functions return either path or content, therefore function returning content re-use path functions

We should only take last request size (in tokens) into account

codex-cli/src/components/chat/terminal-chat-input.tsx

@@ -854,7 +854,7 @@ export default function TerminalChatInput({
           />
         ) : (
           <Text dimColor>
-            ctrl+c to exit | "/" to see commands | enter to send
+            Ctrl+C to exit | "/" to see commands | Enter to send
             {contextLeftPercent > 25 && (
               <>
                 {" — "}

codex-cli/src/components/help-overlay.tsx

@@ -96,7 +96,7 @@ export default function HelpOverlay({
       </Box>
 
       <Box paddingX={1}>
-        <Text dimColor>esc or q to close</Text>
+        <Text dimColor>Esc or q to close</Text>
       </Box>
     </Box>
   );

codex-cli/src/utils/get-api-key-components.tsx

@@ -68,7 +68,7 @@ export function WaitingForAuth(): JSX.Element {
       <Spinner type="ball" />
       <Text>
         {" "}
-        Waiting for authentication… <Text dimColor>ctrl + c to quit</Text>
+        Waiting for authentication… <Text dimColor>Ctrl + C to quit</Text>
       </Text>
     </Box>
   );

codex-rs/Cargo.lock

@@ -792,11 +792,14 @@ dependencies = [
 name = "codex-login"
 version = "0.0.0"
 dependencies = [
+ "base64 0.22.1",
  "chrono",
+ "pretty_assertions",
  "reqwest",
  "serde",
  "serde_json",
  "tempfile",
+ "thiserror 2.0.12",
  "tokio",
 ]
 
@@ -873,6 +876,7 @@ dependencies = [
  "codex-ollama",
  "color-eyre",
  "crossterm",
+ "diffy",
  "image",
  "insta",
  "lazy_static",
@@ -1255,6 +1259,15 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6184e33543162437515c2e2b48714794e37845ec9851711914eec9d308f6ebe8"
 
+[[package]]
+name = "diffy"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b545b8c50194bdd008283985ab0b31dba153cfd5b3066a92770634fbc0d7d291"
+dependencies = [
+ "nu-ansi-term 0.50.1",
+]
+
 [[package]]
 name = "digest"
 version = "0.10.7"
@@ -1493,7 +1506,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "778e2ac28f6c47af28e4907f13ffd1e1ddbd400980a9abd7c8df189bf578a5ad"
 dependencies = [
  "libc",
- "windows-sys 0.52.0",
+ "windows-sys 0.60.2",
 ]
 
 [[package]]
@@ -1573,7 +1586,7 @@ checksum = "0ce92ff622d6dadf7349484f42c93271a0d49b7cc4d466a936405bacbe10aa78"
 dependencies = [
  "cfg-if",
  "rustix 1.0.8",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -2356,7 +2369,7 @@ checksum = "e04d7f318608d35d4b61ddd75cbdaee86b023ebe2bd5a66ee0915f0bf93095a9"
 dependencies = [
  "hermit-abi",
  "libc",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -2832,6 +2845,15 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "nu-ansi-term"
+version = "0.50.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d4a28e057d01f97e61255210fcff094d74ed0466038633e95017f5beb68e4399"
+dependencies = [
+ "windows-sys 0.52.0",
+]
+
 [[package]]
 name = "nucleo-matcher"
 version = "0.3.1"
@@ -3740,7 +3762,7 @@ dependencies = [
  "errno",
  "libc",
  "linux-raw-sys 0.4.15",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -3753,7 +3775,7 @@ dependencies = [
  "errno",
  "libc",
  "linux-raw-sys 0.9.4",
- "windows-sys 0.52.0",
+ "windows-sys 0.60.2",
 ]
 
 [[package]]
@@ -4519,7 +4541,7 @@ dependencies = [
  "getrandom 0.3.3",
  "once_cell",
  "rustix 1.0.8",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -4960,7 +4982,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e8189decb5ac0fa7bc8b96b7cb9b2701d60d48805aca84a238004d665fcc4008"
 dependencies = [
  "matchers",
- "nu-ansi-term",
+ "nu-ansi-term 0.46.0",
  "once_cell",
  "regex",
  "sharded-slab",
@@ -5378,7 +5400,7 @@ version = "0.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
 dependencies = [
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]

codex-rs/cli/src/login.rs

@@ -8,6 +8,7 @@ use codex_login::OPENAI_API_KEY_ENV_VAR;
 use codex_login::load_auth;
 use codex_login::login_with_api_key;
 use codex_login::login_with_chatgpt;
+use codex_login::logout;
 
 pub async fn run_login_with_chatgpt(cli_config_overrides: CliConfigOverrides) -> ! {
     let config = load_config_or_exit(cli_config_overrides);
@@ -80,6 +81,25 @@ pub async fn run_login_status(cli_config_overrides: CliConfigOverrides) -> ! {
     }
 }
 
+pub async fn run_logout(cli_config_overrides: CliConfigOverrides) -> ! {
+    let config = load_config_or_exit(cli_config_overrides);
+
+    match logout(&config.codex_home) {
+        Ok(true) => {
+            eprintln!("Successfully logged out");
+            std::process::exit(0);
+        }
+        Ok(false) => {
+            eprintln!("Not logged in");
+            std::process::exit(0);
+        }
+        Err(e) => {
+            eprintln!("Error logging out: {e}");
+            std::process::exit(1);
+        }
+    }
+}
+
 fn load_config_or_exit(cli_config_overrides: CliConfigOverrides) -> Config {
     let cli_overrides = match cli_config_overrides.parse_overrides() {
         Ok(v) => v,

codex-rs/cli/src/main.rs

@@ -10,6 +10,7 @@ use codex_cli::SeatbeltCommand;
 use codex_cli::login::run_login_status;
 use codex_cli::login::run_login_with_api_key;
 use codex_cli::login::run_login_with_chatgpt;
+use codex_cli::login::run_logout;
 use codex_cli::proto;
 use codex_common::CliConfigOverrides;
 use codex_exec::Cli as ExecCli;
@@ -48,6 +49,9 @@ enum Subcommand {
     /// Manage login.
     Login(LoginCommand),
 
+    /// Remove stored authentication credentials.
+    Logout(LogoutCommand),
+
     /// Experimental: run Codex as an MCP server.
     Mcp,
 
@@ -106,6 +110,12 @@ enum LoginSubcommand {
     Status,
 }
 
+#[derive(Debug, Parser)]
+struct LogoutCommand {
+    #[clap(skip)]
+    config_overrides: CliConfigOverrides,
+}
+
 fn main() -> anyhow::Result<()> {
     arg0_dispatch_or_else(|codex_linux_sandbox_exe| async move {
         cli_main(codex_linux_sandbox_exe).await?;
@@ -147,6 +157,10 @@ async fn cli_main(codex_linux_sandbox_exe: Option<PathBuf>) -> anyhow::Result<()
                 }
             }
         }
+        Some(Subcommand::Logout(mut logout_cli)) => {
+            prepend_config_flags(&mut logout_cli.config_overrides, cli.config_overrides);
+            run_logout(logout_cli.config_overrides).await;
+        }
         Some(Subcommand::Proto(mut proto_cli)) => {
             prepend_config_flags(&mut proto_cli.config_overrides, cli.config_overrides);
             proto::run_main(proto_cli).await?;

codex-rs/common/src/fuzzy_match.rs

@@ -0,0 +1,177 @@
+/// Simple case-insensitive subsequence matcher used for fuzzy filtering.
+///
+/// Returns the indices (character positions) of the matched characters in the
+/// ORIGINAL `haystack` string and a score where smaller is better.
+///
+/// Unicode correctness: we perform the match on a lowercased copy of the
+/// haystack and needle but maintain a mapping from each character in the
+/// lowercased haystack back to the original character index in `haystack`.
+/// This ensures the returned indices can be safely used with
+/// `str::chars().enumerate()` consumers for highlighting, even when
+/// lowercasing expands certain characters (e.g., ß → ss, İ → i̇).
+pub fn fuzzy_match(haystack: &str, needle: &str) -> Option<(Vec<usize>, i32)> {
+    if needle.is_empty() {
+        return Some((Vec::new(), i32::MAX));
+    }
+
+    let mut lowered_chars: Vec<char> = Vec::new();
+    let mut lowered_to_orig_char_idx: Vec<usize> = Vec::new();
+    for (orig_idx, ch) in haystack.chars().enumerate() {
+        for lc in ch.to_lowercase() {
+            lowered_chars.push(lc);
+            lowered_to_orig_char_idx.push(orig_idx);
+        }
+    }
+
+    let lowered_needle: Vec<char> = needle.to_lowercase().chars().collect();
+
+    let mut result_orig_indices: Vec<usize> = Vec::with_capacity(lowered_needle.len());
+    let mut last_lower_pos: Option<usize> = None;
+    let mut cur = 0usize;
+    for &nc in lowered_needle.iter() {
+        let mut found_at: Option<usize> = None;
+        while cur < lowered_chars.len() {
+            if lowered_chars[cur] == nc {
+                found_at = Some(cur);
+                cur += 1;
+                break;
+            }
+            cur += 1;
+        }
+        let pos = found_at?;
+        result_orig_indices.push(lowered_to_orig_char_idx[pos]);
+        last_lower_pos = Some(pos);
+    }
+
+    let first_lower_pos = if result_orig_indices.is_empty() {
+        0usize
+    } else {
+        let target_orig = result_orig_indices[0];
+        lowered_to_orig_char_idx
+            .iter()
+            .position(|&oi| oi == target_orig)
+            .unwrap_or(0)
+    };
+    // last defaults to first for single-hit; score = extra span between first/last hit
+    // minus needle len (≥0).
+    // Strongly reward prefix matches by subtracting 100 when the first hit is at index 0.
+    let last_lower_pos = last_lower_pos.unwrap_or(first_lower_pos);
+    let window =
+        (last_lower_pos as i32 - first_lower_pos as i32 + 1) - (lowered_needle.len() as i32);
+    let mut score = window.max(0);
+    if first_lower_pos == 0 {
+        score -= 100;
+    }
+
+    result_orig_indices.sort_unstable();
+    result_orig_indices.dedup();
+    Some((result_orig_indices, score))
+}
+
+/// Convenience wrapper to get only the indices for a fuzzy match.
+pub fn fuzzy_indices(haystack: &str, needle: &str) -> Option<Vec<usize>> {
+    fuzzy_match(haystack, needle).map(|(mut idx, _)| {
+        idx.sort_unstable();
+        idx.dedup();
+        idx
+    })
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn ascii_basic_indices() {
+        let (idx, score) = match fuzzy_match("hello", "hl") {
+            Some(v) => v,
+            None => panic!("expected a match"),
+        };
+        assert_eq!(idx, vec![0, 2]);
+        // 'h' at 0, 'l' at 2 -> window 1; start-of-string bonus applies (-100)
+        assert_eq!(score, -99);
+    }
+
+    #[test]
+    fn unicode_dotted_i_istanbul_highlighting() {
+        let (idx, score) = match fuzzy_match("İstanbul", "is") {
+            Some(v) => v,
+            None => panic!("expected a match"),
+        };
+        assert_eq!(idx, vec![0, 1]);
+        // Matches at lowered positions 0 and 2 -> window 1; start-of-string bonus applies
+        assert_eq!(score, -99);
+    }
+
+    #[test]
+    fn unicode_german_sharp_s_casefold() {
+        assert!(fuzzy_match("straße", "strasse").is_none());
+    }
+
+    #[test]
+    fn prefer_contiguous_match_over_spread() {
+        let (_idx_a, score_a) = match fuzzy_match("abc", "abc") {
+            Some(v) => v,
+            None => panic!("expected a match"),
+        };
+        let (_idx_b, score_b) = match fuzzy_match("a-b-c", "abc") {
+            Some(v) => v,
+            None => panic!("expected a match"),
+        };
+        // Contiguous window -> 0; start-of-string bonus -> -100
+        assert_eq!(score_a, -100);
+        // Spread over 5 chars for 3-letter needle -> window 2; with bonus -> -98
+        assert_eq!(score_b, -98);
+        assert!(score_a < score_b);
+    }
+
+    #[test]
+    fn start_of_string_bonus_applies() {
+        let (_idx_a, score_a) = match fuzzy_match("file_name", "file") {
+            Some(v) => v,
+            None => panic!("expected a match"),
+        };
+        let (_idx_b, score_b) = match fuzzy_match("my_file_name", "file") {
+            Some(v) => v,
+            None => panic!("expected a match"),
+        };
+        // Start-of-string contiguous -> window 0; bonus -> -100
+        assert_eq!(score_a, -100);
+        // Non-prefix contiguous -> window 0; no bonus -> 0
+        assert_eq!(score_b, 0);
+        assert!(score_a < score_b);
+    }
+
+    #[test]
+    fn empty_needle_matches_with_max_score_and_no_indices() {
+        let (idx, score) = match fuzzy_match("anything", "") {
+            Some(v) => v,
+            None => panic!("empty needle should match"),
+        };
+        assert!(idx.is_empty());
+        assert_eq!(score, i32::MAX);
+    }
+
+    #[test]
+    fn case_insensitive_matching_basic() {
+        let (idx, score) = match fuzzy_match("FooBar", "foO") {
+            Some(v) => v,
+            None => panic!("expected a match"),
+        };
+        assert_eq!(idx, vec![0, 1, 2]);
+        // Contiguous prefix match (case-insensitive) -> window 0 with bonus
+        assert_eq!(score, -100);
+    }
+
+    #[test]
+    fn indices_are_deduped_for_multichar_lowercase_expansion() {
+        let needle = "\u{0069}\u{0307}"; // "i" + combining dot above
+        let (idx, score) = match fuzzy_match("İ", needle) {
+            Some(v) => v,
+            None => panic!("expected a match"),
+        };
+        assert_eq!(idx, vec![0]);
+        // Lowercasing 'İ' expands to two chars; contiguous prefix -> window 0 with bonus
+        assert_eq!(score, -100);
+    }
+}

codex-rs/common/src/lib.rs

@@ -27,3 +27,5 @@ pub use sandbox_summary::summarize_sandbox_policy;
 mod config_summary;
 
 pub use config_summary::create_config_summary_entries;
+// Shared fuzzy matcher (used by TUI selection popups and other UI filtering)
+pub mod fuzzy_match;

codex-rs/common/src/sandbox_summary.rs

@@ -7,22 +7,26 @@ pub fn summarize_sandbox_policy(sandbox_policy: &SandboxPolicy) -> String {
         SandboxPolicy::WorkspaceWrite {
             writable_roots,
             network_access,
-            include_default_writable_roots,
+            exclude_tmpdir_env_var,
+            exclude_slash_tmp,
         } => {
             let mut summary = "workspace-write".to_string();
-            if !writable_roots.is_empty() {
-                summary.push_str(&format!(
-                    " [{}]",
-                    writable_roots
-                        .iter()
-                        .map(|p| p.to_string_lossy())
-                        .collect::<Vec<_>>()
-                        .join(", ")
-                ));
+
+            let mut writable_entries = Vec::<String>::new();
+            writable_entries.push("workdir".to_string());
+            if !*exclude_slash_tmp {
+                writable_entries.push("/tmp".to_string());
             }
-            if !*include_default_writable_roots {
-                summary.push_str(" (exact writable roots)");
+            if !*exclude_tmpdir_env_var {
+                writable_entries.push("$TMPDIR".to_string());
             }
+            writable_entries.extend(
+                writable_roots
+                    .iter()
+                    .map(|p| p.to_string_lossy().to_string()),
+            );
+
+            summary.push_str(&format!(" [{}]", writable_entries.join(", ")));
             if *network_access {
                 summary.push_str(" (network access enabled)");
             }

codex-rs/config.md

@@ -275,9 +275,12 @@ sandbox_mode = "workspace-write"
 
 # Extra settings that only apply when `sandbox = "workspace-write"`.
 [sandbox_workspace_write]
-# By default, only the cwd for the Codex session will be writable (and $TMPDIR
-# on macOS), but you can specify additional writable folders in this array.
-writable_roots = ["/tmp"]
+# By default, the cwd for the Codex session will be writable as well as $TMPDIR
+# (if set) and /tmp (if it exists). Setting the respective options to `true`
+# will override those defaults.
+exclude_tmpdir_env_var = false
+exclude_slash_tmp = false
+
 # Allow the command being run inside the sandbox to make outbound network
 # requests. Disabled by default.
 network_access = false
@@ -336,12 +339,11 @@ disable_response_storage = true
 
