Add codex exec commit attribution tests

Co-authored-by: Codex <noreply@openai.com>
Preserve user commit hooks during attribution
2026-03-14 10:43:49 +00:00 · 2026-03-13 15:32:58 -07:00 · 2026-03-13 15:00:47 -07:00 · 2026-03-13 14:26:22 -07:00
385 changed files with 4226 additions and 22338 deletions
--- a/.bazelrc
+++ b/.bazelrc
@@ -56,7 +56,3 @@ common --jobs=30
 common:remote --extra_execution_platforms=//:rbe
 common:remote --remote_executor=grpcs://remote.buildbuddy.io
 common:remote --jobs=800
-# TODO(team): Evaluate if this actually helps, zbarsky is not sure, everything seems bottlenecked on `core` either way.
-# Enable pipelined compilation since we are not bound by local CPU count.
-#common:remote --@rules_rust//rust/settings:pipelined_compilation
-
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -19,10 +19,6 @@ In the codex-rs folder where the rust code lives:
  repo root to refresh `MODULE.bazel.lock`, and include that lockfile update in the same change.
 - After dependency changes, run `just bazel-lock-check` from the repo root so lockfile drift is caught
  locally before CI.
- Bazel does not automatically make source-tree files available to compile-time Rust file access. If
-  you add `include_str!`, `include_bytes!`, `sqlx::migrate!`, or similar build-time file or
-  directory reads, update the crate's `BUILD.bazel` (`compile_data`, `build_script_data`, or test
-  data) or Bazel may fail even when Cargo passes.
 - Do not create small helper methods that are referenced only once.
 - Avoid large modules:
  - Prefer adding new modules instead of growing existing ones.
--- a/MODULE.bazel
+++ b/MODULE.bazel
@@ -1,7 +1,14 @@
 module(name = "codex")

 bazel_dep(name = "platforms", version = "1.0.0")
-bazel_dep(name = "llvm", version = "0.6.7")
+bazel_dep(name = "llvm", version = "0.6.1")
+single_version_override(
+    module_name = "llvm",
+    patch_strip = 1,
+    patches = [
+        "//patches:toolchains_llvm_bootstrapped_resource_dir.patch",
+    ],
+)

 register_toolchains("@llvm//toolchain:all")

@@ -32,7 +39,7 @@ use_repo(osx, "macos_sdk")
 bazel_dep(name = "apple_support", version = "2.1.0")
 bazel_dep(name = "rules_cc", version = "0.2.16")
 bazel_dep(name = "rules_platform", version = "0.1.0")
-bazel_dep(name = "rules_rs", version = "0.0.43")
+bazel_dep(name = "rules_rs", version = "0.0.40")

 rules_rust = use_extension("@rules_rs//rs/experimental:rules_rust.bzl", "rules_rust")
 use_repo(rules_rust, "rules_rust")
@@ -84,6 +91,7 @@ crate.annotation(
 inject_repo(crate, "zstd")

 bazel_dep(name = "bzip2", version = "1.0.8.bcr.3")
+bazel_dep(name = "libcap", version = "2.27.bcr.1")

 crate.annotation(
    crate = "bzip2-sys",
@@ -141,13 +149,13 @@ crate.annotation(
        "@macos_sdk//sysroot",
    ],
    build_script_env = {
-        "BINDGEN_EXTRA_CLANG_ARGS": "-Xclang -internal-isystem -Xclang $(location @llvm//:builtin_resource_dir)/include",
+        "BINDGEN_EXTRA_CLANG_ARGS": "-isystem $(location @llvm//:builtin_headers)",
        "COREAUDIO_SDK_PATH": "$(location @macos_sdk//sysroot)",
        "LIBCLANG_PATH": "$(location @llvm-project//clang:libclang_interface_output)",
    },
    build_script_tools = [
        "@llvm-project//clang:libclang_interface_output",
-        "@llvm//:builtin_resource_dir",
+        "@llvm//:builtin_headers",
    ],
    crate = "coreaudio-sys",
    gen_build_script = "on",
@@ -176,8 +184,6 @@ inject_repo(crate, "alsa_lib")

 use_repo(crate, "crates")

-bazel_dep(name = "libcap", version = "2.27.bcr.1")
-
 rbe_platform_repository = use_repo_rule("//:rbe.bzl", "rbe_platform_repository")

 rbe_platform_repository(
--- a/MODULE.bazel.lock
+++ b/MODULE.bazel.lock
@@ -24,6 +24,10 @@
    "https://bcr.bazel.build/modules/apple_support/1.24.2/MODULE.bazel": "0e62471818affb9f0b26f128831d5c40b074d32e6dda5a0d3852847215a41ca4",
    "https://bcr.bazel.build/modules/apple_support/2.1.0/MODULE.bazel": "b15c125dabed01b6803c129cd384de4997759f02f8ec90dc5136bcf6dfc5086a",
    "https://bcr.bazel.build/modules/apple_support/2.1.0/source.json": "78064cfefe18dee4faaf51893661e0d403784f3efe88671d727cdcdc67ed8fb3",
+    "https://bcr.bazel.build/modules/aspect_bazel_lib/2.14.0/MODULE.bazel": "2b31ffcc9bdc8295b2167e07a757dbbc9ac8906e7028e5170a3708cecaac119f",
+    "https://bcr.bazel.build/modules/aspect_bazel_lib/2.19.3/MODULE.bazel": "253d739ba126f62a5767d832765b12b59e9f8d2bc88cc1572f4a73e46eb298ca",
+    "https://bcr.bazel.build/modules/aspect_bazel_lib/2.19.3/source.json": "ffab9254c65ba945f8369297ad97ca0dec213d3adc6e07877e23a48624a8b456",
+    "https://bcr.bazel.build/modules/aspect_bazel_lib/2.8.1/MODULE.bazel": "812d2dd42f65dca362152101fbec418029cc8fd34cbad1a2fde905383d705838",
    "https://bcr.bazel.build/modules/aspect_tools_telemetry/0.3.2/MODULE.bazel": "598e7fe3b54f5fa64fdbeead1027653963a359cc23561d43680006f3b463d5a4",
    "https://bcr.bazel.build/modules/aspect_tools_telemetry/0.3.2/source.json": "c6f5c39e6f32eb395f8fdaea63031a233bbe96d49a3bfb9f75f6fce9b74bec6c",
    "https://bcr.bazel.build/modules/bazel_features/1.1.1/MODULE.bazel": "27b8c79ef57efe08efccbd9dd6ef70d61b4798320b8d3c134fd571f78963dbcd",
@@ -49,8 +53,8 @@
    "https://bcr.bazel.build/modules/bazel_features/1.9.0/MODULE.bazel": "885151d58d90d8d9c811eb75e3288c11f850e1d6b481a8c9f766adee4712358b",
    "https://bcr.bazel.build/modules/bazel_features/1.9.1/MODULE.bazel": "8f679097876a9b609ad1f60249c49d68bfab783dd9be012faf9d82547b14815a",
    "https://bcr.bazel.build/modules/bazel_lib/3.0.0/MODULE.bazel": "22b70b80ac89ad3f3772526cd9feee2fa412c2b01933fea7ed13238a448d370d",
-    "https://bcr.bazel.build/modules/bazel_lib/3.2.2/MODULE.bazel": "e2c890c8a515d6bca9c66d47718aa9e44b458fde64ec7204b8030bf2d349058c",
-    "https://bcr.bazel.build/modules/bazel_lib/3.2.2/source.json": "9e84e115c20e14652c5c21401ae85ff4daa8702e265b5c0b3bf89353f17aa212",
+    "https://bcr.bazel.build/modules/bazel_lib/3.2.0/MODULE.bazel": "39b50d94b9be6bda507862254e20c263f9b950e3160112348d10a938be9ce2c2",
+    "https://bcr.bazel.build/modules/bazel_lib/3.2.0/source.json": "a6f45a903134bebbf33a6166dd42b4c7ab45169de094b37a85f348ca41170a84",
    "https://bcr.bazel.build/modules/bazel_skylib/1.0.3/MODULE.bazel": "bcb0fd896384802d1ad283b4e4eb4d718eebd8cb820b0a2c3a347fb971afd9d8",
    "https://bcr.bazel.build/modules/bazel_skylib/1.1.1/MODULE.bazel": "1add3e7d93ff2e6998f9e118022c84d163917d912f5afafb3058e3d2f1545b5e",
    "https://bcr.bazel.build/modules/bazel_skylib/1.2.0/MODULE.bazel": "44fe84260e454ed94ad326352a698422dbe372b21a1ac9f3eab76eb531223686",
@@ -69,8 +73,8 @@
    "https://bcr.bazel.build/modules/buildozer/8.2.1/source.json": "7c33f6a26ee0216f85544b4bca5e9044579e0219b6898dd653f5fb449cf2e484",
    "https://bcr.bazel.build/modules/bzip2/1.0.8.bcr.3/MODULE.bazel": "29ecf4babfd3c762be00d7573c288c083672ab60e79c833ff7f49ee662e54471",
    "https://bcr.bazel.build/modules/bzip2/1.0.8.bcr.3/source.json": "8be4a3ef2599693f759e5c0990a4cc5a246ac08db4c900a38f852ba25b5c39be",
-    "https://bcr.bazel.build/modules/gawk/5.3.2.bcr.3/MODULE.bazel": "f1b7bb2dd53e8f2ef984b39485ec8a44e9076dda5c4b8efd2fb4c6a6e856a31d",
-    "https://bcr.bazel.build/modules/gawk/5.3.2.bcr.3/source.json": "ebe931bfe362e4b41e59ee00a528db6074157ff2ced92eb9e970acab2e1089c9",
+    "https://bcr.bazel.build/modules/gawk/5.3.2.bcr.1/MODULE.bazel": "cdf8cbe5ee750db04b78878c9633cc76e80dcf4416cbe982ac3a9222f80713c8",
+    "https://bcr.bazel.build/modules/gawk/5.3.2.bcr.1/source.json": "fa7b512dfcb5eafd90ce3959cf42a2a6fe96144ebbb4b3b3928054895f2afac2",
    "https://bcr.bazel.build/modules/google_benchmark/1.8.2/MODULE.bazel": "a70cf1bba851000ba93b58ae2f6d76490a9feb74192e57ab8e8ff13c34ec50cb",
    "https://bcr.bazel.build/modules/googletest/1.11.0/MODULE.bazel": "3a83f095183f66345ca86aa13c58b59f9f94a2f81999c093d4eeaa2d262d12f4",
    "https://bcr.bazel.build/modules/googletest/1.14.0.bcr.1/MODULE.bazel": "22c31a561553727960057361aa33bf20fb2e98584bc4fec007906e27053f80c6",
@@ -78,18 +82,22 @@
    "https://bcr.bazel.build/modules/googletest/1.15.2/MODULE.bazel": "6de1edc1d26cafb0ea1a6ab3f4d4192d91a312fd2d360b63adaa213cd00b2108",
    "https://bcr.bazel.build/modules/googletest/1.17.0/MODULE.bazel": "dbec758171594a705933a29fcf69293d2468c49ec1f2ebca65c36f504d72df46",
    "https://bcr.bazel.build/modules/googletest/1.17.0/source.json": "38e4454b25fc30f15439c0378e57909ab1fd0a443158aa35aec685da727cd713",
+    "https://bcr.bazel.build/modules/jq.bzl/0.1.0/MODULE.bazel": "2ce69b1af49952cd4121a9c3055faa679e748ce774c7f1fda9657f936cae902f",
+    "https://bcr.bazel.build/modules/jq.bzl/0.1.0/source.json": "746bf13cac0860f091df5e4911d0c593971cd8796b5ad4e809b2f8e133eee3d5",
    "https://bcr.bazel.build/modules/jsoncpp/1.9.5/MODULE.bazel": "31271aedc59e815656f5736f282bb7509a97c7ecb43e927ac1a37966e0578075",
    "https://bcr.bazel.build/modules/jsoncpp/1.9.6/MODULE.bazel": "2f8d20d3b7d54143213c4dfc3d98225c42de7d666011528dc8fe91591e2e17b0",
    "https://bcr.bazel.build/modules/jsoncpp/1.9.6/source.json": "a04756d367a2126c3541682864ecec52f92cdee80a35735a3cb249ce015ca000",
    "https://bcr.bazel.build/modules/libcap/2.27.bcr.1/MODULE.bazel": "7c034d7a4d92b2293294934377f5d1cbc88119710a11079fa8142120f6f08768",
    "https://bcr.bazel.build/modules/libcap/2.27.bcr.1/source.json": "3b116cbdbd25a68ffb587b672205f6d353a4c19a35452e480d58fc89531e0a10",
    "https://bcr.bazel.build/modules/libpfm/4.11.0/MODULE.bazel": "45061ff025b301940f1e30d2c16bea596c25b176c8b6b3087e92615adbd52902",
-    "https://bcr.bazel.build/modules/llvm/0.6.7/MODULE.bazel": "d37a2e10571864dc6a5bb53c29216d90b9400bbcadb422337f49107fd2eaf0d2",
-    "https://bcr.bazel.build/modules/llvm/0.6.7/source.json": "c40bcce08d2adbd658aae609976ce4ae4fdc44f3299fffa29c7fa9bf7e7d6d2b",
+    "https://bcr.bazel.build/modules/llvm/0.6.0/MODULE.bazel": "42c2182c49f13d2df83a4a4a95ab55d31efda47b2d67acf419bf6b31522b2a30",
+    "https://bcr.bazel.build/modules/llvm/0.6.1/MODULE.bazel": "29170ab19f4e2dc9b6bbf9b3d101738e84142f63ba29a13cc33e0d40f74c79b0",
+    "https://bcr.bazel.build/modules/llvm/0.6.1/source.json": "2d8cdd3a5f8e1d16132dbbe97250133101e4863c0376d23273d9afd7363cc331",
    "https://bcr.bazel.build/modules/nlohmann_json/3.6.1/MODULE.bazel": "6f7b417dcc794d9add9e556673ad25cb3ba835224290f4f848f8e2db1e1fca74",
    "https://bcr.bazel.build/modules/nlohmann_json/3.6.1/source.json": "f448c6e8963fdfa7eb831457df83ad63d3d6355018f6574fb017e8169deb43a9",
    "https://bcr.bazel.build/modules/openssl/3.5.4.bcr.0/MODULE.bazel": "0f6b8f20b192b9ff0781406256150bcd46f19e66d807dcb0c540548439d6fc35",
    "https://bcr.bazel.build/modules/openssl/3.5.4.bcr.0/source.json": "543ed7627cc18e6460b9c1ae4a1b6b1debc5a5e0aca878b00f7531c7186b73da",
+    "https://bcr.bazel.build/modules/package_metadata/0.0.2/MODULE.bazel": "fb8d25550742674d63d7b250063d4580ca530499f045d70748b1b142081ebb92",
    "https://bcr.bazel.build/modules/package_metadata/0.0.5/MODULE.bazel": "ef4f9439e3270fdd6b9fd4dbc3d2f29d13888e44c529a1b243f7a31dfbc2e8e4",
    "https://bcr.bazel.build/modules/package_metadata/0.0.5/source.json": "2326db2f6592578177751c3e1f74786b79382cd6008834c9d01ec865b9126a85",
    "https://bcr.bazel.build/modules/platforms/0.0.10/MODULE.bazel": "8cb8efaf200bdeb2150d93e162c40f388529a25852b332cec879373771e48ed5",
@@ -147,6 +155,7 @@
    "https://bcr.bazel.build/modules/rules_fuzzing/0.5.2/MODULE.bazel": "40c97d1144356f52905566c55811f13b299453a14ac7769dfba2ac38192337a8",
    "https://bcr.bazel.build/modules/rules_java/4.0.0/MODULE.bazel": "5a78a7ae82cd1a33cef56dc578c7d2a46ed0dca12643ee45edbb8417899e6f74",
    "https://bcr.bazel.build/modules/rules_java/5.3.5/MODULE.bazel": "a4ec4f2db570171e3e5eb753276ee4b389bae16b96207e9d3230895c99644b86",
+    "https://bcr.bazel.build/modules/rules_java/6.3.0/MODULE.bazel": "a97c7678c19f236a956ad260d59c86e10a463badb7eb2eda787490f4c969b963",
    "https://bcr.bazel.build/modules/rules_java/6.5.2/MODULE.bazel": "1d440d262d0e08453fa0c4d8f699ba81609ed0e9a9a0f02cd10b3e7942e61e31",
    "https://bcr.bazel.build/modules/rules_java/7.10.0/MODULE.bazel": "530c3beb3067e870561739f1144329a21c851ff771cd752a49e06e3dc9c2e71a",
    "https://bcr.bazel.build/modules/rules_java/7.12.2/MODULE.bazel": "579c505165ee757a4280ef83cda0150eea193eed3bef50b1004ba88b99da6de6",
@@ -195,8 +204,8 @@
    "https://bcr.bazel.build/modules/rules_python/1.6.0/MODULE.bazel": "7e04ad8f8d5bea40451cf80b1bd8262552aa73f841415d20db96b7241bd027d8",
    "https://bcr.bazel.build/modules/rules_python/1.7.0/MODULE.bazel": "d01f995ecd137abf30238ad9ce97f8fc3ac57289c8b24bd0bf53324d937a14f8",
    "https://bcr.bazel.build/modules/rules_python/1.7.0/source.json": "028a084b65dcf8f4dc4f82f8778dbe65df133f234b316828a82e060d81bdce32",
-    "https://bcr.bazel.build/modules/rules_rs/0.0.43/MODULE.bazel": "7adfc2a97d90218ebeb9882de9eb18d9c6b0b41d2884be6ab92c9daadb17c78d",
-    "https://bcr.bazel.build/modules/rules_rs/0.0.43/source.json": "c315361abf625411f506ab935e660f49f14dc64fa30c125ca0a177c34cd63a2a",
+    "https://bcr.bazel.build/modules/rules_rs/0.0.40/MODULE.bazel": "63238bcb69010753dbd37b5ed08cb79d3af2d88a40b0fda0b110f60f307e86d4",
+    "https://bcr.bazel.build/modules/rules_rs/0.0.40/source.json": "ae3b17d2f9e4fbcd3de543318e71f83d8522c8527f385bf2b2a7665ec504827e",
    "https://bcr.bazel.build/modules/rules_shell/0.2.0/MODULE.bazel": "fda8a652ab3c7d8fee214de05e7a9916d8b28082234e8d2c0094505c5268ed3c",
    "https://bcr.bazel.build/modules/rules_shell/0.3.0/MODULE.bazel": "de4402cd12f4cc8fda2354fce179fdb068c0b9ca1ec2d2b17b3e21b24c1a937b",
    "https://bcr.bazel.build/modules/rules_shell/0.4.1/MODULE.bazel": "00e501db01bbf4e3e1dd1595959092c2fadf2087b2852d3f553b5370f5633592",
@@ -211,17 +220,21 @@
    "https://bcr.bazel.build/modules/sed/4.9.bcr.3/source.json": "31c0cf4c135ed3fa58298cd7bcfd4301c54ea4cf59d7c4e2ea0a180ce68eb34f",
    "https://bcr.bazel.build/modules/stardoc/0.5.1/MODULE.bazel": "1a05d92974d0c122f5ccf09291442580317cdd859f07a8655f1db9a60374f9f8",
    "https://bcr.bazel.build/modules/stardoc/0.5.3/MODULE.bazel": "c7f6948dae6999bf0db32c1858ae345f112cacf98f174c7a8bb707e41b974f1c",
+    "https://bcr.bazel.build/modules/stardoc/0.6.2/MODULE.bazel": "7060193196395f5dd668eda046ccbeacebfd98efc77fed418dbe2b82ffaa39fd",
    "https://bcr.bazel.build/modules/stardoc/0.7.0/MODULE.bazel": "05e3d6d30c099b6770e97da986c53bd31844d7f13d41412480ea265ac9e8079c",
    "https://bcr.bazel.build/modules/stardoc/0.7.2/MODULE.bazel": "fc152419aa2ea0f51c29583fab1e8c99ddefd5b3778421845606ee628629e0e5",
    "https://bcr.bazel.build/modules/stardoc/0.7.2/source.json": "58b029e5e901d6802967754adf0a9056747e8176f017cfe3607c0851f4d42216",
    "https://bcr.bazel.build/modules/swift_argument_parser/1.3.1.1/MODULE.bazel": "5e463fbfba7b1701d957555ed45097d7f984211330106ccd1352c6e0af0dcf91",
    "https://bcr.bazel.build/modules/swift_argument_parser/1.3.1.2/MODULE.bazel": "75aab2373a4bbe2a1260b9bf2a1ebbdbf872d3bd36f80bff058dccd82e89422f",
    "https://bcr.bazel.build/modules/swift_argument_parser/1.3.1.2/source.json": "5fba48bbe0ba48761f9e9f75f92876cafb5d07c0ce059cc7a8027416de94a05b",
-    "https://bcr.bazel.build/modules/tar.bzl/0.9.0/MODULE.bazel": "452a22d7f02b1c9d7a22ab25edf20f46f3e1101f0f67dc4bfbf9a474ddf02445",
-    "https://bcr.bazel.build/modules/tar.bzl/0.9.0/source.json": "c732760a374831a2cf5b08839e4be75017196b4d796a5aa55235272ee17cd839",
+    "https://bcr.bazel.build/modules/tar.bzl/0.2.1/MODULE.bazel": "52d1c00a80a8cc67acbd01649e83d8dd6a9dc426a6c0b754a04fe8c219c76468",
+    "https://bcr.bazel.build/modules/tar.bzl/0.6.0/MODULE.bazel": "a3584b4edcfafcabd9b0ef9819808f05b372957bbdff41601429d5fd0aac2e7c",
+    "https://bcr.bazel.build/modules/tar.bzl/0.6.0/source.json": "4a620381df075a16cb3a7ed57bd1d05f7480222394c64a20fa51bdb636fda658",
    "https://bcr.bazel.build/modules/upb/0.0.0-20220923-a547704/MODULE.bazel": "7298990c00040a0e2f121f6c32544bab27d4452f80d9ce51349b1a28f3005c43",
    "https://bcr.bazel.build/modules/with_cfg.bzl/0.12.0/MODULE.bazel": "b573395fe63aef4299ba095173e2f62ccfee5ad9bbf7acaa95dba73af9fc2b38",
    "https://bcr.bazel.build/modules/with_cfg.bzl/0.12.0/source.json": "3f3fbaeafecaf629877ad152a2c9def21f8d330d91aa94c5dc75bbb98c10b8b8",
+    "https://bcr.bazel.build/modules/yq.bzl/0.1.1/MODULE.bazel": "9039681f9bcb8958ee2c87ffc74bdafba9f4369096a2b5634b88abc0eaefa072",
+    "https://bcr.bazel.build/modules/yq.bzl/0.1.1/source.json": "2d2bad780a9f2b9195a4a370314d2c17ae95eaa745cefc2e12fbc49759b15aa3",
    "https://bcr.bazel.build/modules/zlib/1.2.11/MODULE.bazel": "07b389abc85fdbca459b69e2ec656ae5622873af3f845e1c9d80fe179f3effa0",
    "https://bcr.bazel.build/modules/zlib/1.3.1.bcr.5/MODULE.bazel": "eec517b5bbe5492629466e11dae908d043364302283de25581e3eb944326c4ca",
    "https://bcr.bazel.build/modules/zlib/1.3.1.bcr.8/MODULE.bazel": "772c674bb78a0342b8caf32ab5c25085c493ca4ff08398208dcbe4375fe9f776",
@@ -235,7 +248,7 @@
    "@@aspect_tools_telemetry+//:extension.bzl%telemetry": {
      "general": {
        "bzlTransitiveDigest": "dnnhvKMf9MIXMulhbhHBblZdDAfAkiSVjApIXpUz9Y8=",
-        "usagesDigest": "aAcu2vTLy2HUXbcYIow0P6OHLLog/f5FFk8maEC/fpQ=",
+        "usagesDigest": "2ScE07TNSr/xo2GnYHCRI4JX4hiql6iZaNKUIUshUv4=",
        "recordedInputs": [
          "REPO_MAPPING:aspect_tools_telemetry+,bazel_lib bazel_lib+",
          "REPO_MAPPING:aspect_tools_telemetry+,bazel_skylib bazel_skylib+"
@@ -248,17 +261,18 @@
                "abseil-cpp": "20250814.1",
                "alsa_lib": "1.2.9.bcr.4",
                "apple_support": "2.1.0",
+                "aspect_bazel_lib": "2.19.3",
                "aspect_tools_telemetry": "0.3.2",
-                "bazel_features": "1.42.0",
-                "bazel_lib": "3.2.2",
+                "bazel_features": "1.34.0",
+                "bazel_lib": "3.2.0",
                "bazel_skylib": "1.8.2",
                "buildozer": "8.2.1",
                "bzip2": "1.0.8.bcr.3",
-                "gawk": "5.3.2.bcr.3",
+                "gawk": "5.3.2.bcr.1",
                "googletest": "1.17.0",
+                "jq.bzl": "0.1.0",
                "jsoncpp": "1.9.6",
                "libcap": "2.27.bcr.1",
-                "llvm": "0.6.7",
                "nlohmann_json": "3.6.1",
                "openssl": "3.5.4.bcr.0",
                "package_metadata": "0.0.5",
@@ -278,15 +292,15 @@
                "rules_platform": "0.1.0",
                "rules_proto": "7.1.0",
                "rules_python": "1.7.0",
-                "rules_rs": "0.0.40",
                "rules_shell": "0.6.1",
                "rules_swift": "3.1.2",
                "sed": "4.9.bcr.3",
                "stardoc": "0.7.2",
                "swift_argument_parser": "1.3.1.2",
-                "tar.bzl": "0.9.0",
-                "toolchains_llvm_bootstrapped": "0.5.2",
+                "tar.bzl": "0.6.0",
+                "toolchains_llvm_bootstrapped": "0.5.6",
                "with_cfg.bzl": "0.12.0",
+                "yq.bzl": "0.1.1",
                "zlib": "1.3.1.bcr.8",
                "zstd": "1.5.7"
              }
--- a/codex-rs/Cargo.lock
+++ b/codex-rs/Cargo.lock
@@ -1462,7 +1462,6 @@ dependencies = [
 "tracing-opentelemetry",
 "tracing-subscriber",
 "uuid",
- "walkdir",
 "wiremock",
 ]

@@ -1597,7 +1596,6 @@ version = "0.0.0"
 dependencies = [
 "anyhow",
 "codex-backend-openapi-models",
- "codex-client",
 "codex-core",
 "codex-protocol",
 "pretty_assertions",
@@ -1685,22 +1683,15 @@ version = "0.0.0"
 dependencies = [
 "async-trait",
 "bytes",
- "codex-utils-cargo-bin",
- "codex-utils-rustls-provider",
 "eventsource-stream",
 "futures",
 "http 1.4.0",
 "opentelemetry",
 "opentelemetry_sdk",
- "pretty_assertions",
 "rand 0.9.2",
 "reqwest",
- "rustls",
- "rustls-native-certs",
- "rustls-pki-types",
 "serde",
 "serde_json",
- "tempfile",
 "thiserror 2.0.18",
 "tokio",
 "tracing",
@@ -1741,7 +1732,6 @@ dependencies = [
 "base64 0.22.1",
 "chrono",
 "clap",
- "codex-client",
 "codex-cloud-tasks-client",
 "codex-core",
 "codex-login",
@@ -2143,16 +2133,18 @@ dependencies = [
 "base64 0.22.1",
 "chrono",
 "codex-app-server-protocol",
- "codex-client",
 "codex-core",
+ "codex-utils-cargo-bin",
 "core_test_support",
 "pretty_assertions",
 "rand 0.9.2",
 "reqwest",
+ "rustls-pki-types",
 "serde",
 "serde_json",
 "sha2",
 "tempfile",
+ "thiserror 2.0.18",
 "tiny_http",
 "tokio",
 "tracing",
@@ -2346,7 +2338,6 @@ version = "0.0.0"
 dependencies = [
 "anyhow",
 "axum",
- "codex-client",
 "codex-keyring-store",
 "codex-protocol",
 "codex-utils-cargo-bin",
@@ -2496,13 +2487,11 @@ dependencies = [
 "chrono",
 "clap",
 "codex-ansi-escape",
- "codex-app-server-client",
 "codex-app-server-protocol",
 "codex-arg0",
 "codex-backend-client",
 "codex-chatgpt",
 "codex-cli",
- "codex-client",
 "codex-cloud-requirements",
 "codex-core",
 "codex-feedback",
--- a/codex-rs/Cargo.toml
+++ b/codex-rs/Cargo.toml
@@ -240,7 +240,6 @@ rustls = { version = "0.23", default-features = false, features = [
    "ring",
    "std",
 ] }
-rustls-native-certs = "0.8.3"
 rustls-pki-types = "1.14.0"
 schemars = "0.8.22"
 seccompiler = "0.5.0"
--- a/codex-rs/app-server-client/src/lib.rs
+++ b/codex-rs/app-server-client/src/lib.rs
@@ -36,12 +36,9 @@ use codex_app_server_protocol::JSONRPCErrorError;
 use codex_app_server_protocol::RequestId;
 use codex_app_server_protocol::Result as JsonRpcResult;
 use codex_arg0::Arg0DispatchPaths;
-use codex_core::AuthManager;
-use codex_core::ThreadManager;
 use codex_core::config::Config;
 use codex_core::config_loader::CloudRequirementsLoader;
 use codex_core::config_loader::LoaderOverrides;
-use codex_core::models_manager::collaboration_mode_presets::CollaborationModesConfig;
 use codex_feedback::CodexFeedback;
 use codex_protocol::protocol::SessionSource;
 use serde::de::DeserializeOwned;
@@ -126,16 +123,6 @@ impl Error for TypedRequestError {
    }
 }

-#[derive(Clone)]
-struct SharedCoreManagers {
-    // Temporary bootstrap escape hatch for embedders that still need direct
-    // core handles during the in-process app-server migration. Once TUI/exec
-    // stop depending on direct manager access, remove this wrapper and keep
-    // manager ownership entirely inside the app-server runtime.
-    auth_manager: Arc<AuthManager>,
-    thread_manager: Arc<ThreadManager>,
-}
-
 #[derive(Clone)]
 pub struct InProcessClientStartArgs {
    /// Resolved argv0 dispatch paths used by command execution internals.
@@ -169,30 +156,6 @@ pub struct InProcessClientStartArgs {
 }

 impl InProcessClientStartArgs {
-    fn shared_core_managers(&self) -> SharedCoreManagers {
-        let auth_manager = AuthManager::shared(
-            self.config.codex_home.clone(),
-            self.enable_codex_api_key_env,
-            self.config.cli_auth_credentials_store_mode,
-        );
-        let thread_manager = Arc::new(ThreadManager::new(
-            self.config.as_ref(),
-            auth_manager.clone(),
-            self.session_source.clone(),
-            CollaborationModesConfig {
-                default_mode_request_user_input: self
-                    .config
-                    .features
-                    .enabled(codex_core::features::Feature::DefaultModeRequestUserInput),
-            },
-        ));
-
-        SharedCoreManagers {
-            auth_manager,
-            thread_manager,
-        }
-    }
-
    /// Builds initialize params from caller-provided metadata.
    pub fn initialize_params(&self) -> InitializeParams {
        let capabilities = InitializeCapabilities {
@@ -214,7 +177,7 @@ impl InProcessClientStartArgs {
        }
    }

-    fn into_runtime_start_args(self, shared_core: &SharedCoreManagers) -> InProcessStartArgs {
+    fn into_runtime_start_args(self) -> InProcessStartArgs {
        let initialize = self.initialize_params();
        InProcessStartArgs {
            arg0_paths: self.arg0_paths,
@@ -222,8 +185,6 @@ impl InProcessClientStartArgs {
            cli_overrides: self.cli_overrides,
            loader_overrides: self.loader_overrides,
            cloud_requirements: self.cloud_requirements,
-            auth_manager: Some(shared_core.auth_manager.clone()),
-            thread_manager: Some(shared_core.thread_manager.clone()),
            feedback: self.feedback,
            config_warnings: self.config_warnings,
            session_source: self.session_source,
@@ -277,8 +238,6 @@ pub struct InProcessAppServerClient {
    command_tx: mpsc::Sender<ClientCommand>,
    event_rx: mpsc::Receiver<InProcessServerEvent>,
    worker_handle: tokio::task::JoinHandle<()>,
-    auth_manager: Arc<AuthManager>,
-    thread_manager: Arc<ThreadManager>,
 }

 impl InProcessAppServerClient {
@@ -289,9 +248,8 @@ impl InProcessAppServerClient {
    /// with overload error instead of being silently dropped.
    pub async fn start(args: InProcessClientStartArgs) -> IoResult<Self> {
        let channel_capacity = args.channel_capacity.max(1);
-        let shared_core = args.shared_core_managers();
        let mut handle =
-            codex_app_server::in_process::start(args.into_runtime_start_args(&shared_core)).await?;
+            codex_app_server::in_process::start(args.into_runtime_start_args()).await?;
        let request_sender = handle.sender();
        let (command_tx, mut command_rx) = mpsc::channel::<ClientCommand>(channel_capacity);
        let (event_tx, event_rx) = mpsc::channel::<InProcessServerEvent>(channel_capacity);
@@ -442,21 +400,9 @@ impl InProcessAppServerClient {
            command_tx,
            event_rx,
            worker_handle,
-            auth_manager: shared_core.auth_manager,
-            thread_manager: shared_core.thread_manager,
        })
    }

-    /// Temporary bootstrap escape hatch for embedders migrating toward RPC-only usage.
-    pub fn auth_manager(&self) -> Arc<AuthManager> {
-        self.auth_manager.clone()
-    }
-
-    /// Temporary bootstrap escape hatch for embedders migrating toward RPC-only usage.
-    pub fn thread_manager(&self) -> Arc<ThreadManager> {
-        self.thread_manager.clone()
-    }
-
    /// Sends a typed client request and returns raw JSON-RPC result.
    ///
    /// Callers that expect a concrete response type should usually prefer
@@ -609,8 +555,6 @@ impl InProcessAppServerClient {
            command_tx,
            event_rx,
            worker_handle,
-            auth_manager: _,
-            thread_manager: _,
        } = self;
        let mut worker_handle = worker_handle;
        // Drop the caller-facing receiver before asking the worker to shut
@@ -662,8 +606,6 @@ mod tests {
    use codex_app_server_protocol::SessionSource as ApiSessionSource;
    use codex_app_server_protocol::ThreadStartParams;
    use codex_app_server_protocol::ThreadStartResponse;
-    use codex_core::AuthManager;
-    use codex_core::ThreadManager;
    use codex_core::config::ConfigBuilder;
    use pretty_assertions::assert_eq;
    use tokio::time::Duration;
@@ -760,35 +702,6 @@ mod tests {
        }
    }

