Checkpoint before e2e test

Initial Clippy
2026-04-07 22:34:49 +00:00 · 2026-04-06 15:08:56 -07:00 · 2026-04-04 16:50:19 -07:00 · 2026-04-04 13:20:29 -07:00
697 changed files with 16793 additions and 31781 deletions
--- a/.bazelrc
+++ b/.bazelrc
@@ -44,7 +44,6 @@ common --remote_timeout=3600
 common --noexperimental_throttle_remote_action_building
 common --experimental_remote_execution_keepalive
 common --grpc_keepalive_time=30s
-common --experimental_remote_downloader=grpcs://remote.buildbuddy.io

 # This limits both in-flight executions and concurrent downloads. Even with high number
 # of jobs execution will still be limited by CPU cores, so this just pays a bit of
@@ -125,6 +124,7 @@ build:argument-comment-lint --@rules_rust//rust/toolchain/channel=nightly
 common:ci-windows --config=ci-bazel
 common:ci-windows --build_metadata=TAG_os=windows
 common:ci-windows --repo_contents_cache=D:/a/.cache/bazel-repo-contents-cache
+common:ci-windows --repository_cache=D:/a/.cache/bazel-repo-cache

 # We prefer to run the build actions entirely remotely so we can dial up the concurrency.
 # We have platform-specific tests, so we want to execute the tests on all platforms using the strongest sandboxing available on each platform.
--- a/.github/actions/setup-bazel-ci/action.yml
+++ b/.github/actions/setup-bazel-ci/action.yml
@@ -9,9 +9,9 @@ inputs:
    required: false
    default: "false"
 outputs:
-  repository-cache-path:
-    description: Filesystem path used for the Bazel repository cache.
-    value: ${{ steps.configure_bazel_repository_cache.outputs.repository-cache-path }}
+  cache-hit:
+    description: Whether the Bazel repository cache key was restored exactly.
+    value: ${{ steps.cache_bazel_repository_restore.outputs.cache-hit }}

 runs:
  using: composite
@@ -41,16 +41,17 @@ runs:
    - name: Set up Bazel
      uses: bazelbuild/setup-bazelisk@v3

-    - name: Configure Bazel repository cache
-      id: configure_bazel_repository_cache
-      shell: pwsh
-      run: |
-        # Keep the repository cache under HOME on all runners. Windows `D:\a`
-        # cache paths match `.bazelrc`, but `actions/cache/restore` currently
-        # returns HTTP 400 for that path in the Windows clippy job.
-        $repositoryCachePath = Join-Path $HOME '.cache/bazel-repo-cache'
-        "repository-cache-path=$repositoryCachePath" | Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf8 -Append
-        "BAZEL_REPOSITORY_CACHE=$repositoryCachePath" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+    # Restore bazel repository cache so we don't have to redownload all the external dependencies
+    # on every CI run.
+    - name: Restore bazel repository cache
+      id: cache_bazel_repository_restore
+      uses: actions/cache/restore@v5
+      with:
+        path: |
+          ~/.cache/bazel-repo-cache
+        key: bazel-cache-${{ inputs.target }}-${{ hashFiles('MODULE.bazel', 'codex-rs/Cargo.lock', 'codex-rs/Cargo.toml') }}
+        restore-keys: |
+          bazel-cache-${{ inputs.target }}

    - name: Configure Bazel output root (Windows)
      if: runner.os == 'Windows'
@@ -64,6 +65,10 @@ runs:
        $repoContentsCache = Join-Path $env:RUNNER_TEMP "bazel-repo-contents-cache-$env:GITHUB_RUN_ID-$env:GITHUB_JOB"
        "BAZEL_OUTPUT_USER_ROOT=$bazelOutputUserRoot" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
        "BAZEL_REPO_CONTENTS_CACHE=$repoContentsCache" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+        if (-not $hasDDrive) {
+          $repositoryCache = Join-Path $env:USERPROFILE '.cache\bazel-repo-cache'
+          "BAZEL_REPOSITORY_CACHE=$repositoryCache" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+        }

    - name: Expose MSVC SDK environment (Windows)
      if: runner.os == 'Windows'
--- a/.github/scripts/run-bazel-ci.sh
+++ b/.github/scripts/run-bazel-ci.sh
@@ -5,7 +5,6 @@ set -euo pipefail
 print_failed_bazel_test_logs=0
 use_node_test_env=0
 remote_download_toplevel=0
-windows_msvc_host_platform=0

 while [[ $# -gt 0 ]]; do
  case "$1" in
@@ -21,10 +20,6 @@ while [[ $# -gt 0 ]]; do
      remote_download_toplevel=1
      shift
      ;;
-    --windows-msvc-host-platform)
-      windows_msvc_host_platform=1
-      shift
-      ;;
    --)
      shift
      break
@@ -37,7 +32,7 @@ while [[ $# -gt 0 ]]; do
 done

 if [[ $# -eq 0 ]]; then
-  echo "Usage: $0 [--print-failed-test-logs] [--use-node-test-env] [--remote-download-toplevel] [--windows-msvc-host-platform] -- <bazel args> -- <targets>" >&2
+  echo "Usage: $0 [--print-failed-test-logs] [--use-node-test-env] [--remote-download-toplevel] -- <bazel args> -- <targets>" >&2
  exit 1
 fi

@@ -126,35 +121,14 @@ if [[ ${#bazel_args[@]} -eq 0 || ${#bazel_targets[@]} -eq 0 ]]; then
  exit 1
 fi

-if [[ $use_node_test_env -eq 1 ]]; then
+if [[ $use_node_test_env -eq 1 && "${RUNNER_OS:-}" != "Windows" ]]; then
  # Bazel test sandboxes on macOS may resolve an older Homebrew `node`
  # before the `actions/setup-node` runtime on PATH.
  node_bin="$(which node)"
-  if [[ "${RUNNER_OS:-}" == "Windows" ]]; then
-    node_bin="$(cygpath -w "${node_bin}")"
-  fi
  bazel_args+=("--test_env=CODEX_JS_REPL_NODE_PATH=${node_bin}")
 fi

 post_config_bazel_args=()
-if [[ "${RUNNER_OS:-}" == "Windows" && $windows_msvc_host_platform -eq 1 ]]; then
-  has_host_platform_override=0
-  for arg in "${bazel_args[@]}"; do
-    if [[ "$arg" == --host_platform=* ]]; then
-      has_host_platform_override=1
-      break
-    fi
-  done
-
-  if [[ $has_host_platform_override -eq 0 ]]; then
-    # Keep Windows Bazel targets on `windows-gnullvm` for cfg coverage, but opt
-    # specific jobs into an MSVC exec platform when they need helper binaries
-    # like Rust test wrappers and V8 generators to resolve a compatible host
-    # toolchain.
-    post_config_bazel_args+=("--host_platform=//:local_windows_msvc")
-  fi
-fi
-
 if [[ $remote_download_toplevel -eq 1 ]]; then
  # Override the CI config's remote_download_minimal setting when callers need
  # the built artifact to exist on disk after the command completes.
@@ -172,12 +146,6 @@ if [[ -n "${BAZEL_REPOSITORY_CACHE:-}" ]]; then
  post_config_bazel_args+=("--repository_cache=${BAZEL_REPOSITORY_CACHE}")
 fi

-if [[ -n "${CODEX_BAZEL_EXECUTION_LOG_COMPACT_DIR:-}" ]]; then
-  post_config_bazel_args+=(
-    "--execution_log_compact_file=${CODEX_BAZEL_EXECUTION_LOG_COMPACT_DIR}/execution-log-${bazel_args[0]}-${GITHUB_JOB:-local}-$$.zst"
-  )
-fi
-
 if [[ "${RUNNER_OS:-}" == "Windows" ]]; then
  windows_action_env_vars=(
    INCLUDE
--- a/.github/scripts/verify_cargo_workspace_manifests.py
+++ b/.github/scripts/verify_cargo_workspace_manifests.py
@@ -1,12 +1,11 @@
 #!/usr/bin/env python3

-"""Verify that codex-rs Cargo manifests follow workspace manifest policy.
+"""Verify that codex-rs crates inherit workspace metadata, lints, and names.

-Checks:
- Crates inherit `[workspace.package]` metadata.
- Crates opt into `[lints] workspace = true`.
- Crate names follow the codex-rs directory naming conventions.
- Workspace manifests do not introduce workspace crate feature toggles.
+This keeps `cargo clippy` aligned with the workspace lint policy by ensuring
+each crate opts into `[lints] workspace = true`, and it also checks the crate
+name conventions for top-level `codex-rs/*` crates and `codex-rs/utils/*`
+crates.
 """

 from __future__ import annotations
@@ -25,48 +24,20 @@ TOP_LEVEL_NAME_EXCEPTIONS = {
 UTILITY_NAME_EXCEPTIONS = {
    "path-utils": "codex-utils-path",
 }
-MANIFEST_FEATURE_EXCEPTIONS = {}
-OPTIONAL_DEPENDENCY_EXCEPTIONS = set()
-INTERNAL_DEPENDENCY_FEATURE_EXCEPTIONS = {}


 def main() -> int:
-    internal_package_names = workspace_package_names()
-    used_manifest_feature_exceptions: set[str] = set()
-    used_optional_dependency_exceptions: set[tuple[str, str, str]] = set()
-    used_internal_dependency_feature_exceptions: set[tuple[str, str, str]] = set()
-    failures_by_path: dict[str, list[str]] = {}
-
-    for path in manifests_to_verify():
-        if errors := manifest_errors(
-            path,
-            internal_package_names,
-            used_manifest_feature_exceptions,
-            used_optional_dependency_exceptions,
-            used_internal_dependency_feature_exceptions,
-        ):
-            failures_by_path[manifest_key(path)] = errors
-
-    add_unused_exception_errors(
-        failures_by_path,
-        used_manifest_feature_exceptions,
-        used_optional_dependency_exceptions,
-        used_internal_dependency_feature_exceptions,
-    )
-
-    if not failures_by_path:
+    failures = [
+        (path.relative_to(ROOT), errors)
+        for path in cargo_manifests()
+        if (errors := manifest_errors(path))
+    ]
+    if not failures:
        return 0

    print(
-        "Cargo manifests under codex-rs must inherit workspace package metadata, "
-        "opt into workspace lints, and avoid introducing new workspace crate "
-        "features."
-    )
-    print(
-        "Workspace crate features are disallowed because our Bazel build setup "
-        "does not honor them today, which can let issues hidden behind feature "
-        "gates go unnoticed, and because they add extra crate build "
-        "permutations we want to avoid."
+        "Cargo manifests under codex-rs must inherit workspace package metadata and "
+        "opt into workspace lints."
    )
    print(
        "Cargo only applies `codex-rs/Cargo.toml` `[workspace.lints.clippy]` "
@@ -85,13 +56,8 @@ def main() -> int:
        "Package-name checks apply to `codex-rs/<crate>/Cargo.toml` and "
        "`codex-rs/utils/<crate>/Cargo.toml`."
    )
-    print(
-        "Workspace crate features are forbidden; add a targeted exception here "
-        "only if there is a deliberate temporary migration in flight."
-    )
    print()
-    for path in sorted(failures_by_path):
-        errors = failures_by_path[path]
+    for path, errors in failures:
        print(f"{path}:")
        for error in errors:
            print(f"  - {error}")
@@ -99,106 +65,28 @@ def main() -> int:
    return 1


-def manifest_errors(
-    path: Path,
-    internal_package_names: set[str],
-    used_manifest_feature_exceptions: set[str],
-    used_optional_dependency_exceptions: set[tuple[str, str, str]],
-    used_internal_dependency_feature_exceptions: set[tuple[str, str, str]],
-) -> list[str]:
+def manifest_errors(path: Path) -> list[str]:
    manifest = load_manifest(path)
    package = manifest.get("package")
-    if not isinstance(package, dict) and path != CARGO_RS_ROOT / "Cargo.toml":
+    if not isinstance(package, dict):
        return []

    errors = []
-    if isinstance(package, dict):
-        for field in WORKSPACE_PACKAGE_FIELDS:
-            if not is_workspace_reference(package.get(field)):
-                errors.append(f"set `{field}.workspace = true` in `[package]`")
+    for field in WORKSPACE_PACKAGE_FIELDS:
+        if not is_workspace_reference(package.get(field)):
+            errors.append(f"set `{field}.workspace = true` in `[package]`")

-        lints = manifest.get("lints")
-        if not (isinstance(lints, dict) and lints.get("workspace") is True):
-            errors.append("add `[lints]` with `workspace = true`")
+    lints = manifest.get("lints")
+    if not (isinstance(lints, dict) and lints.get("workspace") is True):
+        errors.append("add `[lints]` with `workspace = true`")

-        expected_name = expected_package_name(path)
-        if expected_name is not None:
-            actual_name = package.get("name")
-            if actual_name != expected_name:
-                errors.append(
-                    f"set `[package].name` to `{expected_name}` (found `{actual_name}`)"
-                )
-
-    path_key = manifest_key(path)
-    features = manifest.get("features")
-    if features is not None:
-        normalized_features = normalize_feature_mapping(features)
-        expected_features = MANIFEST_FEATURE_EXCEPTIONS.get(path_key)
-        if expected_features is None:
+    expected_name = expected_package_name(path)
+    if expected_name is not None:
+        actual_name = package.get("name")
+        if actual_name != expected_name:
            errors.append(
-                "remove `[features]`; new workspace crate features are not allowed"
+                f"set `[package].name` to `{expected_name}` (found `{actual_name}`)"
            )
-        else:
-            used_manifest_feature_exceptions.add(path_key)
-            if normalized_features != expected_features:
-                errors.append(
-                    "limit `[features]` to the existing exception list while "
-                    "workspace crate features are being removed "
-                    f"(expected {render_feature_mapping(expected_features)})"
-                )
-
-    for section_name, dependencies in dependency_sections(manifest):
-        for dependency_name, dependency in dependencies.items():
-            if not isinstance(dependency, dict):
-                continue
-
-            if dependency.get("optional") is True:
-                exception_key = (path_key, section_name, dependency_name)
-                if exception_key in OPTIONAL_DEPENDENCY_EXCEPTIONS:
-                    used_optional_dependency_exceptions.add(exception_key)
-                else:
-                    errors.append(
-                        "remove `optional = true` from "
-                        f"`{dependency_entry_label(section_name, dependency_name)}`; "
-                        "new optional dependencies are not allowed because they "
-                        "create crate features"
-                    )
-
-            if not is_internal_dependency(path, dependency_name, dependency, internal_package_names):
-                continue
-
-            dependency_features = dependency.get("features")
-            if dependency_features is not None:
-                normalized_dependency_features = normalize_string_list(
-                    dependency_features
-                )
-                exception_key = (path_key, section_name, dependency_name)
-                expected_dependency_features = (
-                    INTERNAL_DEPENDENCY_FEATURE_EXCEPTIONS.get(exception_key)
-                )
-                if expected_dependency_features is None:
-                    errors.append(
-                        "remove `features = [...]` from workspace dependency "
-                        f"`{dependency_entry_label(section_name, dependency_name)}`; "
-                        "new workspace crate feature activations are not allowed"
-                    )
-                else:
-                    used_internal_dependency_feature_exceptions.add(exception_key)
-                    if normalized_dependency_features != expected_dependency_features:
-                        errors.append(
-                            "limit workspace dependency features on "
-                            f"`{dependency_entry_label(section_name, dependency_name)}` "
-                            "to the existing exception list while workspace crate "
-                            "features are being removed "
-                            f"(expected {render_string_list(expected_dependency_features)})"
-                        )
-
-            if dependency.get("default-features") is False:
-                errors.append(
-                    "remove `default-features = false` from workspace dependency "
-                    f"`{dependency_entry_label(section_name, dependency_name)}`; "
-                    "new workspace crate feature toggles are not allowed"
-                )

    return errors

@@ -221,153 +109,6 @@ def is_workspace_reference(value: object) -> bool:
    return isinstance(value, dict) and value.get("workspace") is True


-def manifest_key(path: Path) -> str:
-    return str(path.relative_to(ROOT))
-
-
-def normalize_feature_mapping(value: object) -> dict[str, tuple[str, ...]] | None:
-    if not isinstance(value, dict):
-        return None
-
-    normalized = {}
-    for key, features in value.items():
-        if not isinstance(key, str):
-            return None
-        normalized_features = normalize_string_list(features)
-        if normalized_features is None:
-            return None
-        normalized[key] = normalized_features
-    return normalized
-
-
-def normalize_string_list(value: object) -> tuple[str, ...] | None:
-    if not isinstance(value, list) or not all(isinstance(item, str) for item in value):
-        return None
-    return tuple(value)
-
-
-def render_feature_mapping(features: dict[str, tuple[str, ...]]) -> str:
-    entries = [
-        f"{name} = {render_string_list(items)}" for name, items in features.items()
-    ]
-    return ", ".join(entries)
-
-
-def render_string_list(items: tuple[str, ...]) -> str:
-    return "[" + ", ".join(f'"{item}"' for item in items) + "]"
-
-
-def dependency_sections(manifest: dict) -> list[tuple[str, dict]]:
-    sections = []
-    for section_name in ("dependencies", "dev-dependencies", "build-dependencies"):
-        dependencies = manifest.get(section_name)
-        if isinstance(dependencies, dict):
-            sections.append((section_name, dependencies))
-
-    workspace = manifest.get("workspace")
-    if isinstance(workspace, dict):
-        workspace_dependencies = workspace.get("dependencies")
-        if isinstance(workspace_dependencies, dict):
-            sections.append(("workspace.dependencies", workspace_dependencies))
-
-    target = manifest.get("target")
-    if not isinstance(target, dict):
-        return sections
-
-    for target_name, tables in target.items():
-        if not isinstance(tables, dict):
-            continue
-        for section_name in ("dependencies", "dev-dependencies", "build-dependencies"):
-            dependencies = tables.get(section_name)
-            if isinstance(dependencies, dict):
-                sections.append((f"target.{target_name}.{section_name}", dependencies))
-
-    return sections
-
-
-def dependency_entry_label(section_name: str, dependency_name: str) -> str:
-    return f"[{section_name}].{dependency_name}"
-
-
-def is_internal_dependency(
-    manifest_path: Path,
-    dependency_name: str,
-    dependency: dict,
-    internal_package_names: set[str],
-) -> bool:
-    package_name = dependency.get("package", dependency_name)
-    if isinstance(package_name, str) and package_name in internal_package_names:
-        return True
-
-    dependency_path = dependency.get("path")
-    if not isinstance(dependency_path, str):
-        return False
-
-    resolved_dependency_path = (manifest_path.parent / dependency_path).resolve()
-    try:
-        resolved_dependency_path.relative_to(CARGO_RS_ROOT)
-    except ValueError:
-        return False
-    return True
-
-
-def add_unused_exception_errors(
-    failures_by_path: dict[str, list[str]],
-    used_manifest_feature_exceptions: set[str],
-    used_optional_dependency_exceptions: set[tuple[str, str, str]],
-    used_internal_dependency_feature_exceptions: set[tuple[str, str, str]],
-) -> None:
-    for path_key in sorted(
-        set(MANIFEST_FEATURE_EXCEPTIONS) - used_manifest_feature_exceptions
-    ):
-        add_failure(
-            failures_by_path,
-            path_key,
-            "remove the stale `[features]` exception from "
-            "`MANIFEST_FEATURE_EXCEPTIONS`",
-        )
-
-    for path_key, section_name, dependency_name in sorted(
-        OPTIONAL_DEPENDENCY_EXCEPTIONS - used_optional_dependency_exceptions
-    ):
-        add_failure(
-            failures_by_path,
-            path_key,
-            "remove the stale optional-dependency exception for "
-            f"`{dependency_entry_label(section_name, dependency_name)}` from "
-            "`OPTIONAL_DEPENDENCY_EXCEPTIONS`",
-        )
-
-    for path_key, section_name, dependency_name in sorted(
-        set(INTERNAL_DEPENDENCY_FEATURE_EXCEPTIONS)
-        - used_internal_dependency_feature_exceptions
-    ):
-        add_failure(
-            failures_by_path,
-            path_key,
-            "remove the stale internal dependency feature exception for "
-            f"`{dependency_entry_label(section_name, dependency_name)}` from "
-            "`INTERNAL_DEPENDENCY_FEATURE_EXCEPTIONS`",
-        )
-
-
-def add_failure(failures_by_path: dict[str, list[str]], path_key: str, error: str) -> None:
-    failures_by_path.setdefault(path_key, []).append(error)
-
-
-def workspace_package_names() -> set[str]:
-    package_names = set()
-    for path in cargo_manifests():
-        manifest = load_manifest(path)
-        package = manifest.get("package")
-        if not isinstance(package, dict):
-            continue
-        package_name = package.get("name")
-        if isinstance(package_name, str):
-            package_names.add(package_name)
-    return package_names
-
-
 def load_manifest(path: Path) -> dict:
    return tomllib.loads(path.read_text())

@@ -380,9 +121,5 @@ def cargo_manifests() -> list[Path]:
    )


-def manifests_to_verify() -> list[Path]:
-    return [CARGO_RS_ROOT / "Cargo.toml", *cargo_manifests()]
-
-
 if __name__ == "__main__":
    sys.exit(main())
--- a/.github/workflows/README.md
+++ b/.github/workflows/README.md
@@ -5,15 +5,15 @@ The workflows in this directory are split so that pull requests get fast, review
 ## Pull Requests

 - `bazel.yml` is the main pre-merge verification path for Rust code.
-  It runs Bazel `test` and Bazel `clippy` on the supported Bazel targets,
-  including the generated Rust test binaries needed to lint inline `#[cfg(test)]`
-  code.
+  It runs Bazel `test` and Bazel `clippy` on the supported Bazel targets.
 - `rust-ci.yml` keeps the Cargo-native PR checks intentionally small:
  - `cargo fmt --check`
  - `cargo shear`
  - `argument-comment-lint` on Linux, macOS, and Windows
  - `tools/argument-comment-lint` package tests when the lint or its workflow wiring changes

+The PR workflow still keeps the Linux lint lane on the default-targets-only invocation for now, but the released linter runs on Linux, macOS, and Windows before merge.
+
 ## Post-Merge On `main`

 - `bazel.yml` also runs on pushes to `main`.
--- a/.github/workflows/bazel.yml
+++ b/.github/workflows/bazel.yml
@@ -58,31 +58,11 @@ jobs:
          target: ${{ matrix.target }}
          install-test-prereqs: "true"

-      # Restore the Bazel repository cache explicitly so external dependencies
-      # do not need to be re-downloaded on every CI run. Keep restore failures
-      # non-fatal so transient cache-service errors degrade to a cold build
-      # instead of failing the job.
-      - name: Restore bazel repository cache
-        id: cache_bazel_repository_restore
-        continue-on-error: true
-        uses: actions/cache/restore@v5
-        with:
-          path: ${{ steps.setup_bazel.outputs.repository-cache-path }}
-          key: bazel-cache-${{ matrix.target }}-${{ hashFiles('MODULE.bazel', 'codex-rs/Cargo.lock', 'codex-rs/Cargo.toml') }}
-          restore-keys: |
-            bazel-cache-${{ matrix.target }}
-
      - name: Check MODULE.bazel.lock is up to date
        if: matrix.os == 'ubuntu-24.04' && matrix.target == 'x86_64-unknown-linux-gnu'
        shell: bash
        run: ./scripts/check-module-bazel-lock.sh

-      - name: Set up Bazel execution logs
-        shell: bash
-        run: |
-          mkdir -p "${RUNNER_TEMP}/bazel-execution-logs"
-          echo "CODEX_BAZEL_EXECUTION_LOG_COMPACT_DIR=${RUNNER_TEMP}/bazel-execution-logs" >> "${GITHUB_ENV}"
-
      - name: bazel test //...
        env:
          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
@@ -96,16 +76,9 @@ jobs:
            -//third_party/v8:all
          )

-          bazel_wrapper_args=(
-            --print-failed-test-logs
-            --use-node-test-env
-          )
-          if [[ "${RUNNER_OS}" == "Windows" ]]; then
-            bazel_wrapper_args+=(--windows-msvc-host-platform)
-          fi
-
          ./.github/scripts/run-bazel-ci.sh \
-            "${bazel_wrapper_args[@]}" \
+            --print-failed-test-logs \
+            --use-node-test-env \
            -- \
            test \
            --test_tag_filters=-argument-comment-lint \
@@ -114,23 +87,15 @@ jobs:
            -- \
            "${bazel_targets[@]}"

-      - name: Upload Bazel execution logs
-        if: always() && !cancelled()
-        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
-        with:
-          name: bazel-execution-logs-test-${{ matrix.target }}
-          path: ${{ runner.temp }}/bazel-execution-logs
-          if-no-files-found: ignore
-
      # Save bazel repository cache explicitly; make non-fatal so cache uploading
      # never fails the overall job. Only save when key wasn't hit.
      - name: Save bazel repository cache
-        if: always() && !cancelled() && steps.cache_bazel_repository_restore.outputs.cache-hit != 'true'
+        if: always() && !cancelled() && steps.setup_bazel.outputs.cache-hit != 'true'
        continue-on-error: true
        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
-          path: ${{ steps.setup_bazel.outputs.repository-cache-path }}
+          path: |
+            ~/.cache/bazel-repo-cache
          key: bazel-cache-${{ matrix.target }}-${{ hashFiles('MODULE.bazel', 'codex-rs/Cargo.lock', 'codex-rs/Cargo.toml') }}

  clippy:
@@ -161,71 +126,30 @@ jobs:
        with:
          target: ${{ matrix.target }}

-      # Restore the Bazel repository cache explicitly so external dependencies
-      # do not need to be re-downloaded on every CI run. Keep restore failures
-      # non-fatal so transient cache-service errors degrade to a cold build
-      # instead of failing the job.
-      - name: Restore bazel repository cache
-        id: cache_bazel_repository_restore
-        continue-on-error: true
-        uses: actions/cache/restore@v5
-        with:
-          path: ${{ steps.setup_bazel.outputs.repository-cache-path }}
-          key: bazel-cache-${{ matrix.target }}-${{ hashFiles('MODULE.bazel', 'codex-rs/Cargo.lock', 'codex-rs/Cargo.toml') }}
-          restore-keys: |
-            bazel-cache-${{ matrix.target }}
-
-      - name: Set up Bazel execution logs
-        shell: bash
-        run: |
-          mkdir -p "${RUNNER_TEMP}/bazel-execution-logs"
-          echo "CODEX_BAZEL_EXECUTION_LOG_COMPACT_DIR=${RUNNER_TEMP}/bazel-execution-logs" >> "${GITHUB_ENV}"
-
-      - name: bazel build --config=clippy lint targets
+      - name: bazel build --config=clippy //codex-rs/...
        env:
          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
        shell: bash
        run: |
-          bazel_clippy_args=(
-            --config=clippy
-            --build_metadata=COMMIT_SHA=${GITHUB_SHA}
-            --build_metadata=TAG_job=clippy
-          )
-          if [[ "${RUNNER_OS}" == "Windows" ]]; then
-            # Some explicit targets pulled in through //codex-rs/... are
-            # intentionally incompatible with `//:local_windows`, but the lint
-            # aspect still traverses their compatible Rust deps.
-            bazel_clippy_args+=(--skip_incompatible_explicit_targets)
-          fi
-
-          bazel_target_lines="$(./scripts/list-bazel-clippy-targets.sh)"
-          bazel_targets=()
-          while IFS= read -r target; do
-            bazel_targets+=("${target}")
-          done <<< "${bazel_target_lines}"
-
+          # Keep the initial Bazel clippy scope on codex-rs and out of the
+          # V8 proof-of-concept target for now.
          ./.github/scripts/run-bazel-ci.sh \
            -- \
            build \
-            "${bazel_clippy_args[@]}" \
+            --config=clippy \
+            --build_metadata=COMMIT_SHA=${GITHUB_SHA} \
+            --build_metadata=TAG_job=clippy \
            -- \
-            "${bazel_targets[@]}"
-
-      - name: Upload Bazel execution logs
-        if: always() && !cancelled()
-        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
-        with:
-          name: bazel-execution-logs-clippy-${{ matrix.target }}
-          path: ${{ runner.temp }}/bazel-execution-logs
-          if-no-files-found: ignore
+            //codex-rs/... \
+            -//codex-rs/v8-poc:all

      # Save bazel repository cache explicitly; make non-fatal so cache uploading
      # never fails the overall job. Only save when key wasn't hit.
      - name: Save bazel repository cache
-        if: always() && !cancelled()
+        if: always() && !cancelled() && steps.setup_bazel.outputs.cache-hit != 'true'
        continue-on-error: true
        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
-          path: ${{ steps.setup_bazel.outputs.repository-cache-path }}
+          path: |
+            ~/.cache/bazel-repo-cache
          key: bazel-cache-${{ matrix.target }}-${{ hashFiles('MODULE.bazel', 'codex-rs/Cargo.lock', 'codex-rs/Cargo.toml') }}
--- a/.github/workflows/issue-labeler.yml
+++ b/.github/workflows/issue-labeler.yml
@@ -52,15 +52,13 @@ jobs:
            6. code-review — Issues related to the code review feature or functionality.
            7. safety-check - Issues related to cyber risk detection or trusted access verification.
            8. auth - Problems related to authentication, login, or access tokens.
-            9. exec - Problems related to the "codex exec" command or functionality.
-            10. hooks - Problems related to event hooks
-            11. context - Problems related to compaction, context windows, or available context reporting.
-            12. skills - Problems related to skills or plugins
-            13. custom-model - Problems that involve using custom model providers, local models, or OSS models.
-            14. rate-limits - Problems related to token limits, rate limits, or token usage reporting.
-            15. sandbox - Issues related to local sandbox environments or tool call approvals to override sandbox restrictions.
-            16. tool-calls - Problems related to specific tool call invocations including unexpected errors, failures, or hangs.
-            17. TUI - Problems with the terminal user interface (TUI) including keyboard shortcuts, copy & pasting, menus, or screen update issues.
+            9. codex-exec - Problems related to the "codex exec" command or functionality.
+            10. context-management - Problems related to compaction, context windows, or available context reporting.
+            11. custom-model - Problems that involve using custom model providers, local models, or OSS models.
+            12. rate-limits - Problems related to token limits, rate limits, or token usage reporting.
+            13. sandbox - Issues related to local sandbox environments or tool call approvals to override sandbox restrictions.
+            14. tool-calls - Problems related to specific tool call invocations including unexpected errors, failures, or hangs.
+            15. TUI - Problems with the terminal user interface (TUI) including keyboard shortcuts, copy & pasting, menus, or screen update issues.

            Issue number: ${{ github.event.issue.number }}

--- a/.github/workflows/rust-ci-full.yml
+++ b/.github/workflows/rust-ci-full.yml
@@ -445,10 +445,10 @@ jobs:
          set -euo pipefail
          RECIPE="${RUNNER_TEMP}/chef-recipe.json"
          cargo chef prepare --recipe-path "$RECIPE"
-          cargo chef cook --recipe-path "$RECIPE" --target ${{ matrix.target }} --release
+          cargo chef cook --recipe-path "$RECIPE" --target ${{ matrix.target }} --release --all-features

      - name: cargo clippy
-        run: cargo clippy --target ${{ matrix.target }} --tests --profile ${{ matrix.profile }} --timings -- -D warnings
+        run: cargo clippy --target ${{ matrix.target }} --all-features --tests --profile ${{ matrix.profile }} --timings -- -D warnings

      - name: Upload Cargo timings (clippy)
        if: always()
@@ -672,7 +672,7 @@ jobs:

      - name: tests
        id: test
-        run: cargo nextest run --no-fail-fast --target ${{ matrix.target }} --cargo-profile ci-test --timings
+        run: cargo nextest run --all-features --no-fail-fast --target ${{ matrix.target }} --cargo-profile ci-test --timings
        env:
          RUST_BACKTRACE: 1
          NEXTEST_STATUS_LEVEL: leak
--- a/.github/workflows/rust-release.yml
+++ b/.github/workflows/rust-release.yml
@@ -584,11 +584,14 @@ jobs:
      - name: Setup Node.js
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
        with:
-          # Node 24 bundles npm >= 11.5.1, which trusted publishing requires.
-          node-version: 24
+          node-version: 22
          registry-url: "https://registry.npmjs.org"
          scope: "@openai"

+      # Trusted publishing requires npm CLI version 11.5.1 or later.
+      - name: Update npm
+        run: npm install -g npm@latest
+
      - name: Download npm tarballs from release
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -15,8 +15,7 @@ In the codex-rs folder where the rust code lives:
 - When you cannot make that API change and still need a small positional-literal callsite in Rust, follow the `argument_comment_lint` convention:
  - Use an exact `/*param_name*/` comment before opaque literal arguments such as `None`, booleans, and numeric literals when passing them by position.
  - Do not add these comments for string or char literals unless the comment adds real clarity; those literals are intentionally exempt from the lint.
-  - The parameter name in the comment must exactly match the callee signature.
-  - You can run `just argument-comment-lint` to run the lint check locally. This is powered by Bazel, so running it the first time can be slow if Bazel is not warmed up, though incremental invocations should take <15s. Most of the time, it is best to update the PR and let CI take responsibility for checking this (or run it asynchronously in the background after submitting the PR). Note CI checks all three platforms, which the local run does not.
+  - If you add one of these comments, the parameter name must exactly match the callee signature.
 - When possible, make `match` statements exhaustive and avoid wildcard arms.
 - Newly added traits should include doc comments that explain their role and how implementations are expected to use them.
 - When writing tests, prefer comparing the equality of entire objects over fields one by one.
@@ -51,6 +50,8 @@ Run `just fmt` (in `codex-rs` directory) automatically after you have finished m

 Before finalizing a large change to `codex-rs`, run `just fix -p <project>` (in `codex-rs` directory) to fix any linter issues in the code. Prefer scoping with `-p` to avoid slow workspace‑wide Clippy builds; only run `just fix` without `-p` if you changed shared crates. Do not re-run tests after running `fix` or `fmt`.