 ## shell_environment_policy
 
-Codex spawns subprocesses (e.g. when executing a `local_shell` tool-call suggested by the assistant). By default it passes **only a minimal core subset** of your environment to those subprocesses to avoid leaking credentials. You can tune this behavior via the **`shell_environment_policy`** block in
-`config.toml`:
+Codex spawns subprocesses (e.g. when executing a `local_shell` tool-call suggested by the assistant). By default it now passes **your full environment** to those subprocesses. You can tune this behavior via the **`shell_environment_policy`** block in `config.toml`:
 
 ```toml
 [shell_environment_policy]
-# inherit can be "core" (default), "all", or "none"
+# inherit can be "all" (default), "core", or "none"
 inherit = "core"
 # set to true to *skip* the filter for `"*KEY*"` and `"*TOKEN*"`
 ignore_default_excludes = false
@@ -355,7 +357,7 @@ include_only = ["PATH", "HOME"]
 
 | Field                     | Type                       | Default | Description                                                                                                                                     |
 | ------------------------- | -------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
-| `inherit`                 | string                     | `core`  | Starting template for the environment:<br>`core` (`HOME`, `PATH`, `USER`, …), `all` (clone full parent env), or `none` (start empty).           |
+| `inherit`                 | string                     | `all`   | Starting template for the environment:<br>`all` (clone full parent env), `core` (`HOME`, `PATH`, `USER`, …), or `none` (start empty).           |
 | `ignore_default_excludes` | boolean                    | `false` | When `false`, Codex removes any var whose **name** contains `KEY`, `SECRET`, or `TOKEN` (case-insensitive) before other rules run.              |
 | `exclude`                 | array&lt;string&gt;        | `[]`    | Case-insensitive glob patterns to drop after the default filter.<br>Examples: `"AWS_*"`, `"AZURE_*"`.                                           |
 | `set`                     | table&lt;string,string&gt; | `{}`    | Explicit key/value overrides or additions – always win over inherited values.                                                                   |

codex-rs/core/prompt.md

@@ -1,69 +1,273 @@
-You are operating as and within the Codex CLI, an open-source, terminal-based agentic coding assistant built by OpenAI. It wraps OpenAI models to enable natural language interaction with a local codebase. You are expected to be precise, safe, and helpful.
+You are a coding agent running in the Codex CLI, a terminal-based coding assistant. Codex CLI is an open source project led by OpenAI. You are expected to be precise, safe, and helpful.
 
 Your capabilities:
-- Receive user prompts, project context, and files.
-- Stream responses and emit function calls (e.g., shell commands, code edits).
-- Run commands, like apply_patch, and manage user approvals based on policy.
-- Work inside a workspace with sandboxing instructions specified by the policy described in (## Sandbox environment and approval instructions)
+- Receive user prompts and other context provided by the harness, such as files in the workspace.
+- Communicate with the user by streaming thinking & responses, and by making & updating plans.
+- Emit function calls to run terminal commands and apply patches. Depending on how this specific run is configured, you can request that these function calls be escalated to the user for approval before running. More on this in the "Sandbox and approvals" section.
 
 Within this context, Codex refers to the open-source agentic coding interface (not the old Codex language model built by OpenAI).
 
-## General guidelines
-As a deployed coding agent, please continue working on the user's task until their query is resolved, before ending your turn and yielding back to the user. Only terminate your turn when you are sure that the task is solved. If you are not sure about file content or codebase structure pertaining to the user's request, use your tools to read files and gather the relevant information. Do NOT guess or make up an answer.
+# How you work
 
-After a user sends their first message, you should immediately provide a brief message acknowledging their request to set the tone and expectation of future work to be done (no more than 8-10 words). This should be done before performing work like exploring the codebase, writing or reading files, or other tool calls needed to complete the task. Use a natural, collaborative tone similar to how a teammate would receive a task during a pair programming session.
+## Personality
 
-Please resolve the user's task by editing the code files in your current code execution session. Your session allows for you to modify and run code. The repo(s) are already cloned in your working directory, and you must fully solve the problem for your answer to be considered correct.
+Your default personality and tone is concise, direct, and friendly. You communicate efficiently, always keeping the user clearly informed about ongoing actions without unnecessary detail. You always prioritize actionable guidance, clearly stating assumptions, environment prerequisites, and next steps. Unless explicitly asked, you avoid excessively verbose explanations about your work.
 
-### Task execution
-You MUST adhere to the following criteria when executing the task:
+## Responsiveness
 
+### Preamble messages
+
+Before making tool calls, send a brief preamble to the user explaining what you’re about to do. When sending preamble messages, follow these principles and examples:
+
+- **Logically group related actions**: if you’re about to run several related commands, describe them together in one preamble rather than sending a separate note for each.
+- **Keep it concise**: be no more than 1-2 sentences (8–12 words for quick updates).
+- **Build on prior context**: if this is not your first tool call, use the preamble message to connect the dots with what’s been done so far and create a sense of momentum and clarity for the user to understand your next actions.
+- **Keep your tone light, friendly and curious**: add small touches of personality in preambles feel collaborative and engaging.
+
+**Examples:**
+- “I’ve explored the repo; now checking the API route definitions.”
+- “Next, I’ll patch the config and update the related tests.”
+- “I’m about to scaffold the CLI commands and helper functions.”
+- “Ok cool, so I’ve wrapped my head around the repo. Now digging into the API routes.”
+- “Config’s looking tidy. Next up is patching helpers to keep things in sync.”
+- “Finished poking at the DB gateway. I will now chase down error handling.”
+- “Alright, build pipeline order is interesting. Checking how it reports failures.”
+- “Spotted a clever caching util; now hunting where it gets used.”
+
+**Avoiding a preamble for every trivial read (e.g., `cat` a single file) unless it’s part of a larger grouped action.
+- Jumping straight into tool calls without explaining what’s about to happen.
+- Writing overly long or speculative preambles — focus on immediate, tangible next steps.
+
+## Planning
+
+You have access to an `update_plan` tool which tracks steps and progress and renders them to the user. Using the tool helps demonstrate that you've understood the task and convey how you're approaching it. Plans can help to make complex, ambiguous, or multi-phase work clearer and more collaborative for the user. A good plan should break the task into meaningful, logically ordered steps that are easy to verify as you go. Note that plans are not for padding out simple work with filler steps or stating the obvious. Do not repeat the full contents of the plan after an `update_plan` call — the harness already displays it. Instead, summarize the change made and highlight any important context or next step.
+
+Use a plan when:
+- The task is non-trivial and will require multiple actions over a long time horizon.
+- There are logical phases or dependencies where sequencing matters.
+- The work has ambiguity that benefits from outlining high-level goals.
+- You want intermediate checkpoints for feedback and validation.
+- When the user asked you to do more than one thing in a single prompt
+- The user has asked you to use the plan tool (aka "TODOs")
+- You generate additional steps while working, and plan to do them before yielding to the user
+
+Skip a plan when:
+- The task is simple and direct.
+- Breaking it down would only produce literal or trivial steps.
+
+Planning steps are called "steps" in the tool, but really they're more like tasks or TODOs. As such they should be very concise descriptions of non-obvious work that an engineer might do like "Write the API spec", then "Update the backend", then "Implement the frontend". On the other hand, it's obvious that you'll usually have to "Explore the codebase" or "Implement the changes", so those are not worth tracking in your plan.
+
+It may be the case that you complete all steps in your plan after a single pass of implementation. If this is the case, you can simply mark all the planned steps as completed. The content of your plan should not involve doing anything that you aren't capable of doing (i.e. don't try to test things that you can't test). Do not use plans for simple or single-step queries that you can just do or answer immediately.
+
+### Examples
+
+**High-quality plans**
+
+Example 1:
+
+1. Add CLI entry with file args
+2. Parse Markdown via CommonMark library
+3. Apply semantic HTML template
+4. Handle code blocks, images, links
+5. Add error handling for invalid files
+
+Example 2:
+
+1. Define CSS variables for colors
+2. Add toggle with localStorage state
+3. Refactor components to use variables
+4. Verify all views for readability
+5. Add smooth theme-change transition
+
+Example 3:
+
+1. Set up Node.js + WebSocket server
+2. Add join/leave broadcast events
+3. Implement messaging with timestamps
+4. Add usernames + mention highlighting
+5. Persist messages in lightweight DB
+6. Add typing indicators + unread count
+
+**Low-quality plans**
+
+Example 1:
+
+1. Create CLI tool
+2. Add Markdown parser
+3. Convert to HTML
+
+Example 2:
+
+1. Add dark mode toggle
+2. Save preference
+3. Make styles look good
+
+Example 3:
+
+1. Create single-file HTML game
+2. Run quick sanity check
+3. Summarize usage instructions
+
+If you need to write a plan, only write high quality plans, not low quality ones.
+
+## Task execution
+
+You are a coding agent. Please keep going until the query is completely resolved, before ending your turn and yielding back to the user. Only terminate your turn when you are sure that the problem is solved. Autonomously resolve the query to the best of your ability, using the tools available to you, before coming back to the user. Do NOT guess or make up an answer.
+
+You MUST adhere to the following criteria when solving queries:
 - Working on the repo(s) in the current environment is allowed, even if they are proprietary.
 - Analyzing code for vulnerabilities is allowed.
 - Showing user code and tool call details is allowed.
-- User instructions may overwrite the _CODING GUIDELINES_ section in this developer message.
-- `user_instructions` are not part of the user's request, but guidance for how to complete the task.
-- Do not cite `user_instructions` back to the user unless a specific piece is relevant.
-- Do not use \`ls -R\`, \`find\`, or \`grep\` - these are slow in large repos. Use \`rg\` and \`rg --files\`.
-- Use the \`apply_patch\` shell command to edit files: {"command":["apply_patch","*** Begin Patch\\n*** Update File: path/to/file.py\\n@@ def example():\\n- pass\\n+ return 123\\n*** End Patch"]}
-- If completing the user's task requires writing or modifying files:
-  - Your code and final answer should follow these _CODING GUIDELINES_:
-    - Fix the problem at the root cause rather than applying surface-level patches, when possible.
-    - Avoid unneeded complexity in your solution.
-      - Ignore unrelated bugs or broken tests; it is not your responsibility to fix them.
-    - Update documentation as necessary.
-    - Keep changes consistent with the style of the existing codebase. Changes should be minimal and focused on the task.
-      - Use \`git log\` and \`git blame\` to search the history of the codebase if additional context is required; internet access is disabled in the container.
-    - NEVER add copyright or license headers unless specifically requested.
-    - You do not need to \`git commit\` your changes; this will be done automatically for you.
-    - If there is a .pre-commit-config.yaml, use \`pre-commit run --files ...\` to check that your changes pass the pre- commit checks. However, do not fix pre-existing errors on lines you didn't touch.
-      - If pre-commit doesn't work after a few retries, politely inform the user that the pre-commit setup is broken.
-    - Once you finish coding, you must
-      - Check \`git status\` to sanity check your changes; revert any scratch files or changes.
-      - Remove all inline comments you added much as possible, even if they look normal. Check using \`git diff\`. Inline comments must be generally avoided, unless active maintainers of the repo, after long careful study of the code and the issue, will still misinterpret the code without the comments.
-      - Check if you accidentally add copyright or license headers. If so, remove them.
-      - Try to run pre-commit if it is available.
-      - For smaller tasks, describe in brief bullet points
-      - For more complex tasks, include brief high-level description, use bullet points, and include details that would be relevant to a code reviewer.
-- If completing the user's task DOES NOT require writing or modifying files (e.g., the user asks a question about the code base):
-  - Respond in a friendly tune as a remote teammate, who is knowledgeable, capable and eager to help with coding.
-- When your task involves writing or modifying files:
-  - Do NOT tell the user to "save the file" or "copy the code into a file" if you already created or modified the file using the `apply_patch` shell command. Instead, reference the file as already saved.
-  - Do NOT show the full contents of large files you have already written, unless the user explicitly asks for them.
+- Use the `apply_patch` tool to edit files (NEVER try `applypatch` or `apply-patch`, only `apply_patch`): {"command":["apply_patch","*** Begin Patch\\n*** Update File: path/to/file.py\\n@@ def example():\\n-  pass\\n+  return 123\\n*** End Patch"]}
 
-## Using the shell command `apply_patch` to edit files
-`apply_patch` is a shell command for editing files. Your patch language is a stripped‑down, file‑oriented diff format designed to be easy to parse and safe to apply. You can think of it as a high‑level envelope:
+If completing the user's task requires writing or modifying files, your code and final answer should follow these coding guidelines, though user instructions (i.e. AGENTS.md) may override these guidelines:
 
-*** Begin Patch
+- Fix the problem at the root cause rather than applying surface-level patches, when possible.
+- Avoid unneeded complexity in your solution.
+- Do not attempt to fix unrelated bugs or broken tests. It is not your responsibility to fix them. (You may mention them to the user in your final message though.)
+- Update documentation as necessary.
+- Keep changes consistent with the style of the existing codebase. Changes should be minimal and focused on the task.
+- Use `git log` and `git blame` to search the history of the codebase if additional context is required.
+- NEVER add copyright or license headers unless specifically requested.
+- Do not waste tokens by re-reading files after calling `apply_patch` on them. The tool call will fail if it didn't work. The same goes for making folders, deleting folders, etc.
+- Do not `git commit` your changes or create new git branches unless explicitly requested.
+- Do not add inline comments within code unless explicitly requested.
+- Do not use one-letter variable names unless explicitly requested.
+- NEVER output inline citations like "【F:README.md†L5-L14】" in your outputs. The CLI is not able to render these so they will just be broken in the UI. Instead, if you output valid filepaths, users will be able to click on them to open the files in their editor.
+
+## Testing your work
+
+If the codebase has tests or the ability to build or run, you should use them to verify that your work is complete. Generally, your testing philosophy should be to start as specific as possible to the code you changed so that you can catch issues efficiently, then make your way to broader tests as you build confidence. If there's no test for the code you changed, and if the adjacent patterns in the codebases show that there's a logical place for you to add a test, you may do so. However, do not add tests to codebases with no tests, or where the patterns don't indicate so.
+
+Once you're confident in correctness, use formatting commands to ensure that your code is well formatted. These commands can take time so you should run them on as precise a target as possible. If there are issues you can iterate up to 3 times to get formatting right, but if you still can't manage it's better to save the user time and present them a correct solution where you call out the formatting in your final message. If the codebase does not have a formatter configured, do not add one.
+
+For all of testing, running, building, and formatting, do not attempt to fix unrelated bugs. It is not your responsibility to fix them. (You may mention them to the user in your final message though.)
+
+## Sandbox and approvals
+
+The Codex CLI harness supports several different sandboxing, and approval configurations that the user can choose from.
+
+Filesystem sandboxing prevents you from editing files without user approval. The options are:
+- *read-only*: You can only read files.
+- *workspace-write*: You can read files. You can write to files in your workspace folder, but not outside it.
+- *danger-full-access*: No filesystem sandboxing.
+
+Network sandboxing prevents you from accessing network without approval. Options are
+- *ON*
+- *OFF*
+
+Approvals are your mechanism to get user consent to perform more privileged actions. Although they introduce friction to the user because your work is paused until the user responds, you should leverage them to accomplish your important work. Do not let these settings or the sandbox deter you from attempting to accomplish the user's task. Approval options are
+- *untrusted*: The harness will escalate most commands for user approval, apart from a limited allowlist of safe "read" commands.
+- *on-failure*: The harness will allow all commands to run in the sandbox (if enabled), and failures will be escalated to the user for approval to run again without the sandbox.
+- *on-request*: Commands will be run in the sandbox by default, and you can specify in your tool call if you want to escalate a command to run without sandboxing. (Note that this mode is not always available. If it is, you'll see parameters for it in the `shell` command description.)
+- *never*: This is a non-interactive mode where you may NEVER ask the user for approval to run commands. Instead, you must always persist and work around constraints to solve the task for the user. You MUST do your utmost best to finish the task and validate your work before yielding. If this mode is pared with `danger-full-access`, take advantage of it to deliver the best outcome for the user. Further, in this mode, your default testing philosophy is overridden: Even if you don't see local patterns for testing, you may add tests and scripts to validate your work. Just remove them before yielding.
+
+When you are running with approvals `on-request`, and sandboxing enabled, here are scenarios where you'll need to request approval:
+- You need to run a command that writes to a directory that requires it (e.g. running tests that write to /tmp)
+- You need to run a GUI app (e.g., open/xdg-open/osascript) to open browsers or files.
+- You are running sandboxed and need to run a command that requires network access (e.g. installing packages)
+- If you run a command that is important to solving the user's query, but it fails because of sandboxing, rerun the command with approval.
+- You are about to take a potentially destructive action such as an `rm` or `git reset` that the user did not explicitly ask for
+- (For all of these, you should weigh alternative paths that do not require approval.)
+
+Note that when sandboxing is set to read-only, you'll need to request approval for any command that isn't a read.
+
+You will be told what filesystem sandboxing, network sandboxing, and approval mode are active in a developer or user message. If you are not told about this, assume that you are running with workspace-write, network sandboxing ON, and approval on-failure.
+
+## Ambition vs. precision
+
+For tasks that have no prior context (i.e. the user is starting something brand new), you should feel free to be ambitious and demonstrate creativity with your implementation.
+
+If you're operating in an existing codebase, you should make sure you do exactly what the user asks with surgical precision. Treat the surrounding codebase with respect, and don't overstep (i.e. changing filenames or variables unnecessarily). You should balance being sufficiently ambitious and proactive when completing tasks of this nature.
+
+You should use judicious initiative to decide on the right level of detail and complexity to deliver based on the user's needs. This means showing good judgment that you're capable of doing the right extras without gold-plating. This might be demonstrated by high-value, creative touches when scope of the task is vague; while being surgical and targeted when scope is tightly specified.
+
+## Sharing progress updates
+
+For especially longer tasks that you work on (i.e. requiring many tool calls, or a plan with multiple steps), you should provide progress updates back to the user at reasonable intervals. These updates should be structured as a concise sentence or two (no more than 8-10 words long) recapping progress so far in plain language: this update demonstrates your understanding of what needs to be done, progress so far (i.e. files explores, subtasks complete), and where you're going next.
+
+Before doing large chunks of work that may incur latency as experienced by the user (i.e. writing a new file), you should send a concise message to the user with an update indicating what you're about to do to ensure they know what you're spending time on. Don't start editing or writing large files before informing the user what you are doing and why.
+
+The messages you send before tool calls should describe what is immediately about to be done next in very concise language. If there was previous work done, this preamble message should also include a note about the work done so far to bring the user along.
+
+## Presenting your work and final message
+
+Your final message should read naturally, like an update from a concise teammate. For casual conversation, brainstorming tasks, or quick questions from the user, respond in a friendly, conversational tone. You should ask questions, suggest ideas, and adapt to the user’s style. If you've finished a large amount of work, when describing what you've done to the user, you should follow the final answer formatting guidelines to communicate substantive changes. You don't need to add structured formatting for one-word answers, greetings, or purely conversational exchanges.
+
+You can skip heavy formatting for single, simple actions or confirmations. In these cases, respond in plain sentences with any relevant next step or quick option. Reserve multi-section structured responses for results that need grouping or explanation.
+
+The user is working on the same computer as you, and has access to your work. As such there's no need to show the full contents of large files you have already written unless the user explicitly asks for them. Similarly, if you've created or modified files using `apply_patch`, there's no need to tell users to "save the file" or "copy the code into a file"—just reference the file path.
+
+If there's something that you think you could help with as a logical next step, concisely ask the user if they want you to do so. Good examples of this are running tests, committing changes, or building out the next logical component. If there’s something that you couldn't do (even with approval) but that the user might want to do (such as verifying changes by running the app), include those instructions succinctly.
+
+Brevity is very important as a default. You should be very concise (i.e. no more than 10 lines), but can relax this requirement for tasks where additional detail and comprehensiveness is important for the user's understanding.
+
+### Final answer structure and style guidelines
+
+You are producing plain text that will later be styled by the CLI. Follow these rules exactly. Formatting should make results easy to scan, but not feel mechanical. Use judgment to decide how much structure adds value.
+
+**Section Headers**
+- Use only when they improve clarity — they are not mandatory for every answer.
+- Choose descriptive names that fit the content
+- Keep headers short (1–3 words) and in `**Title Case**`. Always start headers with `**` and end with `**`
+- Leave no blank line before the first bullet under a header.
+- Section headers should only be used where they genuinely improve scanability; avoid fragmenting the answer.
+
+**Bullets**
+- Use `-` followed by a space for every bullet.
+- Bold the keyword, then colon + concise description.
+- Merge related points when possible; avoid a bullet for every trivial detail.
+- Keep bullets to one line unless breaking for clarity is unavoidable.
+- Group into short lists (4–6 bullets) ordered by importance.
+- Use consistent keyword phrasing and formatting across sections.
+
+**Monospace**
+- Wrap all commands, file paths, env vars, and code identifiers in backticks (`` `...` ``).
+- Apply to inline examples and to bullet keywords if the keyword itself is a literal file/command.
+- Never mix monospace and bold markers; choose one based on whether it’s a keyword (`**`) or inline code/path (`` ` ``).
+
+**Structure**
+- Place related bullets together; don’t mix unrelated concepts in the same section.
+- Order sections from general → specific → supporting info.
+- For subsections (e.g., “Binaries” under “Rust Workspace”), introduce with a bolded keyword bullet, then list items under it.
+- Match structure to complexity:
+  - Multi-part or detailed results → use clear headers and grouped bullets.
+  - Simple results → minimal headers, possibly just a short list or paragraph.
+
+**Tone**
+- Keep the voice collaborative and natural, like a coding partner handing off work.
+- Be concise and factual — no filler or conversational commentary and avoid unnecessary repetition
+- Use present tense and active voice (e.g., “Runs tests” not “This will run tests”).
+- Keep descriptions self-contained; don’t refer to “above” or “below”.
+- Use parallel structure in lists for consistency.
+
+**Don’t**
+- Don’t use literal words “bold” or “monospace” in the content.
+- Don’t nest bullets or create deep hierarchies.
+- Don’t output ANSI escape codes directly — the CLI renderer applies them.
+- Don’t cram unrelated keywords into a single bullet; split for clarity.
+- Don’t let keyword lists run long — wrap or reformat for scanability.
+
+Generally, ensure your final answers adapt their shape and depth to the request. For example, answers to code explanations should have a precise, structured explanation with code references that answer the question directly. For tasks with a simple implementation, lead with the outcome and supplement only with what’s needed for clarity. Larger changes can be presented as a logical walkthrough of your approach, grouping related steps, explaining rationale where it adds value, and highlighting next actions to accelerate the user. Your answers should provide the right level of detail while being easily scannable.
+
+For casual greetings, acknowledgements, or other one-off conversational messages that are not delivering substantive information or structured results, respond naturally without section headers or bullet formatting.
+
+# Tools
+
+## `apply_patch`
+
+Your patch language is a stripped‑down, file‑oriented diff format designed to be easy to parse and safe to apply. You can think of it as a high‑level envelope:
+
+**_ Begin Patch
 [ one or more file sections ]
-*** End Patch
+_** End Patch
 
 Within that envelope, you get a sequence of file operations.
 You MUST include a header to specify the action you are taking.
 Each operation starts with one of three headers:
 
-*** Add File: <path> - create a new file. Every following line is a + line (the initial contents).
-*** Delete File: <path> - remove an existing file. Nothing follows.
+**_ Add File: <path> - create a new file. Every following line is a + line (the initial contents).
+_** Delete File: <path> - remove an existing file. Nothing follows.
 \*\*\* Update File: <path> - patch an existing file in place (optionally with a rename).
 
 May be immediately followed by \*\*\* Move to: <new path> if you want to rename the file.
@@ -77,60 +281,46 @@ Within a hunk each line starts with:
   At the end of a truncated hunk you can emit \*\*\* End of File.
 
 Patch := Begin { FileOp } End
-Begin := "*** Begin Patch" NEWLINE
-End := "*** End Patch" NEWLINE
+Begin := "**_ Begin Patch" NEWLINE
+End := "_** End Patch" NEWLINE
 FileOp := AddFile | DeleteFile | UpdateFile
-AddFile := "*** Add File: " path NEWLINE { "+" line NEWLINE }
-DeleteFile := "*** Delete File: " path NEWLINE
-UpdateFile := "*** Update File: " path NEWLINE [ MoveTo ] { Hunk }
-MoveTo := "*** Move to: " newPath NEWLINE
+AddFile := "**_ Add File: " path NEWLINE { "+" line NEWLINE }
+DeleteFile := "_** Delete File: " path NEWLINE
+UpdateFile := "**_ Update File: " path NEWLINE [ MoveTo ] { Hunk }
+MoveTo := "_** Move to: " newPath NEWLINE
 Hunk := "@@" [ header ] NEWLINE { HunkLine } [ "*** End of File" NEWLINE ]
 HunkLine := (" " | "-" | "+") text NEWLINE
 
 A full patch can combine several operations:
 
-*** Begin Patch
-*** Add File: hello.txt
+**_ Begin Patch
+_** Add File: hello.txt
 +Hello world
-*** Update File: src/app.py
-*** Move to: src/main.py
+**_ Update File: src/app.py
+_** Move to: src/main.py
 @@ def greet():
 -print("Hi")
 +print("Hello, world!")
-*** Delete File: obsolete.txt
-*** End Patch
+**_ Delete File: obsolete.txt
+_** End Patch
 
 It is important to remember:
 
 - You must include a header with your intended action (Add/Delete/Update)
 - You must prefix new lines with `+` even when creating a new file
-- You must follow this schema exactly when providing a patch
 
-You can invoke apply_patch with the following shell command:
+You can invoke apply_patch like:
 