-    #[tokio::test]
-    async fn shared_thread_manager_tracks_threads_started_via_app_server() {
-        let client = start_test_client(SessionSource::Cli).await;
-
-        let response: ThreadStartResponse = client
-            .request_typed(ClientRequest::ThreadStart {
-                request_id: RequestId::Integer(3),
-                params: ThreadStartParams {
-                    ephemeral: Some(true),
-                    ..ThreadStartParams::default()
-                },
-            })
-            .await
-            .expect("thread/start should succeed");
-        let created_thread_id = codex_protocol::ThreadId::from_string(&response.thread.id)
-            .expect("thread id should parse");
-        timeout(
-            Duration::from_secs(2),
-            client.thread_manager().get_thread(created_thread_id),
-        )
-        .await
-        .expect("timed out waiting for retained thread manager to observe started thread")
-        .expect("started thread should be visible through the shared thread manager");
-        let thread_ids = client.thread_manager().list_thread_ids().await;
-        assert!(thread_ids.contains(&created_thread_id));
-
-        client.shutdown().await.expect("shutdown should complete");
-    }
-
    #[tokio::test]
    async fn tiny_channel_capacity_still_supports_request_roundtrip() {
        let client = start_test_client_with_capacity(SessionSource::Exec, 1).await;
@@ -833,22 +746,6 @@ mod tests {
        let (command_tx, _command_rx) = mpsc::channel(1);
        let (event_tx, event_rx) = mpsc::channel(1);
        let worker_handle = tokio::spawn(async {});
-        let config = build_test_config().await;
-        let auth_manager = AuthManager::shared(
-            config.codex_home.clone(),
-            false,
-            config.cli_auth_credentials_store_mode,
-        );
-        let thread_manager = Arc::new(ThreadManager::new(
-            &config,
-            auth_manager.clone(),
-            SessionSource::Exec,
-            CollaborationModesConfig {
-                default_mode_request_user_input: config
-                    .features
-                    .enabled(codex_core::features::Feature::DefaultModeRequestUserInput),
-            },
-        ));
        event_tx
            .send(InProcessServerEvent::Lagged { skipped: 3 })
            .await
@@ -859,8 +756,6 @@ mod tests {
            command_tx,
            event_rx,
            worker_handle,
-            auth_manager,
-            thread_manager,
        };

        let event = timeout(Duration::from_secs(2), client.next_event())
@@ -903,30 +798,4 @@ mod tests {
            skipped: 1
        }));
    }
-
-    #[tokio::test]
-    async fn accessors_expose_retained_shared_managers() {
-        let client = start_test_client(SessionSource::Cli).await;
-
-        assert!(
-            Arc::ptr_eq(&client.auth_manager(), &client.auth_manager()),
-            "auth_manager accessor should clone the retained shared manager"
-        );
-        assert!(
-            Arc::ptr_eq(&client.thread_manager(), &client.thread_manager()),
-            "thread_manager accessor should clone the retained shared manager"
-        );
-
-        client.shutdown().await.expect("shutdown should complete");
-    }
-
-    #[tokio::test]
-    async fn shutdown_completes_promptly_with_retained_shared_managers() {
-        let client = start_test_client(SessionSource::Cli).await;
-
-        timeout(Duration::from_secs(1), client.shutdown())
-            .await
-            .expect("shutdown should not wait for the 5s fallback timeout")
-            .expect("shutdown should complete");
-    }
 }
--- a/codex-rs/app-server-protocol/schema/json/ClientRequest.json
+++ b/codex-rs/app-server-protocol/schema/json/ClientRequest.json
@@ -5,14 +5,6 @@
      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
      "type": "string"
    },
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AppsListParams": {
      "description": "EXPERIMENTAL - list available apps/connectors.",
      "properties": {
@@ -642,164 +634,6 @@
      ],
      "type": "object"
    },
-    "FsCopyParams": {
-      "description": "Copy a file or directory tree on the host filesystem.",
-      "properties": {
-        "destinationPath": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute destination path."
-        },
-        "recursive": {
-          "description": "Required for directory copies; ignored for file copies.",
-          "type": "boolean"
-        },
-        "sourcePath": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute source path."
-        }
-      },
-      "required": [
-        "destinationPath",
-        "sourcePath"
-      ],
-      "type": "object"
-    },
-    "FsCreateDirectoryParams": {
-      "description": "Create a directory on the host filesystem.",
-      "properties": {
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute directory path to create."
-        },
-        "recursive": {
-          "description": "Whether parent directories should also be created. Defaults to `true`.",
-          "type": [
-            "boolean",
-            "null"
-          ]
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "type": "object"
-    },
-    "FsGetMetadataParams": {
-      "description": "Request metadata for an absolute path.",
-      "properties": {
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute path to inspect."
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "type": "object"
-    },
-    "FsReadDirectoryParams": {
-      "description": "List direct child names for a directory.",
-      "properties": {
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute directory path to read."
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "type": "object"
-    },
-    "FsReadFileParams": {
-      "description": "Read a file from the host filesystem.",
-      "properties": {
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute path to read."
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "type": "object"
-    },
-    "FsRemoveParams": {
-      "description": "Remove a file or directory tree from the host filesystem.",
-      "properties": {
-        "force": {
-          "description": "Whether missing paths should be ignored. Defaults to `true`.",
-          "type": [
-            "boolean",
-            "null"
-          ]
-        },
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute path to remove."
-        },
-        "recursive": {
-          "description": "Whether directory removal should recurse. Defaults to `true`.",
-          "type": [
-            "boolean",
-            "null"
-          ]
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "type": "object"
-    },
-    "FsWriteFileParams": {
-      "description": "Write a file on the host filesystem.",
-      "properties": {
-        "dataBase64": {
-          "description": "File contents encoded as base64.",
-          "type": "string"
-        },
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute path to write."
-        }
-      },
-      "required": [
-        "dataBase64",
-        "path"
-      ],
-      "type": "object"
-    },
    "FunctionCallOutputBody": {
      "anyOf": [
        {
@@ -2516,17 +2350,6 @@
            }
          ]
        },
-        "approvalsReviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-        },
        "baseInstructions": {
          "type": [
            "string",
@@ -2807,17 +2630,6 @@
            }
          ]
        },
-        "approvalsReviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-        },
        "baseInstructions": {
          "type": [
            "string",
@@ -2969,17 +2781,6 @@
            }
          ]
        },
-        "approvalsReviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-        },
        "baseInstructions": {
          "type": [
            "string",
@@ -3119,17 +2920,6 @@
          ],
          "description": "Override the approval policy for this turn and subsequent turns."
        },
-        "approvalsReviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Override where approval requests are routed for review on this turn and subsequent turns."
-        },
        "cwd": {
          "description": "Override the working directory for this turn and subsequent turns.",
          "type": [
@@ -3880,174 +3670,6 @@
      "title": "App/listRequest",
      "type": "object"
    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "fs/readFile"
-          ],
-          "title": "Fs/readFileRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/FsReadFileParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Fs/readFileRequest",
-      "type": "object"
-    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "fs/writeFile"
-          ],
-          "title": "Fs/writeFileRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/FsWriteFileParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Fs/writeFileRequest",
-      "type": "object"
-    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "fs/createDirectory"
-          ],
-          "title": "Fs/createDirectoryRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/FsCreateDirectoryParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Fs/createDirectoryRequest",
-      "type": "object"
-    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "fs/getMetadata"
-          ],
-          "title": "Fs/getMetadataRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/FsGetMetadataParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Fs/getMetadataRequest",
-      "type": "object"
-    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "fs/readDirectory"
-          ],
-          "title": "Fs/readDirectoryRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/FsReadDirectoryParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Fs/readDirectoryRequest",
-      "type": "object"
-    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "fs/remove"
-          ],
-          "title": "Fs/removeRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/FsRemoveParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Fs/removeRequest",
-      "type": "object"
-    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "fs/copy"
-          ],
-          "title": "Fs/copyRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/FsCopyParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Fs/copyRequest",
-      "type": "object"
-    },
    {
      "properties": {
        "id": {
--- a/codex-rs/app-server-protocol/schema/json/ServerNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/ServerNotification.json
@@ -1056,61 +1056,6 @@
      },
      "type": "object"
    },
-    "GuardianApprovalReview": {
-      "description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
-      "properties": {
-        "rationale": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "riskLevel": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/GuardianRiskLevel"
-            },
-            {
-              "type": "null"
-            }
-          ]
-        },
-        "riskScore": {
-          "format": "uint8",
-          "minimum": 0.0,
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "status": {
-          "$ref": "#/definitions/GuardianApprovalReviewStatus"
-        }
-      },
-      "required": [
-        "status"
-      ],
-      "type": "object"
-    },
-    "GuardianApprovalReviewStatus": {
-      "description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
-      "enum": [
-        "inProgress",
-        "approved",
-        "denied",
-        "aborted"
-      ],
-      "type": "string"
-    },
-    "GuardianRiskLevel": {
-      "description": "[UNSTABLE] Risk level assigned by guardian approval review.",
-      "enum": [
-        "low",
-        "medium",
-        "high"
-      ],
-      "type": "string"
-    },
    "HookCompletedNotification": {
      "properties": {
        "run": {
@@ -1308,56 +1253,6 @@
      ],
      "type": "object"
    },
-    "ItemGuardianApprovalReviewCompletedNotification": {
-      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
-      "properties": {
-        "action": true,
-        "review": {
-          "$ref": "#/definitions/GuardianApprovalReview"
-        },
-        "targetItemId": {
-          "type": "string"
-        },
-        "threadId": {
-          "type": "string"
-        },
-        "turnId": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "review",
-        "targetItemId",
-        "threadId",
-        "turnId"
-      ],
-      "type": "object"
-    },
-    "ItemGuardianApprovalReviewStartedNotification": {
-      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
-      "properties": {
-        "action": true,
-        "review": {
-          "$ref": "#/definitions/GuardianApprovalReview"
-        },
-        "targetItemId": {
-          "type": "string"
-        },
-        "threadId": {
-          "type": "string"
-        },
-        "turnId": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "review",
-        "targetItemId",
-        "threadId",
-        "turnId"
-      ],
-      "type": "object"
-    },
    "ItemStartedNotification": {
      "properties": {
        "item": {
@@ -3811,46 +3706,6 @@
      "title": "Item/startedNotification",
      "type": "object"
    },
-    {
-      "properties": {
-        "method": {
-          "enum": [
-            "item/autoApprovalReview/started"
-          ],
-          "title": "Item/autoApprovalReview/startedNotificationMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/ItemGuardianApprovalReviewStartedNotification"
-        }
-      },
-      "required": [
-        "method",
-        "params"
-      ],
-      "title": "Item/autoApprovalReview/startedNotification",
-      "type": "object"
-    },
-    {
-      "properties": {
-        "method": {
-          "enum": [
-            "item/autoApprovalReview/completed"
-          ],
-          "title": "Item/autoApprovalReview/completedNotificationMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/ItemGuardianApprovalReviewCompletedNotification"
-        }
-      },
-      "required": [
-        "method",
-        "params"
-      ],
-      "title": "Item/autoApprovalReview/completedNotification",
-      "type": "object"
-    },
    {
      "properties": {
        "method": {
--- a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json
+++ b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json
@@ -739,174 +739,6 @@
          "title": "App/listRequest",
          "type": "object"
        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/readFile"
-              ],
-              "title": "Fs/readFileRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/FsReadFileParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/readFileRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/writeFile"
-              ],
-              "title": "Fs/writeFileRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/FsWriteFileParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/writeFileRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/createDirectory"
-              ],
-              "title": "Fs/createDirectoryRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/FsCreateDirectoryParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/createDirectoryRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/getMetadata"
-              ],
-              "title": "Fs/getMetadataRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/FsGetMetadataParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/getMetadataRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/readDirectory"
-              ],
-              "title": "Fs/readDirectoryRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/FsReadDirectoryParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/readDirectoryRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/remove"
-              ],
-              "title": "Fs/removeRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/FsRemoveParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/removeRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/copy"
-              ],
-              "title": "Fs/copyRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/FsCopyParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/copyRequest",
-          "type": "object"
-        },
        {
          "properties": {
            "id": {
@@ -2339,21 +2171,11 @@
    "InitializeResponse": {
      "$schema": "http://json-schema.org/draft-07/schema#",
      "properties": {
-        "platformFamily": {
-          "description": "Platform family for the running app-server target, for example `\"unix\"` or `\"windows\"`.",
-          "type": "string"
-        },
-        "platformOs": {
-          "description": "Operating system for the running app-server target, for example `\"macos\"`, `\"linux\"`, or `\"windows\"`.",
-          "type": "string"
-        },
        "userAgent": {
          "type": "string"
        }
      },
      "required": [
-        "platformFamily",
-        "platformOs",
        "userAgent"
      ],
      "title": "InitializeResponse",
@@ -3787,46 +3609,6 @@
          "title": "Item/startedNotification",
          "type": "object"
        },
-        {
-          "properties": {
-            "method": {
-              "enum": [
-                "item/autoApprovalReview/started"
-              ],
-              "title": "Item/autoApprovalReview/startedNotificationMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/ItemGuardianApprovalReviewStartedNotification"
-            }
-          },
-          "required": [
-            "method",
-            "params"
-          ],
-          "title": "Item/autoApprovalReview/startedNotification",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "method": {
-              "enum": [
-                "item/autoApprovalReview/completed"
-              ],
-              "title": "Item/autoApprovalReview/completedNotificationMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/ItemGuardianApprovalReviewCompletedNotification"
-            }
-          },
-          "required": [
-            "method",
-            "params"
-          ],
-          "title": "Item/autoApprovalReview/completedNotification",
-          "type": "object"
-        },
        {
          "properties": {
            "method": {
@@ -5328,14 +5110,6 @@
      "AppToolsConfig": {
        "type": "object"
      },
-      "ApprovalsReviewer": {
-        "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-        "enum": [
-          "user",
-          "guardian_subagent"
-        ],
-        "type": "string"
-      },
      "AppsConfig": {
        "properties": {
          "_default": {
@@ -6232,17 +6006,6 @@
              }
            ]
          },
-          "approvals_reviewer": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/ApprovalsReviewer"
-              },
-              {
-                "type": "null"
-              }
-            ],
-            "description": "[UNSTABLE] Optional default for where approval requests are routed for review."
-          },
          "compact_prompt": {
            "type": [
              "string",
@@ -7418,290 +7181,6 @@
        ],
        "type": "string"
      },
-      "FsCopyParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Copy a file or directory tree on the host filesystem.",
-        "properties": {
-          "destinationPath": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/AbsolutePathBuf"
-              }
-            ],
-            "description": "Absolute destination path."
-          },
-          "recursive": {
-            "description": "Required for directory copies; ignored for file copies.",
-            "type": "boolean"
-          },
-          "sourcePath": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/AbsolutePathBuf"
-              }
-            ],
-            "description": "Absolute source path."
-          }
-        },
-        "required": [
-          "destinationPath",
-          "sourcePath"
-        ],
-        "title": "FsCopyParams",
-        "type": "object"
-      },
-      "FsCopyResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Successful response for `fs/copy`.",
-        "title": "FsCopyResponse",
-        "type": "object"
-      },
-      "FsCreateDirectoryParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Create a directory on the host filesystem.",
-        "properties": {
-          "path": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/AbsolutePathBuf"
-              }
-            ],
-            "description": "Absolute directory path to create."
-          },
-          "recursive": {
-            "description": "Whether parent directories should also be created. Defaults to `true`.",
-            "type": [
-              "boolean",
-              "null"
-            ]
-          }
-        },
-        "required": [
-          "path"
-        ],
-        "title": "FsCreateDirectoryParams",
-        "type": "object"
-      },
-      "FsCreateDirectoryResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Successful response for `fs/createDirectory`.",
-        "title": "FsCreateDirectoryResponse",
-        "type": "object"
-      },
-      "FsGetMetadataParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Request metadata for an absolute path.",
-        "properties": {
-          "path": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/AbsolutePathBuf"
-              }
-            ],
-            "description": "Absolute path to inspect."
-          }
-        },
-        "required": [
-          "path"
-        ],
-        "title": "FsGetMetadataParams",
-        "type": "object"
-      },
-      "FsGetMetadataResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Metadata returned by `fs/getMetadata`.",
-        "properties": {
-          "createdAtMs": {
-            "description": "File creation time in Unix milliseconds when available, otherwise `0`.",
-            "format": "int64",
-            "type": "integer"
-          },
-          "isDirectory": {
-            "description": "Whether the path currently resolves to a directory.",
-            "type": "boolean"
-          },
-          "isFile": {
-            "description": "Whether the path currently resolves to a regular file.",
-            "type": "boolean"
-          },
-          "modifiedAtMs": {
-            "description": "File modification time in Unix milliseconds when available, otherwise `0`.",
-            "format": "int64",
-            "type": "integer"
-          }
-        },
-        "required": [
-          "createdAtMs",
-          "isDirectory",
-          "isFile",
-          "modifiedAtMs"
-        ],
-        "title": "FsGetMetadataResponse",
-        "type": "object"
-      },
-      "FsReadDirectoryEntry": {
-        "description": "A directory entry returned by `fs/readDirectory`.",
-        "properties": {
-          "fileName": {
-            "description": "Direct child entry name only, not an absolute or relative path.",
-            "type": "string"
-          },
-          "isDirectory": {
-            "description": "Whether this entry resolves to a directory.",
-            "type": "boolean"
-          },
-          "isFile": {
-            "description": "Whether this entry resolves to a regular file.",
-            "type": "boolean"
-          }
-        },
-        "required": [
-          "fileName",
-          "isDirectory",
-          "isFile"
-        ],
-        "type": "object"
-      },
-      "FsReadDirectoryParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "List direct child names for a directory.",
-        "properties": {
-          "path": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/AbsolutePathBuf"
-              }
-            ],
-            "description": "Absolute directory path to read."
-          }
-        },
-        "required": [
-          "path"
-        ],
-        "title": "FsReadDirectoryParams",
-        "type": "object"
-      },
-      "FsReadDirectoryResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Directory entries returned by `fs/readDirectory`.",
-        "properties": {
-          "entries": {
-            "description": "Direct child entries in the requested directory.",
-            "items": {
-              "$ref": "#/definitions/v2/FsReadDirectoryEntry"
-            },
-            "type": "array"
-          }
-        },
-        "required": [
-          "entries"
-        ],
-        "title": "FsReadDirectoryResponse",
-        "type": "object"
-      },
-      "FsReadFileParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Read a file from the host filesystem.",
-        "properties": {
-          "path": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/AbsolutePathBuf"
-              }
-            ],
-            "description": "Absolute path to read."
-          }
-        },
-        "required": [
-          "path"
-        ],
-        "title": "FsReadFileParams",
-        "type": "object"
-      },
-      "FsReadFileResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Base64-encoded file contents returned by `fs/readFile`.",
-        "properties": {
-          "dataBase64": {
-            "description": "File contents encoded as base64.",
-            "type": "string"
-          }
-        },
-        "required": [
-          "dataBase64"
-        ],
-        "title": "FsReadFileResponse",
-        "type": "object"
-      },
-      "FsRemoveParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Remove a file or directory tree from the host filesystem.",
-        "properties": {
-          "force": {
-            "description": "Whether missing paths should be ignored. Defaults to `true`.",
-            "type": [
-              "boolean",
-              "null"
-            ]
-          },
-          "path": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/AbsolutePathBuf"
-              }
-            ],
-            "description": "Absolute path to remove."
-          },
-          "recursive": {
-            "description": "Whether directory removal should recurse. Defaults to `true`.",
-            "type": [
-              "boolean",
-              "null"
-            ]
-          }
-        },
-        "required": [
-          "path"
-        ],
-        "title": "FsRemoveParams",
-        "type": "object"
-      },
-      "FsRemoveResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Successful response for `fs/remove`.",
-        "title": "FsRemoveResponse",
-        "type": "object"
-      },
-      "FsWriteFileParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Write a file on the host filesystem.",
-        "properties": {
-          "dataBase64": {
-            "description": "File contents encoded as base64.",
-            "type": "string"
-          },
-          "path": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/AbsolutePathBuf"
-              }
-            ],
-            "description": "Absolute path to write."
-          }
-        },
-        "required": [
-          "dataBase64",
-          "path"
-        ],
-        "title": "FsWriteFileParams",
-        "type": "object"
-      },
-      "FsWriteFileResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Successful response for `fs/writeFile`.",
-        "title": "FsWriteFileResponse",
-        "type": "object"
-      },
      "FunctionCallOutputBody": {
        "anyOf": [
          {
@@ -7906,61 +7385,6 @@
        },
        "type": "object"
      },
-      "GuardianApprovalReview": {
-        "description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
-        "properties": {
-          "rationale": {
-            "type": [
-              "string",
-              "null"
-            ]
-          },
-          "riskLevel": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/GuardianRiskLevel"
-              },
-              {
-                "type": "null"
-              }
-            ]
-          },
-          "riskScore": {
-            "format": "uint8",
-            "minimum": 0.0,
-            "type": [
-              "integer",
-              "null"
-            ]
-          },
-          "status": {
-            "$ref": "#/definitions/v2/GuardianApprovalReviewStatus"
-          }
-        },
-        "required": [
-          "status"
-        ],
-        "type": "object"
-      },
-      "GuardianApprovalReviewStatus": {
-        "description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
-        "enum": [
-          "inProgress",
-          "approved",
-          "denied",
-          "aborted"
-        ],
-        "type": "string"
-      },
-      "GuardianRiskLevel": {
-        "description": "[UNSTABLE] Risk level assigned by guardian approval review.",
-        "enum": [
-          "low",
-          "medium",
-          "high"
-        ],
-        "type": "string"
-      },
      "HazelnutScope": {
        "enum": [
          "example",
@@ -8201,60 +7625,6 @@
        "title": "ItemCompletedNotification",
        "type": "object"
      },
-      "ItemGuardianApprovalReviewCompletedNotification": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
-        "properties": {
-          "action": true,
-          "review": {
-            "$ref": "#/definitions/v2/GuardianApprovalReview"
-          },
-          "targetItemId": {
-            "type": "string"
-          },
-          "threadId": {
-            "type": "string"
-          },
-          "turnId": {
-            "type": "string"
-          }
-        },
-        "required": [
-          "review",
-          "targetItemId",
-          "threadId",
-          "turnId"
-        ],
-        "title": "ItemGuardianApprovalReviewCompletedNotification",
-        "type": "object"
-      },
-      "ItemGuardianApprovalReviewStartedNotification": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
-        "properties": {
-          "action": true,
-          "review": {
-            "$ref": "#/definitions/v2/GuardianApprovalReview"
-          },
-          "targetItemId": {
-            "type": "string"
-          },
-          "threadId": {
-            "type": "string"
-          },
-          "turnId": {
-            "type": "string"
-          }
-        },
-        "required": [
-          "review",
-          "targetItemId",
-          "threadId",
-          "turnId"
-        ],
-        "title": "ItemGuardianApprovalReviewStartedNotification",
-        "type": "object"
-      },
      "ItemStartedNotification": {
        "$schema": "http://json-schema.org/draft-07/schema#",
        "properties": {
@@ -9566,17 +8936,6 @@
              }
            ]
          },
-          "approvals_reviewer": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/ApprovalsReviewer"
-              },
-              {
-                "type": "null"
-              }
-            ],
-            "description": "[UNSTABLE] Optional profile-level override for where approval requests are routed for review. If omitted, the enclosing config default is used."
-          },
          "chatgpt_base_url": {
            "type": [
              "string",
@@ -11832,17 +11191,6 @@
              }
            ]
          },
-          "approvalsReviewer": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/ApprovalsReviewer"
-              },
-              {
-                "type": "null"
-              }
-            ],
-            "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-          },
          "baseInstructions": {
            "type": [
              "string",
@@ -11927,14 +11275,6 @@
          "approvalPolicy": {
            "$ref": "#/definitions/v2/AskForApproval"
          },
-          "approvalsReviewer": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/ApprovalsReviewer"
-              }
-            ],
-            "description": "Reviewer currently used for approval requests on this thread."
-          },
          "cwd": {
            "type": "string"
          },
@@ -11973,7 +11313,6 @@
        },
        "required": [
          "approvalPolicy",
-          "approvalsReviewer",
          "cwd",
          "model",
          "modelProvider",
@@ -12970,17 +12309,6 @@
              }
            ]
          },
-          "approvalsReviewer": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/ApprovalsReviewer"
-              },
-              {
-                "type": "null"
-              }
-            ],
-            "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-          },
          "baseInstructions": {
            "type": [
              "string",
@@ -13072,14 +12400,6 @@
          "approvalPolicy": {
            "$ref": "#/definitions/v2/AskForApproval"
          },
-          "approvalsReviewer": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/ApprovalsReviewer"
-              }
-            ],
-            "description": "Reviewer currently used for approval requests on this thread."
-          },
          "cwd": {
            "type": "string"
          },
@@ -13118,7 +12438,6 @@
        },
        "required": [
          "approvalPolicy",
-          "approvalsReviewer",
          "cwd",
          "model",
          "modelProvider",
@@ -13223,17 +12542,6 @@
              }
            ]
          },
-          "approvalsReviewer": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/ApprovalsReviewer"
-              },
-              {
-                "type": "null"
-              }
-            ],
-            "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-          },
          "baseInstructions": {
            "type": [
              "string",
@@ -13330,14 +12638,6 @@
          "approvalPolicy": {
            "$ref": "#/definitions/v2/AskForApproval"
          },
-          "approvalsReviewer": {
-            "allOf": [
-              {
-                "$ref": "#/definitions/v2/ApprovalsReviewer"
-              }
-            ],
-            "description": "Reviewer currently used for approval requests on this thread."
-          },
          "cwd": {
            "type": "string"
          },
@@ -13376,7 +12676,6 @@
        },
        "required": [
          "approvalPolicy",
-          "approvalsReviewer",
          "cwd",
          "model",
          "modelProvider",
@@ -13886,17 +13185,6 @@
            ],
            "description": "Override the approval policy for this turn and subsequent turns."
          },
-          "approvalsReviewer": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/ApprovalsReviewer"
-              },
-              {
-                "type": "null"
-              }
-            ],
-            "description": "Override where approval requests are routed for review on this turn and subsequent turns."
-          },
          "cwd": {
            "description": "Override the working directory for this turn and subsequent turns.",
            "type": [
--- a/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json
+++ b/codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json
@@ -532,14 +532,6 @@
    "AppToolsConfig": {
      "type": "object"
    },
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AppsConfig": {
      "properties": {
        "_default": {
@@ -1266,174 +1258,6 @@
          "title": "App/listRequest",
          "type": "object"
        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/readFile"
-              ],
-              "title": "Fs/readFileRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/FsReadFileParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/readFileRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/writeFile"
-              ],
-              "title": "Fs/writeFileRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/FsWriteFileParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/writeFileRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/createDirectory"
-              ],
-              "title": "Fs/createDirectoryRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/FsCreateDirectoryParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/createDirectoryRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/getMetadata"
-              ],
-              "title": "Fs/getMetadataRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/FsGetMetadataParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/getMetadataRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/readDirectory"
-              ],
-              "title": "Fs/readDirectoryRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/FsReadDirectoryParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/readDirectoryRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/remove"
-              ],
-              "title": "Fs/removeRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/FsRemoveParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/removeRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "fs/copy"
-              ],
-              "title": "Fs/copyRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/FsCopyParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Fs/copyRequest",
-          "type": "object"
-        },
        {
          "properties": {
            "id": {
@@ -2833,17 +2657,6 @@
            }
          ]
        },
-        "approvals_reviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "[UNSTABLE] Optional default for where approval requests are routed for review."
-        },
        "compact_prompt": {
          "type": [
            "string",
@@ -4019,290 +3832,6 @@
      ],
      "type": "string"
    },
-    "FsCopyParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Copy a file or directory tree on the host filesystem.",
-      "properties": {
-        "destinationPath": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute destination path."
-        },
-        "recursive": {
-          "description": "Required for directory copies; ignored for file copies.",
-          "type": "boolean"
-        },
-        "sourcePath": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute source path."
-        }
-      },
-      "required": [
-        "destinationPath",
-        "sourcePath"
-      ],
-      "title": "FsCopyParams",
-      "type": "object"
-    },
-    "FsCopyResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Successful response for `fs/copy`.",
-      "title": "FsCopyResponse",
-      "type": "object"
-    },
-    "FsCreateDirectoryParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Create a directory on the host filesystem.",
-      "properties": {
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute directory path to create."
-        },
-        "recursive": {
-          "description": "Whether parent directories should also be created. Defaults to `true`.",
-          "type": [
-            "boolean",
-            "null"
-          ]
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "title": "FsCreateDirectoryParams",
-      "type": "object"
-    },
-    "FsCreateDirectoryResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Successful response for `fs/createDirectory`.",
-      "title": "FsCreateDirectoryResponse",
-      "type": "object"
-    },
-    "FsGetMetadataParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Request metadata for an absolute path.",
-      "properties": {
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute path to inspect."
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "title": "FsGetMetadataParams",
-      "type": "object"
-    },
-    "FsGetMetadataResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Metadata returned by `fs/getMetadata`.",
-      "properties": {
-        "createdAtMs": {
-          "description": "File creation time in Unix milliseconds when available, otherwise `0`.",
-          "format": "int64",
-          "type": "integer"
-        },
-        "isDirectory": {
-          "description": "Whether the path currently resolves to a directory.",
-          "type": "boolean"
-        },
-        "isFile": {
-          "description": "Whether the path currently resolves to a regular file.",
-          "type": "boolean"
-        },
-        "modifiedAtMs": {
-          "description": "File modification time in Unix milliseconds when available, otherwise `0`.",
-          "format": "int64",
-          "type": "integer"
-        }
-      },
-      "required": [
-        "createdAtMs",
-        "isDirectory",
-        "isFile",
-        "modifiedAtMs"
-      ],
-      "title": "FsGetMetadataResponse",
-      "type": "object"
-    },
-    "FsReadDirectoryEntry": {
-      "description": "A directory entry returned by `fs/readDirectory`.",
-      "properties": {
-        "fileName": {
-          "description": "Direct child entry name only, not an absolute or relative path.",
-          "type": "string"
-        },
-        "isDirectory": {
-          "description": "Whether this entry resolves to a directory.",
-          "type": "boolean"
-        },
-        "isFile": {
-          "description": "Whether this entry resolves to a regular file.",
-          "type": "boolean"
-        }
-      },
-      "required": [
-        "fileName",
-        "isDirectory",
-        "isFile"
-      ],
-      "type": "object"
-    },
-    "FsReadDirectoryParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "List direct child names for a directory.",
-      "properties": {
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute directory path to read."
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "title": "FsReadDirectoryParams",
-      "type": "object"
-    },
-    "FsReadDirectoryResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Directory entries returned by `fs/readDirectory`.",
-      "properties": {
-        "entries": {
-          "description": "Direct child entries in the requested directory.",
-          "items": {
-            "$ref": "#/definitions/FsReadDirectoryEntry"
-          },
-          "type": "array"
-        }
-      },
-      "required": [
-        "entries"
-      ],
-      "title": "FsReadDirectoryResponse",
-      "type": "object"
-    },
-    "FsReadFileParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Read a file from the host filesystem.",
-      "properties": {
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute path to read."
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "title": "FsReadFileParams",
-      "type": "object"
-    },
-    "FsReadFileResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Base64-encoded file contents returned by `fs/readFile`.",
-      "properties": {
-        "dataBase64": {
-          "description": "File contents encoded as base64.",
-          "type": "string"
-        }
-      },
-      "required": [
-        "dataBase64"
-      ],
-      "title": "FsReadFileResponse",
-      "type": "object"
-    },
-    "FsRemoveParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Remove a file or directory tree from the host filesystem.",
-      "properties": {
-        "force": {
-          "description": "Whether missing paths should be ignored. Defaults to `true`.",
-          "type": [
-            "boolean",
-            "null"
-          ]
-        },
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute path to remove."
-        },
-        "recursive": {
-          "description": "Whether directory removal should recurse. Defaults to `true`.",
-          "type": [
-            "boolean",
-            "null"
-          ]
-        }
-      },
-      "required": [
-        "path"
-      ],
-      "title": "FsRemoveParams",
-      "type": "object"
-    },
-    "FsRemoveResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Successful response for `fs/remove`.",
-      "title": "FsRemoveResponse",
-      "type": "object"
-    },
-    "FsWriteFileParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Write a file on the host filesystem.",
-      "properties": {
-        "dataBase64": {
-          "description": "File contents encoded as base64.",
-          "type": "string"
-        },
-        "path": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/AbsolutePathBuf"
-            }
-          ],
-          "description": "Absolute path to write."
-        }
-      },
-      "required": [
-        "dataBase64",
-        "path"
-      ],
-      "title": "FsWriteFileParams",
-      "type": "object"
-    },
-    "FsWriteFileResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Successful response for `fs/writeFile`.",
-      "title": "FsWriteFileResponse",
-      "type": "object"
-    },
    "FunctionCallOutputBody": {
      "anyOf": [
        {
@@ -4607,61 +4136,6 @@
      },
      "type": "object"
    },
-    "GuardianApprovalReview": {
-      "description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
-      "properties": {
-        "rationale": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "riskLevel": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/GuardianRiskLevel"
-            },
-            {
-              "type": "null"
-            }
-          ]
-        },
-        "riskScore": {
-          "format": "uint8",
-          "minimum": 0.0,
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "status": {
-          "$ref": "#/definitions/GuardianApprovalReviewStatus"
-        }
-      },
-      "required": [
-        "status"
-      ],
-      "type": "object"
-    },
-    "GuardianApprovalReviewStatus": {
-      "description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
-      "enum": [
-        "inProgress",
-        "approved",
-        "denied",
-        "aborted"
-      ],
-      "type": "string"
-    },
-    "GuardianRiskLevel": {
-      "description": "[UNSTABLE] Risk level assigned by guardian approval review.",
-      "enum": [
-        "low",
-        "medium",
-        "high"
-      ],
-      "type": "string"
-    },
    "HazelnutScope": {
      "enum": [
        "example",
@@ -4946,60 +4420,6 @@
      "title": "ItemCompletedNotification",
      "type": "object"
    },
-    "ItemGuardianApprovalReviewCompletedNotification": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
-      "properties": {
-        "action": true,
-        "review": {
-          "$ref": "#/definitions/GuardianApprovalReview"
-        },
-        "targetItemId": {
-          "type": "string"
-        },
-        "threadId": {
-          "type": "string"
-        },
-        "turnId": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "review",
-        "targetItemId",
-        "threadId",
-        "turnId"
-      ],
-      "title": "ItemGuardianApprovalReviewCompletedNotification",
-      "type": "object"
-    },
-    "ItemGuardianApprovalReviewStartedNotification": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
-      "properties": {
-        "action": true,
-        "review": {
-          "$ref": "#/definitions/GuardianApprovalReview"
-        },
-        "targetItemId": {
-          "type": "string"
-        },
-        "threadId": {
-          "type": "string"
-        },
-        "turnId": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "review",
-        "targetItemId",
-        "threadId",
-        "turnId"
-      ],
-      "title": "ItemGuardianApprovalReviewStartedNotification",
-      "type": "object"
-    },
    "ItemStartedNotification": {
      "$schema": "http://json-schema.org/draft-07/schema#",
      "properties": {
@@ -6311,17 +5731,6 @@
            }
          ]
        },
-        "approvals_reviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "[UNSTABLE] Optional profile-level override for where approval requests are routed for review. If omitted, the enclosing config default is used."
-        },
        "chatgpt_base_url": {
          "type": [
            "string",
@@ -8070,46 +7479,6 @@
          "title": "Item/startedNotification",
          "type": "object"
        },
-        {
-          "properties": {
-            "method": {
-              "enum": [
-                "item/autoApprovalReview/started"
-              ],
-              "title": "Item/autoApprovalReview/startedNotificationMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/ItemGuardianApprovalReviewStartedNotification"
-            }
-          },
-          "required": [
-            "method",
-            "params"
-          ],
-          "title": "Item/autoApprovalReview/startedNotification",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "method": {
-              "enum": [
-                "item/autoApprovalReview/completed"
-              ],
-              "title": "Item/autoApprovalReview/completedNotificationMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/ItemGuardianApprovalReviewCompletedNotification"
-            }
-          },
-          "required": [
-            "method",
-            "params"
-          ],
-          "title": "Item/autoApprovalReview/completedNotification",
-          "type": "object"
-        },
        {
          "properties": {
            "method": {
@@ -9549,17 +8918,6 @@
            }
          ]
        },
-        "approvalsReviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-        },
        "baseInstructions": {
          "type": [
            "string",
@@ -9644,14 +9002,6 @@
        "approvalPolicy": {
          "$ref": "#/definitions/AskForApproval"
        },
-        "approvalsReviewer": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            }
-          ],
-          "description": "Reviewer currently used for approval requests on this thread."
-        },
        "cwd": {
          "type": "string"
        },
@@ -9690,7 +9040,6 @@
      },
      "required": [
        "approvalPolicy",
-        "approvalsReviewer",
        "cwd",
        "model",
        "modelProvider",
@@ -10687,17 +10036,6 @@
            }
          ]
        },
-        "approvalsReviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-        },
        "baseInstructions": {
          "type": [
            "string",
@@ -10789,14 +10127,6 @@
        "approvalPolicy": {
          "$ref": "#/definitions/AskForApproval"
        },
-        "approvalsReviewer": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            }
-          ],
-          "description": "Reviewer currently used for approval requests on this thread."
-        },
        "cwd": {
          "type": "string"
        },
@@ -10835,7 +10165,6 @@
      },
      "required": [
        "approvalPolicy",
-        "approvalsReviewer",
        "cwd",
        "model",
        "modelProvider",
@@ -10940,17 +10269,6 @@
            }
          ]
        },
-        "approvalsReviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-        },
        "baseInstructions": {
          "type": [
            "string",
@@ -11047,14 +10365,6 @@
        "approvalPolicy": {
          "$ref": "#/definitions/AskForApproval"
        },
-        "approvalsReviewer": {
-          "allOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            }
-          ],
-          "description": "Reviewer currently used for approval requests on this thread."
-        },
        "cwd": {
          "type": "string"
        },
@@ -11093,7 +10403,6 @@
      },
      "required": [
        "approvalPolicy",
-        "approvalsReviewer",
        "cwd",
        "model",
        "modelProvider",
@@ -11603,17 +10912,6 @@
          ],
          "description": "Override the approval policy for this turn and subsequent turns."
        },
-        "approvalsReviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Override where approval requests are routed for review on this turn and subsequent turns."
-        },
        "cwd": {
          "description": "Override the working directory for this turn and subsequent turns.",
          "type": [
--- a/codex-rs/app-server-protocol/schema/json/v1/InitializeResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v1/InitializeResponse.json
@@ -1,21 +1,11 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
  "properties": {
-    "platformFamily": {
-      "description": "Platform family for the running app-server target, for example `\"unix\"` or `\"windows\"`.",
-      "type": "string"
-    },
-    "platformOs": {
-      "description": "Operating system for the running app-server target, for example `\"macos\"`, `\"linux\"`, or `\"windows\"`.",
-      "type": "string"
-    },
    "userAgent": {
      "type": "string"
    }
  },
  "required": [
-    "platformFamily",
-    "platformOs",
    "userAgent"
  ],
  "title": "InitializeResponse",
--- a/codex-rs/app-server-protocol/schema/json/v2/ConfigReadResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ConfigReadResponse.json
@@ -96,14 +96,6 @@
    "AppToolsConfig": {
      "type": "object"
    },
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AppsConfig": {
      "properties": {
        "_default": {
@@ -210,17 +202,6 @@
            }
          ]
        },
-        "approvals_reviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "[UNSTABLE] Optional default for where approval requests are routed for review."
-        },
        "compact_prompt": {
          "type": [
            "string",
@@ -597,17 +578,6 @@
            }
          ]
        },
-        "approvals_reviewer": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/ApprovalsReviewer"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "[UNSTABLE] Optional profile-level override for where approval requests are routed for review. If omitted, the enclosing config default is used."
-        },
        "chatgpt_base_url": {
          "type": [
            "string",
--- a/codex-rs/app-server-protocol/schema/json/v2/FsCopyParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsCopyParams.json
@@ -1,38 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "AbsolutePathBuf": {
-      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
-      "type": "string"
-    }
-  },
-  "description": "Copy a file or directory tree on the host filesystem.",
-  "properties": {
-    "destinationPath": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/AbsolutePathBuf"
-        }
-      ],
-      "description": "Absolute destination path."
-    },
-    "recursive": {
-      "description": "Required for directory copies; ignored for file copies.",
-      "type": "boolean"
-    },
-    "sourcePath": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/AbsolutePathBuf"
-        }
-      ],
-      "description": "Absolute source path."
-    }
-  },
-  "required": [
-    "destinationPath",
-    "sourcePath"
-  ],
-  "title": "FsCopyParams",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsCopyResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsCopyResponse.json
@@ -1,6 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "description": "Successful response for `fs/copy`.",
-  "title": "FsCopyResponse",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsCreateDirectoryParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsCreateDirectoryParams.json
@@ -1,32 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "AbsolutePathBuf": {
-      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
-      "type": "string"
-    }
-  },
-  "description": "Create a directory on the host filesystem.",
-  "properties": {
-    "path": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/AbsolutePathBuf"
-        }
-      ],
-      "description": "Absolute directory path to create."
-    },
-    "recursive": {
-      "description": "Whether parent directories should also be created. Defaults to `true`.",
-      "type": [
-        "boolean",
-        "null"
-      ]
-    }
-  },
-  "required": [
-    "path"
-  ],
-  "title": "FsCreateDirectoryParams",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsCreateDirectoryResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsCreateDirectoryResponse.json
@@ -1,6 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "description": "Successful response for `fs/createDirectory`.",
-  "title": "FsCreateDirectoryResponse",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsGetMetadataParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsGetMetadataParams.json
@@ -1,25 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "AbsolutePathBuf": {
-      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
-      "type": "string"
-    }
-  },
-  "description": "Request metadata for an absolute path.",
-  "properties": {
-    "path": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/AbsolutePathBuf"
-        }
-      ],
-      "description": "Absolute path to inspect."
-    }
-  },
-  "required": [
-    "path"
-  ],
-  "title": "FsGetMetadataParams",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsGetMetadataResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsGetMetadataResponse.json
@@ -1,32 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "description": "Metadata returned by `fs/getMetadata`.",
-  "properties": {
-    "createdAtMs": {
-      "description": "File creation time in Unix milliseconds when available, otherwise `0`.",
-      "format": "int64",
-      "type": "integer"
-    },
-    "isDirectory": {
-      "description": "Whether the path currently resolves to a directory.",
-      "type": "boolean"
-    },
-    "isFile": {
-      "description": "Whether the path currently resolves to a regular file.",
-      "type": "boolean"
-    },
-    "modifiedAtMs": {
-      "description": "File modification time in Unix milliseconds when available, otherwise `0`.",
-      "format": "int64",
-      "type": "integer"
-    }
-  },
-  "required": [
-    "createdAtMs",
-    "isDirectory",
-    "isFile",
-    "modifiedAtMs"
-  ],
-  "title": "FsGetMetadataResponse",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsReadDirectoryParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsReadDirectoryParams.json
@@ -1,25 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "AbsolutePathBuf": {
-      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
-      "type": "string"
-    }
-  },
-  "description": "List direct child names for a directory.",
-  "properties": {
-    "path": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/AbsolutePathBuf"
-        }
-      ],
-      "description": "Absolute directory path to read."
-    }
-  },
-  "required": [
-    "path"
-  ],
-  "title": "FsReadDirectoryParams",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsReadDirectoryResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsReadDirectoryResponse.json
@@ -1,43 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "FsReadDirectoryEntry": {
-      "description": "A directory entry returned by `fs/readDirectory`.",
-      "properties": {
-        "fileName": {
-          "description": "Direct child entry name only, not an absolute or relative path.",
-          "type": "string"
-        },
-        "isDirectory": {
-          "description": "Whether this entry resolves to a directory.",
-          "type": "boolean"
-        },
-        "isFile": {
-          "description": "Whether this entry resolves to a regular file.",
-          "type": "boolean"
-        }
-      },
-      "required": [
-        "fileName",
-        "isDirectory",
-        "isFile"
-      ],
-      "type": "object"
-    }
-  },
-  "description": "Directory entries returned by `fs/readDirectory`.",
-  "properties": {
-    "entries": {
-      "description": "Direct child entries in the requested directory.",
-      "items": {
-        "$ref": "#/definitions/FsReadDirectoryEntry"
-      },
-      "type": "array"
-    }
-  },
-  "required": [
-    "entries"
-  ],
-  "title": "FsReadDirectoryResponse",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsReadFileParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsReadFileParams.json
@@ -1,25 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "AbsolutePathBuf": {
-      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
-      "type": "string"
-    }
-  },
-  "description": "Read a file from the host filesystem.",
-  "properties": {
-    "path": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/AbsolutePathBuf"
-        }
-      ],
-      "description": "Absolute path to read."
-    }
-  },
-  "required": [
-    "path"
-  ],
-  "title": "FsReadFileParams",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsReadFileResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsReadFileResponse.json
@@ -1,15 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "description": "Base64-encoded file contents returned by `fs/readFile`.",
-  "properties": {
-    "dataBase64": {
-      "description": "File contents encoded as base64.",
-      "type": "string"
-    }
-  },
-  "required": [
-    "dataBase64"
-  ],
-  "title": "FsReadFileResponse",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsRemoveParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsRemoveParams.json
@@ -1,39 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "AbsolutePathBuf": {
-      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
-      "type": "string"
-    }
-  },
-  "description": "Remove a file or directory tree from the host filesystem.",
-  "properties": {
-    "force": {
-      "description": "Whether missing paths should be ignored. Defaults to `true`.",
-      "type": [
-        "boolean",
-        "null"
-      ]
-    },
-    "path": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/AbsolutePathBuf"
-        }
-      ],
-      "description": "Absolute path to remove."
-    },
-    "recursive": {
-      "description": "Whether directory removal should recurse. Defaults to `true`.",
-      "type": [
-        "boolean",
-        "null"
-      ]
-    }
-  },
-  "required": [
-    "path"
-  ],
-  "title": "FsRemoveParams",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsRemoveResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsRemoveResponse.json
@@ -1,6 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "description": "Successful response for `fs/remove`.",
-  "title": "FsRemoveResponse",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsWriteFileParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsWriteFileParams.json
@@ -1,30 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "AbsolutePathBuf": {
-      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
-      "type": "string"
-    }
-  },
-  "description": "Write a file on the host filesystem.",
-  "properties": {
-    "dataBase64": {
-      "description": "File contents encoded as base64.",
-      "type": "string"
-    },
-    "path": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/AbsolutePathBuf"
-        }
-      ],
-      "description": "Absolute path to write."
-    }
-  },
-  "required": [
-    "dataBase64",
-    "path"
-  ],
-  "title": "FsWriteFileParams",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/FsWriteFileResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/FsWriteFileResponse.json
@@ -1,6 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "description": "Successful response for `fs/writeFile`.",
-  "title": "FsWriteFileResponse",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json
@@ -1,84 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "GuardianApprovalReview": {
-      "description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
-      "properties": {
-        "rationale": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "riskLevel": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/GuardianRiskLevel"
-            },
-            {
-              "type": "null"
-            }
-          ]
-        },
-        "riskScore": {
-          "format": "uint8",
-          "minimum": 0.0,
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "status": {
-          "$ref": "#/definitions/GuardianApprovalReviewStatus"
-        }
-      },
-      "required": [
-        "status"
-      ],
-      "type": "object"
-    },
-    "GuardianApprovalReviewStatus": {
-      "description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
-      "enum": [
-        "inProgress",
-        "approved",
-        "denied",
-        "aborted"
-      ],
-      "type": "string"
-    },
-    "GuardianRiskLevel": {
-      "description": "[UNSTABLE] Risk level assigned by guardian approval review.",
-      "enum": [
-        "low",
-        "medium",
-        "high"
-      ],
-      "type": "string"
-    }
-  },
-  "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
-  "properties": {
-    "action": true,
-    "review": {
-      "$ref": "#/definitions/GuardianApprovalReview"
-    },
-    "targetItemId": {
-      "type": "string"
-    },
-    "threadId": {
-      "type": "string"
-    },
-    "turnId": {
-      "type": "string"
-    }
-  },
-  "required": [
-    "review",
-    "targetItemId",
-    "threadId",
-    "turnId"
-  ],
-  "title": "ItemGuardianApprovalReviewCompletedNotification",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json
@@ -1,84 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "GuardianApprovalReview": {
-      "description": "[UNSTABLE] Temporary guardian approval review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.",
-      "properties": {
-        "rationale": {
-          "type": [
-            "string",
-            "null"
-          ]
-        },
-        "riskLevel": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/GuardianRiskLevel"
-            },
-            {
-              "type": "null"
-            }
-          ]
-        },
-        "riskScore": {
-          "format": "uint8",
-          "minimum": 0.0,
-          "type": [
-            "integer",
-            "null"
-          ]
-        },
-        "status": {
-          "$ref": "#/definitions/GuardianApprovalReviewStatus"
-        }
-      },
-      "required": [
-        "status"
-      ],
-      "type": "object"
-    },
-    "GuardianApprovalReviewStatus": {
-      "description": "[UNSTABLE] Lifecycle state for a guardian approval review.",
-      "enum": [
-        "inProgress",
-        "approved",
-        "denied",
-        "aborted"
-      ],
-      "type": "string"
-    },
-    "GuardianRiskLevel": {
-      "description": "[UNSTABLE] Risk level assigned by guardian approval review.",
-      "enum": [
-        "low",
-        "medium",
-        "high"
-      ],
-      "type": "string"
-    }
-  },
-  "description": "[UNSTABLE] Temporary notification payload for guardian automatic approval review. This shape is expected to change soon.\n\nTODO(ccunningham): Attach guardian review state to the reviewed tool item's lifecycle instead of sending separate standalone review notifications so the app-server API can persist and replay review state via `thread/read`.",
-  "properties": {
-    "action": true,
-    "review": {
-      "$ref": "#/definitions/GuardianApprovalReview"
-    },
-    "targetItemId": {
-      "type": "string"
-    },
-    "threadId": {
-      "type": "string"
-    },
-    "turnId": {
-      "type": "string"
-    }
-  },
-  "required": [
-    "review",
-    "targetItemId",
-    "threadId",
-    "turnId"
-  ],
-  "title": "ItemGuardianApprovalReviewStartedNotification",
-  "type": "object"
-}
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadForkParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadForkParams.json
@@ -1,14 +1,6 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
  "definitions": {
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AskForApproval": {
      "oneOf": [
        {
@@ -87,17 +79,6 @@
        }
      ]
    },
-    "approvalsReviewer": {
-      "anyOf": [
-        {
-          "$ref": "#/definitions/ApprovalsReviewer"
-        },
-        {
-          "type": "null"
-        }
-      ],
-      "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-    },
    "baseInstructions": {
      "type": [
        "string",
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadForkResponse.json
@@ -5,14 +5,6 @@
      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
      "type": "string"
    },
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AskForApproval": {
      "oneOf": [
        {
@@ -1963,14 +1955,6 @@
    "approvalPolicy": {
      "$ref": "#/definitions/AskForApproval"
    },
-    "approvalsReviewer": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/ApprovalsReviewer"
-        }
-      ],
-      "description": "Reviewer currently used for approval requests on this thread."
-    },
    "cwd": {
      "type": "string"
    },
@@ -2009,7 +1993,6 @@
  },
  "required": [
    "approvalPolicy",
-    "approvalsReviewer",
    "cwd",
    "model",
    "modelProvider",
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeParams.json
@@ -1,14 +1,6 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
  "definitions": {
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AskForApproval": {
      "oneOf": [
        {
@@ -1010,17 +1002,6 @@
        }
      ]
    },
-    "approvalsReviewer": {
-      "anyOf": [
-        {
-          "$ref": "#/definitions/ApprovalsReviewer"
-        },
-        {
-          "type": "null"
-        }
-      ],
-      "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-    },
    "baseInstructions": {
      "type": [
        "string",
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadResumeResponse.json
@@ -5,14 +5,6 @@
      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
      "type": "string"
    },
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AskForApproval": {
      "oneOf": [
        {
@@ -1963,14 +1955,6 @@
    "approvalPolicy": {
      "$ref": "#/definitions/AskForApproval"
    },
-    "approvalsReviewer": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/ApprovalsReviewer"
-        }
-      ],
-      "description": "Reviewer currently used for approval requests on this thread."
-    },
    "cwd": {
      "type": "string"
    },
@@ -2009,7 +1993,6 @@
  },
  "required": [
    "approvalPolicy",
-    "approvalsReviewer",
    "cwd",
    "model",
    "modelProvider",
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartParams.json
@@ -1,14 +1,6 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
  "definitions": {
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AskForApproval": {
      "oneOf": [
        {
@@ -111,17 +103,6 @@
        }
      ]
    },
-    "approvalsReviewer": {
-      "anyOf": [
-        {
-          "$ref": "#/definitions/ApprovalsReviewer"
-        },
-        {
-          "type": "null"
-        }
-      ],
-      "description": "Override where approval requests are routed for review on this thread and subsequent turns."
-    },
    "baseInstructions": {
      "type": [
        "string",
--- a/codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/ThreadStartResponse.json
@@ -5,14 +5,6 @@
      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
      "type": "string"
    },
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AskForApproval": {
      "oneOf": [
        {
@@ -1963,14 +1955,6 @@
    "approvalPolicy": {
      "$ref": "#/definitions/AskForApproval"
    },
-    "approvalsReviewer": {
-      "allOf": [
-        {
-          "$ref": "#/definitions/ApprovalsReviewer"
-        }
-      ],
-      "description": "Reviewer currently used for approval requests on this thread."
-    },
    "cwd": {
      "type": "string"
    },
@@ -2009,7 +1993,6 @@
  },
  "required": [
    "approvalPolicy",
-    "approvalsReviewer",
    "cwd",
    "model",
    "modelProvider",
--- a/codex-rs/app-server-protocol/schema/json/v2/TurnStartParams.json
+++ b/codex-rs/app-server-protocol/schema/json/v2/TurnStartParams.json
@@ -5,14 +5,6 @@
      "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
      "type": "string"
    },
-    "ApprovalsReviewer": {
-      "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
-      "enum": [
-        "user",
-        "guardian_subagent"
-      ],
-      "type": "string"
-    },
    "AskForApproval": {
      "oneOf": [
        {
@@ -510,17 +502,6 @@
      ],
      "description": "Override the approval policy for this turn and subsequent turns."
    },
-    "approvalsReviewer": {
-      "anyOf": [
-        {
-          "$ref": "#/definitions/ApprovalsReviewer"
-        },
-        {
-          "type": "null"
-        }
-      ],
-      "description": "Override where approval requests are routed for review on this turn and subsequent turns."
-    },
    "cwd": {
      "description": "Override the working directory for this turn and subsequent turns.",
      "type": [
--- a/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/ClientRequest.ts
@@ -20,13 +20,6 @@ import type { ExperimentalFeatureListParams } from "./v2/ExperimentalFeatureList
 import type { ExternalAgentConfigDetectParams } from "./v2/ExternalAgentConfigDetectParams";
 import type { ExternalAgentConfigImportParams } from "./v2/ExternalAgentConfigImportParams";
 import type { FeedbackUploadParams } from "./v2/FeedbackUploadParams";
-import type { FsCopyParams } from "./v2/FsCopyParams";
-import type { FsCreateDirectoryParams } from "./v2/FsCreateDirectoryParams";
-import type { FsGetMetadataParams } from "./v2/FsGetMetadataParams";
-import type { FsReadDirectoryParams } from "./v2/FsReadDirectoryParams";
-import type { FsReadFileParams } from "./v2/FsReadFileParams";
-import type { FsRemoveParams } from "./v2/FsRemoveParams";
-import type { FsWriteFileParams } from "./v2/FsWriteFileParams";
 import type { GetAccountParams } from "./v2/GetAccountParams";
 import type { ListMcpServerStatusParams } from "./v2/ListMcpServerStatusParams";
 import type { LoginAccountParams } from "./v2/LoginAccountParams";
@@ -62,4 +55,4 @@ import type { WindowsSandboxSetupStartParams } from "./v2/WindowsSandboxSetupSta
 /**
 * Request from the client to the server.
 */
-export type ClientRequest ={ "method": "initialize", id: RequestId, params: InitializeParams, } | { "method": "thread/start", id: RequestId, params: ThreadStartParams, } | { "method": "thread/resume", id: RequestId, params: ThreadResumeParams, } | { "method": "thread/fork", id: RequestId, params: ThreadForkParams, } | { "method": "thread/archive", id: RequestId, params: ThreadArchiveParams, } | { "method": "thread/unsubscribe", id: RequestId, params: ThreadUnsubscribeParams, } | { "method": "thread/name/set", id: RequestId, params: ThreadSetNameParams, } | { "method": "thread/metadata/update", id: RequestId, params: ThreadMetadataUpdateParams, } | { "method": "thread/unarchive", id: RequestId, params: ThreadUnarchiveParams, } | { "method": "thread/compact/start", id: RequestId, params: ThreadCompactStartParams, } | { "method": "thread/rollback", id: RequestId, params: ThreadRollbackParams, } | { "method": "thread/list", id: RequestId, params: ThreadListParams, } | { "method": "thread/loaded/list", id: RequestId, params: ThreadLoadedListParams, } | { "method": "thread/read", id: RequestId, params: ThreadReadParams, } | { "method": "skills/list", id: RequestId, params: SkillsListParams, } | { "method": "plugin/list", id: RequestId, params: PluginListParams, } | { "method": "plugin/read", id: RequestId, params: PluginReadParams, } | { "method": "skills/remote/list", id: RequestId, params: SkillsRemoteReadParams, } | { "method": "skills/remote/export", id: RequestId, params: SkillsRemoteWriteParams, } | { "method": "app/list", id: RequestId, params: AppsListParams, } | { "method": "fs/readFile", id: RequestId, params: FsReadFileParams, } | { "method": "fs/writeFile", id: RequestId, params: FsWriteFileParams, } | { "method": "fs/createDirectory", id: RequestId, params: FsCreateDirectoryParams, } | { "method": "fs/getMetadata", id: RequestId, params: FsGetMetadataParams, } | { "method": "fs/readDirectory", id: RequestId, params: FsReadDirectoryParams, } | { "method": "fs/remove", id: RequestId, params: FsRemoveParams, } | { "method": "fs/copy", id: RequestId, params: FsCopyParams, } | { "method": "skills/config/write", id: RequestId, params: SkillsConfigWriteParams, } | { "method": "plugin/install", id: RequestId, params: PluginInstallParams, } | { "method": "plugin/uninstall", id: RequestId, params: PluginUninstallParams, } | { "method": "turn/start", id: RequestId, params: TurnStartParams, } | { "method": "turn/steer", id: RequestId, params: TurnSteerParams, } | { "method": "turn/interrupt", id: RequestId, params: TurnInterruptParams, } | { "method": "review/start", id: RequestId, params: ReviewStartParams, } | { "method": "model/list", id: RequestId, params: ModelListParams, } | { "method": "experimentalFeature/list", id: RequestId, params: ExperimentalFeatureListParams, } | { "method": "mcpServer/oauth/login", id: RequestId, params: McpServerOauthLoginParams, } | { "method": "config/mcpServer/reload", id: RequestId, params: undefined, } | { "method": "mcpServerStatus/list", id: RequestId, params: ListMcpServerStatusParams, } | { "method": "windowsSandbox/setupStart", id: RequestId, params: WindowsSandboxSetupStartParams, } | { "method": "account/login/start", id: RequestId, params: LoginAccountParams, } | { "method": "account/login/cancel", id: RequestId, params: CancelLoginAccountParams, } | { "method": "account/logout", id: RequestId, params: undefined, } | { "method": "account/rateLimits/read", id: RequestId, params: undefined, } | { "method": "feedback/upload", id: RequestId, params: FeedbackUploadParams, } | { "method": "command/exec", id: RequestId, params: CommandExecParams, } | { "method": "command/exec/write", id: RequestId, params: CommandExecWriteParams, } | { "method": "command/exec/terminate", id: RequestId, params: CommandExecTerminateParams, } | { "method": "command/exec/resize", id: RequestId, params: CommandExecResizeParams, } | { "method": "config/read", id: RequestId, params: ConfigReadParams, } | { "method": "externalAgentConfig/detect", id: RequestId, params: ExternalAgentConfigDetectParams, } | { "method": "externalAgentConfig/import", id: RequestId, params: ExternalAgentConfigImportParams, } | { "method": "config/value/write", id: RequestId, params: ConfigValueWriteParams, } | { "method": "config/batchWrite", id: RequestId, params: ConfigBatchWriteParams, } | { "method": "configRequirements/read", id: RequestId, params: undefined, } | { "method": "account/read", id: RequestId, params: GetAccountParams, } | { "method": "getConversationSummary", id: RequestId, params: GetConversationSummaryParams, } | { "method": "gitDiffToRemote", id: RequestId, params: GitDiffToRemoteParams, } | { "method": "getAuthStatus", id: RequestId, params: GetAuthStatusParams, } | { "method": "fuzzyFileSearch", id: RequestId, params: FuzzyFileSearchParams, };
+export type ClientRequest ={ "method": "initialize", id: RequestId, params: InitializeParams, } | { "method": "thread/start", id: RequestId, params: ThreadStartParams, } | { "method": "thread/resume", id: RequestId, params: ThreadResumeParams, } | { "method": "thread/fork", id: RequestId, params: ThreadForkParams, } | { "method": "thread/archive", id: RequestId, params: ThreadArchiveParams, } | { "method": "thread/unsubscribe", id: RequestId, params: ThreadUnsubscribeParams, } | { "method": "thread/name/set", id: RequestId, params: ThreadSetNameParams, } | { "method": "thread/metadata/update", id: RequestId, params: ThreadMetadataUpdateParams, } | { "method": "thread/unarchive", id: RequestId, params: ThreadUnarchiveParams, } | { "method": "thread/compact/start", id: RequestId, params: ThreadCompactStartParams, } | { "method": "thread/rollback", id: RequestId, params: ThreadRollbackParams, } | { "method": "thread/list", id: RequestId, params: ThreadListParams, } | { "method": "thread/loaded/list", id: RequestId, params: ThreadLoadedListParams, } | { "method": "thread/read", id: RequestId, params: ThreadReadParams, } | { "method": "skills/list", id: RequestId, params: SkillsListParams, } | { "method": "plugin/list", id: RequestId, params: PluginListParams, } | { "method": "plugin/read", id: RequestId, params: PluginReadParams, } | { "method": "skills/remote/list", id: RequestId, params: SkillsRemoteReadParams, } | { "method": "skills/remote/export", id: RequestId, params: SkillsRemoteWriteParams, } | { "method": "app/list", id: RequestId, params: AppsListParams, } | { "method": "skills/config/write", id: RequestId, params: SkillsConfigWriteParams, } | { "method": "plugin/install", id: RequestId, params: PluginInstallParams, } | { "method": "plugin/uninstall", id: RequestId, params: PluginUninstallParams, } | { "method": "turn/start", id: RequestId, params: TurnStartParams, } | { "method": "turn/steer", id: RequestId, params: TurnSteerParams, } | { "method": "turn/interrupt", id: RequestId, params: TurnInterruptParams, } | { "method": "review/start", id: RequestId, params: ReviewStartParams, } | { "method": "model/list", id: RequestId, params: ModelListParams, } | { "method": "experimentalFeature/list", id: RequestId, params: ExperimentalFeatureListParams, } | { "method": "mcpServer/oauth/login", id: RequestId, params: McpServerOauthLoginParams, } | { "method": "config/mcpServer/reload", id: RequestId, params: undefined, } | { "method": "mcpServerStatus/list", id: RequestId, params: ListMcpServerStatusParams, } | { "method": "windowsSandbox/setupStart", id: RequestId, params: WindowsSandboxSetupStartParams, } | { "method": "account/login/start", id: RequestId, params: LoginAccountParams, } | { "method": "account/login/cancel", id: RequestId, params: CancelLoginAccountParams, } | { "method": "account/logout", id: RequestId, params: undefined, } | { "method": "account/rateLimits/read", id: RequestId, params: undefined, } | { "method": "feedback/upload", id: RequestId, params: FeedbackUploadParams, } | { "method": "command/exec", id: RequestId, params: CommandExecParams, } | { "method": "command/exec/write", id: RequestId, params: CommandExecWriteParams, } | { "method": "command/exec/terminate", id: RequestId, params: CommandExecTerminateParams, } | { "method": "command/exec/resize", id: RequestId, params: CommandExecResizeParams, } | { "method": "config/read", id: RequestId, params: ConfigReadParams, } | { "method": "externalAgentConfig/detect", id: RequestId, params: ExternalAgentConfigDetectParams, } | { "method": "externalAgentConfig/import", id: RequestId, params: ExternalAgentConfigImportParams, } | { "method": "config/value/write", id: RequestId, params: ConfigValueWriteParams, } | { "method": "config/batchWrite", id: RequestId, params: ConfigBatchWriteParams, } | { "method": "configRequirements/read", id: RequestId, params: undefined, } | { "method": "account/read", id: RequestId, params: GetAccountParams, } | { "method": "getConversationSummary", id: RequestId, params: GetConversationSummaryParams, } | { "method": "gitDiffToRemote", id: RequestId, params: GitDiffToRemoteParams, } | { "method": "getAuthStatus", id: RequestId, params: GetAuthStatusParams, } | { "method": "fuzzyFileSearch", id: RequestId, params: FuzzyFileSearchParams, };
--- a/codex-rs/app-server-protocol/schema/typescript/InitializeResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/InitializeResponse.ts
@@ -2,14 +2,4 @@