+Also run `just argument-comment-lint` to ensure the codebase is clean of comment lint errors.
+
 ## The `codex-core` crate

 Over time, the `codex-core` crate (defined in `codex-rs/core/`) has become bloated because it is the largest crate, so it is often easier to add something new to `codex-core` rather than refactor out the library code you need so your new code neither takes a dependency on, nor contributes to the size of, `codex-core`.
--- a/MODULE.bazel
+++ b/MODULE.bazel
@@ -71,8 +71,6 @@ single_version_override(
    patch_strip = 1,
    patches = [
        "//patches:rules_rs_windows_gnullvm_exec.patch",
-        "//patches:rules_rs_delete_git_worktree_pointer.patch",
-        "//patches:rules_rs_windows_exec_linker.patch",
    ],
    version = "0.0.43",
 )
@@ -86,9 +84,7 @@ rules_rust.patch(
        "//patches:rules_rust_windows_gnullvm_build_script.patch",
        "//patches:rules_rust_windows_exec_msvc_build_script_env.patch",
        "//patches:rules_rust_windows_bootstrap_process_wrapper_linker.patch",
-        "//patches:rules_rust_windows_build_script_runner_paths.patch",
        "//patches:rules_rust_windows_msvc_direct_link_args.patch",
-        "//patches:rules_rust_windows_process_wrapper_skip_temp_outputs.patch",
        "//patches:rules_rust_windows_exec_bin_target.patch",
        "//patches:rules_rust_windows_exec_std.patch",
        "//patches:rules_rust_windows_exec_rustc_dev_rlib.patch",
@@ -192,18 +188,8 @@ bazel_dep(name = "zstd", version = "1.5.7")

 crate.annotation(
    crate = "zstd-sys",
-    gen_build_script = "on",
-    patch_args = ["-p1"],
-    patches = [
-        "//patches:zstd-sys_windows_msvc_include_dirs.patch",
-    ],
-)
-crate.annotation(
-    crate = "ring",
-    patch_args = ["-p1"],
-    patches = [
-        "//patches:ring_windows_msvc_include_dirs.patch",
-    ],
+    gen_build_script = "off",
+    deps = ["@zstd"],
 )
 crate.annotation(
    build_script_env = {
@@ -228,13 +214,6 @@ inject_repo(crate, "zstd")
 use_repo(crate, "argument_comment_lint_crates")

 bazel_dep(name = "bzip2", version = "1.0.8.bcr.3")
-single_version_override(
-    module_name = "bzip2",
-    patch_strip = 1,
-    patches = [
-        "//patches:bzip2_windows_stack_args.patch",
-    ],
-)

 crate.annotation(
    crate = "bzip2-sys",
@@ -248,30 +227,20 @@ bazel_dep(name = "zlib", version = "1.3.1.bcr.8")

 crate.annotation(
    crate = "libz-sys",
-    gen_build_script = "on",
+    gen_build_script = "off",
+    deps = ["@zlib"],
 )

 inject_repo(crate, "zlib")

-bazel_dep(name = "xz", version = "5.4.5.bcr.8")
-single_version_override(
-    module_name = "xz",
-    patch_strip = 1,
-    patches = [
-        "//patches:xz_windows_stack_args.patch",
-    ],
-)
-
+# TODO(zbarsky): Enable annotation after fixing windows arm64 builds.
 crate.annotation(
    crate = "lzma-sys",
-    gen_build_script = "off",
-    deps = ["@xz//:lzma"],
+    gen_build_script = "on",
 )

 bazel_dep(name = "openssl", version = "3.5.4.bcr.0")

-inject_repo(crate, "xz")
-
 crate.annotation(
    build_script_data = [
        "@openssl//:gen_dir",
--- a/MODULE.bazel.lock
+++ b/MODULE.bazel.lock
@@ -228,8 +228,6 @@
    "https://bcr.bazel.build/modules/upb/0.0.0-20220923-a547704/MODULE.bazel": "7298990c00040a0e2f121f6c32544bab27d4452f80d9ce51349b1a28f3005c43",
    "https://bcr.bazel.build/modules/with_cfg.bzl/0.12.0/MODULE.bazel": "b573395fe63aef4299ba095173e2f62ccfee5ad9bbf7acaa95dba73af9fc2b38",
    "https://bcr.bazel.build/modules/with_cfg.bzl/0.12.0/source.json": "3f3fbaeafecaf629877ad152a2c9def21f8d330d91aa94c5dc75bbb98c10b8b8",
-    "https://bcr.bazel.build/modules/xz/5.4.5.bcr.8/MODULE.bazel": "e48a69bd54053c2ec5fffc2a29fb70122afd3e83ab6c07068f63bc6553fa57cc",
-    "https://bcr.bazel.build/modules/xz/5.4.5.bcr.8/source.json": "bd7e928ccd63505b44f4784f7bbf12cc11f9ff23bf3ca12ff2c91cd74846099e",
    "https://bcr.bazel.build/modules/zlib/1.2.11/MODULE.bazel": "07b389abc85fdbca459b69e2ec656ae5622873af3f845e1c9d80fe179f3effa0",
    "https://bcr.bazel.build/modules/zlib/1.3.1.bcr.5/MODULE.bazel": "eec517b5bbe5492629466e11dae908d043364302283de25581e3eb944326c4ca",
    "https://bcr.bazel.build/modules/zlib/1.3.1.bcr.8/MODULE.bazel": "772c674bb78a0342b8caf32ab5c25085c493ca4ff08398208dcbe4375fe9f776",
@@ -925,7 +923,7 @@
      "hyper-rustls_0.27.7": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"cfg-if\",\"req\":\"^1\"},{\"name\":\"http\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"http-body-util\",\"req\":\"^0.1\"},{\"default_features\":false,\"name\":\"hyper\",\"req\":\"^1\"},{\"default_features\":false,\"features\":[\"client-legacy\",\"tokio\"],\"name\":\"hyper-util\",\"req\":\"^0.1\"},{\"default_features\":false,\"features\":[\"server-auto\"],\"kind\":\"dev\",\"name\":\"hyper-util\",\"req\":\"^0.1\"},{\"name\":\"log\",\"optional\":true,\"req\":\"^0.4.4\"},{\"name\":\"pki-types\",\"package\":\"rustls-pki-types\",\"req\":\"^1\"},{\"default_features\":false,\"name\":\"rustls\",\"req\":\"^0.23\"},{\"default_features\":false,\"features\":[\"tls12\"],\"kind\":\"dev\",\"name\":\"rustls\",\"req\":\"^0.23\"},{\"name\":\"rustls-native-certs\",\"optional\":true,\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"rustls-pemfile\",\"req\":\"^2\"},{\"name\":\"rustls-platform-verifier\",\"optional\":true,\"req\":\"^0.6\"},{\"name\":\"tokio\",\"req\":\"^1.0\"},{\"features\":[\"io-std\",\"macros\",\"net\",\"rt-multi-thread\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0\"},{\"default_features\":false,\"name\":\"tokio-rustls\",\"req\":\"^0.26\"},{\"name\":\"tower-service\",\"req\":\"^0.3\"},{\"name\":\"webpki-roots\",\"optional\":true,\"req\":\"^1\"}],\"features\":{\"aws-lc-rs\":[\"rustls/aws_lc_rs\"],\"default\":[\"native-tokio\",\"http1\",\"tls12\",\"logging\",\"aws-lc-rs\"],\"fips\":[\"aws-lc-rs\",\"rustls/fips\"],\"http1\":[\"hyper-util/http1\"],\"http2\":[\"hyper-util/http2\"],\"logging\":[\"log\",\"tokio-rustls/logging\",\"rustls/logging\"],\"native-tokio\":[\"rustls-native-certs\"],\"ring\":[\"rustls/ring\"],\"tls12\":[\"tokio-rustls/tls12\",\"rustls/tls12\"],\"webpki-tokio\":[\"webpki-roots\"]}}",
      "hyper-timeout_0.5.2": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"http-body-util\",\"req\":\"^0.1\"},{\"name\":\"hyper\",\"req\":\"^1.1\"},{\"features\":[\"http1\"],\"kind\":\"dev\",\"name\":\"hyper\",\"req\":\"^1.1\"},{\"kind\":\"dev\",\"name\":\"hyper-tls\",\"req\":\"^0.6\"},{\"features\":[\"client-legacy\",\"http1\"],\"name\":\"hyper-util\",\"req\":\"^0.1.10\"},{\"features\":[\"client-legacy\",\"http1\",\"server\",\"server-graceful\"],\"kind\":\"dev\",\"name\":\"hyper-util\",\"req\":\"^0.1.10\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2\"},{\"name\":\"tokio\",\"req\":\"^1.35\"},{\"features\":[\"io-std\",\"io-util\",\"macros\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.35\"},{\"name\":\"tower-service\",\"req\":\"^0.3\"}],\"features\":{}}",
      "hyper-tls_0.6.0": "{\"dependencies\":[{\"name\":\"bytes\",\"req\":\"^1\"},{\"name\":\"http-body-util\",\"req\":\"^0.1.0\"},{\"name\":\"hyper\",\"req\":\"^1\"},{\"features\":[\"client-legacy\",\"tokio\"],\"name\":\"hyper-util\",\"req\":\"^0.1.0\"},{\"features\":[\"http1\"],\"kind\":\"dev\",\"name\":\"hyper-util\",\"req\":\"^0.1.0\"},{\"name\":\"native-tls\",\"req\":\"^0.2.1\"},{\"name\":\"tokio\",\"req\":\"^1\"},{\"features\":[\"io-std\",\"macros\",\"io-util\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1.0.0\"},{\"name\":\"tokio-native-tls\",\"req\":\"^0.3\"},{\"name\":\"tower-service\",\"req\":\"^0.3\"}],\"features\":{\"alpn\":[\"native-tls/alpn\"],\"vendored\":[\"native-tls/vendored\"]}}",
-      "hyper-util_0.1.20": "{\"dependencies\":[{\"name\":\"base64\",\"optional\":true,\"req\":\"^0.22\"},{\"name\":\"bytes\",\"req\":\"^1.7.1\"},{\"kind\":\"dev\",\"name\":\"bytes\",\"req\":\"^1\"},{\"name\":\"futures-channel\",\"optional\":true,\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"futures-util\",\"optional\":true,\"req\":\"^0.3.16\"},{\"default_features\":false,\"features\":[\"alloc\"],\"kind\":\"dev\",\"name\":\"futures-util\",\"req\":\"^0.3.16\"},{\"name\":\"http\",\"req\":\"^1.0\"},{\"name\":\"http-body\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"http-body-util\",\"req\":\"^0.1.0\"},{\"name\":\"hyper\",\"req\":\"^1.8.0\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"hyper\",\"req\":\"^1.4.0\"},{\"name\":\"ipnet\",\"optional\":true,\"req\":\"^2.9\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2\"},{\"name\":\"percent-encoding\",\"optional\":true,\"req\":\"^2.3\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.4\"},{\"kind\":\"dev\",\"name\":\"pnet_datalink\",\"req\":\"^0.35.0\",\"target\":\"cfg(any(target_os = \\\"linux\\\", target_os = \\\"macos\\\"))\"},{\"kind\":\"dev\",\"name\":\"pretty_env_logger\",\"req\":\"^0.5\"},{\"features\":[\"all\"],\"name\":\"socket2\",\"optional\":true,\"req\":\">=0.5.9, <0.7\"},{\"name\":\"system-configuration\",\"optional\":true,\"req\":\"^0.7\",\"target\":\"cfg(target_os = \\\"macos\\\")\"},{\"default_features\":false,\"name\":\"tokio\",\"optional\":true,\"req\":\"^1\"},{\"features\":[\"macros\",\"test-util\",\"signal\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4\"},{\"name\":\"tower-layer\",\"optional\":true,\"req\":\"^0.3\"},{\"name\":\"tower-service\",\"optional\":true,\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"tower-test\",\"req\":\"^0.4\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1\"},{\"name\":\"windows-registry\",\"optional\":true,\"req\":\">=0.3, <0.7\",\"target\":\"cfg(windows)\"}],\"features\":{\"__internal_happy_eyeballs_tests\":[],\"client\":[\"hyper/client\",\"tokio/net\",\"dep:tracing\",\"dep:futures-channel\",\"dep:tower-service\"],\"client-legacy\":[\"client\",\"dep:socket2\",\"tokio/sync\",\"dep:libc\",\"dep:futures-util\"],\"client-pool\":[\"client\",\"dep:futures-util\",\"dep:tower-layer\"],\"client-proxy\":[\"client\",\"dep:base64\",\"dep:ipnet\",\"dep:percent-encoding\"],\"client-proxy-system\":[\"dep:system-configuration\",\"dep:windows-registry\"],\"default\":[],\"full\":[\"client\",\"client-legacy\",\"client-pool\",\"client-proxy\",\"client-proxy-system\",\"server\",\"server-auto\",\"server-graceful\",\"service\",\"http1\",\"http2\",\"tokio\",\"tracing\"],\"http1\":[\"hyper/http1\"],\"http2\":[\"hyper/http2\"],\"server\":[\"hyper/server\"],\"server-auto\":[\"server\",\"http1\",\"http2\"],\"server-graceful\":[\"server\",\"tokio/sync\"],\"service\":[\"dep:tower-service\"],\"tokio\":[\"dep:tokio\",\"tokio/rt\",\"tokio/time\"],\"tracing\":[\"dep:tracing\"]}}",
+      "hyper-util_0.1.19": "{\"dependencies\":[{\"name\":\"base64\",\"optional\":true,\"req\":\"^0.22\"},{\"name\":\"bytes\",\"req\":\"^1.7.1\"},{\"kind\":\"dev\",\"name\":\"bytes\",\"req\":\"^1\"},{\"name\":\"futures-channel\",\"optional\":true,\"req\":\"^0.3\"},{\"name\":\"futures-core\",\"req\":\"^0.3\"},{\"default_features\":false,\"name\":\"futures-util\",\"optional\":true,\"req\":\"^0.3.16\"},{\"default_features\":false,\"features\":[\"alloc\"],\"kind\":\"dev\",\"name\":\"futures-util\",\"req\":\"^0.3.16\"},{\"name\":\"http\",\"req\":\"^1.0\"},{\"name\":\"http-body\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"http-body-util\",\"req\":\"^0.1.0\"},{\"name\":\"hyper\",\"req\":\"^1.8.0\"},{\"features\":[\"full\"],\"kind\":\"dev\",\"name\":\"hyper\",\"req\":\"^1.4.0\"},{\"name\":\"ipnet\",\"optional\":true,\"req\":\"^2.9\"},{\"name\":\"libc\",\"optional\":true,\"req\":\"^0.2\"},{\"name\":\"percent-encoding\",\"optional\":true,\"req\":\"^2.3\"},{\"name\":\"pin-project-lite\",\"req\":\"^0.2.4\"},{\"kind\":\"dev\",\"name\":\"pnet_datalink\",\"req\":\"^0.35.0\",\"target\":\"cfg(any(target_os = \\\"linux\\\", target_os = \\\"macos\\\"))\"},{\"kind\":\"dev\",\"name\":\"pretty_env_logger\",\"req\":\"^0.5\"},{\"features\":[\"all\"],\"name\":\"socket2\",\"optional\":true,\"req\":\">=0.5.9, <0.7\"},{\"name\":\"system-configuration\",\"optional\":true,\"req\":\">=0.5, <0.7\",\"target\":\"cfg(target_os = \\\"macos\\\")\"},{\"default_features\":false,\"name\":\"tokio\",\"optional\":true,\"req\":\"^1\"},{\"features\":[\"macros\",\"test-util\",\"signal\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4\"},{\"name\":\"tower-layer\",\"optional\":true,\"req\":\"^0.3\"},{\"name\":\"tower-service\",\"optional\":true,\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"tower-test\",\"req\":\"^0.4\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1\"},{\"name\":\"windows-registry\",\"optional\":true,\"req\":\">=0.3, <0.7\",\"target\":\"cfg(windows)\"}],\"features\":{\"__internal_happy_eyeballs_tests\":[],\"client\":[\"hyper/client\",\"tokio/net\",\"dep:tracing\",\"dep:futures-channel\",\"dep:tower-service\"],\"client-legacy\":[\"client\",\"dep:socket2\",\"tokio/sync\",\"dep:libc\",\"dep:futures-util\"],\"client-pool\":[\"client\",\"dep:futures-util\",\"dep:tower-layer\"],\"client-proxy\":[\"client\",\"dep:base64\",\"dep:ipnet\",\"dep:percent-encoding\"],\"client-proxy-system\":[\"dep:system-configuration\",\"dep:windows-registry\"],\"default\":[],\"full\":[\"client\",\"client-legacy\",\"client-pool\",\"client-proxy\",\"client-proxy-system\",\"server\",\"server-auto\",\"server-graceful\",\"service\",\"http1\",\"http2\",\"tokio\",\"tracing\"],\"http1\":[\"hyper/http1\"],\"http2\":[\"hyper/http2\"],\"server\":[\"hyper/server\"],\"server-auto\":[\"server\",\"http1\",\"http2\"],\"server-graceful\":[\"server\",\"tokio/sync\"],\"service\":[\"dep:tower-service\"],\"tokio\":[\"dep:tokio\",\"tokio/rt\",\"tokio/time\"],\"tracing\":[\"dep:tracing\"]}}",
      "hyper_1.8.1": "{\"dependencies\":[{\"name\":\"atomic-waker\",\"optional\":true,\"req\":\"^1.1.2\"},{\"name\":\"bytes\",\"req\":\"^1.2\"},{\"kind\":\"dev\",\"name\":\"form_urlencoded\",\"req\":\"^1\"},{\"name\":\"futures-channel\",\"optional\":true,\"req\":\"^0.3\"},{\"features\":[\"sink\"],\"kind\":\"dev\",\"name\":\"futures-channel\",\"req\":\"^0.3\"},{\"name\":\"futures-core\",\"optional\":true,\"req\":\"^0.3.31\"},{\"default_features\":false,\"features\":[\"alloc\"],\"name\":\"futures-util\",\"optional\":true,\"req\":\"^0.3\"},{\"default_features\":false,\"features\":[\"alloc\",\"sink\"],\"kind\":\"dev\",\"name\":\"futures-util\",\"req\":\"^0.3\"},{\"name\":\"h2\",\"optional\":true,\"req\":\"^0.4.2\"},{\"name\":\"http\",\"req\":\"^1\"},{\"name\":\"http-body\",\"req\":\"^1\"},{\"name\":\"http-body-util\",\"optional\":true,\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"http-body-util\",\"req\":\"^0.1\"},{\"name\":\"httparse\",\"optional\":true,\"req\":\"^1.9\"},{\"name\":\"httpdate\",\"optional\":true,\"req\":\"^1.0\"},{\"name\":\"itoa\",\"optional\":true,\"req\":\"^1\"},{\"name\":\"pin-project-lite\",\"optional\":true,\"req\":\"^0.2.4\"},{\"kind\":\"dev\",\"name\":\"pin-project-lite\",\"req\":\"^0.2.4\"},{\"name\":\"pin-utils\",\"optional\":true,\"req\":\"^0.1\"},{\"kind\":\"dev\",\"name\":\"pretty_env_logger\",\"req\":\"^0.5\"},{\"features\":[\"derive\"],\"kind\":\"dev\",\"name\":\"serde\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"features\":[\"const_generics\",\"const_new\"],\"name\":\"smallvec\",\"optional\":true,\"req\":\"^1.12\"},{\"kind\":\"dev\",\"name\":\"spmc\",\"req\":\"^0.3\"},{\"features\":[\"sync\"],\"name\":\"tokio\",\"req\":\"^1\"},{\"features\":[\"fs\",\"macros\",\"net\",\"io-std\",\"io-util\",\"rt\",\"rt-multi-thread\",\"sync\",\"time\",\"test-util\"],\"kind\":\"dev\",\"name\":\"tokio\",\"req\":\"^1\"},{\"kind\":\"dev\",\"name\":\"tokio-test\",\"req\":\"^0.4\"},{\"kind\":\"dev\",\"name\":\"tokio-util\",\"req\":\"^0.7.10\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"tracing\",\"optional\":true,\"req\":\"^0.1\"},{\"name\":\"want\",\"optional\":true,\"req\":\"^0.3\"}],\"features\":{\"capi\":[],\"client\":[\"dep:want\",\"dep:pin-project-lite\",\"dep:smallvec\"],\"default\":[],\"ffi\":[\"dep:http-body-util\",\"dep:futures-util\"],\"full\":[\"client\",\"http1\",\"http2\",\"server\"],\"http1\":[\"dep:atomic-waker\",\"dep:futures-channel\",\"dep:futures-core\",\"dep:httparse\",\"dep:itoa\",\"dep:pin-utils\"],\"http2\":[\"dep:futures-channel\",\"dep:futures-core\",\"dep:h2\"],\"nightly\":[],\"server\":[\"dep:httpdate\",\"dep:pin-project-lite\",\"dep:smallvec\"],\"tracing\":[\"dep:tracing\"]}}",
      "i18n-config_0.4.8": "{\"dependencies\":[{\"name\":\"basic-toml\",\"req\":\"^0.1\"},{\"name\":\"log\",\"req\":\"^0.4\"},{\"features\":[\"derive\"],\"name\":\"serde\",\"req\":\"^1.0\"},{\"name\":\"serde_derive\",\"req\":\"^1.0\"},{\"name\":\"thiserror\",\"req\":\"^1.0\"},{\"features\":[\"serde\"],\"name\":\"unic-langid\",\"req\":\"^0.9\"}],\"features\":{}}",
      "i18n-embed-fl_0.9.4": "{\"dependencies\":[{\"name\":\"dashmap\",\"optional\":true,\"req\":\"^6.0\"},{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3\"},{\"kind\":\"dev\",\"name\":\"env_logger\",\"req\":\"^0.11\"},{\"name\":\"find-crate\",\"req\":\"^0.6\"},{\"name\":\"fluent\",\"req\":\"^0.16\"},{\"name\":\"fluent-syntax\",\"req\":\"^0.11\"},{\"name\":\"i18n-config\",\"req\":\"^0.4.7\"},{\"features\":[\"fluent-system\",\"filesystem-assets\"],\"name\":\"i18n-embed\",\"req\":\"^0.15.4\"},{\"kind\":\"dev\",\"name\":\"pretty_assertions\",\"req\":\"^1.4\"},{\"name\":\"proc-macro-error2\",\"req\":\"^2.0.1\"},{\"name\":\"proc-macro2\",\"req\":\"^1.0\"},{\"name\":\"quote\",\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"rust-embed\",\"req\":\"^8.0\"},{\"name\":\"strsim\",\"req\":\"^0.11\"},{\"features\":[\"derive\",\"proc-macro\",\"parsing\",\"printing\",\"extra-traits\",\"full\"],\"name\":\"syn\",\"req\":\"^2.0\"},{\"name\":\"unic-langid\",\"req\":\"^0.9\"}],\"features\":{\"dashmap\":[\"dep:dashmap\"]}}",
@@ -1369,7 +1367,7 @@
      "syntect_5.3.0": "{\"dependencies\":[{\"name\":\"bincode\",\"optional\":true,\"req\":\"^1.0\"},{\"features\":[\"html_reports\"],\"kind\":\"dev\",\"name\":\"criterion\",\"req\":\"^0.3\"},{\"name\":\"fancy-regex\",\"optional\":true,\"req\":\"^0.16.2\"},{\"name\":\"flate2\",\"optional\":true,\"req\":\"^1.0\"},{\"name\":\"fnv\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"getopts\",\"req\":\"^0.2\"},{\"name\":\"once_cell\",\"req\":\"^1.8\"},{\"default_features\":false,\"name\":\"onig\",\"optional\":true,\"req\":\"^6.5.1\"},{\"name\":\"plist\",\"optional\":true,\"req\":\"^1.3\"},{\"kind\":\"dev\",\"name\":\"pretty_assertions\",\"req\":\"^0.6\"},{\"kind\":\"dev\",\"name\":\"public-api\",\"req\":\"^0.50.1\"},{\"kind\":\"dev\",\"name\":\"rayon\",\"req\":\"^1.0.0\"},{\"kind\":\"dev\",\"name\":\"regex\",\"req\":\"^1.0\"},{\"name\":\"regex-syntax\",\"optional\":true,\"req\":\"^0.8\"},{\"kind\":\"dev\",\"name\":\"rustdoc-json\",\"req\":\"^0.9.7\"},{\"kind\":\"dev\",\"name\":\"rustup-toolchain\",\"req\":\"^0.1.5\"},{\"name\":\"serde\",\"req\":\"^1.0\"},{\"name\":\"serde_derive\",\"req\":\"^1.0\"},{\"name\":\"serde_json\",\"optional\":true,\"req\":\"^1.0\"},{\"kind\":\"dev\",\"name\":\"serde_json\",\"req\":\"^1.0\"},{\"name\":\"thiserror\",\"req\":\"^2.0.12\"},{\"name\":\"walkdir\",\"req\":\"^2.0\"},{\"name\":\"yaml-rust\",\"optional\":true,\"req\":\"^0.4.5\"}],\"features\":{\"default\":[\"default-onig\"],\"default-fancy\":[\"parsing\",\"default-syntaxes\",\"default-themes\",\"html\",\"plist-load\",\"yaml-load\",\"dump-load\",\"dump-create\",\"regex-fancy\"],\"default-onig\":[\"parsing\",\"default-syntaxes\",\"default-themes\",\"html\",\"plist-load\",\"yaml-load\",\"dump-load\",\"dump-create\",\"regex-onig\"],\"default-syntaxes\":[\"parsing\",\"dump-load\"],\"default-themes\":[\"dump-load\"],\"dump-create\":[\"flate2\",\"bincode\"],\"dump-load\":[\"flate2\",\"bincode\"],\"html\":[\"parsing\"],\"metadata\":[\"parsing\",\"plist-load\",\"dep:serde_json\"],\"parsing\":[\"regex-syntax\",\"fnv\",\"dump-create\",\"dump-load\"],\"plist-load\":[\"plist\",\"dep:serde_json\"],\"regex-fancy\":[\"fancy-regex\"],\"regex-onig\":[\"onig\"],\"yaml-load\":[\"yaml-rust\",\"parsing\"]}}",
      "sys-locale_0.3.2": "{\"dependencies\":[{\"name\":\"js-sys\",\"optional\":true,\"req\":\"^0.3\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", not(unix)))\"},{\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(target_os = \\\"android\\\")\"},{\"name\":\"wasm-bindgen\",\"optional\":true,\"req\":\"^0.2\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", not(unix)))\"},{\"kind\":\"dev\",\"name\":\"wasm-bindgen-test\",\"req\":\"^0.3\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", not(unix)))\"},{\"features\":[\"Window\",\"WorkerGlobalScope\",\"Navigator\",\"WorkerNavigator\"],\"name\":\"web-sys\",\"optional\":true,\"req\":\"^0.3\",\"target\":\"cfg(all(target_family = \\\"wasm\\\", not(unix)))\"}],\"features\":{\"js\":[\"js-sys\",\"wasm-bindgen\",\"web-sys\"]}}",
      "system-configuration-sys_0.6.0": "{\"dependencies\":[{\"name\":\"core-foundation-sys\",\"req\":\"^0.8\"},{\"name\":\"libc\",\"req\":\"^0.2.149\"}],\"features\":{}}",
-      "system-configuration_0.7.0": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^2\"},{\"name\":\"core-foundation\",\"req\":\"^0.9\"},{\"name\":\"system-configuration-sys\",\"req\":\"^0.6\"}],\"features\":{}}",
+      "system-configuration_0.6.1": "{\"dependencies\":[{\"name\":\"bitflags\",\"req\":\"^2\"},{\"name\":\"core-foundation\",\"req\":\"^0.9\"},{\"name\":\"system-configuration-sys\",\"req\":\"^0.6\"}],\"features\":{}}",
      "tagptr_0.2.0": "{\"dependencies\":[],\"features\":{}}",
      "tar_0.4.44": "{\"dependencies\":[{\"name\":\"filetime\",\"req\":\"^0.2.8\"},{\"name\":\"libc\",\"req\":\"^0.2\",\"target\":\"cfg(unix)\"},{\"kind\":\"dev\",\"name\":\"tempfile\",\"req\":\"^3\"},{\"name\":\"xattr\",\"optional\":true,\"req\":\"^1.1.3\",\"target\":\"cfg(unix)\"}],\"features\":{\"default\":[\"xattr\"]}}",
      "tempfile_3.24.0": "{\"dependencies\":[{\"kind\":\"dev\",\"name\":\"doc-comment\",\"req\":\"^0.3\"},{\"name\":\"fastrand\",\"req\":\"^2.1.1\"},{\"default_features\":false,\"name\":\"getrandom\",\"optional\":true,\"req\":\"^0.3.0\",\"target\":\"cfg(any(unix, windows, target_os = \\\"wasi\\\"))\"},{\"default_features\":false,\"features\":[\"std\"],\"name\":\"once_cell\",\"req\":\"^1.19.0\"},{\"features\":[\"fs\"],\"name\":\"rustix\",\"req\":\"^1.1.3\",\"target\":\"cfg(any(unix, target_os = \\\"wasi\\\"))\"},{\"features\":[\"Win32_Storage_FileSystem\",\"Win32_Foundation\"],\"name\":\"windows-sys\",\"req\":\">=0.52, <0.62\",\"target\":\"cfg(windows)\"}],\"features\":{\"default\":[\"getrandom\"],\"nightly\":[]}}",
--- a/codex-rs/Cargo.lock
+++ b/codex-rs/Cargo.lock
@@ -408,11 +408,9 @@ dependencies = [
 "base64 0.22.1",
 "chrono",
 "codex-app-server-protocol",
- "codex-config",
 "codex-core",
 "codex-features",
 "codex-login",
- "codex-models-manager",
 "codex-protocol",
 "codex-utils-cargo-bin",
 "core_test_support",
@@ -449,7 +447,7 @@ dependencies = [
 "objc2-foundation",
 "parking_lot",
 "percent-encoding",
- "windows-sys 0.52.0",
+ "windows-sys 0.60.2",
 "wl-clipboard-rs",
 "x11rb",
 ]
@@ -1369,9 +1367,7 @@ dependencies = [
 "anyhow",
 "assert_matches",
 "async-trait",
- "base64 0.22.1",
 "bytes",
- "chrono",
 "codex-client",
 "codex-protocol",
 "codex-utils-rustls-provider",
@@ -1405,13 +1401,11 @@ dependencies = [
 "base64 0.22.1",
 "chrono",
 "clap",
- "codex-analytics",
 "codex-app-server-protocol",
 "codex-arg0",
 "codex-backend-client",
 "codex-chatgpt",
 "codex-cloud-requirements",
- "codex-config",
 "codex-core",
 "codex-exec-server",
 "codex-features",
@@ -1419,12 +1413,9 @@ dependencies = [
 "codex-file-search",
 "codex-git-utils",
 "codex-login",
- "codex-mcp",
- "codex-models-manager",
 "codex-otel",
 "codex-protocol",
 "codex-rmcp-client",
- "codex-rollout",
 "codex-sandboxing",
 "codex-shell-command",
 "codex-state",
@@ -1434,11 +1425,9 @@ dependencies = [
 "codex-utils-cli",
 "codex-utils-json-to-toml",
 "codex-utils-pty",
- "codex-utils-rustls-provider",
 "constant_time_eq",
 "core_test_support",
 "futures",
- "gethostname",
 "hmac",
 "jsonwebtoken",
 "opentelemetry",
@@ -1461,7 +1450,6 @@ dependencies = [
 "tracing",
 "tracing-opentelemetry",
 "tracing-subscriber",
- "url",
 "uuid",
 "wiremock",
 ]
@@ -1496,7 +1484,6 @@ dependencies = [
 "codex-experimental-api-macros",
 "codex-git-utils",
 "codex-protocol",
- "codex-shell-command",
 "codex-utils-absolute-path",
 "codex-utils-cargo-bin",
 "inventory",
@@ -1506,6 +1493,7 @@ dependencies = [
 "serde",
 "serde_json",
 "serde_with",
+ "shlex",
 "similar",
 "strum_macros 0.28.0",
 "tempfile",
@@ -1584,7 +1572,7 @@ dependencies = [
 "anyhow",
 "codex-backend-openapi-models",
 "codex-client",
- "codex-login",
+ "codex-core",
 "codex-protocol",
 "pretty_assertions",
 "reqwest",
@@ -1607,7 +1595,6 @@ version = "0.0.0"
 dependencies = [
 "anyhow",
 "clap",
- "codex-config",
 "codex-connectors",
 "codex-core",
 "codex-git-utils",
@@ -1642,7 +1629,6 @@ dependencies = [
 "codex-execpolicy",
 "codex-features",
 "codex-login",
- "codex-mcp",
 "codex-mcp-server",
 "codex-protocol",
 "codex-responses-api-proxy",
@@ -1654,7 +1640,6 @@ dependencies = [
 "codex-tui",
 "codex-utils-cargo-bin",
 "codex-utils-cli",
- "codex-utils-path",
 "codex-windows-sandbox",
 "libc",
 "owo-colors",
@@ -1710,9 +1695,7 @@ dependencies = [
 "base64 0.22.1",
 "chrono",
 "codex-backend-client",
- "codex-config",
 "codex-core",
- "codex-login",
 "codex-otel",
 "codex-protocol",
 "hmac",
@@ -1738,7 +1721,6 @@ dependencies = [
 "clap",
 "codex-client",
 "codex-cloud-tasks-client",
- "codex-cloud-tasks-mock-client",
 "codex-core",
 "codex-git-utils",
 "codex-login",
@@ -1768,21 +1750,12 @@ dependencies = [
 "chrono",
 "codex-backend-client",
 "codex-git-utils",
+ "diffy",
 "serde",
 "serde_json",
 "thiserror 2.0.18",
 ]

-[[package]]
-name = "codex-cloud-tasks-mock-client"
-version = "0.0.0"
-dependencies = [
- "async-trait",
- "chrono",
- "codex-cloud-tasks-client",
- "diffy",
-]
-
 [[package]]
 name = "codex-code-mode"
 version = "0.0.0"
@@ -1797,10 +1770,6 @@ dependencies = [
 "v8",
 ]

-[[package]]
-name = "codex-collaboration-mode-templates"
-version = "0.0.0"
-
 [[package]]
 name = "codex-config"
 version = "0.0.0"
@@ -1808,13 +1777,8 @@ dependencies = [
 "anyhow",
 "codex-app-server-protocol",
 "codex-execpolicy",
- "codex-features",
- "codex-git-utils",
- "codex-model-provider-info",
- "codex-network-proxy",
 "codex-protocol",
 "codex-utils-absolute-path",
- "dunce",
 "futures",
 "multimap",
 "pretty_assertions",
@@ -1823,13 +1787,11 @@ dependencies = [
 "serde_json",
 "serde_path_to_error",
 "sha2",
- "tempfile",
 "thiserror 2.0.18",
 "tokio",
 "toml 0.9.11+spec-1.1.0",
 "toml_edit 0.24.0+spec-1.1.0",
 "tracing",
- "wildmatch",
 ]

 [[package]]
@@ -1856,6 +1818,7 @@ dependencies = [
 "async-trait",
 "base64 0.22.1",
 "bm25",
+ "chardetng",
 "chrono",
 "clap",
 "codex-analytics",
@@ -1871,19 +1834,14 @@ dependencies = [
 "codex-exec-server",
 "codex-execpolicy",
 "codex-features",
- "codex-feedback",
 "codex-git-utils",
 "codex-hooks",
 "codex-instructions",
 "codex-login",
- "codex-mcp",
- "codex-model-provider-info",
- "codex-models-manager",
 "codex-network-proxy",
 "codex-otel",
 "codex-plugin",
 "codex-protocol",
- "codex-response-debug-context",
 "codex-rmcp-client",
 "codex-rollout",
 "codex-sandboxing",
@@ -1913,6 +1871,7 @@ dependencies = [
 "ctor 0.6.3",
 "dirs",
 "dunce",
+ "encoding_rs",
 "env-flags",
 "eventsource-stream",
 "futures",
@@ -1921,6 +1880,7 @@ dependencies = [
 "image",
 "indexmap 2.13.0",
 "insta",
+ "landlock",
 "libc",
 "maplit",
 "notify",
@@ -1934,6 +1894,8 @@ dependencies = [
 "regex-lite",
 "reqwest",
 "rmcp",
+ "schemars 0.8.22",
+ "seccompiler",
 "serde",
 "serde_json",
 "serial_test",
@@ -1957,6 +1919,7 @@ dependencies = [
 "uuid",
 "walkdir",
 "which 8.0.0",
+ "wildmatch",
 "windows-sys 0.52.0",
 "wiremock",
 "zip",
@@ -2015,12 +1978,11 @@ dependencies = [
 "codex-app-server-protocol",
 "codex-apply-patch",
 "codex-arg0",
+ "codex-backend-client",
 "codex-cloud-requirements",
 "codex-core",
 "codex-feedback",
 "codex-git-utils",
- "codex-login",
- "codex-model-provider-info",
 "codex-otel",
 "codex-protocol",
 "codex-utils-absolute-path",
@@ -2123,6 +2085,7 @@ dependencies = [
 name = "codex-features"
 version = "0.0.0"
 dependencies = [
+ "codex-login",
 "codex-otel",
 "codex-protocol",
 "pretty_assertions",
@@ -2137,7 +2100,6 @@ name = "codex-feedback"
 version = "0.0.0"
 dependencies = [
 "anyhow",
- "codex-login",
 "codex-protocol",
 "pretty_assertions",
 "sentry",
@@ -2221,7 +2183,6 @@ version = "0.0.0"
 dependencies = [
 "cc",
 "clap",
- "codex-config",
 "codex-core",
 "codex-protocol",
 "codex-sandboxing",
@@ -2243,7 +2204,6 @@ name = "codex-lmstudio"
 version = "0.0.0"
 dependencies = [
 "codex-core",
- "codex-model-provider-info",
 "reqwest",
 "serde_json",
 "tokio",
@@ -2260,13 +2220,10 @@ dependencies = [
 "async-trait",
 "base64 0.22.1",
 "chrono",
- "codex-api",
 "codex-app-server-protocol",
 "codex-client",
 "codex-config",
 "codex-keyring-store",
- "codex-model-provider-info",
- "codex-otel",
 "codex-protocol",
 "codex-terminal-detection",
 "codex-utils-template",
@@ -2278,6 +2235,7 @@ dependencies = [
 "rand 0.9.2",
 "regex-lite",
 "reqwest",
+ "schemars 0.8.22",
 "serde",
 "serde_json",
 "serial_test",
@@ -2293,47 +2251,15 @@ dependencies = [
 "wiremock",
 ]

-[[package]]
-name = "codex-mcp"
-version = "0.0.0"
-dependencies = [
- "anyhow",
- "async-channel",
- "codex-async-utils",
- "codex-config",
- "codex-login",
- "codex-otel",
- "codex-plugin",
- "codex-protocol",
- "codex-rmcp-client",
- "codex-utils-plugins",
- "futures",
- "pretty_assertions",
- "regex-lite",
- "rmcp",
- "serde",
- "serde_json",
- "sha1",
- "tempfile",
- "thiserror 2.0.18",
- "tokio",
- "tokio-util",
- "tracing",
- "url",
-]
-
 [[package]]
 name = "codex-mcp-server"
 version = "0.0.0"
 dependencies = [
 "anyhow",
 "codex-arg0",
- "codex-config",
 "codex-core",
 "codex-exec-server",
 "codex-features",
- "codex-login",
- "codex-models-manager",
 "codex-protocol",
 "codex-shell-command",
 "codex-utils-cli",
@@ -2354,54 +2280,6 @@ dependencies = [
 "wiremock",
 ]

-[[package]]
-name = "codex-model-provider-info"
-version = "0.0.0"
-dependencies = [
- "codex-api",
- "codex-app-server-protocol",
- "codex-protocol",
- "codex-utils-absolute-path",
- "http 1.4.0",
- "maplit",
- "pretty_assertions",
- "schemars 0.8.22",
- "serde",
- "tempfile",
- "toml 0.9.11+spec-1.1.0",
-]
-
-[[package]]
-name = "codex-models-manager"
-version = "0.0.0"
-dependencies = [
- "base64 0.22.1",
- "chrono",
- "codex-api",
- "codex-app-server-protocol",
- "codex-collaboration-mode-templates",
- "codex-config",
- "codex-feedback",
- "codex-login",
- "codex-model-provider-info",
- "codex-otel",
- "codex-protocol",
- "codex-response-debug-context",
- "codex-utils-absolute-path",
- "codex-utils-output-truncation",
- "codex-utils-template",
- "core_test_support",
- "http 1.4.0",
- "pretty_assertions",
- "serde",
- "serde_json",
- "tempfile",
- "tokio",
- "tracing",
- "tracing-subscriber",
- "wiremock",
-]
-
 [[package]]
 name = "codex-network-proxy"
 version = "0.0.0"
@@ -2441,7 +2319,6 @@ dependencies = [
 "async-stream",
 "bytes",
 "codex-core",
- "codex-model-provider-info",
 "futures",
 "pretty_assertions",
 "reqwest",
@@ -2506,27 +2383,18 @@ name = "codex-protocol"
 version = "0.0.0"
 dependencies = [
 "anyhow",
- "chardetng",
- "chrono",
- "codex-async-utils",
 "codex-execpolicy",
 "codex-git-utils",
- "codex-network-proxy",
 "codex-utils-absolute-path",
 "codex-utils-image",
 "codex-utils-string",
 "codex-utils-template",
- "encoding_rs",
- "http 1.4.0",
 "icu_decimal",
 "icu_locale_core",
 "icu_provider",
- "landlock",
 "pretty_assertions",
 "quick-xml",
- "reqwest",
 "schemars 0.8.22",
- "seccompiler",
 "serde",
 "serde_json",
 "serde_with",
@@ -2534,24 +2402,11 @@ dependencies = [
 "strum_macros 0.28.0",
 "sys-locale",
 "tempfile",
- "thiserror 2.0.18",
- "tokio",
 "tracing",
 "ts-rs",
 "uuid",
 ]