 ```
 shell {"command":["apply_patch","*** Begin Patch\n*** Add File: hello.txt\n+Hello, world!\n*** End Patch\n"]}
 ```
 
-## Sandbox environment and approval instructions
+## `update_plan`
 
-You are running in a sandboxed workspace backed by version control. The sandbox might be configured by the user to restrict certain behaviors, like accessing the internet or writing to files outside the current directory.
+A tool named `update_plan` is available to you. You can use it to keep an up‑to‑date, step‑by‑step plan for the task.
 
-Commands that are blocked by sandbox settings will be automatically sent to the user for approval. The result of the request will be returned (i.e. the command result, or the request denial).
-The user also has an opportunity to approve the same command for the rest of the session.
+To create a new plan, call `update_plan` with a short list of 1‑sentence steps (no more than 5-7 words each) with a `status` for each step (`pending`, `in_progress`, or `completed`).
 
-Guidance on running within the sandbox:
-- When running commands that will likely require approval, attempt to use simple, precise commands, to reduce frequency of approval requests.
-- When approval is denied or a command fails due to a permission error, do not retry the exact command in a different way. Move on and continue trying to address the user's request.
-
-
-## Tools available
-### Plan updates
-
-A tool named `update_plan` is available. Use it to keep an up‑to‑date, step‑by‑step plan for the task so you can follow your progress. When making your plans, keep in mind that you are a deployed coding agent - `update_plan` calls should not involve doing anything that you aren't capable of doing. For example, `update_plan` calls should NEVER contain tasks to merge your own pull requests. Only stop to ask the user if you genuinely need their feedback on a change.
-
-- At the start of any nontrivial task, call `update_plan` with an initial plan: a short list of 1‑sentence steps with a `status` for each step (`pending`, `in_progress`, or `completed`). There should always be exactly one `in_progress` step until everything is done.
-- Whenever you finish a step, call `update_plan` again, marking the finished step as `completed` and the next step as `in_progress`.
-- If your plan needs to change, call `update_plan` with the revised steps and include an `explanation` describing the change.
-- When all steps are complete, make a final `update_plan` call with all steps marked `completed`.
+When steps have been completed, use `update_plan` to mark each finished step as `completed` and the next step you are working on as `in_progress`. There should always be exactly one `in_progress` step until everything is done. You can mark multiple items as complete in a single `update_plan` call.
 
+If all steps are complete, ensure you call `update_plan` to mark all steps as `completed`.

codex-rs/core/src/apply_patch.rs

@@ -1,9 +1,6 @@
 use crate::codex::Session;
 use crate::models::FunctionCallOutputPayload;
 use crate::models::ResponseInputItem;
-use crate::protocol::DiffHunk;
-use crate::protocol::DiffLine;
-use crate::protocol::DiffLineKind;
 use crate::protocol::FileChange;
 use crate::protocol::ReviewDecision;
 use crate::safety::SafetyCheck;
@@ -122,143 +119,16 @@ pub(crate) fn convert_apply_patch_to_protocol(
                 unified_diff,
                 move_path,
                 new_content: _new_content,
-            } => {
-                let hunks = parse_unified_diff_to_hunks(unified_diff).unwrap_or_default();
-                FileChange::Update {
-                    unified_diff: unified_diff.clone(),
-                    move_path: move_path.clone(),
-                    hunks: if hunks.is_empty() { None } else { Some(hunks) },
-                }
-            }
+            } => FileChange::Update {
+                unified_diff: unified_diff.clone(),
+                move_path: move_path.clone(),
+            },
         };
         result.insert(path.clone(), protocol_change);
     }
     result
 }
 
-/// Parse a unified diff string into structured hunks. The input is expected to
-/// contain one or more hunk headers (lines starting with "@@") followed by hunk
-/// bodies. Lines starting with '+++', '---' (file headers) are ignored.
-fn parse_unified_diff_to_hunks(src: &str) -> Option<Vec<DiffHunk>> {
-    let mut hunks: Vec<DiffHunk> = Vec::new();
-    let mut cur: Option<DiffHunk> = None;
-
-    for line in src.lines() {
-        if line.starts_with("---") || line.starts_with("+++") {
-            // File headers: ignore.
-            continue;
-        }
-
-        if let Some((old_start, old_count, new_start, new_count)) = parse_hunk_header(line) {
-            // Flush previous hunk
-            if let Some(h) = cur.take() {
-                hunks.push(h);
-            }
-            cur = Some(DiffHunk {
-                old_start: old_start as u32,
-                old_count: old_count as u32,
-                new_start: new_start as u32,
-                new_count: new_count as u32,
-                lines: Vec::new(),
-            });
-            continue;
-        }
-
-        if let Some(h) = cur.as_mut() {
-            // Classify by prefix; store text without the prefix when present.
-            let (kind, text) = if let Some(rest) = line.strip_prefix('+') {
-                (DiffLineKind::Add, rest.to_string())
-            } else if let Some(rest) = line.strip_prefix('-') {
-                (DiffLineKind::Delete, rest.to_string())
-            } else if let Some(rest) = line.strip_prefix(' ') {
-                (DiffLineKind::Context, rest.to_string())
-            } else {
-                // Non-standard line inside hunk; keep as context with full text.
-                (DiffLineKind::Context, line.to_string())
-            };
-            h.lines.push(DiffLine { kind, text });
-        }
-    }
-
-    if let Some(h) = cur.take() {
-        hunks.push(h);
-    }
-
-    Some(hunks)
-}
-
-// Lightweight parsing of a unified diff hunk header of the form:
-// @@ -oldStart,oldCount +newStart,newCount @@
-// Counts may be omitted which implies 1.
-fn parse_hunk_header(line: &str) -> Option<(u64, u64, u64, u64)> {
-    if !line.starts_with("@@") {
-        return None;
-    }
-    let bytes = line.as_bytes();
-    let mut i = 2usize;
-    // skip spaces
-    while i < bytes.len() && bytes[i].is_ascii_whitespace() {
-        i += 1;
-    }
-    if i >= bytes.len() || bytes[i] != b'-' {
-        return None;
-    }
-    i += 1;
-    let (old_start, c1) = parse_uint(&bytes[i..]);
-    if c1 == 0 {
-        return None;
-    }
-    i += c1;
-    let mut old_count = 1u64;
-    if i < bytes.len() && bytes[i] == b',' {
-        i += 1;
-        let (n, c) = parse_uint(&bytes[i..]);
-        if c == 0 {
-            return None;
-        }
-        old_count = n;
-        i += c;
-    }
-    while i < bytes.len() && bytes[i].is_ascii_whitespace() {
-        i += 1;
-    }
-    if i >= bytes.len() || bytes[i] != b'+' {
-        return None;
-    }
-    i += 1;
-    let (new_start, c2) = parse_uint(&bytes[i..]);
-    if c2 == 0 {
-        return None;
-    }
-    i += c2;
-    let mut new_count = 1u64;
-    if i < bytes.len() && bytes[i] == b',' {
-        i += 1;
-        let (n, c) = parse_uint(&bytes[i..]);
-        if c == 0 {
-            return None;
-        }
-        new_count = n;
-        i += c;
-    }
-    Some((old_start, old_count, new_start, new_count))
-}
-
-fn parse_uint(s: &[u8]) -> (u64, usize) {
-    let mut i = 0usize;
-    let mut n: u64 = 0;
-    while i < s.len() {
-        let b = s[i];
-        if b.is_ascii_digit() {
-            n = n * 10 + (b - b'0') as u64;
-            i += 1;
-        } else {
-            break;
-        }
-    }
-    (n, i)
-}
-
 pub(crate) fn get_writable_roots(cwd: &Path) -> Vec<PathBuf> {
     let mut writable_roots = Vec::new();
     if cfg!(target_os = "macos") {

codex-rs/core/src/codex.rs

@@ -46,6 +46,7 @@ use crate::conversation_history::ConversationHistory;
 use crate::error::CodexErr;
 use crate::error::Result as CodexResult;
 use crate::error::SandboxErr;
+use crate::error::get_error_message_ui;
 use crate::exec::ExecParams;
 use crate::exec::ExecToolCallOutput;
 use crate::exec::SandboxType;
@@ -468,6 +469,57 @@ impl Session {
             }
         }
     }
+    /// Runs the exec tool call and emits events for the begin and end of the
+    /// command even on error.
+    ///
+    /// Returns the output of the exec tool call.
+    async fn run_exec_with_events<'a>(
+        &self,
+        turn_diff_tracker: &mut TurnDiffTracker,
+        begin_ctx: ExecCommandContext,
+        exec_args: ExecInvokeArgs<'a>,
+    ) -> crate::error::Result<ExecToolCallOutput> {
+        let is_apply_patch = begin_ctx.apply_patch.is_some();
+        let sub_id = begin_ctx.sub_id.clone();
+        let call_id = begin_ctx.call_id.clone();
+
+        self.on_exec_command_begin(turn_diff_tracker, begin_ctx.clone())
+            .await;
+
+        let result = process_exec_tool_call(
+            exec_args.params,
+            exec_args.sandbox_type,
+            exec_args.ctrl_c,
+            exec_args.sandbox_policy,
+            exec_args.codex_linux_sandbox_exe,
+            exec_args.stdout_stream,
+        )
+        .await;
+
+        let output_stderr;
+        let borrowed: &ExecToolCallOutput = match &result {
+            Ok(output) => output,
+            Err(e) => {
+                output_stderr = ExecToolCallOutput {
+                    exit_code: -1,
+                    stdout: String::new(),
+                    stderr: get_error_message_ui(e),
+                    duration: Duration::default(),
+                };
+                &output_stderr
+            }
+        };
+        self.on_exec_command_end(
+            turn_diff_tracker,
+            &sub_id,
+            &call_id,
+            borrowed,
+            is_apply_patch,
+        )
+        .await;
+
+        result
+    }
 
     /// Helper that emits a BackgroundEvent with the given message. This keeps
     /// the call‑sites terse so adding more diagnostics does not clutter the
@@ -636,7 +688,7 @@ impl AgentTask {
             let event = Event {
                 id: self.sub_id,
                 msg: EventMsg::Error(ErrorEvent {
-                    message: "Turn interrupted".to_string(),
+                    message: " Turn interrupted".to_string(),
                 }),
             };
             let tx_event = self.sess.tx_event.clone();
@@ -1717,6 +1769,15 @@ fn parse_container_exec_arguments(
     }
 }
 
+pub struct ExecInvokeArgs<'a> {
+    pub params: ExecParams,
+    pub sandbox_type: SandboxType,
+    pub ctrl_c: Arc<Notify>,
+    pub sandbox_policy: &'a SandboxPolicy,
+    pub codex_linux_sandbox_exe: &'a Option<PathBuf>,
+    pub stdout_stream: Option<StdoutStream>,
+}
+
 fn maybe_run_with_user_profile(params: ExecParams, sess: &Session) -> ExecParams {
     if sess.shell_environment_policy.use_profile {
         let command = sess
@@ -1887,23 +1948,26 @@ async fn handle_container_exec_with_params(
             },
         ),
     };
-    sess.on_exec_command_begin(turn_diff_tracker, exec_command_context.clone())
-        .await;
 
     let params = maybe_run_with_user_profile(params, sess);
-    let output_result = process_exec_tool_call(
-        params.clone(),
-        sandbox_type,
-        sess.ctrl_c.clone(),
-        &sess.sandbox_policy,
-        &sess.codex_linux_sandbox_exe,
-        Some(StdoutStream {
-            sub_id: sub_id.clone(),
-            call_id: call_id.clone(),
-            tx_event: sess.tx_event.clone(),
-        }),
-    )
-    .await;
+    let output_result = sess
+        .run_exec_with_events(
+            turn_diff_tracker,
+            exec_command_context.clone(),
+            ExecInvokeArgs {
+                params: params.clone(),
+                sandbox_type,
+                ctrl_c: sess.ctrl_c.clone(),
+                sandbox_policy: &sess.sandbox_policy,
+                codex_linux_sandbox_exe: &sess.codex_linux_sandbox_exe,
+                stdout_stream: Some(StdoutStream {
+                    sub_id: sub_id.clone(),
+                    call_id: call_id.clone(),
+                    tx_event: sess.tx_event.clone(),
+                }),
+            },
+        )
+        .await;
 
     match output_result {
         Ok(output) => {
@@ -1914,24 +1978,14 @@ async fn handle_container_exec_with_params(
                 duration,
             } = &output;
 
-            sess.on_exec_command_end(
-                turn_diff_tracker,
-                &sub_id,
-                &call_id,
-                &output,
-                exec_command_context.apply_patch.is_some(),
-            )
-            .await;
-
             let is_success = *exit_code == 0;
             let content = format_exec_output(
                 if is_success { stdout } else { stderr },
                 *exit_code,
                 *duration,
             );
-
             ResponseInputItem::FunctionCallOutput {
-                call_id,
+                call_id: call_id.clone(),
                 output: FunctionCallOutputPayload {
                     content,
                     success: Some(is_success),
@@ -1949,16 +2003,13 @@ async fn handle_container_exec_with_params(
             )
             .await
         }
-        Err(e) => {
-            // Handle non-sandbox errors
-            ResponseInputItem::FunctionCallOutput {
-                call_id,
-                output: FunctionCallOutputPayload {
-                    content: format!("execution error: {e}"),
-                    success: None,
-                },
-            }
-        }
+        Err(e) => ResponseInputItem::FunctionCallOutput {
+            call_id: call_id.clone(),
+            output: FunctionCallOutputPayload {
+                content: format!("execution error: {e}"),
+                success: None,
+            },
+        },
     }
 }
 
@@ -1973,7 +2024,6 @@ async fn handle_sandbox_error(
     let call_id = exec_command_context.call_id.clone();
     let sub_id = exec_command_context.sub_id.clone();
     let cwd = exec_command_context.cwd.clone();
-    let is_apply_patch = exec_command_context.apply_patch.is_some();
 
     // Early out if either the user never wants to be asked for approval, or
     // we're letting the model manage escalation requests. Otherwise, continue
@@ -2039,24 +2089,26 @@ async fn handle_sandbox_error(
             sess.notify_background_event(&sub_id, "retrying command without sandbox")
                 .await;
 
-            sess.on_exec_command_begin(turn_diff_tracker, exec_command_context)
-                .await;
-
             // This is an escalated retry; the policy will not be
             // examined and the sandbox has been set to `None`.
-            let retry_output_result = process_exec_tool_call(
-                params,
-                SandboxType::None,
-                sess.ctrl_c.clone(),
-                &sess.sandbox_policy,
-                &sess.codex_linux_sandbox_exe,
-                Some(StdoutStream {
-                    sub_id: sub_id.clone(),
-                    call_id: call_id.clone(),
-                    tx_event: sess.tx_event.clone(),
-                }),
-            )
-            .await;
+            let retry_output_result = sess
+                .run_exec_with_events(
+                    turn_diff_tracker,
+                    exec_command_context.clone(),
+                    ExecInvokeArgs {
+                        params,
+                        sandbox_type: SandboxType::None,
+                        ctrl_c: sess.ctrl_c.clone(),
+                        sandbox_policy: &sess.sandbox_policy,
+                        codex_linux_sandbox_exe: &sess.codex_linux_sandbox_exe,
+                        stdout_stream: Some(StdoutStream {
+                            sub_id: sub_id.clone(),
+                            call_id: call_id.clone(),
+                            tx_event: sess.tx_event.clone(),
+                        }),
+                    },
+                )
+                .await;
 
             match retry_output_result {
                 Ok(retry_output) => {
@@ -2067,15 +2119,6 @@ async fn handle_sandbox_error(
                         duration,
                     } = &retry_output;
 
-                    sess.on_exec_command_end(
-                        turn_diff_tracker,
-                        &sub_id,
-                        &call_id,
-                        &retry_output,
-                        is_apply_patch,
-                    )
-                    .await;
-
                     let is_success = *exit_code == 0;
                     let content = format_exec_output(
                         if is_success { stdout } else { stderr },
@@ -2084,23 +2127,20 @@ async fn handle_sandbox_error(
                     );
 
                     ResponseInputItem::FunctionCallOutput {
-                        call_id,
+                        call_id: call_id.clone(),
                         output: FunctionCallOutputPayload {
                             content,
                             success: Some(is_success),
                         },
                     }
                 }
-                Err(e) => {
-                    // Handle retry failure
-                    ResponseInputItem::FunctionCallOutput {
-                        call_id,
-                        output: FunctionCallOutputPayload {
-                            content: format!("retry failed: {e}"),
-                            success: None,
-                        },
-                    }
-                }
+                Err(e) => ResponseInputItem::FunctionCallOutput {
+                    call_id: call_id.clone(),
+                    output: FunctionCallOutputPayload {
+                        content: format!("retry failed: {e}"),
+                        success: None,
+                    },
+                },
             }
         }
         ReviewDecision::Denied | ReviewDecision::Abort => {

codex-rs/core/src/config.rs

@@ -4,7 +4,7 @@ use crate::config_types::McpServerConfig;
 use crate::config_types::ReasoningEffort;
 use crate::config_types::ReasoningSummary;
 use crate::config_types::SandboxMode;
-use crate::config_types::SandboxWorkplaceWrite;
+use crate::config_types::SandboxWorkspaceWrite;
 use crate::config_types::ShellEnvironmentPolicy;
 use crate::config_types::ShellEnvironmentPolicyToml;
 use crate::config_types::Tui;
@@ -29,6 +29,9 @@ use toml::Value as TomlValue;
 /// the context window.
 pub(crate) const PROJECT_DOC_MAX_BYTES: usize = 32 * 1024; // 32 KiB
 
+/// Candidate filenames for user-provided instructions stored in CODEX_HOME.
+pub(crate) const USER_INSTRUCTIONS_CANDIDATE_FILENAMES: &[&str] = &["AGENTS.md"];
+
 /// Application configuration loaded from disk and merged with overrides.
 #[derive(Debug, Clone, PartialEq)]
 pub struct Config {
@@ -282,7 +285,7 @@ pub struct ConfigToml {
     pub sandbox_mode: Option<SandboxMode>,
 
     /// Sandbox configuration to apply if `sandbox` is `WorkspaceWrite`.
-    pub sandbox_workspace_write: Option<SandboxWorkplaceWrite>,
+    pub sandbox_workspace_write: Option<SandboxWorkspaceWrite>,
 
     /// Disable server-side response storage (sends the full conversation
     /// context with every request). Currently necessary for OpenAI customers
@@ -361,10 +364,16 @@ impl ConfigToml {
         match resolved_sandbox_mode {
             SandboxMode::ReadOnly => SandboxPolicy::new_read_only_policy(),
             SandboxMode::WorkspaceWrite => match self.sandbox_workspace_write.as_ref() {
-                Some(s) => SandboxPolicy::WorkspaceWrite {
-                    writable_roots: s.writable_roots.clone(),
-                    network_access: s.network_access,
-                    include_default_writable_roots: true,
+                Some(SandboxWorkspaceWrite {
+                    writable_roots,
+                    network_access,
+                    exclude_tmpdir_env_var,
+                    exclude_slash_tmp,
+                }) => SandboxPolicy::WorkspaceWrite {
+                    writable_roots: writable_roots.clone(),
+                    network_access: *network_access,
+                    exclude_tmpdir_env_var: *exclude_tmpdir_env_var,
+                    exclude_slash_tmp: *exclude_slash_tmp,
                 },
                 None => SandboxPolicy::new_workspace_write_policy(),
             },
@@ -570,13 +579,9 @@ impl Config {
     }
 
     fn load_instructions(codex_dir: Option<&Path>) -> Option<String> {
-        let mut p = match codex_dir {
-            Some(p) => p.to_path_buf(),
-            None => return None,
-        };
-
-        p.push("AGENTS.md");
-        std::fs::read_to_string(&p).ok().and_then(|s| {
+        let dir = codex_dir?;
+        let path = find_user_instructions_path(dir)?;
+        std::fs::read_to_string(&path).ok().and_then(|s| {
             let s = s.trim();
             if s.is_empty() {
                 None
@@ -668,6 +673,20 @@ pub fn log_dir(cfg: &Config) -> std::io::Result<PathBuf> {
     Ok(p)
 }
 
+/// Returns the path to the first non-empty user instructions file inside the
+/// provided CODEX_HOME directory, if any.
+pub(crate) fn find_user_instructions_path(codex_dir: &Path) -> Option<PathBuf> {
+    for name in USER_INSTRUCTIONS_CANDIDATE_FILENAMES {
+        let candidate = codex_dir.join(name);
+        if let Ok(s) = std::fs::read_to_string(&candidate) {
+            if !s.trim().is_empty() {
+                return Some(candidate);
+            }
+        }
+    }
+    None
+}
+
 #[cfg(test)]
 mod tests {
     #![allow(clippy::expect_used, clippy::unwrap_used)]
@@ -745,8 +764,10 @@ sandbox_mode = "workspace-write"
 
 [sandbox_workspace_write]
 writable_roots = [
-    "/tmp",
+    "/my/workspace",
 ]
+exclude_tmpdir_env_var = true
+exclude_slash_tmp = true
 "#;
 
         let sandbox_workspace_write_cfg = toml::from_str::<ConfigToml>(sandbox_workspace_write)
@@ -754,9 +775,10 @@ writable_roots = [
         let sandbox_mode_override = None;
         assert_eq!(
             SandboxPolicy::WorkspaceWrite {
-                writable_roots: vec![PathBuf::from("/tmp")],
+                writable_roots: vec![PathBuf::from("/my/workspace")],
                 network_access: false,
-                include_default_writable_roots: true,
+                exclude_tmpdir_env_var: true,
+                exclude_slash_tmp: true,
             },
             sandbox_workspace_write_cfg.derive_sandbox_policy(sandbox_mode_override)
         );

codex-rs/core/src/config_types.rs

@@ -93,11 +93,15 @@ pub enum SandboxMode {
 }
 
 #[derive(Deserialize, Debug, Clone, PartialEq, Default)]
-pub struct SandboxWorkplaceWrite {
+pub struct SandboxWorkspaceWrite {
     #[serde(default)]
     pub writable_roots: Vec<PathBuf>,
     #[serde(default)]
     pub network_access: bool,
+    #[serde(default)]
+    pub exclude_tmpdir_env_var: bool,
+    #[serde(default)]
+    pub exclude_slash_tmp: bool,
 }
 
 #[derive(Deserialize, Debug, Clone, PartialEq, Default)]
@@ -105,10 +109,10 @@ pub struct SandboxWorkplaceWrite {
 pub enum ShellEnvironmentPolicyInherit {
     /// "Core" environment variables for the platform. On UNIX, this would
     /// include HOME, LOGNAME, PATH, SHELL, and USER, among others.
-    #[default]
     Core,
 
     /// Inherits the full environment from the parent process.
+    #[default]
     All,
 
     /// Do not inherit any environment variables from the parent process.
@@ -167,7 +171,8 @@ pub struct ShellEnvironmentPolicy {
 
 impl From<ShellEnvironmentPolicyToml> for ShellEnvironmentPolicy {
     fn from(toml: ShellEnvironmentPolicyToml) -> Self {
-        let inherit = toml.inherit.unwrap_or(ShellEnvironmentPolicyInherit::Core);
+        // Default to inheriting the full environment when not specified.
+        let inherit = toml.inherit.unwrap_or(ShellEnvironmentPolicyInherit::All);
         let ignore_default_excludes = toml.ignore_default_excludes.unwrap_or(false);
         let exclude = toml
             .exclude

codex-rs/core/src/error.rs

@@ -132,3 +132,10 @@ impl CodexErr {
         (self as &dyn std::any::Any).downcast_ref::<T>()
     }
 }
+
+pub fn get_error_message_ui(e: &CodexErr) -> String {
+    match e {
+        CodexErr::Sandbox(SandboxErr::Denied(_, _, stderr)) => stderr.to_string(),
+        _ => e.to_string(),
+    }
+}

codex-rs/core/src/lib.rs

@@ -38,7 +38,7 @@ mod models;
 mod openai_model_info;
 mod openai_tools;
 pub mod plan_tool;
-mod project_doc;
+pub mod project_doc;
 pub mod protocol;
 mod rollout;
 pub(crate) mod safety;

codex-rs/core/src/project_doc.rs

@@ -12,7 +12,9 @@
 //!     exists, the search stops – we do **not** walk past the Git root.
 
 use crate::config::Config;
+use crate::config::find_user_instructions_path;
 use std::path::Path;
+use std::path::PathBuf;
 use tokio::io::AsyncReadExt;
 use tracing::error;
 
@@ -50,86 +52,166 @@ pub(crate) async fn get_user_instructions(config: &Config) -> Option<String> {
 /// `Err` so callers can decide how to handle them.
 async fn find_project_doc(config: &Config) -> std::io::Result<Option<String>> {
     let max_bytes = config.project_doc_max_bytes;
-
-    // Attempt to load from the working directory first.
-    if let Some(doc) = load_first_candidate(&config.cwd, CANDIDATE_FILENAMES, max_bytes).await? {
-        return Ok(Some(doc));
+    if max_bytes == 0 {
+        return Ok(None);
     }
 
-    // Walk up towards the filesystem root, stopping once we encounter the Git
-    // repository root. The presence of **either** a `.git` *file* or
-    // *directory* counts.
-    let mut dir = config.cwd.clone();
-
-    // Canonicalize the path so that we do not end up in an infinite loop when
-    // `cwd` contains `..` components.
-    if let Ok(canon) = dir.canonicalize() {
-        dir = canon;
-    }
-
-    while let Some(parent) = dir.parent() {
-        // `.git` can be a *file* (for worktrees or submodules) or a *dir*.
-        let git_marker = dir.join(".git");
-        let git_exists = match tokio::fs::metadata(&git_marker).await {
-            Ok(_) => true,
-            Err(e) if e.kind() == std::io::ErrorKind::NotFound => false,
-            Err(e) => return Err(e),
-        };
-
-        if git_exists {
-            // We are at the repo root – attempt one final load.
-            if let Some(doc) = load_first_candidate(&dir, CANDIDATE_FILENAMES, max_bytes).await? {
-                return Ok(Some(doc));
-            }
-            break;
-        }
-
-        dir = parent.to_path_buf();
+    if let Some(path) = find_project_doc_path_async(config).await {
+        return read_file_with_limit(&path, max_bytes).await;
     }
 
     Ok(None)
 }
 
-/// Attempt to load the first candidate file found in `dir`. Returns the file
-/// contents (truncated if it exceeds `max_bytes`) when successful.
-async fn load_first_candidate(
-    dir: &Path,
-    names: &[&str],
-    max_bytes: usize,
-) -> std::io::Result<Option<String>> {
-    for name in names {
-        let candidate = dir.join(name);
+/// Lightweight description of where user and project instruction files were
+/// sourced from. Paths are absolute and only present when a corresponding file
+/// exists and is non-empty.
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct InstructionsInfo {
+    pub user_instructions_path: Option<PathBuf>,
+    pub project_instructions_path: Option<PathBuf>,
+}
 
-        let file = match tokio::fs::File::open(&candidate).await {
-            Err(e) if e.kind() == std::io::ErrorKind::NotFound => continue,
-            Err(e) => return Err(e),
-            Ok(f) => f,
-        };
+/// Asynchronously collect the paths of the user instructions (from
+/// `CODEX_HOME/AGENTS.md`) and the project instructions (nearest `AGENTS.md`
+/// discovered by [`find_project_doc`]'s search algorithm).
+///
+/// - If `project_doc_max_bytes == 0` we consider project docs disabled and the
+///   path will be `None` even if a file exists.
+/// - Empty files are treated as "not set".
+pub async fn collect_instructions_info(config: &Config) -> InstructionsInfo {
+    let user_instructions_path = find_user_instructions_path(&config.codex_home);
 
-        let size = file.metadata().await?.len();
+    let project_instructions_path = if config.project_doc_max_bytes == 0 {
+        None
+    } else {
+        find_project_doc_path_async(config).await
+    };
 
-        let reader = tokio::io::BufReader::new(file);
-        let mut data = Vec::with_capacity(std::cmp::min(size as usize, max_bytes));
