Exp1

2026-05-16 09:12:54 +00:00 · 2025-10-28 18:51:30 +00:00
258 changed files with 4869 additions and 16155 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -46,7 +46,7 @@ jobs:
          echo "pack_output=$PACK_OUTPUT" >> "$GITHUB_OUTPUT"

      - name: Upload staged npm package artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v4
        with:
          name: codex-npm-staging
          path: ${{ steps.stage_npm_package.outputs.pack_output }}
--- a/.github/workflows/issue-deduplicator.yml
+++ b/.github/workflows/issue-deduplicator.yml
@@ -16,7 +16,7 @@ jobs:
    outputs:
      codex_output: ${{ steps.codex.outputs.final-message }}
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4

      - name: Prepare Codex inputs
        env:
@@ -87,7 +87,7 @@ jobs:
      issues: write
    steps:
      - name: Comment on issue
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
        env:
          CODEX_OUTPUT: ${{ needs.gather-duplicates.outputs.codex_output }}
        with:
--- a/.github/workflows/issue-labeler.yml
+++ b/.github/workflows/issue-labeler.yml
@@ -16,7 +16,7 @@ jobs:
    outputs:
      codex_output: ${{ steps.codex.outputs.final-message }}
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4

      - id: codex
        uses: openai/codex-action@main
--- a/.github/workflows/rust-release.yml
+++ b/.github/workflows/rust-release.yml
@@ -53,6 +53,10 @@ jobs:
    defaults:
      run:
        working-directory: codex-rs
+    env:
+      RUSTC_WRAPPER: sccache
+      CARGO_INCREMENTAL: "0"
+      SCCACHE_CACHE_SIZE: 10G

    strategy:
      fail-fast: false
@@ -88,14 +92,80 @@ jobs:
            ~/.cargo/registry/index/
            ~/.cargo/registry/cache/
            ~/.cargo/git/db/
-            ${{ github.workspace }}/codex-rs/target/
-          key: cargo-${{ matrix.runner }}-${{ matrix.target }}-release-${{ hashFiles('**/Cargo.lock') }}
+          key: cargo-${{ matrix.runner }}-${{ matrix.target }}-release-${{ hashFiles('**/Cargo.lock') }}-${{ hashFiles('codex-rs/rust-toolchain.toml') }}
+          restore-keys: |
+            cargo-${{ matrix.runner }}-${{ matrix.target }}-release-
+
+      - name: Install sccache
+        uses: taiki-e/install-action@0c5db7f7f897c03b771660e91d065338615679f4 # v2
+        with:
+          tool: sccache
+          version: 0.7.5
+
+      - name: Configure sccache backend
+        shell: bash
+        run: |
+          set -euo pipefail
+          if [[ -n "${ACTIONS_CACHE_URL:-}" && -n "${ACTIONS_RUNTIME_TOKEN:-}" ]]; then
+            echo "SCCACHE_GHA_ENABLED=true" >> "$GITHUB_ENV"
+            echo "Using sccache GitHub backend"
+          else
+            echo "SCCACHE_GHA_ENABLED=false" >> "$GITHUB_ENV"
+            echo "SCCACHE_DIR=${{ github.workspace }}/.sccache" >> "$GITHUB_ENV"
+            echo "Using sccache local disk + actions/cache fallback"
+          fi
+
+      - name: Restore sccache cache (fallback)
+        if: ${{ env.SCCACHE_GHA_ENABLED != 'true' }}
+        id: cache_sccache_restore
+        uses: actions/cache/restore@v4
+        with:
+          path: ${{ github.workspace }}/.sccache/
+          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-release-${{ hashFiles('**/Cargo.lock') }}-${{ github.run_id }}
+          restore-keys: |
+            sccache-${{ matrix.runner }}-${{ matrix.target }}-release-${{ hashFiles('**/Cargo.lock') }}-
+            sccache-${{ matrix.runner }}-${{ matrix.target }}-release-
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Prepare APT cache directories (musl)
+        shell: bash
+        run: |
+          set -euo pipefail
+          sudo mkdir -p /var/cache/apt/archives /var/lib/apt/lists
+          sudo chown -R "$USER:$USER" /var/cache/apt /var/lib/apt/lists
+
+      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
+        name: Restore APT cache (musl)
+        id: cache_apt_restore
+        uses: actions/cache/restore@v4
+        with:
+          path: |
+            /var/cache/apt
+          key: apt-${{ matrix.runner }}-${{ matrix.target }}-v1

      - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
        name: Install musl build tools
+        env:
+          DEBIAN_FRONTEND: noninteractive
+        shell: bash
        run: |
-          sudo apt-get update
-          sudo apt-get install -y musl-tools pkg-config
+          set -euo pipefail
+          sudo apt-get -y update -o Acquire::Retries=3
+          sudo apt-get -y install --no-install-recommends musl-tools pkg-config
+
+      - name: Install cargo-chef
+        uses: taiki-e/install-action@0c5db7f7f897c03b771660e91d065338615679f4 # v2
+        with:
+          tool: cargo-chef
+          version: 0.1.71
+
+      - name: Pre-warm dependency cache (cargo-chef)
+        shell: bash
+        run: |
+          set -euo pipefail
+          RECIPE="${RUNNER_TEMP}/chef-recipe.json"
+          cargo chef prepare --recipe-path "$RECIPE"
+          cargo chef cook --recipe-path "$RECIPE" --target ${{ matrix.target }} --release --all-features

      - name: Cargo build
        run: cargo build --target ${{ matrix.target }} --release --bin codex --bin codex-responses-api-proxy
@@ -327,6 +397,40 @@ jobs:
            zstd -T0 -19 --rm "$dest/$base"
          done

+      - name: Save APT cache (musl)
+        if: always() && !cancelled() && (matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl') && steps.cache_apt_restore.outputs.cache-hit != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@v4
+        with:
+          path: |
+            /var/cache/apt
+          key: apt-${{ matrix.runner }}-${{ matrix.target }}-v1
+
+      - name: Save sccache cache (fallback)
+        if: always() && !cancelled() && env.SCCACHE_GHA_ENABLED != 'true'
+        continue-on-error: true
+        uses: actions/cache/save@v4
+        with:
+          path: ${{ github.workspace }}/.sccache/
+          key: sccache-${{ matrix.runner }}-${{ matrix.target }}-release-${{ hashFiles('**/Cargo.lock') }}-${{ github.run_id }}
+
+      - name: sccache stats
+        if: always()
+        continue-on-error: true
+        run: sccache --show-stats || true
+
+      - name: sccache summary
+        if: always()
+        shell: bash
+        run: |
+          {
+            echo "### sccache stats — ${{ matrix.target }} (release)";
+            echo;
+            echo '```';
+            sccache --show-stats || true;
+            echo '```';
+          } >> "$GITHUB_STEP_SUMMARY"
+
      - name: Remove signing keychain
        if: ${{ always() && matrix.runner == 'macos-15-xlarge' }}
        shell: bash
@@ -350,7 +454,7 @@ jobs:
            fi
          fi

-      - uses: actions/upload-artifact@v5
+      - uses: actions/upload-artifact@v4
        with:
          name: ${{ matrix.target }}
          # Upload the per-binary .zst files as well as the new .tar.gz
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1 +1 @@
-The changelog can be found on the [releases page](https://github.com/openai/codex/releases).
+The changelog can be found on the [releases page](https://github.com/openai/codex/releases)
--- a/README.md
+++ b/README.md
@@ -33,7 +33,7 @@ Then simply run `codex` to get started:
 codex
 ```

-If you're running into upgrade issues with Homebrew, see the [FAQ entry on brew upgrade codex](./docs/faq.md#brew-upgrade-codex-isnt-upgrading-me).
+If you're running into upgrade issues with Homebrew, see the [FAQ entry on brew upgrade codex](./docs/faq.md#brew-update-codex-isnt-upgrading-me).

 <details>
 <summary>You can also go to the <a href="https://github.com/openai/codex/releases/latest">latest GitHub Release</a> and download the appropriate binary for your platform.</summary>
@@ -75,13 +75,11 @@ Codex CLI supports a rich set of configuration options, with preferences stored

 - [**Getting started**](./docs/getting-started.md)
  - [CLI usage](./docs/getting-started.md#cli-usage)
-  - [Slash Commands](./docs/slash_commands.md)
  - [Running with a prompt as input](./docs/getting-started.md#running-with-a-prompt-as-input)
  - [Example prompts](./docs/getting-started.md#example-prompts)
  - [Custom prompts](./docs/prompts.md)
  - [Memory with AGENTS.md](./docs/getting-started.md#memory-with-agentsmd)
- [**Configuration**](./docs/config.md)
-  - [Example config](./docs/example-config.md)
+  - [Configuration](./docs/config.md)
 - [**Sandbox & approvals**](./docs/sandbox.md)
 - [**Authentication**](./docs/authentication.md)
  - [Auth methods](./docs/authentication.md#forcing-a-specific-auth-method-advanced)
--- a/codex-rs/.cargo/config.toml
+++ b/codex-rs/.cargo/config.toml
@@ -1,5 +0,0 @@
-[target.'cfg(all(windows, target_env = "msvc"))']
-rustflags = ["-C", "link-arg=/STACK:8388608"]
-
-[target.'cfg(all(windows, target_env = "gnu"))']
-rustflags = ["-C", "link-arg=-Wl,--stack,8388608"]
--- a/codex-rs/Cargo.lock
+++ b/codex-rs/Cargo.lock
@@ -172,9 +172,9 @@ dependencies = [

 [[package]]
 name = "anyhow"
-version = "1.0.100"
+version = "1.0.99"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a23eb6b1614318a8071c9b2521f36b424b2c83db5eb3a0fead4a6c0809af6e61"
+checksum = "b0674a1ddeecb70197781e945de4b3b8ffb61fa939a5597bcf48503737663100"

 [[package]]
 name = "app_test_support"
@@ -592,9 +592,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"

 [[package]]
 name = "bitflags"
-version = "2.10.0"
+version = "2.9.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "812e12b5285cc515a9c72a5c1d3b6d46a19dac5acfef5265968c166106e31dd3"
+checksum = "1b8e56985ec62d17e9c1001dc89c88ecd7dc08e47eba5ec7c29c7b5eeecde967"

 [[package]]
 name = "block-buffer"
@@ -871,7 +871,6 @@ dependencies = [
 "anyhow",
 "clap",
 "codex-protocol",
- "mcp-types",
 "paste",
 "pretty_assertions",
 "schemars 0.8.22",
@@ -892,7 +891,7 @@ dependencies = [
 "pretty_assertions",
 "similar",
 "tempfile",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tree-sitter",
 "tree-sitter-bash",
 ]
@@ -951,7 +950,7 @@ dependencies = [
 "clap",
 "codex-common",
 "codex-core",
- "codex-git",
+ "codex-git-apply",
 "serde",
 "serde_json",
 "tempfile",
@@ -984,7 +983,6 @@ dependencies = [
 "codex-rmcp-client",
 "codex-stdio-to-uds",
 "codex-tui",
- "codex-windows-sandbox",
 "ctor 0.5.0",
 "owo-colors",
 "predicates",
@@ -993,7 +991,6 @@ dependencies = [
 "supports-color",
 "tempfile",
 "tokio",
- "toml",
 ]

 [[package]]
@@ -1030,11 +1027,11 @@ dependencies = [
 "async-trait",
 "chrono",
 "codex-backend-client",
- "codex-git",
+ "codex-git-apply",
 "diffy",
 "serde",
 "serde_json",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 ]

 [[package]]
@@ -1066,7 +1063,7 @@ dependencies = [
 "codex-apply-patch",
 "codex-async-utils",
 "codex-file-search",
- "codex-git",
+ "codex-git-tooling",
 "codex-keyring-store",
 "codex-otel",
 "codex-protocol",
@@ -1075,7 +1072,6 @@ dependencies = [
 "codex-utils-readiness",
 "codex-utils-string",
 "codex-utils-tokenizer",
- "codex-windows-sandbox",
 "core-foundation 0.9.4",
 "core_test_support",
 "dirs",
@@ -1086,7 +1082,7 @@ dependencies = [
 "futures",
 "http",
 "image",
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 "keyring",
 "landlock",
 "libc",
@@ -1110,7 +1106,7 @@ dependencies = [
 "strum_macros 0.27.2",
 "tempfile",
 "test-log",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "time",
 "tokio",
 "tokio-test",
@@ -1206,17 +1202,24 @@ dependencies = [
 ]

 [[package]]
-name = "codex-git"
+name = "codex-git-apply"
+version = "0.0.0"
+dependencies = [
+ "once_cell",
+ "regex",
+ "tempfile",
+]
+
+[[package]]
+name = "codex-git-tooling"
 version = "0.0.0"
 dependencies = [
 "assert_matches",
- "once_cell",
 "pretty_assertions",
- "regex",
 "schemars 0.8.22",
 "serde",
 "tempfile",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "ts-rs",
 "walkdir",
 ]
@@ -1343,11 +1346,10 @@ version = "0.0.0"
 dependencies = [
 "anyhow",
 "base64",
- "codex-git",
+ "codex-git-tooling",
 "codex-utils-image",
 "icu_decimal",
 "icu_locale_core",
- "icu_provider",
 "mcp-types",
 "mime_guess",
 "schemars 0.8.22",
@@ -1471,7 +1473,6 @@ dependencies = [
 "regex-lite",
 "serde",
 "serde_json",
- "serial_test",
 "shlex",
 "strum 0.27.2",
 "strum_macros 0.27.2",
@@ -1509,7 +1510,7 @@ dependencies = [
 "codex-utils-cache",
 "image",
 "tempfile",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tokio",
 ]

@@ -1537,7 +1538,7 @@ version = "0.0.0"
 dependencies = [
 "assert_matches",
 "async-trait",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "time",
 "tokio",
 ]
@@ -1552,22 +1553,10 @@ version = "0.0.0"
 dependencies = [
 "anyhow",
 "pretty_assertions",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tiktoken-rs",
 ]

-[[package]]
-name = "codex-windows-sandbox"
-version = "0.1.0"
-dependencies = [
- "anyhow",
- "dirs-next",
- "rand 0.8.5",
- "serde",
- "serde_json",
- "windows-sys 0.52.0",
-]
-
 [[package]]
 name = "color-eyre"
 version = "0.6.5"
@@ -1753,9 +1742,10 @@ checksum = "d0a5c400df2834b80a4c3327b3aad3a4c4cd4de0629063962b03235697506a28"
 [[package]]
 name = "crossterm"
 version = "0.28.1"
-source = "git+https://github.com/nornagon/crossterm?branch=nornagon%2Fcolor-query#87db8bfa6dc99427fd3b071681b07fc31c6ce995"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "829d955a0bb380ef178a640b91779e3987da38c9aea133b20614cfed8cdea9c6"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "crossterm_winapi",
 "futures-core",
 "mio",
@@ -2099,7 +2089,7 @@ version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "89a09f22a6c6069a18470eb92d2298acf25463f14256d24778e1230d789a2aec"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "objc2",
 ]

@@ -2724,7 +2714,7 @@ dependencies = [
 "futures-core",
 "futures-sink",
 "http",
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 "slab",
 "tokio",
 "tokio-util",
@@ -2768,12 +2758,6 @@ dependencies = [
 "foldhash",
 ]

-[[package]]
-name = "hashbrown"
-version = "0.16.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5419bdc4f6a9207fbeba6d11b604d481addf78ecd10c11ad51e76c2f6482748d"
-
 [[package]]
 name = "heck"
 version = "0.5.0"
@@ -3007,9 +2991,9 @@ dependencies = [

 [[package]]
 name = "icu_collections"
-version = "2.1.1"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4c6b649701667bbe825c3b7e6388cb521c23d88644678e83c0c4d0a621a34b43"
+checksum = "200072f5d0e3614556f94a9930d5dc3e0662a652823904c3a75dc3b0af7fee47"
 dependencies = [
 "displaydoc",
 "potential_utf",
@@ -3020,31 +3004,34 @@ dependencies = [

 [[package]]
 name = "icu_decimal"
-version = "2.1.1"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a38c52231bc348f9b982c1868a2af3195199623007ba2c7650f432038f5b3e8e"
+checksum = "fec61c43fdc4e368a9f450272833123a8ef0d7083a44597660ce94d791b8a2e2"
 dependencies = [
+ "displaydoc",
 "fixed_decimal",
 "icu_decimal_data",
 "icu_locale",
 "icu_locale_core",
 "icu_provider",
+ "tinystr",
 "writeable",
 "zerovec",
 ]

 [[package]]
 name = "icu_decimal_data"
-version = "2.1.1"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2905b4044eab2dd848fe84199f9195567b63ab3a93094711501363f63546fef7"
+checksum = "b70963bc35f9bdf1bc66a5c1f458f4991c1dc71760e00fa06016b2c76b2738d5"

 [[package]]
 name = "icu_locale"
-version = "2.1.1"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "532b11722e350ab6bf916ba6eb0efe3ee54b932666afec989465f9243fe6dd60"
+checksum = "6ae5921528335e91da1b6c695dbf1ec37df5ac13faa3f91e5640be93aa2fbefd"
 dependencies = [
+ "displaydoc",
 "icu_collections",
 "icu_locale_core",
 "icu_locale_data",
@@ -3056,13 +3043,12 @@ dependencies = [

 [[package]]
 name = "icu_locale_core"
-version = "2.1.1"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "edba7861004dd3714265b4db54a3c390e880ab658fec5f7db895fae2046b5bb6"
+checksum = "0cde2700ccaed3872079a65fb1a78f6c0a36c91570f28755dda67bc8f7d9f00a"
 dependencies = [
 "displaydoc",
 "litemap",
- "serde",
 "tinystr",
 "writeable",
 "zerovec",
@@ -3070,16 +3056,17 @@ dependencies = [

 [[package]]
 name = "icu_locale_data"
-version = "2.1.1"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f03e2fcaefecdf05619f3d6f91740e79ab969b4dd54f77cbf546b1d0d28e3147"
+checksum = "4fdef0c124749d06a743c69e938350816554eb63ac979166590e2b4ee4252765"

 [[package]]
 name = "icu_normalizer"
-version = "2.1.1"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5f6c8828b67bf8908d82127b2054ea1b4427ff0230ee9141c54251934ab1b599"
+checksum = "436880e8e18df4d7bbc06d58432329d6458cc84531f7ac5f024e93deadb37979"
 dependencies = [
+ "displaydoc",
 "icu_collections",
 "icu_normalizer_data",
 "icu_properties",
@@ -3090,40 +3077,42 @@ dependencies = [

 [[package]]
 name = "icu_normalizer_data"
-version = "2.1.1"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7aedcccd01fc5fe81e6b489c15b247b8b0690feb23304303a9e560f37efc560a"
+checksum = "00210d6893afc98edb752b664b8890f0ef174c8adbb8d0be9710fa66fbbf72d3"

 [[package]]
 name = "icu_properties"
-version = "2.1.1"
+version = "2.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e93fcd3157766c0c8da2f8cff6ce651a31f0810eaa1c51ec363ef790bbb5fb99"
+checksum = "016c619c1eeb94efb86809b015c58f479963de65bdb6253345c1a1276f22e32b"
 dependencies = [
+ "displaydoc",
 "icu_collections",
 "icu_locale_core",
 "icu_properties_data",
 "icu_provider",
+ "potential_utf",
 "zerotrie",
 "zerovec",
 ]

 [[package]]
 name = "icu_properties_data"
-version = "2.1.1"
+version = "2.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "02845b3647bb045f1100ecd6480ff52f34c35f82d9880e029d329c21d1054899"
+checksum = "298459143998310acd25ffe6810ed544932242d3f07083eee1084d83a71bd632"

 [[package]]
 name = "icu_provider"
-version = "2.1.1"
+version = "2.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "85962cf0ce02e1e0a629cc34e7ca3e373ce20dda4c4d7294bbd0bf1fdb59e614"
+checksum = "03c80da27b5f4187909049ee2d72f276f0d9f99a42c306bd0131ecfe04d8e5af"
 dependencies = [
 "displaydoc",
 "icu_locale_core",
- "serde",
 "stable_deref_trait",
+ "tinystr",
 "writeable",
 "yoke",
 "zerofrom",
@@ -3209,14 +3198,13 @@ dependencies = [

 [[package]]
 name = "indexmap"
-version = "2.12.0"
+version = "2.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6717a8d2a5a929a1a2eb43a12812498ed141a0bcfb7e8f7844fbdbe4303bba9f"
+checksum = "fe4cd85333e22411419a0bcae1297d25e58c9443848b11dc6a86fefe8c78a661"
 dependencies = [
 "equivalent",
- "hashbrown 0.16.0",
+ "hashbrown 0.15.4",
 "serde",
- "serde_core",
 ]

 [[package]]
@@ -3231,7 +3219,7 @@ version = "0.11.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f37dccff2791ab604f9babef0ba14fbe0be30bd368dc541e2b08d07c8aa908f3"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "inotify-sys",
 "libc",
 ]
@@ -3294,7 +3282,7 @@ version = "0.7.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d93587f37623a1a17d94ef2bc9ada592f5465fe7732084ab7beefabe5c77c0c4"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "cfg-if",
 "libc",
 ]
@@ -3504,7 +3492,7 @@ checksum = "b3d2ef408b88e913bfc6594f5e693d57676f6463ded7d8bf994175364320c706"
 dependencies = [
 "enumflags2",
 "libc",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 ]

 [[package]]
@@ -3540,7 +3528,7 @@ version = "0.1.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4488594b9328dee448adb906d8b126d9b7deb7cf5c22161ee591610bb1be83c0"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "libc",
 ]

@@ -3550,7 +3538,7 @@ version = "0.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "761e49ec5fd8a5a463f9b84e877c373d888935b71c6be78f3767fe2ae6bed18e"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "libc",
 ]

@@ -3818,7 +3806,7 @@ version = "0.28.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ab2156c4fce2f8df6c499cc1c763e4394b7482525bf2a9701c9d79d215f519e4"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "cfg-if",
 "cfg_aliases 0.1.1",
 "libc",
@@ -3830,7 +3818,7 @@ version = "0.29.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "71e2746dc3a24dd78b3cfcb7be93368c6de9963d30f43a6a73998a9cf4b17b46"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "cfg-if",
 "cfg_aliases 0.2.1",
 "libc",
@@ -3843,7 +3831,7 @@ version = "0.30.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "74523f3a35e05aba87a1d978330aef40f67b0304ac79c1c00b294c9830543db6"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "cfg-if",
 "cfg_aliases 0.2.1",
 "libc",
@@ -3871,7 +3859,7 @@ version = "8.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4d3d07927151ff8575b7087f245456e549fea62edf0ec4e565a5ee50c8402bc3"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "fsevent-sys",
 "inotify",
 "kqueue",
@@ -4041,7 +4029,7 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e6f29f568bec459b0ddff777cec4fe3fd8666d82d5a40ebd0ff7e66134f89bcc"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "objc2",
 "objc2-core-graphics",
 "objc2-foundation",
@@ -4053,7 +4041,7 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1c10c2894a6fed806ade6027bcd50662746363a9589d3ec9d9bef30a4e4bc166"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "dispatch2",
 "objc2",
 ]
@@ -4064,7 +4052,7 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "989c6c68c13021b5c2d6b71456ebb0f9dc78d752e86a98da7c716f4f9470f5a4"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "dispatch2",
 "objc2",
 "objc2-core-foundation",
@@ -4083,7 +4071,7 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "900831247d2fe1a09a683278e5384cfb8c80c79fe6b166f9d14bfdde0ea1b03c"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "objc2",
 "objc2-core-foundation",
 ]
@@ -4094,7 +4082,7 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7282e9ac92529fa3457ce90ebb15f4ecbc383e8338060960760fa2cf75420c3c"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "objc2",
 "objc2-core-foundation",
 ]
@@ -4126,7 +4114,7 @@ version = "0.10.73"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8505734d46c8ab1e19a1dce3aef597ad87dcb4c37e7188231769bd6bd51cebf8"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "cfg-if",
 "foreign-types",
 "libc",
@@ -4184,7 +4172,7 @@ dependencies = [
 "futures-sink",
 "js-sys",
 "pin-project-lite",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tracing",
 ]

@@ -4227,7 +4215,7 @@ dependencies = [
 "prost",
 "reqwest",
 "serde_json",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tokio",
 "tonic",
 "tracing",
@@ -4267,7 +4255,7 @@ dependencies = [
 "percent-encoding",
 "rand 0.9.2",
 "serde_json",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tokio",
 "tokio-stream",
 ]
@@ -4378,7 +4366,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b4c5cc86750666a3ed20bdaf5ca2a0344f9c67674cae0515bec2da16fbaa47db"
 dependencies = [
 "fixedbitset",
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 ]

 [[package]]
@@ -4446,7 +4434,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3af6b589e163c5a788fab00ce0c0366f6efbb9959c2f9874b224936af7fce7e1"
 dependencies = [
 "base64",
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 "quick-xml",
 "serde",
 "time",
@@ -4458,7 +4446,7 @@ version = "0.18.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "97baced388464909d42d89643fe4361939af9b7ce7a31ee32a168f832a70f2a0"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "crc32fast",
 "fdeflate",
 "flate2",
@@ -4517,12 +4505,11 @@ dependencies = [

 [[package]]
 name = "potential_utf"
-version = "0.1.4"
+version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b73949432f5e2a09657003c25bca5e19a0e9c84f8058ca374f49e0ebe605af77"
+checksum = "e5a7c30837279ca13e7c867e9e40053bc68740f988cb07f7ca6df43cc734b585"
 dependencies = [
- "serde_core",
- "writeable",
+ "serde",
 "zerovec",
 ]

@@ -4612,7 +4599,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a3ef4f2f0422f23a82ec9f628ea2acd12871c81a9362b02c43c1aa86acfc3ba1"
 dependencies = [
 "futures",
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 "nix 0.30.1",
 "tokio",
 "tracing",
@@ -4648,7 +4635,7 @@ version = "0.10.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "76979bea66e7875e7509c4ec5300112b316af87fa7a252ca91c448b32dfe3993"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "getopts",
 "memchr",
 "pulldown-cmark-escape",
@@ -4699,7 +4686,7 @@ dependencies = [
 "rustc-hash 2.1.1",
 "rustls",
 "socket2 0.6.0",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tokio",
 "tracing",
 "web-time",
@@ -4720,7 +4707,7 @@ dependencies = [
 "rustls",
 "rustls-pki-types",
 "slab",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tinyvec",
 "tracing",
 "web-time",
@@ -4829,7 +4816,7 @@ name = "ratatui"
 version = "0.29.0"
 source = "git+https://github.com/nornagon/ratatui?branch=nornagon-v0.29.0-patch#9b2ad1298408c45918ee9f8241a6f95498cdbed2"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "cassowary",
 "compact_str",
 "crossterm",
@@ -4859,7 +4846,7 @@ version = "0.5.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7e8af0dde094006011e6a740d4879319439489813bd0bcdc7d821beaeeff48ec"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 ]

 [[package]]
@@ -4881,7 +4868,7 @@ checksum = "dd6f9d3d47bdd2ad6945c5015a226ec6155d0bcdfd8f7cd29f86b71f8de99d2b"
 dependencies = [
 "getrandom 0.2.16",
 "libredox",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 ]

 [[package]]
@@ -5010,9 +4997,9 @@ dependencies = [

 [[package]]
 name = "rmcp"
-version = "0.8.4"
+version = "0.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a2c66318b30535ccd0d3b39afaa4240d6b5a35328fb7672a28e3386c97472805"
+checksum = "1fdad1258f7259fdc0f2dfc266939c82c3b5d1fd72bcde274d600cdc27e60243"
 dependencies = [
 "base64",
 "bytes",
@@ -5032,7 +5019,7 @@ dependencies = [
 "serde",
 "serde_json",
 "sse-stream",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tokio",
 "tokio-stream",
 "tokio-util",
@@ -5044,9 +5031,9 @@ dependencies = [

 [[package]]
 name = "rmcp-macros"
-version = "0.8.4"
+version = "0.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "49a19193e0d69bb1c96324b1b4daec078d4c8e76d734e53404c107437858a4d2"
+checksum = "ede0589a208cc7ce81d1be68aa7e74b917fcd03c81528408bab0457e187dcd9b"
 dependencies = [
 "darling 0.21.3",
 "proc-macro2",
@@ -5088,7 +5075,7 @@ version = "0.38.44"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "fdb5bc1ae2baa591800df16c9ca78619bf65c0488b41b96ccec5d11220d8c154"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "errno",
 "libc",
 "linux-raw-sys 0.4.15",
@@ -5101,7 +5088,7 @@ version = "1.0.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "11181fbabf243db407ef8df94a6ce0b2f9a733bd8be4ad02b4eda9602296cac8"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "errno",
 "libc",
 "linux-raw-sys 0.9.4",
@@ -5167,7 +5154,7 @@ version = "14.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7803e8936da37efd9b6d4478277f4b2b9bb5cdb37a113e8d63222e58da647e63"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "cfg-if",
 "clipboard-win",
 "fd-lock",
@@ -5366,7 +5353,7 @@ version = "2.11.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "core-foundation 0.9.4",
 "core-foundation-sys",
 "libc",
@@ -5379,7 +5366,7 @@ version = "3.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b3297343eaf830f66ede390ea39da1d462b6b0c1b000f420d0a83f898bbbe6ef"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "core-foundation 0.10.1",
 "core-foundation-sys",
 "libc",
@@ -5557,7 +5544,7 @@ version = "1.0.145"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "402a6f66d8c709116cf22f558eab210f5a50187f702eb4d7e5ef38d9a7f1c79c"
 dependencies = [
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 "itoa",
 "memchr",
 "ryu",
@@ -5618,7 +5605,7 @@ dependencies = [
 "chrono",
 "hex",
 "indexmap 1.9.3",
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 "schemars 0.9.0",
 "schemars 1.0.4",
 "serde",
@@ -5687,12 +5674,6 @@ dependencies = [
 "digest",
 ]

-[[package]]
-name = "sha1_smol"
-version = "1.0.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bbfa15b3dddfee50a0fff136974b3e1bde555604ba463834a7eb7deb6417705d"
-
 [[package]]
 name = "sha2"
 version = "0.10.9"
@@ -6084,7 +6065,7 @@ version = "0.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3c879d448e9d986b661742763247d3693ed13609438cf3d006f51f5368a5ba6b"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "core-foundation 0.9.4",
 "system-configuration-sys",
 ]
@@ -6201,11 +6182,11 @@ dependencies = [

 [[package]]
 name = "thiserror"
-version = "2.0.17"
+version = "2.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f63587ca0f12b72a0600bcba1d40081f830876000bb46dd2337a3051618f4fc8"
+checksum = "3467d614147380f2e4e374161426ff399c91084acd2363eaf549172b3d5e60c0"
 dependencies = [
- "thiserror-impl 2.0.17",
+ "thiserror-impl 2.0.16",
 ]

 [[package]]
@@ -6221,9 +6202,9 @@ dependencies = [

 [[package]]
 name = "thiserror-impl"
-version = "2.0.17"
+version = "2.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3ff15c8ecd7de3849db632e14d18d2571fa09dfc5ed93479bc4485c7a517c913"
+checksum = "6c5e1be1c48b9172ee610da68fd9cd2770e7a4056cb3fc98710ee6906f0c7960"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -6442,7 +6423,7 @@ version = "0.9.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "75129e1dc5000bfbaa9fee9d1b21f974f9fbad9daec557a521ee6e080825f6e8"
 dependencies = [
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 "serde",
 "serde_spanned",
 "toml_datetime",
@@ -6466,7 +6447,7 @@ version = "0.23.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7211ff1b8f0d3adae1663b7da9ffe396eabe1ca25f0b0bee42b0da29a9ddce93"
 dependencies = [
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 "toml_datetime",
 "toml_parser",
 "toml_writer",
@@ -6525,7 +6506,7 @@ checksum = "d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9"
 dependencies = [
 "futures-core",
 "futures-util",
- "indexmap 2.12.0",
+ "indexmap 2.10.0",
 "pin-project-lite",
 "slab",
 "sync_wrapper",
@@ -6542,7 +6523,7 @@ version = "0.6.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "adc82fd73de2a9722ac5da747f12383d2bfdb93591ee6c58486e0097890f05f2"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 "bytes",
 "futures-util",
 "http",
@@ -6703,7 +6684,7 @@ checksum = "adc5f880ad8d8f94e88cb81c3557024cf1a8b75e3b504c50481ed4f5a6006ff3"
 dependencies = [
 "regex",
 "streaming-iterator",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "tree-sitter",
 ]

@@ -6726,7 +6707,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6ef1b7a6d914a34127ed8e1fa927eb7088903787bcded4fa3eef8f85ee1568be"
 dependencies = [
 "serde_json",
- "thiserror 2.0.17",
+ "thiserror 2.0.16",
 "ts-rs-macros",
 "uuid",
 ]
@@ -6880,7 +6861,6 @@ dependencies = [
 "getrandom 0.3.3",
 "js-sys",
 "serde",
- "sha1_smol",
 "wasm-bindgen",
 ]

@@ -7618,14 +7598,14 @@ version = "0.39.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1"
 dependencies = [
- "bitflags 2.10.0",
+ "bitflags 2.9.1",
 ]

 [[package]]
 name = "writeable"
-version = "0.6.2"
+version = "0.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9edde0db4769d2dc68579893f2306b26c6ecfbe0ef499b013d731b7b9247e0b9"
+checksum = "ea2f10b9bb0928dfb1b42b65e1f9e36f7f54dbdf08457afefb38afcdec4fa2bb"

 [[package]]
 name = "x11rb"
@@ -7820,11 +7800,10 @@ dependencies = [

 [[package]]
 name = "zerovec"
-version = "0.11.5"
+version = "0.11.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6c28719294829477f525be0186d13efa9a3c602f7ec202ca9e353d310fb9a002"
+checksum = "4a05eb080e015ba39cc9e23bbe5e7fb04d5fb040350f99f34e338d5fdd294428"
 dependencies = [
- "serde",
 "yoke",
 "zerofrom",
 "zerovec-derive",
--- a/codex-rs/Cargo.toml
+++ b/codex-rs/Cargo.toml
@@ -18,6 +18,7 @@ members = [
    "execpolicy",
    "keyring-store",
    "file-search",
+    "git-tooling",
    "linux-sandbox",
    "login",
    "mcp-server",
@@ -31,7 +32,7 @@ members = [
    "stdio-to-uds",
    "otel",
    "tui",
-    "utils/git",
+    "git-apply",
    "utils/cache",
    "utils/image",
    "utils/json-to-toml",
@@ -43,7 +44,7 @@ members = [
 resolver = "2"

 [workspace.package]
-version = "0.56.0-alpha.1"
+version = "0.0.0"
 # Track the edition for all workspace crates in one place. Individual
 # crates can still override this value, but keeping it here means new
 # crates created with `cargo new -w ...` automatically inherit the 2024
@@ -66,7 +67,7 @@ codex-core = { path = "core" }
 codex-exec = { path = "exec" }
 codex-feedback = { path = "feedback" }
 codex-file-search = { path = "file-search" }
-codex-git = { path = "utils/git" }
+codex-git-tooling = { path = "git-tooling" }
 codex-keyring-store = { path = "keyring-store" }
 codex-linux-sandbox = { path = "linux-sandbox" }
 codex-login = { path = "login" }
@@ -87,7 +88,6 @@ codex-utils-pty = { path = "utils/pty" }
 codex-utils-readiness = { path = "utils/readiness" }
 codex-utils-string = { path = "utils/string" }
 codex-utils-tokenizer = { path = "utils/tokenizer" }
-codex-windows-sandbox = { path = "windows-sandbox" }
 core_test_support = { path = "core/tests/common" }
 mcp-types = { path = "mcp-types" }
 mcp_test_support = { path = "mcp-server/tests/common" }
@@ -123,12 +123,11 @@ escargot = "0.5"
 eventsource-stream = "0.2.3"
 futures = { version = "0.3", default-features = false }
 http = "1.3.1"
-icu_decimal = "2.1"
-icu_provider = { version = "2.1", features = ["sync"] }
-icu_locale_core = "2.1"
+icu_decimal = "2.0.0"
+icu_locale_core = "2.0.0"
 ignore = "0.4.23"
 image = { version = "^0.25.8", default-features = false }
-indexmap = "2.12.0"
+indexmap = "2.6.0"
 insta = "1.43.2"
 itertools = "0.14.0"
 keyring = "3.6"
@@ -162,7 +161,7 @@ ratatui = "0.29.0"
 ratatui-macros = "0.6.0"
 regex-lite = "0.1.7"
 reqwest = "0.12"
-rmcp = { version = "0.8.4", default-features = false }
+rmcp = { version = "0.8.3", default-features = false }
 schemars = "0.8.22"
 seccompiler = "0.5.0"
 sentry = "0.34.0"
@@ -182,7 +181,7 @@ sys-locale = "0.3.2"
 tempfile = "3.23.0"
 test-log = "0.2.18"
 textwrap = "0.16.2"
-thiserror = "2.0.17"
+thiserror = "2.0.16"
 time = "0.3"
 tiny_http = "0.12"
 tokio = "1"
@@ -211,7 +210,6 @@ walkdir = "2.5.0"
 webbrowser = "1.0"
 which = "6"
 wildmatch = "2.5.0"
-
 wiremock = "0.6"
 zeroize = "1.8.1"

@@ -256,12 +254,7 @@ unwrap_used = "deny"
 # cargo-shear cannot see the platform-specific openssl-sys usage, so we
 # silence the false positive here instead of deleting a real dependency.
 [workspace.metadata.cargo-shear]
-ignored = [
-    "icu_provider",
-    "openssl-sys",
-    "codex-utils-readiness",
-    "codex-utils-tokenizer",
-]
+ignored = ["openssl-sys", "codex-utils-readiness", "codex-utils-tokenizer"]

 [profile.release]
 lto = "fat"
@@ -281,7 +274,6 @@ opt-level = 0
 # Uncomment to debug local changes.
 # ratatui = { path = "../../ratatui" }
 ratatui = { git = "https://github.com/nornagon/ratatui", branch = "nornagon-v0.29.0-patch" }
-crossterm = { git = "https://github.com/nornagon/crossterm", branch = "nornagon/color-query" }

 # Uncomment to debug local changes.
 # rmcp = { path = "../../rust-sdk/crates/rmcp" }
--- a/codex-rs/README.md
+++ b/codex-rs/README.md
@@ -63,9 +63,6 @@ codex sandbox macos [--full-auto] [COMMAND]...