-[[package]]
-name = "codex-response-debug-context"
-version = "0.0.0"
-dependencies = [
- "base64 0.22.1",
- "codex-api",
- "http 1.4.0",
- "pretty_assertions",
- "serde_json",
-]
-
 [[package]]
 name = "codex-responses-api-proxy"
 version = "0.0.0"
@@ -2561,7 +2416,6 @@ dependencies = [
 "codex-process-hardening",
 "ctor 0.6.3",
 "libc",
- "pretty_assertions",
 "reqwest",
 "serde",
 "serde_json",
@@ -2576,7 +2430,6 @@ dependencies = [
 "anyhow",
 "axum",
 "codex-client",
- "codex-config",
 "codex-keyring-store",
 "codex-protocol",
 "codex-utils-cargo-bin",
@@ -2588,6 +2441,7 @@ dependencies = [
 "pretty_assertions",
 "reqwest",
 "rmcp",
+ "schemars 0.8.22",
 "serde",
 "serde_json",
 "serial_test",
@@ -2764,15 +2618,11 @@ version = "0.0.0"
 dependencies = [
 "codex-app-server-protocol",
 "codex-code-mode",
- "codex-features",
 "codex-protocol",
- "codex-utils-absolute-path",
- "codex-utils-pty",
 "pretty_assertions",
 "rmcp",
 "serde",
 "serde_json",
- "tracing",
 ]

 [[package]]
@@ -2792,19 +2642,14 @@ dependencies = [
 "codex-chatgpt",
 "codex-cli",
 "codex-cloud-requirements",
- "codex-config",
 "codex-core",
 "codex-features",
 "codex-feedback",
 "codex-file-search",
 "codex-git-utils",
 "codex-login",
- "codex-mcp",
- "codex-model-provider-info",
- "codex-models-manager",
 "codex-otel",
 "codex-protocol",
- "codex-rollout",
 "codex-shell-command",
 "codex-state",
 "codex-terminal-detection",
@@ -2863,7 +2708,6 @@ dependencies = [
 "unicode-segmentation",
 "unicode-width 0.2.1",
 "url",
- "urlencoding",
 "uuid",
 "vt100",
 "webbrowser",
@@ -2966,7 +2810,6 @@ version = "0.0.0"
 dependencies = [
 "codex-core",
 "codex-lmstudio",
- "codex-model-provider-info",
 "codex-ollama",
 ]

@@ -2993,7 +2836,6 @@ dependencies = [
 name = "codex-utils-plugins"
 version = "0.0.0"
 dependencies = [
- "codex-login",
 "serde",
 "serde_json",
 "tempfile",
@@ -3038,7 +2880,6 @@ name = "codex-utils-sandbox-summary"
 version = "0.0.0"
 dependencies = [
 "codex-core",
- "codex-model-provider-info",
 "codex-protocol",
 "codex-utils-absolute-path",
 "pretty_assertions",
@@ -3309,9 +3150,6 @@ dependencies = [
 "codex-core",
 "codex-exec-server",
 "codex-features",
- "codex-login",
- "codex-model-provider-info",
- "codex-models-manager",
 "codex-protocol",
 "codex-utils-absolute-path",
 "codex-utils-cargo-bin",
@@ -3966,7 +3804,7 @@ dependencies = [
 "libc",
 "option-ext",
 "redox_users 0.5.2",
- "windows-sys 0.59.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -4211,7 +4049,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "39cab71617ae0d63f51a36d69f866391735b51691dbda63cf6f96d042b63efeb"
 dependencies = [
 "libc",
- "windows-sys 0.52.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -5117,13 +4955,14 @@ dependencies = [

 [[package]]
 name = "hyper-util"
-version = "0.1.20"
+version = "0.1.19"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "96547c2556ec9d12fb1578c4eaf448b04993e7fb79cbaad930a656880a6bdfa0"
+checksum = "727805d60e7938b76b826a6ef209eb70eaa1812794f9424d4a4e2d740662df5f"
 dependencies = [
 "base64 0.22.1",
 "bytes",
 "futures-channel",
+ "futures-core",
 "futures-util",
 "http 1.4.0",
 "http-body",
@@ -5132,7 +4971,7 @@ dependencies = [
 "libc",
 "percent-encoding",
 "pin-project-lite",
- "socket2 0.5.10",
+ "socket2 0.6.2",
 "system-configuration",
 "tokio",
 "tower-service",
@@ -5638,7 +5477,7 @@ checksum = "3640c1c38b8e4e43584d8df18be5fc6b0aa314ce6ebf51b53313d4306cca8e46"
 dependencies = [
 "hermit-abi",
 "libc",
- "windows-sys 0.52.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -6125,7 +5964,7 @@ name = "mcp_test_support"
 version = "0.0.0"
 dependencies = [
 "anyhow",
- "codex-login",
+ "codex-core",
 "codex-mcp-server",
 "codex-terminal-detection",
 "codex-utils-cargo-bin",
@@ -6416,7 +6255,7 @@ version = "0.50.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7957b9740744892f114936ab4a57b3f487491bbeafaf8083688b16841a4240e5"
 dependencies = [
- "windows-sys 0.59.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -6592,7 +6431,7 @@ version = "5.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "51e219e79014df21a225b1860a479e2dcd7cbd9130f4defd4bd0e191ea31d67d"
 dependencies = [
- "base64 0.21.7",
+ "base64 0.22.1",
 "chrono",
 "getrandom 0.2.17",
 "http 1.4.0",
@@ -7060,7 +6899,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7d8fae84b431384b68627d0f9b3b1245fcf9f46f6c0e3dc902e9dce64edd1967"
 dependencies = [
 "libc",
- "windows-sys 0.45.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -7606,7 +7445,7 @@ dependencies = [
 "quinn-udp",
 "rustc-hash 2.1.1",
 "rustls",
- "socket2 0.5.10",
+ "socket2 0.6.2",
 "thiserror 2.0.18",
 "tokio",
 "tracing",
@@ -7643,9 +7482,9 @@ dependencies = [
 "cfg_aliases 0.2.1",
 "libc",
 "once_cell",
- "socket2 0.5.10",
+ "socket2 0.6.2",
 "tracing",
- "windows-sys 0.52.0",
+ "windows-sys 0.60.2",
 ]

 [[package]]
@@ -8481,7 +8320,7 @@ dependencies = [
 "errno",
 "libc",
 "linux-raw-sys 0.11.0",
- "windows-sys 0.52.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -9880,9 +9719,9 @@ dependencies = [

 [[package]]
 name = "system-configuration"
-version = "0.7.0"
+version = "0.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a13f3d0daba03132c0aa9767f98351b3488edc2c100cda2d2ec2b04f3d8d3c8b"
+checksum = "3c879d448e9d986b661742763247d3693ed13609438cf3d006f51f5368a5ba6b"
 dependencies = [
 "bitflags 2.10.0",
 "core-foundation 0.9.4",
@@ -9915,7 +9754,7 @@ dependencies = [
 "getrandom 0.3.4",
 "once_cell",
 "rustix 1.1.3",
- "windows-sys 0.52.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -11361,7 +11200,7 @@ version = "0.1.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c2a7b1c03c876122aa43f3020e6c3c3ee5c05081c9a00739faf7503aeba10d22"
 dependencies = [
- "windows-sys 0.48.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
--- a/codex-rs/Cargo.toml
+++ b/codex-rs/Cargo.toml
@@ -18,9 +18,7 @@ members = [
    "cloud-requirements",
    "cloud-tasks",
    "cloud-tasks-client",
-    "cloud-tasks-mock-client",
    "cli",
-    "collaboration-mode-templates",
    "connectors",
    "config",
    "shell-command",
@@ -40,10 +38,7 @@ members = [
    "linux-sandbox",
    "lmstudio",
    "login",
-    "codex-mcp",
    "mcp-server",
-    "model-provider-info",
-    "models-manager",
    "network-proxy",
    "ollama",
    "process-hardening",
@@ -51,7 +46,6 @@ members = [
    "rollout",
    "rmcp-client",
    "responses-api-proxy",
-    "response-debug-context",
    "sandboxing",
    "stdio-to-uds",
    "otel",
@@ -91,7 +85,7 @@ members = [
 resolver = "2"

 [workspace.package]
-version = "0.119.0-alpha.14"
+version = "0.0.0"
 # Track the edition for all workspace crates in one place. Individual
 # crates can still override this value, but keeping it here means new
 # crates created with `cargo new -w ...` automatically inherit the 2024
@@ -102,9 +96,10 @@ license = "Apache-2.0"
 [workspace.dependencies]
 # Internal
 app_test_support = { path = "app-server/tests/common" }
-codex-analytics = { path = "analytics" }
 codex-ansi-escape = { path = "ansi-escape" }
+codex-analytics = { path = "analytics" }
 codex-api = { path = "codex-api" }
+codex-code-mode = { path = "code-mode" }
 codex-app-server = { path = "app-server" }
 codex-app-server-client = { path = "app-server-client" }
 codex-app-server-protocol = { path = "app-server-protocol" }
@@ -116,21 +111,17 @@ codex-backend-client = { path = "backend-client" }
 codex-chatgpt = { path = "chatgpt" }
 codex-cli = { path = "cli" }
 codex-client = { path = "codex-client" }
-codex-collaboration-mode-templates = { path = "collaboration-mode-templates" }
 codex-cloud-requirements = { path = "cloud-requirements" }
-codex-cloud-tasks-client = { path = "cloud-tasks-client" }
-codex-cloud-tasks-mock-client = { path = "cloud-tasks-mock-client" }
-codex-code-mode = { path = "code-mode" }
-codex-config = { path = "config" }
 codex-connectors = { path = "connectors" }
+codex-config = { path = "config" }
 codex-core = { path = "core" }
 codex-core-skills = { path = "core-skills" }
 codex-exec = { path = "exec" }
 codex-exec-server = { path = "exec-server" }
 codex-execpolicy = { path = "execpolicy" }
 codex-experimental-api-macros = { path = "codex-experimental-api-macros" }
-codex-features = { path = "features" }
 codex-feedback = { path = "feedback" }
+codex-features = { path = "features" }
 codex-file-search = { path = "file-search" }
 codex-git-utils = { path = "git-utils" }
 codex-hooks = { path = "hooks" }
@@ -139,20 +130,16 @@ codex-keyring-store = { path = "keyring-store" }
 codex-linux-sandbox = { path = "linux-sandbox" }
 codex-lmstudio = { path = "lmstudio" }
 codex-login = { path = "login" }
-codex-mcp = { path = "codex-mcp" }
 codex-mcp-server = { path = "mcp-server" }
-codex-model-provider-info = { path = "model-provider-info" }
-codex-models-manager = { path = "models-manager" }
 codex-network-proxy = { path = "network-proxy" }
 codex-ollama = { path = "ollama" }
 codex-otel = { path = "otel" }
 codex-plugin = { path = "plugin" }
 codex-process-hardening = { path = "process-hardening" }
 codex-protocol = { path = "protocol" }
-codex-responses-api-proxy = { path = "responses-api-proxy" }
-codex-response-debug-context = { path = "response-debug-context" }
-codex-rmcp-client = { path = "rmcp-client" }
 codex-rollout = { path = "rollout" }
+codex-responses-api-proxy = { path = "responses-api-proxy" }
+codex-rmcp-client = { path = "rmcp-client" }
 codex-sandboxing = { path = "sandboxing" }
 codex-secrets = { path = "secrets" }
 codex-shell-command = { path = "shell-command" }
@@ -163,6 +150,7 @@ codex-stdio-to-uds = { path = "stdio-to-uds" }
 codex-terminal-detection = { path = "terminal-detection" }
 codex-tools = { path = "tools" }
 codex-tui = { path = "tui" }
+codex-v8-poc = { path = "v8-poc" }
 codex-utils-absolute-path = { path = "utils/absolute-path" }
 codex-utils-approval-presets = { path = "utils/approval-presets" }
 codex-utils-cache = { path = "utils/cache" }
@@ -183,9 +171,8 @@ codex-utils-rustls-provider = { path = "utils/rustls-provider" }
 codex-utils-sandbox-summary = { path = "utils/sandbox-summary" }
 codex-utils-sleep-inhibitor = { path = "utils/sleep-inhibitor" }
 codex-utils-stream-parser = { path = "utils/stream-parser" }
-codex-utils-string = { path = "utils/string" }
 codex-utils-template = { path = "utils/template" }
-codex-v8-poc = { path = "v8-poc" }
+codex-utils-string = { path = "utils/string" }
 codex-windows-sandbox = { path = "windows-sandbox-rs" }
 core_test_support = { path = "core/tests/common" }
 mcp_test_support = { path = "mcp-server/tests/common" }
@@ -230,12 +217,12 @@ gethostname = "1.1.0"
 globset = "0.4"
 hmac = "0.12.1"
 http = "1.3.1"
-iana-time-zone = "0.1.64"
 icu_decimal = "2.1"
 icu_locale_core = "2.1"
 icu_provider = { version = "2.1", features = ["sync"] }
 ignore = "0.4.23"
 image = { version = "^0.25.9", default-features = false }
+iana-time-zone = "0.1.64"
 include_dir = "0.7.4"
 indexmap = "2.12.0"
 insta = "1.46.3"
@@ -277,6 +264,7 @@ regex-lite = "0.1.8"
 reqwest = "0.12"
 rmcp = { version = "0.15.0", default-features = false }
 runfiles = { git = "https://github.com/dzbarsky/rules_rust", rev = "b56cbaa8465e74127f1ea216f813cd377295ad81" }
+v8 = "=146.4.0"
 rustls = { version = "0.23", default-features = false, features = [
    "ring",
    "std",
@@ -345,7 +333,6 @@ unicode-width = "0.2"
 url = "2"
 urlencoding = "2.1"
 uuid = "1"
-v8 = "=146.4.0"
 vt100 = "0.16.2"
 walkdir = "2.5.0"
 webbrowser = "1.0"
--- a/codex-rs/analytics/src/analytics_client_tests.rs
+++ b/codex-rs/analytics/src/analytics_client_tests.rs
@@ -13,7 +13,6 @@ use crate::events::TrackEventRequest;
 use crate::events::codex_app_metadata;
 use crate::events::codex_plugin_metadata;
 use crate::events::codex_plugin_used_metadata;
-use crate::events::subagent_thread_started_event_request;
 use crate::facts::AnalyticsFact;
 use crate::facts::AppInvocation;
 use crate::facts::AppMentionedInput;
@@ -25,7 +24,6 @@ use crate::facts::PluginStateChangedInput;
 use crate::facts::PluginUsedInput;
 use crate::facts::SkillInvocation;
 use crate::facts::SkillInvokedInput;
-use crate::facts::SubAgentThreadStartedInput;
 use crate::facts::TrackEventsContext;
 use crate::reducer::AnalyticsReducer;
 use crate::reducer::normalize_path_for_skill_id;
@@ -49,7 +47,6 @@ use codex_plugin::AppConnectorId;
 use codex_plugin::PluginCapabilitySummary;
 use codex_plugin::PluginId;
 use codex_plugin::PluginTelemetryMetadata;
-use codex_protocol::protocol::SubAgentSource;
 use pretty_assertions::assert_eq;
 use serde_json::json;
 use std::collections::HashSet;
@@ -61,7 +58,6 @@ use tokio::sync::mpsc;
 fn sample_thread(thread_id: &str, ephemeral: bool) -> Thread {
    Thread {
        id: thread_id.to_string(),
-        forked_from_id: None,
        preview: "first prompt".to_string(),
        ephemeral,
        model_provider: "openai".to_string(),
@@ -449,155 +445,6 @@ async fn initialize_caches_client_and_thread_lifecycle_publishes_once_initialize
    assert_eq!(payload[0]["event_params"]["parent_thread_id"], json!(null));
 }

-#[test]
-fn subagent_thread_started_review_serializes_expected_shape() {
-    let event = TrackEventRequest::ThreadInitialized(subagent_thread_started_event_request(
-        SubAgentThreadStartedInput {
-            thread_id: "thread-review".to_string(),
-            product_client_id: "codex-tui".to_string(),
-            client_name: "codex-tui".to_string(),
-            client_version: "1.0.0".to_string(),
-            model: "gpt-5".to_string(),
-            ephemeral: false,
-            subagent_source: SubAgentSource::Review,
-            created_at: 123,
-        },
-    ));
-
-    let payload = serde_json::to_value(&event).expect("serialize review subagent event");
-    assert_eq!(payload["event_params"]["thread_source"], "subagent");
-    assert_eq!(
-        payload["event_params"]["app_server_client"]["product_client_id"],
-        "codex-tui"
-    );
-    assert_eq!(
-        payload["event_params"]["app_server_client"]["client_name"],
-        "codex-tui"
-    );
-    assert_eq!(
-        payload["event_params"]["app_server_client"]["client_version"],
-        "1.0.0"
-    );
-    assert_eq!(
-        payload["event_params"]["app_server_client"]["rpc_transport"],
-        "in_process"
-    );
-    assert_eq!(payload["event_params"]["created_at"], 123);
-    assert_eq!(payload["event_params"]["initialization_mode"], "new");
-    assert_eq!(payload["event_params"]["subagent_source"], "review");
-    assert_eq!(payload["event_params"]["parent_thread_id"], json!(null));
-}
-
-#[test]
-fn subagent_thread_started_thread_spawn_serializes_parent_thread_id() {
-    let parent_thread_id =
-        codex_protocol::ThreadId::from_string("11111111-1111-1111-1111-111111111111")
-            .expect("valid thread id");
-    let event = TrackEventRequest::ThreadInitialized(subagent_thread_started_event_request(
-        SubAgentThreadStartedInput {
-            thread_id: "thread-spawn".to_string(),
-            product_client_id: "codex-tui".to_string(),
-            client_name: "codex-tui".to_string(),
-            client_version: "1.0.0".to_string(),
-            model: "gpt-5".to_string(),
-            ephemeral: true,
-            subagent_source: SubAgentSource::ThreadSpawn {
-                parent_thread_id,
-                depth: 1,
-                agent_path: None,
-                agent_nickname: None,
-                agent_role: None,
-            },
-            created_at: 124,
-        },
-    ));
-
-    let payload = serde_json::to_value(&event).expect("serialize thread spawn subagent event");
-    assert_eq!(payload["event_params"]["thread_source"], "subagent");
-    assert_eq!(payload["event_params"]["subagent_source"], "thread_spawn");
-    assert_eq!(
-        payload["event_params"]["parent_thread_id"],
-        "11111111-1111-1111-1111-111111111111"
-    );
-}
-
-#[test]
-fn subagent_thread_started_memory_consolidation_serializes_expected_shape() {
-    let event = TrackEventRequest::ThreadInitialized(subagent_thread_started_event_request(
-        SubAgentThreadStartedInput {
-            thread_id: "thread-memory".to_string(),
-            product_client_id: "codex-tui".to_string(),
-            client_name: "codex-tui".to_string(),
-            client_version: "1.0.0".to_string(),
-            model: "gpt-5".to_string(),
-            ephemeral: false,
-            subagent_source: SubAgentSource::MemoryConsolidation,
-            created_at: 125,
-        },
-    ));
-
-    let payload =
-        serde_json::to_value(&event).expect("serialize memory consolidation subagent event");
-    assert_eq!(
-        payload["event_params"]["subagent_source"],
-        "memory_consolidation"
-    );
-    assert_eq!(payload["event_params"]["parent_thread_id"], json!(null));
-}
-
-#[test]
-fn subagent_thread_started_other_serializes_expected_shape() {
-    let event = TrackEventRequest::ThreadInitialized(subagent_thread_started_event_request(
-        SubAgentThreadStartedInput {
-            thread_id: "thread-guardian".to_string(),
-            product_client_id: "codex-tui".to_string(),
-            client_name: "codex-tui".to_string(),
-            client_version: "1.0.0".to_string(),
-            model: "gpt-5".to_string(),
-            ephemeral: false,
-            subagent_source: SubAgentSource::Other("guardian".to_string()),
-            created_at: 126,
-        },
-    ));
-
-    let payload = serde_json::to_value(&event).expect("serialize other subagent event");
-    assert_eq!(payload["event_params"]["subagent_source"], "guardian");
-}
-
-#[tokio::test]
-async fn subagent_thread_started_publishes_without_initialize() {
-    let mut reducer = AnalyticsReducer::default();
-    let mut events = Vec::new();
-
-    reducer
-        .ingest(
-            AnalyticsFact::Custom(CustomAnalyticsFact::SubAgentThreadStarted(
-                SubAgentThreadStartedInput {
-                    thread_id: "thread-review".to_string(),
-                    product_client_id: "codex-tui".to_string(),
-                    client_name: "codex-tui".to_string(),
-                    client_version: "1.0.0".to_string(),
-                    model: "gpt-5".to_string(),
-                    ephemeral: false,
-                    subagent_source: SubAgentSource::Review,
-                    created_at: 127,
-                },
-            )),
-            &mut events,
-        )
-        .await;
-
-    let payload = serde_json::to_value(&events).expect("serialize events");
-    assert_eq!(payload.as_array().expect("events array").len(), 1);
-    assert_eq!(payload[0]["event_type"], "codex_thread_initialized");
-    assert_eq!(
-        payload[0]["event_params"]["app_server_client"]["product_client_id"],
-        "codex-tui"
-    );
-    assert_eq!(payload[0]["event_params"]["thread_source"], "subagent");
-    assert_eq!(payload[0]["event_params"]["subagent_source"], "review");
-}
-
 #[test]
 fn plugin_used_event_serializes_expected_shape() {
    let tracking = TrackEventsContext {
--- a/codex-rs/analytics/src/client.rs
+++ b/codex-rs/analytics/src/client.rs
@@ -11,7 +11,6 @@ use crate::facts::PluginState;
 use crate::facts::PluginStateChangedInput;
 use crate::facts::SkillInvocation;
 use crate::facts::SkillInvokedInput;
-use crate::facts::SubAgentThreadStartedInput;
 use crate::facts::TrackEventsContext;
 use crate::reducer::AnalyticsReducer;
 use codex_app_server_protocol::ClientResponse;
@@ -145,12 +144,6 @@ impl AnalyticsEventsClient {
        });
    }

-    pub fn track_subagent_thread_started(&self, input: SubAgentThreadStartedInput) {
-        self.record_fact(AnalyticsFact::Custom(
-            CustomAnalyticsFact::SubAgentThreadStarted(input),
-        ));
-    }
-
    pub fn track_app_mentioned(&self, tracking: TrackEventsContext, mentions: Vec<AppInvocation>) {
        if mentions.is_empty() {
            return;
--- a/codex-rs/analytics/src/events.rs
+++ b/codex-rs/analytics/src/events.rs
@@ -1,12 +1,10 @@
 use crate::facts::AppInvocation;
 use crate::facts::InvocationType;
 use crate::facts::PluginState;
-use crate::facts::SubAgentThreadStartedInput;
 use crate::facts::TrackEventsContext;
 use codex_login::default_client::originator;
 use codex_plugin::PluginTelemetryMetadata;
 use codex_protocol::protocol::SessionSource;
-use codex_protocol::protocol::SubAgentSource;
 use serde::Serialize;

 #[derive(Clone, Copy, Debug, Serialize)]
@@ -230,49 +228,3 @@ pub(crate) fn current_runtime_metadata() -> CodexRuntimeMetadata {
        runtime_arch: std::env::consts::ARCH.to_string(),
    }
 }
-
-pub(crate) fn subagent_thread_started_event_request(
-    input: SubAgentThreadStartedInput,
-) -> ThreadInitializedEvent {
-    let event_params = ThreadInitializedEventParams {
-        thread_id: input.thread_id,
-        app_server_client: CodexAppServerClientMetadata {
-            product_client_id: input.product_client_id,
-            client_name: Some(input.client_name),
-            client_version: Some(input.client_version),
-            rpc_transport: AppServerRpcTransport::InProcess,
-            experimental_api_enabled: None,
-        },
-        runtime: current_runtime_metadata(),
-        model: input.model,
-        ephemeral: input.ephemeral,
-        thread_source: Some("subagent"),
-        initialization_mode: ThreadInitializationMode::New,
-        subagent_source: Some(subagent_source_name(&input.subagent_source)),
-        parent_thread_id: subagent_parent_thread_id(&input.subagent_source),
-        created_at: input.created_at,
-    };
-    ThreadInitializedEvent {
-        event_type: "codex_thread_initialized",
-        event_params,
-    }
-}
-
-fn subagent_source_name(subagent_source: &SubAgentSource) -> String {
-    match subagent_source {
-        SubAgentSource::Review => "review".to_string(),
-        SubAgentSource::Compact => "compact".to_string(),
-        SubAgentSource::ThreadSpawn { .. } => "thread_spawn".to_string(),
-        SubAgentSource::MemoryConsolidation => "memory_consolidation".to_string(),
-        SubAgentSource::Other(other) => other.clone(),
-    }
-}
-
-fn subagent_parent_thread_id(subagent_source: &SubAgentSource) -> Option<String> {
-    match subagent_source {
-        SubAgentSource::ThreadSpawn {
-            parent_thread_id, ..
-        } => Some(parent_thread_id.to_string()),
-        _ => None,
-    }
-}
--- a/codex-rs/analytics/src/facts.rs
+++ b/codex-rs/analytics/src/facts.rs
@@ -7,7 +7,6 @@ use codex_app_server_protocol::RequestId;
 use codex_app_server_protocol::ServerNotification;
 use codex_plugin::PluginTelemetryMetadata;
 use codex_protocol::protocol::SkillScope;
-use codex_protocol::protocol::SubAgentSource;
 use serde::Serialize;
 use std::path::PathBuf;

@@ -51,18 +50,6 @@ pub struct AppInvocation {
    pub invocation_type: Option<InvocationType>,
 }

-#[derive(Clone)]
-pub struct SubAgentThreadStartedInput {
-    pub thread_id: String,
-    pub product_client_id: String,
-    pub client_name: String,
-    pub client_version: String,
-    pub model: String,
-    pub ephemeral: bool,
-    pub subagent_source: SubAgentSource,
-    pub created_at: u64,
-}
-
 #[allow(dead_code)]
 pub(crate) enum AnalyticsFact {
    Initialize {
@@ -88,7 +75,6 @@ pub(crate) enum AnalyticsFact {
 }

 pub(crate) enum CustomAnalyticsFact {
-    SubAgentThreadStarted(SubAgentThreadStartedInput),
    SkillInvoked(SkillInvokedInput),
    AppMentioned(AppMentionedInput),
    AppUsed(AppUsedInput),
--- a/codex-rs/analytics/src/lib.rs
+++ b/codex-rs/analytics/src/lib.rs
@@ -8,7 +8,6 @@ pub use events::AppServerRpcTransport;
 pub use facts::AppInvocation;
 pub use facts::InvocationType;
 pub use facts::SkillInvocation;
-pub use facts::SubAgentThreadStartedInput;
 pub use facts::TrackEventsContext;
 pub use facts::build_track_events_context;

--- a/codex-rs/analytics/src/reducer.rs
+++ b/codex-rs/analytics/src/reducer.rs
@@ -15,7 +15,6 @@ use crate::events::codex_app_metadata;
 use crate::events::codex_plugin_metadata;
 use crate::events::codex_plugin_used_metadata;
 use crate::events::plugin_state_event_type;
-use crate::events::subagent_thread_started_event_request;
 use crate::events::thread_source_name;
 use crate::facts::AnalyticsFact;
 use crate::facts::AppMentionedInput;
@@ -25,7 +24,6 @@ use crate::facts::PluginState;
 use crate::facts::PluginStateChangedInput;
 use crate::facts::PluginUsedInput;
 use crate::facts::SkillInvokedInput;
-use crate::facts::SubAgentThreadStartedInput;
 use codex_app_server_protocol::ClientResponse;
 use codex_app_server_protocol::InitializeParams;
 use codex_git_utils::collect_git_info;
@@ -78,9 +76,6 @@ impl AnalyticsReducer {
            }
            AnalyticsFact::Notification(_notification) => {}
            AnalyticsFact::Custom(input) => match input {
-                CustomAnalyticsFact::SubAgentThreadStarted(input) => {
-                    self.ingest_subagent_thread_started(input, out);
-                }
                CustomAnalyticsFact::SkillInvoked(input) => {
                    self.ingest_skill_invoked(input, out).await;
                }
@@ -125,16 +120,6 @@ impl AnalyticsReducer {
        );
    }