-        let mut limited = reader.take(max_bytes as u64);
-        limited.read_to_end(&mut data).await?;
+    InstructionsInfo {
+        user_instructions_path,
+        project_instructions_path,
+    }
+}
 
-        if size as usize > max_bytes {
-            tracing::warn!(
-                "Project doc `{}` exceeds {max_bytes} bytes - truncating.",
-                candidate.display(),
-            );
-        }
-
-        let contents = String::from_utf8_lossy(&data).to_string();
-        if contents.trim().is_empty() {
-            // Empty file – treat as not found.
-            continue;
-        }
-
-        return Ok(Some(contents));
+/// Internal helper that mirrors the search performed by [`find_project_doc`] but
+/// returns the discovered file path instead of the contents.
+async fn find_project_doc_path_async(config: &Config) -> Option<PathBuf> {
+    // Attempt in cwd first.
+    if let Some(p) = find_first_candidate_path_async(&config.cwd, CANDIDATE_FILENAMES).await {
+        return Some(p);
     }
 
-    Ok(None)
+    // Walk up towards git root, then stop.
+    let mut dir = match config.cwd.canonicalize() {
+        Ok(c) => c,
+        Err(_) => config.cwd.clone(),
+    };
+    while let Some(parent) = dir.parent() {
+        let git_marker = dir.join(".git");
+        let git_exists = match tokio::fs::metadata(&git_marker).await {
+            Ok(_) => true,
+            Err(e) if e.kind() == std::io::ErrorKind::NotFound => false,
+            Err(_) => false,
+        };
+        if git_exists {
+            return find_first_candidate_path_async(&dir, CANDIDATE_FILENAMES).await;
+        }
+        dir = parent.to_path_buf();
+    }
+    None
+}
+
+async fn find_first_candidate_path_async(dir: &Path, names: &[&str]) -> Option<PathBuf> {
+    for name in names {
+        let candidate = dir.join(name);
+        match tokio::fs::read_to_string(&candidate).await {
+            Ok(s) if !s.trim().is_empty() => return Some(candidate),
+            _ => continue,
+        }
+    }
+    None
+}
+
+/// Synchronous variant for UI code that isn't async-aware. Mirrors
+/// [`collect_instructions_info`] using blocking filesystem APIs.
+pub fn collect_instructions_info_sync(config: &Config) -> InstructionsInfo {
+    let user_instructions_path = find_user_instructions_path(&config.codex_home);
+
+    let project_instructions_path = if config.project_doc_max_bytes == 0 {
+        None
+    } else {
+        find_project_doc_path_sync(config)
+    };
+
+    InstructionsInfo {
+        user_instructions_path,
+        project_instructions_path,
+    }
+}
+
+fn find_project_doc_path_sync(config: &Config) -> Option<PathBuf> {
+    // Try cwd first
+    if let Some(p) = find_first_candidate_path_sync(&config.cwd, CANDIDATE_FILENAMES) {
+        return Some(p);
+    }
+
+    let mut dir = config
+        .cwd
+        .canonicalize()
+        .unwrap_or_else(|_| config.cwd.clone());
+    while let Some(parent) = dir.parent() {
+        let git_marker = dir.join(".git");
+        let git_exists = match std::fs::metadata(&git_marker) {
+            Ok(_) => true,
+            Err(e) if e.kind() == std::io::ErrorKind::NotFound => false,
+            Err(_) => false,
+        };
+        if git_exists {
+            return find_first_candidate_path_sync(&dir, CANDIDATE_FILENAMES);
+        }
+        dir = parent.to_path_buf();
+    }
+    None
+}
+
+fn find_first_candidate_path_sync(dir: &Path, names: &[&str]) -> Option<PathBuf> {
+    for name in names {
+        let candidate = dir.join(name);
+        match std::fs::read_to_string(&candidate) {
+            Ok(s) if !s.trim().is_empty() => return Some(candidate),
+            _ => continue,
+        }
+    }
+    None
+}
+
+/// Read a file with a maximum byte limit; empty content returns None.
+async fn read_file_with_limit(path: &Path, max_bytes: usize) -> std::io::Result<Option<String>> {
+    let file = match tokio::fs::File::open(path).await {
+        Err(e) if e.kind() == std::io::ErrorKind::NotFound => return Ok(None),
+        Err(e) => return Err(e),
+        Ok(f) => f,
+    };
+
+    let size = file.metadata().await?.len();
+    let reader = tokio::io::BufReader::new(file);
+    let mut data = Vec::with_capacity(std::cmp::min(size as usize, max_bytes));
+    let mut limited = reader.take(max_bytes as u64);
+    limited.read_to_end(&mut data).await?;
+
+    if size as usize > max_bytes {
+        tracing::warn!(
+            "Project doc `{}` exceeds {max_bytes} bytes - truncating.",
+            path.display(),
+        );
+    }
+
+    let contents = String::from_utf8_lossy(&data).to_string();
+    if contents.trim().is_empty() {
+        return Ok(None);
+    }
+    Ok(Some(contents))
 }
 
 #[cfg(test)]

codex-rs/core/src/protocol.rs

@@ -185,11 +185,16 @@ pub enum SandboxPolicy {
         #[serde(default)]
         network_access: bool,
 
-        /// When set to `true`, will include defaults like the current working
-        /// directory and TMPDIR (on macOS). When `false`, only `writable_roots`
-        /// are used. (Mainly used for testing.)
-        #[serde(default = "default_true")]
-        include_default_writable_roots: bool,
+        /// When set to `true`, will NOT include the per-user `TMPDIR`
+        /// environment variable among the default writable roots. Defaults to
+        /// `false`.
+        #[serde(default)]
+        exclude_tmpdir_env_var: bool,
+
+        /// When set to `true`, will NOT include the `/tmp` among the default
+        /// writable roots on UNIX. Defaults to `false`.
+        #[serde(default)]
+        exclude_slash_tmp: bool,
     },
 }
 
@@ -203,10 +208,6 @@ pub struct WritableRoot {
     pub read_only_subpaths: Vec<PathBuf>,
 }
 
-fn default_true() -> bool {
-    true
-}
-
 impl FromStr for SandboxPolicy {
     type Err = serde_json::Error;
 
@@ -228,7 +229,8 @@ impl SandboxPolicy {
         SandboxPolicy::WorkspaceWrite {
             writable_roots: vec![],
             network_access: false,
-            include_default_writable_roots: true,
+            exclude_tmpdir_env_var: false,
+            exclude_slash_tmp: false,
         }
     }
 
@@ -263,27 +265,40 @@ impl SandboxPolicy {
             SandboxPolicy::ReadOnly => Vec::new(),
             SandboxPolicy::WorkspaceWrite {
                 writable_roots,
-                include_default_writable_roots,
-                ..
+                exclude_tmpdir_env_var,
+                exclude_slash_tmp,
+                network_access: _,
             } => {
                 // Start from explicitly configured writable roots.
                 let mut roots: Vec<PathBuf> = writable_roots.clone();
 
-                // Optionally include defaults (cwd and TMPDIR on macOS).
-                if *include_default_writable_roots {
-                    roots.push(cwd.to_path_buf());
+                // Always include defaults: cwd, /tmp (if present on Unix), and
+                // on macOS, the per-user TMPDIR unless explicitly excluded.
+                roots.push(cwd.to_path_buf());
 
-                    // Also include the per-user tmp dir on macOS.
-                    // Note this is added dynamically rather than storing it in
-                    // `writable_roots` because `writable_roots` contains only static
-                    // values deserialized from the config file.
-                    if cfg!(target_os = "macos") {
-                        if let Some(tmpdir) = std::env::var_os("TMPDIR") {
-                            roots.push(PathBuf::from(tmpdir));
-                        }
+                // Include /tmp on Unix unless explicitly excluded.
+                if cfg!(unix) && !exclude_slash_tmp {
+                    let slash_tmp = PathBuf::from("/tmp");
+                    if slash_tmp.is_dir() {
+                        roots.push(slash_tmp);
                     }
                 }
 
+                // Include $TMPDIR unless explicitly excluded. On macOS, TMPDIR
+                // is per-user, so writes to TMPDIR should not be readable by
+                // other users on the system.
+                //
+                // By comparison, TMPDIR is not guaranteed to be defined on
+                // Linux or Windows, but supporting it here gives users a way to
+                // provide the model with their own temporary directory without
+                // having to hardcode it in the config.
+                if !exclude_tmpdir_env_var
+                    && let Some(tmpdir) = std::env::var_os("TMPDIR")
+                    && !tmpdir.is_empty()
+                {
+                    roots.push(PathBuf::from(tmpdir));
+                }
+
                 // For each root, compute subpaths that should remain read-only.
                 roots
                     .into_iter()
@@ -433,6 +448,28 @@ impl TokenUsage {
     pub fn is_zero(&self) -> bool {
         self.total_tokens == 0
     }
+
+    pub fn cached_input(&self) -> u64 {
+        self.cached_input_tokens.unwrap_or(0)
+    }
+
+    pub fn non_cached_input(&self) -> u64 {
+        self.input_tokens.saturating_sub(self.cached_input())
+    }
+
+    /// Primary count for display as a single absolute value: non-cached input + output.
+    pub fn blended_total(&self) -> u64 {
+        self.non_cached_input() + self.output_tokens
+    }
+
+    /// For estimating what % of the model's context window is used, we need to account
+    /// for reasoning output tokens from prior turns being dropped from the context window.
+    /// We approximate this here by subtracting reasoning output tokens from the total.
+    /// This will be off for the current turn and pending function calls.
+    pub fn tokens_in_context_window(&self) -> u64 {
+        self.total_tokens
+            .saturating_sub(self.reasoning_output_tokens.unwrap_or(0))
+    }
 }
 
 #[derive(Debug, Clone, Deserialize, Serialize)]
@@ -448,17 +485,20 @@ impl From<TokenUsage> for FinalOutput {
 
 impl fmt::Display for FinalOutput {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        let u = &self.token_usage;
+        let token_usage = &self.token_usage;
         write!(
             f,
             "Token usage: total={} input={}{} output={}{}",
-            u.total_tokens,
-            u.input_tokens,
-            u.cached_input_tokens
-                .map(|c| format!(" (cached {c})"))
-                .unwrap_or_default(),
-            u.output_tokens,
-            u.reasoning_output_tokens
+            token_usage.blended_total(),
+            token_usage.non_cached_input(),
+            if token_usage.cached_input() > 0 {
+                format!(" (+ {} cached)", token_usage.cached_input())
+            } else {
+                String::new()
+            },
+            token_usage.output_tokens,
+            token_usage
+                .reasoning_output_tokens
                 .map(|r| format!(" (reasoning {r})"))
                 .unwrap_or_default()
         )
@@ -626,41 +666,6 @@ pub struct PatchApplyEndEvent {
     pub success: bool,
 }
 
-/// Kind of a single line in a diff hunk body.
-#[derive(Debug, Clone, Copy, Deserialize, Serialize, PartialEq, Eq)]
-#[serde(rename_all = "snake_case")]
-pub enum DiffLineKind {
-    /// Line was inserted (prefixed with '+').
-    Add,
-    /// Line was deleted (prefixed with '-').
-    Delete,
-    /// Context line (no prefix or a single space in unified diff output).
-    Context,
-}
-
-/// A single line within a diff hunk.
-#[derive(Debug, Clone, Deserialize, Serialize)]
-pub struct DiffLine {
-    pub kind: DiffLineKind,
-    /// Text content of the line without the unified diff prefix character.
-    pub text: String,
-}
-
-/// Structured representation of a unified diff hunk.
-#[derive(Debug, Clone, Deserialize, Serialize)]
-pub struct DiffHunk {
-    /// 1-based starting line number in the original file.
-    pub old_start: u32,
-    /// Number of lines in the original file that the hunk covers.
-    pub old_count: u32,
-    /// 1-based starting line number in the new file.
-    pub new_start: u32,
-    /// Number of lines in the new file that the hunk covers.
-    pub new_count: u32,
-    /// Lines within this hunk in unified diff order.
-    pub lines: Vec<DiffLine>,
-}
-
 #[derive(Debug, Clone, Deserialize, Serialize)]
 pub struct TurnDiffEvent {
     pub unified_diff: String,
@@ -720,14 +725,8 @@ pub enum FileChange {
     },
     Delete,
     Update {
-        /// Unified diff for this file change. Retained for compatibility with
-        /// older clients that do not support structured hunks.
         unified_diff: String,
         move_path: Option<PathBuf>,
-        /// Optional structured representation of the diff hunks to avoid
-        /// requiring clients to parse unified diff syntax.
-        #[serde(skip_serializing_if = "Option::is_none")]
-        hunks: Option<Vec<DiffHunk>>,
     },
 }
 

codex-rs/core/src/seatbelt.rs

@@ -134,6 +134,11 @@ mod tests {
 
     #[test]
     fn create_seatbelt_args_with_read_only_git_subpath() {
+        if cfg!(target_os = "windows") {
+            // /tmp does not exist on Windows, so skip this test.
+            return;
+        }
+
         // Create a temporary workspace with two writable roots: one containing
         // a top-level .git directory and one without it.
         let tmp = TempDir::new().expect("tempdir");
@@ -144,19 +149,21 @@ mod tests {
             root_with_git_git_canon,
             root_without_git_canon,
         } = populate_tmpdir(tmp.path());
+        let cwd = tmp.path().join("cwd");
 
         // Build a policy that only includes the two test roots as writable and
-        // does not automatically include defaults like cwd or TMPDIR.
+        // does not automatically include defaults TMPDIR or /tmp.
         let policy = SandboxPolicy::WorkspaceWrite {
             writable_roots: vec![root_with_git.clone(), root_without_git.clone()],
             network_access: false,
-            include_default_writable_roots: false,
+            exclude_tmpdir_env_var: true,
+            exclude_slash_tmp: true,
         };
 
         let args = create_seatbelt_command_args(
             vec!["/bin/echo".to_string(), "hello".to_string()],
             &policy,
-            tmp.path(),
+            &cwd,
         );
 
         // Build the expected policy text using a raw string for readability.
@@ -169,12 +176,12 @@ mod tests {
 ; allow read-only file operations
 (allow file-read*)
 (allow file-write*
-(require-all (subpath (param "WRITABLE_ROOT_0")) (require-not (subpath (param "WRITABLE_ROOT_0_RO_0"))) ) (subpath (param "WRITABLE_ROOT_1"))
+(require-all (subpath (param "WRITABLE_ROOT_0")) (require-not (subpath (param "WRITABLE_ROOT_0_RO_0"))) ) (subpath (param "WRITABLE_ROOT_1")) (subpath (param "WRITABLE_ROOT_2"))
 )
 "#,
         );
 
-        let expected_args = vec![
+        let mut expected_args = vec![
             "-p".to_string(),
             expected_policy,
             format!(
@@ -189,16 +196,25 @@ mod tests {
                 "-DWRITABLE_ROOT_1={}",
                 root_without_git_canon.to_string_lossy()
             ),
+            format!("-DWRITABLE_ROOT_2={}", cwd.to_string_lossy()),
+        ];
+
+        expected_args.extend(vec![
             "--".to_string(),
             "/bin/echo".to_string(),
             "hello".to_string(),
-        ];
+        ]);
 
-        assert_eq!(args, expected_args);
+        assert_eq!(expected_args, args);
     }
 
     #[test]
     fn create_seatbelt_args_for_cwd_as_git_repo() {
+        if cfg!(target_os = "windows") {
+            // /tmp does not exist on Windows, so skip this test.
+            return;
+        }
+
         // Create a temporary workspace with two writable roots: one containing
         // a top-level .git directory and one without it.
         let tmp = TempDir::new().expect("tempdir");
@@ -215,7 +231,8 @@ mod tests {
         let policy = SandboxPolicy::WorkspaceWrite {
             writable_roots: vec![],
             network_access: false,
-            include_default_writable_roots: true,
+            exclude_tmpdir_env_var: false,
+            exclude_slash_tmp: false,
         };
 
         let args = create_seatbelt_command_args(
@@ -224,17 +241,14 @@ mod tests {
             root_with_git.as_path(),
         );
 
-        let tmpdir_env_var = if cfg!(target_os = "macos") {
-            std::env::var("TMPDIR")
-                .ok()
-                .map(PathBuf::from)
-                .and_then(|p| p.canonicalize().ok())
-                .map(|p| p.to_string_lossy().to_string())
-        } else {
-            None
-        };
+        let tmpdir_env_var = std::env::var("TMPDIR")
+            .ok()
+            .map(PathBuf::from)
+            .and_then(|p| p.canonicalize().ok())
+            .map(|p| p.to_string_lossy().to_string());
+
         let tempdir_policy_entry = if tmpdir_env_var.is_some() {
-            " (subpath (param \"WRITABLE_ROOT_1\"))"
+            r#" (subpath (param "WRITABLE_ROOT_2"))"#
         } else {
             ""
         };
@@ -249,7 +263,7 @@ mod tests {
 ; allow read-only file operations
 (allow file-read*)
 (allow file-write*
-(require-all (subpath (param "WRITABLE_ROOT_0")) (require-not (subpath (param "WRITABLE_ROOT_0_RO_0"))) ){tempdir_policy_entry}
+(require-all (subpath (param "WRITABLE_ROOT_0")) (require-not (subpath (param "WRITABLE_ROOT_0_RO_0"))) ) (subpath (param "WRITABLE_ROOT_1")){tempdir_policy_entry}
 )
 "#,
         );
@@ -265,10 +279,17 @@ mod tests {
                 "-DWRITABLE_ROOT_0_RO_0={}",
                 root_with_git_git_canon.to_string_lossy()
             ),
+            format!(
+                "-DWRITABLE_ROOT_1={}",
+                PathBuf::from("/tmp")
+                    .canonicalize()
+                    .expect("canonicalize /tmp")
+                    .to_string_lossy()
+            ),
         ];
 
         if let Some(p) = tmpdir_env_var {
-            expected_args.push(format!("-DWRITABLE_ROOT_1={p}"));
+            expected_args.push(format!("-DWRITABLE_ROOT_2={p}"));
         }
 
         expected_args.extend(vec![
@@ -277,7 +298,7 @@ mod tests {
             "hello".to_string(),
         ]);
 
-        assert_eq!(args, expected_args);
+        assert_eq!(expected_args, args);
     }
 
     struct PopulatedTmp {

codex-rs/core/src/turn_diff_tracker.rs

@@ -546,7 +546,6 @@ index {ZERO_OID}..{right_oid}
             FileChange::Update {
                 unified_diff: "".to_owned(),
                 move_path: None,
-                hunks: None,
             },
         )]);
         acc.on_patch_begin(&update_changes);
@@ -617,7 +616,6 @@ index {left_oid}..{ZERO_OID}
             FileChange::Update {
                 unified_diff: "".to_owned(),
                 move_path: Some(dest.clone()),
-                hunks: None,
             },
         )]);
         acc.on_patch_begin(&mv_changes);
@@ -658,7 +656,6 @@ index {left_oid}..{right_oid}
             FileChange::Update {
                 unified_diff: "".to_owned(),
                 move_path: Some(dest.clone()),
-                hunks: None,
             },
         )]);
         acc.on_patch_begin(&mv_changes);
@@ -681,7 +678,6 @@ index {left_oid}..{right_oid}
             FileChange::Update {
                 unified_diff: "".into(),
                 move_path: Some(dest.clone()),
-                hunks: None,
             },
         )]);
         acc.on_patch_begin(&mv);
@@ -722,7 +718,6 @@ index {ZERO_OID}..{right_oid}
             FileChange::Update {
                 unified_diff: "".to_owned(),
                 move_path: None,
-                hunks: None,
             },
         )]);
         acc.on_patch_begin(&update_a);
@@ -798,7 +793,6 @@ index {left_oid_b}..{ZERO_OID}
             FileChange::Update {
                 unified_diff: "".to_owned(),
                 move_path: None,
-                hunks: None,
             },
         )]);
         acc.on_patch_begin(&update_changes);
@@ -865,7 +859,6 @@ index {ZERO_OID}..{right_oid}
             FileChange::Update {
                 unified_diff: "".to_owned(),
                 move_path: None,
-                hunks: None,
             },
         )]);
         acc.on_patch_begin(&update_changes);

codex-rs/core/src/util.rs

@@ -1,3 +1,4 @@
+use std::path::Path;
 use std::sync::Arc;
 use std::time::Duration;
 
@@ -5,8 +6,6 @@ use rand::Rng;
 use tokio::sync::Notify;
 use tracing::debug;
 
-use crate::config::Config;
-
 const INITIAL_DELAY_MS: u64 = 200;
 const BACKOFF_FACTOR: f64 = 1.3;
 
@@ -47,8 +46,8 @@ pub(crate) fn backoff(attempt: u64) -> Duration {
 /// `git worktree add` where the checkout lives outside the main repository
 /// directory. If you need Codex to work from such a checkout simply pass the
 /// `--allow-no-git-exec` CLI flag that disables the repo requirement.
-pub fn is_inside_git_repo(config: &Config) -> bool {
-    let mut dir = config.cwd.to_path_buf();
+pub fn is_inside_git_repo(base_dir: &Path) -> bool {
+    let mut dir = base_dir.to_path_buf();
 
     loop {
         if dir.join(".git").exists() {

codex-rs/core/tests/client.rs

@@ -290,13 +290,10 @@ async fn chatgpt_auth_sends_correct_request() {
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider = model_provider;
     let ctrl_c = std::sync::Arc::new(tokio::sync::Notify::new());
-    let CodexSpawnOk { codex, .. } = Codex::spawn(
-        config,
-        Some(auth_from_token("Access Token".to_string())),
-        ctrl_c.clone(),
-    )
-    .await
-    .unwrap();
+    let CodexSpawnOk { codex, .. } =
+        Codex::spawn(config, Some(create_dummy_codex_auth()), ctrl_c.clone())
+            .await
+            .unwrap();
 
     codex
         .submit(Op::UserInput {
@@ -541,13 +538,10 @@ async fn env_var_overrides_loaded_auth() {
     config.model_provider = provider;
 
     let ctrl_c = std::sync::Arc::new(tokio::sync::Notify::new());
-    let CodexSpawnOk { codex, .. } = Codex::spawn(
-        config,
-        Some(auth_from_token("Default Access Token".to_string())),
-        ctrl_c.clone(),
-    )
-    .await
-    .unwrap();
+    let CodexSpawnOk { codex, .. } =
+        Codex::spawn(config, Some(create_dummy_codex_auth()), ctrl_c.clone())
+            .await
+            .unwrap();
 
     codex
         .submit(Op::UserInput {
@@ -561,7 +555,7 @@ async fn env_var_overrides_loaded_auth() {
     wait_for_event(&codex, |ev| matches!(ev, EventMsg::TaskComplete(_))).await;
 }
 
-fn auth_from_token(id_token: String) -> CodexAuth {
+fn create_dummy_codex_auth() -> CodexAuth {
     CodexAuth::new(
         None,
         AuthMode::ChatGPT,
@@ -569,7 +563,7 @@ fn auth_from_token(id_token: String) -> CodexAuth {
         Some(AuthDotJson {
             openai_api_key: None,
             tokens: Some(TokenData {
-                id_token,
+                id_token: Default::default(),
                 access_token: "Access Token".to_string(),
                 refresh_token: "test".to_string(),
                 account_id: Some("account_id".to_string()),

codex-rs/core/tests/sandbox.rs

@@ -76,7 +76,8 @@ async fn if_parent_of_repo_is_writable_then_dot_git_folder_is_writable() {
     let policy = SandboxPolicy::WorkspaceWrite {
         writable_roots: vec![test_scenario.repo_parent.clone()],
         network_access: false,
-        include_default_writable_roots: false,
+        exclude_tmpdir_env_var: true,
+        exclude_slash_tmp: true,
     };
 
     test_scenario
@@ -101,7 +102,8 @@ async fn if_git_repo_is_writable_root_then_dot_git_folder_is_read_only() {
     let policy = SandboxPolicy::WorkspaceWrite {
         writable_roots: vec![test_scenario.repo_root.clone()],
         network_access: false,
-        include_default_writable_roots: false,
+        exclude_tmpdir_env_var: true,
+        exclude_slash_tmp: true,
     };
 
     test_scenario

codex-rs/exec/src/cli.rs

@@ -34,6 +34,7 @@ pub struct Cli {
     /// EXTREMELY DANGEROUS. Intended solely for running in environments that are externally sandboxed.
     #[arg(
         long = "dangerously-bypass-approvals-and-sandbox",
+        alias = "yolo",
         default_value_t = false,
         conflicts_with = "full_auto"
     )]

codex-rs/exec/src/event_processor_with_human_output.rs

@@ -21,7 +21,6 @@ use codex_core::protocol::PatchApplyBeginEvent;
 use codex_core::protocol::PatchApplyEndEvent;
 use codex_core::protocol::SessionConfiguredEvent;
 use codex_core::protocol::TaskCompleteEvent;
-use codex_core::protocol::TokenUsage;
 use codex_core::protocol::TurnDiffEvent;
 use owo_colors::OwoColorize;
 use owo_colors::Style;
@@ -183,8 +182,8 @@ impl EventProcessor for EventProcessorWithHumanOutput {
                 }
                 return CodexStatus::InitiateShutdown;
             }
-            EventMsg::TokenCount(TokenUsage { total_tokens, .. }) => {
-                ts_println!(self, "tokens used: {total_tokens}");
+            EventMsg::TokenCount(token_usage) => {
+                ts_println!(self, "tokens used: {}", token_usage.blended_total());
             }
             EventMsg::AgentMessageDelta(AgentMessageDeltaEvent { delta }) => {
                 if !self.answer_started {
@@ -397,7 +396,6 @@ impl EventProcessor for EventProcessorWithHumanOutput {
                         FileChange::Update {
                             unified_diff,
                             move_path,
-                            ..
                         } => {
                             let header = if let Some(dest) = move_path {
                                 format!(

codex-rs/exec/src/lib.rs

@@ -180,7 +180,7 @@ pub async fn run_main(cli: Cli, codex_linux_sandbox_exe: Option<PathBuf>) -> any
     // is using.
     event_processor.print_config_summary(&config, &prompt);
 
-    if !skip_git_repo_check && !is_inside_git_repo(&config) {
+    if !skip_git_repo_check && !is_inside_git_repo(&config.cwd.to_path_buf()) {
         eprintln!("Not inside a Git repo and --skip-git-repo-check was not specified.");
         std::process::exit(1);
     }

codex-rs/linux-sandbox/tests/landlock.rs

@@ -51,7 +51,11 @@ async fn run_cmd(cmd: &[&str], writable_roots: &[PathBuf], timeout_ms: u64) {
     let sandbox_policy = SandboxPolicy::WorkspaceWrite {
         writable_roots: writable_roots.to_vec(),
         network_access: false,
-        include_default_writable_roots: true,
+        // Exclude tmp-related folders from writable roots because we need a
+        // folder that is writable by tests but that we intentionally disallow
+        // writing to in the sandbox.
+        exclude_tmpdir_env_var: true,
+        exclude_slash_tmp: true,
     };
     let sandbox_program = env!("CARGO_BIN_EXE_codex-linux-sandbox");
     let codex_linux_sandbox_exe = Some(PathBuf::from(sandbox_program));

codex-rs/login/Cargo.toml

@@ -7,10 +7,12 @@ version = { workspace = true }
 workspace = true
 
 [dependencies]
+base64 = "0.22"
 chrono = { version = "0.4", features = ["serde"] }
 reqwest = { version = "0.12", features = ["json"] }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
+thiserror = "2.0.12"
 tokio = { version = "1", features = [
     "io-std",
     "macros",
@@ -20,4 +22,5 @@ tokio = { version = "1", features = [
 ] }
 
 [dev-dependencies]
+pretty_assertions = "1.4.1"
 tempfile = "3"

codex-rs/login/src/lib.rs

@@ -6,6 +6,7 @@ use serde::Serialize;
 use std::env;
 use std::fs::File;
 use std::fs::OpenOptions;
+use std::fs::remove_file;
 use std::io::Read;
 use std::io::Write;
 #[cfg(unix)]
@@ -19,6 +20,11 @@ use std::sync::Mutex;
 use std::time::Duration;
 use tokio::process::Command;
 
+pub use crate::token_data::TokenData;
+use crate::token_data::parse_id_token;
+
+mod token_data;
+
 const SOURCE_FOR_PYTHON_SERVER: &str = include_str!("./login_with_chatgpt.py");
 
 const CLIENT_ID: &str = "app_EMoamEEZ73f0CkXaXp7hrann";
@@ -181,10 +187,21 @@ pub fn load_auth(codex_home: &Path, include_env_var: bool) -> std::io::Result<Op
     }))
 }
 
-fn get_auth_file(codex_home: &Path) -> PathBuf {
+pub fn get_auth_file(codex_home: &Path) -> PathBuf {
     codex_home.join("auth.json")
 }
 
+/// Delete the auth.json file inside `codex_home` if it exists. Returns `Ok(true)`
+/// if a file was removed, `Ok(false)` if no auth file was present.
+pub fn logout(codex_home: &Path) -> std::io::Result<bool> {
+    let auth_file = get_auth_file(codex_home);
+    match remove_file(&auth_file) {
+        Ok(_) => Ok(true),
+        Err(err) if err.kind() == std::io::ErrorKind::NotFound => Ok(false),
+        Err(err) => Err(err),
+    }
+}
+
 /// Represents a running login subprocess. The child can be killed by holding
