::ResponseItem;
 use eventsource_stream::Eventsource;
 use futures::prelude::*;
 use regex_lite::Regex;
@@ -27,6 +28,8 @@ use tracing::debug;
 use tracing::trace;
 use tracing::warn;

+use crate::AuthManager;
+use crate::auth::CodexAuth;
 use crate::chat_completions::AggregateStreamExt;
 use crate::chat_completions::stream_chat_completions;
 use crate::client_common::Prompt;
@@ -36,27 +39,27 @@ use crate::client_common::ResponsesApiRequest;
 use crate::client_common::create_reasoning_param_for_request;
 use crate::client_common::create_text_param_for_request;
 use crate::config::Config;
+use crate::default_client::CodexHttpClient;
 use crate::default_client::create_client;
 use crate::error::CodexErr;
+use crate::error::ConnectionFailedError;
+use crate::error::ResponseStreamFailed;
 use crate::error::Result;
+use crate::error::RetryLimitReachedError;
+use crate::error::UnexpectedResponseError;
 use crate::error::UsageLimitReachedError;
 use crate::flags::CODEX_RS_SSE_FIXTURE;
 use crate::model_family::ModelFamily;
 use crate::model_provider_info::ModelProviderInfo;
 use crate::model_provider_info::WireApi;
 use crate::openai_model_info::get_model_info;
-use crate::openai_tools::create_tools_json_for_responses_api;
 use crate::protocol::RateLimitSnapshot;
 use crate::protocol::RateLimitWindow;
 use crate::protocol::TokenUsage;
 use crate::state::TaskKind;
 use crate::token_data::PlanType;
+use crate::tools::spec::create_tools_json_for_responses_api;
 use crate::util::backoff;
-use codex_otel::otel_event_manager::OtelEventManager;
-use codex_protocol::config_types::ReasoningEffort as ReasoningEffortConfig;
-use codex_protocol::config_types::ReasoningSummary as ReasoningSummaryConfig;
-use codex_protocol::models::ResponseItem;
-use std::sync::Arc;

 #[derive(Debug, Deserialize)]
 struct ErrorResponse {
@@ -71,7 +74,7 @@ struct Error {

    // Optional fields available on "usage_limit_reached" and "usage_not_included" errors
    plan_type: Option<PlanType>,
-    resets_in_seconds: Option<u64>,
+    resets_at: Option<i64>,
 }

 #[derive(Debug, Clone)]
@@ -79,7 +82,7 @@ pub struct ModelClient {
    config: Arc<Config>,
    auth_manager: Option<Arc<AuthManager>>,
    otel_event_manager: OtelEventManager,
-    client: reqwest::Client,
+    client: CodexHttpClient,
    provider: ModelProviderInfo,
    conversation_id: ConversationId,
    effort: Option<ReasoningEffortConfig>,
@@ -110,10 +113,12 @@ impl ModelClient {
        }
    }

-    pub fn get_model_context_window(&self) -> Option<u64> {
+    pub fn get_model_context_window(&self) -> Option<i64> {
+        let pct = self.config.model_family.effective_context_window_percent;
        self.config
            .model_context_window
            .or_else(|| get_model_info(&self.config.model_family).map(|info| info.context_window))
+            .map(|w| w.saturating_mul(pct) / 100)
    }

    pub fn get_auto_compact_token_limit(&self) -> Option<i64> {
@@ -296,6 +301,7 @@ impl ModelClient {
            "POST to {}: {:?}",
            self.provider.get_full_url(&auth),
            serde_json::to_string(payload_json)
+                .unwrap_or("<unable to serialize payload>".to_string())
        );

        let mut req_builder = self
@@ -331,12 +337,6 @@ impl ModelClient {
                .headers()
                .get("cf-ray")
                .map(|v| v.to_str().unwrap_or_default().to_string());
-
-            trace!(
-                "Response status: {}, cf-ray: {:?}",
-                resp.status(),
-                request_id
-            );
        }

        match res {
@@ -419,10 +419,12 @@ impl ModelClient {
                            let plan_type = error
                                .plan_type
                                .or_else(|| auth.as_ref().and_then(CodexAuth::get_plan_type));
-                            let resets_in_seconds = error.resets_in_seconds;
+                            let resets_at = error
+                                .resets_at
+                                .and_then(|seconds| DateTime::<Utc>::from_timestamp(seconds, 0));
                            let codex_err = CodexErr::UsageLimitReached(UsageLimitReachedError {
                                plan_type,
-                                resets_in_seconds,
+                                resets_at,
                                rate_limits: rate_limit_snapshot,
                            });
                            return Err(StreamAttemptError::Fatal(codex_err));
@@ -538,11 +540,11 @@ struct ResponseCompleted {

 #[derive(Debug, Deserialize)]
 struct ResponseCompletedUsage {
-    input_tokens: u64,
+    input_tokens: i64,
    input_tokens_details: Option<ResponseCompletedInputTokensDetails>,
-    output_tokens: u64,
+    output_tokens: i64,
    output_tokens_details: Option<ResponseCompletedOutputTokensDetails>,
-    total_tokens: u64,
+    total_tokens: i64,
 }

 impl From<ResponseCompletedUsage> for TokenUsage {
@@ -565,12 +567,12 @@ impl From<ResponseCompletedUsage> for TokenUsage {

 #[derive(Debug, Deserialize)]
 struct ResponseCompletedInputTokensDetails {
-    cached_tokens: u64,
+    cached_tokens: i64,
 }

 #[derive(Debug, Deserialize)]
 struct ResponseCompletedOutputTokensDetails {
-    reasoning_tokens: u64,
+    reasoning_tokens: i64,
 }

 fn attach_item_ids(payload_json: &mut Value, original_items: &[ResponseItem]) {
@@ -605,14 +607,14 @@ fn parse_rate_limit_snapshot(headers: &HeaderMap) -> Option<RateLimitSnapshot> {
        headers,
        "x-codex-primary-used-percent",
        "x-codex-primary-window-minutes",
-        "x-codex-primary-reset-after-seconds",
+        "x-codex-primary-reset-at",
    );

    let secondary = parse_rate_limit_window(
        headers,
        "x-codex-secondary-used-percent",
        "x-codex-secondary-window-minutes",
-        "x-codex-secondary-reset-after-seconds",
+        "x-codex-secondary-reset-at",
    );

    Some(RateLimitSnapshot { primary, secondary })
@@ -622,22 +624,22 @@ fn parse_rate_limit_window(
    headers: &HeaderMap,
    used_percent_header: &str,
    window_minutes_header: &str,
-    resets_header: &str,
+    resets_at_header: &str,
 ) -> Option<RateLimitWindow> {
    let used_percent: Option<f64> = parse_header_f64(headers, used_percent_header);

    used_percent.and_then(|used_percent| {
-        let window_minutes = parse_header_u64(headers, window_minutes_header);
-        let resets_in_seconds = parse_header_u64(headers, resets_header);
+        let window_minutes = parse_header_i64(headers, window_minutes_header);
+        let resets_at = parse_header_i64(headers, resets_at_header);

        let has_data = used_percent != 0.0
            || window_minutes.is_some_and(|minutes| minutes != 0)
-            || resets_in_seconds.is_some_and(|seconds| seconds != 0);
+            || resets_at.is_some();

        has_data.then_some(RateLimitWindow {
            used_percent,
            window_minutes,
-            resets_in_seconds,
+            resets_at,
        })
    })
 }
@@ -649,8 +651,8 @@ fn parse_header_f64(headers: &HeaderMap, name: &str) -> Option<f64> {
        .filter(|v| v.is_finite())
 }

-fn parse_header_u64(headers: &HeaderMap, name: &str) -> Option<u64> {
-    parse_header_str(headers, name)?.parse::<u64>().ok()
+fn parse_header_i64(headers: &HeaderMap, name: &str) -> Option<i64> {
+    parse_header_str(headers, name)?.parse::<i64>().ok()
 }

 fn parse_header_str<'a>(headers: &'a HeaderMap, name: &str) -> Option<&'a str> {
@@ -1087,6 +1089,7 @@ mod tests {
            base_url: Some("https://test.com".to_string()),
            env_key: Some("TEST_API_KEY".to_string()),
            env_key_instructions: None,
+            experimental_bearer_token: None,
            wire_api: WireApi::Responses,
            query_params: None,
            http_headers: None,
@@ -1150,6 +1153,7 @@ mod tests {
            base_url: Some("https://test.com".to_string()),
            env_key: Some("TEST_API_KEY".to_string()),
            env_key_instructions: None,
+            experimental_bearer_token: None,
            wire_api: WireApi::Responses,
            query_params: None,
            http_headers: None,
@@ -1186,6 +1190,7 @@ mod tests {
            base_url: Some("https://test.com".to_string()),
            env_key: Some("TEST_API_KEY".to_string()),
            env_key_instructions: None,
+            experimental_bearer_token: None,
            wire_api: WireApi::Responses,
            query_params: None,
            http_headers: None,
@@ -1224,6 +1229,7 @@ mod tests {
            base_url: Some("https://test.com".to_string()),
            env_key: Some("TEST_API_KEY".to_string()),
            env_key_instructions: None,
+            experimental_bearer_token: None,
            wire_api: WireApi::Responses,
            query_params: None,
            http_headers: None,
@@ -1258,6 +1264,7 @@ mod tests {
            base_url: Some("https://test.com".to_string()),
            env_key: Some("TEST_API_KEY".to_string()),
            env_key_instructions: None,
+            experimental_bearer_token: None,
            wire_api: WireApi::Responses,
            query_params: None,
            http_headers: None,
@@ -1361,6 +1368,7 @@ mod tests {
                base_url: Some("https://test.com".to_string()),
                env_key: Some("TEST_API_KEY".to_string()),
                env_key_instructions: None,
+                experimental_bearer_token: None,
                wire_api: WireApi::Responses,
                query_params: None,
                http_headers: None,
@@ -1390,7 +1398,7 @@ mod tests {
            message: Some("Rate limit reached for gpt-5 in organization org- on tokens per min (TPM): Limit 1, Used 1, Requested 19304. Please try again in 28ms. Visit https://platform.openai.com/account/rate-limits to learn more.".to_string()),
            code: Some("rate_limit_exceeded".to_string()),
            plan_type: None,
-            resets_in_seconds: None
+            resets_at: None
        };

        let delay = try_parse_retry_after(&err);
@@ -1404,20 +1412,20 @@ mod tests {
            message: Some("Rate limit reached for gpt-5 in organization <ORG> on tokens per min (TPM): Limit 30000, Used 6899, Requested 24050. Please try again in 1.898s. Visit https://platform.openai.com/account/rate-limits to learn more.".to_string()),
            code: Some("rate_limit_exceeded".to_string()),
            plan_type: None,
-            resets_in_seconds: None
+            resets_at: None
        };
        let delay = try_parse_retry_after(&err);
        assert_eq!(delay, Some(Duration::from_secs_f64(1.898)));
    }

    #[test]
-    fn error_response_deserializes_old_schema_known_plan_type_and_serializes_back() {
+    fn error_response_deserializes_schema_known_plan_type_and_serializes_back() {
        use crate::token_data::KnownPlan;
        use crate::token_data::PlanType;

-        let json = r#"{"error":{"type":"usage_limit_reached","plan_type":"pro","resets_in_seconds":3600}}"#;
-        let resp: ErrorResponse =
-            serde_json::from_str(json).expect("should deserialize old schema");
+        let json =
+            r#"{"error":{"type":"usage_limit_reached","plan_type":"pro","resets_at":1704067200}}"#;
+        let resp: ErrorResponse = serde_json::from_str(json).expect("should deserialize schema");

        assert_matches!(resp.error.plan_type, Some(PlanType::Known(KnownPlan::Pro)));