 # Linux
 codex sandbox linux [--full-auto] [COMMAND]...

-# Windows
-codex sandbox windows [--full-auto] [COMMAND]...
-
 # Legacy aliases
 codex debug seatbelt [--full-auto] [COMMAND]...
 codex debug landlock [--full-auto] [COMMAND]...
--- a/codex-rs/app-server-protocol/Cargo.toml
+++ b/codex-rs/app-server-protocol/Cargo.toml
@@ -14,7 +14,6 @@ workspace = true
 anyhow = { workspace = true }
 clap = { workspace = true, features = ["derive"] }
 codex-protocol = { workspace = true }
-mcp-types = { workspace = true }
 paste = { workspace = true }
 schemars = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
--- a/codex-rs/app-server-protocol/src/export.rs
+++ b/codex-rs/app-server-protocol/src/export.rs
@@ -2,28 +2,20 @@ use crate::ClientNotification;
 use crate::ClientRequest;
 use crate::ServerNotification;
 use crate::ServerRequest;
-use crate::export_client_notification_schemas;
-use crate::export_client_param_schemas;
 use crate::export_client_response_schemas;
 use crate::export_client_responses;
-use crate::export_server_notification_schemas;
-use crate::export_server_param_schemas;
 use crate::export_server_response_schemas;
 use crate::export_server_responses;
 use anyhow::Context;
 use anyhow::Result;
 use anyhow::anyhow;
-use codex_protocol::parse_command::ParsedCommand;
-use codex_protocol::protocol::EventMsg;
-use codex_protocol::protocol::FileChange;
-use codex_protocol::protocol::SandboxPolicy;
 use schemars::JsonSchema;
+use schemars::schema::RootSchema;
 use schemars::schema_for;
 use serde::Serialize;
 use serde_json::Map;
 use serde_json::Value;
-use std::collections::HashMap;
-use std::collections::HashSet;
+use std::collections::BTreeMap;
 use std::ffi::OsStr;
 use std::fs;
 use std::io::Read;
@@ -35,29 +27,83 @@ use ts_rs::TS;

 const HEADER: &str = "// GENERATED CODE! DO NOT MODIFY BY HAND!\n\n";

-#[derive(Clone)]
-pub struct GeneratedSchema {
-    namespace: Option<String>,
-    logical_name: String,
-    value: Value,
-    in_v1_dir: bool,
+macro_rules! for_each_schema_type {
+    ($macro:ident) => {
+        $macro!(crate::RequestId);
+        $macro!(crate::JSONRPCMessage);
+        $macro!(crate::JSONRPCRequest);
+        $macro!(crate::JSONRPCNotification);
+        $macro!(crate::JSONRPCResponse);
+        $macro!(crate::JSONRPCError);
+        $macro!(crate::JSONRPCErrorError);
+        $macro!(crate::AddConversationListenerParams);
+        $macro!(crate::AddConversationSubscriptionResponse);
+        $macro!(crate::ApplyPatchApprovalParams);
+        $macro!(crate::ApplyPatchApprovalResponse);
+        $macro!(crate::ArchiveConversationParams);
+        $macro!(crate::ArchiveConversationResponse);
+        $macro!(crate::AuthMode);
+        $macro!(crate::AuthStatusChangeNotification);
+        $macro!(crate::CancelLoginChatGptParams);
+        $macro!(crate::CancelLoginChatGptResponse);
+        $macro!(crate::ClientInfo);
+        $macro!(crate::ClientNotification);
+        $macro!(crate::ClientRequest);
+        $macro!(crate::ConversationSummary);
+        $macro!(crate::ExecCommandApprovalParams);
+        $macro!(crate::ExecCommandApprovalResponse);
+        $macro!(crate::ExecOneOffCommandParams);
+        $macro!(crate::ExecOneOffCommandResponse);
+        $macro!(crate::FuzzyFileSearchParams);
+        $macro!(crate::FuzzyFileSearchResponse);
+        $macro!(crate::FuzzyFileSearchResult);
+        $macro!(crate::GetAuthStatusParams);
+        $macro!(crate::GetAuthStatusResponse);
+        $macro!(crate::GetUserAgentResponse);
+        $macro!(crate::GetUserSavedConfigResponse);
+        $macro!(crate::GitDiffToRemoteParams);
+        $macro!(crate::GitDiffToRemoteResponse);
+        $macro!(crate::GitSha);
+        $macro!(crate::InitializeParams);
+        $macro!(crate::InitializeResponse);
+        $macro!(crate::InputItem);
+        $macro!(crate::InterruptConversationParams);
+        $macro!(crate::InterruptConversationResponse);
+        $macro!(crate::ListConversationsParams);
+        $macro!(crate::ListConversationsResponse);
+        $macro!(crate::LoginApiKeyParams);
+        $macro!(crate::LoginApiKeyResponse);
+        $macro!(crate::LoginChatGptCompleteNotification);
+        $macro!(crate::LoginChatGptResponse);
+        $macro!(crate::LogoutChatGptParams);
+        $macro!(crate::LogoutChatGptResponse);
+        $macro!(crate::NewConversationParams);
+        $macro!(crate::NewConversationResponse);
+        $macro!(crate::Profile);
+        $macro!(crate::RemoveConversationListenerParams);
+        $macro!(crate::RemoveConversationSubscriptionResponse);
+        $macro!(crate::ResumeConversationParams);
+        $macro!(crate::ResumeConversationResponse);
+        $macro!(crate::SandboxSettings);
+        $macro!(crate::SendUserMessageParams);
+        $macro!(crate::SendUserMessageResponse);
+        $macro!(crate::SendUserTurnParams);
+        $macro!(crate::SendUserTurnResponse);
+        $macro!(crate::ServerNotification);
+        $macro!(crate::ServerRequest);
+        $macro!(crate::SessionConfiguredNotification);
+        $macro!(crate::SetDefaultModelParams);
+        $macro!(crate::SetDefaultModelResponse);
+        $macro!(crate::Tools);
+        $macro!(crate::UserInfoResponse);
+        $macro!(crate::UserSavedConfig);
+        $macro!(codex_protocol::protocol::EventMsg);
+        $macro!(codex_protocol::protocol::FileChange);
+        $macro!(codex_protocol::parse_command::ParsedCommand);
+        $macro!(codex_protocol::protocol::SandboxPolicy);
+    };
 }

-impl GeneratedSchema {
-    fn namespace(&self) -> Option<&str> {
-        self.namespace.as_deref()
-    }
-
-    fn logical_name(&self) -> &str {
-        &self.logical_name
-    }
-
-    fn value(&self) -> &Value {
-        &self.value
-    }
-}
-
-type JsonSchemaEmitter = fn(&Path) -> Result<GeneratedSchema>;
 pub fn generate_types(out_dir: &Path, prettier: Option<&Path>) -> Result<()> {
    generate_ts(out_dir, prettier)?;
    generate_json(out_dir)?;
@@ -65,9 +111,7 @@ pub fn generate_types(out_dir: &Path, prettier: Option<&Path>) -> Result<()> {
 }

 pub fn generate_ts(out_dir: &Path, prettier: Option<&Path>) -> Result<()> {
-    let v2_out_dir = out_dir.join("v2");
    ensure_dir(out_dir)?;
-    ensure_dir(&v2_out_dir)?;

    ClientRequest::export_all_to(out_dir)?;
    export_client_responses(out_dir)?;
@@ -78,15 +122,12 @@ pub fn generate_ts(out_dir: &Path, prettier: Option<&Path>) -> Result<()> {
    ServerNotification::export_all_to(out_dir)?;

    generate_index_ts(out_dir)?;
-    generate_index_ts(&v2_out_dir)?;

-    // Ensure our header is present on all TS files (root + subdirs like v2/).
-    let ts_files = ts_files_in_recursive(out_dir)?;
+    let ts_files = ts_files_in(out_dir)?;
    for file in &ts_files {
        prepend_header_if_missing(file)?;
    }

-    // Optionally run Prettier on all generated TS files.
    if let Some(prettier_bin) = prettier
        && !ts_files.is_empty()
    {
@@ -105,47 +146,23 @@ pub fn generate_ts(out_dir: &Path, prettier: Option<&Path>) -> Result<()> {

 pub fn generate_json(out_dir: &Path) -> Result<()> {
    ensure_dir(out_dir)?;
-    let envelope_emitters: &[JsonSchemaEmitter] = &[
-        |d| write_json_schema_with_return::<crate::RequestId>(d, "RequestId"),
-        |d| write_json_schema_with_return::<crate::JSONRPCMessage>(d, "JSONRPCMessage"),
-        |d| write_json_schema_with_return::<crate::JSONRPCRequest>(d, "JSONRPCRequest"),
-        |d| write_json_schema_with_return::<crate::JSONRPCNotification>(d, "JSONRPCNotification"),
-        |d| write_json_schema_with_return::<crate::JSONRPCResponse>(d, "JSONRPCResponse"),
-        |d| write_json_schema_with_return::<crate::JSONRPCError>(d, "JSONRPCError"),
-        |d| write_json_schema_with_return::<crate::JSONRPCErrorError>(d, "JSONRPCErrorError"),
-        |d| write_json_schema_with_return::<crate::ClientRequest>(d, "ClientRequest"),
-        |d| write_json_schema_with_return::<crate::ServerRequest>(d, "ServerRequest"),
-        |d| write_json_schema_with_return::<crate::ClientNotification>(d, "ClientNotification"),
-        |d| write_json_schema_with_return::<crate::ServerNotification>(d, "ServerNotification"),
-        |d| write_json_schema_with_return::<EventMsg>(d, "EventMsg"),
-        |d| write_json_schema_with_return::<FileChange>(d, "FileChange"),
-        |d| write_json_schema_with_return::<crate::protocol::v1::InputItem>(d, "InputItem"),
-        |d| write_json_schema_with_return::<ParsedCommand>(d, "ParsedCommand"),
-        |d| write_json_schema_with_return::<SandboxPolicy>(d, "SandboxPolicy"),
-    ];
+    let mut bundle: BTreeMap<String, RootSchema> = BTreeMap::new();

-    let mut schemas: Vec<GeneratedSchema> = Vec::new();
-    for emit in envelope_emitters {
-        schemas.push(emit(out_dir)?);
+    macro_rules! add_schema {
+        ($ty:path) => {{
+            let name = type_basename(stringify!($ty));
+            let schema = write_json_schema_with_return::<$ty>(out_dir, &name)?;
+            bundle.insert(name, schema);
+        }};
    }

-    schemas.extend(export_client_param_schemas(out_dir)?);
-    schemas.extend(export_client_response_schemas(out_dir)?);
-    schemas.extend(export_server_param_schemas(out_dir)?);
-    schemas.extend(export_server_response_schemas(out_dir)?);
-    schemas.extend(export_client_notification_schemas(out_dir)?);
-    schemas.extend(export_server_notification_schemas(out_dir)?);
+    for_each_schema_type!(add_schema);

-    let bundle = build_schema_bundle(schemas)?;
-    write_pretty_json(
-        out_dir.join("codex_app_server_protocol.schemas.json"),
-        &bundle,
-    )?;
+    export_client_response_schemas(out_dir)?;
+    export_server_response_schemas(out_dir)?;

-    Ok(())
-}
+    let mut definitions = Map::new();

-fn build_schema_bundle(schemas: Vec<GeneratedSchema>) -> Result<Value> {
    const SPECIAL_DEFINITIONS: &[&str] = &[
        "ClientNotification",
        "ClientRequest",
@@ -158,62 +175,30 @@ fn build_schema_bundle(schemas: Vec<GeneratedSchema>) -> Result<Value> {
        "ServerRequest",
    ];

-    let namespaced_types = collect_namespaced_types(&schemas);
-    let mut definitions = Map::new();
-
-    for schema in schemas {
-        let GeneratedSchema {
-            namespace,
-            logical_name,
-            mut value,
-            in_v1_dir,
-        } = schema;
-
-        if let Some(ref ns) = namespace {
-            rewrite_refs_to_namespace(&mut value, ns);
-        }
-
-        let mut forced_namespace_refs: Vec<(String, String)> = Vec::new();
-        if let Value::Object(ref mut obj) = value
-            && let Some(defs) = obj.remove("definitions")
-            && let Value::Object(defs_obj) = defs
-        {
-            for (def_name, mut def_schema) in defs_obj {
-                if SPECIAL_DEFINITIONS.contains(&def_name.as_str()) {
-                    continue;
-                }
-                annotate_schema(&mut def_schema, Some(def_name.as_str()));
-                let target_namespace = match namespace {
-                    Some(ref ns) => Some(ns.clone()),
-                    None => namespace_for_definition(&def_name, &namespaced_types)
-                        .cloned()
-                        .filter(|_| !in_v1_dir),
-                };
-                if let Some(ref ns) = target_namespace {
-                    if namespace.as_deref() == Some(ns.as_str()) {
-                        rewrite_refs_to_namespace(&mut def_schema, ns);
-                        insert_into_namespace(&mut definitions, ns, def_name.clone(), def_schema)?;
-                    } else if !forced_namespace_refs
-                        .iter()
-                        .any(|(name, existing_ns)| name == &def_name && existing_ns == ns)
-                    {
-                        forced_namespace_refs.push((def_name.clone(), ns.clone()));
+    for (name, schema) in bundle {
+        let mut schema_value = serde_json::to_value(schema)?;
+        if let Value::Object(ref mut obj) = schema_value {
+            if let Some(defs) = obj.remove("definitions")
+                && let Value::Object(defs_obj) = defs
+            {
+                for (def_name, def_schema) in defs_obj {
+                    if !SPECIAL_DEFINITIONS.contains(&def_name.as_str()) {
+                        definitions.insert(def_name, def_schema);
+                    }
+                }
+            }
+
+            if let Some(Value::Array(one_of)) = obj.get_mut("oneOf") {
+                for variant in one_of.iter_mut() {
+                    if let Some(variant_name) = variant_definition_name(&name, variant)
+                        && let Value::Object(variant_obj) = variant
+                    {
+                        variant_obj.insert("title".into(), Value::String(variant_name));
                    }
-                } else {
-                    definitions.insert(def_name, def_schema);
                }
            }
        }
-
-        for (name, ns) in forced_namespace_refs {
-            rewrite_named_ref_to_namespace(&mut value, &ns, &name);
-        }
-
-        if let Some(ref ns) = namespace {
-            insert_into_namespace(&mut definitions, ns, logical_name.clone(), value)?;
-        } else {
-            definitions.insert(logical_name, value);
-        }
+        definitions.insert(name, schema_value);
    }

    let mut root = Map::new();
@@ -228,66 +213,30 @@ fn build_schema_bundle(schemas: Vec<GeneratedSchema>) -> Result<Value> {
    root.insert("type".to_string(), Value::String("object".into()));
    root.insert("definitions".to_string(), Value::Object(definitions));

-    Ok(Value::Object(root))
+    write_pretty_json(
+        out_dir.join("codex_app_server_protocol.schemas.json"),
+        &Value::Object(root),
+    )?;
+
+    Ok(())
 }

-fn insert_into_namespace(
-    definitions: &mut Map<String, Value>,
-    namespace: &str,
-    name: String,
-    schema: Value,
-) -> Result<()> {
-    let entry = definitions
-        .entry(namespace.to_string())
-        .or_insert_with(|| Value::Object(Map::new()));
-    match entry {
-        Value::Object(map) => {
-            map.insert(name, schema);
-            Ok(())
-        }
-        _ => Err(anyhow!("expected namespace {namespace} to be an object")),
-    }
-}
-
-fn write_json_schema_with_return<T>(out_dir: &Path, name: &str) -> Result<GeneratedSchema>
+fn write_json_schema_with_return<T>(out_dir: &Path, name: &str) -> Result<RootSchema>
 where
    T: JsonSchema,
 {
    let file_stem = name.trim();
    let schema = schema_for!(T);
-    let mut schema_value = serde_json::to_value(schema)?;
-    annotate_schema(&mut schema_value, Some(file_stem));
-    // If the name looks like a namespaced path (e.g., "v2::Type"), mirror
-    // the TypeScript layout and write to out_dir/v2/Type.json. Otherwise
-    // write alongside the legacy files.
-    let (raw_namespace, logical_name) = split_namespace(file_stem);
-    let out_path = if let Some(ns) = raw_namespace {
-        let dir = out_dir.join(ns);
-        ensure_dir(&dir)?;
-        dir.join(format!("{logical_name}.json"))
-    } else {
-        out_dir.join(format!("{file_stem}.json"))
-    };
-
-    write_pretty_json(out_path, &schema_value)
+    write_pretty_json(out_dir.join(format!("{file_stem}.json")), &schema)
        .with_context(|| format!("Failed to write JSON schema for {file_stem}"))?;
-    let namespace = match raw_namespace {
-        Some("v1") | None => None,
-        Some(ns) => Some(ns.to_string()),
-    };
-    Ok(GeneratedSchema {
-        in_v1_dir: raw_namespace == Some("v1"),
-        namespace,
-        logical_name: logical_name.to_string(),
-        value: schema_value,
-    })
+    Ok(schema)
 }

-pub(crate) fn write_json_schema<T>(out_dir: &Path, name: &str) -> Result<GeneratedSchema>
+pub(crate) fn write_json_schema<T>(out_dir: &Path, name: &str) -> Result<()>
 where
    T: JsonSchema,
 {
-    write_json_schema_with_return::<T>(out_dir, name)
+    write_json_schema_with_return::<T>(out_dir, name).map(|_| ())
 }

 fn write_pretty_json(path: PathBuf, value: &impl Serialize) -> Result<()> {
@@ -296,73 +245,13 @@ fn write_pretty_json(path: PathBuf, value: &impl Serialize) -> Result<()> {
    fs::write(&path, json).with_context(|| format!("Failed to write {}", path.display()))?;
    Ok(())
 }
-
-/// Split a fully-qualified type name like "v2::Type" into its namespace and logical name.
-fn split_namespace(name: &str) -> (Option<&str>, &str) {
-    name.split_once("::")
-        .map_or((None, name), |(ns, rest)| (Some(ns), rest))
-}
-
-/// Recursively rewrite $ref values that point at "#/definitions/..." so that
-/// they point to a namespaced location under the bundle.
-fn rewrite_refs_to_namespace(value: &mut Value, ns: &str) {
-    match value {
-        Value::Object(obj) => {
-            if let Some(Value::String(r)) = obj.get_mut("$ref")
-                && let Some(suffix) = r.strip_prefix("#/definitions/")
-            {
-                let prefix = format!("{ns}/");
-                if !suffix.starts_with(&prefix) {
-                    *r = format!("#/definitions/{ns}/{suffix}");
-                }
-            }
-            for v in obj.values_mut() {
-                rewrite_refs_to_namespace(v, ns);
-            }
-        }
-        Value::Array(items) => {
-            for v in items.iter_mut() {
-                rewrite_refs_to_namespace(v, ns);
-            }
-        }
-        _ => {}
-    }
-}
-
-fn collect_namespaced_types(schemas: &[GeneratedSchema]) -> HashMap<String, String> {
-    let mut types = HashMap::new();
-    for schema in schemas {
-        if let Some(ns) = schema.namespace() {
-            types
-                .entry(schema.logical_name().to_string())
-                .or_insert_with(|| ns.to_string());
-            if let Some(Value::Object(defs)) = schema.value().get("definitions") {
-                for key in defs.keys() {
-                    types.entry(key.clone()).or_insert_with(|| ns.to_string());
-                }
-            }
-            if let Some(Value::Object(defs)) = schema.value().get("$defs") {
-                for key in defs.keys() {
-                    types.entry(key.clone()).or_insert_with(|| ns.to_string());
-                }
-            }
-        }
-    }
-    types
-}
-
-fn namespace_for_definition<'a>(
-    name: &str,
-    types: &'a HashMap<String, String>,
-) -> Option<&'a String> {
-    if let Some(ns) = types.get(name) {
-        return Some(ns);
-    }
-    let trimmed = name.trim_end_matches(|c: char| c.is_ascii_digit());
-    if trimmed != name {
-        return types.get(trimmed);
-    }
-    None
+fn type_basename(type_path: &str) -> String {
+    type_path
+        .rsplit_once("::")
+        .map(|(_, name)| name)
+        .unwrap_or(type_path)
+        .trim()
+        .to_string()
 }

 fn variant_definition_name(base: &str, variant: &Value) -> Option<String> {
@@ -412,147 +301,11 @@ fn variant_definition_name(base: &str, variant: &Value) -> Option<String> {
 }

 fn literal_from_property<'a>(props: &'a Map<String, Value>, key: &str) -> Option<&'a str> {
-    props.get(key).and_then(string_literal)
-}
-
-fn string_literal(value: &Value) -> Option<&str> {
-    value.get("const").and_then(Value::as_str).or_else(|| {
-        value
-            .get("enum")
-            .and_then(Value::as_array)
-            .and_then(|arr| arr.first())
-            .and_then(Value::as_str)
-    })
-}
-
-fn annotate_schema(value: &mut Value, base: Option<&str>) {
-    match value {
-        Value::Object(map) => annotate_object(map, base),
-        Value::Array(items) => {
-            for item in items {
-                annotate_schema(item, base);
-            }
-        }
-        _ => {}
-    }
-}
-
-fn annotate_object(map: &mut Map<String, Value>, base: Option<&str>) {
-    let owner = map.get("title").and_then(Value::as_str).map(str::to_owned);
-    if let Some(owner) = owner.as_deref()
-        && let Some(Value::Object(props)) = map.get_mut("properties")
-    {
-        set_discriminator_titles(props, owner);
-    }
-
-    if let Some(Value::Array(variants)) = map.get_mut("oneOf") {
-        annotate_variant_list(variants, base);
-    }
-    if let Some(Value::Array(variants)) = map.get_mut("anyOf") {
-        annotate_variant_list(variants, base);
-    }
-
-    if let Some(Value::Object(defs)) = map.get_mut("definitions") {
-        for (name, schema) in defs.iter_mut() {
-            annotate_schema(schema, Some(name.as_str()));
-        }
-    }
-
-    if let Some(Value::Object(defs)) = map.get_mut("$defs") {
-        for (name, schema) in defs.iter_mut() {
-            annotate_schema(schema, Some(name.as_str()));
-        }
-    }
-
-    if let Some(Value::Object(props)) = map.get_mut("properties") {
-        for value in props.values_mut() {
-            annotate_schema(value, base);
-        }
-    }
-
-    if let Some(items) = map.get_mut("items") {
-        annotate_schema(items, base);
-    }
-
-    if let Some(additional) = map.get_mut("additionalProperties") {
-        annotate_schema(additional, base);
-    }
-
-    for (key, child) in map.iter_mut() {
-        match key.as_str() {
-            "oneOf"
-            | "anyOf"
-            | "definitions"
-            | "$defs"
-            | "properties"
-            | "items"
-            | "additionalProperties" => {}
-            _ => annotate_schema(child, base),
-        }
-    }
-}
-
-fn annotate_variant_list(variants: &mut [Value], base: Option<&str>) {
-    let mut seen = HashSet::new();
-
-    for variant in variants.iter() {
-        if let Some(name) = variant_title(variant) {
-            seen.insert(name.to_owned());
-        }
-    }
-
-    for variant in variants.iter_mut() {
-        let mut variant_name = variant_title(variant).map(str::to_owned);
-
-        if variant_name.is_none()
-            && let Some(base_name) = base
-            && let Some(name) = variant_definition_name(base_name, variant)
-        {
-            let mut candidate = name.clone();
-            let mut index = 2;
-            while seen.contains(&candidate) {
-                candidate = format!("{name}{index}");
-                index += 1;
-            }
-            if let Some(obj) = variant.as_object_mut() {
-                obj.insert("title".into(), Value::String(candidate.clone()));
-            }
-            seen.insert(candidate.clone());
-            variant_name = Some(candidate);
-        }
-
-        if let Some(name) = variant_name.as_deref()
-            && let Some(obj) = variant.as_object_mut()
-            && let Some(Value::Object(props)) = obj.get_mut("properties")
-        {
-            set_discriminator_titles(props, name);
-        }
-
-        annotate_schema(variant, base);
-    }
-}
-
-const DISCRIMINATOR_KEYS: &[&str] = &["type", "method", "mode", "status", "role", "reason"];
-
-fn set_discriminator_titles(props: &mut Map<String, Value>, owner: &str) {
-    for key in DISCRIMINATOR_KEYS {
-        if let Some(prop_schema) = props.get_mut(*key)
-            && string_literal(prop_schema).is_some()
-            && let Value::Object(prop_obj) = prop_schema
-        {
-            if prop_obj.contains_key("title") {
-                continue;
-            }
-            let suffix = to_pascal_case(key);
-            prop_obj.insert("title".into(), Value::String(format!("{owner}{suffix}")));
-        }
-    }
-}
-
-fn variant_title(value: &Value) -> Option<&str> {
-    value
-        .as_object()
-        .and_then(|obj| obj.get("title"))
+    props
+        .get(key)
+        .and_then(|value| value.get("enum"))
+        .and_then(Value::as_array)
+        .and_then(|arr| arr.first())
        .and_then(Value::as_str)
 }

@@ -582,33 +335,6 @@ fn ensure_dir(dir: &Path) -> Result<()> {
        .with_context(|| format!("Failed to create output directory {}", dir.display()))
 }

-fn rewrite_named_ref_to_namespace(value: &mut Value, ns: &str, name: &str) {
-    let direct = format!("#/definitions/{name}");
-    let prefixed = format!("{direct}/");
-    let replacement = format!("#/definitions/{ns}/{name}");
-    let replacement_prefixed = format!("{replacement}/");
-    match value {
-        Value::Object(obj) => {
-            if let Some(Value::String(reference)) = obj.get_mut("$ref") {
-                if reference == &direct {
-                    *reference = replacement;
-                } else if let Some(rest) = reference.strip_prefix(&prefixed) {
-                    *reference = format!("{replacement_prefixed}{rest}");
-                }
-            }
-            for child in obj.values_mut() {
-                rewrite_named_ref_to_namespace(child, ns, name);
-            }
-        }
-        Value::Array(items) => {
-            for child in items {
-                rewrite_named_ref_to_namespace(child, ns, name);
-            }
-        }
-        _ => {}
-    }
-}
-
 fn prepend_header_if_missing(path: &Path) -> Result<()> {
    let mut content = String::new();
    {
@@ -646,26 +372,6 @@ fn ts_files_in(dir: &Path) -> Result<Vec<PathBuf>> {
    Ok(files)
 }

-fn ts_files_in_recursive(dir: &Path) -> Result<Vec<PathBuf>> {
-    let mut files = Vec::new();
-    let mut stack = vec![dir.to_path_buf()];
-    while let Some(d) = stack.pop() {
-        for entry in
-            fs::read_dir(&d).with_context(|| format!("Failed to read dir {}", d.display()))?
-        {
-            let entry = entry?;
-            let path = entry.path();
-            if path.is_dir() {
-                stack.push(path);
-            } else if path.is_file() && path.extension() == Some(OsStr::new("ts")) {
-                files.push(path);
-            }
-        }
-    }
-    files.sort();
-    Ok(files)
-}
-
 fn generate_index_ts(out_dir: &Path) -> Result<PathBuf> {
    let mut entries: Vec<String> = Vec::new();
    let mut stems: Vec<String> = ts_files_in(out_dir)?
@@ -682,14 +388,6 @@ fn generate_index_ts(out_dir: &Path) -> Result<PathBuf> {
        entries.push(format!("export type {{ {name} }} from \"./{name}\";\n"));
    }

-    // If this is the root out_dir and a ./v2 folder exists with TS files,
-    // expose it as a namespace to avoid symbol collisions at the root.
-    let v2_dir = out_dir.join("v2");
-    let has_v2_ts = ts_files_in(&v2_dir).map(|v| !v.is_empty()).unwrap_or(false);
-    if has_v2_ts {
-        entries.push("export * as v2 from \"./v2\";\n".to_string());
-    }
-
    let mut content =
        String::with_capacity(HEADER.len() + entries.iter().map(String::len).sum::<usize>());
    content.push_str(HEADER);
@@ -704,205 +402,3 @@ fn generate_index_ts(out_dir: &Path) -> Result<PathBuf> {
        .with_context(|| format!("Failed to write {}", index_path.display()))?;
    Ok(index_path)
 }
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use anyhow::Result;
-    use std::collections::BTreeSet;
-    use std::fs;
-    use std::path::PathBuf;
-    use uuid::Uuid;
-
-    #[test]
-    fn generated_ts_has_no_optional_nullable_fields() -> Result<()> {
-        // Assert that there are no types of the form "?: T | null" in the generated TS files.
-        let output_dir = std::env::temp_dir().join(format!("codex_ts_types_{}", Uuid::now_v7()));
-        fs::create_dir(&output_dir)?;
-
-        struct TempDirGuard(PathBuf);
-
-        impl Drop for TempDirGuard {
-            fn drop(&mut self) {
-                let _ = fs::remove_dir_all(&self.0);
-            }
-        }
-
-        let _guard = TempDirGuard(output_dir.clone());
-
-        generate_ts(&output_dir, None)?;
-
-        let mut undefined_offenders = Vec::new();
-        let mut optional_nullable_offenders = BTreeSet::new();
-        let mut stack = vec![output_dir];
-        while let Some(dir) = stack.pop() {
-            for entry in fs::read_dir(&dir)? {
-                let entry = entry?;
-                let path = entry.path();
-                if path.is_dir() {
-                    stack.push(path);
-                    continue;
-                }
-
-                if matches!(path.extension().and_then(|ext| ext.to_str()), Some("ts")) {
-                    let contents = fs::read_to_string(&path)?;
-                    if contents.contains("| undefined") {
-                        undefined_offenders.push(path.clone());
-                    }
-
-                    const SKIP_PREFIXES: &[&str] = &[
-                        "const ",
-                        "let ",
-                        "var ",
-                        "export const ",
-                        "export let ",
-                        "export var ",
-                    ];
-
-                    let mut search_start = 0;
-                    while let Some(idx) = contents[search_start..].find("| null") {
-                        let abs_idx = search_start + idx;
-                        // Find the property-colon for this field by scanning forward
-                        // from the start of the segment and ignoring nested braces,
-                        // brackets, and parens. This avoids colons inside nested
-                        // type literals like `{ [k in string]?: string }`.
-
-                        let line_start_idx =
-                            contents[..abs_idx].rfind('\n').map(|i| i + 1).unwrap_or(0);
-
-                        let mut segment_start_idx = line_start_idx;
-                        if let Some(rel_idx) = contents[line_start_idx..abs_idx].rfind(',') {
-                            segment_start_idx = segment_start_idx.max(line_start_idx + rel_idx + 1);
-                        }
-                        if let Some(rel_idx) = contents[line_start_idx..abs_idx].rfind('{') {
-                            segment_start_idx = segment_start_idx.max(line_start_idx + rel_idx + 1);
-                        }
-                        if let Some(rel_idx) = contents[line_start_idx..abs_idx].rfind('}') {
-                            segment_start_idx = segment_start_idx.max(line_start_idx + rel_idx + 1);
-                        }
-
-                        // Scan forward for the colon that separates the field name from its type.
-                        let mut level_brace = 0_i32;
-                        let mut level_brack = 0_i32;
-                        let mut level_paren = 0_i32;
-                        let mut in_single = false;
-                        let mut in_double = false;
-                        let mut escape = false;
-                        let mut prop_colon_idx = None;
-                        for (i, ch) in contents[segment_start_idx..abs_idx].char_indices() {
-                            let idx_abs = segment_start_idx + i;
-                            if escape {
-                                escape = false;
-                                continue;
-                            }
-                            match ch {
-                                '\\' => {
-                                    // Only treat as escape when inside a string.
-                                    if in_single || in_double {
-                                        escape = true;
-                                    }
-                                }
-                                '\'' => {
-                                    if !in_double {
-                                        in_single = !in_single;
-                                    }
-                                }
-                                '"' => {
-                                    if !in_single {
-                                        in_double = !in_double;
-                                    }
-                                }
-                                '{' if !in_single && !in_double => level_brace += 1,
-                                '}' if !in_single && !in_double => level_brace -= 1,
-                                '[' if !in_single && !in_double => level_brack += 1,
-                                ']' if !in_single && !in_double => level_brack -= 1,
-                                '(' if !in_single && !in_double => level_paren += 1,
-                                ')' if !in_single && !in_double => level_paren -= 1,
-                                ':' if !in_single
-                                    && !in_double
-                                    && level_brace == 0
-                                    && level_brack == 0
-                                    && level_paren == 0 =>
-                                {
-                                    prop_colon_idx = Some(idx_abs);
-                                    break;
-                                }
-                                _ => {}
-                            }
-                        }
-
-                        let Some(colon_idx) = prop_colon_idx else {
-                            search_start = abs_idx + 5;
-                            continue;
-                        };
-
-                        let mut field_prefix = contents[segment_start_idx..colon_idx].trim();
-                        if field_prefix.is_empty() {
-                            search_start = abs_idx + 5;
-                            continue;
-                        }
-
-                        if let Some(comment_idx) = field_prefix.rfind("*/") {
-                            field_prefix = field_prefix[comment_idx + 2..].trim_start();
-                        }
-
-                        if field_prefix.is_empty() {
-                            search_start = abs_idx + 5;
-                            continue;
-                        }
-
-                        if SKIP_PREFIXES
-                            .iter()
-                            .any(|prefix| field_prefix.starts_with(prefix))
-                        {
-                            search_start = abs_idx + 5;
-                            continue;
-                        }
-
-                        if field_prefix.contains('(') {
-                            search_start = abs_idx + 5;
-                            continue;
-                        }
-
-                        // If the last non-whitespace before ':' is '?', then this is an
-                        // optional field with a nullable type (i.e., "?: T | null"),
-                        // which we explicitly disallow.
-                        if field_prefix.chars().rev().find(|c| !c.is_whitespace()) == Some('?') {
-                            let line_number =
-                                contents[..abs_idx].chars().filter(|c| *c == '\n').count() + 1;
-                            let offending_line_end = contents[line_start_idx..]
-                                .find('\n')
-                                .map(|i| line_start_idx + i)
-                                .unwrap_or(contents.len());
-                            let offending_snippet =
-                                contents[line_start_idx..offending_line_end].trim();
-
-                            optional_nullable_offenders.insert(format!(
-                                "{}:{}: {offending_snippet}",
-                                path.display(),
-                                line_number
-                            ));
-                        }
-
-                        search_start = abs_idx + 5;
-                    }
-                }
-            }
-        }
-
-        assert!(
-            undefined_offenders.is_empty(),
-            "Generated TypeScript still includes unions with `undefined` in {undefined_offenders:?}"
-        );
-
-        // If this assertion fails, it means a field was generated as
-        // "?: T | null" — i.e., both optional (undefined) and nullable (null).
-        // We only want either "?: T" or ": T | null".
