Regenerate Python SDK artifacts

## Summary
- Remove `perCwdExtraUserRoots` / `SkillsListExtraRootsForCwd` from the
`skills/list` app-server API.
- Drop Rust app-server and `codex-core-skills` extra-root plumbing so
skill scans are keyed by the normal cwd/user/plugin roots only.
- Regenerate app-server schemas and update docs/tests that only existed
for the removed extra-roots behavior.

## Validation
- `just write-app-server-schema`
- `just fmt`
- `cargo test -p codex-app-server-protocol`
- `cargo test -p codex-core-skills`
- `just fix -p codex-app-server-protocol`
- `just fix -p codex-core-skills`
- `just fix -p codex-app-server`
- `just fix -p codex-tui`

## Notes
- `cargo test -p codex-app-server --test all skills_list` ran the edited
skills-list cases, but the full filtered run ended on existing
`skills_changed_notification_is_emitted_after_skill_change` timeout
after a websocket `401`.
- `cargo test -p codex-tui --lib` compiled the changed TUI callers, then
failed two unrelated status permission tests because local
`/etc/codex/requirements.toml` forbids `DangerFullAccess`.
- Source-truth check found the OpenAI monorepo still has
generated/app-server-kit mirror references to the removed field; those
should be cleaned up when generated app-server types are synced or in a
companion OpenAI cleanup.

.github/actions/prepare-bazel-ci/action.yml

@@ -50,7 +50,7 @@ runs:
     - name: Restore bazel repository cache
       id: cache_bazel_repository_restore
       continue-on-error: true
-      uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+      uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
       with:
         path: ${{ steps.setup_bazel.outputs.repository-cache-path }}
         key: ${{ steps.cache_bazel_repository_key.outputs.repository-cache-key }}

.github/actions/windows-code-sign/action.yml

@@ -30,7 +30,7 @@ runs:
   using: composite
   steps:
     - name: Azure login for Trusted Signing (OIDC)
-      uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
+      uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
       with:
         client-id: ${{ inputs.client-id }}
         tenant-id: ${{ inputs.tenant-id }}
@@ -54,7 +54,7 @@ runs:
         } >> "$GITHUB_OUTPUT"
 
     - name: Sign Windows binaries with Azure Trusted Signing
-      uses: azure/trusted-signing-action@1d365fec12862c4aa68fcac418143d73f0cea293 # v0
+      uses: azure/trusted-signing-action@1d365fec12862c4aa68fcac418143d73f0cea293 # v0.5.11
       with:
         endpoint: ${{ inputs.endpoint }}
         trusted-signing-account-name: ${{ inputs.account-name }}

.github/dependabot.yaml

@@ -6,25 +6,37 @@ updates:
     directory: .github/actions/codex
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 7
   - package-ecosystem: cargo
     directories:
       - codex-rs
       - codex-rs/*
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 7
   - package-ecosystem: devcontainers
     directory: /
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 7
   - package-ecosystem: docker
     directory: codex-cli
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 7
   - package-ecosystem: github-actions
     directory: /
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 7
   - package-ecosystem: rust-toolchain
     directory: codex-rs
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 7

.github/workflows/bazel.yml

@@ -56,7 +56,7 @@ jobs:
     name: Bazel test on ${{ matrix.os }} for ${{ matrix.target }}
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Check rusty_v8 MODULE.bazel checksums
         if: matrix.os == 'ubuntu-24.04' && matrix.target == 'x86_64-unknown-linux-gnu'
@@ -122,7 +122,7 @@ jobs:
       - name: Upload Bazel execution logs
         if: always() && !cancelled()
         continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: bazel-execution-logs-test-${{ matrix.target }}
           path: ${{ runner.temp }}/bazel-execution-logs
@@ -133,7 +133,7 @@ jobs:
       - name: Save bazel repository cache
         if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
           key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
@@ -148,7 +148,7 @@ jobs:
     name: Bazel test on windows-latest for x86_64-pc-windows-gnullvm (native main)
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare Bazel CI
         id: prepare_bazel
@@ -195,7 +195,7 @@ jobs:
       - name: Upload Bazel execution logs
         if: always() && !cancelled()
         continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: bazel-execution-logs-test-windows-native-x86_64-pc-windows-gnullvm
           path: ${{ runner.temp }}/bazel-execution-logs
@@ -206,7 +206,7 @@ jobs:
       - name: Save bazel repository cache
         if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
           key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
@@ -231,7 +231,7 @@ jobs:
     name: Bazel clippy on ${{ matrix.os }} for ${{ matrix.target }}
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare Bazel CI
         id: prepare_bazel
@@ -286,7 +286,7 @@ jobs:
       - name: Upload Bazel execution logs
         if: always() && !cancelled()
         continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: bazel-execution-logs-clippy-${{ matrix.target }}
           path: ${{ runner.temp }}/bazel-execution-logs
@@ -297,7 +297,7 @@ jobs:
       - name: Save bazel repository cache
         if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
           key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}
@@ -318,7 +318,7 @@ jobs:
     name: Verify release build on ${{ matrix.os }} for ${{ matrix.target }}
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare Bazel CI
         id: prepare_bazel
@@ -390,7 +390,7 @@ jobs:
       - name: Upload Bazel execution logs
         if: always() && !cancelled()
         continue-on-error: true
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: bazel-execution-logs-verify-release-build-${{ matrix.target }}
           path: ${{ runner.temp }}/bazel-execution-logs
@@ -401,7 +401,7 @@ jobs:
       - name: Save bazel repository cache
         if: always() && !cancelled() && steps.prepare_bazel.outputs.repository-cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: ${{ steps.prepare_bazel.outputs.repository-cache-path }}
           key: ${{ steps.prepare_bazel.outputs.repository-cache-key }}

.github/workflows/blob-size-policy.yml

@@ -8,7 +8,7 @@ jobs:
     name: Blob size policy
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
 

.github/workflows/cargo-deny.yml

@@ -14,7 +14,7 @@ jobs:
         working-directory: ./codex-rs
     steps:
       - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0

.github/workflows/ci.yml

@@ -12,7 +12,7 @@ jobs:
       NODE_OPTIONS: --max-old-space-size=4096
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Verify codex-rs Cargo manifests inherit workspace settings
         run: python3 .github/scripts/verify_cargo_workspace_manifests.py
@@ -29,7 +29,7 @@ jobs:
           run_install: false
 
       - name: Setup Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
         with:
           node-version: 22
 
@@ -63,7 +63,7 @@ jobs:
           echo "pack_output=$PACK_OUTPUT" >> "$GITHUB_OUTPUT"
 
       - name: Upload staged npm package artifact
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: codex-npm-staging
           path: ${{ steps.stage_npm_package.outputs.pack_output }}

.github/workflows/close-stale-contributor-prs.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Close inactive PRs from contributors
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |

.github/workflows/codespell.yml

@@ -18,9 +18,9 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Annotate locations with typos
-        uses: codespell-project/codespell-problem-matcher@b80729f885d32f78a716c2f107b4db1025001c42 # v1
+        uses: codespell-project/codespell-problem-matcher@b80729f885d32f78a716c2f107b4db1025001c42 # v1.1.0
       - name: Codespell
         uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # v2.2
         with:

.github/workflows/issue-deduplicator.yml

@@ -19,7 +19,7 @@ jobs:
       reason: ${{ steps.normalize-all.outputs.reason }}
       has_matches: ${{ steps.normalize-all.outputs.has_matches }}
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare Codex inputs
         env:
@@ -155,7 +155,7 @@ jobs:
       reason: ${{ steps.normalize-open.outputs.reason }}
       has_matches: ${{ steps.normalize-open.outputs.has_matches }}
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare Codex inputs
         env:
@@ -342,7 +342,7 @@ jobs:
       issues: write
     steps:
       - name: Comment on issue
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
         env:
           CODEX_OUTPUT: ${{ needs.select-final.outputs.codex_output }}
         with:

.github/workflows/issue-labeler.yml

@@ -17,7 +17,7 @@ jobs:
     outputs:
       codex_output: ${{ steps.codex.outputs.final-message }}
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - id: codex
         uses: openai/codex-action@5c3f4ccdb2b8790f73d6b21751ac00e602aa0c02 # v1.7

.github/workflows/rust-ci-full.yml

@@ -17,7 +17,7 @@ jobs:
       run:
         working-directory: codex-rs
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
         with:
           components: rustfmt
@@ -31,12 +31,12 @@ jobs:
       run:
         working-directory: codex-rs
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
         with:
           tool: cargo-shear
-          version: 1.5.1
+          version: 1.11.2
       - name: cargo shear
         run: cargo shear
 
@@ -47,14 +47,14 @@ jobs:
       CARGO_DYLINT_VERSION: 5.0.0
       DYLINT_LINK_VERSION: 5.0.0
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
         with:
           toolchain: nightly-2025-09-18
           components: llvm-tools-preview, rustc-dev, rust-src
       - name: Cache cargo-dylint tooling
         id: cargo_dylint_cache
-        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: |
             ~/.cargo/bin/cargo-dylint
@@ -97,7 +97,7 @@ jobs:
               group: codex-runners
               labels: codex-windows-x64
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: ./.github/actions/setup-bazel-ci
         with:
           target: ${{ runner.os }}
@@ -233,7 +233,7 @@ jobs:
               labels: codex-windows-arm64
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Install Linux build dependencies
         if: ${{ runner.os == 'Linux' }}
         shell: bash
@@ -276,7 +276,7 @@ jobs:
       # avoid caching the large target dir on the gnu-dev job.
       - name: Restore cargo home cache
         id: cache_cargo_home_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: |
             ~/.cargo/bin/
@@ -294,7 +294,7 @@ jobs:
       # Install and restore sccache cache
       - name: Install sccache
         if: ${{ env.USE_SCCACHE == 'true' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
         with:
           tool: sccache
           version: 0.7.5
@@ -321,7 +321,7 @@ jobs:
       - name: Restore sccache cache (fallback)
         if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
         id: cache_sccache_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: ${{ github.workspace }}/.sccache/
           key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -348,7 +348,7 @@ jobs:
       - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
         name: Restore APT cache (musl)
         id: cache_apt_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: |
             /var/cache/apt
@@ -356,7 +356,7 @@ jobs:
 
       - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
         name: Install Zig
-        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2
+        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2.2.1
         with:
           version: 0.14.0
 
@@ -430,7 +430,7 @@ jobs:
 
       - name: Install cargo-chef
         if: ${{ matrix.profile == 'release' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
         with:
           tool: cargo-chef
           version: 0.1.71
@@ -449,7 +449,7 @@ jobs:
 
       - name: Upload Cargo timings (clippy)
         if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: cargo-timings-rust-ci-clippy-${{ matrix.target }}-${{ matrix.profile }}
           path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -460,7 +460,7 @@ jobs:
       - name: Save cargo home cache
         if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: |
             ~/.cargo/bin/
@@ -476,7 +476,7 @@ jobs:
       - name: Save sccache cache (fallback)
         if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: ${{ github.workspace }}/.sccache/
           key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -501,7 +501,7 @@ jobs:
       - name: Save APT cache (musl)
         if: always() && !cancelled() && (matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl') && steps.cache_apt_restore.outputs.cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: |
             /var/cache/apt
@@ -559,7 +559,7 @@ jobs:
               labels: codex-windows-arm64
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Install Linux build dependencies
         if: ${{ runner.os == 'Linux' }}
         shell: bash
@@ -590,7 +590,7 @@ jobs:
 
       - name: Restore cargo home cache
         id: cache_cargo_home_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: |
             ~/.cargo/bin/
@@ -603,7 +603,7 @@ jobs:
 
       - name: Install sccache
         if: ${{ env.USE_SCCACHE == 'true' }}
-        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+        uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
         with:
           tool: sccache
           version: 0.7.5
@@ -630,7 +630,7 @@ jobs:
       - name: Restore sccache cache (fallback)
         if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
         id: cache_sccache_restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: ${{ github.workspace }}/.sccache/
           key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -638,7 +638,7 @@ jobs:
             sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-
             sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-
 
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
         with:
           tool: nextest
           version: 0.9.103
@@ -674,7 +674,7 @@ jobs:
 
       - name: Upload Cargo timings (nextest)
         if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: cargo-timings-rust-ci-nextest-${{ matrix.target }}-${{ matrix.profile }}
           path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -683,7 +683,7 @@ jobs:
       - name: Save cargo home cache
         if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: |
             ~/.cargo/bin/
@@ -695,7 +695,7 @@ jobs:
       - name: Save sccache cache (fallback)
         if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: ${{ github.workspace }}/.sccache/
           key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}

.github/workflows/rust-ci.yml

@@ -14,7 +14,7 @@ jobs:
       codex: ${{ steps.detect.outputs.codex }}
       workflows: ${{ steps.detect.outputs.workflows }}
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
       - name: Detect changed paths (no external action)
@@ -61,7 +61,7 @@ jobs:
       run:
         working-directory: codex-rs
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
         with:
           components: rustfmt
@@ -77,12 +77,12 @@ jobs:
       run:
         working-directory: codex-rs
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
-      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2
+      - uses: taiki-e/install-action@44c6d64aa62cd779e873306675c7a58e86d6d532 # v2.62.49
         with:
           tool: cargo-shear
-          version: 1.5.1
+          version: 1.11.2
       - name: cargo shear
         run: cargo shear
 
@@ -95,7 +95,7 @@ jobs:
       CARGO_DYLINT_VERSION: 5.0.0
       DYLINT_LINK_VERSION: 5.0.0
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
       - name: Install nightly argument-comment-lint toolchain
         shell: bash
@@ -109,7 +109,7 @@ jobs:
           rustup default nightly-2025-09-18
       - name: Cache cargo-dylint tooling
         id: cargo_dylint_cache
-        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: |
             ~/.cargo/bin/cargo-dylint
@@ -170,7 +170,7 @@ jobs:
 
           echo "No argument-comment-lint relevant changes."
           echo "run=false" >> "$GITHUB_OUTPUT"
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         if: ${{ steps.argument_comment_lint_gate.outputs.run == 'true' }}
       - name: Run argument comment lint on codex-rs via Bazel
         if: ${{ steps.argument_comment_lint_gate.outputs.run == 'true' }}

.github/workflows/rust-release-argument-comment-lint.yml

@@ -56,7 +56,7 @@ jobs:
               labels: codex-windows-x64
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
         with:
@@ -100,7 +100,7 @@ jobs:
             (cd "${RUNNER_TEMP}" && tar -czf "$GITHUB_WORKSPACE/$archive_path" argument-comment-lint)
           fi
 
-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: argument-comment-lint-${{ matrix.target }}
           path: dist/argument-comment-lint/${{ matrix.target }}/*

.github/workflows/rust-release-prepare.yml

@@ -18,7 +18,7 @@ jobs:
     if: github.repository == 'openai/codex'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           ref: main
           fetch-depth: 0
@@ -43,7 +43,7 @@ jobs:
           curl --http1.1 --fail --show-error --location "${headers[@]}" "${url}" | jq '.' > codex-rs/models-manager/models.json
 
       - name: Open pull request (if changed)
-        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8
+        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
         with:
           commit-message: "Update models.json"
           title: "Update models.json"

.github/workflows/rust-release-windows.yml

@@ -83,7 +83,7 @@ jobs:
               labels: codex-windows-arm64
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Print runner specs (Windows)
         shell: powershell
         run: |
@@ -112,7 +112,7 @@ jobs:
           cargo build --target ${{ matrix.target }} --release --timings "${build_args[@]}"
 
       - name: Upload Cargo timings
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: cargo-timings-rust-release-windows-${{ matrix.target }}-${{ matrix.bundle }}
           path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -128,7 +128,7 @@ jobs:
           done
 
       - name: Upload Windows binaries
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: windows-binaries-${{ matrix.target }}-${{ matrix.bundle }}
           path: |
@@ -165,22 +165,22 @@ jobs:
               labels: codex-windows-arm64
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Download prebuilt Windows primary binaries
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           name: windows-binaries-${{ matrix.target }}-primary
           path: codex-rs/target/${{ matrix.target }}/release
 
       - name: Download prebuilt Windows helper binaries
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           name: windows-binaries-${{ matrix.target }}-helpers
           path: codex-rs/target/${{ matrix.target }}/release
 
       - name: Download prebuilt Windows app-server binary
-        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           name: windows-binaries-${{ matrix.target }}-app-server
           path: codex-rs/target/${{ matrix.target }}/release
@@ -281,7 +281,7 @@ jobs:
             "${GITHUB_WORKSPACE}/.github/workflows/zstd" -T0 -19 "$dest/$base"
           done
 
-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: ${{ matrix.target }}
           path: |

.github/workflows/rust-release-zsh.yml

@@ -45,7 +45,7 @@ jobs:
             git \
             libncursesw5-dev
 
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Build, smoke-test, and stage zsh artifact
         shell: bash
@@ -53,7 +53,7 @@ jobs:
           "${GITHUB_WORKSPACE}/.github/scripts/build-zsh-release-artifact.sh" \
             "dist/zsh/${{ matrix.target }}/${{ matrix.archive_name }}"
 
-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: codex-zsh-${{ matrix.target }}
           path: dist/zsh/${{ matrix.target }}/*
@@ -81,7 +81,7 @@ jobs:
             brew install autoconf
           fi
 
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Build, smoke-test, and stage zsh artifact
         shell: bash
@@ -89,7 +89,7 @@ jobs:
           "${GITHUB_WORKSPACE}/.github/scripts/build-zsh-release-artifact.sh" \
             "dist/zsh/${{ matrix.target }}/${{ matrix.archive_name }}"
 
-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: codex-zsh-${{ matrix.target }}
           path: dist/zsh/${{ matrix.target }}/*

.github/workflows/rust-release.yml

@@ -19,7 +19,7 @@ jobs:
   tag-check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: dtolnay/rust-toolchain@a0b273b48ed29de4470960879e8381ff45632f26 # 1.93.0
       - name: Validate tag matches Cargo.toml version
         shell: bash
@@ -118,7 +118,7 @@ jobs:
             build_dmg: "false"
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Print runner specs (Linux)
         if: ${{ runner.os == 'Linux' }}
         shell: bash
@@ -181,7 +181,7 @@ jobs:
 
       - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
         name: Install Zig
-        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2
+        uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2.2.1
         with:
           version: 0.14.0
 
@@ -284,7 +284,7 @@ jobs:
           cargo build --target ${{ matrix.target }} --release --timings "${build_args[@]}"
 
       - name: Upload Cargo timings
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: cargo-timings-rust-release-${{ matrix.target }}-${{ matrix.bundle }}
           path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -430,7 +430,7 @@ jobs:
             zstd -T0 -19 --rm "$dest/$base"
           done
 
-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: ${{ matrix.artifact_name }}
           # Upload the per-binary .zst files, .tar.gz equivalents, and any
@@ -476,7 +476,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Generate release notes from tag commit message
         id: release_notes
@@ -498,7 +498,7 @@ jobs:
 
           echo "path=${notes_path}" >> "${GITHUB_OUTPUT}"
 
-      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
+      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           path: dist
 
@@ -553,7 +553,7 @@ jobs:
           run_install: false
 
       - name: Setup Node.js for npm packaging
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
         with:
           node-version: 22
 
@@ -579,7 +579,7 @@ jobs:
           cp scripts/install/install.ps1 dist/install.ps1
 
       - name: Create GitHub Release
-        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
         with:
           name: ${{ steps.release_name.outputs.name }}
           tag_name: ${{ github.ref_name }}
@@ -638,7 +638,7 @@ jobs:
 
     steps:
       - name: Setup Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
         with:
           # Node 24 bundles npm >= 11.5.1, which trusted publishing requires.
           node-version: 24

.github/workflows/rusty-v8-release.yml

@@ -17,10 +17,10 @@ jobs:
       v8_version: ${{ steps.v8_version.outputs.version }}
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: "3.12"
 
@@ -69,7 +69,7 @@ jobs:
             target: aarch64-unknown-linux-musl
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set up Bazel
         uses: ./.github/actions/setup-bazel-ci
@@ -77,7 +77,7 @@ jobs:
           target: ${{ matrix.target }}
 
       - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: "3.12"
 
@@ -133,7 +133,7 @@ jobs:
             --output-dir "dist/${TARGET}"
 
       - name: Upload staged musl artifacts
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: rusty-v8-${{ needs.metadata.outputs.v8_version }}-${{ matrix.target }}
           path: dist/${{ matrix.target }}/*
@@ -161,12 +161,12 @@ jobs:
             exit 1
           fi
 
-      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8
+      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           path: dist
 
       - name: Create GitHub Release
-        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
         with:
           tag_name: ${{ needs.metadata.outputs.release_tag }}
           name: ${{ needs.metadata.outputs.release_tag }}