@@ -1426,13 +1434,12 @@ mod tests {
    }

    #[test]
-    fn error_response_deserializes_old_schema_unknown_plan_type_and_serializes_back() {
+    fn error_response_deserializes_schema_unknown_plan_type_and_serializes_back() {
        use crate::token_data::PlanType;

        let json =
-            r#"{"error":{"type":"usage_limit_reached","plan_type":"vip","resets_in_seconds":60}}"#;
-        let resp: ErrorResponse =
-            serde_json::from_str(json).expect("should deserialize old schema");
+            r#"{"error":{"type":"usage_limit_reached","plan_type":"vip","resets_at":1704067260}}"#;
+        let resp: ErrorResponse = serde_json::from_str(json).expect("should deserialize schema");

        assert_matches!(resp.error.plan_type, Some(PlanType::Unknown(ref s)) if s == "vip");

--- a/codex-rs/core/src/client_common.rs
+++ b/codex-rs/core/src/client_common.rs
@@ -281,7 +281,7 @@ pub(crate) struct ResponsesApiRequest<'a> {
 }

 pub(crate) mod tools {
-    use crate::openai_tools::JsonSchema;
+    use crate::tools::spec::JsonSchema;
    use serde::Deserialize;
    use serde::Serialize;

--- a/codex-rs/core/src/codex.rs
+++ b/codex-rs/core/src/codex.rs
--- a/codex-rs/core/src/codex/compact.rs
+++ b/codex-rs/core/src/codex/compact.rs
@@ -10,21 +10,21 @@ use crate::error::Result as CodexResult;
 use crate::protocol::AgentMessageEvent;
 use crate::protocol::CompactedItem;
 use crate::protocol::ErrorEvent;
-use crate::protocol::Event;
 use crate::protocol::EventMsg;
-use crate::protocol::InputItem;
-use crate::protocol::InputMessageKind;
 use crate::protocol::TaskStartedEvent;
 use crate::protocol::TurnContextItem;
 use crate::state::TaskKind;
 use crate::truncate::truncate_middle;
 use crate::util::backoff;
 use askama::Template;
+use codex_protocol::items::TurnItem;
 use codex_protocol::models::ContentItem;
 use codex_protocol::models::ResponseInputItem;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::protocol::RolloutItem;
+use codex_protocol::user_input::UserInput;
 use futures::prelude::*;
+use tracing::error;

 pub const SUMMARIZATION_PROMPT: &str = include_str!("../../templates/compact/prompt.md");
 const COMPACT_USER_MESSAGE_MAX_TOKENS: usize = 20_000;
@@ -40,40 +40,35 @@ pub(crate) async fn run_inline_auto_compact_task(
    sess: Arc<Session>,
    turn_context: Arc<TurnContext>,
 ) {
-    let sub_id = sess.next_internal_sub_id();
-    let input = vec![InputItem::Text {
+    let input = vec![UserInput::Text {
        text: SUMMARIZATION_PROMPT.to_string(),
    }];
-    run_compact_task_inner(sess, turn_context, sub_id, input).await;
+    run_compact_task_inner(sess, turn_context, input).await;
 }

 pub(crate) async fn run_compact_task(
    sess: Arc<Session>,
    turn_context: Arc<TurnContext>,
-    sub_id: String,
-    input: Vec<InputItem>,
+    input: Vec<UserInput>,
 ) -> Option<String> {
-    let start_event = Event {
-        id: sub_id.clone(),
-        msg: EventMsg::TaskStarted(TaskStartedEvent {
-            model_context_window: turn_context.client.get_model_context_window(),
-        }),
-    };
-    sess.send_event(start_event).await;
-    run_compact_task_inner(sess.clone(), turn_context, sub_id.clone(), input).await;
+    let start_event = EventMsg::TaskStarted(TaskStartedEvent {
+        model_context_window: turn_context.client.get_model_context_window(),
+    });
+    sess.send_event(&turn_context, start_event).await;
+    run_compact_task_inner(sess.clone(), turn_context, input).await;
    None
 }

 async fn run_compact_task_inner(
    sess: Arc<Session>,
    turn_context: Arc<TurnContext>,
-    sub_id: String,
-    input: Vec<InputItem>,
+    input: Vec<UserInput>,
 ) {
    let initial_input_for_turn: ResponseInputItem = ResponseInputItem::from(input);
-    let mut turn_input = sess
-        .turn_input_with_history(vec![initial_input_for_turn.clone().into()])
-        .await;
+
+    let mut history = sess.clone_history().await;
+    history.record_items(&[initial_input_for_turn.into()]);
+
    let mut truncated_count = 0usize;

    let max_retries = turn_context.client.get_provider().stream_max_retries();
@@ -90,18 +85,18 @@ async fn run_compact_task_inner(
    sess.persist_rollout_items(&[rollout_item]).await;

    loop {
+        let turn_input = history.get_history();
        let prompt = Prompt {
            input: turn_input.clone(),
            ..Default::default()
        };
-        let attempt_result =
-            drain_to_completed(&sess, turn_context.as_ref(), &sub_id, &prompt).await;
+        let attempt_result = drain_to_completed(&sess, turn_context.as_ref(), &prompt).await;

        match attempt_result {
            Ok(()) => {
                if truncated_count > 0 {
                    sess.notify_background_event(
-                        &sub_id,
+                        turn_context.as_ref(),
                        format!(
                            "Trimmed {truncated_count} older conversation item(s) before compacting so the prompt fits the model context window."
                        ),
@@ -115,20 +110,20 @@ async fn run_compact_task_inner(
            }
            Err(e @ CodexErr::ContextWindowExceeded) => {
                if turn_input.len() > 1 {
-                    turn_input.remove(0);
+                    // Trim from the beginning to preserve cache (prefix-based) and keep recent messages intact.
+                    error!(
+                        "Context window exceeded while compacting; removing oldest history item. Error: {e}"
+                    );
+                    history.remove_first_item();
                    truncated_count += 1;
                    retries = 0;
                    continue;
                }
-                sess.set_total_tokens_full(&sub_id, turn_context.as_ref())
-                    .await;
-                let event = Event {
-                    id: sub_id.clone(),
-                    msg: EventMsg::Error(ErrorEvent {
-                        message: e.to_string(),
-                    }),
-                };
-                sess.send_event(event).await;
+                sess.set_total_tokens_full(turn_context.as_ref()).await;
+                let event = EventMsg::Error(ErrorEvent {
+                    message: e.to_string(),
+                });
+                sess.send_event(&turn_context, event).await;
                return;
            }
            Err(e) => {
@@ -136,20 +131,17 @@ async fn run_compact_task_inner(
                    retries += 1;
                    let delay = backoff(retries);
                    sess.notify_stream_error(
-                        &sub_id,
+                        turn_context.as_ref(),
                        format!("Re-connecting... {retries}/{max_retries}"),
                    )
                    .await;
                    tokio::time::sleep(delay).await;
                    continue;
                } else {
-                    let event = Event {
-                        id: sub_id.clone(),
-                        msg: EventMsg::Error(ErrorEvent {
-                            message: e.to_string(),
-                        }),
-                    };
-                    sess.send_event(event).await;
+                    let event = EventMsg::Error(ErrorEvent {
+                        message: e.to_string(),
+                    });
+                    sess.send_event(&turn_context, event).await;
                    return;
                }
            }
@@ -168,13 +160,10 @@ async fn run_compact_task_inner(
    });
    sess.persist_rollout_items(&[rollout_item]).await;

-    let event = Event {
-        id: sub_id.clone(),
-        msg: EventMsg::AgentMessage(AgentMessageEvent {
-            message: "Compact task completed".to_string(),
-        }),
-    };
-    sess.send_event(event).await;
+    let event = EventMsg::AgentMessage(AgentMessageEvent {
+        message: "Compact task completed".to_string(),
+    });
+    sess.send_event(&turn_context, event).await;
 }

 pub fn content_items_to_text(content: &[ContentItem]) -> Option<String> {
@@ -199,23 +188,13 @@ pub fn content_items_to_text(content: &[ContentItem]) -> Option<String> {
 pub(crate) fn collect_user_messages(items: &[ResponseItem]) -> Vec<String> {
    items
        .iter()
-        .filter_map(|item| match item {
-            ResponseItem::Message { role, content, .. } if role == "user" => {
-                content_items_to_text(content)
-            }
+        .filter_map(|item| match crate::event_mapping::parse_turn_item(item) {
+            Some(TurnItem::UserMessage(user)) => Some(user.message()),
            _ => None,
        })
-        .filter(|text| !is_session_prefix_message(text))
        .collect()
 }

-pub fn is_session_prefix_message(text: &str) -> bool {
-    matches!(
-        InputMessageKind::from(("user", text)),
-        InputMessageKind::UserInstructions | InputMessageKind::EnvironmentContext
-    )
-}
-
 pub(crate) fn build_compacted_history(
    initial_context: Vec<ResponseItem>,
    user_messages: &[String],
@@ -256,7 +235,6 @@ pub(crate) fn build_compacted_history(
 async fn drain_to_completed(
    sess: &Session,
    turn_context: &TurnContext,
-    sub_id: &str,
    prompt: &Prompt,
 ) -> CodexResult<()> {
    let mut stream = turn_context
@@ -277,10 +255,10 @@ async fn drain_to_completed(
                sess.record_into_history(std::slice::from_ref(&item)).await;
            }
            Ok(ResponseEvent::RateLimits(snapshot)) => {
-                sess.update_rate_limits(sub_id, snapshot).await;
+                sess.update_rate_limits(turn_context, snapshot).await;
            }
            Ok(ResponseEvent::Completed { token_usage, .. }) => {
-                sess.update_token_usage_info(sub_id, turn_context, token_usage.as_ref())
+                sess.update_token_usage_info(turn_context, token_usage.as_ref())
                    .await;
                return Ok(());
            }
@@ -338,21 +316,16 @@ mod tests {
            ResponseItem::Message {
                id: Some("user".to_string()),
                role: "user".to_string(),
-                content: vec![
-                    ContentItem::InputText {
-                        text: "first".to_string(),
-                    },
-                    ContentItem::OutputText {
-                        text: "second".to_string(),
-                    },
-                ],
+                content: vec![ContentItem::InputText {
+                    text: "first".to_string(),
+                }],
            },
            ResponseItem::Other,
        ];

        let collected = collect_user_messages(&items);

-        assert_eq!(vec!["first\nsecond".to_string()], collected);
+        assert_eq!(vec!["first".to_string()], collected);
    }

    #[test]
--- a/codex-rs/core/src/command_safety/is_dangerous_command.rs
+++ b/codex-rs/core/src/command_safety/is_dangerous_command.rs
@@ -1,4 +1,4 @@
-use crate::bash::parse_bash_lc_plain_commands;
+use crate::bash::parse_shell_lc_plain_commands;

 pub fn command_might_be_dangerous(command: &[String]) -> bool {
    if is_dangerous_to_call_with_exec(command) {
@@ -6,7 +6,7 @@ pub fn command_might_be_dangerous(command: &[String]) -> bool {
    }

    // Support `bash -lc "<script>"` where the any part of the script might contain a dangerous command.
-    if let Some(all_commands) = parse_bash_lc_plain_commands(command)
+    if let Some(all_commands) = parse_shell_lc_plain_commands(command)
        && all_commands
            .iter()
            .any(|cmd| is_dangerous_to_call_with_exec(cmd))
@@ -57,6 +57,15 @@ mod tests {
        ])));
    }