-        assert!(
-            optional_nullable_offenders.is_empty(),
-            "Generated TypeScript has optional fields with nullable types (disallowed '?: T | null'), add #[ts(optional)] to fix:\n{optional_nullable_offenders:?}"
-        );
-
-        Ok(())
-    }
-}
--- a/codex-rs/app-server-protocol/src/jsonrpc_lite.rs
+++ b/codex-rs/app-server-protocol/src/jsonrpc_lite.rs
@@ -34,7 +34,6 @@ pub struct JSONRPCRequest {
    pub id: RequestId,
    pub method: String,
    #[serde(default, skip_serializing_if = "Option::is_none")]
-    #[ts(optional)]
    pub params: Option<serde_json::Value>,
 }

@@ -43,7 +42,6 @@ pub struct JSONRPCRequest {
 pub struct JSONRPCNotification {
    pub method: String,
    #[serde(default, skip_serializing_if = "Option::is_none")]
-    #[ts(optional)]
    pub params: Option<serde_json::Value>,
 }

@@ -65,7 +63,6 @@ pub struct JSONRPCError {
 pub struct JSONRPCErrorError {
    pub code: i64,
    #[serde(default, skip_serializing_if = "Option::is_none")]
-    #[ts(optional)]
    pub data: Option<serde_json::Value>,
    pub message: String,
 }
--- a/codex-rs/app-server-protocol/src/lib.rs
+++ b/codex-rs/app-server-protocol/src/lib.rs
@@ -6,6 +6,4 @@ pub use export::generate_json;
 pub use export::generate_ts;
 pub use export::generate_types;
 pub use jsonrpc_lite::*;
-pub use protocol::common::*;
-pub use protocol::v1::*;
-pub use protocol::v2::*;
+pub use protocol::*;
--- a/codex-rs/app-server-protocol/src/protocol.rs
+++ b/codex-rs/app-server-protocol/src/protocol.rs
--- a/codex-rs/app-server-protocol/src/protocol/common.rs
+++ b/codex-rs/app-server-protocol/src/protocol/common.rs
@@ -1,761 +0,0 @@
-use std::collections::HashMap;
-use std::path::PathBuf;
-
-use crate::JSONRPCNotification;
-use crate::JSONRPCRequest;
-use crate::RequestId;
-use crate::export::GeneratedSchema;
-use crate::export::write_json_schema;
-use crate::protocol::v1;
-use crate::protocol::v2;
-use codex_protocol::ConversationId;
-use codex_protocol::parse_command::ParsedCommand;
-use codex_protocol::protocol::FileChange;
-use codex_protocol::protocol::ReviewDecision;
-use codex_protocol::protocol::SandboxCommandAssessment;
-use paste::paste;
-use schemars::JsonSchema;
-use serde::Deserialize;
-use serde::Serialize;
-use strum_macros::Display;
-use ts_rs::TS;
-
-#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema, TS)]
-#[ts(type = "string")]
-pub struct GitSha(pub String);
-
-impl GitSha {
-    pub fn new(sha: &str) -> Self {
-        Self(sha.to_string())
-    }
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, Display, JsonSchema, TS)]
-#[serde(rename_all = "lowercase")]
-pub enum AuthMode {
-    ApiKey,
-    ChatGPT,
-}
-
-/// Generates an `enum ClientRequest` where each variant is a request that the
-/// client can send to the server. Each variant has associated `params` and
-/// `response` types. Also generates a `export_client_responses()` function to
-/// export all response types to TypeScript.
-macro_rules! client_request_definitions {
-    (
-        $(
-            $(#[$variant_meta:meta])*
-            $variant:ident {
-                params: $(#[$params_meta:meta])* $params:ty,
-                response: $response:ty,
-            }
-        ),* $(,)?
-    ) => {
-        /// Request from the client to the server.
-        #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-        #[serde(tag = "method", rename_all = "camelCase")]
-        pub enum ClientRequest {
-            $(
-                $(#[$variant_meta])*
-                $variant {
-                    #[serde(rename = "id")]
-                    request_id: RequestId,
-                    $(#[$params_meta])*
-                    params: $params,
-                },
-            )*
-        }
-
-        pub fn export_client_responses(
-            out_dir: &::std::path::Path,
-        ) -> ::std::result::Result<(), ::ts_rs::ExportError> {
-            $(
-                <$response as ::ts_rs::TS>::export_all_to(out_dir)?;
-            )*
-            Ok(())
-        }
-
-        #[allow(clippy::vec_init_then_push)]
-        pub fn export_client_response_schemas(
-            out_dir: &::std::path::Path,
-        ) -> ::anyhow::Result<Vec<GeneratedSchema>> {
-            let mut schemas = Vec::new();
-            $(
-                schemas.push(write_json_schema::<$response>(out_dir, stringify!($response))?);
-            )*
-            Ok(schemas)
-        }
-
-        #[allow(clippy::vec_init_then_push)]
-        pub fn export_client_param_schemas(
-            out_dir: &::std::path::Path,
-        ) -> ::anyhow::Result<Vec<GeneratedSchema>> {
-            let mut schemas = Vec::new();
-            $(
-                schemas.push(write_json_schema::<$params>(out_dir, stringify!($params))?);
-            )*
-            Ok(schemas)
-        }
-    };
-}
-
-client_request_definitions! {
-    /// NEW APIs
-    #[serde(rename = "model/list")]
-    #[ts(rename = "model/list")]
-    ListModels {
-        params: v2::ListModelsParams,
-        response: v2::ListModelsResponse,
-    },
-
-    #[serde(rename = "account/login")]
-    #[ts(rename = "account/login")]
-    LoginAccount {
-        params: v2::LoginAccountParams,
-        response: v2::LoginAccountResponse,
-    },
-
-    #[serde(rename = "account/logout")]
-    #[ts(rename = "account/logout")]
-    LogoutAccount {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: v2::LogoutAccountResponse,
-    },
-
-    #[serde(rename = "account/rateLimits/read")]
-    #[ts(rename = "account/rateLimits/read")]
-    GetAccountRateLimits {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: v2::GetAccountRateLimitsResponse,
-    },
-
-    #[serde(rename = "feedback/upload")]
-    #[ts(rename = "feedback/upload")]
-    UploadFeedback {
-        params: v2::UploadFeedbackParams,
-        response: v2::UploadFeedbackResponse,
-    },
-
-    #[serde(rename = "account/read")]
-    #[ts(rename = "account/read")]
-    GetAccount {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: v2::GetAccountResponse,
-    },
-
-    /// DEPRECATED APIs below
-    Initialize {
-        params: v1::InitializeParams,
-        response: v1::InitializeResponse,
-    },
-    NewConversation {
-        params: v1::NewConversationParams,
-        response: v1::NewConversationResponse,
-    },
-    GetConversationSummary {
-        params: v1::GetConversationSummaryParams,
-        response: v1::GetConversationSummaryResponse,
-    },
-    /// List recorded Codex conversations (rollouts) with optional pagination and search.
-    ListConversations {
-        params: v1::ListConversationsParams,
-        response: v1::ListConversationsResponse,
-    },
-    /// Resume a recorded Codex conversation from a rollout file.
-    ResumeConversation {
-        params: v1::ResumeConversationParams,
-        response: v1::ResumeConversationResponse,
-    },
-    ArchiveConversation {
-        params: v1::ArchiveConversationParams,
-        response: v1::ArchiveConversationResponse,
-    },
-    SendUserMessage {
-        params: v1::SendUserMessageParams,
-        response: v1::SendUserMessageResponse,
-    },
-    SendUserTurn {
-        params: v1::SendUserTurnParams,
-        response: v1::SendUserTurnResponse,
-    },
-    InterruptConversation {
-        params: v1::InterruptConversationParams,
-        response: v1::InterruptConversationResponse,
-    },
-    AddConversationListener {
-        params: v1::AddConversationListenerParams,
-        response: v1::AddConversationSubscriptionResponse,
-    },
-    RemoveConversationListener {
-        params: v1::RemoveConversationListenerParams,
-        response: v1::RemoveConversationSubscriptionResponse,
-    },
-    GitDiffToRemote {
-        params: v1::GitDiffToRemoteParams,
-        response: v1::GitDiffToRemoteResponse,
-    },
-    LoginApiKey {
-        params: v1::LoginApiKeyParams,
-        response: v1::LoginApiKeyResponse,
-    },
-    LoginChatGpt {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: v1::LoginChatGptResponse,
-    },
-    CancelLoginChatGpt {
-        params: v1::CancelLoginChatGptParams,
-        response: v1::CancelLoginChatGptResponse,
-    },
-    LogoutChatGpt {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: v1::LogoutChatGptResponse,
-    },
-    GetAuthStatus {
-        params: v1::GetAuthStatusParams,
-        response: v1::GetAuthStatusResponse,
-    },
-    GetUserSavedConfig {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: v1::GetUserSavedConfigResponse,
-    },
-    SetDefaultModel {
-        params: v1::SetDefaultModelParams,
-        response: v1::SetDefaultModelResponse,
-    },
-    GetUserAgent {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: v1::GetUserAgentResponse,
-    },
-    UserInfo {
-        params: #[ts(type = "undefined")] #[serde(skip_serializing_if = "Option::is_none")] Option<()>,
-        response: v1::UserInfoResponse,
-    },
-    FuzzyFileSearch {
-        params: FuzzyFileSearchParams,
-        response: FuzzyFileSearchResponse,
-    },
-    /// Execute a command (argv vector) under the server's sandbox.
-    ExecOneOffCommand {
-        params: v1::ExecOneOffCommandParams,
-        response: v1::ExecOneOffCommandResponse,
-    },
-}
-
-/// Generates an `enum ServerRequest` where each variant is a request that the
-/// server can send to the client along with the corresponding params and
-/// response types. It also generates helper types used by the app/server
-/// infrastructure (payload enum, request constructor, and export helpers).
-macro_rules! server_request_definitions {
-    (
-        $(
-            $(#[$variant_meta:meta])*
-            $variant:ident
-        ),* $(,)?
-    ) => {
-        paste! {
-            /// Request initiated from the server and sent to the client.
-            #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-            #[serde(tag = "method", rename_all = "camelCase")]
-            pub enum ServerRequest {
-                $(
-                    $(#[$variant_meta])*
-                    $variant {
-                        #[serde(rename = "id")]
-                        request_id: RequestId,
-                        params: [<$variant Params>],
-                    },
-                )*
-            }
-
-            #[derive(Debug, Clone, PartialEq, JsonSchema)]
-            pub enum ServerRequestPayload {
-                $( $variant([<$variant Params>]), )*
-            }
-
-            impl ServerRequestPayload {
-                pub fn request_with_id(self, request_id: RequestId) -> ServerRequest {
-                    match self {
-                        $(Self::$variant(params) => ServerRequest::$variant { request_id, params },)*
-                    }
-                }
-            }
-        }
-
-        pub fn export_server_responses(
-            out_dir: &::std::path::Path,
-        ) -> ::std::result::Result<(), ::ts_rs::ExportError> {
-            paste! {
-                $(<[<$variant Response>] as ::ts_rs::TS>::export_all_to(out_dir)?;)*
-            }
-            Ok(())
-        }
-
-        #[allow(clippy::vec_init_then_push)]
-        pub fn export_server_response_schemas(
-            out_dir: &::std::path::Path,
-        ) -> ::anyhow::Result<Vec<GeneratedSchema>> {
-            let mut schemas = Vec::new();
-            paste! {
-                $(schemas.push(crate::export::write_json_schema::<[<$variant Response>]>(out_dir, stringify!([<$variant Response>]))?);)*
-            }
-            Ok(schemas)
-        }
-
-        #[allow(clippy::vec_init_then_push)]
-        pub fn export_server_param_schemas(
-            out_dir: &::std::path::Path,
-        ) -> ::anyhow::Result<Vec<GeneratedSchema>> {
-            let mut schemas = Vec::new();
-            paste! {
-                $(schemas.push(crate::export::write_json_schema::<[<$variant Params>]>(out_dir, stringify!([<$variant Params>]))?);)*
-            }
-            Ok(schemas)
-        }
-    };
-}
-
-/// Generates `ServerNotification` enum and helpers, including a JSON Schema
-/// exporter for each notification.
-macro_rules! server_notification_definitions {
-    (
-        $(
-            $(#[$variant_meta:meta])*
-            $variant:ident $(=> $wire:literal)? ( $payload:ty )
-        ),* $(,)?
-    ) => {
-        /// Notification sent from the server to the client.
-        #[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS, Display)]
-        #[serde(tag = "method", content = "params", rename_all = "camelCase")]
-        #[strum(serialize_all = "camelCase")]
-        pub enum ServerNotification {
-            $(
-                $(#[$variant_meta])*
-                $(#[serde(rename = $wire)] #[ts(rename = $wire)] #[strum(serialize = $wire)])?
-                $variant($payload),
-            )*
-        }
-
-        impl ServerNotification {
-            pub fn to_params(self) -> Result<serde_json::Value, serde_json::Error> {
-                match self {
-                    $(Self::$variant(params) => serde_json::to_value(params),)*
-                }
-            }
-        }
-
-        impl TryFrom<JSONRPCNotification> for ServerNotification {
-            type Error = serde_json::Error;
-
-            fn try_from(value: JSONRPCNotification) -> Result<Self, Self::Error> {
-                serde_json::from_value(serde_json::to_value(value)?)
-            }
-        }
-
-        #[allow(clippy::vec_init_then_push)]
-        pub fn export_server_notification_schemas(
-            out_dir: &::std::path::Path,
-        ) -> ::anyhow::Result<Vec<GeneratedSchema>> {
-            let mut schemas = Vec::new();
-            $(schemas.push(crate::export::write_json_schema::<$payload>(out_dir, stringify!($payload))?);)*
-            Ok(schemas)
-        }
-    };
-}
-/// Notifications sent from the client to the server.
-macro_rules! client_notification_definitions {
-    (
-        $(
-            $(#[$variant_meta:meta])*
-            $variant:ident $( ( $payload:ty ) )?
-        ),* $(,)?
-    ) => {
-        #[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS, Display)]
-        #[serde(tag = "method", content = "params", rename_all = "camelCase")]
-        #[strum(serialize_all = "camelCase")]
-        pub enum ClientNotification {
-            $(
-                $(#[$variant_meta])*
-                $variant $( ( $payload ) )?,
-            )*
-        }
-
-        pub fn export_client_notification_schemas(
-            _out_dir: &::std::path::Path,
-        ) -> ::anyhow::Result<Vec<GeneratedSchema>> {
-            let schemas = Vec::new();
-            $( $(schemas.push(crate::export::write_json_schema::<$payload>(_out_dir, stringify!($payload))?);)? )*
-            Ok(schemas)
-        }
-    };
-}
-
-impl TryFrom<JSONRPCRequest> for ServerRequest {
-    type Error = serde_json::Error;
-
-    fn try_from(value: JSONRPCRequest) -> Result<Self, Self::Error> {
-        serde_json::from_value(serde_json::to_value(value)?)
-    }
-}
-
-server_request_definitions! {
-    /// Request to approve a patch.
-    ApplyPatchApproval,
-    /// Request to exec a command.
-    ExecCommandApproval,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ApplyPatchApprovalParams {
-    pub conversation_id: ConversationId,
-    /// Use to correlate this with [codex_core::protocol::PatchApplyBeginEvent]
-    /// and [codex_core::protocol::PatchApplyEndEvent].
-    pub call_id: String,
-    pub file_changes: HashMap<PathBuf, FileChange>,
-    /// Optional explanatory reason (e.g. request for extra write access).
-    pub reason: Option<String>,
-    /// When set, the agent is asking the user to allow writes under this root
-    /// for the remainder of the session (unclear if this is honored today).
-    pub grant_root: Option<PathBuf>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ExecCommandApprovalParams {
-    pub conversation_id: ConversationId,
-    /// Use to correlate this with [codex_core::protocol::ExecCommandBeginEvent]
-    /// and [codex_core::protocol::ExecCommandEndEvent].
-    pub call_id: String,
-    pub command: Vec<String>,
-    pub cwd: PathBuf,
-    pub reason: Option<String>,
-    pub risk: Option<SandboxCommandAssessment>,
-    pub parsed_cmd: Vec<ParsedCommand>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-pub struct ExecCommandApprovalResponse {
-    pub decision: ReviewDecision,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-pub struct ApplyPatchApprovalResponse {
-    pub decision: ReviewDecision,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(rename_all = "camelCase")]
-pub struct FuzzyFileSearchParams {
-    pub query: String,
-    pub roots: Vec<String>,
-    // if provided, will cancel any previous request that used the same value
-    pub cancellation_token: Option<String>,
-}
-
-/// Superset of [`codex_file_search::FileMatch`]
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-pub struct FuzzyFileSearchResult {
-    pub root: String,
-    pub path: String,
-    pub file_name: String,
-    pub score: u32,
-    pub indices: Option<Vec<u32>>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-pub struct FuzzyFileSearchResponse {
-    pub files: Vec<FuzzyFileSearchResult>,
-}
-
-server_notification_definitions! {
-    /// NEW NOTIFICATIONS
-    ThreadStarted => "thread/started" (v2::ThreadStartedNotification),
-    TurnStarted => "turn/started" (v2::TurnStartedNotification),
-    TurnCompleted => "turn/completed" (v2::TurnCompletedNotification),
-    ItemStarted => "item/started" (v2::ItemStartedNotification),
-    ItemCompleted => "item/completed" (v2::ItemCompletedNotification),
-    AgentMessageDelta => "item/agentMessage/delta" (v2::AgentMessageDeltaNotification),
-    CommandExecutionOutputDelta => "item/commandExecution/outputDelta" (v2::CommandExecutionOutputDeltaNotification),
-    McpToolCallProgress => "item/mcpToolCall/progress" (v2::McpToolCallProgressNotification),
-    AccountUpdated => "account/updated" (v2::AccountUpdatedNotification),
-    AccountRateLimitsUpdated => "account/rateLimits/updated" (v2::AccountRateLimitsUpdatedNotification),
-
-    /// DEPRECATED NOTIFICATIONS below
-    AuthStatusChange(v1::AuthStatusChangeNotification),
-    LoginChatGptComplete(v1::LoginChatGptCompleteNotification),
-    SessionConfigured(v1::SessionConfiguredNotification),
-}
-
-client_notification_definitions! {
-    Initialized,
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use anyhow::Result;
-    use codex_protocol::account::PlanType;
-    use codex_protocol::protocol::AskForApproval;
-    use pretty_assertions::assert_eq;
-    use serde_json::json;
-
-    #[test]
-    fn serialize_new_conversation() -> Result<()> {
-        let request = ClientRequest::NewConversation {
-            request_id: RequestId::Integer(42),
-            params: v1::NewConversationParams {
-                model: Some("gpt-5-codex".to_string()),
-                model_provider: None,
-                profile: None,
-                cwd: None,
-                approval_policy: Some(AskForApproval::OnRequest),
-                sandbox: None,
-                config: None,
-                base_instructions: None,
-                developer_instructions: None,
-                compact_prompt: None,
-                include_apply_patch_tool: None,
-            },
-        };
-        assert_eq!(
-            json!({
-                "method": "newConversation",
-                "id": 42,
-                "params": {
-                    "model": "gpt-5-codex",
-                    "modelProvider": null,
-                    "profile": null,
-                    "cwd": null,
-                    "approvalPolicy": "on-request",
-                    "sandbox": null,
-                    "config": null,
-                    "baseInstructions": null,
-                    "includeApplyPatchTool": null
-                }
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn conversation_id_serializes_as_plain_string() -> Result<()> {
-        let id = ConversationId::from_string("67e55044-10b1-426f-9247-bb680e5fe0c8")?;
-
-        assert_eq!(
-            json!("67e55044-10b1-426f-9247-bb680e5fe0c8"),
-            serde_json::to_value(id)?
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn conversation_id_deserializes_from_plain_string() -> Result<()> {
-        let id: ConversationId =
-            serde_json::from_value(json!("67e55044-10b1-426f-9247-bb680e5fe0c8"))?;
-
-        assert_eq!(
-            ConversationId::from_string("67e55044-10b1-426f-9247-bb680e5fe0c8")?,
-            id,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_client_notification() -> Result<()> {
-        let notification = ClientNotification::Initialized;
-        // Note there is no "params" field for this notification.
-        assert_eq!(
-            json!({
-                "method": "initialized",
-            }),
-            serde_json::to_value(&notification)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_server_request() -> Result<()> {
-        let conversation_id = ConversationId::from_string("67e55044-10b1-426f-9247-bb680e5fe0c8")?;
-        let params = ExecCommandApprovalParams {
-            conversation_id,
-            call_id: "call-42".to_string(),
-            command: vec!["echo".to_string(), "hello".to_string()],
-            cwd: PathBuf::from("/tmp"),
-            reason: Some("because tests".to_string()),
-            risk: None,
-            parsed_cmd: vec![ParsedCommand::Unknown {
-                cmd: "echo hello".to_string(),
-            }],
-        };
-        let request = ServerRequest::ExecCommandApproval {
-            request_id: RequestId::Integer(7),
-            params: params.clone(),
-        };
-
-        assert_eq!(
-            json!({
-                "method": "execCommandApproval",
-                "id": 7,
-                "params": {
-                    "conversationId": "67e55044-10b1-426f-9247-bb680e5fe0c8",
-                    "callId": "call-42",
-                    "command": ["echo", "hello"],
-                    "cwd": "/tmp",
-                    "reason": "because tests",
-                    "risk": null,
-                    "parsedCmd": [
-                        {
-                            "type": "unknown",
-                            "cmd": "echo hello"
-                        }
-                    ]
-                }
-            }),
-            serde_json::to_value(&request)?,
-        );
-
-        let payload = ServerRequestPayload::ExecCommandApproval(params);
-        assert_eq!(payload.request_with_id(RequestId::Integer(7)), request);
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_get_account_rate_limits() -> Result<()> {
-        let request = ClientRequest::GetAccountRateLimits {
-            request_id: RequestId::Integer(1),
-            params: None,
-        };
-        assert_eq!(
-            json!({
-                "method": "account/rateLimits/read",
-                "id": 1,
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_account_login_api_key() -> Result<()> {
-        let request = ClientRequest::LoginAccount {
-            request_id: RequestId::Integer(2),
-            params: v2::LoginAccountParams::ApiKey {
-                api_key: "secret".to_string(),
-            },
-        };
-        assert_eq!(
-            json!({
-                "method": "account/login",
-                "id": 2,
-                "params": {
-                    "type": "apiKey",
-                    "apiKey": "secret"
-                }
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_account_login_chatgpt() -> Result<()> {
-        let request = ClientRequest::LoginAccount {
-            request_id: RequestId::Integer(3),
-            params: v2::LoginAccountParams::ChatGpt,
-        };
-        assert_eq!(
-            json!({
-                "method": "account/login",
-                "id": 3,
-                "params": {
-                    "type": "chatgpt"
-                }
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_account_logout() -> Result<()> {
-        let request = ClientRequest::LogoutAccount {
-            request_id: RequestId::Integer(4),
-            params: None,
-        };
-        assert_eq!(
-            json!({
-                "method": "account/logout",
-                "id": 4,
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_get_account() -> Result<()> {
-        let request = ClientRequest::GetAccount {
-            request_id: RequestId::Integer(5),
-            params: None,
-        };
-        assert_eq!(
-            json!({
-                "method": "account/read",
-                "id": 5,
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-
-    #[test]
-    fn account_serializes_fields_in_camel_case() -> Result<()> {
-        let api_key = v2::Account::ApiKey {
-            api_key: "secret".to_string(),
-        };
-        assert_eq!(
-            json!({
-                "type": "apiKey",
-                "apiKey": "secret",
-            }),
-            serde_json::to_value(&api_key)?,
-        );
-
-        let chatgpt = v2::Account::ChatGpt {
-            email: Some("user@example.com".to_string()),
-            plan_type: PlanType::Plus,
-        };
-        assert_eq!(
-            json!({
-                "type": "chatgpt",
-                "email": "user@example.com",
-                "planType": "plus",
-            }),
-            serde_json::to_value(&chatgpt)?,
-        );
-
-        Ok(())
-    }
-
-    #[test]
-    fn serialize_list_models() -> Result<()> {
-        let request = ClientRequest::ListModels {
-            request_id: RequestId::Integer(6),
-            params: v2::ListModelsParams::default(),
-        };
-        assert_eq!(
-            json!({
-                "method": "model/list",
-                "id": 6,
-                "params": {
-                    "pageSize": null,
-                    "cursor": null
-                }
-            }),
-            serde_json::to_value(&request)?,
-        );
-        Ok(())
-    }
-}
--- a/codex-rs/app-server-protocol/src/protocol/mod.rs
+++ b/codex-rs/app-server-protocol/src/protocol/mod.rs
@@ -1,6 +0,0 @@
-// Module declarations for the app-server protocol namespace.
-// Exposes protocol pieces used by `lib.rs` via `pub use protocol::common::*;`.
-
-pub mod common;
-pub mod v1;
-pub mod v2;
--- a/codex-rs/app-server-protocol/src/protocol/v1.rs
+++ b/codex-rs/app-server-protocol/src/protocol/v1.rs
@@ -1,406 +0,0 @@
-use std::collections::HashMap;
-use std::path::PathBuf;
-
-use codex_protocol::ConversationId;
-use codex_protocol::config_types::ForcedLoginMethod;
-use codex_protocol::config_types::ReasoningEffort;
-use codex_protocol::config_types::ReasoningSummary;
-use codex_protocol::config_types::SandboxMode;
-use codex_protocol::config_types::Verbosity;
-use codex_protocol::models::ResponseItem;
-use codex_protocol::protocol::AskForApproval;
-use codex_protocol::protocol::EventMsg;
-use codex_protocol::protocol::SandboxPolicy;
-use codex_protocol::protocol::TurnAbortReason;
-use schemars::JsonSchema;
-use serde::Deserialize;
-use serde::Serialize;
-use ts_rs::TS;
-use uuid::Uuid;
-
-// Reuse shared types defined in `common.rs`.
-use crate::protocol::common::AuthMode;
-use crate::protocol::common::GitSha;
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct InitializeParams {
-    pub client_info: ClientInfo,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ClientInfo {
-    pub name: String,
-    pub title: Option<String>,
-    pub version: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct InitializeResponse {
-    pub user_agent: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct NewConversationParams {
-    pub model: Option<String>,
-    pub model_provider: Option<String>,
-    pub profile: Option<String>,
-    pub cwd: Option<String>,
-    pub approval_policy: Option<AskForApproval>,
-    pub sandbox: Option<SandboxMode>,
-    pub config: Option<HashMap<String, serde_json::Value>>,
-    pub base_instructions: Option<String>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub developer_instructions: Option<String>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub compact_prompt: Option<String>,
-    pub include_apply_patch_tool: Option<bool>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct NewConversationResponse {
-    pub conversation_id: ConversationId,
-    pub model: String,
-    pub reasoning_effort: Option<ReasoningEffort>,
-    pub rollout_path: PathBuf,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ResumeConversationResponse {
-    pub conversation_id: ConversationId,
-    pub model: String,
-    pub initial_messages: Option<Vec<EventMsg>>,
-    pub rollout_path: PathBuf,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(untagged)]
-pub enum GetConversationSummaryParams {
-    RolloutPath {
-        #[serde(rename = "rolloutPath")]
-        rollout_path: PathBuf,
-    },
-    ConversationId {
-        #[serde(rename = "conversationId")]
-        conversation_id: ConversationId,
-    },
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GetConversationSummaryResponse {
-    pub summary: ConversationSummary,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ListConversationsParams {
-    pub page_size: Option<usize>,
-    pub cursor: Option<String>,
-    pub model_providers: Option<Vec<String>>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ConversationSummary {
-    pub conversation_id: ConversationId,
-    pub path: PathBuf,
-    pub preview: String,
-    pub timestamp: Option<String>,
-    pub model_provider: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ListConversationsResponse {
-    pub items: Vec<ConversationSummary>,
-    pub next_cursor: Option<String>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ResumeConversationParams {
-    pub path: Option<PathBuf>,
-    pub conversation_id: Option<ConversationId>,
-    pub history: Option<Vec<ResponseItem>>,
-    pub overrides: Option<NewConversationParams>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct AddConversationSubscriptionResponse {
-    #[schemars(with = "String")]
-    pub subscription_id: Uuid,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ArchiveConversationParams {
-    pub conversation_id: ConversationId,
-    pub rollout_path: PathBuf,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ArchiveConversationResponse {}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct RemoveConversationSubscriptionResponse {}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct LoginApiKeyParams {
-    pub api_key: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct LoginApiKeyResponse {}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct LoginChatGptResponse {
-    #[schemars(with = "String")]
-    pub login_id: Uuid,
-    pub auth_url: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GitDiffToRemoteResponse {
-    pub sha: GitSha,
-    pub diff: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct CancelLoginChatGptParams {
-    #[schemars(with = "String")]
-    pub login_id: Uuid,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GitDiffToRemoteParams {
-    pub cwd: PathBuf,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct CancelLoginChatGptResponse {}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct LogoutChatGptParams {}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct LogoutChatGptResponse {}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GetAuthStatusParams {
-    pub include_token: Option<bool>,
-    pub refresh_token: Option<bool>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ExecOneOffCommandParams {
-    pub command: Vec<String>,
-    pub timeout_ms: Option<u64>,
-    pub cwd: Option<PathBuf>,
-    pub sandbox_policy: Option<SandboxPolicy>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct ExecOneOffCommandResponse {
-    pub exit_code: i32,
-    pub stdout: String,
-    pub stderr: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GetAuthStatusResponse {
-    pub auth_method: Option<AuthMode>,
-    pub auth_token: Option<String>,
-    pub requires_openai_auth: Option<bool>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GetUserAgentResponse {
-    pub user_agent: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct UserInfoResponse {
-    pub alleged_user_email: Option<String>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct GetUserSavedConfigResponse {
-    pub config: UserSavedConfig,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct SetDefaultModelParams {
-    pub model: Option<String>,
-    pub reasoning_effort: Option<ReasoningEffort>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct SetDefaultModelResponse {}
-
-#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct UserSavedConfig {
-    pub approval_policy: Option<AskForApproval>,
-    pub sandbox_mode: Option<SandboxMode>,
-    pub sandbox_settings: Option<SandboxSettings>,
-    pub forced_chatgpt_workspace_id: Option<String>,
-    pub forced_login_method: Option<ForcedLoginMethod>,
-    pub model: Option<String>,
-    pub model_reasoning_effort: Option<ReasoningEffort>,
-    pub model_reasoning_summary: Option<ReasoningSummary>,
-    pub model_verbosity: Option<Verbosity>,
-    pub tools: Option<Tools>,
-    pub profile: Option<String>,
-    pub profiles: HashMap<String, Profile>,
-}
-
-#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct Profile {
-    pub model: Option<String>,
-    pub model_provider: Option<String>,
-    pub approval_policy: Option<AskForApproval>,
-    pub model_reasoning_effort: Option<ReasoningEffort>,
-    pub model_reasoning_summary: Option<ReasoningSummary>,
-    pub model_verbosity: Option<Verbosity>,
-    pub chatgpt_base_url: Option<String>,
-}
-
-#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct Tools {
-    pub web_search: Option<bool>,
-    pub view_image: Option<bool>,
-}
-
-#[derive(Deserialize, Debug, Clone, PartialEq, Serialize, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct SandboxSettings {
-    #[serde(default)]
-    pub writable_roots: Vec<PathBuf>,
-    pub network_access: Option<bool>,
-    pub exclude_tmpdir_env_var: Option<bool>,
-    pub exclude_slash_tmp: Option<bool>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct SendUserMessageParams {
-    pub conversation_id: ConversationId,
-    pub items: Vec<InputItem>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct SendUserTurnParams {
-    pub conversation_id: ConversationId,
-    pub items: Vec<InputItem>,
-    pub cwd: PathBuf,
-    pub approval_policy: AskForApproval,
-    pub sandbox_policy: SandboxPolicy,
-    pub model: String,
-    pub effort: Option<ReasoningEffort>,
-    pub summary: ReasoningSummary,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct SendUserTurnResponse {}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct InterruptConversationParams {
-    pub conversation_id: ConversationId,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct InterruptConversationResponse {
-    pub abort_reason: TurnAbortReason,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct SendUserMessageResponse {}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct AddConversationListenerParams {
-    pub conversation_id: ConversationId,
-    #[serde(default)]
-    pub experimental_raw_events: bool,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct RemoveConversationListenerParams {
-    #[schemars(with = "String")]
-    pub subscription_id: Uuid,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[serde(tag = "type", content = "data")]
-pub enum InputItem {
-    Text { text: String },
-    Image { image_url: String },
-    LocalImage { path: PathBuf },
-}
-
-// Deprecated notifications (v1)
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct LoginChatGptCompleteNotification {
-    #[schemars(with = "String")]
-    pub login_id: Uuid,
-    pub success: bool,
-    pub error: Option<String>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-pub struct SessionConfiguredNotification {
-    pub session_id: ConversationId,
-    pub model: String,
-    pub reasoning_effort: Option<ReasoningEffort>,
-    pub history_log_id: u64,
-    #[ts(type = "number")]
-    pub history_entry_count: usize,
-    pub initial_messages: Option<Vec<EventMsg>>,
-    pub rollout_path: PathBuf,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-/// Deprecated notification. Use AccountUpdatedNotification instead.
-pub struct AuthStatusChangeNotification {
-    pub auth_method: Option<AuthMode>,
-}
--- a/codex-rs/app-server-protocol/src/protocol/v2.rs
+++ b/codex-rs/app-server-protocol/src/protocol/v2.rs
@@ -1,427 +0,0 @@
-use crate::protocol::common::AuthMode;
-use codex_protocol::ConversationId;
-use codex_protocol::account::PlanType;
-use codex_protocol::config_types::ReasoningEffort;
-use codex_protocol::protocol::RateLimitSnapshot as CoreRateLimitSnapshot;
-use codex_protocol::protocol::RateLimitWindow as CoreRateLimitWindow;
-use mcp_types::ContentBlock as McpContentBlock;
-use schemars::JsonSchema;
-use serde::Deserialize;
-use serde::Serialize;
-use serde_json::Value as JsonValue;
-use std::path::PathBuf;
-use ts_rs::TS;
-use uuid::Uuid;
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(tag = "type", rename_all = "camelCase")]
-#[ts(tag = "type")]
-#[ts(export_to = "v2/")]
-pub enum Account {
-    #[serde(rename = "apiKey", rename_all = "camelCase")]
-    #[ts(rename = "apiKey", rename_all = "camelCase")]
-    ApiKey { api_key: String },
-
-    #[serde(rename = "chatgpt", rename_all = "camelCase")]
-    #[ts(rename = "chatgpt", rename_all = "camelCase")]
-    ChatGpt {
-        email: Option<String>,
-        plan_type: PlanType,
-    },
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(tag = "type")]
-#[ts(tag = "type")]
-#[ts(export_to = "v2/")]
-pub enum LoginAccountParams {
-    #[serde(rename = "apiKey")]
-    #[ts(rename = "apiKey")]
-    ApiKey {
-        #[serde(rename = "apiKey")]
-        #[ts(rename = "apiKey")]
-        api_key: String,
-    },
-    #[serde(rename = "chatgpt")]
-    #[ts(rename = "chatgpt")]
-    ChatGpt,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct LoginAccountResponse {
-    /// Only set if the login method is ChatGPT.
-    #[schemars(with = "String")]
-    pub login_id: Option<Uuid>,
-
-    /// URL the client should open in a browser to initiate the OAuth flow.
-    /// Only set if the login method is ChatGPT.
-    pub auth_url: Option<String>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct LogoutAccountResponse {}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct GetAccountRateLimitsResponse {
-    pub rate_limits: RateLimitSnapshot,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct GetAccountResponse {
-    pub account: Account,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Default, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct ListModelsParams {
-    /// Optional page size; defaults to a reasonable server-side value.
-    pub page_size: Option<usize>,
-    /// Opaque pagination cursor returned by a previous call.
-    pub cursor: Option<String>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct Model {
-    pub id: String,
-    pub model: String,
-    pub display_name: String,
-    pub description: String,
-    pub supported_reasoning_efforts: Vec<ReasoningEffortOption>,
-    pub default_reasoning_effort: ReasoningEffort,
-    // Only one model should be marked as default.
-    pub is_default: bool,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct ReasoningEffortOption {
-    pub reasoning_effort: ReasoningEffort,
-    pub description: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct ListModelsResponse {
-    pub items: Vec<Model>,
-    /// Opaque cursor to pass to the next call to continue after the last item.
-    /// if None, there are no more items to return.