 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

-export type InitializeResponse = { userAgent: string, 
-/**
- * Platform family for the running app-server target, for example
- * `"unix"` or `"windows"`.
- */
-platformFamily: string, 
-/**
- * Operating system for the running app-server target, for example
- * `"macos"`, `"linux"`, or `"windows"`.
- */
-platformOs: string, };
+export type InitializeResponse = { userAgent: string, };
--- a/codex-rs/app-server-protocol/schema/typescript/ServerNotification.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/ServerNotification.ts
@@ -18,8 +18,6 @@ import type { FileChangeOutputDeltaNotification } from "./v2/FileChangeOutputDel
 import type { HookCompletedNotification } from "./v2/HookCompletedNotification";
 import type { HookStartedNotification } from "./v2/HookStartedNotification";
 import type { ItemCompletedNotification } from "./v2/ItemCompletedNotification";
-import type { ItemGuardianApprovalReviewCompletedNotification } from "./v2/ItemGuardianApprovalReviewCompletedNotification";
-import type { ItemGuardianApprovalReviewStartedNotification } from "./v2/ItemGuardianApprovalReviewStartedNotification";
 import type { ItemStartedNotification } from "./v2/ItemStartedNotification";
 import type { McpServerOauthLoginCompletedNotification } from "./v2/McpServerOauthLoginCompletedNotification";
 import type { McpToolCallProgressNotification } from "./v2/McpToolCallProgressNotification";
@@ -54,4 +52,4 @@ import type { WindowsWorldWritableWarningNotification } from "./v2/WindowsWorldW
 /**
 * Notification sent from the server to the client.
 */
-export type ServerNotification = { "method": "error", "params": ErrorNotification } | { "method": "thread/started", "params": ThreadStartedNotification } | { "method": "thread/status/changed", "params": ThreadStatusChangedNotification } | { "method": "thread/archived", "params": ThreadArchivedNotification } | { "method": "thread/unarchived", "params": ThreadUnarchivedNotification } | { "method": "thread/closed", "params": ThreadClosedNotification } | { "method": "skills/changed", "params": SkillsChangedNotification } | { "method": "thread/name/updated", "params": ThreadNameUpdatedNotification } | { "method": "thread/tokenUsage/updated", "params": ThreadTokenUsageUpdatedNotification } | { "method": "turn/started", "params": TurnStartedNotification } | { "method": "hook/started", "params": HookStartedNotification } | { "method": "turn/completed", "params": TurnCompletedNotification } | { "method": "hook/completed", "params": HookCompletedNotification } | { "method": "turn/diff/updated", "params": TurnDiffUpdatedNotification } | { "method": "turn/plan/updated", "params": TurnPlanUpdatedNotification } | { "method": "item/started", "params": ItemStartedNotification } | { "method": "item/autoApprovalReview/started", "params": ItemGuardianApprovalReviewStartedNotification } | { "method": "item/autoApprovalReview/completed", "params": ItemGuardianApprovalReviewCompletedNotification } | { "method": "item/completed", "params": ItemCompletedNotification } | { "method": "rawResponseItem/completed", "params": RawResponseItemCompletedNotification } | { "method": "item/agentMessage/delta", "params": AgentMessageDeltaNotification } | { "method": "item/plan/delta", "params": PlanDeltaNotification } | { "method": "command/exec/outputDelta", "params": CommandExecOutputDeltaNotification } | { "method": "item/commandExecution/outputDelta", "params": CommandExecutionOutputDeltaNotification } | { "method": "item/commandExecution/terminalInteraction", "params": TerminalInteractionNotification } | { "method": "item/fileChange/outputDelta", "params": FileChangeOutputDeltaNotification } | { "method": "serverRequest/resolved", "params": ServerRequestResolvedNotification } | { "method": "item/mcpToolCall/progress", "params": McpToolCallProgressNotification } | { "method": "mcpServer/oauthLogin/completed", "params": McpServerOauthLoginCompletedNotification } | { "method": "account/updated", "params": AccountUpdatedNotification } | { "method": "account/rateLimits/updated", "params": AccountRateLimitsUpdatedNotification } | { "method": "app/list/updated", "params": AppListUpdatedNotification } | { "method": "item/reasoning/summaryTextDelta", "params": ReasoningSummaryTextDeltaNotification } | { "method": "item/reasoning/summaryPartAdded", "params": ReasoningSummaryPartAddedNotification } | { "method": "item/reasoning/textDelta", "params": ReasoningTextDeltaNotification } | { "method": "thread/compacted", "params": ContextCompactedNotification } | { "method": "model/rerouted", "params": ModelReroutedNotification } | { "method": "deprecationNotice", "params": DeprecationNoticeNotification } | { "method": "configWarning", "params": ConfigWarningNotification } | { "method": "fuzzyFileSearch/sessionUpdated", "params": FuzzyFileSearchSessionUpdatedNotification } | { "method": "fuzzyFileSearch/sessionCompleted", "params": FuzzyFileSearchSessionCompletedNotification } | { "method": "thread/realtime/started", "params": ThreadRealtimeStartedNotification } | { "method": "thread/realtime/itemAdded", "params": ThreadRealtimeItemAddedNotification } | { "method": "thread/realtime/outputAudio/delta", "params": ThreadRealtimeOutputAudioDeltaNotification } | { "method": "thread/realtime/error", "params": ThreadRealtimeErrorNotification } | { "method": "thread/realtime/closed", "params": ThreadRealtimeClosedNotification } | { "method": "windows/worldWritableWarning", "params": WindowsWorldWritableWarningNotification } | { "method": "windowsSandbox/setupCompleted", "params": WindowsSandboxSetupCompletedNotification } | { "method": "account/login/completed", "params": AccountLoginCompletedNotification };
+export type ServerNotification = { "method": "error", "params": ErrorNotification } | { "method": "thread/started", "params": ThreadStartedNotification } | { "method": "thread/status/changed", "params": ThreadStatusChangedNotification } | { "method": "thread/archived", "params": ThreadArchivedNotification } | { "method": "thread/unarchived", "params": ThreadUnarchivedNotification } | { "method": "thread/closed", "params": ThreadClosedNotification } | { "method": "skills/changed", "params": SkillsChangedNotification } | { "method": "thread/name/updated", "params": ThreadNameUpdatedNotification } | { "method": "thread/tokenUsage/updated", "params": ThreadTokenUsageUpdatedNotification } | { "method": "turn/started", "params": TurnStartedNotification } | { "method": "hook/started", "params": HookStartedNotification } | { "method": "turn/completed", "params": TurnCompletedNotification } | { "method": "hook/completed", "params": HookCompletedNotification } | { "method": "turn/diff/updated", "params": TurnDiffUpdatedNotification } | { "method": "turn/plan/updated", "params": TurnPlanUpdatedNotification } | { "method": "item/started", "params": ItemStartedNotification } | { "method": "item/completed", "params": ItemCompletedNotification } | { "method": "rawResponseItem/completed", "params": RawResponseItemCompletedNotification } | { "method": "item/agentMessage/delta", "params": AgentMessageDeltaNotification } | { "method": "item/plan/delta", "params": PlanDeltaNotification } | { "method": "command/exec/outputDelta", "params": CommandExecOutputDeltaNotification } | { "method": "item/commandExecution/outputDelta", "params": CommandExecutionOutputDeltaNotification } | { "method": "item/commandExecution/terminalInteraction", "params": TerminalInteractionNotification } | { "method": "item/fileChange/outputDelta", "params": FileChangeOutputDeltaNotification } | { "method": "serverRequest/resolved", "params": ServerRequestResolvedNotification } | { "method": "item/mcpToolCall/progress", "params": McpToolCallProgressNotification } | { "method": "mcpServer/oauthLogin/completed", "params": McpServerOauthLoginCompletedNotification } | { "method": "account/updated", "params": AccountUpdatedNotification } | { "method": "account/rateLimits/updated", "params": AccountRateLimitsUpdatedNotification } | { "method": "app/list/updated", "params": AppListUpdatedNotification } | { "method": "item/reasoning/summaryTextDelta", "params": ReasoningSummaryTextDeltaNotification } | { "method": "item/reasoning/summaryPartAdded", "params": ReasoningSummaryPartAddedNotification } | { "method": "item/reasoning/textDelta", "params": ReasoningTextDeltaNotification } | { "method": "thread/compacted", "params": ContextCompactedNotification } | { "method": "model/rerouted", "params": ModelReroutedNotification } | { "method": "deprecationNotice", "params": DeprecationNoticeNotification } | { "method": "configWarning", "params": ConfigWarningNotification } | { "method": "fuzzyFileSearch/sessionUpdated", "params": FuzzyFileSearchSessionUpdatedNotification } | { "method": "fuzzyFileSearch/sessionCompleted", "params": FuzzyFileSearchSessionCompletedNotification } | { "method": "thread/realtime/started", "params": ThreadRealtimeStartedNotification } | { "method": "thread/realtime/itemAdded", "params": ThreadRealtimeItemAddedNotification } | { "method": "thread/realtime/outputAudio/delta", "params": ThreadRealtimeOutputAudioDeltaNotification } | { "method": "thread/realtime/error", "params": ThreadRealtimeErrorNotification } | { "method": "thread/realtime/closed", "params": ThreadRealtimeClosedNotification } | { "method": "windows/worldWritableWarning", "params": WindowsWorldWritableWarningNotification } | { "method": "windowsSandbox/setupCompleted", "params": WindowsSandboxSetupCompletedNotification } | { "method": "account/login/completed", "params": AccountLoginCompletedNotification };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ApprovalsReviewer.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ApprovalsReviewer.ts
@@ -1,12 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Configures who approval requests are routed to for review. Examples
- * include sandbox escapes, blocked network access, MCP approval prompts, and
- * ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully
- * prompted subagent to gather relevant context and apply a risk-based
- * decision framework before approving or denying the request.
- */
-export type ApprovalsReviewer = "user" | "guardian_subagent";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/Config.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/Config.ts
@@ -9,15 +9,10 @@ import type { Verbosity } from "../Verbosity";
 import type { WebSearchMode } from "../WebSearchMode";
 import type { JsonValue } from "../serde_json/JsonValue";
 import type { AnalyticsConfig } from "./AnalyticsConfig";
-import type { ApprovalsReviewer } from "./ApprovalsReviewer";
 import type { AskForApproval } from "./AskForApproval";
 import type { ProfileV2 } from "./ProfileV2";
 import type { SandboxMode } from "./SandboxMode";
 import type { SandboxWorkspaceWrite } from "./SandboxWorkspaceWrite";
 import type { ToolsV2 } from "./ToolsV2";