.github/workflows/sdk.yml

@@ -13,7 +13,7 @@ jobs:
     timeout-minutes: 10
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Install Linux bwrap build dependencies
         shell: bash
@@ -28,7 +28,7 @@ jobs:
           run_install: false
 
       - name: Setup Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
         with:
           node-version: 22
           cache: pnpm
@@ -115,7 +115,7 @@ jobs:
       - name: Save bazel repository cache
         if: always() && !cancelled() && steps.setup_bazel.outputs.cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
         with:
           path: |
             ~/.cache/bazel-repo-cache

.github/workflows/v8-canary.yml

@@ -40,10 +40,10 @@ jobs:
       v8_version: ${{ steps.v8_version.outputs.version }}
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: "3.12"
 
@@ -74,7 +74,7 @@ jobs:
             target: aarch64-unknown-linux-musl
 
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set up Bazel
         uses: ./.github/actions/setup-bazel-ci
@@ -82,7 +82,7 @@ jobs:
           target: ${{ matrix.target }}
 
       - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: "3.12"
 
@@ -132,7 +132,7 @@ jobs:
             --output-dir "dist/${TARGET}"
 
       - name: Upload staged musl artifacts
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: v8-canary-${{ needs.metadata.outputs.v8_version }}-${{ matrix.target }}
           path: dist/${{ matrix.target }}/*

AGENTS.md

@@ -130,7 +130,7 @@ When UI or text output changes intentionally, update the snapshots as follows:
 
 If you don’t have the tool:
 
-- `cargo install cargo-insta`
+- `cargo install --locked cargo-insta`
 
 ### Test assertions
 

codex-rs/Cargo.lock

@@ -1180,12 +1180,6 @@ dependencies = [
  "windows-link",
 ]
 
-[[package]]
-name = "base16ct"
-version = "0.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf"
-
 [[package]]
 name = "base64"
 version = "0.21.7"
@@ -1866,7 +1860,6 @@ dependencies = [
  "codex-config",
  "codex-core",
  "codex-core-plugins",
- "codex-device-key",
  "codex-exec-server",
  "codex-external-agent-migration",
  "codex-external-agent-sessions",
@@ -2131,10 +2124,10 @@ name = "codex-builtin-mcps"
 version = "0.0.0"
 dependencies = [
  "anyhow",
- "codex-config",
  "codex-memories-mcp",
  "codex-utils-absolute-path",
  "pretty_assertions",
+ "tokio",
 ]
 
 [[package]]
@@ -2182,7 +2175,6 @@ dependencies = [
  "codex-app-server-protocol",
  "codex-app-server-test-client",
  "codex-arg0",
- "codex-builtin-mcps",
  "codex-chatgpt",
  "codex-cloud-tasks",
  "codex-config",
@@ -2433,7 +2425,6 @@ dependencies = [
  "bm25",
  "chrono",
  "clap",
- "codex-agent-graph-store",
  "codex-analytics",
  "codex-api",
  "codex-app-server-protocol",
@@ -2570,6 +2561,7 @@ dependencies = [
  "codex-core-skills",
  "codex-exec-server",
  "codex-git-utils",
+ "codex-hooks",
  "codex-login",
  "codex-model-provider",
  "codex-otel",
@@ -2638,22 +2630,6 @@ dependencies = [
  "serde_json",
 ]
 
-[[package]]
-name = "codex-device-key"
-version = "0.0.0"
-dependencies = [
- "async-trait",
- "base64 0.22.1",
- "p256",
- "pretty_assertions",
- "rand 0.9.3",
- "serde",
- "serde_json",
- "thiserror 2.0.18",
- "tokio",
- "url",
-]
-
 [[package]]
 name = "codex-exec"
 version = "0.0.0"
@@ -2730,6 +2706,7 @@ dependencies = [
  "tokio",
  "tokio-tungstenite",
  "tokio-util",
+ "toml 0.9.11+spec-1.1.0",
  "tracing",
  "uuid",
  "wiremock",
@@ -3627,16 +3604,11 @@ dependencies = [
  "codex-rollout",
  "codex-state",
  "pretty_assertions",
- "prost 0.14.3",
  "serde",
  "serde_json",
  "tempfile",
  "thiserror 2.0.18",
  "tokio",
- "tokio-stream",
- "tonic",
- "tonic-prost",
- "tonic-prost-build",
  "tracing",
  "uuid",
 ]
@@ -4443,18 +4415,6 @@ version = "0.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "460fbee9c2c2f33933d720630a6a0bac33ba7053db5344fac858d4b8952d77d5"
 
-[[package]]
-name = "crypto-bigint"
-version = "0.5.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0dc92fb57ca44df6db8059111ab3af99a63d5d0f8375d9972e319a379c6bab76"
-dependencies = [
- "generic-array",
- "rand_core 0.6.4",
- "subtle",
- "zeroize",
-]
-
 [[package]]
 name = "crypto-common"
 version = "0.1.7"
@@ -5168,20 +5128,6 @@ version = "1.0.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d0881ea181b1df73ff77ffaaf9c7544ecc11e82fba9b5f27b262a3c73a332555"
 
-[[package]]
-name = "ecdsa"
-version = "0.16.9"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ee27f32b5c5292967d2d4a9d7f1e0b0aed2c15daded5a60300e4abb9d8020bca"
-dependencies = [
- "der",
- "digest",
- "elliptic-curve",
- "rfc6979",
- "signature",
- "spki",
-]
-
 [[package]]
 name = "ed25519"
 version = "2.2.3"
@@ -5215,26 +5161,6 @@ dependencies = [
  "serde",
 ]
 
-[[package]]
-name = "elliptic-curve"
-version = "0.13.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b5e6043086bf7973472e0c7dff2142ea0b680d30e18d9cc40f267efbf222bd47"
-dependencies = [
- "base16ct",
- "crypto-bigint",
- "digest",
- "ff",
- "generic-array",
- "group",
- "pem-rfc7468",
- "pkcs8",
- "rand_core 0.6.4",
- "sec1",
- "subtle",
- "zeroize",
-]
-
 [[package]]
 name = "ena"
 version = "0.14.3"
@@ -5488,16 +5414,6 @@ dependencies = [
  "simd-adler32",
 ]
 
-[[package]]
-name = "ff"
-version = "0.13.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c0b50bfb653653f9ca9095b427bed08ab8d75a137839d9ad64eb11810d5b6393"
-dependencies = [
- "rand_core 0.6.4",
- "subtle",
-]
-
 [[package]]
 name = "fiat-crypto"
 version = "0.2.9"
@@ -6892,17 +6808,6 @@ dependencies = [
  "system-deps",
 ]
 
-[[package]]
-name = "group"
-version = "0.13.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63"
-dependencies = [
- "ff",
- "rand_core 0.6.4",
- "subtle",
-]
-
 [[package]]
 name = "gzip-header"
 version = "1.0.0"
@@ -9402,18 +9307,6 @@ dependencies = [
  "supports-color 3.0.2",
 ]
 
-[[package]]
-name = "p256"
-version = "0.13.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c9863ad85fa8f4460f9c48cb909d38a0d689dba1f6f6988a5e3e0d31071bcd4b"
-dependencies = [
- "ecdsa",
- "elliptic-curve",
- "primeorder",
- "sha2",
-]
-
 [[package]]
 name = "parking"
 version = "2.2.1"
@@ -9843,15 +9736,6 @@ dependencies = [
  "syn 2.0.114",
 ]
 
-[[package]]
-name = "primeorder"
-version = "0.13.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "353e1ca18966c16d9deb1c69278edbc5f194139612772bd9537af60ac231e1e6"
-dependencies = [
- "elliptic-curve",
-]
-
 [[package]]
 name = "proc-macro-crate"
 version = "3.4.0"
@@ -10802,16 +10686,6 @@ version = "0.7.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1e061d1b48cb8d38042de4ae0a7a6401009d6143dc80d2e2d6f31f0bdd6470c7"
 
-[[package]]
-name = "rfc6979"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f8dd2a808d456c4a54e300a23e9f5a67e122c3024119acbfd73e3bf664491cb2"
-dependencies = [
- "hmac",
- "subtle",
-]
-
 [[package]]
 name = "ring"
 version = "0.17.14"
@@ -11271,20 +11145,6 @@ version = "3.0.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "490dcfcbfef26be6800d11870ff2df8774fa6e86d047e3e8c8a76b25655e41ca"
 
-[[package]]
-name = "sec1"
-version = "0.7.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d3e97a565f76233a6003f9f5c54be1d9c5bdfa3eccfb189469f11ec4901c47dc"
-dependencies = [
- "base16ct",
- "der",
- "generic-array",
- "pkcs8",
- "subtle",
- "zeroize",
-]
-
 [[package]]
 name = "seccompiler"
 version = "0.5.0"

codex-rs/Cargo.toml

@@ -30,7 +30,6 @@ members = [
     "collaboration-mode-templates",
     "connectors",
     "config",
-    "device-key",
     "shell-command",
     "shell-escalation",
     "skills",
@@ -154,7 +153,6 @@ codex-core = { path = "core" }
 codex-core-api = { path = "core-api" }
 codex-core-plugins = { path = "core-plugins" }
 codex-core-skills = { path = "core-skills" }
-codex-device-key = { path = "device-key" }
 codex-exec = { path = "exec" }
 codex-file-system = { path = "file-system" }
 codex-exec-server = { path = "exec-server" }
@@ -319,7 +317,6 @@ os_info = "3.12.0"
 owo-colors = "4.3.0"
 path-absolutize = "3.1.1"
 pathdiff = "0.2"
-p256 = "0.13.2"
 portable-pty = "0.9.0"
 predicates = "3"
 pretty_assertions = "1.4.1"
@@ -478,13 +475,13 @@ ignored = [
 [profile.dev]
 # Keep line tables/backtraces while avoiding expensive full variable debug info
 # across local dev builds.
-debug = 1
+debug = "limited"
 
 [profile.dev-small]
 inherits = "dev"
 opt-level = 0
-debug = 0
-strip = true
+debug = "none"
+strip = "symbols"
 
 [profile.release]
 lto = "fat"
@@ -496,8 +493,15 @@ strip = "symbols"
 # See https://github.com/openai/codex/issues/1411 for details.
 codegen-units = 1
 
+[profile.profiling]
+inherits = "release"
+debug = "full"
+lto = false
+strip = false
+
 [profile.ci-test]
-debug = 1         # Reduce debug symbol size
+# Reduce binary size to reduce disk pressure.
+debug = "limited"
 inherits = "test"
 opt-level = 0
 

codex-rs/agent-graph-store/Cargo.toml

@@ -7,6 +7,7 @@ version.workspace = true
 [lib]
 name = "codex_agent_graph_store"
 path = "src/lib.rs"
+doctest = false
 
 [lints]
 workspace = true

codex-rs/analytics/src/analytics_client_tests.rs

@@ -1012,7 +1012,7 @@ fn command_execution_event_serializes_expected_shape() {
                     runtime_os_version: "15.3.1".to_string(),
                     runtime_arch: "aarch64".to_string(),
                 },
-                thread_source: Some("user"),
+                thread_source: Some(ThreadSource::User),
                 subagent_source: None,
                 parent_thread_id: None,
                 tool_name: "shell".to_string(),

codex-rs/analytics/src/client.rs

@@ -340,8 +340,9 @@ impl AnalyticsEventsClient {
         });
     }
 
-    pub fn track_server_response(&self, response: ServerResponse) {
+    pub fn track_server_response(&self, completed_at_ms: u64, response: ServerResponse) {
         self.record_fact(AnalyticsFact::ServerResponse {
+            completed_at_ms,
             response: Box::new(response),
         });
     }

codex-rs/analytics/src/events.rs

@@ -18,6 +18,7 @@ use crate::facts::TurnStatus;
 use crate::facts::TurnSteerRejectionReason;
 use crate::facts::TurnSteerResult;
 use crate::facts::TurnSubmissionType;
+use crate::now_unix_millis;
 use crate::now_unix_seconds;
 use codex_app_server_protocol::CodexErrorInfo;
 use codex_app_server_protocol::CommandExecutionSource;
@@ -70,6 +71,8 @@ pub(crate) enum TrackEventRequest {
     CollabAgentToolCall(CodexCollabAgentToolCallEventRequest),
     WebSearch(CodexWebSearchEventRequest),
     ImageGeneration(CodexImageGenerationEventRequest),
+    #[allow(dead_code)]
+    ReviewEvent(CodexReviewEventRequest),
     PluginUsed(CodexPluginUsedEventRequest),
     PluginInstalled(CodexPluginEventRequest),
     PluginUninstalled(CodexPluginEventRequest),
@@ -259,7 +262,7 @@ pub struct GuardianReviewTrackContext {
     approval_request_source: GuardianApprovalRequestSource,
     reviewed_action: GuardianReviewedAction,
     review_timeout_ms: u64,
-    started_at: u64,
+    pub started_at_ms: u64,
     started_instant: Instant,
 }
 
@@ -281,7 +284,7 @@ impl GuardianReviewTrackContext {
             approval_request_source,
             reviewed_action,
             review_timeout_ms,
-            started_at: now_unix_seconds(),
+            started_at_ms: now_unix_millis(),
             started_instant: Instant::now(),
         }
     }
@@ -314,7 +317,7 @@ impl GuardianReviewTrackContext {
             tool_call_count: None,
             time_to_first_token_ms: result.time_to_first_token_ms,
             completion_latency_ms: Some(self.started_instant.elapsed().as_millis() as u64),
-            started_at: self.started_at,
+            started_at: self.started_at_ms / 1_000,
             completed_at: Some(now_unix_seconds()),
             input_tokens: result.token_usage.as_ref().map(|usage| usage.input_tokens),
             cached_input_tokens: result
@@ -442,7 +445,7 @@ pub(crate) struct CodexToolItemEventBase {
     pub(crate) item_id: String,
     pub(crate) app_server_client: CodexAppServerClientMetadata,
     pub(crate) runtime: CodexRuntimeMetadata,
-    pub(crate) thread_source: Option<&'static str>,
+    pub(crate) thread_source: Option<ThreadSource>,
     pub(crate) subagent_source: Option<String>,
     pub(crate) parent_thread_id: Option<String>,
     pub(crate) tool_name: String,
@@ -462,6 +465,83 @@ pub(crate) struct CodexToolItemEventBase {
     pub(crate) requested_network_access: bool,
 }
 
+#[allow(dead_code)]
+#[derive(Clone, Copy, Debug, Serialize)]
+#[serde(rename_all = "snake_case")]
+pub(crate) enum ReviewSubjectKind {
+    CommandExecution,
+    FileChange,
+    McpToolCall,
+    Permissions,
+    NetworkAccess,
+}
+
+#[allow(dead_code)]
+#[derive(Clone, Copy, Debug, Serialize)]
+#[serde(rename_all = "snake_case")]
+pub(crate) enum Reviewer {
+    Guardian,
+    User,
+}
+
+#[allow(dead_code)]
+#[derive(Clone, Copy, Debug, Serialize)]
+#[serde(rename_all = "snake_case")]
+pub(crate) enum ReviewTrigger {
+    Initial,
+    SandboxDenial,
+    NetworkPolicyDenial,
+    ExecveIntercept,
+}
+
+#[allow(dead_code)]
+#[derive(Clone, Copy, Debug, Serialize)]
+#[serde(rename_all = "snake_case")]
+pub(crate) enum ReviewStatus {
+    Approved,
+    Denied,
+    Aborted,
+    TimedOut,
+}
+
+#[allow(dead_code)]
+#[derive(Clone, Copy, Debug, Serialize)]
+#[serde(rename_all = "snake_case")]
+pub(crate) enum ReviewResolution {
+    None,
+    SessionApproval,
+    ExecPolicyAmendment,
+    NetworkPolicyAmendment,
+}
+
+#[derive(Serialize)]
+pub(crate) struct CodexReviewEventParams {
+    pub(crate) thread_id: String,
+    pub(crate) turn_id: String,
+    pub(crate) item_id: Option<String>,
+    pub(crate) review_id: String,
+    pub(crate) app_server_client: CodexAppServerClientMetadata,
+    pub(crate) runtime: CodexRuntimeMetadata,
+    pub(crate) thread_source: Option<ThreadSource>,
+    pub(crate) subagent_source: Option<String>,
+    pub(crate) parent_thread_id: Option<String>,
+    pub(crate) tool_kind: ReviewSubjectKind,
+    pub(crate) tool_name: String,
+    pub(crate) reviewer: Reviewer,
+    pub(crate) trigger: ReviewTrigger,
+    pub(crate) status: ReviewStatus,
+    pub(crate) resolution: ReviewResolution,
+    pub(crate) started_at_ms: u64,
+    pub(crate) completed_at_ms: u64,
+    pub(crate) duration_ms: Option<u64>,
+}
+
+#[derive(Serialize)]
+pub(crate) struct CodexReviewEventRequest {
+    pub(crate) event_type: &'static str,
+    pub(crate) event_params: CodexReviewEventParams,
+}
+#[allow(dead_code)]
 #[derive(Clone, Copy, Debug, Serialize)]
 #[serde(rename_all = "snake_case")]
 pub(crate) enum WebSearchActionKind {
@@ -880,6 +960,8 @@ fn analytics_hook_event_name(event_name: HookEventName) -> &'static str {
         HookEventName::PreToolUse => "PreToolUse",
         HookEventName::PermissionRequest => "PermissionRequest",
         HookEventName::PostToolUse => "PostToolUse",
+        HookEventName::PreCompact => "PreCompact",
+        HookEventName::PostCompact => "PostCompact",
         HookEventName::SessionStart => "SessionStart",
         HookEventName::UserPromptSubmit => "UserPromptSubmit",
         HookEventName::Stop => "Stop",

codex-rs/analytics/src/facts.rs

@@ -296,6 +296,7 @@ pub(crate) enum AnalyticsFact {
         request: Box<ServerRequest>,
     },
     ServerResponse {
+        completed_at_ms: u64,
         response: Box<ServerResponse>,
     },
     Notification(Box<ServerNotification>),

codex-rs/analytics/src/reducer.rs

@@ -325,6 +325,7 @@ impl AnalyticsReducer {
             } => {}
             AnalyticsFact::ServerResponse {
                 response: _response,
+                ..
             } => {}
             AnalyticsFact::Custom(input) => match input {
                 CustomAnalyticsFact::SubAgentThreadStarted(input) => {
@@ -1447,7 +1448,7 @@ fn tool_item_base(
         item_id,
         app_server_client: context.connection_state.app_server_client.clone(),
         runtime: context.connection_state.runtime.clone(),
-        thread_source: thread_metadata.thread_source.map(ThreadSource::as_str),
+        thread_source: thread_metadata.thread_source,
         subagent_source: thread_metadata.subagent_source.clone(),
         parent_thread_id: thread_metadata.parent_thread_id.clone(),
         tool_name,

codex-rs/ansi-escape/Cargo.toml

@@ -7,6 +7,8 @@ license.workspace = true
 [lib]
 name = "codex_ansi_escape"
 path = "src/lib.rs"
+test = false
+doctest = false
 
 [lints]
 workspace = true

codex-rs/app-server-client/Cargo.toml

@@ -7,6 +7,7 @@ license.workspace = true
 [lib]
 name = "codex_app_server_client"
 path = "src/lib.rs"
+doctest = false
 
 [lints]
 workspace = true

codex-rs/app-server-client/src/lib.rs

@@ -29,6 +29,7 @@ pub use codex_app_server::in_process::DEFAULT_IN_PROCESS_CHANNEL_CAPACITY;
 pub use codex_app_server::in_process::InProcessServerEvent;
 use codex_app_server::in_process::InProcessStartArgs;
 use codex_app_server::in_process::LogDbLayer;
+pub use codex_app_server::in_process::StateDbHandle;
 use codex_app_server_protocol::ClientInfo;
 use codex_app_server_protocol::ClientNotification;
 use codex_app_server_protocol::ClientRequest;
@@ -46,7 +47,6 @@ use codex_config::LoaderOverrides;
 use codex_config::NoopThreadConfigLoader;
 use codex_config::RemoteThreadConfigLoader;
 use codex_config::ThreadConfigLoader;
-pub use codex_core::StateDbHandle;
 use codex_core::config::Config;
 pub use codex_exec_server::EnvironmentManager;
 pub use codex_exec_server::EnvironmentManagerArgs;
@@ -951,7 +951,7 @@ mod tests {
     use codex_app_server_protocol::ToolRequestUserInputParams;
     use codex_app_server_protocol::ToolRequestUserInputQuestion;
     use codex_core::config::ConfigBuilder;
-    use codex_core::init_state_db_from_config;
+    use codex_core::init_state_db;
     use futures::SinkExt;
     use futures::StreamExt;
     use pretty_assertions::assert_eq;
@@ -1017,7 +1017,7 @@ mod tests {
     ) -> TestClient {
         let codex_home = TempDir::new().expect("temp dir");
         let config = Arc::new(build_test_config_for_codex_home(codex_home.path()).await);
-        let state_db = init_state_db_from_config(config.as_ref())
+        let state_db = init_state_db(config.as_ref())
             .await
             .expect("state db should initialize for in-process test");
         let client = InProcessAppServerClient::start(InProcessClientStartArgs {

codex-rs/app-server-protocol/Cargo.toml

@@ -7,6 +7,7 @@ license.workspace = true
 [lib]
 name = "codex_app_server_protocol"
 path = "src/lib.rs"
+doctest = false
 