-    fn ingest_subagent_thread_started(
-        &mut self,
-        input: SubAgentThreadStartedInput,
-        out: &mut Vec<TrackEventRequest>,
-    ) {
-        out.push(TrackEventRequest::ThreadInitialized(
-            subagent_thread_started_event_request(input),
-        ));
-    }
-
    async fn ingest_skill_invoked(
        &mut self,
        input: SkillInvokedInput,
--- a/codex-rs/app-server-client/src/lib.rs
+++ b/codex-rs/app-server-client/src/lib.rs
@@ -1060,9 +1060,6 @@ mod tests {
                items: Vec::new(),
                status: codex_app_server_protocol::TurnStatus::Completed,
                error: None,
-                started_at: None,
-                completed_at: Some(0),
-                duration_ms: Some(1),
            },
        })
    }
@@ -1837,9 +1834,6 @@ mod tests {
                            items: Vec::new(),
                            status: codex_app_server_protocol::TurnStatus::Completed,
                            error: None,
-                            started_at: None,
-                            completed_at: Some(0),
-                            duration_ms: None,
                        },
                    }
                )
--- a/codex-rs/app-server-protocol/Cargo.toml
+++ b/codex-rs/app-server-protocol/Cargo.toml
@@ -17,12 +17,12 @@ clap = { workspace = true, features = ["derive"] }
 codex-experimental-api-macros = { workspace = true }
 codex-git-utils = { workspace = true }
 codex-protocol = { workspace = true }
-codex-shell-command = { workspace = true }
 codex-utils-absolute-path = { workspace = true }
 schemars = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 serde_with = { workspace = true }
+shlex = { workspace = true }
 strum_macros = { workspace = true }
 thiserror = { workspace = true }
 rmcp = { workspace = true, default-features = false, features = [
--- a/codex-rs/app-server-protocol/schema/json/ClientRequest.json
+++ b/codex-rs/app-server-protocol/schema/json/ClientRequest.json
@@ -147,6 +147,115 @@
      ],
      "type": "object"
    },
+    "CodexAvatarAdminAwardGrantParams": {
+      "properties": {
+        "accountUserId": {
+          "type": "string"
+        },
+        "avatarId": {
+          "type": "string"
+        },
+        "awardId": {
+          "type": "string"
+        },
+        "awardedAt": {
+          "format": "int64",
+          "type": [
+            "integer",
+            "null"
+          ]
+        },
+        "awardedBy": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "metadataJson": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "sourceRef": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "sourceSummary": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "sourceType": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "accountUserId",
+        "avatarId",
+        "awardId",
+        "sourceType"
+      ],
+      "type": "object"
+    },
+    "CodexAvatarAdminCapabilitiesReadParams": {
+      "type": "object"
+    },
+    "CodexAvatarAdminProofDropGrantParams": {
+      "properties": {
+        "accountUserId": {
+          "type": "string"
+        },
+        "awardId": {
+          "type": "string"
+        },
+        "awardedAt": {
+          "format": "int64",
+          "type": [
+            "integer",
+            "null"
+          ]
+        },
+        "sourceRef": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "sourceSummary": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "sourceType": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "accountUserId",
+        "awardId",
+        "sourceType"
+      ],
+      "type": "object"
+    },
+    "CodexAvatarEquipParams": {
+      "properties": {
+        "avatarId": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "avatarId"
+      ],
+      "type": "object"
+    },
+    "CodexAvatarInventoryReadParams": {
+      "type": "object"
+    },
    "CollaborationMode": {
      "description": "Collaboration mode for a Codex session.",
      "properties": {
@@ -1042,17 +1151,6 @@
            "null"
          ]
        },
-        "detail": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/McpServerStatusDetail"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Controls how much MCP inventory data to fetch for each server. Defaults to `Full` when omitted."
-        },
        "limit": {
          "description": "Optional page size; defaults to a server-defined value.",
          "format": "uint32",
@@ -1219,25 +1317,6 @@
        }
      ]
    },
-    "McpResourceReadParams": {
-      "properties": {
-        "server": {
-          "type": "string"
-        },
-        "threadId": {
-          "type": "string"
-        },
-        "uri": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "server",
-        "threadId",
-        "uri"
-      ],
-      "type": "object"
-    },
    "McpServerOauthLoginParams": {
      "properties": {
        "name": {
@@ -1265,13 +1344,6 @@
      ],
      "type": "object"
    },
-    "McpServerStatusDetail": {
-      "enum": [
-        "full",
-        "toolsAndAuthOnly"
-      ],
-      "type": "string"
-    },
    "MergeStrategy": {
      "enum": [
        "replace",
@@ -4457,30 +4529,6 @@
      "title": "McpServerStatus/listRequest",
      "type": "object"
    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "mcpServer/resource/read"
-          ],
-          "title": "McpServer/resource/readRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/McpResourceReadParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "McpServer/resource/readRequest",
-      "type": "object"
-    },
    {
      "properties": {
        "id": {
@@ -4599,6 +4647,126 @@
      "title": "Account/rateLimits/readRequest",
      "type": "object"
    },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "avatar/inventory/read"
+          ],
+          "title": "Avatar/inventory/readRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/CodexAvatarInventoryReadParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Avatar/inventory/readRequest",
+      "type": "object"
+    },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "avatar/equip"
+          ],
+          "title": "Avatar/equipRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/CodexAvatarEquipParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Avatar/equipRequest",
+      "type": "object"
+    },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "avatar/admin/award"
+          ],
+          "title": "Avatar/admin/awardRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/CodexAvatarAdminAwardGrantParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Avatar/admin/awardRequest",
+      "type": "object"
+    },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "avatar/admin/proof-drop"
+          ],
+          "title": "Avatar/admin/proofDropRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/CodexAvatarAdminProofDropGrantParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Avatar/admin/proofDropRequest",
+      "type": "object"
+    },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "avatar/admin/capabilities/read"
+          ],
+          "title": "Avatar/admin/capabilities/readRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/CodexAvatarAdminCapabilitiesReadParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Avatar/admin/capabilities/readRequest",
+      "type": "object"
+    },
    {
      "properties": {
        "id": {
--- a/codex-rs/app-server-protocol/schema/json/CodexAvatarAward.json
+++ b/codex-rs/app-server-protocol/schema/json/CodexAvatarAward.json
@@ -0,0 +1,54 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "properties": {
+    "accountUserId": {
+      "type": "string"
+    },
+    "avatarId": {
+      "type": "string"
+    },
+    "awardId": {
+      "type": "string"
+    },
+    "awardedAt": {
+      "format": "int64",
+      "type": "integer"
+    },
+    "awardedBy": {
+      "type": [
+        "string",
+        "null"
+      ]
+    },
+    "metadataJson": {
+      "type": [
+        "string",
+        "null"
+      ]
+    },
+    "sourceRef": {
+      "type": [
+        "string",
+        "null"
+      ]
+    },
+    "sourceSummary": {
+      "type": [
+        "string",
+        "null"
+      ]
+    },
+    "sourceType": {
+      "type": "string"
+    }
+  },
+  "required": [
+    "accountUserId",
+    "avatarId",
+    "awardId",
+    "awardedAt",
+    "sourceType"
+  ],
+  "title": "CodexAvatarAward",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/ServerNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/ServerNotification.json
@@ -1163,176 +1163,6 @@
      ],
      "type": "object"
    },
-    "GuardianApprovalReviewAction": {
-      "oneOf": [
-        {
-          "properties": {
-            "command": {
-              "type": "string"
-            },
-            "cwd": {
-              "type": "string"
-            },
-            "source": {
-              "$ref": "#/definitions/GuardianCommandSource"
-            },
-            "type": {
-              "enum": [
-                "command"
-              ],
-              "title": "CommandGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "command",
-            "cwd",
-            "source",
-            "type"
-          ],
-          "title": "CommandGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "argv": {
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            },
-            "cwd": {
-              "type": "string"
-            },
-            "program": {
-              "type": "string"
-            },
-            "source": {
-              "$ref": "#/definitions/GuardianCommandSource"
-            },
-            "type": {
-              "enum": [
-                "execve"
-              ],
-              "title": "ExecveGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "argv",
-            "cwd",
-            "program",
-            "source",
-            "type"
-          ],
-          "title": "ExecveGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "cwd": {
-              "type": "string"
-            },
-            "files": {
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            },
-            "type": {
-              "enum": [
-                "applyPatch"
-              ],
-              "title": "ApplyPatchGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "cwd",
-            "files",
-            "type"
-          ],
-          "title": "ApplyPatchGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "host": {
-              "type": "string"
-            },
-            "port": {
-              "format": "uint16",
-              "minimum": 0.0,
-              "type": "integer"
-            },
-            "protocol": {
-              "$ref": "#/definitions/NetworkApprovalProtocol"
-            },
-            "target": {
-              "type": "string"
-            },
-            "type": {
-              "enum": [
-                "networkAccess"
-              ],
-              "title": "NetworkAccessGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "host",
-            "port",
-            "protocol",
-            "target",
-            "type"
-          ],
-          "title": "NetworkAccessGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "connectorId": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "connectorName": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "server": {
-              "type": "string"
-            },
-            "toolName": {
-              "type": "string"
-            },
-            "toolTitle": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "type": {
-              "enum": [
-                "mcpToolCall"
-              ],
-              "title": "McpToolCallGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "server",
-            "toolName",
-            "type"
-          ],
-          "title": "McpToolCallGuardianApprovalReviewAction",
-          "type": "object"
-        }
-      ]
-    },
    "GuardianApprovalReviewStatus": {
      "description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
      "enum": [
@@ -1343,13 +1173,6 @@
      ],
      "type": "string"
    },
-    "GuardianCommandSource": {
-      "enum": [
-        "shell",
-        "unifiedExec"
-      ],
-      "type": "string"
-    },
    "GuardianRiskLevel": {
      "description": "[UNSTABLE] Risk level assigned by guardian approval review.",
      "enum": [
@@ -1577,9 +1400,7 @@
    "ItemGuardianApprovalReviewCompletedNotification": {
      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
      "properties": {
-        "action": {
-          "$ref": "#/definitions/GuardianApprovalReviewAction"
-        },
+        "action": true,
        "review": {
          "$ref": "#/definitions/GuardianApprovalReview"
        },
@@ -1594,7 +1415,6 @@
        }
      },
      "required": [
-        "action",
        "review",
        "targetItemId",
        "threadId",
@@ -1605,9 +1425,7 @@
    "ItemGuardianApprovalReviewStartedNotification": {
      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
      "properties": {
-        "action": {
-          "$ref": "#/definitions/GuardianApprovalReviewAction"
-        },
+        "action": true,
        "review": {
          "$ref": "#/definitions/GuardianApprovalReview"
        },
@@ -1622,7 +1440,6 @@
        }
      },
      "required": [
-        "action",
        "review",
        "targetItemId",
        "threadId",
@@ -1855,15 +1672,6 @@
      ],
      "type": "object"
    },
-    "NetworkApprovalProtocol": {
-      "enum": [
-        "http",
-        "https",
-        "socks5Tcp",
-        "socks5Udp"
-      ],
-      "type": "string"
-    },
    "NonSteerableTurnKind": {
      "enum": [
        "review",
@@ -2425,13 +2233,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -3532,22 +3333,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -3569,14 +3354,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json
+++ b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json
--- a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json
+++ b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json
--- a/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarAdminAwardGrantParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarAdminAwardGrantParams.json
@@ -0,0 +1,56 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "properties": {
+    "accountUserId": {
+      "type": "string"
+    },
+    "avatarId": {
+      "type": "string"
+    },
+    "awardId": {
+      "type": "string"
+    },
+    "awardedAt": {
+      "format": "int64",
+      "type": [
+        "integer",
+        "null"
+      ]
+    },
+    "awardedBy": {
+      "type": [
+        "string",
+        "null"
+      ]
+    },
+    "metadataJson": {
+      "type": [
+        "string",
+        "null"
+      ]
+    },
+    "sourceRef": {
+      "type": [
+        "string",
+        "null"
+      ]
+    },
+    "sourceSummary": {
+      "type": [
+        "string",
+        "null"
+      ]
+    },
+    "sourceType": {
+      "type": "string"
+    }
+  },
+  "required": [
+    "accountUserId",
+    "avatarId",
+    "awardId",
+    "sourceType"
+  ],
+  "title": "CodexAvatarAdminAwardGrantParams",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarAdminCapabilitiesReadParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarAdminCapabilitiesReadParams.json
@@ -0,0 +1,5 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "CodexAvatarAdminCapabilitiesReadParams",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarAdminCapabilitiesReadResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarAdminCapabilitiesReadResponse.json
@@ -0,0 +1,17 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "properties": {
+    "canGrantAwards": {
+      "type": "boolean"
+    },
+    "canGrantProofDropBoxes": {
+      "type": "boolean"
+    }
+  },
+  "required": [
+    "canGrantAwards",
+    "canGrantProofDropBoxes"
+  ],
+  "title": "CodexAvatarAdminCapabilitiesReadResponse",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarEquipParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarEquipParams.json
@@ -0,0 +1,13 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "properties": {
+    "avatarId": {
+      "type": "string"
+    }
+  },
+  "required": [
+    "avatarId"
+  ],
+  "title": "CodexAvatarEquipParams",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarInventoryReadParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarInventoryReadParams.json
@@ -0,0 +1,5 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "CodexAvatarInventoryReadParams",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarInventoryReadResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/CodexAvatarInventoryReadResponse.json
@@ -0,0 +1,286 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "definitions": {
+    "CodexAvatarBoxOddsBucket": {
+      "properties": {
+        "bucketId": {
+          "type": "string"
+        },
+        "label": {
+          "type": "string"
+        },
+        "probabilityPercent": {
+          "format": "int64",
+          "type": "integer"
+        }
+      },
+      "required": [
+        "bucketId",
+        "label",
+        "probabilityPercent"
+      ],
+      "type": "object"
+    },
+    "CodexAvatarBoxRules": {
+      "properties": {
+        "guaranteedNewThreshold": {
+          "format": "int64",
+          "type": "integer"
+        },
+        "legendaryPityThreshold": {
+          "format": "int64",
+          "type": "integer"
+        },
+        "odds": {
+          "items": {
+            "$ref": "#/definitions/CodexAvatarBoxOddsBucket"
+          },
+          "type": "array"
+        },
+        "oddsTableVersion": {
+          "type": "string"
+        },
+        "rareOrBetterPityThreshold": {
+          "format": "int64",
+          "type": "integer"
+        },
+        "rulesetVersion": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "guaranteedNewThreshold",
+        "legendaryPityThreshold",
+        "odds",
+        "oddsTableVersion",
+        "rareOrBetterPityThreshold",
+        "rulesetVersion"
+      ],
+      "type": "object"
+    },
+    "CodexAvatarDefinition": {
+      "properties": {
+        "accentClassName": {
+          "type": "string"
+        },
+        "assetRef": {
+          "type": "string"
+        },
+        "avatarId": {
+          "type": "string"
+        },
+        "collectionDescription": {
+          "type": "string"
+        },
+        "collectionName": {
+          "type": "string"
+        },
+        "description": {
+          "type": "string"
+        },
+        "displayName": {
+          "type": "string"
+        },
+        "isProgressVisible": {
+          "type": "boolean"
+        },
+        "lore": {
+          "type": "string"
+        },
+        "rarity": {
+          "$ref": "#/definitions/CodexAvatarRarity"
+        },
+        "silhouetteGlowClassName": {
+          "type": "string"
+        },
+        "sortOrder": {
+          "format": "int64",
+          "type": "integer"
+        },
+        "status": {
+          "$ref": "#/definitions/CodexAvatarStatus"
+        }
+      },
+      "required": [
+        "accentClassName",
+        "assetRef",
+        "avatarId",
+        "collectionDescription",
+        "collectionName",
+        "description",
+        "displayName",
+        "isProgressVisible",
+        "lore",
+        "rarity",
+        "silhouetteGlowClassName",
+        "sortOrder",
+        "status"
+      ],
+      "type": "object"
+    },
+    "CodexAvatarOwnership": {
+      "properties": {
+        "accountUserId": {
+          "type": "string"
+        },
+        "avatarId": {
+          "type": "string"
+        },
+        "sourceSummary": {
+          "type": [
+            "string",
+            "null"
+          ]
+        }
+      },
+      "required": [
+        "accountUserId",
+        "avatarId"
+      ],
+      "type": "object"
+    },
+    "CodexAvatarPityState": {
+      "properties": {
+        "guaranteedNewAvailable": {
+          "type": "boolean"
+        },
+        "nonNewOutcomeStreak": {
+          "format": "int64",
+          "type": "integer"
+        },
+        "rollsSinceLegendary": {
+          "format": "int64",
+          "type": "integer"
+        },
+        "rollsSinceRareOrBetter": {
+          "format": "int64",
+          "type": "integer"
+        }
+      },
+      "required": [
+        "guaranteedNewAvailable",
+        "nonNewOutcomeStreak",
+        "rollsSinceLegendary",
+        "rollsSinceRareOrBetter"
+      ],
+      "type": "object"
+    },
+    "CodexAvatarRarity": {
+      "enum": [
+        "common",
+        "rare",
+        "epic",
+        "legendary"
+      ],
+      "type": "string"
+    },
+    "CodexAvatarRevealAward": {
+      "properties": {
+        "awardId": {
+          "type": "string"
+        },
+        "awardedAt": {
+          "format": "int64",
+          "type": "integer"
+        },
+        "metadataJson": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "outcomeAvatarId": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "outcomeKind": {
+          "type": "string"
+        },
+        "pityStateAfter": {
+          "$ref": "#/definitions/CodexAvatarPityState"
+        },
+        "sourceRef": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "sourceSummary": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "sourceType": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "awardId",
+        "awardedAt",
+        "outcomeKind",
+        "pityStateAfter",
+        "sourceType"
+      ],
+      "type": "object"
+    },
+    "CodexAvatarStatus": {
+      "enum": [
+        "active",
+        "hidden",
+        "retired"
+      ],
+      "type": "string"
+    }
+  },
+  "properties": {
+    "accountUserId": {
+      "type": "string"
+    },
+    "avatarDefinitions": {
+      "items": {
+        "$ref": "#/definitions/CodexAvatarDefinition"
+      },
+      "type": "array"
+    },
+    "boxRules": {
+      "$ref": "#/definitions/CodexAvatarBoxRules"
+    },
+    "equippedAvatarId": {
+      "type": "string"
+    },
+    "ownedAvatars": {
+      "items": {
+        "$ref": "#/definitions/CodexAvatarOwnership"
+      },
+      "type": "array"
+    },
+    "pendingRevealAwards": {
+      "items": {
+        "$ref": "#/definitions/CodexAvatarRevealAward"
+      },
+      "type": "array"
+    },
+    "pityState": {
+      "$ref": "#/definitions/CodexAvatarPityState"
+    },
+    "updatedAt": {
+      "format": "int64",
+      "type": "integer"
+    }
+  },
+  "required": [
+    "accountUserId",
+    "avatarDefinitions",
+    "boxRules",
+    "equippedAvatarId",
+    "ownedAvatars",
+    "pendingRevealAwards",
+    "pityState",
+    "updatedAt"
+  ],
+  "title": "CodexAvatarInventoryReadResponse",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json
@@ -1,14 +1,6 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
  "definitions": {
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AskForApproval": {
      "oneOf": [
        {
@@ -151,12 +143,6 @@
            "null"
          ]
        },
-        "dangerFullAccessDenylistOnly": {
-          "type": [
-            "boolean",
-            "null"
-          ]
-        },
        "dangerouslyAllowAllUnixSockets": {
          "type": [
            "boolean",
--- a/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json
@@ -37,176 +37,6 @@
      ],
      "type": "object"
    },
-    "GuardianApprovalReviewAction": {
-      "oneOf": [
-        {
-          "properties": {
-            "command": {
-              "type": "string"
-            },
-            "cwd": {
-              "type": "string"
-            },
-            "source": {
-              "$ref": "#/definitions/GuardianCommandSource"
-            },
-            "type": {
-              "enum": [
-                "command"
-              ],
-              "title": "CommandGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "command",
-            "cwd",
-            "source",
-            "type"
-          ],
-          "title": "CommandGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "argv": {
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            },
-            "cwd": {
-              "type": "string"
-            },
-            "program": {
-              "type": "string"
-            },
-            "source": {
-              "$ref": "#/definitions/GuardianCommandSource"
-            },
-            "type": {
-              "enum": [
-                "execve"
-              ],
-              "title": "ExecveGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "argv",
-            "cwd",
-            "program",
-            "source",
-            "type"
-          ],
-          "title": "ExecveGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "cwd": {
-              "type": "string"
-            },
-            "files": {
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            },
-            "type": {
-              "enum": [
-                "applyPatch"
-              ],
-              "title": "ApplyPatchGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "cwd",
-            "files",
-            "type"
-          ],
-          "title": "ApplyPatchGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "host": {
-              "type": "string"
-            },
-            "port": {
-              "format": "uint16",
-              "minimum": 0.0,
-              "type": "integer"
-            },
-            "protocol": {
-              "$ref": "#/definitions/NetworkApprovalProtocol"
-            },
-            "target": {
-              "type": "string"
-            },
-            "type": {
-              "enum": [
-                "networkAccess"
-              ],
-              "title": "NetworkAccessGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "host",
-            "port",
-            "protocol",
-            "target",
-            "type"
-          ],
-          "title": "NetworkAccessGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "connectorId": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "connectorName": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "server": {
-              "type": "string"
-            },
-            "toolName": {
-              "type": "string"
-            },
-            "toolTitle": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "type": {
-              "enum": [
-                "mcpToolCall"
-              ],
-              "title": "McpToolCallGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "server",
-            "toolName",
-            "type"
-          ],
-          "title": "McpToolCallGuardianApprovalReviewAction",
-          "type": "object"
-        }
-      ]
-    },
    "GuardianApprovalReviewStatus": {
      "description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
      "enum": [
@@ -217,13 +47,6 @@
      ],
      "type": "string"
    },
-    "GuardianCommandSource": {
-      "enum": [
-        "shell",
-        "unifiedExec"
-      ],
-      "type": "string"
-    },
    "GuardianRiskLevel": {
      "description": "[UNSTABLE] Risk level assigned by guardian approval review.",
      "enum": [
@@ -232,22 +55,11 @@
        "high"
      ],
      "type": "string"
-    },
-    "NetworkApprovalProtocol": {
-      "enum": [
-        "http",
-        "https",
-        "socks5Tcp",
-        "socks5Udp"
-      ],
-      "type": "string"
    }
  },
  "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
  "properties": {
-    "action": {
-      "$ref": "#/definitions/GuardianApprovalReviewAction"
-    },
+    "action": true,
    "review": {
      "$ref": "#/definitions/GuardianApprovalReview"
    },
@@ -262,7 +74,6 @@
    }
  },
  "required": [
-    "action",
    "review",
    "targetItemId",
    "threadId",
--- a/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json
@@ -37,176 +37,6 @@
      ],
      "type": "object"
    },
-    "GuardianApprovalReviewAction": {
-      "oneOf": [
-        {
-          "properties": {
-            "command": {
-              "type": "string"
-            },
-            "cwd": {
-              "type": "string"
-            },
-            "source": {
-              "$ref": "#/definitions/GuardianCommandSource"
-            },
-            "type": {
-              "enum": [
-                "command"
-              ],
-              "title": "CommandGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "command",
-            "cwd",
-            "source",
-            "type"
-          ],
-          "title": "CommandGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "argv": {
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            },
-            "cwd": {
-              "type": "string"
-            },
-            "program": {
-              "type": "string"
-            },
-            "source": {
-              "$ref": "#/definitions/GuardianCommandSource"
-            },
-            "type": {
-              "enum": [
-                "execve"
-              ],
-              "title": "ExecveGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "argv",
-            "cwd",
-            "program",
-            "source",
-            "type"
-          ],
-          "title": "ExecveGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "cwd": {
-              "type": "string"
-            },
-            "files": {
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            },
-            "type": {
-              "enum": [
-                "applyPatch"
-              ],
-              "title": "ApplyPatchGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "cwd",
-            "files",
-            "type"
-          ],
-          "title": "ApplyPatchGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "host": {
-              "type": "string"
-            },
-            "port": {
-              "format": "uint16",
-              "minimum": 0.0,
-              "type": "integer"
-            },
-            "protocol": {
-              "$ref": "#/definitions/NetworkApprovalProtocol"
-            },
-            "target": {
-              "type": "string"
-            },
-            "type": {
-              "enum": [
-                "networkAccess"
-              ],
-              "title": "NetworkAccessGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "host",
-            "port",
-            "protocol",
-            "target",
-            "type"
-          ],
-          "title": "NetworkAccessGuardianApprovalReviewAction",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "connectorId": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "connectorName": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "server": {
-              "type": "string"
-            },
-            "toolName": {
-              "type": "string"
-            },
-            "toolTitle": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "type": {
-              "enum": [
-                "mcpToolCall"
-              ],
-              "title": "McpToolCallGuardianApprovalReviewActionType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "server",
-            "toolName",
-            "type"
-          ],
-          "title": "McpToolCallGuardianApprovalReviewAction",
-          "type": "object"
-        }
-      ]
-    },
    "GuardianApprovalReviewStatus": {
      "description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
      "enum": [
@@ -217,13 +47,6 @@
      ],
      "type": "string"
    },
-    "GuardianCommandSource": {
-      "enum": [
-        "shell",
-        "unifiedExec"
-      ],
-      "type": "string"
-    },
    "GuardianRiskLevel": {
      "description": "[UNSTABLE] Risk level assigned by guardian approval review.",
      "enum": [
@@ -232,22 +55,11 @@
        "high"
      ],
      "type": "string"
-    },
-    "NetworkApprovalProtocol": {
-      "enum": [
-        "http",
-        "https",
-        "socks5Tcp",
-        "socks5Udp"
-      ],
-      "type": "string"
    }
  },
  "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
  "properties": {
-    "action": {
-      "$ref": "#/definitions/GuardianApprovalReviewAction"
-    },
+    "action": true,
    "review": {
      "$ref": "#/definitions/GuardianApprovalReview"
    },
@@ -262,7 +74,6 @@
    }
  },
  "required": [
-    "action",
    "review",
    "targetItemId",
    "threadId",
--- a/codex-rs/app-server-protocol/schema/json/v2/ListMcpServerStatusParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ListMcpServerStatusParams.json
@@ -1,14 +1,5 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "McpServerStatusDetail": {
-      "enum": [
-        "full",
-        "toolsAndAuthOnly"
-      ],
-      "type": "string"
-    }
-  },
  "properties": {
    "cursor": {
      "description": "Opaque pagination cursor returned by a previous call.",
@@ -17,17 +8,6 @@
        "null"
      ]
    },
-    "detail": {
-      "anyOf": [
-        {
-          "$ref": "#/definitions/McpServerStatusDetail"
-        },
-        {
-          "type": "null"
-        }
-      ],
-      "description": "Controls how much MCP inventory data to fetch for each server. Defaults to `Full` when omitted."
-    },
    "limit": {
      "description": "Optional page size; defaults to a server-defined value.",
      "format": "uint32",
--- a/codex-rs/app-server-protocol/schema/json/v2/McpResourceReadParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/McpResourceReadParams.json
@@ -1,21 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "properties": {
-    "server": {
-      "type": "string"
-    },
-    "threadId": {
-      "type": "string"
-    },
-    "uri": {
-      "type": "string"
-    }
-  },
-  "required": [
-    "server",
-    "threadId",
-    "uri"
-  ],
-  "title": "McpResourceReadParams",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/McpResourceReadResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/McpResourceReadResponse.json
@@ -1,69 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "ResourceContent": {
-      "anyOf": [
-        {
-          "properties": {
-            "_meta": true,
-            "mimeType": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "text": {
-              "type": "string"
-            },
-            "uri": {
-              "description": "The URI of this resource.",
-              "type": "string"
-            }
-          },
-          "required": [
-            "text",
-            "uri"
-          ],
-          "type": "object"
-        },
-        {
-          "properties": {
-            "_meta": true,
-            "blob": {
-              "type": "string"
-            },
-            "mimeType": {
-              "type": [
-                "string",
-                "null"
-              ]
-            },
-            "uri": {
-              "description": "The URI of this resource.",
-              "type": "string"
-            }
-          },
-          "required": [
-            "blob",
-            "uri"
-          ],
-          "type": "object"
-        }
-      ],
-      "description": "Contents returned when reading a resource from an MCP server."
-    }
-  },
-  "properties": {
-    "contents": {
-      "items": {
-        "$ref": "#/definitions/ResourceContent"
-      },
-      "type": "array"
-    }
-  },
-  "required": [
-    "contents"
-  ],
-  "title": "McpResourceReadResponse",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/ReviewStartResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ReviewStartResponse.json
@@ -1267,22 +1267,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1304,14 +1288,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json
@@ -1042,13 +1042,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -1856,22 +1849,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1893,14 +1870,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadListResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadListResponse.json
@@ -800,13 +800,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -1614,22 +1607,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1651,14 +1628,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadMetadataUpdateResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadMetadataUpdateResponse.json
@@ -800,13 +800,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -1614,22 +1607,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1651,14 +1628,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadReadResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadReadResponse.json
@@ -800,13 +800,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -1614,22 +1607,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1651,14 +1628,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json
@@ -1042,13 +1042,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -1856,22 +1849,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1893,14 +1870,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadRollbackResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadRollbackResponse.json
@@ -800,13 +800,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -1614,22 +1607,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1651,14 +1628,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json
@@ -1042,13 +1042,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -1856,22 +1849,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1893,14 +1870,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartedNotification.json
@@ -800,13 +800,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -1614,22 +1607,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1651,14 +1628,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadUnarchiveResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadUnarchiveResponse.json
@@ -800,13 +800,6 @@
          "description": "Whether the thread is ephemeral and should not be materialized on disk.",
          "type": "boolean"
        },
-        "forkedFromId": {
-          "description": "Source thread id when this thread was created by forking another thread.",
-          "type": [
-            "string",
-            "null"
-          ]
-        },
        "gitInfo": {
          "anyOf": [
            {
@@ -1614,22 +1607,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1651,14 +1628,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/TurnCompletedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/TurnCompletedNotification.json
@@ -1267,22 +1267,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1304,14 +1288,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/TurnStartResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/TurnStartResponse.json
@@ -1267,22 +1267,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1304,14 +1288,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/TurnStartedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/TurnStartedNotification.json
@@ -1267,22 +1267,6 @@
    },
    "Turn": {
      "properties": {
-        "completedAt": {
-          "description": "Unix timestamp (in seconds) when the turn completed.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "durationMs": {
-          "description": "Duration between turn start and completion in milliseconds, if known.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "error": {
          "anyOf": [
            {
@@ -1304,14 +1288,6 @@
          },
          "type": "array"
        },
-        "startedAt": {
-          "description": "Unix timestamp (in seconds) when the turn started.",
-          "format": "int64",
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
        "status": {
          "$ref": "#/definitions/TurnStatus"
        }
--- a/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts
--- a/codex-rs/app-server-protocol/schema/typescript/ResourceContent.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/ResourceContent.ts
@@ -1,17 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { JsonValue } from "./serde_json/JsonValue";
-
-/**
- * Contents returned when reading a resource from an MCP server.
- */
-export type ResourceContent = { 
-/**
- * The URI of this resource.
- */
-uri: string, mimeType?: string, text: string, _meta?: JsonValue, } | { 
-/**
- * The URI of this resource.
- */
-uri: string, mimeType?: string, blob: string, _meta?: JsonValue, };
--- a/codex-rs/app-server-protocol/schema/typescript/index.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/index.ts
@@ -55,7 +55,6 @@ export type { ReasoningItemReasoningSummary } from "./ReasoningItemReasoningSumm
 export type { ReasoningSummary } from "./ReasoningSummary";
 export type { RequestId } from "./RequestId";
 export type { Resource } from "./Resource";
-export type { ResourceContent } from "./ResourceContent";
 export type { ResourceTemplate } from "./ResourceTemplate";
 export type { ResponseItem } from "./ResponseItem";
 export type { ReviewDecision } from "./ReviewDecision";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarAdminAwardGrantParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarAdminAwardGrantParams.ts
@@ -0,0 +1,5 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type CodexAvatarAdminAwardGrantParams = { accountUserId: string, awardId: string, avatarId: string, sourceType: string, sourceRef?: string | null, awardedAt?: bigint | null, awardedBy?: string | null, metadataJson?: string | null, sourceSummary?: string | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarAdminCapabilitiesReadParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarAdminCapabilitiesReadParams.ts
@@ -2,4 +2,4 @@

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

-export type McpResourceReadParams = { threadId: string, server: string, uri: string, };
+export type CodexAvatarAdminCapabilitiesReadParams = Record<string, never>;
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarAdminCapabilitiesReadResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarAdminCapabilitiesReadResponse.ts
@@ -1,6 +1,5 @@
 // GENERATED CODE! DO NOT MODIFY BY HAND!

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { ResourceContent } from "../ResourceContent";

-export type McpResourceReadResponse = { contents: Array<ResourceContent>, };
+export type CodexAvatarAdminCapabilitiesReadResponse = { canGrantAwards: boolean, canGrantProofDropBoxes: boolean, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarAward.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarAward.ts
@@ -0,0 +1,5 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type CodexAvatarAward = { awardId: string, accountUserId: string, avatarId: string, sourceType: string, sourceRef: string | null, awardedAt: bigint, awardedBy: string | null, metadataJson: string | null, sourceSummary: string | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarDefinition.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarDefinition.ts
@@ -0,0 +1,7 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { CodexAvatarRarity } from "./CodexAvatarRarity";
+import type { CodexAvatarStatus } from "./CodexAvatarStatus";
+
+export type CodexAvatarDefinition = { avatarId: string, displayName: string, description: string, rarity: CodexAvatarRarity, assetRef: string, status: CodexAvatarStatus, sortOrder: bigint, collectionName: string, collectionDescription: string, lore: string, accentClassName: string, silhouetteGlowClassName: string, isProgressVisible: boolean, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarEquipParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarEquipParams.ts
@@ -2,4 +2,4 @@

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

-export type GuardianCommandSource = "shell" | "unifiedExec";
+export type CodexAvatarEquipParams = { avatarId: string, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarInventoryReadParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarInventoryReadParams.ts
@@ -0,0 +1,5 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type CodexAvatarInventoryReadParams = Record<string, never>;
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarInventoryReadResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarInventoryReadResponse.ts
@@ -0,0 +1,10 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { CodexAvatarBoxRules } from "./CodexAvatarBoxRules";
+import type { CodexAvatarDefinition } from "./CodexAvatarDefinition";
+import type { CodexAvatarOwnership } from "./CodexAvatarOwnership";
+import type { CodexAvatarPityState } from "./CodexAvatarPityState";
+import type { CodexAvatarRevealAward } from "./CodexAvatarRevealAward";
+
+export type CodexAvatarInventoryReadResponse = { accountUserId: string, avatarDefinitions: Array<CodexAvatarDefinition>, ownedAvatars: Array<CodexAvatarOwnership>, equippedAvatarId: string, boxRules: CodexAvatarBoxRules, pityState: CodexAvatarPityState, pendingRevealAwards: Array<CodexAvatarRevealAward>, updatedAt: bigint, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarOwnership.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarOwnership.ts
@@ -0,0 +1,5 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type CodexAvatarOwnership = { accountUserId: string, avatarId: string, sourceSummary: string | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarRarity.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CodexAvatarRarity.ts
@@ -0,0 +1,5 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type CodexAvatarRarity = "common" | "rare" | "epic" | "legendary";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/McpServerStatusDetail.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/McpServerStatusDetail.ts
@@ -2,4 +2,4 @@

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

-export type McpServerStatusDetail = "full" | "toolsAndAuthOnly";
+export type CodexAvatarStatus = "active" | "hidden" | "retired";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/GuardianApprovalReviewAction.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/GuardianApprovalReviewAction.ts
@@ -1,7 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { GuardianCommandSource } from "./GuardianCommandSource";
-import type { NetworkApprovalProtocol } from "./NetworkApprovalProtocol";
-
-export type GuardianApprovalReviewAction = { "type": "command", source: GuardianCommandSource, command: string, cwd: string, } | { "type": "execve", source: GuardianCommandSource, program: string, argv: Array<string>, cwd: string, } | { "type": "applyPatch", cwd: string, files: Array<string>, } | { "type": "networkAccess", target: string, host: string, protocol: NetworkApprovalProtocol, port: number, } | { "type": "mcpToolCall", server: string, toolName: string, connectorId: string | null, connectorName: string | null, toolTitle: string | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewCompletedNotification.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewCompletedNotification.ts
@@ -1,8 +1,8 @@
 // GENERATED CODE! DO NOT MODIFY BY HAND!

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { JsonValue } from "../serde_json/JsonValue";
 import type { GuardianApprovalReview } from "./GuardianApprovalReview";
-import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewAction";

 /**
 * [UNSTABLE] Temporary notification payload for guardian automatic approval
@@ -12,4 +12,4 @@ import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewActio
 * lifecycle instead of sending separate standalone review notifications so the
 * app-server API can persist and replay review state via `thread/read`.
 */
-export type ItemGuardianApprovalReviewCompletedNotification = { threadId: string, turnId: string, targetItemId: string, review: GuardianApprovalReview, action: GuardianApprovalReviewAction, };
+export type ItemGuardianApprovalReviewCompletedNotification = { threadId: string, turnId: string, targetItemId: string, review: GuardianApprovalReview, action: JsonValue | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewStartedNotification.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewStartedNotification.ts
@@ -1,8 +1,8 @@
 // GENERATED CODE! DO NOT MODIFY BY HAND!

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { JsonValue } from "../serde_json/JsonValue";
 import type { GuardianApprovalReview } from "./GuardianApprovalReview";
-import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewAction";

 /**
 * [UNSTABLE] Temporary notification payload for guardian automatic approval
@@ -12,4 +12,4 @@ import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewActio
 * lifecycle instead of sending separate standalone review notifications so the
 * app-server API can persist and replay review state via `thread/read`.
 */
-export type ItemGuardianApprovalReviewStartedNotification = { threadId: string, turnId: string, targetItemId: string, review: GuardianApprovalReview, action: GuardianApprovalReviewAction, };
+export type ItemGuardianApprovalReviewStartedNotification = { threadId: string, turnId: string, targetItemId: string, review: GuardianApprovalReview, action: JsonValue | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ListMcpServerStatusParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ListMcpServerStatusParams.ts
@@ -1,7 +1,6 @@
 // GENERATED CODE! DO NOT MODIFY BY HAND!

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { McpServerStatusDetail } from "./McpServerStatusDetail";

 export type ListMcpServerStatusParams = { 
 /**
@@ -11,9 +10,4 @@ cursor?: string | null,
 /**
 * Optional page size; defaults to a server-defined value.
 */
-limit?: number | null, 
-/**
- * Controls how much MCP inventory data to fetch for each server.
- * Defaults to `Full` when omitted.
- */
-detail?: McpServerStatusDetail | null, };
+limit?: number | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/NetworkRequirements.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/NetworkRequirements.ts
@@ -29,4 +29,4 @@ unixSockets: { [key in string]?: NetworkUnixSocketPermission } | null,
 /**
 * Legacy compatibility view derived from `unix_sockets`.
 */
-allowUnixSockets: Array<string> | null, allowLocalBinding: boolean | null, dangerFullAccessDenylistOnly: boolean | null, };
+allowUnixSockets: Array<string> | null, allowLocalBinding: boolean | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/Thread.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/Thread.ts
@@ -7,10 +7,6 @@ import type { ThreadStatus } from "./ThreadStatus";
 import type { Turn } from "./Turn";

 export type Thread = { id: string, 
-/**
- * Source thread id when this thread was created by forking another thread.
- */
-forkedFromId: string | null, 
 /**
 * Usually the first user message in the thread, if available.
 */
--- a/codex-rs/app-server-protocol/schema/typescript/v2/Turn.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/Turn.ts
@@ -15,16 +15,4 @@ items: Array<ThreadItem>, status: TurnStatus,
 /**
 * Only populated when the Turn's status is failed.
 */
-error: TurnError | null, 
-/**
- * Unix timestamp (in seconds) when the turn started.
- */
-startedAt: number | null, 
-/**
- * Unix timestamp (in seconds) when the turn completed.
- */
-completedAt: number | null, 
-/**
- * Duration between turn start and completion in milliseconds, if known.
- */
-durationMs: number | null, };
+error: TurnError | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/index.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/index.ts
@@ -31,6 +31,22 @@ export type { CancelLoginAccountStatus } from "./CancelLoginAccountStatus";
 export type { ChatgptAuthTokensRefreshParams } from "./ChatgptAuthTokensRefreshParams";
 export type { ChatgptAuthTokensRefreshReason } from "./ChatgptAuthTokensRefreshReason";
 export type { ChatgptAuthTokensRefreshResponse } from "./ChatgptAuthTokensRefreshResponse";
+export type { CodexAvatarAdminAwardGrantParams } from "./CodexAvatarAdminAwardGrantParams";
+export type { CodexAvatarAdminCapabilitiesReadParams } from "./CodexAvatarAdminCapabilitiesReadParams";
+export type { CodexAvatarAdminCapabilitiesReadResponse } from "./CodexAvatarAdminCapabilitiesReadResponse";
+export type { CodexAvatarAdminProofDropGrantParams } from "./CodexAvatarAdminProofDropGrantParams";
+export type { CodexAvatarAward } from "./CodexAvatarAward";
+export type { CodexAvatarBoxOddsBucket } from "./CodexAvatarBoxOddsBucket";
+export type { CodexAvatarBoxRules } from "./CodexAvatarBoxRules";
+export type { CodexAvatarDefinition } from "./CodexAvatarDefinition";
+export type { CodexAvatarEquipParams } from "./CodexAvatarEquipParams";
+export type { CodexAvatarInventoryReadParams } from "./CodexAvatarInventoryReadParams";
+export type { CodexAvatarInventoryReadResponse } from "./CodexAvatarInventoryReadResponse";
+export type { CodexAvatarOwnership } from "./CodexAvatarOwnership";
+export type { CodexAvatarPityState } from "./CodexAvatarPityState";
+export type { CodexAvatarRarity } from "./CodexAvatarRarity";
+export type { CodexAvatarRevealAward } from "./CodexAvatarRevealAward";
+export type { CodexAvatarStatus } from "./CodexAvatarStatus";
 export type { CodexErrorInfo } from "./CodexErrorInfo";
 export type { CollabAgentState } from "./CollabAgentState";
 export type { CollabAgentStatus } from "./CollabAgentStatus";
@@ -123,9 +139,7 @@ export type { GetAccountResponse } from "./GetAccountResponse";
 export type { GitInfo } from "./GitInfo";
 export type { GrantedPermissionProfile } from "./GrantedPermissionProfile";
 export type { GuardianApprovalReview } from "./GuardianApprovalReview";
-export type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewAction";
 export type { GuardianApprovalReviewStatus } from "./GuardianApprovalReviewStatus";
-export type { GuardianCommandSource } from "./GuardianCommandSource";
 export type { GuardianRiskLevel } from "./GuardianRiskLevel";
 export type { HookCompletedNotification } from "./HookCompletedNotification";
 export type { HookEventName } from "./HookEventName";
@@ -172,8 +186,6 @@ export type { McpElicitationTitledSingleSelectEnumSchema } from "./McpElicitatio
 export type { McpElicitationUntitledEnumItems } from "./McpElicitationUntitledEnumItems";
 export type { McpElicitationUntitledMultiSelectEnumSchema } from "./McpElicitationUntitledMultiSelectEnumSchema";
 export type { McpElicitationUntitledSingleSelectEnumSchema } from "./McpElicitationUntitledSingleSelectEnumSchema";
-export type { McpResourceReadParams } from "./McpResourceReadParams";
-export type { McpResourceReadResponse } from "./McpResourceReadResponse";
 export type { McpServerElicitationAction } from "./McpServerElicitationAction";
 export type { McpServerElicitationRequestParams } from "./McpServerElicitationRequestParams";
 export type { McpServerElicitationRequestResponse } from "./McpServerElicitationRequestResponse";
@@ -183,7 +195,6 @@ export type { McpServerOauthLoginResponse } from "./McpServerOauthLoginResponse"
 export type { McpServerRefreshResponse } from "./McpServerRefreshResponse";
 export type { McpServerStartupState } from "./McpServerStartupState";
 export type { McpServerStatus } from "./McpServerStatus";
-export type { McpServerStatusDetail } from "./McpServerStatusDetail";
 export type { McpServerStatusUpdatedNotification } from "./McpServerStatusUpdatedNotification";
 export type { McpToolCallError } from "./McpToolCallError";
 export type { McpToolCallProgressNotification } from "./McpToolCallProgressNotification";
--- a/codex-rs/app-server-protocol/src/export.rs
+++ b/codex-rs/app-server-protocol/src/export.rs
@@ -118,6 +118,7 @@ pub fn generate_ts_with_options(
    ServerRequest::export_all_to(out_dir)?;
    export_server_responses(out_dir)?;
    ServerNotification::export_all_to(out_dir)?;
+    crate::protocol::v2::CodexAvatarAward::export_all_to(out_dir)?;

    if !options.experimental_api {
        filter_experimental_ts(out_dir)?;
@@ -206,6 +207,12 @@ pub fn generate_json_with_experimental(out_dir: &Path, experimental_api: bool) -
        |d| write_json_schema_with_return::<crate::ServerRequest>(d, "ServerRequest"),
        |d| write_json_schema_with_return::<crate::ClientNotification>(d, "ClientNotification"),
        |d| write_json_schema_with_return::<crate::ServerNotification>(d, "ServerNotification"),
+        |d| {
+            write_json_schema_with_return::<crate::protocol::v2::CodexAvatarAward>(
+                d,
+                "CodexAvatarAward",
+            )
+        },
    ];

    let mut schemas: Vec<GeneratedSchema> = Vec::new();
--- a/codex-rs/app-server-protocol/src/lib.rs
+++ b/codex-rs/app-server-protocol/src/lib.rs
@@ -15,7 +15,6 @@ pub use export::generate_ts_with_options;
 pub use export::generate_types;
 pub use jsonrpc_lite::*;
 pub use protocol::common::*;
-pub use protocol::item_builders::*;
 pub use protocol::thread_history::*;
 pub use protocol::v1::ApplyPatchApprovalParams;
 pub use protocol::v1::ApplyPatchApprovalResponse;
--- a/codex-rs/app-server-protocol/src/protocol/common.rs
+++ b/codex-rs/app-server-protocol/src/protocol/common.rs
@@ -459,11 +459,6 @@ client_request_definitions! {
        response: v2::ListMcpServerStatusResponse,
    },

-    McpResourceRead => "mcpServer/resource/read" {
-        params: v2::McpResourceReadParams,
-        response: v2::McpResourceReadResponse,
-    },
-
    WindowsSandboxSetupStart => "windowsSandbox/setupStart" {
        params: v2::WindowsSandboxSetupStartParams,
        response: v2::WindowsSandboxSetupStartResponse,
@@ -490,6 +485,31 @@ client_request_definitions! {
        response: v2::GetAccountRateLimitsResponse,
    },