-export type Config = {model: string | null, review_model: string | null, model_context_window: bigint | null, model_auto_compact_token_limit: bigint | null, model_provider: string | null, approval_policy: AskForApproval | null, /**
- * [UNSTABLE] Optional default for where approval requests are routed for
- * review.
- */
-approvals_reviewer: ApprovalsReviewer | null, sandbox_mode: SandboxMode | null, sandbox_workspace_write: SandboxWorkspaceWrite | null, forced_chatgpt_workspace_id: string | null, forced_login_method: ForcedLoginMethod | null, web_search: WebSearchMode | null, tools: ToolsV2 | null, profile: string | null, profiles: { [key in string]?: ProfileV2 }, instructions: string | null, developer_instructions: string | null, compact_prompt: string | null, model_reasoning_effort: ReasoningEffort | null, model_reasoning_summary: ReasoningSummary | null, model_verbosity: Verbosity | null, service_tier: ServiceTier | null, analytics: AnalyticsConfig | null} & ({ [key in string]?: number | string | boolean | Array<JsonValue> | { [key in string]?: JsonValue } | null });
+export type Config = {model: string | null, review_model: string | null, model_context_window: bigint | null, model_auto_compact_token_limit: bigint | null, model_provider: string | null, approval_policy: AskForApproval | null, sandbox_mode: SandboxMode | null, sandbox_workspace_write: SandboxWorkspaceWrite | null, forced_chatgpt_workspace_id: string | null, forced_login_method: ForcedLoginMethod | null, web_search: WebSearchMode | null, tools: ToolsV2 | null, profile: string | null, profiles: { [key in string]?: ProfileV2 }, instructions: string | null, developer_instructions: string | null, compact_prompt: string | null, model_reasoning_effort: ReasoningEffort | null, model_reasoning_summary: ReasoningSummary | null, model_verbosity: Verbosity | null, service_tier: ServiceTier | null, analytics: AnalyticsConfig | null} & ({ [key in string]?: number | string | boolean | Array<JsonValue> | { [key in string]?: JsonValue } | null });
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsCopyParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsCopyParams.ts
@@ -1,21 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { AbsolutePathBuf } from "../AbsolutePathBuf";
-
-/**
- * Copy a file or directory tree on the host filesystem.
- */
-export type FsCopyParams = { 
-/**
- * Absolute source path.
- */
-sourcePath: AbsolutePathBuf, 
-/**
- * Absolute destination path.
- */
-destinationPath: AbsolutePathBuf, 
-/**
- * Required for directory copies; ignored for file copies.
- */
-recursive?: boolean, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsCopyResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsCopyResponse.ts
@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Successful response for `fs/copy`.
- */
-export type FsCopyResponse = Record<string, never>;
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsCreateDirectoryParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsCreateDirectoryParams.ts
@@ -1,17 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { AbsolutePathBuf } from "../AbsolutePathBuf";
-
-/**
- * Create a directory on the host filesystem.
- */
-export type FsCreateDirectoryParams = { 
-/**
- * Absolute directory path to create.
- */
-path: AbsolutePathBuf, 
-/**
- * Whether parent directories should also be created. Defaults to `true`.
- */
-recursive?: boolean | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsCreateDirectoryResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsCreateDirectoryResponse.ts
@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Successful response for `fs/createDirectory`.
- */
-export type FsCreateDirectoryResponse = Record<string, never>;
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsGetMetadataParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsGetMetadataParams.ts
@@ -1,13 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { AbsolutePathBuf } from "../AbsolutePathBuf";
-
-/**
- * Request metadata for an absolute path.
- */
-export type FsGetMetadataParams = { 
-/**
- * Absolute path to inspect.
- */
-path: AbsolutePathBuf, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsGetMetadataResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsGetMetadataResponse.ts
@@ -1,24 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Metadata returned by `fs/getMetadata`.
- */
-export type FsGetMetadataResponse = { 
-/**
- * Whether the path currently resolves to a directory.
- */
-isDirectory: boolean, 
-/**
- * Whether the path currently resolves to a regular file.
- */
-isFile: boolean, 
-/**
- * File creation time in Unix milliseconds when available, otherwise `0`.
- */
-createdAtMs: number, 
-/**
- * File modification time in Unix milliseconds when available, otherwise `0`.
- */
-modifiedAtMs: number, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsReadDirectoryEntry.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsReadDirectoryEntry.ts
@@ -1,20 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * A directory entry returned by `fs/readDirectory`.
- */
-export type FsReadDirectoryEntry = { 
-/**
- * Direct child entry name only, not an absolute or relative path.
- */
-fileName: string, 
-/**
- * Whether this entry resolves to a directory.
- */
-isDirectory: boolean, 
-/**
- * Whether this entry resolves to a regular file.
- */
-isFile: boolean, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsReadDirectoryParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsReadDirectoryParams.ts
@@ -1,13 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { AbsolutePathBuf } from "../AbsolutePathBuf";
-
-/**
- * List direct child names for a directory.
- */
-export type FsReadDirectoryParams = { 
-/**
- * Absolute directory path to read.
- */
-path: AbsolutePathBuf, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsReadDirectoryResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsReadDirectoryResponse.ts
@@ -1,13 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { FsReadDirectoryEntry } from "./FsReadDirectoryEntry";
-
-/**
- * Directory entries returned by `fs/readDirectory`.
- */
-export type FsReadDirectoryResponse = { 
-/**
- * Direct child entries in the requested directory.
- */
-entries: Array<FsReadDirectoryEntry>, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsReadFileParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsReadFileParams.ts
@@ -1,13 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { AbsolutePathBuf } from "../AbsolutePathBuf";
-
-/**
- * Read a file from the host filesystem.
- */
-export type FsReadFileParams = { 
-/**
- * Absolute path to read.
- */
-path: AbsolutePathBuf, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsReadFileResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsReadFileResponse.ts
@@ -1,12 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Base64-encoded file contents returned by `fs/readFile`.
- */
-export type FsReadFileResponse = { 
-/**
- * File contents encoded as base64.
- */
-dataBase64: string, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsRemoveParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsRemoveParams.ts
@@ -1,21 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { AbsolutePathBuf } from "../AbsolutePathBuf";
-
-/**
- * Remove a file or directory tree from the host filesystem.
- */
-export type FsRemoveParams = { 
-/**
- * Absolute path to remove.
- */
-path: AbsolutePathBuf, 
-/**
- * Whether directory removal should recurse. Defaults to `true`.
- */
-recursive?: boolean | null, 
-/**
- * Whether missing paths should be ignored. Defaults to `true`.
- */
-force?: boolean | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsRemoveResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsRemoveResponse.ts
@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Successful response for `fs/remove`.
- */
-export type FsRemoveResponse = Record<string, never>;
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsWriteFileParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsWriteFileParams.ts
@@ -1,17 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { AbsolutePathBuf } from "../AbsolutePathBuf";
-
-/**
- * Write a file on the host filesystem.
- */
-export type FsWriteFileParams = { 
-/**
- * Absolute path to write.
- */
-path: AbsolutePathBuf, 
-/**
- * File contents encoded as base64.
- */
-dataBase64: string, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/FsWriteFileResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/FsWriteFileResponse.ts
@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Successful response for `fs/writeFile`.
- */
-export type FsWriteFileResponse = Record<string, never>;
--- a/codex-rs/app-server-protocol/schema/typescript/v2/GuardianApprovalReview.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/GuardianApprovalReview.ts
@@ -1,12 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { GuardianApprovalReviewStatus } from "./GuardianApprovalReviewStatus";
-import type { GuardianRiskLevel } from "./GuardianRiskLevel";
-
-/**
- * [UNSTABLE] Temporary guardian approval review payload used by
- * `item/autoApprovalReview/*` notifications. This shape is expected to change
- * soon.
- */
-export type GuardianApprovalReview = { status: GuardianApprovalReviewStatus, riskScore: number | null, riskLevel: GuardianRiskLevel | null, rationale: string | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/GuardianApprovalReviewStatus.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/GuardianApprovalReviewStatus.ts
@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * [UNSTABLE] Lifecycle state for a guardian approval review.
- */
-export type GuardianApprovalReviewStatus = "inProgress" | "approved" | "denied" | "aborted";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/GuardianRiskLevel.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/GuardianRiskLevel.ts
@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * [UNSTABLE] Risk level assigned by guardian approval review.
- */
-export type GuardianRiskLevel = "low" | "medium" | "high";
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewCompletedNotification.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewCompletedNotification.ts
@@ -1,15 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { JsonValue } from "../serde_json/JsonValue";
-import type { GuardianApprovalReview } from "./GuardianApprovalReview";
-
-/**
- * [UNSTABLE] Temporary notification payload for guardian automatic approval
- * review. This shape is expected to change soon.
- *
- * TODO(ccunningham): Attach guardian review state to the reviewed tool item's
- * lifecycle instead of sending separate standalone review notifications so the
- * app-server API can persist and replay review state via `thread/read`.
- */
-export type ItemGuardianApprovalReviewCompletedNotification = { threadId: string, turnId: string, targetItemId: string, review: GuardianApprovalReview, action: JsonValue | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewStartedNotification.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewStartedNotification.ts
@@ -1,15 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { JsonValue } from "../serde_json/JsonValue";
-import type { GuardianApprovalReview } from "./GuardianApprovalReview";
-
-/**
- * [UNSTABLE] Temporary notification payload for guardian automatic approval
- * review. This shape is expected to change soon.
- *
- * TODO(ccunningham): Attach guardian review state to the reviewed tool item's
- * lifecycle instead of sending separate standalone review notifications so the
- * app-server API can persist and replay review state via `thread/read`.
- */
-export type ItemGuardianApprovalReviewStartedNotification = { threadId: string, turnId: string, targetItemId: string, review: GuardianApprovalReview, action: JsonValue | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ProfileV2.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ProfileV2.ts
@@ -7,13 +7,7 @@ import type { ServiceTier } from "../ServiceTier";
 import type { Verbosity } from "../Verbosity";
 import type { WebSearchMode } from "../WebSearchMode";
 import type { JsonValue } from "../serde_json/JsonValue";
-import type { ApprovalsReviewer } from "./ApprovalsReviewer";
 import type { AskForApproval } from "./AskForApproval";
 import type { ToolsV2 } from "./ToolsV2";

-export type ProfileV2 = {model: string | null, model_provider: string | null, approval_policy: AskForApproval | null, /**
- * [UNSTABLE] Optional profile-level override for where approval requests
- * are routed for review. If omitted, the enclosing config default is
- * used.
- */
-approvals_reviewer: ApprovalsReviewer | null, service_tier: ServiceTier | null, model_reasoning_effort: ReasoningEffort | null, model_reasoning_summary: ReasoningSummary | null, model_verbosity: Verbosity | null, web_search: WebSearchMode | null, tools: ToolsV2 | null, chatgpt_base_url: string | null} & ({ [key in string]?: number | string | boolean | Array<JsonValue> | { [key in string]?: JsonValue } | null });
+export type ProfileV2 = { model: string | null, model_provider: string | null, approval_policy: AskForApproval | null, service_tier: ServiceTier | null, model_reasoning_effort: ReasoningEffort | null, model_reasoning_summary: ReasoningSummary | null, model_verbosity: Verbosity | null, web_search: WebSearchMode | null, tools: ToolsV2 | null, chatgpt_base_url: string | null, } & ({ [key in string]?: number | string | boolean | Array<JsonValue> | { [key in string]?: JsonValue } | null });
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadForkParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadForkParams.ts
@@ -3,7 +3,6 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ServiceTier } from "../ServiceTier";
 import type { JsonValue } from "../serde_json/JsonValue";
-import type { ApprovalsReviewer } from "./ApprovalsReviewer";
 import type { AskForApproval } from "./AskForApproval";
 import type { SandboxMode } from "./SandboxMode";

@@ -23,11 +22,7 @@ export type ThreadForkParams = {threadId: string, /**
 path?: string | null, /**
 * Configuration overrides for the forked thread, if any.
 */
-model?: string | null, modelProvider?: string | null, serviceTier?: ServiceTier | null | null, cwd?: string | null, approvalPolicy?: AskForApproval | null, /**
- * Override where approval requests are routed for review on this thread
- * and subsequent turns.
- */
-approvalsReviewer?: ApprovalsReviewer | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, baseInstructions?: string | null, developerInstructions?: string | null, ephemeral?: boolean, /**
+model?: string | null, modelProvider?: string | null, serviceTier?: ServiceTier | null | null, cwd?: string | null, approvalPolicy?: AskForApproval | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, baseInstructions?: string | null, developerInstructions?: string | null, ephemeral?: boolean, /**
 * If true, persist additional rollout EventMsg variants required to
 * reconstruct a richer thread history on subsequent resume/fork/read.
 */
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadForkResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadForkResponse.ts
@@ -3,13 +3,8 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ReasoningEffort } from "../ReasoningEffort";
 import type { ServiceTier } from "../ServiceTier";
-import type { ApprovalsReviewer } from "./ApprovalsReviewer";
 import type { AskForApproval } from "./AskForApproval";
 import type { SandboxPolicy } from "./SandboxPolicy";
 import type { Thread } from "./Thread";

-export type ThreadForkResponse = { thread: Thread, model: string, modelProvider: string, serviceTier: ServiceTier | null, cwd: string, approvalPolicy: AskForApproval, 
-/**
- * Reviewer currently used for approval requests on this thread.
- */
-approvalsReviewer: ApprovalsReviewer, sandbox: SandboxPolicy, reasoningEffort: ReasoningEffort | null, };
+export type ThreadForkResponse = { thread: Thread, model: string, modelProvider: string, serviceTier: ServiceTier | null, cwd: string, approvalPolicy: AskForApproval, sandbox: SandboxPolicy, reasoningEffort: ReasoningEffort | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadResumeParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadResumeParams.ts
@@ -5,7 +5,6 @@ import type { Personality } from "../Personality";
 import type { ResponseItem } from "../ResponseItem";
 import type { ServiceTier } from "../ServiceTier";
 import type { JsonValue } from "../serde_json/JsonValue";
-import type { ApprovalsReviewer } from "./ApprovalsReviewer";
 import type { AskForApproval } from "./AskForApproval";
 import type { SandboxMode } from "./SandboxMode";

@@ -32,11 +31,7 @@ history?: Array<ResponseItem> | null, /**
 path?: string | null, /**
 * Configuration overrides for the resumed thread, if any.
 */
-model?: string | null, modelProvider?: string | null, serviceTier?: ServiceTier | null | null, cwd?: string | null, approvalPolicy?: AskForApproval | null, /**
- * Override where approval requests are routed for review on this thread
- * and subsequent turns.
- */
-approvalsReviewer?: ApprovalsReviewer | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, baseInstructions?: string | null, developerInstructions?: string | null, personality?: Personality | null, /**
+model?: string | null, modelProvider?: string | null, serviceTier?: ServiceTier | null | null, cwd?: string | null, approvalPolicy?: AskForApproval | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, baseInstructions?: string | null, developerInstructions?: string | null, personality?: Personality | null, /**
 * If true, persist additional rollout EventMsg variants required to
 * reconstruct a richer thread history on subsequent resume/fork/read.
 */
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadResumeResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadResumeResponse.ts
@@ -3,13 +3,8 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ReasoningEffort } from "../ReasoningEffort";
 import type { ServiceTier } from "../ServiceTier";
-import type { ApprovalsReviewer } from "./ApprovalsReviewer";
 import type { AskForApproval } from "./AskForApproval";
 import type { SandboxPolicy } from "./SandboxPolicy";
 import type { Thread } from "./Thread";

-export type ThreadResumeResponse = { thread: Thread, model: string, modelProvider: string, serviceTier: ServiceTier | null, cwd: string, approvalPolicy: AskForApproval, 
-/**
- * Reviewer currently used for approval requests on this thread.
- */
-approvalsReviewer: ApprovalsReviewer, sandbox: SandboxPolicy, reasoningEffort: ReasoningEffort | null, };
+export type ThreadResumeResponse = { thread: Thread, model: string, modelProvider: string, serviceTier: ServiceTier | null, cwd: string, approvalPolicy: AskForApproval, sandbox: SandboxPolicy, reasoningEffort: ReasoningEffort | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadStartParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadStartParams.ts
@@ -4,15 +4,10 @@
 import type { Personality } from "../Personality";
 import type { ServiceTier } from "../ServiceTier";
 import type { JsonValue } from "../serde_json/JsonValue";
-import type { ApprovalsReviewer } from "./ApprovalsReviewer";
 import type { AskForApproval } from "./AskForApproval";
 import type { SandboxMode } from "./SandboxMode";

-export type ThreadStartParams = {model?: string | null, modelProvider?: string | null, serviceTier?: ServiceTier | null | null, cwd?: string | null, approvalPolicy?: AskForApproval | null, /**
- * Override where approval requests are routed for review on this thread
- * and subsequent turns.
- */
-approvalsReviewer?: ApprovalsReviewer | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, serviceName?: string | null, baseInstructions?: string | null, developerInstructions?: string | null, personality?: Personality | null, ephemeral?: boolean | null, /**
+export type ThreadStartParams = {model?: string | null, modelProvider?: string | null, serviceTier?: ServiceTier | null | null, cwd?: string | null, approvalPolicy?: AskForApproval | null, sandbox?: SandboxMode | null, config?: { [key in string]?: JsonValue } | null, serviceName?: string | null, baseInstructions?: string | null, developerInstructions?: string | null, personality?: Personality | null, ephemeral?: boolean | null, /**
 * If true, opt into emitting raw Responses API items on the event stream.
 * This is for internal use only (e.g. Codex Cloud).
 */
--- a/codex-rs/app-server-protocol/schema/typescript/v2/ThreadStartResponse.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/ThreadStartResponse.ts
@@ -3,13 +3,8 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ReasoningEffort } from "../ReasoningEffort";
 import type { ServiceTier } from "../ServiceTier";
-import type { ApprovalsReviewer } from "./ApprovalsReviewer";
 import type { AskForApproval } from "./AskForApproval";
 import type { SandboxPolicy } from "./SandboxPolicy";
 import type { Thread } from "./Thread";

-export type ThreadStartResponse = { thread: Thread, model: string, modelProvider: string, serviceTier: ServiceTier | null, cwd: string, approvalPolicy: AskForApproval, 
-/**
- * Reviewer currently used for approval requests on this thread.
- */
-approvalsReviewer: ApprovalsReviewer, sandbox: SandboxPolicy, reasoningEffort: ReasoningEffort | null, };
+export type ThreadStartResponse = { thread: Thread, model: string, modelProvider: string, serviceTier: ServiceTier | null, cwd: string, approvalPolicy: AskForApproval, sandbox: SandboxPolicy, reasoningEffort: ReasoningEffort | null, };
--- a/codex-rs/app-server-protocol/schema/typescript/v2/TurnStartParams.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/TurnStartParams.ts
@@ -7,7 +7,6 @@ import type { ReasoningEffort } from "../ReasoningEffort";
 import type { ReasoningSummary } from "../ReasoningSummary";
 import type { ServiceTier } from "../ServiceTier";
 import type { JsonValue } from "../serde_json/JsonValue";
-import type { ApprovalsReviewer } from "./ApprovalsReviewer";
 import type { AskForApproval } from "./AskForApproval";
 import type { SandboxPolicy } from "./SandboxPolicy";
 import type { UserInput } from "./UserInput";
@@ -19,10 +18,6 @@ cwd?: string | null, /**
 * Override the approval policy for this turn and subsequent turns.
 */
 approvalPolicy?: AskForApproval | null, /**
- * Override where approval requests are routed for review on this turn and
- * subsequent turns.
- */
-approvalsReviewer?: ApprovalsReviewer | null, /**
 * Override the sandbox policy for this turn and subsequent turns.
 */
 sandboxPolicy?: SandboxPolicy | null, /**
--- a/codex-rs/app-server-protocol/schema/typescript/v2/index.ts
+++ b/codex-rs/app-server-protocol/schema/typescript/v2/index.ts
@@ -19,7 +19,6 @@ export type { AppScreenshot } from "./AppScreenshot";
 export type { AppSummary } from "./AppSummary";
 export type { AppToolApproval } from "./AppToolApproval";
 export type { AppToolsConfig } from "./AppToolsConfig";
-export type { ApprovalsReviewer } from "./ApprovalsReviewer";
 export type { AppsConfig } from "./AppsConfig";
 export type { AppsDefaultConfig } from "./AppsDefaultConfig";
 export type { AppsListParams } from "./AppsListParams";
@@ -96,30 +95,12 @@ export type { FileChangeOutputDeltaNotification } from "./FileChangeOutputDeltaN
 export type { FileChangeRequestApprovalParams } from "./FileChangeRequestApprovalParams";
 export type { FileChangeRequestApprovalResponse } from "./FileChangeRequestApprovalResponse";
 export type { FileUpdateChange } from "./FileUpdateChange";
-export type { FsCopyParams } from "./FsCopyParams";
-export type { FsCopyResponse } from "./FsCopyResponse";
-export type { FsCreateDirectoryParams } from "./FsCreateDirectoryParams";
-export type { FsCreateDirectoryResponse } from "./FsCreateDirectoryResponse";
-export type { FsGetMetadataParams } from "./FsGetMetadataParams";
-export type { FsGetMetadataResponse } from "./FsGetMetadataResponse";
-export type { FsReadDirectoryEntry } from "./FsReadDirectoryEntry";
-export type { FsReadDirectoryParams } from "./FsReadDirectoryParams";
-export type { FsReadDirectoryResponse } from "./FsReadDirectoryResponse";
-export type { FsReadFileParams } from "./FsReadFileParams";
-export type { FsReadFileResponse } from "./FsReadFileResponse";
-export type { FsRemoveParams } from "./FsRemoveParams";
-export type { FsRemoveResponse } from "./FsRemoveResponse";
-export type { FsWriteFileParams } from "./FsWriteFileParams";
-export type { FsWriteFileResponse } from "./FsWriteFileResponse";
 export type { GetAccountParams } from "./GetAccountParams";
 export type { GetAccountRateLimitsResponse } from "./GetAccountRateLimitsResponse";
 export type { GetAccountResponse } from "./GetAccountResponse";
 export type { GitInfo } from "./GitInfo";
 export type { GrantedMacOsPermissions } from "./GrantedMacOsPermissions";
 export type { GrantedPermissionProfile } from "./GrantedPermissionProfile";
-export type { GuardianApprovalReview } from "./GuardianApprovalReview";
-export type { GuardianApprovalReviewStatus } from "./GuardianApprovalReviewStatus";
-export type { GuardianRiskLevel } from "./GuardianRiskLevel";
 export type { HazelnutScope } from "./HazelnutScope";
 export type { HookCompletedNotification } from "./HookCompletedNotification";
 export type { HookEventName } from "./HookEventName";
@@ -132,8 +113,6 @@ export type { HookRunSummary } from "./HookRunSummary";
 export type { HookScope } from "./HookScope";
 export type { HookStartedNotification } from "./HookStartedNotification";
 export type { ItemCompletedNotification } from "./ItemCompletedNotification";
-export type { ItemGuardianApprovalReviewCompletedNotification } from "./ItemGuardianApprovalReviewCompletedNotification";
-export type { ItemGuardianApprovalReviewStartedNotification } from "./ItemGuardianApprovalReviewStartedNotification";
 export type { ItemStartedNotification } from "./ItemStartedNotification";
 export type { ListMcpServerStatusParams } from "./ListMcpServerStatusParams";
 export type { ListMcpServerStatusResponse } from "./ListMcpServerStatusResponse";
--- a/codex-rs/app-server-protocol/src/jsonrpc_lite.rs
+++ b/codex-rs/app-server-protocol/src/jsonrpc_lite.rs
@@ -5,7 +5,6 @@ use codex_protocol::protocol::W3cTraceContext;
 use schemars::JsonSchema;
 use serde::Deserialize;
 use serde::Serialize;
-use std::fmt;
 use ts_rs::TS;

 pub const JSONRPC_VERSION: &str = "2.0";
@@ -20,15 +19,6 @@ pub enum RequestId {
    Integer(i64),
 }

-impl fmt::Display for RequestId {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        match self {
-            Self::String(value) => f.write_str(value),
-            Self::Integer(value) => write!(f, "{value}"),
-        }
-    }
-}
-
 pub type Result = serde_json::Value;

 /// Refers to any valid JSON-RPC object that can be decoded off the wire, or encoded to be sent.
--- a/codex-rs/app-server-protocol/src/protocol/common.rs
+++ b/codex-rs/app-server-protocol/src/protocol/common.rs
@@ -312,34 +312,6 @@ client_request_definitions! {
        params: v2::AppsListParams,
        response: v2::AppsListResponse,
    },
-    FsReadFile => "fs/readFile" {
-        params: v2::FsReadFileParams,
-        response: v2::FsReadFileResponse,
-    },
-    FsWriteFile => "fs/writeFile" {
-        params: v2::FsWriteFileParams,
-        response: v2::FsWriteFileResponse,
-    },
-    FsCreateDirectory => "fs/createDirectory" {
-        params: v2::FsCreateDirectoryParams,
-        response: v2::FsCreateDirectoryResponse,
-    },
-    FsGetMetadata => "fs/getMetadata" {
-        params: v2::FsGetMetadataParams,
-        response: v2::FsGetMetadataResponse,
-    },
-    FsReadDirectory => "fs/readDirectory" {
-        params: v2::FsReadDirectoryParams,
-        response: v2::FsReadDirectoryResponse,
-    },
-    FsRemove => "fs/remove" {
-        params: v2::FsRemoveParams,
-        response: v2::FsRemoveResponse,
-    },
-    FsCopy => "fs/copy" {
-        params: v2::FsCopyParams,
-        response: v2::FsCopyResponse,
-    },
    SkillsConfigWrite => "skills/config/write" {
        params: v2::SkillsConfigWriteParams,
        response: v2::SkillsConfigWriteResponse,
@@ -884,8 +856,6 @@ server_notification_definitions! {
    TurnDiffUpdated => "turn/diff/updated" (v2::TurnDiffUpdatedNotification),
    TurnPlanUpdated => "turn/plan/updated" (v2::TurnPlanUpdatedNotification),
    ItemStarted => "item/started" (v2::ItemStartedNotification),
-    ItemGuardianApprovalReviewStarted => "item/autoApprovalReview/started" (v2::ItemGuardianApprovalReviewStartedNotification),
-    ItemGuardianApprovalReviewCompleted => "item/autoApprovalReview/completed" (v2::ItemGuardianApprovalReviewCompletedNotification),
    ItemCompleted => "item/completed" (v2::ItemCompletedNotification),
    /// This event is internal-only. Used by Codex Cloud.
    RawResponseItemCompleted => "rawResponseItem/completed" (v2::RawResponseItemCompletedNotification),
@@ -951,17 +921,8 @@ mod tests {
    use serde_json::json;
    use std::path::PathBuf;

-    fn absolute_path_string(path: &str) -> String {
-        let trimmed = path.trim_start_matches('/');
-        if cfg!(windows) {
-            format!(r"C:\{}", trimmed.replace('/', "\\"))
-        } else {
-            format!("/{trimmed}")
-        }
-    }
-
    fn absolute_path(path: &str) -> AbsolutePathBuf {
-        AbsolutePathBuf::from_absolute_path(absolute_path_string(path)).expect("absolute path")
+        AbsolutePathBuf::from_absolute_path(path).expect("absolute path")
    }

    #[test]
@@ -1458,27 +1419,6 @@ mod tests {
        Ok(())
    }

-    #[test]
-    fn serialize_fs_get_metadata() -> Result<()> {
-        let request = ClientRequest::FsGetMetadata {
-            request_id: RequestId::Integer(9),
-            params: v2::FsGetMetadataParams {
-                path: absolute_path("tmp/example"),
-            },
-        };
-        assert_eq!(
-            json!({
-                "method": "fs/getMetadata",
-                "id": 9,
-                "params": {
-                    "path": absolute_path_string("tmp/example")
-                }
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
    #[test]
    fn serialize_list_experimental_features() -> Result<()> {
        let request = ClientRequest::ExperimentalFeatureList {
--- a/codex-rs/app-server-protocol/src/protocol/v1.rs
+++ b/codex-rs/app-server-protocol/src/protocol/v1.rs
@@ -56,12 +56,6 @@ pub struct InitializeCapabilities {
 #[serde(rename_all = "camelCase")]
 pub struct InitializeResponse {
    pub user_agent: String,
-    /// Platform family for the running app-server target, for example
-    /// `"unix"` or `"windows"`.
-    pub platform_family: String,
-    /// Operating system for the running app-server target, for example
-    /// `"macos"`, `"linux"`, or `"windows"`.
-    pub platform_os: String,
 }

 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
--- a/codex-rs/app-server-protocol/src/protocol/v2.rs
+++ b/codex-rs/app-server-protocol/src/protocol/v2.rs
@@ -13,7 +13,6 @@ use codex_protocol::approvals::NetworkApprovalContext as CoreNetworkApprovalCont
 use codex_protocol::approvals::NetworkApprovalProtocol as CoreNetworkApprovalProtocol;
 use codex_protocol::approvals::NetworkPolicyAmendment as CoreNetworkPolicyAmendment;
 use codex_protocol::approvals::NetworkPolicyRuleAction as CoreNetworkPolicyRuleAction;
-use codex_protocol::config_types::ApprovalsReviewer as CoreApprovalsReviewer;
 use codex_protocol::config_types::CollaborationMode;
 use codex_protocol::config_types::CollaborationModeMask as CoreCollaborationModeMask;
 use codex_protocol::config_types::ForcedLoginMethod;
@@ -52,7 +51,6 @@ use codex_protocol::protocol::CodexErrorInfo as CoreCodexErrorInfo;
 use codex_protocol::protocol::CreditsSnapshot as CoreCreditsSnapshot;
 use codex_protocol::protocol::ExecCommandStatus as CoreExecCommandStatus;
 use codex_protocol::protocol::GranularApprovalConfig as CoreGranularApprovalConfig;
-use codex_protocol::protocol::GuardianRiskLevel as CoreGuardianRiskLevel;
 use codex_protocol::protocol::HookEventName as CoreHookEventName;
 use codex_protocol::protocol::HookExecutionMode as CoreHookExecutionMode;
 use codex_protocol::protocol::HookHandlerType as CoreHookHandlerType;
@@ -258,37 +256,6 @@ impl From<CoreAskForApproval> for AskForApproval {
    }
 }

-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "snake_case")]
-#[ts(rename_all = "snake_case", export_to = "v2/")]
-/// Configures who approval requests are routed to for review. Examples
-/// include sandbox escapes, blocked network access, MCP approval prompts, and
-/// ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully
-/// prompted subagent to gather relevant context and apply a risk-based
-/// decision framework before approving or denying the request.
-pub enum ApprovalsReviewer {
-    User,
-    GuardianSubagent,
-}
-
-impl ApprovalsReviewer {
-    pub fn to_core(self) -> CoreApprovalsReviewer {
-        match self {
-            ApprovalsReviewer::User => CoreApprovalsReviewer::User,
-            ApprovalsReviewer::GuardianSubagent => CoreApprovalsReviewer::GuardianSubagent,
-        }
-    }
-}
-
-impl From<CoreApprovalsReviewer> for ApprovalsReviewer {
-    fn from(value: CoreApprovalsReviewer) -> Self {
-        match value {
-            CoreApprovalsReviewer::User => ApprovalsReviewer::User,
-            CoreApprovalsReviewer::GuardianSubagent => ApprovalsReviewer::GuardianSubagent,
-        }
-    }
-}
-
 #[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
 #[serde(rename_all = "kebab-case")]
 #[ts(rename_all = "kebab-case", export_to = "v2/")]
@@ -552,11 +519,6 @@ pub struct ProfileV2 {
    pub model_provider: Option<String>,
    #[experimental(nested)]
    pub approval_policy: Option<AskForApproval>,
-    /// [UNSTABLE] Optional profile-level override for where approval requests
-    /// are routed for review. If omitted, the enclosing config default is
-    /// used.
-    #[experimental("config/read.approvalsReviewer")]
-    pub approvals_reviewer: Option<ApprovalsReviewer>,
    pub service_tier: Option<ServiceTier>,
    pub model_reasoning_effort: Option<ReasoningEffort>,
    pub model_reasoning_summary: Option<ReasoningSummary>,
@@ -656,10 +618,6 @@ pub struct Config {
    pub model_provider: Option<String>,
    #[experimental(nested)]
    pub approval_policy: Option<AskForApproval>,
-    /// [UNSTABLE] Optional default for where approval requests are routed for
-    /// review.
-    #[experimental("config/read.approvalsReviewer")]
-    pub approvals_reviewer: Option<ApprovalsReviewer>,
    pub sandbox_mode: Option<SandboxMode>,
    pub sandbox_workspace_write: Option<SandboxWorkspaceWrite>,
    pub forced_chatgpt_workspace_id: Option<String>,
@@ -2110,157 +2068,6 @@ pub struct FeedbackUploadResponse {
    pub thread_id: String,
 }

