Fix Darwin rusty-v8 runtime staging

ci: merge Unix runtime libs into rusty_v8 sandbox artifacts
Co-authored-by: Codex <noreply@openai.com>
2026-05-08 21:32:33 +00:00 · 2026-05-07 19:29:16 -07:00 · 2026-05-07 01:02:08 +00:00 · 2026-05-06 15:55:18 -07:00 · 2026-05-06 12:23:19 -07:00 · 2026-05-06 12:23:19 -07:00
747 changed files with 19489 additions and 24626 deletions
--- a/.github/ISSUE_TEMPLATE/3-cli.yml
+++ b/.github/ISSUE_TEMPLATE/3-cli.yml
@@ -2,6 +2,7 @@ name: 💻 CLI Bug
 description: Report an issue in the Codex CLI
 labels:
  - bug
+  - needs triage
 body:
  - type: markdown
    attributes:
@@ -40,9 +41,9 @@ body:
    id: terminal
    attributes:
      label: What terminal emulator and version are you using (if applicable)?
+      description: Also note any multiplexer in use (screen / tmux / zellij)
      description: |
-        Also note any multiplexer in use (screen / tmux / zellij).
-        E.g., VS Code, Terminal.app, iTerm2, Ghostty, Windows Terminal (WSL / PowerShell)
+        E.g, VSCode, Terminal.app, iTerm2, Ghostty, Windows Terminal (WSL / PowerShell)
  - type: textarea
    id: actual
    attributes:
--- a/.github/ISSUE_TEMPLATE/5-feature-request.yml
+++ b/.github/ISSUE_TEMPLATE/5-feature-request.yml
@@ -10,7 +10,7 @@ body:

        Before you submit a feature:
        1. Search existing issues for similar features. If you find one, 👍 it rather than opening a new one.
-        2. The Codex team will try to balance the varying needs of the community when prioritizing or rejecting new features. Not all features will be accepted. See [Contributing](https://github.com/openai/codex/blob/main/docs/contributing.md) for more details.
+        2. The Codex team will try to balance the varying needs of the community when prioritizing or rejecting new features. Not all features will be accepted. See [Contributing](https://github.com/openai/codex#contributing) for more details.

  - type: input
    id: variant
--- a/.github/ISSUE_TEMPLATE/6-docs-issue.yml
+++ b/.github/ISSUE_TEMPLATE/6-docs-issue.yml
@@ -1,6 +1,6 @@
 name: 📗 Documentation Issue
 description: Tell us if there is missing or incorrect documentation
-labels: [documentation]
+labels: [docs]
 body:
  - type: markdown
    attributes:
@@ -24,4 +24,4 @@ body:
  - type: textarea
    attributes:
      label: Where did you find it?
-      description: If possible, please provide the URL(s) where you found this issue.
+      description: If possible, please provide the URL(s) where you found this issue.
--- a/.github/actions/prepare-bazel-ci/action.yml
+++ b/.github/actions/prepare-bazel-ci/action.yml
@@ -50,7 +50,7 @@ runs:
    - name: Restore bazel repository cache
      id: cache_bazel_repository_restore
      continue-on-error: true
-      uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+      uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
      with:
        path: ${{ steps.setup_bazel.outputs.repository-cache-path }}
        key: ${{ steps.cache_bazel_repository_key.outputs.repository-cache-key }}
--- a/.github/actions/windows-code-sign/action.yml
+++ b/.github/actions/windows-code-sign/action.yml
@@ -30,7 +30,7 @@ runs:
  using: composite
  steps:
    - name: Azure login for Trusted Signing (OIDC)
-      uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
+      uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
      with:
        client-id: ${{ inputs.client-id }}
        tenant-id: ${{ inputs.tenant-id }}
@@ -54,7 +54,7 @@ runs:
        } >> "$GITHUB_OUTPUT"

    - name: Sign Windows binaries with Azure Trusted Signing
-      uses: azure/trusted-signing-action@1d365fec12862c4aa68fcac418143d73f0cea293 # v0.5.11
+      uses: azure/trusted-signing-action@1d365fec12862c4aa68fcac418143d73f0cea293 # v0
      with:
        endpoint: ${{ inputs.endpoint }}
        trusted-signing-account-name: ${{ inputs.account-name }}
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -6,37 +6,25 @@ updates:
    directory: .github/actions/codex
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: cargo
    directories:
      - codex-rs
      - codex-rs/*
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: devcontainers
    directory: /
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: docker
    directory: codex-cli
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: github-actions
    directory: /
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
  - package-ecosystem: rust-toolchain
    directory: codex-rs
    schedule:
      interval: weekly
-    cooldown:
-      default-days: 7
--- a/.github/scripts/rusty_v8_bazel.py
+++ b/.github/scripts/rusty_v8_bazel.py
@@ -11,6 +11,7 @@ import subprocess
 import sys
 import tempfile
 import tomllib
+import urllib.request
 from pathlib import Path

 from rusty_v8_module_bazel import (
@@ -23,12 +24,79 @@ from rusty_v8_module_bazel import (
 ROOT = Path(__file__).resolve().parents[2]
 MODULE_BAZEL = ROOT / "MODULE.bazel"
 RUSTY_V8_CHECKSUMS_DIR = ROOT / "third_party" / "v8"
-MUSL_RUNTIME_ARCHIVE_LABELS = [
+STATIC_RUNTIME_ARCHIVE_LABELS = [
    "@llvm//runtimes/libcxx:libcxx.static",
    "@llvm//runtimes/libcxx:libcxxabi.static",
 ]
+DARWIN_RUNTIME_ARCHIVE_MEMBERS = [
+    "algorithm.o",
+    "any.o",
+    "atomic.o",
+    "barrier.o",
+    "bind.o",
+    "call_once.o",
+    "charconv.o",
+    "chrono.o",
+    "condition_variable.o",
+    "condition_variable_destructor.o",
+    "error_category.o",
+    "exception.o",
+    "directory_iterator.o",
+    "filesystem_error.o",
+    "operations.o",
+    "path.o",
+    "functional.o",
+    "future.o",
+    "hash.o",
+    "ios.o",
+    "ios.instantiations.o",
+    "iostream.o",
+    "locale.o",
+    "memory.o",
+    "mutex.o",
+    "mutex_destructor.o",
+    "new_handler.o",
+    "new_helpers.o",
+    "optional.o",
+    "random.o",
+    "random_shuffle.o",
+    "regex.o",
+    "d2fixed.o",
+    "d2s.o",
+    "f2s.o",
+    "shared_mutex.o",
+    "stdexcept.o",
+    "string.o",
+    "strstream.o",
+    "system_error.o",
+    "thread.o",
+    "typeinfo.o",
+    "valarray.o",
+    "variant.o",
+    "vector.o",
+    "verbose_abort.o",
+    "new.o",
+    "abort_message.o",
+    "cxa_aux_runtime.o",
+    "cxa_default_handlers.o",
+    "cxa_exception.o",
+    "cxa_exception_storage.o",
+    "cxa_handlers.o",
+    "cxa_personality.o",
+    "cxa_vector.o",
+    "cxa_virtual.o",
+    "fallback_malloc.o",
+    "private_typeinfo.o",
+    "stdlib_exception.o",
+    "stdlib_stdexcept.o",
+    "stdlib_typeinfo.o",
+    "cxa_guard.o",
+    "cxa_demangle.o",
+]
 LLVM_AR_LABEL = "@llvm//tools:llvm-ar"
 LLVM_RANLIB_LABEL = "@llvm//tools:llvm-ranlib"
+RELEASE_ARTIFACT_PROFILE = "release"
+SANDBOX_ARTIFACT_PROFILE = "ptrcomp_sandbox_release"


 def bazel_execroot() -> Path:
@@ -126,9 +194,10 @@ def ensure_bazel_output_files(
    return outputs


-def release_pair_label(target: str) -> str:
+def release_pair_label(target: str, sandbox: bool = False) -> str:
    target_suffix = target.replace("-", "_")
-    return f"//third_party/v8:rusty_v8_release_pair_{target_suffix}"
+    pair_kind = "sandbox_release_pair" if sandbox else "release_pair"
+    return f"//third_party/v8:rusty_v8_{pair_kind}_{target_suffix}"


 def resolved_v8_crate_version() -> str:
@@ -180,14 +249,35 @@ def command_manifest_path(manifest: Path | None, version: str) -> Path:
    return ROOT / manifest


-def staged_archive_name(target: str, source_path: Path) -> str:
+def staged_archive_name(target: str, source_path: Path, artifact_profile: str) -> str:
    if source_path.suffix == ".lib":
-        return f"rusty_v8_release_{target}.lib.gz"
-    return f"librusty_v8_release_{target}.a.gz"
+        return f"rusty_v8_{artifact_profile}_{target}.lib.gz"
+    return f"librusty_v8_{artifact_profile}_{target}.a.gz"


-def is_musl_archive_target(target: str, source_path: Path) -> bool:
-    return target.endswith("-unknown-linux-musl") and source_path.suffix == ".a"
+def staged_binding_name(target: str, artifact_profile: str) -> str:
+    return f"src_binding_{artifact_profile}_{target}.rs"
+
+
+def staged_checksums_name(target: str, artifact_profile: str) -> str:
+    return f"rusty_v8_{artifact_profile}_{target}.sha256"
+
+
+def needs_merged_runtime_archive(target: str, source_path: Path) -> bool:
+    return source_path.suffix == ".a" and target.endswith(
+        ("-apple-darwin", "-unknown-linux-gnu", "-unknown-linux-musl")
+    )
+
+
+def needs_built_runtime_archives(target: str) -> bool:
+    return target.endswith(("-unknown-linux-gnu", "-unknown-linux-musl"))
+
+
+def upstream_rusty_v8_archive_url(target: str, version: str) -> str:
+    return (
+        "https://github.com/denoland/rusty_v8/releases/download/"
+        f"v{version}/librusty_v8_release_{target}.a.gz"
+    )


 def single_bazel_output_file(
@@ -202,31 +292,64 @@ def single_bazel_output_file(
    return outputs[0]


-def merged_musl_archive(
+def host_runnable_bazel_output_file(
    platform: str,
-    lib_path: Path,
+    label: str,
    compilation_mode: str = "fastbuild",
    bazel_configs: list[str] | None = None,
 ) -> Path:
-    llvm_ar = single_bazel_output_file(platform, LLVM_AR_LABEL, compilation_mode, bazel_configs)
-    llvm_ranlib = single_bazel_output_file(
+    outputs = ensure_bazel_output_files(platform, [label], compilation_mode, bazel_configs)
+    if len(outputs) == 1:
+        return outputs[0]
+
+    runnable_outputs = []
+    for output in outputs:
+        try:
+            result = subprocess.run(
+                [str(output), "--version"],
+                cwd=ROOT,
+                capture_output=True,
+                text=True,
+            )
+        except OSError:
+            continue
+        if result.returncode == 0:
+            runnable_outputs.append(output)
+
+    if len(runnable_outputs) != 1:
+        raise SystemExit(
+            f"expected exactly one host-runnable output for {label}, "
+            f"found {runnable_outputs} from {outputs}"
+        )
+    return runnable_outputs[0]
+
+
+def merged_archive(
+    platform: str,
+    lib_path: Path,
+    extra_archives: list[Path],
+    compilation_mode: str = "fastbuild",
+    bazel_configs: list[str] | None = None,
+) -> Path:
+    llvm_ar = host_runnable_bazel_output_file(
+        platform,
+        LLVM_AR_LABEL,
+        compilation_mode,
+        bazel_configs,
+    )
+    llvm_ranlib = host_runnable_bazel_output_file(
        platform,
        LLVM_RANLIB_LABEL,
        compilation_mode,
        bazel_configs,
    )
-    runtime_archives = [
-        single_bazel_output_file(platform, label, compilation_mode, bazel_configs)
-        for label in MUSL_RUNTIME_ARCHIVE_LABELS
-    ]
-
-    temp_dir = Path(tempfile.mkdtemp(prefix="rusty-v8-musl-stage-"))
+    temp_dir = Path(tempfile.mkdtemp(prefix="rusty-v8-runtime-stage-"))
    merged_archive = temp_dir / lib_path.name
    merge_commands = "\n".join(
        [
            f"create {merged_archive}",
            f"addlib {lib_path}",
-            *[f"addlib {archive}" for archive in runtime_archives],
+            *[f"addlib {archive}" for archive in extra_archives],
            "save",
            "end",
        ]
@@ -242,16 +365,145 @@ def merged_musl_archive(
    return merged_archive


+def merged_built_runtime_archive(
+    platform: str,
+    lib_path: Path,
+    compilation_mode: str = "fastbuild",
+    bazel_configs: list[str] | None = None,
+) -> Path:
+    runtime_archives = [
+        single_bazel_output_file(platform, label, compilation_mode, bazel_configs)
+        for label in STATIC_RUNTIME_ARCHIVE_LABELS
+    ]
+    return merged_archive(
+        platform,
+        lib_path,
+        runtime_archives,
+        compilation_mode,
+        bazel_configs,
+    )
+
+
+def downloaded_darwin_runtime_archive(
+    target: str,
+    version: str,
+    llvm_ar: Path,
+) -> Path:
+    temp_dir = Path(tempfile.mkdtemp(prefix="rusty-v8-darwin-runtime-"))
+    compressed_archive = temp_dir / f"librusty_v8_release_{target}.a.gz"
+    source_archive = temp_dir / f"librusty_v8_release_{target}.a"
+    runtime_archive = temp_dir / f"libcxx_runtime_{target}.a"
+
+    with urllib.request.urlopen(upstream_rusty_v8_archive_url(target, version)) as src:
+        with compressed_archive.open("wb") as dst:
+            shutil.copyfileobj(src, dst)
+    with gzip.open(compressed_archive, "rb") as src:
+        with source_archive.open("wb") as dst:
+            shutil.copyfileobj(src, dst)
+
+    listed_members = subprocess.run(
+        [str(llvm_ar), "t", str(source_archive)],
+        cwd=ROOT,
+        check=True,
+        capture_output=True,
+        text=True,
+    ).stdout.splitlines()
+    missing_members = [
+        member for member in DARWIN_RUNTIME_ARCHIVE_MEMBERS if member not in listed_members
+    ]
+    if missing_members:
+        raise SystemExit(
+            f"missing Darwin runtime members in {source_archive}: {missing_members}"
+        )
+
+    subprocess.run(
+        [
+            str(llvm_ar),
+            "x",
+            str(source_archive),
+            *DARWIN_RUNTIME_ARCHIVE_MEMBERS,
+        ],
+        cwd=temp_dir,
+        check=True,
+    )
+    merge_commands = "\n".join(
+        [
+            f"create {runtime_archive}",
+            *[f"addmod {temp_dir / member}" for member in DARWIN_RUNTIME_ARCHIVE_MEMBERS],
+            "save",
+            "end",
+        ]
+    )
+    subprocess.run(
+        [str(llvm_ar), "-M"],
+        cwd=ROOT,
+        check=True,
+        input=merge_commands,
+        text=True,
+    )
+    return runtime_archive
+
+
+def merged_darwin_runtime_archive(
+    platform: str,
+    target: str,
+    lib_path: Path,
+    compilation_mode: str = "fastbuild",
+    bazel_configs: list[str] | None = None,
+) -> Path:
+    llvm_ar = host_runnable_bazel_output_file(
+        platform,
+        LLVM_AR_LABEL,
+        compilation_mode,
+        bazel_configs,
+    )
+    version = resolved_v8_crate_version()
+    runtime_archive = downloaded_darwin_runtime_archive(target, version, llvm_ar)
+    return merged_archive(
+        platform,
+        lib_path,
+        [runtime_archive],
+        compilation_mode,
+        bazel_configs,
+    )
+
+
+def runtime_merged_archive(
+    platform: str,
+    target: str,
+    lib_path: Path,
+    compilation_mode: str = "fastbuild",
+    bazel_configs: list[str] | None = None,
+) -> Path:
+    if target.endswith("-apple-darwin"):
+        return merged_darwin_runtime_archive(
+            platform,
+            target,
+            lib_path,
+            compilation_mode,
+            bazel_configs,
+        )
+    if not needs_built_runtime_archives(target):
+        raise SystemExit(f"unsupported runtime merge target: {target}")
+    return merged_built_runtime_archive(
+        platform,
+        lib_path,
+        compilation_mode,
+        bazel_configs,
+    )
+
+
 def stage_release_pair(
    platform: str,
    target: str,
    output_dir: Path,
    compilation_mode: str = "fastbuild",
    bazel_configs: list[str] | None = None,
+    sandbox: bool = False,
 ) -> None:
    outputs = ensure_bazel_output_files(
        platform,
-        [release_pair_label(target)],
+        [release_pair_label(target, sandbox)],
        compilation_mode,
        bazel_configs,
    )
@@ -267,11 +519,12 @@ def stage_release_pair(
        raise SystemExit(f"missing Rust binding output for {target}") from exc

    output_dir.mkdir(parents=True, exist_ok=True)
-    staged_library = output_dir / staged_archive_name(target, lib_path)
-    staged_binding = output_dir / f"src_binding_release_{target}.rs"
+    artifact_profile = SANDBOX_ARTIFACT_PROFILE if sandbox else RELEASE_ARTIFACT_PROFILE
+    staged_library = output_dir / staged_archive_name(target, lib_path, artifact_profile)
+    staged_binding = output_dir / staged_binding_name(target, artifact_profile)
    source_archive = (
-        merged_musl_archive(platform, lib_path, compilation_mode, bazel_configs)
-        if is_musl_archive_target(target, lib_path)
+        runtime_merged_archive(platform, target, lib_path, compilation_mode, bazel_configs)
+        if needs_merged_runtime_archive(target, lib_path)
        else lib_path
    )

@@ -287,7 +540,7 @@ def stage_release_pair(

    shutil.copyfile(binding_path, staged_binding)

-    staged_checksums = output_dir / f"rusty_v8_release_{target}.sha256"
+    staged_checksums = output_dir / staged_checksums_name(target, artifact_profile)
    with staged_checksums.open("w", encoding="utf-8") as checksums:
        for path in [staged_library, staged_binding]:
            digest = hashlib.sha256()
@@ -309,6 +562,7 @@ def parse_args() -> argparse.Namespace:
    stage_release_pair_parser.add_argument("--platform", required=True)
    stage_release_pair_parser.add_argument("--target", required=True)
    stage_release_pair_parser.add_argument("--output-dir", required=True)
+    stage_release_pair_parser.add_argument("--sandbox", action="store_true")
    stage_release_pair_parser.add_argument(
        "--bazel-config",
        action="append",
@@ -353,6 +607,7 @@ def main() -> int:
            output_dir=Path(args.output_dir),
            compilation_mode=args.compilation_mode,
            bazel_configs=args.bazel_configs,
+            sandbox=args.sandbox,
        )
        return 0
    if args.command == "resolved-v8-crate-version":
--- a/.github/scripts/test_rusty_v8_bazel.py
+++ b/.github/scripts/test_rusty_v8_bazel.py
@@ -4,11 +4,178 @@ from __future__ import annotations

 import textwrap
 import unittest
+from pathlib import Path
+from unittest.mock import Mock
+from unittest.mock import patch

+import rusty_v8_bazel
 import rusty_v8_module_bazel


 class RustyV8BazelTest(unittest.TestCase):
+    def test_release_pair_labels_and_staged_names_distinguish_sandbox_artifacts(self) -> None:
+        self.assertEqual(
+            "//third_party/v8:rusty_v8_release_pair_x86_64_unknown_linux_musl",
+            rusty_v8_bazel.release_pair_label("x86_64-unknown-linux-musl"),
+        )
+        self.assertEqual(
+            "//third_party/v8:rusty_v8_sandbox_release_pair_x86_64_unknown_linux_musl",
+            rusty_v8_bazel.release_pair_label("x86_64-unknown-linux-musl", sandbox=True),
+        )
+        self.assertEqual(
+            "//third_party/v8:rusty_v8_sandbox_release_pair_x86_64_apple_darwin",
+            rusty_v8_bazel.release_pair_label("x86_64-apple-darwin", sandbox=True),
+        )
+        self.assertEqual(
+            "librusty_v8_release_x86_64-unknown-linux-musl.a.gz",
+            rusty_v8_bazel.staged_archive_name(
+                "x86_64-unknown-linux-musl",
+                Path("libv8.a"),
+                rusty_v8_bazel.RELEASE_ARTIFACT_PROFILE,
+            ),
+        )
+        self.assertEqual(
+            "librusty_v8_ptrcomp_sandbox_release_x86_64-pc-windows-msvc.a.gz",
+            rusty_v8_bazel.staged_archive_name(
+                "x86_64-pc-windows-msvc",
+                Path("v8.a"),
+                rusty_v8_bazel.SANDBOX_ARTIFACT_PROFILE,
+            ),
+        )
+        self.assertEqual(
+            "src_binding_ptrcomp_sandbox_release_x86_64-unknown-linux-musl.rs",
+            rusty_v8_bazel.staged_binding_name(
+                "x86_64-unknown-linux-musl",
+                rusty_v8_bazel.SANDBOX_ARTIFACT_PROFILE,
+            ),
+        )
+        self.assertEqual(
+            "rusty_v8_ptrcomp_sandbox_release_x86_64-unknown-linux-musl.sha256",
+            rusty_v8_bazel.staged_checksums_name(
+                "x86_64-unknown-linux-musl",
+                rusty_v8_bazel.SANDBOX_ARTIFACT_PROFILE,
+            ),
+        )
+
+    def test_needs_merged_runtime_archive(self) -> None:
+        for target in [
+            "x86_64-apple-darwin",
+            "x86_64-unknown-linux-gnu",
+            "x86_64-unknown-linux-musl",
+        ]:
+            self.assertTrue(rusty_v8_bazel.needs_merged_runtime_archive(target, Path("v8.a")))
+
+        self.assertFalse(
+            rusty_v8_bazel.needs_merged_runtime_archive(
+                "x86_64-pc-windows-msvc",
+                Path("v8.a"),
+            )
+        )
+
+    def test_needs_built_runtime_archives(self) -> None:
+        for target in [
+            "x86_64-unknown-linux-gnu",
+            "x86_64-unknown-linux-musl",
+        ]:
+            self.assertTrue(rusty_v8_bazel.needs_built_runtime_archives(target))
+
+        self.assertFalse(rusty_v8_bazel.needs_built_runtime_archives("x86_64-apple-darwin"))
+        self.assertFalse(rusty_v8_bazel.needs_built_runtime_archives("x86_64-pc-windows-msvc"))
+
+    def test_upstream_rusty_v8_archive_url(self) -> None:
+        self.assertEqual(
+            (
+                "https://github.com/denoland/rusty_v8/releases/download/"
+                "v147.4.0/librusty_v8_release_x86_64-apple-darwin.a.gz"
+            ),
+            rusty_v8_bazel.upstream_rusty_v8_archive_url(
+                "x86_64-apple-darwin",
+                "147.4.0",
+            ),
+        )
+
+    @patch("rusty_v8_bazel.merged_built_runtime_archive")
+    @patch("rusty_v8_bazel.merged_darwin_runtime_archive")
+    def test_runtime_merged_archive_dispatches_by_target(
+        self,
+        merged_darwin_runtime_archive: Mock,
+        merged_built_runtime_archive: Mock,
+    ) -> None:
+        merged_darwin_runtime_archive.return_value = Path("/tmp/darwin.a")
+        merged_built_runtime_archive.return_value = Path("/tmp/linux.a")
+
+        self.assertEqual(
+            Path("/tmp/darwin.a"),
+            rusty_v8_bazel.runtime_merged_archive(
+                "macos_amd64",
+                "x86_64-apple-darwin",
+                Path("/tmp/v8.a"),
+            ),
+        )
+        self.assertEqual(
+            Path("/tmp/linux.a"),
+            rusty_v8_bazel.runtime_merged_archive(
+                "linux_amd64",
+                "x86_64-unknown-linux-gnu",
+                Path("/tmp/v8.a"),
+            ),
+        )
+        with self.assertRaisesRegex(SystemExit, "unsupported runtime merge target"):
+            rusty_v8_bazel.runtime_merged_archive(
+                "windows_amd64",
+                "x86_64-pc-windows-msvc",
+                Path("/tmp/v8.a"),
+            )
+
+    @patch("rusty_v8_bazel.ensure_bazel_output_files")
+    @patch("rusty_v8_bazel.subprocess.run")
+    def test_host_runnable_bazel_output_file_selects_runnable_candidate(
+        self,
+        run: Mock,
+        ensure_outputs: Mock,
+    ) -> None:
+        amd64_tool = Path("/tmp/llvm-amd64/bin/llvm-ar")
+        arm64_tool = Path("/tmp/llvm-arm64/bin/llvm-ar")
+        ensure_outputs.return_value = [amd64_tool, arm64_tool]
+        run.side_effect = [
+            OSError("Exec format error"),
+            Mock(returncode=0),
+        ]
+
+        self.assertEqual(
+            arm64_tool,
+            rusty_v8_bazel.host_runnable_bazel_output_file(
+                "linux_arm64_musl",
+                "@llvm//tools:llvm-ar",
+                "opt",
+            ),
+        )
+
+    @patch("rusty_v8_bazel.ensure_bazel_output_files")
+    @patch("rusty_v8_bazel.subprocess.run")
+    def test_host_runnable_bazel_output_file_rejects_ambiguous_candidates(
+        self,
+        run: Mock,
+        ensure_outputs: Mock,
+    ) -> None:
+        amd64_tool = Path("/tmp/llvm-amd64/bin/llvm-ar")
+        arm64_tool = Path("/tmp/llvm-arm64/bin/llvm-ar")
+        ensure_outputs.return_value = [amd64_tool, arm64_tool]
+        run.side_effect = [
+            Mock(returncode=0),
+            Mock(returncode=0),
+        ]
+
+        with self.assertRaisesRegex(
+            SystemExit,
+            "expected exactly one host-runnable output",
+        ):
+            rusty_v8_bazel.host_runnable_bazel_output_file(
+                "linux_arm64_musl",
+                "@llvm//tools:llvm-ar",
+                "opt",
+            )
+
    def test_update_module_bazel_replaces_and_inserts_sha256(self) -> None:
        module_bazel = textwrap.dedent(
            """\
--- a/.github/workflows/bazel.yml
+++ b/.github/workflows/bazel.yml
@@ -56,9 +56,7 @@ jobs:
    name: Bazel test on ${{ matrix.os }} for ${{ matrix.target }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Check rusty_v8 MODULE.bazel checksums
        if: matrix.os == 'ubuntu-24.04' && matrix.target == 'x86_64-unknown-linux-gnu'
@@ -124,7 +122,7 @@ jobs:
      - name: Upload Bazel execution logs
        if: always() && !cancelled()
        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: bazel-execution-logs-test-${{ matrix.target }}
          path: ${{ runner.temp }}/bazel-execution-logs
@@ -135,7 +133,7 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
          key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
@@ -150,9 +148,7 @@ jobs:
    name: Bazel test on windows-latest for x86_64-pc-windows-gnullvm (native main)

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Prepare Bazel CI
        id: prepare_bazel
@@ -199,7 +195,7 @@ jobs:
      - name: Upload Bazel execution logs
        if: always() && !cancelled()
        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: bazel-execution-logs-test-windows-native-x86_64-pc-windows-gnullvm
          path: ${{ runner.temp }}/bazel-execution-logs
@@ -210,7 +206,7 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
          key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
@@ -235,9 +231,7 @@ jobs:
    name: Bazel clippy on ${{ matrix.os }} for ${{ matrix.target }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Prepare Bazel CI
        id: prepare_bazel
@@ -292,7 +286,7 @@ jobs:
      - name: Upload Bazel execution logs
        if: always() && !cancelled()
        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: bazel-execution-logs-clippy-${{ matrix.target }}
          path: ${{ runner.temp }}/bazel-execution-logs
@@ -303,7 +297,7 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
          key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
@@ -324,9 +318,7 @@ jobs:
    name: Verify release build on ${{ matrix.os }} for ${{ matrix.target }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Prepare Bazel CI
        id: prepare_bazel
@@ -398,7 +390,7 @@ jobs:
      - name: Upload Bazel execution logs
        if: always() && !cancelled()
        continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: bazel-execution-logs-verify-release-build-${{ matrix.target }}
          path: ${{ runner.temp }}/bazel-execution-logs
@@ -409,7 +401,7 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
          key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
--- a/.github/workflows/blob-size-policy.yml
+++ b/.github/workflows/blob-size-policy.yml
@@ -8,10 +8,9 @@ jobs:
    name: Blob size policy
    runs-on: ubuntu-24.04
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        with:
          fetch-depth: 0
-          persist-credentials: false

      - name: Determine PR comparison range
        id: range
--- a/.github/workflows/cargo-deny.yml
+++ b/.github/workflows/cargo-deny.yml
@@ -14,9 +14,7 @@ jobs:
        working-directory: ./codex-rs
    steps:
      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Install Rust toolchain
        uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -12,9 +12,7 @@ jobs:
      NODE_OPTIONS: --max-old-space-size=4096
    steps:
      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Verify codex-rs Cargo manifests inherit workspace settings
        run: python3 .github/scripts/verify_cargo_workspace_manifests.py
@@ -31,7 +29,7 @@ jobs:
          run_install: false

      - name: Setup Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
        with:
          node-version: 22

@@ -65,7 +63,7 @@ jobs:
          echo "pack_output=$PACK_OUTPUT" >> "$GITHUB_OUTPUT"

      - name: Upload staged npm package artifact
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: codex-npm-staging
          path: ${{ steps.stage_npm_package.outputs.pack_output }}
--- a/.github/workflows/close-stale-contributor-prs.yml
+++ b/.github/workflows/close-stale-contributor-prs.yml
@@ -17,7 +17,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Close inactive PRs from contributors
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
--- a/.github/workflows/codespell.yml
+++ b/.github/workflows/codespell.yml
@@ -18,11 +18,9 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - name: Annotate locations with typos
-        uses: codespell-project/codespell-problem-matcher@b80729f885d32f78a716c2f107b4db1025001c42 # v1.1.0
+        uses: codespell-project/codespell-problem-matcher@b80729f885d32f78a716c2f107b4db1025001c42 # v1
      - name: Codespell
        uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # v2.2
        with:
--- a/.github/workflows/issue-deduplicator.yml
+++ b/.github/workflows/issue-deduplicator.yml
@@ -19,9 +19,7 @@ jobs:
      reason: ${{ steps.normalize-all.outputs.reason }}
      has_matches: ${{ steps.normalize-all.outputs.has_matches }}
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Prepare Codex inputs
        env:
@@ -157,9 +155,7 @@ jobs:
      reason: ${{ steps.normalize-open.outputs.reason }}
      has_matches: ${{ steps.normalize-open.outputs.has_matches }}
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Prepare Codex inputs
        env:
@@ -346,7 +342,7 @@ jobs:
      issues: write
    steps:
      - name: Comment on issue
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
        env:
          CODEX_OUTPUT: ${{ needs.select-final.outputs.codex_output }}
        with:
--- a/.github/workflows/issue-labeler.yml
+++ b/.github/workflows/issue-labeler.yml
@@ -17,9 +17,7 @@ jobs:
    outputs:
      codex_output: ${{ steps.codex.outputs.final-message }}
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - id: codex
        uses: openai/codex-action@5c3f4ccdb2b8790f73d6b21751ac00e602aa0c02 # v1.7
--- a/.github/workflows/rust-ci-full.yml
+++ b/.github/workflows/rust-ci-full.yml
@@ -7,11 +7,6 @@ on:
  workflow_dispatch:

 # CI builds in debug (dev) for faster signal.
-env:
-  # Cargo's libgit2 transport has been flaky on macOS when fetching git
-  # dependencies with nested submodules. Use the system git CLI, which has
-  # better network/proxy behavior and matches Cargo's own suggested fallback.
-  CARGO_NET_GIT_FETCH_WITH_CLI: "true"

 jobs:
  # --- CI that doesn't need specific targets ---------------------------------
@@ -22,9 +17,7 @@ jobs:
      run:
        working-directory: codex-rs
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
          components: rustfmt
@@ -38,15 +31,14 @@ jobs:
      run:
        working-directory: codex-rs
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
-          tool: cargo-shear@1.11.2
+          tool: cargo-shear
+          version: 1.5.1
      - name: cargo shear
-        run: cargo shear --deny-warnings
+        run: cargo shear

  argument_comment_lint_package:
    name: Argument comment lint package
@@ -55,16 +47,14 @@ jobs:
      CARGO_DYLINT_VERSION: 5.0.0
      DYLINT_LINK_VERSION: 5.0.0
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
          toolchain: nightly-2025-09-18
          components: llvm-tools-preview, rustc-dev, rust-src
      - name: Cache cargo-dylint tooling
        id: cargo_dylint_cache
-        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/cargo-dylint
@@ -107,9 +97,7 @@ jobs:
              group: codex-runners
              labels: codex-windows-x64
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: ./.github/actions/setup-bazel-ci
        with:
          target: ${{ runner.os }}
@@ -245,9 +233,7 @@ jobs:
              labels: codex-windows-arm64

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - name: Install Linux build dependencies
        if: ${{ runner.os == 'Linux' }}
        shell: bash
@@ -290,7 +276,7 @@ jobs:
      # avoid caching the large target dir on the gnu-dev job.
      - name: Restore cargo home cache
        id: cache_cargo_home_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/
@@ -308,7 +294,7 @@ jobs:
      # Install and restore sccache cache
      - name: Install sccache
        if: ${{ env.USE_SCCACHE == 'true' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
          tool: sccache
          version: 0.7.5
@@ -335,7 +321,7 @@ jobs:
      - name: Restore sccache cache (fallback)
        if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
        id: cache_sccache_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ github.workspace }}/.sccache/
          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -362,7 +348,7 @@ jobs:
      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
        name: Restore APT cache (musl)
        id: cache_apt_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            /var/cache/apt
@@ -370,7 +356,7 @@ jobs:

      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
        name: Install Zig
-        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2.2.1
+        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2
        with:
          version: 0.14.0

@@ -444,7 +430,7 @@ jobs:

      - name: Install cargo-chef
        if: ${{ matrix.profile == 'release' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
          tool: cargo-chef
          version: 0.1.71
@@ -463,7 +449,7 @@ jobs:

      - name: Upload Cargo timings (clippy)
        if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: cargo-timings-rust-ci-clippy-${{ matrix.target }}-${{ matrix.profile }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -474,7 +460,7 @@ jobs:
      - name: Save cargo home cache
        if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/
@@ -490,7 +476,7 @@ jobs:
      - name: Save sccache cache (fallback)
        if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ github.workspace }}/.sccache/
          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -515,7 +501,7 @@ jobs:
      - name: Save APT cache (musl)
        if: always() && !cancelled() && (matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl') && steps.cache_apt_restore.outputs.cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            /var/cache/apt
@@ -573,9 +559,7 @@ jobs:
              labels: codex-windows-arm64

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - name: Install Linux build dependencies
        if: ${{ runner.os == 'Linux' }}
        shell: bash
@@ -583,7 +567,7 @@ jobs:
          set -euo pipefail
          if command -v apt-get >/dev/null 2>&1; then
            sudo apt-get update -y
-            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev bubblewrap
+            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends pkg-config libcap-dev
          fi

      # Some integration tests rely on DotSlash being installed.
@@ -606,7 +590,7 @@ jobs:

      - name: Restore cargo home cache
        id: cache_cargo_home_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/
@@ -619,7 +603,7 @@ jobs:

      - name: Install sccache
        if: ${{ env.USE_SCCACHE == 'true' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
          tool: sccache
          version: 0.7.5
@@ -646,7 +630,7 @@ jobs:
      - name: Restore sccache cache (fallback)
        if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
        id: cache_sccache_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ github.workspace }}/.sccache/
          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -654,7 +638,7 @@ jobs:
            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-
            sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-

-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
          tool: nextest
          version: 0.9.103
@@ -690,7 +674,7 @@ jobs:

      - name: Upload Cargo timings (nextest)
        if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: cargo-timings-rust-ci-nextest-${{ matrix.target }}-${{ matrix.profile }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -699,7 +683,7 @@ jobs:
      - name: Save cargo home cache
        if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/
@@ -711,7 +695,7 @@ jobs:
      - name: Save sccache cache (fallback)
        if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: ${{ github.workspace }}/.sccache/
          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -738,12 +722,10 @@ jobs:
        shell: bash
        run: |
          set +e
-          if [[ "${STEPS_TEST_OUTCOME}" != "success" ]]; then
+          if [[ "${{ steps.test.outcome }}" != "success" ]]; then
            docker logs codex-remote-test-env || true
          fi
          docker rm -f codex-remote-test-env >/dev/null 2>&1 || true
-        env:
-          STEPS_TEST_OUTCOME: ${{ steps.test.outcome }}

      - name: verify tests passed
        if: steps.test.outcome == 'failure'
--- a/.github/workflows/rust-ci.yml
+++ b/.github/workflows/rust-ci.yml
@@ -14,10 +14,9 @@ jobs:
      codex: ${{ steps.detect.outputs.codex }}
      workflows: ${{ steps.detect.outputs.workflows }}
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        with:
          fetch-depth: 0
-          persist-credentials: false
      - name: Detect changed paths (no external action)
        id: detect
        shell: bash
@@ -62,9 +61,7 @@ jobs:
      run:
        working-directory: codex-rs
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
          components: rustfmt
@@ -80,15 +77,14 @@ jobs:
      run:
        working-directory: codex-rs
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
        with:
-          tool: cargo-shear@1.11.2
+          tool: cargo-shear
+          version: 1.5.1
      - name: cargo shear
-        run: cargo shear --deny-warnings
+        run: cargo shear

  argument_comment_lint_package:
    name: Argument comment lint package
@@ -99,9 +95,7 @@ jobs:
      CARGO_DYLINT_VERSION: 5.0.0
      DYLINT_LINK_VERSION: 5.0.0
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
      - name: Install nightly argument-comment-lint toolchain
        shell: bash
@@ -115,7 +109,7 @@ jobs:
          rustup default nightly-2025-09-18
      - name: Cache cargo-dylint tooling
        id: cargo_dylint_cache
-        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cargo/bin/cargo-dylint
@@ -176,10 +170,8 @@ jobs:

          echo "No argument-comment-lint relevant changes."
          echo "run=false" >> "$GITHUB_OUTPUT"
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        if: ${{ steps.argument_comment_lint_gate.outputs.run == 'true' }}
-        with:
-          persist-credentials: false
      - name: Run argument comment lint on codex-rs via Bazel
        if: ${{ steps.argument_comment_lint_gate.outputs.run == 'true' }}
        uses: ./.github/actions/run-argument-comment-lint
@@ -211,25 +203,20 @@ jobs:

          # If nothing relevant changed (PR touching only root README, etc.),
          # declare success regardless of other jobs.
-          if [[ "${NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT}" != 'true' && "${NEEDS_CHANGED_OUTPUTS_CODEX}" != 'true' && "${NEEDS_CHANGED_OUTPUTS_WORKFLOWS}" != 'true' ]]; then
+          if [[ '${{ needs.changed.outputs.argument_comment_lint }}' != 'true' && '${{ needs.changed.outputs.codex }}' != 'true' && '${{ needs.changed.outputs.workflows }}' != 'true' ]]; then
            echo 'No relevant changes -> CI not required.'
            exit 0
          fi

-          if [[ "${NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT_PACKAGE}" == 'true' ]]; then
+          if [[ '${{ needs.changed.outputs.argument_comment_lint_package }}' == 'true' ]]; then
            [[ '${{ needs.argument_comment_lint_package.result }}' == 'success' ]] || { echo 'argument_comment_lint_package failed'; exit 1; }
          fi

-          if [[ "${NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT}" == 'true' || "${NEEDS_CHANGED_OUTPUTS_WORKFLOWS}" == 'true' ]]; then
+          if [[ '${{ needs.changed.outputs.argument_comment_lint }}' == 'true' || '${{ needs.changed.outputs.workflows }}' == 'true' ]]; then
            [[ '${{ needs.argument_comment_lint_prebuilt.result }}' == 'success' ]] || { echo 'argument_comment_lint_prebuilt failed'; exit 1; }
          fi

-          if [[ "${NEEDS_CHANGED_OUTPUTS_CODEX}" == 'true' || "${NEEDS_CHANGED_OUTPUTS_WORKFLOWS}" == 'true' ]]; then
+          if [[ '${{ needs.changed.outputs.codex }}' == 'true' || '${{ needs.changed.outputs.workflows }}' == 'true' ]]; then
            [[ '${{ needs.general.result }}' == 'success' ]] || { echo 'general failed'; exit 1; }
            [[ '${{ needs.cargo_shear.result }}' == 'success' ]] || { echo 'cargo_shear failed'; exit 1; }
          fi
-        env:
-          NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT: ${{ needs.changed.outputs.argument_comment_lint }}
-          NEEDS_CHANGED_OUTPUTS_CODEX: ${{ needs.changed.outputs.codex }}
-          NEEDS_CHANGED_OUTPUTS_WORKFLOWS: ${{ needs.changed.outputs.workflows }}
-          NEEDS_CHANGED_OUTPUTS_ARGUMENT_COMMENT_LINT_PACKAGE: ${{ needs.changed.outputs.argument_comment_lint_package }}
--- a/.github/workflows/rust-release-argument-comment-lint.yml
+++ b/.github/workflows/rust-release-argument-comment-lint.yml
@@ -56,9 +56,7 @@ jobs:
              labels: codex-windows-x64

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
        with:
@@ -102,7 +100,7 @@ jobs:
            (cd "${RUNNER_TEMP}" && tar -czf "$GITHUB_WORKSPACE/$archive_path" argument-comment-lint)
          fi

-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: argument-comment-lint-${{ matrix.target }}
          path: dist/argument-comment-lint/${{ matrix.target }}/*
--- a/.github/workflows/rust-release-prepare.yml
+++ b/.github/workflows/rust-release-prepare.yml
@@ -18,11 +18,10 @@ jobs:
    if: github.repository == 'openai/codex'
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
        with:
          ref: main
          fetch-depth: 0
-          persist-credentials: false

      - name: Update models.json
        env:
@@ -44,7 +43,7 @@ jobs:
          curl --http1.1 --fail --show-error --location "${headers[@]}" "${url}" | jq '.' > codex-rs/models-manager/models.json

      - name: Open pull request (if changed)
-        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
+        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8
        with:
          commit-message: "Update models.json"
          title: "Update models.json"
--- a/.github/workflows/rust-release-windows.yml
+++ b/.github/workflows/rust-release-windows.yml
@@ -83,9 +83,7 @@ jobs:
              labels: codex-windows-arm64

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - name: Print runner specs (Windows)
        shell: powershell
        run: |
@@ -114,7 +112,7 @@ jobs:
          cargo build --target ${{ matrix.target }} --release --timings "${build_args[@]}"

      - name: Upload Cargo timings
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: cargo-timings-rust-release-windows-${{ matrix.target }}-${{ matrix.bundle }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -130,7 +128,7 @@ jobs:
          done

      - name: Upload Windows binaries
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: windows-binaries-${{ matrix.target }}-${{ matrix.bundle }}
          path: |
@@ -167,24 +165,22 @@ jobs:
              labels: codex-windows-arm64

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Download prebuilt Windows primary binaries
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
        with:
          name: windows-binaries-${{ matrix.target }}-primary
          path: codex-rs/target/${{ matrix.target }}/release

      - name: Download prebuilt Windows helper binaries
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
        with:
          name: windows-binaries-${{ matrix.target }}-helpers
          path: codex-rs/target/${{ matrix.target }}/release

      - name: Download prebuilt Windows app-server binary
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
        with:
          name: windows-binaries-${{ matrix.target }}-app-server
          path: codex-rs/target/${{ matrix.target }}/release
@@ -285,7 +281,7 @@ jobs:
            "${GITHUB_WORKSPACE}/.github/workflows/zstd" -T0 -19 "$dest/$base"
          done

-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: ${{ matrix.target }}
          path: |
--- a/.github/workflows/rust-release-zsh.yml
+++ b/.github/workflows/rust-release-zsh.yml
@@ -45,9 +45,7 @@ jobs:
            git \
            libncursesw5-dev

-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Build, smoke-test, and stage zsh artifact
        shell: bash
@@ -55,7 +53,7 @@ jobs:
          "${GITHUB_WORKSPACE}/.github/scripts/build-zsh-release-artifact.sh" \
            "dist/zsh/${{ matrix.target }}/${{ matrix.archive_name }}"

-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: codex-zsh-${{ matrix.target }}
          path: dist/zsh/${{ matrix.target }}/*
@@ -83,9 +81,7 @@ jobs:
            brew install autoconf
          fi

-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Build, smoke-test, and stage zsh artifact
        shell: bash
@@ -93,7 +89,7 @@ jobs:
          "${GITHUB_WORKSPACE}/.github/scripts/build-zsh-release-artifact.sh" \
            "dist/zsh/${{ matrix.target }}/${{ matrix.archive_name }}"

-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: codex-zsh-${{ matrix.target }}
          path: dist/zsh/${{ matrix.target }}/*
--- a/.github/workflows/rust-release.yml
+++ b/.github/workflows/rust-release.yml
@@ -19,9 +19,7 @@ jobs:
  tag-check:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
      - name: Validate tag matches Cargo.toml version
        shell: bash
@@ -120,9 +118,7 @@ jobs:
            build_dmg: "false"

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - name: Print runner specs (Linux)
        if: ${{ runner.os == 'Linux' }}
        shell: bash
@@ -185,10 +181,9 @@ jobs:

      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
        name: Install Zig
-        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2.2.1
+        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2
        with:
          version: 0.14.0
-          use-cache: false

      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
        name: Install musl build tools
@@ -289,7 +284,7 @@ jobs:
          cargo build --target ${{ matrix.target }} --release --timings "${build_args[@]}"

      - name: Upload Cargo timings
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: cargo-timings-rust-release-${{ matrix.target }}-${{ matrix.bundle }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -435,7 +430,7 @@ jobs:
            zstd -T0 -19 --rm "$dest/$base"
          done

-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
          name: ${{ matrix.artifact_name }}
          # Upload the per-binary .zst files, .tar.gz equivalents, and any
@@ -481,9 +476,7 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Generate release notes from tag commit message
        id: release_notes
@@ -505,7 +498,7 @@ jobs:

          echo "path=${notes_path}" >> "${GITHUB_OUTPUT}"

-      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
        with:
          path: dist

@@ -560,7 +553,7 @@ jobs:
          run_install: false

      - name: Setup Node.js for npm packaging
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
        with:
          node-version: 22

@@ -586,7 +579,7 @@ jobs:
          cp scripts/install/install.ps1 dist/install.ps1

      - name: Create GitHub Release
-        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2
        with:
          name: ${{ steps.release_name.outputs.name }}
          tag_name: ${{ github.ref_name }}
@@ -645,7 +638,7 @@ jobs:

    steps:
      - name: Setup Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
        with:
          # Node 24 bundles npm >= 11.5.1, which trusted publishing requires.
          node-version: 24
--- a/.github/workflows/rusty-v8-release.yml
+++ b/.github/workflows/rusty-v8-release.yml
@@ -17,12 +17,10 @@ jobs:
      v8_version: ${{ steps.v8_version.outputs.version }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.12"

@@ -46,14 +44,14 @@ jobs:
          expected_release_tag="rusty-v8-v${V8_VERSION}"
          release_tag="${GITHUB_REF_NAME}"
          if [[ "${release_tag}" != "${expected_release_tag}" ]]; then
-            echo "Tag ${release_tag} does not match resolved v8 crate version ${V8_VERSION}." >&2
+            echo "Tag ${release_tag} does not match expected release tag ${expected_release_tag}." >&2
            exit 1
          fi

          echo "release_tag=${release_tag}" >> "$GITHUB_OUTPUT"

  build:
-    name: Build ${{ matrix.target }}
+    name: Build ${{ matrix.variant }} ${{ matrix.target }}
    needs: metadata
    runs-on: ${{ matrix.runner }}
    permissions:
@@ -64,16 +62,68 @@ jobs:
      matrix:
        include:
          - runner: ubuntu-24.04
-            platform: linux_amd64_musl
-            target: x86_64-unknown-linux-musl
+            bazel_config: ci-v8
+            platform: linux_amd64
+            sandbox: true
+            target: x86_64-unknown-linux-gnu
+            variant: ptrcomp-sandbox
          - runner: ubuntu-24.04-arm
+            bazel_config: ci-v8
+            platform: linux_arm64
+            sandbox: true
+            target: aarch64-unknown-linux-gnu
+            variant: ptrcomp-sandbox
+          - runner: macos-15-xlarge
+            bazel_config: ci-macos
+            platform: macos_amd64
+            sandbox: true
+            target: x86_64-apple-darwin
+            variant: ptrcomp-sandbox
+          - runner: macos-15-xlarge
+            bazel_config: ci-macos
+            platform: macos_arm64
+            sandbox: true
+            target: aarch64-apple-darwin
+            variant: ptrcomp-sandbox
+          - runner: ubuntu-24.04
+            bazel_config: ci-v8
+            platform: linux_amd64_musl
+            sandbox: false
+            target: x86_64-unknown-linux-musl
+            variant: release
+          - runner: ubuntu-24.04-arm
+            bazel_config: ci-v8
            platform: linux_arm64_musl
+            sandbox: false
            target: aarch64-unknown-linux-musl
+            variant: release
+          - runner: ubuntu-24.04
+            bazel_config: ci-v8
+            platform: linux_amd64_musl
+            sandbox: true
+            target: x86_64-unknown-linux-musl
+            variant: ptrcomp-sandbox
+          - runner: ubuntu-24.04-arm
+            bazel_config: ci-v8
+            platform: linux_arm64_musl
+            sandbox: true
+            target: aarch64-unknown-linux-musl
+            variant: ptrcomp-sandbox
+          - runner: ubuntu-24.04
+            bazel_config: ci-v8
+            platform: windows_amd64
+            sandbox: true
+            target: x86_64-pc-windows-msvc
+            variant: ptrcomp-sandbox
+          - runner: ubuntu-24.04-arm
+            bazel_config: ci-v8
+            platform: windows_arm64
+            sandbox: true
+            target: aarch64-pc-windows-msvc
+            variant: ptrcomp-sandbox

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Set up Bazel
        uses: ./.github/actions/setup-bazel-ci
@@ -81,7 +131,7 @@ jobs:
          target: ${{ matrix.target }}

      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.12"

@@ -89,57 +139,70 @@ jobs:
        env:
          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
          PLATFORM: ${{ matrix.platform }}
+          SANDBOX: ${{ matrix.sandbox }}
          TARGET: ${{ matrix.target }}
        shell: bash
        run: |
          set -euo pipefail

          target_suffix="${TARGET//-/_}"
-          pair_target="//third_party/v8:rusty_v8_release_pair_${target_suffix}"
-          extra_targets=()
-          if [[ "${TARGET}" == *-unknown-linux-musl ]]; then
-            extra_targets=(
-              "@llvm//runtimes/libcxx:libcxx.static"
-              "@llvm//runtimes/libcxx:libcxxabi.static"
-            )
+          pair_kind="release_pair"
+          if [[ "${SANDBOX}" == "true" ]]; then
+            pair_kind="sandbox_release_pair"
          fi
+          pair_target="//third_party/v8:rusty_v8_${pair_kind}_${target_suffix}"

          bazel_args=(
            build
            -c
            opt
            "--platforms=@llvm//platforms:${PLATFORM}"
-            --config=v8-release-compat
            "${pair_target}"
-            "${extra_targets[@]}"
            --build_metadata=COMMIT_SHA=$(git rev-parse HEAD)
          )
+          if [[ "${TARGET}" == *-unknown-linux-* ]]; then
+            bazel_args+=(
+              "@llvm//runtimes/libcxx:libcxx.static"
+              "@llvm//runtimes/libcxx:libcxxabi.static"
+            )
+          fi
+          if [[ "${SANDBOX}" != "true" ]]; then
+            bazel_args+=(--config=v8-release-compat)
+          fi

          bazel \
            --noexperimental_remote_repo_contents_cache \
            "${bazel_args[@]}" \
-            --config=ci-v8 \
+            "--config=${{ matrix.bazel_config }}" \
            "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"

      - name: Stage release pair
        env:
          PLATFORM: ${{ matrix.platform }}
+          SANDBOX: ${{ matrix.sandbox }}
          TARGET: ${{ matrix.target }}
        shell: bash
        run: |
          set -euo pipefail

-          python3 .github/scripts/rusty_v8_bazel.py stage-release-pair \
-            --platform "${PLATFORM}" \
-            --target "${TARGET}" \
-            --compilation-mode opt \
-            --bazel-config v8-release-compat \
+          stage_args=(
+            --platform "${PLATFORM}"
+            --target "${TARGET}"
+            --compilation-mode opt
            --output-dir "dist/${TARGET}"
+          )
+          if [[ "${SANDBOX}" == "true" ]]; then
+            stage_args+=(--sandbox)
+          else
+            stage_args+=(--bazel-config v8-release-compat)
+          fi

-      - name: Upload staged musl artifacts
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+          python3 .github/scripts/rusty_v8_bazel.py stage-release-pair "${stage_args[@]}"
+
+      - name: Upload staged artifacts
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
-          name: rusty-v8-${{ needs.metadata.outputs.v8_version }}-${{ matrix.target }}
+          name: rusty-v8-${{ needs.metadata.outputs.v8_version }}-${{ matrix.variant }}-${{ matrix.target }}
          path: dist/${{ matrix.target }}/*

  publish-release:
@@ -152,7 +215,8 @@ jobs:
      actions: read

    steps:
-      - name: Ensure release tag is new
+      - name: Check whether release already exists
+        id: release
        env:
          GH_TOKEN: ${{ github.token }}
          RELEASE_TAG: ${{ needs.metadata.outputs.release_tag }}
@@ -161,19 +225,35 @@ jobs:
          set -euo pipefail

          if gh release view "${RELEASE_TAG}" --repo "${GITHUB_REPOSITORY}" > /dev/null 2>&1; then
-            echo "Release tag ${RELEASE_TAG} already exists; musl artifact tags are immutable." >&2
-            exit 1
+            echo "exists=true" >> "${GITHUB_OUTPUT}"
+          else
+            echo "exists=false" >> "${GITHUB_OUTPUT}"
          fi

-      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
        with:
          path: dist

      - name: Create GitHub Release
-        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
+        if: ${{ steps.release.outputs.exists != 'true' }}
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2
        with:
          tag_name: ${{ needs.metadata.outputs.release_tag }}
          name: ${{ needs.metadata.outputs.release_tag }}
          files: dist/**
          # Keep V8 artifact releases out of Codex's normal "latest release" channel.
          prerelease: true
+
+      - name: Amend existing GitHub Release with sandbox artifacts
+        if: ${{ steps.release.outputs.exists == 'true' }}
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2
+        with:
+          tag_name: ${{ needs.metadata.outputs.release_tag }}
+          name: ${{ needs.metadata.outputs.release_tag }}
+          files: |
+            dist/**/librusty_v8_ptrcomp_sandbox_release_*.a.gz
+            dist/**/src_binding_ptrcomp_sandbox_release_*.rs
+            dist/**/rusty_v8_ptrcomp_sandbox_release_*.sha256
+          overwrite_files: true
+          # Keep V8 artifact releases out of Codex's normal "latest release" channel.
+          prerelease: true
--- a/.github/workflows/sdk.yml
+++ b/.github/workflows/sdk.yml
@@ -13,9 +13,7 @@ jobs:
    timeout-minutes: 10
    steps:
      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Install Linux bwrap build dependencies
        shell: bash
@@ -30,7 +28,7 @@ jobs:
          run_install: false

      - name: Setup Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
        with:
          node-version: 22
          cache: pnpm
@@ -117,7 +115,7 @@ jobs:
      - name: Save bazel repository cache
        if: always() && !cancelled() && steps.setup_bazel.outputs.cache-hit != 'true'
        continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
        with:
          path: |
            ~/.cache/bazel-repo-cache
--- a/.github/workflows/v8-canary.yml
+++ b/.github/workflows/v8-canary.yml
@@ -40,12 +40,10 @@ jobs:
      v8_version: ${{ steps.v8_version.outputs.version }}

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.12"

@@ -69,16 +67,56 @@ jobs:
      matrix:
        include:
          - runner: ubuntu-24.04
-            platform: linux_amd64_musl
-            target: x86_64-unknown-linux-musl
+            bazel_config: ci-v8
+            platform: linux_amd64
+            sandbox: true
+            target: x86_64-unknown-linux-gnu
+            variant: ptrcomp-sandbox
          - runner: ubuntu-24.04-arm
+            bazel_config: ci-v8
+            platform: linux_arm64
+            sandbox: true
+            target: aarch64-unknown-linux-gnu
+            variant: ptrcomp-sandbox
+          - runner: macos-15-xlarge
+            bazel_config: ci-macos
+            platform: macos_amd64
+            sandbox: true
+            target: x86_64-apple-darwin
+            variant: ptrcomp-sandbox
+          - runner: macos-15-xlarge
+            bazel_config: ci-macos
+            platform: macos_arm64
+            sandbox: true
+            target: aarch64-apple-darwin
+            variant: ptrcomp-sandbox
+          - runner: ubuntu-24.04
+            bazel_config: ci-v8
+            platform: linux_amd64_musl
+            sandbox: false
+            target: x86_64-unknown-linux-musl
+            variant: release
+          - runner: ubuntu-24.04
+            bazel_config: ci-v8
+            platform: linux_amd64_musl
+            sandbox: true
+            target: x86_64-unknown-linux-musl
+            variant: ptrcomp-sandbox
+          - runner: ubuntu-24.04-arm
+            bazel_config: ci-v8
            platform: linux_arm64_musl
+            sandbox: false
            target: aarch64-unknown-linux-musl
+            variant: release
+          - runner: ubuntu-24.04-arm
+            bazel_config: ci-v8
+            platform: linux_arm64_musl
+            sandbox: true
+            target: aarch64-unknown-linux-musl
+            variant: ptrcomp-sandbox

    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6

      - name: Set up Bazel
        uses: ./.github/actions/setup-bazel-ci
@@ -86,7 +124,7 @@ jobs:
          target: ${{ matrix.target }}

      - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
        with:
          python-version: "3.12"

@@ -94,49 +132,65 @@ jobs:
        env:
          BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }}
          PLATFORM: ${{ matrix.platform }}
+          SANDBOX: ${{ matrix.sandbox }}
          TARGET: ${{ matrix.target }}
        shell: bash
        run: |
          set -euo pipefail

          target_suffix="${TARGET//-/_}"
-          pair_target="//third_party/v8:rusty_v8_release_pair_${target_suffix}"
-          extra_targets=(
-            "@llvm//runtimes/libcxx:libcxx.static"
-            "@llvm//runtimes/libcxx:libcxxabi.static"
-          )
+          pair_kind="release_pair"
+          if [[ "${SANDBOX}" == "true" ]]; then
+            pair_kind="sandbox_release_pair"
+          fi
+          pair_target="//third_party/v8:rusty_v8_${pair_kind}_${target_suffix}"

          bazel_args=(
            build
            "--platforms=@llvm//platforms:${PLATFORM}"
-            --config=v8-release-compat
            "${pair_target}"
-            "${extra_targets[@]}"
            --build_metadata=COMMIT_SHA=$(git rev-parse HEAD)
          )
+          if [[ "${TARGET}" == *-unknown-linux-* ]]; then
+            bazel_args+=(
+              "@llvm//runtimes/libcxx:libcxx.static"
+              "@llvm//runtimes/libcxx:libcxxabi.static"
+            )
+          fi
+          if [[ "${SANDBOX}" != "true" ]]; then
+            bazel_args+=(--config=v8-release-compat)
+          fi

          bazel \
            --noexperimental_remote_repo_contents_cache \
            "${bazel_args[@]}" \
-            --config=ci-v8 \
+            "--config=${{ matrix.bazel_config }}" \
            "--remote_header=x-buildbuddy-api-key=${BUILDBUDDY_API_KEY}"

      - name: Stage release pair
        env:
          PLATFORM: ${{ matrix.platform }}
+          SANDBOX: ${{ matrix.sandbox }}
          TARGET: ${{ matrix.target }}
        shell: bash
        run: |
          set -euo pipefail

-          python3 .github/scripts/rusty_v8_bazel.py stage-release-pair \
-            --platform "${PLATFORM}" \
-            --target "${TARGET}" \
-            --bazel-config v8-release-compat \
+          stage_args=(
+            --platform "${PLATFORM}"
+            --target "${TARGET}"
            --output-dir "dist/${TARGET}"
+          )
+          if [[ "${SANDBOX}" == "true" ]]; then
+            stage_args+=(--sandbox)
+          else
+            stage_args+=(--bazel-config v8-release-compat)
+          fi
+
+          python3 .github/scripts/rusty_v8_bazel.py stage-release-pair "${stage_args[@]}"

      - name: Upload staged musl artifacts
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
        with:
-          name: v8-canary-${{ needs.metadata.outputs.v8_version }}-${{ matrix.target }}
+          name: v8-canary-${{ needs.metadata.outputs.v8_version }}-${{ matrix.variant }}-${{ matrix.target }}
          path: dist/${{ matrix.target }}/*
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -26,7 +26,7 @@ In the codex-rs folder where the rust code lives:
  - Implementations may still use `async fn foo(&self, ...) -> T` when they satisfy that contract.
  - Do not use `#[allow(async_fn_in_trait)]` as a shortcut around spelling the future contract explicitly.
 - When writing tests, prefer comparing the equality of entire objects over fields one by one.
- Do not add general product or user-facing documentation to the `docs/` folder. The official Codex documentation lives elsewhere. The exception is app-server API documentation, which is covered by the app-server guidance below.
+- When making a change that adds or changes an API, ensure that the documentation in the `docs/` folder is up to date if applicable.
 - Prefer private modules and explicitly exported public crate API.
 - If you change `ConfigToml` or nested config types, run `just write-config-schema` to update `codex-rs/core/config.schema.json`.
 - When working with MCP tool calls, prefer using `codex-rs/codex-mcp/src/mcp_connection_manager.rs` to handle mutation of tools and tool calls. Aim to minimize the footprint of changes and leverage existing abstractions rather than plumbing code through multiple levels of function calls.
@@ -130,7 +130,7 @@ When UI or text output changes intentionally, update the snapshots as follows:

 If you don’t have the tool:

- `cargo install --locked cargo-insta`
+- `cargo install cargo-insta`

 ### Test assertions

@@ -210,7 +210,7 @@ These guidelines apply to app-server protocol work in `codex-rs`, especially:

 ### Development Workflow

- Update app-server docs/examples when API behavior changes (at minimum `app-server/README.md`).
+- Update docs/examples when API behavior changes (at minimum `app-server/README.md`).
 - Regenerate schema fixtures when API shapes change:
  `just write-app-server-schema`
  (and `just write-app-server-schema --experimental` when experimental API fixtures are affected).
--- a/MODULE.bazel
+++ b/MODULE.bazel
@@ -407,18 +407,18 @@ crate.annotation(

 inject_repo(crate, "alsa_lib")

-bazel_dep(name = "v8", version = "14.6.202.9")
+bazel_dep(name = "v8", version = "14.7.173.20")
 archive_override(
    module_name = "v8",
-    integrity = "sha256-JphDwLAzsd9KvgRZ7eQvNtPU6qGd3XjFt/a/1QITAJU=",
+    integrity = "sha256-v/x6I4X38a2wckzUIft3Dh0SUdkuOTokwxyF7lzW8Lc=",
    patch_strip = 3,
    patches = [
        "//patches:v8_module_deps.patch",
        "//patches:v8_bazel_rules.patch",
        "//patches:v8_source_portability.patch",
    ],
-    strip_prefix = "v8-14.6.202.9",
-    urls = ["https://github.com/v8/v8/archive/refs/tags/14.6.202.9.tar.gz"],
+    strip_prefix = "v8-14.7.173.20",
+    urls = ["https://github.com/v8/v8/archive/refs/tags/14.7.173.20.tar.gz"],
 )

 http_archive(
@@ -430,6 +430,15 @@ http_archive(
    urls = ["https://static.crates.io/crates/v8/v8-146.4.0.crate"],
 )

+http_archive(
+    name = "v8_crate_147_4_0",
+    build_file = "//third_party/v8:v8_crate.BUILD.bazel",
+    sha256 = "2df8fffd507fb18ed000673a83d937f58e60fb07f3306b2274284125b15137cd",
+    strip_prefix = "v8-147.4.0",
+    type = "tar.gz",
+    urls = ["https://static.crates.io/crates/v8/v8-147.4.0.crate"],
+)
+
 http_file(
    name = "rusty_v8_146_4_0_aarch64_apple_darwin_archive",
    downloaded_file_path = "librusty_v8_release_aarch64-apple-darwin.a.gz",
--- a/MODULE.bazel.lock
+++ b/MODULE.bazel.lock
--- a/codex-rs/Cargo.lock
+++ b/codex-rs/Cargo.lock
@@ -757,7 +757,6 @@ checksum = "96571e6996817bf3d58f6b569e4b9fd2e9d2fcf9f7424eed07b2ce9bb87535e5"
 dependencies = [
 "aws-credential-types",
 "aws-runtime",
- "aws-sdk-signin",
 "aws-sdk-sso",
 "aws-sdk-ssooidc",
 "aws-sdk-sts",
@@ -768,20 +767,15 @@ dependencies = [
 "aws-smithy-runtime-api",
 "aws-smithy-types",
 "aws-types",
- "base64-simd",
 "bytes",
 "fastrand",
 "hex",
 "http 1.4.0",
- "p256",
- "rand 0.8.5",
 "ring",
- "sha2",
 "time",
 "tokio",
 "tracing",
 "url",
- "uuid",
 "zeroize",
 ]

@@ -844,28 +838,6 @@ dependencies = [
 "uuid",
 ]

-[[package]]
-name = "aws-sdk-signin"
-version = "1.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c084bd63941916e1348cb8d9e05ac2e49bdd40a380e9167702683184c6c6be53"
-dependencies = [
- "aws-credential-types",
- "aws-runtime",
- "aws-smithy-async",
- "aws-smithy-http",
- "aws-smithy-json",
- "aws-smithy-runtime",
- "aws-smithy-runtime-api",
- "aws-smithy-types",
- "aws-types",
- "bytes",
- "fastrand",
- "http 0.2.12",
- "regex-lite",
- "tracing",
-]
-
 [[package]]
 name = "aws-sdk-sso"
 version = "1.91.0"
@@ -1518,9 +1490,9 @@ checksum = "ade8366b8bd5ba243f0a58f036cc0ca8a2f069cff1a2351ef1cac6b083e16fc0"

 [[package]]
 name = "calendrical_calculations"
-version = "0.2.3"
+version = "0.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3a0b39595c6ee54a8d0900204ba4c401d0ab4eb45adaf07178e8d017541529e7"
+checksum = "5abbd6eeda6885048d357edc66748eea6e0268e3dd11f326fff5bd248d779c26"
 dependencies = [
 "core_maths",
 "displaydoc",
@@ -1894,6 +1866,7 @@ dependencies = [
 "codex-config",
 "codex-core",
 "codex-core-plugins",
+ "codex-device-key",
 "codex-exec-server",
 "codex-external-agent-migration",
 "codex-external-agent-sessions",
@@ -2158,10 +2131,10 @@ name = "codex-builtin-mcps"
 version = "0.0.0"
 dependencies = [
 "anyhow",
+ "codex-config",
 "codex-memories-mcp",
 "codex-utils-absolute-path",
 "pretty_assertions",
- "tokio",
 ]