+    AvatarInventoryRead => "avatar/inventory/read" {
+        params: v2::CodexAvatarInventoryReadParams,
+        response: v2::CodexAvatarInventoryReadResponse,
+    },
+
+    AvatarEquip => "avatar/equip" {
+        params: v2::CodexAvatarEquipParams,
+        response: v2::CodexAvatarInventoryReadResponse,
+    },
+
+    AvatarAdminAward => "avatar/admin/award" {
+        params: v2::CodexAvatarAdminAwardGrantParams,
+        response: v2::CodexAvatarInventoryReadResponse,
+    },
+
+    AvatarAdminProofDrop => "avatar/admin/proof-drop" {
+        params: v2::CodexAvatarAdminProofDropGrantParams,
+        response: v2::CodexAvatarInventoryReadResponse,
+    },
+
+    AvatarAdminCapabilitiesRead => "avatar/admin/capabilities/read" {
+        params: v2::CodexAvatarAdminCapabilitiesReadParams,
+        response: v2::CodexAvatarAdminCapabilitiesReadResponse,
+    },
+
    FeedbackUpload => "feedback/upload" {
        params: v2::FeedbackUploadParams,
        response: v2::FeedbackUploadResponse,
@@ -1312,7 +1332,6 @@ mod tests {
            response: v2::ThreadStartResponse {
                thread: v2::Thread {
                    id: "67e55044-10b1-426f-9247-bb680e5fe0c8".to_string(),
-                    forked_from_id: None,
                    preview: "first prompt".to_string(),
                    ephemeral: true,
                    model_provider: "openai".to_string(),
@@ -1349,7 +1368,6 @@ mod tests {
                "response": {
                    "thread": {
                        "id": "67e55044-10b1-426f-9247-bb680e5fe0c8",
-                        "forkedFromId": null,
                        "preview": "first prompt",
                        "ephemeral": true,
                        "modelProvider": "openai",
@@ -1524,6 +1542,129 @@ mod tests {
        Ok(())
    }

+    #[test]
+    fn serialize_avatar_inventory_read() -> Result<()> {
+        let request = ClientRequest::AvatarInventoryRead {
+            request_id: RequestId::Integer(7),
+            params: v2::CodexAvatarInventoryReadParams::default(),
+        };
+        assert_eq!(
+            json!({
+                "method": "avatar/inventory/read",
+                "id": 7,
+                "params": {}
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
+    #[test]
+    fn serialize_avatar_equip() -> Result<()> {
+        let request = ClientRequest::AvatarEquip {
+            request_id: RequestId::Integer(8),
+            params: v2::CodexAvatarEquipParams {
+                avatar_id: "clippy".to_string(),
+            },
+        };
+        assert_eq!(
+            json!({
+                "method": "avatar/equip",
+                "id": 8,
+                "params": {
+                    "avatarId": "clippy"
+                }
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
+    #[test]
+    fn serialize_avatar_admin_award() -> Result<()> {
+        let request = ClientRequest::AvatarAdminAward {
+            request_id: RequestId::Integer(9),
+            params: v2::CodexAvatarAdminAwardGrantParams {
+                account_user_id: "target-user-123".to_string(),
+                award_id: "manual-grant-1".to_string(),
+                avatar_id: "prism".to_string(),
+                source_type: "manual-admin-grant".to_string(),
+                source_ref: Some("support-ticket-1".to_string()),
+                awarded_at: Some(123),
+                awarded_by: Some("admin-user".to_string()),
+                metadata_json: Some("{\"reason\":\"support\"}".to_string()),
+                source_summary: Some("Manual support grant".to_string()),
+            },
+        };
+        assert_eq!(
+            json!({
+                "method": "avatar/admin/award",
+                "id": 9,
+                "params": {
+                    "accountUserId": "target-user-123",
+                    "awardId": "manual-grant-1",
+                    "avatarId": "prism",
+                    "sourceType": "manual-admin-grant",
+                    "sourceRef": "support-ticket-1",
+                    "awardedAt": 123,
+                    "awardedBy": "admin-user",
+                    "metadataJson": "{\"reason\":\"support\"}",
+                    "sourceSummary": "Manual support grant"
+                }
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
+    #[test]
+    fn serialize_avatar_admin_proof_drop() -> Result<()> {
+        let request = ClientRequest::AvatarAdminProofDrop {
+            request_id: RequestId::Integer(10),
+            params: v2::CodexAvatarAdminProofDropGrantParams {
+                account_user_id: "target-user-123".to_string(),
+                award_id: "proof-drop-1".to_string(),
+                source_type: "proof-drop-box".to_string(),
+                source_ref: Some("support-ticket-1".to_string()),
+                awarded_at: Some(123),
+                source_summary: Some("Manual proof-drop box".to_string()),
+            },
+        };
+        assert_eq!(
+            json!({
+                "method": "avatar/admin/proof-drop",
+                "id": 10,
+                "params": {
+                    "accountUserId": "target-user-123",
+                    "awardId": "proof-drop-1",
+                    "sourceType": "proof-drop-box",
+                    "sourceRef": "support-ticket-1",
+                    "awardedAt": 123,
+                    "sourceSummary": "Manual proof-drop box"
+                }
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
+    #[test]
+    fn serialize_avatar_admin_capabilities_read() -> Result<()> {
+        let request = ClientRequest::AvatarAdminCapabilitiesRead {
+            request_id: RequestId::Integer(11),
+            params: v2::CodexAvatarAdminCapabilitiesReadParams::default(),
+        };
+        assert_eq!(
+            json!({
+                "method": "avatar/admin/capabilities/read",
+                "id": 11,
+                "params": {}
+            }),
+            serde_json::to_value(&request)?,
+        );
+        Ok(())
+    }
+
    #[test]
    fn account_serializes_fields_in_camel_case() -> Result<()> {
        let api_key = v2::Account::ApiKey {};
--- a/codex-rs/app-server-protocol/src/protocol/item_builders.rs
+++ b/codex-rs/app-server-protocol/src/protocol/item_builders.rs
@@ -1,299 +0,0 @@
-//! Shared builders for synthetic [`ThreadItem`] values emitted by the app-server layer.
-//!
-//! These items do not come from first-class core `ItemStarted` / `ItemCompleted` events.
-//! Instead, the app-server synthesizes them so clients can render a coherent lifecycle for
-//! approvals and other pre-execution flows before the underlying tool has started or when the
-//! tool never starts at all.
-//!
-//! Keeping these builders in one place is useful for two reasons:
-//! - Live notifications and rebuilt `thread/read` history both need to construct the same
-//!   synthetic items, so sharing the logic avoids drift between those paths.
-//! - The projection is presentation-specific. Core protocol events stay generic, while the
-//!   app-server protocol decides how to surface those events as `ThreadItem`s for clients.
-use crate::protocol::common::ServerNotification;
-use crate::protocol::v2::CommandAction;
-use crate::protocol::v2::CommandExecutionSource;
-use crate::protocol::v2::CommandExecutionStatus;
-use crate::protocol::v2::FileUpdateChange;
-use crate::protocol::v2::GuardianApprovalReview;
-use crate::protocol::v2::GuardianApprovalReviewStatus;
-use crate::protocol::v2::ItemGuardianApprovalReviewCompletedNotification;
-use crate::protocol::v2::ItemGuardianApprovalReviewStartedNotification;
-use crate::protocol::v2::PatchApplyStatus;
-use crate::protocol::v2::PatchChangeKind;
-use crate::protocol::v2::ThreadItem;
-use codex_protocol::ThreadId;
-use codex_protocol::protocol::ApplyPatchApprovalRequestEvent;
-use codex_protocol::protocol::ExecApprovalRequestEvent;
-use codex_protocol::protocol::ExecCommandBeginEvent;
-use codex_protocol::protocol::ExecCommandEndEvent;
-use codex_protocol::protocol::FileChange;
-use codex_protocol::protocol::GuardianAssessmentAction;
-use codex_protocol::protocol::GuardianAssessmentEvent;
-use codex_protocol::protocol::PatchApplyBeginEvent;
-use codex_protocol::protocol::PatchApplyEndEvent;
-use codex_shell_command::parse_command::parse_command;
-use codex_shell_command::parse_command::shlex_join;
-use std::collections::HashMap;
-use std::path::PathBuf;
-
-pub fn build_file_change_approval_request_item(
-    payload: &ApplyPatchApprovalRequestEvent,
-) -> ThreadItem {
-    ThreadItem::FileChange {
-        id: payload.call_id.clone(),
-        changes: convert_patch_changes(&payload.changes),
-        status: PatchApplyStatus::InProgress,
-    }
-}
-
-pub fn build_file_change_begin_item(payload: &PatchApplyBeginEvent) -> ThreadItem {
-    ThreadItem::FileChange {
-        id: payload.call_id.clone(),
-        changes: convert_patch_changes(&payload.changes),
-        status: PatchApplyStatus::InProgress,
-    }
-}
-
-pub fn build_file_change_end_item(payload: &PatchApplyEndEvent) -> ThreadItem {
-    ThreadItem::FileChange {
-        id: payload.call_id.clone(),
-        changes: convert_patch_changes(&payload.changes),
-        status: (&payload.status).into(),
-    }
-}
-
-pub fn build_command_execution_approval_request_item(
-    payload: &ExecApprovalRequestEvent,
-) -> ThreadItem {
-    ThreadItem::CommandExecution {
-        id: payload.call_id.clone(),
-        command: shlex_join(&payload.command),
-        cwd: payload.cwd.clone(),
-        process_id: None,
-        source: CommandExecutionSource::Agent,
-        status: CommandExecutionStatus::InProgress,
-        command_actions: payload
-            .parsed_cmd
-            .iter()
-            .cloned()
-            .map(CommandAction::from)
-            .collect(),
-        aggregated_output: None,
-        exit_code: None,
-        duration_ms: None,
-    }
-}
-
-pub fn build_command_execution_begin_item(payload: &ExecCommandBeginEvent) -> ThreadItem {
-    ThreadItem::CommandExecution {
-        id: payload.call_id.clone(),
-        command: shlex_join(&payload.command),
-        cwd: payload.cwd.clone(),
-        process_id: payload.process_id.clone(),
-        source: payload.source.into(),
-        status: CommandExecutionStatus::InProgress,
-        command_actions: payload
-            .parsed_cmd
-            .iter()
-            .cloned()
-            .map(CommandAction::from)
-            .collect(),
-        aggregated_output: None,
-        exit_code: None,
-        duration_ms: None,
-    }
-}
-
-pub fn build_command_execution_end_item(payload: &ExecCommandEndEvent) -> ThreadItem {
-    let aggregated_output = if payload.aggregated_output.is_empty() {
-        None
-    } else {
-        Some(payload.aggregated_output.clone())
-    };
-    let duration_ms = i64::try_from(payload.duration.as_millis()).unwrap_or(i64::MAX);
-
-    ThreadItem::CommandExecution {
-        id: payload.call_id.clone(),
-        command: shlex_join(&payload.command),
-        cwd: payload.cwd.clone(),
-        process_id: payload.process_id.clone(),
-        source: payload.source.into(),
-        status: (&payload.status).into(),
-        command_actions: payload
-            .parsed_cmd
-            .iter()
-            .cloned()
-            .map(CommandAction::from)
-            .collect(),
-        aggregated_output,
-        exit_code: Some(payload.exit_code),
-        duration_ms: Some(duration_ms),
-    }
-}
-
-/// Build a guardian-derived [`ThreadItem`].
-///
-/// Currently this only synthesizes [`ThreadItem::CommandExecution`] for
-/// [`GuardianAssessmentAction::Command`] and [`GuardianAssessmentAction::Execve`].
-pub fn build_item_from_guardian_event(
-    assessment: &GuardianAssessmentEvent,
-    status: CommandExecutionStatus,
-) -> Option<ThreadItem> {
-    match &assessment.action {
-        GuardianAssessmentAction::Command { command, cwd, .. } => {
-            let command = command.clone();
-            let command_actions = vec![CommandAction::Unknown {
-                command: command.clone(),
-            }];
-            Some(ThreadItem::CommandExecution {
-                id: assessment.id.clone(),
-                command,
-                cwd: cwd.clone(),
-                process_id: None,
-                source: CommandExecutionSource::Agent,
-                status,
-                command_actions,
-                aggregated_output: None,
-                exit_code: None,
-                duration_ms: None,
-            })
-        }
-        GuardianAssessmentAction::Execve {
-            program, argv, cwd, ..
-        } => {
-            let argv = if argv.is_empty() {
-                vec![program.clone()]
-            } else {
-                std::iter::once(program.clone())
-                    .chain(argv.iter().skip(1).cloned())
-                    .collect::<Vec<_>>()
-            };
-            let command = shlex_join(&argv);
-            let parsed_cmd = parse_command(&argv);
-            let command_actions = if parsed_cmd.is_empty() {
-                vec![CommandAction::Unknown {
-                    command: command.clone(),
-                }]
-            } else {
-                parsed_cmd.into_iter().map(CommandAction::from).collect()
-            };
-            Some(ThreadItem::CommandExecution {
-                id: assessment.id.clone(),
-                command,
-                cwd: cwd.clone(),
-                process_id: None,
-                source: CommandExecutionSource::Agent,
-                status,
-                command_actions,
-                aggregated_output: None,
-                exit_code: None,
-                duration_ms: None,
-            })
-        }
-        GuardianAssessmentAction::ApplyPatch { .. }
-        | GuardianAssessmentAction::NetworkAccess { .. }
-        | GuardianAssessmentAction::McpToolCall { .. } => None,
-    }
-}
-
-pub fn guardian_auto_approval_review_notification(
-    conversation_id: &ThreadId,
-    event_turn_id: &str,
-    assessment: &GuardianAssessmentEvent,
-) -> ServerNotification {
-    // TODO(ccunningham): Attach guardian review state to the reviewed tool
-    // item's lifecycle instead of sending standalone review notifications so
-    // the app-server API can persist and replay review state via `thread/read`.
-    let turn_id = if assessment.turn_id.is_empty() {
-        event_turn_id.to_string()
-    } else {
-        assessment.turn_id.clone()
-    };
-    let review = GuardianApprovalReview {
-        status: match assessment.status {
-            codex_protocol::protocol::GuardianAssessmentStatus::InProgress => {
-                GuardianApprovalReviewStatus::InProgress
-            }
-            codex_protocol::protocol::GuardianAssessmentStatus::Approved => {
-                GuardianApprovalReviewStatus::Approved
-            }
-            codex_protocol::protocol::GuardianAssessmentStatus::Denied => {
-                GuardianApprovalReviewStatus::Denied
-            }
-            codex_protocol::protocol::GuardianAssessmentStatus::Aborted => {
-                GuardianApprovalReviewStatus::Aborted
-            }
-        },
-        risk_score: assessment.risk_score,
-        risk_level: assessment.risk_level.map(Into::into),
-        rationale: assessment.rationale.clone(),
-    };
-    let action = assessment.action.clone().into();
-    match assessment.status {
-        codex_protocol::protocol::GuardianAssessmentStatus::InProgress => {
-            ServerNotification::ItemGuardianApprovalReviewStarted(
-                ItemGuardianApprovalReviewStartedNotification {
-                    thread_id: conversation_id.to_string(),
-                    turn_id,
-                    target_item_id: assessment.id.clone(),
-                    review,
-                    action,
-                },
-            )
-        }
-        codex_protocol::protocol::GuardianAssessmentStatus::Approved
-        | codex_protocol::protocol::GuardianAssessmentStatus::Denied
-        | codex_protocol::protocol::GuardianAssessmentStatus::Aborted => {
-            ServerNotification::ItemGuardianApprovalReviewCompleted(
-                ItemGuardianApprovalReviewCompletedNotification {
-                    thread_id: conversation_id.to_string(),
-                    turn_id,
-                    target_item_id: assessment.id.clone(),
-                    review,
-                    action,
-                },
-            )
-        }
-    }
-}
-
-pub fn convert_patch_changes(changes: &HashMap<PathBuf, FileChange>) -> Vec<FileUpdateChange> {
-    let mut converted: Vec<FileUpdateChange> = changes
-        .iter()
-        .map(|(path, change)| FileUpdateChange {
-            path: path.to_string_lossy().into_owned(),
-            kind: map_patch_change_kind(change),
-            diff: format_file_change_diff(change),
-        })
-        .collect();
-    converted.sort_by(|a, b| a.path.cmp(&b.path));
-    converted
-}
-
-fn map_patch_change_kind(change: &FileChange) -> PatchChangeKind {
-    match change {
-        FileChange::Add { .. } => PatchChangeKind::Add,
-        FileChange::Delete { .. } => PatchChangeKind::Delete,
-        FileChange::Update { move_path, .. } => PatchChangeKind::Update {
-            move_path: move_path.clone(),
-        },
-    }
-}
-
-fn format_file_change_diff(change: &FileChange) -> String {
-    match change {
-        FileChange::Add { content } => content.clone(),
-        FileChange::Delete { content } => content.clone(),
-        FileChange::Update {
-            unified_diff,
-            move_path,
-        } => {
-            if let Some(path) = move_path {
-                format!("{unified_diff}\n\nMoved to: {}", path.display())
-            } else {
-                unified_diff.clone()
-            }
-        }
-    }
-}
--- a/codex-rs/app-server-protocol/src/protocol/mod.rs
+++ b/codex-rs/app-server-protocol/src/protocol/mod.rs
@@ -2,7 +2,6 @@
 // Exposes protocol pieces used by `lib.rs` via `pub use protocol::common::*;`.

 pub mod common;
-pub mod item_builders;
 mod mappers;
 mod serde_helpers;
 pub mod thread_history;
--- a/codex-rs/app-server-protocol/src/protocol/thread_history.rs
+++ b/codex-rs/app-server-protocol/src/protocol/thread_history.rs
@@ -1,18 +1,16 @@
-use crate::protocol::item_builders::build_command_execution_begin_item;
-use crate::protocol::item_builders::build_command_execution_end_item;
-use crate::protocol::item_builders::build_file_change_approval_request_item;
-use crate::protocol::item_builders::build_file_change_begin_item;
-use crate::protocol::item_builders::build_file_change_end_item;
-use crate::protocol::item_builders::build_item_from_guardian_event;
 use crate::protocol::v2::CollabAgentState;
 use crate::protocol::v2::CollabAgentTool;
 use crate::protocol::v2::CollabAgentToolCallStatus;
+use crate::protocol::v2::CommandAction;
 use crate::protocol::v2::CommandExecutionStatus;
 use crate::protocol::v2::DynamicToolCallOutputContentItem;
 use crate::protocol::v2::DynamicToolCallStatus;
+use crate::protocol::v2::FileUpdateChange;
 use crate::protocol::v2::McpToolCallError;
 use crate::protocol::v2::McpToolCallResult;
 use crate::protocol::v2::McpToolCallStatus;
+use crate::protocol::v2::PatchApplyStatus;
+use crate::protocol::v2::PatchChangeKind;
 use crate::protocol::v2::ThreadItem;
 use crate::protocol::v2::Turn;
 use crate::protocol::v2::TurnError as V2TurnError;
@@ -33,8 +31,6 @@ use codex_protocol::protocol::ErrorEvent;
 use codex_protocol::protocol::EventMsg;
 use codex_protocol::protocol::ExecCommandBeginEvent;
 use codex_protocol::protocol::ExecCommandEndEvent;
-use codex_protocol::protocol::GuardianAssessmentEvent;
-use codex_protocol::protocol::GuardianAssessmentStatus;
 use codex_protocol::protocol::ImageGenerationBeginEvent;
 use codex_protocol::protocol::ImageGenerationEndEvent;
 use codex_protocol::protocol::ItemCompletedEvent;
@@ -57,14 +53,6 @@ use std::collections::HashMap;
 use tracing::warn;
 use uuid::Uuid;

-#[cfg(test)]
-use crate::protocol::v2::CommandAction;
-#[cfg(test)]
-use crate::protocol::v2::FileUpdateChange;
-#[cfg(test)]
-use crate::protocol::v2::PatchApplyStatus;
-#[cfg(test)]
-use crate::protocol::v2::PatchChangeKind;
 #[cfg(test)]
 use codex_protocol::protocol::ExecCommandStatus as CoreExecCommandStatus;
 #[cfg(test)]
@@ -161,7 +149,6 @@ impl ThreadHistoryBuilder {
            EventMsg::WebSearchEnd(payload) => self.handle_web_search_end(payload),
            EventMsg::ExecCommandBegin(payload) => self.handle_exec_command_begin(payload),
            EventMsg::ExecCommandEnd(payload) => self.handle_exec_command_end(payload),
-            EventMsg::GuardianAssessment(payload) => self.handle_guardian_assessment(payload),
            EventMsg::ApplyPatchApprovalRequest(payload) => {
                self.handle_apply_patch_approval_request(payload)
            }
@@ -388,12 +375,57 @@ impl ThreadHistoryBuilder {
    }

    fn handle_exec_command_begin(&mut self, payload: &ExecCommandBeginEvent) {
-        let item = build_command_execution_begin_item(payload);
+        let command = shlex::try_join(payload.command.iter().map(String::as_str))
+            .unwrap_or_else(|_| payload.command.join(" "));
+        let command_actions = payload
+            .parsed_cmd
+            .iter()
+            .cloned()
+            .map(CommandAction::from)
+            .collect();
+        let item = ThreadItem::CommandExecution {
+            id: payload.call_id.clone(),
+            command,
+            cwd: payload.cwd.clone(),
+            process_id: payload.process_id.clone(),
+            source: payload.source.into(),
+            status: CommandExecutionStatus::InProgress,
+            command_actions,
+            aggregated_output: None,
+            exit_code: None,
+            duration_ms: None,
+        };
        self.upsert_item_in_turn_id(&payload.turn_id, item);
    }

    fn handle_exec_command_end(&mut self, payload: &ExecCommandEndEvent) {
-        let item = build_command_execution_end_item(payload);
+        let status: CommandExecutionStatus = (&payload.status).into();
+        let duration_ms = i64::try_from(payload.duration.as_millis()).unwrap_or(i64::MAX);
+        let aggregated_output = if payload.aggregated_output.is_empty() {
+            None
+        } else {
+            Some(payload.aggregated_output.clone())
+        };
+        let command = shlex::try_join(payload.command.iter().map(String::as_str))
+            .unwrap_or_else(|_| payload.command.join(" "));
+        let command_actions = payload
+            .parsed_cmd
+            .iter()
+            .cloned()
+            .map(CommandAction::from)
+            .collect();
+        let item = ThreadItem::CommandExecution {
+            id: payload.call_id.clone(),
+            command,
+            cwd: payload.cwd.clone(),
+            process_id: payload.process_id.clone(),
+            source: payload.source.into(),
+            status,
+            command_actions,
+            aggregated_output,
+            exit_code: Some(payload.exit_code),
+            duration_ms: Some(duration_ms),
+        };
        // Command completions can arrive out of order. Unified exec may return
        // while a PTY is still running, then emit ExecCommandEnd later from a
        // background exit watcher when that process finally exits. By then, a
@@ -402,26 +434,12 @@ impl ThreadHistoryBuilder {
        self.upsert_item_in_turn_id(&payload.turn_id, item);
    }

-    fn handle_guardian_assessment(&mut self, payload: &GuardianAssessmentEvent) {
-        let status = match payload.status {
-            GuardianAssessmentStatus::InProgress => CommandExecutionStatus::InProgress,
-            GuardianAssessmentStatus::Denied | GuardianAssessmentStatus::Aborted => {
-                CommandExecutionStatus::Declined
-            }
-            GuardianAssessmentStatus::Approved => return,
-        };
-        let Some(item) = build_item_from_guardian_event(payload, status) else {
-            return;
-        };
-        if payload.turn_id.is_empty() {
-            self.upsert_item_in_current_turn(item);
-        } else {
-            self.upsert_item_in_turn_id(&payload.turn_id, item);
-        }
-    }
-
    fn handle_apply_patch_approval_request(&mut self, payload: &ApplyPatchApprovalRequestEvent) {
-        let item = build_file_change_approval_request_item(payload);
+        let item = ThreadItem::FileChange {
+            id: payload.call_id.clone(),
+            changes: convert_patch_changes(&payload.changes),
+            status: PatchApplyStatus::InProgress,
+        };
        if payload.turn_id.is_empty() {
            self.upsert_item_in_current_turn(item);
        } else {
@@ -430,7 +448,11 @@ impl ThreadHistoryBuilder {
    }

    fn handle_patch_apply_begin(&mut self, payload: &PatchApplyBeginEvent) {
-        let item = build_file_change_begin_item(payload);
+        let item = ThreadItem::FileChange {
+            id: payload.call_id.clone(),
+            changes: convert_patch_changes(&payload.changes),
+            status: PatchApplyStatus::InProgress,
+        };
        if payload.turn_id.is_empty() {
            self.upsert_item_in_current_turn(item);
        } else {
@@ -439,7 +461,12 @@ impl ThreadHistoryBuilder {
    }

    fn handle_patch_apply_end(&mut self, payload: &PatchApplyEndEvent) {
-        let item = build_file_change_end_item(payload);
+        let status: PatchApplyStatus = (&payload.status).into();
+        let item = ThreadItem::FileChange {
+            id: payload.call_id.clone(),
+            changes: convert_patch_changes(&payload.changes),
+            status,
+        };
        if payload.turn_id.is_empty() {
            self.upsert_item_in_current_turn(item);
        } else {
@@ -864,29 +891,22 @@ impl ThreadHistoryBuilder {
    }

    fn handle_turn_aborted(&mut self, payload: &TurnAbortedEvent) {
-        let apply_abort = |turn: &mut PendingTurn| {
-            turn.status = TurnStatus::Interrupted;
-            turn.completed_at = payload.completed_at;
-            turn.duration_ms = payload.duration_ms;
-        };
        if let Some(turn_id) = payload.turn_id.as_deref() {
            // Prefer an exact ID match so we interrupt the turn explicitly targeted by the event.
            if let Some(turn) = self.current_turn.as_mut().filter(|turn| turn.id == turn_id) {
-                apply_abort(turn);
+                turn.status = TurnStatus::Interrupted;
                return;
            }

            if let Some(turn) = self.turns.iter_mut().find(|turn| turn.id == turn_id) {
                turn.status = TurnStatus::Interrupted;
-                turn.completed_at = payload.completed_at;
-                turn.duration_ms = payload.duration_ms;
                return;
            }
        }

        // If the event has no ID (or refers to an unknown turn), fall back to the active turn.
        if let Some(turn) = self.current_turn.as_mut() {
-            apply_abort(turn);
+            turn.status = TurnStatus::Interrupted;
        }
    }

@@ -895,18 +915,15 @@ impl ThreadHistoryBuilder {
        self.current_turn = Some(
            self.new_turn(Some(payload.turn_id.clone()))
                .with_status(TurnStatus::InProgress)
-                .with_started_at(payload.started_at)
                .opened_explicitly(),
        );
    }

    fn handle_turn_complete(&mut self, payload: &TurnCompleteEvent) {
-        let mark_completed = |turn: &mut PendingTurn| {
-            if matches!(turn.status, TurnStatus::Completed | TurnStatus::InProgress) {
-                turn.status = TurnStatus::Completed;
+        let mark_completed = |status: &mut TurnStatus| {
+            if matches!(*status, TurnStatus::Completed | TurnStatus::InProgress) {
+                *status = TurnStatus::Completed;
            }
-            turn.completed_at = payload.completed_at;
-            turn.duration_ms = payload.duration_ms;
        };

        // Prefer an exact ID match from the active turn and then close it.
@@ -915,7 +932,7 @@ impl ThreadHistoryBuilder {
            .as_mut()
            .filter(|turn| turn.id == payload.turn_id)
        {
-            mark_completed(current_turn);
+            mark_completed(&mut current_turn.status);
            self.finish_current_turn();
            return;
        }
@@ -925,17 +942,13 @@ impl ThreadHistoryBuilder {
            .iter_mut()
            .find(|turn| turn.id == payload.turn_id)
        {
-            if matches!(turn.status, TurnStatus::Completed | TurnStatus::InProgress) {
-                turn.status = TurnStatus::Completed;
-            }
-            turn.completed_at = payload.completed_at;
-            turn.duration_ms = payload.duration_ms;
+            mark_completed(&mut turn.status);
            return;
        }

        // If the completion event cannot be matched, apply it to the active turn.
        if let Some(current_turn) = self.current_turn.as_mut() {
-            mark_completed(current_turn);
+            mark_completed(&mut current_turn.status);
            self.finish_current_turn();
        }
    }
@@ -968,7 +981,7 @@ impl ThreadHistoryBuilder {
            if turn.items.is_empty() && !turn.opened_explicitly && !turn.saw_compaction {
                return;
            }
-            self.turns.push(Turn::from(turn));
+            self.turns.push(turn.into());
        }
    }

@@ -978,9 +991,6 @@ impl ThreadHistoryBuilder {
            items: Vec::new(),
            error: None,
            status: TurnStatus::Completed,
-            started_at: None,
-            completed_at: None,
-            duration_ms: None,
            opened_explicitly: false,
            saw_compaction: false,
            rollout_start_index: self.current_rollout_index,
@@ -1066,6 +1076,21 @@ fn render_review_output_text(output: &ReviewOutputEvent) -> String {
    }
 }

+pub fn convert_patch_changes(
+    changes: &HashMap<std::path::PathBuf, codex_protocol::protocol::FileChange>,
+) -> Vec<FileUpdateChange> {
+    let mut converted: Vec<FileUpdateChange> = changes
+        .iter()
+        .map(|(path, change)| FileUpdateChange {
+            path: path.to_string_lossy().into_owned(),
+            kind: map_patch_change_kind(change),
+            diff: format_file_change_diff(change),
+        })
+        .collect();
+    converted.sort_by(|a, b| a.path.cmp(&b.path));
+    converted
+}
+
 fn convert_dynamic_tool_content_items(
    items: &[codex_protocol::dynamic_tools::DynamicToolCallOutputContentItem],
 ) -> Vec<DynamicToolCallOutputContentItem> {
@@ -1083,6 +1108,33 @@ fn convert_dynamic_tool_content_items(
        .collect()
 }

+fn map_patch_change_kind(change: &codex_protocol::protocol::FileChange) -> PatchChangeKind {
+    match change {
+        codex_protocol::protocol::FileChange::Add { .. } => PatchChangeKind::Add,
+        codex_protocol::protocol::FileChange::Delete { .. } => PatchChangeKind::Delete,
+        codex_protocol::protocol::FileChange::Update { move_path, .. } => PatchChangeKind::Update {
+            move_path: move_path.clone(),
+        },
+    }
+}
+
+fn format_file_change_diff(change: &codex_protocol::protocol::FileChange) -> String {
+    match change {
+        codex_protocol::protocol::FileChange::Add { content } => content.clone(),
+        codex_protocol::protocol::FileChange::Delete { content } => content.clone(),
+        codex_protocol::protocol::FileChange::Update {
+            unified_diff,
+            move_path,
+        } => {
+            if let Some(path) = move_path {
+                format!("{unified_diff}\n\nMoved to: {}", path.display())
+            } else {
+                unified_diff.clone()
+            }
+        }
+    }
+}
+
 fn upsert_turn_item(items: &mut Vec<ThreadItem>, item: ThreadItem) {
    if let Some(existing_item) = items
        .iter_mut()
@@ -1099,9 +1151,6 @@ struct PendingTurn {
    items: Vec<ThreadItem>,
    error: Option<TurnError>,
    status: TurnStatus,
-    started_at: Option<i64>,
-    completed_at: Option<i64>,
-    duration_ms: Option<i64>,
    /// True when this turn originated from an explicit `turn_started`/`turn_complete`
    /// boundary, so we preserve it even if it has no renderable items.
    opened_explicitly: bool,
@@ -1122,11 +1171,6 @@ impl PendingTurn {
        self.status = status;
        self
    }
-
-    fn with_started_at(mut self, started_at: Option<i64>) -> Self {
-        self.started_at = started_at;
-        self
-    }
 }

 impl From<PendingTurn> for Turn {
@@ -1136,9 +1180,6 @@ impl From<PendingTurn> for Turn {
            items: value.items,
            error: value.error,
            status: value.status,
-            started_at: value.started_at,
-            completed_at: value.completed_at,
-            duration_ms: value.duration_ms,
        }
    }
 }
@@ -1150,9 +1191,6 @@ impl From<&PendingTurn> for Turn {
            items: value.items.clone(),
            error: value.error.clone(),
            status: value.status.clone(),
-            started_at: value.started_at,
-            completed_at: value.completed_at,
-            duration_ms: value.duration_ms,
        }
    }
 }
@@ -1304,7 +1342,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: turn_id.to_string(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -1325,8 +1362,6 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: turn_id.to_string(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
        ];

@@ -1379,7 +1414,6 @@ mod tests {
        let items = vec![
            RolloutItem::EventMsg(EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-image".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            })),
@@ -1399,8 +1433,6 @@ mod tests {
            RolloutItem::EventMsg(EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-image".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            })),
        ];

@@ -1412,9 +1444,6 @@ mod tests {
                id: "turn-image".into(),
                status: TurnStatus::Completed,
                error: None,
-                started_at: None,
-                completed_at: None,
-                duration_ms: None,
                items: vec![
                    ThreadItem::UserMessage {
                        id: "item-1".into(),
@@ -1504,8 +1533,6 @@ mod tests {
            EventMsg::TurnAborted(TurnAbortedEvent {
                turn_id: Some("turn-1".into()),
                reason: TurnAbortReason::Replaced,
-                completed_at: None,
-                duration_ms: None,
            }),
            EventMsg::UserMessage(UserMessageEvent {
                message: "Let's try again".into(),
@@ -1703,7 +1730,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-a".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -1722,8 +1748,6 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
        ];

@@ -1760,7 +1784,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-1".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -1866,7 +1889,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-1".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -1926,7 +1948,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-1".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2009,144 +2030,11 @@ mod tests {
        );
    }

-    #[test]
-    fn reconstructs_declined_guardian_command_item() {
-        let events = vec![
-            EventMsg::TurnStarted(TurnStartedEvent {
-                turn_id: "turn-1".into(),
-                started_at: None,
-                model_context_window: None,
-                collaboration_mode_kind: Default::default(),
-            }),
-            EventMsg::UserMessage(UserMessageEvent {
-                message: "review this command".into(),
-                images: None,
-                text_elements: Vec::new(),
-                local_images: Vec::new(),
-            }),
-            EventMsg::GuardianAssessment(GuardianAssessmentEvent {
-                id: "guardian-exec".into(),
-                turn_id: "turn-1".into(),
-                status: GuardianAssessmentStatus::InProgress,
-                risk_score: None,
-                risk_level: None,
-                rationale: None,
-                action: serde_json::from_value(serde_json::json!({
-                    "type": "command",
-                    "source": "shell",
-                    "command": "rm -rf /tmp/guardian",
-                    "cwd": "/tmp",
-                }))
-                .expect("guardian action"),
-            }),
-            EventMsg::GuardianAssessment(GuardianAssessmentEvent {
-                id: "guardian-exec".into(),
-                turn_id: "turn-1".into(),
-                status: GuardianAssessmentStatus::Denied,
-                risk_score: Some(97),
-                risk_level: Some(codex_protocol::protocol::GuardianRiskLevel::High),
-                rationale: Some("Would delete user data.".into()),
-                action: serde_json::from_value(serde_json::json!({
-                    "type": "command",
-                    "source": "shell",
-                    "command": "rm -rf /tmp/guardian",
-                    "cwd": "/tmp",
-                }))
-                .expect("guardian action"),
-            }),
-        ];
-
-        let items = events
-            .into_iter()
-            .map(RolloutItem::EventMsg)
-            .collect::<Vec<_>>();
-        let turns = build_turns_from_rollout_items(&items);
-        assert_eq!(turns.len(), 1);
-        assert_eq!(turns[0].items.len(), 2);
-        assert_eq!(
-            turns[0].items[1],
-            ThreadItem::CommandExecution {
-                id: "guardian-exec".into(),
-                command: "rm -rf /tmp/guardian".into(),
-                cwd: PathBuf::from("/tmp"),
-                process_id: None,
-                source: CommandExecutionSource::Agent,
-                status: CommandExecutionStatus::Declined,
-                command_actions: vec![CommandAction::Unknown {
-                    command: "rm -rf /tmp/guardian".into(),
-                }],
-                aggregated_output: None,
-                exit_code: None,
-                duration_ms: None,
-            }
-        );
-    }
-
-    #[test]
-    fn reconstructs_in_progress_guardian_execve_item() {
-        let events = vec![
-            EventMsg::TurnStarted(TurnStartedEvent {
-                turn_id: "turn-1".into(),
-                started_at: None,
-                model_context_window: None,
-                collaboration_mode_kind: Default::default(),
-            }),
-            EventMsg::UserMessage(UserMessageEvent {
-                message: "run a subcommand".into(),
-                images: None,
-                text_elements: Vec::new(),
-                local_images: Vec::new(),
-            }),
-            EventMsg::GuardianAssessment(GuardianAssessmentEvent {
-                id: "guardian-execve".into(),
-                turn_id: "turn-1".into(),
-                status: GuardianAssessmentStatus::InProgress,
-                risk_score: None,
-                risk_level: None,
-                rationale: None,
-                action: serde_json::from_value(serde_json::json!({
-                    "type": "execve",
-                    "source": "shell",
-                    "program": "/bin/rm",
-                    "argv": ["/usr/bin/rm", "-f", "/tmp/file.sqlite"],
-                    "cwd": "/tmp",
-                }))
-                .expect("guardian action"),
-            }),
-        ];
-
-        let items = events
-            .into_iter()
-            .map(RolloutItem::EventMsg)
-            .collect::<Vec<_>>();
-        let turns = build_turns_from_rollout_items(&items);
-        assert_eq!(turns.len(), 1);
-        assert_eq!(turns[0].items.len(), 2);
-        assert_eq!(
-            turns[0].items[1],
-            ThreadItem::CommandExecution {
-                id: "guardian-execve".into(),
-                command: "/bin/rm -f /tmp/file.sqlite".into(),
-                cwd: PathBuf::from("/tmp"),
-                process_id: None,
-                source: CommandExecutionSource::Agent,
-                status: CommandExecutionStatus::InProgress,
-                command_actions: vec![CommandAction::Unknown {
-                    command: "/bin/rm -f /tmp/file.sqlite".into(),
-                }],
-                aggregated_output: None,
-                exit_code: None,
-                duration_ms: None,
-            }
-        );
-    }
-
    #[test]
    fn assigns_late_exec_completion_to_original_turn() {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-a".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2159,12 +2047,9 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-b".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2196,8 +2081,6 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-b".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
        ];