 /// the mutex and calling `kill()`.
 #[derive(Debug, Clone)]
@@ -320,7 +337,7 @@ async fn update_tokens(
     let mut auth_dot_json = try_read_auth_json(auth_file)?;
 
     let tokens = auth_dot_json.tokens.get_or_insert_with(TokenData::default);
-    tokens.id_token = id_token.to_string();
+    tokens.id_token = parse_id_token(&id_token).map_err(std::io::Error::other)?;
     if let Some(access_token) = access_token {
         tokens.access_token = access_token.to_string();
     }
@@ -391,22 +408,12 @@ pub struct AuthDotJson {
     pub last_refresh: Option<DateTime<Utc>>,
 }
 
-#[derive(Deserialize, Serialize, Clone, Debug, PartialEq, Default)]
-pub struct TokenData {
-    /// This is a JWT.
-    pub id_token: String,
-
-    /// This is a JWT.
-    pub access_token: String,
-
-    pub refresh_token: String,
-
-    pub account_id: Option<String>,
-}
-
 #[cfg(test)]
 mod tests {
     use super::*;
+    use crate::token_data::IdTokenInfo;
+    use base64::Engine;
+    use pretty_assertions::assert_eq;
     use tempfile::tempdir;
 
     #[test]
@@ -434,10 +441,35 @@ mod tests {
     }
 
     #[tokio::test]
-    #[expect(clippy::unwrap_used)]
+    #[expect(clippy::expect_used, clippy::unwrap_used)]
     async fn loads_token_data_from_auth_json() {
         let dir = tempdir().unwrap();
         let auth_file = dir.path().join("auth.json");
+        // Create a minimal valid JWT for the id_token field.
+        #[derive(Serialize)]
+        struct Header {
+            alg: &'static str,
+            typ: &'static str,
+        }
+        let header = Header {
+            alg: "none",
+            typ: "JWT",
+        };
+        let payload = serde_json::json!({
+            "email": "user@example.com",
+            "email_verified": true,
+            "https://api.openai.com/auth": {
+                "chatgpt_account_id": "bc3618e3-489d-4d49-9362-1561dc53ba53",
+                "chatgpt_plan_type": "pro",
+                "chatgpt_user_id": "user-12345",
+                "user_id": "user-12345",
+            }
+        });
+        let b64 = |b: &[u8]| base64::engine::general_purpose::URL_SAFE_NO_PAD.encode(b);
+        let header_b64 = b64(&serde_json::to_vec(&header).unwrap());
+        let payload_b64 = b64(&serde_json::to_vec(&payload).unwrap());
+        let signature_b64 = b64(b"sig");
+        let fake_jwt = format!("{header_b64}.{payload_b64}.{signature_b64}");
         std::fs::write(
             auth_file,
             format!(
@@ -445,30 +477,68 @@ mod tests {
         {{
             "OPENAI_API_KEY": null,
             "tokens": {{
-                "id_token": "test-id-token",
+                "id_token": "{fake_jwt}",
                 "access_token": "test-access-token",
                 "refresh_token": "test-refresh-token"
             }},
-            "last_refresh": "{}"
+            "last_refresh": "2025-08-06T20:41:36.232376Z"
         }}
         "#,
-                Utc::now().to_rfc3339()
             ),
         )
         .unwrap();
 
-        let auth = load_auth(dir.path(), false).unwrap().unwrap();
-        assert_eq!(auth.mode, AuthMode::ChatGPT);
-        assert_eq!(auth.api_key, None);
+        let CodexAuth {
+            api_key,
+            mode,
+            auth_dot_json,
+            auth_file,
+        } = load_auth(dir.path(), false).unwrap().unwrap();
+        assert_eq!(None, api_key);
+        assert_eq!(AuthMode::ChatGPT, mode);
+        assert_eq!(dir.path().join("auth.json"), auth_file);
+
+        let guard = auth_dot_json.lock().unwrap();
+        let auth_dot_json = guard.as_ref().expect("AuthDotJson should exist");
+
         assert_eq!(
-            auth.get_token_data().await.unwrap(),
-            TokenData {
-                id_token: "test-id-token".to_string(),
-                access_token: "test-access-token".to_string(),
-                refresh_token: "test-refresh-token".to_string(),
-                account_id: None,
-            }
-        );
+            &AuthDotJson {
+                openai_api_key: None,
+                tokens: Some(TokenData {
+                    id_token: IdTokenInfo {
+                        email: Some("user@example.com".to_string()),
+                        chatgpt_plan_type: Some("pro".to_string()),
+                    },
+                    access_token: "test-access-token".to_string(),
+                    refresh_token: "test-refresh-token".to_string(),
+                    account_id: None,
+                }),
+                last_refresh: Some(
+                    DateTime::parse_from_rfc3339("2025-08-06T20:41:36.232376Z")
+                        .unwrap()
+                        .with_timezone(&Utc)
+                ),
+            },
+            auth_dot_json
+        )
+    }
+
+    #[test]
+    #[expect(clippy::expect_used, clippy::unwrap_used)]
+    fn id_token_info_handles_missing_fields() {
+        // Payload without email or plan should yield None values.
+        let header = serde_json::json!({"alg": "none", "typ": "JWT"});
+        let payload = serde_json::json!({"sub": "123"});
+        let header_b64 = base64::engine::general_purpose::URL_SAFE_NO_PAD
+            .encode(serde_json::to_vec(&header).unwrap());
+        let payload_b64 = base64::engine::general_purpose::URL_SAFE_NO_PAD
+            .encode(serde_json::to_vec(&payload).unwrap());
+        let signature_b64 = base64::engine::general_purpose::URL_SAFE_NO_PAD.encode(b"sig");
+        let jwt = format!("{header_b64}.{payload_b64}.{signature_b64}");
+
+        let info = parse_id_token(&jwt).expect("should parse");
+        assert!(info.email.is_none());
+        assert!(info.chatgpt_plan_type.is_none());
     }
 
     #[tokio::test]
@@ -494,4 +564,15 @@ mod tests {
 
         assert!(auth.get_token_data().await.is_err());
     }
+
+    #[test]
+    fn logout_removes_auth_file() -> Result<(), std::io::Error> {
+        let dir = tempdir()?;
+        login_with_api_key(dir.path(), "sk-test-key")?;
+        assert!(dir.path().join("auth.json").exists());
+        let removed = logout(dir.path())?;
+        assert!(removed);
+        assert!(!dir.path().join("auth.json").exists());
+        Ok(())
+    }
 }

codex-rs/login/src/token_data.rs

@@ -0,0 +1,117 @@
+use base64::Engine;
+use serde::Deserialize;
+use serde::Serialize;
+use thiserror::Error;
+
+#[derive(Deserialize, Serialize, Clone, Debug, PartialEq, Default)]
+pub struct TokenData {
+    /// Flat info parsed from the JWT in auth.json.
+    #[serde(deserialize_with = "deserialize_id_token")]
+    pub id_token: IdTokenInfo,
+
+    /// This is a JWT.
+    pub access_token: String,
+
+    pub refresh_token: String,
+
+    pub account_id: Option<String>,
+}
+
+/// Flat subset of useful claims in id_token from auth.json.
+#[derive(Debug, Clone, PartialEq, Eq, Default, Serialize)]
+pub struct IdTokenInfo {
+    pub email: Option<String>,
+    /// The ChatGPT subscription plan type
+    /// (e.g., "free", "plus", "pro", "business", "enterprise", "edu").
+    /// (Note: ae has not verified that those are the exact values.)
+    pub chatgpt_plan_type: Option<String>,
+}
+
+#[derive(Deserialize)]
+struct IdClaims {
+    #[serde(default)]
+    email: Option<String>,
+    #[serde(rename = "https://api.openai.com/auth", default)]
+    auth: Option<AuthClaims>,
+}
+
+#[derive(Deserialize)]
+struct AuthClaims {
+    #[serde(default)]
+    chatgpt_plan_type: Option<String>,
+}
+
+#[derive(Debug, Error)]
+pub enum IdTokenInfoError {
+    #[error("invalid ID token format")]
+    InvalidFormat,
+    #[error(transparent)]
+    Base64(#[from] base64::DecodeError),
+    #[error(transparent)]
+    Json(#[from] serde_json::Error),
+}
+
+pub(crate) fn parse_id_token(id_token: &str) -> Result<IdTokenInfo, IdTokenInfoError> {
+    // JWT format: header.payload.signature
+    let mut parts = id_token.split('.');
+    let (_header_b64, payload_b64, _sig_b64) = match (parts.next(), parts.next(), parts.next()) {
+        (Some(h), Some(p), Some(s)) if !h.is_empty() && !p.is_empty() && !s.is_empty() => (h, p, s),
+        _ => return Err(IdTokenInfoError::InvalidFormat),
+    };
+
+    let payload_bytes = base64::engine::general_purpose::URL_SAFE_NO_PAD.decode(payload_b64)?;
+    let claims: IdClaims = serde_json::from_slice(&payload_bytes)?;
+
+    Ok(IdTokenInfo {
+        email: claims.email,
+        chatgpt_plan_type: claims.auth.and_then(|a| a.chatgpt_plan_type),
+    })
+}
+
+fn deserialize_id_token<'de, D>(deserializer: D) -> Result<IdTokenInfo, D::Error>
+where
+    D: serde::Deserializer<'de>,
+{
+    let s = String::deserialize(deserializer)?;
+    parse_id_token(&s).map_err(serde::de::Error::custom)
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use serde::Serialize;
+
+    #[test]
+    #[expect(clippy::expect_used, clippy::unwrap_used)]
+    fn id_token_info_parses_email_and_plan() {
+        // Build a fake JWT with a URL-safe base64 payload containing email and plan.
+        #[derive(Serialize)]
+        struct Header {
+            alg: &'static str,
+            typ: &'static str,
+        }
+        let header = Header {
+            alg: "none",
+            typ: "JWT",
+        };
+        let payload = serde_json::json!({
+            "email": "user@example.com",
+            "https://api.openai.com/auth": {
+                "chatgpt_plan_type": "pro"
+            }
+        });
+
+        fn b64url_no_pad(bytes: &[u8]) -> String {
+            base64::engine::general_purpose::URL_SAFE_NO_PAD.encode(bytes)
+        }
+
+        let header_b64 = b64url_no_pad(&serde_json::to_vec(&header).unwrap());
+        let payload_b64 = b64url_no_pad(&serde_json::to_vec(&payload).unwrap());
+        let signature_b64 = b64url_no_pad(b"sig");
+        let fake_jwt = format!("{header_b64}.{payload_b64}.{signature_b64}");
+
+        let info = parse_id_token(&fake_jwt).expect("should parse");
+        assert_eq!(info.email.as_deref(), Some("user@example.com"));
+        assert_eq!(info.chatgpt_plan_type.as_deref(), Some("pro"));
+    }
+}

codex-rs/mcp-server/tests/codex_tool.rs

@@ -236,7 +236,6 @@ async fn patch_approval_triggers_elicitation() -> anyhow::Result<()> {
         FileChange::Update {
             unified_diff: "@@ -1 +1 @@\n-original content\n+modified content\n".to_string(),
             move_path: None,
-            hunks: None,
         },
     );
 

codex-rs/tui/Cargo.toml

@@ -36,6 +36,7 @@ codex-login = { path = "../login" }
 codex-ollama = { path = "../ollama" }
 color-eyre = "0.6.3"
 crossterm = { version = "0.28.1", features = ["bracketed-paste"] }
+diffy = "0.4.2"
 image = { version = "^0.25.6", default-features = false, features = ["jpeg"] }
 lazy_static = "1"
 mcp-types = { path = "../mcp-types" }
@@ -72,10 +73,9 @@ unicode-width = "0.1"
 uuid = "1"
 
 
-
 [dev-dependencies]
+chrono = { version = "0.4", features = ["serde"] }
 insta = "1.43.1"
 pretty_assertions = "1"
 rand = "0.8"
-chrono = { version = "0.4", features = ["serde"] }
 vt100 = "0.16.2"

codex-rs/tui/src/app.rs

@@ -3,11 +3,9 @@ use crate::app_event_sender::AppEventSender;
 use crate::chatwidget::ChatWidget;
 use crate::file_search::FileSearchManager;
 use crate::get_git_diff::get_git_diff;
-use crate::git_warning_screen::GitWarningOutcome;
-use crate::git_warning_screen::GitWarningScreen;
-use crate::onboarding::onboarding_screen::KeyEventResult;
 use crate::onboarding::onboarding_screen::KeyboardHandler;
 use crate::onboarding::onboarding_screen::OnboardingScreen;
+use crate::onboarding::onboarding_screen::OnboardingScreenArgs;
 use crate::should_show_login_screen;
 use crate::slash_command::SlashCommand;
 use crate::tui;
@@ -15,6 +13,7 @@ use codex_core::config::Config;
 use codex_core::protocol::Event;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::Op;
+use codex_core::util::is_inside_git_repo;
 use color_eyre::eyre::Result;
 use crossterm::SynchronizedUpdate;
 use crossterm::event::KeyCode;
@@ -48,10 +47,6 @@ enum AppState<'a> {
         /// `AppState`.
         widget: Box<ChatWidget<'a>>,
     },
-    /// The start-up warning that recommends running codex inside a Git repo.
-    GitWarning {
-        screen: GitWarningScreen,
-    },
 }
 
 pub(crate) struct App<'a> {
@@ -69,17 +64,13 @@ pub(crate) struct App<'a> {
 
     pending_history_lines: Vec<Line<'static>>,
 
-    /// Stored parameters needed to instantiate the ChatWidget later, e.g.,
-    /// after dismissing the Git-repo warning.
-    chat_args: Option<ChatWidgetArgs>,
-
     enhanced_keys_supported: bool,
 }
 
 /// Aggregate parameters needed to create a `ChatWidget`, as creation may be
 /// deferred until after the Git warning screen is dismissed.
-#[derive(Clone)]
-struct ChatWidgetArgs {
+#[derive(Clone, Debug)]
+pub(crate) struct ChatWidgetArgs {
     config: Config,
     initial_prompt: Option<String>,
     initial_images: Vec<PathBuf>,
@@ -90,7 +81,7 @@ impl App<'_> {
     pub(crate) fn new(
         config: Config,
         initial_prompt: Option<String>,
-        show_git_warning: bool,
+        skip_git_repo_check: bool,
         initial_images: Vec<std::path::PathBuf>,
     ) -> Self {
         let (app_event_tx, app_event_rx) = channel();
@@ -143,30 +134,25 @@ impl App<'_> {
         }
 
         let show_login_screen = should_show_login_screen(&config);
-        let (app_state, chat_args) = if show_login_screen {
-            (
-                AppState::Onboarding {
-                    screen: OnboardingScreen::new(app_event_tx.clone(), config.codex_home.clone()),
-                },
-                Some(ChatWidgetArgs {
-                    config: config.clone(),
-                    initial_prompt,
-                    initial_images,
-                    enhanced_keys_supported,
+        let show_git_warning =
+            !skip_git_repo_check && !is_inside_git_repo(&config.cwd.to_path_buf());
+        let app_state = if show_login_screen || show_git_warning {
+            let chat_widget_args = ChatWidgetArgs {
+                config: config.clone(),
+                initial_prompt,
+                initial_images,
+                enhanced_keys_supported,
+            };
+            AppState::Onboarding {
+                screen: OnboardingScreen::new(OnboardingScreenArgs {
+                    event_tx: app_event_tx.clone(),
+                    codex_home: config.codex_home.clone(),
+                    cwd: config.cwd.clone(),
+                    show_login_screen,
+                    show_git_warning,
+                    chat_widget_args,
                 }),
-            )
-        } else if show_git_warning {
-            (
-                AppState::GitWarning {
-                    screen: GitWarningScreen::new(),
-                },
-                Some(ChatWidgetArgs {
-                    config: config.clone(),
-                    initial_prompt,
-                    initial_images,
-                    enhanced_keys_supported,
-                }),
-            )
+            }
         } else {
             let chat_widget = ChatWidget::new(
                 config.clone(),
@@ -175,12 +161,9 @@ impl App<'_> {
                 initial_images,
                 enhanced_keys_supported,
             );
-            (
-                AppState::Chat {
-                    widget: Box::new(chat_widget),
-                },
-                None,
-            )
+            AppState::Chat {
+                widget: Box::new(chat_widget),
+            }
         };
 
         let file_search = FileSearchManager::new(config.cwd.clone(), app_event_tx.clone());
@@ -192,7 +175,6 @@ impl App<'_> {
             config,
             file_search,
             pending_redraw,
-            chat_args,
             enhanced_keys_supported,
         }
     }
@@ -249,20 +231,14 @@ impl App<'_> {
                             modifiers: crossterm::event::KeyModifiers::CONTROL,
                             kind: KeyEventKind::Press,
                             ..
-                        } => {
-                            match &mut self.app_state {
-                                AppState::Chat { widget } => {
-                                    widget.on_ctrl_c();
-                                }
-                                AppState::Onboarding { .. } => {
-                                    self.app_event_tx.send(AppEvent::ExitRequest);
-                                }
-                                AppState::GitWarning { .. } => {
-                                    // Allow exiting the app with Ctrl+C from the warning screen.
-                                    self.app_event_tx.send(AppEvent::ExitRequest);
-                                }
+                        } => match &mut self.app_state {
+                            AppState::Chat { widget } => {
+                                widget.on_ctrl_c();
                             }
-                        }
+                            AppState::Onboarding { .. } => {
+                                self.app_event_tx.send(AppEvent::ExitRequest);
+                            }
+                        },
                         KeyEvent {
                             code: KeyCode::Char('z'),
                             modifiers: crossterm::event::KeyModifiers::CONTROL,
@@ -293,9 +269,6 @@ impl App<'_> {
                                 AppState::Onboarding { .. } => {
                                     self.app_event_tx.send(AppEvent::ExitRequest);
                                 }
-                                AppState::GitWarning { .. } => {
-                                    self.app_event_tx.send(AppEvent::ExitRequest);
-                                }
                             }
                         }
                         KeyEvent {
@@ -321,15 +294,14 @@ impl App<'_> {
                 AppEvent::CodexOp(op) => match &mut self.app_state {
                     AppState::Chat { widget } => widget.submit_op(op),
                     AppState::Onboarding { .. } => {}
-                    AppState::GitWarning { .. } => {}
                 },
                 AppEvent::LatestLog(line) => match &mut self.app_state {
                     AppState::Chat { widget } => widget.update_latest_log(line),
                     AppState::Onboarding { .. } => {}
-                    AppState::GitWarning { .. } => {}
                 },
                 AppEvent::DispatchCommand(command) => match command {
                     SlashCommand::New => {
+                        // User accepted – switch to chat view.
                         let new_widget = Box::new(ChatWidget::new(
                             self.config.clone(),
                             self.app_event_tx.clone(),
@@ -356,6 +328,12 @@ impl App<'_> {
                     SlashCommand::Quit => {
                         break;
                     }
+                    SlashCommand::Logout => {
+                        if let Err(e) = codex_login::logout(&self.config.codex_home) {
+                            tracing::error!("failed to logout: {e}");
+                        }
+                        break;
+                    }
                     SlashCommand::Diff => {
                         let (is_git_repo, diff_text) = match get_git_diff() {
                             Ok(v) => v,
@@ -382,6 +360,11 @@ impl App<'_> {
                             widget.add_status_output();
                         }
                     }
+                    SlashCommand::Prompts => {
+                        if let AppState::Chat { widget } = &mut self.app_state {
+                            widget.add_prompts_output();
+                        }
+                    }
                     #[cfg(debug_assertions)]
                     SlashCommand::TestApproval => {
                         use std::collections::HashMap;
@@ -412,7 +395,6 @@ impl App<'_> {
                                             FileChange::Update {
                                                 unified_diff: "+test\n-test2".to_string(),
                                                 move_path: None,
-                                                hunks: None,
                                             },
                                         ),
                                     ]),
@@ -425,12 +407,29 @@ impl App<'_> {
                 },
                 AppEvent::OnboardingAuthComplete(result) => {
                     if let AppState::Onboarding { screen } = &mut self.app_state {
-                        // Let the onboarding screen handle success/failure and emit follow-up events.
-                        let _ = screen.on_auth_complete(result);
+                        screen.on_auth_complete(result);
+                    }
+                }
+                AppEvent::OnboardingComplete(ChatWidgetArgs {
+                    config,
+                    enhanced_keys_supported,
+                    initial_images,
+                    initial_prompt,
+                }) => {
+                    self.app_state = AppState::Chat {
+                        widget: Box::new(ChatWidget::new(
+                            config,
+                            app_event_tx.clone(),
+                            initial_prompt,
+                            initial_images,
+                            enhanced_keys_supported,
+                        )),
                     }
                 }
                 AppEvent::StartFileSearch(query) => {
-                    self.file_search.on_user_query(query);
+                    if !query.is_empty() {
+                        self.file_search.on_user_query(query);
+                    }
                 }
                 AppEvent::FileSearchResult { query, matches } => {
                     if let AppState::Chat { widget } = &mut self.app_state {
@@ -448,7 +447,6 @@ impl App<'_> {
         match &self.app_state {
             AppState::Chat { widget } => widget.token_usage().clone(),
             AppState::Onboarding { .. } => codex_core::protocol::TokenUsage::default(),
-            AppState::GitWarning { .. } => codex_core::protocol::TokenUsage::default(),
         }
     }
 
@@ -477,7 +475,6 @@ impl App<'_> {
         let desired_height = match &self.app_state {
             AppState::Chat { widget } => widget.desired_height(size.width),
             AppState::Onboarding { .. } => size.height,
-            AppState::GitWarning { .. } => size.height,
         };
 
         let mut area = terminal.viewport_area;
@@ -508,7 +505,6 @@ impl App<'_> {
                 frame.render_widget_ref(&**widget, frame.area())
             }
             AppState::Onboarding { screen } => frame.render_widget_ref(&*screen, frame.area()),
-            AppState::GitWarning { screen } => frame.render_widget_ref(&*screen, frame.area()),
         })?;
         Ok(())
     }
@@ -520,49 +516,11 @@ impl App<'_> {
             AppState::Chat { widget } => {
                 widget.handle_key_event(key_event);
             }
-            AppState::Onboarding { screen } => match screen.handle_key_event(key_event) {
-                KeyEventResult::Continue => {
-                    self.app_state = AppState::Chat {
-                        widget: Box::new(ChatWidget::new(
-                            self.config.clone(),
-                            self.app_event_tx.clone(),
-                            None,
-                            Vec::new(),
-                            self.enhanced_keys_supported,
-                        )),
-                    };
-                }
-                KeyEventResult::Quit => {
+            AppState::Onboarding { screen } => match key_event.code {
+                KeyCode::Char('q') => {
                     self.app_event_tx.send(AppEvent::ExitRequest);
                 }
-                KeyEventResult::None => {
-                    // do nothing
-                }
-            },
-            AppState::GitWarning { screen } => match screen.handle_key_event(key_event) {
-                GitWarningOutcome::Continue => {
-                    // User accepted – switch to chat view.
-                    let args = match self.chat_args.take() {
-                        Some(args) => args,
-                        None => panic!("ChatWidgetArgs already consumed"),
-                    };
-
-                    let widget = Box::new(ChatWidget::new(
-                        args.config,
-                        self.app_event_tx.clone(),
-                        args.initial_prompt,
-                        args.initial_images,
-                        args.enhanced_keys_supported,
-                    ));
-                    self.app_state = AppState::Chat { widget };
-                    self.app_event_tx.send(AppEvent::RequestRedraw);
-                }
-                GitWarningOutcome::Quit => {
-                    self.app_event_tx.send(AppEvent::ExitRequest);
-                }
-                GitWarningOutcome::None => {
-                    // do nothing
-                }
+                _ => screen.handle_key_event(key_event),
             },
         }
     }
@@ -571,7 +529,6 @@ impl App<'_> {
         match &mut self.app_state {
             AppState::Chat { widget } => widget.handle_paste(pasted),
             AppState::Onboarding { .. } => {}
-            AppState::GitWarning { .. } => {}
         }
     }
 
@@ -579,7 +536,6 @@ impl App<'_> {
         match &mut self.app_state {
             AppState::Chat { widget } => widget.handle_codex_event(event),
             AppState::Onboarding { .. } => {}
-            AppState::GitWarning { .. } => {}
         }
     }
 }

codex-rs/tui/src/app_event.rs

@@ -3,6 +3,7 @@ use codex_file_search::FileMatch;
 use crossterm::event::KeyEvent;
 use ratatui::text::Line;
 
+use crate::app::ChatWidgetArgs;
 use crate::slash_command::SlashCommand;
 
 #[allow(clippy::large_enum_variant)]
@@ -51,4 +52,5 @@ pub(crate) enum AppEvent {
 
     /// Onboarding: result of login_with_chatgpt.
     OnboardingAuthComplete(Result<(), String>),
+    OnboardingComplete(ChatWidgetArgs),
 }

codex-rs/tui/src/app_event_sender.rs

@@ -4,7 +4,7 @@ use crate::app_event::AppEvent;
 
 #[derive(Clone, Debug)]
 pub(crate) struct AppEventSender {
-    app_event_tx: Sender<AppEvent>,
+    pub app_event_tx: Sender<AppEvent>,
 }
 
 impl AppEventSender {

codex-rs/tui/src/bottom_pane/chat_composer.rs

@@ -8,6 +8,7 @@ use ratatui::layout::Layout;
 use ratatui::layout::Margin;
 use ratatui::layout::Rect;
 use ratatui::style::Color;
+use ratatui::style::Modifier;
 use ratatui::style::Style;
 use ratatui::style::Styled;
 use ratatui::style::Stylize;
@@ -30,10 +31,12 @@ use crate::bottom_pane::textarea::TextAreaState;
 use codex_file_search::FileMatch;
 use std::cell::RefCell;
 
-const BASE_PLACEHOLDER_TEXT: &str = "...";
+const BASE_PLACEHOLDER_TEXT: &str = "Ask Codex to do anything";
 /// If the pasted content exceeds this number of characters, replace it with a
 /// placeholder in the UI.
 const LARGE_PASTE_CHAR_THRESHOLD: usize = 1000;
+/// Background color used for the chat composer area.
+const COMPOSER_BG_COLOR: Color = Color::Black;
 
 /// Result returned when the user interacts with the text area.
 pub enum InputResult {
@@ -42,7 +45,8 @@ pub enum InputResult {
 }
 
 struct TokenUsageInfo {
-    token_usage: TokenUsage,
+    total_token_usage: TokenUsage,
+    last_token_usage: TokenUsage,
     model_context_window: Option<u64>,
 }
 
@@ -126,11 +130,13 @@ impl ChatComposer {
     /// context when the composer is empty.
     pub(crate) fn set_token_usage(
         &mut self,
-        token_usage: TokenUsage,
+        total_token_usage: TokenUsage,
+        last_token_usage: TokenUsage,
         model_context_window: Option<u64>,
     ) {
         self.token_usage_info = Some(TokenUsageInfo {
-            token_usage,
+            total_token_usage,
+            last_token_usage,
             model_context_window,
         });
     }
@@ -331,8 +337,9 @@ impl ChatComposer {
     /// - The cursor may be anywhere *inside* the token (including on the
     ///   leading `@`). It does **not** need to be at the end of the line.
     /// - A token is delimited by ASCII whitespace (space, tab, newline).
-    /// - If the token under the cursor starts with `@` and contains at least
-    ///   one additional character, that token (without `@`) is returned.
+    /// - If the token under the cursor starts with `@`, that token is
+    ///   returned without the leading `@`. This includes the case where the
+    ///   token is just "@" (empty query), which is used to trigger a UI hint
     fn current_at_token(textarea: &TextArea) -> Option<String> {