 [[package]]
@@ -2209,6 +2182,7 @@ dependencies = [
 "codex-app-server-protocol",
 "codex-app-server-test-client",
 "codex-arg0",
+ "codex-builtin-mcps",
 "codex-chatgpt",
 "codex-cloud-tasks",
 "codex-config",
@@ -2441,11 +2415,7 @@ dependencies = [
 "codex-app-server-protocol",
 "pretty_assertions",
 "serde",
- "serde_json",
- "sha1",
- "tempfile",
 "tokio",
- "tracing",
 "urlencoding",
 ]

@@ -2463,6 +2433,7 @@ dependencies = [
 "bm25",
 "chrono",
 "clap",
+ "codex-agent-graph-store",
 "codex-analytics",
 "codex-api",
 "codex-app-server-protocol",
@@ -2599,7 +2570,6 @@ dependencies = [
 "codex-core-skills",
 "codex-exec-server",
 "codex-git-utils",
- "codex-hooks",
 "codex-login",
 "codex-model-provider",
 "codex-otel",
@@ -2668,6 +2638,22 @@ dependencies = [
 "serde_json",
 ]

+[[package]]
+name = "codex-device-key"
+version = "0.0.0"
+dependencies = [
+ "async-trait",
+ "base64 0.22.1",
+ "p256",
+ "pretty_assertions",
+ "rand 0.9.3",
+ "serde",
+ "serde_json",
+ "thiserror 2.0.18",
+ "tokio",
+ "url",
+]
+
 [[package]]
 name = "codex-exec"
 version = "0.0.0"
@@ -2744,7 +2730,6 @@ dependencies = [
 "tokio",
 "tokio-tungstenite",
 "tokio-util",
- "toml 0.9.11+spec-1.1.0",
 "tracing",
 "uuid",
 "wiremock",
@@ -3335,6 +3320,7 @@ dependencies = [
 "codex-utils-absolute-path",
 "codex-utils-image",
 "codex-utils-string",
+ "codex-utils-template",
 "encoding_rs",
 "globset",
 "http 1.4.0",
@@ -3641,11 +3627,16 @@ dependencies = [
 "codex-rollout",
 "codex-state",
 "pretty_assertions",
+ "prost 0.14.3",
 "serde",
 "serde_json",
 "tempfile",
 "thiserror 2.0.18",
 "tokio",
+ "tokio-stream",
+ "tonic",
+ "tonic-prost",
+ "tonic-prost-build",
 "tracing",
 "uuid",
 ]
@@ -4284,7 +4275,6 @@ dependencies = [
 "reqwest",
 "serde_json",
 "shlex",
- "similar",
 "tempfile",
 "tokio",
 "tokio-tungstenite",
@@ -4994,9 +4984,9 @@ dependencies = [

 [[package]]
 name = "diplomat"
-version = "0.14.0"
+version = "0.15.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9adb46b05e2f53dcf6a7dfc242e4ce9eb60c369b6b6eb10826a01e93167f59c6"
+checksum = "7935649d00000f5c5d735448ad3dc07b9738160727017914cf42138b8e8e6611"
 dependencies = [
 "diplomat_core",
 "proc-macro2",
@@ -5006,15 +4996,15 @@ dependencies = [

 [[package]]
 name = "diplomat-runtime"
-version = "0.14.0"
+version = "0.15.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0569bd3caaf13829da7ee4e83dbf9197a0e1ecd72772da6d08f0b4c9285c8d29"
+checksum = "970ac38ad677632efcee6d517e783958da9bc78ec206d8d5e35b459ffc5e4864"

 [[package]]
 name = "diplomat_core"
-version = "0.14.0"
+version = "0.15.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "51731530ed7f2d4495019abc7df3744f53338e69e2863a6a64ae91821c763df1"
+checksum = "9cf41b94101a4bce993febaf0098092b0bb31deaf0ecaf6e0a2562465f61b383"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -5564,9 +5554,9 @@ dependencies = [

 [[package]]
 name = "fixed_decimal"
-version = "0.7.1"
+version = "0.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "35eabf480f94d69182677e37571d3be065822acfafd12f2f085db44fbbcc8e57"
+checksum = "79c3c892f121fff406e5dd6b28c1b30096b95111c30701a899d4f2b18da6d1bd"
 dependencies = [
 "displaydoc",
 "smallvec",
@@ -7409,9 +7399,9 @@ dependencies = [

 [[package]]
 name = "icu_calendar"
-version = "2.1.1"
+version = "2.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d6f0e52e009b6b16ba9c0693578796f2dd4aaa59a7f8f920423706714a89ac4e"
+checksum = "a2b2acc6263f494f1df50685b53ff8e57869e47d5c6fe39c23d518ae9a4f3e45"
 dependencies = [
 "calendrical_calculations",
 "displaydoc",
@@ -7425,18 +7415,19 @@ dependencies = [

 [[package]]
 name = "icu_calendar_data"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "527f04223b17edfe0bd43baf14a0cb1b017830db65f3950dc00224860a9a446d"
+checksum = "118577bcf3a0fa7c6ac0a7d6e951814da84ee56b9b1f68fb4d8d10b08cefaf4d"

 [[package]]
 name = "icu_collections"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4c6b649701667bbe825c3b7e6388cb521c23d88644678e83c0c4d0a621a34b43"
+checksum = "2984d1cd16c883d7935b9e07e44071dca8d917fd52ecc02c04d5fa0b5a3f191c"
 dependencies = [
 "displaydoc",
 "potential_utf",
+ "utf8_iter",
 "yoke",
 "zerofrom",
 "zerovec",
@@ -7444,14 +7435,16 @@ dependencies = [

 [[package]]
 name = "icu_decimal"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a38c52231bc348f9b982c1868a2af3195199623007ba2c7650f432038f5b3e8e"
+checksum = "288247df2e32aa776ac54fdd64de552149ac43cb840f2761811f0e8d09719dd4"
 dependencies = [
+ "displaydoc",
 "fixed_decimal",
 "icu_decimal_data",
 "icu_locale",
 "icu_locale_core",
+ "icu_plurals",
 "icu_provider",
 "writeable",
 "zerovec",
@@ -7459,15 +7452,15 @@ dependencies = [

 [[package]]
 name = "icu_decimal_data"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2905b4044eab2dd848fe84199f9195567b63ab3a93094711501363f63546fef7"
+checksum = "6f14a5ca9e8af29eef62064f269078424283d90dbaffeac5225addf62aaabc22"

 [[package]]
 name = "icu_locale"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "532b11722e350ab6bf916ba6eb0efe3ee54b932666afec989465f9243fe6dd60"
+checksum = "d5a396343c7208121dc86e35623d3dfe19814a7613cfd14964994cdc9c9a2e26"
 dependencies = [
 "icu_collections",
 "icu_locale_core",
@@ -7480,9 +7473,9 @@ dependencies = [

 [[package]]
 name = "icu_locale_core"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "edba7861004dd3714265b4db54a3c390e880ab658fec5f7db895fae2046b5bb6"
+checksum = "92219b62b3e2b4d88ac5119f8904c10f8f61bf7e95b640d25ba3075e6cac2c29"
 dependencies = [
 "displaydoc",
 "litemap",
@@ -7494,15 +7487,15 @@ dependencies = [

 [[package]]
 name = "icu_locale_data"
-version = "2.1.2"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1c5f1d16b4c3a2642d3a719f18f6b06070ab0aef246a6418130c955ae08aa831"
+checksum = "d5fdcc9ac77c6d74ff5cf6e65ef3181d6af32003b16fce3a77fb451d2f695993"

 [[package]]
 name = "icu_normalizer"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5f6c8828b67bf8908d82127b2054ea1b4427ff0230ee9141c54251934ab1b599"
+checksum = "c56e5ee99d6e3d33bd91c5d85458b6005a22140021cc324cea84dd0e72cff3b4"
 dependencies = [
 "icu_collections",
 "icu_normalizer_data",
@@ -7514,15 +7507,34 @@ dependencies = [

 [[package]]
 name = "icu_normalizer_data"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7aedcccd01fc5fe81e6b489c15b247b8b0690feb23304303a9e560f37efc560a"
+checksum = "da3be0ae77ea334f4da67c12f149704f19f81d1adf7c51cf482943e84a2bad38"
+
+[[package]]
+name = "icu_plurals"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2a50023f1d49ad5c4333380328a0d4a19e4b9d6d842ec06639affd5ba47c8103"
+dependencies = [
+ "fixed_decimal",
+ "icu_locale",
+ "icu_plurals_data",
+ "icu_provider",
+ "zerovec",
+]
+
+[[package]]
+name = "icu_plurals_data"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8485497155dc865f901decb93ecc20d3e467df67bfeceb91e3ba34e2b11e8e1d"

 [[package]]
 name = "icu_properties"
-version = "2.1.2"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "020bfc02fe870ec3a66d93e677ccca0562506e5872c650f893269e08615d74ec"
+checksum = "bee3b67d0ea5c2cca5003417989af8996f8604e34fb9ddf96208a033901e70de"
 dependencies = [
 "icu_collections",
 "icu_locale_core",
@@ -7534,15 +7546,15 @@ dependencies = [

 [[package]]
 name = "icu_properties_data"
-version = "2.1.2"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "616c294cf8d725c6afcd8f55abc17c56464ef6211f9ed59cccffe534129c77af"
+checksum = "8e2bbb201e0c04f7b4b3e14382af113e17ba4f63e2c9d2ee626b720cbce54a14"

 [[package]]
 name = "icu_provider"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "85962cf0ce02e1e0a629cc34e7ca3e373ce20dda4c4d7294bbd0bf1fdb59e614"
+checksum = "139c4cf31c8b5f33d7e199446eff9c1e02decfc2f0eec2c8d71f65befa45b421"
 dependencies = [
 "displaydoc",
 "icu_locale_core",
@@ -8924,7 +8936,7 @@ version = "5.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "51e219e79014df21a225b1860a479e2dcd7cbd9130f4defd4bd0e191ea31d67d"
 dependencies = [
- "base64 0.21.7",
+ "base64 0.22.1",
 "chrono",
 "getrandom 0.2.17",
 "http 1.4.0",
@@ -9392,7 +9404,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7d8fae84b431384b68627d0f9b3b1245fcf9f46f6c0e3dc902e9dce64edd1967"
 dependencies = [
 "libc",
- "windows-sys 0.45.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -10797,9 +10809,9 @@ dependencies = [

 [[package]]
 name = "resb"
-version = "0.1.1"
+version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6a067ab3b5ca3b4dc307d0de9cf75f9f5e6ca9717b192b2f28a36c83e5de9e76"
+checksum = "22d392791f3c6802a1905a509e9d1a6039cbbcb5e9e00e5a6d3661f7c874f390"
 dependencies = [
 "potential_utf",
 "serde_core",
@@ -12516,14 +12528,14 @@ dependencies = [

 [[package]]
 name = "temporal_capi"
-version = "0.1.2"
+version = "0.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a151e402c2bdb6a3a2a2f3f225eddaead2e7ce7dd5d3fa2090deb11b17aa4ed8"
+checksum = "8a2a1f001e756a9f5f2d175a9965c4c0b3a054f09f30de3a75ab49765f2deb36"
 dependencies = [
 "diplomat",
 "diplomat-runtime",
 "icu_calendar",
- "icu_locale",
+ "icu_locale_core",
 "num-traits",
 "temporal_rs",
 "timezone_provider",
@@ -12533,13 +12545,14 @@ dependencies = [

 [[package]]
 name = "temporal_rs"
-version = "0.1.2"
+version = "0.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "88afde3bd75d2fc68d77a914bece426aa08aa7649ffd0cdd4a11c3d4d33474d1"
+checksum = "9a902a45282e5175186b21d355efc92564601efe6e2d92818dc9e333d50bd4de"
 dependencies = [
+ "calendrical_calculations",
 "core_maths",
 "icu_calendar",
- "icu_locale",
+ "icu_locale_core",
 "ixdtf",
 "num-traits",
 "timezone_provider",
@@ -12756,9 +12769,9 @@ dependencies = [

 [[package]]
 name = "timezone_provider"
-version = "0.1.2"
+version = "0.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "df9ba0000e9e73862f3e7ca1ff159e2ddf915c9d8bb11e38a7874760f445d993"
+checksum = "c48f9b04628a2b813051e4dfe97c65281e49625eabd09ec343190e31e399a8c2"
 dependencies = [
 "tinystr",
 "zerotrie",
@@ -12789,9 +12802,9 @@ dependencies = [

 [[package]]
 name = "tinystr"
-version = "0.8.2"
+version = "0.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "42d3e9c45c09de15d06dd8acf5f4e0e399e85927b7f00711024eb7ae10fa4869"
+checksum = "c8323304221c2a851516f22236c5722a72eaa19749016521d6dff0824447d96d"
 dependencies = [
 "displaydoc",
 "serde_core",
@@ -13605,9 +13618,9 @@ dependencies = [

 [[package]]
 name = "v8"
-version = "146.4.0"
+version = "147.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d97bcac5cdc5a195a4813f1855a6bc658f240452aac36caa12fd6c6f16026ab1"
+checksum = "2df8fffd507fb18ed000673a83d937f58e60fb07f3306b2274284125b15137cd"
 dependencies = [
 "bindgen",
 "bitflags 2.10.0",
@@ -14036,7 +14049,7 @@ version = "0.1.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c2a7b1c03c876122aa43f3020e6c3c3ee5c05081c9a00739faf7503aeba10d22"
 dependencies = [
- "windows-sys 0.48.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -14757,9 +14770,9 @@ dependencies = [

 [[package]]
 name = "yoke"
-version = "0.8.1"
+version = "0.8.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "72d6e5c6afb84d73944e5cedb052c4680d5657337201555f9f2a16b7406d4954"
+checksum = "abe8c5fda708d9ca3df187cae8bfb9ceda00dd96231bed36e445a1a48e66f9ca"
 dependencies = [
 "stable_deref_trait",
 "yoke-derive",
@@ -14768,9 +14781,9 @@ dependencies = [

 [[package]]
 name = "yoke-derive"
-version = "0.8.1"
+version = "0.8.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b659052874eb698efe5b9e8cf382204678a0086ebf46982b79d6ca3182927e5d"
+checksum = "de844c262c8848816172cef550288e7dc6c7b7814b4ee56b3e1553f275f1858e"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -14903,20 +14916,21 @@ dependencies = [

 [[package]]
 name = "zerotrie"
-version = "0.2.3"
+version = "0.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2a59c17a5562d507e4b54960e8569ebee33bee890c70aa3fe7b97e85a9fd7851"
+checksum = "0f9152d31db0792fa83f70fb2f83148effb5c1f5b8c7686c3459e361d9bc20bf"
 dependencies = [
 "displaydoc",
 "yoke",
 "zerofrom",
+ "zerovec",
 ]

 [[package]]
 name = "zerovec"
-version = "0.11.5"
+version = "0.11.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6c28719294829477f525be0186d13efa9a3c602f7ec202ca9e353d310fb9a002"
+checksum = "90f911cbc359ab6af17377d242225f4d75119aec87ea711a880987b18cd7b239"
 dependencies = [
 "serde",
 "yoke",
@@ -14926,9 +14940,9 @@ dependencies = [

 [[package]]
 name = "zerovec-derive"
-version = "0.11.2"
+version = "0.11.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eadce39539ca5cb3985590102671f2567e659fca9666581ad3411d59207951f3"
+checksum = "625dc425cab0dca6dc3c3319506e6593dcb08a9f387ea3b284dbd52a92c40555"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -14999,9 +15013,9 @@ checksum = "3ff05f8caa9038894637571ae6b9e29466c1f4f829d26c9b28f869a29cbe3445"

 [[package]]
 name = "zoneinfo64"
-version = "0.2.1"
+version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bb2e5597efbe7c421da8a7fd396b20b571704e787c21a272eecf35dfe9d386f0"
+checksum = "ed6eb2607e906160c457fd573e9297e65029669906b9ac8fb1b5cd5e055f0705"
 dependencies = [
 "calendrical_calculations",
 "icu_locale_core",
--- a/codex-rs/Cargo.toml
+++ b/codex-rs/Cargo.toml
@@ -30,6 +30,7 @@ members = [
    "collaboration-mode-templates",
    "connectors",
    "config",
+    "device-key",
    "shell-command",
    "shell-escalation",
    "skills",
@@ -153,6 +154,7 @@ codex-core = { path = "core" }
 codex-core-api = { path = "core-api" }
 codex-core-plugins = { path = "core-plugins" }
 codex-core-skills = { path = "core-skills" }
+codex-device-key = { path = "device-key" }
 codex-exec = { path = "exec" }
 codex-file-system = { path = "file-system" }
 codex-exec-server = { path = "exec-server" }
@@ -317,6 +319,7 @@ os_info = "3.12.0"
 owo-colors = "4.3.0"
 path-absolutize = "3.1.1"
 pathdiff = "0.2"
+p256 = "0.13.2"
 portable-pty = "0.9.0"
 predicates = "3"
 pretty_assertions = "1.4.1"
@@ -405,7 +408,7 @@ unicode-width = "0.2"
 url = "2"
 urlencoding = "2.1"
 uuid = "1"
-v8 = "=146.4.0"
+v8 = "=147.4.0"
 vt100 = "0.16.2"
 walkdir = "2.5.0"
 webbrowser = "1.0"
@@ -464,21 +467,24 @@ unwrap_used = "deny"
 [workspace.metadata.cargo-shear]
 ignored = [
    "codex-agent-graph-store",
+    "codex-memories-mcp",
    "icu_provider",
    "openssl-sys",
+    "codex-utils-readiness",
+    "codex-utils-template",
    "codex-v8-poc",
 ]

 [profile.dev]
 # Keep line tables/backtraces while avoiding expensive full variable debug info
 # across local dev builds.
-debug = "limited"
+debug = 1

 [profile.dev-small]
 inherits = "dev"
 opt-level = 0
-debug = "none"
-strip = "symbols"
+debug = 0
+strip = true

 [profile.release]
 lto = "fat"
@@ -490,15 +496,8 @@ strip = "symbols"
 # See https://github.com/openai/codex/issues/1411 for details.
 codegen-units = 1

-[profile.profiling]
-inherits = "release"
-debug = "full"
-lto = false
-strip = false
-
 [profile.ci-test]
-# Reduce binary size to reduce disk pressure.
-debug = "limited"
+debug = 1         # Reduce debug symbol size
 inherits = "test"
 opt-level = 0

--- a/codex-rs/agent-graph-store/Cargo.toml
+++ b/codex-rs/agent-graph-store/Cargo.toml
@@ -7,7 +7,6 @@ version.workspace = true
 [lib]
 name = "codex_agent_graph_store"
 path = "src/lib.rs"
-doctest = false

 [lints]
 workspace = true
--- a/codex-rs/analytics/src/accepted_lines.rs
+++ b/codex-rs/analytics/src/accepted_lines.rs
@@ -1,298 +0,0 @@
-use crate::events::CodexAcceptedLineFingerprintsEventParams;
-use crate::events::CodexAcceptedLineFingerprintsEventRequest;
-use crate::events::TrackEventRequest;
-use crate::facts::AcceptedLineFingerprint;
-use codex_git_utils::canonicalize_git_remote_url;
-use codex_git_utils::get_git_remote_urls_assume_git_repo;
-use sha1::Digest;
-use std::path::Path;
-
-const ACCEPTED_LINE_FINGERPRINT_EVENT_TARGET_BYTES: usize = 2 * 1024 * 1024;
-const ACCEPTED_LINE_FINGERPRINT_EVENT_FIXED_BYTES: usize = 1024;
-
-#[derive(Clone, Debug, PartialEq, Eq)]
-pub struct AcceptedLineFingerprintSummary {
-    pub accepted_added_lines: u64,
-    pub accepted_deleted_lines: u64,
-    pub line_fingerprints: Vec<AcceptedLineFingerprint>,
-}
-
-pub(crate) struct AcceptedLineFingerprintEventInput {
-    pub(crate) event_type: &'static str,
-    pub(crate) turn_id: String,
-    pub(crate) thread_id: String,
-    pub(crate) product_surface: Option<String>,
-    pub(crate) model_slug: Option<String>,
-    pub(crate) completed_at: u64,
-    pub(crate) repo_hash: Option<String>,
-    pub(crate) accepted_added_lines: u64,
-    pub(crate) accepted_deleted_lines: u64,
-    pub(crate) line_fingerprints: Vec<AcceptedLineFingerprint>,
-}
-
-pub fn accepted_line_fingerprints_from_unified_diff(
-    unified_diff: &str,
-) -> AcceptedLineFingerprintSummary {
-    let mut current_path: Option<String> = None;
-    let mut in_hunk = false;
-    let mut accepted_added_lines = 0;
-    let mut accepted_deleted_lines = 0;
-    let mut line_fingerprints = Vec::new();
-
-    for line in unified_diff.lines() {
-        if line.starts_with("diff --git ") {
-            current_path = None;
-            in_hunk = false;
-            continue;
-        }
-
-        if line.starts_with("@@ ") {
-            in_hunk = true;
-            continue;
-        }
-
-        if !in_hunk && let Some(path) = line.strip_prefix("+++ ") {
-            current_path = normalize_diff_path(path);
-            continue;
-        }
-
-        if !in_hunk && line.starts_with("--- ") {
-            continue;
-        }
-
-        if let Some(added_line) = line.strip_prefix('+') {
-            accepted_added_lines += 1;
-            if let Some(path) = current_path.as_deref()
-                && let Some(normalized_line) = normalize_effective_line(added_line)
-            {
-                line_fingerprints.push(AcceptedLineFingerprint {
-                    path_hash: fingerprint_hash("path", path),
-                    line_hash: fingerprint_hash("line", &normalized_line),
-                });
-            }
-            continue;
-        }
-
-        if line.starts_with('-') {
-            accepted_deleted_lines += 1;
-        }
-    }
-
-    AcceptedLineFingerprintSummary {
-        accepted_added_lines,
-        accepted_deleted_lines,
-        line_fingerprints,
-    }
-}
-
-pub fn fingerprint_hash(domain: &str, value: &str) -> String {
-    let mut hasher = sha1::Sha1::new();
-    hasher.update(b"file-line-v1\0");
-    hasher.update(domain.as_bytes());
-    hasher.update(b"\0");
-    hasher.update(value.as_bytes());
-    format!("{:x}", hasher.finalize())
-}
-
-pub(crate) fn accepted_line_fingerprint_event_requests(
-    input: AcceptedLineFingerprintEventInput,
-) -> Vec<TrackEventRequest> {
-    let chunks = accepted_line_fingerprint_chunks(input.line_fingerprints);
-    chunks
-        .into_iter()
-        .enumerate()
-        .map(|(index, line_fingerprints)| {
-            let is_first_chunk = index == 0;
-            TrackEventRequest::AcceptedLineFingerprints(Box::new(
-                CodexAcceptedLineFingerprintsEventRequest {
-                    event_type: "codex_accepted_line_fingerprints",
-                    event_params: CodexAcceptedLineFingerprintsEventParams {
-                        event_type: input.event_type,
-                        turn_id: input.turn_id.clone(),
-                        thread_id: input.thread_id.clone(),
-                        product_surface: input.product_surface.clone(),
-                        model_slug: input.model_slug.clone(),
-                        completed_at: input.completed_at,
-                        repo_hash: input.repo_hash.clone(),
-                        accepted_added_lines: if is_first_chunk {
-                            input.accepted_added_lines
-                        } else {
-                            0
-                        },
-                        accepted_deleted_lines: if is_first_chunk {
-                            input.accepted_deleted_lines
-                        } else {
-                            0
-                        },
-                        line_fingerprints,
-                    },
-                },
-            ))
-        })
-        .collect()
-}
-
-pub async fn accepted_line_repo_hash_for_cwd(cwd: &Path) -> Option<String> {
-    let remotes = get_git_remote_urls_assume_git_repo(cwd).await?;
-    remotes
-        .get("origin")
-        .or_else(|| remotes.values().next())
-        .map(|remote_url| {
-            let canonical_remote_url =
-                canonicalize_git_remote_url(remote_url).unwrap_or_else(|| remote_url.to_string());
-            fingerprint_hash("repo", &canonical_remote_url)
-        })
-}
-
-fn normalize_diff_path(path: &str) -> Option<String> {
-    let path = path.trim();
-    if path == "/dev/null" {
-        return None;
-    }
-
-    Some(
-        path.strip_prefix("b/")
-            .or_else(|| path.strip_prefix("a/"))
-            .unwrap_or(path)
-            .to_string(),
-    )
-}
-
-fn normalize_effective_line(line: &str) -> Option<String> {
-    let normalized = line.split_whitespace().collect::<Vec<_>>().join(" ");
-    if normalized.len() <= 3 {
-        return None;
-    }
-    if !normalized
-        .chars()
-        .any(|ch| ch.is_alphanumeric() || ch == '_')
-    {
-        return None;
-    }
-    Some(normalized)
-}
-
-fn accepted_line_fingerprint_chunks(
-    line_fingerprints: Vec<AcceptedLineFingerprint>,
-) -> Vec<Vec<AcceptedLineFingerprint>> {
-    if line_fingerprints.is_empty() {
-        return vec![Vec::new()];
-    }
-
-    let mut chunks = Vec::new();
-    let mut current = Vec::new();
-    let mut current_bytes = ACCEPTED_LINE_FINGERPRINT_EVENT_FIXED_BYTES;
-
-    for fingerprint in line_fingerprints {
-        let item_bytes = accepted_line_fingerprint_json_bytes(&fingerprint);
-        let separator_bytes = usize::from(!current.is_empty());
-        if !current.is_empty()
-            && current_bytes + separator_bytes + item_bytes
-                > ACCEPTED_LINE_FINGERPRINT_EVENT_TARGET_BYTES
-        {
-            chunks.push(current);
-            current = Vec::new();
-            current_bytes = ACCEPTED_LINE_FINGERPRINT_EVENT_FIXED_BYTES;
-        }
-        current_bytes += usize::from(!current.is_empty()) + item_bytes;
-        current.push(fingerprint);
-    }
-
-    if !current.is_empty() {
-        chunks.push(current);
-    }
-    chunks
-}
-
-fn accepted_line_fingerprint_json_bytes(fingerprint: &AcceptedLineFingerprint) -> usize {
-    // {"path_hash":"...","line_hash":"..."} plus one byte of array comma
-    // accounted for by the caller when needed.
-    32 + fingerprint.path_hash.len() + fingerprint.line_hash.len()
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn parses_counts_and_effective_added_fingerprints() {
-        let diff = "\
-diff --git a/src/lib.rs b/src/lib.rs
-index 1111111..2222222
--- a/src/lib.rs
-+++ b/src/lib.rs
-@@ -1,3 +1,5 @@
-old line
-+fn useful() {
-+}
-+    return user.id;
- context
-";
-
-        let summary = accepted_line_fingerprints_from_unified_diff(diff);
-
-        assert_eq!(
-            summary,
-            AcceptedLineFingerprintSummary {
-                accepted_added_lines: 3,
-                accepted_deleted_lines: 1,
-                line_fingerprints: vec![
-                    AcceptedLineFingerprint {
-                        path_hash: fingerprint_hash("path", "src/lib.rs"),
-                        line_hash: fingerprint_hash("line", "fn useful() {"),
-                    },
-                    AcceptedLineFingerprint {
-                        path_hash: fingerprint_hash("path", "src/lib.rs"),
-                        line_hash: fingerprint_hash("line", "return user.id;"),
-                    },
-                ],
-            }
-        );
-    }
-
-    #[test]
-    fn skips_added_file_metadata_headers() {
-        let diff = "\
-diff --git a/new.py b/new.py
-new file mode 100644
-index 0000000..1111111
--- /dev/null
-+++ b/new.py
-@@ -0,0 +1 @@
-+print('hello')
-";
-
-        let summary = accepted_line_fingerprints_from_unified_diff(diff);
-
-        assert_eq!(summary.accepted_added_lines, 1);
-        assert_eq!(summary.accepted_deleted_lines, 0);
-        assert_eq!(summary.line_fingerprints.len(), 1);
-    }
-
-    #[test]
-    fn parses_hunk_lines_that_look_like_file_headers() {
-        let diff = "\
-diff --git a/src/lib.rs b/src/lib.rs
-index 1111111..2222222
--- a/src/lib.rs
-+++ b/src/lib.rs
-@@ -1,2 +1,2 @@
--- old value
-+++ new value
-";
-
-        let summary = accepted_line_fingerprints_from_unified_diff(diff);
-
-        assert_eq!(
-            summary,
-            AcceptedLineFingerprintSummary {
-                accepted_added_lines: 1,
-                accepted_deleted_lines: 1,
-                line_fingerprints: vec![AcceptedLineFingerprint {
-                    path_hash: fingerprint_hash("path", "src/lib.rs"),
-                    line_hash: fingerprint_hash("line", "++ new value"),
-                }],
-            }
-        );
-    }
-}
--- a/codex-rs/analytics/src/analytics_client_tests.rs
+++ b/codex-rs/analytics/src/analytics_client_tests.rs
@@ -1,7 +1,5 @@
 use crate::client::AnalyticsEventsQueue;
 use crate::events::AppServerRpcTransport;
-use crate::events::CodexAcceptedLineFingerprintsEventParams;
-use crate::events::CodexAcceptedLineFingerprintsEventRequest;
 use crate::events::CodexAppMentionedEventRequest;
 use crate::events::CodexAppServerClientMetadata;
 use crate::events::CodexAppUsedEventRequest;
@@ -14,6 +12,7 @@ use crate::events::CodexPluginUsedEventRequest;
 use crate::events::CodexRuntimeMetadata;
 use crate::events::CodexToolItemEventBase;
 use crate::events::CodexTurnEventRequest;
+use crate::events::CommandExecutionSource;
 use crate::events::GuardianApprovalRequestSource;
 use crate::events::GuardianReviewDecision;
 use crate::events::GuardianReviewEventParams;
@@ -30,7 +29,6 @@ use crate::events::codex_hook_run_metadata;
 use crate::events::codex_plugin_metadata;
 use crate::events::codex_plugin_used_metadata;
 use crate::events::subagent_thread_started_event_request;
-use crate::facts::AcceptedLineFingerprint;
 use crate::facts::AnalyticsFact;
 use crate::facts::AnalyticsJsonRpcError;
 use crate::facts::AppInvocation;
@@ -69,13 +67,8 @@ use codex_app_server_protocol::ClientInfo;
 use codex_app_server_protocol::ClientRequest;
 use codex_app_server_protocol::ClientResponsePayload;
 use codex_app_server_protocol::CodexErrorInfo;
-use codex_app_server_protocol::CommandAction;
-use codex_app_server_protocol::CommandExecutionSource;
-use codex_app_server_protocol::CommandExecutionStatus;
 use codex_app_server_protocol::InitializeCapabilities;
 use codex_app_server_protocol::InitializeParams;
-use codex_app_server_protocol::ItemCompletedNotification;
-use codex_app_server_protocol::ItemStartedNotification;
 use codex_app_server_protocol::JSONRPCErrorError;
 use codex_app_server_protocol::NonSteerableTurnKind;
 use codex_app_server_protocol::RequestId;
@@ -85,14 +78,12 @@ use codex_app_server_protocol::SessionSource as AppServerSessionSource;
 use codex_app_server_protocol::Thread;
 use codex_app_server_protocol::ThreadArchiveParams;
 use codex_app_server_protocol::ThreadArchiveResponse;
-use codex_app_server_protocol::ThreadItem;
 use codex_app_server_protocol::ThreadResumeResponse;
 use codex_app_server_protocol::ThreadSource as AppServerThreadSource;
 use codex_app_server_protocol::ThreadStartResponse;
 use codex_app_server_protocol::ThreadStatus as AppServerThreadStatus;
 use codex_app_server_protocol::Turn;
 use codex_app_server_protocol::TurnCompletedNotification;
-use codex_app_server_protocol::TurnDiffUpdatedNotification;
 use codex_app_server_protocol::TurnError as AppServerTurnError;
 use codex_app_server_protocol::TurnStartParams;
 use codex_app_server_protocol::TurnStartedNotification;
@@ -607,91 +598,6 @@ async fn ingest_turn_prerequisites(
    }
 }