 [lints]
 workspace = true

codex-rs/app-server-protocol/schema/json/ClientRequest.json

@@ -533,200 +533,6 @@
         }
       ]
     },
-    "DeviceKeyCreateParams": {
-      "description": "Create a controller-local device key with a random key id.",
-      "properties": {
-        "accountUserId": {
-          "type": "string"
-        },
-        "clientId": {
-          "type": "string"
-        },
-        "protectionPolicy": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/DeviceKeyProtectionPolicy"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Defaults to `hardware_only` when omitted."
-        }
-      },
-      "required": [
-        "accountUserId",
-        "clientId"
-      ],
-      "type": "object"
-    },
-    "DeviceKeyProtectionPolicy": {
-      "description": "Protection policy for creating or loading a controller-local device key.",
-      "enum": [
-        "hardware_only",
-        "allow_os_protected_nonextractable"
-      ],
-      "type": "string"
-    },
-    "DeviceKeyPublicParams": {
-      "description": "Fetch a controller-local device key public key by id.",
-      "properties": {
-        "keyId": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "keyId"
-      ],
-      "type": "object"
-    },
-    "DeviceKeySignParams": {
-      "description": "Sign an accepted structured payload with a controller-local device key.",
-      "properties": {
-        "keyId": {
-          "type": "string"
-        },
-        "payload": {
-          "$ref": "#/definitions/DeviceKeySignPayload"
-        }
-      },
-      "required": [
-        "keyId",
-        "payload"
-      ],
-      "type": "object"
-    },
-    "DeviceKeySignPayload": {
-      "description": "Structured payloads accepted by `device/key/sign`.",
-      "oneOf": [
-        {
-          "description": "Payload bound to one remote-control controller websocket `/client` connection challenge.",
-          "properties": {
-            "accountUserId": {
-              "type": "string"
-            },
-            "audience": {
-              "$ref": "#/definitions/RemoteControlClientConnectionAudience"
-            },
-            "clientId": {
-              "type": "string"
-            },
-            "nonce": {
-              "type": "string"
-            },
-            "scopes": {
-              "description": "Must contain exactly `remote_control_controller_websocket`.",
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            },
-            "sessionId": {
-              "description": "Backend-issued websocket session id that this proof authorizes.",
-              "type": "string"
-            },
-            "targetOrigin": {
-              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
-              "type": "string"
-            },
-            "targetPath": {
-              "description": "Websocket route path that this proof authorizes.",
-              "type": "string"
-            },
-            "tokenExpiresAt": {
-              "description": "Remote-control token expiration as Unix seconds.",
-              "format": "int64",
-              "type": "integer"
-            },
-            "tokenSha256Base64url": {
-              "description": "SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.",
-              "type": "string"
-            },
-            "type": {
-              "enum": [
-                "remoteControlClientConnection"
-              ],
-              "title": "RemoteControlClientConnectionDeviceKeySignPayloadType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "accountUserId",
-            "audience",
-            "clientId",
-            "nonce",
-            "scopes",
-            "sessionId",
-            "targetOrigin",
-            "targetPath",
-            "tokenExpiresAt",
-            "tokenSha256Base64url",
-            "type"
-          ],
-          "title": "RemoteControlClientConnectionDeviceKeySignPayload",
-          "type": "object"
-        },
-        {
-          "description": "Payload bound to a remote-control client `/client/enroll` ownership challenge.",
-          "properties": {
-            "accountUserId": {
-              "type": "string"
-            },
-            "audience": {
-              "$ref": "#/definitions/RemoteControlClientEnrollmentAudience"
-            },
-            "challengeExpiresAt": {
-              "description": "Enrollment challenge expiration as Unix seconds.",
-              "format": "int64",
-              "type": "integer"
-            },
-            "challengeId": {
-              "description": "Backend-issued enrollment challenge id that this proof authorizes.",
-              "type": "string"
-            },
-            "clientId": {
-              "type": "string"
-            },
-            "deviceIdentitySha256Base64url": {
-              "description": "SHA-256 of the requested device identity operation, encoded as unpadded base64url.",
-              "type": "string"
-            },
-            "nonce": {
-              "type": "string"
-            },
-            "targetOrigin": {
-              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
-              "type": "string"
-            },
-            "targetPath": {
-              "description": "HTTP route path that this proof authorizes.",
-              "type": "string"
-            },
-            "type": {
-              "enum": [
-                "remoteControlClientEnrollment"
-              ],
-              "title": "RemoteControlClientEnrollmentDeviceKeySignPayloadType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "accountUserId",
-            "audience",
-            "challengeExpiresAt",
-            "challengeId",
-            "clientId",
-            "deviceIdentitySha256Base64url",
-            "nonce",
-            "targetOrigin",
-            "targetPath",
-            "type"
-          ],
-          "title": "RemoteControlClientEnrollmentDeviceKeySignPayload",
-          "type": "object"
-        }
-      ]
-    },
     "DynamicToolSpec": {
       "properties": {
         "deferLoading": {
@@ -2144,6 +1950,14 @@
       ],
       "type": "object"
     },
+    "PluginListMarketplaceKind": {
+      "enum": [
+        "local",
+        "workspace-directory",
+        "shared-with-me"
+      ],
+      "type": "string"
+    },
     "PluginListParams": {
       "properties": {
         "cwds": {
@@ -2155,6 +1969,16 @@
             "array",
             "null"
           ]
+        },
+        "marketplaceKinds": {
+          "description": "Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus the default remote catalog when enabled by feature flag.",
+          "items": {
+            "$ref": "#/definitions/PluginListMarketplaceKind"
+          },
+          "type": [
+            "array",
+            "null"
+          ]
         }
       },
       "type": "object"
@@ -2486,20 +2310,6 @@
         }
       ]
     },
-    "RemoteControlClientConnectionAudience": {
-      "description": "Audience for a remote-control client connection device-key proof.",
-      "enum": [
-        "remote_control_client_websocket"
-      ],
-      "type": "string"
-    },
-    "RemoteControlClientEnrollmentAudience": {
-      "description": "Audience for a remote-control client enrollment device-key proof.",
-      "enum": [
-        "remote_control_client_enrollment"
-      ],
-      "type": "string"
-    },
     "RequestId": {
       "anyOf": [
         {
@@ -3402,24 +3212,6 @@
       ],
       "type": "object"
     },
-    "SkillsListExtraRootsForCwd": {
-      "properties": {
-        "cwd": {
-          "type": "string"
-        },
-        "extraUserRoots": {
-          "items": {
-            "type": "string"
-          },
-          "type": "array"
-        }
-      },
-      "required": [
-        "cwd",
-        "extraUserRoots"
-      ],
-      "type": "object"
-    },
     "SkillsListParams": {
       "properties": {
         "cwds": {
@@ -3432,17 +3224,6 @@
         "forceReload": {
           "description": "When true, bypass the skills cache and re-scan skills from disk.",
           "type": "boolean"
-        },
-        "perCwdExtraUserRoots": {
-          "default": null,
-          "description": "Optional per-cwd extra roots to scan as user-scoped skills.",
-          "items": {
-            "$ref": "#/definitions/SkillsListExtraRootsForCwd"
-          },
-          "type": [
-            "array",
-            "null"
-          ]
         }
       },
       "type": "object"
@@ -4286,6 +4067,31 @@
       ],
       "type": "object"
     },
+    "TurnItemsView": {
+      "oneOf": [
+        {
+          "description": "`items` was not loaded for this turn. The field is intentionally empty.",
+          "enum": [
+            "notLoaded"
+          ],
+          "type": "string"
+        },
+        {
+          "description": "`items` contains only a display summary for this turn.",
+          "enum": [
+            "summary"
+          ],
+          "type": "string"
+        },
+        {
+          "description": "`items` contains every ThreadItem available from persisted app-server history for this turn.",
+          "enum": [
+            "full"
+          ],
+          "type": "string"
+        }
+      ]
+    },
     "TurnStartParams": {
       "properties": {
         "approvalPolicy": {
@@ -5290,78 +5096,6 @@
       "title": "App/listRequest",
       "type": "object"
     },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "device/key/create"
-          ],
-          "title": "Device/key/createRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/DeviceKeyCreateParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Device/key/createRequest",
-      "type": "object"
-    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "device/key/public"
-          ],
-          "title": "Device/key/publicRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/DeviceKeyPublicParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Device/key/publicRequest",
-      "type": "object"
-    },
-    {
-      "properties": {
-        "id": {
-          "$ref": "#/definitions/RequestId"
-        },
-        "method": {
-          "enum": [
-            "device/key/sign"
-          ],
-          "title": "Device/key/signRequestMethod",
-          "type": "string"
-        },
-        "params": {
-          "$ref": "#/definitions/DeviceKeySignParams"
-        }
-      },
-      "required": [
-        "id",
-        "method",
-        "params"
-      ],
-      "title": "Device/key/signRequest",
-      "type": "object"
-    },
     {
       "properties": {
         "id": {
@@ -6443,4 +6177,4 @@
     }
   ],
   "title": "ClientRequest"
-}
+}

codex-rs/app-server-protocol/schema/json/CommandExecutionRequestApprovalParams.json

@@ -593,6 +593,11 @@
         "null"
       ]
     },
+    "startedAtMs": {
+      "description": "Unix timestamp (in milliseconds) when this approval request started.",
+      "format": "int64",
+      "type": "integer"
+    },
     "threadId": {
       "type": "string"
     },
@@ -602,6 +607,7 @@
   },
   "required": [
     "itemId",
+    "startedAtMs",
     "threadId",
     "turnId"
   ],

codex-rs/app-server-protocol/schema/json/FileChangeRequestApprovalParams.json

@@ -18,6 +18,11 @@
         "null"
       ]
     },
+    "startedAtMs": {
+      "description": "Unix timestamp (in milliseconds) when this approval request started.",
+      "format": "int64",
+      "type": "integer"
+    },
     "threadId": {
       "type": "string"
     },
@@ -27,6 +32,7 @@
   },
   "required": [
     "itemId",
+    "startedAtMs",
     "threadId",
     "turnId"
   ],

codex-rs/app-server-protocol/schema/json/PermissionsRequestApprovalParams.json

@@ -297,6 +297,11 @@
         "null"
       ]
     },
+    "startedAtMs": {
+      "description": "Unix timestamp (in milliseconds) when this approval request started.",
+      "format": "int64",
+      "type": "integer"
+    },
     "threadId": {
       "type": "string"
     },
@@ -308,6 +313,7 @@
     "cwd",
     "itemId",
     "permissions",
+    "startedAtMs",
     "threadId",
     "turnId"
   ],

codex-rs/app-server-protocol/schema/json/ServerNotification.json

@@ -1736,6 +1736,8 @@
         "preToolUse",
         "permissionRequest",
         "postToolUse",
+        "preCompact",
+        "postCompact",
         "sessionStart",
         "userPromptSubmit",
         "stop"
@@ -1961,6 +1963,11 @@
         "action": {
           "$ref": "#/definitions/GuardianApprovalReviewAction"
         },
+        "completedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this review completed.",
+          "format": "int64",
+          "type": "integer"
+        },
         "decisionSource": {
           "$ref": "#/definitions/AutoReviewDecisionSource"
         },
@@ -1971,6 +1978,11 @@
           "description": "Stable identifier for this review.",
           "type": "string"
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this review started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "targetItemId": {
           "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
           "type": [
@@ -1987,9 +1999,11 @@
       },
       "required": [
         "action",
+        "completedAtMs",
         "decisionSource",
         "review",
         "reviewId",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],
@@ -2008,6 +2022,11 @@
           "description": "Stable identifier for this review.",
           "type": "string"
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this review started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "targetItemId": {
           "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
           "type": [
@@ -2026,6 +2045,7 @@
         "action",
         "review",
         "reviewId",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],

codex-rs/app-server-protocol/schema/json/ServerRequest.json

@@ -417,6 +417,11 @@
             "null"
           ]
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this approval request started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "threadId": {
           "type": "string"
         },
@@ -426,6 +431,7 @@
       },
       "required": [
         "itemId",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],
@@ -598,6 +604,11 @@
             "null"
           ]
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this approval request started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "threadId": {
           "type": "string"
         },
@@ -607,6 +618,7 @@
       },
       "required": [
         "itemId",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],
@@ -1587,6 +1599,11 @@
             "null"
           ]
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this approval request started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "threadId": {
           "type": "string"
         },
@@ -1598,6 +1615,7 @@
         "cwd",
         "itemId",
         "permissions",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],

codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json

@@ -906,78 +906,6 @@
           "title": "App/listRequest",
           "type": "object"
         },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "device/key/create"
-              ],
-              "title": "Device/key/createRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/DeviceKeyCreateParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Device/key/createRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "device/key/public"
-              ],
-              "title": "Device/key/publicRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/DeviceKeyPublicParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Device/key/publicRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/v2/RequestId"
-            },
-            "method": {
-              "enum": [
-                "device/key/sign"
-              ],
-              "title": "Device/key/signRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/v2/DeviceKeySignParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Device/key/signRequest",
-          "type": "object"
-        },
         {
           "properties": {
             "id": {
@@ -2218,6 +2146,11 @@
             "null"
           ]
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this approval request started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "threadId": {
           "type": "string"
         },
@@ -2227,6 +2160,7 @@
       },
       "required": [
         "itemId",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],
@@ -2483,6 +2417,11 @@
             "null"
           ]
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this approval request started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "threadId": {
           "type": "string"
         },
@@ -2492,6 +2431,7 @@
       },
       "required": [
         "itemId",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],
@@ -3663,6 +3603,11 @@
             "null"
           ]
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this approval request started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "threadId": {
           "type": "string"
         },
@@ -3674,6 +3619,7 @@
         "cwd",
         "itemId",
         "permissions",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],
@@ -7947,300 +7893,6 @@
         "title": "DeprecationNoticeNotification",
         "type": "object"
       },
-      "DeviceKeyAlgorithm": {
-        "description": "Device-key algorithm reported at enrollment and signing boundaries.",
-        "enum": [
-          "ecdsa_p256_sha256"
-        ],
-        "type": "string"
-      },
-      "DeviceKeyCreateParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Create a controller-local device key with a random key id.",
-        "properties": {
-          "accountUserId": {
-            "type": "string"
-          },
-          "clientId": {
-            "type": "string"
-          },
-          "protectionPolicy": {
-            "anyOf": [
-              {
-                "$ref": "#/definitions/v2/DeviceKeyProtectionPolicy"
-              },
-              {
-                "type": "null"
-              }
-            ],
-            "description": "Defaults to `hardware_only` when omitted."
-          }
-        },
-        "required": [
-          "accountUserId",
-          "clientId"
-        ],
-        "title": "DeviceKeyCreateParams",
-        "type": "object"
-      },
-      "DeviceKeyCreateResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Device-key metadata and public key returned by create/public APIs.",
-        "properties": {
-          "algorithm": {
-            "$ref": "#/definitions/v2/DeviceKeyAlgorithm"
-          },
-          "keyId": {
-            "type": "string"
-          },
-          "protectionClass": {
-            "$ref": "#/definitions/v2/DeviceKeyProtectionClass"
-          },
-          "publicKeySpkiDerBase64": {
-            "description": "SubjectPublicKeyInfo DER encoded as base64.",
-            "type": "string"
-          }
-        },
-        "required": [
-          "algorithm",
-          "keyId",
-          "protectionClass",
-          "publicKeySpkiDerBase64"
-        ],
-        "title": "DeviceKeyCreateResponse",
-        "type": "object"
-      },
-      "DeviceKeyProtectionClass": {
-        "description": "Platform protection class for a controller-local device key.",
-        "enum": [
-          "hardware_secure_enclave",
-          "hardware_tpm",
-          "os_protected_nonextractable"
-        ],
-        "type": "string"
-      },
-      "DeviceKeyProtectionPolicy": {
-        "description": "Protection policy for creating or loading a controller-local device key.",
-        "enum": [
-          "hardware_only",
-          "allow_os_protected_nonextractable"
-        ],
-        "type": "string"
-      },
-      "DeviceKeyPublicParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Fetch a controller-local device key public key by id.",
-        "properties": {
-          "keyId": {
-            "type": "string"
-          }
-        },
-        "required": [
-          "keyId"
-        ],
-        "title": "DeviceKeyPublicParams",
-        "type": "object"
-      },
-      "DeviceKeyPublicResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Device-key public metadata returned by `device/key/public`.",
-        "properties": {
-          "algorithm": {
-            "$ref": "#/definitions/v2/DeviceKeyAlgorithm"
-          },
-          "keyId": {
-            "type": "string"
-          },
-          "protectionClass": {
-            "$ref": "#/definitions/v2/DeviceKeyProtectionClass"
-          },
-          "publicKeySpkiDerBase64": {
-            "description": "SubjectPublicKeyInfo DER encoded as base64.",
-            "type": "string"
-          }
-        },
-        "required": [
-          "algorithm",
-          "keyId",
-          "protectionClass",
-          "publicKeySpkiDerBase64"
-        ],
-        "title": "DeviceKeyPublicResponse",
-        "type": "object"
-      },
-      "DeviceKeySignParams": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "Sign an accepted structured payload with a controller-local device key.",
-        "properties": {
-          "keyId": {
-            "type": "string"
-          },
-          "payload": {
-            "$ref": "#/definitions/v2/DeviceKeySignPayload"
-          }
-        },
-        "required": [
-          "keyId",
-          "payload"
-        ],
-        "title": "DeviceKeySignParams",
-        "type": "object"
-      },
-      "DeviceKeySignPayload": {
-        "description": "Structured payloads accepted by `device/key/sign`.",
-        "oneOf": [
-          {
-            "description": "Payload bound to one remote-control controller websocket `/client` connection challenge.",
-            "properties": {
-              "accountUserId": {
-                "type": "string"
-              },
-              "audience": {
-                "$ref": "#/definitions/v2/RemoteControlClientConnectionAudience"
-              },
-              "clientId": {
-                "type": "string"
-              },
-              "nonce": {
-                "type": "string"
-              },
-              "scopes": {
-                "description": "Must contain exactly `remote_control_controller_websocket`.",
-                "items": {
-                  "type": "string"
-                },
-                "type": "array"
-              },
-              "sessionId": {
-                "description": "Backend-issued websocket session id that this proof authorizes.",
-                "type": "string"
-              },
-              "targetOrigin": {
-                "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
-                "type": "string"
-              },
-              "targetPath": {
-                "description": "Websocket route path that this proof authorizes.",
-                "type": "string"
-              },
-              "tokenExpiresAt": {
-                "description": "Remote-control token expiration as Unix seconds.",
-                "format": "int64",
-                "type": "integer"
-              },
-              "tokenSha256Base64url": {
-                "description": "SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.",
-                "type": "string"
-              },
-              "type": {
-                "enum": [
-                  "remoteControlClientConnection"
-                ],
-                "title": "RemoteControlClientConnectionDeviceKeySignPayloadType",
-                "type": "string"
-              }
-            },
-            "required": [
-              "accountUserId",
-              "audience",
-              "clientId",
-              "nonce",
-              "scopes",
-              "sessionId",
-              "targetOrigin",
-              "targetPath",
-              "tokenExpiresAt",
-              "tokenSha256Base64url",
-              "type"
-            ],
-            "title": "RemoteControlClientConnectionDeviceKeySignPayload",
-            "type": "object"
-          },
-          {
-            "description": "Payload bound to a remote-control client `/client/enroll` ownership challenge.",
-            "properties": {
-              "accountUserId": {
-                "type": "string"
-              },
-              "audience": {
-                "$ref": "#/definitions/v2/RemoteControlClientEnrollmentAudience"
-              },
-              "challengeExpiresAt": {
-                "description": "Enrollment challenge expiration as Unix seconds.",
-                "format": "int64",
-                "type": "integer"
-              },
-              "challengeId": {
-                "description": "Backend-issued enrollment challenge id that this proof authorizes.",
-                "type": "string"
-              },
-              "clientId": {
-                "type": "string"
-              },
-              "deviceIdentitySha256Base64url": {
-                "description": "SHA-256 of the requested device identity operation, encoded as unpadded base64url.",
-                "type": "string"
-              },
-              "nonce": {
-                "type": "string"
-              },
-              "targetOrigin": {
-                "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
-                "type": "string"
-              },
-              "targetPath": {
-                "description": "HTTP route path that this proof authorizes.",
-                "type": "string"
-              },
-              "type": {
-                "enum": [
-                  "remoteControlClientEnrollment"
-                ],
-                "title": "RemoteControlClientEnrollmentDeviceKeySignPayloadType",
-                "type": "string"
-              }
-            },
-            "required": [
-              "accountUserId",
-              "audience",
-              "challengeExpiresAt",
-              "challengeId",
-              "clientId",
-              "deviceIdentitySha256Base64url",
-              "nonce",
-              "targetOrigin",
-              "targetPath",
-              "type"
-            ],
-            "title": "RemoteControlClientEnrollmentDeviceKeySignPayload",
-            "type": "object"
-          }
-        ]
-      },
-      "DeviceKeySignResponse": {
-        "$schema": "http://json-schema.org/draft-07/schema#",
-        "description": "ASN.1 DER signature returned by `device/key/sign`.",
-        "properties": {
-          "algorithm": {
-            "$ref": "#/definitions/v2/DeviceKeyAlgorithm"
-          },
-          "signatureDerBase64": {
-            "description": "ECDSA signature DER encoded as base64.",
-            "type": "string"
-          },
-          "signedPayloadBase64": {
-            "description": "Exact bytes signed by the device key, encoded as base64. Verifiers must verify this byte string directly and must not reserialize `payload`.",
-            "type": "string"
-          }
-        },
-        "required": [
-          "algorithm",
-          "signatureDerBase64",
-          "signedPayloadBase64"
-        ],
-        "title": "DeviceKeySignResponse",
-        "type": "object"
-      },
       "DynamicToolCallOutputContentItem": {
         "oneOf": [
           {
@@ -9824,6 +9476,8 @@
           "preToolUse",
           "permissionRequest",
           "postToolUse",
+          "preCompact",
+          "postCompact",
           "sessionStart",
           "userPromptSubmit",
           "stop"
@@ -10242,6 +9896,11 @@
           "action": {
             "$ref": "#/definitions/v2/GuardianApprovalReviewAction"
           },
+          "completedAtMs": {
+            "description": "Unix timestamp (in milliseconds) when this review completed.",
+            "format": "int64",
+            "type": "integer"
+          },
           "decisionSource": {
             "$ref": "#/definitions/v2/AutoReviewDecisionSource"
           },
@@ -10252,6 +9911,11 @@
             "description": "Stable identifier for this review.",
             "type": "string"
           },
+          "startedAtMs": {
+            "description": "Unix timestamp (in milliseconds) when this review started.",
+            "format": "int64",
+            "type": "integer"
+          },
           "targetItemId": {
             "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
             "type": [
@@ -10268,9 +9932,11 @@
         },
         "required": [
           "action",
+          "completedAtMs",
           "decisionSource",
           "review",
           "reviewId",
+          "startedAtMs",
           "threadId",
           "turnId"
         ],
@@ -10291,6 +9957,11 @@
             "description": "Stable identifier for this review.",
             "type": "string"
           },
+          "startedAtMs": {
+            "description": "Unix timestamp (in milliseconds) when this review started.",
+            "format": "int64",
+            "type": "integer"
+          },
           "targetItemId": {
             "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
             "type": [
@@ -10309,6 +9980,7 @@
           "action",
           "review",
           "reviewId",
+          "startedAtMs",
           "threadId",
           "turnId"
         ],
@@ -10664,12 +10336,24 @@
             },
             "type": "array"
           },
+          "PostCompact": {
+            "items": {
+              "$ref": "#/definitions/v2/ConfiguredHookMatcherGroup"
+            },
+            "type": "array"
+          },
           "PostToolUse": {
             "items": {
               "$ref": "#/definitions/v2/ConfiguredHookMatcherGroup"
             },
             "type": "array"
           },
+          "PreCompact": {
+            "items": {
+              "$ref": "#/definitions/v2/ConfiguredHookMatcherGroup"
+            },
+            "type": "array"
+          },
           "PreToolUse": {
             "items": {
               "$ref": "#/definitions/v2/ConfiguredHookMatcherGroup"
@@ -10709,7 +10393,9 @@
         },
         "required": [
           "PermissionRequest",
+          "PostCompact",
           "PostToolUse",
+          "PreCompact",
           "PreToolUse",
           "SessionStart",
           "Stop",
@@ -12128,6 +11814,12 @@
               "null"
             ]
           },
+          "hooks": {
+            "items": {
+              "$ref": "#/definitions/v2/PluginHookSummary"
+            },
+            "type": "array"
+          },
           "marketplaceName": {
             "type": "string"
           },
@@ -12159,6 +11851,7 @@
         },
         "required": [
           "apps",
+          "hooks",
           "marketplaceName",
           "mcpServers",
           "skills",
@@ -12166,6 +11859,21 @@
         ],
         "type": "object"
       },
+      "PluginHookSummary": {
+        "properties": {
+          "eventName": {
+            "$ref": "#/definitions/v2/HookEventName"
+          },
+          "key": {
+            "type": "string"
+          }
+        },
+        "required": [
+          "eventName",
+          "key"
+        ],
+        "type": "object"
+      },
       "PluginInstallParams": {
         "$schema": "http://json-schema.org/draft-07/schema#",
         "properties": {
@@ -12353,6 +12061,14 @@
         ],
         "type": "object"
       },
+      "PluginListMarketplaceKind": {
+        "enum": [
+          "local",
+          "workspace-directory",
+          "shared-with-me"
+        ],
+        "type": "string"
+      },
       "PluginListParams": {
         "$schema": "http://json-schema.org/draft-07/schema#",
         "properties": {
@@ -12365,6 +12081,16 @@
               "array",
               "null"
             ]
+          },
+          "marketplaceKinds": {
+            "description": "Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus the default remote catalog when enabled by feature flag.",
+            "items": {
+              "$ref": "#/definitions/v2/PluginListMarketplaceKind"
+            },
+            "type": [
+              "array",
+              "null"
+            ]
           }
         },
         "title": "PluginListParams",
@@ -12481,6 +12207,44 @@
         "title": "PluginReadResponse",
         "type": "object"
       },
+      "PluginShareContext": {
+        "properties": {
+          "creatorAccountUserId": {
+            "type": [
+              "string",
+              "null"
+            ]
+          },
+          "creatorName": {
+            "type": [
+              "string",
+              "null"
+            ]
+          },
+          "remotePluginId": {
+            "type": "string"
+          },
+          "shareTargets": {
+            "items": {
+              "$ref": "#/definitions/v2/PluginSharePrincipal"
+            },
+            "type": [
+              "array",
+              "null"
+            ]
+          },
+          "shareUrl": {
+            "type": [
+              "string",
+              "null"
+            ]
+          }
+        },
+        "required": [
+          "remotePluginId"
+        ],
+        "type": "object"
+      },
       "PluginShareDeleteParams": {
         "$schema": "http://json-schema.org/draft-07/schema#",
         "properties": {
@@ -12845,6 +12609,17 @@
           "name": {
             "type": "string"
           },
+          "shareContext": {
+            "anyOf": [
+              {
+                "$ref": "#/definitions/v2/PluginShareContext"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "description": "Remote sharing context associated with this plugin when available."
+          },
           "source": {
             "$ref": "#/definitions/v2/PluginSource"
           }
@@ -13505,20 +13280,6 @@
         "title": "ReasoningTextDeltaNotification",
         "type": "object"
       },
-      "RemoteControlClientConnectionAudience": {
-        "description": "Audience for a remote-control client connection device-key proof.",
-        "enum": [
-          "remote_control_client_websocket"
-        ],
-        "type": "string"
-      },
-      "RemoteControlClientEnrollmentAudience": {
-        "description": "Audience for a remote-control client enrollment device-key proof.",
-        "enum": [
-          "remote_control_client_enrollment"
-        ],
-        "type": "string"
-      },
       "RemoteControlConnectionStatus": {
         "enum": [
           "disabled",
@@ -15005,24 +14766,6 @@
         ],
         "type": "object"
       },
-      "SkillsListExtraRootsForCwd": {
-        "properties": {
-          "cwd": {
-            "type": "string"
-          },
-          "extraUserRoots": {
-            "items": {
-              "type": "string"
-            },
-            "type": "array"
-          }
-        },
-        "required": [
-          "cwd",
-          "extraUserRoots"
-        ],
-        "type": "object"
-      },
       "SkillsListParams": {
         "$schema": "http://json-schema.org/draft-07/schema#",
         "properties": {
@@ -15036,17 +14779,6 @@
           "forceReload": {
             "description": "When true, bypass the skills cache and re-scan skills from disk.",
             "type": "boolean"
-          },
-          "perCwdExtraUserRoots": {
-            "default": null,
-            "description": "Optional per-cwd extra roots to scan as user-scoped skills.",
-            "items": {
-              "$ref": "#/definitions/v2/SkillsListExtraRootsForCwd"
-            },
-            "type": [
-              "array",
-              "null"
-            ]
           }
         },
         "title": "SkillsListParams",
@@ -18664,4 +18396,4 @@
   },
   "title": "CodexAppServerProtocol",
   "type": "object"
-}
+}

codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json

@@ -1665,78 +1665,6 @@
           "title": "App/listRequest",
           "type": "object"
         },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "device/key/create"
-              ],
-              "title": "Device/key/createRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/DeviceKeyCreateParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Device/key/createRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "device/key/public"
-              ],
-              "title": "Device/key/publicRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/DeviceKeyPublicParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Device/key/publicRequest",
-          "type": "object"
-        },
-        {
-          "properties": {
-            "id": {
-              "$ref": "#/definitions/RequestId"
-            },
-            "method": {
-              "enum": [
-                "device/key/sign"
-              ],
-              "title": "Device/key/signRequestMethod",
-              "type": "string"
-            },
-            "params": {
-              "$ref": "#/definitions/DeviceKeySignParams"
-            }
-          },
-          "required": [
-            "id",
-            "method",
-            "params"
-          ],
-          "title": "Device/key/signRequest",
-          "type": "object"
-        },
         {
           "properties": {
             "id": {
@@ -4403,300 +4331,6 @@
       "title": "DeprecationNoticeNotification",
       "type": "object"
     },
-    "DeviceKeyAlgorithm": {
-      "description": "Device-key algorithm reported at enrollment and signing boundaries.",
-      "enum": [
-        "ecdsa_p256_sha256"
-      ],
-      "type": "string"
-    },
-    "DeviceKeyCreateParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Create a controller-local device key with a random key id.",
-      "properties": {
-        "accountUserId": {
-          "type": "string"
-        },
-        "clientId": {
-          "type": "string"
-        },
-        "protectionPolicy": {
-          "anyOf": [
-            {
-              "$ref": "#/definitions/DeviceKeyProtectionPolicy"
-            },
-            {
-              "type": "null"
-            }
-          ],
-          "description": "Defaults to `hardware_only` when omitted."
-        }
-      },
-      "required": [
-        "accountUserId",
-        "clientId"
-      ],
-      "title": "DeviceKeyCreateParams",
-      "type": "object"
-    },
-    "DeviceKeyCreateResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Device-key metadata and public key returned by create/public APIs.",
-      "properties": {
-        "algorithm": {
-          "$ref": "#/definitions/DeviceKeyAlgorithm"
-        },
-        "keyId": {
-          "type": "string"
-        },
-        "protectionClass": {
-          "$ref": "#/definitions/DeviceKeyProtectionClass"
-        },
-        "publicKeySpkiDerBase64": {
-          "description": "SubjectPublicKeyInfo DER encoded as base64.",
-          "type": "string"
-        }
-      },
-      "required": [
-        "algorithm",
-        "keyId",
-        "protectionClass",
-        "publicKeySpkiDerBase64"
-      ],
-      "title": "DeviceKeyCreateResponse",
-      "type": "object"
-    },
-    "DeviceKeyProtectionClass": {
-      "description": "Platform protection class for a controller-local device key.",
-      "enum": [
-        "hardware_secure_enclave",
-        "hardware_tpm",
-        "os_protected_nonextractable"
-      ],
-      "type": "string"
-    },
-    "DeviceKeyProtectionPolicy": {
-      "description": "Protection policy for creating or loading a controller-local device key.",
-      "enum": [
-        "hardware_only",
-        "allow_os_protected_nonextractable"
-      ],
-      "type": "string"
-    },
-    "DeviceKeyPublicParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Fetch a controller-local device key public key by id.",
-      "properties": {
-        "keyId": {
-          "type": "string"
-        }
-      },
-      "required": [
-        "keyId"
-      ],
-      "title": "DeviceKeyPublicParams",
-      "type": "object"
-    },
-    "DeviceKeyPublicResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Device-key public metadata returned by `device/key/public`.",
-      "properties": {
-        "algorithm": {
-          "$ref": "#/definitions/DeviceKeyAlgorithm"
-        },
-        "keyId": {
-          "type": "string"
-        },
-        "protectionClass": {
-          "$ref": "#/definitions/DeviceKeyProtectionClass"
-        },
-        "publicKeySpkiDerBase64": {
-          "description": "SubjectPublicKeyInfo DER encoded as base64.",
-          "type": "string"
-        }
-      },
-      "required": [
-        "algorithm",
-        "keyId",
-        "protectionClass",
-        "publicKeySpkiDerBase64"
-      ],
-      "title": "DeviceKeyPublicResponse",
-      "type": "object"
-    },
-    "DeviceKeySignParams": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "Sign an accepted structured payload with a controller-local device key.",
-      "properties": {
-        "keyId": {
-          "type": "string"
-        },
-        "payload": {
-          "$ref": "#/definitions/DeviceKeySignPayload"
-        }
-      },
-      "required": [
-        "keyId",
-        "payload"
-      ],
-      "title": "DeviceKeySignParams",
-      "type": "object"
-    },
-    "DeviceKeySignPayload": {
-      "description": "Structured payloads accepted by `device/key/sign`.",
-      "oneOf": [
-        {
-          "description": "Payload bound to one remote-control controller websocket `/client` connection challenge.",
-          "properties": {
-            "accountUserId": {
-              "type": "string"
-            },
-            "audience": {
-              "$ref": "#/definitions/RemoteControlClientConnectionAudience"
-            },
-            "clientId": {
-              "type": "string"
-            },
-            "nonce": {
-              "type": "string"
-            },
-            "scopes": {
-              "description": "Must contain exactly `remote_control_controller_websocket`.",
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            },
-            "sessionId": {
-              "description": "Backend-issued websocket session id that this proof authorizes.",
-              "type": "string"
-            },
-            "targetOrigin": {
-              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
-              "type": "string"
-            },
-            "targetPath": {
-              "description": "Websocket route path that this proof authorizes.",
-              "type": "string"
-            },
-            "tokenExpiresAt": {
-              "description": "Remote-control token expiration as Unix seconds.",
-              "format": "int64",
-              "type": "integer"
-            },
-            "tokenSha256Base64url": {
-              "description": "SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.",
-              "type": "string"
-            },
-            "type": {
-              "enum": [
-                "remoteControlClientConnection"
-              ],
-              "title": "RemoteControlClientConnectionDeviceKeySignPayloadType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "accountUserId",
-            "audience",
-            "clientId",
-            "nonce",
-            "scopes",
-            "sessionId",
-            "targetOrigin",
-            "targetPath",
-            "tokenExpiresAt",
-            "tokenSha256Base64url",
-            "type"
-          ],
-          "title": "RemoteControlClientConnectionDeviceKeySignPayload",
-          "type": "object"
-        },
-        {
-          "description": "Payload bound to a remote-control client `/client/enroll` ownership challenge.",
-          "properties": {
-            "accountUserId": {
-              "type": "string"
-            },
-            "audience": {
-              "$ref": "#/definitions/RemoteControlClientEnrollmentAudience"
-            },
-            "challengeExpiresAt": {
-              "description": "Enrollment challenge expiration as Unix seconds.",
-              "format": "int64",
-              "type": "integer"
-            },
-            "challengeId": {
-              "description": "Backend-issued enrollment challenge id that this proof authorizes.",
-              "type": "string"
-            },
-            "clientId": {
-              "type": "string"
-            },
-            "deviceIdentitySha256Base64url": {
-              "description": "SHA-256 of the requested device identity operation, encoded as unpadded base64url.",
-              "type": "string"
-            },
-            "nonce": {
-              "type": "string"
-            },
-            "targetOrigin": {
-              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
-              "type": "string"
-            },
-            "targetPath": {
-              "description": "HTTP route path that this proof authorizes.",
-              "type": "string"
-            },
-            "type": {
-              "enum": [
-                "remoteControlClientEnrollment"
-              ],
-              "title": "RemoteControlClientEnrollmentDeviceKeySignPayloadType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "accountUserId",
-            "audience",
-            "challengeExpiresAt",
-            "challengeId",
-            "clientId",
-            "deviceIdentitySha256Base64url",
-            "nonce",
-            "targetOrigin",
-            "targetPath",
-            "type"
-          ],
-          "title": "RemoteControlClientEnrollmentDeviceKeySignPayload",
-          "type": "object"
-        }
-      ]
-    },
-    "DeviceKeySignResponse": {
-      "$schema": "http://json-schema.org/draft-07/schema#",
-      "description": "ASN.1 DER signature returned by `device/key/sign`.",
-      "properties": {
-        "algorithm": {
-          "$ref": "#/definitions/DeviceKeyAlgorithm"
-        },
-        "signatureDerBase64": {
-          "description": "ECDSA signature DER encoded as base64.",
-          "type": "string"
-        },
-        "signedPayloadBase64": {
-          "description": "Exact bytes signed by the device key, encoded as base64. Verifiers must verify this byte string directly and must not reserialize `payload`.",
-          "type": "string"
-        }
-      },
-      "required": [
-        "algorithm",
-        "signatureDerBase64",
-        "signedPayloadBase64"
-      ],
-      "title": "DeviceKeySignResponse",
-      "type": "object"
-    },
     "DynamicToolCallOutputContentItem": {
       "oneOf": [
         {
@@ -6391,6 +6025,8 @@
         "preToolUse",
         "permissionRequest",
         "postToolUse",
+        "preCompact",
+        "postCompact",
         "sessionStart",
         "userPromptSubmit",
         "stop"
@@ -6853,6 +6489,11 @@
         "action": {
           "$ref": "#/definitions/GuardianApprovalReviewAction"
         },
+        "completedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this review completed.",
+          "format": "int64",
+          "type": "integer"
+        },
         "decisionSource": {
           "$ref": "#/definitions/AutoReviewDecisionSource"
         },
@@ -6863,6 +6504,11 @@
           "description": "Stable identifier for this review.",
           "type": "string"
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this review started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "targetItemId": {
           "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
           "type": [
@@ -6879,9 +6525,11 @@
       },
       "required": [
         "action",
+        "completedAtMs",
         "decisionSource",
         "review",
         "reviewId",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],
@@ -6902,6 +6550,11 @@
           "description": "Stable identifier for this review.",
           "type": "string"
         },
+        "startedAtMs": {
+          "description": "Unix timestamp (in milliseconds) when this review started.",
+          "format": "int64",
+          "type": "integer"
+        },
         "targetItemId": {
           "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
           "type": [
@@ -6920,6 +6573,7 @@
         "action",
         "review",
         "reviewId",
+        "startedAtMs",
         "threadId",
         "turnId"
       ],
@@ -7275,12 +6929,24 @@
           },
           "type": "array"
         },
+        "PostCompact": {
+          "items": {
+            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
+          },
+          "type": "array"
+        },
         "PostToolUse": {
           "items": {
             "$ref": "#/definitions/ConfiguredHookMatcherGroup"
           },
           "type": "array"
         },
+        "PreCompact": {
+          "items": {
+            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
+          },
+          "type": "array"
+        },
         "PreToolUse": {
           "items": {
             "$ref": "#/definitions/ConfiguredHookMatcherGroup"
@@ -7320,7 +6986,9 @@
       },
       "required": [
         "PermissionRequest",
+        "PostCompact",
         "PostToolUse",
+        "PreCompact",
         "PreToolUse",
         "SessionStart",
         "Stop",
@@ -8739,6 +8407,12 @@
             "null"
           ]
         },
+        "hooks": {
+          "items": {
+            "$ref": "#/definitions/PluginHookSummary"
+          },
+          "type": "array"
+        },
         "marketplaceName": {
           "type": "string"
         },
@@ -8770,6 +8444,7 @@
       },
       "required": [
         "apps",
+        "hooks",
         "marketplaceName",
         "mcpServers",
         "skills",
@@ -8777,6 +8452,21 @@
       ],
       "type": "object"
     },
+    "PluginHookSummary": {
+      "properties": {
+        "eventName": {
+          "$ref": "#/definitions/HookEventName"
+        },
+        "key": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "eventName",
+        "key"
+      ],
+      "type": "object"
+    },
     "PluginInstallParams": {
       "$schema": "http://json-schema.org/draft-07/schema#",
       "properties": {
@@ -8964,6 +8654,14 @@
       ],
       "type": "object"
     },
+    "PluginListMarketplaceKind": {
+      "enum": [
+        "local",
+        "workspace-directory",
+        "shared-with-me"
+      ],
+      "type": "string"
+    },
     "PluginListParams": {
       "$schema": "http://json-schema.org/draft-07/schema#",
       "properties": {
@@ -8976,6 +8674,16 @@
             "array",
             "null"
           ]
+        },
+        "marketplaceKinds": {
+          "description": "Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus the default remote catalog when enabled by feature flag.",
+          "items": {
+            "$ref": "#/definitions/PluginListMarketplaceKind"
+          },
+          "type": [
+            "array",
+            "null"
+          ]
         }
       },
       "title": "PluginListParams",
@@ -9092,6 +8800,44 @@
       "title": "PluginReadResponse",
       "type": "object"
     },
+    "PluginShareContext": {
+      "properties": {
+        "creatorAccountUserId": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "creatorName": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "remotePluginId": {
+          "type": "string"
+        },
+        "shareTargets": {
+          "items": {
+            "$ref": "#/definitions/PluginSharePrincipal"
+          },
+          "type": [
+            "array",
+            "null"
+          ]
+        },
+        "shareUrl": {
+          "type": [
+            "string",
+            "null"
+          ]
+        }
+      },
+      "required": [
+        "remotePluginId"
+      ],
+      "type": "object"
+    },
     "PluginShareDeleteParams": {
       "$schema": "http://json-schema.org/draft-07/schema#",
       "properties": {
@@ -9456,6 +9202,17 @@
         "name": {
           "type": "string"
         },
+        "shareContext": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/PluginShareContext"
+            },
+            {
+              "type": "null"
+            }
+          ],
+          "description": "Remote sharing context associated with this plugin when available."
+        },
         "source": {
           "$ref": "#/definitions/PluginSource"
         }
@@ -10116,20 +9873,6 @@
       "title": "ReasoningTextDeltaNotification",
       "type": "object"
     },
-    "RemoteControlClientConnectionAudience": {
-      "description": "Audience for a remote-control client connection device-key proof.",
-      "enum": [
-        "remote_control_client_websocket"
-      ],
-      "type": "string"
-    },
-    "RemoteControlClientEnrollmentAudience": {
-      "description": "Audience for a remote-control client enrollment device-key proof.",
-      "enum": [
-        "remote_control_client_enrollment"
-      ],
-      "type": "string"
-    },
     "RemoteControlConnectionStatus": {
       "enum": [
         "disabled",
@@ -12891,24 +12634,6 @@
       ],
       "type": "object"
     },
-    "SkillsListExtraRootsForCwd": {
-      "properties": {
-        "cwd": {
-          "type": "string"
-        },
-        "extraUserRoots": {
-          "items": {
-            "type": "string"
-          },
-          "type": "array"
-        }
-      },
-      "required": [
-        "cwd",
-        "extraUserRoots"
-      ],
-      "type": "object"
-    },
     "SkillsListParams": {
       "$schema": "http://json-schema.org/draft-07/schema#",
       "properties": {
@@ -12922,17 +12647,6 @@
         "forceReload": {
           "description": "When true, bypass the skills cache and re-scan skills from disk.",
           "type": "boolean"
-        },
-        "perCwdExtraUserRoots": {
-          "default": null,
-          "description": "Optional per-cwd extra roots to scan as user-scoped skills.",
-          "items": {
-            "$ref": "#/definitions/SkillsListExtraRootsForCwd"
-          },
-          "type": [
-            "array",
-            "null"
-          ]
         }
       },
       "title": "SkillsListParams",
@@ -16549,4 +16263,4 @@
   },
   "title": "CodexAppServerProtocolV2",
   "type": "object"
-}
+}