         let cursor_offset = textarea.cursor();
         let text = textarea.text();
@@ -403,14 +410,20 @@ impl ChatComposer {
         };
 
         let left_at = token_left
-            .filter(|t| t.starts_with('@') && t.len() > 1)
+            .filter(|t| t.starts_with('@'))
             .map(|t| t[1..].to_string());
         let right_at = token_right
-            .filter(|t| t.starts_with('@') && t.len() > 1)
+            .filter(|t| t.starts_with('@'))
             .map(|t| t[1..].to_string());
 
         if at_whitespace {
-            return right_at.or(left_at);
+            if right_at.is_some() {
+                return right_at;
+            }
+            if token_left.is_some_and(|t| t == "@") {
+                return None;
+            }
+            return left_at;
         }
         if after_cursor.starts_with('@') {
             return right_at.or(left_at);
@@ -453,6 +466,8 @@ impl ChatComposer {
         new_text.push_str(&text[end_idx..]);
 
         self.textarea.set_text(&new_text);
+        let new_cursor = start_idx.saturating_add(path.len()).saturating_add(1);
+        self.textarea.set_cursor(new_cursor);
     }
 
     /// Handle key event when no popup is visible.
@@ -605,16 +620,26 @@ impl ChatComposer {
             return;
         }
 
-        self.app_event_tx
-            .send(AppEvent::StartFileSearch(query.clone()));
+        if !query.is_empty() {
+            self.app_event_tx
+                .send(AppEvent::StartFileSearch(query.clone()));
+        }
 
         match &mut self.active_popup {
             ActivePopup::File(popup) => {
-                popup.set_query(&query);
+                if query.is_empty() {
+                    popup.set_empty_prompt();
+                } else {
+                    popup.set_query(&query);
+                }
             }
             _ => {
                 let mut popup = FileSearchPopup::new();
-                popup.set_query(&query);
+                if query.is_empty() {
+                    popup.set_empty_prompt();
+                } else {
+                    popup.set_query(&query);
+                }
                 self.active_popup = ActivePopup::File(popup);
             }
         }
@@ -647,7 +672,7 @@ impl WidgetRef for &ChatComposer {
             ActivePopup::None => {
                 let bottom_line_rect = popup_rect;
                 let key_hint_style = Style::default().fg(Color::Cyan);
-                let hint = if self.ctrl_c_quit_hint {
+                let mut hint = if self.ctrl_c_quit_hint {
                     vec![
                         Span::from(" "),
                         "Ctrl+C again".set_style(key_hint_style),
@@ -669,6 +694,33 @@ impl WidgetRef for &ChatComposer {
                         Span::from(" quit"),
                     ]
                 };
+
+                // Append token/context usage info to the footer hints when available.
+                if let Some(token_usage_info) = &self.token_usage_info {
+                    let token_usage = &token_usage_info.total_token_usage;
+                    hint.push(Span::from("   "));
+                    hint.push(
+                        Span::from(format!("{} tokens used", token_usage.total_tokens))
+                            .style(Style::default().add_modifier(Modifier::DIM)),
+                    );
+                    let last_token_usage = &token_usage_info.last_token_usage;
+                    if let Some(context_window) = token_usage_info.model_context_window {
+                        let percent_remaining: u8 = if context_window > 0 {
+                            let percent = 100.0
+                                - (last_token_usage.total_tokens as f32 / context_window as f32
+                                    * 100.0);
+                            percent.clamp(0.0, 100.0) as u8
+                        } else {
+                            100
+                        };
+                        hint.push(Span::from("   "));
+                        hint.push(
+                            Span::from(format!("{percent_remaining}% context left"))
+                                .style(Style::default().add_modifier(Modifier::DIM)),
+                        );
+                    }
+                }
+
                 Line::from(hint)
                     .style(Style::default().dim())
                     .render_ref(bottom_line_rect, buf);
@@ -690,37 +742,14 @@ impl WidgetRef for &ChatComposer {
         let mut textarea_rect = textarea_rect;
         textarea_rect.width = textarea_rect.width.saturating_sub(1);
         textarea_rect.x += 1;
+
+        // Fill only the textarea content region with a subtle background so it
+        // doesn't affect the hint line or popups and remains behind the text.
+        buf.set_style(textarea_rect, Style::default().bg(COMPOSER_BG_COLOR));
         let mut state = self.textarea_state.borrow_mut();
         StatefulWidgetRef::render_ref(&(&self.textarea), textarea_rect, buf, &mut state);
         if self.textarea.text().is_empty() {
-            let placeholder = if let Some(token_usage_info) = &self.token_usage_info {
-                let token_usage = &token_usage_info.token_usage;
-                let model_context_window = token_usage_info.model_context_window;
-                match (token_usage.total_tokens, model_context_window) {
-                    (total_tokens, Some(context_window)) => {
-                        let percent_remaining: u8 = if context_window > 0 {
-                            // Calculate the percentage of context left.
-                            let percent =
-                                100.0 - (total_tokens as f32 / context_window as f32 * 100.0);
-                            percent.clamp(0.0, 100.0) as u8
-                        } else {
-                            // If we don't have a context window, we cannot compute the
-                            // percentage.
-                            100
-                        };
-                        // When https://github.com/openai/codex/issues/1257 is resolved,
-                        // check if `percent_remaining < 25`, and if so, recommend
-                        // /compact.
-                        format!("{BASE_PLACEHOLDER_TEXT} — {percent_remaining}% context left")
-                    }
-                    (total_tokens, None) => {
-                        format!("{BASE_PLACEHOLDER_TEXT} — {total_tokens} tokens used")
-                    }
-                }
-            } else {
-                BASE_PLACEHOLDER_TEXT.to_string()
-            };
-            Line::from(placeholder)
+            Line::from(BASE_PLACEHOLDER_TEXT)
                 .style(Style::default().dim())
                 .render_ref(textarea_rect.inner(Margin::new(1, 0)), buf);
         }
@@ -771,7 +800,12 @@ mod tests {
             ("@👍", 2, Some("👍".to_string()), "Emoji token"),
             // Invalid cases (should return None)
             ("hello", 2, None, "No @ symbol"),
-            ("@", 1, None, "Only @ symbol"),
+            (
+                "@",
+                1,
+                Some("".to_string()),
+                "Only @ symbol triggers empty query",
+            ),
             ("@ hello", 2, None, "@ followed by space"),
             ("test @ world", 6, None, "@ with spaces around"),
         ];
@@ -805,7 +839,7 @@ mod tests {
                 "Second token",
             ),
             // Edge cases
-            ("@", 0, None, "Only @ symbol"),
+            ("@", 0, Some("".to_string()), "Only @ symbol"),
             ("@a", 2, Some("a".to_string()), "Single character after @"),
             ("", 0, None, "Empty input"),
         ];

codex-rs/tui/src/bottom_pane/command_popup.rs

@@ -1,30 +1,19 @@
 use ratatui::buffer::Buffer;
 use ratatui::layout::Rect;
-use ratatui::style::Color;
-use ratatui::style::Style;
-use ratatui::style::Stylize;
-use ratatui::symbols::border::QUADRANT_LEFT_HALF;
-use ratatui::text::Line;
-use ratatui::text::Span;
-use ratatui::widgets::Cell;
-use ratatui::widgets::Row;
-use ratatui::widgets::Table;
-use ratatui::widgets::Widget;
 use ratatui::widgets::WidgetRef;
 
+use super::popup_consts::MAX_POPUP_ROWS;
+use super::scroll_state::ScrollState;
+use super::selection_popup_common::GenericDisplayRow;
+use super::selection_popup_common::render_rows;
 use crate::slash_command::SlashCommand;
 use crate::slash_command::built_in_slash_commands;
-
-const MAX_POPUP_ROWS: usize = 5;
-/// Ideally this is enough to show the longest command name.
-const FIRST_COLUMN_WIDTH: u16 = 20;
-
-use ratatui::style::Modifier;
+use codex_common::fuzzy_match::fuzzy_match;
 
 pub(crate) struct CommandPopup {
     command_filter: String,
     all_commands: Vec<(&'static str, SlashCommand)>,
-    selected_idx: Option<usize>,
+    state: ScrollState,
 }
 
 impl CommandPopup {
@@ -32,7 +21,7 @@ impl CommandPopup {
         Self {
             command_filter: String::new(),
             all_commands: built_in_slash_commands(),
-            selected_idx: None,
+            state: ScrollState::new(),
         }
     }
 
@@ -62,130 +51,84 @@ impl CommandPopup {
 
         // Reset or clamp selected index based on new filtered list.
         let matches_len = self.filtered_commands().len();
-        self.selected_idx = match matches_len {
-            0 => None,
-            _ => Some(self.selected_idx.unwrap_or(0).min(matches_len - 1)),
-        };
+        self.state.clamp_selection(matches_len);
+        self.state
+            .ensure_visible(matches_len, MAX_POPUP_ROWS.min(matches_len));
     }
 
     /// Determine the preferred height of the popup. This is the number of
-    /// rows required to show **at most** `MAX_POPUP_ROWS` commands plus the
-    /// table/border overhead (one line at the top and one at the bottom).
+    /// rows required to show at most MAX_POPUP_ROWS commands.
     pub(crate) fn calculate_required_height(&self) -> u16 {
         self.filtered_commands().len().clamp(1, MAX_POPUP_ROWS) as u16
     }
 
-    /// Return the list of commands that match the current filter. Matching is
-    /// performed using a *prefix* comparison on the command name.
-    fn filtered_commands(&self) -> Vec<&SlashCommand> {
-        self.all_commands
-            .iter()
-            .filter_map(|(_name, cmd)| {
-                if self.command_filter.is_empty()
-                    || cmd
-                        .command()
-                        .starts_with(&self.command_filter.to_ascii_lowercase())
-                {
-                    Some(cmd)
-                } else {
-                    None
+    /// Compute fuzzy-filtered matches paired with optional highlight indices and score.
+    /// Sorted by ascending score, then by command name for stability.
+    fn filtered(&self) -> Vec<(&SlashCommand, Option<Vec<usize>>, i32)> {
+        let filter = self.command_filter.trim();
+        let mut out: Vec<(&SlashCommand, Option<Vec<usize>>, i32)> = Vec::new();
+        if filter.is_empty() {
+            for (_, cmd) in self.all_commands.iter() {
+                out.push((cmd, None, 0));
+            }
+        } else {
+            for (_, cmd) in self.all_commands.iter() {
+                if let Some((indices, score)) = fuzzy_match(cmd.command(), filter) {
+                    out.push((cmd, Some(indices), score));
                 }
-            })
-            .collect::<Vec<&SlashCommand>>()
+            }
+        }
+        out.sort_by(|a, b| a.2.cmp(&b.2).then_with(|| a.0.command().cmp(b.0.command())));
+        out
+    }
+
+    fn filtered_commands(&self) -> Vec<&SlashCommand> {
+        self.filtered().into_iter().map(|(c, _, _)| c).collect()
     }
 
     /// Move the selection cursor one step up.
     pub(crate) fn move_up(&mut self) {
-        if let Some(len) = self.filtered_commands().len().checked_sub(1) {
-            if len == usize::MAX {
-                return;
-            }
-        }
-
-        if let Some(idx) = self.selected_idx {
-            if idx > 0 {
-                self.selected_idx = Some(idx - 1);
-            }
-        } else if !self.filtered_commands().is_empty() {
-            self.selected_idx = Some(0);
-        }
+        let matches = self.filtered_commands();
+        let len = matches.len();
+        self.state.move_up_wrap(len);
+        self.state.ensure_visible(len, MAX_POPUP_ROWS.min(len));
     }
 
     /// Move the selection cursor one step down.
     pub(crate) fn move_down(&mut self) {
-        let matches_len = self.filtered_commands().len();
-        if matches_len == 0 {
-            self.selected_idx = None;
-            return;
-        }
-
-        match self.selected_idx {
-            Some(idx) if idx + 1 < matches_len => {
-                self.selected_idx = Some(idx + 1);
-            }
-            None => {
-                self.selected_idx = Some(0);
-            }
-            _ => {}
-        }
+        let matches = self.filtered_commands();
+        let matches_len = matches.len();
+        self.state.move_down_wrap(matches_len);
+        self.state
+            .ensure_visible(matches_len, MAX_POPUP_ROWS.min(matches_len));
     }
 
     /// Return currently selected command, if any.
     pub(crate) fn selected_command(&self) -> Option<&SlashCommand> {
         let matches = self.filtered_commands();
-        self.selected_idx.and_then(|idx| matches.get(idx).copied())
+        self.state
+            .selected_idx
+            .and_then(|idx| matches.get(idx).copied())
     }
 }
 
 impl WidgetRef for CommandPopup {
     fn render_ref(&self, area: Rect, buf: &mut Buffer) {
-        let matches = self.filtered_commands();
-
-        let mut rows: Vec<Row> = Vec::new();
-        let visible_matches: Vec<&SlashCommand> =
-            matches.into_iter().take(MAX_POPUP_ROWS).collect();
-
-        if visible_matches.is_empty() {
-            rows.push(Row::new(vec![
-                Cell::from(""),
-                Cell::from("No matching commands").add_modifier(Modifier::ITALIC),
-            ]));
+        let matches = self.filtered();
+        let rows_all: Vec<GenericDisplayRow> = if matches.is_empty() {
+            Vec::new()
         } else {
-            let default_style = Style::default();
-            let command_style = Style::default().fg(Color::LightBlue);
-            for (idx, cmd) in visible_matches.iter().enumerate() {
-                rows.push(Row::new(vec![
-                    Cell::from(Line::from(vec![
-                        if Some(idx) == self.selected_idx {
-                            Span::styled(
-                                "›",
-                                Style::default().bg(Color::DarkGray).fg(Color::LightCyan),
-                            )
-                        } else {
-                            Span::styled(QUADRANT_LEFT_HALF, Style::default().fg(Color::DarkGray))
-                        },
-                        Span::styled(format!("/{}", cmd.command()), command_style),
-                    ])),
-                    Cell::from(cmd.description().to_string()).style(default_style),
-                ]));
-            }
-        }
-
-        use ratatui::layout::Constraint;
-
-        let table = Table::new(
-            rows,
-            [Constraint::Length(FIRST_COLUMN_WIDTH), Constraint::Min(10)],
-        )
-        .column_spacing(0);
-        // .block(
-        //     Block::default()
-        //         .borders(Borders::LEFT)
-        //         .border_type(BorderType::QuadrantOutside)
-        //         .border_style(Style::default().fg(Color::DarkGray)),
-        // );
-
-        table.render(area, buf);
+            matches
+                .into_iter()
+                .map(|(cmd, indices, _)| GenericDisplayRow {
+                    name: format!("/{}", cmd.command()),
+                    match_indices: indices.map(|v| v.into_iter().map(|i| i + 1).collect()),
+                    is_current: false,
+                    description: Some(cmd.description().to_string()),
+                })
+                .collect()
+        };
+        render_rows(area, buf, &rows_all, &self.state, MAX_POPUP_ROWS);
     }
 }
 

codex-rs/tui/src/bottom_pane/file_search_popup.rs

@@ -1,23 +1,12 @@
 use codex_file_search::FileMatch;
 use ratatui::buffer::Buffer;
 use ratatui::layout::Rect;
-use ratatui::prelude::Constraint;
-use ratatui::style::Color;
-use ratatui::style::Modifier;
-use ratatui::style::Style;
-use ratatui::text::Line;
-use ratatui::text::Span;
-use ratatui::widgets::Block;
-use ratatui::widgets::BorderType;
-use ratatui::widgets::Borders;
-use ratatui::widgets::Cell;
-use ratatui::widgets::Row;
-use ratatui::widgets::Table;
-use ratatui::widgets::Widget;
 use ratatui::widgets::WidgetRef;
 
-/// Maximum number of suggestions shown in the popup.
-const MAX_RESULTS: usize = 8;
+use super::popup_consts::MAX_POPUP_ROWS;
+use super::scroll_state::ScrollState;
+use super::selection_popup_common::GenericDisplayRow;
+use super::selection_popup_common::render_rows;
 
 /// Visual state for the file-search popup.
 pub(crate) struct FileSearchPopup {
@@ -30,8 +19,8 @@ pub(crate) struct FileSearchPopup {
     waiting: bool,
     /// Cached matches; paths relative to the search dir.
     matches: Vec<FileMatch>,
-    /// Currently selected index inside `matches` (if any).
-    selected_idx: Option<usize>,
+    /// Shared selection/scroll state.
+    state: ScrollState,
 }
 
 impl FileSearchPopup {
@@ -41,7 +30,7 @@ impl FileSearchPopup {
             pending_query: String::new(),
             waiting: true,
             matches: Vec::new(),
-            selected_idx: None,
+            state: ScrollState::new(),
         }
     }
 
@@ -61,10 +50,21 @@ impl FileSearchPopup {
 
         if !keep_existing {
             self.matches.clear();
-            self.selected_idx = None;
+            self.state.reset();
         }
     }
 
+    /// Put the popup into an "idle" state used for an empty query (just "@").
+    /// Shows a hint instead of matches until the user types more characters.
+    pub(crate) fn set_empty_prompt(&mut self) {
+        self.display_query.clear();
+        self.pending_query.clear();
+        self.waiting = false;
+        self.matches.clear();
+        // Reset selection/scroll state when showing the empty prompt.
+        self.state.reset();
+    }
+
     /// Replace matches when a `FileSearchResult` arrives.
     /// Replace matches. Only applied when `query` matches `pending_query`.
     pub(crate) fn set_matches(&mut self, query: &str, matches: Vec<FileMatch>) {
@@ -75,40 +75,32 @@ impl FileSearchPopup {
         self.display_query = query.to_string();
         self.matches = matches;
         self.waiting = false;
-        self.selected_idx = if self.matches.is_empty() {
-            None
-        } else {
-            Some(0)
-        };
+        let len = self.matches.len();
+        self.state.clamp_selection(len);
+        self.state.ensure_visible(len, len.min(MAX_POPUP_ROWS));
     }
 
     /// Move selection cursor up.
     pub(crate) fn move_up(&mut self) {
-        if let Some(idx) = self.selected_idx {
-            if idx > 0 {
-                self.selected_idx = Some(idx - 1);
-            }
-        }
+        let len = self.matches.len();
+        self.state.move_up_wrap(len);
+        self.state.ensure_visible(len, len.min(MAX_POPUP_ROWS));
     }
 
     /// Move selection cursor down.
     pub(crate) fn move_down(&mut self) {
-        if let Some(idx) = self.selected_idx {
-            if idx + 1 < self.matches.len() {
-                self.selected_idx = Some(idx + 1);
-            }
-        } else if !self.matches.is_empty() {
-            self.selected_idx = Some(0);
-        }
+        let len = self.matches.len();
+        self.state.move_down_wrap(len);
+        self.state.ensure_visible(len, len.min(MAX_POPUP_ROWS));
     }
 
     pub(crate) fn selected_match(&self) -> Option<&str> {
-        self.selected_idx
+        self.state
+            .selected_idx
             .and_then(|idx| self.matches.get(idx))
             .map(|file_match| file_match.path.as_str())
     }
 
-    /// Preferred height (rows) including border.
     pub(crate) fn calculate_required_height(&self) -> u16 {
         // Row count depends on whether we already have matches. If no matches
         // yet (e.g. initial search or query with no results) reserve a single
@@ -116,71 +108,35 @@ impl FileSearchPopup {
         // up to MAX_RESULTS regardless of the waiting flag so the list
         // remains stable while a newer search is in-flight.
 
-        self.matches.len().clamp(1, MAX_RESULTS) as u16
+        self.matches.len().clamp(1, MAX_POPUP_ROWS) as u16
     }
 }
 
 impl WidgetRef for &FileSearchPopup {
     fn render_ref(&self, area: Rect, buf: &mut Buffer) {
-        // Prepare rows.
-        let rows: Vec<Row> = if self.matches.is_empty() {
-            vec![Row::new(vec![
-                Cell::from(if self.waiting {
-                    "(searching …)"
-                } else {
-                    "no matches"
-                })
-                .style(Style::new().add_modifier(Modifier::ITALIC | Modifier::DIM)),
-            ])]
+        // Convert matches to GenericDisplayRow, translating indices to usize at the UI boundary.
+        let rows_all: Vec<GenericDisplayRow> = if self.matches.is_empty() {
+            Vec::new()
         } else {
             self.matches
                 .iter()
-                .take(MAX_RESULTS)
-                .enumerate()
-                .map(|(i, file_match)| {
-                    let FileMatch { path, indices, .. } = file_match;
-                    let path = path.as_str();
-                    #[allow(clippy::expect_used)]
-                    let indices = indices.as_ref().expect("indices should be present");
-
-                    // Build spans with bold on matching indices.
-                    let mut idx_iter = indices.iter().peekable();
-                    let mut spans: Vec<Span> = Vec::with_capacity(path.len());
-
-                    for (char_idx, ch) in path.chars().enumerate() {
-                        let mut style = Style::default();
-                        if idx_iter
-                            .peek()
-                            .is_some_and(|next| **next == char_idx as u32)
-                        {
-                            idx_iter.next();
-                            style = style.add_modifier(Modifier::BOLD);
-                        }
-                        spans.push(Span::styled(ch.to_string(), style));
-                    }
-
-                    // Create cell from the spans.
-                    let mut cell = Cell::from(Line::from(spans));
-
-                    // If selected, also paint yellow.
-                    if Some(i) == self.selected_idx {
-                        cell = cell.style(Style::default().fg(Color::Yellow));
-                    }
-
-                    Row::new(vec![cell])
+                .map(|m| GenericDisplayRow {
+                    name: m.path.clone(),
+                    match_indices: m
+                        .indices
+                        .as_ref()
+                        .map(|v| v.iter().map(|&i| i as usize).collect()),
+                    is_current: false,
+                    description: None,
                 })
                 .collect()
         };
 
-        let table = Table::new(rows, vec![Constraint::Percentage(100)])
-            .block(
-                Block::default()
-                    .borders(Borders::LEFT)
-                    .border_type(BorderType::QuadrantOutside)
-                    .border_style(Style::default().fg(Color::DarkGray)),
-            )
-            .widths([Constraint::Percentage(100)]);
-
-        table.render(area, buf);
+        if self.waiting && rows_all.is_empty() {
+            // Render a minimal waiting stub using the shared renderer (no rows -> "no matches").
+            render_rows(area, buf, &[], &self.state, MAX_POPUP_ROWS);
+        } else {
+            render_rows(area, buf, &rows_all, &self.state, MAX_POPUP_ROWS);
+        }
     }
 }

codex-rs/tui/src/bottom_pane/mod.rs

@@ -19,6 +19,9 @@ mod chat_composer_history;
 mod command_popup;
 mod file_search_popup;
 mod live_ring_widget;
+mod popup_consts;
+mod scroll_state;
+mod selection_popup_common;
 mod status_indicator_view;
 mod textarea;
 
@@ -287,11 +290,12 @@ impl BottomPane<'_> {
     /// is forwarded directly to the underlying `ChatComposer`.
     pub(crate) fn set_token_usage(
         &mut self,
-        token_usage: TokenUsage,
+        total_token_usage: TokenUsage,
+        last_token_usage: TokenUsage,
         model_context_window: Option<u64>,
     ) {
         self.composer
-            .set_token_usage(token_usage, model_context_window);
+            .set_token_usage(total_token_usage, last_token_usage, model_context_window);
         self.request_redraw();
     }
 

codex-rs/tui/src/bottom_pane/popup_consts.rs

@@ -0,0 +1,5 @@
+//! Shared popup-related constants for bottom pane widgets.
+
+/// Maximum number of rows any popup should attempt to display.
+/// Keep this consistent across all popups for a uniform feel.
+pub(crate) const MAX_POPUP_ROWS: usize = 8;

codex-rs/tui/src/bottom_pane/scroll_state.rs

@@ -0,0 +1,115 @@
+/// Generic scroll/selection state for a vertical list menu.
+///
+/// Encapsulates the common behavior of a selectable list that supports:
+/// - Optional selection (None when list is empty)
+/// - Wrap-around navigation on Up/Down
+/// - Maintaining a scroll window (`scroll_top`) so the selected row stays visible
+#[derive(Debug, Default, Clone, Copy)]
+pub(crate) struct ScrollState {
+    pub selected_idx: Option<usize>,
+    pub scroll_top: usize,
+}
+
+impl ScrollState {
+    pub fn new() -> Self {
+        Self {
+            selected_idx: None,
+            scroll_top: 0,
+        }
+    }
+
+    /// Reset selection and scroll.
+    pub fn reset(&mut self) {
+        self.selected_idx = None;
+        self.scroll_top = 0;
+    }
+
+    /// Clamp selection to be within the [0, len-1] range, or None when empty.
+    pub fn clamp_selection(&mut self, len: usize) {
+        self.selected_idx = match len {
+            0 => None,
+            _ => Some(self.selected_idx.unwrap_or(0).min(len - 1)),
+        };
+        if len == 0 {
+            self.scroll_top = 0;
+        }
+    }
+
+    /// Move selection up by one, wrapping to the bottom when necessary.
+    pub fn move_up_wrap(&mut self, len: usize) {
+        if len == 0 {
+            self.selected_idx = None;
+            self.scroll_top = 0;
+            return;
+        }
+        self.selected_idx = Some(match self.selected_idx {
+            Some(idx) if idx > 0 => idx - 1,
+            Some(_) => len - 1,
+            None => 0,
+        });
+    }
+
+    /// Move selection down by one, wrapping to the top when necessary.
+    pub fn move_down_wrap(&mut self, len: usize) {
+        if len == 0 {
+            self.selected_idx = None;
+            self.scroll_top = 0;
+            return;
+        }
+        self.selected_idx = Some(match self.selected_idx {
+            Some(idx) if idx + 1 < len => idx + 1,
+            _ => 0,
+        });
+    }
+
+    /// Adjust `scroll_top` so that the current `selected_idx` is visible within
+    /// the window of `visible_rows`.
+    pub fn ensure_visible(&mut self, len: usize, visible_rows: usize) {
+        if len == 0 || visible_rows == 0 {
+            self.scroll_top = 0;
+            return;
+        }
+        if let Some(sel) = self.selected_idx {
+            if sel < self.scroll_top {
+                self.scroll_top = sel;
+            } else {
+                let bottom = self.scroll_top + visible_rows - 1;
+                if sel > bottom {
+                    self.scroll_top = sel + 1 - visible_rows;
+                }
+            }
+        } else {
+            self.scroll_top = 0;
+        }
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::ScrollState;
+
+    #[test]
+    fn wrap_navigation_and_visibility() {
+        let mut s = ScrollState::new();
+        let len = 10;
+        let vis = 5;
+
+        s.clamp_selection(len);
+        assert_eq!(s.selected_idx, Some(0));
+        s.ensure_visible(len, vis);
+        assert_eq!(s.scroll_top, 0);
+
+        s.move_up_wrap(len);
+        s.ensure_visible(len, vis);
+        assert_eq!(s.selected_idx, Some(len - 1));
+        match s.selected_idx {
+            Some(sel) => assert!(s.scroll_top <= sel),
+            None => panic!("expected Some(selected_idx) after wrap"),
+        }
+