-async fn ingest_tool_review_prerequisites(
-    reducer: &mut AnalyticsReducer,
-    events: &mut Vec<TrackEventRequest>,
-) {
-    reducer
-        .ingest(sample_initialize_fact(/*connection_id*/ 7), events)
-        .await;
-    reducer
-        .ingest(
-            AnalyticsFact::ClientResponse {
-                connection_id: 7,
-                request_id: RequestId::Integer(1),
-                response: Box::new(sample_thread_start_response(
-                    "thread-1", /*ephemeral*/ false, "gpt-5",
-                )),
-            },
-            events,
-        )
-        .await;
-    events.clear();
-}
-
-fn sample_initialize_fact(connection_id: u64) -> AnalyticsFact {
-    AnalyticsFact::Initialize {
-        connection_id,
-        params: InitializeParams {
-            client_info: ClientInfo {
-                name: "codex-tui".to_string(),
-                title: None,
-                version: "1.0.0".to_string(),
-            },
-            capabilities: Some(InitializeCapabilities {
-                experimental_api: false,
-                request_attestation: false,
-                opt_out_notification_methods: None,
-            }),
-        },
-        product_client_id: DEFAULT_ORIGINATOR.to_string(),
-        runtime: CodexRuntimeMetadata {
-            codex_rs_version: "0.99.0".to_string(),
-            runtime_os: "linux".to_string(),
-            runtime_os_version: "24.04".to_string(),
-            runtime_arch: "x86_64".to_string(),
-        },
-        rpc_transport: AppServerRpcTransport::Websocket,
-    }
-}
-
-fn sample_command_execution_item(
-    status: CommandExecutionStatus,
-    exit_code: Option<i32>,
-    duration_ms: Option<i64>,
-) -> ThreadItem {
-    ThreadItem::CommandExecution {
-        id: "item-1".to_string(),
-        command: "echo hi".to_string(),
-        cwd: test_path_buf("/tmp").abs(),
-        process_id: Some("pid-1".to_string()),
-        source: CommandExecutionSource::Agent,
-        status,
-        command_actions: Vec::new(),
-        aggregated_output: None,
-        exit_code,
-        duration_ms,
-    }
-}
-
-fn sample_command_execution_item_with_actions(
-    status: CommandExecutionStatus,
-    exit_code: Option<i32>,
-    duration_ms: Option<i64>,
-    command_actions: Vec<CommandAction>,
-) -> ThreadItem {
-    let mut item = sample_command_execution_item(status, exit_code, duration_ms);
-    let ThreadItem::CommandExecution {
-        command_actions: item_command_actions,
-        ..
-    } = &mut item
-    else {
-        unreachable!("sample command execution item should be CommandExecution");
-    };
-    *item_command_actions = command_actions;
-    item
-}
-
 fn expected_absolute_path(path: &PathBuf) -> String {
    std::fs::canonicalize(path)
        .unwrap_or_else(|_| path.to_path_buf())
@@ -832,206 +738,6 @@ fn app_used_event_serializes_expected_shape() {
    );
 }

-#[test]
-fn accepted_line_fingerprints_event_serializes_expected_shape() {
-    let event = TrackEventRequest::AcceptedLineFingerprints(Box::new(
-        CodexAcceptedLineFingerprintsEventRequest {
-            event_type: "codex_accepted_line_fingerprints",
-            event_params: CodexAcceptedLineFingerprintsEventParams {
-                event_type: "codex.accepted_line_fingerprints",
-                turn_id: "turn-1".to_string(),
-                thread_id: "thread-1".to_string(),
-                product_surface: Some("codex".to_string()),
-                model_slug: Some("gpt-5.1-codex".to_string()),
-                completed_at: 1710000000,
-                repo_hash: Some("repo-hash-1".to_string()),
-                accepted_added_lines: 42,
-                accepted_deleted_lines: 40,
-                line_fingerprints: vec![AcceptedLineFingerprint {
-                    path_hash: "path-hash-1".to_string(),
-                    line_hash: "line-hash-1".to_string(),
-                }],
-            },
-        },
-    ));
-
-    let payload = serde_json::to_value(&event).expect("serialize accepted line fingerprints event");
-
-    assert_eq!(
-        payload,
-        json!({
-            "event_type": "codex_accepted_line_fingerprints",
-            "event_params": {
-                "event_type": "codex.accepted_line_fingerprints",
-                "turn_id": "turn-1",
-                "thread_id": "thread-1",
-                "product_surface": "codex",
-                "model_slug": "gpt-5.1-codex",
-                "completed_at": 1710000000,
-                "repo_hash": "repo-hash-1",
-                "accepted_added_lines": 42,
-                "accepted_deleted_lines": 40,
-                "line_fingerprints": [
-                    {
-                        "path_hash": "path-hash-1",
-                        "line_hash": "line-hash-1"
-                    }
-                ]
-            }
-        })
-    );
-}
-
-#[tokio::test]
-async fn reducer_chunks_large_accepted_line_fingerprint_events_without_repeating_counts() {
-    let mut reducer = AnalyticsReducer::default();
-    let mut events = Vec::new();
-
-    ingest_turn_prerequisites(
-        &mut reducer,
-        &mut events,
-        /*include_initialize*/ true,
-        /*include_resolved_config*/ true,
-        /*include_started*/ true,
-        /*include_token_usage*/ true,
-    )
-    .await;
-    events.clear();
-
-    let mut diff = "\
-diff --git a/src/lib.rs b/src/lib.rs
-index 1111111..2222222
--- a/src/lib.rs
-+++ b/src/lib.rs
-@@ -0,0 +1,20000 @@
-"
-    .to_string();
-    for index in 0..20_000 {
-        diff.push_str(&format!("+let value_{index} = {index};\n"));
-    }
-
-    reducer
-        .ingest(
-            AnalyticsFact::Notification(Box::new(ServerNotification::TurnDiffUpdated(
-                TurnDiffUpdatedNotification {
-                    thread_id: "thread-2".to_string(),
-                    turn_id: "turn-2".to_string(),
-                    diff,
-                },
-            ))),
-            &mut events,
-        )
-        .await;
-    assert!(events.is_empty());
-
-    reducer
-        .ingest(
-            AnalyticsFact::Notification(Box::new(sample_turn_completed_notification(
-                "thread-2",
-                "turn-2",
-                AppServerTurnStatus::Completed,
-                /*codex_error_info*/ None,
-            ))),
-            &mut events,
-        )
-        .await;
-
-    let accepted_line_events = events
-        .iter()
-        .filter_map(|event| match event {
-            TrackEventRequest::AcceptedLineFingerprints(event) => Some(event),
-            _ => None,
-        })
-        .collect::<Vec<_>>();
-    assert!(accepted_line_events.len() > 1);
-    let mut total_fingerprints = 0;
-    for (index, event) in accepted_line_events.iter().enumerate() {
-        assert_eq!(event.event_params.turn_id, "turn-2");
-        assert_eq!(event.event_params.thread_id, "thread-2");
-        total_fingerprints += event.event_params.line_fingerprints.len();
-        if index == 0 {
-            assert_eq!(event.event_params.accepted_added_lines, 20_000);
-            assert_eq!(event.event_params.accepted_deleted_lines, 0);
-        } else {
-            assert_eq!(event.event_params.accepted_added_lines, 0);
-            assert_eq!(event.event_params.accepted_deleted_lines, 0);
-        }
-        assert!(serde_json::to_vec(event).expect("serialize chunk").len() < 2_100_000);
-    }
-    assert_eq!(total_fingerprints, 20_000);
-}
-
-#[tokio::test]
-async fn reducer_emits_accepted_line_fingerprints_once_from_latest_turn_diff_on_completion() {
-    let mut reducer = AnalyticsReducer::default();
-    let mut events = Vec::new();
-
-    ingest_turn_prerequisites(
-        &mut reducer,
-        &mut events,
-        /*include_initialize*/ true,
-        /*include_resolved_config*/ true,
-        /*include_started*/ true,
-        /*include_token_usage*/ true,
-    )
-    .await;
-    events.clear();
-
-    for line in ["let old_value = 1;", "let latest_value = 2;"] {
-        let diff = format!(
-            "\
-diff --git a/src/lib.rs b/src/lib.rs
-index 1111111..2222222
--- a/src/lib.rs
-+++ b/src/lib.rs
-@@ -0,0 +1 @@
-+{line}
-"
-        );
-        reducer
-            .ingest(
-                AnalyticsFact::Notification(Box::new(ServerNotification::TurnDiffUpdated(
-                    TurnDiffUpdatedNotification {
-                        thread_id: "thread-2".to_string(),
-                        turn_id: "turn-2".to_string(),
-                        diff,
-                    },
-                ))),
-                &mut events,
-            )
-            .await;
-    }
-    assert!(events.is_empty());
-
-    reducer
-        .ingest(
-            AnalyticsFact::Notification(Box::new(sample_turn_completed_notification(
-                "thread-2",
-                "turn-2",
-                AppServerTurnStatus::Completed,
-                /*codex_error_info*/ None,
-            ))),
-            &mut events,
-        )
-        .await;
-
-    let accepted_line_events = events
-        .iter()
-        .filter_map(|event| match event {
-            TrackEventRequest::AcceptedLineFingerprints(event) => Some(event),
-            _ => None,
-        })
-        .collect::<Vec<_>>();
-    assert_eq!(accepted_line_events.len(), 1);
-    let event = accepted_line_events[0];
-    assert_eq!(event.event_params.accepted_added_lines, 1);
-    assert_eq!(event.event_params.line_fingerprints.len(), 1);
-    assert_eq!(
-        event.event_params.line_fingerprints[0].line_hash,
-        crate::fingerprint_hash("line", "let latest_value = 2;")
-    );
-}
-
 #[test]
 fn compaction_event_serializes_expected_shape() {
    let event = TrackEventRequest::Compaction(Box::new(CodexCompactionEventRequest {
@@ -1217,14 +923,13 @@ fn command_execution_event_serializes_expected_shape() {
                    runtime_os_version: "15.3.1".to_string(),
                    runtime_arch: "aarch64".to_string(),
                },
-                thread_source: Some(ThreadSource::User),
+                thread_source: Some("user"),
                subagent_source: None,
                parent_thread_id: None,
                tool_name: "shell".to_string(),
                started_at_ms: 123_000,
                completed_at_ms: 125_000,
                duration_ms: Some(2000),
-                execution_duration_ms: Some(1900),
                review_count: 0,
                guardian_review_count: 0,
                user_review_count: 0,
@@ -1273,7 +978,6 @@ fn command_execution_event_serializes_expected_shape() {
                "started_at_ms": 123000,
                "completed_at_ms": 125000,
                "duration_ms": 2000,
-                "execution_duration_ms": 1900,
                "review_count": 0,
                "guardian_review_count": 0,
                "user_review_count": 0,
@@ -1327,7 +1031,6 @@ async fn initialize_caches_client_and_thread_lifecycle_publishes_once_initialize
                    },
                    capabilities: Some(InitializeCapabilities {
                        experimental_api: false,
-                        request_attestation: false,
                        opt_out_notification_methods: None,
                    }),
                },
@@ -1475,7 +1178,6 @@ async fn compaction_event_ingests_custom_fact() {
                    },
                    capabilities: Some(InitializeCapabilities {
                        experimental_api: false,
-                        request_attestation: false,
                        opt_out_notification_methods: None,
                    }),
                },
@@ -1589,7 +1291,6 @@ async fn guardian_review_event_ingests_custom_fact_with_optional_target_item() {
                    },
                    capabilities: Some(InitializeCapabilities {
                        experimental_api: false,
-                        request_attestation: false,
                        opt_out_notification_methods: None,
                    }),
                },
@@ -1703,114 +1404,6 @@ async fn guardian_review_event_ingests_custom_fact_with_optional_target_item() {
    assert_eq!(payload[0]["event_params"]["review_timeout_ms"], 90_000);
 }

-#[tokio::test]
-async fn item_lifecycle_notifications_publish_command_execution_event() {
-    let mut reducer = AnalyticsReducer::default();
-    let mut events = Vec::new();
-
-    ingest_tool_review_prerequisites(&mut reducer, &mut events).await;
-    reducer
-        .ingest(
-            AnalyticsFact::Notification(Box::new(ServerNotification::ItemStarted(
-                ItemStartedNotification {
-                    thread_id: "thread-1".to_string(),
-                    turn_id: "turn-1".to_string(),
-                    started_at_ms: 1_000,
-                    item: sample_command_execution_item(
-                        CommandExecutionStatus::InProgress,
-                        /*exit_code*/ None,
-                        /*duration_ms*/ None,
-                    ),
-                },
-            ))),
-            &mut events,
-        )
-        .await;
-    assert!(
-        events.is_empty(),
-        "tool item event should emit on completion"
-    );
-
-    reducer
-        .ingest(
-            AnalyticsFact::Notification(Box::new(ServerNotification::ItemCompleted(
-                ItemCompletedNotification {
-                    thread_id: "thread-1".to_string(),
-                    turn_id: "turn-1".to_string(),
-                    completed_at_ms: 1_045,
-                    item: sample_command_execution_item_with_actions(
-                        CommandExecutionStatus::Completed,
-                        Some(0),
-                        Some(42),
-                        vec![
-                            CommandAction::Read {
-                                command: "cat README.md".to_string(),
-                                name: "README.md".to_string(),
-                                path: test_path_buf("/tmp/README.md").abs(),
-                            },
-                            CommandAction::ListFiles {
-                                command: "ls".to_string(),
-                                path: None,
-                            },
-                            CommandAction::Search {
-                                command: "rg TODO".to_string(),
-                                query: Some("TODO".to_string()),
-                                path: None,
-                            },
-                            CommandAction::Unknown {
-                                command: "cargo test".to_string(),
-                            },
-                        ],
-                    ),
-                },
-            ))),
-            &mut events,
-        )
-        .await;
-
-    let payload = serde_json::to_value(&events).expect("serialize events");
-    assert_eq!(payload.as_array().expect("events array").len(), 1);
-    assert_eq!(payload[0]["event_type"], "codex_command_execution_event");
-    assert_eq!(payload[0]["event_params"]["thread_id"], "thread-1");
-    assert_eq!(payload[0]["event_params"]["turn_id"], "turn-1");
-    assert_eq!(payload[0]["event_params"]["item_id"], "item-1");
-    assert_eq!(payload[0]["event_params"]["tool_name"], "shell");
-    assert_eq!(
-        payload[0]["event_params"]["command_execution_source"],
-        "agent"
-    );
-    assert_eq!(payload[0]["event_params"]["terminal_status"], "completed");
-    assert_eq!(
-        payload[0]["event_params"]["final_approval_outcome"],
-        "unknown"
-    );
-    assert_eq!(
-        payload[0]["event_params"]["failure_kind"],
-        serde_json::Value::Null
-    );
-    assert_eq!(payload[0]["event_params"]["exit_code"], 0);
-    assert_eq!(payload[0]["event_params"]["command_total_action_count"], 4);
-    assert_eq!(payload[0]["event_params"]["command_read_action_count"], 1);
-    assert_eq!(
-        payload[0]["event_params"]["command_list_files_action_count"],
-        1
-    );
-    assert_eq!(payload[0]["event_params"]["command_search_action_count"], 1);
-    assert_eq!(
-        payload[0]["event_params"]["command_unknown_action_count"],
-        1
-    );
-    assert_eq!(payload[0]["event_params"]["started_at_ms"], 1_000);
-    assert_eq!(payload[0]["event_params"]["completed_at_ms"], 1_045);
-    assert_eq!(payload[0]["event_params"]["duration_ms"], 45);
-    assert_eq!(payload[0]["event_params"]["execution_duration_ms"], 42);
-    assert_eq!(
-        payload[0]["event_params"]["app_server_client"]["client_name"],
-        "codex-tui"
-    );
-    assert_eq!(payload[0]["event_params"]["thread_source"], "user");
-}
-
 #[test]
 fn subagent_thread_started_review_serializes_expected_shape() {
    let event = TrackEventRequest::ThreadInitialized(subagent_thread_started_event_request(
@@ -2094,79 +1687,6 @@ async fn subagent_thread_started_inherits_parent_connection_for_new_thread() {
    );
 }

-#[tokio::test]
-async fn subagent_tool_items_inherit_parent_connection_metadata() {
-    let mut reducer = AnalyticsReducer::default();
-    let mut events = Vec::new();
-
-    ingest_tool_review_prerequisites(&mut reducer, &mut events).await;
-    reducer
-        .ingest(
-            AnalyticsFact::Custom(CustomAnalyticsFact::SubAgentThreadStarted(
-                SubAgentThreadStartedInput {
-                    thread_id: "thread-subagent".to_string(),
-                    parent_thread_id: Some("thread-1".to_string()),
-                    product_client_id: "codex-tui".to_string(),
-                    client_name: "codex-tui".to_string(),
-                    client_version: "1.0.0".to_string(),
-                    model: "gpt-5".to_string(),
-                    ephemeral: false,
-                    subagent_source: SubAgentSource::Review,
-                    created_at: 128,
-                },
-            )),
-            &mut events,
-        )
-        .await;
-    events.clear();
-
-    reducer
-        .ingest(
-            AnalyticsFact::Notification(Box::new(ServerNotification::ItemStarted(
-                ItemStartedNotification {
-                    thread_id: "thread-subagent".to_string(),
-                    turn_id: "turn-subagent".to_string(),
-                    started_at_ms: 1_000,
-                    item: sample_command_execution_item(
-                        CommandExecutionStatus::InProgress,
-                        /*exit_code*/ None,
-                        /*duration_ms*/ None,
-                    ),
-                },
-            ))),
-            &mut events,
-        )
-        .await;
-    reducer
-        .ingest(
-            AnalyticsFact::Notification(Box::new(ServerNotification::ItemCompleted(
-                ItemCompletedNotification {
-                    thread_id: "thread-subagent".to_string(),
-                    turn_id: "turn-subagent".to_string(),
-                    completed_at_ms: 1_042,
-                    item: sample_command_execution_item(
-                        CommandExecutionStatus::Completed,
-                        Some(0),
-                        Some(42),
-                    ),
-                },
-            ))),
-            &mut events,
-        )
-        .await;
-
-    let payload = serde_json::to_value(&events).expect("serialize events");
-    assert_eq!(payload.as_array().expect("events array").len(), 1);
-    assert_eq!(payload[0]["event_type"], "codex_command_execution_event");
-    assert_eq!(payload[0]["event_params"]["thread_source"], "subagent");
-    assert_eq!(payload[0]["event_params"]["subagent_source"], "review");
-    assert_eq!(payload[0]["event_params"]["parent_thread_id"], "thread-1");
-    assert_eq!(
-        payload[0]["event_params"]["app_server_client"]["client_name"],
-        "codex-tui"
-    );
-}
-
 #[test]
 fn plugin_used_event_serializes_expected_shape() {
    let tracking = TrackEventsContext {
--- a/codex-rs/analytics/src/client.rs
+++ b/codex-rs/analytics/src/client.rs
@@ -30,7 +30,6 @@ use codex_app_server_protocol::ServerNotification;
 use codex_app_server_protocol::ServerRequest;
 use codex_app_server_protocol::ServerResponse;
 use codex_login::AuthManager;
-use codex_login::CodexAuth;
 use codex_login::default_client::create_client;
 use codex_plugin::PluginTelemetryMetadata;
 use std::collections::HashSet;
@@ -334,6 +333,10 @@ impl AnalyticsEventsClient {
        });
    }

+    pub fn track_notification(&self, notification: ServerNotification) {
+        self.record_fact(AnalyticsFact::Notification(Box::new(notification)));
+    }
+
    pub fn track_server_request(&self, connection_id: u64, request: ServerRequest) {
        self.record_fact(AnalyticsFact::ServerRequest {
            connection_id,
@@ -341,28 +344,11 @@ impl AnalyticsEventsClient {
        });
    }

-    pub fn track_server_response(&self, completed_at_ms: u64, response: ServerResponse) {
+    pub fn track_server_response(&self, response: ServerResponse) {
        self.record_fact(AnalyticsFact::ServerResponse {
-            completed_at_ms,
            response: Box::new(response),
        });
    }
-
-    pub fn track_notification(&self, notification: ServerNotification) {
-        if !matches!(
-            notification,
-            ServerNotification::TurnStarted(_)
-                | ServerNotification::TurnCompleted(_)
-                | ServerNotification::TurnDiffUpdated(_)
-                | ServerNotification::ItemStarted(_)
-                | ServerNotification::ItemCompleted(_)
-                | ServerNotification::ItemGuardianApprovalReviewStarted(_)
-                | ServerNotification::ItemGuardianApprovalReviewCompleted(_)
-        ) {
-            return;
-        }
-        self.record_fact(AnalyticsFact::Notification(Box::new(notification)));
-    }
 }

 async fn send_track_events(
@@ -373,7 +359,6 @@ async fn send_track_events(
    if events.is_empty() {
        return;
    }
-
    let Some(auth) = auth_manager.auth().await else {
        return;
    };
@@ -383,45 +368,12 @@ async fn send_track_events(

    let base_url = base_url.trim_end_matches('/');
    let url = format!("{base_url}/codex/analytics-events/events");
-    for events in track_event_request_batches(events) {
-        send_track_events_request(&auth, &url, events).await;
-    }
-}
-
-fn track_event_request_batches(events: Vec<TrackEventRequest>) -> Vec<Vec<TrackEventRequest>> {
-    let mut batches = Vec::new();
-    let mut current_batch = Vec::new();
-
-    for event in events {
-        if event.should_send_in_isolated_request() {
-            if !current_batch.is_empty() {
-                batches.push(current_batch);
-                current_batch = Vec::new();
-            }
-            batches.push(vec![event]);
-        } else {
-            current_batch.push(event);
-        }
-    }
-
-    if !current_batch.is_empty() {
-        batches.push(current_batch);
-    }
-
-    batches
-}
-
-async fn send_track_events_request(auth: &CodexAuth, url: &str, events: Vec<TrackEventRequest>) {
-    if events.is_empty() {
-        return;
-    }
-
    let payload = TrackEventsRequest { events };

    let response = create_client()
-        .post(url)
+        .post(&url)
        .timeout(ANALYTICS_EVENTS_TIMEOUT)
-        .headers(codex_model_provider::auth_provider_from_auth(auth).to_auth_headers())
+        .headers(codex_model_provider::auth_provider_from_auth(&auth).to_auth_headers())
        .header("Content-Type", "application/json")
        .json(&payload)
        .send()
--- a/codex-rs/analytics/src/client_tests.rs
+++ b/codex-rs/analytics/src/client_tests.rs
@@ -1,14 +1,6 @@
 use super::AnalyticsEventsClient;
 use super::AnalyticsEventsQueue;
-use super::track_event_request_batches;
-use crate::events::CodexAcceptedLineFingerprintsEventParams;
-use crate::events::CodexAcceptedLineFingerprintsEventRequest;
-use crate::events::SkillInvocationEventParams;
-use crate::events::SkillInvocationEventRequest;
-use crate::events::TrackEventRequest;
-use crate::facts::AcceptedLineFingerprint;
 use crate::facts::AnalyticsFact;
-use crate::facts::InvocationType;
 use codex_app_server_protocol::ApprovalsReviewer as AppServerApprovalsReviewer;
 use codex_app_server_protocol::AskForApproval as AppServerAskForApproval;
 use codex_app_server_protocol::ClientRequest;
@@ -39,47 +31,6 @@ use std::sync::Mutex;
 use tokio::sync::mpsc;
 use tokio::sync::mpsc::error::TryRecvError;

-fn sample_accepted_line_fingerprint_event(thread_id: &str) -> TrackEventRequest {
-    TrackEventRequest::AcceptedLineFingerprints(Box::new(
-        CodexAcceptedLineFingerprintsEventRequest {
-            event_type: "codex_accepted_line_fingerprints",
-            event_params: CodexAcceptedLineFingerprintsEventParams {
-                event_type: "codex.accepted_line_fingerprints",
-                turn_id: "turn-1".to_string(),
-                thread_id: thread_id.to_string(),
-                product_surface: Some("codex".to_string()),
-                model_slug: Some("gpt-5.1-codex".to_string()),
-                completed_at: 1,
-                repo_hash: None,
-                accepted_added_lines: 1,
-                accepted_deleted_lines: 0,
-                line_fingerprints: vec![AcceptedLineFingerprint {
-                    path_hash: "path-hash".to_string(),
-                    line_hash: "line-hash".to_string(),
-                }],
-            },
-        },
-    ))
-}
-
-fn sample_regular_track_event(thread_id: &str) -> TrackEventRequest {
-    TrackEventRequest::SkillInvocation(SkillInvocationEventRequest {
-        event_type: "skill_invocation",
-        skill_id: format!("skill-{thread_id}"),
-        skill_name: "doc".to_string(),
-        event_params: SkillInvocationEventParams {
-            product_client_id: None,
-            skill_scope: None,
-            plugin_id: None,
-            repo_url: None,
-            thread_id: Some(thread_id.to_string()),
-            turn_id: Some("turn-1".to_string()),
-            invoke_type: Some(InvocationType::Explicit),
-            model_slug: Some("gpt-5.1-codex".to_string()),
-        },
-    })
-}
-
 fn client_with_receiver() -> (AnalyticsEventsClient, mpsc::Receiver<AnalyticsFact>) {
    let (sender, receiver) = mpsc::channel(8);
    let queue = AnalyticsEventsQueue {
@@ -271,23 +222,3 @@ fn track_response_only_enqueues_analytics_relevant_responses() {
    );
    assert!(matches!(receiver.try_recv(), Err(TryRecvError::Empty)));
 }
-
-#[test]
-fn track_event_request_batches_only_isolates_accepted_line_fingerprint_events() {
-    let batches = track_event_request_batches(vec![
-        sample_regular_track_event("thread-1"),
-        sample_regular_track_event("thread-2"),
-        sample_accepted_line_fingerprint_event("thread-3"),
-        sample_accepted_line_fingerprint_event("thread-4"),
-        sample_regular_track_event("thread-5"),
-        sample_regular_track_event("thread-6"),
-    ]);
-
-    assert_eq!(batches.len(), 4);
-    assert_eq!(batches[0].len(), 2);
-    assert_eq!(batches[1].len(), 1);
-    assert_eq!(batches[2].len(), 1);
-    assert_eq!(batches[3].len(), 2);
-    assert!(batches[1][0].should_send_in_isolated_request());
-    assert!(batches[2][0].should_send_in_isolated_request());
-}
--- a/codex-rs/analytics/src/events.rs
+++ b/codex-rs/analytics/src/events.rs
@@ -1,6 +1,5 @@
 use std::time::Instant;

-use crate::facts::AcceptedLineFingerprint;
 use crate::facts::AppInvocation;
 use crate::facts::CodexCompactionEvent;
 use crate::facts::CompactionImplementation;
@@ -19,10 +18,8 @@ use crate::facts::TurnStatus;
 use crate::facts::TurnSteerRejectionReason;
 use crate::facts::TurnSteerResult;
 use crate::facts::TurnSubmissionType;
-use crate::now_unix_millis;
 use crate::now_unix_seconds;
 use codex_app_server_protocol::CodexErrorInfo;
-use codex_app_server_protocol::CommandExecutionSource;
 use codex_login::default_client::originator;
 use codex_plugin::PluginTelemetryMetadata;
 use codex_protocol::approvals::NetworkApprovalProtocol;
@@ -65,16 +62,20 @@ pub(crate) enum TrackEventRequest {
    Compaction(Box<CodexCompactionEventRequest>),
    TurnEvent(Box<CodexTurnEventRequest>),
    TurnSteer(CodexTurnSteerEventRequest),
-    CommandExecution(CodexCommandExecutionEventRequest),
-    FileChange(CodexFileChangeEventRequest),
-    McpToolCall(CodexMcpToolCallEventRequest),
-    DynamicToolCall(CodexDynamicToolCallEventRequest),
-    CollabAgentToolCall(CodexCollabAgentToolCallEventRequest),
-    WebSearch(CodexWebSearchEventRequest),
-    ImageGeneration(CodexImageGenerationEventRequest),
-    AcceptedLineFingerprints(Box<CodexAcceptedLineFingerprintsEventRequest>),
    #[allow(dead_code)]
-    ReviewEvent(CodexReviewEventRequest),
+    CommandExecution(CodexCommandExecutionEventRequest),
+    #[allow(dead_code)]
+    FileChange(CodexFileChangeEventRequest),
+    #[allow(dead_code)]
+    McpToolCall(CodexMcpToolCallEventRequest),
+    #[allow(dead_code)]
+    DynamicToolCall(CodexDynamicToolCallEventRequest),
+    #[allow(dead_code)]
+    CollabAgentToolCall(CodexCollabAgentToolCallEventRequest),
+    #[allow(dead_code)]
+    WebSearch(CodexWebSearchEventRequest),
+    #[allow(dead_code)]
+    ImageGeneration(CodexImageGenerationEventRequest),
    PluginUsed(CodexPluginUsedEventRequest),
    PluginInstalled(CodexPluginEventRequest),
    PluginUninstalled(CodexPluginEventRequest),
@@ -82,32 +83,6 @@ pub(crate) enum TrackEventRequest {
    PluginDisabled(CodexPluginEventRequest),
 }

-impl TrackEventRequest {
-    pub(crate) fn should_send_in_isolated_request(&self) -> bool {
-        matches!(self, Self::AcceptedLineFingerprints(_))
-    }
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexAcceptedLineFingerprintsEventParams {
-    pub(crate) event_type: &'static str,
-    pub(crate) turn_id: String,
-    pub(crate) thread_id: String,
-    pub(crate) product_surface: Option<String>,
-    pub(crate) model_slug: Option<String>,
-    pub(crate) completed_at: u64,
-    pub(crate) repo_hash: Option<String>,
-    pub(crate) accepted_added_lines: u64,
-    pub(crate) accepted_deleted_lines: u64,
-    pub(crate) line_fingerprints: Vec<AcceptedLineFingerprint>,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexAcceptedLineFingerprintsEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexAcceptedLineFingerprintsEventParams,
-}
-
 #[derive(Serialize)]
 pub(crate) struct SkillInvocationEventRequest {
    pub(crate) event_type: &'static str,
@@ -290,7 +265,7 @@ pub struct GuardianReviewTrackContext {
    approval_request_source: GuardianApprovalRequestSource,
    reviewed_action: GuardianReviewedAction,
    review_timeout_ms: u64,
-    pub started_at_ms: u64,
+    started_at: u64,
    started_instant: Instant,
 }

@@ -312,7 +287,7 @@ impl GuardianReviewTrackContext {
            approval_request_source,
            reviewed_action,
            review_timeout_ms,
-            started_at_ms: now_unix_millis(),
+            started_at: now_unix_seconds(),
            started_instant: Instant::now(),
        }
    }
@@ -345,7 +320,7 @@ impl GuardianReviewTrackContext {
            tool_call_count: None,
            time_to_first_token_ms: result.time_to_first_token_ms,
            completion_latency_ms: Some(self.started_instant.elapsed().as_millis() as u64),
-            started_at: self.started_at_ms / 1_000,
+            started_at: self.started_at,
            completed_at: Some(now_unix_seconds()),
            input_tokens: result.token_usage.as_ref().map(|usage| usage.input_tokens),
            cached_input_tokens: result
@@ -473,16 +448,13 @@ pub(crate) struct CodexToolItemEventBase {
    pub(crate) item_id: String,
    pub(crate) app_server_client: CodexAppServerClientMetadata,
    pub(crate) runtime: CodexRuntimeMetadata,
-    pub(crate) thread_source: Option<ThreadSource>,
+    pub(crate) thread_source: Option<&'static str>,
    pub(crate) subagent_source: Option<String>,
    pub(crate) parent_thread_id: Option<String>,
    pub(crate) tool_name: String,
    pub(crate) started_at_ms: u64,
    pub(crate) completed_at_ms: u64,
-    // Observed item lifecycle duration. This may undercount end-to-end execution
-    // for tools where app-server only sees part of the upstream flow.
    pub(crate) duration_ms: Option<u64>,
-    pub(crate) execution_duration_ms: Option<u64>,
    pub(crate) review_count: u64,
    pub(crate) guardian_review_count: u64,
    pub(crate) user_review_count: u64,
@@ -496,79 +468,13 @@ pub(crate) struct CodexToolItemEventBase {
 #[allow(dead_code)]
 #[derive(Clone, Copy, Debug, Serialize)]
 #[serde(rename_all = "snake_case")]
-pub(crate) enum ReviewSubjectKind {
-    CommandExecution,
-    FileChange,
-    McpToolCall,
-    Permissions,
-    NetworkAccess,
+pub(crate) enum CommandExecutionSource {
+    Agent,
+    UserShell,
+    UnifiedExecStartup,
+    UnifiedExecInteraction,
 }

-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum Reviewer {
-    Guardian,
-    User,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum ReviewTrigger {
-    Initial,
-    SandboxDenial,
-    NetworkPolicyDenial,
-    ExecveIntercept,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum ReviewStatus {
-    Approved,
-    Denied,
-    Aborted,
-    TimedOut,
-}
-
-#[allow(dead_code)]
-#[derive(Clone, Copy, Debug, Serialize)]
-#[serde(rename_all = "snake_case")]
-pub(crate) enum ReviewResolution {
-    None,
-    SessionApproval,
-    ExecPolicyAmendment,
-    NetworkPolicyAmendment,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexReviewEventParams {
-    pub(crate) thread_id: String,
-    pub(crate) turn_id: String,
-    pub(crate) item_id: Option<String>,
-    pub(crate) review_id: String,
-    pub(crate) app_server_client: CodexAppServerClientMetadata,
-    pub(crate) runtime: CodexRuntimeMetadata,
-    pub(crate) thread_source: Option<ThreadSource>,
-    pub(crate) subagent_source: Option<String>,
-    pub(crate) parent_thread_id: Option<String>,
-    pub(crate) tool_kind: ReviewSubjectKind,
-    pub(crate) tool_name: String,
-    pub(crate) reviewer: Reviewer,
-    pub(crate) trigger: ReviewTrigger,
-    pub(crate) status: ReviewStatus,
-    pub(crate) resolution: ReviewResolution,
-    pub(crate) started_at_ms: u64,
-    pub(crate) completed_at_ms: u64,
-    pub(crate) duration_ms: Option<u64>,
-}
-
-#[derive(Serialize)]
-pub(crate) struct CodexReviewEventRequest {
-    pub(crate) event_type: &'static str,
-    pub(crate) event_params: CodexReviewEventParams,
-}
 #[allow(dead_code)]
 #[derive(Clone, Copy, Debug, Serialize)]
 #[serde(rename_all = "snake_case")]
@@ -686,6 +592,7 @@ pub(crate) struct CodexWebSearchEventRequest {
 pub(crate) struct CodexImageGenerationEventParams {
    #[serde(flatten)]
    pub(crate) base: CodexToolItemEventBase,
+    pub(crate) image_generation_status: String,
    pub(crate) revised_prompt_present: bool,
    pub(crate) saved_path_present: bool,
 }
@@ -988,8 +895,6 @@ fn analytics_hook_event_name(event_name: HookEventName) -> &'static str {
        HookEventName::PreToolUse => "PreToolUse",
        HookEventName::PermissionRequest => "PermissionRequest",
        HookEventName::PostToolUse => "PostToolUse",
-        HookEventName::PreCompact => "PreCompact",
-        HookEventName::PostCompact => "PostCompact",
        HookEventName::SessionStart => "SessionStart",
        HookEventName::UserPromptSubmit => "UserPromptSubmit",
        HookEventName::Stop => "Stop",
--- a/codex-rs/analytics/src/facts.rs
+++ b/codex-rs/analytics/src/facts.rs
@@ -28,12 +28,6 @@ use codex_protocol::protocol::TokenUsage;
 use serde::Serialize;
 use std::path::PathBuf;