codex-rs/app-server-protocol/schema/json/v2/ConfigRequirementsReadResponse.json

@@ -213,12 +213,24 @@
           },
           "type": "array"
         },
+        "PostCompact": {
+          "items": {
+            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
+          },
+          "type": "array"
+        },
         "PostToolUse": {
           "items": {
             "$ref": "#/definitions/ConfiguredHookMatcherGroup"
           },
           "type": "array"
         },
+        "PreCompact": {
+          "items": {
+            "$ref": "#/definitions/ConfiguredHookMatcherGroup"
+          },
+          "type": "array"
+        },
         "PreToolUse": {
           "items": {
             "$ref": "#/definitions/ConfiguredHookMatcherGroup"
@@ -258,7 +270,9 @@
       },
       "required": [
         "PermissionRequest",
+        "PostCompact",
         "PostToolUse",
+        "PreCompact",
         "PreToolUse",
         "SessionStart",
         "Stop",

codex-rs/app-server-protocol/schema/json/v2/DeviceKeyCreateParams.json

@@ -1,39 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "DeviceKeyProtectionPolicy": {
-      "description": "Protection policy for creating or loading a controller-local device key.",
-      "enum": [
-        "hardware_only",
-        "allow_os_protected_nonextractable"
-      ],
-      "type": "string"
-    }
-  },
-  "description": "Create a controller-local device key with a random key id.",
-  "properties": {
-    "accountUserId": {
-      "type": "string"
-    },
-    "clientId": {
-      "type": "string"
-    },
-    "protectionPolicy": {
-      "anyOf": [
-        {
-          "$ref": "#/definitions/DeviceKeyProtectionPolicy"
-        },
-        {
-          "type": "null"
-        }
-      ],
-      "description": "Defaults to `hardware_only` when omitted."
-    }
-  },
-  "required": [
-    "accountUserId",
-    "clientId"
-  ],
-  "title": "DeviceKeyCreateParams",
-  "type": "object"
-}

codex-rs/app-server-protocol/schema/json/v2/DeviceKeyCreateResponse.json

@@ -1,45 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "DeviceKeyAlgorithm": {
-      "description": "Device-key algorithm reported at enrollment and signing boundaries.",
-      "enum": [
-        "ecdsa_p256_sha256"
-      ],
-      "type": "string"
-    },
-    "DeviceKeyProtectionClass": {
-      "description": "Platform protection class for a controller-local device key.",
-      "enum": [
-        "hardware_secure_enclave",
-        "hardware_tpm",
-        "os_protected_nonextractable"
-      ],
-      "type": "string"
-    }
-  },
-  "description": "Device-key metadata and public key returned by create/public APIs.",
-  "properties": {
-    "algorithm": {
-      "$ref": "#/definitions/DeviceKeyAlgorithm"
-    },
-    "keyId": {
-      "type": "string"
-    },
-    "protectionClass": {
-      "$ref": "#/definitions/DeviceKeyProtectionClass"
-    },
-    "publicKeySpkiDerBase64": {
-      "description": "SubjectPublicKeyInfo DER encoded as base64.",
-      "type": "string"
-    }
-  },
-  "required": [
-    "algorithm",
-    "keyId",
-    "protectionClass",
-    "publicKeySpkiDerBase64"
-  ],
-  "title": "DeviceKeyCreateResponse",
-  "type": "object"
-}

codex-rs/app-server-protocol/schema/json/v2/DeviceKeyPublicParams.json

@@ -1,14 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "description": "Fetch a controller-local device key public key by id.",
-  "properties": {
-    "keyId": {
-      "type": "string"
-    }
-  },
-  "required": [
-    "keyId"
-  ],
-  "title": "DeviceKeyPublicParams",
-  "type": "object"
-}

codex-rs/app-server-protocol/schema/json/v2/DeviceKeyPublicResponse.json

@@ -1,45 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "DeviceKeyAlgorithm": {
-      "description": "Device-key algorithm reported at enrollment and signing boundaries.",
-      "enum": [
-        "ecdsa_p256_sha256"
-      ],
-      "type": "string"
-    },
-    "DeviceKeyProtectionClass": {
-      "description": "Platform protection class for a controller-local device key.",
-      "enum": [
-        "hardware_secure_enclave",
-        "hardware_tpm",
-        "os_protected_nonextractable"
-      ],
-      "type": "string"
-    }
-  },
-  "description": "Device-key public metadata returned by `device/key/public`.",
-  "properties": {
-    "algorithm": {
-      "$ref": "#/definitions/DeviceKeyAlgorithm"
-    },
-    "keyId": {
-      "type": "string"
-    },
-    "protectionClass": {
-      "$ref": "#/definitions/DeviceKeyProtectionClass"
-    },
-    "publicKeySpkiDerBase64": {
-      "description": "SubjectPublicKeyInfo DER encoded as base64.",
-      "type": "string"
-    }
-  },
-  "required": [
-    "algorithm",
-    "keyId",
-    "protectionClass",
-    "publicKeySpkiDerBase64"
-  ],
-  "title": "DeviceKeyPublicResponse",
-  "type": "object"
-}

codex-rs/app-server-protocol/schema/json/v2/DeviceKeySignParams.json

@@ -1,165 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "DeviceKeySignPayload": {
-      "description": "Structured payloads accepted by `device/key/sign`.",
-      "oneOf": [
-        {
-          "description": "Payload bound to one remote-control controller websocket `/client` connection challenge.",
-          "properties": {
-            "accountUserId": {
-              "type": "string"
-            },
-            "audience": {
-              "$ref": "#/definitions/RemoteControlClientConnectionAudience"
-            },
-            "clientId": {
-              "type": "string"
-            },
-            "nonce": {
-              "type": "string"
-            },
-            "scopes": {
-              "description": "Must contain exactly `remote_control_controller_websocket`.",
-              "items": {
-                "type": "string"
-              },
-              "type": "array"
-            },
-            "sessionId": {
-              "description": "Backend-issued websocket session id that this proof authorizes.",
-              "type": "string"
-            },
-            "targetOrigin": {
-              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
-              "type": "string"
-            },
-            "targetPath": {
-              "description": "Websocket route path that this proof authorizes.",
-              "type": "string"
-            },
-            "tokenExpiresAt": {
-              "description": "Remote-control token expiration as Unix seconds.",
-              "format": "int64",
-              "type": "integer"
-            },
-            "tokenSha256Base64url": {
-              "description": "SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.",
-              "type": "string"
-            },
-            "type": {
-              "enum": [
-                "remoteControlClientConnection"
-              ],
-              "title": "RemoteControlClientConnectionDeviceKeySignPayloadType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "accountUserId",
-            "audience",
-            "clientId",
-            "nonce",
-            "scopes",
-            "sessionId",
-            "targetOrigin",
-            "targetPath",
-            "tokenExpiresAt",
-            "tokenSha256Base64url",
-            "type"
-          ],
-          "title": "RemoteControlClientConnectionDeviceKeySignPayload",
-          "type": "object"
-        },
-        {
-          "description": "Payload bound to a remote-control client `/client/enroll` ownership challenge.",
-          "properties": {
-            "accountUserId": {
-              "type": "string"
-            },
-            "audience": {
-              "$ref": "#/definitions/RemoteControlClientEnrollmentAudience"
-            },
-            "challengeExpiresAt": {
-              "description": "Enrollment challenge expiration as Unix seconds.",
-              "format": "int64",
-              "type": "integer"
-            },
-            "challengeId": {
-              "description": "Backend-issued enrollment challenge id that this proof authorizes.",
-              "type": "string"
-            },
-            "clientId": {
-              "type": "string"
-            },
-            "deviceIdentitySha256Base64url": {
-              "description": "SHA-256 of the requested device identity operation, encoded as unpadded base64url.",
-              "type": "string"
-            },
-            "nonce": {
-              "type": "string"
-            },
-            "targetOrigin": {
-              "description": "Origin of the backend endpoint that issued the challenge and will verify this proof.",
-              "type": "string"
-            },
-            "targetPath": {
-              "description": "HTTP route path that this proof authorizes.",
-              "type": "string"
-            },
-            "type": {
-              "enum": [
-                "remoteControlClientEnrollment"
-              ],
-              "title": "RemoteControlClientEnrollmentDeviceKeySignPayloadType",
-              "type": "string"
-            }
-          },
-          "required": [
-            "accountUserId",
-            "audience",
-            "challengeExpiresAt",
-            "challengeId",
-            "clientId",
-            "deviceIdentitySha256Base64url",
-            "nonce",
-            "targetOrigin",
-            "targetPath",
-            "type"
-          ],
-          "title": "RemoteControlClientEnrollmentDeviceKeySignPayload",
-          "type": "object"
-        }
-      ]
-    },
-    "RemoteControlClientConnectionAudience": {
-      "description": "Audience for a remote-control client connection device-key proof.",
-      "enum": [
-        "remote_control_client_websocket"
-      ],
-      "type": "string"
-    },
-    "RemoteControlClientEnrollmentAudience": {
-      "description": "Audience for a remote-control client enrollment device-key proof.",
-      "enum": [
-        "remote_control_client_enrollment"
-      ],
-      "type": "string"
-    }
-  },
-  "description": "Sign an accepted structured payload with a controller-local device key.",
-  "properties": {
-    "keyId": {
-      "type": "string"
-    },
-    "payload": {
-      "$ref": "#/definitions/DeviceKeySignPayload"
-    }
-  },
-  "required": [
-    "keyId",
-    "payload"
-  ],
-  "title": "DeviceKeySignParams",
-  "type": "object"
-}

codex-rs/app-server-protocol/schema/json/v2/DeviceKeySignResponse.json

@@ -1,33 +0,0 @@
-{
-  "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "DeviceKeyAlgorithm": {
-      "description": "Device-key algorithm reported at enrollment and signing boundaries.",
-      "enum": [
-        "ecdsa_p256_sha256"
-      ],
-      "type": "string"
-    }
-  },
-  "description": "ASN.1 DER signature returned by `device/key/sign`.",
-  "properties": {
-    "algorithm": {
-      "$ref": "#/definitions/DeviceKeyAlgorithm"
-    },
-    "signatureDerBase64": {
-      "description": "ECDSA signature DER encoded as base64.",
-      "type": "string"
-    },
-    "signedPayloadBase64": {
-      "description": "Exact bytes signed by the device key, encoded as base64. Verifiers must verify this byte string directly and must not reserialize `payload`.",
-      "type": "string"
-    }
-  },
-  "required": [
-    "algorithm",
-    "signatureDerBase64",
-    "signedPayloadBase64"
-  ],
-  "title": "DeviceKeySignResponse",
-  "type": "object"
-}

codex-rs/app-server-protocol/schema/json/v2/HookCompletedNotification.json

@@ -10,6 +10,8 @@
         "preToolUse",
         "permissionRequest",
         "postToolUse",
+        "preCompact",
+        "postCompact",
         "sessionStart",
         "userPromptSubmit",
         "stop"

codex-rs/app-server-protocol/schema/json/v2/HookStartedNotification.json

@@ -10,6 +10,8 @@
         "preToolUse",
         "permissionRequest",
         "postToolUse",
+        "preCompact",
+        "postCompact",
         "sessionStart",
         "userPromptSubmit",
         "stop"

codex-rs/app-server-protocol/schema/json/v2/HooksListResponse.json

@@ -25,6 +25,8 @@
         "preToolUse",
         "permissionRequest",
         "postToolUse",
+        "preCompact",
+        "postCompact",
         "sessionStart",
         "userPromptSubmit",
         "stop"

codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewCompletedNotification.json

@@ -574,6 +574,11 @@
     "action": {
       "$ref": "#/definitions/GuardianApprovalReviewAction"
     },
+    "completedAtMs": {
+      "description": "Unix timestamp (in milliseconds) when this review completed.",
+      "format": "int64",
+      "type": "integer"
+    },
     "decisionSource": {
       "$ref": "#/definitions/AutoReviewDecisionSource"
     },
@@ -584,6 +589,11 @@
       "description": "Stable identifier for this review.",
       "type": "string"
     },
+    "startedAtMs": {
+      "description": "Unix timestamp (in milliseconds) when this review started.",
+      "format": "int64",
+      "type": "integer"
+    },
     "targetItemId": {
       "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
       "type": [
@@ -600,9 +610,11 @@
   },
   "required": [
     "action",
+    "completedAtMs",
     "decisionSource",
     "review",
     "reviewId",
+    "startedAtMs",
     "threadId",
     "turnId"
   ],

codex-rs/app-server-protocol/schema/json/v2/ItemGuardianApprovalReviewStartedNotification.json

@@ -574,6 +574,11 @@
       "description": "Stable identifier for this review.",
       "type": "string"
     },
+    "startedAtMs": {
+      "description": "Unix timestamp (in milliseconds) when this review started.",
+      "format": "int64",
+      "type": "integer"
+    },
     "targetItemId": {
       "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.",
       "type": [
@@ -592,6 +597,7 @@
     "action",
     "review",
     "reviewId",
+    "startedAtMs",
     "threadId",
     "turnId"
   ],

codex-rs/app-server-protocol/schema/json/v2/PluginListParams.json

@@ -4,6 +4,14 @@
     "AbsolutePathBuf": {
       "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.",
       "type": "string"
+    },
+    "PluginListMarketplaceKind": {
+      "enum": [
+        "local",
+        "workspace-directory",
+        "shared-with-me"
+      ],
+      "type": "string"
     }
   },
   "properties": {
@@ -16,6 +24,16 @@
         "array",
         "null"
       ]
+    },
+    "marketplaceKinds": {
+      "description": "Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus the default remote catalog when enabled by feature flag.",
+      "items": {
+        "$ref": "#/definitions/PluginListMarketplaceKind"
+      },
+      "type": [
+        "array",
+        "null"
+      ]
     }
   },
   "title": "PluginListParams",

codex-rs/app-server-protocol/schema/json/v2/PluginListResponse.json

@@ -232,6 +232,71 @@
       ],
       "type": "object"
     },
+    "PluginShareContext": {
+      "properties": {
+        "creatorAccountUserId": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "creatorName": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "remotePluginId": {
+          "type": "string"
+        },
+        "shareTargets": {
+          "items": {
+            "$ref": "#/definitions/PluginSharePrincipal"
+          },
+          "type": [
+            "array",
+            "null"
+          ]
+        },
+        "shareUrl": {
+          "type": [
+            "string",
+            "null"
+          ]
+        }
+      },
+      "required": [
+        "remotePluginId"
+      ],
+      "type": "object"
+    },
+    "PluginSharePrincipal": {
+      "properties": {
+        "name": {
+          "type": "string"
+        },
+        "principalId": {
+          "type": "string"
+        },
+        "principalType": {
+          "$ref": "#/definitions/PluginSharePrincipalType"
+        }
+      },
+      "required": [
+        "name",
+        "principalId",
+        "principalType"
+      ],
+      "type": "object"
+    },
+    "PluginSharePrincipalType": {
+      "enum": [
+        "user",
+        "group",
+        "workspace"
+      ],
+      "type": "string"
+    },
     "PluginSource": {
       "oneOf": [
         {
@@ -357,6 +422,17 @@
         "name": {
           "type": "string"
         },
+        "shareContext": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/PluginShareContext"
+            },
+            {
+              "type": "null"
+            }
+          ],
+          "description": "Remote sharing context associated with this plugin when available."
+        },
         "source": {
           "$ref": "#/definitions/PluginSource"
         }