-    pub next_cursor: Option<String>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct UploadFeedbackParams {
-    pub classification: String,
-    pub reason: Option<String>,
-    pub conversation_id: Option<ConversationId>,
-    pub include_logs: bool,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct UploadFeedbackResponse {
-    pub thread_id: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct AccountUpdatedNotification {
-    pub auth_method: Option<AuthMode>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct Thread {
-    pub id: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct Turn {
-    pub id: String,
-    pub items: Vec<ThreadItem>,
-    pub status: TurnStatus,
-    pub error: Option<TurnError>,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub enum TurnStatus {
-    Completed,
-    Interrupted,
-    Failed,
-    InProgress,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct TurnError {
-    pub message: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(tag = "type", rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub enum UserInput {
-    Text { text: String },
-    Image { url: String },
-    LocalImage { path: PathBuf },
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(tag = "type", rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub enum ThreadItem {
-    UserMessage {
-        id: String,
-        content: Vec<UserInput>,
-    },
-    AgentMessage {
-        id: String,
-        text: String,
-    },
-    Reasoning {
-        id: String,
-        text: String,
-    },
-    CommandExecution {
-        id: String,
-        command: String,
-        aggregated_output: String,
-        exit_code: Option<i32>,
-        status: CommandExecutionStatus,
-        duration_ms: Option<i64>,
-    },
-    FileChange {
-        id: String,
-        changes: Vec<FileUpdateChange>,
-        status: PatchApplyStatus,
-    },
-    McpToolCall {
-        id: String,
-        server: String,
-        tool: String,
-        status: McpToolCallStatus,
-        arguments: JsonValue,
-        result: Option<McpToolCallResult>,
-        error: Option<McpToolCallError>,
-    },
-    WebSearch {
-        id: String,
-        query: String,
-    },
-    TodoList {
-        id: String,
-        items: Vec<TodoItem>,
-    },
-    ImageView {
-        id: String,
-        path: String,
-    },
-    CodeReview {
-        id: String,
-        review: String,
-    },
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub enum CommandExecutionStatus {
-    InProgress,
-    Completed,
-    Failed,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct FileUpdateChange {
-    pub path: String,
-    pub kind: PatchChangeKind,
-    pub diff: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub enum PatchChangeKind {
-    Add,
-    Delete,
-    Update,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub enum PatchApplyStatus {
-    Completed,
-    Failed,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub enum McpToolCallStatus {
-    InProgress,
-    Completed,
-    Failed,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct McpToolCallResult {
-    pub content: Vec<McpContentBlock>,
-    pub structured_content: JsonValue,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct McpToolCallError {
-    pub message: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct TodoItem {
-    pub id: String,
-    pub text: String,
-    pub completed: bool,
-}
-
-// === Server Notifications ===
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct ThreadStartedNotification {
-    pub thread: Thread,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct TurnStartedNotification {
-    pub turn: Turn,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct Usage {
-    pub input_tokens: i32,
-    pub cached_input_tokens: i32,
-    pub output_tokens: i32,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct TurnCompletedNotification {
-    pub turn: Turn,
-    pub usage: Usage,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct ItemStartedNotification {
-    pub item: ThreadItem,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct ItemCompletedNotification {
-    pub item: ThreadItem,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct AgentMessageDeltaNotification {
-    pub item_id: String,
-    pub delta: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct CommandExecutionOutputDeltaNotification {
-    pub item_id: String,
-    pub delta: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct McpToolCallProgressNotification {
-    pub item_id: String,
-    pub message: String,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct AccountRateLimitsUpdatedNotification {
-    pub rate_limits: RateLimitSnapshot,
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct RateLimitSnapshot {
-    pub primary: Option<RateLimitWindow>,
-    pub secondary: Option<RateLimitWindow>,
-}
-
-impl From<CoreRateLimitSnapshot> for RateLimitSnapshot {
-    fn from(value: CoreRateLimitSnapshot) -> Self {
-        Self {
-            primary: value.primary.map(RateLimitWindow::from),
-            secondary: value.secondary.map(RateLimitWindow::from),
-        }
-    }
-}
-
-#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export_to = "v2/")]
-pub struct RateLimitWindow {
-    pub used_percent: i32,
-    pub window_duration_mins: Option<i64>,
-    pub resets_at: Option<i64>,
-}
-
-impl From<CoreRateLimitWindow> for RateLimitWindow {
-    fn from(value: CoreRateLimitWindow) -> Self {
-        Self {
-            used_percent: value.used_percent.round() as i32,
-            window_duration_mins: value.window_minutes,
-            resets_at: value.resets_at,
-        }
-    }
-}
--- a/codex-rs/app-server/src/codex_message_processor.rs
+++ b/codex-rs/app-server/src/codex_message_processor.rs
@@ -4,8 +4,6 @@ use crate::fuzzy_file_search::run_fuzzy_file_search;
 use crate::models::supported_models;
 use crate::outgoing_message::OutgoingMessageSender;
 use crate::outgoing_message::OutgoingNotification;
-use codex_app_server_protocol::AccountRateLimitsUpdatedNotification;
-use codex_app_server_protocol::AccountUpdatedNotification;
 use codex_app_server_protocol::AddConversationListenerParams;
 use codex_app_server_protocol::AddConversationSubscriptionResponse;
 use codex_app_server_protocol::ApplyPatchApprovalParams;
@@ -66,7 +64,6 @@ use codex_core::CodexConversation;
 use codex_core::ConversationManager;
 use codex_core::Cursor as RolloutCursor;
 use codex_core::INTERACTIVE_SESSION_SOURCES;
-use codex_core::InitialHistory;
 use codex_core::NewConversation;
 use codex_core::RolloutRecorder;
 use codex_core::SessionMeta;
@@ -75,12 +72,13 @@ use codex_core::auth::login_with_api_key;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
 use codex_core::config::ConfigToml;
-use codex_core::config::edit::ConfigEditsBuilder;
-use codex_core::config_loader::load_config_as_toml;
+use codex_core::config::load_config_as_toml;
+use codex_core::config_edit::CONFIG_KEY_EFFORT;
+use codex_core::config_edit::CONFIG_KEY_MODEL;
+use codex_core::config_edit::persist_overrides_and_clear_if_none;
 use codex_core::default_client::get_codex_user_agent;
 use codex_core::exec::ExecParams;
 use codex_core::exec_env::create_env;
-use codex_core::find_conversation_path_by_id_str;
 use codex_core::get_platform_sandbox;
 use codex_core::git_info::git_diff_to_remote;
 use codex_core::protocol::ApplyPatchApprovalRequestEvent;
@@ -99,7 +97,6 @@ use codex_protocol::config_types::ForcedLoginMethod;
 use codex_protocol::items::TurnItem;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::protocol::RateLimitSnapshot;
-use codex_protocol::protocol::RolloutItem;
 use codex_protocol::protocol::USER_MESSAGE_BEGIN;
 use codex_protocol::user_input::UserInput as CoreInputItem;
 use codex_utils_json_to_toml::json_to_toml;
@@ -202,7 +199,8 @@ impl CodexMessageProcessor {
                request_id,
                params: _,
            } => {
-                self.logout_v2(request_id).await;
+                self.send_unimplemented_error(request_id, "account/logout")
+                    .await;
            }
            ClientRequest::GetAccount {
                request_id,
@@ -251,7 +249,7 @@ impl CodexMessageProcessor {
                request_id,
                params: _,
            } => {
-                self.logout_v1(request_id).await;
+                self.logout_chatgpt(request_id).await;
            }
            ClientRequest::GetAuthStatus { request_id, params } => {
                self.get_auth_status(request_id, params).await;
@@ -495,9 +493,9 @@ impl CodexMessageProcessor {
        }
    }

-    async fn logout_common(&mut self) -> std::result::Result<Option<AuthMode>, JSONRPCErrorError> {
-        // Cancel any active login attempt.
+    async fn logout_chatgpt(&mut self, request_id: RequestId) {
        {
+            // Cancel any active login attempt.
            let mut guard = self.active_login.lock().await;
            if let Some(active) = guard.take() {
                active.drop();
@@ -505,61 +503,31 @@ impl CodexMessageProcessor {
        }

        if let Err(err) = self.auth_manager.logout() {
-            return Err(JSONRPCErrorError {
+            let error = JSONRPCErrorError {
                code: INTERNAL_ERROR_CODE,
                message: format!("logout failed: {err}"),
                data: None,
-            });
+            };
+            self.outgoing.send_error(request_id, error).await;
+            return;
        }

-        // Reflect the current auth method after logout (likely None).
-        Ok(self.auth_manager.auth().map(|auth| auth.mode))
-    }
+        self.outgoing
+            .send_response(
+                request_id,
+                codex_app_server_protocol::LogoutChatGptResponse {},
+            )
+            .await;

-    async fn logout_v1(&mut self, request_id: RequestId) {
-        match self.logout_common().await {
-            Ok(current_auth_method) => {
-                self.outgoing
-                    .send_response(
-                        request_id,
-                        codex_app_server_protocol::LogoutChatGptResponse {},
-                    )
-                    .await;
-
-                let payload = AuthStatusChangeNotification {
-                    auth_method: current_auth_method,
-                };
-                self.outgoing
-                    .send_server_notification(ServerNotification::AuthStatusChange(payload))
-                    .await;
-            }
-            Err(error) => {
-                self.outgoing.send_error(request_id, error).await;
-            }
-        }
-    }
-
-    async fn logout_v2(&mut self, request_id: RequestId) {
-        match self.logout_common().await {
-            Ok(current_auth_method) => {
-                self.outgoing
-                    .send_response(
-                        request_id,
-                        codex_app_server_protocol::LogoutAccountResponse {},
-                    )
-                    .await;
-
-                let payload_v2 = AccountUpdatedNotification {
-                    auth_method: current_auth_method,
-                };
-                self.outgoing
-                    .send_server_notification(ServerNotification::AccountUpdated(payload_v2))
-                    .await;
-            }
-            Err(error) => {
-                self.outgoing.send_error(request_id, error).await;
-            }
-        }
+        // Send auth status change notification reflecting the current auth mode
+        // after logout.
+        let current_auth_method = self.auth_manager.auth().map(|auth| auth.mode);
+        let payload = AuthStatusChangeNotification {
+            auth_method: current_auth_method,
+        };
+        self.outgoing
+            .send_server_notification(ServerNotification::AuthStatusChange(payload))
+            .await;
    }

    async fn get_auth_status(
@@ -626,9 +594,7 @@ impl CodexMessageProcessor {
    async fn get_account_rate_limits(&self, request_id: RequestId) {
        match self.fetch_account_rate_limits().await {
            Ok(rate_limits) => {
-                let response = GetAccountRateLimitsResponse {
-                    rate_limits: rate_limits.into(),
-                };
+                let response = GetAccountRateLimitsResponse { rate_limits };
                self.outgoing.send_response(request_id, response).await;
            }
            Err(error) => {
@@ -720,12 +686,19 @@ impl CodexMessageProcessor {
            model,
            reasoning_effort,
        } = params;
+        let effort_str = reasoning_effort.map(|effort| effort.to_string());

-        match ConfigEditsBuilder::new(&self.config.codex_home)
-            .with_profile(self.config.active_profile.as_deref())
-            .set_model(model.as_deref(), reasoning_effort)
-            .apply()
-            .await
+        let overrides: [(&[&str], Option<&str>); 2] = [
+            (&[CONFIG_KEY_MODEL], model.as_deref()),
+            (&[CONFIG_KEY_EFFORT], effort_str.as_deref()),
+        ];
+
+        match persist_overrides_and_clear_if_none(
+            &self.config.codex_home,
+            self.config.active_profile.as_deref(),
+            &overrides,
+        )
+        .await
        {
            Ok(()) => {
                let response = SetDefaultModelResponse {};
@@ -734,7 +707,7 @@ impl CodexMessageProcessor {
            Err(err) => {
                let error = JSONRPCErrorError {
                    code: INTERNAL_ERROR_CODE,
-                    message: format!("failed to persist model selection: {err}"),
+                    message: format!("failed to persist overrides: {err}"),
                    data: None,
                };
                self.outgoing.send_error(request_id, error).await;
@@ -861,37 +834,12 @@ impl CodexMessageProcessor {
        request_id: RequestId,
        params: GetConversationSummaryParams,
    ) {
-        let path = match params {
-            GetConversationSummaryParams::RolloutPath { rollout_path } => {
-                if rollout_path.is_relative() {
-                    self.config.codex_home.join(&rollout_path)
-                } else {
-                    rollout_path
-                }
-            }
-            GetConversationSummaryParams::ConversationId { conversation_id } => {
-                match codex_core::find_conversation_path_by_id_str(
-                    &self.config.codex_home,
-                    &conversation_id.to_string(),
-                )
-                .await
-                {
-                    Ok(Some(p)) => p,
-                    _ => {
-                        let error = JSONRPCErrorError {
-                            code: INVALID_REQUEST_ERROR_CODE,
-                            message: format!(
-                                "no rollout found for conversation id {conversation_id}"
-                            ),
-                            data: None,
-                        };
-                        self.outgoing.send_error(request_id, error).await;
-                        return;
-                    }
-                }
-            }
+        let GetConversationSummaryParams { rollout_path } = params;
+        let path = if rollout_path.is_relative() {
+            self.config.codex_home.join(&rollout_path)
+        } else {
+            rollout_path.clone()
        };
-
        let fallback_provider = self.config.model_provider_id.as_str();

        match read_summary_from_rollout(&path, fallback_provider).await {
@@ -1042,15 +990,8 @@ impl CodexMessageProcessor {
        request_id: RequestId,
        params: ResumeConversationParams,
    ) {
-        let ResumeConversationParams {
-            path,
-            conversation_id,
-            history,
-            overrides,
-        } = params;
-
        // Derive a Config using the same logic as new conversation, honoring overrides if provided.
-        let config = match overrides {
+        let config = match params.overrides {
            Some(overrides) => {
                derive_config_from_params(overrides, self.codex_linux_sandbox_exe.clone()).await
            }
@@ -1059,88 +1000,21 @@ impl CodexMessageProcessor {
        let config = match config {
            Ok(cfg) => cfg,
            Err(err) => {
-                self.send_invalid_request_error(
-                    request_id,
-                    format!("error deriving config: {err}"),
-                )
-                .await;
+                let error = JSONRPCErrorError {
+                    code: INVALID_REQUEST_ERROR_CODE,
+                    message: format!("error deriving config: {err}"),
+                    data: None,
+                };
+                self.outgoing.send_error(request_id, error).await;
                return;
            }
        };

-        let conversation_history = if let Some(path) = path {
-            match RolloutRecorder::get_rollout_history(&path).await {
-                Ok(initial_history) => initial_history,
-                Err(err) => {
-                    self.send_invalid_request_error(
-                        request_id,
-                        format!("failed to load rollout `{}`: {err}", path.display()),
-                    )
-                    .await;
-                    return;
-                }
-            }
-        } else if let Some(conversation_id) = conversation_id {
-            match find_conversation_path_by_id_str(
-                &self.config.codex_home,
-                &conversation_id.to_string(),
-            )
-            .await
-            {
-                Ok(Some(found_path)) => {
-                    match RolloutRecorder::get_rollout_history(&found_path).await {
-                        Ok(initial_history) => initial_history,
-                        Err(err) => {
-                            self.send_invalid_request_error(
-                                request_id,
-                                format!(
-                                    "failed to load rollout `{}` for conversation {conversation_id}: {err}",
-                                    found_path.display()
-                                ),
-                            ).await;
-                            return;
-                        }
-                    }
-                }
-                Ok(None) => {
-                    self.send_invalid_request_error(
-                        request_id,
-                        format!("no rollout found for conversation id {conversation_id}"),
-                    )
-                    .await;
-                    return;
-                }
-                Err(err) => {
-                    self.send_invalid_request_error(
-                        request_id,
-                        format!("failed to locate conversation id {conversation_id}: {err}"),
-                    )
-                    .await;
-                    return;
-                }
-            }
-        } else {
-            match history {
-                Some(history) if !history.is_empty() => InitialHistory::Forked(
-                    history.into_iter().map(RolloutItem::ResponseItem).collect(),
-                ),
-                Some(_) | None => {
-                    self.send_invalid_request_error(
-                        request_id,
-                        "either path, conversation id or non empty history must be provided"
-                            .to_string(),
-                    )
-                    .await;
-                    return;
-                }
-            }
-        };
-
        match self
            .conversation_manager
-            .resume_conversation_with_history(
+            .resume_conversation_from_rollout(
                config,
-                conversation_history,
+                params.path.clone(),
                self.auth_manager.clone(),
            )
            .await
@@ -1172,7 +1046,6 @@ impl CodexMessageProcessor {
                    conversation_id,
                    model: session_configured.model.clone(),
                    initial_messages,
-                    rollout_path: session_configured.rollout_path.clone(),
                };
                self.outgoing.send_response(request_id, response).await;
            }
@@ -1187,15 +1060,6 @@ impl CodexMessageProcessor {
        }
    }

-    async fn send_invalid_request_error(&self, request_id: RequestId, message: String) {
-        let error = JSONRPCErrorError {
-            code: INVALID_REQUEST_ERROR_CODE,
-            message,
-            data: None,
-        };
-        self.outgoing.send_error(request_id, error).await;
-    }
-
    async fn archive_conversation(&self, request_id: RequestId, params: ArchiveConversationParams) {
        let ArchiveConversationParams {
            conversation_id,
@@ -1205,23 +1069,9 @@ impl CodexMessageProcessor {
        // Verify that the rollout path is in the sessions directory or else
        // a malicious client could specify an arbitrary path.
        let rollout_folder = self.config.codex_home.join(codex_core::SESSIONS_SUBDIR);
-        let canonical_sessions_dir = match tokio::fs::canonicalize(&rollout_folder).await {
-            Ok(path) => path,
-            Err(err) => {
-                let error = JSONRPCErrorError {
-                    code: INTERNAL_ERROR_CODE,
-                    message: format!(
-                        "failed to archive conversation: unable to resolve sessions directory: {err}"
-                    ),
-                    data: None,
-                };
-                self.outgoing.send_error(request_id, error).await;
-                return;
-            }
-        };
        let canonical_rollout_path = tokio::fs::canonicalize(&rollout_path).await;
        let canonical_rollout_path = if let Ok(path) = canonical_rollout_path
-            && path.starts_with(&canonical_sessions_dir)
+            && path.starts_with(&rollout_folder)
        {
            path
        } else {
@@ -1769,9 +1619,7 @@ async fn apply_bespoke_event_handling(
            if let Some(rate_limits) = token_count_event.rate_limits {
                outgoing
                    .send_server_notification(ServerNotification::AccountRateLimitsUpdated(
-                        AccountRateLimitsUpdatedNotification {
-                            rate_limits: rate_limits.into(),
-                        },
+                        rate_limits,
                    ))
                    .await;
            }
@@ -1809,8 +1657,6 @@ async fn derive_config_from_params(
        sandbox: sandbox_mode,
        config: cli_overrides,
        base_instructions,
-        developer_instructions,
-        compact_prompt,
        include_apply_patch_tool,
    } = params;
    let overrides = ConfigOverrides {
@@ -1823,9 +1669,8 @@ async fn derive_config_from_params(
        model_provider,
        codex_linux_sandbox_exe,
        base_instructions,
-        developer_instructions,
-        compact_prompt,
        include_apply_patch_tool,
+        include_view_image_tool: None,
        show_raw_agent_reasoning: None,
        tools_web_search_request: None,
        experimental_sandbox_command_assessment: None,
--- a/codex-rs/app-server/src/message_processor.rs
+++ b/codex-rs/app-server/src/message_processor.rs
@@ -64,79 +64,64 @@ impl MessageProcessor {

    pub(crate) async fn process_request(&mut self, request: JSONRPCRequest) {
        let request_id = request.id.clone();
-        let request_json = match serde_json::to_value(&request) {
-            Ok(request_json) => request_json,
-            Err(err) => {
-                let error = JSONRPCErrorError {
-                    code: INVALID_REQUEST_ERROR_CODE,
-                    message: format!("Invalid request: {err}"),
-                    data: None,
-                };
-                self.outgoing.send_error(request_id, error).await;
-                return;
-            }
-        };
+        if let Ok(request_json) = serde_json::to_value(request)
+            && let Ok(codex_request) = serde_json::from_value::<ClientRequest>(request_json)
+        {
+            match codex_request {
+                // Handle Initialize internally so CodexMessageProcessor does not have to concern
+                // itself with the `initialized` bool.
+                ClientRequest::Initialize { request_id, params } => {
+                    if self.initialized {
+                        let error = JSONRPCErrorError {
+                            code: INVALID_REQUEST_ERROR_CODE,
+                            message: "Already initialized".to_string(),
+                            data: None,
+                        };
+                        self.outgoing.send_error(request_id, error).await;
+                        return;
+                    } else {
+                        let ClientInfo {
+                            name,
+                            title: _title,
+                            version,
+                        } = params.client_info;
+                        let user_agent_suffix = format!("{name}; {version}");
+                        if let Ok(mut suffix) = USER_AGENT_SUFFIX.lock() {
+                            *suffix = Some(user_agent_suffix);
+                        }

-        let codex_request = match serde_json::from_value::<ClientRequest>(request_json) {
-            Ok(codex_request) => codex_request,
-            Err(err) => {
-                let error = JSONRPCErrorError {
-                    code: INVALID_REQUEST_ERROR_CODE,
-                    message: format!("Invalid request: {err}"),
-                    data: None,
-                };
-                self.outgoing.send_error(request_id, error).await;
-                return;
-            }
-        };
+                        let user_agent = get_codex_user_agent();
+                        let response = InitializeResponse { user_agent };
+                        self.outgoing.send_response(request_id, response).await;

-        match codex_request {
-            // Handle Initialize internally so CodexMessageProcessor does not have to concern
-            // itself with the `initialized` bool.
-            ClientRequest::Initialize { request_id, params } => {
-                if self.initialized {
-                    let error = JSONRPCErrorError {
-                        code: INVALID_REQUEST_ERROR_CODE,
-                        message: "Already initialized".to_string(),
-                        data: None,
-                    };
-                    self.outgoing.send_error(request_id, error).await;
-                    return;
-                } else {
-                    let ClientInfo {
-                        name,
-                        title: _title,
-                        version,
-                    } = params.client_info;
-                    let user_agent_suffix = format!("{name}; {version}");
-                    if let Ok(mut suffix) = USER_AGENT_SUFFIX.lock() {
-                        *suffix = Some(user_agent_suffix);
+                        self.initialized = true;
+                        return;
+                    }
+                }
+                _ => {
+                    if !self.initialized {
+                        let error = JSONRPCErrorError {
+                            code: INVALID_REQUEST_ERROR_CODE,
+                            message: "Not initialized".to_string(),
+                            data: None,
+                        };
+                        self.outgoing.send_error(request_id, error).await;
+                        return;
                    }
-
-                    let user_agent = get_codex_user_agent();
-                    let response = InitializeResponse { user_agent };
-                    self.outgoing.send_response(request_id, response).await;
-
-                    self.initialized = true;
-                    return;
-                }
-            }
-            _ => {
-                if !self.initialized {
-                    let error = JSONRPCErrorError {
-                        code: INVALID_REQUEST_ERROR_CODE,
-                        message: "Not initialized".to_string(),
-                        data: None,
-                    };
-                    self.outgoing.send_error(request_id, error).await;
-                    return;
                }
            }
+
+            self.codex_message_processor
+                .process_request(codex_request)
+                .await;
+        } else {
+            let error = JSONRPCErrorError {
+                code: INVALID_REQUEST_ERROR_CODE,
+                message: "Invalid request".to_string(),
+                data: None,
+            };
+            self.outgoing.send_error(request_id, error).await;
        }
-
-        self.codex_message_processor
-            .process_request(codex_request)
-            .await;
    }

    pub(crate) async fn process_notification(&self, notification: JSONRPCNotification) {
--- a/codex-rs/app-server/src/outgoing_message.rs
+++ b/codex-rs/app-server/src/outgoing_message.rs
@@ -141,12 +141,9 @@ pub(crate) struct OutgoingError {

 #[cfg(test)]
 mod tests {
-    use codex_app_server_protocol::AccountRateLimitsUpdatedNotification;
-    use codex_app_server_protocol::AccountUpdatedNotification;
-    use codex_app_server_protocol::AuthMode;
    use codex_app_server_protocol::LoginChatGptCompleteNotification;
-    use codex_app_server_protocol::RateLimitSnapshot;
-    use codex_app_server_protocol::RateLimitWindow;
+    use codex_protocol::protocol::RateLimitSnapshot;
+    use codex_protocol::protocol::RateLimitWindow;
    use pretty_assertions::assert_eq;
    use serde_json::json;
    use uuid::Uuid;
@@ -169,7 +166,6 @@ mod tests {
                "params": {
                    "loginId": Uuid::nil(),
                    "success": true,
-                    "error": null,
                },
            }),
            serde_json::to_value(jsonrpc_notification)
@@ -180,51 +176,26 @@ mod tests {

    #[test]
    fn verify_account_rate_limits_notification_serialization() {
-        let notification =
-            ServerNotification::AccountRateLimitsUpdated(AccountRateLimitsUpdatedNotification {
-                rate_limits: RateLimitSnapshot {
-                    primary: Some(RateLimitWindow {
-                        used_percent: 25,
-                        window_duration_mins: Some(15),
-                        resets_at: Some(123),
-                    }),
-                    secondary: None,
-                },
-            });
+        let notification = ServerNotification::AccountRateLimitsUpdated(RateLimitSnapshot {
+            primary: Some(RateLimitWindow {
+                used_percent: 25.0,
+                window_minutes: Some(15),
+                resets_at: Some(123),
+            }),
+            secondary: None,
+        });

        let jsonrpc_notification = OutgoingMessage::AppServerNotification(notification);
        assert_eq!(
            json!({
                "method": "account/rateLimits/updated",
                "params": {
-                    "rateLimits": {
-                        "primary": {
-                            "usedPercent": 25,
-                            "windowDurationMins": 15,
-                            "resetsAt": 123
-                        },
-                        "secondary": null
-                    }
-                },
-            }),
-            serde_json::to_value(jsonrpc_notification)
-                .expect("ensure the notification serializes correctly"),
-            "ensure the notification serializes correctly"
-        );
-    }
-
-    #[test]
-    fn verify_account_updated_notification_serialization() {
-        let notification = ServerNotification::AccountUpdated(AccountUpdatedNotification {
-            auth_method: Some(AuthMode::ApiKey),
-        });
-
-        let jsonrpc_notification = OutgoingMessage::AppServerNotification(notification);
-        assert_eq!(
-            json!({
-                "method": "account/updated",
-                "params": {
-                    "authMethod": "apikey"
+                    "primary": {
+                        "used_percent": 25.0,
+                        "window_minutes": 15,
+                        "resets_at": 123,
+                    },
+                    "secondary": null,
                },
            }),
            serde_json::to_value(jsonrpc_notification)
--- a/codex-rs/app-server/tests/common/mcp_process.rs
+++ b/codex-rs/app-server/tests/common/mcp_process.rs
@@ -321,11 +321,6 @@ impl McpProcess {
        self.send_request("logoutChatGpt", None).await
    }

-    /// Send an `account/logout` JSON-RPC request.
-    pub async fn send_logout_account_request(&mut self) -> anyhow::Result<i64> {
-        self.send_request("account/logout", None).await
-    }
-
    /// Send a `fuzzyFileSearch` JSON-RPC request.
    pub async fn send_fuzzy_file_search_request(
        &mut self,
--- a/codex-rs/app-server/tests/suite/list_resume.rs
+++ b/codex-rs/app-server/tests/suite/list_resume.rs
@@ -11,9 +11,6 @@ use codex_app_server_protocol::ResumeConversationParams;
 use codex_app_server_protocol::ResumeConversationResponse;
 use codex_app_server_protocol::ServerNotification;
 use codex_app_server_protocol::SessionConfiguredNotification;
-use codex_core::protocol::EventMsg;
-use codex_protocol::models::ContentItem;
-use codex_protocol::models::ResponseItem;
 use pretty_assertions::assert_eq;
 use serde_json::json;
 use std::fs;
@@ -171,14 +168,10 @@ async fn test_list_and_resume_conversations() -> Result<()> {
    assert!(empty_items.is_empty());
    assert!(empty_next.is_none());

-    let first_item = &items[0];
-
-    // Now resume one of the sessions from an explicit rollout path.
+    // Now resume one of the sessions and expect a SessionConfigured notification and response.
    let resume_req_id = mcp
        .send_resume_conversation_request(ResumeConversationParams {
-            path: Some(first_item.path.clone()),
-            conversation_id: None,
-            history: None,
+            path: items[0].path.clone(),
            overrides: Some(NewConversationParams {
                model: Some("o3".to_string()),
                ..Default::default()
@@ -193,25 +186,17 @@ async fn test_list_and_resume_conversations() -> Result<()> {
    )
    .await??;
    let session_configured: ServerNotification = notification.try_into()?;
+    // Basic shape assertion: ensure event type is sessionConfigured
    let ServerNotification::SessionConfigured(SessionConfiguredNotification {
        model,
        rollout_path,
-        initial_messages: session_initial_messages,
        ..
    }) = session_configured
    else {
        unreachable!("expected sessionConfigured notification");
    };
    assert_eq!(model, "o3");
-    assert_eq!(rollout_path, first_item.path.clone());
-    let session_initial_messages = session_initial_messages
-        .expect("expected initial messages when resuming from rollout path");
-    match session_initial_messages.as_slice() {
-        [EventMsg::UserMessage(message)] => {
-            assert_eq!(message.message, first_item.preview.clone());
-        }
-        other => panic!("unexpected initial messages from rollout resume: {other:#?}"),
-    }
+    assert_eq!(items[0].path.clone(), rollout_path);

    // Then the response for resumeConversation
    let resume_resp: JSONRPCResponse = timeout(
@@ -220,140 +205,10 @@ async fn test_list_and_resume_conversations() -> Result<()> {
    )
    .await??;
    let ResumeConversationResponse {
-        conversation_id,
-        model: resume_model,
-        initial_messages: response_initial_messages,
-        ..
+        conversation_id, ..
    } = to_response::<ResumeConversationResponse>(resume_resp)?;
    // conversation id should be a valid UUID
    assert!(!conversation_id.to_string().is_empty());
-    assert_eq!(resume_model, "o3");
-    let response_initial_messages =
-        response_initial_messages.expect("expected initial messages in resume response");
-    match response_initial_messages.as_slice() {
-        [EventMsg::UserMessage(message)] => {
-            assert_eq!(message.message, first_item.preview.clone());
-        }
-        other => panic!("unexpected initial messages in resume response: {other:#?}"),
-    }
-
-    // Resuming with only a conversation id should locate the rollout automatically.
-    let resume_by_id_req_id = mcp
-        .send_resume_conversation_request(ResumeConversationParams {
-            path: None,
-            conversation_id: Some(first_item.conversation_id),
-            history: None,
-            overrides: Some(NewConversationParams {
-                model: Some("o3".to_string()),
-                ..Default::default()
-            }),
-        })
-        .await?;
-    let notification: JSONRPCNotification = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_notification_message("sessionConfigured"),
-    )
-    .await??;
-    let session_configured: ServerNotification = notification.try_into()?;
-    let ServerNotification::SessionConfigured(SessionConfiguredNotification {
-        model,
-        rollout_path,
-        initial_messages: session_initial_messages,
-        ..
-    }) = session_configured
-    else {
-        unreachable!("expected sessionConfigured notification");
-    };
-    assert_eq!(model, "o3");
-    assert_eq!(rollout_path, first_item.path.clone());
-    let session_initial_messages = session_initial_messages
-        .expect("expected initial messages when resuming from conversation id");
-    match session_initial_messages.as_slice() {
-        [EventMsg::UserMessage(message)] => {
-            assert_eq!(message.message, first_item.preview.clone());
-        }
-        other => panic!("unexpected initial messages from conversation id resume: {other:#?}"),
-    }
-    let resume_resp: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(resume_by_id_req_id)),
-    )
-    .await??;
-    let ResumeConversationResponse {
-        conversation_id: by_id_conversation_id,
-        model: by_id_model,
-        initial_messages: by_id_initial_messages,
-        ..
-    } = to_response::<ResumeConversationResponse>(resume_resp)?;
-    assert!(!by_id_conversation_id.to_string().is_empty());
-    assert_eq!(by_id_model, "o3");
-    let by_id_initial_messages = by_id_initial_messages
-        .expect("expected initial messages when resuming from conversation id response");
-    match by_id_initial_messages.as_slice() {
-        [EventMsg::UserMessage(message)] => {
-            assert_eq!(message.message, first_item.preview.clone());
-        }
-        other => {
-            panic!("unexpected initial messages in conversation id resume response: {other:#?}")
-        }
-    }
-
-    // Resuming with explicit history should succeed even without a stored rollout.
-    let fork_history_text = "Hello from history";
-    let history = vec![ResponseItem::Message {
-        id: None,
-        role: "user".to_string(),
-        content: vec![ContentItem::InputText {
-            text: fork_history_text.to_string(),
-        }],
-    }];
-    let resume_with_history_req_id = mcp
-        .send_resume_conversation_request(ResumeConversationParams {
-            path: None,
-            conversation_id: None,
-            history: Some(history),
-            overrides: Some(NewConversationParams {
-                model: Some("o3".to_string()),
-                ..Default::default()
-            }),
-        })
-        .await?;
-    let notification: JSONRPCNotification = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_notification_message("sessionConfigured"),
-    )
-    .await??;
-    let session_configured: ServerNotification = notification.try_into()?;
-    let ServerNotification::SessionConfigured(SessionConfiguredNotification {
-        model,
-        initial_messages: session_initial_messages,
-        ..
-    }) = session_configured
-    else {
-        unreachable!("expected sessionConfigured notification");
-    };
-    assert_eq!(model, "o3");
-    assert!(
-        session_initial_messages.as_ref().is_none_or(Vec::is_empty),
-        "expected no initial messages when resuming from explicit history but got {session_initial_messages:#?}"
-    );
-    let resume_resp: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(resume_with_history_req_id)),
-    )
-    .await??;
-    let ResumeConversationResponse {
-        conversation_id: history_conversation_id,
-        model: history_model,
-        initial_messages: history_initial_messages,
-        ..