-/// Read a file from the host filesystem.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsReadFileParams {
-    /// Absolute path to read.
-    pub path: AbsolutePathBuf,
-}
-
-/// Base64-encoded file contents returned by `fs/readFile`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsReadFileResponse {
-    /// File contents encoded as base64.
-    pub data_base64: String,
-}
-
-/// Write a file on the host filesystem.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsWriteFileParams {
-    /// Absolute path to write.
-    pub path: AbsolutePathBuf,
-    /// File contents encoded as base64.
-    pub data_base64: String,
-}
-
-/// Successful response for `fs/writeFile`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsWriteFileResponse {}
-
-/// Create a directory on the host filesystem.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsCreateDirectoryParams {
-    /// Absolute directory path to create.
-    pub path: AbsolutePathBuf,
-    /// Whether parent directories should also be created. Defaults to `true`.
-    #[ts(optional = nullable)]
-    pub recursive: Option<bool>,
-}
-
-/// Successful response for `fs/createDirectory`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsCreateDirectoryResponse {}
-
-/// Request metadata for an absolute path.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsGetMetadataParams {
-    /// Absolute path to inspect.
-    pub path: AbsolutePathBuf,
-}
-
-/// Metadata returned by `fs/getMetadata`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsGetMetadataResponse {
-    /// Whether the path currently resolves to a directory.
-    pub is_directory: bool,
-    /// Whether the path currently resolves to a regular file.
-    pub is_file: bool,
-    /// File creation time in Unix milliseconds when available, otherwise `0`.
-    #[ts(type = "number")]
-    pub created_at_ms: i64,
-    /// File modification time in Unix milliseconds when available, otherwise `0`.
-    #[ts(type = "number")]
-    pub modified_at_ms: i64,
-}
-
-/// List direct child names for a directory.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsReadDirectoryParams {
-    /// Absolute directory path to read.
-    pub path: AbsolutePathBuf,
-}
-
-/// A directory entry returned by `fs/readDirectory`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsReadDirectoryEntry {
-    /// Direct child entry name only, not an absolute or relative path.
-    pub file_name: String,
-    /// Whether this entry resolves to a directory.
-    pub is_directory: bool,
-    /// Whether this entry resolves to a regular file.
-    pub is_file: bool,
-}
-
-/// Directory entries returned by `fs/readDirectory`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsReadDirectoryResponse {
-    /// Direct child entries in the requested directory.
-    pub entries: Vec<FsReadDirectoryEntry>,
-}
-
-/// Remove a file or directory tree from the host filesystem.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsRemoveParams {
-    /// Absolute path to remove.
-    pub path: AbsolutePathBuf,
-    /// Whether directory removal should recurse. Defaults to `true`.
-    #[ts(optional = nullable)]
-    pub recursive: Option<bool>,
-    /// Whether missing paths should be ignored. Defaults to `true`.
-    #[ts(optional = nullable)]
-    pub force: Option<bool>,
-}
-
-/// Successful response for `fs/remove`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsRemoveResponse {}
-
-/// Copy a file or directory tree on the host filesystem.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsCopyParams {
-    /// Absolute source path.
-    pub source_path: AbsolutePathBuf,
-    /// Absolute destination path.
-    pub destination_path: AbsolutePathBuf,
-    /// Required for directory copies; ignored for file copies.
-    #[serde(default, skip_serializing_if = "std::ops::Not::not")]
-    pub recursive: bool,
-}
-
-/// Successful response for `fs/copy`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FsCopyResponse {}
-
 /// PTY size in character cells for `command/exec` PTY sessions.
 #[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
@@ -2464,10 +2271,6 @@ pub struct ThreadStartParams {
    #[experimental(nested)]
    #[ts(optional = nullable)]
    pub approval_policy: Option<AskForApproval>,
-    /// Override where approval requests are routed for review on this thread
-    /// and subsequent turns.
-    #[ts(optional = nullable)]
-    pub approvals_reviewer: Option<ApprovalsReviewer>,
    #[ts(optional = nullable)]
    pub sandbox: Option<SandboxMode>,
    #[ts(optional = nullable)]
@@ -2530,8 +2333,6 @@ pub struct ThreadStartResponse {
    pub cwd: PathBuf,
    #[experimental(nested)]
    pub approval_policy: AskForApproval,
-    /// Reviewer currently used for approval requests on this thread.
-    pub approvals_reviewer: ApprovalsReviewer,
    pub sandbox: SandboxPolicy,
    pub reasoning_effort: Option<ReasoningEffort>,
 }
@@ -2584,10 +2385,6 @@ pub struct ThreadResumeParams {
    #[experimental(nested)]
    #[ts(optional = nullable)]
    pub approval_policy: Option<AskForApproval>,
-    /// Override where approval requests are routed for review on this thread
-    /// and subsequent turns.
-    #[ts(optional = nullable)]
-    pub approvals_reviewer: Option<ApprovalsReviewer>,
    #[ts(optional = nullable)]
    pub sandbox: Option<SandboxMode>,
    #[ts(optional = nullable)]
@@ -2616,8 +2413,6 @@ pub struct ThreadResumeResponse {
    pub cwd: PathBuf,
    #[experimental(nested)]
    pub approval_policy: AskForApproval,
-    /// Reviewer currently used for approval requests on this thread.
-    pub approvals_reviewer: ApprovalsReviewer,
    pub sandbox: SandboxPolicy,
    pub reasoning_effort: Option<ReasoningEffort>,
 }
@@ -2661,10 +2456,6 @@ pub struct ThreadForkParams {
    #[experimental(nested)]
    #[ts(optional = nullable)]
    pub approval_policy: Option<AskForApproval>,
-    /// Override where approval requests are routed for review on this thread
-    /// and subsequent turns.
-    #[ts(optional = nullable)]
-    pub approvals_reviewer: Option<ApprovalsReviewer>,
    #[ts(optional = nullable)]
    pub sandbox: Option<SandboxMode>,
    #[ts(optional = nullable)]
@@ -2693,8 +2484,6 @@ pub struct ThreadForkResponse {
    pub cwd: PathBuf,
    #[experimental(nested)]
    pub approval_policy: AskForApproval,
-    /// Reviewer currently used for approval requests on this thread.
-    pub approvals_reviewer: ApprovalsReviewer,
    pub sandbox: SandboxPolicy,
    pub reasoning_effort: Option<ReasoningEffort>,
 }
@@ -3818,10 +3607,6 @@ pub struct TurnStartParams {
    #[experimental(nested)]
    #[ts(optional = nullable)]
    pub approval_policy: Option<AskForApproval>,
-    /// Override where approval requests are routed for review on this turn and
-    /// subsequent turns.
-    #[ts(optional = nullable)]
-    pub approvals_reviewer: Option<ApprovalsReviewer>,
    /// Override the sandbox policy for this turn and subsequent turns.
    #[ts(optional = nullable)]
    pub sandbox_policy: Option<SandboxPolicy>,
@@ -4258,53 +4043,6 @@ impl ThreadItem {
    }
 }

-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-/// [UNSTABLE] Lifecycle state for a guardian approval review.
-pub enum GuardianApprovalReviewStatus {
-    InProgress,
-    Approved,
-    Denied,
-    Aborted,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "lowercase")]
-#[ts(export_to = "v2/")]
-/// [UNSTABLE] Risk level assigned by guardian approval review.
-pub enum GuardianRiskLevel {
-    Low,
-    Medium,
-    High,
-}
-
-impl From<CoreGuardianRiskLevel> for GuardianRiskLevel {
-    fn from(value: CoreGuardianRiskLevel) -> Self {
-        match value {
-            CoreGuardianRiskLevel::Low => Self::Low,
-            CoreGuardianRiskLevel::Medium => Self::Medium,
-            CoreGuardianRiskLevel::High => Self::High,
-        }
-    }
-}
-
-/// [UNSTABLE] Temporary guardian approval review payload used by
-/// `item/autoApprovalReview/*` notifications. This shape is expected to change
-/// soon.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct GuardianApprovalReview {
-    pub status: GuardianApprovalReviewStatus,
-    #[serde(alias = "risk_score")]
-    #[ts(type = "number | null")]
-    pub risk_score: Option<u8>,
-    #[serde(alias = "risk_level")]
-    pub risk_level: Option<GuardianRiskLevel>,
-    pub rationale: Option<String>,
-}
-
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(tag = "type", rename_all = "camelCase")]
 #[ts(tag = "type", rename_all = "camelCase")]
@@ -4736,40 +4474,6 @@ pub struct ItemStartedNotification {
    pub turn_id: String,
 }

-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-/// [UNSTABLE] Temporary notification payload for guardian automatic approval
-/// review. This shape is expected to change soon.
-///
-/// TODO(ccunningham): Attach guardian review state to the reviewed tool item's
-/// lifecycle instead of sending separate standalone review notifications so the
-/// app-server API can persist and replay review state via `thread/read`.
-pub struct ItemGuardianApprovalReviewStartedNotification {
-    pub thread_id: String,
-    pub turn_id: String,
-    pub target_item_id: String,
-    pub review: GuardianApprovalReview,
-    pub action: Option<JsonValue>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-/// [UNSTABLE] Temporary notification payload for guardian automatic approval
-/// review. This shape is expected to change soon.
-///
-/// TODO(ccunningham): Attach guardian review state to the reviewed tool item's
-/// lifecycle instead of sending separate standalone review notifications so the
-/// app-server API can persist and replay review state via `thread/read`.
-pub struct ItemGuardianApprovalReviewCompletedNotification {
-    pub thread_id: String,
-    pub turn_id: String,
-    pub target_item_id: String,
-    pub review: GuardianApprovalReview,
-    pub action: Option<JsonValue>,
-}
-
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]
@@ -5831,22 +5535,13 @@ mod tests {
    use serde_json::json;
    use std::path::PathBuf;

-    fn absolute_path_string(path: &str) -> String {
-        let trimmed = path.trim_start_matches('/');
-        if cfg!(windows) {
-            format!(r"C:\{}", trimmed.replace('/', "\\"))
-        } else {
-            format!("/{trimmed}")
-        }
-    }
-
-    fn absolute_path(path: &str) -> AbsolutePathBuf {
-        AbsolutePathBuf::from_absolute_path(absolute_path_string(path))
-            .expect("path must be absolute")
-    }
-
    fn test_absolute_path() -> AbsolutePathBuf {
-        absolute_path("readable")
+        let path = if cfg!(windows) {
+            r"C:\readable"
+        } else {
+            "/readable"
+        };
+        AbsolutePathBuf::from_absolute_path(path).expect("path must be absolute")
    }

    #[test]
@@ -6196,134 +5891,6 @@ mod tests {
        assert_eq!(response.scope, PermissionGrantScope::Turn);
    }

-    #[test]
-    fn fs_get_metadata_response_round_trips_minimal_fields() {
-        let response = FsGetMetadataResponse {
-            is_directory: false,
-            is_file: true,
-            created_at_ms: 123,
-            modified_at_ms: 456,
-        };
-
-        let value = serde_json::to_value(&response).expect("serialize fs/getMetadata response");
-        assert_eq!(
-            value,
-            json!({
-                "isDirectory": false,
-                "isFile": true,
-                "createdAtMs": 123,
-                "modifiedAtMs": 456,
-            })
-        );
-
-        let decoded = serde_json::from_value::<FsGetMetadataResponse>(value)
-            .expect("deserialize fs/getMetadata response");
-        assert_eq!(decoded, response);
-    }
-
-    #[test]
-    fn fs_read_file_response_round_trips_base64_data() {
-        let response = FsReadFileResponse {
-            data_base64: "aGVsbG8=".to_string(),
-        };
-
-        let value = serde_json::to_value(&response).expect("serialize fs/readFile response");
-        assert_eq!(
-            value,
-            json!({
-                "dataBase64": "aGVsbG8=",
-            })
-        );
-
-        let decoded = serde_json::from_value::<FsReadFileResponse>(value)
-            .expect("deserialize fs/readFile response");
-        assert_eq!(decoded, response);
-    }
-
-    #[test]
-    fn fs_read_file_params_round_trip() {
-        let params = FsReadFileParams {
-            path: absolute_path("tmp/example.txt"),
-        };
-
-        let value = serde_json::to_value(&params).expect("serialize fs/readFile params");
-        assert_eq!(
-            value,
-            json!({
-                "path": absolute_path_string("tmp/example.txt"),
-            })
-        );
-
-        let decoded = serde_json::from_value::<FsReadFileParams>(value)
-            .expect("deserialize fs/readFile params");
-        assert_eq!(decoded, params);
-    }
-
-    #[test]
-    fn fs_create_directory_params_round_trip_with_default_recursive() {
-        let params = FsCreateDirectoryParams {
-            path: absolute_path("tmp/example"),
-            recursive: None,
-        };
-
-        let value = serde_json::to_value(&params).expect("serialize fs/createDirectory params");
-        assert_eq!(
-            value,
-            json!({
-                "path": absolute_path_string("tmp/example"),
-                "recursive": null,
-            })
-        );
-
-        let decoded = serde_json::from_value::<FsCreateDirectoryParams>(value)
-            .expect("deserialize fs/createDirectory params");
-        assert_eq!(decoded, params);
-    }
-
-    #[test]
-    fn fs_write_file_params_round_trip_with_base64_data() {
-        let params = FsWriteFileParams {
-            path: absolute_path("tmp/example.bin"),
-            data_base64: "AAE=".to_string(),
-        };
-
-        let value = serde_json::to_value(&params).expect("serialize fs/writeFile params");
-        assert_eq!(
-            value,
-            json!({
-                "path": absolute_path_string("tmp/example.bin"),
-                "dataBase64": "AAE=",
-            })
-        );
-
-        let decoded = serde_json::from_value::<FsWriteFileParams>(value)
-            .expect("deserialize fs/writeFile params");
-        assert_eq!(decoded, params);
-    }
-
-    #[test]
-    fn fs_copy_params_round_trip_with_recursive_directory_copy() {
-        let params = FsCopyParams {
-            source_path: absolute_path("tmp/source"),
-            destination_path: absolute_path("tmp/destination"),
-            recursive: true,
-        };
-
-        let value = serde_json::to_value(&params).expect("serialize fs/copy params");
-        assert_eq!(
-            value,
-            json!({
-                "sourcePath": absolute_path_string("tmp/source"),
-                "destinationPath": absolute_path_string("tmp/destination"),
-                "recursive": true,
-            })
-        );
-
-        let decoded =
-            serde_json::from_value::<FsCopyParams>(value).expect("deserialize fs/copy params");
-        assert_eq!(decoded, params);
-    }
-
    #[test]
    fn command_exec_params_default_optional_streaming_flags() {
        let params = serde_json::from_value::<CommandExecParams>(json!({
@@ -6745,7 +6312,6 @@ mod tests {
                request_permissions: true,
                mcp_elicitations: false,
            }),
-            approvals_reviewer: None,
            service_tier: None,
            model_reasoning_effort: None,
            model_reasoning_summary: None,
@@ -6774,7 +6340,6 @@ mod tests {
                request_permissions: false,
                mcp_elicitations: true,
            }),
-            approvals_reviewer: None,
            sandbox_mode: None,
            sandbox_workspace_write: None,
            forced_chatgpt_workspace_id: None,
@@ -6798,39 +6363,6 @@ mod tests {
        assert_eq!(reason, Some("askForApproval.granular"));
    }

-    #[test]
-    fn config_approvals_reviewer_is_marked_experimental() {
-        let reason = crate::experimental_api::ExperimentalApi::experimental_reason(&Config {
-            model: None,
-            review_model: None,
-            model_context_window: None,
-            model_auto_compact_token_limit: None,
-            model_provider: None,
-            approval_policy: None,
-            approvals_reviewer: Some(ApprovalsReviewer::GuardianSubagent),
-            sandbox_mode: None,
-            sandbox_workspace_write: None,
-            forced_chatgpt_workspace_id: None,
-            forced_login_method: None,
-            web_search: None,
-            tools: None,
-            profile: None,
-            profiles: HashMap::new(),
-            instructions: None,
-            developer_instructions: None,
-            compact_prompt: None,
-            model_reasoning_effort: None,
-            model_reasoning_summary: None,
-            model_verbosity: None,
-            service_tier: None,
-            analytics: None,
-            apps: None,
-            additional: HashMap::new(),
-        });
-
-        assert_eq!(reason, Some("config/read.approvalsReviewer"));
-    }
-
    #[test]
    fn config_nested_profile_granular_approval_policy_is_marked_experimental() {
        let reason = crate::experimental_api::ExperimentalApi::experimental_reason(&Config {
@@ -6840,7 +6372,6 @@ mod tests {
            model_auto_compact_token_limit: None,
            model_provider: None,
            approval_policy: None,
-            approvals_reviewer: None,
            sandbox_mode: None,
            sandbox_workspace_write: None,
            forced_chatgpt_workspace_id: None,
@@ -6860,7 +6391,6 @@ mod tests {
                        request_permissions: false,
                        mcp_elicitations: true,
                    }),
-                    approvals_reviewer: None,
                    service_tier: None,
                    model_reasoning_effort: None,
                    model_reasoning_summary: None,
@@ -6886,55 +6416,6 @@ mod tests {
        assert_eq!(reason, Some("askForApproval.granular"));
    }

-    #[test]
-    fn config_nested_profile_approvals_reviewer_is_marked_experimental() {
-        let reason = crate::experimental_api::ExperimentalApi::experimental_reason(&Config {
-            model: None,
-            review_model: None,
-            model_context_window: None,
-            model_auto_compact_token_limit: None,
-            model_provider: None,
-            approval_policy: None,
-            approvals_reviewer: None,
-            sandbox_mode: None,
-            sandbox_workspace_write: None,
-            forced_chatgpt_workspace_id: None,
-            forced_login_method: None,
-            web_search: None,
-            tools: None,
-            profile: None,
-            profiles: HashMap::from([(
-                "default".to_string(),
-                ProfileV2 {
-                    model: None,
-                    model_provider: None,
-                    approval_policy: None,
-                    approvals_reviewer: Some(ApprovalsReviewer::GuardianSubagent),
-                    service_tier: None,
-                    model_reasoning_effort: None,
-                    model_reasoning_summary: None,
-                    model_verbosity: None,
-                    web_search: None,
-                    tools: None,
-                    chatgpt_base_url: None,
-                    additional: HashMap::new(),
-                },
-            )]),
-            instructions: None,
-            developer_instructions: None,
-            compact_prompt: None,
-            model_reasoning_effort: None,
-            model_reasoning_summary: None,
-            model_verbosity: None,
-            service_tier: None,
-            analytics: None,
-            apps: None,
-            additional: HashMap::new(),
-        });
-
-        assert_eq!(reason, Some("config/read.approvalsReviewer"));
-    }
-
    #[test]
    fn config_requirements_granular_allowed_approval_policy_is_marked_experimental() {
        let reason =
@@ -7345,46 +6826,6 @@ mod tests {
        );
    }

-    #[test]
-    fn automatic_approval_review_deserializes_legacy_snake_case_risk_fields() {
-        let review: GuardianApprovalReview = serde_json::from_value(json!({
-            "status": "denied",
-            "risk_score": 91,
-            "risk_level": "high",
-            "rationale": "too risky"
-        }))
-        .expect("legacy snake_case automatic review should deserialize");
-        assert_eq!(
-            review,
-            GuardianApprovalReview {
-                status: GuardianApprovalReviewStatus::Denied,
-                risk_score: Some(91),
-                risk_level: Some(GuardianRiskLevel::High),
-                rationale: Some("too risky".to_string()),
-            }
-        );
-    }
-
-    #[test]
-    fn automatic_approval_review_deserializes_aborted_status() {
-        let review: GuardianApprovalReview = serde_json::from_value(json!({
-            "status": "aborted",
-            "riskScore": null,
-            "riskLevel": null,
-            "rationale": null
-        }))
-        .expect("aborted automatic review should deserialize");
-        assert_eq!(
-            review,
-            GuardianApprovalReview {
-                status: GuardianApprovalReviewStatus::Aborted,
-                risk_score: None,
-                risk_level: None,
-                rationale: None,
-            }
-        );
-    }
-
    #[test]
    fn core_turn_item_into_thread_item_converts_supported_variants() {
        let user_item = TurnItem::UserMessage(UserMessageItem {
@@ -7691,7 +7132,6 @@ mod tests {
            input: vec![],
            cwd: None,
            approval_policy: None,
-            approvals_reviewer: None,
            sandbox_policy: None,
            model: None,
            service_tier: None,
--- a/codex-rs/app-server/Cargo.toml
+++ b/codex-rs/app-server/Cargo.toml
@@ -68,7 +68,6 @@ tokio-tungstenite = { workspace = true }
 tracing = { workspace = true, features = ["log"] }
 tracing-subscriber = { workspace = true, features = ["env-filter", "fmt", "json"] }
 uuid = { workspace = true, features = ["serde", "v7"] }
-walkdir = { workspace = true }

 [dev-dependencies]
 app_test_support = { workspace = true }
--- a/codex-rs/app-server/README.md
+++ b/codex-rs/app-server/README.md
@@ -68,13 +68,13 @@ Use the thread APIs to create, list, or archive conversations. Drive a conversat
 - Initialize once per connection: Immediately after opening a transport connection, send an `initialize` request with your client metadata, then emit an `initialized` notification. Any other request on that connection before this handshake gets rejected.
 - Start (or resume) a thread: Call `thread/start` to open a fresh conversation. The response returns the thread object and you’ll also get a `thread/started` notification. If you’re continuing an existing conversation, call `thread/resume` with its ID instead. If you want to branch from an existing conversation, call `thread/fork` to create a new thread id with copied history. Like `thread/start`, `thread/fork` also accepts `ephemeral: true` for an in-memory temporary thread.
  The returned `thread.ephemeral` flag tells you whether the session is intentionally in-memory only; when it is `true`, `thread.path` is `null`.
- Begin a turn: To send user input, call `turn/start` with the target `threadId` and the user's input. Optional fields let you override model, cwd, sandbox policy, approval policy, approvals reviewer, etc. This immediately returns the new turn object. The app-server emits `turn/started` when that turn actually begins running.
+- Begin a turn: To send user input, call `turn/start` with the target `threadId` and the user's input. Optional fields let you override model, cwd, sandbox policy, etc. This immediately returns the new turn object. The app-server emits `turn/started` when that turn actually begins running.
 - Stream events: After `turn/start`, keep reading JSON-RPC notifications on stdout. You’ll see `item/started`, `item/completed`, deltas like `item/agentMessage/delta`, tool progress, etc. These represent streaming model output plus any side effects (commands, tool calls, reasoning notes).
 - Finish the turn: When the model is done (or the turn is interrupted via making the `turn/interrupt` call), the server sends `turn/completed` with the final turn state and token usage.

 ## Initialization

-Clients must send a single `initialize` request per transport connection before invoking any other method on that connection, then acknowledge with an `initialized` notification. The server returns the user agent string it will present to upstream services plus `platformFamily` and `platformOs` strings describing the app-server runtime target; subsequent requests issued before initialization receive a `"Not initialized"` error, and repeated `initialize` calls on the same connection receive an `"Already initialized"` error.
+Clients must send a single `initialize` request per transport connection before invoking any other method on that connection, then acknowledge with an `initialized` notification. The server returns the user agent string it will present to upstream services; subsequent requests issued before initialization receive a `"Not initialized"` error, and repeated `initialize` calls on the same connection receive an `"Already initialized"` error.

 `initialize.params.capabilities` also supports per-connection notification opt-out via `optOutNotificationMethods`, which is a list of exact method names to suppress for that connection. Matching is exact (no wildcards/prefixes). Unknown method names are accepted and ignored.

@@ -153,13 +153,6 @@ Example with notification opt-out:
 - `command/exec/resize` — resize a running PTY-backed `command/exec` session by `processId`; returns `{}`.
 - `command/exec/terminate` — terminate a running `command/exec` session by `processId`; returns `{}`.
 - `command/exec/outputDelta` — notification emitted for base64-encoded stdout/stderr chunks from a streaming `command/exec` session.
- `fs/readFile` — read an absolute file path and return `{ dataBase64 }`.
- `fs/writeFile` — write an absolute file path from base64-encoded `{ dataBase64 }`; returns `{}`.
- `fs/createDirectory` — create an absolute directory path; `recursive` defaults to `true`.
- `fs/getMetadata` — return metadata for an absolute path: `isDirectory`, `isFile`, `createdAtMs`, and `modifiedAtMs`.
- `fs/readDirectory` — list direct child entries for an absolute directory path; each entry contains `fileName`, `isDirectory`, and `isFile`, and `fileName` is just the child name, not a path.
- `fs/remove` — remove an absolute file or directory tree; `recursive` and `force` default to `true`.
- `fs/copy` — copy between absolute paths; directory copies require `recursive: true`.
 - `model/list` — list available models (set `includeHidden: true` to include entries with `hidden: true`), with reasoning effort options, optional legacy `upgrade` model ids, optional `upgradeInfo` metadata (`model`, `upgradeCopy`, `modelLink`, `migrationMarkdown`), and optional `availabilityNux` metadata.
 - `experimentalFeature/list` — list feature flags with stage metadata (`beta`, `underDevelopment`, `stable`, etc.), enabled/default-enabled state, and cursor pagination. For non-beta flags, `displayName`/`description`/`announcement` are `null`.
 - `collaborationMode/list` — list available collaboration mode presets (experimental, no pagination). This response omits built-in developer instructions; clients should either pass `settings.developer_instructions: null` when setting a mode to use Codex's built-in instructions, or provide their own instructions explicitly.
@@ -228,7 +221,7 @@ Start a fresh thread when you need a new Codex conversation.

 Valid `personality` values are `"friendly"`, `"pragmatic"`, and `"none"`. When `"none"` is selected, the personality placeholder is replaced with an empty string.

-To continue a stored session, call `thread/resume` with the `thread.id` you previously recorded. The response shape matches `thread/start`, and no additional notifications are emitted. You can also pass the same configuration overrides supported by `thread/start`, including `approvalsReviewer`:
+To continue a stored session, call `thread/resume` with the `thread.id` you previously recorded. The response shape matches `thread/start`, and no additional notifications are emitted. You can also pass the same configuration overrides supported by `thread/start`, such as `personality`:

 ```json
 { "method": "thread/resume", "id": 11, "params": {
@@ -421,11 +414,6 @@ Turns attach user input (text or images) to a thread and trigger Codex generatio

 You can optionally specify config overrides on the new turn. If specified, these settings become the default for subsequent turns on the same thread. `outputSchema` applies only to the current turn.

-`approvalsReviewer` accepts:
-
- `"user"` — default. Review approval requests directly in the client.
- `"guardian_subagent"` — route approval requests to a carefully prompted subagent that gathers relevant context and applies a risk-based decision framework before approving or denying the request.
-
 ```json
 { "method": "turn/start", "id": 30, "params": {
    "threadId": "thr_123",
@@ -723,46 +711,6 @@ Streaming stdin/stdout uses base64 so PTY sessions can carry arbitrary bytes:
 - `command/exec.params.env` overrides the server-computed environment per key; set a key to `null` to unset an inherited variable.
 - `command/exec/resize` is only supported for PTY-backed `command/exec` sessions.

-### Example: Filesystem utilities
-
-These methods operate on absolute paths on the host filesystem and cover reading, writing, directory traversal, copying, removal, and change notifications.
-
-All filesystem paths in this section must be absolute.
-
-```json
-{ "method": "fs/createDirectory", "id": 40, "params": {
-    "path": "/tmp/example/nested",
-    "recursive": true
-} }
-{ "id": 40, "result": {} }
-{ "method": "fs/writeFile", "id": 41, "params": {
-    "path": "/tmp/example/nested/note.txt",
-    "dataBase64": "aGVsbG8="
-} }
-{ "id": 41, "result": {} }
-{ "method": "fs/getMetadata", "id": 42, "params": {
-    "path": "/tmp/example/nested/note.txt"
-} }
-{ "id": 42, "result": {
-    "isDirectory": false,
-    "isFile": true,
-    "createdAtMs": 1730910000000,
-    "modifiedAtMs": 1730910000000
-} }
-{ "method": "fs/readFile", "id": 43, "params": {
-    "path": "/tmp/example/nested/note.txt"
-} }
-{ "id": 43, "result": {
-    "dataBase64": "aGVsbG8="
-} }
-```
-
- `fs/getMetadata` returns whether the path currently resolves to a directory or regular file, plus `createdAtMs` and `modifiedAtMs` in Unix milliseconds. If a timestamp is unavailable on the current platform, that field is `0`.
- `fs/createDirectory` defaults `recursive` to `true` when omitted.
- `fs/remove` defaults both `recursive` and `force` to `true` when omitted.
- `fs/readFile` always returns base64 bytes via `dataBase64`, and `fs/writeFile` always expects base64 bytes in `dataBase64`.
- `fs/copy` handles both file copies and directory-tree copies; it requires `recursive: true` when `sourcePath` is a directory. Recursive copies traverse regular files, directories, and symlinks; other entry types are skipped.
-
 ## Events

 Event notifications are the server-initiated event stream for thread lifecycles, turn lifecycles, and the items within them. After you start or resume a thread, keep reading stdout for `thread/started`, `thread/archived`, `thread/unarchived`, `thread/closed`, `turn/*`, and `item/*` notifications.
@@ -837,14 +785,10 @@ Today both notifications carry an empty `items` array even when item events were
 - `contextCompaction` — `{id}` emitted when codex compacts the conversation history. This can happen automatically.
 - `compacted` - `{threadId, turnId}` when codex compacts the conversation history. This can happen automatically. **Deprecated:** Use `contextCompaction` instead.

-All items emit shared lifecycle events:
+All items emit two shared lifecycle events:

 - `item/started` — emits the full `item` when a new unit of work begins so the UI can render it immediately; the `item.id` in this payload matches the `itemId` used by deltas.
- `item/completed` — sends the final `item` once that work itself finishes (for example, after a tool call or message completes); treat this as the authoritative execution/result state.
- `item/autoApprovalReview/started` — [UNSTABLE] temporary guardian notification carrying `{threadId, turnId, targetItemId, review, action?}` when guardian approval review begins. This shape is expected to change soon.
- `item/autoApprovalReview/completed` — [UNSTABLE] temporary guardian notification carrying `{threadId, turnId, targetItemId, review, action?}` when guardian approval review resolves. This shape is expected to change soon.
-
-`review` is [UNSTABLE] and currently has `{status, riskScore?, riskLevel?, rationale?}`, where `status` is one of `inProgress`, `approved`, `denied`, or `aborted`. `action` is the guardian action summary payload from core when available and is intended to support temporary standalone pending-review UI. These notifications are separate from the target item's own `item/completed` lifecycle and are intentionally temporary while the guardian app protocol is still being designed.
+- `item/completed` — sends the final `item` once that work finishes (e.g., after a tool call or message completes); treat this as the authoritative state.

 There are additional item-specific events:

--- a/codex-rs/app-server/src/app_server_tracing.rs
+++ b/codex-rs/app-server/src/app_server_tracing.rs
@@ -92,7 +92,7 @@ fn transport_name(transport: AppServerTransport) -> &'static str {
 fn app_server_request_span_template(
    method: &str,
    transport: &'static str,
-    request_id: &impl std::fmt::Display,
+    request_id: &impl std::fmt::Debug,
    connection_id: ConnectionId,
 ) -> Span {
    info_span!(
@@ -102,8 +102,8 @@ fn app_server_request_span_template(
        rpc.system = "jsonrpc",
        rpc.method = method,
        rpc.transport = transport,
-        rpc.request_id = %request_id,
-        app_server.connection_id = %connection_id,
+        rpc.request_id = ?request_id,
+        app_server.connection_id = ?connection_id,
        app_server.api_version = "v2",
        app_server.client_name = field::Empty,
        app_server.client_version = field::Empty,
@@ -122,14 +122,14 @@ fn record_client_info(span: &Span, client_name: Option<&str>, client_version: Op
 fn attach_parent_context(
    span: &Span,
    method: &str,
-    request_id: &impl std::fmt::Display,
+    request_id: &impl std::fmt::Debug,
    parent_trace: Option<&W3cTraceContext>,
 ) {
    if let Some(trace) = parent_trace {
        if !set_parent_from_w3c_trace_context(span, trace) {
            tracing::warn!(
                rpc_method = method,
-                rpc_request_id = %request_id,
+                rpc_request_id = ?request_id,
                "ignoring invalid inbound request trace carrier"
            );
        }
--- a/codex-rs/app-server/src/bespoke_event_handling.rs
+++ b/codex-rs/app-server/src/bespoke_event_handling.rs
@@ -43,14 +43,10 @@ use codex_app_server_protocol::FileChangeRequestApprovalParams;
 use codex_app_server_protocol::FileChangeRequestApprovalResponse;
 use codex_app_server_protocol::FileUpdateChange;
 use codex_app_server_protocol::GrantedPermissionProfile as V2GrantedPermissionProfile;
-use codex_app_server_protocol::GuardianApprovalReview;
-use codex_app_server_protocol::GuardianApprovalReviewStatus;
 use codex_app_server_protocol::HookCompletedNotification;
 use codex_app_server_protocol::HookStartedNotification;
 use codex_app_server_protocol::InterruptConversationResponse;
 use codex_app_server_protocol::ItemCompletedNotification;
-use codex_app_server_protocol::ItemGuardianApprovalReviewCompletedNotification;
-use codex_app_server_protocol::ItemGuardianApprovalReviewStartedNotification;
 use codex_app_server_protocol::ItemStartedNotification;
 use codex_app_server_protocol::JSONRPCErrorError;
 use codex_app_server_protocol::McpServerElicitationAction;
@@ -118,7 +114,6 @@ use codex_protocol::protocol::Event;
 use codex_protocol::protocol::EventMsg;
 use codex_protocol::protocol::ExecApprovalRequestEvent;
 use codex_protocol::protocol::ExecCommandEndEvent;
-use codex_protocol::protocol::GuardianAssessmentEvent;
 use codex_protocol::protocol::McpToolCallBeginEvent;
 use codex_protocol::protocol::McpToolCallEndEvent;
 use codex_protocol::protocol::Op;
@@ -128,7 +123,6 @@ use codex_protocol::protocol::ReviewOutputEvent;
 use codex_protocol::protocol::TokenCountEvent;
 use codex_protocol::protocol::TurnDiffEvent;
 use codex_protocol::request_permissions::PermissionGrantScope as CorePermissionGrantScope;
-use codex_protocol::request_permissions::RequestPermissionProfile as CoreRequestPermissionProfile;
 use codex_protocol::request_permissions::RequestPermissionsResponse as CoreRequestPermissionsResponse;
 use codex_protocol::request_user_input::RequestUserInputAnswer as CoreRequestUserInputAnswer;
 use codex_protocol::request_user_input::RequestUserInputResponse as CoreRequestUserInputResponse;
@@ -188,66 +182,6 @@ async fn resolve_server_request_on_thread_listener(
    }
 }

-fn guardian_auto_approval_review_notification(
-    conversation_id: &ThreadId,
-    event_turn_id: &str,
-    assessment: &GuardianAssessmentEvent,
-) -> ServerNotification {
-    // TODO(ccunningham): Attach guardian review state to the reviewed tool
-    // item's lifecycle instead of sending standalone review notifications so
-    // the app-server API can persist and replay review state via `thread/read`.
-    let turn_id = if assessment.turn_id.is_empty() {
-        event_turn_id.to_string()
-    } else {
-        assessment.turn_id.clone()
-    };
-    let review = GuardianApprovalReview {
-        status: match assessment.status {
-            codex_protocol::protocol::GuardianAssessmentStatus::InProgress => {
-                GuardianApprovalReviewStatus::InProgress
-            }
-            codex_protocol::protocol::GuardianAssessmentStatus::Approved => {
-                GuardianApprovalReviewStatus::Approved
-            }
-            codex_protocol::protocol::GuardianAssessmentStatus::Denied => {
-                GuardianApprovalReviewStatus::Denied
-            }
-            codex_protocol::protocol::GuardianAssessmentStatus::Aborted => {
-                GuardianApprovalReviewStatus::Aborted
-            }
-        },
-        risk_score: assessment.risk_score,
-        risk_level: assessment.risk_level.map(Into::into),
-        rationale: assessment.rationale.clone(),
-    };
-    match assessment.status {
-        codex_protocol::protocol::GuardianAssessmentStatus::InProgress => {
-            ServerNotification::ItemGuardianApprovalReviewStarted(
-                ItemGuardianApprovalReviewStartedNotification {
-                    thread_id: conversation_id.to_string(),
-                    turn_id,
-                    target_item_id: assessment.id.clone(),
-                    review,
-                    action: assessment.action.clone(),
-                },
-            )
-        }
-        codex_protocol::protocol::GuardianAssessmentStatus::Approved
-        | codex_protocol::protocol::GuardianAssessmentStatus::Denied
-        | codex_protocol::protocol::GuardianAssessmentStatus::Aborted => {
-            ServerNotification::ItemGuardianApprovalReviewCompleted(
-                ItemGuardianApprovalReviewCompletedNotification {
-                    thread_id: conversation_id.to_string(),
-                    turn_id,
-                    target_item_id: assessment.id.clone(),
-                    review,
-                    action: assessment.action.clone(),
-                },
-            )
-        }
-    }
-}
-
 #[allow(clippy::too_many_arguments)]
 pub(crate) async fn apply_bespoke_event_handling(
    event: Event,
@@ -310,16 +244,6 @@ pub(crate) async fn apply_bespoke_event_handling(
            }
        }
        EventMsg::Warning(_warning_event) => {}
-        EventMsg::GuardianAssessment(assessment) => {
-            if let ApiVersion::V2 = api_version {
-                let notification = guardian_auto_approval_review_notification(
-                    &conversation_id,
-                    &event_turn_id,
-                    &assessment,
-                );
-                outgoing.send_server_notification(notification).await;
-            }
-        }
        EventMsg::ModelReroute(event) => {
            if let ApiVersion::V2 = api_version {
                let notification = ModelReroutedNotification {
@@ -775,7 +699,7 @@ pub(crate) async fn apply_bespoke_event_handling(
                    turn_id: request.turn_id.clone(),
                    item_id: request.call_id.clone(),
                    reason: request.reason,
-                    permissions: CorePermissionProfile::from(request.permissions).into(),
+                    permissions: request.permissions.into(),
                };
                let (pending_request_id, rx) = outgoing
                    .send_request(ServerRequestPayload::PermissionsRequestApproval(params))
@@ -2303,7 +2227,7 @@ fn mcp_server_elicitation_response_from_client_result(

 async fn on_request_permissions_response(
    call_id: String,
-    requested_permissions: CoreRequestPermissionProfile,
+    requested_permissions: CorePermissionProfile,
    pending_request_id: RequestId,
    receiver: oneshot::Receiver<ClientRequestResult>,
    conversation: Arc<CodexThread>,
@@ -2331,7 +2255,7 @@ async fn on_request_permissions_response(
 }

 fn request_permissions_response_from_client_result(
-    requested_permissions: CoreRequestPermissionProfile,
+    requested_permissions: CorePermissionProfile,
    response: std::result::Result<ClientRequestResult, oneshot::error::RecvError>,
 ) -> Option<CoreRequestPermissionsResponse> {
    let value = match response {
@@ -2363,10 +2287,9 @@ fn request_permissions_response_from_client_result(
        });
    Some(CoreRequestPermissionsResponse {
        permissions: intersect_permission_profiles(
-            requested_permissions.into(),
+            requested_permissions,
            response.permissions.into(),
-        )
-        .into(),
+        ),
        scope: response.scope.to_core(),
    })
 }
@@ -2720,12 +2643,13 @@ mod tests {
    use anyhow::Result;
    use anyhow::anyhow;
    use anyhow::bail;
-    use codex_app_server_protocol::GuardianApprovalReviewStatus;
    use codex_app_server_protocol::JSONRPCErrorError;
    use codex_app_server_protocol::TurnPlanStepStatus;
    use codex_protocol::mcp::CallToolResult;
-    use codex_protocol::models::FileSystemPermissions as CoreFileSystemPermissions;
-    use codex_protocol::models::NetworkPermissions as CoreNetworkPermissions;
+    use codex_protocol::models::MacOsAutomationPermission;
+    use codex_protocol::models::MacOsContactsPermission;
+    use codex_protocol::models::MacOsPreferencesPermission;
+    use codex_protocol::models::MacOsSeatbeltProfileExtensions;
    use codex_protocol::plan_tool::PlanItemArg;
    use codex_protocol::plan_tool::StepStatus;
    use codex_protocol::protocol::CollabResumeBeginEvent;
@@ -2736,11 +2660,9 @@ mod tests {
    use codex_protocol::protocol::RateLimitWindow;
    use codex_protocol::protocol::TokenUsage;
    use codex_protocol::protocol::TokenUsageInfo;
-    use codex_utils_absolute_path::AbsolutePathBuf;
    use pretty_assertions::assert_eq;
    use rmcp::model::Content;
    use serde_json::Value as JsonValue;
-    use serde_json::json;
    use std::time::Duration;
    use tokio::sync::Mutex;
    use tokio::sync::mpsc;
@@ -2762,120 +2684,6 @@ mod tests {
        }
    }