@@ -2235,7 +2118,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-a".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2248,12 +2130,9 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-b".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2285,8 +2164,6 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-b".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
        ];

@@ -2319,7 +2196,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: turn_id.to_string(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2383,7 +2259,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: turn_id.to_string(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2446,7 +2321,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-a".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2459,12 +2333,9 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-b".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2477,8 +2348,6 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
            EventMsg::AgentMessage(AgentMessageEvent {
                message: "still in b".into(),
@@ -2488,8 +2357,6 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-b".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
        ];

@@ -2509,7 +2376,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-a".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2522,12 +2388,9 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-b".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2540,8 +2403,6 @@ mod tests {
            EventMsg::TurnAborted(TurnAbortedEvent {
                turn_id: Some("turn-a".into()),
                reason: TurnAbortReason::Replaced,
-                completed_at: None,
-                duration_ms: None,
            }),
            EventMsg::AgentMessage(AgentMessageEvent {
                message: "still in b".into(),
@@ -2567,7 +2428,6 @@ mod tests {
        let items = vec![
            RolloutItem::EventMsg(EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-compact".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            })),
@@ -2578,8 +2438,6 @@ mod tests {
            RolloutItem::EventMsg(EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-compact".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            })),
        ];

@@ -2590,9 +2448,6 @@ mod tests {
                id: "turn-compact".into(),
                status: TurnStatus::Completed,
                error: None,
-                started_at: None,
-                completed_at: None,
-                duration_ms: None,
                items: Vec::new(),
            }]
        );
@@ -2810,7 +2665,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-a".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2823,8 +2677,6 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
            EventMsg::Error(ErrorEvent {
                message: "request-level failure".into(),
@@ -2844,9 +2696,6 @@ mod tests {
                id: "turn-a".into(),
                status: TurnStatus::Completed,
                error: None,
-                started_at: None,
-                completed_at: None,
-                duration_ms: None,
                items: vec![ThreadItem::UserMessage {
                    id: "item-1".into(),
                    content: vec![UserInput::Text {
@@ -2863,7 +2712,6 @@ mod tests {
        let events = vec![
            EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-a".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            }),
@@ -2882,8 +2730,6 @@ mod tests {
            EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            }),
        ];

@@ -2919,7 +2765,6 @@ mod tests {
        let items = vec![
            RolloutItem::EventMsg(EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-a".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            })),
@@ -2933,8 +2778,6 @@ mod tests {
            RolloutItem::EventMsg(EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            })),
        ];

@@ -2965,7 +2808,6 @@ mod tests {
        let items = vec![
            RolloutItem::EventMsg(EventMsg::TurnStarted(TurnStartedEvent {
                turn_id: "turn-a".into(),
-                started_at: None,
                model_context_window: None,
                collaboration_mode_kind: Default::default(),
            })),
@@ -2981,8 +2823,6 @@ mod tests {
            RolloutItem::EventMsg(EventMsg::TurnComplete(TurnCompleteEvent {
                turn_id: "turn-a".into(),
                last_agent_message: None,
-                completed_at: None,
-                duration_ms: None,
            })),
        ];

--- a/codex-rs/app-server-protocol/src/protocol/v2.rs
+++ b/codex-rs/app-server-protocol/src/protocol/v2.rs
@@ -8,8 +8,6 @@ use codex_experimental_api_macros::ExperimentalApi;
 use codex_protocol::account::PlanType;
 use codex_protocol::approvals::ElicitationRequest as CoreElicitationRequest;
 use codex_protocol::approvals::ExecPolicyAmendment as CoreExecPolicyAmendment;
-use codex_protocol::approvals::GuardianAssessmentAction as CoreGuardianAssessmentAction;
-use codex_protocol::approvals::GuardianCommandSource as CoreGuardianCommandSource;
 use codex_protocol::approvals::NetworkApprovalContext as CoreNetworkApprovalContext;
 use codex_protocol::approvals::NetworkApprovalProtocol as CoreNetworkApprovalProtocol;
 use codex_protocol::approvals::NetworkPolicyAmendment as CoreNetworkPolicyAmendment;
@@ -29,7 +27,6 @@ use codex_protocol::config_types::WebSearchToolConfig;
 use codex_protocol::items::AgentMessageContent as CoreAgentMessageContent;
 use codex_protocol::items::TurnItem as CoreTurnItem;
 use codex_protocol::mcp::Resource as McpResource;
-pub use codex_protocol::mcp::ResourceContent as McpResourceContent;
 use codex_protocol::mcp::ResourceTemplate as McpResourceTemplate;
 use codex_protocol::mcp::Tool as McpTool;
 use codex_protocol::memory_citation::MemoryCitation as CoreMemoryCitation;
@@ -851,8 +848,6 @@ pub struct ConfigReadResponse {
 pub struct ConfigRequirements {
    #[experimental(nested)]
    pub allowed_approval_policies: Option<Vec<AskForApproval>>,
-    #[experimental("configRequirements/read.allowedApprovalsReviewers")]
-    pub allowed_approvals_reviewers: Option<Vec<ApprovalsReviewer>>,
    pub allowed_sandbox_modes: Option<Vec<SandboxMode>>,
    pub allowed_web_search_modes: Option<Vec<WebSearchMode>>,
    pub feature_requirements: Option<BTreeMap<String, bool>>,
@@ -885,7 +880,6 @@ pub struct NetworkRequirements {
    /// Legacy compatibility view derived from `unix_sockets`.
    pub allow_unix_sockets: Option<Vec<String>>,
    pub allow_local_binding: Option<bool>,
-    pub danger_full_access_denylist_only: Option<bool>,
 }

 #[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
@@ -1743,6 +1737,188 @@ pub struct GetAccountResponse {
    pub requires_openai_auth: bool,
 }

+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub enum CodexAvatarStatus {
+    Active,
+    Hidden,
+    Retired,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub enum CodexAvatarRarity {
+    Common,
+    Rare,
+    Epic,
+    Legendary,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarDefinition {
+    pub avatar_id: String,
+    pub display_name: String,
+    pub description: String,
+    pub rarity: CodexAvatarRarity,
+    pub asset_ref: String,
+    pub status: CodexAvatarStatus,
+    pub sort_order: i64,
+    pub collection_name: String,
+    pub collection_description: String,
+    pub lore: String,
+    pub accent_class_name: String,
+    pub silhouette_glow_class_name: String,
+    pub is_progress_visible: bool,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarOwnership {
+    pub account_user_id: String,
+    pub avatar_id: String,
+    pub source_summary: Option<String>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarAward {
+    pub award_id: String,
+    pub account_user_id: String,
+    pub avatar_id: String,
+    pub source_type: String,
+    pub source_ref: Option<String>,
+    pub awarded_at: i64,
+    pub awarded_by: Option<String>,
+    pub metadata_json: Option<String>,
+    pub source_summary: Option<String>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, Default, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarInventoryReadParams {}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarEquipParams {
+    pub avatar_id: String,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarAdminAwardGrantParams {
+    pub account_user_id: String,
+    pub award_id: String,
+    pub avatar_id: String,
+    pub source_type: String,
+    #[ts(optional = nullable)]
+    pub source_ref: Option<String>,
+    #[ts(optional = nullable)]
+    pub awarded_at: Option<i64>,
+    #[ts(optional = nullable)]
+    pub awarded_by: Option<String>,
+    #[ts(optional = nullable)]
+    pub metadata_json: Option<String>,
+    #[ts(optional = nullable)]
+    pub source_summary: Option<String>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarAdminProofDropGrantParams {
+    pub account_user_id: String,
+    pub award_id: String,
+    pub source_type: String,
+    #[ts(optional = nullable)]
+    pub source_ref: Option<String>,
+    #[ts(optional = nullable)]
+    pub awarded_at: Option<i64>,
+    #[ts(optional = nullable)]
+    pub source_summary: Option<String>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, Default, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarAdminCapabilitiesReadParams {}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarAdminCapabilitiesReadResponse {
+    pub can_grant_awards: bool,
+    pub can_grant_proof_drop_boxes: bool,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarBoxOddsBucket {
+    pub bucket_id: String,
+    pub label: String,
+    pub probability_percent: i64,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarPityState {
+    pub rolls_since_rare_or_better: i64,
+    pub rolls_since_legendary: i64,
+    pub non_new_outcome_streak: i64,
+    pub guaranteed_new_available: bool,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarBoxRules {
+    pub ruleset_version: String,
+    pub odds_table_version: String,
+    pub rare_or_better_pity_threshold: i64,
+    pub legendary_pity_threshold: i64,
+    pub guaranteed_new_threshold: i64,
+    pub odds: Vec<CodexAvatarBoxOddsBucket>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarRevealAward {
+    pub award_id: String,
+    pub awarded_at: i64,
+    pub source_type: String,
+    pub source_ref: Option<String>,
+    pub source_summary: Option<String>,
+    pub outcome_kind: String,
+    pub outcome_avatar_id: Option<String>,
+    pub metadata_json: Option<String>,
+    pub pity_state_after: CodexAvatarPityState,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct CodexAvatarInventoryReadResponse {
+    pub account_user_id: String,
+    pub avatar_definitions: Vec<CodexAvatarDefinition>,
+    pub owned_avatars: Vec<CodexAvatarOwnership>,
+    pub equipped_avatar_id: String,
+    pub box_rules: CodexAvatarBoxRules,
+    pub pity_state: CodexAvatarPityState,
+    pub pending_reveal_awards: Vec<CodexAvatarRevealAward>,
+    pub updated_at: i64,
+}
+
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]
@@ -1951,18 +2127,6 @@ pub struct ListMcpServerStatusParams {
    /// Optional page size; defaults to a server-defined value.
    #[ts(optional = nullable)]
    pub limit: Option<u32>,
-    /// Controls how much MCP inventory data to fetch for each server.
-    /// Defaults to `Full` when omitted.
-    #[ts(optional = nullable)]
-    pub detail: Option<McpServerStatusDetail>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(rename_all = "camelCase", export_to = "v2/")]
-pub enum McpServerStatusDetail {
-    Full,
-    ToolsAndAuthOnly,
 }

 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
@@ -1986,22 +2150,6 @@ pub struct ListMcpServerStatusResponse {
    pub next_cursor: Option<String>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct McpResourceReadParams {
-    pub thread_id: String,
-    pub server: String,
-    pub uri: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct McpResourceReadResponse {
-    pub contents: Vec<McpResourceContent>,
-}
-
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]
@@ -3606,8 +3754,6 @@ impl From<CoreSkillErrorInfo> for SkillErrorInfo {
 #[ts(export_to = "v2/")]
 pub struct Thread {
    pub id: String,
-    /// Source thread id when this thread was created by forking another thread.
-    pub forked_from_id: Option<String>,
    /// Usually the first user message in the thread, if available.
    pub preview: String,
    /// Whether the thread is ephemeral and should not be materialized on disk.
@@ -3723,15 +3869,6 @@ pub struct Turn {
    pub status: TurnStatus,
    /// Only populated when the Turn's status is failed.
    pub error: Option<TurnError>,
-    /// Unix timestamp (in seconds) when the turn started.
-    #[ts(type = "number | null")]
-    pub started_at: Option<i64>,
-    /// Unix timestamp (in seconds) when the turn completed.
-    #[ts(type = "number | null")]
-    pub completed_at: Option<i64>,
-    /// Duration between turn start and completion in milliseconds, if known.
-    #[ts(type = "number | null")]
-    pub duration_ms: Option<i64>,
 }

 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
@@ -4490,237 +4627,14 @@ impl From<CoreGuardianRiskLevel> for GuardianRiskLevel {
 #[ts(export_to = "v2/")]
 pub struct GuardianApprovalReview {
    pub status: GuardianApprovalReviewStatus,
+    #[serde(alias = "risk_score")]
    #[ts(type = "number | null")]
    pub risk_score: Option<u8>,
+    #[serde(alias = "risk_level")]
    pub risk_level: Option<GuardianRiskLevel>,
    pub rationale: Option<String>,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub enum GuardianCommandSource {
-    Shell,
-    UnifiedExec,
-}
-
-impl From<CoreGuardianCommandSource> for GuardianCommandSource {
-    fn from(value: CoreGuardianCommandSource) -> Self {
-        match value {
-            CoreGuardianCommandSource::Shell => Self::Shell,
-            CoreGuardianCommandSource::UnifiedExec => Self::UnifiedExec,
-        }
-    }
-}
-
-impl From<GuardianCommandSource> for CoreGuardianCommandSource {
-    fn from(value: GuardianCommandSource) -> Self {
-        match value {
-            GuardianCommandSource::Shell => Self::Shell,
-            GuardianCommandSource::UnifiedExec => Self::UnifiedExec,
-        }
-    }
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct GuardianCommandReviewAction {
-    pub source: GuardianCommandSource,
-    pub command: String,
-    pub cwd: PathBuf,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct GuardianExecveReviewAction {
-    pub source: GuardianCommandSource,
-    pub program: String,
-    pub argv: Vec<String>,
-    pub cwd: PathBuf,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct GuardianApplyPatchReviewAction {
-    pub cwd: PathBuf,
-    pub files: Vec<PathBuf>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct GuardianNetworkAccessReviewAction {
-    pub target: String,
-    pub host: String,
-    pub protocol: NetworkApprovalProtocol,
-    pub port: u16,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct GuardianMcpToolCallReviewAction {
-    pub server: String,
-    pub tool_name: String,
-    pub connector_id: Option<String>,
-    pub connector_name: Option<String>,
-    pub tool_title: Option<String>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(tag = "type", rename_all = "camelCase")]
-#[ts(tag = "type", rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub enum GuardianApprovalReviewAction {
-    #[serde(rename_all = "camelCase")]
-    #[ts(rename_all = "camelCase")]
-    Command {
-        source: GuardianCommandSource,
-        command: String,
-        cwd: PathBuf,
-    },
-    #[serde(rename_all = "camelCase")]
-    #[ts(rename_all = "camelCase")]
-    Execve {
-        source: GuardianCommandSource,
-        program: String,
-        argv: Vec<String>,
-        cwd: PathBuf,
-    },
-    #[serde(rename_all = "camelCase")]
-    #[ts(rename_all = "camelCase")]
-    ApplyPatch { cwd: PathBuf, files: Vec<PathBuf> },
-    #[serde(rename_all = "camelCase")]
-    #[ts(rename_all = "camelCase")]
-    NetworkAccess {
-        target: String,
-        host: String,
-        protocol: NetworkApprovalProtocol,
-        port: u16,
-    },
-    #[serde(rename_all = "camelCase")]
-    #[ts(rename_all = "camelCase")]
-    McpToolCall {
-        server: String,
-        tool_name: String,
-        connector_id: Option<String>,
-        connector_name: Option<String>,
-        tool_title: Option<String>,
-    },
-}
-
-impl From<CoreGuardianAssessmentAction> for GuardianApprovalReviewAction {
-    fn from(value: CoreGuardianAssessmentAction) -> Self {
-        match value {
-            CoreGuardianAssessmentAction::Command {
-                source,
-                command,
-                cwd,
-            } => Self::Command {
-                source: source.into(),
-                command,
-                cwd,
-            },
-            CoreGuardianAssessmentAction::Execve {
-                source,
-                program,
-                argv,
-                cwd,
-            } => Self::Execve {
-                source: source.into(),
-                program,
-                argv,
-                cwd,
-            },
-            CoreGuardianAssessmentAction::ApplyPatch { cwd, files } => {
-                Self::ApplyPatch { cwd, files }
-            }
-            CoreGuardianAssessmentAction::NetworkAccess {
-                target,
-                host,
-                protocol,
-                port,
-            } => Self::NetworkAccess {
-                target,
-                host,
-                protocol: protocol.into(),
-                port,
-            },
-            CoreGuardianAssessmentAction::McpToolCall {
-                server,
-                tool_name,
-                connector_id,
-                connector_name,
-                tool_title,
-            } => Self::McpToolCall {
-                server,
-                tool_name,
-                connector_id,
-                connector_name,
-                tool_title,
-            },
-        }
-    }
-}
-
-impl From<GuardianApprovalReviewAction> for CoreGuardianAssessmentAction {
-    fn from(value: GuardianApprovalReviewAction) -> Self {
-        match value {
-            GuardianApprovalReviewAction::Command {
-                source,
-                command,
-                cwd,
-            } => Self::Command {
-                source: source.into(),
-                command,
-                cwd,
-            },
-            GuardianApprovalReviewAction::Execve {
-                source,
-                program,
-                argv,
-                cwd,
-            } => Self::Execve {
-                source: source.into(),
-                program,
-                argv,
-                cwd,
-            },
-            GuardianApprovalReviewAction::ApplyPatch { cwd, files } => {
-                Self::ApplyPatch { cwd, files }
-            }
-            GuardianApprovalReviewAction::NetworkAccess {
-                target,
-                host,
-                protocol,
-                port,
-            } => Self::NetworkAccess {
-                target,
-                host,
-                protocol: protocol.to_core(),
-                port,
-            },
-            GuardianApprovalReviewAction::McpToolCall {
-                server,
-                tool_name,
-                connector_id,
-                connector_name,
-                tool_title,
-            } => Self::McpToolCall {
-                server,
-                tool_name,
-                connector_id,
-                connector_name,
-                tool_title,
-            },
-        }
-    }
-}
-
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(tag = "type", rename_all = "camelCase")]
 #[ts(tag = "type", rename_all = "camelCase")]
@@ -5201,7 +5115,7 @@ pub struct ItemGuardianApprovalReviewStartedNotification {
    pub turn_id: String,
    pub target_item_id: String,
    pub review: GuardianApprovalReview,
-    pub action: GuardianApprovalReviewAction,
+    pub action: Option<JsonValue>,
 }

 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
@@ -5218,7 +5132,7 @@ pub struct ItemGuardianApprovalReviewCompletedNotification {
    pub turn_id: String,
    pub target_item_id: String,
    pub review: GuardianApprovalReview,
-    pub action: GuardianApprovalReviewAction,
+    pub action: Option<JsonValue>,
 }

 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
@@ -7356,7 +7270,6 @@ mod tests {
                    request_permissions: false,
                    mcp_elicitations: false,
                }]),
-                allowed_approvals_reviewers: None,
                allowed_sandbox_modes: None,
                allowed_web_search_modes: None,
                feature_requirements: None,
@@ -7756,6 +7669,26 @@ mod tests {
        );
    }

+    #[test]
+    fn automatic_approval_review_deserializes_legacy_snake_case_risk_fields() {
+        let review: GuardianApprovalReview = serde_json::from_value(json!({
+            "status": "denied",
+            "risk_score": 91,
+            "risk_level": "high",
+            "rationale": "too risky"
+        }))
+        .expect("legacy snake_case automatic review should deserialize");
+        assert_eq!(
+            review,
+            GuardianApprovalReview {
+                status: GuardianApprovalReviewStatus::Denied,
+                risk_score: Some(91),
+                risk_level: Some(GuardianRiskLevel::High),
+                rationale: Some("too risky".to_string()),
+            }
+        );
+    }
+
    #[test]
    fn automatic_approval_review_deserializes_aborted_status() {
        let review: GuardianApprovalReview = serde_json::from_value(json!({
@@ -7776,31 +7709,6 @@ mod tests {
        );
    }

-    #[test]
-    fn guardian_approval_review_action_round_trips_command_shape() {
-        let value = json!({
-            "type": "command",
-            "source": "shell",
-            "command": "rm -rf /tmp/example.sqlite",
-            "cwd": "/tmp",
-        });
-        let action: GuardianApprovalReviewAction =
-            serde_json::from_value(value.clone()).expect("guardian review action");
-
-        assert_eq!(
-            action,
-            GuardianApprovalReviewAction::Command {
-                source: GuardianCommandSource::Shell,
-                command: "rm -rf /tmp/example.sqlite".to_string(),
-                cwd: "/tmp".into(),
-            }
-        );
-        assert_eq!(
-            serde_json::to_value(&action).expect("serialize guardian review action"),
-            value
-        );
-    }
-
    #[test]
    fn network_requirements_deserializes_legacy_fields() {
        let requirements: NetworkRequirements = serde_json::from_value(json!({
@@ -7821,7 +7729,6 @@ mod tests {
                dangerously_allow_all_unix_sockets: None,
                domains: None,
                managed_allowed_domains_only: None,
-                danger_full_access_denylist_only: None,
                allowed_domains: Some(vec!["api.openai.com".to_string()]),
                denied_domains: Some(vec!["blocked.example.com".to_string()]),
                unix_sockets: None,
@@ -7848,7 +7755,6 @@ mod tests {
                ),
            ])),
            managed_allowed_domains_only: Some(true),
-            danger_full_access_denylist_only: Some(true),
            allowed_domains: Some(vec!["api.openai.com".to_string()]),
            denied_domains: Some(vec!["blocked.example.com".to_string()]),
            unix_sockets: Some(BTreeMap::from([
@@ -7879,7 +7785,6 @@ mod tests {
                    "blocked.example.com": "deny"
                },
                "managedAllowedDomainsOnly": true,
-                "dangerFullAccessDenylistOnly": true,
                "allowedDomains": ["api.openai.com"],
                "deniedDomains": ["blocked.example.com"],
                "unixSockets": {
--- a/codex-rs/app-server-protocol/src/schema_fixtures.rs
+++ b/codex-rs/app-server-protocol/src/schema_fixtures.rs
@@ -7,6 +7,7 @@ use crate::export::filter_experimental_ts_tree;
 use crate::export::generate_index_ts_tree;
 use crate::protocol::common::visit_client_response_types;
 use crate::protocol::common::visit_server_response_types;
+use crate::protocol::v2::CodexAvatarAward;
 use anyhow::Context;
 use anyhow::Result;
 use serde_json::Map;
@@ -65,6 +66,7 @@ pub fn generate_typescript_schema_fixture_subtree_for_tests() -> Result<BTreeMap
        visit_server_response_types(visitor);
    })?;
    collect_typescript_fixture_file::<ServerNotification>(&mut files, &mut seen)?;
+    collect_typescript_fixture_file::<CodexAvatarAward>(&mut files, &mut seen)?;

    filter_experimental_ts_tree(&mut files)?;
    generate_index_ts_tree(&mut files);
--- a/codex-rs/app-server/BUILD.bazel
+++ b/codex-rs/app-server/BUILD.bazel
@@ -3,6 +3,5 @@ load("//:defs.bzl", "codex_rust_crate")
 codex_rust_crate(
    name = "app-server",
    crate_name = "codex_app_server",
-    integration_test_timeout = "long",
    test_tags = ["no-sandbox"],
 )
--- a/codex-rs/app-server/Cargo.toml
+++ b/codex-rs/app-server/Cargo.toml
@@ -29,10 +29,8 @@ axum = { workspace = true, default-features = false, features = [
    "tokio",
    "ws",
 ] }
-codex-analytics = { workspace = true }
 codex-arg0 = { workspace = true }
 codex-cloud-requirements = { workspace = true }
-codex-config = { workspace = true }
 codex-core = { workspace = true }
 codex-exec-server = { workspace = true }
 codex-features = { workspace = true }
@@ -45,24 +43,19 @@ codex-backend-client = { workspace = true }
 codex-file-search = { workspace = true }
 codex-chatgpt = { workspace = true }
 codex-login = { workspace = true }
-codex-mcp = { workspace = true }
-codex-models-manager = { workspace = true }
 codex-protocol = { workspace = true }
 codex-app-server-protocol = { workspace = true }
 codex-feedback = { workspace = true }
 codex-rmcp-client = { workspace = true }
-codex-rollout = { workspace = true }
 codex-sandboxing = { workspace = true }
 codex-state = { workspace = true }
 codex-tools = { workspace = true }
 codex-utils-absolute-path = { workspace = true }
 codex-utils-json-to-toml = { workspace = true }
-codex-utils-rustls-provider = { workspace = true }
 chrono = { workspace = true }
 clap = { workspace = true, features = ["derive"] }
 constant_time_eq = { workspace = true }
 futures = { workspace = true }
-gethostname = { workspace = true }
 hmac = { workspace = true }
 jsonwebtoken = { workspace = true }
 owo-colors = { workspace = true, features = ["supports-colors"] }
@@ -83,7 +76,6 @@ tokio-util = { workspace = true }
 tokio-tungstenite = { workspace = true }
 tracing = { workspace = true, features = ["log"] }
 tracing-subscriber = { workspace = true, features = ["env-filter", "fmt", "json"] }
-url = { workspace = true }
 uuid = { workspace = true, features = ["serde", "v7"] }

 [dev-dependencies]
--- a/codex-rs/app-server/README.md
+++ b/codex-rs/app-server/README.md
@@ -25,7 +25,6 @@ Supported transports:

 - stdio (`--listen stdio://`, default): newline-delimited JSON (JSONL)
 - websocket (`--listen ws://IP:PORT`): one JSON-RPC message per websocket text frame (**experimental / unsupported**)
- off (`--listen off`): do not expose a local transport

 When running with `--listen ws://IP:PORT`, the same listener also serves basic HTTP health probes:

@@ -133,9 +132,9 @@ Example with notification opt-out:

 ## API Overview

- `thread/start` — create a new thread; emits `thread/started` (including the current `thread.status`) and auto-subscribes you to turn/item events for that thread. When the request includes a `cwd` and the resolved sandbox is `workspace-write` or full access, app-server also marks that project as trusted in the user `config.toml`.
+- `thread/start` — create a new thread; emits `thread/started` (including the current `thread.status`) and auto-subscribes you to turn/item events for that thread.
 - `thread/resume` — reopen an existing thread by id so subsequent `turn/start` calls append to it.
- `thread/fork` — fork an existing thread into a new thread id by copying the stored history; if the source thread is currently mid-turn, the fork records the same interruption marker as `turn/interrupt` instead of inheriting an unmarked partial turn suffix. The returned `thread.forkedFromId` points at the source thread when known. Accepts `ephemeral: true` for an in-memory temporary fork, emits `thread/started` (including the current `thread.status`), and auto-subscribes you to turn/item events for the new thread.
+- `thread/fork` — fork an existing thread into a new thread id by copying the stored history; if the source thread is currently mid-turn, the fork records the same interruption marker as `turn/interrupt` instead of inheriting an unmarked partial turn suffix. Accepts `ephemeral: true` for an in-memory temporary fork, emits `thread/started` (including the current `thread.status`), and auto-subscribes you to turn/item events for the new thread.
 - `thread/list` — page through stored rollouts; supports cursor-based pagination and optional `modelProviders`, `sourceKinds`, `archived`, `cwd`, and `searchTerm` filters. Each returned `thread` includes `status` (`ThreadStatus`), defaulting to `notLoaded` when the thread is not currently loaded.
 - `thread/loaded/list` — list the thread ids currently loaded in memory.
 - `thread/read` — read a stored thread by id without resuming it; optionally include turns via `includeTurns`. The returned `thread` includes `status` (`ThreadStatus`), defaulting to `notLoaded` when the thread is not currently loaded.
@@ -187,8 +186,7 @@ Example with notification opt-out:
 - `mcpServer/oauth/login` — start an OAuth login for a configured MCP server; returns an `authorization_url` and later emits `mcpServer/oauthLogin/completed` once the browser flow finishes.
 - `tool/requestUserInput` — prompt the user with 1–3 short questions for a tool call and return their answers (experimental).
 - `config/mcpServer/reload` — reload MCP server config from disk and queue a refresh for loaded threads (applied on each thread's next active turn); returns `{}`. Use this after editing `config.toml` without restarting the server.
- `mcpServerStatus/list` — enumerate configured MCP servers with their tools and auth status, plus resources/resource templates for `full` detail; supports cursor+limit pagination. If `detail` is omitted, the server defaults to `full`.
- `mcpServer/resource/read` — read a resource from a thread's configured MCP server by `threadId`, `server`, and `uri`, returning text/blob resource `contents`.
+- `mcpServerStatus/list` — enumerate configured MCP servers with their tools, resources, resource templates, and auth status; supports cursor+limit pagination.
 - `windowsSandbox/setupStart` — start Windows sandbox setup for the selected mode (`elevated` or `unelevated`); accepts an optional absolute `cwd` to target setup for a specific workspace, returns `{ started: true }` immediately, and later emits `windowsSandbox/setupCompleted`.
 - `feedback/upload` — submit a feedback report (classification + optional reason/logs, conversation_id, and optional `extraLogFiles` attachments array); returns the tracking thread id.
 - `config/read` — fetch the effective config on disk after resolving config layering.
@@ -196,7 +194,7 @@ Example with notification opt-out:
 - `externalAgentConfig/import` — apply selected external-agent migration items by passing explicit `migrationItems` with `cwd` (`null` for home).
 - `config/value/write` — write a single config key/value to the user's config.toml on disk.
 - `config/batchWrite` — apply multiple config edits atomically to the user's config.toml on disk, with optional `reloadUserConfig: true` to hot-reload loaded threads.
- `configRequirements/read` — fetch loaded requirements constraints from `requirements.toml` and/or MDM (or `null` if none are configured), including allow-lists (`allowedApprovalPolicies`, `allowedSandboxModes`, `allowedWebSearchModes`), pinned feature values (`featureRequirements`), `enforceResidency`, and `network` constraints such as canonical domain/socket permissions plus `managedAllowedDomainsOnly` and `dangerFullAccessDenylistOnly`.
+- `configRequirements/read` — fetch loaded requirements constraints from `requirements.toml` and/or MDM (or `null` if none are configured), including allow-lists (`allowedApprovalPolicies`, `allowedSandboxModes`, `allowedWebSearchModes`), pinned feature values (`featureRequirements`), `enforceResidency`, and `network` constraints such as canonical domain/socket permissions plus `managedAllowedDomainsOnly`.

 ### Example: Start or resume a thread

@@ -275,7 +273,7 @@ Experimental API: `thread/start`, `thread/resume`, and `thread/fork` accept `per
 - `modelProviders` — restrict results to specific providers; unset, null, or an empty array will include all providers.
 - `sourceKinds` — restrict results to specific sources; omit or pass `[]` for interactive sessions only (`cli`, `vscode`).
 - `archived` — when `true`, list archived threads only. When `false` or `null`, list non-archived threads (default).
- `cwd` — restrict results to threads whose session cwd exactly matches this path. Relative paths are resolved against the app-server process cwd before matching.
+- `cwd` — restrict results to threads whose session cwd exactly matches this path.
 - `searchTerm` — restrict results to threads whose extracted title contains this substring (case-sensitive).
 - Responses include `agentNickname` and `agentRole` for AgentControl-spawned thread sub-agents when available.

@@ -915,10 +913,10 @@ All items emit shared lifecycle events:

 - `item/started` — emits the full `item` when a new unit of work begins so the UI can render it immediately; the `item.id` in this payload matches the `itemId` used by deltas.
 - `item/completed` — sends the final `item` once that work itself finishes (for example, after a tool call or message completes); treat this as the authoritative execution/result state.
- `item/autoApprovalReview/started` — [UNSTABLE] temporary guardian notification carrying `{threadId, turnId, targetItemId, review, action}` when guardian approval review begins. This shape is expected to change soon.
- `item/autoApprovalReview/completed` — [UNSTABLE] temporary guardian notification carrying `{threadId, turnId, targetItemId, review, action}` when guardian approval review resolves. This shape is expected to change soon.
+- `item/autoApprovalReview/started` — [UNSTABLE] temporary guardian notification carrying `{threadId, turnId, targetItemId, review, action?}` when guardian approval review begins. This shape is expected to change soon.
+- `item/autoApprovalReview/completed` — [UNSTABLE] temporary guardian notification carrying `{threadId, turnId, targetItemId, review, action?}` when guardian approval review resolves. This shape is expected to change soon.

-`review` is [UNSTABLE] and currently has `{status, riskScore?, riskLevel?, rationale?}`, where `status` is one of `inProgress`, `approved`, `denied`, or `aborted`. `action` is a tagged union with `type: "command" | "execve" | "applyPatch" | "networkAccess" | "mcpToolCall"`. Command-like actions include a `source` discriminator (`"shell"` or `"unifiedExec"`). These notifications are separate from the target item's own `item/completed` lifecycle and are intentionally temporary while the guardian app protocol is still being designed.
+`review` is [UNSTABLE] and currently has `{status, riskScore?, riskLevel?, rationale?}`, where `status` is one of `inProgress`, `approved`, `denied`, or `aborted`. `action` is the guardian action summary payload from core when available and is intended to support temporary standalone pending-review UI. These notifications are separate from the target item's own `item/completed` lifecycle and are intentionally temporary while the guardian app protocol is still being designed.