-    } = to_response::<ResumeConversationResponse>(resume_resp)?;
-    assert!(!history_conversation_id.to_string().is_empty());
-    assert_eq!(history_model, "o3");
-    assert!(
-        history_initial_messages.as_ref().is_none_or(Vec::is_empty),
-        "expected no initial messages in resume response when history is provided but got {history_initial_messages:#?}"
-    );

    Ok(())
 }
--- a/codex-rs/app-server/tests/suite/mod.rs
+++ b/codex-rs/app-server/tests/suite/mod.rs
@@ -13,4 +13,3 @@ mod send_message;
 mod set_default_model;
 mod user_agent;
 mod user_info;
-mod v2;
--- a/codex-rs/app-server/tests/suite/rate_limits.rs
+++ b/codex-rs/app-server/tests/suite/rate_limits.rs
@@ -7,10 +7,10 @@ use codex_app_server_protocol::GetAccountRateLimitsResponse;
 use codex_app_server_protocol::JSONRPCError;
 use codex_app_server_protocol::JSONRPCResponse;
 use codex_app_server_protocol::LoginApiKeyParams;
-use codex_app_server_protocol::RateLimitSnapshot;
-use codex_app_server_protocol::RateLimitWindow;
 use codex_app_server_protocol::RequestId;
 use codex_core::auth::AuthCredentialsStoreMode;
+use codex_protocol::protocol::RateLimitSnapshot;
+use codex_protocol::protocol::RateLimitWindow;
 use pretty_assertions::assert_eq;
 use serde_json::json;
 use std::path::Path;
@@ -143,13 +143,13 @@ async fn get_account_rate_limits_returns_snapshot() -> Result<()> {
    let expected = GetAccountRateLimitsResponse {
        rate_limits: RateLimitSnapshot {
            primary: Some(RateLimitWindow {
-                used_percent: 42,
-                window_duration_mins: Some(60),
+                used_percent: 42.0,
+                window_minutes: Some(60),
                resets_at: Some(primary_reset_timestamp),
            }),
            secondary: Some(RateLimitWindow {
-                used_percent: 5,
-                window_duration_mins: Some(1440),
+                used_percent: 5.0,
+                window_minutes: Some(1440),
                resets_at: Some(secondary_reset_timestamp),
            }),
        },
--- a/codex-rs/app-server/tests/suite/send_message.rs
+++ b/codex-rs/app-server/tests/suite/send_message.rs
@@ -16,7 +16,6 @@ use codex_app_server_protocol::SendUserMessageResponse;
 use codex_protocol::ConversationId;
 use codex_protocol::models::ContentItem;
 use codex_protocol::models::ResponseItem;
-use codex_protocol::protocol::RawResponseItemEvent;
 use pretty_assertions::assert_eq;
 use std::path::Path;
 use tempfile::TempDir;
@@ -44,9 +43,7 @@ async fn test_send_message_success() -> Result<()> {

    // Start a conversation using the new wire API.
    let new_conv_id = mcp
-        .send_new_conversation_request(NewConversationParams {
-            ..Default::default()
-        })
+        .send_new_conversation_request(NewConversationParams::default())
        .await?;
    let new_conv_resp: JSONRPCResponse = timeout(
        DEFAULT_READ_TIMEOUT,
@@ -145,10 +142,7 @@ async fn test_send_message_raw_notifications_opt_in() -> Result<()> {
    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??;

    let new_conv_id = mcp
-        .send_new_conversation_request(NewConversationParams {
-            developer_instructions: Some("Use the test harness tools.".to_string()),
-            ..Default::default()
-        })
+        .send_new_conversation_request(NewConversationParams::default())
        .await?;
    let new_conv_resp: JSONRPCResponse = timeout(
        DEFAULT_READ_TIMEOUT,
@@ -182,9 +176,6 @@ async fn test_send_message_raw_notifications_opt_in() -> Result<()> {
        })
        .await?;

-    let developer = read_raw_response_item(&mut mcp, conversation_id).await;
-    assert_developer_message(&developer, "Use the test harness tools.");
-
    let instructions = read_raw_response_item(&mut mcp, conversation_id).await;
    assert_instructions_message(&instructions);

@@ -303,9 +294,7 @@ async fn read_raw_response_item(
        .cloned()
        .expect("raw response item should include msg payload");

-    let event: RawResponseItemEvent =
-        serde_json::from_value(msg_value).expect("deserialize raw response item");
-    event.item
+    serde_json::from_value(msg_value).expect("deserialize raw response item")
 }

 fn assert_instructions_message(item: &ResponseItem) {
@@ -313,11 +302,10 @@ fn assert_instructions_message(item: &ResponseItem) {
        ResponseItem::Message { role, content, .. } => {
            assert_eq!(role, "user");
            let texts = content_texts(content);
-            let is_instructions = texts
-                .iter()
-                .any(|text| text.starts_with("# AGENTS.md instructions for "));
            assert!(
-                is_instructions,
+                texts
+                    .iter()
+                    .any(|text| text.contains("<user_instructions>")),
                "expected instructions message, got {texts:?}"
            );
        }
@@ -325,21 +313,6 @@ fn assert_instructions_message(item: &ResponseItem) {
    }
 }

-fn assert_developer_message(item: &ResponseItem, expected_text: &str) {
-    match item {
-        ResponseItem::Message { role, content, .. } => {
-            assert_eq!(role, "developer");
-            let texts = content_texts(content);
-            assert_eq!(
-                texts,
-                vec![expected_text],
-                "expected developer instructions message, got {texts:?}"
-            );
-        }
-        other => panic!("expected developer instructions message, got {other:?}"),
-    }
-}
-
 fn assert_environment_message(item: &ResponseItem) {
    match item {
        ResponseItem::Message { role, content, .. } => {
--- a/codex-rs/app-server/tests/suite/v2/account.rs
+++ b/codex-rs/app-server/tests/suite/v2/account.rs
@@ -1,99 +0,0 @@
-use anyhow::Result;
-use anyhow::bail;
-use app_test_support::McpProcess;
-use app_test_support::to_response;
-use codex_app_server_protocol::GetAuthStatusParams;
-use codex_app_server_protocol::GetAuthStatusResponse;
-use codex_app_server_protocol::JSONRPCResponse;
-use codex_app_server_protocol::LogoutAccountResponse;
-use codex_app_server_protocol::RequestId;
-use codex_app_server_protocol::ServerNotification;
-use codex_core::auth::AuthCredentialsStoreMode;
-use codex_login::login_with_api_key;
-use pretty_assertions::assert_eq;
-use std::path::Path;
-use tempfile::TempDir;
-use tokio::time::timeout;
-
-const DEFAULT_READ_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(10);
-
-// Helper to create a minimal config.toml for the app server
-fn create_config_toml(codex_home: &Path) -> std::io::Result<()> {
-    let config_toml = codex_home.join("config.toml");
-    std::fs::write(
-        config_toml,
-        r#"
-model = "mock-model"
-approval_policy = "never"
-sandbox_mode = "danger-full-access"
-
-model_provider = "mock_provider"
-
-[model_providers.mock_provider]
-name = "Mock provider for test"
-base_url = "http://127.0.0.1:0/v1"
-wire_api = "chat"
-request_max_retries = 0
-stream_max_retries = 0
-"#,
-    )
-}
-
-#[tokio::test]
-async fn logout_account_removes_auth_and_notifies() -> Result<()> {
-    let codex_home = TempDir::new()?;
-    create_config_toml(codex_home.path())?;
-
-    login_with_api_key(
-        codex_home.path(),
-        "sk-test-key",
-        AuthCredentialsStoreMode::File,
-    )?;
-    assert!(codex_home.path().join("auth.json").exists());
-
-    let mut mcp = McpProcess::new_with_env(codex_home.path(), &[("OPENAI_API_KEY", None)]).await?;
-    timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??;
-
-    let id = mcp.send_logout_account_request().await?;
-    let resp: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(id)),
-    )
-    .await??;
-    let _ok: LogoutAccountResponse = to_response(resp)?;
-
-    let note = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_notification_message("account/updated"),
-    )
-    .await??;
-    let parsed: ServerNotification = note.try_into()?;
-    let ServerNotification::AccountUpdated(payload) = parsed else {
-        bail!("unexpected notification: {parsed:?}");
-    };
-    assert!(
-        payload.auth_method.is_none(),
-        "auth_method should be None after logout"
-    );
-
-    assert!(
-        !codex_home.path().join("auth.json").exists(),
-        "auth.json should be deleted"
-    );
-
-    let status_id = mcp
-        .send_get_auth_status_request(GetAuthStatusParams {
-            include_token: Some(true),
-            refresh_token: Some(false),
-        })
-        .await?;
-    let status_resp: JSONRPCResponse = timeout(
-        DEFAULT_READ_TIMEOUT,
-        mcp.read_stream_until_response_message(RequestId::Integer(status_id)),
-    )
-    .await??;
-    let status: GetAuthStatusResponse = to_response(status_resp)?;
-    assert_eq!(status.auth_method, None);
-    assert_eq!(status.auth_token, None);
-    Ok(())
-}
--- a/codex-rs/app-server/tests/suite/v2/mod.rs
+++ b/codex-rs/app-server/tests/suite/v2/mod.rs
@@ -1,2 +0,0 @@
-// v2 test suite modules
-mod account;
--- a/codex-rs/chatgpt/Cargo.toml
+++ b/codex-rs/chatgpt/Cargo.toml
@@ -14,7 +14,7 @@ codex-core = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 tokio = { workspace = true, features = ["full"] }
-codex-git = { workspace = true }
+codex-git-apply = { path = "../git-apply" }

 [dev-dependencies]
 tempfile = { workspace = true }
--- a/codex-rs/chatgpt/src/apply_command.rs
+++ b/codex-rs/chatgpt/src/apply_command.rs
@@ -59,13 +59,13 @@ pub async fn apply_diff_from_task(

 async fn apply_diff(diff: &str, cwd: Option<PathBuf>) -> anyhow::Result<()> {
    let cwd = cwd.unwrap_or(std::env::current_dir().unwrap_or_else(|_| std::env::temp_dir()));
-    let req = codex_git::ApplyGitRequest {
+    let req = codex_git_apply::ApplyGitRequest {
        cwd,
        diff: diff.to_string(),
        revert: false,
        preflight: false,
    };
-    let res = codex_git::apply_git_patch(&req)?;
+    let res = codex_git_apply::apply_git_patch(&req)?;
    if res.exit_code != 0 {
        anyhow::bail!(
            "Git apply failed (applied={}, skipped={}, conflicts={})\nstdout:\n{}\nstderr:\n{}",
--- a/codex-rs/cli/Cargo.toml
+++ b/codex-rs/cli/Cargo.toml
@@ -39,7 +39,6 @@ ctor = { workspace = true }
 owo-colors = { workspace = true }
 serde_json = { workspace = true }
 supports-color = { workspace = true }
-toml = { workspace = true }
 tokio = { workspace = true, features = [
    "io-std",
    "macros",
@@ -48,9 +47,6 @@ tokio = { workspace = true, features = [
    "signal",
 ] }

-[target.'cfg(target_os = "windows")'.dependencies]
-codex_windows_sandbox = { package = "codex-windows-sandbox", path = "../windows-sandbox-rs" }
-
 [dev-dependencies]
 assert_cmd = { workspace = true }
 assert_matches = { workspace = true }
--- a/codex-rs/cli/src/debug_sandbox.rs
+++ b/codex-rs/cli/src/debug_sandbox.rs
@@ -11,7 +11,6 @@ use codex_protocol::config_types::SandboxMode;

 use crate::LandlockCommand;
 use crate::SeatbeltCommand;
-use crate::WindowsCommand;
 use crate::exit_status::handle_exit_status;

 pub async fn run_command_under_seatbelt(
@@ -52,29 +51,9 @@ pub async fn run_command_under_landlock(
    .await
 }

-pub async fn run_command_under_windows(
-    command: WindowsCommand,
-    codex_linux_sandbox_exe: Option<PathBuf>,
-) -> anyhow::Result<()> {
-    let WindowsCommand {
-        full_auto,
-        config_overrides,
-        command,
-    } = command;
-    run_command_under_sandbox(
-        full_auto,
-        command,
-        config_overrides,
-        codex_linux_sandbox_exe,
-        SandboxType::Windows,
-    )
-    .await
-}
-
 enum SandboxType {
    Seatbelt,
    Landlock,
-    Windows,
 }

 async fn run_command_under_sandbox(
@@ -108,65 +87,6 @@ async fn run_command_under_sandbox(
    let stdio_policy = StdioPolicy::Inherit;
    let env = create_env(&config.shell_environment_policy);

-    // Special-case Windows sandbox: execute and exit the process to emulate inherited stdio.
-    if let SandboxType::Windows = sandbox_type {
-        #[cfg(target_os = "windows")]
-        {
-            use codex_windows_sandbox::run_windows_sandbox_capture;
-
-            let policy_str = match &config.sandbox_policy {
-                codex_core::protocol::SandboxPolicy::DangerFullAccess => "workspace-write",
-                codex_core::protocol::SandboxPolicy::ReadOnly => "read-only",
-                codex_core::protocol::SandboxPolicy::WorkspaceWrite { .. } => "workspace-write",
-            };
-
-            let sandbox_cwd = sandbox_policy_cwd.clone();
-            let cwd_clone = cwd.clone();
-            let env_map = env.clone();
-            let command_vec = command.clone();
-            let base_dir = config.codex_home.clone();
-            let res = tokio::task::spawn_blocking(move || {
-                run_windows_sandbox_capture(
-                    policy_str,
-                    &sandbox_cwd,
-                    command_vec,
-                    &cwd_clone,
-                    env_map,
-                    None,
-                    Some(base_dir.as_path()),
-                )
-            })
-            .await;
-
-            let capture = match res {
-                Ok(Ok(v)) => v,
-                Ok(Err(err)) => {
-                    eprintln!("windows sandbox failed: {err}");
-                    std::process::exit(1);
-                }
-                Err(join_err) => {
-                    eprintln!("windows sandbox join error: {join_err}");
-                    std::process::exit(1);
-                }
-            };
-
-            if !capture.stdout.is_empty() {
-                use std::io::Write;
-                let _ = std::io::stdout().write_all(&capture.stdout);
-            }
-            if !capture.stderr.is_empty() {
-                use std::io::Write;
-                let _ = std::io::stderr().write_all(&capture.stderr);
-            }
-
-            std::process::exit(capture.exit_code);
-        }
-        #[cfg(not(target_os = "windows"))]
-        {
-            anyhow::bail!("Windows sandbox is only available on Windows");
-        }
-    }
-
    let mut child = match sandbox_type {
        SandboxType::Seatbelt => {
            spawn_command_under_seatbelt(
@@ -195,9 +115,6 @@ async fn run_command_under_sandbox(
            )
            .await?
        }
-        SandboxType::Windows => {
-            unreachable!("Windows sandbox should have been handled above");
-        }
    };
    let status = child.wait().await?;

--- a/codex-rs/cli/src/lib.rs
+++ b/codex-rs/cli/src/lib.rs
@@ -32,17 +32,3 @@ pub struct LandlockCommand {
    #[arg(trailing_var_arg = true)]
    pub command: Vec<String>,
 }
-
-#[derive(Debug, Parser)]
-pub struct WindowsCommand {
-    /// Convenience alias for low-friction sandboxed automatic execution (network-disabled sandbox that can write to cwd and TMPDIR)
-    #[arg(long = "full-auto", default_value_t = false)]
-    pub full_auto: bool,
-
-    #[clap(skip)]
-    pub config_overrides: CliConfigOverrides,
-
-    /// Full command args to run under Windows restricted token sandbox.
-    #[arg(trailing_var_arg = true)]
-    pub command: Vec<String>,
-}
--- a/codex-rs/cli/src/main.rs
+++ b/codex-rs/cli/src/main.rs
@@ -7,7 +7,6 @@ use codex_chatgpt::apply_command::ApplyCommand;
 use codex_chatgpt::apply_command::run_apply_command;
 use codex_cli::LandlockCommand;
 use codex_cli::SeatbeltCommand;
-use codex_cli::WindowsCommand;
 use codex_cli::login::read_api_key_from_stdin;
 use codex_cli::login::run_login_status;
 use codex_cli::login::run_login_with_api_key;
@@ -152,9 +151,6 @@ enum SandboxCommand {
    /// Run a command under Landlock+seccomp (Linux only).
    #[clap(visible_alias = "landlock")]
    Linux(LandlockCommand),
-
-    /// Run a command under Windows restricted token (Windows only).
-    Windows(WindowsCommand),
 }

 #[derive(Debug, Parser)]
@@ -476,17 +472,6 @@ async fn cli_main(codex_linux_sandbox_exe: Option<PathBuf>) -> anyhow::Result<()
                )
                .await?;
            }
-            SandboxCommand::Windows(mut windows_cli) => {
-                prepend_config_flags(
-                    &mut windows_cli.config_overrides,
-                    root_config_overrides.clone(),
-                );
-                codex_cli::debug_sandbox::run_command_under_windows(
-                    windows_cli,
-                    codex_linux_sandbox_exe,
-                )
-                .await?;
-            }
        },
        Some(Subcommand::Apply(mut apply_cli)) => {
            prepend_config_flags(
@@ -510,21 +495,15 @@ async fn cli_main(codex_linux_sandbox_exe: Option<PathBuf>) -> anyhow::Result<()
        Some(Subcommand::Features(FeaturesCli { sub })) => match sub {
            FeaturesSubcommand::List => {
                // Respect root-level `-c` overrides plus top-level flags like `--profile`.
-                let mut cli_kv_overrides = root_config_overrides
+                let cli_kv_overrides = root_config_overrides
                    .parse_overrides()
-                    .map_err(anyhow::Error::msg)?;
-
-                // Honor `--search` via the new feature toggle.
-                if interactive.web_search {
-                    cli_kv_overrides.push((
-                        "features.web_search_request".to_string(),
-                        toml::Value::Boolean(true),
-                    ));
-                }
+                    .map_err(|e| anyhow::anyhow!(e))?;

                // Thread through relevant top-level flags (at minimum, `--profile`).
+                // Also honor `--search` since it maps to a feature toggle.
                let overrides = ConfigOverrides {
                    config_profile: interactive.config_profile.clone(),
+                    tools_web_search_request: interactive.web_search.then_some(true),
                    ..Default::default()
                };

--- a/codex-rs/cli/src/mcp_cmd.rs
+++ b/codex-rs/cli/src/mcp_cmd.rs
@@ -9,11 +9,11 @@ use codex_common::CliConfigOverrides;
 use codex_common::format_env_display::format_env_display;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
-use codex_core::config::edit::ConfigEditsBuilder;
 use codex_core::config::find_codex_home;
 use codex_core::config::load_global_mcp_servers;
-use codex_core::config::types::McpServerConfig;
-use codex_core::config::types::McpServerTransportConfig;
+use codex_core::config::write_global_mcp_servers;
+use codex_core::config_types::McpServerConfig;
+use codex_core::config_types::McpServerTransportConfig;
 use codex_core::features::Feature;
 use codex_core::mcp::auth::compute_auth_statuses;
 use codex_core::protocol::McpAuthStatus;
@@ -196,9 +196,7 @@ impl McpCli {

 async fn run_add(config_overrides: &CliConfigOverrides, add_args: AddArgs) -> Result<()> {
    // Validate any provided overrides even though they are not currently applied.
-    let overrides = config_overrides
-        .parse_overrides()
-        .map_err(anyhow::Error::msg)?;
+    let overrides = config_overrides.parse_overrides().map_err(|e| anyhow!(e))?;
    let config = Config::load_with_cli_overrides(overrides, ConfigOverrides::default())
        .await
        .context("failed to load configuration")?;
@@ -265,10 +263,7 @@ async fn run_add(config_overrides: &CliConfigOverrides, add_args: AddArgs) -> Re

    servers.insert(name.clone(), new_entry);

-    ConfigEditsBuilder::new(&codex_home)
-        .replace_mcp_servers(&servers)
-        .apply()
-        .await
+    write_global_mcp_servers(&codex_home, &servers)
        .with_context(|| format!("failed to write MCP servers to {}", codex_home.display()))?;

    println!("Added global MCP server '{name}'.");
@@ -312,9 +307,7 @@ async fn run_add(config_overrides: &CliConfigOverrides, add_args: AddArgs) -> Re
 }

 async fn run_remove(config_overrides: &CliConfigOverrides, remove_args: RemoveArgs) -> Result<()> {
-    config_overrides
-        .parse_overrides()
-        .map_err(anyhow::Error::msg)?;
+    config_overrides.parse_overrides().map_err(|e| anyhow!(e))?;

    let RemoveArgs { name } = remove_args;

@@ -328,10 +321,7 @@ async fn run_remove(config_overrides: &CliConfigOverrides, remove_args: RemoveAr
    let removed = servers.remove(&name).is_some();

    if removed {
-        ConfigEditsBuilder::new(&codex_home)
-            .replace_mcp_servers(&servers)
-            .apply()
-            .await
+        write_global_mcp_servers(&codex_home, &servers)
            .with_context(|| format!("failed to write MCP servers to {}", codex_home.display()))?;
    }

@@ -345,16 +335,14 @@ async fn run_remove(config_overrides: &CliConfigOverrides, remove_args: RemoveAr
 }

 async fn run_login(config_overrides: &CliConfigOverrides, login_args: LoginArgs) -> Result<()> {
-    let overrides = config_overrides
-        .parse_overrides()
-        .map_err(anyhow::Error::msg)?;
+    let overrides = config_overrides.parse_overrides().map_err(|e| anyhow!(e))?;
    let config = Config::load_with_cli_overrides(overrides, ConfigOverrides::default())
        .await
        .context("failed to load configuration")?;

    if !config.features.enabled(Feature::RmcpClient) {
        bail!(
-            "OAuth login is only supported when [features].rmcp_client is true in config.toml. See https://github.com/openai/codex/blob/main/docs/config.md#feature-flags for details."
+            "OAuth login is only supported when experimental_use_rmcp_client is true in config.toml."
        );
    }

@@ -388,9 +376,7 @@ async fn run_login(config_overrides: &CliConfigOverrides, login_args: LoginArgs)
 }

 async fn run_logout(config_overrides: &CliConfigOverrides, logout_args: LogoutArgs) -> Result<()> {
-    let overrides = config_overrides
-        .parse_overrides()
-        .map_err(anyhow::Error::msg)?;
+    let overrides = config_overrides.parse_overrides().map_err(|e| anyhow!(e))?;
    let config = Config::load_with_cli_overrides(overrides, ConfigOverrides::default())
        .await
        .context("failed to load configuration")?;
@@ -417,9 +403,7 @@ async fn run_logout(config_overrides: &CliConfigOverrides, logout_args: LogoutAr
 }

 async fn run_list(config_overrides: &CliConfigOverrides, list_args: ListArgs) -> Result<()> {
-    let overrides = config_overrides
-        .parse_overrides()
-        .map_err(anyhow::Error::msg)?;
+    let overrides = config_overrides.parse_overrides().map_err(|e| anyhow!(e))?;
    let config = Config::load_with_cli_overrides(overrides, ConfigOverrides::default())
        .await
        .context("failed to load configuration")?;
@@ -674,9 +658,7 @@ async fn run_list(config_overrides: &CliConfigOverrides, list_args: ListArgs) ->
 }

 async fn run_get(config_overrides: &CliConfigOverrides, get_args: GetArgs) -> Result<()> {
-    let overrides = config_overrides
-        .parse_overrides()
-        .map_err(anyhow::Error::msg)?;
+    let overrides = config_overrides.parse_overrides().map_err(|e| anyhow!(e))?;
    let config = Config::load_with_cli_overrides(overrides, ConfigOverrides::default())
        .await
        .context("failed to load configuration")?;
--- a/codex-rs/cli/tests/mcp_add_remove.rs
+++ b/codex-rs/cli/tests/mcp_add_remove.rs
@@ -2,7 +2,7 @@ use std::path::Path;

 use anyhow::Result;
 use codex_core::config::load_global_mcp_servers;
-use codex_core::config::types::McpServerTransportConfig;
+use codex_core::config_types::McpServerTransportConfig;
 use predicates::str::contains;
 use pretty_assertions::assert_eq;
 use tempfile::TempDir;
--- a/codex-rs/cli/tests/mcp_list.rs
+++ b/codex-rs/cli/tests/mcp_list.rs
@@ -1,9 +1,9 @@
 use std::path::Path;

 use anyhow::Result;
-use codex_core::config::edit::ConfigEditsBuilder;
 use codex_core::config::load_global_mcp_servers;
-use codex_core::config::types::McpServerTransportConfig;
+use codex_core::config::write_global_mcp_servers;
+use codex_core::config_types::McpServerTransportConfig;
 use predicates::prelude::PredicateBooleanExt;
 use predicates::str::contains;
 use pretty_assertions::assert_eq;
@@ -59,9 +59,7 @@ async fn list_and_get_render_expected_output() -> Result<()> {
        }
        other => panic!("unexpected transport: {other:?}"),
    }
-    ConfigEditsBuilder::new(codex_home.path())
-        .replace_mcp_servers(&servers)
-        .apply_blocking()?;
+    write_global_mcp_servers(codex_home.path(), &servers)?;

    let mut list_cmd = codex_command(codex_home.path())?;
    let list_output = list_cmd.args(["mcp", "list"]).output()?;
@@ -151,9 +149,7 @@ async fn get_disabled_server_shows_single_line() -> Result<()> {
        .get_mut("docs")
        .expect("docs server should exist after add");
    docs.enabled = false;
-    ConfigEditsBuilder::new(codex_home.path())
-        .replace_mcp_servers(&servers)
-        .apply_blocking()?;
+    write_global_mcp_servers(codex_home.path(), &servers)?;

    let mut get_cmd = codex_command(codex_home.path())?;
    let get_output = get_cmd.args(["mcp", "get", "docs"]).output()?;
--- a/codex-rs/cloud-tasks-client/Cargo.toml
+++ b/codex-rs/cloud-tasks-client/Cargo.toml
@@ -22,6 +22,6 @@ chrono = { version = "0.4", features = ["serde"] }
 diffy = "0.4.2"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
-thiserror = "2.0.17"
+thiserror = "2.0.12"
 codex-backend-client = { path = "../backend-client", optional = true }
-codex-git = { workspace = true }
+codex-git-apply = { path = "../git-apply" }
--- a/codex-rs/cloud-tasks-client/src/http.rs
+++ b/codex-rs/cloud-tasks-client/src/http.rs
@@ -362,13 +362,13 @@ mod api {
                });
            }

-            let req = codex_git::ApplyGitRequest {
+            let req = codex_git_apply::ApplyGitRequest {
                cwd: std::env::current_dir().unwrap_or_else(|_| std::env::temp_dir()),
                diff: diff.clone(),
                revert: false,
                preflight,
            };
-            let r = codex_git::apply_git_patch(&req)
+            let r = codex_git_apply::apply_git_patch(&req)
                .map_err(|e| CloudTaskError::Io(format!("git apply failed to run: {e}")))?;

            let status = if r.exit_code == 0 {
--- a/codex-rs/cloud-tasks-client/src/lib.rs
+++ b/codex-rs/cloud-tasks-client/src/lib.rs
@@ -26,4 +26,4 @@ pub use mock::MockClient;
 #[cfg(feature = "online")]
 pub use http::HttpClient;

-// Reusable apply engine now lives in the shared crate `codex-git`.
+// Reusable apply engine now lives in the shared crate `codex-git-apply`.
--- a/codex-rs/cloud-tasks/src/lib.rs
+++ b/codex-rs/cloud-tasks/src/lib.rs
@@ -1095,19 +1095,7 @@ pub async fn run_main(cli: Cli, _codex_linux_sandbox_exe: Option<PathBuf>) -> an
                                                let backend = Arc::clone(&backend);
                                                let best_of_n = page.best_of_n;
                                                tokio::spawn(async move {
-                                                    let git_ref = if let Ok(cwd) = std::env::current_dir() {
-                                                        if let Some(branch) = codex_core::git_info::default_branch_name(&cwd).await {
-                                                            branch
-                                                        } else if let Some(branch) = codex_core::git_info::current_branch_name(&cwd).await {
-                                                            branch
-                                                        } else {
-                                                            "main".to_string()
-                                                        }
-                                                    } else {
-                                                        "main".to_string()
-                                                    };
-
-                                                    let result = codex_cloud_tasks_client::CloudBackend::create_task(&*backend, &env, &text, &git_ref, false, best_of_n).await;
+                                                    let result = codex_cloud_tasks_client::CloudBackend::create_task(&*backend, &env, &text, "main", false, best_of_n).await;
                                                    let evt = match result {
                                                        Ok(ok) => app::AppEvent::NewTaskSubmitted(Ok(ok)),
                                                        Err(e) => app::AppEvent::NewTaskSubmitted(Err(format!("{e}"))),
--- a/codex-rs/codex-backend-openapi-models/Cargo.toml
+++ b/codex-rs/codex-backend-openapi-models/Cargo.toml
@@ -16,6 +16,3 @@ path = "src/lib.rs"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 serde_with = "3"
-
-[package.metadata.cargo-shear]
-ignored = ["serde_with"]
--- a/codex-rs/core/Cargo.toml
+++ b/codex-rs/core/Cargo.toml
@@ -23,7 +23,7 @@ codex-app-server-protocol = { workspace = true }
 codex-apply-patch = { workspace = true }
 codex-async-utils = { workspace = true }
 codex-file-search = { workspace = true }
-codex-git = { workspace = true }
+codex-git-tooling = { workspace = true }
 codex-keyring-store = { workspace = true }
 codex-otel = { workspace = true, features = ["otel"] }
 codex-protocol = { workspace = true }
@@ -80,10 +80,9 @@ toml_edit = { workspace = true }
 tracing = { workspace = true, features = ["log"] }
 tree-sitter = { workspace = true }
 tree-sitter-bash = { workspace = true }
-uuid = { workspace = true, features = ["serde", "v4", "v5"] }
+uuid = { workspace = true, features = ["serde", "v4"] }
 which = { workspace = true }
 wildmatch = { workspace = true }
-codex_windows_sandbox = { package = "codex-windows-sandbox", path = "../windows-sandbox-rs" }


 [target.'cfg(target_os = "linux")'.dependencies]
--- a/codex-rs/core/review_prompt.md
+++ b/codex-rs/core/review_prompt.md
@@ -82,6 +82,6 @@ OUTPUT FORMAT:

 * **Do not** wrap the JSON in markdown fences or extra prose.
 * The code_location field is required and must include absolute_file_path and line_range.
-* Line ranges must be as short as possible for interpreting the issue (avoid ranges over 5–10 lines; pick the most suitable subrange).
+*Line ranges must be as short as possible for interpreting the issue (avoid ranges over 5–10 lines; pick the most suitable subrange).
 * The code_location should overlap with the diff.
-* Do not generate a PR fix.
+* Do not generate a PR fix.
--- a/codex-rs/core/src/apply_patch.rs
+++ b/codex-rs/core/src/apply_patch.rs
@@ -61,13 +61,7 @@ pub(crate) async fn apply_patch(
            // that similar patches can be auto-approved in the future during
            // this session.
            let rx_approve = sess
-                .request_patch_approval(
-                    turn_context,
-                    call_id.to_owned(),
-                    convert_apply_patch_to_protocol(&action),
-                    None,
-                    None,
-                )
+                .request_patch_approval(turn_context, call_id.to_owned(), &action, None, None)
                .await;
            match rx_approve.await.unwrap_or_default() {
                ReviewDecision::Approved | ReviewDecision::ApprovedForSession => {
--- a/codex-rs/core/src/auth.rs
+++ b/codex-rs/core/src/auth.rs
@@ -25,7 +25,6 @@ use crate::default_client::CodexHttpClient;
 use crate::token_data::PlanType;
 use crate::token_data::TokenData;
 use crate::token_data::parse_id_token;
-use crate::util::try_parse_error_message;

 #[derive(Debug, Clone)]
 pub struct CodexAuth {
@@ -43,9 +42,6 @@ impl PartialEq for CodexAuth {
    }
 }

-// TODO(pakrym): use token exp field to check for expiration instead
-const TOKEN_REFRESH_INTERVAL: i64 = 8;
-
 impl CodexAuth {
    pub async fn refresh_token(&self) -> Result<String, std::io::Error> {
        tracing::info!("Refreshing token");
@@ -98,7 +94,7 @@ impl CodexAuth {
                last_refresh: Some(last_refresh),
                ..
            }) => {
-                if last_refresh < Utc::now() - chrono::Duration::days(TOKEN_REFRESH_INTERVAL) {
+                if last_refresh < Utc::now() - chrono::Duration::days(28) {
                    let refresh_response = tokio::time::timeout(
                        Duration::from_secs(60),
                        try_refresh_token(tokens.refresh_token.clone(), &self.client),
@@ -450,9 +446,8 @@ async fn try_refresh_token(
        Ok(refresh_response)
    } else {
        Err(std::io::Error::other(format!(
-            "Failed to refresh token: {}: {}",
-            response.status(),
-            try_parse_error_message(&response.text().await.unwrap_or_default()),
+            "Failed to refresh token: {}",
+            response.status()
        )))
    }
 }
--- a/codex-rs/core/src/chat_completions.rs
+++ b/codex-rs/core/src/chat_completions.rs
@@ -20,8 +20,6 @@ use codex_protocol::models::ContentItem;
 use codex_protocol::models::FunctionCallOutputContentItem;
 use codex_protocol::models::ReasoningItemContent;
 use codex_protocol::models::ResponseItem;
-use codex_protocol::protocol::SessionSource;
-use codex_protocol::protocol::SubAgentSource;
 use eventsource_stream::Eventsource;
 use futures::Stream;
 use futures::StreamExt;
@@ -43,7 +41,6 @@ pub(crate) async fn stream_chat_completions(
    client: &CodexHttpClient,
    provider: &ModelProviderInfo,
    otel_event_manager: &OtelEventManager,
-    session_source: &SessionSource,
 ) -> Result<ResponseStream> {
    if prompt.output_schema.is_some() {
        return Err(CodexErr::UnsupportedOperation(
@@ -346,20 +343,7 @@ pub(crate) async fn stream_chat_completions(
    loop {
        attempt += 1;

-        let mut req_builder = provider.create_request_builder(client, &None).await?;
-
-        // Include subagent header only for subagent sessions.
-        if let SessionSource::SubAgent(sub) = session_source.clone() {
-            let subagent = if let SubAgentSource::Other(label) = sub {
-                label
-            } else {
-                serde_json::to_value(&sub)
-                    .ok()
-                    .and_then(|v| v.as_str().map(std::string::ToString::to_string))
-                    .unwrap_or_else(|| "other".to_string())
-            };
-            req_builder = req_builder.header("x-openai-subagent", subagent);
-        }
+        let req_builder = provider.create_request_builder(client, &None).await?;

        let res = otel_event_manager
            .log_request(attempt, || {
@@ -429,61 +413,6 @@ pub(crate) async fn stream_chat_completions(
    }
 }

-async fn append_assistant_text(
-    tx_event: &mpsc::Sender<Result<ResponseEvent>>,
-    assistant_item: &mut Option<ResponseItem>,
-    text: String,
-) {
-    if assistant_item.is_none() {
-        let item = ResponseItem::Message {
-            id: None,
-            role: "assistant".to_string(),
-            content: vec![],
-        };
-        *assistant_item = Some(item.clone());
-        let _ = tx_event
-            .send(Ok(ResponseEvent::OutputItemAdded(item)))
-            .await;
-    }
-
-    if let Some(ResponseItem::Message { content, .. }) = assistant_item {
-        content.push(ContentItem::OutputText { text: text.clone() });
-        let _ = tx_event
-            .send(Ok(ResponseEvent::OutputTextDelta(text.clone())))
-            .await;
-    }
-}
-
-async fn append_reasoning_text(
-    tx_event: &mpsc::Sender<Result<ResponseEvent>>,
-    reasoning_item: &mut Option<ResponseItem>,
-    text: String,
-) {
-    if reasoning_item.is_none() {
-        let item = ResponseItem::Reasoning {
-            id: String::new(),
-            summary: Vec::new(),
-            content: Some(vec![]),
-            encrypted_content: None,
-        };
-        *reasoning_item = Some(item.clone());
-        let _ = tx_event
-            .send(Ok(ResponseEvent::OutputItemAdded(item)))
-            .await;
-    }
-
-    if let Some(ResponseItem::Reasoning {
-        content: Some(content),
-        ..
-    }) = reasoning_item
-    {
-        content.push(ReasoningItemContent::ReasoningText { text: text.clone() });
-
-        let _ = tx_event
-            .send(Ok(ResponseEvent::ReasoningContentDelta(text.clone())))
-            .await;
-    }
-}
 /// Lightweight SSE processor for the Chat Completions streaming format. The
 /// output is mapped onto Codex's internal [`ResponseEvent`] so that the rest
 /// of the pipeline can stay agnostic of the underlying wire format.
@@ -511,8 +440,8 @@ async fn process_chat_sse<S>(
    }

    let mut fn_call_state = FunctionCallState::default();
-    let mut assistant_item: Option<ResponseItem> = None;
-    let mut reasoning_item: Option<ResponseItem> = None;
+    let mut assistant_text = String::new();
+    let mut reasoning_text = String::new();

    loop {
        let start = std::time::Instant::now();
@@ -553,11 +482,26 @@ async fn process_chat_sse<S>(
        if sse.data.trim() == "[DONE]" {
            // Emit any finalized items before closing so downstream consumers receive
            // terminal events for both assistant content and raw reasoning.
-            if let Some(item) = assistant_item {
+            if !assistant_text.is_empty() {
+                let item = ResponseItem::Message {
+                    role: "assistant".to_string(),
+                    content: vec![ContentItem::OutputText {
+                        text: std::mem::take(&mut assistant_text),
+                    }],
+                    id: None,
+                };
                let _ = tx_event.send(Ok(ResponseEvent::OutputItemDone(item))).await;
            }

-            if let Some(item) = reasoning_item {
+            if !reasoning_text.is_empty() {
+                let item = ResponseItem::Reasoning {
+                    id: String::new(),
+                    summary: Vec::new(),
+                    content: Some(vec![ReasoningItemContent::ReasoningText {
+                        text: std::mem::take(&mut reasoning_text),
+                    }]),
+                    encrypted_content: None,
+                };
                let _ = tx_event.send(Ok(ResponseEvent::OutputItemDone(item))).await;
            }

@@ -587,7 +531,10 @@ async fn process_chat_sse<S>(
                .and_then(|c| c.as_str())
                && !content.is_empty()
            {
-                append_assistant_text(&tx_event, &mut assistant_item, content.to_string()).await;
+                assistant_text.push_str(content);
+                let _ = tx_event
+                    .send(Ok(ResponseEvent::OutputTextDelta(content.to_string())))
+                    .await;
            }

            // Forward any reasoning/thinking deltas if present.
@@ -617,7 +564,10 @@ async fn process_chat_sse<S>(

                if let Some(reasoning) = maybe_text {
                    // Accumulate so we can emit a terminal Reasoning item at the end.
-                    append_reasoning_text(&tx_event, &mut reasoning_item, reasoning).await;
+                    reasoning_text.push_str(&reasoning);
+                    let _ = tx_event
+                        .send(Ok(ResponseEvent::ReasoningContentDelta(reasoning)))
+                        .await;
                }
            }

@@ -627,7 +577,10 @@ async fn process_chat_sse<S>(
                // Accept either a plain string or an object with { text | content }
                if let Some(s) = message_reasoning.as_str() {
                    if !s.is_empty() {
-                        append_reasoning_text(&tx_event, &mut reasoning_item, s.to_string()).await;
+                        reasoning_text.push_str(s);
+                        let _ = tx_event
+                            .send(Ok(ResponseEvent::ReasoningContentDelta(s.to_string())))
+                            .await;
                    }
                } else if let Some(obj) = message_reasoning.as_object()
                    && let Some(s) = obj
@@ -636,7 +589,10 @@ async fn process_chat_sse<S>(
                        .or_else(|| obj.get("content").and_then(|v| v.as_str()))
                    && !s.is_empty()
                {
-                    append_reasoning_text(&tx_event, &mut reasoning_item, s.to_string()).await;
+                    reasoning_text.push_str(s);
+                    let _ = tx_event
+                        .send(Ok(ResponseEvent::ReasoningContentDelta(s.to_string())))
+                        .await;
                }
            }

@@ -674,7 +630,15 @@ async fn process_chat_sse<S>(
                    "tool_calls" if fn_call_state.active => {
                        // First, flush the terminal raw reasoning so UIs can finalize
                        // the reasoning stream before any exec/tool events begin.
-                        if let Some(item) = reasoning_item.take() {
+                        if !reasoning_text.is_empty() {
+                            let item = ResponseItem::Reasoning {
+                                id: String::new(),
+                                summary: Vec::new(),
+                                content: Some(vec![ReasoningItemContent::ReasoningText {
+                                    text: std::mem::take(&mut reasoning_text),
+                                }]),
+                                encrypted_content: None,
+                            };
                            let _ = tx_event.send(Ok(ResponseEvent::OutputItemDone(item))).await;
                        }

@@ -691,11 +655,26 @@ async fn process_chat_sse<S>(
                    "stop" => {
                        // Regular turn without tool-call. Emit the final assistant message
                        // as a single OutputItemDone so non-delta consumers see the result.