+    #[test]
+    fn zsh_git_reset_is_dangerous() {
+        assert!(command_might_be_dangerous(&vec_str(&[
+            "zsh",
+            "-lc",
+            "git reset --hard"
+        ])));
+    }
+
    #[test]
    fn git_status_is_not_dangerous() {
        assert!(!command_might_be_dangerous(&vec_str(&["git", "status"])));
--- a/codex-rs/core/src/command_safety/is_safe_command.rs
+++ b/codex-rs/core/src/command_safety/is_safe_command.rs
@@ -1,15 +1,25 @@
-use crate::bash::parse_bash_lc_plain_commands;
+use crate::bash::parse_shell_lc_plain_commands;

 pub fn is_known_safe_command(command: &[String]) -> bool {
+    let command: Vec<String> = command
+        .iter()
+        .map(|s| {
+            if s == "zsh" {
+                "bash".to_string()
+            } else {
+                s.clone()
+            }
+        })
+        .collect();
    #[cfg(target_os = "windows")]
    {
        use super::windows_safe_commands::is_safe_command_windows;
-        if is_safe_command_windows(command) {
+        if is_safe_command_windows(&command) {
            return true;
        }
    }

-    if is_safe_to_call_with_exec(command) {
+    if is_safe_to_call_with_exec(&command) {
        return true;
    }

@@ -19,7 +29,7 @@ pub fn is_known_safe_command(command: &[String]) -> bool {
    // introduce side effects ( "&&", "||", ";", and "|" ). If every
    // individual command in the script is itself a known‑safe command, then
    // the composite expression is considered safe.
-    if let Some(all_commands) = parse_bash_lc_plain_commands(command)
+    if let Some(all_commands) = parse_shell_lc_plain_commands(&command)
        && !all_commands.is_empty()
        && all_commands
            .iter()
@@ -31,9 +41,14 @@ pub fn is_known_safe_command(command: &[String]) -> bool {
 }

 fn is_safe_to_call_with_exec(command: &[String]) -> bool {
-    let cmd0 = command.first().map(String::as_str);
+    let Some(cmd0) = command.first().map(String::as_str) else {
+        return false;
+    };

-    match cmd0 {
+    match std::path::Path::new(&cmd0)
+        .file_name()
+        .and_then(|osstr| osstr.to_str())
+    {
        #[rustfmt::skip]
        Some(
            "cat" |
@@ -103,13 +118,12 @@ fn is_safe_to_call_with_exec(command: &[String]) -> bool {
        // Rust
        Some("cargo") if command.get(1).map(String::as_str) == Some("check") => true,

-        // Special-case `sed -n {N|M,N}p FILE`
+        // Special-case `sed -n {N|M,N}p`
        Some("sed")
            if {
-                command.len() == 4
+                command.len() <= 4
                    && command.get(1).map(String::as_str) == Some("-n")
                    && is_valid_sed_n_arg(command.get(2).map(String::as_str))
-                    && command.get(3).map(String::is_empty) == Some(false)
            } =>
        {
            true
@@ -187,6 +201,11 @@ mod tests {
        ])));
    }

+    #[test]
+    fn zsh_lc_safe_command_sequence() {
+        assert!(is_known_safe_command(&vec_str(&["zsh", "-lc", "ls"])));
+    }
+
    #[test]
    fn unknown_or_partial() {
        assert!(!is_safe_to_call_with_exec(&vec_str(&["foo"])));
--- a/codex-rs/core/src/config.rs
+++ b/codex-rs/core/src/config.rs
@@ -36,12 +36,14 @@ use crate::protocol::SandboxPolicy;
 use anyhow::Context;
 use codex_app_server_protocol::Tools;
 use codex_app_server_protocol::UserSavedConfig;
+use codex_protocol::config_types::ForcedLoginMethod;
 use codex_protocol::config_types::ReasoningEffort;
 use codex_protocol::config_types::ReasoningSummary;
 use codex_protocol::config_types::SandboxMode;
 use codex_protocol::config_types::Verbosity;
 use codex_rmcp_client::OAuthCredentialsStoreMode;
 use dirs::home_dir;
+use dunce::canonicalize;
 use serde::Deserialize;
 use similar::DiffableStr;
 use std::collections::BTreeMap;
@@ -83,10 +85,10 @@ pub struct Config {
    pub model_family: ModelFamily,

    /// Size of the context window for the model, in tokens.
-    pub model_context_window: Option<u64>,
+    pub model_context_window: Option<i64>,

    /// Maximum number of output tokens.
-    pub model_max_output_tokens: Option<u64>,
+    pub model_max_output_tokens: Option<i64>,

    /// Token usage threshold triggering auto-compaction of conversation history.
    pub model_auto_compact_token_limit: Option<i64>,
@@ -208,8 +210,11 @@ pub struct Config {
    /// Base URL for requests to ChatGPT (as opposed to the OpenAI API).
    pub chatgpt_base_url: String,

-    /// Include an experimental plan tool that the model can use to update its current plan and status of each step.
-    pub include_plan_tool: bool,
+    /// When set, restricts ChatGPT login to a specific workspace identifier.
+    pub forced_chatgpt_workspace_id: Option<String>,
+
+    /// When set, restricts the login mechanism users may use.
+    pub forced_login_method: Option<ForcedLoginMethod>,

    /// Include the `apply_patch` tool for models that benefit from invoking
    /// file edits as a structured tool call. When unset, this falls back to the
@@ -476,6 +481,16 @@ pub fn write_global_mcp_servers(
                entry["tool_timeout_sec"] = toml_edit::value(timeout.as_secs_f64());
            }

+            if let Some(enabled_tools) = &config.enabled_tools {
+                entry["enabled_tools"] =
+                    TomlItem::Value(enabled_tools.iter().collect::<TomlArray>().into());
+            }
+
+            if let Some(disabled_tools) = &config.disabled_tools {
+                entry["disabled_tools"] =
+                    TomlItem::Value(disabled_tools.iter().collect::<TomlArray>().into());
+            }
+
            doc["mcp_servers"][name.as_str()] = TomlItem::Table(entry);
        }
    }
@@ -816,10 +831,10 @@ pub struct ConfigToml {
    pub model_provider: Option<String>,

    /// Size of the context window for the model, in tokens.
-    pub model_context_window: Option<u64>,
+    pub model_context_window: Option<i64>,

    /// Maximum number of output tokens.
-    pub model_max_output_tokens: Option<u64>,
+    pub model_max_output_tokens: Option<i64>,

    /// Token usage threshold triggering auto-compaction of conversation history.
    pub model_auto_compact_token_limit: Option<i64>,
@@ -843,6 +858,14 @@ pub struct ConfigToml {
    /// System instructions.
    pub instructions: Option<String>,

+    /// When set, restricts ChatGPT login to a specific workspace identifier.
+    #[serde(default)]
+    pub forced_chatgpt_workspace_id: Option<String>,
+
+    /// When set, restricts the login mechanism users may use.
+    #[serde(default)]
+    pub forced_login_method: Option<ForcedLoginMethod>,
+
    /// Definition for MCP servers that Codex can reach out to for tool calls.
    #[serde(default)]
    pub mcp_servers: HashMap<String, McpServerConfig>,
@@ -949,6 +972,8 @@ impl From<ConfigToml> for UserSavedConfig {
            approval_policy: config_toml.approval_policy,
            sandbox_mode: config_toml.sandbox_mode,
            sandbox_settings: config_toml.sandbox_workspace_write.map(From::from),
+            forced_chatgpt_workspace_id: config_toml.forced_chatgpt_workspace_id,
+            forced_login_method: config_toml.forced_login_method,
            model: config_toml.model,
            model_reasoning_effort: config_toml.model_reasoning_effort,
            model_reasoning_summary: config_toml.model_reasoning_summary,
@@ -1089,11 +1114,12 @@ pub struct ConfigOverrides {
    pub config_profile: Option<String>,
    pub codex_linux_sandbox_exe: Option<PathBuf>,
    pub base_instructions: Option<String>,
-    pub include_plan_tool: Option<bool>,
    pub include_apply_patch_tool: Option<bool>,
    pub include_view_image_tool: Option<bool>,
    pub show_raw_agent_reasoning: Option<bool>,
    pub tools_web_search_request: Option<bool>,
+    /// Additional directories that should be treated as writable roots for this session.
+    pub additional_writable_roots: Vec<PathBuf>,
 }

 impl Config {
@@ -1117,11 +1143,11 @@ impl Config {
            config_profile: config_profile_key,
            codex_linux_sandbox_exe,
            base_instructions,
-            include_plan_tool: include_plan_tool_override,
            include_apply_patch_tool: include_apply_patch_tool_override,
            include_view_image_tool: include_view_image_tool_override,
            show_raw_agent_reasoning,
            tools_web_search_request: override_tools_web_search_request,
+            additional_writable_roots,
        } = overrides;

        let active_profile_name = config_profile_key
@@ -1143,7 +1169,6 @@ impl Config {
        };

        let feature_overrides = FeatureOverrides {
-            include_plan_tool: include_plan_tool_override,
            include_apply_patch_tool: include_apply_patch_tool_override,
            include_view_image_tool: include_view_image_tool_override,
            web_search_request: override_tools_web_search_request,
@@ -1169,12 +1194,33 @@ impl Config {
                }
            }
        };
+        let additional_writable_roots: Vec<PathBuf> = additional_writable_roots
+            .into_iter()
+            .map(|path| {
+                let absolute = if path.is_absolute() {
+                    path
+                } else {
+                    resolved_cwd.join(path)
+                };
+                match canonicalize(&absolute) {
+                    Ok(canonical) => canonical,
+                    Err(_) => absolute,
+                }
+            })
+            .collect();
        let active_project = cfg
            .get_active_project(&resolved_cwd)
            .unwrap_or(ProjectConfig { trust_level: None });

-        let sandbox_policy = cfg.derive_sandbox_policy(sandbox_mode, &resolved_cwd);
-        let mut approval_policy = approval_policy_override
+        let mut sandbox_policy = cfg.derive_sandbox_policy(sandbox_mode, &resolved_cwd);
+        if let SandboxPolicy::WorkspaceWrite { writable_roots, .. } = &mut sandbox_policy {
+            for path in additional_writable_roots {
+                if !writable_roots.iter().any(|existing| existing == &path) {
+                    writable_roots.push(path);
+                }
+            }
+        }
+        let approval_policy = approval_policy_override
            .or(config_profile.approval_policy)
            .or(cfg.approval_policy)
            .unwrap_or_else(|| {
@@ -1217,7 +1263,6 @@ impl Config {

        let history = cfg.history.unwrap_or_default();

-        let include_plan_tool_flag = features.enabled(Feature::PlanTool);
        let include_apply_patch_tool_flag = features.enabled(Feature::ApplyPatchFreeform);
        let include_view_image_tool_flag = features.enabled(Feature::ViewImageTool);
        let tools_web_search_request = features.enabled(Feature::WebSearchRequest);
@@ -1225,6 +1270,18 @@ impl Config {
        let use_experimental_unified_exec_tool = features.enabled(Feature::UnifiedExec);
        let use_experimental_use_rmcp_client = features.enabled(Feature::RmcpClient);

+        let forced_chatgpt_workspace_id =
+            cfg.forced_chatgpt_workspace_id.as_ref().and_then(|value| {
+                let trimmed = value.trim();
+                if trimmed.is_empty() {
+                    None
+                } else {
+                    Some(trimmed.to_string())
+                }
+            });
+
+        let forced_login_method = cfg.forced_login_method;
+
        let model = model
            .or(config_profile.model)
            .or(cfg.model)
@@ -1271,10 +1328,6 @@ impl Config {
            .or(cfg.review_model)
            .unwrap_or_else(default_review_model);