+        s.move_down_wrap(len);
+        s.ensure_visible(len, vis);
+        assert_eq!(s.selected_idx, Some(0));
+        assert_eq!(s.scroll_top, 0);
+    }
+}

codex-rs/tui/src/bottom_pane/selection_popup_common.rs

@@ -0,0 +1,126 @@
+use ratatui::buffer::Buffer;
+use ratatui::layout::Rect;
+use ratatui::prelude::Constraint;
+use ratatui::style::Color;
+use ratatui::style::Modifier;
+use ratatui::style::Style;
+use ratatui::text::Line;
+use ratatui::text::Span;
+use ratatui::widgets::Block;
+use ratatui::widgets::BorderType;
+use ratatui::widgets::Borders;
+use ratatui::widgets::Cell;
+use ratatui::widgets::Row;
+use ratatui::widgets::Table;
+use ratatui::widgets::Widget;
+
+use super::scroll_state::ScrollState;
+
+/// A generic representation of a display row for selection popups.
+pub(crate) struct GenericDisplayRow {
+    pub name: String,
+    pub match_indices: Option<Vec<usize>>, // indices to bold (char positions)
+    pub is_current: bool,
+    pub description: Option<String>, // optional grey text after the name
+}
+
+impl GenericDisplayRow {}
+
+/// Render a list of rows using the provided ScrollState, with shared styling
+/// and behavior for selection popups.
+pub(crate) fn render_rows(
+    area: Rect,
+    buf: &mut Buffer,
+    rows_all: &[GenericDisplayRow],
+    state: &ScrollState,
+    max_results: usize,
+) {
+    let mut rows: Vec<Row> = Vec::new();
+    if rows_all.is_empty() {
+        rows.push(Row::new(vec![Cell::from(Line::from(Span::styled(
+            "no matches",
+            Style::default().add_modifier(Modifier::ITALIC | Modifier::DIM),
+        )))]));
+    } else {
+        let max_rows_from_area = area.height as usize;
+        let visible_rows = max_results
+            .min(rows_all.len())
+            .min(max_rows_from_area.max(1));
+
+        // Compute starting index based on scroll state and selection.
+        let mut start_idx = state.scroll_top.min(rows_all.len().saturating_sub(1));
+        if let Some(sel) = state.selected_idx {
+            if sel < start_idx {
+                start_idx = sel;
+            } else if visible_rows > 0 {
+                let bottom = start_idx + visible_rows - 1;
+                if sel > bottom {
+                    start_idx = sel + 1 - visible_rows;
+                }
+            }
+        }
+
+        for (i, row) in rows_all
+            .iter()
+            .enumerate()
+            .skip(start_idx)
+            .take(visible_rows)
+        {
+            let GenericDisplayRow {
+                name,
+                match_indices,
+                is_current,
+                description,
+            } = row;
+
+            // Highlight fuzzy indices when present.
+            let mut spans: Vec<Span> = Vec::with_capacity(name.len());
+            if let Some(idxs) = match_indices.as_ref() {
+                let mut idx_iter = idxs.iter().peekable();
+                for (char_idx, ch) in name.chars().enumerate() {
+                    let mut style = Style::default();
+                    if idx_iter.peek().is_some_and(|next| **next == char_idx) {
+                        idx_iter.next();
+                        style = style.add_modifier(Modifier::BOLD);
+                    }
+                    spans.push(Span::styled(ch.to_string(), style));
+                }
+            } else {
+                spans.push(Span::raw(name.clone()));
+            }
+
+            if let Some(desc) = description.as_ref() {
+                spans.push(Span::raw("  "));
+                spans.push(Span::styled(
+                    desc.clone(),
+                    Style::default()
+                        .fg(Color::DarkGray)
+                        .add_modifier(Modifier::DIM),
+                ));
+            }
+
+            let mut cell = Cell::from(Line::from(spans));
+            if Some(i) == state.selected_idx {
+                cell = cell.style(
+                    Style::default()
+                        .fg(Color::Yellow)
+                        .add_modifier(Modifier::BOLD),
+                );
+            } else if *is_current {
+                cell = cell.style(Style::default().fg(Color::Cyan));
+            }
+            rows.push(Row::new(vec![cell]));
+        }
+    }
+
+    let table = Table::new(rows, vec![Constraint::Percentage(100)])
+        .block(
+            Block::default()
+                .borders(Borders::LEFT)
+                .border_type(BorderType::QuadrantOutside)
+                .border_style(Style::default().fg(Color::DarkGray)),
+        )
+        .widths([Constraint::Percentage(100)]);
+
+    table.render(area, buf);
+}

codex-rs/tui/src/bottom_pane/snapshots/codex_tui__bottom_pane__chat_composer__tests__empty.snap

@@ -2,7 +2,7 @@
 source: tui/src/bottom_pane/chat_composer.rs
 expression: terminal.backend()
 ---
-"▌ ...                                                                                               "
+"▌ Ask Codex to do anything                                                                          "
 "▌                                                                                                   "
 "▌                                                                                                   "
 "▌                                                                                                   "

codex-rs/tui/src/chatwidget.rs

@@ -45,7 +45,6 @@ use crate::bottom_pane::BottomPane;
 use crate::bottom_pane::BottomPaneParams;
 use crate::bottom_pane::CancellationEvent;
 use crate::bottom_pane::InputResult;
-use crate::exec_command::strip_bash_lc_and_escape;
 use crate::history_cell::CommandOutput;
 use crate::history_cell::HistoryCell;
 use crate::history_cell::PatchEventType;
@@ -67,7 +66,8 @@ pub(crate) struct ChatWidget<'a> {
     active_history_cell: Option<HistoryCell>,
     config: Config,
     initial_user_message: Option<UserMessage>,
-    token_usage: TokenUsage,
+    total_token_usage: TokenUsage,
+    last_token_usage: TokenUsage,
     reasoning_buffer: String,
     content_buffer: String,
     // Buffer for streaming assistant answer text; we do not surface partial
@@ -214,7 +214,8 @@ impl ChatWidget<'_> {
                 initial_prompt.unwrap_or_default(),
                 initial_images,
             ),
-            token_usage: TokenUsage::default(),
+            total_token_usage: TokenUsage::default(),
+            last_token_usage: TokenUsage::default(),
             reasoning_buffer: String::new(),
             content_buffer: String::new(),
             answer_buffer: String::new(),
@@ -366,9 +367,13 @@ impl ChatWidget<'_> {
                 self.request_redraw();
             }
             EventMsg::TokenCount(token_usage) => {
-                self.token_usage = add_token_usage(&self.token_usage, &token_usage);
-                self.bottom_pane
-                    .set_token_usage(self.token_usage.clone(), self.config.model_context_window);
+                self.total_token_usage = add_token_usage(&self.total_token_usage, &token_usage);
+                self.last_token_usage = token_usage;
+                self.bottom_pane.set_token_usage(
+                    self.total_token_usage.clone(),
+                    self.last_token_usage.clone(),
+                    self.config.model_context_window,
+                );
             }
             EventMsg::Error(ErrorEvent { message }) => {
                 self.add_to_history(HistoryCell::new_error_event(message.clone()));
@@ -393,17 +398,6 @@ impl ChatWidget<'_> {
                 reason,
             }) => {
                 self.finalize_active_stream();
-                // Log a background summary immediately so the history is chronological.
-                let cmdline = strip_bash_lc_and_escape(&command);
-                let text = format!(
-                    "command requires approval:\n$ {cmdline}{reason}",
-                    reason = reason
-                        .as_ref()
-                        .map(|r| format!("\n{r}"))
-                        .unwrap_or_default()
-                );
-                self.add_to_history(HistoryCell::new_background_event(text));
-
                 let request = ApprovalRequest::Exec {
                     id,
                     command,
@@ -476,16 +470,14 @@ impl ChatWidget<'_> {
                 ));
             }
             EventMsg::PatchApplyEnd(event) => {
-                self.add_to_history(HistoryCell::new_patch_apply_end(
-                    event.stdout,
-                    event.stderr,
-                    event.success,
-                ));
+                if !event.success {
+                    self.add_to_history(HistoryCell::new_patch_apply_failure(event.stderr));
+                }
             }
             EventMsg::ExecCommandEnd(ExecCommandEndEvent {
                 call_id,
                 exit_code,
-                duration,
+                duration: _,
                 stdout,
                 stderr,
             }) => {
@@ -498,7 +490,6 @@ impl ChatWidget<'_> {
                         exit_code,
                         stdout,
                         stderr,
-                        duration,
                     },
                 ));
             }
@@ -567,10 +558,14 @@ impl ChatWidget<'_> {
     pub(crate) fn add_status_output(&mut self) {
         self.add_to_history(HistoryCell::new_status_output(
             &self.config,
-            &self.token_usage,
+            &self.total_token_usage,
         ));
     }
 
+    pub(crate) fn add_prompts_output(&mut self) {
+        self.add_to_history(HistoryCell::new_prompts_output());
+    }
+
     /// Forward file-search results to the bottom pane.
     pub(crate) fn apply_file_search_result(&mut self, query: String, matches: Vec<FileMatch>) {
         self.bottom_pane.on_file_search_result(query, matches);
@@ -622,13 +617,16 @@ impl ChatWidget<'_> {
     }
 
     pub(crate) fn token_usage(&self) -> &TokenUsage {
-        &self.token_usage
+        &self.total_token_usage
     }
 
     pub(crate) fn clear_token_usage(&mut self) {
-        self.token_usage = TokenUsage::default();
-        self.bottom_pane
-            .set_token_usage(self.token_usage.clone(), self.config.model_context_window);
+        self.total_token_usage = TokenUsage::default();
+        self.bottom_pane.set_token_usage(
+            self.total_token_usage.clone(),
+            self.last_token_usage.clone(),
+            self.config.model_context_window,
+        );
     }
 
     pub fn cursor_pos(&self, area: Rect) -> Option<(u16, u16)> {

codex-rs/tui/src/cli.rs

@@ -44,6 +44,7 @@ pub struct Cli {
     /// EXTREMELY DANGEROUS. Intended solely for running in environments that are externally sandboxed.
     #[arg(
         long = "dangerously-bypass-approvals-and-sandbox",
+        alias = "yolo",
         default_value_t = false,
         conflicts_with_all = ["approval_policy", "full_auto"]
     )]

codex-rs/tui/src/git_warning_screen.rs

@@ -1,122 +0,0 @@
-//! Full‑screen warning displayed when Codex is started outside a Git
-//! repository (unless the user passed `--allow-no-git-exec`). The screen
-//! blocks all input until the user explicitly decides whether to continue or
-//! quit.
-
-use crossterm::event::KeyCode;
-use crossterm::event::KeyEvent;
-use ratatui::buffer::Buffer;
-use ratatui::layout::Alignment;
-use ratatui::layout::Constraint;
-use ratatui::layout::Direction;
-use ratatui::layout::Layout;
-use ratatui::layout::Rect;
-use ratatui::style::Color;
-use ratatui::style::Modifier;
-use ratatui::style::Style;
-use ratatui::text::Span;
-use ratatui::widgets::Block;
-use ratatui::widgets::BorderType;
-use ratatui::widgets::Borders;
-use ratatui::widgets::Paragraph;
-use ratatui::widgets::Widget;
-use ratatui::widgets::WidgetRef;
-use ratatui::widgets::Wrap;
-
-const NO_GIT_ERROR: &str = "We recommend running codex inside a git repository. \
-This helps ensure that changes can be tracked and easily rolled back if necessary. \
-Do you wish to proceed?";
-
-/// Result of handling a key event while the warning screen is active.
-pub(crate) enum GitWarningOutcome {
-    /// User chose to proceed – switch to the main Chat UI.
-    Continue,
-    /// User opted to quit the application.
-    Quit,
-    /// No actionable key was pressed – stay on the warning screen.
-    None,
-}
-
-pub(crate) struct GitWarningScreen;
-
-impl GitWarningScreen {
-    pub(crate) fn new() -> Self {
-        Self
-    }
-
-    /// Handle a key event, returning an outcome indicating whether the user
-    /// chose to continue, quit, or neither.
-    pub(crate) fn handle_key_event(&self, key_event: KeyEvent) -> GitWarningOutcome {
-        match key_event.code {
-            KeyCode::Char('y') | KeyCode::Char('Y') => GitWarningOutcome::Continue,
-            KeyCode::Char('n') | KeyCode::Char('q') | KeyCode::Esc => GitWarningOutcome::Quit,
-            _ => GitWarningOutcome::None,
-        }
-    }
-}
-
-impl WidgetRef for &GitWarningScreen {
-    fn render_ref(&self, area: Rect, buf: &mut Buffer) {
-        const MIN_WIDTH: u16 = 35;
-        const MIN_HEIGHT: u16 = 15;
-        // Check if the available area is too small for our popup.
-        if area.width < MIN_WIDTH || area.height < MIN_HEIGHT {
-            // Fallback rendering: a simple abbreviated message that fits the available area.
-            let fallback_message = Paragraph::new(NO_GIT_ERROR)
-                .wrap(Wrap { trim: true })
-                .alignment(Alignment::Center);
-            fallback_message.render(area, buf);
-            return;
-        }
-
-        // Determine the popup (modal) size – aim for 60 % width, 30 % height
-        // but keep a sensible minimum so the content is always readable.
-        let popup_width = std::cmp::max(MIN_WIDTH, (area.width as f32 * 0.6) as u16);
-        let popup_height = std::cmp::max(MIN_HEIGHT, (area.height as f32 * 0.3) as u16);
-
-        // Center the popup in the available area.
-        let popup_x = area.x + (area.width.saturating_sub(popup_width)) / 2;
-        let popup_y = area.y + (area.height.saturating_sub(popup_height)) / 2;
-        let popup_area = Rect::new(popup_x, popup_y, popup_width, popup_height);
-
-        // The modal block that contains everything.
-        let popup_block = Block::default()
-            .borders(Borders::ALL)
-            .border_type(BorderType::Plain)
-            .title(Span::styled(
-                "Warning: Not a Git repository", // bold warning title
-                Style::default().add_modifier(Modifier::BOLD).fg(Color::Red),
-            ));
-
-        // Obtain the inner area before rendering (render consumes the block).
-        let inner = popup_block.inner(popup_area);
-        popup_block.render(popup_area, buf);
-
-        // Split the inner area vertically into two boxes: one for the warning
-        // explanation, one for the user action instructions.
-        let chunks = Layout::default()
-            .direction(Direction::Vertical)
-            .constraints([Constraint::Min(3), Constraint::Length(3)])
-            .split(inner);
-
-        // ----- First box: detailed warning text --------------------------------
-        let text_block = Block::default().borders(Borders::ALL);
-        let text_inner = text_block.inner(chunks[0]);
-        text_block.render(chunks[0], buf);
-
-        let warning_paragraph = Paragraph::new(NO_GIT_ERROR)
-            .wrap(Wrap { trim: true })
-            .alignment(Alignment::Left);
-        warning_paragraph.render(text_inner, buf);
-
-        // ----- Second box: "proceed? y/n" instructions --------------------------
-        let action_block = Block::default().borders(Borders::ALL);
-        let action_inner = action_block.inner(chunks[1]);
-        action_block.render(chunks[1], buf);
-
-        let action_text = Paragraph::new("press 'y' to continue, 'n' to quit")
-            .alignment(Alignment::Center)
-            .style(Style::default().add_modifier(Modifier::BOLD));
-        action_text.render(action_inner, buf);
-    }
-}

codex-rs/tui/src/lib.rs

@@ -8,7 +8,6 @@ use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
 use codex_core::config_types::SandboxMode;
 use codex_core::protocol::AskForApproval;
-use codex_core::util::is_inside_git_repo;
 use codex_login::load_auth;
 use codex_ollama::DEFAULT_OSS_MODEL;
 use log_layer::TuiLogLayer;
@@ -31,7 +30,6 @@ pub mod custom_terminal;
 mod exec_command;
 mod file_search;
 mod get_git_diff;
-mod git_warning_screen;
 mod history_cell;
 pub mod insert_history;
 pub mod live_wrap;
@@ -206,20 +204,12 @@ pub async fn run_main(
         eprintln!("");
     }
 
-    // Determine whether we need to display the "not a git repo" warning
-    // modal. The flag is shown when the current working directory is *not*
-    // inside a Git repository **and** the user did *not* pass the
-    // `--allow-no-git-exec` flag.
-    let show_git_warning = !cli.skip_git_repo_check && !is_inside_git_repo(&config);
-
-    run_ratatui_app(cli, config, show_git_warning, log_rx)
-        .map_err(|err| std::io::Error::other(err.to_string()))
+    run_ratatui_app(cli, config, log_rx).map_err(|err| std::io::Error::other(err.to_string()))
 }
 
 fn run_ratatui_app(
     cli: Cli,
     config: Config,
-    show_git_warning: bool,
     mut log_rx: tokio::sync::mpsc::UnboundedReceiver<String>,
 ) -> color_eyre::Result<codex_core::protocol::TokenUsage> {
     color_eyre::install()?;
@@ -237,7 +227,7 @@ fn run_ratatui_app(
     terminal.clear()?;
 
     let Cli { prompt, images, .. } = cli;
-    let mut app = App::new(config.clone(), prompt, show_git_warning, images);
+    let mut app = App::new(config.clone(), prompt, cli.skip_git_repo_check, images);
 
     // Bridge log receiver into the AppEvent channel so latest log lines update the UI.
     {

codex-rs/tui/src/onboarding/auth.rs

@@ -18,18 +18,23 @@ use crate::app_event::AppEvent;
 use crate::app_event_sender::AppEventSender;
 use crate::colors::LIGHT_BLUE;
 use crate::colors::SUCCESS_GREEN;
-use crate::onboarding::onboarding_screen::KeyEventResult;
 use crate::onboarding::onboarding_screen::KeyboardHandler;
+use crate::onboarding::onboarding_screen::StepStateProvider;
 use crate::shimmer::FrameTicker;
 use crate::shimmer::shimmer_spans;
 use std::path::PathBuf;
+
+use super::onboarding_screen::StepState;
 // no additional imports
 
 #[derive(Debug)]
 pub(crate) enum SignInState {
     PickMode,
     ChatGptContinueInBrowser(#[allow(dead_code)] ContinueInBrowserState),
+    ChatGptSuccessMessage,
     ChatGptSuccess,
+    EnvVarMissing,
+    EnvVarFound,
 }
 
 #[derive(Debug)]
@@ -38,7 +43,6 @@ pub(crate) struct ContinueInBrowserState {
     _login_child: Option<codex_login::SpawnedLogin>,
     _frame_ticker: Option<FrameTicker>,
 }
-
 impl Drop for ContinueInBrowserState {
     fn drop(&mut self) {
         if let Some(child) = &self._login_child {
@@ -52,54 +56,45 @@ impl Drop for ContinueInBrowserState {
 }
 
 impl KeyboardHandler for AuthModeWidget {
-    fn handle_key_event(&mut self, key_event: KeyEvent) -> KeyEventResult {
+    fn handle_key_event(&mut self, key_event: KeyEvent) {
         match key_event.code {
             KeyCode::Up | KeyCode::Char('k') => {
-                self.mode = AuthMode::ChatGPT;
-                KeyEventResult::None
+                self.highlighted_mode = AuthMode::ChatGPT;
             }
             KeyCode::Down | KeyCode::Char('j') => {
-                self.mode = AuthMode::ApiKey;
-                KeyEventResult::None
+                self.highlighted_mode = AuthMode::ApiKey;
             }
             KeyCode::Char('1') => {
-                self.mode = AuthMode::ChatGPT;
                 self.start_chatgpt_login();
-                KeyEventResult::None
             }
-            KeyCode::Char('2') => {
-                self.mode = AuthMode::ApiKey;
-                self.verify_api_key()
-            }
-            KeyCode::Enter => match self.mode {
-                AuthMode::ChatGPT => match &self.sign_in_state {
-                    SignInState::PickMode => self.start_chatgpt_login(),
-                    SignInState::ChatGptContinueInBrowser(_) => KeyEventResult::None,
-                    SignInState::ChatGptSuccess => KeyEventResult::Continue,
+            KeyCode::Char('2') => self.verify_api_key(),
+            KeyCode::Enter => match self.sign_in_state {
+                SignInState::PickMode => match self.highlighted_mode {
+                    AuthMode::ChatGPT => self.start_chatgpt_login(),
+                    AuthMode::ApiKey => self.verify_api_key(),
                 },
-                AuthMode::ApiKey => self.verify_api_key(),
+                SignInState::EnvVarMissing => self.sign_in_state = SignInState::PickMode,
+                SignInState::ChatGptSuccessMessage => {
+                    self.sign_in_state = SignInState::ChatGptSuccess
+                }
+                _ => {}
             },
             KeyCode::Esc => {
                 if matches!(self.sign_in_state, SignInState::ChatGptContinueInBrowser(_)) {
                     self.sign_in_state = SignInState::PickMode;
-                    self.event_tx.send(AppEvent::RequestRedraw);
-                    KeyEventResult::None
-                } else {
-                    KeyEventResult::Quit
                 }
             }
-            KeyCode::Char('q') => KeyEventResult::Quit,
-            _ => KeyEventResult::None,
+            _ => {}
         }
     }
 }
 
 #[derive(Debug)]
 pub(crate) struct AuthModeWidget {
-    pub mode: AuthMode,
+    pub event_tx: AppEventSender,
+    pub highlighted_mode: AuthMode,
     pub error: Option<String>,
     pub sign_in_state: SignInState,
-    pub event_tx: AppEventSender,
     pub codex_home: PathBuf,
 }
 
@@ -109,7 +104,14 @@ impl AuthModeWidget {
             Line::from(vec![
                 Span::raw("> "),
                 Span::styled(
-                    "Sign in with your ChatGPT account?",
+                    "Sign in with ChatGPT to use Codex as part of your paid plan",
+                    Style::default().add_modifier(Modifier::BOLD),
+                ),
+            ]),
+            Line::from(vec![
+                Span::raw("  "),
+                Span::styled(
+                    "or connect an API key for usage-based billing",
                     Style::default().add_modifier(Modifier::BOLD),
                 ),
             ]),
@@ -121,7 +123,7 @@ impl AuthModeWidget {
                                 text: &str,
                                 description: &str|
          -> Vec<Line<'static>> {
-            let is_selected = self.mode == selected_mode;
+            let is_selected = self.highlighted_mode == selected_mode;
             let caret = if is_selected { ">" } else { " " };
 
             let line1 = if is_selected {
@@ -150,18 +152,18 @@ impl AuthModeWidget {
         lines.extend(create_mode_item(
             0,
             AuthMode::ChatGPT,
-            "Sign in with ChatGPT or create a new account",
-            "Leverages your plan, starting at $20 a month for Plus",
+            "Sign in with ChatGPT",
+            "Usage included with Plus, Pro, and Team plans",
         ));
         lines.extend(create_mode_item(
             1,
             AuthMode::ApiKey,
             "Provide your own API key",
-            "Pay only for what you use",
+            "Pay for what you use",
         ));
         lines.push(Line::from(""));
         lines.push(
-            Line::from("Press Enter to continue")
+            Line::from("  Press Enter to continue")
                 .style(Style::default().add_modifier(Modifier::DIM)),
         );
         if let Some(err) = &self.error {
@@ -184,32 +186,44 @@ impl AuthModeWidget {
         let lines = vec![
             Line::from(spans),
             Line::from(""),
-            Line::from("  Press Escape to cancel")
-                .style(Style::default().add_modifier(Modifier::DIM)),
+            Line::from("  Press Esc to cancel").style(Style::default().add_modifier(Modifier::DIM)),
         ];
         Paragraph::new(lines)
             .wrap(Wrap { trim: false })
             .render(area, buf);
     }
 
-    fn render_chatgpt_success(&self, area: Rect, buf: &mut Buffer) {
+    fn render_chatgpt_success_message(&self, area: Rect, buf: &mut Buffer) {
         let lines = vec![
             Line::from("✓ Signed in with your ChatGPT account")
                 .style(Style::default().fg(SUCCESS_GREEN)),
             Line::from(""),
             Line::from("> Before you start:"),
             Line::from(""),
-            Line::from("  Codex can make mistakes"),
-            Line::from("  Check important info")
-                .style(Style::default().add_modifier(Modifier::DIM)),
+            Line::from("  Decide how much autonomy you want to grant Codex"),
+            Line::from(vec![
+                Span::raw("  For more details see the "),
+                Span::styled(
+                    "\u{1b}]8;;https://github.com/openai/codex\u{7}Codex docs\u{1b}]8;;\u{7}",
+                    Style::default().add_modifier(Modifier::UNDERLINED),
+                ),
+            ])
+            .style(Style::default().add_modifier(Modifier::DIM)),
             Line::from(""),
-            Line::from("  Due to prompt injection risks, only use it with code you trust"),
-            Line::from("  For more details see https://github.com/openai/codex")
+            Line::from("  Codex can make mistakes")
+                .style(Style::default().fg(Color::White)),
+            Line::from("  Review the code it writes and commands it runs")
                 .style(Style::default().add_modifier(Modifier::DIM)),
             Line::from(""),
             Line::from("  Powered by your ChatGPT account"),
-            Line::from("  Uses your plan's rate limits and training data preferences")
-                .style(Style::default().add_modifier(Modifier::DIM)),
+            Line::from(vec![
+                Span::raw("  Uses your plan's rate limits and "),
+                Span::styled(
+                    "\u{1b}]8;;https://chatgpt.com/#settings\u{7}training data preferences\u{1b}]8;;\u{7}",
+                    Style::default().add_modifier(Modifier::UNDERLINED),
+                ),
+            ])
+            .style(Style::default().add_modifier(Modifier::DIM)),
             Line::from(""),
             Line::from("  Press Enter to continue").style(Style::default().fg(LIGHT_BLUE)),
         ];
@@ -219,7 +233,43 @@ impl AuthModeWidget {
             .render(area, buf);
     }
 
-    fn start_chatgpt_login(&mut self) -> KeyEventResult {
+    fn render_chatgpt_success(&self, area: Rect, buf: &mut Buffer) {
+        let lines = vec![
+            Line::from("✓ Signed in with your ChatGPT account")
+                .style(Style::default().fg(SUCCESS_GREEN)),
+        ];
+
+        Paragraph::new(lines)
+            .wrap(Wrap { trim: false })
+            .render(area, buf);
+    }
+
+    fn render_env_var_found(&self, area: Rect, buf: &mut Buffer) {
+        let lines =
+            vec![Line::from("✓ Using OPENAI_API_KEY").style(Style::default().fg(SUCCESS_GREEN))];
+
+        Paragraph::new(lines)
+            .wrap(Wrap { trim: false })
+            .render(area, buf);
+    }
+
+    fn render_env_var_missing(&self, area: Rect, buf: &mut Buffer) {
+        let lines = vec![
+            Line::from(
+                "  To use Codex with the OpenAI API, set OPENAI_API_KEY in your environment",
+            )
+            .style(Style::default().fg(Color::Blue)),
+            Line::from(""),
+            Line::from("  Press Enter to return")
+                .style(Style::default().add_modifier(Modifier::DIM)),
+        ];
+
+        Paragraph::new(lines)
+            .wrap(Wrap { trim: false })
+            .render(area, buf);
+    }
+
+    fn start_chatgpt_login(&mut self) {
         self.error = None;
         match codex_login::spawn_login_with_chatgpt(&self.codex_home) {
             Ok(child) => {
@@ -230,27 +280,23 @@ impl AuthModeWidget {
                         _frame_ticker: Some(FrameTicker::new(self.event_tx.clone())),
                     });
                 self.event_tx.send(AppEvent::RequestRedraw);
-                KeyEventResult::None
             }
             Err(e) => {
                 self.sign_in_state = SignInState::PickMode;
                 self.error = Some(e.to_string());
                 self.event_tx.send(AppEvent::RequestRedraw);
-                KeyEventResult::None
             }
         }
     }
 
     /// TODO: Read/write from the correct hierarchy config overrides + auth json + OPENAI_API_KEY.