 There are additional item-specific events:

--- a/codex-rs/app-server/src/app_server_tracing.rs
+++ b/codex-rs/app-server/src/app_server_tracing.rs
@@ -86,7 +86,6 @@ fn transport_name(transport: AppServerTransport) -> &'static str {
    match transport {
        AppServerTransport::Stdio => "stdio",
        AppServerTransport::WebSocket { .. } => "websocket",
-        AppServerTransport::Off => "off",
    }
 }

--- a/codex-rs/app-server/src/avatar_rpc.rs
+++ b/codex-rs/app-server/src/avatar_rpc.rs
@@ -0,0 +1,284 @@
+use crate::error_code::INTERNAL_ERROR_CODE;
+use crate::error_code::INVALID_REQUEST_ERROR_CODE;
+use codex_app_server_protocol::CodexAvatarAdminAwardGrantParams;
+use codex_app_server_protocol::CodexAvatarAdminCapabilitiesReadResponse;
+use codex_app_server_protocol::CodexAvatarAdminProofDropGrantParams;
+use codex_app_server_protocol::CodexAvatarBoxOddsBucket;
+use codex_app_server_protocol::CodexAvatarBoxRules;
+use codex_app_server_protocol::CodexAvatarDefinition;
+use codex_app_server_protocol::CodexAvatarEquipParams;
+use codex_app_server_protocol::CodexAvatarInventoryReadResponse;
+use codex_app_server_protocol::CodexAvatarOwnership;
+use codex_app_server_protocol::CodexAvatarPityState;
+use codex_app_server_protocol::CodexAvatarRarity;
+use codex_app_server_protocol::CodexAvatarRevealAward;
+use codex_app_server_protocol::CodexAvatarStatus;
+use codex_app_server_protocol::JSONRPCErrorError;
+use codex_backend_client::Client as BackendClient;
+use codex_backend_client::CodexAvatarAdminAwardGrantRequest as BackendAvatarAdminAwardGrantRequest;
+use codex_backend_client::CodexAvatarAdminCapabilitiesResponse as BackendAvatarAdminCapabilitiesResponse;
+use codex_backend_client::CodexAvatarAdminProofDropGrantRequest as BackendAvatarAdminProofDropGrantRequest;
+use codex_backend_client::CodexAvatarBoxOddsBucket as BackendAvatarBoxOddsBucket;
+use codex_backend_client::CodexAvatarBoxRules as BackendAvatarBoxRules;
+use codex_backend_client::CodexAvatarDefinition as BackendAvatarDefinition;
+use codex_backend_client::CodexAvatarInventoryResponse as BackendAvatarInventoryResponse;
+use codex_backend_client::CodexAvatarOwnership as BackendAvatarOwnership;
+use codex_backend_client::CodexAvatarPityState as BackendAvatarPityState;
+use codex_backend_client::CodexAvatarRarity as BackendAvatarRarity;
+use codex_backend_client::CodexAvatarRevealAward as BackendAvatarRevealAward;
+use codex_backend_client::CodexAvatarStatus as BackendAvatarStatus;
+use codex_backend_client::RequestError;
+use codex_core::AuthManager;
+use serde_json::Value;
+
+pub(crate) async fn read_avatar_inventory(
+    auth_manager: &AuthManager,
+    chatgpt_base_url: &str,
+) -> Result<CodexAvatarInventoryReadResponse, JSONRPCErrorError> {
+    let client = avatar_backend_client(auth_manager, chatgpt_base_url).await?;
+    let response = client
+        .get_avatar_inventory()
+        .await
+        .map_err(|err| backend_avatar_error("read avatar inventory", err))?;
+    Ok(map_avatar_inventory_response(response))
+}
+
+pub(crate) async fn equip_avatar(
+    auth_manager: &AuthManager,
+    chatgpt_base_url: &str,
+    params: CodexAvatarEquipParams,
+) -> Result<CodexAvatarInventoryReadResponse, JSONRPCErrorError> {
+    let client = avatar_backend_client(auth_manager, chatgpt_base_url).await?;
+    let response = client
+        .equip_avatar(params.avatar_id)
+        .await
+        .map_err(|err| backend_avatar_error("equip avatar", err))?;
+    Ok(map_avatar_inventory_response(response))
+}
+
+pub(crate) async fn grant_admin_avatar_award(
+    auth_manager: &AuthManager,
+    chatgpt_base_url: &str,
+    params: CodexAvatarAdminAwardGrantParams,
+) -> Result<CodexAvatarInventoryReadResponse, JSONRPCErrorError> {
+    let client = avatar_backend_client(auth_manager, chatgpt_base_url).await?;
+    let response = client
+        .grant_admin_avatar_award(BackendAvatarAdminAwardGrantRequest {
+            account_user_id: params.account_user_id,
+            award_id: params.award_id,
+            avatar_id: params.avatar_id,
+            source_type: params.source_type,
+            source_ref: params.source_ref,
+            awarded_at: params.awarded_at,
+            awarded_by: params.awarded_by,
+            metadata_json: params.metadata_json,
+            source_summary: params.source_summary,
+        })
+        .await
+        .map_err(|err| backend_avatar_error("grant avatar award", err))?;
+    Ok(map_avatar_inventory_response(response))
+}
+
+pub(crate) async fn grant_admin_avatar_proof_drop(
+    auth_manager: &AuthManager,
+    chatgpt_base_url: &str,
+    params: CodexAvatarAdminProofDropGrantParams,
+) -> Result<CodexAvatarInventoryReadResponse, JSONRPCErrorError> {
+    let client = avatar_backend_client(auth_manager, chatgpt_base_url).await?;
+    let response = client
+        .grant_admin_avatar_proof_drop(BackendAvatarAdminProofDropGrantRequest {
+            account_user_id: params.account_user_id,
+            award_id: params.award_id,
+            source_type: params.source_type,
+            source_ref: params.source_ref,
+            awarded_at: params.awarded_at,
+            source_summary: params.source_summary,
+        })
+        .await
+        .map_err(|err| backend_avatar_error("grant proof-drop box", err))?;
+    Ok(map_avatar_inventory_response(response))
+}
+
+pub(crate) async fn read_avatar_admin_capabilities(
+    auth_manager: &AuthManager,
+    chatgpt_base_url: &str,
+) -> Result<CodexAvatarAdminCapabilitiesReadResponse, JSONRPCErrorError> {
+    let client = avatar_backend_client(auth_manager, chatgpt_base_url).await?;
+    let response = client
+        .get_avatar_admin_capabilities()
+        .await
+        .map_err(|err| backend_avatar_error("read avatar admin capabilities", err))?;
+    Ok(map_avatar_admin_capabilities_response(response))
+}
+
+async fn avatar_backend_client(
+    auth_manager: &AuthManager,
+    chatgpt_base_url: &str,
+) -> Result<BackendClient, JSONRPCErrorError> {
+    let Some(auth) = auth_manager.auth().await else {
+        return Err(JSONRPCErrorError {
+            code: INVALID_REQUEST_ERROR_CODE,
+            message: "codex account authentication required to manage avatars".to_string(),
+            data: None,
+        });
+    };
+
+    if !auth.is_chatgpt_auth() {
+        return Err(JSONRPCErrorError {
+            code: INVALID_REQUEST_ERROR_CODE,
+            message: "chatgpt authentication required to manage avatars".to_string(),
+            data: None,
+        });
+    }
+
+    BackendClient::from_auth(chatgpt_base_url.to_string(), &auth).map_err(|err| JSONRPCErrorError {
+        code: INTERNAL_ERROR_CODE,
+        message: format!("failed to construct backend client: {err}"),
+        data: None,
+    })
+}
+
+fn backend_avatar_error(action: &str, err: RequestError) -> JSONRPCErrorError {
+    match &err {
+        RequestError::UnexpectedStatus { status, body, .. }
+            if status.as_u16() == 400 || status.as_u16() == 403 =>
+        {
+            JSONRPCErrorError {
+                code: INVALID_REQUEST_ERROR_CODE,
+                message: avatar_error_detail(body)
+                    .unwrap_or_else(|| format!("failed to {action}: {err}")),
+                data: None,
+            }
+        }
+        _ => JSONRPCErrorError {
+            code: INTERNAL_ERROR_CODE,
+            message: format!("failed to {action}: {err}"),
+            data: None,
+        },
+    }
+}
+
+fn avatar_error_detail(body: &str) -> Option<String> {
+    let value: Value = serde_json::from_str(body).ok()?;
+    value
+        .get("detail")
+        .and_then(Value::as_str)
+        .map(str::to_string)
+}
+
+fn map_avatar_inventory_response(
+    response: BackendAvatarInventoryResponse,
+) -> CodexAvatarInventoryReadResponse {
+    CodexAvatarInventoryReadResponse {
+        account_user_id: response.account_user_id,
+        avatar_definitions: response
+            .avatar_definitions
+            .into_iter()
+            .map(map_avatar_definition)
+            .collect(),
+        owned_avatars: response
+            .owned_avatars
+            .into_iter()
+            .map(map_avatar_ownership)
+            .collect(),
+        equipped_avatar_id: response.equipped_avatar_id,
+        box_rules: map_avatar_box_rules(response.box_rules),
+        pity_state: map_avatar_pity_state(response.pity_state),
+        pending_reveal_awards: response
+            .pending_reveal_awards
+            .into_iter()
+            .map(map_avatar_reveal_award)
+            .collect(),
+        updated_at: response.updated_at,
+    }
+}
+
+fn map_avatar_admin_capabilities_response(
+    response: BackendAvatarAdminCapabilitiesResponse,
+) -> CodexAvatarAdminCapabilitiesReadResponse {
+    CodexAvatarAdminCapabilitiesReadResponse {
+        can_grant_awards: response.can_grant_awards,
+        can_grant_proof_drop_boxes: response.can_grant_proof_drop_boxes,
+    }
+}
+
+fn map_avatar_box_rules(rules: BackendAvatarBoxRules) -> CodexAvatarBoxRules {
+    CodexAvatarBoxRules {
+        ruleset_version: rules.ruleset_version,
+        odds_table_version: rules.odds_table_version,
+        rare_or_better_pity_threshold: rules.rare_or_better_pity_threshold,
+        legendary_pity_threshold: rules.legendary_pity_threshold,
+        guaranteed_new_threshold: rules.guaranteed_new_threshold,
+        odds: rules
+            .odds
+            .into_iter()
+            .map(map_avatar_box_odds_bucket)
+            .collect(),
+    }
+}
+
+fn map_avatar_box_odds_bucket(bucket: BackendAvatarBoxOddsBucket) -> CodexAvatarBoxOddsBucket {
+    CodexAvatarBoxOddsBucket {
+        bucket_id: bucket.bucket_id,
+        label: bucket.label,
+        probability_percent: bucket.probability_percent,
+    }
+}
+
+fn map_avatar_pity_state(pity_state: BackendAvatarPityState) -> CodexAvatarPityState {
+    CodexAvatarPityState {
+        rolls_since_rare_or_better: pity_state.rolls_since_rare_or_better,
+        rolls_since_legendary: pity_state.rolls_since_legendary,
+        non_new_outcome_streak: pity_state.non_new_outcome_streak,
+        guaranteed_new_available: pity_state.guaranteed_new_available,
+    }
+}
+
+fn map_avatar_reveal_award(award: BackendAvatarRevealAward) -> CodexAvatarRevealAward {
+    CodexAvatarRevealAward {
+        award_id: award.award_id,
+        awarded_at: award.awarded_at,
+        source_type: award.source_type,
+        source_ref: award.source_ref,
+        source_summary: award.source_summary,
+        outcome_kind: award.outcome_kind,
+        outcome_avatar_id: award.outcome_avatar_id,
+        metadata_json: award.metadata_json,
+        pity_state_after: map_avatar_pity_state(award.pity_state_after),
+    }
+}
+
+fn map_avatar_definition(definition: BackendAvatarDefinition) -> CodexAvatarDefinition {
+    CodexAvatarDefinition {
+        avatar_id: definition.avatar_id,
+        display_name: definition.display_name,
+        description: definition.description,
+        rarity: match definition.rarity {
+            BackendAvatarRarity::Common => CodexAvatarRarity::Common,
+            BackendAvatarRarity::Rare => CodexAvatarRarity::Rare,
+            BackendAvatarRarity::Epic => CodexAvatarRarity::Epic,
+            BackendAvatarRarity::Legendary => CodexAvatarRarity::Legendary,
+        },
+        asset_ref: definition.asset_ref,
+        status: match definition.status {
+            BackendAvatarStatus::Active => CodexAvatarStatus::Active,
+            BackendAvatarStatus::Hidden => CodexAvatarStatus::Hidden,
+            BackendAvatarStatus::Retired => CodexAvatarStatus::Retired,
+        },
+        sort_order: definition.sort_order,
+        collection_name: definition.collection_name,
+        collection_description: definition.collection_description,
+        lore: definition.lore,
+        accent_class_name: definition.accent_class_name,
+        silhouette_glow_class_name: definition.silhouette_glow_class_name,
+        is_progress_visible: definition.is_progress_visible,
+    }
+}
+
+fn map_avatar_ownership(ownership: BackendAvatarOwnership) -> CodexAvatarOwnership {
+    CodexAvatarOwnership {
+        account_user_id: ownership.account_user_id,
+        avatar_id: ownership.avatar_id,
+        source_summary: ownership.source_summary,
+    }
+}
--- a/codex-rs/app-server/src/bespoke_event_handling.rs
+++ b/codex-rs/app-server/src/bespoke_event_handling.rs
--- a/codex-rs/app-server/src/codex_message_processor.rs
+++ b/codex-rs/app-server/src/codex_message_processor.rs
@@ -1,3 +1,4 @@
+use crate::avatar_rpc;
 use crate::bespoke_event_handling::apply_bespoke_event_handling;
 use crate::command_exec::CommandExecManager;
 use crate::command_exec::StartCommandExecParams;
@@ -20,7 +21,6 @@ use crate::thread_status::resolve_thread_status;
 use chrono::DateTime;
 use chrono::SecondsFormat;
 use chrono::Utc;
-use codex_analytics::AnalyticsEventsClient;
 use codex_app_server_protocol::Account;
 use codex_app_server_protocol::AccountLoginCompletedNotification;
 use codex_app_server_protocol::AccountUpdatedNotification;
@@ -29,12 +29,14 @@ use codex_app_server_protocol::AppsListParams;
 use codex_app_server_protocol::AppsListResponse;
 use codex_app_server_protocol::AskForApproval;
 use codex_app_server_protocol::AuthMode;
-use codex_app_server_protocol::AuthMode as CoreAuthMode;
 use codex_app_server_protocol::CancelLoginAccountParams;
 use codex_app_server_protocol::CancelLoginAccountResponse;
 use codex_app_server_protocol::CancelLoginAccountStatus;
 use codex_app_server_protocol::ClientRequest;
 use codex_app_server_protocol::ClientResponse;
+use codex_app_server_protocol::CodexAvatarAdminAwardGrantParams;
+use codex_app_server_protocol::CodexAvatarAdminProofDropGrantParams;
+use codex_app_server_protocol::CodexAvatarEquipParams;
 use codex_app_server_protocol::CodexErrorInfo as AppServerCodexErrorInfo;
 use codex_app_server_protocol::CollaborationModeListParams;
 use codex_app_server_protocol::CollaborationModeListResponse;
@@ -76,14 +78,11 @@ use codex_app_server_protocol::LoginAccountResponse;
 use codex_app_server_protocol::LoginApiKeyParams;
 use codex_app_server_protocol::LogoutAccountResponse;
 use codex_app_server_protocol::MarketplaceInterface;
-use codex_app_server_protocol::McpResourceReadParams;
-use codex_app_server_protocol::McpResourceReadResponse;
 use codex_app_server_protocol::McpServerOauthLoginCompletedNotification;
 use codex_app_server_protocol::McpServerOauthLoginParams;
 use codex_app_server_protocol::McpServerOauthLoginResponse;
 use codex_app_server_protocol::McpServerRefreshResponse;
 use codex_app_server_protocol::McpServerStatus;
-use codex_app_server_protocol::McpServerStatusDetail;
 use codex_app_server_protocol::MockExperimentalMethodParams;
 use codex_app_server_protocol::MockExperimentalMethodResponse;
 use codex_app_server_protocol::ModelListParams;
@@ -185,7 +184,9 @@ use codex_arg0::Arg0DispatchPaths;
 use codex_backend_client::Client as BackendClient;
 use codex_chatgpt::connectors;
 use codex_cloud_requirements::cloud_requirements_loader;
-use codex_config::types::McpServerTransportConfig;
+use codex_core::AnalyticsEventsClient;
+use codex_core::AuthManager;
+use codex_core::CodexAuth;
 use codex_core::CodexThread;
 use codex_core::Cursor as RolloutCursor;
 use codex_core::ForkSnapshot;
@@ -196,16 +197,23 @@ use codex_core::SteerInputError;
 use codex_core::ThreadConfigSnapshot;
 use codex_core::ThreadManager;
 use codex_core::ThreadSortKey as CoreThreadSortKey;
+use codex_core::auth::AuthMode as CoreAuthMode;
+use codex_core::auth::CLIENT_ID;
+use codex_core::auth::login_with_api_key;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
 use codex_core::config::NetworkProxyAuditMetadata;
 use codex_core::config::edit::ConfigEdit;
 use codex_core::config::edit::ConfigEditsBuilder;
+use codex_core::config::types::McpServerTransportConfig;
 use codex_core::config_loader::CloudRequirementsLoadError;
 use codex_core::config_loader::CloudRequirementsLoadErrorCode;
 use codex_core::config_loader::CloudRequirementsLoader;
 use codex_core::config_loader::LoaderOverrides;
 use codex_core::config_loader::load_config_layers_state;
+use codex_core::default_client::set_default_client_residency_requirement;
+use codex_core::error::CodexErr;
+use codex_core::error::Result as CodexResult;
 use codex_core::exec::ExecCapturePolicy;
 use codex_core::exec::ExecExpiration;
 use codex_core::exec::ExecParams;
@@ -214,6 +222,11 @@ use codex_core::find_archived_thread_path_by_id_str;
 use codex_core::find_thread_name_by_id;
 use codex_core::find_thread_names_by_ids;
 use codex_core::find_thread_path_by_id_str;
+use codex_core::mcp::auth::discover_supported_scopes;
+use codex_core::mcp::auth::resolve_oauth_scopes;
+use codex_core::mcp::collect_mcp_snapshot;
+use codex_core::mcp::group_tools_by_server;
+use codex_core::models_manager::collaboration_mode_presets::CollaborationModesConfig;
 use codex_core::parse_cursor;
 use codex_core::plugins::MarketplaceError;
 use codex_core::plugins::MarketplacePluginSource;
@@ -228,6 +241,9 @@ use codex_core::read_head_for_summary;
 use codex_core::read_session_meta_line;
 use codex_core::rollout_date_parts;
 use codex_core::sandboxing::SandboxPermissions;
+use codex_core::state_db::StateDbHandle;
+use codex_core::state_db::get_state_db;
+use codex_core::state_db::reconcile_rollout;
 use codex_core::windows_sandbox::WindowsSandboxLevelExt;
 use codex_core::windows_sandbox::WindowsSandboxSetupMode as CoreWindowsSandboxSetupMode;
 use codex_core::windows_sandbox::WindowsSandboxSetupRequest;
@@ -236,34 +252,18 @@ use codex_features::Feature;
 use codex_features::Stage;
 use codex_feedback::CodexFeedback;
 use codex_git_utils::git_diff_to_remote;
-use codex_git_utils::resolve_root_git_project_for_trust;
-use codex_login::AuthManager;
-use codex_login::CLIENT_ID;
-use codex_login::CodexAuth;
 use codex_login::ServerOptions as LoginServerOptions;
 use codex_login::ShutdownHandle;
 use codex_login::auth::login_with_chatgpt_auth_tokens;
 use codex_login::complete_device_code_login;
-use codex_login::default_client::set_default_client_residency_requirement;
-use codex_login::login_with_api_key;
 use codex_login::request_device_code;
 use codex_login::run_login_server;
-use codex_mcp::mcp::McpSnapshotDetail;
-use codex_mcp::mcp::auth::discover_supported_scopes;
-use codex_mcp::mcp::auth::resolve_oauth_scopes;
-use codex_mcp::mcp::collect_mcp_snapshot_with_detail;
-use codex_mcp::mcp::effective_mcp_servers;
-use codex_mcp::mcp::qualified_mcp_tool_name_prefix;
-use codex_models_manager::collaboration_mode_presets::CollaborationModesConfig;
 use codex_protocol::ThreadId;
 use codex_protocol::config_types::CollaborationMode;
 use codex_protocol::config_types::ForcedLoginMethod;
 use codex_protocol::config_types::Personality;
-use codex_protocol::config_types::TrustLevel;
 use codex_protocol::config_types::WindowsSandboxLevel;
 use codex_protocol::dynamic_tools::DynamicToolSpec as CoreDynamicToolSpec;
-use codex_protocol::error::CodexErr;
-use codex_protocol::error::Result as CodexResult;
 use codex_protocol::items::TurnItem;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::protocol::AgentStatus;
@@ -288,9 +288,6 @@ use codex_protocol::protocol::W3cTraceContext;
 use codex_protocol::user_input::MAX_USER_INPUT_TEXT_CHARS;
 use codex_protocol::user_input::UserInput as CoreInputItem;
 use codex_rmcp_client::perform_oauth_login_return_url;
-use codex_rollout::state_db::StateDbHandle;
-use codex_rollout::state_db::get_state_db;
-use codex_rollout::state_db::reconcile_rollout;
 use codex_state::StateRuntime;
 use codex_state::ThreadMetadata;
 use codex_state::ThreadMetadataBuilder;
@@ -478,15 +475,24 @@ pub(crate) struct CodexMessageProcessorArgs {
 }

 impl CodexMessageProcessor {
-    pub(crate) fn handle_config_mutation(&self) {
-        self.clear_plugin_related_caches();
-    }
-
-    fn clear_plugin_related_caches(&self) {
+    pub(crate) fn clear_plugin_related_caches(&self) {
        self.thread_manager.plugins_manager().clear_cache();
        self.thread_manager.skills_manager().clear_cache();
    }

+    pub(crate) async fn maybe_start_plugin_startup_tasks_for_latest_config(&self) {
+        match self.load_latest_config(/*fallback_cwd*/ None).await {
+            Ok(config) => self
+                .thread_manager
+                .plugins_manager()
+                .maybe_start_plugin_startup_tasks_for_config(
+                    &config,
+                    self.thread_manager.auth_manager(),
+                ),
+            Err(err) => warn!("failed to load latest config for plugin startup tasks: {err:?}"),
+        }
+    }
+
    fn current_account_updated_notification(&self) -> AccountUpdatedNotification {
        let auth = self.auth_manager.auth_cached();
        AccountUpdatedNotification {
@@ -686,7 +692,6 @@ impl CodexMessageProcessor {
        connection_id: ConnectionId,
        request: ClientRequest,
        app_server_client_name: Option<String>,
-        app_server_client_version: Option<String>,
        request_context: RequestContext,
    ) {
        let to_connection_request_id = |request_id| ConnectionRequestId {
@@ -703,8 +708,6 @@ impl CodexMessageProcessor {
                self.thread_start(
                    to_connection_request_id(request_id),
                    params,
-                    app_server_client_name.clone(),
-                    app_server_client_version.clone(),
                    request_context,
                )
                .await;
@@ -809,7 +812,6 @@ impl CodexMessageProcessor {
                    to_connection_request_id(request_id),
                    params,
                    app_server_client_name.clone(),
-                    app_server_client_version.clone(),
                )
                .await;
            }
@@ -884,10 +886,6 @@ impl CodexMessageProcessor {
                self.list_mcp_server_status(to_connection_request_id(request_id), params)
                    .await;
            }
-            ClientRequest::McpResourceRead { request_id, params } => {
-                self.read_mcp_resource(to_connection_request_id(request_id), params)
-                    .await;
-            }
            ClientRequest::WindowsSandboxSetupStart { request_id, params } => {
                self.windows_sandbox_setup_start(to_connection_request_id(request_id), params)
                    .await;
@@ -910,6 +908,32 @@ impl CodexMessageProcessor {
                self.get_account(to_connection_request_id(request_id), params)
                    .await;
            }
+            ClientRequest::AvatarInventoryRead {
+                request_id,
+                params: _,
+            } => {
+                self.avatar_inventory_read(to_connection_request_id(request_id))
+                    .await;
+            }
+            ClientRequest::AvatarEquip { request_id, params } => {
+                self.avatar_equip(to_connection_request_id(request_id), params)
+                    .await;
+            }
+            ClientRequest::AvatarAdminAward { request_id, params } => {
+                self.avatar_admin_award(to_connection_request_id(request_id), params)
+                    .await;
+            }
+            ClientRequest::AvatarAdminProofDrop { request_id, params } => {
+                self.avatar_admin_proof_drop(to_connection_request_id(request_id), params)
+                    .await;
+            }
+            ClientRequest::AvatarAdminCapabilitiesRead {
+                request_id,
+                params: _,
+            } => {
+                self.avatar_admin_capabilities_read(to_connection_request_id(request_id))
+                    .await;
+            }
            ClientRequest::GitDiffToRemote { request_id, params } => {
                self.git_diff_to_origin(to_connection_request_id(request_id), params.cwd)
                    .await;
@@ -1692,6 +1716,90 @@ impl CodexMessageProcessor {
        }
    }

+    async fn avatar_inventory_read(&self, request_id: ConnectionRequestId) {
+        match avatar_rpc::read_avatar_inventory(&self.auth_manager, &self.config.chatgpt_base_url)
+            .await
+        {
+            Ok(response) => {
+                self.outgoing.send_response(request_id, response).await;
+            }
+            Err(error) => {
+                self.outgoing.send_error(request_id, error).await;
+            }
+        }
+    }
+
+    async fn avatar_equip(&self, request_id: ConnectionRequestId, params: CodexAvatarEquipParams) {
+        match avatar_rpc::equip_avatar(&self.auth_manager, &self.config.chatgpt_base_url, params)
+            .await
+        {
+            Ok(response) => {
+                self.outgoing.send_response(request_id, response).await;
+            }
+            Err(error) => {
+                self.outgoing.send_error(request_id, error).await;
+            }
+        }
+    }
+
+    async fn avatar_admin_award(
+        &self,
+        request_id: ConnectionRequestId,
+        params: CodexAvatarAdminAwardGrantParams,
+    ) {
+        match avatar_rpc::grant_admin_avatar_award(
+            &self.auth_manager,
+            &self.config.chatgpt_base_url,
+            params,
+        )
+        .await
+        {
+            Ok(response) => {
+                self.outgoing.send_response(request_id, response).await;
+            }
+            Err(error) => {
+                self.outgoing.send_error(request_id, error).await;
+            }
+        }
+    }
+
+    async fn avatar_admin_proof_drop(
+        &self,
+        request_id: ConnectionRequestId,
+        params: CodexAvatarAdminProofDropGrantParams,
+    ) {
+        match avatar_rpc::grant_admin_avatar_proof_drop(
+            &self.auth_manager,
+            &self.config.chatgpt_base_url,
+            params,
+        )
+        .await
+        {
+            Ok(response) => {
+                self.outgoing.send_response(request_id, response).await;
+            }
+            Err(error) => {
+                self.outgoing.send_error(request_id, error).await;
+            }
+        }
+    }
+
+    async fn avatar_admin_capabilities_read(&self, request_id: ConnectionRequestId) {
+        match avatar_rpc::read_avatar_admin_capabilities(
+            &self.auth_manager,
+            &self.config.chatgpt_base_url,
+        )
+        .await
+        {
+            Ok(response) => {
+                self.outgoing.send_response(request_id, response).await;
+            }
+            Err(error) => {
+                self.outgoing.send_error(request_id, error).await;
+            }
+        }
+    }
+
    async fn fetch_account_rate_limits(
        &self,
    ) -> Result<
@@ -2060,8 +2168,6 @@ impl CodexMessageProcessor {
        &self,
        request_id: ConnectionRequestId,
        params: ThreadStartParams,
-        app_server_client_name: Option<String>,
-        app_server_client_version: Option<String>,
        request_context: RequestContext,
    ) {
        let ThreadStartParams {
@@ -2117,8 +2223,6 @@ impl CodexMessageProcessor {
                runtime_feature_enablement,
                cloud_requirements,
                request_id,
-                app_server_client_name,
-                app_server_client_version,
                config,
                typesafe_overrides,
                dynamic_tools,
@@ -2192,8 +2296,6 @@ impl CodexMessageProcessor {
        runtime_feature_enablement: BTreeMap<String, bool>,
        cloud_requirements: CloudRequirementsLoader,
        request_id: ConnectionRequestId,
-        app_server_client_name: Option<String>,
-        app_server_client_version: Option<String>,
        config_overrides: Option<HashMap<String, serde_json::Value>>,
        typesafe_overrides: ConfigOverrides,
        dynamic_tools: Option<Vec<ApiDynamicToolSpec>>,
@@ -2202,11 +2304,10 @@ impl CodexMessageProcessor {
        experimental_raw_events: bool,
        request_trace: Option<W3cTraceContext>,
    ) {
-        let requested_cwd = typesafe_overrides.cwd.clone();
-        let mut config = match derive_config_from_params(
+        let config = match derive_config_from_params(
            &cli_overrides,
-            config_overrides.clone(),
-            typesafe_overrides.clone(),
+            config_overrides,
+            typesafe_overrides,
            &cloud_requirements,
            &listener_task_context.codex_home,
            &runtime_feature_enablement,
@@ -2224,70 +2325,6 @@ impl CodexMessageProcessor {
            }
        };

-        // The user may have requested WorkspaceWrite or DangerFullAccess via
-        // the command line, though in the process of deriving the Config, it
-        // could be downgraded to ReadOnly (perhaps there is no sandbox
-        // available on Windows or the enterprise config disallows it). The cwd
-        // should still be considered "trusted" in this case.
-        let requested_sandbox_trusts_project = matches!(
-            typesafe_overrides.sandbox_mode,
-            Some(
-                codex_protocol::config_types::SandboxMode::WorkspaceWrite
-                    | codex_protocol::config_types::SandboxMode::DangerFullAccess
-            )
-        );
-
-        if requested_cwd.is_some()
-            && !config.active_project.is_trusted()
-            && (requested_sandbox_trusts_project
-                || matches!(
-                    config.permissions.sandbox_policy.get(),
-                    codex_protocol::protocol::SandboxPolicy::WorkspaceWrite { .. }
-                        | codex_protocol::protocol::SandboxPolicy::DangerFullAccess
-                        | codex_protocol::protocol::SandboxPolicy::ExternalSandbox { .. }
-                ))
-        {
-            let trust_target = resolve_root_git_project_for_trust(config.cwd.as_path())
-                .unwrap_or_else(|| config.cwd.to_path_buf());
-            if let Err(err) = codex_core::config::set_project_trust_level(
-                &listener_task_context.codex_home,
-                trust_target.as_path(),
-                TrustLevel::Trusted,
-            ) {
-                let error = JSONRPCErrorError {
-                    code: INTERNAL_ERROR_CODE,
-                    message: format!("failed to persist trusted project state: {err}"),
-                    data: None,
-                };
-                listener_task_context
-                    .outgoing
-                    .send_error(request_id, error)
-                    .await;
-                return;
-            }
-
-            config = match derive_config_from_params(
-                &cli_overrides,
-                config_overrides,
-                typesafe_overrides,
-                &cloud_requirements,
-                &listener_task_context.codex_home,
-                &runtime_feature_enablement,
-            )
-            .await
-            {
-                Ok(config) => config,
-                Err(err) => {
-                    let error = config_load_error(&err);
-                    listener_task_context
-                        .outgoing
-                        .send_error(request_id, error)
-                        .await;
-                    return;
-                }
-            };
-        }
-
        let dynamic_tools = dynamic_tools.unwrap_or_default();
        let core_dynamic_tools = if dynamic_tools.is_empty() {
            Vec::new()
@@ -2340,19 +2377,6 @@ impl CodexMessageProcessor {
                    session_configured,
                    ..
                } = new_conv;
-                if let Err(error) = Self::set_app_server_client_info(
-                    thread.as_ref(),
-                    app_server_client_name,
-                    app_server_client_version,
-                )
-                .await
-                {
-                    listener_task_context
-                        .outgoing
-                        .send_error(request_id, error)
-                        .await;
-                    return;
-                }
                let config_snapshot = thread
                    .config_snapshot()
                    .instrument(tracing::info_span!(
@@ -3386,13 +3410,6 @@ impl CodexMessageProcessor {
            cwd,
            search_term,
        } = params;
-        let cwd = match normalize_thread_list_cwd_filter(cwd) {
-            Ok(cwd) => cwd,
-            Err(error) => {
-                self.outgoing.send_error(request_id, error).await;
-                return;
-            }
-        };

        let requested_page_size = limit
            .map(|value| value as usize)
@@ -3411,7 +3428,7 @@ impl CodexMessageProcessor {
                    model_providers,
                    source_kinds,
                    archived: archived.unwrap_or(false),
-                    cwd,
+                    cwd: cwd.map(PathBuf::from),
                    search_term,
                },
            )
@@ -3620,11 +3637,6 @@ impl CodexMessageProcessor {
            }
            build_thread_from_snapshot(thread_uuid, &config_snapshot, loaded_rollout_path)
        };
-        if thread.forked_from_id.is_none()
-            && let Some(rollout_path) = rollout_path.as_ref()
-        {
-            thread.forked_from_id = forked_from_id_from_rollout(rollout_path).await;
-        }
        self.attach_thread_name(thread_uuid, &mut thread).await;

        if include_turns && let Some(rollout_path) = rollout_path.as_ref() {
@@ -4454,12 +4466,7 @@ impl CodexMessageProcessor {
            )
            .await
            {
-                Ok(summary) => {
-                    let mut thread = summary_to_thread(summary);
-                    thread.forked_from_id =
-                        forked_from_id_from_rollout(fork_rollout_path.as_path()).await;
-                    thread
-                }
+                Ok(summary) => summary_to_thread(summary),
                Err(err) => {
                    self.send_internal_error(
                        request_id,
@@ -4493,14 +4500,6 @@ impl CodexMessageProcessor {
                }
            };
            thread.preview = preview_from_rollout_items(&history_items);
-            thread.forked_from_id = source_thread_id
-                .or_else(|| {
-                    history_items.iter().find_map(|item| match item {
-                        RolloutItem::SessionMeta(meta_line) => Some(meta_line.meta.id),
-                        _ => None,
-                    })
-                })
-                .map(|id| id.to_string());
            if let Err(message) = populate_thread_turns(
                &mut thread,
                ThreadTurnSource::HistoryItems(&history_items),
@@ -5154,12 +5153,9 @@ impl CodexMessageProcessor {
                return;
            }
        };
-        let mcp_config = config.to_mcp_config(self.thread_manager.plugins_manager().as_ref());
-        let auth = self.auth_manager.auth().await;

        tokio::spawn(async move {
-            Self::list_mcp_server_status_task(outgoing, request, params, config, mcp_config, auth)
-                .await;
+            Self::list_mcp_server_status_task(outgoing, request, params, config).await;
        });
    }

@@ -5168,72 +5164,15 @@ impl CodexMessageProcessor {
        request_id: ConnectionRequestId,
        params: ListMcpServerStatusParams,
        config: Config,
-        mcp_config: codex_mcp::mcp::McpConfig,
-        auth: Option<CodexAuth>,
    ) {
-        let detail = match params.detail.unwrap_or(McpServerStatusDetail::Full) {
-            McpServerStatusDetail::Full => McpSnapshotDetail::Full,
-            McpServerStatusDetail::ToolsAndAuthOnly => McpSnapshotDetail::ToolsAndAuthOnly,
-        };
+        let snapshot = collect_mcp_snapshot(&config).await;

-        let snapshot = collect_mcp_snapshot_with_detail(
-            &mcp_config,
-            auth.as_ref(),
-            request_id.request_id.to_string(),
-            detail,
-        )
-        .await;
-
-        // Rebuild the tool list per original server name instead of using
-        // `group_tools_by_server()`: qualified tool names are sanitized for the
-        // Responses API, so a config key like `some-server` is encoded as the
-        // `mcp__some_server__` prefix. Matching with the original server name's
-        // sanitized prefix preserves `/mcp` output for hyphenated names.
-        let effective_servers = effective_mcp_servers(&mcp_config, auth.as_ref());
-        let mut sanitized_prefix_counts = HashMap::<String, usize>::new();
-        for name in effective_servers.keys() {
-            let prefix = qualified_mcp_tool_name_prefix(name);
-            *sanitized_prefix_counts.entry(prefix).or_default() += 1;
-        }
-        let tools_by_server = effective_servers
-            .keys()
-            .map(|name| {
-                let prefix = qualified_mcp_tool_name_prefix(name);
-                // If multiple server names normalize to the same prefix, the
-                // qualified tool namespace is ambiguous (for example
-                // `some-server` and `some_server` both become
-                // `mcp__some_server__`). In that case, avoid attributing the
-                // same tools to multiple servers.
-                let tools = if sanitized_prefix_counts
-                    .get(&prefix)
-                    .copied()
-                    .unwrap_or_default()
-                    == 1
-                {
-                    snapshot
-                        .tools
-                        .iter()
-                        .filter_map(|(qualified_name, tool)| {
-                            qualified_name
-                                .strip_prefix(&prefix)
-                                .map(|tool_name| (tool_name.to_string(), tool.clone()))
-                        })
-                        .collect::<HashMap<_, _>>()
-                } else {
-                    HashMap::new()
-                };
-                (name.clone(), tools)
-            })
-            .collect::<HashMap<_, _>>();
+        let tools_by_server = group_tools_by_server(&snapshot.tools);

        let mut server_names: Vec<String> = config
            .mcp_servers
            .keys()
            .cloned()
-            // Include built-in/plugin MCP servers that are present in the
-            // effective runtime config even when they are not user-declared in
-            // `config.mcp_servers`.
-            .chain(effective_servers.keys().cloned())
            .chain(snapshot.auth_statuses.keys().cloned())
            .chain(snapshot.resources.keys().cloned())
            .chain(snapshot.resource_templates.keys().cloned())
@@ -5303,58 +5242,6 @@ impl CodexMessageProcessor {
        outgoing.send_response(request_id, response).await;
    }

-    async fn read_mcp_resource(
-        &self,
-        request_id: ConnectionRequestId,
-        params: McpResourceReadParams,
-    ) {
-        let outgoing = Arc::clone(&self.outgoing);
-        let (_, thread) = match self.load_thread(&params.thread_id).await {
-            Ok(thread) => thread,
-            Err(error) => {
-                self.outgoing.send_error(request_id, error).await;
-                return;
-            }
-        };
-
-        tokio::spawn(async move {
-            let result = thread.read_mcp_resource(&params.server, &params.uri).await;
-            match result {
-                Ok(result) => match serde_json::from_value::<McpResourceReadResponse>(result) {
-                    Ok(response) => {
-                        outgoing.send_response(request_id, response).await;
-                    }
-                    Err(error) => {
-                        outgoing
-                            .send_error(
-                                request_id,
-                                JSONRPCErrorError {
-                                    code: INTERNAL_ERROR_CODE,
-                                    message: format!(
-                                        "failed to deserialize MCP resource read response: {error}"
-                                    ),
-                                    data: None,
-                                },
-                            )
-                            .await;
-                    }
-                },
-                Err(error) => {
-                    outgoing
-                        .send_error(
-                            request_id,
-                            JSONRPCErrorError {
-                                code: INTERNAL_ERROR_CODE,
-                                message: format!("{error:#}"),
-                                data: None,
-                            },
-                        )
-                        .await;
-                }
-            }
-        });
-    }
-
    async fn send_invalid_request_error(&self, request_id: ConnectionRequestId, message: String) {
        let error = JSONRPCErrorError {
            code: INVALID_REQUEST_ERROR_CODE,
@@ -5690,11 +5577,7 @@ impl CodexMessageProcessor {
                .set_enabled(Feature::Apps, thread.enabled(Feature::Apps));
        }

-        let auth = self.auth_manager.auth().await;
-        if !config
-            .features
-            .apps_enabled_for_auth(auth.as_ref().is_some_and(CodexAuth::is_chatgpt_auth))
-        {
+        if !config.features.apps_enabled(Some(&self.auth_manager)).await {
            self.outgoing
                .send_response(
                    request_id,
@@ -6025,7 +5908,6 @@ impl CodexMessageProcessor {
            force_remote_sync,
        } = params;
        let roots = cwds.unwrap_or_default();
-        plugins_manager.maybe_start_non_curated_plugin_cache_refresh_for_roots(&roots);

        let mut config = match self.load_latest_config(/*fallback_cwd*/ None).await {
            Ok(config) => config,
@@ -6362,11 +6244,9 @@ impl CodexMessageProcessor {
                }

                let plugin_apps = load_plugin_apps(result.installed_path.as_path());
-                let auth = self.auth_manager.auth().await;
                let apps_needing_auth = if plugin_apps.is_empty()
-                    || !config.features.apps_enabled_for_auth(
-                        auth.as_ref().is_some_and(CodexAuth::is_chatgpt_auth),
-                    ) {
+                    || !config.features.apps_enabled(Some(&self.auth_manager)).await
+                {
                    Vec::new()
                } else {
                    let (all_connectors_result, accessible_connectors_result) = tokio::join!(
@@ -6561,7 +6441,6 @@ impl CodexMessageProcessor {
        request_id: ConnectionRequestId,
        params: TurnStartParams,
        app_server_client_name: Option<String>,
-        app_server_client_version: Option<String>,
    ) {
        if let Err(error) = Self::validate_v2_input_limit(&params.input) {
            self.outgoing.send_error(request_id, error).await;
@@ -6574,12 +6453,8 @@ impl CodexMessageProcessor {
                return;
            }
        };
-        if let Err(error) = Self::set_app_server_client_info(
-            thread.as_ref(),
-            app_server_client_name,
-            app_server_client_version,
-        )
-        .await
+        if let Err(error) =
+            Self::set_app_server_client_name(thread.as_ref(), app_server_client_name).await
        {
            self.outgoing.send_error(request_id, error).await;
            return;
@@ -6657,9 +6532,6 @@ impl CodexMessageProcessor {
                    items: vec![],
                    error: None,
                    status: TurnStatus::InProgress,
-                    started_at: None,
-                    completed_at: None,
-                    duration_ms: None,
                };

                let response = TurnStartResponse { turn };
@@ -6676,17 +6548,16 @@ impl CodexMessageProcessor {
        }
    }

-    async fn set_app_server_client_info(
+    async fn set_app_server_client_name(
        thread: &CodexThread,
        app_server_client_name: Option<String>,
-        app_server_client_version: Option<String>,
    ) -> Result<(), JSONRPCErrorError> {
        thread
-            .set_app_server_client_info(app_server_client_name, app_server_client_version)
+            .set_app_server_client_name(app_server_client_name)
            .await
            .map_err(|err| JSONRPCErrorError {
                code: INTERNAL_ERROR_CODE,
-                message: format!("failed to set app server client info: {err}"),
+                message: format!("failed to set app server client name: {err}"),
                data: None,
            })
    }
@@ -6996,9 +6867,6 @@ impl CodexMessageProcessor {
            items,
            error: None,
            status: TurnStatus::InProgress,
-            started_at: None,
-            completed_at: None,
-            duration_ms: None,
        }
    }