-        if features.enabled(Feature::ApproveAll) {
-            approval_policy = AskForApproval::OnRequest;
-        }
-
        let config = Self {
            model,
            review_model,
@@ -1333,7 +1386,8 @@ impl Config {
                .chatgpt_base_url
                .or(cfg.chatgpt_base_url)
                .unwrap_or("https://chatgpt.com/backend-api/".to_string()),
-            include_plan_tool: include_plan_tool_flag,
+            forced_chatgpt_workspace_id,
+            forced_login_method,
            include_apply_patch_tool: include_apply_patch_tool_flag,
            tools_web_search_request,
            use_experimental_streamable_shell_tool,
@@ -1614,22 +1668,42 @@ trust_level = "trusted"
    }

    #[test]
-    fn approve_all_feature_forces_on_request_policy() -> std::io::Result<()> {
-        let cfg = r#"
-[features]
-approve_all = true
-"#;
-        let parsed = toml::from_str::<ConfigToml>(cfg)
-            .expect("TOML deserialization should succeed for approve_all feature");
+    fn add_dir_override_extends_workspace_writable_roots() -> std::io::Result<()> {
        let temp_dir = TempDir::new()?;
+        let frontend = temp_dir.path().join("frontend");
+        let backend = temp_dir.path().join("backend");
+        std::fs::create_dir_all(&frontend)?;
+        std::fs::create_dir_all(&backend)?;
+
+        let overrides = ConfigOverrides {
+            cwd: Some(frontend),
+            sandbox_mode: Some(SandboxMode::WorkspaceWrite),
+            additional_writable_roots: vec![PathBuf::from("../backend"), backend.clone()],
+            ..Default::default()
+        };
+
        let config = Config::load_from_base_config_with_overrides(
-            parsed,
-            ConfigOverrides::default(),
+            ConfigToml::default(),
+            overrides,
            temp_dir.path().to_path_buf(),
        )?;

-        assert!(config.features.enabled(Feature::ApproveAll));
-        assert_eq!(config.approval_policy, AskForApproval::OnRequest);
+        let expected_backend = canonicalize(&backend).expect("canonicalize backend directory");
+        match config.sandbox_policy {
+            SandboxPolicy::WorkspaceWrite { writable_roots, .. } => {
+                assert_eq!(
+                    writable_roots
+                        .iter()
+                        .filter(|root| **root == expected_backend)
+                        .count(),
+                    1,
+                    "expected single writable root entry for {}",
+                    expected_backend.display()
+                );
+            }
+            other => panic!("expected workspace-write policy, got {other:?}"),
+        }
+
        Ok(())
    }

@@ -1659,7 +1733,6 @@ approve_all = true
        profiles.insert(
            "work".to_string(),
            ConfigProfile {
-                include_plan_tool: Some(true),
                include_view_image_tool: Some(false),
                ..Default::default()
            },
@@ -1676,9 +1749,7 @@ approve_all = true
            codex_home.path().to_path_buf(),
        )?;

-        assert!(config.features.enabled(Feature::PlanTool));
        assert!(!config.features.enabled(Feature::ViewImageTool));
-        assert!(config.include_plan_tool);
        assert!(!config.include_view_image_tool);

        Ok(())
@@ -1688,7 +1759,6 @@ approve_all = true
    fn feature_table_overrides_legacy_flags() -> std::io::Result<()> {
        let codex_home = TempDir::new()?;
        let mut entries = BTreeMap::new();
-        entries.insert("plan_tool".to_string(), false);
        entries.insert("apply_patch_freeform".to_string(), false);
        let cfg = ConfigToml {
            features: Some(crate::features::FeaturesToml { entries }),
@@ -1701,9 +1771,7 @@ approve_all = true
            codex_home.path().to_path_buf(),
        )?;

-        assert!(!config.features.enabled(Feature::PlanTool));
        assert!(!config.features.enabled(Feature::ApplyPatchFreeform));
-        assert!(!config.include_plan_tool);
        assert!(!config.include_apply_patch_tool);

        Ok(())
@@ -1827,6 +1895,8 @@ approve_all = true
                enabled: true,
                startup_timeout_sec: Some(Duration::from_secs(3)),
                tool_timeout_sec: Some(Duration::from_secs(5)),
+                enabled_tools: None,
+                disabled_tools: None,
            },
        );

@@ -1963,6 +2033,8 @@ bearer_token = "secret"
                enabled: true,
                startup_timeout_sec: None,
                tool_timeout_sec: None,
+                enabled_tools: None,
+                disabled_tools: None,
            },
        )]);

@@ -2025,6 +2097,8 @@ ZIG_VAR = "3"
                enabled: true,
                startup_timeout_sec: None,
                tool_timeout_sec: None,
+                enabled_tools: None,
+                disabled_tools: None,
            },
        )]);

@@ -2067,6 +2141,8 @@ ZIG_VAR = "3"
                enabled: true,
                startup_timeout_sec: None,
                tool_timeout_sec: None,
+                enabled_tools: None,
+                disabled_tools: None,
            },
        )]);

@@ -2108,6 +2184,8 @@ ZIG_VAR = "3"
                enabled: true,
                startup_timeout_sec: Some(Duration::from_secs(2)),
                tool_timeout_sec: None,
+                enabled_tools: None,
+                disabled_tools: None,
            },
        )]);

@@ -2165,6 +2243,8 @@ startup_timeout_sec = 2.0
                enabled: true,
                startup_timeout_sec: Some(Duration::from_secs(2)),
                tool_timeout_sec: None,
+                enabled_tools: None,
+                disabled_tools: None,
            },
        )]);
        write_global_mcp_servers(codex_home.path(), &servers)?;
@@ -2234,6 +2314,8 @@ X-Auth = "DOCS_AUTH"
                enabled: true,
                startup_timeout_sec: Some(Duration::from_secs(2)),
                tool_timeout_sec: None,
+                enabled_tools: None,
+                disabled_tools: None,
            },
        )]);

@@ -2255,6 +2337,8 @@ X-Auth = "DOCS_AUTH"
                enabled: true,
                startup_timeout_sec: None,
                tool_timeout_sec: None,
+                enabled_tools: None,
+                disabled_tools: None,
            },
        );
        write_global_mcp_servers(codex_home.path(), &servers)?;
@@ -2314,6 +2398,8 @@ url = "https://example.com/mcp"
                    enabled: true,
                    startup_timeout_sec: Some(Duration::from_secs(2)),
                    tool_timeout_sec: None,
+                    enabled_tools: None,
+                    disabled_tools: None,
                },
            ),
            (
@@ -2329,6 +2415,8 @@ url = "https://example.com/mcp"
                    enabled: true,
                    startup_timeout_sec: None,
                    tool_timeout_sec: None,
+                    enabled_tools: None,
+                    disabled_tools: None,
                },
            ),
        ]);
@@ -2403,6 +2491,8 @@ url = "https://example.com/mcp"
                enabled: false,
                startup_timeout_sec: None,
                tool_timeout_sec: None,
+                enabled_tools: None,
+                disabled_tools: None,
            },
        )]);

@@ -2422,6 +2512,49 @@ url = "https://example.com/mcp"
        Ok(())
    }

+    #[tokio::test]
+    async fn write_global_mcp_servers_serializes_tool_filters() -> anyhow::Result<()> {
+        let codex_home = TempDir::new()?;
+
+        let servers = BTreeMap::from([(
+            "docs".to_string(),
+            McpServerConfig {
+                transport: McpServerTransportConfig::Stdio {
+                    command: "docs-server".to_string(),
+                    args: Vec::new(),
+                    env: None,
+                    env_vars: Vec::new(),
+                    cwd: None,
+                },
+                enabled: true,
+                startup_timeout_sec: None,
+                tool_timeout_sec: None,
+                enabled_tools: Some(vec!["allowed".to_string()]),
+                disabled_tools: Some(vec!["blocked".to_string()]),
+            },
+        )]);
+
+        write_global_mcp_servers(codex_home.path(), &servers)?;
+
+        let config_path = codex_home.path().join(CONFIG_TOML_FILE);
+        let serialized = std::fs::read_to_string(&config_path)?;
+        assert!(serialized.contains(r#"enabled_tools = ["allowed"]"#));
+        assert!(serialized.contains(r#"disabled_tools = ["blocked"]"#));
+
+        let loaded = load_global_mcp_servers(codex_home.path()).await?;
+        let docs = loaded.get("docs").expect("docs entry");
+        assert_eq!(
+            docs.enabled_tools.as_ref(),
+            Some(&vec!["allowed".to_string()])
+        );
+        assert_eq!(
+            docs.disabled_tools.as_ref(),
+            Some(&vec!["blocked".to_string()])
+        );
+
+        Ok(())
+    }
+
    #[tokio::test]
    async fn persist_model_selection_updates_defaults() -> anyhow::Result<()> {
        let codex_home = TempDir::new()?;
@@ -2644,6 +2777,7 @@ model_verbosity = "high"
            env_key: Some("OPENAI_API_KEY".to_string()),
            wire_api: crate::WireApi::Chat,
            env_key_instructions: None,
+            experimental_bearer_token: None,
            query_params: None,
            http_headers: None,
            env_http_headers: None,
@@ -2709,7 +2843,7 @@ model_verbosity = "high"
                model_family: find_family_for_model("o3").expect("known model slug"),
                model_context_window: Some(200_000),
                model_max_output_tokens: Some(100_000),
-                model_auto_compact_token_limit: None,
+                model_auto_compact_token_limit: Some(180_000),
                model_provider_id: "openai".to_string(),
                model_provider: fixture.openai_provider.clone(),
                approval_policy: AskForApproval::Never,
@@ -2735,7 +2869,8 @@ model_verbosity = "high"
                model_verbosity: None,
                chatgpt_base_url: "https://chatgpt.com/backend-api/".to_string(),
                base_instructions: None,
-                include_plan_tool: false,
+                forced_chatgpt_workspace_id: None,
+                forced_login_method: None,
                include_apply_patch_tool: false,
                tools_web_search_request: false,
                use_experimental_streamable_shell_tool: false,
@@ -2776,7 +2911,7 @@ model_verbosity = "high"
            model_family: find_family_for_model("gpt-3.5-turbo").expect("known model slug"),
            model_context_window: Some(16_385),
            model_max_output_tokens: Some(4_096),
-            model_auto_compact_token_limit: None,
+            model_auto_compact_token_limit: Some(14_746),
            model_provider_id: "openai-chat-completions".to_string(),
            model_provider: fixture.openai_chat_completions_provider.clone(),
            approval_policy: AskForApproval::UnlessTrusted,
@@ -2802,7 +2937,8 @@ model_verbosity = "high"
            model_verbosity: None,
            chatgpt_base_url: "https://chatgpt.com/backend-api/".to_string(),
            base_instructions: None,
-            include_plan_tool: false,
+            forced_chatgpt_workspace_id: None,
+            forced_login_method: None,
            include_apply_patch_tool: false,
            tools_web_search_request: false,
            use_experimental_streamable_shell_tool: false,
@@ -2858,7 +2994,7 @@ model_verbosity = "high"
            model_family: find_family_for_model("o3").expect("known model slug"),
            model_context_window: Some(200_000),
            model_max_output_tokens: Some(100_000),
-            model_auto_compact_token_limit: None,
+            model_auto_compact_token_limit: Some(180_000),
            model_provider_id: "openai".to_string(),
            model_provider: fixture.openai_provider.clone(),
            approval_policy: AskForApproval::OnFailure,
@@ -2884,7 +3020,8 @@ model_verbosity = "high"
            model_verbosity: None,
            chatgpt_base_url: "https://chatgpt.com/backend-api/".to_string(),
            base_instructions: None,
-            include_plan_tool: false,
+            forced_chatgpt_workspace_id: None,
+            forced_login_method: None,
            include_apply_patch_tool: false,
            tools_web_search_request: false,
            use_experimental_streamable_shell_tool: false,
@@ -2926,7 +3063,7 @@ model_verbosity = "high"
            model_family: find_family_for_model("gpt-5").expect("known model slug"),
            model_context_window: Some(272_000),
            model_max_output_tokens: Some(128_000),
-            model_auto_compact_token_limit: None,
+            model_auto_compact_token_limit: Some(244_800),
            model_provider_id: "openai".to_string(),
            model_provider: fixture.openai_provider.clone(),
            approval_policy: AskForApproval::OnFailure,
@@ -2952,7 +3089,8 @@ model_verbosity = "high"
            model_verbosity: Some(Verbosity::High),
            chatgpt_base_url: "https://chatgpt.com/backend-api/".to_string(),
            base_instructions: None,
-            include_plan_tool: false,
+            forced_chatgpt_workspace_id: None,
+            forced_login_method: None,
            include_apply_patch_tool: false,
            tools_web_search_request: false,
            use_experimental_streamable_shell_tool: false,
--- a/codex-rs/core/src/config_profile.rs
+++ b/codex-rs/core/src/config_profile.rs
@@ -20,7 +20,6 @@ pub struct ConfigProfile {
    pub model_verbosity: Option<Verbosity>,
    pub chatgpt_base_url: Option<String>,
    pub experimental_instructions_file: Option<PathBuf>,
-    pub include_plan_tool: Option<bool>,
    pub include_apply_patch_tool: Option<bool>,
    pub include_view_image_tool: Option<bool>,
    pub experimental_use_unified_exec_tool: Option<bool>,
--- a/codex-rs/core/src/config_types.rs
+++ b/codex-rs/core/src/config_types.rs
@@ -35,6 +35,14 @@ pub struct McpServerConfig {
    /// Default timeout for MCP tool calls initiated via this server.
    #[serde(default, with = "option_duration_secs")]
    pub tool_timeout_sec: Option<Duration>,
+
+    /// Explicit allow-list of tools exposed from this server. When set, only these tools will be registered.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub enabled_tools: Option<Vec<String>>,
+
+    /// Explicit deny-list of tools. These tools will be removed after applying `enabled_tools`.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    pub disabled_tools: Option<Vec<String>>,
 }