-    #[test]
-    fn guardian_assessment_started_uses_event_turn_id_fallback() {
-        let conversation_id = ThreadId::new();
-        let action = json!({
-            "tool": "shell",
-            "command": "rm -rf /tmp/example.sqlite",
-        });
-        let notification = guardian_auto_approval_review_notification(
-            &conversation_id,
-            "turn-from-event",
-            &GuardianAssessmentEvent {
-                id: "item-1".to_string(),
-                turn_id: String::new(),
-                status: codex_protocol::protocol::GuardianAssessmentStatus::InProgress,
-                risk_score: None,
-                risk_level: None,
-                rationale: None,
-                action: Some(action.clone()),
-            },
-        );
-
-        match notification {
-            ServerNotification::ItemGuardianApprovalReviewStarted(payload) => {
-                assert_eq!(payload.thread_id, conversation_id.to_string());
-                assert_eq!(payload.turn_id, "turn-from-event");
-                assert_eq!(payload.target_item_id, "item-1");
-                assert_eq!(
-                    payload.review.status,
-                    GuardianApprovalReviewStatus::InProgress
-                );
-                assert_eq!(payload.review.risk_score, None);
-                assert_eq!(payload.review.risk_level, None);
-                assert_eq!(payload.review.rationale, None);
-                assert_eq!(payload.action, Some(action));
-            }
-            other => panic!("unexpected notification: {other:?}"),
-        }
-    }
-
-    #[test]
-    fn guardian_assessment_completed_emits_review_payload() {
-        let conversation_id = ThreadId::new();
-        let action = json!({
-            "tool": "shell",
-            "command": "rm -rf /tmp/example.sqlite",
-        });
-        let notification = guardian_auto_approval_review_notification(
-            &conversation_id,
-            "turn-from-event",
-            &GuardianAssessmentEvent {
-                id: "item-2".to_string(),
-                turn_id: "turn-from-assessment".to_string(),
-                status: codex_protocol::protocol::GuardianAssessmentStatus::Denied,
-                risk_score: Some(91),
-                risk_level: Some(codex_protocol::protocol::GuardianRiskLevel::High),
-                rationale: Some("too risky".to_string()),
-                action: Some(action.clone()),
-            },
-        );
-
-        match notification {
-            ServerNotification::ItemGuardianApprovalReviewCompleted(payload) => {
-                assert_eq!(payload.thread_id, conversation_id.to_string());
-                assert_eq!(payload.turn_id, "turn-from-assessment");
-                assert_eq!(payload.target_item_id, "item-2");
-                assert_eq!(payload.review.status, GuardianApprovalReviewStatus::Denied);
-                assert_eq!(payload.review.risk_score, Some(91));
-                assert_eq!(
-                    payload.review.risk_level,
-                    Some(codex_app_server_protocol::GuardianRiskLevel::High)
-                );
-                assert_eq!(payload.review.rationale.as_deref(), Some("too risky"));
-                assert_eq!(payload.action, Some(action));
-            }
-            other => panic!("unexpected notification: {other:?}"),
-        }
-    }
-
-    #[test]
-    fn guardian_assessment_aborted_emits_completed_review_payload() {
-        let conversation_id = ThreadId::new();
-        let action = json!({
-            "tool": "network_access",
-            "target": "api.openai.com:443",
-        });
-        let notification = guardian_auto_approval_review_notification(
-            &conversation_id,
-            "turn-from-event",
-            &GuardianAssessmentEvent {
-                id: "item-3".to_string(),
-                turn_id: "turn-from-assessment".to_string(),
-                status: codex_protocol::protocol::GuardianAssessmentStatus::Aborted,
-                risk_score: None,
-                risk_level: None,
-                rationale: None,
-                action: Some(action.clone()),
-            },
-        );
-
-        match notification {
-            ServerNotification::ItemGuardianApprovalReviewCompleted(payload) => {
-                assert_eq!(payload.thread_id, conversation_id.to_string());
-                assert_eq!(payload.turn_id, "turn-from-assessment");
-                assert_eq!(payload.target_item_id, "item-3");
-                assert_eq!(payload.review.status, GuardianApprovalReviewStatus::Aborted);
-                assert_eq!(payload.review.risk_score, None);
-                assert_eq!(payload.review.risk_level, None);
-                assert_eq!(payload.review.rationale, None);
-                assert_eq!(payload.action, Some(action));
-            }
-            other => panic!("unexpected notification: {other:?}"),
-        }
-    }
-
    #[test]
    fn file_change_accept_for_session_maps_to_approved_for_session() {
        let (decision, completion_status) =
@@ -2913,7 +2721,7 @@ mod tests {
        };

        let response = request_permissions_response_from_client_result(
-            CoreRequestPermissionProfile::default(),
+            CorePermissionProfile::default(),
            Ok(Err(error)),
        );

@@ -2921,91 +2729,156 @@ mod tests {
    }

    #[test]
-    fn request_permissions_response_accepts_partial_network_and_file_system_grants() {
-        let input_path = if cfg!(target_os = "windows") {
-            r"C:\tmp\input"
-        } else {
-            "/tmp/input"
-        };
-        let output_path = if cfg!(target_os = "windows") {
-            r"C:\tmp\output"
-        } else {
-            "/tmp/output"
-        };
-        let ignored_path = if cfg!(target_os = "windows") {
-            r"C:\tmp\ignored"
-        } else {
-            "/tmp/ignored"
-        };
-        let absolute_path = |path: &str| {
-            AbsolutePathBuf::try_from(std::path::PathBuf::from(path)).expect("absolute path")
-        };
-        let requested_permissions = CoreRequestPermissionProfile {
-            network: Some(CoreNetworkPermissions {
-                enabled: Some(true),
-            }),
-            file_system: Some(CoreFileSystemPermissions {
-                read: Some(vec![absolute_path(input_path)]),
-                write: Some(vec![absolute_path(output_path)]),
+    fn request_permissions_response_accepts_partial_macos_grants() {
+        let requested_permissions = CorePermissionProfile {
+            macos: Some(MacOsSeatbeltProfileExtensions {
+                macos_preferences: MacOsPreferencesPermission::ReadWrite,
+                macos_automation: MacOsAutomationPermission::BundleIds(vec![
+                    "com.apple.Notes".to_string(),
+                    "com.apple.Reminders".to_string(),
+                ]),
+                macos_launch_services: true,
+                macos_accessibility: true,
+                macos_calendar: true,
+                macos_reminders: true,
+                macos_contacts: MacOsContactsPermission::ReadWrite,
            }),
+            ..Default::default()
        };
        let cases = vec![
-            (
-                serde_json::json!({}),
-                CoreRequestPermissionProfile::default(),
-            ),
+            (serde_json::json!({}), CorePermissionProfile::default()),
            (
                serde_json::json!({
-                    "network": {
-                        "enabled": true,
-                    },
+                    "preferences": "read_only",
                }),
-                CoreRequestPermissionProfile {
-                    network: Some(CoreNetworkPermissions {
-                        enabled: Some(true),
+                CorePermissionProfile {
+                    macos: Some(MacOsSeatbeltProfileExtensions {
+                        macos_preferences: MacOsPreferencesPermission::ReadOnly,
+                        macos_automation: MacOsAutomationPermission::None,
+                        macos_launch_services: false,
+                        macos_accessibility: false,
+                        macos_calendar: false,
+                        macos_reminders: false,
+                        macos_contacts: MacOsContactsPermission::None,
                    }),
-                    ..CoreRequestPermissionProfile::default()
+                    ..Default::default()
                },
            ),
            (
                serde_json::json!({
-                    "fileSystem": {
-                        "write": [output_path],
+                    "automations": {
+                        "bundle_ids": ["com.apple.Notes"],
                    },
                }),
-                CoreRequestPermissionProfile {
-                    file_system: Some(CoreFileSystemPermissions {
-                        read: None,
-                        write: Some(vec![absolute_path(output_path)]),
+                CorePermissionProfile {
+                    macos: Some(MacOsSeatbeltProfileExtensions {
+                        macos_preferences: MacOsPreferencesPermission::None,
+                        macos_automation: MacOsAutomationPermission::BundleIds(vec![
+                            "com.apple.Notes".to_string(),
+                        ]),
+                        macos_launch_services: false,
+                        macos_accessibility: false,
+                        macos_calendar: false,
+                        macos_reminders: false,
+                        macos_contacts: MacOsContactsPermission::None,
                    }),
-                    ..CoreRequestPermissionProfile::default()
+                    ..Default::default()
                },
            ),
            (
                serde_json::json!({
-                    "fileSystem": {
-                        "read": [input_path],
-                        "write": [output_path, ignored_path],
-                    },
-                    "macos": {
-                        "calendar": true,
-                    },
+                    "launchServices": true,
                }),
-                CoreRequestPermissionProfile {
-                    file_system: Some(CoreFileSystemPermissions {
-                        read: Some(vec![absolute_path(input_path)]),
-                        write: Some(vec![absolute_path(output_path)]),
+                CorePermissionProfile {
+                    macos: Some(MacOsSeatbeltProfileExtensions {
+                        macos_preferences: MacOsPreferencesPermission::None,
+                        macos_automation: MacOsAutomationPermission::None,
+                        macos_launch_services: true,
+                        macos_accessibility: false,
+                        macos_calendar: false,
+                        macos_reminders: false,
+                        macos_contacts: MacOsContactsPermission::None,
                    }),
-                    ..CoreRequestPermissionProfile::default()
+                    ..Default::default()
+                },
+            ),
+            (
+                serde_json::json!({
+                    "accessibility": true,
+                }),
+                CorePermissionProfile {
+                    macos: Some(MacOsSeatbeltProfileExtensions {
+                        macos_preferences: MacOsPreferencesPermission::None,
+                        macos_automation: MacOsAutomationPermission::None,
+                        macos_launch_services: false,
+                        macos_accessibility: true,
+                        macos_calendar: false,
+                        macos_reminders: false,
+                        macos_contacts: MacOsContactsPermission::None,
+                    }),
+                    ..Default::default()
+                },
+            ),
+            (
+                serde_json::json!({
+                    "calendar": true,
+                }),
+                CorePermissionProfile {
+                    macos: Some(MacOsSeatbeltProfileExtensions {
+                        macos_preferences: MacOsPreferencesPermission::None,
+                        macos_automation: MacOsAutomationPermission::None,
+                        macos_launch_services: false,
+                        macos_accessibility: false,
+                        macos_calendar: true,
+                        macos_reminders: false,
+                        macos_contacts: MacOsContactsPermission::None,
+                    }),
+                    ..Default::default()
+                },
+            ),
+            (
+                serde_json::json!({
+                    "reminders": true,
+                }),
+                CorePermissionProfile {
+                    macos: Some(MacOsSeatbeltProfileExtensions {
+                        macos_preferences: MacOsPreferencesPermission::None,
+                        macos_automation: MacOsAutomationPermission::None,
+                        macos_launch_services: false,
+                        macos_accessibility: false,
+                        macos_calendar: false,
+                        macos_reminders: true,
+                        macos_contacts: MacOsContactsPermission::None,
+                    }),
+                    ..Default::default()
+                },
+            ),
+            (
+                serde_json::json!({
+                    "contacts": "read_only",
+                }),
+                CorePermissionProfile {
+                    macos: Some(MacOsSeatbeltProfileExtensions {
+                        macos_preferences: MacOsPreferencesPermission::None,
+                        macos_automation: MacOsAutomationPermission::None,
+                        macos_launch_services: false,
+                        macos_accessibility: false,
+                        macos_calendar: false,
+                        macos_reminders: false,
+                        macos_contacts: MacOsContactsPermission::ReadOnly,
+                    }),
+                    ..Default::default()
                },
            ),
        ];

-        for (granted_permissions, expected_permissions) in cases {
+        for (granted_macos, expected_permissions) in cases {
            let response = request_permissions_response_from_client_result(
                requested_permissions.clone(),
                Ok(Ok(serde_json::json!({
-                    "permissions": granted_permissions,
+                    "permissions": {
+                        "macos": granted_macos,
+                    },
                }))),
            )
            .expect("response should be accepted");
@@ -3023,7 +2896,7 @@ mod tests {
    #[test]
    fn request_permissions_response_preserves_session_scope() {
        let response = request_permissions_response_from_client_result(
-            CoreRequestPermissionProfile::default(),
+            CorePermissionProfile::default(),
            Ok(Ok(serde_json::json!({
                "scope": "session",
                "permissions": {},
@@ -3034,7 +2907,7 @@ mod tests {
        assert_eq!(
            response,
            CoreRequestPermissionsResponse {
-                permissions: CoreRequestPermissionProfile::default(),
+                permissions: CorePermissionProfile::default(),
                scope: CorePermissionGrantScope::Session,
            }
        );
--- a/codex-rs/app-server/src/codex_message_processor.rs
+++ b/codex-rs/app-server/src/codex_message_processor.rs
@@ -201,8 +201,6 @@ use codex_core::config::NetworkProxyAuditMetadata;
 use codex_core::config::edit::ConfigEdit;
 use codex_core::config::edit::ConfigEditsBuilder;
 use codex_core::config::types::McpServerTransportConfig;
-use codex_core::config_loader::CloudRequirementsLoadError;
-use codex_core::config_loader::CloudRequirementsLoadErrorCode;
 use codex_core::config_loader::CloudRequirementsLoader;
 use codex_core::default_client::set_default_client_residency_requirement;
 use codex_core::error::CodexErr;
@@ -899,15 +897,6 @@ impl CodexMessageProcessor {
            | ClientRequest::ConfigBatchWrite { .. } => {
                warn!("Config request reached CodexMessageProcessor unexpectedly");
            }
-            ClientRequest::FsReadFile { .. }
-            | ClientRequest::FsWriteFile { .. }
-            | ClientRequest::FsCreateDirectory { .. }
-            | ClientRequest::FsGetMetadata { .. }
-            | ClientRequest::FsReadDirectory { .. }
-            | ClientRequest::FsRemove { .. }
-            | ClientRequest::FsCopy { .. } => {
-                warn!("Filesystem request reached CodexMessageProcessor unexpectedly");
-            }
            ClientRequest::ConfigRequirementsRead { .. } => {
                warn!("ConfigRequirementsRead request reached CodexMessageProcessor unexpectedly");
            }
@@ -1704,10 +1693,6 @@ impl CodexMessageProcessor {
                .map(codex_core::config::StartedNetworkProxy::proxy),
            sandbox_permissions: SandboxPermissions::UseDefault,
            windows_sandbox_level,
-            windows_sandbox_private_desktop: self
-                .config
-                .permissions
-                .windows_sandbox_private_desktop,
            justification: None,
            arg0: None,
        };
@@ -1854,7 +1839,6 @@ impl CodexMessageProcessor {
            service_tier,
            cwd,
            approval_policy,
-            approvals_reviewer,
            sandbox,
            config,
            service_name,
@@ -1873,7 +1857,6 @@ impl CodexMessageProcessor {
            service_tier,
            cwd,
            approval_policy,
-            approvals_reviewer,
            sandbox,
            base_instructions,
            developer_instructions,
@@ -1976,7 +1959,11 @@ impl CodexMessageProcessor {
        {
            Ok(config) => config,
            Err(err) => {
-                let error = config_load_error(&err);
+                let error = JSONRPCErrorError {
+                    code: INVALID_REQUEST_ERROR_CODE,
+                    message: format!("error deriving config: {err}"),
+                    data: None,
+                };
                listener_task_context
                    .outgoing
                    .send_error(request_id, error)
@@ -2010,7 +1997,6 @@ impl CodexMessageProcessor {
                })
                .collect()
        };
-        let core_dynamic_tool_count = core_dynamic_tools.len();

        match listener_task_context
            .thread_manager
@@ -2021,12 +2007,6 @@ impl CodexMessageProcessor {
                service_name,
                request_trace,
            )
-            .instrument(tracing::info_span!(
-                "app_server.thread_start.create_thread",
-                otel.name = "app_server.thread_start.create_thread",
-                thread_start.dynamic_tool_count = core_dynamic_tool_count,
-                thread_start.persist_extended_history = persist_extended_history,
-            ))
            .await
        {
            Ok(new_conv) => {
@@ -2036,13 +2016,7 @@ impl CodexMessageProcessor {
                    session_configured,
                    ..
                } = new_conv;
-                let config_snapshot = thread
-                    .config_snapshot()
-                    .instrument(tracing::info_span!(
-                        "app_server.thread_start.config_snapshot",
-                        otel.name = "app_server.thread_start.config_snapshot",
-                    ))
-                    .await;
+                let config_snapshot = thread.config_snapshot().await;
                let mut thread = build_thread_from_snapshot(
                    thread_id,
                    &config_snapshot,
@@ -2058,11 +2032,6 @@ impl CodexMessageProcessor {
                        experimental_raw_events,
                        ApiVersion::V2,
                    )
-                    .instrument(tracing::info_span!(
-                        "app_server.thread_start.attach_listener",
-                        otel.name = "app_server.thread_start.attach_listener",
-                        thread_start.experimental_raw_events = experimental_raw_events,
-                    ))
                    .await,
                    thread_id,
                    request_id.connection_id,
@@ -2072,20 +2041,12 @@ impl CodexMessageProcessor {
                listener_task_context
                    .thread_watch_manager
                    .upsert_thread_silently(thread.clone())
-                    .instrument(tracing::info_span!(
-                        "app_server.thread_start.upsert_thread",
-                        otel.name = "app_server.thread_start.upsert_thread",
-                    ))
                    .await;

                thread.status = resolve_thread_status(
                    listener_task_context
                        .thread_watch_manager
                        .loaded_status_for_thread(&thread.id)
-                        .instrument(tracing::info_span!(
-                            "app_server.thread_start.resolve_status",
-                            otel.name = "app_server.thread_start.resolve_status",
-                        ))
                        .await,
                    false,
                );
@@ -2097,7 +2058,6 @@ impl CodexMessageProcessor {
                    service_tier: config_snapshot.service_tier,
                    cwd: config_snapshot.cwd,
                    approval_policy: config_snapshot.approval_policy.into(),
-                    approvals_reviewer: config_snapshot.approvals_reviewer.into(),
                    sandbox: config_snapshot.sandbox_policy.into(),
                    reasoning_effort: config_snapshot.reasoning_effort,
                };
@@ -2105,20 +2065,12 @@ impl CodexMessageProcessor {
                listener_task_context
                    .outgoing
                    .send_response(request_id, response)
-                    .instrument(tracing::info_span!(
-                        "app_server.thread_start.send_response",
-                        otel.name = "app_server.thread_start.send_response",
-                    ))
                    .await;

                let notif = ThreadStartedNotification { thread };
                listener_task_context
                    .outgoing
                    .send_server_notification(ServerNotification::ThreadStarted(notif))
-                    .instrument(tracing::info_span!(
-                        "app_server.thread_start.notify_started",
-                        otel.name = "app_server.thread_start.notify_started",
-                    ))
                    .await;
            }
            Err(err) => {
@@ -2143,7 +2095,6 @@ impl CodexMessageProcessor {
        service_tier: Option<Option<codex_protocol::config_types::ServiceTier>>,
        cwd: Option<String>,
        approval_policy: Option<codex_app_server_protocol::AskForApproval>,
-        approvals_reviewer: Option<codex_app_server_protocol::ApprovalsReviewer>,
        sandbox: Option<SandboxMode>,
        base_instructions: Option<String>,
        developer_instructions: Option<String>,
@@ -2156,8 +2107,6 @@ impl CodexMessageProcessor {
            cwd: cwd.map(PathBuf::from),
            approval_policy: approval_policy
                .map(codex_app_server_protocol::AskForApproval::to_core),
-            approvals_reviewer: approvals_reviewer
-                .map(codex_app_server_protocol::ApprovalsReviewer::to_core),
            sandbox_mode: sandbox.map(SandboxMode::to_core),
            codex_linux_sandbox_exe: self.arg0_paths.codex_linux_sandbox_exe.clone(),
            main_execve_wrapper_exe: self.arg0_paths.main_execve_wrapper_exe.clone(),
@@ -3365,7 +3314,6 @@ impl CodexMessageProcessor {
            service_tier,
            cwd,
            approval_policy,
-            approvals_reviewer,
            sandbox,
            config: request_overrides,
            base_instructions,
@@ -3399,7 +3347,6 @@ impl CodexMessageProcessor {
            service_tier,
            cwd,
            approval_policy,
-            approvals_reviewer,
            sandbox,
            base_instructions,
            developer_instructions,
@@ -3419,7 +3366,11 @@ impl CodexMessageProcessor {
        {
            Ok(config) => config,
            Err(err) => {
-                let error = config_load_error(&err);
+                let error = JSONRPCErrorError {
+                    code: INVALID_REQUEST_ERROR_CODE,
+                    message: format!("error deriving config: {err}"),
+                    data: None,
+                };
                self.outgoing.send_error(request_id, error).await;
                return;
            }
@@ -3499,7 +3450,6 @@ impl CodexMessageProcessor {
                    service_tier: session_configured.service_tier,
                    cwd: session_configured.cwd,
                    approval_policy: session_configured.approval_policy.into(),
-                    approvals_reviewer: session_configured.approvals_reviewer.into(),
                    sandbox: session_configured.sandbox_policy.into(),
                    reasoning_effort: session_configured.reasoning_effort,
                };
@@ -3839,7 +3789,6 @@ impl CodexMessageProcessor {
            service_tier,
            cwd,
            approval_policy,
-            approvals_reviewer,
            sandbox,
            config: cli_overrides,
            base_instructions,
@@ -3921,7 +3870,6 @@ impl CodexMessageProcessor {
            service_tier,
            cwd,
            approval_policy,
-            approvals_reviewer,
            sandbox,
            base_instructions,
            developer_instructions,
@@ -3941,9 +3889,11 @@ impl CodexMessageProcessor {
        {
            Ok(config) => config,
            Err(err) => {
-                self.outgoing
-                    .send_error(request_id, config_load_error(&err))
-                    .await;
+                self.send_invalid_request_error(
+                    request_id,
+                    format!("error deriving config: {err}"),
+                )
+                .await;
                return;
            }
        };
@@ -4090,7 +4040,6 @@ impl CodexMessageProcessor {
            service_tier: session_configured.service_tier,
            cwd: session_configured.cwd,
            approval_policy: session_configured.approval_policy.into(),
-            approvals_reviewer: session_configured.approvals_reviewer.into(),
            sandbox: session_configured.sandbox_policy.into(),
            reasoning_effort: session_configured.reasoning_effort,
        };
@@ -5880,7 +5829,6 @@ impl CodexMessageProcessor {

        let has_any_overrides = params.cwd.is_some()
            || params.approval_policy.is_some()
-            || params.approvals_reviewer.is_some()
            || params.sandbox_policy.is_some()
            || params.model.is_some()
            || params.service_tier.is_some()
@@ -5898,9 +5846,6 @@ impl CodexMessageProcessor {
                    Op::OverrideTurnContext {
                        cwd: params.cwd,
                        approval_policy: params.approval_policy.map(AskForApproval::to_core),
-                        approvals_reviewer: params
-                            .approvals_reviewer
-                            .map(codex_app_server_protocol::ApprovalsReviewer::to_core),
                        sandbox_policy: params.sandbox_policy.map(|p| p.to_core()),
                        windows_sandbox_level: None,
                        model: params.model,
@@ -7207,7 +7152,6 @@ async fn handle_pending_thread_resume_request(
        model_provider_id,
        service_tier,
        approval_policy,
-        approvals_reviewer,
        sandbox_policy,
        cwd,
        reasoning_effort,
@@ -7220,7 +7164,6 @@ async fn handle_pending_thread_resume_request(
        service_tier,
        cwd,
        approval_policy: approval_policy.into(),
-        approvals_reviewer: approvals_reviewer.into(),
        sandbox: sandbox_policy.into(),
        reasoning_effort,
    };
@@ -7359,15 +7302,6 @@ fn collect_resume_override_mismatches(
            ));
        }
    }
-    if let Some(requested_review_policy) = request.approvals_reviewer.as_ref() {
-        let active_review_policy: codex_app_server_protocol::ApprovalsReviewer =
-            config_snapshot.approvals_reviewer.into();
-        if requested_review_policy != &active_review_policy {
-            mismatch_details.push(format!(
-                "approvals_reviewer requested={requested_review_policy:?} active={active_review_policy:?}"
-            ));
-        }
-    }
    if let Some(requested_sandbox) = request.sandbox.as_ref() {
        let sandbox_matches = matches!(
            (requested_sandbox, &config_snapshot.sandbox_policy),
@@ -7530,42 +7464,6 @@ fn errors_to_info(
        .collect()
 }

-fn cloud_requirements_load_error(err: &std::io::Error) -> Option<&CloudRequirementsLoadError> {
-    let mut current: Option<&(dyn std::error::Error + 'static)> = err
-        .get_ref()
-        .map(|source| source as &(dyn std::error::Error + 'static));
-    while let Some(source) = current {
-        if let Some(cloud_error) = source.downcast_ref::<CloudRequirementsLoadError>() {
-            return Some(cloud_error);
-        }
-        current = source.source();
-    }
-    None
-}
-
-fn config_load_error(err: &std::io::Error) -> JSONRPCErrorError {
-    let data = cloud_requirements_load_error(err).map(|cloud_error| {
-        let mut data = serde_json::json!({
-            "reason": "cloudRequirements",
-            "errorCode": format!("{:?}", cloud_error.code()),
-            "detail": cloud_error.to_string(),
-        });
-        if let Some(status_code) = cloud_error.status_code() {
-            data["statusCode"] = serde_json::json!(status_code);
-        }
-        if cloud_error.code() == CloudRequirementsLoadErrorCode::Auth {
-            data["action"] = serde_json::json!("relogin");
-        }
-        data
-    });
-
-    JSONRPCErrorError {
-        code: INVALID_REQUEST_ERROR_CODE,
-        message: format!("failed to load configuration: {err}"),
-        data,
-    }
-}
-
 fn validate_dynamic_tools(tools: &[ApiDynamicToolSpec]) -> Result<(), String> {
    let mut seen = HashSet::new();
    for tool in tools {
@@ -8201,67 +8099,6 @@ mod tests {
        validate_dynamic_tools(&tools).expect("valid schema");
    }

-    #[test]
-    fn config_load_error_marks_cloud_requirements_failures_for_relogin() {
-        let err = std::io::Error::other(CloudRequirementsLoadError::new(
-            CloudRequirementsLoadErrorCode::Auth,
-            Some(401),
-            "Your authentication session could not be refreshed automatically. Please log out and sign in again.",
-        ));
-
-        let error = config_load_error(&err);
-
-        assert_eq!(
-            error.data,
-            Some(json!({
-                "reason": "cloudRequirements",
-                "errorCode": "Auth",
-                "action": "relogin",
-                "statusCode": 401,
-                "detail": "Your authentication session could not be refreshed automatically. Please log out and sign in again.",
-            }))
-        );
-        assert!(
-            error.message.contains("failed to load configuration"),
-            "unexpected error message: {}",
-            error.message
-        );
-    }
-
-    #[test]
-    fn config_load_error_leaves_non_cloud_requirements_failures_unmarked() {
-        let err = std::io::Error::other("required MCP servers failed to initialize");
-
-        let error = config_load_error(&err);
-
-        assert_eq!(error.data, None);
-        assert!(
-            error.message.contains("failed to load configuration"),
-            "unexpected error message: {}",
-            error.message
-        );
-    }
-
-    #[test]
-    fn config_load_error_marks_non_auth_cloud_requirements_failures_without_relogin() {
-        let err = std::io::Error::other(CloudRequirementsLoadError::new(
-            CloudRequirementsLoadErrorCode::RequestFailed,
-            None,
-            "failed to load your workspace-managed config",
-        ));
-
-        let error = config_load_error(&err);
-
-        assert_eq!(
-            error.data,
-            Some(json!({
-                "reason": "cloudRequirements",
-                "errorCode": "RequestFailed",
-                "detail": "failed to load your workspace-managed config",
-            }))
-        );
-    }
-
    #[test]
    fn collect_resume_override_mismatches_includes_service_tier() {
        let request = ThreadResumeParams {
@@ -8273,7 +8110,6 @@ mod tests {
            service_tier: Some(Some(codex_protocol::config_types::ServiceTier::Fast)),
            cwd: None,
            approval_policy: None,
-            approvals_reviewer: None,
            sandbox: None,
            config: None,
            base_instructions: None,
@@ -8286,7 +8122,6 @@ mod tests {
            model_provider_id: "openai".to_string(),
            service_tier: Some(codex_protocol::config_types::ServiceTier::Flex),
            approval_policy: codex_protocol::protocol::AskForApproval::OnRequest,
-            approvals_reviewer: codex_protocol::config_types::ApprovalsReviewer::User,
            sandbox_policy: codex_protocol::protocol::SandboxPolicy::DangerFullAccess,
            cwd: PathBuf::from("/tmp"),
            ephemeral: false,
--- a/codex-rs/app-server/src/command_exec.rs
+++ b/codex-rs/app-server/src/command_exec.rs
@@ -733,7 +733,6 @@ mod tests {
            expiration: ExecExpiration::DefaultTimeout,
            sandbox: SandboxType::WindowsRestrictedToken,
            windows_sandbox_level: WindowsSandboxLevel::Disabled,
-            windows_sandbox_private_desktop: false,
            sandbox_permissions: codex_core::sandboxing::SandboxPermissions::UseDefault,
            sandbox_policy: sandbox_policy.clone(),
            file_system_sandbox_policy: FileSystemSandboxPolicy::from(&sandbox_policy),
@@ -845,7 +844,6 @@ mod tests {
                    expiration: ExecExpiration::Cancellation(CancellationToken::new()),
                    sandbox: SandboxType::None,
                    windows_sandbox_level: WindowsSandboxLevel::Disabled,
-                    windows_sandbox_private_desktop: false,
                    sandbox_permissions: codex_core::sandboxing::SandboxPermissions::UseDefault,
                    sandbox_policy: sandbox_policy.clone(),
                    file_system_sandbox_policy: FileSystemSandboxPolicy::from(&sandbox_policy),
--- a/codex-rs/app-server/src/config_api.rs
+++ b/codex-rs/app-server/src/config_api.rs
@@ -12,7 +12,6 @@ use codex_app_server_protocol::ConfigWriteResponse;
 use codex_app_server_protocol::JSONRPCErrorError;
 use codex_app_server_protocol::NetworkRequirements;
 use codex_app_server_protocol::SandboxMode;
-use codex_core::AnalyticsEventsClient;
 use codex_core::ThreadManager;
 use codex_core::config::ConfigService;
 use codex_core::config::ConfigServiceError;
@@ -21,9 +20,6 @@ use codex_core::config_loader::ConfigRequirementsToml;
 use codex_core::config_loader::LoaderOverrides;
 use codex_core::config_loader::ResidencyRequirement as CoreResidencyRequirement;
 use codex_core::config_loader::SandboxModeRequirement as CoreSandboxModeRequirement;
-use codex_core::plugins::PluginId;
-use codex_core::plugins::collect_plugin_enabled_candidates;
-use codex_core::plugins::installed_plugin_telemetry_metadata;
 use codex_protocol::config_types::WebSearchMode;
 use codex_protocol::protocol::Op;
 use serde_json::json;
@@ -60,7 +56,6 @@ pub(crate) struct ConfigApi {
    loader_overrides: LoaderOverrides,
    cloud_requirements: Arc<RwLock<CloudRequirementsLoader>>,
    user_config_reloader: Arc<dyn UserConfigReloader>,
-    analytics_events_client: AnalyticsEventsClient,
 }

 impl ConfigApi {
@@ -70,7 +65,6 @@ impl ConfigApi {
        loader_overrides: LoaderOverrides,
        cloud_requirements: Arc<RwLock<CloudRequirementsLoader>>,
        user_config_reloader: Arc<dyn UserConfigReloader>,
-        analytics_events_client: AnalyticsEventsClient,
    ) -> Self {
        Self {
            codex_home,
@@ -78,7 +72,6 @@ impl ConfigApi {
            loader_overrides,
            cloud_requirements,
            user_config_reloader,
-            analytics_events_client,
        }
    }