-#[derive(Clone, Debug, PartialEq, Eq, Serialize)]
-pub struct AcceptedLineFingerprint {
-    pub path_hash: String,
-    pub line_hash: String,
-}
-
 #[derive(Clone)]
 pub struct TrackEventsContext {
    pub model_slug: String,
@@ -302,7 +296,6 @@ pub(crate) enum AnalyticsFact {
        request: Box<ServerRequest>,
    },
    ServerResponse {
-        completed_at_ms: u64,
        response: Box<ServerResponse>,
    },
    Notification(Box<ServerNotification>),
--- a/codex-rs/analytics/src/lib.rs
+++ b/codex-rs/analytics/src/lib.rs
@@ -1,4 +1,3 @@
-mod accepted_lines;
 mod client;
 mod events;
 mod facts;
@@ -7,8 +6,6 @@ mod reducer;
 use std::time::SystemTime;
 use std::time::UNIX_EPOCH;

-pub use accepted_lines::accepted_line_fingerprints_from_unified_diff;
-pub use accepted_lines::fingerprint_hash;
 pub use client::AnalyticsEventsClient;
 pub use events::AppServerRpcTransport;
 pub use events::GuardianApprovalRequestSource;
@@ -20,7 +17,6 @@ pub use events::GuardianReviewSessionKind;
 pub use events::GuardianReviewTerminalStatus;
 pub use events::GuardianReviewTrackContext;
 pub use events::GuardianReviewedAction;
-pub use facts::AcceptedLineFingerprint;
 pub use facts::AnalyticsJsonRpcError;
 pub use facts::AppInvocation;
 pub use facts::CodexCompactionEvent;
@@ -55,27 +51,3 @@ pub fn now_unix_seconds() -> u64 {
        .unwrap_or_default()
        .as_secs()
 }
-
-pub fn now_unix_millis() -> u64 {
-    u64::try_from(
-        SystemTime::now()
-            .duration_since(UNIX_EPOCH)
-            .unwrap_or_default()
-            .as_millis(),
-    )
-    .unwrap_or(u64::MAX)
-}
-
-pub(crate) fn serialize_enum_as_string<T: serde::Serialize>(value: &T) -> Option<String> {
-    serde_json::to_value(value)
-        .ok()
-        .and_then(|value| value.as_str().map(str::to_string))
-}
-
-pub(crate) fn usize_to_u64(value: usize) -> u64 {
-    u64::try_from(value).unwrap_or(u64::MAX)
-}
-
-pub(crate) fn option_i64_to_u64(value: Option<i64>) -> Option<u64> {
-    value.and_then(|value| u64::try_from(value).ok())
-}
--- a/codex-rs/analytics/src/reducer.rs
+++ b/codex-rs/analytics/src/reducer.rs
@@ -1,35 +1,16 @@
-use crate::accepted_lines::AcceptedLineFingerprintEventInput;
-use crate::accepted_lines::accepted_line_fingerprint_event_requests;
-use crate::accepted_lines::accepted_line_fingerprints_from_unified_diff;
-use crate::accepted_lines::accepted_line_repo_hash_for_cwd;
 use crate::events::AppServerRpcTransport;
 use crate::events::CodexAppMentionedEventRequest;
 use crate::events::CodexAppServerClientMetadata;
 use crate::events::CodexAppUsedEventRequest;
-use crate::events::CodexCollabAgentToolCallEventParams;
-use crate::events::CodexCollabAgentToolCallEventRequest;
-use crate::events::CodexCommandExecutionEventParams;
-use crate::events::CodexCommandExecutionEventRequest;
 use crate::events::CodexCompactionEventRequest;
-use crate::events::CodexDynamicToolCallEventParams;
-use crate::events::CodexDynamicToolCallEventRequest;
-use crate::events::CodexFileChangeEventParams;
-use crate::events::CodexFileChangeEventRequest;
 use crate::events::CodexHookRunEventRequest;
-use crate::events::CodexImageGenerationEventParams;
-use crate::events::CodexImageGenerationEventRequest;
-use crate::events::CodexMcpToolCallEventParams;
-use crate::events::CodexMcpToolCallEventRequest;
 use crate::events::CodexPluginEventRequest;
 use crate::events::CodexPluginUsedEventRequest;
 use crate::events::CodexRuntimeMetadata;
-use crate::events::CodexToolItemEventBase;
 use crate::events::CodexTurnEventParams;
 use crate::events::CodexTurnEventRequest;
 use crate::events::CodexTurnSteerEventParams;
 use crate::events::CodexTurnSteerEventRequest;
-use crate::events::CodexWebSearchEventParams;
-use crate::events::CodexWebSearchEventRequest;
 use crate::events::GuardianReviewEventParams;
 use crate::events::GuardianReviewEventPayload;
 use crate::events::GuardianReviewEventRequest;
@@ -37,11 +18,7 @@ use crate::events::SkillInvocationEventParams;
 use crate::events::SkillInvocationEventRequest;
 use crate::events::ThreadInitializedEvent;
 use crate::events::ThreadInitializedEventParams;
-use crate::events::ToolItemFailureKind;
-use crate::events::ToolItemFinalApprovalOutcome;
-use crate::events::ToolItemTerminalStatus;
 use crate::events::TrackEventRequest;
-use crate::events::WebSearchActionKind;
 use crate::events::codex_app_metadata;
 use crate::events::codex_compaction_event_params;
 use crate::events::codex_hook_run_metadata;
@@ -70,30 +47,14 @@ use crate::facts::TurnSteerRejectionReason;
 use crate::facts::TurnSteerResult;
 use crate::facts::TurnTokenUsageFact;
 use crate::now_unix_seconds;
-use crate::option_i64_to_u64;
-use crate::serialize_enum_as_string;
-use crate::usize_to_u64;
 use codex_app_server_protocol::ClientRequest;
 use codex_app_server_protocol::ClientResponse;
 use codex_app_server_protocol::CodexErrorInfo;
-use codex_app_server_protocol::CollabAgentStatus;
-use codex_app_server_protocol::CollabAgentTool;
-use codex_app_server_protocol::CollabAgentToolCallStatus;
-use codex_app_server_protocol::CommandAction;
-use codex_app_server_protocol::CommandExecutionSource;
-use codex_app_server_protocol::CommandExecutionStatus;
-use codex_app_server_protocol::DynamicToolCallOutputContentItem;
-use codex_app_server_protocol::DynamicToolCallStatus;
 use codex_app_server_protocol::InitializeParams;
-use codex_app_server_protocol::McpToolCallStatus;
-use codex_app_server_protocol::PatchApplyStatus;
-use codex_app_server_protocol::PatchChangeKind;
 use codex_app_server_protocol::RequestId;
 use codex_app_server_protocol::ServerNotification;
-use codex_app_server_protocol::ThreadItem;
 use codex_app_server_protocol::TurnSteerResponse;
 use codex_app_server_protocol::UserInput;
-use codex_app_server_protocol::WebSearchAction;
 use codex_git_utils::collect_git_info;
 use codex_git_utils::get_git_repo_root;
 use codex_login::default_client::originator;
@@ -108,7 +69,6 @@ use codex_protocol::protocol::TokenUsage;
 use sha1::Digest;
 use std::collections::HashMap;
 use std::path::Path;
-use std::path::PathBuf;

 #[derive(Default)]
 pub(crate) struct AnalyticsReducer {
@@ -116,7 +76,6 @@ pub(crate) struct AnalyticsReducer {
    turns: HashMap<String, TurnState>,
    connections: HashMap<u64, ConnectionState>,
    threads: HashMap<String, ThreadAnalyticsState>,
-    tool_items_started_at_ms: HashMap<ToolItemKey, u64>,
 }

 struct ConnectionState {
@@ -160,19 +119,6 @@ impl<'a> AnalyticsDropSite<'a> {
        }
    }

-    fn tool_item(
-        notification: &'a codex_app_server_protocol::ItemCompletedNotification,
-        item_id: &'a str,
-    ) -> Self {
-        Self {
-            event_name: "tool item",
-            thread_id: &notification.thread_id,
-            turn_id: Some(&notification.turn_id),
-            review_id: None,
-            item_id: Some(item_id),
-        }
-    }
-
    fn turn_steer(thread_id: &'a str) -> Self {
        Self {
            event_name: "turn steer",
@@ -269,17 +215,9 @@ struct TurnState {
    started_at: Option<u64>,
    token_usage: Option<TokenUsage>,
    completed: Option<CompletedTurnState>,
-    latest_diff: Option<String>,
    steer_count: usize,
 }

-#[derive(Hash, Eq, PartialEq)]
-struct ToolItemKey {
-    thread_id: String,
-    turn_id: String,
-    item_id: String,
-}
-
 impl AnalyticsReducer {
    pub(crate) async fn ingest(&mut self, input: AnalyticsFact, out: &mut Vec<TrackEventRequest>) {
        match input {
@@ -311,7 +249,7 @@ impl AnalyticsReducer {
                response,
            } => {
                if let Some(response) = response.into_client_response(request_id) {
-                    self.ingest_response(connection_id, response, out).await;
+                    self.ingest_response(connection_id, response, out);
                }
            }
            AnalyticsFact::ErrorResponse {
@@ -323,7 +261,7 @@ impl AnalyticsReducer {
                self.ingest_error_response(connection_id, request_id, error_type, out);
            }
            AnalyticsFact::Notification(notification) => {
-                self.ingest_notification(*notification, out).await;
+                self.ingest_notification(*notification, out);
            }
            AnalyticsFact::ServerRequest {
                connection_id: _connection_id,
@@ -331,7 +269,6 @@ impl AnalyticsReducer {
            } => {}
            AnalyticsFact::ServerResponse {
                response: _response,
-                ..
            } => {}
            AnalyticsFact::Custom(input) => match input {
                CustomAnalyticsFact::SubAgentThreadStarted(input) => {
@@ -344,10 +281,10 @@ impl AnalyticsReducer {
                    self.ingest_guardian_review(*input, out);
                }
                CustomAnalyticsFact::TurnResolvedConfig(input) => {
-                    self.ingest_turn_resolved_config(*input, out).await;
+                    self.ingest_turn_resolved_config(*input, out);
                }
                CustomAnalyticsFact::TurnTokenUsage(input) => {
-                    self.ingest_turn_token_usage(*input, out).await;
+                    self.ingest_turn_token_usage(*input, out);
                }
                CustomAnalyticsFact::SkillInvoked(input) => {
                    self.ingest_skill_invoked(input, out).await;
@@ -479,7 +416,7 @@ impl AnalyticsReducer {
        }
    }

-    async fn ingest_turn_resolved_config(
+    fn ingest_turn_resolved_config(
        &mut self,
        input: TurnResolvedConfigFact,
        out: &mut Vec<TrackEventRequest>,
@@ -495,16 +432,15 @@ impl AnalyticsReducer {
            started_at: None,
            token_usage: None,
            completed: None,
-            latest_diff: None,
            steer_count: 0,
        });
        turn_state.thread_id = Some(thread_id);
        turn_state.num_input_images = Some(num_input_images);
        turn_state.resolved_config = Some(input);
-        self.maybe_emit_turn_event(&turn_id, out).await;
+        self.maybe_emit_turn_event(&turn_id, out);
    }

-    async fn ingest_turn_token_usage(
+    fn ingest_turn_token_usage(
        &mut self,
        input: TurnTokenUsageFact,
        out: &mut Vec<TrackEventRequest>,
@@ -518,12 +454,11 @@ impl AnalyticsReducer {
            started_at: None,
            token_usage: None,
            completed: None,
-            latest_diff: None,
            steer_count: 0,
        });
        turn_state.thread_id = Some(input.thread_id);
        turn_state.token_usage = Some(input.token_usage);
-        self.maybe_emit_turn_event(&turn_id, out).await;
+        self.maybe_emit_turn_event(&turn_id, out);
    }

    async fn ingest_skill_invoked(
@@ -630,7 +565,7 @@ impl AnalyticsReducer {
        });
    }

-    async fn ingest_response(
+    fn ingest_response(
        &mut self,
        connection_id: u64,
        response: ClientResponse,
@@ -682,13 +617,12 @@ impl AnalyticsReducer {
                    started_at: None,
                    token_usage: None,
                    completed: None,
-                    latest_diff: None,
                    steer_count: 0,
                });
                turn_state.connection_id = Some(connection_id);
                turn_state.thread_id = Some(pending_request.thread_id);
                turn_state.num_input_images = Some(pending_request.num_input_images);
-                self.maybe_emit_turn_event(&turn_id, out).await;
+                self.maybe_emit_turn_event(&turn_id, out);
            }
            ClientResponse::TurnSteer {
                request_id,
@@ -750,68 +684,12 @@ impl AnalyticsReducer {
        );
    }

-    async fn ingest_notification(
+    fn ingest_notification(
        &mut self,
        notification: ServerNotification,
        out: &mut Vec<TrackEventRequest>,
    ) {
        match notification {
-            ServerNotification::ItemStarted(notification) => {
-                let Some(item_id) = tracked_tool_item_id(&notification.item) else {
-                    return;
-                };
-                let Some(started_at_ms) = option_i64_to_u64(Some(notification.started_at_ms))
-                else {
-                    return;
-                };
-                self.tool_items_started_at_ms.insert(
-                    ToolItemKey {
-                        thread_id: notification.thread_id,
-                        turn_id: notification.turn_id,
-                        item_id: item_id.to_string(),
-                    },
-                    started_at_ms,
-                );
-            }
-            ServerNotification::ItemCompleted(notification) => {
-                let Some(item_id) = tracked_tool_item_id(&notification.item) else {
-                    return;
-                };
-                let key = ToolItemKey {
-                    thread_id: notification.thread_id.clone(),
-                    turn_id: notification.turn_id.clone(),
-                    item_id: item_id.to_string(),
-                };
-                let Some(started_at_ms) = self.tool_items_started_at_ms.remove(&key) else {
-                    tracing::warn!(
-                        thread_id = %notification.thread_id,
-                        turn_id = %notification.turn_id,
-                        item_id,
-                        "dropping tool item analytics event: missing item started notification"
-                    );
-                    return;
-                };
-                let Some(completed_at_ms) = option_i64_to_u64(Some(notification.completed_at_ms))
-                else {
-                    return;
-                };
-                let Some((connection_state, thread_metadata)) = self
-                    .thread_context_or_warn(AnalyticsDropSite::tool_item(&notification, item_id))
-                else {
-                    return;
-                };
-                if let Some(event) = tool_item_event(
-                    &notification.thread_id,
-                    &notification.turn_id,
-                    &notification.item,
-                    started_at_ms,
-                    completed_at_ms,
-                    connection_state,
-                    thread_metadata,
-                ) {
-                    out.push(event);
-                }
-            }
            ServerNotification::TurnStarted(notification) => {
                let turn_state = self.turns.entry(notification.turn.id).or_insert(TurnState {
                    connection_id: None,
@@ -821,7 +699,6 @@ impl AnalyticsReducer {
                    started_at: None,
                    token_usage: None,
                    completed: None,
-                    latest_diff: None,
                    steer_count: 0,
                });
                turn_state.started_at = notification
@@ -829,24 +706,6 @@ impl AnalyticsReducer {
                    .started_at
                    .and_then(|started_at| u64::try_from(started_at).ok());
            }
-            ServerNotification::TurnDiffUpdated(notification) => {
-                let turn_state =
-                    self.turns
-                        .entry(notification.turn_id.clone())
-                        .or_insert(TurnState {
-                            connection_id: None,
-                            thread_id: None,
-                            num_input_images: None,
-                            resolved_config: None,
-                            started_at: None,
-                            token_usage: None,
-                            completed: None,
-                            latest_diff: None,
-                            steer_count: 0,
-                        });
-                turn_state.thread_id = Some(notification.thread_id);
-                turn_state.latest_diff = Some(notification.diff);
-            }
            ServerNotification::TurnCompleted(notification) => {
                let turn_state =
                    self.turns
@@ -859,7 +718,6 @@ impl AnalyticsReducer {
                            started_at: None,
                            token_usage: None,
                            completed: None,
-                            latest_diff: None,
                            steer_count: 0,
                        });
                turn_state.completed = Some(CompletedTurnState {
@@ -879,7 +737,7 @@ impl AnalyticsReducer {
                        .and_then(|duration_ms| u64::try_from(duration_ms).ok()),
                });
                let turn_id = notification.turn.id;
-                self.maybe_emit_turn_event(&turn_id, out).await;
+                self.maybe_emit_turn_event(&turn_id, out);
            }
            _ => {}
        }
@@ -921,7 +779,7 @@ impl AnalyticsReducer {
                    ephemeral: thread.ephemeral,
                    thread_source: thread_metadata.thread_source,
                    initialization_mode,
-                    subagent_source: thread_metadata.subagent_source.clone(),
+                    subagent_source: thread_metadata.subagent_source,
                    parent_thread_id: thread_metadata.parent_thread_id,
                    created_at: u64::try_from(thread.created_at).unwrap_or_default(),
                },
@@ -1015,7 +873,7 @@ impl AnalyticsReducer {
        }));
    }

-    async fn maybe_emit_turn_event(&mut self, turn_id: &str, out: &mut Vec<TrackEventRequest>) {
+    fn maybe_emit_turn_event(&mut self, turn_id: &str, out: &mut Vec<TrackEventRequest>) {
        let Some(turn_state) = self.turns.get(turn_id) else {
            return;
        };
@@ -1048,23 +906,18 @@ impl AnalyticsReducer {
            warn_missing_analytics_context(&drop_site, MissingAnalyticsContext::ThreadMetadata);
            return;
        };
-        let turn_event = TrackEventRequest::TurnEvent(Box::new(CodexTurnEventRequest {
-            event_type: "codex_turn_event",
-            event_params: codex_turn_event_params(
-                connection_state.app_server_client.clone(),
-                connection_state.runtime.clone(),
-                turn_id.to_string(),
-                turn_state,
-                thread_metadata,
-            ),
-        }));
-        let accepted_line_event = accepted_line_event_input(turn_id, turn_state);
-
-        out.push(turn_event);
-        if let Some((mut input, cwd)) = accepted_line_event {
-            input.repo_hash = accepted_line_repo_hash_for_cwd(cwd.as_path()).await;
-            out.extend(accepted_line_fingerprint_event_requests(input));
-        }
+        out.push(TrackEventRequest::TurnEvent(Box::new(
+            CodexTurnEventRequest {
+                event_type: "codex_turn_event",
+                event_params: codex_turn_event_params(
+                    connection_state.app_server_client.clone(),
+                    connection_state.runtime.clone(),
+                    turn_id.to_string(),
+                    turn_state,
+                    thread_metadata,
+                ),
+            },
+        )));
        self.turns.remove(turn_id);
    }

@@ -1130,582 +983,6 @@ fn warn_missing_analytics_context(
    );
 }

-fn tracked_tool_item_id(item: &ThreadItem) -> Option<&str> {
-    match item {
-        ThreadItem::CommandExecution { id, .. }
-        | ThreadItem::FileChange { id, .. }
-        | ThreadItem::McpToolCall { id, .. }
-        | ThreadItem::DynamicToolCall { id, .. }
-        | ThreadItem::CollabAgentToolCall { id, .. }
-        | ThreadItem::WebSearch { id, .. }
-        | ThreadItem::ImageGeneration { id, .. } => Some(id),
-        ThreadItem::UserMessage { .. }
-        | ThreadItem::HookPrompt { .. }
-        | ThreadItem::AgentMessage { .. }
-        | ThreadItem::Plan { .. }
-        | ThreadItem::Reasoning { .. }
-        | ThreadItem::ImageView { .. }
-        | ThreadItem::EnteredReviewMode { .. }
-        | ThreadItem::ExitedReviewMode { .. }
-        | ThreadItem::ContextCompaction { .. } => None,
-    }
-}
-
-fn tool_item_event(
-    thread_id: &str,
-    turn_id: &str,
-    item: &ThreadItem,
-    started_at_ms: u64,
-    completed_at_ms: u64,
-    connection_state: &ConnectionState,
-    thread_metadata: &ThreadMetadataState,
-) -> Option<TrackEventRequest> {
-    let context = ToolItemContext {
-        started_at_ms,
-        completed_at_ms,
-        connection_state,
-        thread_metadata,
-    };
-    match item {
-        ThreadItem::CommandExecution {
-            id,
-            source,
-            status,
-            command_actions,
-            exit_code,
-            duration_ms,
-            ..
-        } => {
-            let (terminal_status, failure_kind) = command_execution_outcome(status)?;
-            let action_counts = command_action_counts(command_actions);
-            let base = tool_item_base(
-                thread_id,
-                turn_id,
-                id.clone(),
-                command_execution_tool_name(*source).to_string(),
-                ToolItemOutcome {
-                    terminal_status,
-                    failure_kind,
-                    execution_duration_ms: option_i64_to_u64(*duration_ms),
-                },
-                context,
-            );
-            Some(TrackEventRequest::CommandExecution(
-                CodexCommandExecutionEventRequest {
-                    event_type: "codex_command_execution_event",
-                    event_params: CodexCommandExecutionEventParams {
-                        base,
-                        command_execution_source: *source,
-                        exit_code: *exit_code,
-                        command_total_action_count: action_counts.total,
-                        command_read_action_count: action_counts.read,
-                        command_list_files_action_count: action_counts.list_files,
-                        command_search_action_count: action_counts.search,
-                        command_unknown_action_count: action_counts.unknown,
-                    },
-                },
-            ))
-        }
-        ThreadItem::FileChange {
-            id,
-            changes,
-            status,
-        } => {
-            let (terminal_status, failure_kind) = patch_apply_outcome(status)?;
-            let counts = file_change_counts(changes);
-            let base = tool_item_base(
-                thread_id,
-                turn_id,
-                id.clone(),
-                "apply_patch".to_string(),
-                ToolItemOutcome {
-                    terminal_status,
-                    failure_kind,
-                    execution_duration_ms: None,
-                },
-                context,
-            );
-            Some(TrackEventRequest::FileChange(CodexFileChangeEventRequest {
-                event_type: "codex_file_change_event",
-                event_params: CodexFileChangeEventParams {
-                    base,
-                    file_change_count: usize_to_u64(changes.len()),
-                    file_add_count: counts.add,
-                    file_update_count: counts.update,
-                    file_delete_count: counts.delete,
-                    file_move_count: counts.move_,
-                },
-            }))
-        }
-        ThreadItem::McpToolCall {
-            id,
-            server,
-            tool,
-            status,
-            error,
-            duration_ms,
-            ..
-        } => {
-            let (terminal_status, failure_kind) = mcp_tool_call_outcome(status)?;
-            let base = tool_item_base(
-                thread_id,
-                turn_id,
-                id.clone(),
-                tool.clone(),
-                ToolItemOutcome {
-                    terminal_status,
-                    failure_kind,
-                    execution_duration_ms: option_i64_to_u64(*duration_ms),
-                },
-                context,
-            );
-            Some(TrackEventRequest::McpToolCall(
-                CodexMcpToolCallEventRequest {
-                    event_type: "codex_mcp_tool_call_event",
-                    event_params: CodexMcpToolCallEventParams {
-                        base,
-                        mcp_server_name: server.clone(),
-                        mcp_tool_name: tool.clone(),
-                        mcp_error_present: error.is_some(),
-                    },
-                },
-            ))
-        }
-        ThreadItem::DynamicToolCall {
-            id,
-            tool,
-            status,
-            content_items,
-            success,
-            duration_ms,
-            ..
-        } => {
-            let (terminal_status, failure_kind) = dynamic_tool_call_outcome(status)?;
-            let counts = content_items
-                .as_ref()
-                .map(|items| dynamic_content_counts(items));
-            let base = tool_item_base(
-                thread_id,
-                turn_id,
-                id.clone(),
-                tool.clone(),
-                ToolItemOutcome {
-                    terminal_status,
-                    failure_kind,
-                    execution_duration_ms: option_i64_to_u64(*duration_ms),
-                },
-                context,
-            );
-            Some(TrackEventRequest::DynamicToolCall(
-                CodexDynamicToolCallEventRequest {
-                    event_type: "codex_dynamic_tool_call_event",
-                    event_params: CodexDynamicToolCallEventParams {
-                        base,
-                        dynamic_tool_name: tool.clone(),
-                        success: *success,
-                        output_content_item_count: counts.map(|counts| counts.total),
-                        output_text_item_count: counts.map(|counts| counts.text),
-                        output_image_item_count: counts.map(|counts| counts.image),
-                    },
-                },
-            ))
-        }
-        ThreadItem::CollabAgentToolCall {
-            id,
-            tool,
-            status,
-            sender_thread_id,
-            receiver_thread_ids,
-            model,
-            reasoning_effort,
-            agents_states,
-            ..
-        } => {
-            let (terminal_status, failure_kind) = collab_tool_call_outcome(status)?;
-            let base = tool_item_base(
-                thread_id,
-                turn_id,
-                id.clone(),
-                collab_agent_tool_name(tool).to_string(),
-                ToolItemOutcome {
-                    terminal_status,
-                    failure_kind,
-                    execution_duration_ms: None,
-                },
-                context,
-            );
-            Some(TrackEventRequest::CollabAgentToolCall(
-                CodexCollabAgentToolCallEventRequest {
-                    event_type: "codex_collab_agent_tool_call_event",
-                    event_params: CodexCollabAgentToolCallEventParams {
-                        base,
-                        sender_thread_id: sender_thread_id.clone(),
-                        receiver_thread_count: usize_to_u64(receiver_thread_ids.len()),
-                        receiver_thread_ids: Some(receiver_thread_ids.clone()),
-                        requested_model: model.clone(),
-                        requested_reasoning_effort: reasoning_effort
-                            .as_ref()
-                            .and_then(serialize_enum_as_string),
-                        agent_state_count: Some(usize_to_u64(agents_states.len())),
-                        completed_agent_count: Some(usize_to_u64(
-                            agents_states
-                                .values()
-                                .filter(|state| state.status == CollabAgentStatus::Completed)
-                                .count(),
-                        )),
-                        failed_agent_count: Some(usize_to_u64(
-                            agents_states
-                                .values()
-                                .filter(|state| {
-                                    matches!(
-                                        state.status,
-                                        CollabAgentStatus::Errored
-                                            | CollabAgentStatus::Shutdown
-                                            | CollabAgentStatus::NotFound
-                                    )
-                                })
-                                .count(),
-                        )),
-                    },
-                },
-            ))
-        }
-        ThreadItem::WebSearch { id, query, action } => {
-            let base = tool_item_base(
-                thread_id,
-                turn_id,
-                id.clone(),
-                "web_search".to_string(),
-                ToolItemOutcome {
-                    terminal_status: ToolItemTerminalStatus::Completed,
-                    failure_kind: None,
-                    execution_duration_ms: None,
-                },
-                context,
-            );
-            Some(TrackEventRequest::WebSearch(CodexWebSearchEventRequest {
-                event_type: "codex_web_search_event",
-                event_params: CodexWebSearchEventParams {
-                    base,
-                    web_search_action: action.as_ref().map(web_search_action_kind),
-                    query_present: !query.trim().is_empty(),
-                    query_count: web_search_query_count(query, action.as_ref()),
-                },
-            }))
-        }
-        ThreadItem::ImageGeneration {
-            id,
-            status,
-            revised_prompt,
-            saved_path,
-            ..
-        } => {
-            let (terminal_status, failure_kind) = image_generation_outcome(status.as_str());
-            let base = tool_item_base(
-                thread_id,
-                turn_id,
-                id.clone(),
-                "image_generation".to_string(),
-                ToolItemOutcome {
-                    terminal_status,
-                    failure_kind,
-                    execution_duration_ms: None,
-                },
-                context,
-            );
-            Some(TrackEventRequest::ImageGeneration(
-                CodexImageGenerationEventRequest {
-                    event_type: "codex_image_generation_event",
-                    event_params: CodexImageGenerationEventParams {
-                        base,
-                        revised_prompt_present: revised_prompt.is_some(),
-                        saved_path_present: saved_path.is_some(),
-                    },
-                },
-            ))
-        }
-        _ => None,
-    }
-}
-
-struct ToolItemOutcome {
-    terminal_status: ToolItemTerminalStatus,
-    failure_kind: Option<ToolItemFailureKind>,
-    execution_duration_ms: Option<u64>,
-}
-
-#[derive(Default)]
-struct CommandActionCounts {
-    total: u64,
-    read: u64,
-    list_files: u64,
-    search: u64,
-    unknown: u64,
-}
-
-fn command_action_counts(command_actions: &[CommandAction]) -> CommandActionCounts {
-    let mut counts = CommandActionCounts {
-        total: usize_to_u64(command_actions.len()),
-        ..Default::default()
-    };
-    for action in command_actions {
-        match action {
-            CommandAction::Read { .. } => counts.read += 1,
-            CommandAction::ListFiles { .. } => counts.list_files += 1,
-            CommandAction::Search { .. } => counts.search += 1,
-            CommandAction::Unknown { .. } => counts.unknown += 1,
-        }
-    }
-    counts
-}
-
-#[derive(Clone, Copy)]
-struct ToolItemContext<'a> {
-    started_at_ms: u64,
-    completed_at_ms: u64,
-    connection_state: &'a ConnectionState,
-    thread_metadata: &'a ThreadMetadataState,
-}
-
-fn tool_item_base(
-    thread_id: &str,
-    turn_id: &str,
-    item_id: String,
-    tool_name: String,
-    outcome: ToolItemOutcome,
-    context: ToolItemContext<'_>,
-) -> CodexToolItemEventBase {
-    let thread_metadata = context.thread_metadata;
-    CodexToolItemEventBase {
-        thread_id: thread_id.to_string(),
-        turn_id: turn_id.to_string(),
-        item_id,
-        app_server_client: context.connection_state.app_server_client.clone(),
-        runtime: context.connection_state.runtime.clone(),
-        thread_source: thread_metadata.thread_source,
-        subagent_source: thread_metadata.subagent_source.clone(),
-        parent_thread_id: thread_metadata.parent_thread_id.clone(),
-        tool_name,
-        started_at_ms: context.started_at_ms,
-        completed_at_ms: context.completed_at_ms,
-        // duration_ms reflects item lifecycle observed by app-server. For web
-        // search and image generation in particular, that can be narrower than
-        // full upstream execution time.
-        duration_ms: observed_duration_ms(context.started_at_ms, context.completed_at_ms),
-        execution_duration_ms: outcome.execution_duration_ms,
-        review_count: 0,
-        guardian_review_count: 0,
-        user_review_count: 0,
-        final_approval_outcome: ToolItemFinalApprovalOutcome::Unknown,
-        terminal_status: outcome.terminal_status,
-        failure_kind: outcome.failure_kind,
-        requested_additional_permissions: false,
-        requested_network_access: false,
-    }
-}
-
-fn observed_duration_ms(started_at_ms: u64, completed_at_ms: u64) -> Option<u64> {
-    completed_at_ms.checked_sub(started_at_ms)
-}
-
-fn command_execution_tool_name(source: CommandExecutionSource) -> &'static str {
-    match source {
-        CommandExecutionSource::UnifiedExecStartup
-        | CommandExecutionSource::UnifiedExecInteraction => "unified_exec",
-        CommandExecutionSource::UserShell => "user_shell",
-        CommandExecutionSource::Agent => "shell",
-    }
-}
-
-fn command_execution_outcome(
-    status: &CommandExecutionStatus,
-) -> Option<(ToolItemTerminalStatus, Option<ToolItemFailureKind>)> {
-    match status {
-        CommandExecutionStatus::InProgress => None,
-        CommandExecutionStatus::Completed => Some((ToolItemTerminalStatus::Completed, None)),
-        CommandExecutionStatus::Failed => Some((
-            ToolItemTerminalStatus::Failed,
-            Some(ToolItemFailureKind::ToolError),
-        )),
-        CommandExecutionStatus::Declined => Some((
-            ToolItemTerminalStatus::Rejected,
-            Some(ToolItemFailureKind::ApprovalDenied),
-        )),
-    }
-}
-
-fn patch_apply_outcome(
-    status: &PatchApplyStatus,
-) -> Option<(ToolItemTerminalStatus, Option<ToolItemFailureKind>)> {
-    match status {
-        PatchApplyStatus::InProgress => None,
-        PatchApplyStatus::Completed => Some((ToolItemTerminalStatus::Completed, None)),
-        PatchApplyStatus::Failed => Some((
-            ToolItemTerminalStatus::Failed,
-            Some(ToolItemFailureKind::ToolError),
-        )),
-        PatchApplyStatus::Declined => Some((
-            ToolItemTerminalStatus::Rejected,
-            Some(ToolItemFailureKind::ApprovalDenied),
-        )),
-    }
-}
-
-fn mcp_tool_call_outcome(
-    status: &McpToolCallStatus,
-) -> Option<(ToolItemTerminalStatus, Option<ToolItemFailureKind>)> {
-    match status {
-        McpToolCallStatus::InProgress => None,
-        McpToolCallStatus::Completed => Some((ToolItemTerminalStatus::Completed, None)),
-        McpToolCallStatus::Failed => Some((
-            ToolItemTerminalStatus::Failed,
-            Some(ToolItemFailureKind::ToolError),
-        )),
-    }
-}
-
-fn dynamic_tool_call_outcome(
-    status: &DynamicToolCallStatus,
-) -> Option<(ToolItemTerminalStatus, Option<ToolItemFailureKind>)> {
-    match status {
-        DynamicToolCallStatus::InProgress => None,
-        DynamicToolCallStatus::Completed => Some((ToolItemTerminalStatus::Completed, None)),
-        DynamicToolCallStatus::Failed => Some((
-            ToolItemTerminalStatus::Failed,
-            Some(ToolItemFailureKind::ToolError),
-        )),
-    }
-}
-
-fn collab_tool_call_outcome(
-    status: &CollabAgentToolCallStatus,
-) -> Option<(ToolItemTerminalStatus, Option<ToolItemFailureKind>)> {
-    match status {
-        CollabAgentToolCallStatus::InProgress => None,
-        CollabAgentToolCallStatus::Completed => Some((ToolItemTerminalStatus::Completed, None)),
-        CollabAgentToolCallStatus::Failed => Some((
-            ToolItemTerminalStatus::Failed,
-            Some(ToolItemFailureKind::ToolError),
-        )),
-    }
-}
-
-fn image_generation_outcome(status: &str) -> (ToolItemTerminalStatus, Option<ToolItemFailureKind>) {
-    match status {
-        "failed" | "error" => (
-            ToolItemTerminalStatus::Failed,
-            Some(ToolItemFailureKind::ToolError),
-        ),
-        _ => (ToolItemTerminalStatus::Completed, None),
-    }
-}
-
-fn collab_agent_tool_name(tool: &CollabAgentTool) -> &'static str {
-    match tool {
-        CollabAgentTool::SpawnAgent => "spawn_agent",
-        CollabAgentTool::SendInput => "send_input",
-        CollabAgentTool::ResumeAgent => "resume_agent",
-        CollabAgentTool::Wait => "wait_agent",
-        CollabAgentTool::CloseAgent => "close_agent",
-    }
-}
-
-#[derive(Default)]
-struct FileChangeCounts {
-    add: u64,
-    update: u64,
-    delete: u64,
-    move_: u64,
-}
-
-fn file_change_counts(changes: &[codex_app_server_protocol::FileUpdateChange]) -> FileChangeCounts {
-    let mut counts = FileChangeCounts::default();
-    for change in changes {
-        match &change.kind {
-            PatchChangeKind::Add => counts.add += 1,
-            PatchChangeKind::Delete => counts.delete += 1,
-            PatchChangeKind::Update { move_path: Some(_) } => counts.move_ += 1,
-            PatchChangeKind::Update { move_path: None } => counts.update += 1,
-        }
-    }
-    counts
-}
-
-#[derive(Clone, Copy)]
-struct DynamicContentCounts {
-    total: u64,
-    text: u64,
-    image: u64,
-}
-
-fn dynamic_content_counts(items: &[DynamicToolCallOutputContentItem]) -> DynamicContentCounts {
-    let mut text = 0;
-    let mut image = 0;
-    for item in items {
-        match item {
-            DynamicToolCallOutputContentItem::InputText { .. } => text += 1,
-            DynamicToolCallOutputContentItem::InputImage { .. } => image += 1,
-        }
-    }
-    DynamicContentCounts {
-        total: usize_to_u64(items.len()),
-        text,
-        image,
-    }
-}
-
-fn web_search_action_kind(action: &WebSearchAction) -> WebSearchActionKind {
-    match action {
-        WebSearchAction::Search { .. } => WebSearchActionKind::Search,
-        WebSearchAction::OpenPage { .. } => WebSearchActionKind::OpenPage,
-        WebSearchAction::FindInPage { .. } => WebSearchActionKind::FindInPage,
-        WebSearchAction::Other => WebSearchActionKind::Other,
-    }
-}
-
-fn web_search_query_count(query: &str, action: Option<&WebSearchAction>) -> Option<u64> {
-    match action {
-        Some(WebSearchAction::Search { query, queries }) => queries
-            .as_ref()
-            .map(|queries| usize_to_u64(queries.len()))
-            .or_else(|| query.as_ref().map(|_| 1)),
-        Some(WebSearchAction::OpenPage { .. })
-        | Some(WebSearchAction::FindInPage { .. })
-        | Some(WebSearchAction::Other) => None,
-        None => (!query.trim().is_empty()).then_some(1),
-    }
-}
-
-fn accepted_line_event_input(
-    turn_id: &str,
-    turn_state: &TurnState,
-) -> Option<(AcceptedLineFingerprintEventInput, PathBuf)> {
-    let latest_diff = turn_state.latest_diff.as_deref()?;
-    let summary = accepted_line_fingerprints_from_unified_diff(latest_diff);
-    if summary.accepted_added_lines == 0 && summary.accepted_deleted_lines == 0 {
-        return None;
-    }
-
-    let thread_id = turn_state.thread_id.clone()?;
-    let resolved_config = turn_state.resolved_config.clone()?;
-
-    Some((
-        AcceptedLineFingerprintEventInput {
-            event_type: "codex.accepted_line_fingerprints",
-            turn_id: turn_id.to_string(),
-            thread_id,
-            product_surface: Some("codex".to_string()),
-            model_slug: Some(resolved_config.model.clone()),
-            completed_at: now_unix_seconds(),
-            repo_hash: None,
-            accepted_added_lines: summary.accepted_added_lines,
-            accepted_deleted_lines: summary.accepted_deleted_lines,
-            line_fingerprints: summary.line_fingerprints,
-        },
-        resolved_config.permission_profile_cwd,
-    ))
-}
-
 fn codex_turn_event_params(
    app_server_client: CodexAppServerClientMetadata,
    runtime: CodexRuntimeMetadata,
--- a/codex-rs/ansi-escape/Cargo.toml
+++ b/codex-rs/ansi-escape/Cargo.toml
@@ -7,8 +7,6 @@ license.workspace = true
 [lib]
 name = "codex_ansi_escape"
 path = "src/lib.rs"
-test = false
-doctest = false