 impl<'de> Deserialize<'de> for McpServerConfig {
@@ -42,7 +50,7 @@ impl<'de> Deserialize<'de> for McpServerConfig {
    where
        D: Deserializer<'de>,
    {
-        #[derive(Deserialize)]
+        #[derive(Deserialize, Clone)]
        struct RawMcpServerConfig {
            // stdio
            command: Option<String>,
@@ -72,9 +80,13 @@ impl<'de> Deserialize<'de> for McpServerConfig {
            tool_timeout_sec: Option<Duration>,
            #[serde(default)]
            enabled: Option<bool>,
+            #[serde(default)]
+            enabled_tools: Option<Vec<String>>,
+            #[serde(default)]
+            disabled_tools: Option<Vec<String>>,
        }

-        let raw = RawMcpServerConfig::deserialize(deserializer)?;
+        let mut raw = RawMcpServerConfig::deserialize(deserializer)?;

        let startup_timeout_sec = match (raw.startup_timeout_sec, raw.startup_timeout_ms) {
            (Some(sec), _) => {
@@ -84,6 +96,10 @@ impl<'de> Deserialize<'de> for McpServerConfig {
            (None, Some(ms)) => Some(Duration::from_millis(ms)),
            (None, None) => None,
        };
+        let tool_timeout_sec = raw.tool_timeout_sec;
+        let enabled = raw.enabled.unwrap_or_else(default_enabled);
+        let enabled_tools = raw.enabled_tools.clone();
+        let disabled_tools = raw.disabled_tools.clone();

        fn throw_if_set<E, T>(transport: &str, field: &str, value: Option<&T>) -> Result<(), E>
        where
@@ -97,72 +113,46 @@ impl<'de> Deserialize<'de> for McpServerConfig {
            )))
        }

-        let transport = match raw {
-            RawMcpServerConfig {
-                command: Some(command),
-                args,
-                env,
-                env_vars,
-                cwd,
-                url,
-                bearer_token_env_var,
-                http_headers,
-                env_http_headers,
-                ..
-            } => {
-                throw_if_set("stdio", "url", url.as_ref())?;
-                throw_if_set(
-                    "stdio",
-                    "bearer_token_env_var",
-                    bearer_token_env_var.as_ref(),
-                )?;
-                throw_if_set("stdio", "http_headers", http_headers.as_ref())?;
-                throw_if_set("stdio", "env_http_headers", env_http_headers.as_ref())?;
-                McpServerTransportConfig::Stdio {
-                    command,
-                    args: args.unwrap_or_default(),
-                    env,
-                    env_vars: env_vars.unwrap_or_default(),
-                    cwd,
-                }
-            }
-            RawMcpServerConfig {
-                url: Some(url),
-                bearer_token,
-                bearer_token_env_var,
+        let transport = if let Some(command) = raw.command.clone() {
+            throw_if_set("stdio", "url", raw.url.as_ref())?;
+            throw_if_set(
+                "stdio",
+                "bearer_token_env_var",
+                raw.bearer_token_env_var.as_ref(),
+            )?;
+            throw_if_set("stdio", "bearer_token", raw.bearer_token.as_ref())?;
+            throw_if_set("stdio", "http_headers", raw.http_headers.as_ref())?;
+            throw_if_set("stdio", "env_http_headers", raw.env_http_headers.as_ref())?;
+            McpServerTransportConfig::Stdio {
                command,
-                args,
-                env,
-                env_vars,
-                cwd,
-                http_headers,
-                env_http_headers,
-                startup_timeout_sec: _,
-                tool_timeout_sec: _,
-                startup_timeout_ms: _,
-                enabled: _,
-            } => {
-                throw_if_set("streamable_http", "command", command.as_ref())?;
-                throw_if_set("streamable_http", "args", args.as_ref())?;
-                throw_if_set("streamable_http", "env", env.as_ref())?;
-                throw_if_set("streamable_http", "env_vars", env_vars.as_ref())?;
-                throw_if_set("streamable_http", "cwd", cwd.as_ref())?;
-                throw_if_set("streamable_http", "bearer_token", bearer_token.as_ref())?;
-                McpServerTransportConfig::StreamableHttp {
-                    url,
-                    bearer_token_env_var,
-                    http_headers,
-                    env_http_headers,
-                }
+                args: raw.args.clone().unwrap_or_default(),
+                env: raw.env.clone(),
+                env_vars: raw.env_vars.clone().unwrap_or_default(),
+                cwd: raw.cwd.take(),
            }
-            _ => return Err(SerdeError::custom("invalid transport")),
+        } else if let Some(url) = raw.url.clone() {
+            throw_if_set("streamable_http", "args", raw.args.as_ref())?;
+            throw_if_set("streamable_http", "env", raw.env.as_ref())?;
+            throw_if_set("streamable_http", "env_vars", raw.env_vars.as_ref())?;
+            throw_if_set("streamable_http", "cwd", raw.cwd.as_ref())?;
+            throw_if_set("streamable_http", "bearer_token", raw.bearer_token.as_ref())?;
+            McpServerTransportConfig::StreamableHttp {
+                url,
+                bearer_token_env_var: raw.bearer_token_env_var.clone(),
+                http_headers: raw.http_headers.clone(),
+                env_http_headers: raw.env_http_headers.take(),
+            }
+        } else {
+            return Err(SerdeError::custom("invalid transport"));
        };

        Ok(Self {
            transport,
            startup_timeout_sec,
-            tool_timeout_sec: raw.tool_timeout_sec,
-            enabled: raw.enabled.unwrap_or_else(default_enabled),
+            tool_timeout_sec,
+            enabled,
+            enabled_tools,
+            disabled_tools,
        })
    }
 }
@@ -527,6 +517,8 @@ mod tests {
            }
        );
        assert!(cfg.enabled);
+        assert!(cfg.enabled_tools.is_none());
+        assert!(cfg.disabled_tools.is_none());
    }