-    fn verify_api_key(&mut self) -> KeyEventResult {
+    fn verify_api_key(&mut self) {
         if std::env::var("OPENAI_API_KEY").is_err() {
-            self.error =
-                Some("Set OPENAI_API_KEY in your environment. Learn more: https://platform.openai.com/docs/libraries".to_string());
-            self.event_tx.send(AppEvent::RequestRedraw);
-            KeyEventResult::None
+            self.sign_in_state = SignInState::EnvVarMissing;
         } else {
-            KeyEventResult::Continue
+            self.sign_in_state = SignInState::EnvVarFound;
         }
+        self.event_tx.send(AppEvent::RequestRedraw);
     }
 
     fn spawn_completion_poller(&self, child: codex_login::SpawnedLogin) {
@@ -299,6 +345,18 @@ impl AuthModeWidget {
     }
 }
 
+impl StepStateProvider for AuthModeWidget {
+    fn get_step_state(&self) -> StepState {
+        match &self.sign_in_state {
+            SignInState::PickMode
+            | SignInState::EnvVarMissing
+            | SignInState::ChatGptContinueInBrowser(_)
+            | SignInState::ChatGptSuccessMessage => StepState::InProgress,
+            SignInState::ChatGptSuccess | SignInState::EnvVarFound => StepState::Complete,
+        }
+    }
+}
+
 impl WidgetRef for AuthModeWidget {
     fn render_ref(&self, area: Rect, buf: &mut Buffer) {
         match self.sign_in_state {
@@ -308,9 +366,18 @@ impl WidgetRef for AuthModeWidget {
             SignInState::ChatGptContinueInBrowser(_) => {
                 self.render_continue_in_browser(area, buf);
             }
+            SignInState::ChatGptSuccessMessage => {
+                self.render_chatgpt_success_message(area, buf);
+            }
             SignInState::ChatGptSuccess => {
                 self.render_chatgpt_success(area, buf);
             }
+            SignInState::EnvVarMissing => {
+                self.render_env_var_missing(area, buf);
+            }
+            SignInState::EnvVarFound => {
+                self.render_env_var_found(area, buf);
+            }
         }
     }
 }

codex-rs/tui/src/onboarding/continue_to_chat.rs

@@ -0,0 +1,30 @@
+use ratatui::buffer::Buffer;
+use ratatui::layout::Rect;
+use ratatui::widgets::WidgetRef;
+
+use crate::app::ChatWidgetArgs;
+use crate::app_event::AppEvent;
+use crate::app_event_sender::AppEventSender;
+use crate::onboarding::onboarding_screen::StepStateProvider;
+
+use super::onboarding_screen::StepState;
+
+/// This doesn't render anything explicitly but serves as a signal that we made it to the end and
+/// we should continue to the chat.
+pub(crate) struct ContinueToChatWidget {
+    pub event_tx: AppEventSender,
+    pub chat_widget_args: ChatWidgetArgs,
+}
+
+impl StepStateProvider for ContinueToChatWidget {
+    fn get_step_state(&self) -> StepState {
+        StepState::Complete
+    }
+}
+
+impl WidgetRef for &ContinueToChatWidget {
+    fn render_ref(&self, _area: Rect, _buf: &mut Buffer) {
+        self.event_tx
+            .send(AppEvent::OnboardingComplete(self.chat_widget_args.clone()));
+    }
+}

codex-rs/tui/src/onboarding/git_warning.rs

@@ -0,0 +1,126 @@
+use std::path::PathBuf;
+
+use codex_core::util::is_inside_git_repo;
+use crossterm::event::KeyCode;
+use crossterm::event::KeyEvent;
+use ratatui::buffer::Buffer;
+use ratatui::layout::Rect;
+use ratatui::prelude::Widget;
+use ratatui::style::Modifier;
+use ratatui::style::Style;
+use ratatui::style::Stylize;
+use ratatui::text::Line;
+use ratatui::text::Span;
+use ratatui::widgets::Paragraph;
+use ratatui::widgets::WidgetRef;
+use ratatui::widgets::Wrap;
+
+use crate::app_event::AppEvent;
+use crate::app_event_sender::AppEventSender;
+use crate::colors::LIGHT_BLUE;
+
+use crate::onboarding::onboarding_screen::KeyboardHandler;
+use crate::onboarding::onboarding_screen::StepStateProvider;
+
+use super::onboarding_screen::StepState;
+
+pub(crate) struct GitWarningWidget {
+    pub event_tx: AppEventSender,
+    pub cwd: PathBuf,
+    pub selection: Option<GitWarningSelection>,
+    pub highlighted: GitWarningSelection,
+}
+
+#[derive(Clone, Copy, Debug, PartialEq, Eq)]
+pub(crate) enum GitWarningSelection {
+    Continue,
+    Exit,
+}
+
+impl WidgetRef for &GitWarningWidget {
+    fn render_ref(&self, area: Rect, buf: &mut Buffer) {
+        let mut lines: Vec<Line> = vec![
+            Line::from(vec![
+                Span::raw("> "),
+                Span::raw("You are running Codex in "),
+                Span::styled(
+                    self.cwd.to_string_lossy().to_string(),
+                    Style::default().add_modifier(Modifier::BOLD),
+                ),
+                Span::raw(". This folder is not version controlled."),
+            ]),
+            Line::from(""),
+            Line::from("  Do you want to continue?"),
+            Line::from(""),
+        ];
+
+        let create_option =
+            |idx: usize, option: GitWarningSelection, text: &str| -> Line<'static> {
+                let is_selected = self.highlighted == option;
+                if is_selected {
+                    Line::from(vec![
+                        Span::styled(
+                            format!("> {}. ", idx + 1),
+                            Style::default().fg(LIGHT_BLUE).add_modifier(Modifier::DIM),
+                        ),
+                        Span::styled(text.to_owned(), Style::default().fg(LIGHT_BLUE)),
+                    ])
+                } else {
+                    Line::from(format!("  {}. {}", idx + 1, text))
+                }
+            };
+
+        lines.push(create_option(0, GitWarningSelection::Continue, "Yes"));
+        lines.push(create_option(1, GitWarningSelection::Exit, "No"));
+        lines.push(Line::from(""));
+        lines.push(Line::from("  Press Enter to continue").add_modifier(Modifier::DIM));
+
+        Paragraph::new(lines)
+            .wrap(Wrap { trim: false })
+            .render(area, buf);
+    }
+}
+
+impl KeyboardHandler for GitWarningWidget {
+    fn handle_key_event(&mut self, key_event: KeyEvent) {
+        match key_event.code {
+            KeyCode::Up | KeyCode::Char('k') => {
+                self.highlighted = GitWarningSelection::Continue;
+            }
+            KeyCode::Down | KeyCode::Char('j') => {
+                self.highlighted = GitWarningSelection::Exit;
+            }
+            KeyCode::Char('1') => self.handle_continue(),
+            KeyCode::Char('2') => self.handle_quit(),
+            KeyCode::Enter => match self.highlighted {
+                GitWarningSelection::Continue => self.handle_continue(),
+                GitWarningSelection::Exit => self.handle_quit(),
+            },
+            _ => {}
+        }
+    }
+}
+
+impl StepStateProvider for GitWarningWidget {
+    fn get_step_state(&self) -> StepState {
+        let is_git_repo = is_inside_git_repo(&self.cwd);
+        match is_git_repo {
+            true => StepState::Hidden,
+            false => match self.selection {
+                Some(_) => StepState::Complete,
+                None => StepState::InProgress,
+            },
+        }
+    }
+}
+
+impl GitWarningWidget {
+    fn handle_continue(&mut self) {
+        self.selection = Some(GitWarningSelection::Continue);
+    }
+
+    fn handle_quit(&mut self) {
+        self.highlighted = GitWarningSelection::Exit;
+        self.event_tx.send(AppEvent::ExitRequest);
+    }
+}

codex-rs/tui/src/onboarding/mod.rs

@@ -1,3 +1,5 @@
 mod auth;
+mod continue_to_chat;
+mod git_warning;
 pub mod onboarding_screen;
 mod welcome;

codex-rs/tui/src/onboarding/onboarding_screen.rs

@@ -5,26 +5,37 @@ use ratatui::widgets::WidgetRef;
 
 use codex_login::AuthMode;
 
+use crate::app::ChatWidgetArgs;
 use crate::app_event::AppEvent;
 use crate::app_event_sender::AppEventSender;
 use crate::onboarding::auth::AuthModeWidget;
 use crate::onboarding::auth::SignInState;
+use crate::onboarding::continue_to_chat::ContinueToChatWidget;
+use crate::onboarding::git_warning::GitWarningSelection;
+use crate::onboarding::git_warning::GitWarningWidget;
 use crate::onboarding::welcome::WelcomeWidget;
 use std::path::PathBuf;
 
+#[allow(clippy::large_enum_variant)]
 enum Step {
     Welcome(WelcomeWidget),
     Auth(AuthModeWidget),
+    GitWarning(GitWarningWidget),
+    ContinueToChat(ContinueToChatWidget),
 }
 
 pub(crate) trait KeyboardHandler {
-    fn handle_key_event(&mut self, key_event: KeyEvent) -> KeyEventResult;
+    fn handle_key_event(&mut self, key_event: KeyEvent);
 }
 
-pub(crate) enum KeyEventResult {
-    Continue,
-    Quit,
-    None,
+pub(crate) enum StepState {
+    Hidden,
+    InProgress,
+    Complete,
+}
+
+pub(crate) trait StepStateProvider {
+    fn get_step_state(&self) -> StepState;
 }
 
 pub(crate) struct OnboardingScreen {
@@ -32,50 +43,113 @@ pub(crate) struct OnboardingScreen {
     steps: Vec<Step>,
 }
 
+pub(crate) struct OnboardingScreenArgs {
+    pub event_tx: AppEventSender,
+    pub chat_widget_args: ChatWidgetArgs,
+    pub codex_home: PathBuf,
+    pub cwd: PathBuf,
+    pub show_login_screen: bool,
+    pub show_git_warning: bool,
+}
+
 impl OnboardingScreen {
-    pub(crate) fn new(event_tx: AppEventSender, codex_home: PathBuf) -> Self {
-        let steps: Vec<Step> = vec![
-            Step::Welcome(WelcomeWidget {}),
-            Step::Auth(AuthModeWidget {
+    pub(crate) fn new(args: OnboardingScreenArgs) -> Self {
+        let OnboardingScreenArgs {
+            event_tx,
+            chat_widget_args,
+            codex_home,
+            cwd,
+            show_login_screen,
+            show_git_warning,
+        } = args;
+        let mut steps: Vec<Step> = vec![Step::Welcome(WelcomeWidget {
+            is_logged_in: !show_login_screen,
+        })];
+        if show_login_screen {
+            steps.push(Step::Auth(AuthModeWidget {
                 event_tx: event_tx.clone(),
-                mode: AuthMode::ChatGPT,
+                highlighted_mode: AuthMode::ChatGPT,
                 error: None,
                 sign_in_state: SignInState::PickMode,
                 codex_home,
-            }),
-        ];
+            }))
+        }
+        if show_git_warning {
+            steps.push(Step::GitWarning(GitWarningWidget {
+                event_tx: event_tx.clone(),
+                cwd,
+                selection: None,
+                highlighted: GitWarningSelection::Continue,
+            }))
+        }
+        steps.push(Step::ContinueToChat(ContinueToChatWidget {
+            event_tx: event_tx.clone(),
+            chat_widget_args,
+        }));
+        // TODO: add git warning.
         Self { event_tx, steps }
     }
 
-    pub(crate) fn on_auth_complete(&mut self, result: Result<(), String>) -> KeyEventResult {
-        if let Some(Step::Auth(state)) = self.steps.last_mut() {
+    pub(crate) fn on_auth_complete(&mut self, result: Result<(), String>) {
+        let current_step = self.current_step_mut();
+        if let Some(Step::Auth(state)) = current_step {
             match result {
                 Ok(()) => {
-                    state.sign_in_state = SignInState::ChatGptSuccess;
+                    state.sign_in_state = SignInState::ChatGptSuccessMessage;
                     self.event_tx.send(AppEvent::RequestRedraw);
-                    KeyEventResult::None
                 }
                 Err(e) => {
                     state.sign_in_state = SignInState::PickMode;
                     state.error = Some(e);
                     self.event_tx.send(AppEvent::RequestRedraw);
-                    KeyEventResult::None
                 }
             }
-        } else {
-            KeyEventResult::None
         }
     }
+
+    fn current_steps_mut(&mut self) -> Vec<&mut Step> {
+        let mut out: Vec<&mut Step> = Vec::new();
+        for step in self.steps.iter_mut() {
+            match step.get_step_state() {
+                StepState::Hidden => continue,
+                StepState::Complete => out.push(step),
+                StepState::InProgress => {
+                    out.push(step);
+                    break;
+                }
+            }
+        }
+        out
+    }
+
+    fn current_steps(&self) -> Vec<&Step> {
+        let mut out: Vec<&Step> = Vec::new();
+        for step in self.steps.iter() {
+            match step.get_step_state() {
+                StepState::Hidden => continue,
+                StepState::Complete => out.push(step),
+                StepState::InProgress => {
+                    out.push(step);
+                    break;
+                }
+            }
+        }
+        out
+    }
+
+    fn current_step_mut(&mut self) -> Option<&mut Step> {
+        self.steps
+            .iter_mut()
+            .find(|step| matches!(step.get_step_state(), StepState::InProgress))
+    }
 }
 
 impl KeyboardHandler for OnboardingScreen {
-    fn handle_key_event(&mut self, key_event: KeyEvent) -> KeyEventResult {
-        if let Some(last_step) = self.steps.last_mut() {
-            self.event_tx.send(AppEvent::RequestRedraw);
-            last_step.handle_key_event(key_event)
-        } else {
-            KeyEventResult::None
+    fn handle_key_event(&mut self, key_event: KeyEvent) {
+        if let Some(active_step) = self.current_steps_mut().into_iter().last() {
+            active_step.handle_key_event(key_event);
         }
+        self.event_tx.send(AppEvent::RequestRedraw);
     }
 }
 
@@ -109,8 +183,10 @@ impl WidgetRef for &OnboardingScreen {
         }
 
         let mut i = 0usize;
-        while i < self.steps.len() && y < bottom {
-            let step = &self.steps[i];
+        let current_steps = self.current_steps();
+
+        while i < current_steps.len() && y < bottom {
+            let step = &current_steps[i];
             let max_h = bottom.saturating_sub(y);
             if max_h == 0 || width == 0 {
                 break;
@@ -135,10 +211,22 @@ impl WidgetRef for &OnboardingScreen {
 }
 
 impl KeyboardHandler for Step {
-    fn handle_key_event(&mut self, key_event: KeyEvent) -> KeyEventResult {
+    fn handle_key_event(&mut self, key_event: KeyEvent) {
         match self {
-            Step::Welcome(_) => KeyEventResult::None,
+            Step::Welcome(_) | Step::ContinueToChat(_) => (),
             Step::Auth(widget) => widget.handle_key_event(key_event),
+            Step::GitWarning(widget) => widget.handle_key_event(key_event),
+        }
+    }
+}
+
+impl StepStateProvider for Step {
+    fn get_step_state(&self) -> StepState {
+        match self {
+            Step::Welcome(w) => w.get_step_state(),
+            Step::Auth(w) => w.get_step_state(),
+            Step::GitWarning(w) => w.get_step_state(),
+            Step::ContinueToChat(w) => w.get_step_state(),
         }
     }
 }
@@ -152,6 +240,12 @@ impl WidgetRef for Step {
             Step::Auth(widget) => {
                 widget.render_ref(area, buf);
             }
+            Step::GitWarning(widget) => {
+                widget.render_ref(area, buf);
+            }
+            Step::ContinueToChat(widget) => {
+                widget.render_ref(area, buf);
+            }
         }
     }
 }

codex-rs/tui/src/onboarding/welcome.rs

@@ -7,17 +7,32 @@ use ratatui::text::Line;
 use ratatui::text::Span;
 use ratatui::widgets::WidgetRef;
 
-pub(crate) struct WelcomeWidget {}
+use crate::onboarding::onboarding_screen::StepStateProvider;
+
+use super::onboarding_screen::StepState;
+
+pub(crate) struct WelcomeWidget {
+    pub is_logged_in: bool,
+}
 
 impl WidgetRef for &WelcomeWidget {
     fn render_ref(&self, area: Rect, buf: &mut Buffer) {
         let line = Line::from(vec![
-            Span::raw("> "),
+            Span::raw(">_ "),
             Span::styled(
-                "Welcome to Codex, OpenAI's coding agent that runs in your terminal",
+                "Welcome to Codex, OpenAI's command-line coding agent",
                 Style::default().add_modifier(Modifier::BOLD),
             ),
         ]);
         line.render(area, buf);
     }
 }
+
+impl StepStateProvider for WelcomeWidget {
+    fn get_step_state(&self) -> StepState {
+        match self.is_logged_in {
+            true => StepState::Hidden,
+            false => StepState::Complete,
+        }
+    }
+}

codex-rs/tui/src/slash_command.rs

@@ -17,6 +17,8 @@ pub enum SlashCommand {
     Compact,
     Diff,
     Status,
+    Prompts,
+    Logout,
     Quit,
     #[cfg(debug_assertions)]
     TestApproval,
@@ -26,14 +28,16 @@ impl SlashCommand {
     /// User-visible description shown in the popup.
     pub fn description(self) -> &'static str {
         match self {
-            SlashCommand::New => "Start a new chat",
-            SlashCommand::Init => "Create an AGENTS.md file with instructions for Codex",
-            SlashCommand::Compact => "Compact the chat history",
-            SlashCommand::Quit => "Exit the application",
-            SlashCommand::Diff => "Show git diff (including untracked files)",
-            SlashCommand::Status => "Show current session configuration and token usage",
+            SlashCommand::New => "start a new chat during a conversation",
+            SlashCommand::Init => "create an AGENTS.md file with instructions for Codex",
+            SlashCommand::Compact => "summarize conversation to prevent hitting the context limit",
+            SlashCommand::Quit => "exit Codex",
+            SlashCommand::Diff => "show git diff (including untracked files)",
+            SlashCommand::Status => "show current session configuration and token usage",
+            SlashCommand::Prompts => "show example prompts",
+            SlashCommand::Logout => "log out of Codex",
             #[cfg(debug_assertions)]
-            SlashCommand::TestApproval => "Test approval request",
+            SlashCommand::TestApproval => "test approval request",
         }
     }
 

codex-rs/tui/src/status_indicator_widget.rs

@@ -7,6 +7,7 @@ use std::sync::atomic::AtomicUsize;
 use std::sync::atomic::Ordering;
 use std::thread;
 use std::time::Duration;
+use std::time::Instant;
 
 use ratatui::buffer::Buffer;
 use ratatui::layout::Rect;
@@ -42,6 +43,7 @@ pub(crate) struct StatusIndicatorWidget {
 
     frame_idx: Arc<AtomicUsize>,
     running: Arc<AtomicBool>,
+    start_time: Instant,
     // Keep one sender alive to prevent the channel from closing while the
     // animation thread is still running. The field itself is currently not
     // accessed anywhere, therefore the leading underscore silences the
@@ -78,6 +80,7 @@ impl StatusIndicatorWidget {
             reveal_len_at_base: 0,
             frame_idx,
             running,
+            start_time: Instant::now(),
 
             _app_event_tx: app_event_tx,
         }
@@ -167,11 +170,13 @@ impl WidgetRef for StatusIndicatorWidget {
             return;
         }
 
-        // Build animated gradient header for the word "Working".
         let idx = self.frame_idx.load(std::sync::atomic::Ordering::Relaxed);
-        let header_text = "Working";
-        let header_chars: Vec<char> = header_text.chars().collect();
-        let padding = 4usize; // virtual padding around the word for smoother loop
+        let elapsed = self.start_time.elapsed().as_secs();
+        let shown_now = self.current_shown_len(idx);
+        let status_prefix: String = self.text.chars().take(shown_now).collect();
+        let animated_text = "Working";
+        let header_chars: Vec<char> = animated_text.chars().collect();
+        let padding = 4usize; // virtual padding around the animated segment for smoother loop
         let period = header_chars.len() + padding * 2;
         let pos = idx % period;
         let has_true_color = supports_color::on_cached(supports_color::Stream::Stdout)
@@ -179,7 +184,7 @@ impl WidgetRef for StatusIndicatorWidget {
             .unwrap_or(false);
         let band_half_width = 2.0; // width of the bright band in characters
 
-        let mut header_spans: Vec<Span<'static>> = Vec::new();
+        let mut animated_spans: Vec<Span<'static>> = Vec::new();
         for (i, ch) in header_chars.iter().enumerate() {
             let i_pos = i as isize + padding as isize;
             let pos = pos as isize;
@@ -199,28 +204,60 @@ impl WidgetRef for StatusIndicatorWidget {
                     .fg(Color::Rgb(level, level, level))
                     .add_modifier(Modifier::BOLD)
             } else {
-                // Bold makes dark gray and gray look the same, so don't use it when true color is not supported.
                 Style::default().fg(color_for_level(level))
             };
 
-            header_spans.push(Span::styled(ch.to_string(), style));
+            animated_spans.push(Span::styled(ch.to_string(), style));
         }
 
         // Plain rendering: no borders or padding so the live cell is visually indistinguishable from terminal scrollback.
         let inner_width = area.width as usize;
 
-        // Compose a single status line like: "▌ Working [•] waiting for model"
         let mut spans: Vec<Span<'static>> = Vec::new();
         spans.push(Span::styled("▌ ", Style::default().fg(Color::Cyan)));
-        // Gradient header
-        spans.extend(header_spans);
-        // Space after header
+
+        // Simple dim spinner to the left of the header.
+        let spinner_frames = ['·', '•', '●', '•'];
+        const SPINNER_SLOWDOWN: usize = 2;
+        let spinner_ch = spinner_frames[(idx / SPINNER_SLOWDOWN) % spinner_frames.len()];
         spans.push(Span::styled(
-            " ",
-            Style::default()
-                .fg(Color::White)
-                .add_modifier(Modifier::BOLD),
+            spinner_ch.to_string(),
+            Style::default().fg(Color::DarkGray),
         ));
+        spans.push(Span::raw(" "));
+
+        // Space after header
+        // Animated header after the left bar
+        spans.extend(animated_spans);
+        // Space between header and bracket block
+        spans.push(Span::raw(" "));
+        // Non-animated, dim bracket content, with only "Ctrl c" bold
+        let bracket_prefix = format!("({elapsed}s • ");
+        spans.push(Span::styled(
+            bracket_prefix,
+            Style::default().fg(Color::Gray).add_modifier(Modifier::DIM),
+        ));
+        spans.push(Span::styled(
+            "Ctrl C",
+            Style::default()
+                .fg(Color::Gray)
+                .add_modifier(Modifier::DIM | Modifier::BOLD),
+        ));
+        spans.push(Span::styled(
+            " to interrupt)",
+            Style::default().fg(Color::Gray).add_modifier(Modifier::DIM),
+        ));
+        // Add a space and then the log text (not animated by the gradient)
+        if !status_prefix.is_empty() {
+            spans.push(Span::styled(
+                " ",
+                Style::default().fg(Color::Gray).add_modifier(Modifier::DIM),
+            ));
+            spans.push(Span::styled(
+                status_prefix,
+                Style::default().fg(Color::Gray).add_modifier(Modifier::DIM),
+            ));
+        }
 
         // Truncate spans to fit the width.
         let mut acc: Vec<Span<'static>> = Vec::new();
@@ -298,4 +335,23 @@ mod tests {
         }
         assert!(row.contains("Working"), "expected Working header: {row:?}");
     }
+
+    #[test]
+    fn spinner_is_rendered() {
+        let (tx_raw, _rx) = channel::<AppEvent>();
+        let tx = AppEventSender::new(tx_raw);
+        let mut w = StatusIndicatorWidget::new(tx);
+        w.restart_with_text("Hello".to_string());
+        std::thread::sleep(std::time::Duration::from_millis(120));
+
+        let area = ratatui::layout::Rect::new(0, 0, 30, 1);
+        let mut buf = ratatui::buffer::Buffer::empty(area);
+        w.render_ref(area, &mut buf);
+
+        let ch = buf[(2, 0)].symbol().chars().next().unwrap_or(' ');
+        assert!(
+            matches!(ch, '·' | '•' | '●'),
+            "expected spinner char at col 2: {ch:?}"
+        );
+    }
 }

codex-rs/tui/src/user_approval_widget.rs

@@ -28,7 +28,6 @@ use ratatui::widgets::Wrap;
 
 use crate::app_event::AppEvent;
 use crate::app_event_sender::AppEventSender;
-use crate::exec_command::relativize_to_home;
 use crate::exec_command::strip_bash_lc_and_escape;
 
 /// Request coming from the agent that needs user approval.
@@ -36,6 +35,7 @@ pub(crate) enum ApprovalRequest {
     Exec {
         id: String,
         command: Vec<String>,
+        #[allow(dead_code)]
         cwd: PathBuf,
         reason: Option<String>,
     },
@@ -115,21 +115,18 @@ impl UserApprovalWidget<'_> {
     pub(crate) fn new(approval_request: ApprovalRequest, app_event_tx: AppEventSender) -> Self {
         let confirmation_prompt = match &approval_request {
             ApprovalRequest::Exec {
-                command,
-                cwd,
-                reason,
-                ..
+                command, reason, ..
             } => {
                 let cmd = strip_bash_lc_and_escape(command);
-                // Maybe try to relativize to the cwd of this process first?
-                // Will make cwd_str shorter in the common case.
-                let cwd_str = match relativize_to_home(cwd) {
-                    Some(rel) => format!("~/{}", rel.display()),
-                    None => cwd.display().to_string(),
-                };
+                // Present a single-line summary without cwd: "codex wants to run: <cmd>"
+                let mut cmd_span: Span = cmd.clone().into();
+                cmd_span.style = cmd_span.style.add_modifier(Modifier::DIM);
                 let mut contents: Vec<Line> = vec![
-                    Line::from(vec!["codex".bold().magenta(), " wants to run:".into()]),
-                    Line::from(vec![cwd_str.dim(), "$".into(), format!(" {cmd}").into()]),
+                    Line::from(vec![
+                        "? ".fg(Color::Blue),
+                        "Codex wants to run ".bold(),
+                        cmd_span,
+                    ]),
                     Line::from(""),
                 ];
                 if let Some(reason) = reason {
@@ -243,9 +240,52 @@ impl UserApprovalWidget<'_> {
         match &self.approval_request {
             ApprovalRequest::Exec { command, .. } => {
                 let cmd = strip_bash_lc_and_escape(command);
-                lines.push(Line::from("approval decision"));
-                lines.push(Line::from(format!("$ {cmd}")));
-                lines.push(Line::from(format!("decision: {decision:?}")));
+                let mut cmd_span: Span = cmd.clone().into();
+                cmd_span.style = cmd_span.style.add_modifier(Modifier::DIM);
+
+                // Result line based on decision.
+                match decision {
+                    ReviewDecision::Approved => {
+                        lines.push(Line::from(vec![
+                            "✓ ".fg(Color::Green),
+                            "You ".into(),
+                            "approved".bold(),
+                            " codex to run ".into(),
+                            cmd_span,
+                            " ".into(),
+                            "this time".bold(),
+                        ]));
+                    }
+                    ReviewDecision::ApprovedForSession => {
+                        lines.push(Line::from(vec![
+                            "✓ ".fg(Color::Green),
+                            "You ".into(),
+                            "approved".bold(),
+                            " codex to run ".into(),
+                            cmd_span,
+                            " ".into(),
+                            "every time this session".bold(),
+                        ]));
+                    }
+                    ReviewDecision::Denied => {
+                        lines.push(Line::from(vec![
+                            "✗ ".fg(Color::Red),
+                            "You ".into(),
+                            "did not approve".bold(),
+                            " codex to run ".into(),
+                            cmd_span,
+                        ]));
+                    }
+                    ReviewDecision::Abort => {
+                        lines.push(Line::from(vec![
+                            "✗ ".fg(Color::Red),
+                            "You ".into(),
+                            "canceled".bold(),
+                            " the request to run ".into(),
+                            cmd_span,
+                        ]));
+                    }
+                }
             }
             ApprovalRequest::ApplyPatch { .. } => {
                 lines.push(Line::from(format!("patch approval decision: {decision:?}")));