@@ -120,15 +113,10 @@ impl ConfigApi {
        &self,
        params: ConfigValueWriteParams,
    ) -> Result<ConfigWriteResponse, JSONRPCErrorError> {
-        let pending_changes =
-            collect_plugin_enabled_candidates([(&params.key_path, &params.value)].into_iter());
-        let response = self
-            .config_service()
+        self.config_service()
            .write_value(params)
            .await
-            .map_err(map_error)?;
-        self.emit_plugin_toggle_events(pending_changes);
-        Ok(response)
+            .map_err(map_error)
    }

    pub(crate) async fn batch_write(
@@ -136,38 +124,16 @@ impl ConfigApi {
        params: ConfigBatchWriteParams,
    ) -> Result<ConfigWriteResponse, JSONRPCErrorError> {
        let reload_user_config = params.reload_user_config;
-        let pending_changes = collect_plugin_enabled_candidates(
-            params
-                .edits
-                .iter()
-                .map(|edit| (&edit.key_path, &edit.value)),
-        );
        let response = self
            .config_service()
            .batch_write(params)
            .await
            .map_err(map_error)?;
-        self.emit_plugin_toggle_events(pending_changes);
        if reload_user_config {
            self.user_config_reloader.reload_user_config().await;
        }
        Ok(response)
    }
-
-    fn emit_plugin_toggle_events(&self, pending_changes: std::collections::BTreeMap<String, bool>) {
-        for (plugin_id, enabled) in pending_changes {
-            let Ok(plugin_id) = PluginId::parse(&plugin_id) else {
-                continue;
-            };
-            let metadata =
-                installed_plugin_telemetry_metadata(self.codex_home.as_path(), &plugin_id);
-            if enabled {
-                self.analytics_events_client.track_plugin_enabled(metadata);
-            } else {
-                self.analytics_events_client.track_plugin_disabled(metadata);
-            }
-        }
-    }
 }

 fn map_requirements_toml_to_api(requirements: ConfigRequirementsToml) -> ConfigRequirements {
@@ -263,7 +229,6 @@ fn config_write_error(code: ConfigWriteErrorCode, message: impl Into<String>) ->
 #[cfg(test)]
 mod tests {
    use super::*;
-    use codex_core::AnalyticsEventsClient;
    use codex_core::config_loader::NetworkRequirementsToml as CoreNetworkRequirementsToml;
    use codex_protocol::protocol::AskForApproval as CoreAskForApproval;
    use pretty_assertions::assert_eq;
@@ -305,7 +270,6 @@ mod tests {
                ]),
            }),
            mcp_servers: None,
-            apps: None,
            rules: None,
            enforce_residency: Some(CoreResidencyRequirement::Us),
            network: Some(CoreNetworkRequirementsToml {
@@ -376,7 +340,6 @@ mod tests {
            allowed_web_search_modes: Some(Vec::new()),
            feature_requirements: None,
            mcp_servers: None,
-            apps: None,
            rules: None,
            enforce_residency: None,
            network: None,
@@ -396,24 +359,12 @@ mod tests {
        let user_config_path = codex_home.path().join("config.toml");
        std::fs::write(&user_config_path, "").expect("write config");
        let reloader = Arc::new(RecordingUserConfigReloader::default());
-        let analytics_config = Arc::new(
-            codex_core::config::ConfigBuilder::default()
-                .build()
-                .await
-                .expect("load analytics config"),
-        );
        let config_api = ConfigApi::new(
            codex_home.path().to_path_buf(),
            Vec::new(),
            LoaderOverrides::default(),
            Arc::new(RwLock::new(CloudRequirementsLoader::default())),
            reloader.clone(),
-            AnalyticsEventsClient::new(
-                analytics_config,
-                codex_core::test_support::auth_manager_from_auth(
-                    codex_core::CodexAuth::from_api_key("test"),
-                ),
-            ),
        );

        let response = config_api
--- a/codex-rs/app-server/src/fs_api.rs
+++ b/codex-rs/app-server/src/fs_api.rs
@@ -1,365 +0,0 @@
-use crate::error_code::INTERNAL_ERROR_CODE;
-use crate::error_code::INVALID_REQUEST_ERROR_CODE;
-use base64::Engine;
-use base64::engine::general_purpose::STANDARD;
-use codex_app_server_protocol::FsCopyParams;
-use codex_app_server_protocol::FsCopyResponse;
-use codex_app_server_protocol::FsCreateDirectoryParams;
-use codex_app_server_protocol::FsCreateDirectoryResponse;
-use codex_app_server_protocol::FsGetMetadataParams;
-use codex_app_server_protocol::FsGetMetadataResponse;
-use codex_app_server_protocol::FsReadDirectoryEntry;
-use codex_app_server_protocol::FsReadDirectoryParams;
-use codex_app_server_protocol::FsReadDirectoryResponse;
-use codex_app_server_protocol::FsReadFileParams;
-use codex_app_server_protocol::FsReadFileResponse;
-use codex_app_server_protocol::FsRemoveParams;
-use codex_app_server_protocol::FsRemoveResponse;
-use codex_app_server_protocol::FsWriteFileParams;
-use codex_app_server_protocol::FsWriteFileResponse;
-use codex_app_server_protocol::JSONRPCErrorError;
-use std::io;
-use std::path::Component;
-use std::path::Path;
-use std::path::PathBuf;
-use std::time::SystemTime;
-use std::time::UNIX_EPOCH;
-use walkdir::WalkDir;
-
-#[derive(Clone, Default)]
-pub(crate) struct FsApi;
-
-impl FsApi {
-    pub(crate) async fn read_file(
-        &self,
-        params: FsReadFileParams,
-    ) -> Result<FsReadFileResponse, JSONRPCErrorError> {
-        let bytes = tokio::fs::read(params.path).await.map_err(map_io_error)?;
-        Ok(FsReadFileResponse {
-            data_base64: STANDARD.encode(bytes),
-        })
-    }
-
-    pub(crate) async fn write_file(
-        &self,
-        params: FsWriteFileParams,
-    ) -> Result<FsWriteFileResponse, JSONRPCErrorError> {
-        let bytes = STANDARD.decode(params.data_base64).map_err(|err| {
-            invalid_request(format!(
-                "fs/writeFile requires valid base64 dataBase64: {err}"
-            ))
-        })?;
-        tokio::fs::write(params.path, bytes)
-            .await
-            .map_err(map_io_error)?;
-        Ok(FsWriteFileResponse {})
-    }
-
-    pub(crate) async fn create_directory(
-        &self,
-        params: FsCreateDirectoryParams,
-    ) -> Result<FsCreateDirectoryResponse, JSONRPCErrorError> {
-        if params.recursive.unwrap_or(true) {
-            tokio::fs::create_dir_all(params.path)
-                .await
-                .map_err(map_io_error)?;
-        } else {
-            tokio::fs::create_dir(params.path)
-                .await
-                .map_err(map_io_error)?;
-        }
-        Ok(FsCreateDirectoryResponse {})
-    }
-
-    pub(crate) async fn get_metadata(
-        &self,
-        params: FsGetMetadataParams,
-    ) -> Result<FsGetMetadataResponse, JSONRPCErrorError> {
-        let metadata = tokio::fs::metadata(params.path)
-            .await
-            .map_err(map_io_error)?;
-        Ok(FsGetMetadataResponse {
-            is_directory: metadata.is_dir(),
-            is_file: metadata.is_file(),
-            created_at_ms: metadata.created().ok().map_or(0, system_time_to_unix_ms),
-            modified_at_ms: metadata.modified().ok().map_or(0, system_time_to_unix_ms),
-        })
-    }
-
-    pub(crate) async fn read_directory(
-        &self,
-        params: FsReadDirectoryParams,
-    ) -> Result<FsReadDirectoryResponse, JSONRPCErrorError> {
-        let mut entries = Vec::new();
-        let mut read_dir = tokio::fs::read_dir(params.path)
-            .await
-            .map_err(map_io_error)?;
-        while let Some(entry) = read_dir.next_entry().await.map_err(map_io_error)? {
-            let metadata = tokio::fs::metadata(entry.path())
-                .await
-                .map_err(map_io_error)?;
-            entries.push(FsReadDirectoryEntry {
-                file_name: entry.file_name().to_string_lossy().into_owned(),
-                is_directory: metadata.is_dir(),
-                is_file: metadata.is_file(),
-            });
-        }
-        Ok(FsReadDirectoryResponse { entries })
-    }
-
-    pub(crate) async fn remove(
-        &self,
-        params: FsRemoveParams,
-    ) -> Result<FsRemoveResponse, JSONRPCErrorError> {
-        let path = params.path.as_path();
-        let recursive = params.recursive.unwrap_or(true);
-        let force = params.force.unwrap_or(true);
-        match tokio::fs::symlink_metadata(path).await {
-            Ok(metadata) => {
-                let file_type = metadata.file_type();
-                if file_type.is_dir() {
-                    if recursive {
-                        tokio::fs::remove_dir_all(path)
-                            .await
-                            .map_err(map_io_error)?;
-                    } else {
-                        tokio::fs::remove_dir(path).await.map_err(map_io_error)?;
-                    }
-                } else {
-                    tokio::fs::remove_file(path).await.map_err(map_io_error)?;
-                }
-                Ok(FsRemoveResponse {})
-            }
-            Err(err) if err.kind() == io::ErrorKind::NotFound && force => Ok(FsRemoveResponse {}),
-            Err(err) => Err(map_io_error(err)),
-        }
-    }
-
-    pub(crate) async fn copy(
-        &self,
-        params: FsCopyParams,
-    ) -> Result<FsCopyResponse, JSONRPCErrorError> {
-        let FsCopyParams {
-            source_path,
-            destination_path,
-            recursive,
-        } = params;
-        tokio::task::spawn_blocking(move || -> Result<(), JSONRPCErrorError> {
-            let metadata =
-                std::fs::symlink_metadata(source_path.as_path()).map_err(map_io_error)?;
-            let file_type = metadata.file_type();
-
-            if file_type.is_dir() {
-                if !recursive {
-                    return Err(invalid_request(
-                        "fs/copy requires recursive: true when sourcePath is a directory",
-                    ));
-                }
-                if destination_is_same_or_descendant_of_source(
-                    source_path.as_path(),
-                    destination_path.as_path(),
-                )
-                .map_err(map_io_error)?
-                {
-                    return Err(invalid_request(
-                        "fs/copy cannot copy a directory to itself or one of its descendants",
-                    ));
-                }
-                copy_dir_recursive(source_path.as_path(), destination_path.as_path())
-                    .map_err(map_io_error)?;
-                return Ok(());
-            }
-
-            if file_type.is_symlink() {
-                copy_symlink(source_path.as_path(), destination_path.as_path())
-                    .map_err(map_io_error)?;
-                return Ok(());
-            }
-
-            if file_type.is_file() {
-                std::fs::copy(source_path.as_path(), destination_path.as_path())
-                    .map_err(map_io_error)?;
-                return Ok(());
-            }
-
-            Err(invalid_request(
-                "fs/copy only supports regular files, directories, and symlinks",
-            ))
-        })
-        .await
-        .map_err(map_join_error)??;
-        Ok(FsCopyResponse {})
-    }
-}
-
-fn copy_dir_recursive(source: &Path, target: &Path) -> io::Result<()> {
-    for entry in WalkDir::new(source) {
-        let entry = entry.map_err(|err| {
-            if let Some(io_err) = err.io_error() {
-                io::Error::new(io_err.kind(), io_err.to_string())
-            } else {
-                io::Error::other(err.to_string())
-            }
-        })?;
-        let relative_path = entry.path().strip_prefix(source).map_err(|err| {
-            io::Error::other(format!(
-                "failed to compute relative path for {} under {}: {err}",
-                entry.path().display(),
-                source.display()
-            ))
-        })?;
-        let target_path = target.join(relative_path);
-        let file_type = entry.file_type();
-
-        if file_type.is_dir() {
-            std::fs::create_dir_all(&target_path)?;
-            continue;
-        }
-
-        if file_type.is_file() {
-            std::fs::copy(entry.path(), &target_path)?;
-            continue;
-        }
-
-        if file_type.is_symlink() {
-            copy_symlink(entry.path(), &target_path)?;
-            continue;
-        }
-
-        // For now ignore special files such as FIFOs, sockets, and device nodes during recursive copies.
-    }
-    Ok(())
-}
-
-fn destination_is_same_or_descendant_of_source(
-    source: &Path,
-    destination: &Path,
-) -> io::Result<bool> {
-    let source = std::fs::canonicalize(source)?;
-    let destination = resolve_copy_destination_path(destination)?;
-    Ok(destination.starts_with(&source))
-}
-
-fn resolve_copy_destination_path(path: &Path) -> io::Result<PathBuf> {
-    let mut normalized = PathBuf::new();
-    for component in path.components() {
-        match component {
-            Component::Prefix(prefix) => normalized.push(prefix.as_os_str()),
-            Component::RootDir => normalized.push(component.as_os_str()),
-            Component::CurDir => {}
-            Component::ParentDir => {
-                normalized.pop();
-            }
-            Component::Normal(part) => normalized.push(part),
-        }
-    }
-
-    let mut unresolved_suffix = Vec::new();
-    let mut existing_path = normalized.as_path();
-    while !existing_path.exists() {
-        let Some(file_name) = existing_path.file_name() else {
-            break;
-        };
-        unresolved_suffix.push(file_name.to_os_string());
-        let Some(parent) = existing_path.parent() else {
-            break;
-        };
-        existing_path = parent;
-    }
-
-    let mut resolved = std::fs::canonicalize(existing_path)?;
-    for file_name in unresolved_suffix.iter().rev() {
-        resolved.push(file_name);
-    }
-    Ok(resolved)
-}
-
-fn copy_symlink(source: &Path, target: &Path) -> io::Result<()> {
-    let link_target = std::fs::read_link(source)?;
-    #[cfg(unix)]
-    {
-        std::os::unix::fs::symlink(&link_target, target)
-    }
-    #[cfg(windows)]
-    {
-        if symlink_points_to_directory(source)? {
-            std::os::windows::fs::symlink_dir(&link_target, target)
-        } else {
-            std::os::windows::fs::symlink_file(&link_target, target)
-        }
-    }
-    #[cfg(not(any(unix, windows)))]
-    {
-        let _ = link_target;
-        let _ = target;
-        Err(io::Error::new(
-            io::ErrorKind::Unsupported,
-            "copying symlinks is unsupported on this platform",
-        ))
-    }
-}
-
-#[cfg(windows)]
-fn symlink_points_to_directory(source: &Path) -> io::Result<bool> {
-    use std::os::windows::fs::FileTypeExt;
-
-    Ok(std::fs::symlink_metadata(source)?
-        .file_type()
-        .is_symlink_dir())
-}
-
-fn system_time_to_unix_ms(time: SystemTime) -> i64 {
-    time.duration_since(UNIX_EPOCH)
-        .ok()
-        .and_then(|duration| i64::try_from(duration.as_millis()).ok())
-        .unwrap_or(0)
-}
-
-pub(crate) fn invalid_request(message: impl Into<String>) -> JSONRPCErrorError {
-    JSONRPCErrorError {
-        code: INVALID_REQUEST_ERROR_CODE,
-        message: message.into(),
-        data: None,
-    }
-}
-
-fn map_join_error(err: tokio::task::JoinError) -> JSONRPCErrorError {
-    JSONRPCErrorError {
-        code: INTERNAL_ERROR_CODE,
-        message: format!("filesystem task failed: {err}"),
-        data: None,
-    }
-}
-
-pub(crate) fn map_io_error(err: io::Error) -> JSONRPCErrorError {
-    JSONRPCErrorError {
-        code: INTERNAL_ERROR_CODE,
-        message: err.to_string(),
-        data: None,
-    }
-}
-
-#[cfg(all(test, windows))]
-mod tests {
-    use super::*;
-    use pretty_assertions::assert_eq;
-
-    #[test]
-    fn symlink_points_to_directory_handles_dangling_directory_symlinks() -> io::Result<()> {
-        use std::os::windows::fs::symlink_dir;
-
-        let temp_dir = tempfile::TempDir::new()?;
-        let source_dir = temp_dir.path().join("source");
-        let link_path = temp_dir.path().join("source-link");
-        std::fs::create_dir(&source_dir)?;
-
-        if symlink_dir(&source_dir, &link_path).is_err() {
-            return Ok(());
-        }
-
-        std::fs::remove_dir(&source_dir)?;
-
-        assert_eq!(symlink_points_to_directory(&link_path)?, true);
-        Ok(())
-    }
-}
--- a/codex-rs/app-server/src/in_process.rs
+++ b/codex-rs/app-server/src/in_process.rs
@@ -74,8 +74,6 @@ use codex_app_server_protocol::Result;
 use codex_app_server_protocol::ServerNotification;
 use codex_app_server_protocol::ServerRequest;
 use codex_arg0::Arg0DispatchPaths;
-use codex_core::AuthManager;
-use codex_core::ThreadManager;
 use codex_core::config::Config;
 use codex_core::config_loader::CloudRequirementsLoader;
 use codex_core::config_loader::LoaderOverrides;
@@ -124,10 +122,6 @@ pub struct InProcessStartArgs {
    pub loader_overrides: LoaderOverrides,
    /// Preloaded cloud requirements provider.
    pub cloud_requirements: CloudRequirementsLoader,
-    /// Optional prebuilt auth manager reused by an embedding caller.
-    pub auth_manager: Option<Arc<AuthManager>>,
-    /// Optional prebuilt thread manager reused by an embedding caller.
-    pub thread_manager: Option<Arc<ThreadManager>>,
    /// Feedback sink used by app-server/core telemetry and logs.
    pub feedback: CodexFeedback,
    /// Startup warnings emitted after initialize succeeds.
@@ -410,8 +404,6 @@ fn start_uninitialized(args: InProcessStartArgs) -> InProcessClientHandle {
                cli_overrides: args.cli_overrides,
                loader_overrides: args.loader_overrides,
                cloud_requirements: args.cloud_requirements,
-                auth_manager: args.auth_manager,
-                thread_manager: args.thread_manager,
                feedback: args.feedback,
                log_db: None,
                config_warnings: args.config_warnings,
@@ -483,7 +475,6 @@ fn start_uninitialized(args: InProcessStartArgs) -> InProcessClientHandle {
                }
            }

-            processor.clear_runtime_references();
            processor.drain_background_tasks().await;
            processor.shutdown_threads().await;
            processor.connection_closed(IN_PROCESS_CONNECTION_ID).await;
@@ -758,8 +749,6 @@ mod tests {
            cli_overrides: Vec::new(),
            loader_overrides: LoaderOverrides::default(),
            cloud_requirements: CloudRequirementsLoader::default(),
-            auth_manager: None,
-            thread_manager: None,
            feedback: CodexFeedback::new(),
            config_warnings: Vec::new(),
            session_source,
--- a/codex-rs/app-server/src/lib.rs
+++ b/codex-rs/app-server/src/lib.rs
@@ -65,7 +65,6 @@ mod dynamic_tools;
 mod error_code;
 mod external_agent_config_api;
 mod filters;
-mod fs_api;
 mod fuzzy_file_search;
 pub mod in_process;
 mod message_processor;
@@ -608,8 +607,6 @@ pub async fn run_main_with_transport(
            cli_overrides,
            loader_overrides,
            cloud_requirements: cloud_requirements.clone(),
-            auth_manager: None,
-            thread_manager: None,
            feedback: feedback.clone(),
            log_db,
            config_warnings,
--- a/codex-rs/app-server/src/message_processor.rs
+++ b/codex-rs/app-server/src/message_processor.rs
@@ -10,7 +10,6 @@ use crate::codex_message_processor::CodexMessageProcessorArgs;
 use crate::config_api::ConfigApi;
 use crate::error_code::INVALID_REQUEST_ERROR_CODE;
 use crate::external_agent_config_api::ExternalAgentConfigApi;
-use crate::fs_api::FsApi;
 use crate::outgoing_message::ConnectionId;
 use crate::outgoing_message::ConnectionRequestId;
 use crate::outgoing_message::OutgoingMessageSender;
@@ -30,13 +29,6 @@ use codex_app_server_protocol::ConfigWarningNotification;
 use codex_app_server_protocol::ExperimentalApi;
 use codex_app_server_protocol::ExternalAgentConfigDetectParams;
 use codex_app_server_protocol::ExternalAgentConfigImportParams;
-use codex_app_server_protocol::FsCopyParams;
-use codex_app_server_protocol::FsCreateDirectoryParams;
-use codex_app_server_protocol::FsGetMetadataParams;
-use codex_app_server_protocol::FsReadDirectoryParams;
-use codex_app_server_protocol::FsReadFileParams;
-use codex_app_server_protocol::FsRemoveParams;
-use codex_app_server_protocol::FsWriteFileParams;
 use codex_app_server_protocol::InitializeResponse;
 use codex_app_server_protocol::JSONRPCError;
 use codex_app_server_protocol::JSONRPCErrorError;
@@ -47,7 +39,6 @@ use codex_app_server_protocol::ServerNotification;
 use codex_app_server_protocol::ServerRequestPayload;
 use codex_app_server_protocol::experimental_required_message;
 use codex_arg0::Arg0DispatchPaths;
-use codex_core::AnalyticsEventsClient;
 use codex_core::AuthManager;
 use codex_core::ThreadManager;
 use codex_core::auth::ExternalAuthRefreshContext;
@@ -147,8 +138,6 @@ pub(crate) struct MessageProcessor {
    codex_message_processor: CodexMessageProcessor,
    config_api: ConfigApi,
    external_agent_config_api: ExternalAgentConfigApi,
-    fs_api: FsApi,
-    auth_manager: Arc<AuthManager>,
    config: Arc<Config>,
    config_warnings: Arc<Vec<ConfigWarningNotification>>,
 }
@@ -169,8 +158,6 @@ pub(crate) struct MessageProcessorArgs {
    pub(crate) cli_overrides: Vec<(String, TomlValue)>,
    pub(crate) loader_overrides: LoaderOverrides,
    pub(crate) cloud_requirements: CloudRequirementsLoader,
-    pub(crate) auth_manager: Option<Arc<AuthManager>>,
-    pub(crate) thread_manager: Option<Arc<ThreadManager>>,
    pub(crate) feedback: CodexFeedback,
    pub(crate) log_db: Option<LogDbLayer>,
    pub(crate) config_warnings: Vec<ConfigWarningNotification>,
@@ -189,52 +176,38 @@ impl MessageProcessor {
            cli_overrides,
            loader_overrides,
            cloud_requirements,
-            auth_manager,
-            thread_manager,
            feedback,
            log_db,
            config_warnings,
            session_source,
            enable_codex_api_key_env,
        } = args;
-        let (auth_manager, thread_manager) = match (auth_manager, thread_manager) {
-            (Some(auth_manager), Some(thread_manager)) => (auth_manager, thread_manager),
-            (None, None) => {
-                let auth_manager = AuthManager::shared(
-                    config.codex_home.clone(),
-                    enable_codex_api_key_env,
-                    config.cli_auth_credentials_store_mode,
-                );
-                let thread_manager = Arc::new(ThreadManager::new(
-                    config.as_ref(),
-                    auth_manager.clone(),
-                    session_source,
-                    CollaborationModesConfig {
-                        default_mode_request_user_input: config
-                            .features
-                            .enabled(codex_core::features::Feature::DefaultModeRequestUserInput),
-                    },
-                ));
-                (auth_manager, thread_manager)
-            }
-            _ => panic!("MessageProcessorArgs must provide both auth_manager and thread_manager"),
-        };
+        let auth_manager = AuthManager::shared(
+            config.codex_home.clone(),
+            enable_codex_api_key_env,
+            config.cli_auth_credentials_store_mode,
+        );
        auth_manager.set_forced_chatgpt_workspace_id(config.forced_chatgpt_workspace_id.clone());
        auth_manager.set_external_auth_refresher(Arc::new(ExternalAuthRefreshBridge {
            outgoing: outgoing.clone(),
        }));
-        let analytics_events_client =
-            AnalyticsEventsClient::new(Arc::clone(&config), Arc::clone(&auth_manager));
-        thread_manager
-            .plugins_manager()
-            .set_analytics_events_client(analytics_events_client.clone());
+        let thread_manager = Arc::new(ThreadManager::new(
+            config.as_ref(),
+            auth_manager.clone(),
+            session_source,
+            CollaborationModesConfig {
+                default_mode_request_user_input: config
+                    .features
+                    .enabled(codex_core::features::Feature::DefaultModeRequestUserInput),
+            },
+        ));
        // TODO(xl): Move into PluginManager once this no longer depends on config feature gating.
        thread_manager
            .plugins_manager()
            .maybe_start_curated_repo_sync_for_config(&config);
        let cloud_requirements = Arc::new(RwLock::new(cloud_requirements));
        let codex_message_processor = CodexMessageProcessor::new(CodexMessageProcessorArgs {
-            auth_manager: auth_manager.clone(),
+            auth_manager,
            thread_manager: Arc::clone(&thread_manager),
            outgoing: outgoing.clone(),
            arg0_paths,
@@ -250,27 +223,19 @@ impl MessageProcessor {
            loader_overrides,
            cloud_requirements,
            thread_manager,
-            analytics_events_client,
        );
        let external_agent_config_api = ExternalAgentConfigApi::new(config.codex_home.clone());
-        let fs_api = FsApi;

        Self {
            outgoing,
            codex_message_processor,
            config_api,
            external_agent_config_api,
-            fs_api,
-            auth_manager,
            config,
            config_warnings: Arc::new(config_warnings),
        }
    }

-    pub(crate) fn clear_runtime_references(&self) {
-        self.auth_manager.clear_external_auth_refresher();
-    }
-
    pub(crate) async fn process_request(
        &mut self,
        connection_id: ConnectionId,
@@ -571,11 +536,7 @@ impl MessageProcessor {
                }

                let user_agent = get_codex_user_agent();
-                let response = InitializeResponse {
-                    user_agent,
-                    platform_family: std::env::consts::FAMILY.to_string(),
-                    platform_os: std::env::consts::OS.to_string(),
-                };
+                let response = InitializeResponse { user_agent };
                self.outgoing
                    .send_response(connection_request_id, response)
                    .await;
@@ -677,76 +638,6 @@ impl MessageProcessor {
                })
                .await;
            }
-            ClientRequest::FsReadFile { request_id, params } => {
-                self.handle_fs_read_file(
-                    ConnectionRequestId {
-                        connection_id,
-                        request_id,
-                    },
-                    params,
-                )
-                .await;
-            }
-            ClientRequest::FsWriteFile { request_id, params } => {
-                self.handle_fs_write_file(
-                    ConnectionRequestId {
-                        connection_id,
-                        request_id,
-                    },
-                    params,
-                )
-                .await;
-            }
-            ClientRequest::FsCreateDirectory { request_id, params } => {
-                self.handle_fs_create_directory(
-                    ConnectionRequestId {
-                        connection_id,
-                        request_id,
-                    },
-                    params,
-                )
-                .await;
-            }
-            ClientRequest::FsGetMetadata { request_id, params } => {
-                self.handle_fs_get_metadata(
-                    ConnectionRequestId {
-                        connection_id,
-                        request_id,
-                    },
-                    params,
-                )
-                .await;
-            }
-            ClientRequest::FsReadDirectory { request_id, params } => {
-                self.handle_fs_read_directory(
-                    ConnectionRequestId {
-                        connection_id,
-                        request_id,
-                    },
-                    params,
-                )
-                .await;
-            }
-            ClientRequest::FsRemove { request_id, params } => {
-                self.handle_fs_remove(
-                    ConnectionRequestId {
-                        connection_id,
-                        request_id,
-                    },
-                    params,
-                )
-                .await;
-            }
-            ClientRequest::FsCopy { request_id, params } => {
-                self.handle_fs_copy(
-                    ConnectionRequestId {
-                        connection_id,
-                        request_id,
-                    },
-                    params,
-                )
-                .await;
-            }
            other => {
                // Box the delegated future so this wrapper's async state machine does not
                // inline the full `CodexMessageProcessor::process_request` future, which
@@ -833,71 +724,6 @@ impl MessageProcessor {
            Err(error) => self.outgoing.send_error(request_id, error).await,
        }
    }
-
-    async fn handle_fs_read_file(&self, request_id: ConnectionRequestId, params: FsReadFileParams) {
-        match self.fs_api.read_file(params).await {
-            Ok(response) => self.outgoing.send_response(request_id, response).await,
-            Err(error) => self.outgoing.send_error(request_id, error).await,
-        }
-    }
-
-    async fn handle_fs_write_file(
-        &self,
-        request_id: ConnectionRequestId,
-        params: FsWriteFileParams,
-    ) {
-        match self.fs_api.write_file(params).await {
-            Ok(response) => self.outgoing.send_response(request_id, response).await,
-            Err(error) => self.outgoing.send_error(request_id, error).await,
-        }
-    }
-
-    async fn handle_fs_create_directory(
-        &self,
-        request_id: ConnectionRequestId,
-        params: FsCreateDirectoryParams,
-    ) {
-        match self.fs_api.create_directory(params).await {
-            Ok(response) => self.outgoing.send_response(request_id, response).await,
-            Err(error) => self.outgoing.send_error(request_id, error).await,
-        }
-    }
-
-    async fn handle_fs_get_metadata(
-        &self,
-        request_id: ConnectionRequestId,
-        params: FsGetMetadataParams,
-    ) {
-        match self.fs_api.get_metadata(params).await {
-            Ok(response) => self.outgoing.send_response(request_id, response).await,
-            Err(error) => self.outgoing.send_error(request_id, error).await,
-        }
-    }
-
-    async fn handle_fs_read_directory(
-        &self,
-        request_id: ConnectionRequestId,
-        params: FsReadDirectoryParams,
-    ) {
-        match self.fs_api.read_directory(params).await {
-            Ok(response) => self.outgoing.send_response(request_id, response).await,
-            Err(error) => self.outgoing.send_error(request_id, error).await,
-        }
-    }
-
-    async fn handle_fs_remove(&self, request_id: ConnectionRequestId, params: FsRemoveParams) {
-        match self.fs_api.remove(params).await {
-            Ok(response) => self.outgoing.send_response(request_id, response).await,
-            Err(error) => self.outgoing.send_error(request_id, error).await,
-        }
-    }
-
-    async fn handle_fs_copy(&self, request_id: ConnectionRequestId, params: FsCopyParams) {
-        match self.fs_api.copy(params).await {
-            Ok(response) => self.outgoing.send_response(request_id, response).await,
-            Err(error) => self.outgoing.send_error(request_id, error).await,
-        }
-    }
 }

 #[cfg(test)]
--- a/codex-rs/app-server/src/message_processor/tracing_tests.rs
+++ b/codex-rs/app-server/src/message_processor/tracing_tests.rs
@@ -47,6 +47,8 @@ use tracing_subscriber::layer::SubscriberExt;
 use wiremock::MockServer;

 const TEST_CONNECTION_ID: ConnectionId = ConnectionId(7);
+const CORE_TURN_SANITY_SPAN_NAMES: &[&str] =
+    &["submission_dispatch", "session_task.turn", "run_turn"];

 struct TestTracing {
    exporter: InMemorySpanExporter,
@@ -239,8 +241,6 @@ fn build_test_processor(
        cli_overrides: Vec::new(),
        loader_overrides: LoaderOverrides::default(),
        cloud_requirements: CloudRequirementsLoader::default(),
-        auth_manager: None,
-        thread_manager: None,
        feedback: CodexFeedback::new(),
        log_db: None,
        config_warnings: Vec::new(),
@@ -282,21 +282,17 @@ fn find_rpc_span_with_trace<'a>(
        })
 }

-fn find_span_with_trace<'a, F>(
+fn find_span_by_name_with_trace<'a>(
    spans: &'a [SpanData],
+    name: &str,
    trace_id: TraceId,
-    description: &str,
-    predicate: F,
-) -> &'a SpanData
-where
-    F: Fn(&SpanData) -> bool,
-{
+) -> &'a SpanData {
    spans
        .iter()
-        .find(|span| span.span_context.trace_id() == trace_id && predicate(span))
+        .find(|span| span.name.as_ref() == name && span.span_context.trace_id() == trace_id)
        .unwrap_or_else(|| {
            panic!(
-                "missing span matching {description} for trace={trace_id}; exported spans:\n{}",
+                "missing span named {name} for trace={trace_id}; exported spans:\n{}",
                format_spans(spans)
            )
        })
@@ -321,17 +317,12 @@ fn format_spans(spans: &[SpanData]) -> String {
        .join("\n")
 }

-fn span_depth_from_ancestor(
-    spans: &[SpanData],
-    child: &SpanData,
-    ancestor: &SpanData,
-) -> Option<usize> {
+fn assert_span_descends_from(spans: &[SpanData], child: &SpanData, ancestor: &SpanData) {
    let ancestor_span_id = ancestor.span_context.span_id();
    let mut parent_span_id = child.parent_span_id;
-    let mut depth = 1;
    while parent_span_id != SpanId::INVALID {
        if parent_span_id == ancestor_span_id {
-            return Some(depth);
+            return;
        }
        let Some(parent_span) = spans
            .iter()
@@ -340,15 +331,6 @@ fn span_depth_from_ancestor(
            break;
        };
        parent_span_id = parent_span.parent_span_id;
-        depth += 1;
-    }
-
-    None
-}
-
-fn assert_span_descends_from(spans: &[SpanData], child: &SpanData, ancestor: &SpanData) {
-    if span_depth_from_ancestor(spans, child, ancestor).is_some() {
-        return;
    }

    panic!(
@@ -359,27 +341,6 @@ fn assert_span_descends_from(spans: &[SpanData], child: &SpanData, ancestor: &Sp
    );
 }

-fn assert_has_internal_descendant_at_min_depth(
-    spans: &[SpanData],
-    ancestor: &SpanData,
-    min_depth: usize,
-) {
-    if spans.iter().any(|span| {
-        span.span_kind == SpanKind::Internal
-            && span.span_context.trace_id() == ancestor.span_context.trace_id()
-            && span_depth_from_ancestor(spans, span, ancestor)
-                .is_some_and(|depth| depth >= min_depth)
-    }) {
-        return;
-    }
-
-    panic!(
-        "missing internal descendant at depth >= {min_depth} below {}; exported spans:\n{}",
-        ancestor.name,
-        format_spans(spans)
-    );
-}
-
 async fn read_response<T: serde::de::DeserializeOwned>(
    outgoing_rx: &mut mpsc::Receiver<crate::outgoing_message::OutgoingEnvelope>,
    request_id: i64,
@@ -480,21 +441,6 @@ where
    );
 }

-async fn wait_for_new_exported_spans<F>(
-    tracing: &TestTracing,
-    baseline_len: usize,
-    predicate: F,
-) -> Vec<SpanData>
-where
-    F: Fn(&[SpanData]) -> bool,
-{
-    let spans = wait_for_exported_spans(tracing, |spans| {
-        spans.len() > baseline_len && predicate(&spans[baseline_len..])
-    })
-    .await;
-    spans.into_iter().skip(baseline_len).collect()
-}
-
 #[tokio::test(flavor = "current_thread")]
 async fn thread_start_jsonrpc_span_exports_server_span_and_parents_children() -> Result<()> {
    let _guard = tracing_test_guard().lock().await;
@@ -502,65 +448,33 @@ async fn thread_start_jsonrpc_span_exports_server_span_and_parents_children() ->

    let RemoteTrace {
        trace_id: remote_trace_id,
-        parent_span_id: remote_parent_span_id,
        context: remote_trace,
        ..
    } = RemoteTrace::new("00000000000000000000000000000011", "0000000000000022");

-    let _: ThreadStartResponse = harness.start_thread(20_002, None).await;
-    let untraced_spans = wait_for_exported_spans(harness.tracing, |spans| {
-        spans.iter().any(|span| {
-            span.span_kind == SpanKind::Server
-                && span_attr(span, "rpc.method") == Some("thread/start")
-        })
-    })
-    .await;
-    let untraced_server_span = find_rpc_span_with_trace(
-        &untraced_spans,
-        SpanKind::Server,
-        "thread/start",
-        untraced_spans
-            .iter()
-            .rev()
-            .find(|span| {
-                span.span_kind == SpanKind::Server
-                    && span_attr(span, "rpc.system") == Some("jsonrpc")
-                    && span_attr(span, "rpc.method") == Some("thread/start")
-            })
-            .unwrap_or_else(|| {
-                panic!(
-                    "missing latest thread/start server span; exported spans:\n{}",
-                    format_spans(&untraced_spans)
-                )
-            })
-            .span_context
-            .trace_id(),
-    );
-    assert_has_internal_descendant_at_min_depth(&untraced_spans, untraced_server_span, 1);
-
-    let baseline_len = untraced_spans.len();
-    let _: ThreadStartResponse = harness.start_thread(20_003, Some(remote_trace)).await;
-    let spans = wait_for_new_exported_spans(harness.tracing, baseline_len, |spans| {
+    let _: ThreadStartResponse = harness.start_thread(2, Some(remote_trace)).await;
+    let spans = wait_for_exported_spans(harness.tracing, |spans| {
        spans.iter().any(|span| {
            span.span_kind == SpanKind::Server
                && span_attr(span, "rpc.method") == Some("thread/start")
                && span.span_context.trace_id() == remote_trace_id
        }) && spans.iter().any(|span| {
-            span.name.as_ref() == "app_server.thread_start.notify_started"
-                && span.span_context.trace_id() == remote_trace_id
+            span.name.as_ref() == "thread_spawn" && span.span_context.trace_id() == remote_trace_id
+        }) && spans.iter().any(|span| {
+            span.name.as_ref() == "session_init" && span.span_context.trace_id() == remote_trace_id
        })
    })
    .await;

    let server_request_span =
        find_rpc_span_with_trace(&spans, SpanKind::Server, "thread/start", remote_trace_id);
+    let thread_spawn_span = find_span_by_name_with_trace(&spans, "thread_spawn", remote_trace_id);
+    let session_init_span = find_span_by_name_with_trace(&spans, "session_init", remote_trace_id);
    assert_eq!(server_request_span.name.as_ref(), "thread/start");
-    assert_eq!(server_request_span.parent_span_id, remote_parent_span_id);
-    assert!(server_request_span.parent_span_is_remote);
    assert_eq!(server_request_span.span_context.trace_id(), remote_trace_id);
    assert_ne!(server_request_span.span_context.span_id(), SpanId::INVALID);
-    assert_has_internal_descendant_at_min_depth(&spans, server_request_span, 1);
-    assert_has_internal_descendant_at_min_depth(&spans, server_request_span, 2);
+    assert_span_descends_from(&spans, thread_spawn_span, server_request_span);
+    assert_span_descends_from(&spans, session_init_span, server_request_span);
    harness.shutdown().await;