    #[test]
@@ -701,6 +693,21 @@ mod tests {
        );
    }

+    #[test]
+    fn deserialize_server_config_with_tool_filters() {
+        let cfg: McpServerConfig = toml::from_str(
+            r#"
+            command = "echo"
+            enabled_tools = ["allowed"]
+            disabled_tools = ["blocked"]
+        "#,
+        )
+        .expect("should deserialize tool filters");
+
+        assert_eq!(cfg.enabled_tools, Some(vec!["allowed".to_string()]));
+        assert_eq!(cfg.disabled_tools, Some(vec!["blocked".to_string()]));
+    }
+
    #[test]
    fn deserialize_rejects_command_and_url() {
        toml::from_str::<McpServerConfig>(
--- a/codex-rs/core/src/context_manager/manager.rs
+++ b/codex-rs/core/src/context_manager/manager.rs
@@ -0,0 +1,970 @@
+use crate::context_manager::truncation::truncate_context_output;
+use codex_protocol::models::FunctionCallOutputPayload;
+use codex_protocol::models::ResponseItem;
+use codex_protocol::protocol::TokenUsage;
+use codex_protocol::protocol::TokenUsageInfo;
+use tracing::error;
+
+/// Transcript of conversation history
+#[derive(Debug, Clone, Default)]
+pub(crate) struct ContextManager {
+    /// The oldest items are at the beginning of the vector.
+    items: Vec<ResponseItem>,
+    token_info: Option<TokenUsageInfo>,
+}
+
+impl ContextManager {
+    pub(crate) fn new() -> Self {
+        Self {
+            items: Vec::new(),
+            token_info: TokenUsageInfo::new_or_append(&None, &None, None),
+        }
+    }
+
+    pub(crate) fn token_info(&self) -> Option<TokenUsageInfo> {
+        self.token_info.clone()
+    }
+
+    pub(crate) fn set_token_usage_full(&mut self, context_window: i64) {
+        match &mut self.token_info {
+            Some(info) => info.fill_to_context_window(context_window),
+            None => {
+                self.token_info = Some(TokenUsageInfo::full_context_window(context_window));
+            }
+        }
+    }
+
+    /// `items` is ordered from oldest to newest.
+    pub(crate) fn record_items<I>(&mut self, items: I)
+    where
+        I: IntoIterator,
+        I::Item: std::ops::Deref<Target = ResponseItem>,
+    {
+        for item in items {
+            if !is_api_message(&item) {
+                continue;
+            }
+
+            let processed = Self::process_item(&item);
+            self.items.push(processed);
+        }
+    }
+
+    pub(crate) fn get_history(&mut self) -> Vec<ResponseItem> {
+        self.normalize_history();
+        self.contents()
+    }
+
+    pub(crate) fn remove_first_item(&mut self) {
+        if !self.items.is_empty() {
+            // Remove the oldest item (front of the list). Items are ordered from
+            // oldest → newest, so index 0 is the first entry recorded.
+            let removed = self.items.remove(0);
+            // If the removed item participates in a call/output pair, also remove
+            // its corresponding counterpart to keep the invariants intact without
+            // running a full normalization pass.
+            self.remove_corresponding_for(&removed);
+        }
+    }
+
+    /// This function enforces a couple of invariants on the in-memory history:
+    /// 1. every call (function/custom) has a corresponding output entry
+    /// 2. every output has a corresponding call entry
+    fn normalize_history(&mut self) {
+        // all function/tool calls must have a corresponding output
+        self.ensure_call_outputs_present();
+
+        // all outputs must have a corresponding function/tool call
+        self.remove_orphan_outputs();
+    }
+
+    fn process_item(item: &ResponseItem) -> ResponseItem {
+        match item {
+            ResponseItem::FunctionCallOutput { call_id, output } => {
+                let truncated_content = truncate_context_output(output.content.as_str());
+                ResponseItem::FunctionCallOutput {
+                    call_id: call_id.clone(),
+                    output: FunctionCallOutputPayload {
+                        content: truncated_content,
+                        success: output.success,
+                    },
+                }
+            }
+            ResponseItem::CustomToolCallOutput { call_id, output } => {
+                let truncated = truncate_context_output(output);
+                ResponseItem::CustomToolCallOutput {
+                    call_id: call_id.clone(),
+                    output: truncated,
+                }
+            }
+            _ => item.clone(),
+        }
+    }
+
+    /// Returns a clone of the contents in the transcript.
+    fn contents(&self) -> Vec<ResponseItem> {
+        self.items.clone()
+    }
+
+    fn ensure_call_outputs_present(&mut self) {
+        // Collect synthetic outputs to insert immediately after their calls.
+        // Store the insertion position (index of call) alongside the item so
+        // we can insert in reverse order and avoid index shifting.
+        let mut missing_outputs_to_insert: Vec<(usize, ResponseItem)> = Vec::new();
+
+        for (idx, item) in self.items.iter().enumerate() {
+            match item {
+                ResponseItem::FunctionCall { call_id, .. } => {
+                    let has_output = self.items.iter().any(|i| match i {
+                        ResponseItem::FunctionCallOutput {
+                            call_id: existing, ..
+                        } => existing == call_id,
+                        _ => false,
+                    });
+
+                    if !has_output {
+                        error_or_panic(format!(
+                            "Function call output is missing for call id: {call_id}"
+                        ));
+                        missing_outputs_to_insert.push((
+                            idx,
+                            ResponseItem::FunctionCallOutput {
+                                call_id: call_id.clone(),
+                                output: FunctionCallOutputPayload {
+                                    content: truncate_context_output("aborted"),
+                                    success: None,
+                                },
+                            },
+                        ));
+                    }
+                }
+                ResponseItem::CustomToolCall { call_id, .. } => {
+                    let has_output = self.items.iter().any(|i| match i {
+                        ResponseItem::CustomToolCallOutput {
+                            call_id: existing, ..
+                        } => existing == call_id,
+                        _ => false,
+                    });
+
+                    if !has_output {
+                        error_or_panic(format!(
+                            "Custom tool call output is missing for call id: {call_id}"
+                        ));
+                        missing_outputs_to_insert.push((
+                            idx,
+                            ResponseItem::CustomToolCallOutput {
+                                call_id: call_id.clone(),
+                                output: truncate_context_output("aborted"),
+                            },
+                        ));
+                    }
+                }
+                // LocalShellCall is represented in upstream streams by a FunctionCallOutput
+                ResponseItem::LocalShellCall { call_id, .. } => {
+                    if let Some(call_id) = call_id.as_ref() {
+                        let has_output = self.items.iter().any(|i| match i {
+                            ResponseItem::FunctionCallOutput {
+                                call_id: existing, ..
+                            } => existing == call_id,
+                            _ => false,
+                        });
+
+                        if !has_output {
+                            error_or_panic(format!(
+                                "Local shell call output is missing for call id: {call_id}"
+                            ));
+                            missing_outputs_to_insert.push((
+                                idx,
+                                ResponseItem::FunctionCallOutput {
+                                    call_id: call_id.clone(),
+                                    output: FunctionCallOutputPayload {
+                                        content: truncate_context_output("aborted"),
+                                        success: None,
+                                    },
+                                },
+                            ));
+                        }
+                    }
+                }
+                ResponseItem::Reasoning { .. }
+                | ResponseItem::WebSearchCall { .. }
+                | ResponseItem::FunctionCallOutput { .. }
+                | ResponseItem::CustomToolCallOutput { .. }
+                | ResponseItem::Other
+                | ResponseItem::Message { .. } => {
+                    // nothing to do for these variants
+                }
+            }
+        }
+
+        if !missing_outputs_to_insert.is_empty() {
+            // Insert from the end to avoid shifting subsequent indices.
+            missing_outputs_to_insert.sort_by_key(|(i, _)| *i);
+            for (idx, item) in missing_outputs_to_insert.into_iter().rev() {
+                let insert_pos = idx + 1; // place immediately after the call
+                if insert_pos <= self.items.len() {
+                    self.items.insert(insert_pos, item);
+                } else {
+                    self.items.push(item);
+                }
+            }
+        }
+    }
+
+    fn remove_orphan_outputs(&mut self) {
+        // Work on a snapshot to avoid borrowing `self.items` while mutating it.
+        let snapshot = self.items.clone();
+        let mut orphan_output_call_ids: std::collections::HashSet<String> =
+            std::collections::HashSet::new();
+
+        for item in &snapshot {
+            match item {
+                ResponseItem::FunctionCallOutput { call_id, .. } => {
+                    let has_call = snapshot.iter().any(|i| match i {
+                        ResponseItem::FunctionCall {
+                            call_id: existing, ..
+                        } => existing == call_id,
+                        ResponseItem::LocalShellCall {
+                            call_id: Some(existing),
+                            ..
+                        } => existing == call_id,
+                        _ => false,
+                    });
+
+                    if !has_call {
+                        error_or_panic(format!("Function call is missing for call id: {call_id}"));
+                        orphan_output_call_ids.insert(call_id.clone());
+                    }
+                }
+                ResponseItem::CustomToolCallOutput { call_id, .. } => {
+                    let has_call = snapshot.iter().any(|i| match i {
+                        ResponseItem::CustomToolCall {
+                            call_id: existing, ..
+                        } => existing == call_id,
+                        _ => false,
+                    });
+
+                    if !has_call {
+                        error_or_panic(format!(
+                            "Custom tool call is missing for call id: {call_id}"
+                        ));
+                        orphan_output_call_ids.insert(call_id.clone());
+                    }
+                }
+                ResponseItem::FunctionCall { .. }
+                | ResponseItem::CustomToolCall { .. }
+                | ResponseItem::LocalShellCall { .. }
+                | ResponseItem::Reasoning { .. }
+                | ResponseItem::WebSearchCall { .. }
+                | ResponseItem::Other
+                | ResponseItem::Message { .. } => {
+                    // nothing to do for these variants
+                }
+            }
+        }
+
+        if !orphan_output_call_ids.is_empty() {
+            let ids = orphan_output_call_ids;
+            self.items.retain(|i| match i {
+                ResponseItem::FunctionCallOutput { call_id, .. }
+                | ResponseItem::CustomToolCallOutput { call_id, .. } => !ids.contains(call_id),
+                _ => true,
+            });
+        }
+    }
+
+    pub(crate) fn replace(&mut self, items: Vec<ResponseItem>) {
+        self.items = items
+            .into_iter()
+            .map(|item| Self::process_item(&item))
+            .collect();
+    }
+
+    /// Removes the corresponding paired item for the provided `item`, if any.
+    ///
+    /// Pairs:
+    /// - FunctionCall <-> FunctionCallOutput
+    /// - CustomToolCall <-> CustomToolCallOutput
+    /// - LocalShellCall(call_id: Some) <-> FunctionCallOutput
+    fn remove_corresponding_for(&mut self, item: &ResponseItem) {
+        match item {
+            ResponseItem::FunctionCall { call_id, .. } => {
+                self.remove_first_matching(|i| match i {
+                    ResponseItem::FunctionCallOutput {
+                        call_id: existing, ..
+                    } => existing == call_id,
+                    _ => false,
+                });
+            }
+            ResponseItem::CustomToolCall { call_id, .. } => {
+                self.remove_first_matching(|i| match i {
+                    ResponseItem::CustomToolCallOutput {
+                        call_id: existing, ..
+                    } => existing == call_id,
+                    _ => false,
+                });
+            }
+            ResponseItem::LocalShellCall {
+                call_id: Some(call_id),
+                ..
+            } => {
+                self.remove_first_matching(|i| match i {
+                    ResponseItem::FunctionCallOutput {
+                        call_id: existing, ..
+                    } => existing == call_id,
+                    _ => false,
+                });
+            }
+            ResponseItem::FunctionCallOutput { call_id, .. } => {