-                        if let Some(item) = assistant_item.take() {
+                        if !assistant_text.is_empty() {
+                            let item = ResponseItem::Message {
+                                role: "assistant".to_string(),
+                                content: vec![ContentItem::OutputText {
+                                    text: std::mem::take(&mut assistant_text),
+                                }],
+                                id: None,
+                            };
                            let _ = tx_event.send(Ok(ResponseEvent::OutputItemDone(item))).await;
                        }
                        // Also emit a terminal Reasoning item so UIs can finalize raw reasoning.
-                        if let Some(item) = reasoning_item.take() {
+                        if !reasoning_text.is_empty() {
+                            let item = ResponseItem::Reasoning {
+                                id: String::new(),
+                                summary: Vec::new(),
+                                content: Some(vec![ReasoningItemContent::ReasoningText {
+                                    text: std::mem::take(&mut reasoning_text),
+                                }]),
+                                encrypted_content: None,
+                            };
                            let _ = tx_event.send(Ok(ResponseEvent::OutputItemDone(item))).await;
                        }
                    }
@@ -914,8 +893,8 @@ where
                Poll::Ready(Some(Ok(ResponseEvent::ReasoningSummaryPartAdded))) => {
                    continue;
                }
-                Poll::Ready(Some(Ok(ResponseEvent::OutputItemAdded(item)))) => {
-                    return Poll::Ready(Some(Ok(ResponseEvent::OutputItemAdded(item))));
+                Poll::Ready(Some(Ok(ResponseEvent::WebSearchCallBegin { call_id }))) => {
+                    return Poll::Ready(Some(Ok(ResponseEvent::WebSearchCallBegin { call_id })));
                }
            }
        }
--- a/codex-rs/core/src/client.rs
+++ b/codex-rs/core/src/client.rs
@@ -13,7 +13,6 @@ use codex_protocol::ConversationId;
 use codex_protocol::config_types::ReasoningEffort as ReasoningEffortConfig;
 use codex_protocol::config_types::ReasoningSummary as ReasoningSummaryConfig;
 use codex_protocol::models::ResponseItem;
-use codex_protocol::protocol::SessionSource;
 use eventsource_stream::Eventsource;
 use futures::prelude::*;
 use regex_lite::Regex;
@@ -57,6 +56,7 @@ use crate::openai_model_info::get_model_info;
 use crate::protocol::RateLimitSnapshot;
 use crate::protocol::RateLimitWindow;
 use crate::protocol::TokenUsage;
+use crate::state::TaskKind;
 use crate::token_data::PlanType;
 use crate::tools::spec::create_tools_json_for_responses_api;
 use crate::util::backoff;
@@ -87,10 +87,8 @@ pub struct ModelClient {
    conversation_id: ConversationId,
    effort: Option<ReasoningEffortConfig>,
    summary: ReasoningSummaryConfig,
-    session_source: SessionSource,
 }

-#[allow(clippy::too_many_arguments)]
 impl ModelClient {
    pub fn new(
        config: Arc<Config>,
@@ -100,7 +98,6 @@ impl ModelClient {
        effort: Option<ReasoningEffortConfig>,
        summary: ReasoningSummaryConfig,
        conversation_id: ConversationId,
-        session_source: SessionSource,
    ) -> Self {
        let client = create_client();

@@ -113,7 +110,6 @@ impl ModelClient {
            conversation_id,
            effort,
            summary,
-            session_source,
        }
    }

@@ -131,6 +127,13 @@ impl ModelClient {
        })
    }

+    /// Dispatches to either the Responses or Chat implementation depending on
+    /// the provider config.  Public callers always invoke `stream()` – the
+    /// specialised helpers are private to avoid accidental misuse.
+    pub async fn stream(&self, prompt: &Prompt) -> Result<ResponseStream> {
+        self.stream_with_task_kind(prompt, TaskKind::Regular).await
+    }
+
    pub fn config(&self) -> Arc<Config> {
        Arc::clone(&self.config)
    }
@@ -139,9 +142,13 @@ impl ModelClient {
        &self.provider
    }

-    pub async fn stream(&self, prompt: &Prompt) -> Result<ResponseStream> {
+    pub(crate) async fn stream_with_task_kind(
+        &self,
+        prompt: &Prompt,
+        task_kind: TaskKind,
+    ) -> Result<ResponseStream> {
        match self.provider.wire_api {
-            WireApi::Responses => self.stream_responses(prompt).await,
+            WireApi::Responses => self.stream_responses(prompt, task_kind).await,
            WireApi::Chat => {
                // Create the raw streaming connection first.
                let response_stream = stream_chat_completions(
@@ -150,7 +157,6 @@ impl ModelClient {
                    &self.client,
                    &self.provider,
                    &self.otel_event_manager,
-                    &self.session_source,
                )
                .await?;

@@ -183,7 +189,11 @@ impl ModelClient {
    }

    /// Implementation for the OpenAI *Responses* experimental API.
-    async fn stream_responses(&self, prompt: &Prompt) -> Result<ResponseStream> {
+    async fn stream_responses(
+        &self,
+        prompt: &Prompt,
+        task_kind: TaskKind,
+    ) -> Result<ResponseStream> {
        if let Some(path) = &*CODEX_RS_SSE_FIXTURE {
            // short circuit for tests
            warn!(path, "Streaming from fixture");
@@ -216,12 +226,10 @@ impl ModelClient {
        let verbosity = if self.config.model_family.support_verbosity {
            self.config.model_verbosity
        } else {
-            if self.config.model_verbosity.is_some() {
-                warn!(
-                    "model_verbosity is set but ignored as the model does not support verbosity: {}",
-                    self.config.model_family.family
-                );
-            }
+            warn!(
+                "model_verbosity is set but ignored as the model does not support verbosity: {}",
+                self.config.model_family.family
+            );
            None
        };

@@ -260,7 +268,7 @@ impl ModelClient {
        let max_attempts = self.provider.request_max_retries();
        for attempt in 0..=max_attempts {
            match self
-                .attempt_stream_responses(attempt, &payload_json, &auth_manager)
+                .attempt_stream_responses(attempt, &payload_json, &auth_manager, task_kind)
                .await
            {
                Ok(stream) => {
@@ -288,6 +296,7 @@ impl ModelClient {
        attempt: u64,
        payload_json: &Value,
        auth_manager: &Option<Arc<AuthManager>>,
+        task_kind: TaskKind,
    ) -> std::result::Result<ResponseStream, StreamAttemptError> {
        // Always fetch the latest auth in case a prior attempt refreshed the token.
        let auth = auth_manager.as_ref().and_then(|m| m.auth());
@@ -305,24 +314,13 @@ impl ModelClient {
            .await
            .map_err(StreamAttemptError::Fatal)?;

-        // Include subagent header only for subagent sessions.
-        if let SessionSource::SubAgent(sub) = &self.session_source {
-            let subagent = if let crate::protocol::SubAgentSource::Other(label) = sub {
-                label.clone()
-            } else {
-                serde_json::to_value(sub)
-                    .ok()
-                    .and_then(|v| v.as_str().map(std::string::ToString::to_string))
-                    .unwrap_or_else(|| "other".to_string())
-            };
-            req_builder = req_builder.header("x-openai-subagent", subagent);
-        }
-
        req_builder = req_builder
+            .header("OpenAI-Beta", "responses=experimental")
            // Send session_id for compatibility.
            .header("conversation_id", self.conversation_id.to_string())
            .header("session_id", self.conversation_id.to_string())
            .header(reqwest::header::ACCEPT, "text/event-stream")
+            .header("Codex-Task-Type", task_kind.header_value())
            .json(payload_json);

        if let Some(auth) = auth.as_ref()
@@ -465,10 +463,6 @@ impl ModelClient {
        self.otel_event_manager.clone()
    }

-    pub fn get_session_source(&self) -> SessionSource {
-        self.session_source.clone()
-    }
-
    /// Returns the currently configured model slug.
    pub fn get_model(&self) -> String {
        self.config.model.clone()
@@ -876,15 +870,21 @@ async fn process_sse<S>(
            | "response.in_progress"
            | "response.output_text.done" => {}
            "response.output_item.added" => {
-                let Some(item_val) = event.item else { continue };
-                let Ok(item) = serde_json::from_value::<ResponseItem>(item_val) else {
-                    debug!("failed to parse ResponseItem from output_item.done");
-                    continue;
-                };
-
-                let event = ResponseEvent::OutputItemAdded(item);
-                if tx_event.send(Ok(event)).await.is_err() {
-                    return;
+                if let Some(item) = event.item.as_ref() {
+                    // Detect web_search_call begin and forward a synthetic event upstream.
+                    if let Some(ty) = item.get("type").and_then(|v| v.as_str())
+                        && ty == "web_search_call"
+                    {
+                        let call_id = item
+                            .get("id")
+                            .and_then(|v| v.as_str())
+                            .unwrap_or("")
+                            .to_string();
+                        let ev = ResponseEvent::WebSearchCallBegin { call_id };
+                        if tx_event.send(Ok(ev)).await.is_err() {
+                            return;
+                        }
+                    }
                }
            }
            "response.reasoning_summary_part.added" => {
@@ -931,10 +931,8 @@ async fn stream_from_fixture(
 fn rate_limit_regex() -> &'static Regex {
    static RE: OnceLock<Regex> = OnceLock::new();

-    // Match both OpenAI-style messages like "Please try again in 1.898s"
-    // and Azure OpenAI-style messages like "Try again in 35 seconds".
    #[expect(clippy::unwrap_used)]
-    RE.get_or_init(|| Regex::new(r"(?i)try again in\s*(\d+(?:\.\d+)?)\s*(s|ms|seconds?)").unwrap())
+    RE.get_or_init(|| Regex::new(r"Please try again in (\d+(?:\.\d+)?)(s|ms)").unwrap())
 }

 fn try_parse_retry_after(err: &Error) -> Option<Duration> {
@@ -942,8 +940,7 @@ fn try_parse_retry_after(err: &Error) -> Option<Duration> {
        return None;
    }

-    // parse retry hints like "try again in 1.898s" or
-    // "Try again in 35 seconds" using regex
+    // parse the Please try again in 1.898s format using regex
    let re = rate_limit_regex();
    if let Some(message) = &err.message
        && let Some(captures) = re.captures(message)
@@ -953,9 +950,9 @@ fn try_parse_retry_after(err: &Error) -> Option<Duration> {

        if let (Some(value), Some(unit)) = (seconds, unit) {
            let value = value.as_str().parse::<f64>().ok()?;
-            let unit = unit.as_str().to_ascii_lowercase();
+            let unit = unit.as_str();

-            if unit == "s" || unit.starts_with("second") {
+            if unit == "s" {
                return Some(Duration::from_secs_f64(value));
            } else if unit == "ms" {
                return Some(Duration::from_millis(value as u64));
@@ -1430,19 +1427,6 @@ mod tests {
        assert_eq!(delay, Some(Duration::from_secs_f64(1.898)));
    }

-    #[test]
-    fn test_try_parse_retry_after_azure() {
-        let err = Error {
-            r#type: None,
-            message: Some("Rate limit exceeded. Try again in 35 seconds.".to_string()),
-            code: Some("rate_limit_exceeded".to_string()),
-            plan_type: None,
-            resets_at: None,
-        };
-        let delay = try_parse_retry_after(&err);
-        assert_eq!(delay, Some(Duration::from_secs(35)));
-    }
-
    #[test]
    fn error_response_deserializes_schema_known_plan_type_and_serializes_back() {
        use crate::token_data::KnownPlan;
--- a/codex-rs/core/src/client_common.rs
+++ b/codex-rs/core/src/client_common.rs
@@ -23,11 +23,6 @@ use tokio::sync::mpsc;
 /// Review thread system prompt. Edit `core/src/review_prompt.md` to customize.
 pub const REVIEW_PROMPT: &str = include_str!("../review_prompt.md");

-// Centralized templates for review-related user messages
-pub const REVIEW_EXIT_SUCCESS_TMPL: &str = include_str!("../templates/review/exit_success.xml");
-pub const REVIEW_EXIT_INTERRUPTED_TMPL: &str =
-    include_str!("../templates/review/exit_interrupted.xml");
-
 /// API request payload for a single model turn
 #[derive(Default, Debug, Clone)]
 pub struct Prompt {
@@ -197,7 +192,6 @@ fn strip_total_output_header(output: &str) -> Option<&str> {
 pub enum ResponseEvent {
    Created,
    OutputItemDone(ResponseItem),
-    OutputItemAdded(ResponseItem),
    Completed {
        response_id: String,
        token_usage: Option<TokenUsage>,
@@ -206,6 +200,9 @@ pub enum ResponseEvent {
    ReasoningSummaryDelta(String),
    ReasoningContentDelta(String),
    ReasoningSummaryPartAdded,
+    WebSearchCallBegin {
+        call_id: String,
+    },
    RateLimits(RateLimitSnapshot),
 }

--- a/codex-rs/core/src/codex.rs
+++ b/codex-rs/core/src/codex.rs
--- a/codex-rs/core/src/codex/compact.rs
+++ b/codex-rs/core/src/codex/compact.rs
@@ -2,6 +2,7 @@ use std::sync::Arc;

 use super::Session;
 use super::TurnContext;
+use super::filter_model_visible_history;
 use super::get_last_assistant_message_from_turn;
 use crate::Prompt;
 use crate::client_common::ResponseEvent;
@@ -13,9 +14,10 @@ use crate::protocol::ErrorEvent;
 use crate::protocol::EventMsg;
 use crate::protocol::TaskStartedEvent;
 use crate::protocol::TurnContextItem;
-use crate::protocol::WarningEvent;
+use crate::state::TaskKind;
 use crate::truncate::truncate_middle;
 use crate::util::backoff;
+use askama::Template;
 use codex_protocol::items::TurnItem;
 use codex_protocol::models::ContentItem;
 use codex_protocol::models::ResponseInputItem;
@@ -28,12 +30,20 @@ use tracing::error;
 pub const SUMMARIZATION_PROMPT: &str = include_str!("../../templates/compact/prompt.md");
 const COMPACT_USER_MESSAGE_MAX_TOKENS: usize = 20_000;

+#[derive(Template)]
+#[template(path = "compact/history_bridge.md", escape = "none")]
+struct HistoryBridgeTemplate<'a> {
+    user_messages_text: &'a str,
+    summary_text: &'a str,
+}
+
 pub(crate) async fn run_inline_auto_compact_task(
    sess: Arc<Session>,
    turn_context: Arc<TurnContext>,
 ) {
-    let prompt = turn_context.compact_prompt().to_string();
-    let input = vec![UserInput::Text { text: prompt }];
+    let input = vec![UserInput::Text {
+        text: SUMMARIZATION_PROMPT.to_string(),
+    }];
    run_compact_task_inner(sess, turn_context, input).await;
 }

@@ -76,9 +86,10 @@ async fn run_compact_task_inner(
    sess.persist_rollout_items(&[rollout_item]).await;

    loop {
-        let turn_input = history.get_history_for_prompt();
+        let turn_input = history.get_history();
+        let prompt_input = filter_model_visible_history(turn_input.clone());
        let prompt = Prompt {
-            input: turn_input.clone(),
+            input: prompt_input.clone(),
            ..Default::default()
        };
        let attempt_result = drain_to_completed(&sess, turn_context.as_ref(), &prompt).await;
@@ -100,7 +111,7 @@ async fn run_compact_task_inner(
                return;
            }
            Err(e @ CodexErr::ContextWindowExceeded) => {
-                if turn_input.len() > 1 {
+                if prompt_input.len() > 1 {
                    // Trim from the beginning to preserve cache (prefix-based) and keep recent messages intact.
                    error!(
                        "Context window exceeded while compacting; removing oldest history item. Error: {e}"
@@ -139,10 +150,9 @@ async fn run_compact_task_inner(
        }
    }

-    let history_snapshot = sess.clone_history().await.get_history();
+    let history_snapshot = sess.history_snapshot().await;
    let summary_text = get_last_assistant_message_from_turn(&history_snapshot).unwrap_or_default();
    let user_messages = collect_user_messages(&history_snapshot);
-
    let initial_context = sess.build_initial_context(turn_context.as_ref());
    let mut new_history = build_compacted_history(initial_context, &user_messages, &summary_text);
    let ghost_snapshots: Vec<ResponseItem> = history_snapshot
@@ -162,11 +172,6 @@ async fn run_compact_task_inner(
        message: "Compact task completed".to_string(),
    });
    sess.send_event(&turn_context, event).await;
-
-    let warning = EventMsg::Warning(WarningEvent {
-        message: "Heads up: Long conversations and multiple compactions can cause the model to be less accurate. Start new a new conversation when possible to keep conversations small and targeted.".to_string(),
-    });
-    sess.send_event(&turn_context, warning).await;
 }

 pub fn content_items_to_text(content: &[ContentItem]) -> Option<String> {
@@ -217,47 +222,33 @@ fn build_compacted_history_with_limit(
    summary_text: &str,
    max_bytes: usize,
 ) -> Vec<ResponseItem> {
-    let mut selected_messages: Vec<String> = Vec::new();
-    if max_bytes > 0 {
-        let mut remaining = max_bytes;
-        for message in user_messages.iter().rev() {
-            if remaining == 0 {
-                break;
-            }
-            if message.len() <= remaining {
-                selected_messages.push(message.clone());
-                remaining = remaining.saturating_sub(message.len());
-            } else {
-                let (truncated, _) = truncate_middle(message, remaining);
-                selected_messages.push(truncated);
-                break;
-            }
-        }
-        selected_messages.reverse();
+    let mut user_messages_text = if user_messages.is_empty() {
+        "(none)".to_string()
+    } else {
+        user_messages.join("\n\n")
+    };
+    // Truncate the concatenated prior user messages so the bridge message
+    // stays well under the context window (approx. 4 bytes/token).
+    if user_messages_text.len() > max_bytes {
+        user_messages_text = truncate_middle(&user_messages_text, max_bytes).0;
    }
-
-    for message in &selected_messages {
-        history.push(ResponseItem::Message {
-            id: None,
-            role: "user".to_string(),
-            content: vec![ContentItem::InputText {
-                text: message.clone(),
-            }],
-        });
-    }
-
    let summary_text = if summary_text.is_empty() {
        "(no summary available)".to_string()
    } else {
        summary_text.to_string()
    };
-
+    let Ok(bridge) = HistoryBridgeTemplate {
+        user_messages_text: &user_messages_text,
+        summary_text: &summary_text,
+    }
+    .render() else {
+        return vec![];
+    };
    history.push(ResponseItem::Message {
        id: None,
        role: "user".to_string(),
-        content: vec![ContentItem::InputText { text: summary_text }],
+        content: vec![ContentItem::InputText { text: bridge }],
    });
-
    history
 }

@@ -266,7 +257,11 @@ async fn drain_to_completed(
    turn_context: &TurnContext,
    prompt: &Prompt,
 ) -> CodexResult<()> {
-    let mut stream = turn_context.client.clone().stream(prompt).await?;
+    let mut stream = turn_context
+        .client
+        .clone()
+        .stream_with_task_kind(prompt, TaskKind::Compact)
+        .await?;
    loop {
        let maybe_event = stream.next().await;
        let Some(event) = maybe_event else {
@@ -360,8 +355,7 @@ mod tests {
                id: None,
                role: "user".to_string(),
                content: vec![ContentItem::InputText {
-                    text: "# AGENTS.md instructions for project\n\n<INSTRUCTIONS>\ndo things\n</INSTRUCTIONS>"
-                        .to_string(),
+                    text: "<user_instructions>do things</user_instructions>".to_string(),
                }],
            },
            ResponseItem::Message {
@@ -397,55 +391,30 @@ mod tests {
            "SUMMARY",
            max_bytes,
        );
-        assert_eq!(history.len(), 2);

-        let truncated_message = &history[0];
-        let summary_message = &history[1];
+        // Expect exactly one bridge message added to history (plus any initial context we provided, which is none).
+        assert_eq!(history.len(), 1);

-        let truncated_text = match truncated_message {
+        // Extract the text content of the bridge message.
+        let bridge_text = match &history[0] {
            ResponseItem::Message { role, content, .. } if role == "user" => {
                content_items_to_text(content).unwrap_or_default()
            }
            other => panic!("unexpected item in history: {other:?}"),
        };

+        // The bridge should contain the truncation marker and not the full original payload.
        assert!(
-            truncated_text.contains("tokens truncated"),
-            "expected truncation marker in truncated user message"
+            bridge_text.contains("tokens truncated"),
+            "expected truncation marker in bridge message"
        );
        assert!(
-            !truncated_text.contains(&big),
-            "truncated user message should not include the full oversized user text"
+            !bridge_text.contains(&big),
+            "bridge should not include the full oversized user text"
        );
-
-        let summary_text = match summary_message {
-            ResponseItem::Message { role, content, .. } if role == "user" => {
-                content_items_to_text(content).unwrap_or_default()
-            }
-            other => panic!("unexpected item in history: {other:?}"),
-        };
-        assert_eq!(summary_text, "SUMMARY");
-    }
-
-    #[test]
-    fn build_compacted_history_appends_summary_message() {
-        let initial_context: Vec<ResponseItem> = Vec::new();
-        let user_messages = vec!["first user message".to_string()];
-        let summary_text = "summary text";
-
-        let history = build_compacted_history(initial_context, &user_messages, summary_text);
        assert!(
-            !history.is_empty(),
-            "expected compacted history to include summary"
+            bridge_text.contains("SUMMARY"),
+            "bridge should include the provided summary text"
        );
-
-        let last = history.last().expect("history should have a summary entry");
-        let summary = match last {
-            ResponseItem::Message { role, content, .. } if role == "user" => {
-                content_items_to_text(content).unwrap_or_default()
-            }
-            other => panic!("expected summary message, found {other:?}"),
-        };
-        assert_eq!(summary, summary_text);
    }
 }
--- a/codex-rs/core/src/codex_delegate.rs
+++ b/codex-rs/core/src/codex_delegate.rs
@@ -1,300 +0,0 @@
-use std::sync::Arc;
-use std::sync::atomic::AtomicU64;
-
-use async_channel::Receiver;
-use async_channel::Sender;
-use codex_async_utils::OrCancelExt;
-use codex_protocol::protocol::ApplyPatchApprovalRequestEvent;
-use codex_protocol::protocol::Event;
-use codex_protocol::protocol::EventMsg;
-use codex_protocol::protocol::ExecApprovalRequestEvent;
-use codex_protocol::protocol::Op;
-use codex_protocol::protocol::SessionSource;
-use codex_protocol::protocol::SubAgentSource;
-use codex_protocol::protocol::Submission;
-use codex_protocol::user_input::UserInput;
-use tokio_util::sync::CancellationToken;
-
-use crate::AuthManager;
-use crate::codex::Codex;
-use crate::codex::CodexSpawnOk;
-use crate::codex::SUBMISSION_CHANNEL_CAPACITY;
-use crate::codex::Session;
-use crate::codex::TurnContext;
-use crate::config::Config;
-use crate::error::CodexErr;
-use codex_protocol::protocol::InitialHistory;
-
-/// Start an interactive sub-Codex conversation and return IO channels.
-///
-/// The returned `events_rx` yields non-approval events emitted by the sub-agent.
-/// Approval requests are handled via `parent_session` and are not surfaced.
-/// The returned `ops_tx` allows the caller to submit additional `Op`s to the sub-agent.
-pub(crate) async fn run_codex_conversation_interactive(
-    config: Config,
-    auth_manager: Arc<AuthManager>,
-    parent_session: Arc<Session>,
-    parent_ctx: Arc<TurnContext>,
-    cancel_token: CancellationToken,
-    initial_history: Option<InitialHistory>,
-) -> Result<Codex, CodexErr> {
-    let (tx_sub, rx_sub) = async_channel::bounded(SUBMISSION_CHANNEL_CAPACITY);
-    let (tx_ops, rx_ops) = async_channel::bounded(SUBMISSION_CHANNEL_CAPACITY);
-
-    let CodexSpawnOk { codex, .. } = Codex::spawn(
-        config,
-        auth_manager,
-        initial_history.unwrap_or(InitialHistory::New),
-        SessionSource::SubAgent(SubAgentSource::Review),
-    )
-    .await?;
-    let codex = Arc::new(codex);
-
-    // Use a child token so parent cancel cascades but we can scope it to this task
-    let cancel_token_events = cancel_token.child_token();
-    let cancel_token_ops = cancel_token.child_token();
-
-    // Forward events from the sub-agent to the consumer, filtering approvals and
-    // routing them to the parent session for decisions.
-    let parent_session_clone = Arc::clone(&parent_session);
-    let parent_ctx_clone = Arc::clone(&parent_ctx);
-    let codex_for_events = Arc::clone(&codex);
-    tokio::spawn(async move {
-        let _ = forward_events(
-            codex_for_events,
-            tx_sub,
-            parent_session_clone,
-            parent_ctx_clone,
-            cancel_token_events.clone(),
-        )
-        .or_cancel(&cancel_token_events)
-        .await;
-    });
-
-    // Forward ops from the caller to the sub-agent.
-    let codex_for_ops = Arc::clone(&codex);
-    tokio::spawn(async move {
-        forward_ops(codex_for_ops, rx_ops, cancel_token_ops).await;
-    });
-
-    Ok(Codex {
-        next_id: AtomicU64::new(0),
-        tx_sub: tx_ops,
-        rx_event: rx_sub,
-    })
-}
-
-/// Convenience wrapper for one-time use with an initial prompt.
-///
-/// Internally calls the interactive variant, then immediately submits the provided input.
-pub(crate) async fn run_codex_conversation_one_shot(
-    config: Config,
-    auth_manager: Arc<AuthManager>,
-    input: Vec<UserInput>,
-    parent_session: Arc<Session>,
-    parent_ctx: Arc<TurnContext>,
-    cancel_token: CancellationToken,
-    initial_history: Option<InitialHistory>,
-) -> Result<Codex, CodexErr> {
-    // Use a child token so we can stop the delegate after completion without
-    // requiring the caller to cancel the parent token.
-    let child_cancel = cancel_token.child_token();
-    let io = run_codex_conversation_interactive(
-        config,
-        auth_manager,
-        parent_session,
-        parent_ctx,
-        child_cancel.clone(),
-        initial_history,
-    )
-    .await?;
-
-    // Send the initial input to kick off the one-shot turn.
-    io.submit(Op::UserInput { items: input }).await?;
-
-    // Bridge events so we can observe completion and shut down automatically.
-    let (tx_bridge, rx_bridge) = async_channel::bounded(SUBMISSION_CHANNEL_CAPACITY);
-    let ops_tx = io.tx_sub.clone();
-    let io_for_bridge = io;
-    tokio::spawn(async move {
-        while let Ok(event) = io_for_bridge.next_event().await {
-            let should_shutdown = matches!(
-                event.msg,
-                EventMsg::TaskComplete(_) | EventMsg::TurnAborted(_)
-            );
-            let _ = tx_bridge.send(event).await;
-            if should_shutdown {
-                let _ = ops_tx
-                    .send(Submission {
-                        id: "shutdown".to_string(),
-                        op: Op::Shutdown {},
-                    })
-                    .await;
-                child_cancel.cancel();
-                break;
-            }
-        }
-    });
-
-    // For one-shot usage, return a closed `tx_sub` so callers cannot submit
-    // additional ops after the initial request. Create a channel and drop the
-    // receiver to close it immediately.
-    let (tx_closed, rx_closed) = async_channel::bounded(SUBMISSION_CHANNEL_CAPACITY);
-    drop(rx_closed);
-
-    Ok(Codex {
-        next_id: AtomicU64::new(0),
-        rx_event: rx_bridge,
-        tx_sub: tx_closed,
-    })
-}
-
-async fn forward_events(
-    codex: Arc<Codex>,
-    tx_sub: Sender<Event>,
-    parent_session: Arc<Session>,
-    parent_ctx: Arc<TurnContext>,
-    cancel_token: CancellationToken,
-) {
-    while let Ok(event) = codex.next_event().await {
-        match event {
-            // ignore all legacy delta events
-            Event {
-                id: _,
-                msg: EventMsg::AgentMessageDelta(_) | EventMsg::AgentReasoningDelta(_),
-            } => continue,
-            Event {
-                id: _,
-                msg: EventMsg::SessionConfigured(_),
-            } => continue,
-            Event {
-                id,
-                msg: EventMsg::ExecApprovalRequest(event),
-            } => {
-                // Initiate approval via parent session; do not surface to consumer.
-                handle_exec_approval(
-                    &codex,
-                    id,
-                    &parent_session,
-                    &parent_ctx,
-                    event,
-                    &cancel_token,
-                )
-                .await;
-            }
-            Event {
-                id,
-                msg: EventMsg::ApplyPatchApprovalRequest(event),
-            } => {
-                handle_patch_approval(
-                    &codex,
-                    id,
-                    &parent_session,
-                    &parent_ctx,
-                    event,
-                    &cancel_token,
-                )
-                .await;
-            }
-            other => {
-                let _ = tx_sub.send(other).await;
-            }
-        }
-    }
-}
-
-/// Forward ops from a caller to a sub-agent, respecting cancellation.
-async fn forward_ops(
-    codex: Arc<Codex>,
-    rx_ops: Receiver<Submission>,
-    cancel_token_ops: CancellationToken,
-) {
-    loop {
-        let op: Op = match rx_ops.recv().or_cancel(&cancel_token_ops).await {
-            Ok(Ok(Submission { id: _, op })) => op,
-            Ok(Err(_)) | Err(_) => break,
-        };
-        let _ = codex.submit(op).await;
-    }
-}
-
-/// Handle an ExecApprovalRequest by consulting the parent session and replying.
-async fn handle_exec_approval(
-    codex: &Codex,
-    id: String,
-    parent_session: &Session,
-    parent_ctx: &TurnContext,
-    event: ExecApprovalRequestEvent,
-    cancel_token: &CancellationToken,
-) {
-    // Race approval with cancellation and timeout to avoid hangs.
-    let approval_fut = parent_session.request_command_approval(
-        parent_ctx,
-        parent_ctx.sub_id.clone(),
-        event.command,
-        event.cwd,
-        event.reason,
-        event.risk,
-    );
-    let decision = await_approval_with_cancel(
-        approval_fut,
-        parent_session,
-        &parent_ctx.sub_id,
-        cancel_token,
-    )
-    .await;
-
-    let _ = codex.submit(Op::ExecApproval { id, decision }).await;
-}
-
-/// Handle an ApplyPatchApprovalRequest by consulting the parent session and replying.
-async fn handle_patch_approval(
-    codex: &Codex,
-    id: String,
-    parent_session: &Session,
-    parent_ctx: &TurnContext,
-    event: ApplyPatchApprovalRequestEvent,
-    cancel_token: &CancellationToken,
-) {
-    let decision_rx = parent_session
-        .request_patch_approval(
-            parent_ctx,
-            parent_ctx.sub_id.clone(),
-            event.changes,
-            event.reason,
-            event.grant_root,
-        )
-        .await;
-    let decision = await_approval_with_cancel(
-        async move { decision_rx.await.unwrap_or_default() },
-        parent_session,
-        &parent_ctx.sub_id,
-        cancel_token,
-    )
-    .await;
-    let _ = codex.submit(Op::PatchApproval { id, decision }).await;
-}
-
-/// Await an approval decision, aborting on cancellation.
-async fn await_approval_with_cancel<F>(
-    fut: F,
-    parent_session: &Session,
-    sub_id: &str,
-    cancel_token: &CancellationToken,
-) -> codex_protocol::protocol::ReviewDecision
-where
-    F: core::future::Future<Output = codex_protocol::protocol::ReviewDecision>,
-{
-    tokio::select! {
-        biased;
-        _ = cancel_token.cancelled() => {
-            parent_session
-                .notify_approval(sub_id, codex_protocol::protocol::ReviewDecision::Abort)
-                .await;
-            codex_protocol::protocol::ReviewDecision::Abort
-        }
-        decision = fut => {
-            decision
-        }
-    }
-}
--- a/codex-rs/core/src/config/edit.rs
+++ b/codex-rs/core/src/config/edit.rs
--- a/codex-rs/core/src/config/helpers.rs
+++ b/codex-rs/core/src/config/helpers.rs
@@ -0,0 +1 @@
+
--- a/codex-rs/core/src/config/mod.rs
+++ b/codex-rs/core/src/config/mod.rs
--- a/codex-rs/core/src/config/profile.rs
+++ b/codex-rs/core/src/config/profile.rs
@@ -22,8 +22,8 @@ pub struct ConfigProfile {
    pub model_verbosity: Option<Verbosity>,
    pub chatgpt_base_url: Option<String>,
    pub experimental_instructions_file: Option<PathBuf>,
-    pub experimental_compact_prompt_file: Option<PathBuf>,
    pub include_apply_patch_tool: Option<bool>,
+    pub include_view_image_tool: Option<bool>,
    pub experimental_use_unified_exec_tool: Option<bool>,
    pub experimental_use_exec_command_tool: Option<bool>,
    pub experimental_use_rmcp_client: Option<bool>,
--- a/codex-rs/core/src/config/types.rs
+++ b/codex-rs/core/src/config/types.rs
@@ -361,7 +361,7 @@ pub struct Notice {
 }

 impl Notice {
-    /// referenced by config_edit helpers when writing notice flags
+    /// used by set_hide_full_access_warning until we refactor config updates
    pub(crate) const TABLE_KEY: &'static str = "notice";
 }

--- a/codex-rs/core/src/conversation_history.rs
+++ b/codex-rs/core/src/conversation_history.rs
@@ -1,13 +1,12 @@
 use codex_protocol::models::FunctionCallOutputContentItem;
 use codex_protocol::models::FunctionCallOutputPayload;
 use codex_protocol::models::ResponseItem;
-
-use crate::util::error_or_panic;
 use codex_protocol::protocol::TokenUsage;
 use codex_protocol::protocol::TokenUsageInfo;
 use codex_utils_string::take_bytes_at_char_boundary;
 use codex_utils_string::take_last_bytes_at_char_boundary;
 use std::ops::Deref;
+use tracing::error;

 // Model-formatting limits: clients get full streams; only content sent to the model is truncated.
 pub(crate) const MODEL_FORMAT_MAX_BYTES: usize = 10 * 1024; // 10 KiB
@@ -68,14 +67,6 @@ impl ConversationHistory {
        self.contents()
    }

-    // Returns the history prepared for sending to the model.
-    // With extra response items filtered out and GhostCommits removed.
-    pub(crate) fn get_history_for_prompt(&mut self) -> Vec<ResponseItem> {
-        let mut history = self.get_history();
-        Self::remove_ghost_snapshots(&mut history);
-        history
-    }
-
    pub(crate) fn remove_first_item(&mut self) {
        if !self.items.is_empty() {
            // Remove the oldest item (front of the list). Items are ordered from
@@ -120,10 +111,6 @@ impl ConversationHistory {
        self.items.clone()
    }

-    fn remove_ghost_snapshots(items: &mut Vec<ResponseItem>) {
-        items.retain(|item| !matches!(item, ResponseItem::GhostSnapshot { .. }));
-    }
-
    fn ensure_call_outputs_present(&mut self) {
        // Collect synthetic outputs to insert immediately after their calls.
        // Store the insertion position (index of call) alongside the item so
@@ -366,10 +353,23 @@ impl ConversationHistory {
        match item {
            ResponseItem::FunctionCallOutput { call_id, output } => {
                let truncated = format_output_for_model_body(output.content.as_str());
-                let truncated_items = output
-                    .content_items
-                    .as_ref()
-                    .map(|items| globally_truncate_function_output_items(items));
+                let truncated_items = output.content_items.as_ref().map(|items| {
+                    items
+                        .iter()
+                        .map(|it| match it {
+                            FunctionCallOutputContentItem::InputText { text } => {
+                                FunctionCallOutputContentItem::InputText {
+                                    text: format_output_for_model_body(text),
+                                }
+                            }
+                            FunctionCallOutputContentItem::InputImage { image_url } => {
+                                FunctionCallOutputContentItem::InputImage {
+                                    image_url: image_url.clone(),
+                                }
+                            }
+                        })
+                        .collect()
+                });
                ResponseItem::FunctionCallOutput {
                    call_id: call_id.clone(),
                    output: FunctionCallOutputPayload {
@@ -398,53 +398,6 @@ impl ConversationHistory {
    }
 }

-fn globally_truncate_function_output_items(
-    items: &[FunctionCallOutputContentItem],
-) -> Vec<FunctionCallOutputContentItem> {
-    let mut out: Vec<FunctionCallOutputContentItem> = Vec::with_capacity(items.len());
-    let mut remaining = MODEL_FORMAT_MAX_BYTES;
-    let mut omitted_text_items = 0usize;
-
-    for it in items {
-        match it {
-            FunctionCallOutputContentItem::InputText { text } => {
-                if remaining == 0 {
-                    omitted_text_items += 1;
-                    continue;
-                }
-
-                let len = text.len();
-                if len <= remaining {
-                    out.push(FunctionCallOutputContentItem::InputText { text: text.clone() });
-                    remaining -= len;
-                } else {
-                    let slice = take_bytes_at_char_boundary(text, remaining);
-                    if !slice.is_empty() {
-                        out.push(FunctionCallOutputContentItem::InputText {
-                            text: slice.to_string(),
-                        });
-                    }
-                    remaining = 0;
-                }
-            }
-            // todo(aibrahim): handle input images; resize
-            FunctionCallOutputContentItem::InputImage { image_url } => {
-                out.push(FunctionCallOutputContentItem::InputImage {
-                    image_url: image_url.clone(),
-                });
-            }
-        }
-    }
-
-    if omitted_text_items > 0 {
-        out.push(FunctionCallOutputContentItem::InputText {
-            text: format!("[omitted {omitted_text_items} text items ...]"),
-        });
-    }
-
-    out
-}
-
 pub(crate) fn format_output_for_model_body(content: &str) -> String {
    // Head+tail truncation for the model: show the beginning and end with an elision.