codex-rs/app-server-protocol/schema/json/v2/PluginReadResponse.json

@@ -37,6 +37,19 @@
       ],
       "type": "object"
     },
+    "HookEventName": {
+      "enum": [
+        "preToolUse",
+        "permissionRequest",
+        "postToolUse",
+        "preCompact",
+        "postCompact",
+        "sessionStart",
+        "userPromptSubmit",
+        "stop"
+      ],
+      "type": "string"
+    },
     "PluginAuthPolicy": {
       "enum": [
         "ON_INSTALL",
@@ -75,6 +88,12 @@
             "null"
           ]
         },
+        "hooks": {
+          "items": {
+            "$ref": "#/definitions/PluginHookSummary"
+          },
+          "type": "array"
+        },
         "marketplaceName": {
           "type": "string"
         },
@@ -106,6 +125,7 @@
       },
       "required": [
         "apps",
+        "hooks",
         "marketplaceName",
         "mcpServers",
         "skills",
@@ -113,6 +133,21 @@
       ],
       "type": "object"
     },
+    "PluginHookSummary": {
+      "properties": {
+        "eventName": {
+          "$ref": "#/definitions/HookEventName"
+        },
+        "key": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "eventName",
+        "key"
+      ],
+      "type": "object"
+    },
     "PluginInstallPolicy": {
       "enum": [
         "NOT_AVAILABLE",
@@ -251,6 +286,71 @@
       ],
       "type": "object"
     },
+    "PluginShareContext": {
+      "properties": {
+        "creatorAccountUserId": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "creatorName": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "remotePluginId": {
+          "type": "string"
+        },
+        "shareTargets": {
+          "items": {
+            "$ref": "#/definitions/PluginSharePrincipal"
+          },
+          "type": [
+            "array",
+            "null"
+          ]
+        },
+        "shareUrl": {
+          "type": [
+            "string",
+            "null"
+          ]
+        }
+      },
+      "required": [
+        "remotePluginId"
+      ],
+      "type": "object"
+    },
+    "PluginSharePrincipal": {
+      "properties": {
+        "name": {
+          "type": "string"
+        },
+        "principalId": {
+          "type": "string"
+        },
+        "principalType": {
+          "$ref": "#/definitions/PluginSharePrincipalType"
+        }
+      },
+      "required": [
+        "name",
+        "principalId",
+        "principalType"
+      ],
+      "type": "object"
+    },
+    "PluginSharePrincipalType": {
+      "enum": [
+        "user",
+        "group",
+        "workspace"
+      ],
+      "type": "string"
+    },
     "PluginSource": {
       "oneOf": [
         {
@@ -376,6 +476,17 @@
         "name": {
           "type": "string"
         },
+        "shareContext": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/PluginShareContext"
+            },
+            {
+              "type": "null"
+            }
+          ],
+          "description": "Remote sharing context associated with this plugin when available."
+        },
         "source": {
           "$ref": "#/definitions/PluginSource"
         }

codex-rs/app-server-protocol/schema/json/v2/PluginShareListResponse.json

@@ -167,6 +167,44 @@
       ],
       "type": "object"
     },
+    "PluginShareContext": {
+      "properties": {
+        "creatorAccountUserId": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "creatorName": {
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "remotePluginId": {
+          "type": "string"
+        },
+        "shareTargets": {
+          "items": {
+            "$ref": "#/definitions/PluginSharePrincipal"
+          },
+          "type": [
+            "array",
+            "null"
+          ]
+        },
+        "shareUrl": {
+          "type": [
+            "string",
+            "null"
+          ]
+        }
+      },
+      "required": [
+        "remotePluginId"
+      ],
+      "type": "object"
+    },
     "PluginShareListItem": {
       "properties": {
         "localPluginPath": {
@@ -192,6 +230,33 @@
       ],
       "type": "object"
     },
+    "PluginSharePrincipal": {
+      "properties": {
+        "name": {
+          "type": "string"
+        },
+        "principalId": {
+          "type": "string"
+        },
+        "principalType": {
+          "$ref": "#/definitions/PluginSharePrincipalType"
+        }
+      },
+      "required": [
+        "name",
+        "principalId",
+        "principalType"
+      ],
+      "type": "object"
+    },
+    "PluginSharePrincipalType": {
+      "enum": [
+        "user",
+        "group",
+        "workspace"
+      ],
+      "type": "string"
+    },
     "PluginSource": {
       "oneOf": [
         {
@@ -317,6 +382,17 @@
         "name": {
           "type": "string"
         },
+        "shareContext": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/PluginShareContext"
+            },
+            {
+              "type": "null"
+            }
+          ],
+          "description": "Remote sharing context associated with this plugin when available."
+        },
         "source": {
           "$ref": "#/definitions/PluginSource"
         }

codex-rs/app-server-protocol/schema/json/v2/SkillsListParams.json

@@ -1,25 +1,5 @@
 {
   "$schema": "http://json-schema.org/draft-07/schema#",
-  "definitions": {
-    "SkillsListExtraRootsForCwd": {
-      "properties": {
-        "cwd": {
-          "type": "string"
-        },
-        "extraUserRoots": {
-          "items": {
-            "type": "string"
-          },
-          "type": "array"
-        }
-      },
-      "required": [
-        "cwd",
-        "extraUserRoots"
-      ],
-      "type": "object"
-    }
-  },
   "properties": {
     "cwds": {
       "description": "When empty, defaults to the current session working directory.",
@@ -31,17 +11,6 @@
     "forceReload": {
       "description": "When true, bypass the skills cache and re-scan skills from disk.",
       "type": "boolean"
-    },
-    "perCwdExtraUserRoots": {
-      "default": null,
-      "description": "Optional per-cwd extra roots to scan as user-scoped skills.",
-      "items": {
-        "$ref": "#/definitions/SkillsListExtraRootsForCwd"
-      },
-      "type": [
-        "array",
-        "null"
-      ]
     }
   },
   "title": "SkillsListParams",

codex-rs/app-server-protocol/schema/typescript/v2/CommandExecutionRequestApprovalParams.ts

@@ -8,6 +8,9 @@ import type { NetworkApprovalContext } from "./NetworkApprovalContext";
 import type { NetworkPolicyAmendment } from "./NetworkPolicyAmendment";
 
 export type CommandExecutionRequestApprovalParams = {threadId: string, turnId: string, itemId: string, /**
+ * Unix timestamp (in milliseconds) when this approval request started.
+ */
+startedAtMs: number, /**
  * Unique identifier for this specific approval callback.
  *
  * For regular shell/unified_exec approvals, this is null.

codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyAlgorithm.ts

@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Device-key algorithm reported at enrollment and signing boundaries.
- */
-export type DeviceKeyAlgorithm = "ecdsa_p256_sha256";

codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyCreateParams.ts

@@ -1,13 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { DeviceKeyProtectionPolicy } from "./DeviceKeyProtectionPolicy";
-
-/**
- * Create a controller-local device key with a random key id.
- */
-export type DeviceKeyCreateParams = {
-/**
- * Defaults to `hardware_only` when omitted.
- */
-protectionPolicy?: DeviceKeyProtectionPolicy | null, accountUserId: string, clientId: string, };

codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyCreateResponse.ts

@@ -1,14 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { DeviceKeyAlgorithm } from "./DeviceKeyAlgorithm";
-import type { DeviceKeyProtectionClass } from "./DeviceKeyProtectionClass";
-
-/**
- * Device-key metadata and public key returned by create/public APIs.
- */
-export type DeviceKeyCreateResponse = { keyId: string,
-/**
- * SubjectPublicKeyInfo DER encoded as base64.
- */
-publicKeySpkiDerBase64: string, algorithm: DeviceKeyAlgorithm, protectionClass: DeviceKeyProtectionClass, };

codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyProtectionClass.ts

@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Platform protection class for a controller-local device key.
- */
-export type DeviceKeyProtectionClass = "hardware_secure_enclave" | "hardware_tpm" | "os_protected_nonextractable";

codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyProtectionPolicy.ts

@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Protection policy for creating or loading a controller-local device key.
- */
-export type DeviceKeyProtectionPolicy = "hardware_only" | "allow_os_protected_nonextractable";

codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeyPublicResponse.ts

@@ -1,14 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { DeviceKeyAlgorithm } from "./DeviceKeyAlgorithm";
-import type { DeviceKeyProtectionClass } from "./DeviceKeyProtectionClass";
-
-/**
- * Device-key public metadata returned by `device/key/public`.
- */
-export type DeviceKeyPublicResponse = { keyId: string,
-/**
- * SubjectPublicKeyInfo DER encoded as base64.
- */
-publicKeySpkiDerBase64: string, algorithm: DeviceKeyAlgorithm, protectionClass: DeviceKeyProtectionClass, };

codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeySignParams.ts

@@ -1,9 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { DeviceKeySignPayload } from "./DeviceKeySignPayload";
-
-/**
- * Sign an accepted structured payload with a controller-local device key.
- */
-export type DeviceKeySignParams = { keyId: string, payload: DeviceKeySignPayload, };

codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeySignPayload.ts

@@ -1,54 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { RemoteControlClientConnectionAudience } from "./RemoteControlClientConnectionAudience";
-import type { RemoteControlClientEnrollmentAudience } from "./RemoteControlClientEnrollmentAudience";
-
-/**
- * Structured payloads accepted by `device/key/sign`.
- */
-export type DeviceKeySignPayload = { "type": "remoteControlClientConnection", nonce: string, audience: RemoteControlClientConnectionAudience,
-/**
- * Backend-issued websocket session id that this proof authorizes.
- */
-sessionId: string,
-/**
- * Origin of the backend endpoint that issued the challenge and will verify this proof.
- */
-targetOrigin: string,
-/**
- * Websocket route path that this proof authorizes.
- */
-targetPath: string, accountUserId: string, clientId: string,
-/**
- * Remote-control token expiration as Unix seconds.
- */
-tokenExpiresAt: number,
-/**
- * SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.
- */
-tokenSha256Base64url: string,
-/**
- * Must contain exactly `remote_control_controller_websocket`.
- */
-scopes: Array<string>, } | { "type": "remoteControlClientEnrollment", nonce: string, audience: RemoteControlClientEnrollmentAudience,
-/**
- * Backend-issued enrollment challenge id that this proof authorizes.
- */
-challengeId: string,
-/**
- * Origin of the backend endpoint that issued the challenge and will verify this proof.
- */
-targetOrigin: string,
-/**
- * HTTP route path that this proof authorizes.
- */
-targetPath: string, accountUserId: string, clientId: string,
-/**
- * SHA-256 of the requested device identity operation, encoded as unpadded base64url.
- */
-deviceIdentitySha256Base64url: string,
-/**
- * Enrollment challenge expiration as Unix seconds.
- */
-challengeExpiresAt: number, };

codex-rs/app-server-protocol/schema/typescript/v2/DeviceKeySignResponse.ts

@@ -1,18 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { DeviceKeyAlgorithm } from "./DeviceKeyAlgorithm";
-
-/**
- * ASN.1 DER signature returned by `device/key/sign`.
- */
-export type DeviceKeySignResponse = {
-/**
- * ECDSA signature DER encoded as base64.
- */
-signatureDerBase64: string,
-/**
- * Exact bytes signed by the device key, encoded as base64. Verifiers must verify this byte
- * string directly and must not reserialize `payload`.
- */
-signedPayloadBase64: string, algorithm: DeviceKeyAlgorithm, };

codex-rs/app-server-protocol/schema/typescript/v2/FileChangeRequestApprovalParams.ts

@@ -3,6 +3,10 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
 export type FileChangeRequestApprovalParams = { threadId: string, turnId: string, itemId: string,
+/**
+ * Unix timestamp (in milliseconds) when this approval request started.
+ */
+startedAtMs: number,
 /**
  * Optional explanatory reason (e.g. request for extra write access).
  */

codex-rs/app-server-protocol/schema/typescript/v2/HookEventName.ts

@@ -2,4 +2,4 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type HookEventName = "preToolUse" | "permissionRequest" | "postToolUse" | "sessionStart" | "userPromptSubmit" | "stop";
+export type HookEventName = "preToolUse" | "permissionRequest" | "postToolUse" | "preCompact" | "postCompact" | "sessionStart" | "userPromptSubmit" | "stop";

codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewCompletedNotification.ts

@@ -10,6 +10,14 @@ import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewActio
  * shape is expected to change soon.
  */
 export type ItemGuardianApprovalReviewCompletedNotification = { threadId: string, turnId: string,
+/**
+ * Unix timestamp (in milliseconds) when this review started.
+ */
+startedAtMs: number,
+/**
+ * Unix timestamp (in milliseconds) when this review completed.
+ */
+completedAtMs: number,
 /**
  * Stable identifier for this review.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ItemGuardianApprovalReviewStartedNotification.ts

@@ -9,6 +9,10 @@ import type { GuardianApprovalReviewAction } from "./GuardianApprovalReviewActio
  * shape is expected to change soon.
  */
 export type ItemGuardianApprovalReviewStartedNotification = { threadId: string, turnId: string,
+/**
+ * Unix timestamp (in milliseconds) when this review started.
+ */
+startedAtMs: number,
 /**
  * Stable identifier for this review.
  */

codex-rs/app-server-protocol/schema/typescript/v2/ManagedHooksRequirements.ts

@@ -3,4 +3,4 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { ConfiguredHookMatcherGroup } from "./ConfiguredHookMatcherGroup";
 
-export type ManagedHooksRequirements = { managedDir: string | null, windowsManagedDir: string | null, PreToolUse: Array<ConfiguredHookMatcherGroup>, PermissionRequest: Array<ConfiguredHookMatcherGroup>, PostToolUse: Array<ConfiguredHookMatcherGroup>, SessionStart: Array<ConfiguredHookMatcherGroup>, UserPromptSubmit: Array<ConfiguredHookMatcherGroup>, Stop: Array<ConfiguredHookMatcherGroup>, };
+export type ManagedHooksRequirements = { managedDir: string | null, windowsManagedDir: string | null, PreToolUse: Array<ConfiguredHookMatcherGroup>, PermissionRequest: Array<ConfiguredHookMatcherGroup>, PostToolUse: Array<ConfiguredHookMatcherGroup>, PreCompact: Array<ConfiguredHookMatcherGroup>, PostCompact: Array<ConfiguredHookMatcherGroup>, SessionStart: Array<ConfiguredHookMatcherGroup>, UserPromptSubmit: Array<ConfiguredHookMatcherGroup>, Stop: Array<ConfiguredHookMatcherGroup>, };

codex-rs/app-server-protocol/schema/typescript/v2/PermissionsRequestApprovalParams.ts

@@ -4,4 +4,8 @@
 import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 import type { RequestPermissionProfile } from "./RequestPermissionProfile";
 
-export type PermissionsRequestApprovalParams = { threadId: string, turnId: string, itemId: string, cwd: AbsolutePathBuf, reason: string | null, permissions: RequestPermissionProfile, };
+export type PermissionsRequestApprovalParams = { threadId: string, turnId: string, itemId: string,
+/**
+ * Unix timestamp (in milliseconds) when this approval request started.
+ */
+startedAtMs: number, cwd: AbsolutePathBuf, reason: string | null, permissions: RequestPermissionProfile, };

codex-rs/app-server-protocol/schema/typescript/v2/PluginDetail.ts

@@ -3,7 +3,8 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { AbsolutePathBuf } from "../AbsolutePathBuf";
 import type { AppSummary } from "./AppSummary";
+import type { PluginHookSummary } from "./PluginHookSummary";
 import type { PluginSummary } from "./PluginSummary";
 import type { SkillSummary } from "./SkillSummary";
 
-export type PluginDetail = { marketplaceName: string, marketplacePath: AbsolutePathBuf | null, summary: PluginSummary, description: string | null, skills: Array<SkillSummary>, apps: Array<AppSummary>, mcpServers: Array<string>, };
+export type PluginDetail = { marketplaceName: string, marketplacePath: AbsolutePathBuf | null, summary: PluginSummary, description: string | null, skills: Array<SkillSummary>, hooks: Array<PluginHookSummary>, apps: Array<AppSummary>, mcpServers: Array<string>, };

codex-rs/app-server-protocol/schema/typescript/v2/PluginHookSummary.ts

@@ -1,8 +1,6 @@
 // GENERATED CODE! DO NOT MODIFY BY HAND!
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { HookEventName } from "./HookEventName";
 
-/**
- * Fetch a controller-local device key public key by id.
- */
-export type DeviceKeyPublicParams = { keyId: string, };
+export type PluginHookSummary = { key: string, eventName: HookEventName, };

codex-rs/app-server-protocol/schema/typescript/v2/PluginListMarketplaceKind.ts

@@ -2,4 +2,4 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 
-export type SkillsListExtraRootsForCwd = { cwd: string, extraUserRoots: Array<string>, };
+export type PluginListMarketplaceKind = "local" | "workspace-directory" | "shared-with-me";

codex-rs/app-server-protocol/schema/typescript/v2/PluginListParams.ts

@@ -2,10 +2,16 @@
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
 import type { AbsolutePathBuf } from "../AbsolutePathBuf";
+import type { PluginListMarketplaceKind } from "./PluginListMarketplaceKind";
 
 export type PluginListParams = {
 /**
  * Optional working directories used to discover repo marketplaces. When omitted,
  * only home-scoped marketplaces and the official curated marketplace are considered.
  */
-cwds?: Array<AbsolutePathBuf> | null, };
+cwds?: Array<AbsolutePathBuf> | null,
+/**
+ * Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus
+ * the default remote catalog when enabled by feature flag.
+ */
+marketplaceKinds?: Array<PluginListMarketplaceKind> | null, };

codex-rs/app-server-protocol/schema/typescript/v2/PluginShareContext.ts

@@ -0,0 +1,6 @@
+// GENERATED CODE! DO NOT MODIFY BY HAND!
+
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { PluginSharePrincipal } from "./PluginSharePrincipal";
+
+export type PluginShareContext = { remotePluginId: string, shareUrl: string | null, creatorAccountUserId: string | null, creatorName: string | null, shareTargets: Array<PluginSharePrincipal> | null, };

codex-rs/app-server-protocol/schema/typescript/v2/PluginSummary.ts

@@ -5,9 +5,14 @@ import type { PluginAuthPolicy } from "./PluginAuthPolicy";
 import type { PluginAvailability } from "./PluginAvailability";
 import type { PluginInstallPolicy } from "./PluginInstallPolicy";
 import type { PluginInterface } from "./PluginInterface";
+import type { PluginShareContext } from "./PluginShareContext";
 import type { PluginSource } from "./PluginSource";
 
-export type PluginSummary = { id: string, name: string, source: PluginSource, installed: boolean, enabled: boolean, installPolicy: PluginInstallPolicy, authPolicy: PluginAuthPolicy,
+export type PluginSummary = { id: string, name: string,
+/**
+ * Remote sharing context associated with this plugin when available.
+ */
+shareContext: PluginShareContext | null, source: PluginSource, installed: boolean, enabled: boolean, installPolicy: PluginInstallPolicy, authPolicy: PluginAuthPolicy,
 /**
  * Availability state for installing and using the plugin.
  */

codex-rs/app-server-protocol/schema/typescript/v2/RemoteControlClientConnectionAudience.ts

@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Audience for a remote-control client connection device-key proof.
- */
-export type RemoteControlClientConnectionAudience = "remote_control_client_websocket";

codex-rs/app-server-protocol/schema/typescript/v2/RemoteControlClientEnrollmentAudience.ts

@@ -1,8 +0,0 @@
-// GENERATED CODE! DO NOT MODIFY BY HAND!
-
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-
-/**
- * Audience for a remote-control client enrollment device-key proof.
- */
-export type RemoteControlClientEnrollmentAudience = "remote_control_client_enrollment";

codex-rs/app-server-protocol/schema/typescript/v2/SkillsListParams.ts

@@ -1,7 +1,6 @@
 // GENERATED CODE! DO NOT MODIFY BY HAND!
 