+                self.remove_first_matching(|i| match i {
+                    ResponseItem::FunctionCall {
+                        call_id: existing, ..
+                    } => existing == call_id,
+                    ResponseItem::LocalShellCall {
+                        call_id: Some(existing),
+                        ..
+                    } => existing == call_id,
+                    _ => false,
+                });
+            }
+            ResponseItem::CustomToolCallOutput { call_id, .. } => {
+                self.remove_first_matching(|i| match i {
+                    ResponseItem::CustomToolCall {
+                        call_id: existing, ..
+                    } => existing == call_id,
+                    _ => false,
+                });
+            }
+            _ => {}
+        }
+    }
+
+    /// Remove the first item matching the predicate.
+    fn remove_first_matching<F>(&mut self, predicate: F)
+    where
+        F: FnMut(&ResponseItem) -> bool,
+    {
+        if let Some(pos) = self.items.iter().position(predicate) {
+            self.items.remove(pos);
+        }
+    }
+
+    pub(crate) fn update_token_info(
+        &mut self,
+        usage: &TokenUsage,
+        model_context_window: Option<i64>,
+    ) {
+        self.token_info = TokenUsageInfo::new_or_append(
+            &self.token_info,
+            &Some(usage.clone()),
+            model_context_window,
+        );
+    }
+}
+
+#[inline]
+fn error_or_panic(message: String) {
+    if cfg!(debug_assertions) || env!("CARGO_PKG_VERSION").contains("alpha") {
+        panic!("{message}");
+    } else {
+        error!("{message}");
+    }
+}
+
+/// Anything that is not a system message or "reasoning" message is considered
+/// an API message.
+fn is_api_message(message: &ResponseItem) -> bool {
+    match message {
+        ResponseItem::Message { role, .. } => role.as_str() != "system",
+        ResponseItem::FunctionCallOutput { .. }
+        | ResponseItem::FunctionCall { .. }
+        | ResponseItem::CustomToolCall { .. }
+        | ResponseItem::CustomToolCallOutput { .. }
+        | ResponseItem::LocalShellCall { .. }
+        | ResponseItem::Reasoning { .. }
+        | ResponseItem::WebSearchCall { .. } => true,
+        ResponseItem::Other => false,
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use crate::context_manager::truncation::TELEMETRY_PREVIEW_MAX_BYTES;
+    use crate::context_manager::truncation::TELEMETRY_PREVIEW_TRUNCATION_NOTICE;
+    use codex_protocol::models::ContentItem;
+    use codex_protocol::models::FunctionCallOutputPayload;
+    use codex_protocol::models::LocalShellAction;
+    use codex_protocol::models::LocalShellExecAction;
+    use codex_protocol::models::LocalShellStatus;
+    use pretty_assertions::assert_eq;
+
+    fn assistant_msg(text: &str) -> ResponseItem {
+        ResponseItem::Message {
+            id: None,
+            role: "assistant".to_string(),
+            content: vec![ContentItem::OutputText {
+                text: text.to_string(),
+            }],
+        }
+    }
+
+    fn create_history_with_items(items: Vec<ResponseItem>) -> ContextManager {
+        let mut h = ContextManager::new();
+        h.record_items(items.iter());
+        h
+    }
+
+    fn user_msg(text: &str) -> ResponseItem {
+        ResponseItem::Message {
+            id: None,
+            role: "user".to_string(),
+            content: vec![ContentItem::OutputText {
+                text: text.to_string(),
+            }],
+        }
+    }
+
+    #[test]
+    fn filters_non_api_messages() {
+        let mut h = ContextManager::default();
+        // System message is not an API message; Other is ignored.
+        let system = ResponseItem::Message {
+            id: None,
+            role: "system".to_string(),
+            content: vec![ContentItem::OutputText {
+                text: "ignored".to_string(),
+            }],
+        };
+        h.record_items([&system, &ResponseItem::Other]);
+
+        // User and assistant should be retained.
+        let u = user_msg("hi");
+        let a = assistant_msg("hello");
+        h.record_items([&u, &a]);
+
+        let items = h.contents();
+        assert_eq!(
+            items,
+            vec![
+                ResponseItem::Message {
+                    id: None,
+                    role: "user".to_string(),
+                    content: vec![ContentItem::OutputText {
+                        text: "hi".to_string()
+                    }]
+                },
+                ResponseItem::Message {
+                    id: None,
+                    role: "assistant".to_string(),
+                    content: vec![ContentItem::OutputText {
+                        text: "hello".to_string()
+                    }]
+                }
+            ]
+        );
+    }
+
+    #[test]
+    fn record_items_truncates_function_call_output() {
+        let mut h = ContextManager::new();
+        let long_content = "a".repeat(TELEMETRY_PREVIEW_MAX_BYTES + 32);
+        let item = ResponseItem::FunctionCallOutput {
+            call_id: "call-long".to_string(),
+            output: FunctionCallOutputPayload {
+                content: long_content.clone(),
+                success: Some(true),
+            },
+        };
+
+        h.record_items([&item]);
+
+        let stored = h.contents();
+        let ResponseItem::FunctionCallOutput { output, .. } = &stored[0] else {
+            panic!("expected FunctionCallOutput variant");
+        };
+        assert!(
+            output
+                .content
+                .ends_with(TELEMETRY_PREVIEW_TRUNCATION_NOTICE),
+            "truncated content should end with notice"
+        );
+        assert!(
+            output.content.len() < long_content.len(),
+            "content should shrink after truncation"
+        );
+    }
+
+    #[test]
+    fn record_items_truncates_custom_tool_output() {
+        let mut h = ContextManager::new();
+        let long_content = "b".repeat(TELEMETRY_PREVIEW_MAX_BYTES + 64);
+        let item = ResponseItem::CustomToolCallOutput {
+            call_id: "custom-long".to_string(),
+            output: long_content.clone(),
+        };
+
+        h.record_items([&item]);
+
+        let stored = h.contents();
+        let ResponseItem::CustomToolCallOutput { output, .. } = &stored[0] else {
+            panic!("expected CustomToolCallOutput variant");
+        };
+        assert!(
+            output.ends_with(TELEMETRY_PREVIEW_TRUNCATION_NOTICE),
+            "truncated output should end with notice"
+        );
+        assert!(
+            output.len() < long_content.len(),
+            "output should shrink after truncation"
+        );
+    }
+
+    #[test]
+    fn remove_first_item_removes_matching_output_for_function_call() {
+        let items = vec![
+            ResponseItem::FunctionCall {
+                id: None,
+                name: "do_it".to_string(),
+                arguments: "{}".to_string(),
+                call_id: "call-1".to_string(),
+            },
+            ResponseItem::FunctionCallOutput {
+                call_id: "call-1".to_string(),
+                output: FunctionCallOutputPayload {
+                    content: "ok".to_string(),
+                    success: None,
+                },
+            },
+        ];
+        let mut h = create_history_with_items(items);
+        h.remove_first_item();
+        assert_eq!(h.contents(), vec![]);
+    }
+
+    #[test]
+    fn remove_first_item_removes_matching_call_for_output() {
+        let items = vec![
+            ResponseItem::FunctionCallOutput {
+                call_id: "call-2".to_string(),
+                output: FunctionCallOutputPayload {
+                    content: "ok".to_string(),
+                    success: None,
+                },
+            },
+            ResponseItem::FunctionCall {
+                id: None,
+                name: "do_it".to_string(),
+                arguments: "{}".to_string(),
+                call_id: "call-2".to_string(),
+            },
+        ];
+        let mut h = create_history_with_items(items);
+        h.remove_first_item();
+        assert_eq!(h.contents(), vec![]);
+    }
+
+    #[test]
+    fn remove_first_item_handles_local_shell_pair() {
+        let items = vec![
+            ResponseItem::LocalShellCall {
+                id: None,
+                call_id: Some("call-3".to_string()),
+                status: LocalShellStatus::Completed,
+                action: LocalShellAction::Exec(LocalShellExecAction {
+                    command: vec!["echo".to_string(), "hi".to_string()],
+                    timeout_ms: None,
+                    working_directory: None,
+                    env: None,
+                    user: None,
+                }),
+            },
+            ResponseItem::FunctionCallOutput {
+                call_id: "call-3".to_string(),
+                output: FunctionCallOutputPayload {
+                    content: "ok".to_string(),
+                    success: None,
+                },
+            },
+        ];
+        let mut h = create_history_with_items(items);
+        h.remove_first_item();
+        assert_eq!(h.contents(), vec![]);
+    }
+
+    #[test]
+    fn remove_first_item_handles_custom_tool_pair() {
+        let items = vec![
+            ResponseItem::CustomToolCall {
+                id: None,
+                status: None,
+                call_id: "tool-1".to_string(),
+                name: "my_tool".to_string(),
+                input: "{}".to_string(),
+            },
+            ResponseItem::CustomToolCallOutput {
+                call_id: "tool-1".to_string(),
+                output: "ok".to_string(),
+            },
+        ];
+        let mut h = create_history_with_items(items);
+        h.remove_first_item();
+        assert_eq!(h.contents(), vec![]);
+    }
+
+    //TODO(aibrahim): run CI in release mode.
+    #[cfg(not(debug_assertions))]
+    #[test]
+    fn normalize_adds_missing_output_for_function_call() {
+        let items = vec![ResponseItem::FunctionCall {
+            id: None,
+            name: "do_it".to_string(),
+            arguments: "{}".to_string(),
+            call_id: "call-x".to_string(),
+        }];
+        let mut h = create_history_with_items(items);
+
+        h.normalize_history();
+
+        assert_eq!(
+            h.contents(),
+            vec![
+                ResponseItem::FunctionCall {
+                    id: None,
+                    name: "do_it".to_string(),
+                    arguments: "{}".to_string(),
+                    call_id: "call-x".to_string(),
+                },
+                ResponseItem::FunctionCallOutput {
+                    call_id: "call-x".to_string(),
+                    output: FunctionCallOutputPayload {
+                        content: "aborted".to_string(),
+                        success: None,
+                    },
+                },
+            ]
+        );
+    }
+
+    #[cfg(not(debug_assertions))]
+    #[test]
+    fn normalize_adds_missing_output_for_custom_tool_call() {
+        let items = vec![ResponseItem::CustomToolCall {
+            id: None,
+            status: None,
+            call_id: "tool-x".to_string(),
+            name: "custom".to_string(),
+            input: "{}".to_string(),
+        }];
+        let mut h = create_history_with_items(items);
+
+        h.normalize_history();
+
+        assert_eq!(
+            h.contents(),
+            vec![
+                ResponseItem::CustomToolCall {
+                    id: None,
+                    status: None,
+                    call_id: "tool-x".to_string(),
+                    name: "custom".to_string(),
+                    input: "{}".to_string(),
+                },
+                ResponseItem::CustomToolCallOutput {
+                    call_id: "tool-x".to_string(),
+                    output: "aborted".to_string(),
+                },
+            ]
+        );
+    }
+
+    #[cfg(not(debug_assertions))]
+    #[test]
+    fn normalize_adds_missing_output_for_local_shell_call_with_id() {
+        let items = vec![ResponseItem::LocalShellCall {
+            id: None,
+            call_id: Some("shell-1".to_string()),
+            status: LocalShellStatus::Completed,
+            action: LocalShellAction::Exec(LocalShellExecAction {
+                command: vec!["echo".to_string(), "hi".to_string()],
+                timeout_ms: None,
+                working_directory: None,
+                env: None,
+                user: None,
+            }),
+        }];
+        let mut h = create_history_with_items(items);
+
+        h.normalize_history();
+
+        assert_eq!(
+            h.contents(),
+            vec![
+                ResponseItem::LocalShellCall {
+                    id: None,
+                    call_id: Some("shell-1".to_string()),
+                    status: LocalShellStatus::Completed,
+                    action: LocalShellAction::Exec(LocalShellExecAction {
+                        command: vec!["echo".to_string(), "hi".to_string()],
+                        timeout_ms: None,
+                        working_directory: None,
+                        env: None,
+                        user: None,
+                    }),
+                },
+                ResponseItem::FunctionCallOutput {
+                    call_id: "shell-1".to_string(),
+                    output: FunctionCallOutputPayload {
+                        content: "aborted".to_string(),
+                        success: None,
+                    },
+                },
+            ]
+        );
+    }
+
+    #[cfg(not(debug_assertions))]
+    #[test]
+    fn normalize_removes_orphan_function_call_output() {
+        let items = vec![ResponseItem::FunctionCallOutput {
+            call_id: "orphan-1".to_string(),
+            output: FunctionCallOutputPayload {