 [lints]
 workspace = true
--- a/codex-rs/app-server-client/Cargo.toml
+++ b/codex-rs/app-server-client/Cargo.toml
@@ -7,7 +7,6 @@ license.workspace = true
 [lib]
 name = "codex_app_server_client"
 path = "src/lib.rs"
-doctest = false

 [lints]
 workspace = true
--- a/codex-rs/app-server-client/src/lib.rs
+++ b/codex-rs/app-server-client/src/lib.rs
@@ -29,7 +29,6 @@ pub use codex_app_server::in_process::DEFAULT_IN_PROCESS_CHANNEL_CAPACITY;
 pub use codex_app_server::in_process::InProcessServerEvent;
 use codex_app_server::in_process::InProcessStartArgs;
 use codex_app_server::in_process::LogDbLayer;
-pub use codex_app_server::in_process::StateDbHandle;
 use codex_app_server_protocol::ClientInfo;
 use codex_app_server_protocol::ClientNotification;
 use codex_app_server_protocol::ClientRequest;
@@ -47,8 +46,10 @@ use codex_config::LoaderOverrides;
 use codex_config::NoopThreadConfigLoader;
 use codex_config::RemoteThreadConfigLoader;
 use codex_config::ThreadConfigLoader;
+pub use codex_core::StateDbHandle;
 use codex_core::config::Config;
 pub use codex_exec_server::EnvironmentManager;
+pub use codex_exec_server::EnvironmentManagerArgs;
 pub use codex_exec_server::ExecServerRuntimePaths;
 use codex_feedback::CodexFeedback;
 use codex_protocol::protocol::SessionSource;
@@ -374,7 +375,6 @@ impl InProcessClientStartArgs {
    pub fn initialize_params(&self) -> InitializeParams {
        let capabilities = InitializeCapabilities {
            experimental_api: self.experimental_api,
-            request_attestation: false,
            opt_out_notification_methods: if self.opt_out_notification_methods.is_empty() {
                None
            } else {
@@ -951,7 +951,7 @@ mod tests {
    use codex_app_server_protocol::ToolRequestUserInputParams;
    use codex_app_server_protocol::ToolRequestUserInputQuestion;
    use codex_core::config::ConfigBuilder;
-    use codex_core::init_state_db;
+    use codex_core::init_state_db_from_config;
    use futures::SinkExt;
    use futures::StreamExt;
    use pretty_assertions::assert_eq;
@@ -1017,7 +1017,7 @@ mod tests {
    ) -> TestClient {
        let codex_home = TempDir::new().expect("temp dir");
        let config = Arc::new(build_test_config_for_codex_home(codex_home.path()).await);
-        let state_db = init_state_db(config.as_ref())
+        let state_db = init_state_db_from_config(config.as_ref())
            .await
            .expect("state db should initialize for in-process test");
        let client = InProcessAppServerClient::start(InProcessClientStartArgs {
--- a/codex-rs/app-server-client/src/remote.rs
+++ b/codex-rs/app-server-client/src/remote.rs
@@ -73,7 +73,6 @@ impl RemoteAppServerConnectArgs {
    fn initialize_params(&self) -> InitializeParams {
        let capabilities = InitializeCapabilities {
            experimental_api: self.experimental_api,
-            request_attestation: false,
            opt_out_notification_methods: if self.opt_out_notification_methods.is_empty() {
                None
            } else {
--- a/codex-rs/app-server-protocol/Cargo.toml
+++ b/codex-rs/app-server-protocol/Cargo.toml
@@ -7,7 +7,6 @@ license.workspace = true
 [lib]
 name = "codex_app_server_protocol"
 path = "src/lib.rs"
-doctest = false