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { SkillsListExtraRootsForCwd } from "./SkillsListExtraRootsForCwd";
 
 export type SkillsListParams = {
 /**
@@ -11,8 +10,4 @@ cwds?: Array<string>,
 /**
  * When true, bypass the skills cache and re-scan skills from disk.
  */
-forceReload?: boolean,
-/**
- * Optional per-cwd extra roots to scan as user-scoped skills.
- */
-perCwdExtraUserRoots?: Array<SkillsListExtraRootsForCwd> | null, };
+forceReload?: boolean, };

codex-rs/app-server-protocol/schema/typescript/v2/index.ts

@@ -79,16 +79,6 @@ export type { ConfiguredHookMatcherGroup } from "./ConfiguredHookMatcherGroup";
 export type { ContextCompactedNotification } from "./ContextCompactedNotification";
 export type { CreditsSnapshot } from "./CreditsSnapshot";
 export type { DeprecationNoticeNotification } from "./DeprecationNoticeNotification";
-export type { DeviceKeyAlgorithm } from "./DeviceKeyAlgorithm";
-export type { DeviceKeyCreateParams } from "./DeviceKeyCreateParams";
-export type { DeviceKeyCreateResponse } from "./DeviceKeyCreateResponse";
-export type { DeviceKeyProtectionClass } from "./DeviceKeyProtectionClass";
-export type { DeviceKeyProtectionPolicy } from "./DeviceKeyProtectionPolicy";
-export type { DeviceKeyPublicParams } from "./DeviceKeyPublicParams";
-export type { DeviceKeyPublicResponse } from "./DeviceKeyPublicResponse";
-export type { DeviceKeySignParams } from "./DeviceKeySignParams";
-export type { DeviceKeySignPayload } from "./DeviceKeySignPayload";
-export type { DeviceKeySignResponse } from "./DeviceKeySignResponse";
 export type { DynamicToolCallOutputContentItem } from "./DynamicToolCallOutputContentItem";
 export type { DynamicToolCallParams } from "./DynamicToolCallParams";
 export type { DynamicToolCallResponse } from "./DynamicToolCallResponse";
@@ -274,15 +264,18 @@ export type { PlanDeltaNotification } from "./PlanDeltaNotification";
 export type { PluginAuthPolicy } from "./PluginAuthPolicy";
 export type { PluginAvailability } from "./PluginAvailability";
 export type { PluginDetail } from "./PluginDetail";
+export type { PluginHookSummary } from "./PluginHookSummary";
 export type { PluginInstallParams } from "./PluginInstallParams";
 export type { PluginInstallPolicy } from "./PluginInstallPolicy";
 export type { PluginInstallResponse } from "./PluginInstallResponse";
 export type { PluginInterface } from "./PluginInterface";
+export type { PluginListMarketplaceKind } from "./PluginListMarketplaceKind";
 export type { PluginListParams } from "./PluginListParams";
 export type { PluginListResponse } from "./PluginListResponse";
 export type { PluginMarketplaceEntry } from "./PluginMarketplaceEntry";
 export type { PluginReadParams } from "./PluginReadParams";
 export type { PluginReadResponse } from "./PluginReadResponse";
+export type { PluginShareContext } from "./PluginShareContext";
 export type { PluginShareDeleteParams } from "./PluginShareDeleteParams";
 export type { PluginShareDeleteResponse } from "./PluginShareDeleteResponse";
 export type { PluginShareDiscoverability } from "./PluginShareDiscoverability";
@@ -316,8 +309,6 @@ export type { ReasoningEffortOption } from "./ReasoningEffortOption";
 export type { ReasoningSummaryPartAddedNotification } from "./ReasoningSummaryPartAddedNotification";
 export type { ReasoningSummaryTextDeltaNotification } from "./ReasoningSummaryTextDeltaNotification";
 export type { ReasoningTextDeltaNotification } from "./ReasoningTextDeltaNotification";
-export type { RemoteControlClientConnectionAudience } from "./RemoteControlClientConnectionAudience";
-export type { RemoteControlClientEnrollmentAudience } from "./RemoteControlClientEnrollmentAudience";
 export type { RemoteControlConnectionStatus } from "./RemoteControlConnectionStatus";
 export type { RemoteControlStatusChangedNotification } from "./RemoteControlStatusChangedNotification";
 export type { RequestPermissionProfile } from "./RequestPermissionProfile";
@@ -345,7 +336,6 @@ export type { SkillsChangedNotification } from "./SkillsChangedNotification";
 export type { SkillsConfigWriteParams } from "./SkillsConfigWriteParams";
 export type { SkillsConfigWriteResponse } from "./SkillsConfigWriteResponse";
 export type { SkillsListEntry } from "./SkillsListEntry";
-export type { SkillsListExtraRootsForCwd } from "./SkillsListExtraRootsForCwd";
 export type { SkillsListParams } from "./SkillsListParams";
 export type { SkillsListResponse } from "./SkillsListResponse";
 export type { SortDirection } from "./SortDirection";

codex-rs/app-server-protocol/src/protocol/common.rs

@@ -77,6 +77,7 @@ macro_rules! experimental_type_entry {
 #[derive(Debug, Clone, PartialEq, Eq)]
 pub enum ClientRequestSerializationScope {
     Global(&'static str),
+    GlobalSharedRead(&'static str),
     Thread { thread_id: String },
     ThreadPath { path: PathBuf },
     CommandExecProcess { process_id: String },
@@ -93,6 +94,9 @@ macro_rules! serialization_scope_expr {
     ($actual_params:ident, global($key:literal)) => {
         Some(ClientRequestSerializationScope::Global($key))
     };
+    ($actual_params:ident, global_shared_read($key:literal)) => {
+        Some(ClientRequestSerializationScope::GlobalSharedRead($key))
+    };
     ($actual_params:ident, thread_id($params:ident . $field:ident)) => {
         Some(ClientRequestSerializationScope::Thread {
             thread_id: $actual_params.$field.clone(),
@@ -577,6 +581,13 @@ client_request_definitions! {
         serialization: None,
         response: v2::ThreadTurnsListResponse,
     },
+    #[experimental("thread/turns/items/list")]
+    ThreadTurnsItemsList => "thread/turns/items/list" {
+        params: v2::ThreadTurnsItemsListParams,
+        // Explicitly concurrent: this primarily reads append-only rollout storage.
+        serialization: None,
+        response: v2::ThreadTurnsItemsListResponse,
+    },
     /// Append raw Responses API items to the thread history without starting a user turn.
     ThreadInjectItems => "thread/inject_items" {
         params: v2::ThreadInjectItemsParams,
@@ -585,7 +596,7 @@ client_request_definitions! {
     },
     SkillsList => "skills/list" {
         params: v2::SkillsListParams,
-        serialization: global("config"),
+        serialization: global_shared_read("config"),
         response: v2::SkillsListResponse,
     },
     HooksList => "hooks/list" {
@@ -610,7 +621,7 @@ client_request_definitions! {
     },
     PluginList => "plugin/list" {
         params: v2::PluginListParams,
-        serialization: global("config"),
+        serialization: global_shared_read("config"),
         response: v2::PluginListResponse,
     },
     PluginRead => "plugin/read" {
@@ -648,21 +659,6 @@ client_request_definitions! {
         serialization: None,
         response: v2::AppsListResponse,
     },
-    DeviceKeyCreate => "device/key/create" {
-        params: v2::DeviceKeyCreateParams,
-        serialization: global("device-key"),
-        response: v2::DeviceKeyCreateResponse,
-    },
-    DeviceKeyPublic => "device/key/public" {
-        params: v2::DeviceKeyPublicParams,
-        serialization: global("device-key"),
-        response: v2::DeviceKeyPublicResponse,
-    },
-    DeviceKeySign => "device/key/sign" {
-        params: v2::DeviceKeySignParams,
-        serialization: global("device-key"),
-        response: v2::DeviceKeySignResponse,
-    },
     // File system requests are intentionally concurrent. Desktop already treats local
     // file system operations as concurrent, and app-server remote fs mirrors that model.
     FsReadFile => "fs/readFile" {
@@ -947,7 +943,7 @@ client_request_definitions! {
 
     ConfigRead => "config/read" {
         params: v2::ConfigReadParams,
-        serialization: global("config"),
+        serialization: global_shared_read("config"),
         response: v2::ConfigReadResponse,
     },
     ExternalAgentConfigDetect => "externalAgentConfig/detect" {
@@ -1655,6 +1651,30 @@ mod tests {
             Some(ClientRequestSerializationScope::Global("config"))
         );
 
+        let skills_list = ClientRequest::SkillsList {
+            request_id: request_id(),
+            params: v2::SkillsListParams {
+                cwds: Vec::new(),
+                force_reload: false,
+            },
+        };
+        assert_eq!(
+            skills_list.serialization_scope(),
+            Some(ClientRequestSerializationScope::GlobalSharedRead("config"))
+        );
+
+        let plugin_list = ClientRequest::PluginList {
+            request_id: request_id(),
+            params: v2::PluginListParams {
+                cwds: None,
+                marketplace_kinds: None,
+            },
+        };
+        assert_eq!(
+            plugin_list.serialization_scope(),
+            Some(ClientRequestSerializationScope::GlobalSharedRead("config"))
+        );
+
         let plugin_uninstall = ClientRequest::PluginUninstall {
             request_id: request_id(),
             params: v2::PluginUninstallParams {
@@ -1705,7 +1725,7 @@ mod tests {
         };
         assert_eq!(
             config_read.serialization_scope(),
-            Some(ClientRequestSerializationScope::Global("config"))
+            Some(ClientRequestSerializationScope::GlobalSharedRead("config"))
         );
 
         let account_read = ClientRequest::GetAccount {
@@ -1760,19 +1780,6 @@ mod tests {
             Some(ClientRequestSerializationScope::Global("config"))
         );
 
-        let device_key_create = ClientRequest::DeviceKeyCreate {
-            request_id: request_id(),
-            params: v2::DeviceKeyCreateParams {
-                protection_policy: None,
-                account_user_id: "user".to_string(),
-                client_id: "client".to_string(),
-            },
-        };
-        assert_eq!(
-            device_key_create.serialization_scope(),
-            Some(ClientRequestSerializationScope::Global("device-key"))
-        );
-
         let add_credits_nudge = ClientRequest::SendAddCreditsNudgeEmail {
             request_id: request_id(),
             params: v2::SendAddCreditsNudgeEmailParams {
@@ -1842,10 +1849,23 @@ mod tests {
                 cursor: None,
                 limit: None,
                 sort_direction: None,
+                items_view: None,
             },
         };
         assert_eq!(thread_turns_list.serialization_scope(), None);
 
+        let thread_turns_items_list = ClientRequest::ThreadTurnsItemsList {
+            request_id: request_id(),
+            params: v2::ThreadTurnsItemsListParams {
+                thread_id: "thread-1".to_string(),
+                turn_id: "turn-1".to_string(),
+                cursor: None,
+                limit: None,
+                sort_direction: None,
+            },
+        };
+        assert_eq!(thread_turns_items_list.serialization_scope(), None);
+
         let mcp_resource_read = ClientRequest::McpResourceRead {
             request_id: request_id(),
             params: v2::McpResourceReadParams {
@@ -2946,6 +2966,7 @@ mod tests {
             thread_id: "thr_123".to_string(),
             turn_id: "turn_123".to_string(),
             item_id: "call_123".to_string(),
+            started_at_ms: 0,
             approval_id: None,
             reason: None,
             network_approval_context: None,

codex-rs/app-server-protocol/src/protocol/item_builders.rs

@@ -243,6 +243,7 @@ pub fn guardian_auto_approval_review_notification(
                     thread_id: conversation_id.to_string(),
                     turn_id,
                     review_id: assessment.id.clone(),
+                    started_at_ms: assessment.started_at_ms,
                     target_item_id: assessment.target_item_id.clone(),
                     review,
                     action,
@@ -258,6 +259,10 @@ pub fn guardian_auto_approval_review_notification(
                     thread_id: conversation_id.to_string(),
                     turn_id,
                     review_id: assessment.id.clone(),
+                    started_at_ms: assessment.started_at_ms,
+                    completed_at_ms: assessment
+                        .completed_at_ms
+                        .unwrap_or(assessment.started_at_ms),
                     target_item_id: assessment.target_item_id.clone(),
                     decision_source: assessment
                         .decision_source

codex-rs/app-server-protocol/src/protocol/thread_history.rs

@@ -2143,6 +2143,8 @@ mod tests {
                 id: "review-guardian-exec".into(),
                 target_item_id: Some("guardian-exec".into()),
                 turn_id: "turn-1".into(),
+                started_at_ms: 1_000,
+                completed_at_ms: None,
                 status: GuardianAssessmentStatus::InProgress,
                 risk_level: None,
                 user_authorization: None,
@@ -2160,6 +2162,8 @@ mod tests {
                 id: "review-guardian-exec".into(),
                 target_item_id: Some("guardian-exec".into()),
                 turn_id: "turn-1".into(),
+                started_at_ms: 1_000,
+                completed_at_ms: Some(1_042),
                 status: GuardianAssessmentStatus::Denied,
                 risk_level: Some(codex_protocol::protocol::GuardianRiskLevel::High),
                 user_authorization: Some(codex_protocol::protocol::GuardianUserAuthorization::Low),
@@ -2222,6 +2226,8 @@ mod tests {
                 id: "review-guardian-execve".into(),
                 target_item_id: Some("guardian-execve".into()),
                 turn_id: "turn-1".into(),
+                started_at_ms: 2_000,
+                completed_at_ms: None,
                 status: GuardianAssessmentStatus::InProgress,
                 risk_level: None,
                 user_authorization: None,
@@ -2525,6 +2531,7 @@ mod tests {
             EventMsg::ApplyPatchApprovalRequest(ApplyPatchApprovalRequestEvent {
                 call_id: "patch-call".into(),
                 turn_id: turn_id.to_string(),
+                started_at_ms: 0,
                 changes: [(
                     PathBuf::from("README.md"),
                     codex_protocol::protocol::FileChange::Add {

codex-rs/app-server-protocol/src/protocol/v2/config.rs

@@ -380,6 +380,12 @@ pub struct ManagedHooksRequirements {
     #[serde(rename = "PostToolUse")]
     #[ts(rename = "PostToolUse")]
     pub post_tool_use: Vec<ConfiguredHookMatcherGroup>,
+    #[serde(rename = "PreCompact")]
+    #[ts(rename = "PreCompact")]
+    pub pre_compact: Vec<ConfiguredHookMatcherGroup>,
+    #[serde(rename = "PostCompact")]
+    #[ts(rename = "PostCompact")]
+    pub post_compact: Vec<ConfiguredHookMatcherGroup>,
     #[serde(rename = "SessionStart")]
     #[ts(rename = "SessionStart")]
     pub session_start: Vec<ConfiguredHookMatcherGroup>,

codex-rs/app-server-protocol/src/protocol/v2/device_key.rs

@@ -1,181 +0,0 @@
-use schemars::JsonSchema;
-use serde::Deserialize;
-use serde::Serialize;
-use ts_rs::TS;
-
-/// Device-key algorithm reported at enrollment and signing boundaries.
-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "snake_case")]
-#[ts(rename_all = "snake_case", export_to = "v2/")]
-pub enum DeviceKeyAlgorithm {
-    EcdsaP256Sha256,
-}
-
-/// Platform protection class for a controller-local device key.
-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "snake_case")]
-#[ts(rename_all = "snake_case", export_to = "v2/")]
-pub enum DeviceKeyProtectionClass {
-    HardwareSecureEnclave,
-    HardwareTpm,
-    OsProtectedNonextractable,
-}
-
-/// Protection policy for creating or loading a controller-local device key.
-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "snake_case")]
-#[ts(rename_all = "snake_case", export_to = "v2/")]
-pub enum DeviceKeyProtectionPolicy {
-    HardwareOnly,
-    AllowOsProtectedNonextractable,
-}
-
-/// Create a controller-local device key with a random key id.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct DeviceKeyCreateParams {
-    /// Defaults to `hardware_only` when omitted.
-    #[ts(optional = nullable)]
-    pub protection_policy: Option<DeviceKeyProtectionPolicy>,
-    pub account_user_id: String,
-    pub client_id: String,
-}
-
-/// Device-key metadata and public key returned by create/public APIs.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct DeviceKeyCreateResponse {
-    pub key_id: String,
-    /// SubjectPublicKeyInfo DER encoded as base64.
-    pub public_key_spki_der_base64: String,
-    pub algorithm: DeviceKeyAlgorithm,
-    pub protection_class: DeviceKeyProtectionClass,
-}
-
-/// Fetch a controller-local device key public key by id.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct DeviceKeyPublicParams {
-    pub key_id: String,
-}
-
-/// Device-key public metadata returned by `device/key/public`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct DeviceKeyPublicResponse {
-    pub key_id: String,
-    /// SubjectPublicKeyInfo DER encoded as base64.
-    pub public_key_spki_der_base64: String,
-    pub algorithm: DeviceKeyAlgorithm,
-    pub protection_class: DeviceKeyProtectionClass,
-}
-
-/// Current remote-control connection status and environment id exposed to clients.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct RemoteControlStatusChangedNotification {
-    pub status: RemoteControlConnectionStatus,
-    pub environment_id: Option<String>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(rename_all = "camelCase", export_to = "v2/")]
-pub enum RemoteControlConnectionStatus {
-    Disabled,
-    Connecting,
-    Connected,
-    Errored,
-}
-
-/// Audience for a remote-control client connection device-key proof.
-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "snake_case")]
-#[ts(rename_all = "snake_case", export_to = "v2/")]
-pub enum RemoteControlClientConnectionAudience {
-    RemoteControlClientWebsocket,
-}
-
-/// Audience for a remote-control client enrollment device-key proof.
-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "snake_case")]
-#[ts(rename_all = "snake_case", export_to = "v2/")]
-pub enum RemoteControlClientEnrollmentAudience {
-    RemoteControlClientEnrollment,
-}
-
-/// Structured payloads accepted by `device/key/sign`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(tag = "type", rename_all = "camelCase")]
-#[ts(tag = "type", export_to = "v2/")]
-pub enum DeviceKeySignPayload {
-    /// Payload bound to one remote-control controller websocket `/client` connection challenge.
-    #[serde(rename_all = "camelCase")]
-    #[ts(rename_all = "camelCase")]
-    RemoteControlClientConnection {
-        nonce: String,
-        audience: RemoteControlClientConnectionAudience,
-        /// Backend-issued websocket session id that this proof authorizes.
-        session_id: String,
-        /// Origin of the backend endpoint that issued the challenge and will verify this proof.
-        target_origin: String,
-        /// Websocket route path that this proof authorizes.
-        target_path: String,
-        account_user_id: String,
-        client_id: String,
-        /// Remote-control token expiration as Unix seconds.
-        #[ts(type = "number")]
-        token_expires_at: i64,
-        /// SHA-256 of the controller-scoped remote-control token, encoded as unpadded base64url.
-        token_sha256_base64url: String,
-        /// Must contain exactly `remote_control_controller_websocket`.
-        scopes: Vec<String>,
-    },
-    /// Payload bound to a remote-control client `/client/enroll` ownership challenge.
-    #[serde(rename_all = "camelCase")]
-    #[ts(rename_all = "camelCase")]
-    RemoteControlClientEnrollment {
-        nonce: String,
-        audience: RemoteControlClientEnrollmentAudience,
-        /// Backend-issued enrollment challenge id that this proof authorizes.
-        challenge_id: String,
-        /// Origin of the backend endpoint that issued the challenge and will verify this proof.
-        target_origin: String,
-        /// HTTP route path that this proof authorizes.
-        target_path: String,
-        account_user_id: String,
-        client_id: String,
-        /// SHA-256 of the requested device identity operation, encoded as unpadded base64url.
-        device_identity_sha256_base64url: String,
-        /// Enrollment challenge expiration as Unix seconds.
-        #[ts(type = "number")]
-        challenge_expires_at: i64,
-    },
-}
-
-/// Sign an accepted structured payload with a controller-local device key.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct DeviceKeySignParams {
-    pub key_id: String,
-    pub payload: DeviceKeySignPayload,
-}
-
-/// ASN.1 DER signature returned by `device/key/sign`.
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct DeviceKeySignResponse {
-    /// ECDSA signature DER encoded as base64.
-    pub signature_der_base64: String,
-    /// Exact bytes signed by the device key, encoded as base64. Verifiers must verify this byte
-    /// string directly and must not reserialize `payload`.
-    pub signed_payload_base64: String,
-    pub algorithm: DeviceKeyAlgorithm,
-}

codex-rs/app-server-protocol/src/protocol/v2/hook.rs

@@ -17,7 +17,7 @@ use ts_rs::TS;
 
 v2_enum_from_core!(
     pub enum HookEventName from CoreHookEventName {
-        PreToolUse, PermissionRequest, PostToolUse, SessionStart, UserPromptSubmit, Stop
+        PreToolUse, PermissionRequest, PostToolUse, PreCompact, PostCompact, SessionStart, UserPromptSubmit, Stop
     }
 );
 

codex-rs/app-server-protocol/src/protocol/v2/item.rs

@@ -1073,6 +1073,9 @@ pub struct ItemStartedNotification {
 pub struct ItemGuardianApprovalReviewStartedNotification {
     pub thread_id: String,
     pub turn_id: String,
+    /// Unix timestamp (in milliseconds) when this review started.
+    #[ts(type = "number")]
+    pub started_at_ms: i64,
     /// Stable identifier for this review.
     pub review_id: String,
     /// Identifier for the reviewed item or tool call when one exists.
@@ -1099,6 +1102,12 @@ pub struct ItemGuardianApprovalReviewStartedNotification {
 pub struct ItemGuardianApprovalReviewCompletedNotification {
     pub thread_id: String,
     pub turn_id: String,
+    /// Unix timestamp (in milliseconds) when this review started.
+    #[ts(type = "number")]
+    pub started_at_ms: i64,
+    /// Unix timestamp (in milliseconds) when this review completed.
+    #[ts(type = "number")]
+    pub completed_at_ms: i64,
     /// Stable identifier for this review.
     pub review_id: String,
     /// Identifier for the reviewed item or tool call when one exists.
@@ -1248,6 +1257,9 @@ pub struct CommandExecutionRequestApprovalParams {
     pub thread_id: String,
     pub turn_id: String,
     pub item_id: String,
+    /// Unix timestamp (in milliseconds) when this approval request started.
+    #[ts(type = "number")]
+    pub started_at_ms: i64,
     /// Unique identifier for this specific approval callback.
     ///
     /// For regular shell/unified_exec approvals, this is null.
@@ -1321,6 +1333,9 @@ pub struct FileChangeRequestApprovalParams {
     pub thread_id: String,
     pub turn_id: String,
     pub item_id: String,
+    /// Unix timestamp (in milliseconds) when this approval request started.
+    #[ts(type = "number")]
+    pub started_at_ms: i64,
     /// Optional explanatory reason (e.g. request for extra write access).
     #[ts(optional = nullable)]
     pub reason: Option<String>,

codex-rs/app-server-protocol/src/protocol/v2/mod.rs

@@ -5,7 +5,6 @@ mod apps;
 mod collaboration_mode;
 mod command_exec;
 mod config;
-mod device_key;
 mod experimental_feature;
 mod feedback;
 mod fs;
@@ -18,6 +17,7 @@ mod permissions;
 mod plugin;
 mod process;
 mod realtime;
+mod remote_control;
 mod review;
 mod thread;
 mod thread_data;
@@ -29,7 +29,6 @@ pub use apps::*;
 pub use collaboration_mode::*;
 pub use command_exec::*;
 pub use config::*;
-pub use device_key::*;
 pub use experimental_feature::*;
 pub use feedback::*;
 pub use fs::*;
@@ -42,6 +41,7 @@ pub use permissions::*;
 pub use plugin::*;
 pub use process::*;
 pub use realtime::*;
+pub use remote_control::*;
 pub use review::*;
 pub use shared::*;
 pub use thread::*;

codex-rs/app-server-protocol/src/protocol/v2/permissions.rs

@@ -826,6 +826,9 @@ pub struct PermissionsRequestApprovalParams {
     pub thread_id: String,
     pub turn_id: String,
     pub item_id: String,
+    /// Unix timestamp (in milliseconds) when this approval request started.
+    #[ts(type = "number")]
+    pub started_at_ms: i64,
     pub cwd: AbsolutePathBuf,
     pub reason: Option<String>,
     pub permissions: RequestPermissionProfile,

codex-rs/app-server-protocol/src/protocol/v2/plugin.rs

@@ -15,7 +15,7 @@ use serde::Serialize;
 use std::path::PathBuf;
 use ts_rs::TS;
 