    Ok(())
@@ -593,7 +507,6 @@ async fn turn_start_jsonrpc_span_parents_core_turn_spans() -> Result<()> {
                    cwd: None,
                    approval_policy: None,
                    sandbox_policy: None,
-                    approvals_reviewer: None,
                    model: None,
                    service_tier: None,
                    effort: None,
@@ -612,7 +525,7 @@ async fn turn_start_jsonrpc_span_parents_core_turn_spans() -> Result<()> {
                && span_attr(span, "rpc.method") == Some("turn/start")
                && span.span_context.trace_id() == remote_trace_id
        }) && spans.iter().any(|span| {
-            span_attr(span, "codex.op") == Some("user_input")
+            CORE_TURN_SANITY_SPAN_NAMES.contains(&span.name.as_ref())
                && span.span_context.trace_id() == remote_trace_id
        })
    })
@@ -620,9 +533,17 @@ async fn turn_start_jsonrpc_span_parents_core_turn_spans() -> Result<()> {

    let server_request_span =
        find_rpc_span_with_trace(&spans, SpanKind::Server, "turn/start", remote_trace_id);
-    let core_turn_span =
-        find_span_with_trace(&spans, remote_trace_id, "codex.op=user_input", |span| {
-            span_attr(span, "codex.op") == Some("user_input")
+    let core_turn_span = spans
+        .iter()
+        .find(|span| {
+            CORE_TURN_SANITY_SPAN_NAMES.contains(&span.name.as_ref())
+                && span.span_context.trace_id() == remote_trace_id
+        })
+        .unwrap_or_else(|| {
+            panic!(
+                "missing representative core turn span for trace={remote_trace_id}; exported spans:\n{}",
+                format_spans(&spans)
+            )
        });

    assert_eq!(server_request_span.parent_span_id, remote_parent_span_id);
--- a/codex-rs/app-server/src/outgoing_message.rs
+++ b/codex-rs/app-server/src/outgoing_message.rs
@@ -1,5 +1,4 @@
 use std::collections::HashMap;
-use std::fmt;
 use std::sync::Arc;
 use std::sync::atomic::AtomicI64;
 use std::sync::atomic::Ordering;
@@ -33,12 +32,6 @@ pub(crate) type ClientRequestResult = std::result::Result<Result, JSONRPCErrorEr
 #[derive(Clone, Copy, Debug, Eq, Hash, PartialEq)]
 pub(crate) struct ConnectionId(pub(crate) u64);

-impl fmt::Display for ConnectionId {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        write!(f, "{}", self.0)
-    }
-}
-
 /// Stable identifier for a client request scoped to a transport connection.
 #[derive(Clone, Debug, Eq, Hash, PartialEq)]
 pub(crate) struct ConnectionRequestId {
--- a/codex-rs/app-server/tests/common/analytics_server.rs
+++ b/codex-rs/app-server/tests/common/analytics_server.rs
@@ -1,16 +0,0 @@
-use anyhow::Result;
-use wiremock::Mock;
-use wiremock::MockServer;
-use wiremock::ResponseTemplate;
-use wiremock::matchers::method;
-use wiremock::matchers::path;
-
-pub async fn start_analytics_events_server() -> Result<MockServer> {
-    let server = MockServer::start().await;
-    Mock::given(method("POST"))
-        .and(path("/codex/analytics-events/events"))
-        .respond_with(ResponseTemplate::new(200))
-        .mount(&server)
-        .await;
-    Ok(server)
-}
--- a/codex-rs/app-server/tests/common/config.rs
+++ b/codex-rs/app-server/tests/common/config.rs
@@ -49,11 +49,6 @@ stream_max_retries = 0
 "#
        )
    };
-    let openai_base_url_line = if model_provider_id == "openai" {
-        format!("openai_base_url = \"{server_uri}/v1\"\n")
-    } else {
-        String::new()
-    };
    // Phase 3: write the final config file.
    let config_toml = codex_home.join("config.toml");
    std::fs::write(
@@ -67,7 +62,6 @@ compact_prompt = "{compact_prompt}"
 model_auto_compact_token_limit = {auto_compact_limit}

 model_provider = "{model_provider_id}"
-{openai_base_url_line}

 [features]
 {feature_entries}
--- a/codex-rs/app-server/tests/common/lib.rs
+++ b/codex-rs/app-server/tests/common/lib.rs
@@ -1,4 +1,3 @@
-mod analytics_server;
 mod auth_fixtures;
 mod config;
 mod mcp_process;
@@ -7,7 +6,6 @@ mod models_cache;
 mod responses;
 mod rollout;

-pub use analytics_server::start_analytics_events_server;
 pub use auth_fixtures::ChatGptAuthFixture;
 pub use auth_fixtures::ChatGptIdTokenClaims;
 pub use auth_fixtures::encode_id_token;
--- a/codex-rs/app-server/tests/common/mcp_process.rs
+++ b/codex-rs/app-server/tests/common/mcp_process.rs
@@ -25,13 +25,6 @@ use codex_app_server_protocol::ConfigReadParams;
 use codex_app_server_protocol::ConfigValueWriteParams;
 use codex_app_server_protocol::ExperimentalFeatureListParams;
 use codex_app_server_protocol::FeedbackUploadParams;
-use codex_app_server_protocol::FsCopyParams;
-use codex_app_server_protocol::FsCreateDirectoryParams;
-use codex_app_server_protocol::FsGetMetadataParams;
-use codex_app_server_protocol::FsReadDirectoryParams;
-use codex_app_server_protocol::FsReadFileParams;
-use codex_app_server_protocol::FsRemoveParams;
-use codex_app_server_protocol::FsWriteFileParams;
 use codex_app_server_protocol::GetAccountParams;
 use codex_app_server_protocol::GetAuthStatusParams;
 use codex_app_server_protocol::GetConversationSummaryParams;
@@ -716,56 +709,6 @@ impl McpProcess {
        self.send_request("config/batchWrite", params).await
    }

-    pub async fn send_fs_read_file_request(
-        &mut self,
-        params: FsReadFileParams,
-    ) -> anyhow::Result<i64> {
-        let params = Some(serde_json::to_value(params)?);
-        self.send_request("fs/readFile", params).await
-    }
-
-    pub async fn send_fs_write_file_request(
-        &mut self,
-        params: FsWriteFileParams,
-    ) -> anyhow::Result<i64> {
-        let params = Some(serde_json::to_value(params)?);
-        self.send_request("fs/writeFile", params).await
-    }
-
-    pub async fn send_fs_create_directory_request(
-        &mut self,
-        params: FsCreateDirectoryParams,
-    ) -> anyhow::Result<i64> {
-        let params = Some(serde_json::to_value(params)?);
-        self.send_request("fs/createDirectory", params).await
-    }
-
-    pub async fn send_fs_get_metadata_request(
-        &mut self,
-        params: FsGetMetadataParams,
-    ) -> anyhow::Result<i64> {
-        let params = Some(serde_json::to_value(params)?);
-        self.send_request("fs/getMetadata", params).await
-    }
-
-    pub async fn send_fs_read_directory_request(
-        &mut self,
-        params: FsReadDirectoryParams,
-    ) -> anyhow::Result<i64> {
-        let params = Some(serde_json::to_value(params)?);
-        self.send_request("fs/readDirectory", params).await
-    }
-
-    pub async fn send_fs_remove_request(&mut self, params: FsRemoveParams) -> anyhow::Result<i64> {
-        let params = Some(serde_json::to_value(params)?);
-        self.send_request("fs/remove", params).await
-    }
-
-    pub async fn send_fs_copy_request(&mut self, params: FsCopyParams) -> anyhow::Result<i64> {
-        let params = Some(serde_json::to_value(params)?);
-        self.send_request("fs/copy", params).await
-    }
-
    /// Send an `account/logout` JSON-RPC request.
    pub async fn send_logout_account_request(&mut self) -> anyhow::Result<i64> {
        self.send_request("account/logout", None).await
--- a/codex-rs/app-server/tests/suite/v2/compaction.rs
+++ b/codex-rs/app-server/tests/suite/v2/compaction.rs
@@ -158,7 +158,15 @@ async fn auto_compaction_remote_emits_started_and_completed_items() -> Result<()
        AuthCredentialsStoreMode::File,
    )?;

-    let mut mcp = McpProcess::new_with_env(codex_home.path(), &[("OPENAI_API_KEY", None)]).await?;
+    let server_base_url = format!("{}/v1", server.uri());
+    let mut mcp = McpProcess::new_with_env(
+        codex_home.path(),
+        &[
+            ("OPENAI_BASE_URL", Some(server_base_url.as_str())),
+            ("OPENAI_API_KEY", None),
+        ],
+    )
+    .await?;
    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??;

    let thread_id = start_thread(&mut mcp).await?;
--- a/codex-rs/app-server/tests/suite/v2/fs.rs
+++ b/codex-rs/app-server/tests/suite/v2/fs.rs
@@ -1,613 +0,0 @@
-use anyhow::Context;
-use anyhow::Result;
-use app_test_support::McpProcess;
-use app_test_support::to_response;
-use base64::Engine;
-use base64::engine::general_purpose::STANDARD;
-use codex_app_server_protocol::FsCopyParams;
-use codex_app_server_protocol::FsGetMetadataResponse;
-use codex_app_server_protocol::FsReadDirectoryEntry;
-use codex_app_server_protocol::FsReadFileResponse;
-use codex_app_server_protocol::FsWriteFileParams;
-use codex_app_server_protocol::RequestId;
-use codex_utils_absolute_path::AbsolutePathBuf;
-use pretty_assertions::assert_eq;
-use serde_json::json;
-use std::path::PathBuf;
-use tempfile::TempDir;
-use tokio::time::Duration;
-use tokio::time::timeout;
-
-#[cfg(unix)]
-use std::os::unix::fs::symlink;
-#[cfg(unix)]
-use std::process::Command;
-
-const DEFAULT_READ_TIMEOUT: Duration = Duration::from_secs(10);
-
-async fn initialized_mcp(codex_home: &TempDir) -> Result<McpProcess> {
-    let mut mcp = McpProcess::new(codex_home.path()).await?;
-    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??;
-    Ok(mcp)
-}
-
-async fn expect_error_message(
-    mcp: &mut McpProcess,
-    request_id: i64,
-    expected_message: &str,
-) -> Result<()> {
-    let error = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_error_message(RequestId::Integer(request_id)),
-    )
-    .await??;
-    assert_eq!(error.error.message, expected_message);
-    Ok(())
-}
-
-#[allow(clippy::expect_used)]
-fn absolute_path(path: PathBuf) -> AbsolutePathBuf {
-    assert!(
-        path.is_absolute(),
-        "path must be absolute: {}",
-        path.display()
-    );
-    AbsolutePathBuf::try_from(path).expect("path should be absolute")
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_get_metadata_returns_only_used_fields() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let file_path = codex_home.path().join("note.txt");
-    std::fs::write(&file_path, "hello")?;
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-    let request_id = mcp
-        .send_fs_get_metadata_request(codex_app_server_protocol::FsGetMetadataParams {
-            path: absolute_path(file_path.clone()),
-        })
-        .await?;
-    let response = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
-    )
-    .await??;
-
-    let result = response
-        .result
-        .as_object()
-        .context("fs/getMetadata result should be an object")?;
-    let mut keys = result.keys().cloned().collect::<Vec<_>>();
-    keys.sort();
-    assert_eq!(
-        keys,
-        vec![
-            "createdAtMs".to_string(),
-            "isDirectory".to_string(),
-            "isFile".to_string(),
-            "modifiedAtMs".to_string(),
-        ]
-    );
-
-    let stat: FsGetMetadataResponse = to_response(response)?;
-    assert_eq!(
-        stat,
-        FsGetMetadataResponse {
-            is_directory: false,
-            is_file: true,
-            created_at_ms: stat.created_at_ms,
-            modified_at_ms: stat.modified_at_ms,
-        }
-    );
-    assert!(
-        stat.modified_at_ms > 0,
-        "modifiedAtMs should be populated for existing files"
-    );
-
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_methods_cover_current_fs_utils_surface() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let source_dir = codex_home.path().join("source");
-    let nested_dir = source_dir.join("nested");
-    let source_file = source_dir.join("root.txt");
-    let copied_dir = codex_home.path().join("copied");
-    let copy_file_path = codex_home.path().join("copy.txt");
-    let nested_file = nested_dir.join("note.txt");
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-
-    let create_directory_request_id = mcp
-        .send_fs_create_directory_request(codex_app_server_protocol::FsCreateDirectoryParams {
-            path: absolute_path(nested_dir.clone()),
-            recursive: None,
-        })
-        .await?;
-    timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(create_directory_request_id)),
-    )
-    .await??;
-
-    let write_request_id = mcp
-        .send_fs_write_file_request(FsWriteFileParams {
-            path: absolute_path(nested_file.clone()),
-            data_base64: STANDARD.encode("hello from app-server"),
-        })
-        .await?;
-    timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(write_request_id)),
-    )
-    .await??;
-
-    let root_write_request_id = mcp
-        .send_fs_write_file_request(FsWriteFileParams {
-            path: absolute_path(source_file.clone()),
-            data_base64: STANDARD.encode("hello from source root"),
-        })
-        .await?;
-    timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(root_write_request_id)),
-    )
-    .await??;
-
-    let read_request_id = mcp
-        .send_fs_read_file_request(codex_app_server_protocol::FsReadFileParams {
-            path: absolute_path(nested_file.clone()),
-        })
-        .await?;
-    let read_response: FsReadFileResponse = to_response(
-        timeout(
-            DEFAULT_READ_TIMEOUT,
-            mcp.read_stream_until_response_message(RequestId::Integer(read_request_id)),
-        )
-        .await??,
-    )?;
-    assert_eq!(
-        read_response,
-        FsReadFileResponse {
-            data_base64: STANDARD.encode("hello from app-server"),
-        }
-    );
-
-    let copy_file_request_id = mcp
-        .send_fs_copy_request(FsCopyParams {
-            source_path: absolute_path(nested_file.clone()),
-            destination_path: absolute_path(copy_file_path.clone()),
-            recursive: false,
-        })
-        .await?;
-    timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(copy_file_request_id)),
-    )
-    .await??;
-    assert_eq!(
-        std::fs::read_to_string(&copy_file_path)?,
-        "hello from app-server"
-    );
-
-    let copy_dir_request_id = mcp
-        .send_fs_copy_request(FsCopyParams {
-            source_path: absolute_path(source_dir.clone()),
-            destination_path: absolute_path(copied_dir.clone()),
-            recursive: true,
-        })
-        .await?;
-    timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(copy_dir_request_id)),
-    )
-    .await??;
-    assert_eq!(
-        std::fs::read_to_string(copied_dir.join("nested").join("note.txt"))?,
-        "hello from app-server"
-    );
-
-    let read_directory_request_id = mcp
-        .send_fs_read_directory_request(codex_app_server_protocol::FsReadDirectoryParams {
-            path: absolute_path(source_dir.clone()),
-        })
-        .await?;
-    let readdir_response = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(read_directory_request_id)),
-    )
-    .await??;
-    let mut entries =
-        to_response::<codex_app_server_protocol::FsReadDirectoryResponse>(readdir_response)?
-            .entries;
-    entries.sort_by(|left, right| left.file_name.cmp(&right.file_name));
-    assert_eq!(
-        entries,
-        vec![
-            FsReadDirectoryEntry {
-                file_name: "nested".to_string(),
-                is_directory: true,
-                is_file: false,
-            },
-            FsReadDirectoryEntry {
-                file_name: "root.txt".to_string(),
-                is_directory: false,
-                is_file: true,
-            },
-        ]
-    );
-
-    let remove_request_id = mcp
-        .send_fs_remove_request(codex_app_server_protocol::FsRemoveParams {
-            path: absolute_path(copied_dir.clone()),
-            recursive: None,
-            force: None,
-        })
-        .await?;
-    timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(remove_request_id)),
-    )
-    .await??;
-    assert!(
-        !copied_dir.exists(),
-        "fs/remove should default to recursive+force for directory trees"
-    );
-
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_write_file_accepts_base64_bytes() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let file_path = codex_home.path().join("blob.bin");
-    let bytes = [0_u8, 1, 2, 255];
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-    let write_request_id = mcp
-        .send_fs_write_file_request(FsWriteFileParams {
-            path: absolute_path(file_path.clone()),
-            data_base64: STANDARD.encode(bytes),
-        })
-        .await?;
-    timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(write_request_id)),
-    )
-    .await??;
-    assert_eq!(std::fs::read(&file_path)?, bytes);
-
-    let read_request_id = mcp
-        .send_fs_read_file_request(codex_app_server_protocol::FsReadFileParams {
-            path: absolute_path(file_path),
-        })
-        .await?;
-    let read_response: FsReadFileResponse = to_response(
-        timeout(
-            DEFAULT_READ_TIMEOUT,
-            mcp.read_stream_until_response_message(RequestId::Integer(read_request_id)),
-        )
-        .await??,
-    )?;
-    assert_eq!(
-        read_response,
-        FsReadFileResponse {
-            data_base64: STANDARD.encode(bytes),
-        }
-    );
-
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_write_file_rejects_invalid_base64() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let file_path = codex_home.path().join("blob.bin");
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-    let request_id = mcp
-        .send_fs_write_file_request(FsWriteFileParams {
-            path: absolute_path(file_path),
-            data_base64: "%%%".to_string(),
-        })
-        .await?;
-    let error = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_error_message(RequestId::Integer(request_id)),
-    )
-    .await??;
-    assert!(
-        error
-            .error
-            .message
-            .starts_with("fs/writeFile requires valid base64 dataBase64:"),
-        "unexpected error message: {}",
-        error.error.message
-    );
-
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_methods_reject_relative_paths() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let absolute_file = codex_home.path().join("absolute.txt");
-    std::fs::write(&absolute_file, "hello")?;
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-
-    let read_id = mcp
-        .send_raw_request("fs/readFile", Some(json!({ "path": "relative.txt" })))
-        .await?;
-    expect_error_message(
-        &mut mcp,
-        read_id,
-        "Invalid request: AbsolutePathBuf deserialized without a base path",
-    )
-    .await?;
-
-    let write_id = mcp
-        .send_raw_request(
-            "fs/writeFile",
-            Some(json!({
-                "path": "relative.txt",
-                "dataBase64": STANDARD.encode("hello"),
-            })),
-        )
-        .await?;
-    expect_error_message(
-        &mut mcp,
-        write_id,
-        "Invalid request: AbsolutePathBuf deserialized without a base path",
-    )
-    .await?;
-
-    let create_directory_id = mcp
-        .send_raw_request(
-            "fs/createDirectory",
-            Some(json!({
-                "path": "relative-dir",
-                "recursive": null,
-            })),
-        )
-        .await?;
-    expect_error_message(
-        &mut mcp,
-        create_directory_id,
-        "Invalid request: AbsolutePathBuf deserialized without a base path",
-    )
-    .await?;
-
-    let get_metadata_id = mcp
-        .send_raw_request("fs/getMetadata", Some(json!({ "path": "relative.txt" })))
-        .await?;
-    expect_error_message(
-        &mut mcp,
-        get_metadata_id,
-        "Invalid request: AbsolutePathBuf deserialized without a base path",
-    )
-    .await?;
-
-    let read_directory_id = mcp
-        .send_raw_request("fs/readDirectory", Some(json!({ "path": "relative-dir" })))
-        .await?;
-    expect_error_message(
-        &mut mcp,
-        read_directory_id,
-        "Invalid request: AbsolutePathBuf deserialized without a base path",
-    )
-    .await?;
-
-    let remove_id = mcp
-        .send_raw_request(
-            "fs/remove",
-            Some(json!({
-                "path": "relative.txt",
-                "recursive": null,
-                "force": null,
-            })),
-        )
-        .await?;
-    expect_error_message(
-        &mut mcp,
-        remove_id,
-        "Invalid request: AbsolutePathBuf deserialized without a base path",
-    )
-    .await?;
-
-    let copy_source_id = mcp
-        .send_raw_request(
-            "fs/copy",
-            Some(json!({
-                "sourcePath": "relative.txt",
-                "destinationPath": absolute_file.clone(),
-                "recursive": false,
-            })),
-        )
-        .await?;
-    expect_error_message(
-        &mut mcp,
-        copy_source_id,
-        "Invalid request: AbsolutePathBuf deserialized without a base path",
-    )
-    .await?;
-
-    let copy_destination_id = mcp
-        .send_raw_request(
-            "fs/copy",
-            Some(json!({
-                "sourcePath": absolute_file,
-                "destinationPath": "relative-copy.txt",
-                "recursive": false,
-            })),
-        )
-        .await?;
-    expect_error_message(
-        &mut mcp,
-        copy_destination_id,
-        "Invalid request: AbsolutePathBuf deserialized without a base path",
-    )
-    .await?;
-
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_copy_rejects_directory_without_recursive() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let source_dir = codex_home.path().join("source");
-    std::fs::create_dir_all(&source_dir)?;
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-    let request_id = mcp
-        .send_fs_copy_request(FsCopyParams {
-            source_path: absolute_path(source_dir),
-            destination_path: absolute_path(codex_home.path().join("dest")),
-            recursive: false,
-        })
-        .await?;
-    let error = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_error_message(RequestId::Integer(request_id)),
-    )
-    .await??;
-    assert_eq!(
-        error.error.message,
-        "fs/copy requires recursive: true when sourcePath is a directory"
-    );
-
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_copy_rejects_copying_directory_into_descendant() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let source_dir = codex_home.path().join("source");
-    std::fs::create_dir_all(source_dir.join("nested"))?;
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-    let request_id = mcp
-        .send_fs_copy_request(FsCopyParams {
-            source_path: absolute_path(source_dir.clone()),
-            destination_path: absolute_path(source_dir.join("nested").join("copy")),
-            recursive: true,
-        })
-        .await?;
-    let error = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_error_message(RequestId::Integer(request_id)),
-    )
-    .await??;
-    assert_eq!(
-        error.error.message,
-        "fs/copy cannot copy a directory to itself or one of its descendants"
-    );
-
-    Ok(())
-}
-
-#[cfg(unix)]
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_copy_preserves_symlinks_in_recursive_copy() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let source_dir = codex_home.path().join("source");
-    let nested_dir = source_dir.join("nested");
-    let copied_dir = codex_home.path().join("copied");
-    std::fs::create_dir_all(&nested_dir)?;
-    symlink("nested", source_dir.join("nested-link"))?;
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-    let request_id = mcp
-        .send_fs_copy_request(FsCopyParams {
-            source_path: absolute_path(source_dir),
-            destination_path: absolute_path(copied_dir.clone()),
-            recursive: true,
-        })
-        .await?;
-    timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
-    )
-    .await??;
-
-    let copied_link = copied_dir.join("nested-link");
-    let metadata = std::fs::symlink_metadata(&copied_link)?;
-    assert!(metadata.file_type().is_symlink());
-    assert_eq!(std::fs::read_link(copied_link)?, PathBuf::from("nested"));
-
-    Ok(())
-}
-
-#[cfg(unix)]
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_copy_ignores_unknown_special_files_in_recursive_copy() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let source_dir = codex_home.path().join("source");
-    let copied_dir = codex_home.path().join("copied");
-    std::fs::create_dir_all(&source_dir)?;
-    std::fs::write(source_dir.join("note.txt"), "hello")?;
-    let fifo_path = source_dir.join("named-pipe");
-    let output = Command::new("mkfifo").arg(&fifo_path).output()?;
-    if !output.status.success() {
-        anyhow::bail!(
-            "mkfifo failed: stdout={} stderr={}",
-            String::from_utf8_lossy(&output.stdout).trim(),
-            String::from_utf8_lossy(&output.stderr).trim()
-        );
-    }
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-    let request_id = mcp
-        .send_fs_copy_request(FsCopyParams {
-            source_path: absolute_path(source_dir),
-            destination_path: absolute_path(copied_dir.clone()),
-            recursive: true,
-        })
-        .await?;
-    timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
-    )
-    .await??;
-
-    assert_eq!(
-        std::fs::read_to_string(copied_dir.join("note.txt"))?,
-        "hello"
-    );
-    assert!(!copied_dir.join("named-pipe").exists());
-
-    Ok(())
-}
-
-#[cfg(unix)]
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn fs_copy_rejects_standalone_fifo_source() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    let fifo_path = codex_home.path().join("named-pipe");
-    let output = Command::new("mkfifo").arg(&fifo_path).output()?;
-    if !output.status.success() {
-        anyhow::bail!(
-            "mkfifo failed: stdout={} stderr={}",
-            String::from_utf8_lossy(&output.stdout).trim(),
-            String::from_utf8_lossy(&output.stderr).trim()
-        );
-    }
-
-    let mut mcp = initialized_mcp(&codex_home).await?;
-    let request_id = mcp
-        .send_fs_copy_request(FsCopyParams {
-            source_path: absolute_path(fifo_path),
-            destination_path: absolute_path(codex_home.path().join("copied")),
-            recursive: false,
-        })
-        .await?;
-    expect_error_message(
-        &mut mcp,
-        request_id,
-        "fs/copy only supports regular files, directories, and symlinks",
-    )
-    .await?;
-
-    Ok(())
-}
--- a/codex-rs/app-server/tests/suite/v2/initialize.rs
+++ b/codex-rs/app-server/tests/suite/v2/initialize.rs
@@ -46,15 +46,9 @@ async fn initialize_uses_client_info_name_as_originator() -> Result<()> {
    let JSONRPCMessage::Response(response) = message else {
        anyhow::bail!("expected initialize response, got {message:?}");
    };
-    let InitializeResponse {
-        user_agent,
-        platform_family,
-        platform_os,
-    } = to_response::<InitializeResponse>(response)?;
+    let InitializeResponse { user_agent } = to_response::<InitializeResponse>(response)?;

    assert!(user_agent.starts_with("codex_vscode/"));
-    assert_eq!(platform_family, std::env::consts::FAMILY);
-    assert_eq!(platform_os, std::env::consts::OS);
    Ok(())
 }

@@ -86,15 +80,9 @@ async fn initialize_respects_originator_override_env_var() -> Result<()> {
    let JSONRPCMessage::Response(response) = message else {
        anyhow::bail!("expected initialize response, got {message:?}");
    };
-    let InitializeResponse {
-        user_agent,
-        platform_family,
-        platform_os,
-    } = to_response::<InitializeResponse>(response)?;
+    let InitializeResponse { user_agent } = to_response::<InitializeResponse>(response)?;

    assert!(user_agent.starts_with("codex_originator_via_env_var/"));
-    assert_eq!(platform_family, std::env::consts::FAMILY);
-    assert_eq!(platform_os, std::env::consts::OS);
    Ok(())
 }

--- a/codex-rs/app-server/tests/suite/v2/mcp_server_elicitation.rs
+++ b/codex-rs/app-server/tests/suite/v2/mcp_server_elicitation.rs
@@ -66,7 +66,7 @@ const DEFAULT_READ_TIMEOUT: std::time::Duration = std::time::Duration::from_secs
 const CONNECTOR_ID: &str = "calendar";
 const CONNECTOR_NAME: &str = "Calendar";
 const TOOL_NAME: &str = "calendar_confirm_action";
-const QUALIFIED_TOOL_NAME: &str = "mcp__codex_apps__calendar_confirm_action";
+const QUALIFIED_TOOL_NAME: &str = "mcp__codex_apps__calendar-confirm-action";
 const TOOL_CALL_ID: &str = "call-calendar-confirm";
 const ELICITATION_MESSAGE: &str = "Allow this request?";

--- a/codex-rs/app-server/tests/suite/v2/mod.rs
+++ b/codex-rs/app-server/tests/suite/v2/mod.rs
@@ -12,7 +12,6 @@ mod connection_handling_websocket_unix;
 mod dynamic_tools;
 mod experimental_api;
 mod experimental_feature_list;
-mod fs;
 mod initialize;
 mod mcp_server_elicitation;
 mod model_list;
--- a/codex-rs/app-server/tests/suite/v2/plugin_install.rs
+++ b/codex-rs/app-server/tests/suite/v2/plugin_install.rs
@@ -5,9 +5,7 @@ use std::time::Duration;

 use anyhow::Result;
 use app_test_support::ChatGptAuthFixture;
-use app_test_support::DEFAULT_CLIENT_NAME;
 use app_test_support::McpProcess;
-use app_test_support::start_analytics_events_server;
 use app_test_support::to_response;
 use app_test_support::write_chatgpt_auth;
 use axum::Json;
@@ -138,85 +136,6 @@ async fn plugin_install_returns_invalid_request_for_not_available_plugin() -> Re
    Ok(())
 }

-#[tokio::test]
-async fn plugin_install_tracks_analytics_event() -> Result<()> {
-    let analytics_server = start_analytics_events_server().await?;
-    let codex_home = TempDir::new()?;
-    write_analytics_config(codex_home.path(), &analytics_server.uri())?;
-    write_chatgpt_auth(
-        codex_home.path(),
-        ChatGptAuthFixture::new("chatgpt-token")
-            .account_id("account-123")
-            .chatgpt_user_id("user-123")
-            .chatgpt_account_id("account-123"),
-        AuthCredentialsStoreMode::File,
-    )?;
-
-    let repo_root = TempDir::new()?;
-    write_plugin_marketplace(
-        repo_root.path(),
-        "debug",
-        "sample-plugin",
-        "./sample-plugin",
-        None,
-        None,
-    )?;
-    write_plugin_source(repo_root.path(), "sample-plugin", &[])?;
-    let marketplace_path =
-        AbsolutePathBuf::try_from(repo_root.path().join(".agents/plugins/marketplace.json"))?;
-
-    let mut mcp = McpProcess::new(codex_home.path()).await?;
-    timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??;
-
-    let request_id = mcp
-        .send_plugin_install_request(PluginInstallParams {
-            marketplace_path,
-            plugin_name: "sample-plugin".to_string(),
-        })
-        .await?;
-    let response: JSONRPCResponse = timeout(
-        DEFAULT_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
-    )
-    .await??;
-    let response: PluginInstallResponse = to_response(response)?;
-    assert_eq!(response.apps_needing_auth, Vec::<AppSummary>::new());
-
-    let payloads = timeout(DEFAULT_TIMEOUT, async {
-        loop {
-            let Some(requests) = analytics_server.received_requests().await else {
-                tokio::time::sleep(Duration::from_millis(25)).await;
-                continue;
-            };
-            if !requests.is_empty() {
-                break requests;
-            }
-            tokio::time::sleep(Duration::from_millis(25)).await;
-        }
-    })
-    .await?;
-    let payload: serde_json::Value =
-        serde_json::from_slice(&payloads[0].body).expect("analytics payload");
-    assert_eq!(
-        payload,
-        json!({
-            "events": [{
-                "event_type": "codex_plugin_installed",
-                "event_params": {
-                    "plugin_id": "sample-plugin@debug",
-                    "plugin_name": "sample-plugin",
-                    "marketplace_name": "debug",
-                    "has_skills": false,
-                    "mcp_server_count": 0,
-                    "connector_ids": [],
-                    "product_client_id": DEFAULT_CLIENT_NAME,
-                }
-            }]
-        })
-    );
-    Ok(())
-}
-
 #[tokio::test]
 async fn plugin_install_returns_apps_needing_auth() -> Result<()> {
    let connectors = vec![
@@ -542,13 +461,6 @@ connectors = true
    )
 }

-fn write_analytics_config(codex_home: &std::path::Path, base_url: &str) -> std::io::Result<()> {
-    std::fs::write(
-        codex_home.join("config.toml"),
-        format!("chatgpt_base_url = \"{base_url}\"\n"),
-    )
-}
-
 fn write_plugin_marketplace(
    repo_root: &std::path::Path,
    marketplace_name: &str,
--- a/codex-rs/app-server/tests/suite/v2/plugin_uninstall.rs
+++ b/codex-rs/app-server/tests/suite/v2/plugin_uninstall.rs
@@ -1,19 +1,13 @@
 use std::time::Duration;

 use anyhow::Result;
-use app_test_support::ChatGptAuthFixture;
-use app_test_support::DEFAULT_CLIENT_NAME;
 use app_test_support::McpProcess;
-use app_test_support::start_analytics_events_server;
 use app_test_support::to_response;
-use app_test_support::write_chatgpt_auth;
 use codex_app_server_protocol::JSONRPCResponse;
 use codex_app_server_protocol::PluginUninstallParams;
 use codex_app_server_protocol::PluginUninstallResponse;
 use codex_app_server_protocol::RequestId;
-use codex_core::auth::AuthCredentialsStoreMode;
 use pretty_assertions::assert_eq;
-use serde_json::json;
 use tempfile::TempDir;
 use tokio::time::timeout;

@@ -70,78 +64,6 @@ enabled = true
    Ok(())
 }

-#[tokio::test]
-async fn plugin_uninstall_tracks_analytics_event() -> Result<()> {
-    let analytics_server = start_analytics_events_server().await?;
-    let codex_home = TempDir::new()?;
-    write_installed_plugin(&codex_home, "debug", "sample-plugin")?;
-    std::fs::write(
-        codex_home.path().join("config.toml"),
-        format!(
-            "chatgpt_base_url = \"{}\"\n\n[features]\nplugins = true\n\n[plugins.\"sample-plugin@debug\"]\nenabled = true\n",
-            analytics_server.uri()
-        ),
-    )?;
-    write_chatgpt_auth(
-        codex_home.path(),
-        ChatGptAuthFixture::new("chatgpt-token")
-            .account_id("account-123")
-            .chatgpt_user_id("user-123")
-            .chatgpt_account_id("account-123"),
-        AuthCredentialsStoreMode::File,
-    )?;
-
-    let mut mcp = McpProcess::new(codex_home.path()).await?;
-    timeout(DEFAULT_TIMEOUT, mcp.initialize()).await??;
-
-    let request_id = mcp
-        .send_plugin_uninstall_request(PluginUninstallParams {
-            plugin_id: "sample-plugin@debug".to_string(),
-        })
-        .await?;
-    let response: JSONRPCResponse = timeout(
-        DEFAULT_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(request_id)),
-    )
-    .await??;
-    let response: PluginUninstallResponse = to_response(response)?;
-    assert_eq!(response, PluginUninstallResponse {});
-
-    let payloads = timeout(DEFAULT_TIMEOUT, async {
-        loop {
-            let Some(requests) = analytics_server.received_requests().await else {
-                tokio::time::sleep(Duration::from_millis(25)).await;
-                continue;
-            };
-            if !requests.is_empty() {
-                break requests;
-            }
-            tokio::time::sleep(Duration::from_millis(25)).await;
-        }
-    })
-    .await?;
-    let payload: serde_json::Value =
-        serde_json::from_slice(&payloads[0].body).expect("analytics payload");
-    assert_eq!(
-        payload,
-        json!({
-            "events": [{
-                "event_type": "codex_plugin_uninstalled",
-                "event_params": {
-                    "plugin_id": "sample-plugin@debug",
-                    "plugin_name": "sample-plugin",
-                    "marketplace_name": "debug",
-                    "has_skills": false,
-                    "mcp_server_count": 0,
-                    "connector_ids": [],
-                    "product_client_id": DEFAULT_CLIENT_NAME,
-                }
-            }]
-        })
-    );
-    Ok(())
-}
-
 fn write_installed_plugin(
    codex_home: &TempDir,
    marketplace_name: &str,
--- a/codex-rs/app-server/tests/suite/v2/realtime_conversation.rs
+++ b/codex-rs/app-server/tests/suite/v2/realtime_conversation.rs
@@ -51,7 +51,7 @@ async fn realtime_conversation_streams_v2_notifications() -> Result<()> {
        vec![],
        vec![
            json!({
-                "type": "response.output_audio.delta",
+                "type": "conversation.output_audio.delta",
                "delta": "AQID",
                "sample_rate": 24_000,
                "channels": 1,
@@ -403,10 +403,6 @@ sandbox_mode = "read-only"
 model_provider = "mock_provider"
 experimental_realtime_ws_base_url = "{realtime_server_uri}"

-[realtime]
-version = "v2"
-type = "conversational"
-
 [features]
 {realtime_feature_key} = {realtime_enabled}

--- a/codex-rs/app-server/tests/suite/v2/skills_list.rs
+++ b/codex-rs/app-server/tests/suite/v2/skills_list.rs
@@ -233,7 +233,6 @@ async fn skills_changed_notification_is_emitted_after_skill_change() -> Result<(
            service_tier: None,
            cwd: None,
            approval_policy: None,
-            approvals_reviewer: None,
            sandbox: None,
            config: None,
            service_name: None,
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Gabriel Cohen	3483340191	Add codex exec commit attribution tests Co-authored-by: Codex <noreply@openai.com>	2026-03-13 15:32:58 -07:00
Gabriel Cohen	dbb891a65f	Preserve user commit hooks during attribution Co-authored-by: Codex <noreply@openai.com>	2026-03-13 15:00:47 -07:00
Gabriel Cohen	d88711f189	Use git hooks for commit attribution Co-authored-by: Codex <noreply@openai.com>	2026-03-13 14:26:22 -07:00