@@ -7827,57 +7695,6 @@ impl CodexMessageProcessor {
    }
 }

-fn normalize_thread_list_cwd_filter(
-    cwd: Option<String>,
-) -> Result<Option<PathBuf>, JSONRPCErrorError> {
-    let Some(cwd) = cwd else {
-        return Ok(None);
-    };
-    AbsolutePathBuf::relative_to_current_dir(cwd.as_str())
-        .map(AbsolutePathBuf::into_path_buf)
-        .map(Some)
-        .map_err(|err| JSONRPCErrorError {
-            code: INVALID_PARAMS_ERROR_CODE,
-            message: format!("invalid thread/list cwd filter `{cwd}`: {err}"),
-            data: None,
-        })
-}
-
-#[cfg(test)]
-mod thread_list_cwd_filter_tests {
-    use super::normalize_thread_list_cwd_filter;
-    use codex_utils_absolute_path::AbsolutePathBuf;
-    use pretty_assertions::assert_eq;
-    use std::path::PathBuf;
-
-    #[test]
-    fn normalize_thread_list_cwd_filter_preserves_absolute_paths() {
-        let cwd = if cfg!(windows) {
-            String::from(r"C:\srv\repo-b")
-        } else {
-            String::from("/srv/repo-b")
-        };
-
-        assert_eq!(
-            normalize_thread_list_cwd_filter(Some(cwd.clone())).expect("cwd filter should parse"),
-            Some(PathBuf::from(cwd))
-        );
-    }
-
-    #[test]
-    fn normalize_thread_list_cwd_filter_resolves_relative_paths_against_server_cwd()
-    -> std::io::Result<()> {
-        let expected = AbsolutePathBuf::relative_to_current_dir("repo-b")?.to_path_buf();
-
-        assert_eq!(
-            normalize_thread_list_cwd_filter(Some(String::from("repo-b")))
-                .expect("cwd filter should parse"),
-            Some(expected)
-        );
-        Ok(())
-    }
-}
-
 #[allow(clippy::too_many_arguments)]
 async fn handle_thread_listener_command(
    conversation_id: ThreadId,
@@ -8853,7 +8670,6 @@ async fn load_thread_summary_for_rollout(
                rollout_path.display()
            )
        })?;
-    thread.forked_from_id = forked_from_id_from_rollout(rollout_path).await;
    if let Some(persisted_metadata) = persisted_metadata {
        merge_mutable_thread_metadata(
            &mut thread,
@@ -8865,14 +8681,6 @@ async fn load_thread_summary_for_rollout(
    Ok(thread)
 }

-async fn forked_from_id_from_rollout(path: &Path) -> Option<String> {
-    read_session_meta_line(path)
-        .await
-        .ok()
-        .and_then(|meta_line| meta_line.meta.forked_from_id)
-        .map(|thread_id| thread_id.to_string())
-}
-
 fn merge_mutable_thread_metadata(thread: &mut Thread, persisted_thread: Thread) {
    thread.git_info = persisted_thread.git_info;
 }
@@ -8953,7 +8761,6 @@ fn build_thread_from_snapshot(
    let now = time::OffsetDateTime::now_utc().unix_timestamp();
    Thread {
        id: thread_id.to_string(),
-        forked_from_id: None,
        preview: String::new(),
        ephemeral: config_snapshot.ephemeral,
        model_provider: config_snapshot.model_provider_id.clone(),
@@ -8996,7 +8803,6 @@ pub(crate) fn summary_to_thread(summary: ConversationSummary) -> Thread {

    Thread {
        id: conversation_id.to_string(),
-        forked_from_id: None,
        preview,
        ephemeral: false,
        model_provider,
@@ -9493,44 +9299,6 @@ mod tests {
        Ok(())
    }

-    #[tokio::test]
-    async fn read_summary_from_rollout_preserves_forked_from_id() -> Result<()> {
-        use codex_protocol::protocol::RolloutItem;
-        use codex_protocol::protocol::RolloutLine;
-        use codex_protocol::protocol::SessionMetaLine;
-        use std::fs;
-
-        let temp_dir = TempDir::new()?;
-        let path = temp_dir.path().join("rollout.jsonl");
-
-        let conversation_id = ThreadId::from_string("bfd12a78-5900-467b-9bc5-d3d35df08191")?;
-        let forked_from_id = ThreadId::from_string("ad7f0408-99b8-4f6e-a46f-bd0eec433370")?;
-        let timestamp = "2025-09-05T16:53:11.850Z".to_string();
-
-        let session_meta = SessionMeta {
-            id: conversation_id,
-            forked_from_id: Some(forked_from_id),
-            timestamp: timestamp.clone(),
-            model_provider: Some("test-provider".to_string()),
-            ..SessionMeta::default()
-        };
-
-        let line = RolloutLine {
-            timestamp,
-            item: RolloutItem::SessionMeta(SessionMetaLine {
-                meta: session_meta,
-                git: None,
-            }),
-        };
-        fs::write(&path, format!("{}\n", serde_json::to_string(&line)?))?;
-
-        assert_eq!(
-            forked_from_id_from_rollout(path.as_path()).await,
-            Some(forked_from_id.to_string())
-        );
-        Ok(())
-    }
-
    #[tokio::test]
    async fn aborting_pending_request_clears_pending_state() -> Result<()> {
        let thread_id = ThreadId::from_string("bfd12a78-5900-467b-9bc5-d3d35df08191")?;
@@ -9648,7 +9416,6 @@ mod tests {
            state.track_current_turn_event(&EventMsg::TurnStarted(
                codex_protocol::protocol::TurnStartedEvent {
                    turn_id: "turn-1".to_string(),
-                    started_at: None,
                    model_context_window: None,
                    collaboration_mode_kind: Default::default(),
                },
--- a/codex-rs/app-server/src/codex_message_processor/plugin_mcp_oauth.rs
+++ b/codex-rs/app-server/src/codex_message_processor/plugin_mcp_oauth.rs
@@ -3,12 +3,12 @@ use std::sync::Arc;

 use codex_app_server_protocol::McpServerOauthLoginCompletedNotification;
 use codex_app_server_protocol::ServerNotification;
-use codex_config::types::McpServerConfig;
 use codex_core::config::Config;
-use codex_mcp::mcp::auth::McpOAuthLoginSupport;
-use codex_mcp::mcp::auth::oauth_login_support;
-use codex_mcp::mcp::auth::resolve_oauth_scopes;
-use codex_mcp::mcp::auth::should_retry_without_scopes;
+use codex_core::config::types::McpServerConfig;
+use codex_core::mcp::auth::McpOAuthLoginSupport;
+use codex_core::mcp::auth::oauth_login_support;
+use codex_core::mcp::auth::resolve_oauth_scopes;
+use codex_core::mcp::auth::should_retry_without_scopes;
 use codex_rmcp_client::perform_oauth_login_silent;
 use tracing::warn;

--- a/codex-rs/app-server/src/command_exec.rs
+++ b/codex-rs/app-server/src/command_exec.rs
@@ -18,12 +18,12 @@ use codex_app_server_protocol::CommandExecWriteParams;
 use codex_app_server_protocol::CommandExecWriteResponse;
 use codex_app_server_protocol::JSONRPCErrorError;
 use codex_app_server_protocol::ServerNotification;
+use codex_core::bytes_to_string_smart;
 use codex_core::config::StartedNetworkProxy;
 use codex_core::exec::DEFAULT_EXEC_COMMAND_TIMEOUT_MS;
 use codex_core::exec::ExecExpiration;
 use codex_core::exec::IO_DRAIN_TIMEOUT_MS;
 use codex_core::sandboxing::ExecRequest;
-use codex_protocol::exec_output::bytes_to_string_smart;
 use codex_sandboxing::SandboxType;
 use codex_utils_pty::DEFAULT_OUTPUT_BYTES_CAP;
 use codex_utils_pty::ProcessHandle;
--- a/codex-rs/app-server/src/config_api.rs
+++ b/codex-rs/app-server/src/config_api.rs
@@ -1,7 +1,6 @@
 use crate::error_code::INTERNAL_ERROR_CODE;
 use crate::error_code::INVALID_REQUEST_ERROR_CODE;
 use async_trait::async_trait;
-use codex_analytics::AnalyticsEventsClient;
 use codex_app_server_protocol::ConfigBatchWriteParams;
 use codex_app_server_protocol::ConfigReadParams;
 use codex_app_server_protocol::ConfigReadResponse;
@@ -17,6 +16,7 @@ use codex_app_server_protocol::NetworkDomainPermission;
 use codex_app_server_protocol::NetworkRequirements;
 use codex_app_server_protocol::NetworkUnixSocketPermission;
 use codex_app_server_protocol::SandboxMode;
+use codex_core::AnalyticsEventsClient;
 use codex_core::ThreadManager;
 use codex_core::config::Config;
 use codex_core::config::ConfigService;
@@ -366,12 +366,6 @@ fn map_requirements_toml_to_api(requirements: ConfigRequirementsToml) -> ConfigR
                .map(codex_app_server_protocol::AskForApproval::from)
                .collect()
        }),
-        allowed_approvals_reviewers: requirements.allowed_approvals_reviewers.map(|reviewers| {
-            reviewers
-                .into_iter()
-                .map(codex_app_server_protocol::ApprovalsReviewer::from)
-                .collect()
-        }),
        allowed_sandbox_modes: requirements.allowed_sandbox_modes.map(|modes| {
            modes
                .into_iter()
@@ -449,7 +443,6 @@ fn map_network_requirements_to_api(
                .collect()
        }),
        managed_allowed_domains_only: network.managed_allowed_domains_only,
-        danger_full_access_denylist_only: network.danger_full_access_denylist_only,
        allowed_domains,
        denied_domains,
        unix_sockets: network.unix_sockets.map(|unix_sockets| {
@@ -517,16 +510,15 @@ fn config_write_error(code: ConfigWriteErrorCode, message: impl Into<String>) ->
 #[cfg(test)]
 mod tests {
    use super::*;
-    use codex_analytics::AnalyticsEventsClient;
+    use codex_core::AnalyticsEventsClient;
+    use codex_core::AuthManager;
+    use codex_core::CodexAuth;
    use codex_core::config_loader::NetworkDomainPermissionToml as CoreNetworkDomainPermissionToml;
    use codex_core::config_loader::NetworkDomainPermissionsToml as CoreNetworkDomainPermissionsToml;
    use codex_core::config_loader::NetworkRequirementsToml as CoreNetworkRequirementsToml;
    use codex_core::config_loader::NetworkUnixSocketPermissionToml as CoreNetworkUnixSocketPermissionToml;
    use codex_core::config_loader::NetworkUnixSocketPermissionsToml as CoreNetworkUnixSocketPermissionsToml;
    use codex_features::Feature;
-    use codex_login::AuthManager;
-    use codex_login::CodexAuth;
-    use codex_protocol::config_types::ApprovalsReviewer as CoreApprovalsReviewer;
    use codex_protocol::protocol::AskForApproval as CoreAskForApproval;
    use pretty_assertions::assert_eq;
    use serde_json::json;
@@ -553,10 +545,6 @@ mod tests {
                CoreAskForApproval::Never,
                CoreAskForApproval::OnRequest,
            ]),
-            allowed_approvals_reviewers: Some(vec![
-                CoreApprovalsReviewer::User,
-                CoreApprovalsReviewer::GuardianSubagent,
-            ]),
            allowed_sandbox_modes: Some(vec![
                CoreSandboxModeRequirement::ReadOnly,
                CoreSandboxModeRequirement::ExternalSandbox,
@@ -595,7 +583,6 @@ mod tests {
                    ]),
                }),
                managed_allowed_domains_only: Some(false),
-                danger_full_access_denylist_only: Some(true),
                unix_sockets: Some(CoreNetworkUnixSocketPermissionsToml {
                    entries: std::collections::BTreeMap::from([(
                        "/tmp/proxy.sock".to_string(),
@@ -615,13 +602,6 @@ mod tests {
                codex_app_server_protocol::AskForApproval::OnRequest,
            ])
        );
-        assert_eq!(
-            mapped.allowed_approvals_reviewers,
-            Some(vec![
-                codex_app_server_protocol::ApprovalsReviewer::User,
-                codex_app_server_protocol::ApprovalsReviewer::GuardianSubagent,
-            ])
-        );
        assert_eq!(
            mapped.allowed_sandbox_modes,
            Some(vec![SandboxMode::ReadOnly]),
@@ -655,7 +635,6 @@ mod tests {
                    ("example.com".to_string(), NetworkDomainPermission::Deny),
                ])),
                managed_allowed_domains_only: Some(false),
-                danger_full_access_denylist_only: Some(true),
                allowed_domains: Some(vec!["api.openai.com".to_string()]),
                denied_domains: Some(vec!["example.com".to_string()]),
                unix_sockets: Some(std::collections::BTreeMap::from([(
@@ -672,7 +651,6 @@ mod tests {
    fn map_requirements_toml_to_api_omits_unix_socket_none_entries_from_legacy_network_fields() {
        let requirements = ConfigRequirementsToml {
            allowed_approval_policies: None,
-            allowed_approvals_reviewers: None,
            allowed_sandbox_modes: None,
            allowed_web_search_modes: None,
            guardian_developer_instructions: None,
@@ -690,7 +668,6 @@ mod tests {
                dangerously_allow_all_unix_sockets: None,
                domains: None,
                managed_allowed_domains_only: None,
-                danger_full_access_denylist_only: None,
                unix_sockets: Some(CoreNetworkUnixSocketPermissionsToml {
                    entries: std::collections::BTreeMap::from([(
                        "/tmp/ignored.sock".to_string(),
@@ -714,7 +691,6 @@ mod tests {
                dangerously_allow_all_unix_sockets: None,
                domains: None,
                managed_allowed_domains_only: None,
-                danger_full_access_denylist_only: None,
                allowed_domains: None,
                denied_domains: None,
                unix_sockets: Some(std::collections::BTreeMap::from([(
@@ -731,7 +707,6 @@ mod tests {
    fn map_requirements_toml_to_api_normalizes_allowed_web_search_modes() {
        let requirements = ConfigRequirementsToml {
            allowed_approval_policies: None,
-            allowed_approvals_reviewers: None,
            allowed_sandbox_modes: None,
            allowed_web_search_modes: Some(Vec::new()),
            guardian_developer_instructions: None,
--- a/codex-rs/app-server/src/in_process.rs
+++ b/codex-rs/app-server/src/in_process.rs
@@ -64,7 +64,6 @@ use crate::outgoing_message::QueuedOutgoingMessage;
 use crate::transport::CHANNEL_CAPACITY;
 use crate::transport::OutboundConnectionState;
 use crate::transport::route_outgoing_envelope;
-use codex_analytics::AppServerRpcTransport;
 use codex_app_server_protocol::ClientNotification;
 use codex_app_server_protocol::ClientRequest;
 use codex_app_server_protocol::ConfigWarningNotification;
@@ -75,12 +74,12 @@ use codex_app_server_protocol::Result;
 use codex_app_server_protocol::ServerNotification;
 use codex_app_server_protocol::ServerRequest;
 use codex_arg0::Arg0DispatchPaths;
+use codex_core::AppServerRpcTransport;
 use codex_core::config::Config;
 use codex_core::config_loader::CloudRequirementsLoader;
 use codex_core::config_loader::LoaderOverrides;
 use codex_exec_server::EnvironmentManager;
 use codex_feedback::CodexFeedback;
-use codex_login::AuthManager;
 use codex_protocol::protocol::SessionSource;
 use tokio::sync::mpsc;
 use tokio::sync::oneshot;
@@ -380,8 +379,6 @@ fn start_uninitialized(args: InProcessStartArgs) -> InProcessClientHandle {
        });

        let processor_outgoing = Arc::clone(&outgoing_message_sender);
-        let auth_manager =
-            AuthManager::shared_from_config(args.config.as_ref(), args.enable_codex_api_key_env);
        let (processor_tx, mut processor_rx) = mpsc::channel::<ProcessorCommand>(channel_capacity);
        let mut processor_handle = tokio::spawn(async move {
            let mut processor = MessageProcessor::new(MessageProcessorArgs {
@@ -396,7 +393,7 @@ fn start_uninitialized(args: InProcessStartArgs) -> InProcessClientHandle {
                log_db: None,
                config_warnings: args.config_warnings,
                session_source: args.session_source,
-                auth_manager,
+                enable_codex_api_key_env: args.enable_codex_api_key_env,
                rpc_transport: AppServerRpcTransport::InProcess,
            });
            let mut thread_created_rx = processor.thread_created_receiver();
@@ -826,9 +823,6 @@ mod tests {
                    items: Vec::new(),
                    status: TurnStatus::Completed,
                    error: None,
-                    started_at: None,
-                    completed_at: Some(0),
-                    duration_ms: None,
                },
            })
        ));
--- a/codex-rs/app-server/src/lib.rs
+++ b/codex-rs/app-server/src/lib.rs
@@ -2,13 +2,12 @@

 use codex_arg0::Arg0DispatchPaths;
 use codex_cloud_requirements::cloud_requirements_loader;
+use codex_core::AuthManager;
 use codex_core::config::Config;
 use codex_core::config::ConfigBuilder;
 use codex_core::config_loader::CloudRequirementsLoader;
 use codex_core::config_loader::ConfigLayerStackOrdering;
 use codex_core::config_loader::LoaderOverrides;
-use codex_features::Feature;
-use codex_login::AuthManager;
 use codex_utils_cli::CliConfigOverrides;
 use std::collections::HashMap;
 use std::collections::HashSet;
@@ -30,15 +29,14 @@ use crate::transport::OutboundConnectionState;
 use crate::transport::TransportEvent;
 use crate::transport::auth::policy_from_settings;
 use crate::transport::route_outgoing_envelope;
-use crate::transport::start_remote_control;
 use crate::transport::start_stdio_connection;
 use crate::transport::start_websocket_acceptor;
-use codex_analytics::AppServerRpcTransport;
 use codex_app_server_protocol::ConfigLayerSource;
 use codex_app_server_protocol::ConfigWarningNotification;
 use codex_app_server_protocol::JSONRPCMessage;
 use codex_app_server_protocol::TextPosition as AppTextPosition;
 use codex_app_server_protocol::TextRange as AppTextRange;
+use codex_core::AppServerRpcTransport;
 use codex_core::ExecPolicyError;
 use codex_core::check_execpolicy_for_warnings;
 use codex_core::config_loader::ConfigLoadError;
@@ -48,7 +46,6 @@ use codex_feedback::CodexFeedback;
 use codex_protocol::protocol::SessionSource;
 use codex_state::log_db;
 use tokio::sync::mpsc;
-use tokio::sync::oneshot;
 use tokio::task::JoinHandle;
 use tokio_util::sync::CancellationToken;
 use toml::Value as TomlValue;
@@ -64,6 +61,7 @@ use tracing_subscriber::registry::Registry;
 use tracing_subscriber::util::SubscriberInitExt;

 mod app_server_tracing;
+mod avatar_rpc;
 mod bespoke_event_handling;
 mod codex_message_processor;
 mod command_exec;
@@ -399,8 +397,11 @@ pub async fn run_main_with_transport(
                }
            }

-            let auth_manager =
-                AuthManager::shared_from_config(&config, /*enable_codex_api_key_env*/ false);
+            let auth_manager = AuthManager::shared(
+                config.codex_home.clone(),
+                /*enable_codex_api_key_env*/ false,
+                config.cli_auth_credentials_store_mode,
+            );
            cloud_requirements_loader(
                auth_manager,
                config.chatgpt_base_url,
@@ -457,9 +458,7 @@ pub async fn run_main_with_transport(
            range: None,
        });
    }
-    if let Some(warning) =
-        codex_core::config::system_bwrap_warning(config.permissions.sandbox_policy.get())
-    {
+    if let Some(warning) = codex_core::config::system_bwrap_warning() {
        config_warnings.push(ConfigWarningNotification {
            summary: warning,
            details: None,
@@ -502,13 +501,13 @@ pub async fn run_main_with_transport(

    let feedback_layer = feedback.logger_layer();
    let feedback_metadata_layer = feedback.metadata_layer();
-    let state_db = codex_state::StateRuntime::init(
+    let log_db = codex_state::StateRuntime::init(
        config.sqlite_home.clone(),
        config.model_provider_id.clone(),
    )
    .await
-    .ok();
-    let log_db = state_db.clone().map(log_db::start);
+    .ok()
+    .map(log_db::start);
    let log_db_layer = log_db
        .clone()
        .map(|layer| layer.with_filter(Targets::new().with_default(Level::TRACE)));
@@ -535,18 +534,11 @@ pub async fn run_main_with_transport(
    let single_client_mode = matches!(&transport, AppServerTransport::Stdio);
    let shutdown_when_no_connections = single_client_mode;
    let graceful_signal_restart_enabled = !single_client_mode;
-    let mut app_server_client_name_rx = None;

    match transport {
        AppServerTransport::Stdio => {
-            let (stdio_client_name_tx, stdio_client_name_rx) = oneshot::channel::<String>();
-            app_server_client_name_rx = Some(stdio_client_name_rx);
-            start_stdio_connection(
-                transport_event_tx.clone(),
-                &mut transport_accept_handles,
-                stdio_client_name_tx,
-            )
-            .await?;
+            start_stdio_connection(transport_event_tx.clone(), &mut transport_accept_handles)
+                .await?;
        }
        AppServerTransport::WebSocket { bind_address } => {
            let accept_handle = start_websocket_acceptor(
@@ -558,29 +550,6 @@ pub async fn run_main_with_transport(
            .await?;
            transport_accept_handles.push(accept_handle);
        }
-        AppServerTransport::Off => {}
-    }
-
-    let auth_manager =
-        AuthManager::shared_from_config(&config, /*enable_codex_api_key_env*/ false);
-
-    if config.features.enabled(Feature::RemoteControl) {
-        let accept_handle = start_remote_control(
-            config.chatgpt_base_url.clone(),
-            state_db.clone(),
-            auth_manager.clone(),
-            transport_event_tx.clone(),
-            transport_shutdown_token.clone(),
-            app_server_client_name_rx,
-        )
-        .await?;
-        transport_accept_handles.push(accept_handle);
-    }
-    if transport_accept_handles.is_empty() {
-        return Err(std::io::Error::new(
-            ErrorKind::InvalidInput,
-            "no transport configured; use --listen or enable remote control",
-        ));
    }

    let outbound_handle = tokio::spawn(async move {
@@ -641,8 +610,6 @@ pub async fn run_main_with_transport(
    let processor_handle = tokio::spawn({
        let outgoing_message_sender = Arc::new(OutgoingMessageSender::new(outgoing_tx));
        let outbound_control_tx = outbound_control_tx;
-        let auth_manager =
-            AuthManager::shared_from_config(&config, /*enable_codex_api_key_env*/ false);
        let cli_overrides: Vec<(String, TomlValue)> = cli_kv_overrides.clone();
        let loader_overrides = loader_overrides_for_config_api;
        let mut processor = MessageProcessor::new(MessageProcessorArgs {
@@ -657,7 +624,7 @@ pub async fn run_main_with_transport(
            log_db,
            config_warnings,
            session_source,
-            auth_manager,
+            enable_codex_api_key_env: false,
            rpc_transport: analytics_rpc_transport(transport),
        });
        let mut thread_created_rx = processor.thread_created_receiver();
@@ -885,9 +852,7 @@ pub async fn run_main_with_transport(
 fn analytics_rpc_transport(transport: AppServerTransport) -> AppServerRpcTransport {
    match transport {
        AppServerTransport::Stdio => AppServerRpcTransport::Stdio,
-        AppServerTransport::WebSocket { .. } | AppServerTransport::Off => {
-            AppServerRpcTransport::Websocket
-        }
+        AppServerTransport::WebSocket { .. } => AppServerRpcTransport::Websocket,
    }
 }

--- a/codex-rs/app-server/src/main.rs
+++ b/codex-rs/app-server/src/main.rs
@@ -16,7 +16,7 @@ const MANAGED_CONFIG_PATH_ENV_VAR: &str = "CODEX_APP_SERVER_MANAGED_CONFIG_PATH"
 #[derive(Debug, Parser)]
 struct AppServerArgs {
    /// Transport endpoint URL. Supported values: `stdio://` (default),
-    /// `ws://IP:PORT`, `off`.
+    /// `ws://IP:PORT`.
    #[arg(
        long = "listen",
        value_name = "URL",
--- a/codex-rs/app-server/src/message_processor.rs
+++ b/codex-rs/app-server/src/message_processor.rs
@@ -20,10 +20,7 @@ use crate::outgoing_message::OutgoingMessageSender;
 use crate::outgoing_message::RequestContext;
 use crate::transport::AppServerTransport;
 use async_trait::async_trait;
-use codex_analytics::AnalyticsEventsClient;
-use codex_analytics::AppServerRpcTransport;
 use codex_app_server_protocol::AppListUpdatedNotification;
-use codex_app_server_protocol::AuthMode as LoginAuthMode;
 use codex_app_server_protocol::ChatgptAuthTokensRefreshParams;
 use codex_app_server_protocol::ChatgptAuthTokensRefreshReason;
 use codex_app_server_protocol::ChatgptAuthTokensRefreshResponse;
@@ -58,24 +55,27 @@ use codex_app_server_protocol::ServerRequestPayload;
 use codex_app_server_protocol::experimental_required_message;
 use codex_arg0::Arg0DispatchPaths;
 use codex_chatgpt::connectors;
+use codex_core::AnalyticsEventsClient;
+use codex_core::AppServerRpcTransport;
+use codex_core::AuthManager;
 use codex_core::ThreadManager;
 use codex_core::config::Config;
 use codex_core::config_loader::CloudRequirementsLoader;
 use codex_core::config_loader::LoaderOverrides;
+use codex_core::default_client::SetOriginatorError;
+use codex_core::default_client::USER_AGENT_SUFFIX;
+use codex_core::default_client::get_codex_user_agent;
+use codex_core::default_client::set_default_client_residency_requirement;
+use codex_core::default_client::set_default_originator;
+use codex_core::models_manager::collaboration_mode_presets::CollaborationModesConfig;
 use codex_exec_server::EnvironmentManager;
 use codex_features::Feature;
 use codex_feedback::CodexFeedback;
-use codex_login::AuthManager;
+use codex_login::AuthMode as LoginAuthMode;
 use codex_login::auth::ExternalAuth;
 use codex_login::auth::ExternalAuthRefreshContext;
 use codex_login::auth::ExternalAuthRefreshReason;
 use codex_login::auth::ExternalAuthTokens;
-use codex_login::default_client::SetOriginatorError;
-use codex_login::default_client::USER_AGENT_SUFFIX;
-use codex_login::default_client::get_codex_user_agent;
-use codex_login::default_client::set_default_client_residency_requirement;
-use codex_login::default_client::set_default_originator;
-use codex_models_manager::collaboration_mode_presets::CollaborationModesConfig;
 use codex_protocol::ThreadId;
 use codex_protocol::protocol::SessionSource;
 use codex_protocol::protocol::W3cTraceContext;
@@ -193,7 +193,7 @@ pub(crate) struct MessageProcessorArgs {
    pub(crate) log_db: Option<LogDbLayer>,
    pub(crate) config_warnings: Vec<ConfigWarningNotification>,
    pub(crate) session_source: SessionSource,
-    pub(crate) auth_manager: Arc<AuthManager>,
+    pub(crate) enable_codex_api_key_env: bool,
    pub(crate) rpc_transport: AppServerRpcTransport,
 }

@@ -213,12 +213,17 @@ impl MessageProcessor {
            log_db,
            config_warnings,
            session_source,
-            auth_manager,
+            enable_codex_api_key_env,
            rpc_transport,
        } = args;
-        auth_manager.set_external_auth(Arc::new(ExternalAuthRefreshBridge {
-            outgoing: outgoing.clone(),
-        }));
+        let auth_manager = AuthManager::shared_with_external_auth(
+            config.codex_home.clone(),
+            enable_codex_api_key_env,
+            config.cli_auth_credentials_store_mode,
+            Arc::new(ExternalAuthRefreshBridge {
+                outgoing: outgoing.clone(),
+            }),
+        );
        let thread_manager = Arc::new(ThreadManager::new(
            config.as_ref(),
            auth_manager.clone(),
@@ -230,6 +235,7 @@ impl MessageProcessor {
            },
            environment_manager,
        ));
+        auth_manager.set_forced_chatgpt_workspace_id(config.forced_chatgpt_workspace_id.clone());
        let analytics_events_client = AnalyticsEventsClient::new(
            Arc::clone(&auth_manager),
            config.chatgpt_base_url.trim_end_matches('/').to_string(),
@@ -844,7 +850,6 @@ impl MessageProcessor {
                        connection_id,
                        other,
                        session.app_server_client_name.clone(),
-                        session.client_version.clone(),
                        request_context,
                    )
                    .boxed()
@@ -865,8 +870,16 @@ impl MessageProcessor {
        request_id: ConnectionRequestId,
        params: ConfigValueWriteParams,
    ) {
-        let result = self.config_api.write_value(params).await;
-        self.handle_config_mutation_result(request_id, result).await
+        match self.config_api.write_value(params).await {
+            Ok(response) => {
+                self.codex_message_processor.clear_plugin_related_caches();
+                self.codex_message_processor
+                    .maybe_start_plugin_startup_tasks_for_latest_config()
+                    .await;
+                self.outgoing.send_response(request_id, response).await;
+            }
+            Err(error) => self.outgoing.send_error(request_id, error).await,
+        }
    }

    async fn handle_config_batch_write(
@@ -874,8 +887,8 @@ impl MessageProcessor {
        request_id: ConnectionRequestId,
        params: ConfigBatchWriteParams,
    ) {
-        let result = self.config_api.batch_write(params).await;
-        self.handle_config_mutation_result(request_id, result).await;
+        self.handle_config_mutation_result(request_id, self.config_api.batch_write(params).await)
+            .await;
    }

    async fn handle_experimental_feature_enablement_set(
@@ -884,15 +897,23 @@ impl MessageProcessor {
        params: ExperimentalFeatureEnablementSetParams,
    ) {
        let should_refresh_apps_list = params.enablement.get("apps").copied() == Some(true);
-        let result = self
+        match self
            .config_api
            .set_experimental_feature_enablement(params)
-            .await;
-        let is_ok = result.is_ok();
-        self.handle_config_mutation_result(request_id, result).await;
-        if should_refresh_apps_list && is_ok {
-            self.refresh_apps_list_after_experimental_feature_enablement_set()
-                .await;
+            .await
+        {
+            Ok(response) => {
+                self.codex_message_processor.clear_plugin_related_caches();
+                self.codex_message_processor
+                    .maybe_start_plugin_startup_tasks_for_latest_config()
+                    .await;
+                self.outgoing.send_response(request_id, response).await;
+                if should_refresh_apps_list {
+                    self.refresh_apps_list_after_experimental_feature_enablement_set()
+                        .await;
+                }
+            }
+            Err(error) => self.outgoing.send_error(request_id, error).await,
        }
    }

@@ -911,11 +932,7 @@ impl MessageProcessor {
                return;
            }
        };
-        let auth = self.auth_manager.auth().await;
-        if !config.features.apps_enabled_for_auth(
-            auth.as_ref()
-                .is_some_and(codex_login::CodexAuth::is_chatgpt_auth),
-        ) {
+        if !config.features.apps_enabled(Some(&self.auth_manager)).await {
            return;
        }

@@ -969,7 +986,10 @@ impl MessageProcessor {
    ) {
        match result {
            Ok(response) => {
-                self.codex_message_processor.handle_config_mutation();
+                self.codex_message_processor.clear_plugin_related_caches();
+                self.codex_message_processor
+                    .maybe_start_plugin_startup_tasks_for_latest_config()
+                    .await;
                self.outgoing.send_response(request_id, response).await;
            }
            Err(error) => self.outgoing.send_error(request_id, error).await,
--- a/codex-rs/app-server/src/message_processor/tracing_tests.rs
+++ b/codex-rs/app-server/src/message_processor/tracing_tests.rs
@@ -7,7 +7,6 @@ use crate::transport::AppServerTransport;
 use anyhow::Result;
 use app_test_support::create_mock_responses_server_repeating_assistant;
 use app_test_support::write_mock_responses_config_toml;
-use codex_analytics::AppServerRpcTransport;
 use codex_app_server_protocol::ClientInfo;
 use codex_app_server_protocol::ClientRequest;
 use codex_app_server_protocol::InitializeCapabilities;
@@ -21,13 +20,13 @@ use codex_app_server_protocol::TurnStartParams;
 use codex_app_server_protocol::TurnStartResponse;
 use codex_app_server_protocol::UserInput;
 use codex_arg0::Arg0DispatchPaths;
+use codex_core::AppServerRpcTransport;
 use codex_core::config::Config;
 use codex_core::config::ConfigBuilder;
 use codex_core::config_loader::CloudRequirementsLoader;
 use codex_core::config_loader::LoaderOverrides;
 use codex_exec_server::EnvironmentManager;
 use codex_feedback::CodexFeedback;
-use codex_login::AuthManager;
 use codex_protocol::protocol::SessionSource;
 use codex_protocol::protocol::W3cTraceContext;
 use opentelemetry::global;
@@ -235,8 +234,6 @@ fn build_test_processor(
 ) {
    let (outgoing_tx, outgoing_rx) = mpsc::channel(16);
    let outgoing = Arc::new(OutgoingMessageSender::new(outgoing_tx));
-    let auth_manager =
-        AuthManager::shared_from_config(config.as_ref(), /*enable_codex_api_key_env*/ false);
    let processor = MessageProcessor::new(MessageProcessorArgs {
        outgoing,
        arg0_paths: Arg0DispatchPaths::default(),
@@ -249,7 +246,7 @@ fn build_test_processor(
        log_db: None,
        config_warnings: Vec::new(),
        session_source: SessionSource::VSCode,
-        auth_manager,
+        enable_codex_api_key_env: false,
        rpc_transport: AppServerRpcTransport::Stdio,
    });
    (processor, outgoing_rx)
--- a/codex-rs/app-server/src/models.rs
+++ b/codex-rs/app-server/src/models.rs
@@ -4,7 +4,7 @@ use codex_app_server_protocol::Model;
 use codex_app_server_protocol::ModelUpgradeInfo;
 use codex_app_server_protocol::ReasoningEffortOption;
 use codex_core::ThreadManager;
-use codex_models_manager::manager::RefreshStrategy;
+use codex_core::models_manager::manager::RefreshStrategy;
 use codex_protocol::openai_models::ModelPreset;
 use codex_protocol::openai_models::ReasoningEffortPreset;

--- a/codex-rs/app-server/src/thread_state.rs
+++ b/codex-rs/app-server/src/thread_state.rs
@@ -16,7 +16,6 @@ use std::sync::Weak;
 use tokio::sync::Mutex;
 use tokio::sync::mpsc;
 use tokio::sync::oneshot;
-use tracing::error;

 type PendingInterruptQueue = Vec<(
    ConnectionRequestId,
@@ -45,7 +44,6 @@ pub(crate) enum ThreadListenerCommand {
 /// Per-conversation accumulation of the latest states e.g. error message while a turn runs.
 #[derive(Default, Clone)]
 pub(crate) struct TurnSummary {
-    pub(crate) started_at: Option<i64>,
    pub(crate) file_change_started: HashSet<String>,
    pub(crate) command_execution_started: HashSet<String>,
    pub(crate) last_error: Option<TurnError>,
@@ -111,50 +109,13 @@ impl ThreadState {
    }

    pub(crate) fn track_current_turn_event(&mut self, event: &EventMsg) {
-        if let EventMsg::TurnStarted(payload) = event {
-            self.turn_summary.started_at = payload.started_at;
-        }
        self.current_turn_history.handle_event(event);
-        if matches!(event, EventMsg::TurnAborted(_) | EventMsg::TurnComplete(_))
-            && !self.current_turn_history.has_active_turn()
-        {
+        if !self.current_turn_history.has_active_turn() {
            self.current_turn_history.reset();
        }
    }
 }

-pub(crate) async fn resolve_server_request_on_thread_listener(
-    thread_state: &Arc<Mutex<ThreadState>>,
-    request_id: RequestId,
-) {
-    let (completion_tx, completion_rx) = oneshot::channel();
-    let listener_command_tx = {
-        let state = thread_state.lock().await;
-        state.listener_command_tx()
-    };
-    let Some(listener_command_tx) = listener_command_tx else {
-        error!("failed to remove pending client request: thread listener is not running");
-        return;
-    };
-
-    if listener_command_tx
-        .send(ThreadListenerCommand::ResolveServerRequest {
-            request_id,
-            completion_tx,
-        })
-        .is_err()
-    {
-        error!(
-            "failed to remove pending client request: thread listener command channel is closed"
-        );
-        return;
-    }
-
-    if let Err(err) = completion_rx.await {
-        error!("failed to remove pending client request: {err}");
-    }
-}
-
 struct ThreadEntry {
    state: Arc<Mutex<ThreadState>>,
    connection_ids: HashSet<ConnectionId>,
--- a/codex-rs/app-server/src/thread_status.rs
+++ b/codex-rs/app-server/src/thread_status.rs
@@ -792,7 +792,6 @@ mod tests {
    fn test_thread(thread_id: &str, source: codex_app_server_protocol::SessionSource) -> Thread {
        Thread {
            id: thread_id.to_string(),
-            forked_from_id: None,
            preview: String::new(),
            ephemeral: false,
            model_provider: "mock-provider".to_string(),
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Richard Lee	9f3986e6b4	Checkpoint before e2e test	2026-04-06 15:08:56 -07:00
Richard Lee	24ce07949e	Checkpoint before e2e test	2026-04-04 16:50:19 -07:00
Richard Lee	e6d2da4716	Initial Clippy	2026-04-04 13:20:29 -07:00