 [lints]
 workspace = true
--- a/codex-rs/app-server-protocol/schema/json/AttestationGenerateParams.json
+++ b/codex-rs/app-server-protocol/schema/json/AttestationGenerateParams.json
@@ -1,5 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "title": "AttestationGenerateParams",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/ClientRequest.json
+++ b/codex-rs/app-server-protocol/schema/json/ClientRequest.json
@@ -533,6 +533,200 @@
        }
      ]
    },
+    "DeviceKeyCreateParams": {
+      "description": "Create a controller-local device key with a random key id.",
+      "properties": {
+        "accountUserId": {
+          "type": "string"
+        },
+        "clientId": {
+          "type": "string"
+        },
+        "protectionPolicy": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/DeviceKeyProtectionPolicy"
+            },
+            {
+              "type": "null"
+            }
+          ],
+          "description": "Defaults to `hardware_only` when omitted."
+        }
+      },
+      "required": [
+        "accountUserId",
+        "clientId"
+      ],
+      "type": "object"
+    },
+    "DeviceKeyProtectionPolicy": {
+      "description": "Protection policy for creating or loading a controller-local device key.",
+      "enum": [
+        "hardware_only",
+        "allow_os_protected_nonextractable"
+      ],
+      "type": "string"
+    },
+    "DeviceKeyPublicParams": {
+      "description": "Fetch a controller-local device key public key by id.",
+      "properties": {
+        "keyId": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "keyId"
+      ],
+      "type": "object"
+    },
+    "DeviceKeySignParams": {
+      "description": "Sign an accepted structured payload with a controller-local device key.",
+      "properties": {
+        "keyId": {
+          "type": "string"
+        },
+        "payload": {
+          "$ref": "#/definitions/DeviceKeySignPayload"
+        }
+      },
+      "required": [
+        "keyId",
+        "payload"
+      ],
+      "type": "object"
+    },
+    "DeviceKeySignPayload": {
+      "description": "Structured payloads accepted by `device/key/sign`.",
+      "oneOf": [
+        {
+          "description": "Payload bound to one remote-control controller websocket `/client` connection challenge.",
+          "properties": {
+            "accountUserId": {
+              "type": "string"
+            },
+            "audience": {
+              "$ref": "#/definitions/RemoteControlClientConnectionAudience"
+            },
+            "clientId": {
+              "type": "string"
+            },
+            "nonce": {
+              "type": "string"
+            },
+            "scopes": {
+              "description": "Must contain exactly `remote_control_controller_websocket`.",
+              "items": {
+                "type": "string"
+              },
+              "type": "array"
+            },
+            "sessionId": {
+              "description": "Backend-issued websocket session id that this proof authorizes.",
+              "type": "string"
+            },
+            "targetOrigin": {
+              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
+              "type": "string"
+            },
+            "targetPath": {
+              "description": "Websocket route path that this proof authorizes.",
+              "type": "string"
+            },
+            "tokenExpiresAt": {
+              "description": "Remote-control token expiration as Unix seconds.",
+              "format": "int64",
+              "type": "integer"
+            },
+            "tokenSha256Base64url": {
+              "description": "SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.",
+              "type": "string"
+            },
+            "type": {
+              "enum": [
+                "remoteControlClientConnection"
+              ],
+              "title": "RemoteControlClientConnectionDeviceKeySignPayloadType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "accountUserId",
+            "audience",
+            "clientId",
+            "nonce",
+            "scopes",
+            "sessionId",
+            "targetOrigin",
+            "targetPath",
+            "tokenExpiresAt",
+            "tokenSha256Base64url",
+            "type"
+          ],
+          "title": "RemoteControlClientConnectionDeviceKeySignPayload",
+          "type": "object"
+        },
+        {
+          "description": "Payload bound to a remote-control client `/client/enroll` ownership challenge.",
+          "properties": {
+            "accountUserId": {
+              "type": "string"
+            },
+            "audience": {
+              "$ref": "#/definitions/RemoteControlClientEnrollmentAudience"
+            },
+            "challengeExpiresAt": {
+              "description": "Enrollment challenge expiration as Unix seconds.",
+              "format": "int64",
+              "type": "integer"
+            },
+            "challengeId": {
+              "description": "Backend-issued enrollment challenge id that this proof authorizes.",
+              "type": "string"
+            },
+            "clientId": {
+              "type": "string"
+            },
+            "deviceIdentitySha256Base64url": {
+              "description": "SHA-256 of the requested device identity operation, encoded as unpadded base64url.",
+              "type": "string"
+            },
+            "nonce": {
+              "type": "string"
+            },
+            "targetOrigin": {
+              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
+              "type": "string"
+            },
+            "targetPath": {
+              "description": "HTTP route path that this proof authorizes.",
+              "type": "string"
+            },
+            "type": {
+              "enum": [
+                "remoteControlClientEnrollment"
+              ],
+              "title": "RemoteControlClientEnrollmentDeviceKeySignPayloadType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "accountUserId",
+            "audience",
+            "challengeExpiresAt",
+            "challengeId",
+            "clientId",
+            "deviceIdentitySha256Base64url",
+            "nonce",
+            "targetOrigin",
+            "targetPath",
+            "type"
+          ],
+          "title": "RemoteControlClientEnrollmentDeviceKeySignPayload",
+          "type": "object"
+        }
+      ]
+    },
    "DynamicToolSpec": {
      "properties": {
        "deferLoading": {
@@ -1259,11 +1453,6 @@
            "array",
            "null"
          ]
-        },
-        "requestAttestation": {
-          "default": false,
-          "description": "Opt into `attestation/generate` requests for upstream `x-oai-attestation`.",
-          "type": "boolean"
        }
      },
      "type": "object"
@@ -1955,14 +2144,6 @@
      ],
      "type": "object"
    },
-    "PluginListMarketplaceKind": {
-      "enum": [
-        "local",
-        "workspace-directory",
-        "shared-with-me"
-      ],
-      "type": "string"
-    },
    "PluginListParams": {
      "properties": {
        "cwds": {
@@ -1974,16 +2155,6 @@
            "array",
            "null"
          ]
-        },
-        "marketplaceKinds": {
-          "description": "Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus the default remote catalog when enabled by feature flag.",
-          "items": {
-            "$ref": "#/definitions/PluginListMarketplaceKind"
-          },
-          "type": [
-            "array",
-            "null"
-          ]
        }
      },
      "type": "object"
@@ -2096,18 +2267,8 @@
      ],
      "type": "object"
    },
-    "PluginShareUpdateDiscoverability": {
-      "enum": [
-        "UNLISTED",
-        "PRIVATE"
-      ],
-      "type": "string"
-    },
    "PluginShareUpdateTargetsParams": {
      "properties": {
-        "discoverability": {
-          "$ref": "#/definitions/PluginShareUpdateDiscoverability"
-        },
        "remotePluginId": {
          "type": "string"
        },
@@ -2119,7 +2280,6 @@
        }
      },
      "required": [
-        "discoverability",
        "remotePluginId",
        "shareTargets"
      ],
@@ -2326,6 +2486,20 @@
        }
      ]
    },
+    "RemoteControlClientConnectionAudience": {
+      "description": "Audience for a remote-control client connection device-key proof.",
+      "enum": [
+        "remote_control_client_websocket"
+      ],
+      "type": "string"
+    },
+    "RemoteControlClientEnrollmentAudience": {
+      "description": "Audience for a remote-control client enrollment device-key proof.",
+      "enum": [
+        "remote_control_client_enrollment"
+      ],
+      "type": "string"
+    },
    "RequestId": {
      "anyOf": [
        {
@@ -3228,6 +3402,24 @@
      ],
      "type": "object"
    },
+    "SkillsListExtraRootsForCwd": {
+      "properties": {
+        "cwd": {
+          "type": "string"
+        },
+        "extraUserRoots": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "required": [
+        "cwd",
+        "extraUserRoots"
+      ],
+      "type": "object"
+    },
    "SkillsListParams": {
      "properties": {
        "cwds": {
@@ -3240,6 +3432,17 @@
        "forceReload": {
          "description": "When true, bypass the skills cache and re-scan skills from disk.",
          "type": "boolean"
+        },
+        "perCwdExtraUserRoots": {
+          "default": null,
+          "description": "Optional per-cwd extra roots to scan as user-scoped skills.",
+          "items": {
+            "$ref": "#/definitions/SkillsListExtraRootsForCwd"
+          },
+          "type": [
+            "array",
+            "null"
+          ]
        }
      },
      "type": "object"
@@ -4083,31 +4286,6 @@
      ],
      "type": "object"
    },
-    "TurnItemsView": {
-      "oneOf": [
-        {
-          "description": "`items` was not loaded for this turn. The field is intentionally empty.",
-          "enum": [
-            "notLoaded"
-          ],
-          "type": "string"
-        },
-        {
-          "description": "`items` contains only a display summary for this turn.",
-          "enum": [
-            "summary"
-          ],
-          "type": "string"
-        },
-        {
-          "description": "`items` contains every ThreadItem available from persisted app-server history for this turn.",
-          "enum": [
-            "full"
-          ],
-          "type": "string"
-        }
-      ]
-    },
    "TurnStartParams": {
      "properties": {
        "approvalPolicy": {
@@ -5112,6 +5290,78 @@
      "title": "App/listRequest",
      "type": "object"
    },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "device/key/create"
+          ],
+          "title": "Device/key/createRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/DeviceKeyCreateParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Device/key/createRequest",
+      "type": "object"
+    },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "device/key/public"
+          ],
+          "title": "Device/key/publicRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/DeviceKeyPublicParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Device/key/publicRequest",
+      "type": "object"
+    },
+    {
+      "properties": {
+        "id": {
+          "$ref": "#/definitions/RequestId"
+        },
+        "method": {
+          "enum": [
+            "device/key/sign"
+          ],
+          "title": "Device/key/signRequestMethod",
+          "type": "string"
+        },
+        "params": {
+          "$ref": "#/definitions/DeviceKeySignParams"
+        }
+      },
+      "required": [
+        "id",
+        "method",
+        "params"
+      ],
+      "title": "Device/key/signRequest",
+      "type": "object"
+    },
    {
      "properties": {
        "id": {
--- a/codex-rs/app-server-protocol/schema/json/CommandExecutionRequestApprovalParams.json
+++ b/codex-rs/app-server-protocol/schema/json/CommandExecutionRequestApprovalParams.json
@@ -593,11 +593,6 @@
        "null"
      ]
    },
-    "startedAtMs": {
-      "description": "Unix timestamp (in milliseconds) when this approval request started.",
-      "format": "int64",
-      "type": "integer"
-    },
    "threadId": {
      "type": "string"
    },
@@ -607,7 +602,6 @@
  },
  "required": [
    "itemId",
-    "startedAtMs",
    "threadId",
    "turnId"
  ],
--- a/codex-rs/app-server-protocol/schema/json/FileChangeRequestApprovalParams.json
+++ b/codex-rs/app-server-protocol/schema/json/FileChangeRequestApprovalParams.json
@@ -18,11 +18,6 @@
        "null"
      ]
    },
-    "startedAtMs": {
-      "description": "Unix timestamp (in milliseconds) when this approval request started.",
-      "format": "int64",
-      "type": "integer"
-    },
    "threadId": {
      "type": "string"
    },
@@ -32,7 +27,6 @@
  },
  "required": [
    "itemId",
-    "startedAtMs",
    "threadId",
    "turnId"
  ],
--- a/codex-rs/app-server-protocol/schema/json/PermissionsRequestApprovalParams.json
+++ b/codex-rs/app-server-protocol/schema/json/PermissionsRequestApprovalParams.json
@@ -297,11 +297,6 @@
        "null"
      ]
    },
-    "startedAtMs": {
-      "description": "Unix timestamp (in milliseconds) when this approval request started.",
-      "format": "int64",
-      "type": "integer"
-    },
    "threadId": {
      "type": "string"
    },
@@ -313,7 +308,6 @@
    "cwd",
    "itemId",
    "permissions",
-    "startedAtMs",
    "threadId",
    "turnId"
  ],
--- a/codex-rs/app-server-protocol/schema/json/ServerNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/ServerNotification.json
@@ -1736,8 +1736,6 @@
        "preToolUse",
        "permissionRequest",
        "postToolUse",
-        "preCompact",
-        "postCompact",
        "sessionStart",
        "userPromptSubmit",
        "stop"
@@ -1963,11 +1961,6 @@
        "action": {
          "$ref": "#/definitions/GuardianApprovalReviewAction"
        },
-        "completedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this review completed.",
-          "format": "int64",
-          "type": "integer"
-        },
        "decisionSource": {
          "$ref": "#/definitions/AutoReviewDecisionSource"
        },
@@ -1978,11 +1971,6 @@
          "description": "Stable identifier for this review.",
          "type": "string"
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this review started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "targetItemId": {
          "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
          "type": [
@@ -1999,11 +1987,9 @@
      },
      "required": [
        "action",
-        "completedAtMs",
        "decisionSource",
        "review",
        "reviewId",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -2022,11 +2008,6 @@
          "description": "Stable identifier for this review.",
          "type": "string"
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this review started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "targetItemId": {
          "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
          "type": [
@@ -2045,7 +2026,6 @@
        "action",
        "review",
        "reviewId",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -2737,7 +2717,7 @@
      "type": "string"
    },
    "RemoteControlStatusChangedNotification": {
-      "description": "Current remote-control connection status and remote identity exposed to clients.",
+      "description": "Current remote-control connection status and environment id exposed to clients.",
      "properties": {
        "environmentId": {
          "type": [
@@ -2745,15 +2725,11 @@
            "null"
          ]
        },
-        "installationId": {
-          "type": "string"
-        },
        "status": {
          "$ref": "#/definitions/RemoteControlConnectionStatus"
        }
      },
      "required": [
-        "installationId",
        "status"
      ],
      "type": "object"
--- a/codex-rs/app-server-protocol/schema/json/ServerRequest.json
+++ b/codex-rs/app-server-protocol/schema/json/ServerRequest.json
@@ -121,9 +121,6 @@
      ],
      "type": "object"
    },
-    "AttestationGenerateParams": {
-      "type": "object"
-    },
    "ChatgptAuthTokensRefreshParams": {
      "properties": {
        "previousAccountId": {
@@ -420,11 +417,6 @@
            "null"
          ]
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this approval request started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "threadId": {
          "type": "string"
        },
@@ -434,7 +426,6 @@
      },
      "required": [
        "itemId",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -607,11 +598,6 @@
            "null"
          ]
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this approval request started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "threadId": {
          "type": "string"
        },
@@ -621,7 +607,6 @@
      },
      "required": [
        "itemId",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -1602,11 +1587,6 @@
            "null"
          ]
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this approval request started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "threadId": {
          "type": "string"
        },
@@ -1618,7 +1598,6 @@
        "cwd",
        "itemId",
        "permissions",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -1921,31 +1900,6 @@
      "title": "Account/chatgptAuthTokens/refreshRequest",
      "type": "object"
    },
-    {
-      "description": "Generate a fresh upstream attestation result on demand.",
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "attestation/generate"
-          ],
-          "title": "Attestation/generateRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/AttestationGenerateParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Attestation/generateRequest",
-      "type": "object"
-    },
    {
      "description": "DEPRECATED APIs below Request to approve a patch. This request is used for Turns started via the legacy APIs (i.e. SendUserTurn, SendUserMessage).",
      "properties": {
--- a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json
+++ b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json
@@ -83,25 +83,6 @@
      "title": "ApplyPatchApprovalResponse",
      "type": "object"
    },
-    "AttestationGenerateParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "title": "AttestationGenerateParams",
-      "type": "object"
-    },
-    "AttestationGenerateResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "properties": {
-        "token": {
-          "description": "Opaque client attestation token.",
-          "type": "string"
-        }
-      },
-      "required": [
-        "token"
-      ],
-      "title": "AttestationGenerateResponse",
-      "type": "object"
-    },
    "ChatgptAuthTokensRefreshParams": {
      "$schema": "http://json-schema.org/draft-07/schema#",
      "properties": {
@@ -925,6 +906,78 @@
          "title": "App/listRequest",
          "type": "object"
        },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/v2/RequestId"
+            },
+            "method": {
+              "enum": [
+                "device/key/create"
+              ],
+              "title": "Device/key/createRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/v2/DeviceKeyCreateParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Device/key/createRequest",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/v2/RequestId"
+            },
+            "method": {
+              "enum": [
+                "device/key/public"
+              ],
+              "title": "Device/key/publicRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/v2/DeviceKeyPublicParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Device/key/publicRequest",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/v2/RequestId"
+            },
+            "method": {
+              "enum": [
+                "device/key/sign"
+              ],
+              "title": "Device/key/signRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/v2/DeviceKeySignParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Device/key/signRequest",
+          "type": "object"
+        },
        {
          "properties": {
            "id": {
@@ -2165,11 +2218,6 @@
            "null"
          ]
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this approval request started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "threadId": {
          "type": "string"
        },
@@ -2179,7 +2227,6 @@
      },
      "required": [
        "itemId",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -2436,11 +2483,6 @@
            "null"
          ]
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this approval request started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "threadId": {
          "type": "string"
        },
@@ -2450,7 +2492,6 @@
      },
      "required": [
        "itemId",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -2639,11 +2680,6 @@
            "array",
            "null"
          ]
-        },
-        "requestAttestation": {
-          "default": false,
-          "description": "Opt into `attestation/generate` requests for upstream `x-oai-attestation`.",
-          "type": "boolean"
        }
      },
      "type": "object"
@@ -3627,11 +3663,6 @@
            "null"
          ]
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this approval request started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "threadId": {
          "type": "string"
        },
@@ -3643,7 +3674,6 @@
        "cwd",
        "itemId",
        "permissions",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -5231,31 +5261,6 @@
          "title": "Account/chatgptAuthTokens/refreshRequest",
          "type": "object"
        },
-        {
-          "description": "Generate a fresh upstream attestation result on demand.",
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "attestation/generate"
-              ],
-              "title": "Attestation/generateRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/AttestationGenerateParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Attestation/generateRequest",
-          "type": "object"
-        },
        {
          "description": "DEPRECATED APIs below Request to approve a patch. This request is used for Turns started via the legacy APIs (i.e. SendUserTurn, SendUserMessage).",
          "properties": {
@@ -7942,6 +7947,300 @@
        "title": "DeprecationNoticeNotification",
        "type": "object"
      },
+      "DeviceKeyAlgorithm": {
+        "description": "Device-key algorithm reported at enrollment and signing boundaries.",
+        "enum": [
+          "ecdsa_p256_sha256"
+        ],
+        "type": "string"
+      },
+      "DeviceKeyCreateParams": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "description": "Create a controller-local device key with a random key id.",
+        "properties": {
+          "accountUserId": {
+            "type": "string"
+          },
+          "clientId": {
+            "type": "string"
+          },
+          "protectionPolicy": {
+            "anyOf": [
+              {
+                "$ref": "#/definitions/v2/DeviceKeyProtectionPolicy"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "description": "Defaults to `hardware_only` when omitted."
+          }
+        },
+        "required": [
+          "accountUserId",
+          "clientId"
+        ],
+        "title": "DeviceKeyCreateParams",
+        "type": "object"
+      },
+      "DeviceKeyCreateResponse": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "description": "Device-key metadata and public key returned by create/public APIs.",
+        "properties": {
+          "algorithm": {
+            "$ref": "#/definitions/v2/DeviceKeyAlgorithm"
+          },
+          "keyId": {
+            "type": "string"
+          },
+          "protectionClass": {
+            "$ref": "#/definitions/v2/DeviceKeyProtectionClass"
+          },
+          "publicKeySpkiDerBase64": {
+            "description": "SubjectPublicKeyInfo DER encoded as base64.",
+            "type": "string"
+          }
+        },
+        "required": [
+          "algorithm",
+          "keyId",
+          "protectionClass",
+          "publicKeySpkiDerBase64"
+        ],
+        "title": "DeviceKeyCreateResponse",
+        "type": "object"
+      },
+      "DeviceKeyProtectionClass": {
+        "description": "Platform protection class for a controller-local device key.",
+        "enum": [
+          "hardware_secure_enclave",
+          "hardware_tpm",
+          "os_protected_nonextractable"
+        ],
+        "type": "string"
+      },
+      "DeviceKeyProtectionPolicy": {
+        "description": "Protection policy for creating or loading a controller-local device key.",
+        "enum": [
+          "hardware_only",
+          "allow_os_protected_nonextractable"
+        ],
+        "type": "string"
+      },
+      "DeviceKeyPublicParams": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "description": "Fetch a controller-local device key public key by id.",
+        "properties": {
+          "keyId": {
+            "type": "string"
+          }
+        },
+        "required": [
+          "keyId"
+        ],
+        "title": "DeviceKeyPublicParams",
+        "type": "object"
+      },
+      "DeviceKeyPublicResponse": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "description": "Device-key public metadata returned by `device/key/public`.",
+        "properties": {
+          "algorithm": {
+            "$ref": "#/definitions/v2/DeviceKeyAlgorithm"
+          },
+          "keyId": {
+            "type": "string"
+          },
+          "protectionClass": {
+            "$ref": "#/definitions/v2/DeviceKeyProtectionClass"
+          },
+          "publicKeySpkiDerBase64": {
+            "description": "SubjectPublicKeyInfo DER encoded as base64.",
+            "type": "string"
+          }
+        },
+        "required": [
+          "algorithm",
+          "keyId",
+          "protectionClass",
+          "publicKeySpkiDerBase64"
+        ],
+        "title": "DeviceKeyPublicResponse",
+        "type": "object"
+      },
+      "DeviceKeySignParams": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "description": "Sign an accepted structured payload with a controller-local device key.",
+        "properties": {
+          "keyId": {
+            "type": "string"
+          },
+          "payload": {
+            "$ref": "#/definitions/v2/DeviceKeySignPayload"
+          }
+        },
+        "required": [
+          "keyId",
+          "payload"
+        ],
+        "title": "DeviceKeySignParams",
+        "type": "object"
+      },
+      "DeviceKeySignPayload": {
+        "description": "Structured payloads accepted by `device/key/sign`.",
+        "oneOf": [
+          {
+            "description": "Payload bound to one remote-control controller websocket `/client` connection challenge.",
+            "properties": {
+              "accountUserId": {
+                "type": "string"
+              },
+              "audience": {
+                "$ref": "#/definitions/v2/RemoteControlClientConnectionAudience"
+              },
+              "clientId": {
+                "type": "string"
+              },
+              "nonce": {
+                "type": "string"
+              },
+              "scopes": {
+                "description": "Must contain exactly `remote_control_controller_websocket`.",
+                "items": {
+                  "type": "string"
+                },
+                "type": "array"
+              },
+              "sessionId": {
+                "description": "Backend-issued websocket session id that this proof authorizes.",
+                "type": "string"
+              },
+              "targetOrigin": {
+                "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
+                "type": "string"
+              },
+              "targetPath": {
+                "description": "Websocket route path that this proof authorizes.",
+                "type": "string"
+              },
+              "tokenExpiresAt": {
+                "description": "Remote-control token expiration as Unix seconds.",
+                "format": "int64",
+                "type": "integer"
+              },
+              "tokenSha256Base64url": {
+                "description": "SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.",
+                "type": "string"
+              },
+              "type": {
+                "enum": [
+                  "remoteControlClientConnection"
+                ],
+                "title": "RemoteControlClientConnectionDeviceKeySignPayloadType",
+                "type": "string"
+              }
+            },
+            "required": [
+              "accountUserId",
+              "audience",
+              "clientId",
+              "nonce",
+              "scopes",
+              "sessionId",
+              "targetOrigin",
+              "targetPath",
+              "tokenExpiresAt",
+              "tokenSha256Base64url",
+              "type"
+            ],
+            "title": "RemoteControlClientConnectionDeviceKeySignPayload",
+            "type": "object"
+          },
+          {
+            "description": "Payload bound to a remote-control client `/client/enroll` ownership challenge.",
+            "properties": {
+              "accountUserId": {
+                "type": "string"
+              },
+              "audience": {
+                "$ref": "#/definitions/v2/RemoteControlClientEnrollmentAudience"
+              },
+              "challengeExpiresAt": {
+                "description": "Enrollment challenge expiration as Unix seconds.",
+                "format": "int64",
+                "type": "integer"
+              },
+              "challengeId": {
+                "description": "Backend-issued enrollment challenge id that this proof authorizes.",
+                "type": "string"
+              },
+              "clientId": {
+                "type": "string"
+              },
+              "deviceIdentitySha256Base64url": {
+                "description": "SHA-256 of the requested device identity operation, encoded as unpadded base64url.",
+                "type": "string"
+              },
+              "nonce": {
+                "type": "string"
+              },
+              "targetOrigin": {
+                "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
+                "type": "string"
+              },
+              "targetPath": {
+                "description": "HTTP route path that this proof authorizes.",
+                "type": "string"
+              },
+              "type": {
+                "enum": [
+                  "remoteControlClientEnrollment"
+                ],
+                "title": "RemoteControlClientEnrollmentDeviceKeySignPayloadType",
+                "type": "string"
+              }
+            },
+            "required": [
+              "accountUserId",
+              "audience",
+              "challengeExpiresAt",
+              "challengeId",
+              "clientId",
+              "deviceIdentitySha256Base64url",
+              "nonce",
+              "targetOrigin",
+              "targetPath",
+              "type"
+            ],
+            "title": "RemoteControlClientEnrollmentDeviceKeySignPayload",
+            "type": "object"
+          }
+        ]
+      },
+      "DeviceKeySignResponse": {
+        "$schema": "http://json-schema.org/draft-07/schema#",
+        "description": "ASN.1 DER signature returned by `device/key/sign`.",
+        "properties": {
+          "algorithm": {
+            "$ref": "#/definitions/v2/DeviceKeyAlgorithm"
+          },
+          "signatureDerBase64": {
+            "description": "ECDSA signature DER encoded as base64.",
+            "type": "string"
+          },
+          "signedPayloadBase64": {
+            "description": "Exact bytes signed by the device key, encoded as base64. Verifiers must verify this byte string directly and must not reserialize `payload`.",
+            "type": "string"
+          }
+        },
+        "required": [
+          "algorithm",
+          "signatureDerBase64",
+          "signedPayloadBase64"
+        ],
+        "title": "DeviceKeySignResponse",
+        "type": "object"
+      },
      "DynamicToolCallOutputContentItem": {
        "oneOf": [
          {
@@ -9525,8 +9824,6 @@
          "preToolUse",
          "permissionRequest",
          "postToolUse",
-          "preCompact",
-          "postCompact",
          "sessionStart",
          "userPromptSubmit",
          "stop"
@@ -9945,11 +10242,6 @@
          "action": {
            "$ref": "#/definitions/v2/GuardianApprovalReviewAction"
          },
-          "completedAtMs": {
-            "description": "Unix timestamp (in milliseconds) when this review completed.",
-            "format": "int64",
-            "type": "integer"
-          },
          "decisionSource": {
            "$ref": "#/definitions/v2/AutoReviewDecisionSource"
          },
@@ -9960,11 +10252,6 @@
            "description": "Stable identifier for this review.",
            "type": "string"
          },
-          "startedAtMs": {
-            "description": "Unix timestamp (in milliseconds) when this review started.",
-            "format": "int64",
-            "type": "integer"
-          },
          "targetItemId": {
            "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
            "type": [
@@ -9981,11 +10268,9 @@
        },
        "required": [
          "action",
-          "completedAtMs",
          "decisionSource",
          "review",
          "reviewId",
-          "startedAtMs",
          "threadId",
          "turnId"
        ],
@@ -10006,11 +10291,6 @@
            "description": "Stable identifier for this review.",
            "type": "string"
          },
-          "startedAtMs": {
-            "description": "Unix timestamp (in milliseconds) when this review started.",
-            "format": "int64",
-            "type": "integer"
-          },
          "targetItemId": {
            "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
            "type": [
@@ -10029,7 +10309,6 @@
          "action",
          "review",
          "reviewId",
-          "startedAtMs",
          "threadId",
          "turnId"
        ],
@@ -10385,24 +10664,12 @@
            },
            "type": "array"
          },
-          "PostCompact": {
-            "items": {
-              "$ref": "#/definitions/v2/ConfiguredHookMatcherGroup"
-            },
-            "type": "array"
-          },
          "PostToolUse": {
            "items": {
              "$ref": "#/definitions/v2/ConfiguredHookMatcherGroup"
            },
            "type": "array"
          },
-          "PreCompact": {
-            "items": {
-              "$ref": "#/definitions/v2/ConfiguredHookMatcherGroup"
-            },
-            "type": "array"
-          },
          "PreToolUse": {
            "items": {
              "$ref": "#/definitions/v2/ConfiguredHookMatcherGroup"
@@ -10442,9 +10709,7 @@
        },
        "required": [
          "PermissionRequest",
-          "PostCompact",
          "PostToolUse",
-          "PreCompact",
          "PreToolUse",
          "SessionStart",
          "Stop",
@@ -11863,12 +12128,6 @@
              "null"
            ]
          },
-          "hooks": {
-            "items": {
-              "$ref": "#/definitions/v2/PluginHookSummary"
-            },
-            "type": "array"
-          },
          "marketplaceName": {
            "type": "string"
          },
@@ -11900,7 +12159,6 @@
        },
        "required": [
          "apps",
-          "hooks",
          "marketplaceName",
          "mcpServers",
          "skills",
@@ -11908,21 +12166,6 @@
        ],
        "type": "object"
      },
-      "PluginHookSummary": {
-        "properties": {
-          "eventName": {
-            "$ref": "#/definitions/v2/HookEventName"
-          },
-          "key": {
-            "type": "string"
-          }
-        },
-        "required": [
-          "eventName",
-          "key"
-        ],
-        "type": "object"
-      },
      "PluginInstallParams": {
        "$schema": "http://json-schema.org/draft-07/schema#",
        "properties": {
@@ -12110,14 +12353,6 @@
        ],
        "type": "object"
      },
-      "PluginListMarketplaceKind": {
-        "enum": [
-          "local",
-          "workspace-directory",
-          "shared-with-me"
-        ],
-        "type": "string"
-      },
      "PluginListParams": {
        "$schema": "http://json-schema.org/draft-07/schema#",
        "properties": {
@@ -12130,16 +12365,6 @@
              "array",
              "null"
            ]
-          },
-          "marketplaceKinds": {
-            "description": "Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus the default remote catalog when enabled by feature flag.",
-            "items": {
-              "$ref": "#/definitions/v2/PluginListMarketplaceKind"
-            },
-            "type": [
-              "array",
-              "null"
-            ]
          }
        },
        "title": "PluginListParams",
@@ -12256,44 +12481,6 @@
        "title": "PluginReadResponse",
        "type": "object"
      },
-      "PluginShareContext": {
-        "properties": {
-          "creatorAccountUserId": {
-            "type": [
-              "string",
-              "null"
-            ]
-          },
-          "creatorName": {
-            "type": [
-              "string",
-              "null"
-            ]
-          },
-          "remotePluginId": {
-            "type": "string"
-          },
-          "shareTargets": {
-            "items": {
-              "$ref": "#/definitions/v2/PluginSharePrincipal"
-            },
-            "type": [
-              "array",
-              "null"
-            ]
-          },
-          "shareUrl": {
-            "type": [
-              "string",
-              "null"
-            ]
-          }
-        },
-        "required": [
-          "remotePluginId"
-        ],
-        "type": "object"
-      },
      "PluginShareDeleteParams": {
        "$schema": "http://json-schema.org/draft-07/schema#",
        "properties": {
@@ -12463,19 +12650,9 @@
        ],
        "type": "object"
      },
-      "PluginShareUpdateDiscoverability": {
-        "enum": [
-          "UNLISTED",
-          "PRIVATE"
-        ],
-        "type": "string"
-      },
      "PluginShareUpdateTargetsParams": {
        "$schema": "http://json-schema.org/draft-07/schema#",
        "properties": {
-          "discoverability": {
-            "$ref": "#/definitions/v2/PluginShareUpdateDiscoverability"
-          },
          "remotePluginId": {
            "type": "string"
          },
@@ -12487,7 +12664,6 @@
          }
        },
        "required": [
-          "discoverability",
          "remotePluginId",
          "shareTargets"
        ],
@@ -12497,9 +12673,6 @@
      "PluginShareUpdateTargetsResponse": {
        "$schema": "http://json-schema.org/draft-07/schema#",
        "properties": {
-          "discoverability": {
-            "$ref": "#/definitions/v2/PluginShareDiscoverability"
-          },
          "principals": {
            "items": {
              "$ref": "#/definitions/v2/PluginSharePrincipal"
@@ -12508,7 +12681,6 @@
          }
        },
        "required": [
-          "discoverability",
          "principals"
        ],
        "title": "PluginShareUpdateTargetsResponse",
@@ -12673,17 +12845,6 @@
          "name": {
            "type": "string"
          },
-          "shareContext": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/PluginShareContext"
-              },
-              {
-                "type": "null"
-              }
-            ],
-            "description": "Remote sharing context associated with this plugin when available."
-          },
          "source": {
            "$ref": "#/definitions/v2/PluginSource"
          }
@@ -13344,6 +13505,20 @@
        "title": "ReasoningTextDeltaNotification",
        "type": "object"
      },
+      "RemoteControlClientConnectionAudience": {
+        "description": "Audience for a remote-control client connection device-key proof.",
+        "enum": [
+          "remote_control_client_websocket"
+        ],
+        "type": "string"
+      },
+      "RemoteControlClientEnrollmentAudience": {
+        "description": "Audience for a remote-control client enrollment device-key proof.",
+        "enum": [
+          "remote_control_client_enrollment"
+        ],
+        "type": "string"
+      },
      "RemoteControlConnectionStatus": {
        "enum": [
          "disabled",
@@ -13355,7 +13530,7 @@
      },
      "RemoteControlStatusChangedNotification": {
        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Current remote-control connection status and remote identity exposed to clients.",
+        "description": "Current remote-control connection status and environment id exposed to clients.",
        "properties": {
          "environmentId": {
            "type": [
@@ -13363,15 +13538,11 @@
              "null"
            ]
          },
-          "installationId": {
-            "type": "string"
-          },
          "status": {
            "$ref": "#/definitions/v2/RemoteControlConnectionStatus"
          }
        },
        "required": [
-          "installationId",
          "status"
        ],
        "title": "RemoteControlStatusChangedNotification",
@@ -14834,6 +15005,24 @@
        ],
        "type": "object"
      },
+      "SkillsListExtraRootsForCwd": {
+        "properties": {
+          "cwd": {
+            "type": "string"
+          },
+          "extraUserRoots": {
+            "items": {
+              "type": "string"
+            },
+            "type": "array"
+          }
+        },
+        "required": [
+          "cwd",
+          "extraUserRoots"
+        ],
+        "type": "object"
+      },
      "SkillsListParams": {
        "$schema": "http://json-schema.org/draft-07/schema#",
        "properties": {
@@ -14847,6 +15036,17 @@
          "forceReload": {
            "description": "When true, bypass the skills cache and re-scan skills from disk.",
            "type": "boolean"
+          },
+          "perCwdExtraUserRoots": {
+            "default": null,
+            "description": "Optional per-cwd extra roots to scan as user-scoped skills.",
+            "items": {
+              "$ref": "#/definitions/v2/SkillsListExtraRootsForCwd"
+            },
+            "type": [
+              "array",
+              "null"
+            ]
          }
        },
        "title": "SkillsListParams",
--- a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json
+++ b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json
@@ -1665,6 +1665,78 @@
          "title": "App/listRequest",
          "type": "object"
        },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/RequestId"
+            },
+            "method": {
+              "enum": [
+                "device/key/create"
+              ],
+              "title": "Device/key/createRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/DeviceKeyCreateParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Device/key/createRequest",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/RequestId"
+            },
+            "method": {
+              "enum": [
+                "device/key/public"
+              ],
+              "title": "Device/key/publicRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/DeviceKeyPublicParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Device/key/publicRequest",
+          "type": "object"
+        },
+        {
+          "properties": {
+            "id": {
+              "$ref": "#/definitions/RequestId"
+            },
+            "method": {
+              "enum": [
+                "device/key/sign"
+              ],
+              "title": "Device/key/signRequestMethod",
+              "type": "string"
+            },
+            "params": {
+              "$ref": "#/definitions/DeviceKeySignParams"
+            }
+          },
+          "required": [
+            "id",
+            "method",
+            "params"
+          ],
+          "title": "Device/key/signRequest",
+          "type": "object"
+        },
        {
          "properties": {
            "id": {
@@ -4331,6 +4403,300 @@
      "title": "DeprecationNoticeNotification",
      "type": "object"
    },
+    "DeviceKeyAlgorithm": {
+      "description": "Device-key algorithm reported at enrollment and signing boundaries.",
+      "enum": [
+        "ecdsa_p256_sha256"
+      ],
+      "type": "string"
+    },
+    "DeviceKeyCreateParams": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "description": "Create a controller-local device key with a random key id.",
+      "properties": {
+        "accountUserId": {
+          "type": "string"
+        },
+        "clientId": {
+          "type": "string"
+        },
+        "protectionPolicy": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/DeviceKeyProtectionPolicy"
+            },
+            {
+              "type": "null"
+            }
+          ],
+          "description": "Defaults to `hardware_only` when omitted."
+        }
+      },
+      "required": [
+        "accountUserId",
+        "clientId"
+      ],
+      "title": "DeviceKeyCreateParams",
+      "type": "object"
+    },
+    "DeviceKeyCreateResponse": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "description": "Device-key metadata and public key returned by create/public APIs.",
+      "properties": {
+        "algorithm": {
+          "$ref": "#/definitions/DeviceKeyAlgorithm"
+        },
+        "keyId": {
+          "type": "string"
+        },
+        "protectionClass": {
+          "$ref": "#/definitions/DeviceKeyProtectionClass"
+        },
+        "publicKeySpkiDerBase64": {
+          "description": "SubjectPublicKeyInfo DER encoded as base64.",
+          "type": "string"
+        }
+      },
+      "required": [
+        "algorithm",
+        "keyId",
+        "protectionClass",
+        "publicKeySpkiDerBase64"
+      ],
+      "title": "DeviceKeyCreateResponse",
+      "type": "object"
+    },
+    "DeviceKeyProtectionClass": {
+      "description": "Platform protection class for a controller-local device key.",
+      "enum": [
+        "hardware_secure_enclave",
+        "hardware_tpm",
+        "os_protected_nonextractable"
+      ],
+      "type": "string"
+    },
+    "DeviceKeyProtectionPolicy": {
+      "description": "Protection policy for creating or loading a controller-local device key.",
+      "enum": [
+        "hardware_only",
+        "allow_os_protected_nonextractable"
+      ],
+      "type": "string"
+    },
+    "DeviceKeyPublicParams": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "description": "Fetch a controller-local device key public key by id.",
+      "properties": {
+        "keyId": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "keyId"
+      ],
+      "title": "DeviceKeyPublicParams",
+      "type": "object"
+    },
+    "DeviceKeyPublicResponse": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "description": "Device-key public metadata returned by `device/key/public`.",
+      "properties": {
+        "algorithm": {
+          "$ref": "#/definitions/DeviceKeyAlgorithm"
+        },
+        "keyId": {
+          "type": "string"
+        },
+        "protectionClass": {
+          "$ref": "#/definitions/DeviceKeyProtectionClass"
+        },
+        "publicKeySpkiDerBase64": {
+          "description": "SubjectPublicKeyInfo DER encoded as base64.",
+          "type": "string"
+        }
+      },
+      "required": [
+        "algorithm",
+        "keyId",
+        "protectionClass",
+        "publicKeySpkiDerBase64"
+      ],
+      "title": "DeviceKeyPublicResponse",
+      "type": "object"
+    },
+    "DeviceKeySignParams": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "description": "Sign an accepted structured payload with a controller-local device key.",
+      "properties": {
+        "keyId": {
+          "type": "string"
+        },
+        "payload": {
+          "$ref": "#/definitions/DeviceKeySignPayload"
+        }
+      },
+      "required": [
+        "keyId",
+        "payload"
+      ],
+      "title": "DeviceKeySignParams",
+      "type": "object"
+    },
+    "DeviceKeySignPayload": {
+      "description": "Structured payloads accepted by `device/key/sign`.",
+      "oneOf": [
+        {
+          "description": "Payload bound to one remote-control controller websocket `/client` connection challenge.",
+          "properties": {
+            "accountUserId": {
+              "type": "string"
+            },
+            "audience": {
+              "$ref": "#/definitions/RemoteControlClientConnectionAudience"
+            },
+            "clientId": {
+              "type": "string"
+            },
+            "nonce": {
+              "type": "string"
+            },
+            "scopes": {
+              "description": "Must contain exactly `remote_control_controller_websocket`.",
+              "items": {
+                "type": "string"
+              },
+              "type": "array"
+            },
+            "sessionId": {
+              "description": "Backend-issued websocket session id that this proof authorizes.",
+              "type": "string"
+            },
+            "targetOrigin": {
+              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
+              "type": "string"
+            },
+            "targetPath": {
+              "description": "Websocket route path that this proof authorizes.",
+              "type": "string"
+            },
+            "tokenExpiresAt": {
+              "description": "Remote-control token expiration as Unix seconds.",
+              "format": "int64",
+              "type": "integer"
+            },
+            "tokenSha256Base64url": {
+              "description": "SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.",
+              "type": "string"
+            },
+            "type": {
+              "enum": [
+                "remoteControlClientConnection"
+              ],
+              "title": "RemoteControlClientConnectionDeviceKeySignPayloadType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "accountUserId",
+            "audience",
+            "clientId",
+            "nonce",
+            "scopes",
+            "sessionId",
+            "targetOrigin",
+            "targetPath",
+            "tokenExpiresAt",
+            "tokenSha256Base64url",
+            "type"
+          ],
+          "title": "RemoteControlClientConnectionDeviceKeySignPayload",
+          "type": "object"
+        },
+        {
+          "description": "Payload bound to a remote-control client `/client/enroll` ownership challenge.",
+          "properties": {
+            "accountUserId": {
+              "type": "string"
+            },
+            "audience": {
+              "$ref": "#/definitions/RemoteControlClientEnrollmentAudience"
+            },
+            "challengeExpiresAt": {
+              "description": "Enrollment challenge expiration as Unix seconds.",
+              "format": "int64",
+              "type": "integer"
+            },
+            "challengeId": {
+              "description": "Backend-issued enrollment challenge id that this proof authorizes.",
+              "type": "string"
+            },
+            "clientId": {
+              "type": "string"
+            },
+            "deviceIdentitySha256Base64url": {
+              "description": "SHA-256 of the requested device identity operation, encoded as unpadded base64url.",
+              "type": "string"
+            },
+            "nonce": {
+              "type": "string"
+            },
+            "targetOrigin": {
+              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
+              "type": "string"
+            },
+            "targetPath": {
+              "description": "HTTP route path that this proof authorizes.",
+              "type": "string"
+            },
+            "type": {
+              "enum": [
+                "remoteControlClientEnrollment"
+              ],
+              "title": "RemoteControlClientEnrollmentDeviceKeySignPayloadType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "accountUserId",
+            "audience",
+            "challengeExpiresAt",
+            "challengeId",
+            "clientId",
+            "deviceIdentitySha256Base64url",
+            "nonce",
+            "targetOrigin",
+            "targetPath",
+            "type"
+          ],
+          "title": "RemoteControlClientEnrollmentDeviceKeySignPayload",
+          "type": "object"
+        }
+      ]
+    },
+    "DeviceKeySignResponse": {
+      "$schema": "http://json-schema.org/draft-07/schema#",
+      "description": "ASN.1 DER signature returned by `device/key/sign`.",
+      "properties": {
+        "algorithm": {
+          "$ref": "#/definitions/DeviceKeyAlgorithm"
+        },
+        "signatureDerBase64": {
+          "description": "ECDSA signature DER encoded as base64.",
+          "type": "string"
+        },
+        "signedPayloadBase64": {
+          "description": "Exact bytes signed by the device key, encoded as base64. Verifiers must verify this byte string directly and must not reserialize `payload`.",
+          "type": "string"
+        }
+      },
+      "required": [
+        "algorithm",
+        "signatureDerBase64",
+        "signedPayloadBase64"
+      ],
+      "title": "DeviceKeySignResponse",
+      "type": "object"
+    },
    "DynamicToolCallOutputContentItem": {
      "oneOf": [
        {
@@ -6025,8 +6391,6 @@
        "preToolUse",
        "permissionRequest",
        "postToolUse",
-        "preCompact",
-        "postCompact",
        "sessionStart",
        "userPromptSubmit",
        "stop"
@@ -6409,11 +6773,6 @@
            "array",
            "null"
          ]
-        },
-        "requestAttestation": {
-          "default": false,
-          "description": "Opt into `attestation/generate` requests for upstream `x-oai-attestation`.",
-          "type": "boolean"
        }
      },
      "type": "object"
@@ -6494,11 +6853,6 @@
        "action": {
          "$ref": "#/definitions/GuardianApprovalReviewAction"
        },
-        "completedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this review completed.",
-          "format": "int64",
-          "type": "integer"
-        },
        "decisionSource": {
          "$ref": "#/definitions/AutoReviewDecisionSource"
        },
@@ -6509,11 +6863,6 @@
          "description": "Stable identifier for this review.",
          "type": "string"
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this review started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "targetItemId": {
          "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
          "type": [
@@ -6530,11 +6879,9 @@
      },
      "required": [
        "action",
-        "completedAtMs",
        "decisionSource",
        "review",
        "reviewId",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -6555,11 +6902,6 @@
          "description": "Stable identifier for this review.",
          "type": "string"
        },
-        "startedAtMs": {
-          "description": "Unix timestamp (in milliseconds) when this review started.",
-          "format": "int64",
-          "type": "integer"
-        },
        "targetItemId": {
          "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
          "type": [
@@ -6578,7 +6920,6 @@
        "action",
        "review",
        "reviewId",
-        "startedAtMs",
        "threadId",
        "turnId"
      ],
@@ -6934,24 +7275,12 @@
          },
          "type": "array"
        },
-        "PostCompact": {
-          "items": {
-            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
-          },
-          "type": "array"
-        },
        "PostToolUse": {
          "items": {
            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
          },
          "type": "array"
        },
-        "PreCompact": {
-          "items": {
-            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
-          },
-          "type": "array"
-        },
        "PreToolUse": {
          "items": {
            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
@@ -6991,9 +7320,7 @@
      },
      "required": [
        "PermissionRequest",
-        "PostCompact",
        "PostToolUse",
-        "PreCompact",
        "PreToolUse",
        "SessionStart",
        "Stop",
@@ -8412,12 +8739,6 @@
            "null"
          ]
        },
-        "hooks": {
-          "items": {
-            "$ref": "#/definitions/PluginHookSummary"
-          },
-          "type": "array"
-        },
        "marketplaceName": {
          "type": "string"
        },
@@ -8449,7 +8770,6 @@
      },
      "required": [
        "apps",
-        "hooks",
        "marketplaceName",
        "mcpServers",
        "skills",
@@ -8457,21 +8777,6 @@
      ],
      "type": "object"
    },
-    "PluginHookSummary": {
-      "properties": {
-        "eventName": {
-          "$ref": "#/definitions/HookEventName"
-        },
-        "key": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "eventName",
-        "key"
-      ],
-      "type": "object"
-    },
    "PluginInstallParams": {
      "$schema": "http://json-schema.org/draft-07/schema#",
      "properties": {
@@ -8659,14 +8964,6 @@
      ],
      "type": "object"
    },
-    "PluginListMarketplaceKind": {
-      "enum": [
-        "local",
-        "workspace-directory",
-        "shared-with-me"
-      ],
-      "type": "string"
-    },
    "PluginListParams": {
      "$schema": "http://json-schema.org/draft-07/schema#",
      "properties": {
@@ -8679,16 +8976,6 @@
            "array",
            "null"
          ]
-        },
-        "marketplaceKinds": {
-          "description": "Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus the default remote catalog when enabled by feature flag.",
-          "items": {
-            "$ref": "#/definitions/PluginListMarketplaceKind"
-          },
-          "type": [
-            "array",
-            "null"
-          ]
        }
      },
      "title": "PluginListParams",
@@ -8805,44 +9092,6 @@
      "title": "PluginReadResponse",
      "type": "object"
    },
-    "PluginShareContext": {
-      "properties": {
-        "creatorAccountUserId": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "creatorName": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "remotePluginId": {
-          "type": "string"
-        },
-        "shareTargets": {
-          "items": {
-            "$ref": "#/definitions/PluginSharePrincipal"
-          },
-          "type": [
-            "array",
-            "null"
-          ]
-        },
-        "shareUrl": {
-          "type": [
-            "string",
-            "null"
-          ]
-        }
-      },
-      "required": [
-        "remotePluginId"
-      ],
-      "type": "object"
-    },
    "PluginShareDeleteParams": {
      "$schema": "http://json-schema.org/draft-07/schema#",
      "properties": {
@@ -9012,19 +9261,9 @@
      ],
      "type": "object"
    },
-    "PluginShareUpdateDiscoverability": {
-      "enum": [
-        "UNLISTED",
-        "PRIVATE"
-      ],
-      "type": "string"
-    },
    "PluginShareUpdateTargetsParams": {
      "$schema": "http://json-schema.org/draft-07/schema#",
      "properties": {
-        "discoverability": {
-          "$ref": "#/definitions/PluginShareUpdateDiscoverability"
-        },
        "remotePluginId": {
          "type": "string"
        },
@@ -9036,7 +9275,6 @@
        }
      },
      "required": [
-        "discoverability",
        "remotePluginId",
        "shareTargets"
      ],
@@ -9046,9 +9284,6 @@
    "PluginShareUpdateTargetsResponse": {
      "$schema": "http://json-schema.org/draft-07/schema#",
      "properties": {
-        "discoverability": {
-          "$ref": "#/definitions/PluginShareDiscoverability"
-        },
        "principals": {
          "items": {
            "$ref": "#/definitions/PluginSharePrincipal"
@@ -9057,7 +9292,6 @@
        }
      },
      "required": [
-        "discoverability",
        "principals"
      ],
      "title": "PluginShareUpdateTargetsResponse",
@@ -9222,17 +9456,6 @@
        "name": {
          "type": "string"
        },
-        "shareContext": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/PluginShareContext"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Remote sharing context associated with this plugin when available."
-        },
        "source": {
          "$ref": "#/definitions/PluginSource"
        }
@@ -9893,6 +10116,20 @@
      "title": "ReasoningTextDeltaNotification",
      "type": "object"
    },
+    "RemoteControlClientConnectionAudience": {
+      "description": "Audience for a remote-control client connection device-key proof.",
+      "enum": [
+        "remote_control_client_websocket"
+      ],
+      "type": "string"
+    },
+    "RemoteControlClientEnrollmentAudience": {
+      "description": "Audience for a remote-control client enrollment device-key proof.",
+      "enum": [
+        "remote_control_client_enrollment"
+      ],
+      "type": "string"
+    },
    "RemoteControlConnectionStatus": {
      "enum": [
        "disabled",
@@ -9904,7 +10141,7 @@
    },
    "RemoteControlStatusChangedNotification": {
      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Current remote-control connection status and remote identity exposed to clients.",
+      "description": "Current remote-control connection status and environment id exposed to clients.",
      "properties": {
        "environmentId": {
          "type": [
@@ -9912,15 +10149,11 @@
            "null"
          ]
        },
-        "installationId": {
-          "type": "string"
-        },
        "status": {
          "$ref": "#/definitions/RemoteControlConnectionStatus"
        }
      },
      "required": [
-        "installationId",
        "status"
      ],
      "title": "RemoteControlStatusChangedNotification",
@@ -12658,6 +12891,24 @@
      ],
      "type": "object"
    },
+    "SkillsListExtraRootsForCwd": {
+      "properties": {
+        "cwd": {
+          "type": "string"
+        },
+        "extraUserRoots": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "required": [
+        "cwd",
+        "extraUserRoots"
+      ],
+      "type": "object"
+    },
    "SkillsListParams": {
      "$schema": "http://json-schema.org/draft-07/schema#",
      "properties": {
@@ -12671,6 +12922,17 @@
        "forceReload": {
          "description": "When true, bypass the skills cache and re-scan skills from disk.",
          "type": "boolean"
+        },
+        "perCwdExtraUserRoots": {
+          "default": null,
+          "description": "Optional per-cwd extra roots to scan as user-scoped skills.",
+          "items": {
+            "$ref": "#/definitions/SkillsListExtraRootsForCwd"
+          },
+          "type": [
+            "array",
+            "null"
+          ]
        }
      },
      "title": "SkillsListParams",
--- a/codex-rs/app-server-protocol/schema/json/v1/InitializeParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v1/InitializeParams.json
@@ -39,11 +39,6 @@
            "array",
            "null"
          ]
-        },
-        "requestAttestation": {
-          "default": false,
-          "description": "Opt into `attestation/generate` requests for upstream `x-oai-attestation`.",
-          "type": "boolean"
        }
      },
      "type": "object"
--- a/codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json
@@ -213,24 +213,12 @@
          },
          "type": "array"
        },
-        "PostCompact": {
-          "items": {
-            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
-          },
-          "type": "array"
-        },
        "PostToolUse": {
          "items": {
            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
          },
          "type": "array"
        },
-        "PreCompact": {
-          "items": {
-            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
-          },
-          "type": "array"
-        },
        "PreToolUse": {
          "items": {
            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
@@ -270,9 +258,7 @@
      },
      "required": [
        "PermissionRequest",
-        "PostCompact",
        "PostToolUse",
-        "PreCompact",
        "PreToolUse",
        "SessionStart",
        "Stop",
--- a/codex-rs/app-server-protocol/schema/json/v2/DeviceKeyCreateParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/DeviceKeyCreateParams.json
@@ -0,0 +1,39 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "definitions": {
+    "DeviceKeyProtectionPolicy": {
+      "description": "Protection policy for creating or loading a controller-local device key.",
+      "enum": [
+        "hardware_only",
+        "allow_os_protected_nonextractable"
+      ],
+      "type": "string"
+    }
+  },
+  "description": "Create a controller-local device key with a random key id.",
+  "properties": {
+    "accountUserId": {
+      "type": "string"
+    },
+    "clientId": {
+      "type": "string"
+    },
+    "protectionPolicy": {
+      "anyOf": [
+        {
+          "$ref": "#/definitions/DeviceKeyProtectionPolicy"
+        },
+        {
+          "type": "null"
+        }
+      ],
+      "description": "Defaults to `hardware_only` when omitted."
+    }
+  },
+  "required": [
+    "accountUserId",
+    "clientId"
+  ],
+  "title": "DeviceKeyCreateParams",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/DeviceKeyCreateResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/DeviceKeyCreateResponse.json
@@ -0,0 +1,45 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "definitions": {
+    "DeviceKeyAlgorithm": {
+      "description": "Device-key algorithm reported at enrollment and signing boundaries.",
+      "enum": [
+        "ecdsa_p256_sha256"
+      ],
+      "type": "string"
+    },
+    "DeviceKeyProtectionClass": {
+      "description": "Platform protection class for a controller-local device key.",
+      "enum": [
+        "hardware_secure_enclave",
+        "hardware_tpm",
+        "os_protected_nonextractable"
+      ],
+      "type": "string"
+    }
+  },
+  "description": "Device-key metadata and public key returned by create/public APIs.",
+  "properties": {
+    "algorithm": {
+      "$ref": "#/definitions/DeviceKeyAlgorithm"
+    },
+    "keyId": {
+      "type": "string"
+    },
+    "protectionClass": {
+      "$ref": "#/definitions/DeviceKeyProtectionClass"
+    },
+    "publicKeySpkiDerBase64": {
+      "description": "SubjectPublicKeyInfo DER encoded as base64.",
+      "type": "string"
+    }
+  },
+  "required": [
+    "algorithm",
+    "keyId",
+    "protectionClass",
+    "publicKeySpkiDerBase64"
+  ],
+  "title": "DeviceKeyCreateResponse",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/AttestationGenerateResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/AttestationGenerateResponse.json
@@ -1,14 +1,14 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
+  "description": "Fetch a controller-local device key public key by id.",
  "properties": {
-    "token": {
-      "description": "Opaque client attestation token.",
+    "keyId": {
      "type": "string"
    }
  },
  "required": [
-    "token"
+    "keyId"
  ],
-  "title": "AttestationGenerateResponse",
+  "title": "DeviceKeyPublicParams",
  "type": "object"
 }
--- a/codex-rs/app-server-protocol/schema/json/v2/DeviceKeyPublicResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/DeviceKeyPublicResponse.json
@@ -0,0 +1,45 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "definitions": {
+    "DeviceKeyAlgorithm": {
+      "description": "Device-key algorithm reported at enrollment and signing boundaries.",
+      "enum": [
+        "ecdsa_p256_sha256"
+      ],
+      "type": "string"
+    },
+    "DeviceKeyProtectionClass": {
+      "description": "Platform protection class for a controller-local device key.",
+      "enum": [
+        "hardware_secure_enclave",
+        "hardware_tpm",
+        "os_protected_nonextractable"
+      ],
+      "type": "string"
+    }
+  },
+  "description": "Device-key public metadata returned by `device/key/public`.",
+  "properties": {
+    "algorithm": {
+      "$ref": "#/definitions/DeviceKeyAlgorithm"
+    },
+    "keyId": {
+      "type": "string"
+    },
+    "protectionClass": {
+      "$ref": "#/definitions/DeviceKeyProtectionClass"
+    },
+    "publicKeySpkiDerBase64": {
+      "description": "SubjectPublicKeyInfo DER encoded as base64.",
+      "type": "string"
+    }
+  },
+  "required": [
+    "algorithm",
+    "keyId",
+    "protectionClass",
+    "publicKeySpkiDerBase64"
+  ],
+  "title": "DeviceKeyPublicResponse",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/DeviceKeySignParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/DeviceKeySignParams.json
@@ -0,0 +1,165 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "definitions": {
+    "DeviceKeySignPayload": {
+      "description": "Structured payloads accepted by `device/key/sign`.",
+      "oneOf": [
+        {
+          "description": "Payload bound to one remote-control controller websocket `/client` connection challenge.",
+          "properties": {
+            "accountUserId": {
+              "type": "string"
+            },
+            "audience": {
+              "$ref": "#/definitions/RemoteControlClientConnectionAudience"
+            },
+            "clientId": {
+              "type": "string"
+            },
+            "nonce": {
+              "type": "string"
+            },
+            "scopes": {
+              "description": "Must contain exactly `remote_control_controller_websocket`.",
+              "items": {
+                "type": "string"
+              },
+              "type": "array"
+            },
+            "sessionId": {
+              "description": "Backend-issued websocket session id that this proof authorizes.",
+              "type": "string"
+            },
+            "targetOrigin": {
+              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
+              "type": "string"
+            },
+            "targetPath": {
+              "description": "Websocket route path that this proof authorizes.",
+              "type": "string"
+            },
+            "tokenExpiresAt": {
+              "description": "Remote-control token expiration as Unix seconds.",
+              "format": "int64",
+              "type": "integer"
+            },
+            "tokenSha256Base64url": {
+              "description": "SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.",
+              "type": "string"
+            },
+            "type": {
+              "enum": [
+                "remoteControlClientConnection"
+              ],
+              "title": "RemoteControlClientConnectionDeviceKeySignPayloadType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "accountUserId",
+            "audience",
+            "clientId",
+            "nonce",
+            "scopes",
+            "sessionId",
+            "targetOrigin",
+            "targetPath",
+            "tokenExpiresAt",
+            "tokenSha256Base64url",
+            "type"
+          ],
+          "title": "RemoteControlClientConnectionDeviceKeySignPayload",
+          "type": "object"
+        },
+        {
+          "description": "Payload bound to a remote-control client `/client/enroll` ownership challenge.",
+          "properties": {
+            "accountUserId": {
+              "type": "string"
+            },
+            "audience": {
+              "$ref": "#/definitions/RemoteControlClientEnrollmentAudience"
+            },
+            "challengeExpiresAt": {
+              "description": "Enrollment challenge expiration as Unix seconds.",
+              "format": "int64",
+              "type": "integer"
+            },
+            "challengeId": {
+              "description": "Backend-issued enrollment challenge id that this proof authorizes.",
+              "type": "string"
+            },
+            "clientId": {
+              "type": "string"
+            },
+            "deviceIdentitySha256Base64url": {
+              "description": "SHA-256 of the requested device identity operation, encoded as unpadded base64url.",
+              "type": "string"
+            },
+            "nonce": {
+              "type": "string"
+            },
+            "targetOrigin": {
+              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
+              "type": "string"
+            },
+            "targetPath": {
+              "description": "HTTP route path that this proof authorizes.",
+              "type": "string"
+            },
+            "type": {
+              "enum": [
+                "remoteControlClientEnrollment"
+              ],
+              "title": "RemoteControlClientEnrollmentDeviceKeySignPayloadType",
+              "type": "string"
+            }
+          },
+          "required": [
+            "accountUserId",
+            "audience",
+            "challengeExpiresAt",
+            "challengeId",
+            "clientId",
+            "deviceIdentitySha256Base64url",
+            "nonce",
+            "targetOrigin",
+            "targetPath",
+            "type"
+          ],
+          "title": "RemoteControlClientEnrollmentDeviceKeySignPayload",
+          "type": "object"
+        }
+      ]
+    },
+    "RemoteControlClientConnectionAudience": {
+      "description": "Audience for a remote-control client connection device-key proof.",
+      "enum": [
+        "remote_control_client_websocket"
+      ],
+      "type": "string"
+    },
+    "RemoteControlClientEnrollmentAudience": {
+      "description": "Audience for a remote-control client enrollment device-key proof.",
+      "enum": [
+        "remote_control_client_enrollment"
+      ],
+      "type": "string"
+    }
+  },
+  "description": "Sign an accepted structured payload with a controller-local device key.",
+  "properties": {
+    "keyId": {
+      "type": "string"
+    },
+    "payload": {
+      "$ref": "#/definitions/DeviceKeySignPayload"
+    }
+  },
+  "required": [
+    "keyId",
+    "payload"
+  ],
+  "title": "DeviceKeySignParams",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/DeviceKeySignResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/DeviceKeySignResponse.json
@@ -0,0 +1,33 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "definitions": {
+    "DeviceKeyAlgorithm": {
+      "description": "Device-key algorithm reported at enrollment and signing boundaries.",
+      "enum": [
+        "ecdsa_p256_sha256"
+      ],
+      "type": "string"
+    }
+  },
+  "description": "ASN.1 DER signature returned by `device/key/sign`.",
+  "properties": {
+    "algorithm": {
+      "$ref": "#/definitions/DeviceKeyAlgorithm"
+    },
+    "signatureDerBase64": {
+      "description": "ECDSA signature DER encoded as base64.",
+      "type": "string"
+    },
+    "signedPayloadBase64": {
+      "description": "Exact bytes signed by the device key, encoded as base64. Verifiers must verify this byte string directly and must not reserialize `payload`.",
+      "type": "string"
+    }
+  },
+  "required": [
+    "algorithm",
+    "signatureDerBase64",
+    "signedPayloadBase64"
+  ],
+  "title": "DeviceKeySignResponse",
+  "type": "object"
+}
--- a/codex-rs/app-server-protocol/schema/json/v2/HookCompletedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/HookCompletedNotification.json
@@ -10,8 +10,6 @@
        "preToolUse",
        "permissionRequest",
        "postToolUse",
-        "preCompact",
-        "postCompact",
        "sessionStart",
        "userPromptSubmit",
        "stop"
--- a/codex-rs/app-server-protocol/schema/json/v2/HookStartedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/HookStartedNotification.json
@@ -10,8 +10,6 @@
        "preToolUse",
        "permissionRequest",
        "postToolUse",
-        "preCompact",
-        "postCompact",
        "sessionStart",
        "userPromptSubmit",
        "stop"
--- a/codex-rs/app-server-protocol/schema/json/v2/HooksListResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/HooksListResponse.json
@@ -25,8 +25,6 @@
        "preToolUse",
        "permissionRequest",
        "postToolUse",
-        "preCompact",
-        "postCompact",
        "sessionStart",
        "userPromptSubmit",
        "stop"
--- a/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json
@@ -574,11 +574,6 @@
    "action": {
      "$ref": "#/definitions/GuardianApprovalReviewAction"
    },
-    "completedAtMs": {
-      "description": "Unix timestamp (in milliseconds) when this review completed.",
-      "format": "int64",
-      "type": "integer"
-    },
    "decisionSource": {
      "$ref": "#/definitions/AutoReviewDecisionSource"
    },
@@ -589,11 +584,6 @@
      "description": "Stable identifier for this review.",
      "type": "string"
    },
-    "startedAtMs": {
-      "description": "Unix timestamp (in milliseconds) when this review started.",
-      "format": "int64",
-      "type": "integer"
-    },
    "targetItemId": {
      "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
      "type": [
@@ -610,11 +600,9 @@
  },
  "required": [
    "action",
-    "completedAtMs",
    "decisionSource",
    "review",
    "reviewId",
-    "startedAtMs",
    "threadId",
    "turnId"
  ],
--- a/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json
@@ -574,11 +574,6 @@
      "description": "Stable identifier for this review.",
      "type": "string"
    },
-    "startedAtMs": {
-      "description": "Unix timestamp (in milliseconds) when this review started.",
-      "format": "int64",
-      "type": "integer"
-    },
    "targetItemId": {
      "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
      "type": [
@@ -597,7 +592,6 @@
    "action",
    "review",
    "reviewId",
-    "startedAtMs",
    "threadId",
    "turnId"
  ],
--- a/codex-rs/app-server-protocol/schema/json/v2/PluginListParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/PluginListParams.json
@@ -4,14 +4,6 @@
    "AbsolutePathBuf": {
      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
      "type": "string"
-    },
-    "PluginListMarketplaceKind": {
-      "enum": [
-        "local",
-        "workspace-directory",
-        "shared-with-me"
-      ],
-      "type": "string"
    }
  },
  "properties": {
@@ -24,16 +16,6 @@
        "array",
        "null"
      ]
-    },
-    "marketplaceKinds": {
-      "description": "Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus the default remote catalog when enabled by feature flag.",
-      "items": {
-        "$ref": "#/definitions/PluginListMarketplaceKind"
-      },
-      "type": [
-        "array",
-        "null"
-      ]
    }
  },
  "title": "PluginListParams",
--- a/codex-rs/app-server-protocol/schema/json/v2/PluginListResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/PluginListResponse.json
@@ -232,71 +232,6 @@
      ],
      "type": "object"
    },
-    "PluginShareContext": {
-      "properties": {
-        "creatorAccountUserId": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "creatorName": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "remotePluginId": {
-          "type": "string"
-        },
-        "shareTargets": {
-          "items": {
-            "$ref": "#/definitions/PluginSharePrincipal"
-          },
-          "type": [
-            "array",
-            "null"
-          ]
-        },
-        "shareUrl": {
-          "type": [
-            "string",
-            "null"
-          ]
-        }
-      },
-      "required": [
-        "remotePluginId"
-      ],
-      "type": "object"
-    },
-    "PluginSharePrincipal": {
-      "properties": {
-        "name": {
-          "type": "string"
-        },
-        "principalId": {
-          "type": "string"
-        },
-        "principalType": {
-          "$ref": "#/definitions/PluginSharePrincipalType"
-        }
-      },
-      "required": [
-        "name",
-        "principalId",
-        "principalType"
-      ],
-      "type": "object"
-    },
-    "PluginSharePrincipalType": {
-      "enum": [
-        "user",
-        "group",
-        "workspace"
-      ],
-      "type": "string"
-    },
    "PluginSource": {
      "oneOf": [
        {
@@ -422,17 +357,6 @@
        "name": {
          "type": "string"
        },
-        "shareContext": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/PluginShareContext"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Remote sharing context associated with this plugin when available."
-        },
        "source": {
          "$ref": "#/definitions/PluginSource"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/PluginReadResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/PluginReadResponse.json
@@ -37,19 +37,6 @@
      ],
      "type": "object"
    },
-    "HookEventName": {
-      "enum": [
-        "preToolUse",
-        "permissionRequest",
-        "postToolUse",
-        "preCompact",
-        "postCompact",
-        "sessionStart",
-        "userPromptSubmit",
-        "stop"
-      ],
-      "type": "string"
-    },
    "PluginAuthPolicy": {
      "enum": [
        "ON_INSTALL",
@@ -88,12 +75,6 @@
            "null"
          ]
        },
-        "hooks": {
-          "items": {
-            "$ref": "#/definitions/PluginHookSummary"
-          },
-          "type": "array"
-        },
        "marketplaceName": {
          "type": "string"
        },
@@ -125,7 +106,6 @@
      },
      "required": [
        "apps",
-        "hooks",
        "marketplaceName",
        "mcpServers",
        "skills",
@@ -133,21 +113,6 @@
      ],
      "type": "object"
    },
-    "PluginHookSummary": {
-      "properties": {
-        "eventName": {
-          "$ref": "#/definitions/HookEventName"
-        },
-        "key": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "eventName",
-        "key"
-      ],
-      "type": "object"
-    },
    "PluginInstallPolicy": {
      "enum": [
        "NOT_AVAILABLE",
@@ -286,71 +251,6 @@
      ],
      "type": "object"
    },
-    "PluginShareContext": {
-      "properties": {
-        "creatorAccountUserId": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "creatorName": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "remotePluginId": {
-          "type": "string"
-        },
-        "shareTargets": {
-          "items": {
-            "$ref": "#/definitions/PluginSharePrincipal"
-          },
-          "type": [
-            "array",
-            "null"
-          ]
-        },
-        "shareUrl": {
-          "type": [
-            "string",
-            "null"
-          ]
-        }
-      },
-      "required": [
-        "remotePluginId"
-      ],
-      "type": "object"
-    },
-    "PluginSharePrincipal": {
-      "properties": {
-        "name": {
-          "type": "string"
-        },
-        "principalId": {
-          "type": "string"
-        },
-        "principalType": {
-          "$ref": "#/definitions/PluginSharePrincipalType"
-        }
-      },
-      "required": [
-        "name",
-        "principalId",
-        "principalType"
-      ],
-      "type": "object"
-    },
-    "PluginSharePrincipalType": {
-      "enum": [
-        "user",
-        "group",
-        "workspace"
-      ],
-      "type": "string"
-    },
    "PluginSource": {
      "oneOf": [
        {
@@ -476,17 +376,6 @@
        "name": {
          "type": "string"
        },
-        "shareContext": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/PluginShareContext"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Remote sharing context associated with this plugin when available."
-        },
        "source": {
          "$ref": "#/definitions/PluginSource"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/PluginShareListResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/PluginShareListResponse.json
@@ -167,44 +167,6 @@
      ],
      "type": "object"
    },
-    "PluginShareContext": {
-      "properties": {
-        "creatorAccountUserId": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "creatorName": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "remotePluginId": {
-          "type": "string"
-        },
-        "shareTargets": {
-          "items": {
-            "$ref": "#/definitions/PluginSharePrincipal"
-          },
-          "type": [
-            "array",
-            "null"
-          ]
-        },
-        "shareUrl": {
-          "type": [
-            "string",
-            "null"
-          ]
-        }
-      },
-      "required": [
-        "remotePluginId"
-      ],
-      "type": "object"
-    },
    "PluginShareListItem": {
      "properties": {
        "localPluginPath": {
@@ -230,33 +192,6 @@
      ],
      "type": "object"
    },
-    "PluginSharePrincipal": {
-      "properties": {
-        "name": {
-          "type": "string"
-        },
-        "principalId": {
-          "type": "string"
-        },
-        "principalType": {
-          "$ref": "#/definitions/PluginSharePrincipalType"
-        }
-      },
-      "required": [
-        "name",
-        "principalId",
-        "principalType"
-      ],
-      "type": "object"
-    },
-    "PluginSharePrincipalType": {
-      "enum": [
-        "user",
-        "group",
-        "workspace"
-      ],
-      "type": "string"
-    },
    "PluginSource": {
      "oneOf": [
        {
@@ -382,17 +317,6 @@
        "name": {
          "type": "string"
        },
-        "shareContext": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/PluginShareContext"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Remote sharing context associated with this plugin when available."
-        },
        "source": {
          "$ref": "#/definitions/PluginSource"
        }
--- a/codex-rs/app-server-protocol/schema/json/v2/PluginShareUpdateTargetsParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/PluginShareUpdateTargetsParams.json
@@ -23,19 +23,9 @@
        "principalType"
      ],
      "type": "object"
-    },
-    "PluginShareUpdateDiscoverability": {
-      "enum": [
-        "UNLISTED",
-        "PRIVATE"
-      ],
-      "type": "string"
    }
  },
  "properties": {
-    "discoverability": {
-      "$ref": "#/definitions/PluginShareUpdateDiscoverability"
-    },
    "remotePluginId": {
      "type": "string"
    },
@@ -47,7 +37,6 @@
    }
  },
  "required": [
-    "discoverability",
    "remotePluginId",
    "shareTargets"
  ],
--- a/codex-rs/app-server-protocol/schema/json/v2/PluginShareUpdateTargetsResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/PluginShareUpdateTargetsResponse.json
@@ -1,14 +1,6 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
  "definitions": {
-    "PluginShareDiscoverability": {
-      "enum": [
-        "LISTED",
-        "UNLISTED",
-        "PRIVATE"
-      ],
-      "type": "string"
-    },
    "PluginSharePrincipal": {
      "properties": {
        "name": {
@@ -38,9 +30,6 @@
    }
  },
  "properties": {
-    "discoverability": {
-      "$ref": "#/definitions/PluginShareDiscoverability"
-    },
    "principals": {
      "items": {
        "$ref": "#/definitions/PluginSharePrincipal"
@@ -49,7 +38,6 @@
    }
  },
  "required": [
-    "discoverability",
    "principals"
  ],
  "title": "PluginShareUpdateTargetsResponse",
--- a/codex-rs/app-server-protocol/schema/json/v2/RemoteControlStatusChangedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/RemoteControlStatusChangedNotification.json
@@ -11,7 +11,7 @@
      "type": "string"
    }
  },
-  "description": "Current remote-control connection status and remote identity exposed to clients.",
+  "description": "Current remote-control connection status and environment id exposed to clients.",
  "properties": {
    "environmentId": {
      "type": [
@@ -19,15 +19,11 @@
        "null"
      ]
    },
-    "installationId": {
-      "type": "string"
-    },
    "status": {
      "$ref": "#/definitions/RemoteControlConnectionStatus"
    }
  },
  "required": [
-    "installationId",
    "status"
  ],
  "title": "RemoteControlStatusChangedNotification",
--- a/codex-rs/app-server-protocol/schema/json/v2/SkillsListParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/SkillsListParams.json
@@ -1,5 +1,25 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
+  "definitions": {
+    "SkillsListExtraRootsForCwd": {
+      "properties": {
+        "cwd": {
+          "type": "string"
+        },
+        "extraUserRoots": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "required": [
+        "cwd",
+        "extraUserRoots"
+      ],
+      "type": "object"
+    }
+  },
  "properties": {
    "cwds": {
      "description": "When empty, defaults to the current session working directory.",
@@ -11,6 +31,17 @@
    "forceReload": {
      "description": "When true, bypass the skills cache and re-scan skills from disk.",
      "type": "boolean"
+    },
+    "perCwdExtraUserRoots": {
+      "default": null,
+      "description": "Optional per-cwd extra roots to scan as user-scoped skills.",
+      "items": {
+        "$ref": "#/definitions/SkillsListExtraRootsForCwd"
+      },
+      "type": [
+        "array",
+        "null"
+      ]
    }
  },
  "title": "SkillsListParams",
--- a/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts
--- a/codex-rs/app-server-protocol/schema/typescript/InitializeCapabilities.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/InitializeCapabilities.ts
@@ -10,10 +10,6 @@ export type InitializeCapabilities = {
 * Opt into receiving experimental API methods and fields.
 */
 experimentalApi: boolean,
-/**
- * Opt into `attestation/generate` requests for upstream `x-oai-attestation`.
- */
-requestAttestation: boolean,
 /**
 * Exact notification method names that should be suppressed for this
 * connection (for example `thread/started`).
--- a/codex-rs/app-server-protocol/schema/typescript/ServerRequest.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/ServerRequest.ts
@@ -4,7 +4,6 @@
 import type { ApplyPatchApprovalParams } from "./ApplyPatchApprovalParams";
 import type { ExecCommandApprovalParams } from "./ExecCommandApprovalParams";
 import type { RequestId } from "./RequestId";
-import type { AttestationGenerateParams } from "./v2/AttestationGenerateParams";
 import type { ChatgptAuthTokensRefreshParams } from "./v2/ChatgptAuthTokensRefreshParams";
 import type { CommandExecutionRequestApprovalParams } from "./v2/CommandExecutionRequestApprovalParams";
 import type { DynamicToolCallParams } from "./v2/DynamicToolCallParams";
@@ -16,4 +15,4 @@ import type { ToolRequestUserInputParams } from "./v2/ToolRequestUserInputParams
 /**
 * Request initiated from the server and sent to the client.
 */
-export type ServerRequest = { "method": "item/commandExecution/requestApproval", id: RequestId, params: CommandExecutionRequestApprovalParams, } | { "method": "item/fileChange/requestApproval", id: RequestId, params: FileChangeRequestApprovalParams, } | { "method": "item/tool/requestUserInput", id: RequestId, params: ToolRequestUserInputParams, } | { "method": "mcpServer/elicitation/request", id: RequestId, params: McpServerElicitationRequestParams, } | { "method": "item/permissions/requestApproval", id: RequestId, params: PermissionsRequestApprovalParams, } | { "method": "item/tool/call", id: RequestId, params: DynamicToolCallParams, } | { "method": "account/chatgptAuthTokens/refresh", id: RequestId, params: ChatgptAuthTokensRefreshParams, } | { "method": "attestation/generate", id: RequestId, params: AttestationGenerateParams, } | { "method": "applyPatchApproval", id: RequestId, params: ApplyPatchApprovalParams, } | { "method": "execCommandApproval", id: RequestId, params: ExecCommandApprovalParams, };
+export type ServerRequest = { "method": "item/commandExecution/requestApproval", id: RequestId, params: CommandExecutionRequestApprovalParams, } | { "method": "item/fileChange/requestApproval", id: RequestId, params: FileChangeRequestApprovalParams, } | { "method": "item/tool/requestUserInput", id: RequestId, params: ToolRequestUserInputParams, } | { "method": "mcpServer/elicitation/request", id: RequestId, params: McpServerElicitationRequestParams, } | { "method": "item/permissions/requestApproval", id: RequestId, params: PermissionsRequestApprovalParams, } | { "method": "item/tool/call", id: RequestId, params: DynamicToolCallParams, } | { "method": "account/chatgptAuthTokens/refresh", id: RequestId, params: ChatgptAuthTokensRefreshParams, } | { "method": "applyPatchApproval", id: RequestId, params: ApplyPatchApprovalParams, } | { "method": "execCommandApproval", id: RequestId, params: ExecCommandApprovalParams, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/AttestationGenerateParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/AttestationGenerateParams.ts
@@ -1,5 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-export type AttestationGenerateParams = Record<string, never>;
--- a/codex-rs/app-server-protocol/schema/typescript/v2/CommandExecutionRequestApprovalParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/CommandExecutionRequestApprovalParams.ts
@@ -8,9 +8,6 @@ import type { NetworkApprovalContext } from "./NetworkApprovalContext";
 import type { NetworkPolicyAmendment } from "./NetworkPolicyAmendment";