    // Clients still receive full streams; only this formatted summary is capped.
@@ -516,8 +469,17 @@ fn truncate_formatted_exec_output(content: &str, total_lines: usize) -> String {
    result
 }

-/// API messages include every non-system item (user/assistant messages, reasoning,
-/// tool calls, tool outputs, shell calls, and web-search calls).
+#[inline]
+fn error_or_panic(message: String) {
+    if cfg!(debug_assertions) || env!("CARGO_PKG_VERSION").contains("alpha") {
+        panic!("{message}");
+    } else {
+        error!("{message}");
+    }
+}
+
+/// Anything that is not a system message or "reasoning" message is considered
+/// an API message.
 fn is_api_message(message: &ResponseItem) -> bool {
    match message {
        ResponseItem::Message { role, .. } => role.as_str() != "system",
@@ -536,14 +498,11 @@ fn is_api_message(message: &ResponseItem) -> bool {
 #[cfg(test)]
 mod tests {
    use super::*;
-    use codex_git::GhostCommit;
    use codex_protocol::models::ContentItem;
    use codex_protocol::models::FunctionCallOutputPayload;
    use codex_protocol::models::LocalShellAction;
    use codex_protocol::models::LocalShellExecAction;
    use codex_protocol::models::LocalShellStatus;
-    use codex_protocol::models::ReasoningItemContent;
-    use codex_protocol::models::ReasoningItemReasoningSummary;
    use pretty_assertions::assert_eq;

    fn assistant_msg(text: &str) -> ResponseItem {
@@ -572,23 +531,10 @@ mod tests {
        }
    }

-    fn reasoning_msg(text: &str) -> ResponseItem {
-        ResponseItem::Reasoning {
-            id: String::new(),
-            summary: vec![ReasoningItemReasoningSummary::SummaryText {
-                text: "summary".to_string(),
-            }],
-            content: Some(vec![ReasoningItemContent::ReasoningText {
-                text: text.to_string(),
-            }]),
-            encrypted_content: None,
-        }
-    }
-
    #[test]
    fn filters_non_api_messages() {
        let mut h = ConversationHistory::default();
-        // System message is not API messages; Other is ignored.
+        // System message is not an API message; Other is ignored.
        let system = ResponseItem::Message {
            id: None,
            role: "system".to_string(),
@@ -596,8 +542,7 @@ mod tests {
                text: "ignored".to_string(),
            }],
        };
-        let reasoning = reasoning_msg("thinking...");
-        h.record_items([&system, &reasoning, &ResponseItem::Other]);
+        h.record_items([&system, &ResponseItem::Other]);

        // User and assistant should be retained.
        let u = user_msg("hi");
@@ -608,16 +553,6 @@ mod tests {
        assert_eq!(
            items,
            vec![
-                ResponseItem::Reasoning {
-                    id: String::new(),
-                    summary: vec![ReasoningItemReasoningSummary::SummaryText {
-                        text: "summary".to_string(),
-                    }],
-                    content: Some(vec![ReasoningItemContent::ReasoningText {
-                        text: "thinking...".to_string(),
-                    }]),
-                    encrypted_content: None,
-                },
                ResponseItem::Message {
                    id: None,
                    role: "user".to_string(),
@@ -636,16 +571,6 @@ mod tests {
        );
    }

-    #[test]
-    fn get_history_for_prompt_drops_ghost_commits() {
-        let items = vec![ResponseItem::GhostSnapshot {
-            ghost_commit: GhostCommit::new("ghost-1".to_string(), None, Vec::new(), Vec::new()),
-        }];
-        let mut history = create_history_with_items(items);
-        let filtered = history.get_history_for_prompt();
-        assert_eq!(filtered, vec![]);
-    }
-
    #[test]
    fn remove_first_item_removes_matching_output_for_function_call() {
        let items = vec![
@@ -916,81 +841,6 @@ mod tests {
        );
    }

-    #[test]
-    fn truncates_across_multiple_under_limit_texts_and_reports_omitted() {
-        // Arrange: several text items, none exceeding per-item limit, but total exceeds budget.
-        let budget = MODEL_FORMAT_MAX_BYTES;
-        let t1_len = (budget / 2).saturating_sub(10);
-        let t2_len = (budget / 2).saturating_sub(10);
-        let remaining_after_t1_t2 = budget.saturating_sub(t1_len + t2_len);
-        let t3_len = 50; // gets truncated to remaining_after_t1_t2
-        let t4_len = 5; // omitted
-        let t5_len = 7; // omitted
-
-        let t1 = "a".repeat(t1_len);
-        let t2 = "b".repeat(t2_len);
-        let t3 = "c".repeat(t3_len);
-        let t4 = "d".repeat(t4_len);
-        let t5 = "e".repeat(t5_len);
-
-        let item = ResponseItem::FunctionCallOutput {
-            call_id: "call-omit".to_string(),
-            output: FunctionCallOutputPayload {
-                content: "irrelevant".to_string(),
-                content_items: Some(vec![
-                    FunctionCallOutputContentItem::InputText { text: t1 },
-                    FunctionCallOutputContentItem::InputText { text: t2 },
-                    FunctionCallOutputContentItem::InputImage {
-                        image_url: "img:mid".to_string(),
-                    },
-                    FunctionCallOutputContentItem::InputText { text: t3 },
-                    FunctionCallOutputContentItem::InputText { text: t4 },
-                    FunctionCallOutputContentItem::InputText { text: t5 },
-                ]),
-                success: Some(true),
-            },
-        };
-
-        let mut history = ConversationHistory::new();
-        history.record_items([&item]);
-        assert_eq!(history.items.len(), 1);
-        let json = serde_json::to_value(&history.items[0]).expect("serialize to json");
-
-        let output = json
-            .get("output")
-            .expect("output field")
-            .as_array()
-            .expect("array output");
-
-        // Expect: t1 (full), t2 (full), image, t3 (truncated), summary mentioning 2 omitted.
-        assert_eq!(output.len(), 5);
-
-        let first = output[0].as_object().expect("first obj");
-        assert_eq!(first.get("type").unwrap(), "input_text");
-        let first_text = first.get("text").unwrap().as_str().unwrap();
-        assert_eq!(first_text.len(), t1_len);
-
-        let second = output[1].as_object().expect("second obj");
-        assert_eq!(second.get("type").unwrap(), "input_text");
-        let second_text = second.get("text").unwrap().as_str().unwrap();
-        assert_eq!(second_text.len(), t2_len);
-
-        assert_eq!(
-            output[2],
-            serde_json::json!({"type": "input_image", "image_url": "img:mid"})
-        );
-
-        let fourth = output[3].as_object().expect("fourth obj");
-        assert_eq!(fourth.get("type").unwrap(), "input_text");
-        let fourth_text = fourth.get("text").unwrap().as_str().unwrap();
-        assert_eq!(fourth_text.len(), remaining_after_t1_t2);
-
-        let summary = output[4].as_object().expect("summary obj");
-        assert_eq!(summary.get("type").unwrap(), "input_text");
-        let summary_text = summary.get("text").unwrap().as_str().unwrap();
-        assert!(summary_text.contains("omitted 2 text items"));
-    }
-
    //TODO(aibrahim): run CI in release mode.
    #[cfg(not(debug_assertions))]
    #[test]
--- a/codex-rs/core/src/conversation_manager.rs
+++ b/codex-rs/core/src/conversation_manager.rs
@@ -73,7 +73,7 @@ impl ConversationManager {
            config,
            auth_manager,
            InitialHistory::New,
-            self.session_source.clone(),
+            self.session_source,
        )
        .await?;
        self.finalize_spawn(codex, conversation_id).await
@@ -132,26 +132,10 @@ impl ConversationManager {
        auth_manager: Arc<AuthManager>,
    ) -> CodexResult<NewConversation> {
        let initial_history = RolloutRecorder::get_rollout_history(&rollout_path).await?;
-        self.resume_conversation_with_history(config, initial_history, auth_manager)
-            .await
-    }
-
-    pub async fn resume_conversation_with_history(
-        &self,
-        config: Config,
-        initial_history: InitialHistory,
-        auth_manager: Arc<AuthManager>,
-    ) -> CodexResult<NewConversation> {
        let CodexSpawnOk {
            codex,
            conversation_id,
-        } = Codex::spawn(
-            config,
-            auth_manager,
-            initial_history,
-            self.session_source.clone(),
-        )
-        .await?;
+        } = Codex::spawn(config, auth_manager, initial_history, self.session_source).await?;
        self.finalize_spawn(codex, conversation_id).await
    }

@@ -185,7 +169,7 @@ impl ConversationManager {
        let CodexSpawnOk {
            codex,
            conversation_id,
-        } = Codex::spawn(config, auth_manager, history, self.session_source.clone()).await?;
+        } = Codex::spawn(config, auth_manager, history, self.session_source).await?;

        self.finalize_spawn(codex, conversation_id).await
    }
--- a/codex-rs/core/src/custom_prompts.rs
+++ b/codex-rs/core/src/custom_prompts.rs
@@ -32,11 +32,12 @@ pub async fn discover_prompts_in_excluding(

    while let Ok(Some(entry)) = entries.next_entry().await {
        let path = entry.path();
-        let is_file_like = fs::metadata(&path)
+        let is_file = entry
+            .file_type()
            .await
-            .map(|m| m.is_file())
+            .map(|ft| ft.is_file())
            .unwrap_or(false);
-        if !is_file_like {
+        if !is_file {
            continue;
        }
        // Only include Markdown files with a .md extension.
@@ -196,25 +197,6 @@ mod tests {
        assert_eq!(names, vec!["good"]);
    }

-    #[tokio::test]
-    #[cfg(unix)]
-    async fn discovers_symlinked_md_files() {
-        let tmp = tempdir().expect("create TempDir");
-        let dir = tmp.path();
-
-        // Create a real file
-        fs::write(dir.join("real.md"), b"real content").unwrap();
-
-        // Create a symlink to the real file
-        std::os::unix::fs::symlink(dir.join("real.md"), dir.join("link.md")).unwrap();
-
-        let found = discover_prompts_in(dir).await;
-        let names: Vec<String> = found.into_iter().map(|e| e.name).collect();
-
-        // Both real and link should be discovered, sorted alphabetically
-        assert_eq!(names, vec!["link", "real"]);
-    }
-
    #[tokio::test]
    async fn parses_frontmatter_and_strips_from_body() {
        let tmp = tempdir().expect("create TempDir");
--- a/codex-rs/core/src/error.rs
+++ b/codex-rs/core/src/error.rs
@@ -4,8 +4,6 @@ use crate::token_data::KnownPlan;
 use crate::token_data::PlanType;
 use crate::truncate::truncate_middle;
 use chrono::DateTime;
-use chrono::Datelike;
-use chrono::Local;
 use chrono::Utc;
 use codex_async_utils::CancelErr;
 use codex_protocol::ConversationId;
@@ -255,7 +253,7 @@ impl std::fmt::Display for UsageLimitReachedError {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        let message = match self.plan_type.as_ref() {
            Some(PlanType::Known(KnownPlan::Plus)) => format!(
-                "You've hit your usage limit. Upgrade to Pro (https://openai.com/chatgpt/pricing), visit https://chatgpt.com/codex/settings/usage to purchase more credits{}",
+                "You've hit your usage limit. Upgrade to Pro (https://openai.com/chatgpt/pricing){}",
                retry_suffix_after_or(self.resets_at.as_ref())
            ),
            Some(PlanType::Known(KnownPlan::Team)) | Some(PlanType::Known(KnownPlan::Business)) => {
@@ -268,11 +266,8 @@ impl std::fmt::Display for UsageLimitReachedError {
                "You've hit your usage limit. Upgrade to Plus to continue using Codex (https://openai.com/chatgpt/pricing)."
                    .to_string()
            }
-            Some(PlanType::Known(KnownPlan::Pro)) => format!(
-                "You've hit your usage limit. Visit https://chatgpt.com/codex/settings/usage to purchase more credits{}",
-                retry_suffix_after_or(self.resets_at.as_ref())
-            ),
-            Some(PlanType::Known(KnownPlan::Enterprise))
+            Some(PlanType::Known(KnownPlan::Pro))
+            | Some(PlanType::Known(KnownPlan::Enterprise))
            | Some(PlanType::Known(KnownPlan::Edu)) => format!(
                "You've hit your usage limit.{}",
                retry_suffix(self.resets_at.as_ref())
@@ -288,46 +283,28 @@ impl std::fmt::Display for UsageLimitReachedError {
 }

 fn retry_suffix(resets_at: Option<&DateTime<Utc>>) -> String {
-    if let Some(resets_at) = resets_at {
-        let formatted = format_retry_timestamp(resets_at);
-        format!(" Try again at {formatted}.")
+    if let Some(secs) = remaining_seconds(resets_at) {
+        let reset_duration = format_reset_duration(secs);
+        format!(" Try again in {reset_duration}.")
    } else {
        " Try again later.".to_string()
    }
 }

 fn retry_suffix_after_or(resets_at: Option<&DateTime<Utc>>) -> String {
-    if let Some(resets_at) = resets_at {
-        let formatted = format_retry_timestamp(resets_at);
-        format!(" or try again at {formatted}.")
+    if let Some(secs) = remaining_seconds(resets_at) {
+        let reset_duration = format_reset_duration(secs);
+        format!(" or try again in {reset_duration}.")
    } else {
        " or try again later.".to_string()
    }
 }

-fn format_retry_timestamp(resets_at: &DateTime<Utc>) -> String {
-    let local_reset = resets_at.with_timezone(&Local);
-    let local_now = now_for_retry().with_timezone(&Local);
-    if local_reset.date_naive() == local_now.date_naive() {
-        local_reset.format("%-I:%M %p").to_string()
-    } else {
-        let suffix = day_suffix(local_reset.day());
-        local_reset
-            .format(&format!("%b %-d{suffix}, %Y %-I:%M %p"))
-            .to_string()
-    }
-}
-
-fn day_suffix(day: u32) -> &'static str {
-    match day {
-        11..=13 => "th",
-        _ => match day % 10 {
-            1 => "st",
-            2 => "nd", // codespell:ignore
-            3 => "rd",
-            _ => "th",
-        },
-    }
+fn remaining_seconds(resets_at: Option<&DateTime<Utc>>) -> Option<u64> {
+    let resets_at = resets_at.cloned()?;
+    let now = now_for_retry();
+    let secs = resets_at.signed_duration_since(now).num_seconds();
+    Some(if secs <= 0 { 0 } else { secs as u64 })
 }

 #[cfg(test)]
@@ -346,6 +323,36 @@ fn now_for_retry() -> DateTime<Utc> {
    Utc::now()
 }

+fn format_reset_duration(total_secs: u64) -> String {
+    let days = total_secs / 86_400;
+    let hours = (total_secs % 86_400) / 3_600;
+    let minutes = (total_secs % 3_600) / 60;
+
+    let mut parts: Vec<String> = Vec::new();
+    if days > 0 {
+        let unit = if days == 1 { "day" } else { "days" };
+        parts.push(format!("{days} {unit}"));
+    }
+    if hours > 0 {
+        let unit = if hours == 1 { "hour" } else { "hours" };
+        parts.push(format!("{hours} {unit}"));
+    }
+    if minutes > 0 {
+        let unit = if minutes == 1 { "minute" } else { "minutes" };
+        parts.push(format!("{minutes} {unit}"));
+    }
+
+    if parts.is_empty() {
+        return "less than a minute".to_string();
+    }
+
+    match parts.len() {
+        1 => parts[0].clone(),
+        2 => format!("{} {}", parts[0], parts[1]),
+        _ => format!("{} {} {}", parts[0], parts[1], parts[2]),
+    }
+}
+
 #[derive(Debug)]
 pub struct EnvVarError {
    /// Name of the environment variable that is missing.
@@ -460,7 +467,7 @@ mod tests {
        };
        assert_eq!(
            err.to_string(),
-            "You've hit your usage limit. Upgrade to Pro (https://openai.com/chatgpt/pricing), visit https://chatgpt.com/codex/settings/usage to purchase more credits or try again later."
+            "You've hit your usage limit. Upgrade to Pro (https://openai.com/chatgpt/pricing) or try again later."
        );
    }

@@ -562,16 +569,15 @@ mod tests {
        let base = Utc.with_ymd_and_hms(2024, 1, 1, 0, 0, 0).unwrap();
        let resets_at = base + ChronoDuration::hours(1);
        with_now_override(base, move || {
-            let expected_time = format_retry_timestamp(&resets_at);
            let err = UsageLimitReachedError {
                plan_type: Some(PlanType::Known(KnownPlan::Team)),
                resets_at: Some(resets_at),
                rate_limits: Some(rate_limit_snapshot()),
            };
-            let expected = format!(
-                "You've hit your usage limit. To get more access now, send a request to your admin or try again at {expected_time}."
+            assert_eq!(
+                err.to_string(),
+                "You've hit your usage limit. To get more access now, send a request to your admin or try again in 1 hour."
            );
-            assert_eq!(err.to_string(), expected);
        });
    }

@@ -591,7 +597,7 @@ mod tests {
    #[test]
    fn usage_limit_reached_error_formats_default_for_other_plans() {
        let err = UsageLimitReachedError {
-            plan_type: Some(PlanType::Known(KnownPlan::Enterprise)),
+            plan_type: Some(PlanType::Known(KnownPlan::Pro)),
            resets_at: None,
            rate_limits: Some(rate_limit_snapshot()),
        };
@@ -601,37 +607,20 @@ mod tests {
        );
    }

-    #[test]
-    fn usage_limit_reached_error_formats_pro_plan_with_reset() {
-        let base = Utc.with_ymd_and_hms(2024, 1, 1, 0, 0, 0).unwrap();
-        let resets_at = base + ChronoDuration::hours(1);
-        with_now_override(base, move || {
-            let expected_time = format_retry_timestamp(&resets_at);
-            let err = UsageLimitReachedError {
-                plan_type: Some(PlanType::Known(KnownPlan::Pro)),
-                resets_at: Some(resets_at),
-                rate_limits: Some(rate_limit_snapshot()),
-            };
-            let expected = format!(
-                "You've hit your usage limit. Visit https://chatgpt.com/codex/settings/usage to purchase more credits or try again at {expected_time}."
-            );
-            assert_eq!(err.to_string(), expected);
-        });
-    }
-
    #[test]
    fn usage_limit_reached_includes_minutes_when_available() {
        let base = Utc.with_ymd_and_hms(2024, 1, 1, 0, 0, 0).unwrap();
        let resets_at = base + ChronoDuration::minutes(5);
        with_now_override(base, move || {
-            let expected_time = format_retry_timestamp(&resets_at);
            let err = UsageLimitReachedError {
                plan_type: None,
                resets_at: Some(resets_at),
                rate_limits: Some(rate_limit_snapshot()),
            };
-            let expected = format!("You've hit your usage limit. Try again at {expected_time}.");
-            assert_eq!(err.to_string(), expected);
+            assert_eq!(
+                err.to_string(),
+                "You've hit your usage limit. Try again in 5 minutes."
+            );
        });
    }

@@ -640,16 +629,15 @@ mod tests {
        let base = Utc.with_ymd_and_hms(2024, 1, 1, 0, 0, 0).unwrap();
        let resets_at = base + ChronoDuration::hours(3) + ChronoDuration::minutes(32);
        with_now_override(base, move || {
-            let expected_time = format_retry_timestamp(&resets_at);
            let err = UsageLimitReachedError {
                plan_type: Some(PlanType::Known(KnownPlan::Plus)),
                resets_at: Some(resets_at),
                rate_limits: Some(rate_limit_snapshot()),
            };
-            let expected = format!(
-                "You've hit your usage limit. Upgrade to Pro (https://openai.com/chatgpt/pricing), visit https://chatgpt.com/codex/settings/usage to purchase more credits or try again at {expected_time}."
+            assert_eq!(
+                err.to_string(),
+                "You've hit your usage limit. Upgrade to Pro (https://openai.com/chatgpt/pricing) or try again in 3 hours 32 minutes."
            );
-            assert_eq!(err.to_string(), expected);
        });
    }

@@ -659,14 +647,15 @@ mod tests {
        let resets_at =
            base + ChronoDuration::days(2) + ChronoDuration::hours(3) + ChronoDuration::minutes(5);
        with_now_override(base, move || {
-            let expected_time = format_retry_timestamp(&resets_at);
            let err = UsageLimitReachedError {
                plan_type: None,
                resets_at: Some(resets_at),
                rate_limits: Some(rate_limit_snapshot()),
            };
-            let expected = format!("You've hit your usage limit. Try again at {expected_time}.");
-            assert_eq!(err.to_string(), expected);
+            assert_eq!(
+                err.to_string(),
+                "You've hit your usage limit. Try again in 2 days 3 hours 5 minutes."
+            );
        });
    }

@@ -675,14 +664,15 @@ mod tests {
        let base = Utc.with_ymd_and_hms(2024, 1, 1, 0, 0, 0).unwrap();
        let resets_at = base + ChronoDuration::seconds(30);
        with_now_override(base, move || {
-            let expected_time = format_retry_timestamp(&resets_at);
            let err = UsageLimitReachedError {
                plan_type: None,
                resets_at: Some(resets_at),
                rate_limits: Some(rate_limit_snapshot()),
            };
-            let expected = format!("You've hit your usage limit. Try again at {expected_time}.");
-            assert_eq!(err.to_string(), expected);
+            assert_eq!(
+                err.to_string(),
+                "You've hit your usage limit. Try again in less than a minute."
+            );
        });
    }
 }
--- a/codex-rs/core/src/event_mapping.rs
+++ b/codex-rs/core/src/event_mapping.rs
@@ -11,21 +11,14 @@ use codex_protocol::models::ResponseItem;
 use codex_protocol::models::WebSearchAction;
 use codex_protocol::user_input::UserInput;
 use tracing::warn;
-use uuid::Uuid;
-
-use crate::user_instructions::UserInstructions;

 fn is_session_prefix(text: &str) -> bool {
    let trimmed = text.trim_start();
    let lowered = trimmed.to_ascii_lowercase();
-    lowered.starts_with("<environment_context>")
+    lowered.starts_with("<environment_context>") || lowered.starts_with("<user_instructions>")
 }

 fn parse_user_message(message: &[ContentItem]) -> Option<UserMessageItem> {
-    if UserInstructions::is_user_instructions(message) {
-        return None;
-    }
-
    let mut content: Vec<UserInput> = Vec::new();

    for content_item in message.iter() {
@@ -53,7 +46,7 @@ fn parse_user_message(message: &[ContentItem]) -> Option<UserMessageItem> {
    Some(UserMessageItem::new(&content))
 }

-fn parse_agent_message(id: Option<&String>, message: &[ContentItem]) -> AgentMessageItem {
+fn parse_agent_message(message: &[ContentItem]) -> AgentMessageItem {
    let mut content: Vec<AgentMessageContent> = Vec::new();
    for content_item in message.iter() {
        match content_item {
@@ -68,18 +61,14 @@ fn parse_agent_message(id: Option<&String>, message: &[ContentItem]) -> AgentMes
            }
        }
    }
-    let id = id.cloned().unwrap_or_else(|| Uuid::new_v4().to_string());
-    AgentMessageItem { id, content }
+    AgentMessageItem::new(&content)
 }

 pub fn parse_turn_item(item: &ResponseItem) -> Option<TurnItem> {
    match item {
-        ResponseItem::Message { role, content, id } => match role.as_str() {
+        ResponseItem::Message { role, content, .. } => match role.as_str() {
            "user" => parse_user_message(content).map(TurnItem::UserMessage),
-            "assistant" => Some(TurnItem::AgentMessage(parse_agent_message(
-                id.as_ref(),
-                content,
-            ))),
+            "assistant" => Some(TurnItem::AgentMessage(parse_agent_message(content))),
            "system" => None,
            _ => None,
        },
@@ -173,38 +162,6 @@ mod tests {
        }
    }

-    #[test]
-    fn skips_user_instructions_and_env() {
-        let items = vec![
-            ResponseItem::Message {
-                id: None,
-                role: "user".to_string(),
-                content: vec![ContentItem::InputText {
-                    text: "<user_instructions>test_text</user_instructions>".to_string(),
-                }],
-            },
-            ResponseItem::Message {
-                id: None,
-                role: "user".to_string(),
-                content: vec![ContentItem::InputText {
-                    text: "<environment_context>test_text</environment_context>".to_string(),
-                }],
-            },
-            ResponseItem::Message {
-                id: None,
-                role: "user".to_string(),
-                content: vec![ContentItem::InputText {
-                    text: "# AGENTS.md instructions for test_directory\n\n<INSTRUCTIONS>\ntest_text\n</INSTRUCTIONS>".to_string(),
-                }],
-            },
-        ];
-
-        for item in items {
-            let turn_item = parse_turn_item(&item);
-            assert!(turn_item.is_none(), "expected none, got {turn_item:?}");
-        }
-    }
-
    #[test]
    fn parses_agent_message() {
        let item = ResponseItem::Message {
--- a/codex-rs/core/src/exec.rs
+++ b/codex-rs/core/src/exec.rs
@@ -72,9 +72,6 @@ pub enum SandboxType {

    /// Only available on Linux.
    LinuxSeccomp,
-
-    /// Only available on Windows.
-    WindowsRestrictedToken,
 }

 #[derive(Clone)]
@@ -161,89 +158,11 @@ pub(crate) async fn execute_exec_env(
    };

    let start = Instant::now();
-    let raw_output_result = exec(params, sandbox, sandbox_policy, stdout_stream).await;
+    let raw_output_result = exec(params, sandbox_policy, stdout_stream).await;
    let duration = start.elapsed();
    finalize_exec_result(raw_output_result, sandbox, duration)
 }

-#[cfg(target_os = "windows")]
-async fn exec_windows_sandbox(
-    params: ExecParams,
-    sandbox_policy: &SandboxPolicy,
-) -> Result<RawExecToolCallOutput> {
-    use crate::config::find_codex_home;
-    use codex_windows_sandbox::run_windows_sandbox_capture;
-
-    let ExecParams {
-        command,
-        cwd,
-        env,
-        timeout_ms,
-        ..
-    } = params;
-
-    let policy_str = match sandbox_policy {
-        SandboxPolicy::DangerFullAccess => "workspace-write",
-        SandboxPolicy::ReadOnly => "read-only",
-        SandboxPolicy::WorkspaceWrite { .. } => "workspace-write",
-    };
-
-    let sandbox_cwd = cwd.clone();
-    let logs_base_dir = find_codex_home().ok();
-    let spawn_res = tokio::task::spawn_blocking(move || {
-        run_windows_sandbox_capture(
-            policy_str,
-            &sandbox_cwd,
-            command,
-            &cwd,
-            env,
-            timeout_ms,
-            logs_base_dir.as_deref(),
-        )
-    })
-    .await;
-
-    let capture = match spawn_res {
-        Ok(Ok(v)) => v,
-        Ok(Err(err)) => {
-            return Err(CodexErr::Io(io::Error::other(format!(
-                "windows sandbox: {err}"
-            ))));
-        }
-        Err(join_err) => {
-            return Err(CodexErr::Io(io::Error::other(format!(
-                "windows sandbox join error: {join_err}"
-            ))));
-        }
-    };
-
-    let exit_status = synthetic_exit_status(capture.exit_code);
-    let stdout = StreamOutput {
-        text: capture.stdout,
-        truncated_after_lines: None,
-    };
-    let stderr = StreamOutput {
-        text: capture.stderr,
-        truncated_after_lines: None,
-    };
-    // Best-effort aggregate: stdout then stderr
-    let mut aggregated = Vec::with_capacity(stdout.text.len() + stderr.text.len());
-    append_all(&mut aggregated, &stdout.text);
-    append_all(&mut aggregated, &stderr.text);
-    let aggregated_output = StreamOutput {
-        text: aggregated,
-        truncated_after_lines: None,
-    };
-
-    Ok(RawExecToolCallOutput {
-        exit_status,
-        stdout,
-        stderr,
-        aggregated_output,
-        timed_out: capture.timed_out,
-    })
-}
-
 fn finalize_exec_result(
    raw_output_result: std::result::Result<RawExecToolCallOutput, CodexErr>,
    sandbox_type: SandboxType,
@@ -428,17 +347,11 @@ pub struct ExecToolCallOutput {
    pub timed_out: bool,
 }

-#[cfg_attr(not(target_os = "windows"), allow(unused_variables))]
 async fn exec(
    params: ExecParams,
-    sandbox: SandboxType,
    sandbox_policy: &SandboxPolicy,
    stdout_stream: Option<StdoutStream>,
 ) -> Result<RawExecToolCallOutput> {
-    #[cfg(target_os = "windows")]
-    if sandbox == SandboxType::WindowsRestrictedToken {
-        return exec_windows_sandbox(params, sandbox_policy).await;
-    }
    let timeout = params.timeout_duration();
    let ExecParams {
        command,
@@ -612,9 +525,8 @@ fn synthetic_exit_status(code: i32) -> ExitStatus {
 #[cfg(windows)]
 fn synthetic_exit_status(code: i32) -> ExitStatus {
    use std::os::windows::process::ExitStatusExt;
-    // On Windows the raw status is a u32. Use a direct cast to avoid
-    // panicking on negative i32 values produced by prior narrowing casts.
-    std::process::ExitStatus::from_raw(code as u32)
+    #[expect(clippy::unwrap_used)]
+    std::process::ExitStatus::from_raw(code.try_into().unwrap())
 }

 #[cfg(test)]
--- a/codex-rs/core/src/features.rs
+++ b/codex-rs/core/src/features.rs
@@ -43,8 +43,6 @@ pub enum Feature {
    SandboxCommandAssessment,
    /// Create a ghost commit at each turn.
    GhostCommit,
-    /// Enable Windows sandbox (restricted token) on Windows.
-    WindowsSandbox,
 }

 impl Feature {
@@ -68,22 +66,16 @@ impl Feature {
    }
 }

-#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
-pub struct LegacyFeatureUsage {
-    pub alias: String,
-    pub feature: Feature,
-}
-
 /// Holds the effective set of enabled features.
 #[derive(Debug, Clone, Default, PartialEq)]
 pub struct Features {
    enabled: BTreeSet<Feature>,
-    legacy_usages: BTreeSet<LegacyFeatureUsage>,
 }

 #[derive(Debug, Clone, Default)]
 pub struct FeatureOverrides {
    pub include_apply_patch_tool: Option<bool>,
+    pub include_view_image_tool: Option<bool>,
    pub web_search_request: Option<bool>,
    pub experimental_sandbox_command_assessment: Option<bool>,
 }
@@ -92,6 +84,7 @@ impl FeatureOverrides {
    fn apply(self, features: &mut Features) {
        LegacyFeatureToggles {
            include_apply_patch_tool: self.include_apply_patch_tool,
+            include_view_image_tool: self.include_view_image_tool,
            tools_web_search: self.web_search_request,
            ..Default::default()
        }
@@ -108,10 +101,7 @@ impl Features {
                set.insert(spec.id);
            }
        }
-        Self {
-            enabled: set,
-            legacy_usages: BTreeSet::new(),
-        }
+        Self { enabled: set }
    }

    pub fn enabled(&self, f: Feature) -> bool {
@@ -122,29 +112,8 @@ impl Features {
        self.enabled.insert(f);
    }

-    pub fn disable(&mut self, f: Feature) -> &mut Self {
+    pub fn disable(&mut self, f: Feature) {
        self.enabled.remove(&f);
-        self
-    }
-
-    pub fn record_legacy_usage_force(&mut self, alias: &str, feature: Feature) {
-        self.legacy_usages.insert(LegacyFeatureUsage {
-            alias: alias.to_string(),
-            feature,
-        });
-    }
-
-    pub fn record_legacy_usage(&mut self, alias: &str, feature: Feature) {
-        if alias == feature.key() {
-            return;
-        }
-        self.record_legacy_usage_force(alias, feature);
-    }
-
-    pub fn legacy_feature_usages(&self) -> impl Iterator<Item = (&str, Feature)> + '_ {
-        self.legacy_usages
-            .iter()
-            .map(|usage| (usage.alias.as_str(), usage.feature))
    }

    /// Apply a table of key -> bool toggles (e.g. from TOML).
@@ -152,9 +121,6 @@ impl Features {
        for (k, v) in m {
            match feature_for_key(k) {
                Some(feat) => {
-                    if k != feat.key() {
-                        self.record_legacy_usage(k.as_str(), feat);
-                    }
                    if *v {
                        self.enable(feat);
                    } else {
@@ -193,6 +159,7 @@ impl Features {

        let profile_legacy = LegacyFeatureToggles {
            include_apply_patch_tool: config_profile.include_apply_patch_tool,
+            include_view_image_tool: config_profile.include_view_image_tool,
            experimental_sandbox_command_assessment: config_profile
                .experimental_sandbox_command_assessment,
            experimental_use_freeform_apply_patch: config_profile
@@ -294,10 +261,4 @@ pub const FEATURES: &[FeatureSpec] = &[
        stage: Stage::Experimental,
        default_enabled: false,
    },
-    FeatureSpec {
-        id: Feature::WindowsSandbox,
-        key: "enable_experimental_windows_sandbox",
-        stage: Stage::Experimental,
-        default_enabled: false,
-    },
 ];
--- a/codex-rs/core/src/features/legacy.rs
+++ b/codex-rs/core/src/features/legacy.rs
@@ -33,6 +33,10 @@ const ALIASES: &[Alias] = &[
        legacy_key: "include_apply_patch_tool",
        feature: Feature::ApplyPatchFreeform,
    },
+    Alias {
+        legacy_key: "include_view_image_tool",
+        feature: Feature::ViewImageTool,
+    },
    Alias {
        legacy_key: "web_search",
        feature: Feature::WebSearchRequest,
@@ -52,6 +56,7 @@ pub(crate) fn feature_for_key(key: &str) -> Option<Feature> {
 #[derive(Debug, Default)]
 pub struct LegacyFeatureToggles {
    pub include_apply_patch_tool: Option<bool>,
+    pub include_view_image_tool: Option<bool>,
    pub experimental_sandbox_command_assessment: Option<bool>,
    pub experimental_use_freeform_apply_patch: Option<bool>,
    pub experimental_use_exec_command_tool: Option<bool>,
@@ -105,6 +110,12 @@ impl LegacyFeatureToggles {
            self.tools_web_search,
            "tools.web_search",
        );
+        set_if_some(
+            features,
+            Feature::ViewImageTool,
+            self.include_view_image_tool,
+            "include_view_image_tool",
+        );
        set_if_some(
            features,
            Feature::ViewImageTool,
@@ -123,7 +134,6 @@ fn set_if_some(
    if let Some(enabled) = maybe_value {
        set_feature(features, feature, enabled);
        log_alias(alias_key, feature);
-        features.record_legacy_usage(alias_key, feature);
    }
 }

--- a/codex-rs/core/src/git_info.rs
+++ b/codex-rs/core/src/git_info.rs
@@ -260,16 +260,6 @@ async fn get_default_branch(cwd: &Path) -> Option<String> {
    get_default_branch_local(cwd).await
 }

-/// Determine the repository's default branch name, if available.
-///
-/// This inspects remote configuration first (including the symbolic `HEAD`
-/// reference) and falls back to common local defaults such as `main` or
-/// `master`. Returns `None` when the information cannot be determined, for
-/// example when the current directory is not inside a Git repository.