+                content: "ok".to_string(),
+                success: None,
+            },
+        }];
+        let mut h = create_history_with_items(items);
+
+        h.normalize_history();
+
+        assert_eq!(h.contents(), vec![]);
+    }
+
+    #[cfg(not(debug_assertions))]
+    #[test]
+    fn normalize_removes_orphan_custom_tool_call_output() {
+        let items = vec![ResponseItem::CustomToolCallOutput {
+            call_id: "orphan-2".to_string(),
+            output: "ok".to_string(),
+        }];
+        let mut h = create_history_with_items(items);
+
+        h.normalize_history();
+
+        assert_eq!(h.contents(), vec![]);
+    }
+
+    #[cfg(not(debug_assertions))]
+    #[test]
+    fn normalize_mixed_inserts_and_removals() {
+        let items = vec![
+            // Will get an inserted output
+            ResponseItem::FunctionCall {
+                id: None,
+                name: "f1".to_string(),
+                arguments: "{}".to_string(),
+                call_id: "c1".to_string(),
+            },
+            // Orphan output that should be removed
+            ResponseItem::FunctionCallOutput {
+                call_id: "c2".to_string(),
+                output: FunctionCallOutputPayload {
+                    content: "ok".to_string(),
+                    success: None,
+                },
+            },
+            // Will get an inserted custom tool output
+            ResponseItem::CustomToolCall {
+                id: None,
+                status: None,
+                call_id: "t1".to_string(),
+                name: "tool".to_string(),
+                input: "{}".to_string(),
+            },
+            // Local shell call also gets an inserted function call output
+            ResponseItem::LocalShellCall {
+                id: None,
+                call_id: Some("s1".to_string()),
+                status: LocalShellStatus::Completed,
+                action: LocalShellAction::Exec(LocalShellExecAction {
+                    command: vec!["echo".to_string()],
+                    timeout_ms: None,
+                    working_directory: None,
+                    env: None,
+                    user: None,
+                }),
+            },
+        ];
+        let mut h = create_history_with_items(items);
+
+        h.normalize_history();
+
+        assert_eq!(
+            h.contents(),
+            vec![
+                ResponseItem::FunctionCall {
+                    id: None,
+                    name: "f1".to_string(),
+                    arguments: "{}".to_string(),
+                    call_id: "c1".to_string(),
+                },
+                ResponseItem::FunctionCallOutput {
+                    call_id: "c1".to_string(),
+                    output: FunctionCallOutputPayload {
+                        content: "aborted".to_string(),
+                        success: None,
+                    },
+                },
+                ResponseItem::CustomToolCall {
+                    id: None,
+                    status: None,
+                    call_id: "t1".to_string(),
+                    name: "tool".to_string(),
+                    input: "{}".to_string(),
+                },
+                ResponseItem::CustomToolCallOutput {
+                    call_id: "t1".to_string(),
+                    output: "aborted".to_string(),
+                },
+                ResponseItem::LocalShellCall {
+                    id: None,
+                    call_id: Some("s1".to_string()),
+                    status: LocalShellStatus::Completed,
+                    action: LocalShellAction::Exec(LocalShellExecAction {
+                        command: vec!["echo".to_string()],
+                        timeout_ms: None,
+                        working_directory: None,
+                        env: None,
+                        user: None,
+                    }),
+                },
+                ResponseItem::FunctionCallOutput {
+                    call_id: "s1".to_string(),
+                    output: FunctionCallOutputPayload {
+                        content: "aborted".to_string(),
+                        success: None,
+                    },
+                },
+            ]
+        );
+    }
+
+    // In debug builds we panic on normalization errors instead of silently fixing them.
+    #[cfg(debug_assertions)]
+    #[test]
+    #[should_panic]
+    fn normalize_adds_missing_output_for_function_call_panics_in_debug() {
+        let items = vec![ResponseItem::FunctionCall {
+            id: None,
+            name: "do_it".to_string(),
+            arguments: "{}".to_string(),
+            call_id: "call-x".to_string(),
+        }];
+        let mut h = create_history_with_items(items);
+        h.normalize_history();
+    }
+
+    #[cfg(debug_assertions)]
+    #[test]
+    #[should_panic]
+    fn normalize_adds_missing_output_for_custom_tool_call_panics_in_debug() {
+        let items = vec![ResponseItem::CustomToolCall {
+            id: None,
+            status: None,
+            call_id: "tool-x".to_string(),
+            name: "custom".to_string(),
+            input: "{}".to_string(),
+        }];
+        let mut h = create_history_with_items(items);
+        h.normalize_history();
+    }
+
+    #[cfg(debug_assertions)]
+    #[test]
+    #[should_panic]
+    fn normalize_adds_missing_output_for_local_shell_call_with_id_panics_in_debug() {
+        let items = vec![ResponseItem::LocalShellCall {
+            id: None,
+            call_id: Some("shell-1".to_string()),
+            status: LocalShellStatus::Completed,
+            action: LocalShellAction::Exec(LocalShellExecAction {
+                command: vec!["echo".to_string(), "hi".to_string()],
+                timeout_ms: None,
+                working_directory: None,
+                env: None,
+                user: None,
+            }),
+        }];
+        let mut h = create_history_with_items(items);
+        h.normalize_history();
+    }
+
+    #[cfg(debug_assertions)]
+    #[test]
+    #[should_panic]
+    fn normalize_removes_orphan_function_call_output_panics_in_debug() {
+        let items = vec![ResponseItem::FunctionCallOutput {
+            call_id: "orphan-1".to_string(),
+            output: FunctionCallOutputPayload {
+                content: "ok".to_string(),
+                success: None,
+            },
+        }];
+        let mut h = create_history_with_items(items);
+        h.normalize_history();
+    }
+
+    #[cfg(debug_assertions)]
+    #[test]
+    #[should_panic]
+    fn normalize_removes_orphan_custom_tool_call_output_panics_in_debug() {
+        let items = vec![ResponseItem::CustomToolCallOutput {
+            call_id: "orphan-2".to_string(),
+            output: "ok".to_string(),
+        }];
+        let mut h = create_history_with_items(items);
+        h.normalize_history();
+    }
+
+    #[cfg(debug_assertions)]
+    #[test]
+    #[should_panic]
+    fn normalize_mixed_inserts_and_removals_panics_in_debug() {
+        let items = vec![
+            ResponseItem::FunctionCall {
+                id: None,
+                name: "f1".to_string(),
+                arguments: "{}".to_string(),
+                call_id: "c1".to_string(),
+            },
+            ResponseItem::FunctionCallOutput {
+                call_id: "c2".to_string(),
+                output: FunctionCallOutputPayload {
+                    content: "ok".to_string(),
+                    success: None,
+                },
+            },
+            ResponseItem::CustomToolCall {
+                id: None,
+                status: None,
+                call_id: "t1".to_string(),
+                name: "tool".to_string(),
+                input: "{}".to_string(),
+            },
+            ResponseItem::LocalShellCall {
+                id: None,
+                call_id: Some("s1".to_string()),
+                status: LocalShellStatus::Completed,
+                action: LocalShellAction::Exec(LocalShellExecAction {
+                    command: vec!["echo".to_string()],
+                    timeout_ms: None,
+                    working_directory: None,
+                    env: None,
+                    user: None,
+                }),
+            },
+        ];
+        let mut h = create_history_with_items(items);
+        h.normalize_history();
+    }
+}
--- a/codex-rs/core/src/context_manager/mod.rs
+++ b/codex-rs/core/src/context_manager/mod.rs
@@ -0,0 +1,3 @@
+mod manager;
+pub(crate) use manager::ContextManager;
+pub mod truncation;
--- a/codex-rs/core/src/context_manager/truncation.rs
+++ b/codex-rs/core/src/context_manager/truncation.rs
@@ -0,0 +1,159 @@
+use codex_utils_string::take_bytes_at_char_boundary;
+
+#[derive(Clone, Copy)]
+pub(crate) struct TruncationConfig {
+    pub max_bytes: usize,
+    pub max_lines: usize,
+    pub truncation_notice: &'static str,
+}
+
+// Telemetry preview limits: keep log events smaller than model budgets.
+pub(crate) const TELEMETRY_PREVIEW_MAX_BYTES: usize = 2 * 1024; // 2 KiB
+pub(crate) const TELEMETRY_PREVIEW_MAX_LINES: usize = 64; // lines
+pub(crate) const TELEMETRY_PREVIEW_TRUNCATION_NOTICE: &str =
+    "[... telemetry preview truncated ...]";
+
+pub(crate) const CONTEXT_OUTPUT_TRUNCATION: TruncationConfig = TruncationConfig {
+    max_bytes: TELEMETRY_PREVIEW_MAX_BYTES,
+    max_lines: TELEMETRY_PREVIEW_MAX_LINES,
+    truncation_notice: TELEMETRY_PREVIEW_TRUNCATION_NOTICE,
+};
+
+pub(crate) fn truncate_with_config(content: &str, config: TruncationConfig) -> String {
+    let TruncationConfig {
+        max_bytes,
+        max_lines,
+        truncation_notice,
+    } = config;
+
+    let truncated_slice = take_bytes_at_char_boundary(content, max_bytes);
+    let truncated_by_bytes = truncated_slice.len() < content.len();
+
+    let mut preview = String::new();
+    let mut lines_iter = truncated_slice.lines();
+    for idx in 0..max_lines {
+        match lines_iter.next() {
+            Some(line) => {
+                if idx > 0 {
+                    preview.push('\n');
+                }
+                preview.push_str(line);
+            }
+            None => break,
+        }
+    }
+    let truncated_by_lines = lines_iter.next().is_some();
+
+    if !truncated_by_bytes && !truncated_by_lines {
+        return content.to_string();
+    }
+
+    if preview.len() < truncated_slice.len()
+        && truncated_slice
+            .as_bytes()
+            .get(preview.len())
+            .is_some_and(|byte| *byte == b'\n')
+    {
+        preview.push('\n');
+    }
+
+    if !preview.is_empty() && !preview.ends_with('\n') {
+        preview.push('\n');
+    }
+
+    preview.push_str(truncation_notice);
+    preview
+}
+
+pub(crate) fn truncate_context_output(content: &str) -> String {
+    truncate_with_config(content, CONTEXT_OUTPUT_TRUNCATION)
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use pretty_assertions::assert_eq;
+
+    #[test]
+    fn truncate_with_config_returns_original_within_limits() {
+        let content = "short output";
+        let config = TruncationConfig {
+            max_bytes: 64,
+            max_lines: 5,
+            truncation_notice: "[notice]",
+        };
+        assert_eq!(truncate_with_config(content, config), content);
+    }
+
+    #[test]
+    fn truncate_with_config_truncates_by_bytes() {
+        let config = TruncationConfig {
+            max_bytes: 16,
+            max_lines: 10,
+            truncation_notice: "[notice]",
+        };
+        let content = "abcdefghijklmnopqrstuvwxyz";
+        let truncated = truncate_with_config(content, config);
+        assert!(truncated.contains("[notice]"));
+    }
+
+    #[test]
+    fn truncate_with_config_truncates_by_lines() {
+        let config = TruncationConfig {
+            max_bytes: 1024,
+            max_lines: 2,
+            truncation_notice: "[notice]",
+        };
+        let content = "l1\nl2\nl3\nl4";
+        let truncated = truncate_with_config(content, config);
+        assert!(truncated.lines().count() <= 3);
+        assert!(truncated.contains("[notice]"));
+    }
+
+    #[test]
+    fn telemetry_preview_returns_original_within_limits() {
+        let content = "short output";
+        let config = TruncationConfig {
+            max_bytes: TELEMETRY_PREVIEW_MAX_BYTES,
+            max_lines: TELEMETRY_PREVIEW_MAX_LINES,
+            truncation_notice: TELEMETRY_PREVIEW_TRUNCATION_NOTICE,
+        };
+        assert_eq!(truncate_with_config(content, config), content);
+    }
+
+    #[test]
+    fn telemetry_preview_truncates_by_bytes() {
+        let config = TruncationConfig {
+            max_bytes: TELEMETRY_PREVIEW_MAX_BYTES,
+            max_lines: TELEMETRY_PREVIEW_MAX_LINES,
+            truncation_notice: TELEMETRY_PREVIEW_TRUNCATION_NOTICE,
+        };
+        let content = "x".repeat(TELEMETRY_PREVIEW_MAX_BYTES + 8);
+        let preview = truncate_with_config(&content, config);
+
+        assert!(preview.contains(TELEMETRY_PREVIEW_TRUNCATION_NOTICE));
+        assert!(
+            preview.len()
+                <= TELEMETRY_PREVIEW_MAX_BYTES + TELEMETRY_PREVIEW_TRUNCATION_NOTICE.len() + 1
+        );
+    }
+
+    #[test]
+    fn telemetry_preview_truncates_by_lines() {
+        let config = TruncationConfig {
+            max_bytes: TELEMETRY_PREVIEW_MAX_BYTES,
+            max_lines: TELEMETRY_PREVIEW_MAX_LINES,
+            truncation_notice: TELEMETRY_PREVIEW_TRUNCATION_NOTICE,
+        };
+        let content = (0..(TELEMETRY_PREVIEW_MAX_LINES + 5))
+            .map(|idx| format!("line {idx}"))
+            .collect::<Vec<_>>()
+            .join("\n");
+
+        let preview = truncate_with_config(&content, config);
+        let lines: Vec<&str> = preview.lines().collect();
+
+        assert!(lines.len() <= TELEMETRY_PREVIEW_MAX_LINES + 1);
+        assert_eq!(lines.last(), Some(&TELEMETRY_PREVIEW_TRUNCATION_NOTICE));
+    }
+}
--- a/Show More
+++ b/Show More