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[derive(Serialize, Deserialize, Debug, Clone, Default, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]
 pub struct SkillsListParams {
@@ -26,19 +26,6 @@ pub struct SkillsListParams {
     /// When true, bypass the skills cache and re-scan skills from disk.
     #[serde(default, skip_serializing_if = "std::ops::Not::not")]
     pub force_reload: bool,
-
-    /// Optional per-cwd extra roots to scan as user-scoped skills.
-    #[serde(default)]
-    #[ts(optional = nullable)]
-    pub per_cwd_extra_user_roots: Option<Vec<SkillsListExtraRootsForCwd>>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct SkillsListExtraRootsForCwd {
-    pub cwd: PathBuf,
-    pub extra_user_roots: Vec<PathBuf>,
 }
 
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
@@ -132,6 +119,24 @@ pub struct PluginListParams {
     /// only home-scoped marketplaces and the official curated marketplace are considered.
     #[ts(optional = nullable)]
     pub cwds: Option<Vec<AbsolutePathBuf>>,
+    /// Optional marketplace kind filter. When omitted, only local marketplaces are queried, plus
+    /// the default remote catalog when enabled by feature flag.
+    #[ts(optional = nullable)]
+    pub marketplace_kinds: Option<Vec<PluginListMarketplaceKind>>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
+#[ts(export_to = "v2/")]
+pub enum PluginListMarketplaceKind {
+    #[serde(rename = "local")]
+    #[ts(rename = "local")]
+    Local,
+    #[serde(rename = "workspace-directory")]
+    #[ts(rename = "workspace-directory")]
+    WorkspaceDirectory,
+    #[serde(rename = "shared-with-me")]
+    #[ts(rename = "shared-with-me")]
+    SharedWithMe,
 }
 
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
@@ -501,6 +506,8 @@ pub enum PluginAvailability {
 pub struct PluginSummary {
     pub id: String,
     pub name: String,
+    /// Remote sharing context associated with this plugin when available.
+    pub share_context: Option<PluginShareContext>,
     pub source: PluginSource,
     pub installed: bool,
     pub enabled: bool,
@@ -514,6 +521,17 @@ pub struct PluginSummary {
     pub keywords: Vec<String>,
 }
 
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct PluginShareContext {
+    pub remote_plugin_id: String,
+    pub share_url: Option<String>,
+    pub creator_account_user_id: Option<String>,
+    pub creator_name: Option<String>,
+    pub share_targets: Option<Vec<PluginSharePrincipal>>,
+}
+
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]
@@ -523,10 +541,19 @@ pub struct PluginDetail {
     pub summary: PluginSummary,
     pub description: Option<String>,
     pub skills: Vec<SkillSummary>,
+    pub hooks: Vec<PluginHookSummary>,
     pub apps: Vec<AppSummary>,
     pub mcp_servers: Vec<String>,
 }
 
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct PluginHookSummary {
+    pub key: String,
+    pub event_name: HookEventName,
+}
+
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]

codex-rs/app-server-protocol/src/protocol/v2/remote_control.rs

@@ -0,0 +1,23 @@
+use schemars::JsonSchema;
+use serde::Deserialize;
+use serde::Serialize;
+use ts_rs::TS;
+
+/// Current remote-control connection status and environment id exposed to clients.
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct RemoteControlStatusChangedNotification {
+    pub status: RemoteControlConnectionStatus,
+    pub environment_id: Option<String>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(rename_all = "camelCase", export_to = "v2/")]
+pub enum RemoteControlConnectionStatus {
+    Disabled,
+    Connecting,
+    Connected,
+    Errored,
+}

codex-rs/app-server-protocol/src/protocol/v2/tests.rs

@@ -95,6 +95,59 @@ fn turn_defaults_legacy_missing_items_view_to_full() {
     assert_eq!(turn.items_view, TurnItemsView::Full);
 }
 
+#[test]
+fn thread_turns_list_params_accepts_items_view() {
+    let params = serde_json::from_value::<ThreadTurnsListParams>(json!({
+        "threadId": "thr_123",
+        "cursor": null,
+        "limit": 25,
+        "sortDirection": "desc",
+        "itemsView": "notLoaded",
+    }))
+    .expect("thread turns list params should deserialize");
+
+    assert_eq!(params.thread_id, "thr_123");
+    assert_eq!(params.items_view, Some(TurnItemsView::NotLoaded));
+}
+
+#[test]
+fn thread_turns_items_list_round_trips() {
+    let params = ThreadTurnsItemsListParams {
+        thread_id: "thr_123".to_string(),
+        turn_id: "turn_456".to_string(),
+        cursor: Some("cursor_1".to_string()),
+        limit: Some(50),
+        sort_direction: Some(SortDirection::Asc),
+    };
+
+    assert_eq!(
+        serde_json::to_value(&params).expect("serialize params"),
+        json!({
+            "threadId": "thr_123",
+            "turnId": "turn_456",
+            "cursor": "cursor_1",
+            "limit": 50,
+            "sortDirection": "asc",
+        })
+    );
+    let response = ThreadTurnsItemsListResponse {
+        data: vec![ThreadItem::ContextCompaction {
+            id: "item_1".to_string(),
+        }],
+        next_cursor: None,
+        backwards_cursor: Some("cursor_0".to_string()),
+    };
+
+    assert_eq!(
+        serde_json::to_value(&response).expect("serialize response"),
+        json!({
+            "data": [{"type": "contextCompaction", "id": "item_1"}],
+            "nextCursor": null,
+            "backwardsCursor": "cursor_0",
+        })
+    );
+}
+
 #[test]
 fn thread_list_params_accepts_single_cwd() {
     let params = serde_json::from_value::<ThreadListParams>(json!({
@@ -224,6 +277,7 @@ fn command_execution_request_approval_rejects_relative_additional_permission_pat
         "threadId": "thr_123",
         "turnId": "turn_123",
         "itemId": "call_123",
+        "startedAtMs": 1,
         "command": "cat file",
         "cwd": absolute_path_string("tmp"),
         "commandActions": null,
@@ -264,6 +318,7 @@ fn permissions_request_approval_uses_request_permission_profile() {
         "threadId": "thr_123",
         "turnId": "turn_123",
         "itemId": "call_123",
+        "startedAtMs": 1,
         "cwd": absolute_path_string("repo"),
         "reason": "Select a workspace root",
         "permissions": {
@@ -326,6 +381,7 @@ fn permissions_request_approval_rejects_macos_permissions() {
         "threadId": "thr_123",
         "turnId": "turn_123",
         "itemId": "call_123",
+        "startedAtMs": 1,
         "cwd": absolute_path_string("repo"),
         "reason": "Select a workspace root",
         "permissions": {
@@ -664,181 +720,6 @@ fn fs_read_file_params_round_trip() {
     assert_eq!(decoded, params);
 }
 
-#[test]
-fn device_key_create_params_round_trip_uses_protection_policy() {
-    let params = DeviceKeyCreateParams {
-        protection_policy: None,
-        account_user_id: "account-user-1".to_string(),
-        client_id: "cli_123".to_string(),
-    };
-
-    let value = serde_json::to_value(&params).expect("serialize device/key/create params");
-    assert_eq!(
-        value,
-        json!({
-            "accountUserId": "account-user-1",
-            "clientId": "cli_123",
-            "protectionPolicy": null,
-        })
-    );
-
-    let decoded = serde_json::from_value::<DeviceKeyCreateParams>(value)
-        .expect("deserialize device/key/create params");
-    assert_eq!(decoded, params);
-
-    let params = DeviceKeyCreateParams {
-        protection_policy: Some(DeviceKeyProtectionPolicy::AllowOsProtectedNonextractable),
-        account_user_id: "account-user-1".to_string(),
-        client_id: "cli_123".to_string(),
-    };
-    let value = serde_json::to_value(&params)
-        .expect("serialize device/key/create params with protection policy");
-    assert_eq!(
-        value,
-        json!({
-            "accountUserId": "account-user-1",
-            "clientId": "cli_123",
-            "protectionPolicy": "allow_os_protected_nonextractable",
-        })
-    );
-}
-
-#[test]
-fn device_key_create_response_round_trips_protection_class() {
-    let response = DeviceKeyCreateResponse {
-        key_id: "dk_123".to_string(),
-        public_key_spki_der_base64: "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE".to_string(),
-        algorithm: DeviceKeyAlgorithm::EcdsaP256Sha256,
-        protection_class: DeviceKeyProtectionClass::OsProtectedNonextractable,
-    };
-
-    let value = serde_json::to_value(&response).expect("serialize device/key/create response");
-    assert_eq!(
-        value,
-        json!({
-            "keyId": "dk_123",
-            "publicKeySpkiDerBase64": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE",
-            "algorithm": "ecdsa_p256_sha256",
-            "protectionClass": "os_protected_nonextractable",
-        })
-    );
-
-    let decoded = serde_json::from_value::<DeviceKeyCreateResponse>(value)
-        .expect("deserialize device/key/create response");
-    assert_eq!(decoded, response);
-}
-
-#[test]
-fn device_key_sign_params_round_trip_uses_accepted_payload_enum() {
-    let params = DeviceKeySignParams {
-        key_id: "dk_123".to_string(),
-        payload: DeviceKeySignPayload::RemoteControlClientConnection {
-            nonce: "nonce-1".to_string(),
-            audience: RemoteControlClientConnectionAudience::RemoteControlClientWebsocket,
-            session_id: "wssess_123".to_string(),
-            target_origin: "https://chatgpt.com".to_string(),
-            target_path: "/api/codex/remote/control/client".to_string(),
-            account_user_id: "account-user-1".to_string(),
-            client_id: "cli_123".to_string(),
-            token_sha256_base64url: "47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU".to_string(),
-            token_expires_at: 1_700_000_000,
-            scopes: vec!["remote_control_controller_websocket".to_string()],
-        },
-    };
-
-    let value = serde_json::to_value(&params).expect("serialize device/key/sign params");
-    assert_eq!(
-        value,
-        json!({
-            "keyId": "dk_123",
-            "payload": {
-                "type": "remoteControlClientConnection",
-                "nonce": "nonce-1",
-                "audience": "remote_control_client_websocket",
-                "sessionId": "wssess_123",
-                "targetOrigin": "https://chatgpt.com",
-                "targetPath": "/api/codex/remote/control/client",
-                "accountUserId": "account-user-1",
-                "clientId": "cli_123",
-                "tokenSha256Base64url": "47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU",
-                "tokenExpiresAt": 1_700_000_000,
-                "scopes": ["remote_control_controller_websocket"],
-            },
-        })
-    );
-
-    let decoded = serde_json::from_value::<DeviceKeySignParams>(value)
-        .expect("deserialize device/key/sign params");
-    assert_eq!(decoded, params);
-}
-
-#[test]
-fn device_key_sign_params_round_trip_uses_enrollment_payload() {
-    let params = DeviceKeySignParams {
-        key_id: "dk_123".to_string(),
-        payload: DeviceKeySignPayload::RemoteControlClientEnrollment {
-            nonce: "nonce-1".to_string(),
-            audience: RemoteControlClientEnrollmentAudience::RemoteControlClientEnrollment,
-            challenge_id: "rch_123".to_string(),
-            target_origin: "https://chatgpt.com".to_string(),
-            target_path: "/wham/remote/control/client/enroll".to_string(),
-            account_user_id: "account-user-1".to_string(),
-            client_id: "cli_123".to_string(),
-            device_identity_sha256_base64url: "47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU"
-                .to_string(),
-            challenge_expires_at: 1_700_000_000,
-        },
-    };
-
-    let value = serde_json::to_value(&params)
-        .expect("serialize device/key/sign params with enrollment payload");
-    assert_eq!(
-        value,
-        json!({
-            "keyId": "dk_123",
-            "payload": {
-                "type": "remoteControlClientEnrollment",
-                "nonce": "nonce-1",
-                "audience": "remote_control_client_enrollment",
-                "challengeId": "rch_123",
-                "targetOrigin": "https://chatgpt.com",
-                "targetPath": "/wham/remote/control/client/enroll",
-                "accountUserId": "account-user-1",
-                "clientId": "cli_123",
-                "deviceIdentitySha256Base64url": "47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU",
-                "challengeExpiresAt": 1_700_000_000,
-            },
-        })
-    );
-
-    let decoded = serde_json::from_value::<DeviceKeySignParams>(value)
-        .expect("deserialize device/key/sign params with enrollment payload");
-    assert_eq!(decoded, params);
-}
-
-#[test]
-fn device_key_sign_response_returns_signed_payload_bytes() {
-    let response = DeviceKeySignResponse {
-        signature_der_base64: "MEUCIQD".to_string(),
-        signed_payload_base64: "eyJkb21haW4iOiJjb2RleA".to_string(),
-        algorithm: DeviceKeyAlgorithm::EcdsaP256Sha256,
-    };
-
-    let value = serde_json::to_value(&response).expect("serialize device/key/sign response");
-    assert_eq!(
-        value,
-        json!({
-            "signatureDerBase64": "MEUCIQD",
-            "signedPayloadBase64": "eyJkb21haW4iOiJjb2RleA",
-            "algorithm": "ecdsa_p256_sha256",
-        })
-    );
-
-    let decoded = serde_json::from_value::<DeviceKeySignResponse>(value)
-        .expect("deserialize device/key/sign response");
-    assert_eq!(decoded, response);
-}
-
 #[test]
 fn fs_create_directory_params_round_trip_with_default_recursive() {
     let params = FsCreateDirectoryParams {
@@ -2627,33 +2508,20 @@ fn skills_list_params_serialization_uses_force_reload() {
         serde_json::to_value(SkillsListParams {
             cwds: Vec::new(),
             force_reload: false,
-            per_cwd_extra_user_roots: None,
         })
         .unwrap(),
-        json!({
-            "perCwdExtraUserRoots": null,
-        }),
+        json!({}),
     );
 
     assert_eq!(
         serde_json::to_value(SkillsListParams {
             cwds: vec![PathBuf::from("/repo")],
             force_reload: true,
-            per_cwd_extra_user_roots: Some(vec![SkillsListExtraRootsForCwd {
-                cwd: PathBuf::from("/repo"),
-                extra_user_roots: vec![PathBuf::from("/shared/skills"), PathBuf::from("/tmp/x")],
-            }]),
         })
         .unwrap(),
         json!({
             "cwds": ["/repo"],
             "forceReload": true,
-            "perCwdExtraUserRoots": [
-                {
-                    "cwd": "/repo",
-                    "extraUserRoots": ["/shared/skills", "/tmp/x"],
-                }
-            ],
         }),
     );
 }
@@ -2843,7 +2711,33 @@ fn plugin_list_params_ignore_removed_force_remote_sync_field() {
             "forceRemoteSync": true,
         }))
         .unwrap(),
-        PluginListParams { cwds: None },
+        PluginListParams {
+            cwds: None,
+            marketplace_kinds: None,
+        },
+    );
+}
+
+#[test]
+fn plugin_list_params_serializes_marketplace_kind_filter() {
+    assert_eq!(
+        serde_json::to_value(PluginListParams {
+            cwds: None,
+            marketplace_kinds: Some(vec![
+                PluginListMarketplaceKind::Local,
+                PluginListMarketplaceKind::WorkspaceDirectory,
+                PluginListMarketplaceKind::SharedWithMe,
+            ]),
+        })
+        .unwrap(),
+        json!({
+            "cwds": null,
+            "marketplaceKinds": [
+                "local",
+                "workspace-directory",
+                "shared-with-me",
+            ],
+        }),
     );
 }
 
@@ -3099,6 +2993,7 @@ fn plugin_share_list_response_serializes_share_items() {
                 plugin: PluginSummary {
                     id: "plugins~Plugin_00000000000000000000000000000000".to_string(),
                     name: "gmail".to_string(),
+                    share_context: None,
                     source: PluginSource::Remote,
                     installed: false,
                     enabled: false,
@@ -3118,6 +3013,7 @@ fn plugin_share_list_response_serializes_share_items() {
                 "plugin": {
                     "id": "plugins~Plugin_00000000000000000000000000000000",
                     "name": "gmail",
+                    "shareContext": null,
                     "source": { "type": "remote" },
                     "installed": false,
                     "enabled": false,
@@ -3149,6 +3045,7 @@ fn plugin_summary_defaults_missing_availability_to_available() {
     .unwrap();
 
     assert_eq!(summary.availability, PluginAvailability::Available);
+    assert_eq!(summary.share_context, None);
 }
 
 #[test]

codex-rs/app-server-protocol/src/protocol/v2/thread.rs

@@ -6,9 +6,11 @@ use super::PermissionProfileSelectionParams;
 use super::SandboxMode;
 use super::SandboxPolicy;
 use super::Thread;
+use super::ThreadItem;
 use super::ThreadSource;
 use super::Turn;
 use super::TurnEnvironmentParams;
+use super::TurnItemsView;
 use super::shared::v2_enum_from_core;
 use codex_experimental_api_macros::ExperimentalApi;
 use codex_protocol::config_types::Personality;
@@ -1005,6 +1007,9 @@ pub struct ThreadTurnsListParams {
     /// Optional turn pagination direction; defaults to descending.
     #[ts(optional = nullable)]
     pub sort_direction: Option<SortDirection>,
+    /// How much item detail to include for each returned turn; defaults to summary.
+    #[ts(optional = nullable)]
+    pub items_view: Option<TurnItemsView>,
 }
 
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
@@ -1022,6 +1027,36 @@ pub struct ThreadTurnsListResponse {
     pub backwards_cursor: Option<String>,
 }
 
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct ThreadTurnsItemsListParams {
+    pub thread_id: String,
+    pub turn_id: String,
+    /// Opaque cursor to pass to the next call to continue after the last item.
+    #[ts(optional = nullable)]
+    pub cursor: Option<String>,
+    /// Optional item page size.
+    #[ts(optional = nullable)]
+    pub limit: Option<u32>,
+    /// Optional item pagination direction; defaults to ascending.
+    #[ts(optional = nullable)]
+    pub sort_direction: Option<SortDirection>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct ThreadTurnsItemsListResponse {
+    pub data: Vec<ThreadItem>,
+    /// Opaque cursor to pass to the next call to continue after the last item.
+    /// if None, there are no more items to return.
+    pub next_cursor: Option<String>,
+    /// Opaque cursor to pass as `cursor` when reversing `sortDirection`.
+    /// This is only populated when the page contains at least one item.
+    pub backwards_cursor: Option<String>,
+}
+
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]