 export type CommandExecutionRequestApprovalParams = {threadId: string, turnId: string, itemId: string, /**
- * Unix timestamp (in milliseconds) when this approval request started.
- */
-startedAtMs: number, /**
 * Unique identifier for this specific approval callback.
 *
 * For regular shell/unified_exec approvals, this is null.
--- a/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyAlgorithm.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyAlgorithm.ts
@@ -1,6 +1,8 @@
 // GENERATED CODE! DO NOT MODIFY BY HAND!

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { HookEventName } from "./HookEventName";

-export type PluginHookSummary = { key: string, eventName: HookEventName, };
+/**
+ * Device-key algorithm reported at enrollment and signing boundaries.
+ */
+export type DeviceKeyAlgorithm = "ecdsa_p256_sha256";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyCreateParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyCreateParams.ts
@@ -0,0 +1,13 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { DeviceKeyProtectionPolicy } from "./DeviceKeyProtectionPolicy";
+
+/**
+ * Create a controller-local device key with a random key id.
+ */
+export type DeviceKeyCreateParams = {
+/**
+ * Defaults to `hardware_only` when omitted.
+ */
+protectionPolicy?: DeviceKeyProtectionPolicy | null, accountUserId: string, clientId: string, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyCreateResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyCreateResponse.ts
@@ -0,0 +1,14 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { DeviceKeyAlgorithm } from "./DeviceKeyAlgorithm";
+import type { DeviceKeyProtectionClass } from "./DeviceKeyProtectionClass";
+
+/**
+ * Device-key metadata and public key returned by create/public APIs.
+ */
+export type DeviceKeyCreateResponse = { keyId: string,
+/**
+ * SubjectPublicKeyInfo DER encoded as base64.
+ */
+publicKeySpkiDerBase64: string, algorithm: DeviceKeyAlgorithm, protectionClass: DeviceKeyProtectionClass, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyProtectionClass.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyProtectionClass.ts
@@ -0,0 +1,8 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+/**
+ * Platform protection class for a controller-local device key.
+ */
+export type DeviceKeyProtectionClass = "hardware_secure_enclave" | "hardware_tpm" | "os_protected_nonextractable";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyProtectionPolicy.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyProtectionPolicy.ts
@@ -0,0 +1,8 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+/**
+ * Protection policy for creating or loading a controller-local device key.
+ */
+export type DeviceKeyProtectionPolicy = "hardware_only" | "allow_os_protected_nonextractable";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/AttestationGenerateResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/AttestationGenerateResponse.ts
@@ -2,8 +2,7 @@

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

-export type AttestationGenerateResponse = {
 /**
- * Opaque client attestation token.
+ * Fetch a controller-local device key public key by id.
 */
-token: string, };
+export type DeviceKeyPublicParams = { keyId: string, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyPublicResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyPublicResponse.ts
@@ -0,0 +1,14 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { DeviceKeyAlgorithm } from "./DeviceKeyAlgorithm";
+import type { DeviceKeyProtectionClass } from "./DeviceKeyProtectionClass";
+
+/**
+ * Device-key public metadata returned by `device/key/public`.
+ */
+export type DeviceKeyPublicResponse = { keyId: string,
+/**
+ * SubjectPublicKeyInfo DER encoded as base64.
+ */
+publicKeySpkiDerBase64: string, algorithm: DeviceKeyAlgorithm, protectionClass: DeviceKeyProtectionClass, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeySignParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeySignParams.ts
@@ -0,0 +1,9 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { DeviceKeySignPayload } from "./DeviceKeySignPayload";
+
+/**
+ * Sign an accepted structured payload with a controller-local device key.
+ */
+export type DeviceKeySignParams = { keyId: string, payload: DeviceKeySignPayload, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeySignPayload.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeySignPayload.ts
@@ -0,0 +1,54 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { RemoteControlClientConnectionAudience } from "./RemoteControlClientConnectionAudience";
+import type { RemoteControlClientEnrollmentAudience } from "./RemoteControlClientEnrollmentAudience";
+
+/**
+ * Structured payloads accepted by `device/key/sign`.
+ */
+export type DeviceKeySignPayload = { "type": "remoteControlClientConnection", nonce: string, audience: RemoteControlClientConnectionAudience,
+/**
+ * Backend-issued websocket session id that this proof authorizes.
+ */
+sessionId: string,
+/**
+ * Origin of the backend endpoint that issued the challenge and will verify this proof.
+ */
+targetOrigin: string,
+/**
+ * Websocket route path that this proof authorizes.
+ */
+targetPath: string, accountUserId: string, clientId: string,
+/**
+ * Remote-control token expiration as Unix seconds.
+ */
+tokenExpiresAt: number,
+/**
+ * SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.
+ */
+tokenSha256Base64url: string,
+/**
+ * Must contain exactly `remote_control_controller_websocket`.
+ */
+scopes: Array<string>, } | { "type": "remoteControlClientEnrollment", nonce: string, audience: RemoteControlClientEnrollmentAudience,
+/**
+ * Backend-issued enrollment challenge id that this proof authorizes.
+ */
+challengeId: string,
+/**
+ * Origin of the backend endpoint that issued the challenge and will verify this proof.
+ */
+targetOrigin: string,
+/**
+ * HTTP route path that this proof authorizes.
+ */
+targetPath: string, accountUserId: string, clientId: string,
+/**
+ * SHA-256 of the requested device identity operation, encoded as unpadded base64url.
+ */
+deviceIdentitySha256Base64url: string,
+/**
+ * Enrollment challenge expiration as Unix seconds.
+ */
+challengeExpiresAt: number, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeySignResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeySignResponse.ts
@@ -0,0 +1,18 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { DeviceKeyAlgorithm } from "./DeviceKeyAlgorithm";
+
+/**
+ * ASN.1 DER signature returned by `device/key/sign`.
+ */
+export type DeviceKeySignResponse = {
+/**
+ * ECDSA signature DER encoded as base64.
+ */
+signatureDerBase64: string,
+/**
+ * Exact bytes signed by the device key, encoded as base64. Verifiers must verify this byte
+ * string directly and must not reserialize `payload`.
+ */
+signedPayloadBase64: string, algorithm: DeviceKeyAlgorithm, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FileChangeRequestApprovalParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FileChangeRequestApprovalParams.ts
@@ -3,10 +3,6 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

 export type FileChangeRequestApprovalParams = { threadId: string, turnId: string, itemId: string,
-/**
- * Unix timestamp (in milliseconds) when this approval request started.
- */
-startedAtMs: number,
 /**
 * Optional explanatory reason (e.g. request for extra write access).
 */
--- a/codex-rs/app-server-protocol/schema/typescript/v2/HookEventName.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/HookEventName.ts
@@ -2,4 +2,4 @@

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

-export type HookEventName = "preToolUse" | "permissionRequest" | "postToolUse" | "preCompact" | "postCompact" | "sessionStart" | "userPromptSubmit" | "stop";
+export type HookEventName = "preToolUse" | "permissionRequest" | "postToolUse" | "sessionStart" | "userPromptSubmit" | "stop";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewCompletedNotification.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewCompletedNotification.ts
@@ -10,14 +10,6 @@ import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewActio
 * shape is expected to change soon.
 */
 export type ItemGuardianApprovalReviewCompletedNotification = { threadId: string, turnId: string,
-/**
- * Unix timestamp (in milliseconds) when this review started.
- */
-startedAtMs: number,
-/**
- * Unix timestamp (in milliseconds) when this review completed.
- */
-completedAtMs: number,
 /**
 * Stable identifier for this review.
 */
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewStartedNotification.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewStartedNotification.ts
@@ -9,10 +9,6 @@ import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewActio
 * shape is expected to change soon.
 */
 export type ItemGuardianApprovalReviewStartedNotification = { threadId: string, turnId: string,
-/**
- * Unix timestamp (in milliseconds) when this review started.
- */
-startedAtMs: number,
 /**
 * Stable identifier for this review.
 */
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ManagedHooksRequirements.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ManagedHooksRequirements.ts
@@ -3,4 +3,4 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ConfiguredHookMatcherGroup } from "./ConfiguredHookMatcherGroup";

-export type ManagedHooksRequirements = { managedDir: string | null, windowsManagedDir: string | null, PreToolUse: Array<ConfiguredHookMatcherGroup>, PermissionRequest: Array<ConfiguredHookMatcherGroup>, PostToolUse: Array<ConfiguredHookMatcherGroup>, PreCompact: Array<ConfiguredHookMatcherGroup>, PostCompact: Array<ConfiguredHookMatcherGroup>, SessionStart: Array<ConfiguredHookMatcherGroup>, UserPromptSubmit: Array<ConfiguredHookMatcherGroup>, Stop: Array<ConfiguredHookMatcherGroup>, };
+export type ManagedHooksRequirements = { managedDir: string | null, windowsManagedDir: string | null, PreToolUse: Array<ConfiguredHookMatcherGroup>, PermissionRequest: Array<ConfiguredHookMatcherGroup>, PostToolUse: Array<ConfiguredHookMatcherGroup>, SessionStart: Array<ConfiguredHookMatcherGroup>, UserPromptSubmit: Array<ConfiguredHookMatcherGroup>, Stop: Array<ConfiguredHookMatcherGroup>, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/PermissionsRequestApprovalParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/PermissionsRequestApprovalParams.ts
@@ -4,8 +4,4 @@
 import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 import type { RequestPermissionProfile } from "./RequestPermissionProfile";

-export type PermissionsRequestApprovalParams = { threadId: string, turnId: string, itemId: string,
-/**
- * Unix timestamp (in milliseconds) when this approval request started.
- */
-startedAtMs: number, cwd: AbsolutePathBuf, reason: string | null, permissions: RequestPermissionProfile, };
+export type PermissionsRequestApprovalParams = { threadId: string, turnId: string, itemId: string, cwd: AbsolutePathBuf, reason: string | null, permissions: RequestPermissionProfile, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/PluginDetail.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/PluginDetail.ts
@@ -3,8 +3,7 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 import type { AppSummary } from "./AppSummary";
-import type { PluginHookSummary } from "./PluginHookSummary";
 import type { PluginSummary } from "./PluginSummary";
 import type { SkillSummary } from "./SkillSummary";

-export type PluginDetail = { marketplaceName: string, marketplacePath: AbsolutePathBuf | null, summary: PluginSummary, description: string | null, skills: Array<SkillSummary>, hooks: Array<PluginHookSummary>, apps: Array<AppSummary>, mcpServers: Array<string>, };
+export type PluginDetail = { marketplaceName: string, marketplacePath: AbsolutePathBuf | null, summary: PluginSummary, description: string | null, skills: Array<SkillSummary>, apps: Array<AppSummary>, mcpServers: Array<string>, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/PluginListMarketplaceKind.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/PluginListMarketplaceKind.ts
@@ -1,5 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-export type PluginListMarketplaceKind = "local" | "workspace-directory" | "shared-with-me";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/PluginListParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/PluginListParams.ts
@@ -2,16 +2,10 @@

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { AbsolutePathBuf } from "../AbsolutePathBuf";
-import type { PluginListMarketplaceKind } from "./PluginListMarketplaceKind";

 export type PluginListParams = {
 /**
 * Optional working directories used to discover repo marketplaces. When omitted,
 * only home-scoped marketplaces and the official curated marketplace are considered.
 */
-cwds?: Array<AbsolutePathBuf> | null,
-/**
- * Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus
- * the default remote catalog when enabled by feature flag.
- */
-marketplaceKinds?: Array<PluginListMarketplaceKind> | null, };
+cwds?: Array<AbsolutePathBuf> | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/PluginShareContext.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/PluginShareContext.ts
@@ -1,6 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { PluginSharePrincipal } from "./PluginSharePrincipal";
-
-export type PluginShareContext = { remotePluginId: string, shareUrl: string | null, creatorAccountUserId: string | null, creatorName: string | null, shareTargets: Array<PluginSharePrincipal> | null, };
--- a/Show More
+++ b/Show More