-pub async fn default_branch_name(cwd: &Path) -> Option<String> {
-    get_default_branch(cwd).await
-}
-
 /// Attempt to determine the repository's default branch name from local branches.
 async fn get_default_branch_local(cwd: &Path) -> Option<String> {
    for candidate in ["main", "master"] {
--- a/codex-rs/core/src/lib.rs
+++ b/codex-rs/core/src/lib.rs
@@ -14,7 +14,6 @@ mod client_common;
 pub mod codex;
 mod codex_conversation;
 pub use codex_conversation::CodexConversation;
-mod codex_delegate;
 mod command_safety;
 pub mod config;
 pub mod config_loader;
@@ -85,7 +84,6 @@ pub mod util;
 pub use apply_patch::CODEX_APPLY_PATCH_ARG1;
 pub use command_safety::is_safe_command;
 pub use safety::get_platform_sandbox;
-pub use safety::set_windows_sandbox_enabled;
 // Re-export the protocol types from the standalone `codex-protocol` crate so existing
 // `codex_core::protocol::...` references continue to work across the workspace.
 pub use codex_protocol::protocol;
--- a/codex-rs/core/src/model_family.rs
+++ b/codex-rs/core/src/model_family.rs
@@ -160,7 +160,7 @@ pub fn find_family_for_model(slug: &str) -> Option<ModelFamily> {
            reasoning_summary_format: ReasoningSummaryFormat::Experimental,
            base_instructions: GPT_5_CODEX_INSTRUCTIONS.to_string(),
            apply_patch_tool_type: Some(ApplyPatchToolType::Freeform),
-            support_verbosity: false,
+            support_verbosity: true,
        )
    } else if slug.starts_with("gpt-5") {
        model_family!(
--- a/codex-rs/core/src/response_processing.rs
+++ b/codex-rs/core/src/response_processing.rs
@@ -1,5 +1,6 @@
 use crate::codex::Session;
 use crate::codex::TurnContext;
+use crate::conversation_history::ConversationHistory;
 use codex_protocol::models::FunctionCallOutputPayload;
 use codex_protocol::models::ResponseInputItem;
 use codex_protocol::models::ResponseItem;
@@ -10,6 +11,8 @@ use tracing::warn;
 /// - `ResponseInputItem`s to send back to the model on the next turn.
 pub(crate) async fn process_items(
    processed_items: Vec<crate::codex::ProcessedResponseItem>,
+    is_review_mode: bool,
+    review_thread_history: &mut ConversationHistory,
    sess: &Session,
    turn_context: &TurnContext,
 ) -> (Vec<ResponseInputItem>, Vec<ResponseItem>) {
@@ -97,8 +100,12 @@ pub(crate) async fn process_items(

    // Only attempt to take the lock if there is something to record.
    if !items_to_record_in_conversation_history.is_empty() {
-        sess.record_conversation_items(turn_context, &items_to_record_in_conversation_history)
-            .await;
+        if is_review_mode {
+            review_thread_history.record_items(items_to_record_in_conversation_history.iter());
+        } else {
+            sess.record_conversation_items(turn_context, &items_to_record_in_conversation_history)
+                .await;
+        }
    }
    (responses, items_to_record_in_conversation_history)
 }
--- a/codex-rs/core/src/rollout/list.rs
+++ b/codex-rs/core/src/rollout/list.rs
@@ -409,7 +409,7 @@ async fn read_head_and_tail(

        match rollout_line.item {
            RolloutItem::SessionMeta(session_meta_line) => {
-                summary.source = Some(session_meta_line.meta.source.clone());
+                summary.source = Some(session_meta_line.meta.source);
                summary.model_provider = session_meta_line.meta.model_provider.clone();
                summary.created_at = summary
                    .created_at
--- a/codex-rs/core/src/rollout/policy.rs
+++ b/codex-rs/core/src/rollout/policy.rs
@@ -46,7 +46,6 @@ pub(crate) fn should_persist_event_msg(ev: &EventMsg) -> bool {
        | EventMsg::UndoCompleted(_)
        | EventMsg::TurnAborted(_) => true,
        EventMsg::Error(_)
-        | EventMsg::Warning(_)
        | EventMsg::TaskStarted(_)
        | EventMsg::TaskComplete(_)
        | EventMsg::AgentMessageDelta(_)
@@ -76,11 +75,7 @@ pub(crate) fn should_persist_event_msg(ev: &EventMsg) -> bool {
        | EventMsg::PlanUpdate(_)
        | EventMsg::ShutdownComplete
        | EventMsg::ViewImageToolCall(_)
-        | EventMsg::DeprecationNotice(_)
        | EventMsg::ItemStarted(_)
-        | EventMsg::ItemCompleted(_)
-        | EventMsg::AgentMessageContentDelta(_)
-        | EventMsg::ReasoningContentDelta(_)
-        | EventMsg::ReasoningRawContentDelta(_) => false,
+        | EventMsg::ItemCompleted(_) => false,
    }
 }
--- a/codex-rs/core/src/rollout/recorder.rs
+++ b/codex-rs/core/src/rollout/recorder.rs
@@ -207,7 +207,7 @@ impl RolloutRecorder {
            .map_err(|e| IoError::other(format!("failed waiting for rollout flush: {e}")))
    }

-    pub async fn get_rollout_history(path: &Path) -> std::io::Result<InitialHistory> {
+    pub(crate) async fn get_rollout_history(path: &Path) -> std::io::Result<InitialHistory> {
        info!("Resuming rollout from {path:?}");
        let text = tokio::fs::read_to_string(path).await?;
        if text.trim().is_empty() {
--- a/codex-rs/core/src/safety.rs
+++ b/codex-rs/core/src/safety.rs
@@ -10,23 +10,6 @@ use crate::exec::SandboxType;
 use crate::protocol::AskForApproval;
 use crate::protocol::SandboxPolicy;

-#[cfg(target_os = "windows")]
-use std::sync::atomic::AtomicBool;
-#[cfg(target_os = "windows")]
-use std::sync::atomic::Ordering;
-
-#[cfg(target_os = "windows")]
-static WINDOWS_SANDBOX_ENABLED: AtomicBool = AtomicBool::new(false);
-
-#[cfg(target_os = "windows")]
-pub fn set_windows_sandbox_enabled(enabled: bool) {
-    WINDOWS_SANDBOX_ENABLED.store(enabled, Ordering::Relaxed);
-}
-
-#[cfg(not(target_os = "windows"))]
-#[allow(dead_code)]
-pub fn set_windows_sandbox_enabled(_enabled: bool) {}
-
 #[derive(Debug, PartialEq)]
 pub enum SafetyCheck {
    AutoApprove {
@@ -101,14 +84,6 @@ pub fn get_platform_sandbox() -> Option<SandboxType> {
        Some(SandboxType::MacosSeatbelt)
    } else if cfg!(target_os = "linux") {
        Some(SandboxType::LinuxSeccomp)
-    } else if cfg!(target_os = "windows") {
-        #[cfg(target_os = "windows")]
-        {
-            if WINDOWS_SANDBOX_ENABLED.load(Ordering::Relaxed) {
-                return Some(SandboxType::WindowsRestrictedToken);
-            }
-        }
-        None
    } else {
        None
    }
--- a/codex-rs/core/src/sandboxing/assessment.rs
+++ b/codex-rs/core/src/sandboxing/assessment.rs
@@ -17,7 +17,6 @@ use codex_protocol::ConversationId;
 use codex_protocol::models::ContentItem;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::protocol::SandboxCommandAssessment;
-use codex_protocol::protocol::SessionSource;
 use futures::StreamExt;
 use serde_json::json;
 use tokio::time::timeout;
@@ -25,6 +24,16 @@ use tracing::warn;

 const SANDBOX_ASSESSMENT_TIMEOUT: Duration = Duration::from_secs(5);

+const SANDBOX_RISK_CATEGORY_VALUES: &[&str] = &[
+    "data_deletion",
+    "data_exfiltration",
+    "privilege_escalation",
+    "system_modification",
+    "network_access",
+    "resource_exhaustion",
+    "compliance",
+];
+
 #[derive(Template)]
 #[template(path = "sandboxing/assessment_prompt.md", escape = "none")]
 struct SandboxAssessmentPromptTemplate<'a> {
@@ -44,7 +53,6 @@ pub(crate) async fn assess_command(
    auth_manager: Arc<AuthManager>,
    parent_otel: &OtelEventManager,
    conversation_id: ConversationId,
-    session_source: SessionSource,
    call_id: &str,
    command: &[String],
    sandbox_policy: &SandboxPolicy,
@@ -133,7 +141,6 @@ pub(crate) async fn assess_command(
        config.model_reasoning_effort,
        config.model_reasoning_summary,
        conversation_id,
-        session_source,
    );

    let start = Instant::now();
@@ -166,26 +173,27 @@ pub(crate) async fn assess_command(
                    call_id,
                    "success",
                    Some(assessment.risk_level),
+                    &assessment.risk_categories,
                    duration,
                );
                return Some(assessment);
            }
            Err(err) => {
                warn!("failed to parse sandbox assessment JSON: {err}");
-                parent_otel.sandbox_assessment(call_id, "parse_error", None, duration);
+                parent_otel.sandbox_assessment(call_id, "parse_error", None, &[], duration);
            }
        },
        Ok(Ok(None)) => {
            warn!("sandbox assessment response did not include any message");
-            parent_otel.sandbox_assessment(call_id, "no_output", None, duration);
+            parent_otel.sandbox_assessment(call_id, "no_output", None, &[], duration);
        }
        Ok(Err(err)) => {
            warn!("sandbox assessment failed: {err}");
-            parent_otel.sandbox_assessment(call_id, "model_error", None, duration);
+            parent_otel.sandbox_assessment(call_id, "model_error", None, &[], duration);
        }
        Err(_) => {
            warn!("sandbox assessment timed out");
-            parent_otel.sandbox_assessment(call_id, "timeout", None, duration);
+            parent_otel.sandbox_assessment(call_id, "timeout", None, &[], duration);
        }
    }

@@ -218,7 +226,7 @@ fn sandbox_roots_for_prompt(policy: &SandboxPolicy, cwd: &Path) -> Vec<PathBuf>
 fn sandbox_assessment_schema() -> serde_json::Value {
    json!({
        "type": "object",
-        "required": ["description", "risk_level"],
+        "required": ["description", "risk_level", "risk_categories"],
        "properties": {
            "description": {
                "type": "string",
@@ -229,6 +237,13 @@ fn sandbox_assessment_schema() -> serde_json::Value {
                "type": "string",
                "enum": ["low", "medium", "high"]
            },
+            "risk_categories": {
+                "type": "array",
+                "items": {
+                    "type": "string",
+                    "enum": SANDBOX_RISK_CATEGORY_VALUES
+                }
+            }
        },
        "additionalProperties": false
    })
--- a/codex-rs/core/src/sandboxing/mod.rs
+++ b/codex-rs/core/src/sandboxing/mod.rs
@@ -74,13 +74,25 @@ impl SandboxManager {
        match pref {
            SandboxablePreference::Forbid => SandboxType::None,
            SandboxablePreference::Require => {
-                // Require a platform sandbox when available; on Windows this
-                // respects the enable_experimental_windows_sandbox feature.
-                crate::safety::get_platform_sandbox().unwrap_or(SandboxType::None)
+                #[cfg(target_os = "macos")]
+                {
+                    return SandboxType::MacosSeatbelt;
+                }
+                #[cfg(target_os = "linux")]
+                {
+                    return SandboxType::LinuxSeccomp;
+                }
+                #[allow(unreachable_code)]
+                SandboxType::None
            }
            SandboxablePreference::Auto => match policy {
                SandboxPolicy::DangerFullAccess => SandboxType::None,
-                _ => crate::safety::get_platform_sandbox().unwrap_or(SandboxType::None),
+                #[cfg(target_os = "macos")]
+                _ => SandboxType::MacosSeatbelt,
+                #[cfg(target_os = "linux")]
+                _ => SandboxType::LinuxSeccomp,
+                #[cfg(not(any(target_os = "macos", target_os = "linux")))]
+                _ => SandboxType::None,
            },
        }
    }
@@ -131,14 +143,6 @@ impl SandboxManager {
                    Some("codex-linux-sandbox".to_string()),
                )
            }
-            // On Windows, the restricted token sandbox executes in-process via the
-            // codex-windows-sandbox crate. We leave the command unchanged here and
-            // branch during execution based on the sandbox type.
-            #[cfg(target_os = "windows")]
-            SandboxType::WindowsRestrictedToken => (command, HashMap::new(), None),
-            // When building for non-Windows targets, this variant is never constructed.
-            #[cfg(not(target_os = "windows"))]
-            SandboxType::WindowsRestrictedToken => (command, HashMap::new(), None),
        };

        env.extend(sandbox_env);
--- a/codex-rs/core/src/seatbelt_base_policy.sbpl
+++ b/codex-rs/core/src/seatbelt_base_policy.sbpl
@@ -71,10 +71,6 @@
  (sysctl-name-prefix "net.routetable.")
 )

-; Allow Java to set CPU type grade when required
-(allow sysctl-write
-  (sysctl-name "kern.grade_cputype"))
-
 ; IOKit
 (allow iokit-open
  (iokit-registry-entry-class "RootDomainUserClient")
--- a/codex-rs/core/src/shell.rs
+++ b/codex-rs/core/src/shell.rs
@@ -98,7 +98,6 @@ pub async fn default_user_shell() -> Shell {
        .unwrap_or(false);
    let bash_exe = if Command::new("bash.exe")
        .arg("--version")
-        .stdin(std::process::Stdio::null())
        .output()
        .await
        .ok()
--- a/codex-rs/core/src/spawn.rs
+++ b/codex-rs/core/src/spawn.rs
@@ -67,8 +67,7 @@ pub(crate) async fn spawn_child_async(
    // This relies on prctl(2), so it only works on Linux.
    #[cfg(target_os = "linux")]
    unsafe {
-        let parent_pid = libc::getpid();
-        cmd.pre_exec(move || {
+        cmd.pre_exec(|| {
            // This prctl call effectively requests, "deliver SIGTERM when my
            // current parent dies."
            if libc::prctl(libc::PR_SET_PDEATHSIG, libc::SIGTERM) == -1 {
@@ -77,10 +76,9 @@ pub(crate) async fn spawn_child_async(

            // Though if there was a race condition and this pre_exec() block is
            // run _after_ the parent (i.e., the Codex process) has already
-            // exited, then parent will be the closest configured "subreaper"
-            // ancestor process, or PID 1 (init). If the Codex process has exited
-            // already, so should the child process.
-            if libc::getppid() != parent_pid {
+            // exited, then the parent is the _init_ process (which will never
+            // die), so we should just terminate the child process now.
+            if libc::getppid() == 1 {
                libc::raise(libc::SIGTERM);
            }
            Ok(())
--- a/codex-rs/core/src/state/session.rs
+++ b/codex-rs/core/src/state/session.rs
@@ -34,6 +34,10 @@ impl SessionState {
        self.history.record_items(items)
    }

+    pub(crate) fn history_snapshot(&mut self) -> Vec<ResponseItem> {
+        self.history.get_history()
+    }
+
    pub(crate) fn clone_history(&self) -> ConversationHistory {
        self.history.clone()
    }
--- a/codex-rs/core/src/state/turn.rs
+++ b/codex-rs/core/src/state/turn.rs
@@ -37,6 +37,16 @@ pub(crate) enum TaskKind {
    Compact,
 }

+impl TaskKind {
+    pub(crate) fn header_value(self) -> &'static str {
+        match self {
+            TaskKind::Regular => "standard",
+            TaskKind::Review => "review",
+            TaskKind::Compact => "compact",
+        }
+    }
+}
+
 #[derive(Clone)]
 pub(crate) struct RunningTask {
    pub(crate) done: Arc<Notify>,
@@ -113,3 +123,15 @@ impl ActiveTurn {
        ts.clear_pending();
    }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::TaskKind;
+
+    #[test]
+    fn header_value_matches_expected_labels() {
+        assert_eq!(TaskKind::Regular.header_value(), "standard");
+        assert_eq!(TaskKind::Review.header_value(), "review");
+        assert_eq!(TaskKind::Compact.header_value(), "compact");
+    }
+}
--- a/codex-rs/core/src/tasks/ghost_snapshot.rs
+++ b/codex-rs/core/src/tasks/ghost_snapshot.rs
@@ -3,9 +3,9 @@ use crate::state::TaskKind;
 use crate::tasks::SessionTask;
 use crate::tasks::SessionTaskContext;
 use async_trait::async_trait;
-use codex_git::CreateGhostCommitOptions;
-use codex_git::GitToolingError;
-use codex_git::create_ghost_commit;
+use codex_git_tooling::CreateGhostCommitOptions;
+use codex_git_tooling::GitToolingError;
+use codex_git_tooling::create_ghost_commit;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::user_input::UserInput;
 use codex_utils_readiness::Readiness;
--- a/codex-rs/core/src/tasks/mod.rs
+++ b/codex-rs/core/src/tasks/mod.rs
@@ -3,7 +3,6 @@ mod ghost_snapshot;
 mod regular;
 mod review;
 mod undo;
-mod user_shell;

 use std::sync::Arc;
 use std::time::Duration;
@@ -16,7 +15,6 @@ use tokio_util::task::AbortOnDropHandle;
 use tracing::trace;
 use tracing::warn;

-use crate::AuthManager;
 use crate::codex::Session;
 use crate::codex::TurnContext;
 use crate::protocol::EventMsg;
@@ -33,7 +31,6 @@ pub(crate) use ghost_snapshot::GhostSnapshotTask;
 pub(crate) use regular::RegularTask;
 pub(crate) use review::ReviewTask;
 pub(crate) use undo::UndoTask;
-pub(crate) use user_shell::UserShellCommandTask;

 const GRACEFULL_INTERRUPTION_TIMEOUT_MS: u64 = 100;

@@ -51,10 +48,6 @@ impl SessionTaskContext {
    pub(crate) fn clone_session(&self) -> Arc<Session> {
        Arc::clone(&self.session)
    }
-
-    pub(crate) fn auth_manager(&self) -> Arc<AuthManager> {
-        Arc::clone(&self.session.services.auth_manager)
-    }
 }

 /// Async task that drives a [`Session`] turn.
@@ -128,7 +121,7 @@ impl Session {
                        task_cancellation_token.child_token(),
                    )
                    .await;
-                session_ctx.clone_session().flush_rollout().await;
+
                if !task_cancellation_token.is_cancelled() {
                    // Emit completion uniformly from spawn site so all tasks share the same lifecycle.
                    let sess = session_ctx.clone_session();
--- a/codex-rs/core/src/tasks/regular.rs
+++ b/codex-rs/core/src/tasks/regular.rs
@@ -28,6 +28,6 @@ impl SessionTask for RegularTask {
        cancellation_token: CancellationToken,
    ) -> Option<String> {
        let sess = session.clone_session();
-        run_task(sess, ctx, input, cancellation_token).await
+        run_task(sess, ctx, input, TaskKind::Regular, cancellation_token).await
    }
 }
--- a/codex-rs/core/src/tasks/review.rs
+++ b/codex-rs/core/src/tasks/review.rs
@@ -1,22 +1,11 @@
 use std::sync::Arc;

 use async_trait::async_trait;
-use codex_protocol::items::TurnItem;
-use codex_protocol::models::ContentItem;
-use codex_protocol::models::ResponseItem;
-use codex_protocol::protocol::AgentMessageContentDeltaEvent;
-use codex_protocol::protocol::AgentMessageDeltaEvent;
-use codex_protocol::protocol::Event;
-use codex_protocol::protocol::EventMsg;
-use codex_protocol::protocol::ExitedReviewModeEvent;
-use codex_protocol::protocol::ItemCompletedEvent;
-use codex_protocol::protocol::ReviewOutputEvent;
 use tokio_util::sync::CancellationToken;

-use crate::codex::Session;
 use crate::codex::TurnContext;
-use crate::codex_delegate::run_codex_conversation_one_shot;
-use crate::review_format::format_review_findings_block;
+use crate::codex::exit_review_mode;
+use crate::codex::run_task;
 use crate::state::TaskKind;
 use codex_protocol::user_input::UserInput;

@@ -39,172 +28,11 @@ impl SessionTask for ReviewTask {
        input: Vec<UserInput>,
        cancellation_token: CancellationToken,
    ) -> Option<String> {
-        // Start sub-codex conversation and get the receiver for events.
-        let output = match start_review_conversation(
-            session.clone(),
-            ctx.clone(),
-            input,
-            cancellation_token.clone(),
-        )
-        .await
-        {
-            Some(receiver) => process_review_events(session.clone(), ctx.clone(), receiver).await,
-            None => None,
-        };
-        if !cancellation_token.is_cancelled() {
-            exit_review_mode(session.clone_session(), output.clone(), ctx.clone()).await;
-        }
-        None
+        let sess = session.clone_session();
+        run_task(sess, ctx, input, TaskKind::Review, cancellation_token).await
    }

    async fn abort(&self, session: Arc<SessionTaskContext>, ctx: Arc<TurnContext>) {
-        exit_review_mode(session.clone_session(), None, ctx).await;
+        exit_review_mode(session.clone_session(), ctx, None).await;
    }
 }
-
-async fn start_review_conversation(
-    session: Arc<SessionTaskContext>,
-    ctx: Arc<TurnContext>,
-    input: Vec<UserInput>,
-    cancellation_token: CancellationToken,
-) -> Option<async_channel::Receiver<Event>> {
-    let config = ctx.client.config();
-    let mut sub_agent_config = config.as_ref().clone();
-    // Run with only reviewer rubric — drop outer user_instructions
-    sub_agent_config.user_instructions = None;
-    // Avoid loading project docs; reviewer only needs findings
-    sub_agent_config.project_doc_max_bytes = 0;
-    // Carry over review-only feature restrictions so the delegate cannot
-    // re-enable blocked tools (web search, view image, streamable shell).
-    sub_agent_config
-        .features
-        .disable(crate::features::Feature::WebSearchRequest)
-        .disable(crate::features::Feature::ViewImageTool)
-        .disable(crate::features::Feature::StreamableShell);
-    // Set explicit review rubric for the sub-agent
-    sub_agent_config.base_instructions = Some(crate::REVIEW_PROMPT.to_string());
-    (run_codex_conversation_one_shot(
-        sub_agent_config,
-        session.auth_manager(),
-        input,
-        session.clone_session(),
-        ctx.clone(),
-        cancellation_token,
-        None,
-    )
-    .await)
-        .ok()
-        .map(|io| io.rx_event)
-}
-
-async fn process_review_events(
-    session: Arc<SessionTaskContext>,
-    ctx: Arc<TurnContext>,
-    receiver: async_channel::Receiver<Event>,
-) -> Option<ReviewOutputEvent> {
-    let mut prev_agent_message: Option<Event> = None;
-    while let Ok(event) = receiver.recv().await {
-        match event.clone().msg {
-            EventMsg::AgentMessage(_) => {
-                if let Some(prev) = prev_agent_message.take() {
-                    session
-                        .clone_session()
-                        .send_event(ctx.as_ref(), prev.msg)
-                        .await;
-                }
-                prev_agent_message = Some(event);
-            }
-            // Suppress ItemCompleted only for assistant messages: forwarding it
-            // would trigger legacy AgentMessage via as_legacy_events(), which this
-            // review flow intentionally hides in favor of structured output.
-            EventMsg::ItemCompleted(ItemCompletedEvent {
-                item: TurnItem::AgentMessage(_),
-                ..
-            })
-            | EventMsg::AgentMessageDelta(AgentMessageDeltaEvent { .. })
-            | EventMsg::AgentMessageContentDelta(AgentMessageContentDeltaEvent { .. }) => {}
-            EventMsg::TaskComplete(task_complete) => {
-                // Parse review output from the last agent message (if present).
-                let out = task_complete
-                    .last_agent_message
-                    .as_deref()
-                    .map(parse_review_output_event);
-                return out;
-            }
-            EventMsg::TurnAborted(_) => {
-                // Cancellation or abort: consumer will finalize with None.
-                return None;
-            }
-            other => {
-                session
-                    .clone_session()
-                    .send_event(ctx.as_ref(), other)
-                    .await;
-            }
-        }
-    }
-    // Channel closed without TaskComplete: treat as interrupted.
-    None
-}
-
-/// Parse a ReviewOutputEvent from a text blob returned by the reviewer model.
-/// If the text is valid JSON matching ReviewOutputEvent, deserialize it.
-/// Otherwise, attempt to extract the first JSON object substring and parse it.
-/// If parsing still fails, return a structured fallback carrying the plain text
-/// in `overall_explanation`.
-fn parse_review_output_event(text: &str) -> ReviewOutputEvent {
-    if let Ok(ev) = serde_json::from_str::<ReviewOutputEvent>(text) {
-        return ev;
-    }
-    if let (Some(start), Some(end)) = (text.find('{'), text.rfind('}'))
-        && start < end
-        && let Some(slice) = text.get(start..=end)
-        && let Ok(ev) = serde_json::from_str::<ReviewOutputEvent>(slice)
-    {
-        return ev;
-    }
-    ReviewOutputEvent {
-        overall_explanation: text.to_string(),
-        ..Default::default()
-    }
-}
-
-/// Emits an ExitedReviewMode Event with optional ReviewOutput,
-/// and records a developer message with the review output.
-pub(crate) async fn exit_review_mode(
-    session: Arc<Session>,
-    review_output: Option<ReviewOutputEvent>,
-    ctx: Arc<TurnContext>,
-) {
-    let user_message = if let Some(out) = review_output.clone() {
-        let mut findings_str = String::new();
-        let text = out.overall_explanation.trim();
-        if !text.is_empty() {
-            findings_str.push_str(text);
-        }
-        if !out.findings.is_empty() {
-            let block = format_review_findings_block(&out.findings, None);
-            findings_str.push_str(&format!("\n{block}"));
-        }
-        crate::client_common::REVIEW_EXIT_SUCCESS_TMPL.replace("{results}", &findings_str)
-    } else {
-        crate::client_common::REVIEW_EXIT_INTERRUPTED_TMPL.to_string()
-    };
-
-    session
-        .record_conversation_items(
-            &ctx,
-            &[ResponseItem::Message {
-                id: None,
-                role: "user".to_string(),
-                content: vec![ContentItem::InputText { text: user_message }],
-            }],
-        )
-        .await;
-    session
-        .send_event(
-            ctx.as_ref(),
-            EventMsg::ExitedReviewMode(ExitedReviewModeEvent { review_output }),
-        )
-        .await;
-}
--- a/codex-rs/core/src/tasks/undo.rs
+++ b/codex-rs/core/src/tasks/undo.rs
@@ -8,7 +8,7 @@ use crate::state::TaskKind;
 use crate::tasks::SessionTask;
 use crate::tasks::SessionTaskContext;
 use async_trait::async_trait;
-use codex_git::restore_ghost_commit;
+use codex_git_tooling::restore_ghost_commit;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::user_input::UserInput;
 use tokio_util::sync::CancellationToken;
--- a/codex-rs/core/src/tasks/user_shell.rs
+++ b/codex-rs/core/src/tasks/user_shell.rs
@@ -1,112 +0,0 @@
-use std::sync::Arc;
-
-use async_trait::async_trait;
-use codex_protocol::models::ShellToolCallParams;
-use codex_protocol::user_input::UserInput;
-use tokio::sync::Mutex;
-use tokio_util::sync::CancellationToken;
-use tracing::error;
-use uuid::Uuid;
-
-use crate::codex::TurnContext;
-use crate::protocol::EventMsg;
-use crate::protocol::TaskStartedEvent;
-use crate::state::TaskKind;
-use crate::tools::context::ToolPayload;
-use crate::tools::parallel::ToolCallRuntime;
-use crate::tools::router::ToolCall;
-use crate::tools::router::ToolRouter;
-use crate::turn_diff_tracker::TurnDiffTracker;
-
-use super::SessionTask;
-use super::SessionTaskContext;
-
-const USER_SHELL_TOOL_NAME: &str = "local_shell";
-
-#[derive(Clone)]
-pub(crate) struct UserShellCommandTask {
-    command: String,
-}
-
-impl UserShellCommandTask {
-    pub(crate) fn new(command: String) -> Self {
-        Self { command }
-    }
-}
-
-#[async_trait]
-impl SessionTask for UserShellCommandTask {
-    fn kind(&self) -> TaskKind {
-        TaskKind::Regular
-    }
-
-    async fn run(
-        self: Arc<Self>,
-        session: Arc<SessionTaskContext>,
-        turn_context: Arc<TurnContext>,
-        _input: Vec<UserInput>,
-        cancellation_token: CancellationToken,
-    ) -> Option<String> {
-        let event = EventMsg::TaskStarted(TaskStartedEvent {
-            model_context_window: turn_context.client.get_model_context_window(),
-        });
-        let session = session.clone_session();
-        session.send_event(turn_context.as_ref(), event).await;
-
-        // Execute the user's script under their default shell when known; this
-        // allows commands that use shell features (pipes, &&, redirects, etc.).
-        // We do not source rc files or otherwise reformat the script.
-        let shell_invocation = match session.user_shell() {
-            crate::shell::Shell::Zsh(zsh) => vec![
-                zsh.shell_path.clone(),
-                "-lc".to_string(),
-                self.command.clone(),
-            ],
-            crate::shell::Shell::Bash(bash) => vec![
-                bash.shell_path.clone(),
-                "-lc".to_string(),
-                self.command.clone(),
-            ],
-            crate::shell::Shell::PowerShell(ps) => vec![
-                ps.exe.clone(),
-                "-NoProfile".to_string(),
-                "-Command".to_string(),
-                self.command.clone(),
-            ],
-            crate::shell::Shell::Unknown => {
-                shlex::split(&self.command).unwrap_or_else(|| vec![self.command.clone()])
-            }
-        };
-
-        let params = ShellToolCallParams {
-            command: shell_invocation,
-            workdir: None,
-            timeout_ms: None,
-            with_escalated_permissions: None,
-            justification: None,
-        };
-
-        let tool_call = ToolCall {
-            tool_name: USER_SHELL_TOOL_NAME.to_string(),
-            call_id: Uuid::new_v4().to_string(),
-            payload: ToolPayload::LocalShell { params },
-        };
-
-        let router = Arc::new(ToolRouter::from_config(&turn_context.tools_config, None));
-        let tracker = Arc::new(Mutex::new(TurnDiffTracker::new()));
-        let runtime = ToolCallRuntime::new(
-            Arc::clone(&router),
-            Arc::clone(&session),
-            Arc::clone(&turn_context),
-            Arc::clone(&tracker),
-        );
-
-        if let Err(err) = runtime
-            .handle_tool_call(tool_call, cancellation_token)
-            .await
-        {
-            error!("user shell command failed: {err:?}");
-        }
-        None
-    }
-}
--- a/codex-rs/core/src/tools/context.rs
+++ b/codex-rs/core/src/tools/context.rs
@@ -255,9 +255,6 @@ pub(crate) struct ExecCommandContext {
    pub(crate) apply_patch: Option<ApplyPatchCommandContext>,
    pub(crate) tool_name: String,
    pub(crate) otel_event_manager: OtelEventManager,
-    // TODO(abhisek-oai): Find a better way to track this.
-    // https://github.com/openai/codex/pull/2471/files#r2470352242
-    pub(crate) is_user_shell_command: bool,
 }

 #[derive(Clone, Debug)]
--- a/codex-rs/core/src/tools/events.rs
+++ b/codex-rs/core/src/tools/events.rs
@@ -56,12 +56,7 @@ pub(crate) enum ToolEventFailure {
    Message(String),
 }

-pub(crate) async fn emit_exec_command_begin(
-    ctx: ToolEventCtx<'_>,
-    command: &[String],
-    cwd: &Path,
-    is_user_shell_command: bool,
-) {
+pub(crate) async fn emit_exec_command_begin(ctx: ToolEventCtx<'_>, command: &[String], cwd: &Path) {
    ctx.session
        .send_event(
            ctx.turn,
@@ -70,7 +65,6 @@ pub(crate) async fn emit_exec_command_begin(
                command: command.to_vec(),
                cwd: cwd.to_path_buf(),
                parsed_cmd: parse_command(command),
-                is_user_shell_command,
            }),
        )
        .await;
@@ -80,7 +74,6 @@ pub(crate) enum ToolEmitter {
    Shell {
        command: Vec<String>,
        cwd: PathBuf,
-        is_user_shell_command: bool,
    },
    ApplyPatch {
        changes: HashMap<PathBuf, FileChange>,
@@ -96,12 +89,8 @@ pub(crate) enum ToolEmitter {
 }

 impl ToolEmitter {
-    pub fn shell(command: Vec<String>, cwd: PathBuf, is_user_shell_command: bool) -> Self {
-        Self::Shell {
-            command,
-            cwd,
-            is_user_shell_command,
-        }
+    pub fn shell(command: Vec<String>, cwd: PathBuf) -> Self {
+        Self::Shell { command, cwd }
    }

    pub fn apply_patch(changes: HashMap<PathBuf, FileChange>, auto_approved: bool) -> Self {
@@ -121,15 +110,8 @@ impl ToolEmitter {

    pub async fn emit(&self, ctx: ToolEventCtx<'_>, stage: ToolEventStage) {
        match (self, stage) {
-            (
-                Self::Shell {
-                    command,
-                    cwd,
-                    is_user_shell_command,
-                },
-                ToolEventStage::Begin,
-            ) => {
-                emit_exec_command_begin(ctx, command, cwd.as_path(), *is_user_shell_command).await;
+            (Self::Shell { command, cwd }, ToolEventStage::Begin) => {
+                emit_exec_command_begin(ctx, command, cwd.as_path()).await;
            }
            (Self::Shell { .. }, ToolEventStage::Success(output)) => {
                emit_exec_end(
@@ -218,7 +200,7 @@ impl ToolEmitter {
                emit_patch_end(ctx, String::new(), (*message).to_string(), false).await;
            }
            (Self::UnifiedExec { command, cwd, .. }, ToolEventStage::Begin) => {
-                emit_exec_command_begin(ctx, &[command.to_string()], cwd.as_path(), false).await;
+                emit_exec_command_begin(ctx, &[command.to_string()], cwd.as_path()).await;
            }
            (Self::UnifiedExec { .. }, ToolEventStage::Success(output)) => {
                emit_exec_end(
@@ -274,32 +256,31 @@ impl ToolEmitter {
        ctx: ToolEventCtx<'_>,
        out: Result<ExecToolCallOutput, ToolError>,
    ) -> Result<String, FunctionCallError> {
-        let (event, result) = match out {
+        let event;
+        let result = match out {
            Ok(output) => {
                let content = super::format_exec_output_for_model(&output);
                let exit_code = output.exit_code;
-                let event = ToolEventStage::Success(output);
-                let result = if exit_code == 0 {
+                event = ToolEventStage::Success(output);
+                if exit_code == 0 {
                    Ok(content)
                } else {
                    Err(FunctionCallError::RespondToModel(content))
-                };
-                (event, result)
+                }
            }
            Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Timeout { output })))
            | Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied { output }))) => {
                let response = super::format_exec_output_for_model(&output);
-                let event = ToolEventStage::Failure(ToolEventFailure::Output(*output));
-                let result = Err(FunctionCallError::RespondToModel(response));
-                (event, result)
+                event = ToolEventStage::Failure(ToolEventFailure::Output(*output));
+                Err(FunctionCallError::RespondToModel(response))
            }
            Err(ToolError::Codex(err)) => {
                let message = format!("execution error: {err:?}");
-                let event = ToolEventStage::Failure(ToolEventFailure::Message(message.clone()));
-                let result = Err(FunctionCallError::RespondToModel(message));
-                (event, result)
+                let response = message.clone();
+                event = ToolEventStage::Failure(ToolEventFailure::Message(message));
+                Err(FunctionCallError::RespondToModel(response))
            }
-            Err(ToolError::Rejected(msg)) => {
+            Err(ToolError::Rejected(msg)) | Err(ToolError::SandboxDenied(msg)) => {
                // Normalize common rejection messages for exec tools so tests and
                // users see a clear, consistent phrase.
                let normalized = if msg == "rejected by user" {
@@ -307,9 +288,9 @@ impl ToolEmitter {
                } else {
                    msg
                };
-                let event = ToolEventStage::Failure(ToolEventFailure::Message(normalized.clone()));
-                let result = Err(FunctionCallError::RespondToModel(normalized));
-                (event, result)
+                let response = &normalized;
+                event = ToolEventStage::Failure(ToolEventFailure::Message(normalized.clone()));
+                Err(FunctionCallError::RespondToModel(response.clone()))
            }
        };
        self.emit(ctx, event).await;
--- a/codex-rs/core/src/tools/handlers/shell.rs
+++ b/codex-rs/core/src/tools/handlers/shell.rs
@@ -78,7 +78,6 @@ impl ToolHandler for ShellHandler {
                    turn,
                    tracker,
                    call_id,
-                    false,
                )
                .await
            }
@@ -91,7 +90,6 @@ impl ToolHandler for ShellHandler {
                    turn,
                    tracker,
                    call_id,
-                    true,
                )
                .await
            }
@@ -110,7 +108,6 @@ impl ShellHandler {
        turn: Arc<TurnContext>,
        tracker: crate::tools::context::SharedTurnDiffTracker,
        call_id: String,
-        is_user_shell_command: bool,
    ) -> Result<ToolOutput, FunctionCallError> {
        // Approval policy guard for explicit escalation in non-OnRequest modes.
        if exec_params.with_escalated_permissions.unwrap_or(false)
@@ -204,11 +201,7 @@ impl ShellHandler {
        }

        // Regular shell execution path.
-        let emitter = ToolEmitter::shell(
-            exec_params.command.clone(),
-            exec_params.cwd.clone(),
-            is_user_shell_command,
-        );
+        let emitter = ToolEmitter::shell(exec_params.command.clone(), exec_params.cwd.clone());
        let event_ctx = ToolEventCtx::new(session.as_ref(), turn.as_ref(), &call_id, None);
        emitter.begin(event_ctx).await;

--- a/codex-rs/core/src/tools/orchestrator.rs
+++ b/codex-rs/core/src/tools/orchestrator.rs
@@ -54,21 +54,12 @@ impl ToolOrchestrator {
        let mut already_approved = false;

        if needs_initial_approval {
-            let mut risk = None;
-
-            if let Some(metadata) = req.sandbox_retry_data() {
-                risk = tool_ctx
-                    .session
-                    .assess_sandbox_command(turn_ctx, &tool_ctx.call_id, &metadata.command, None)
-                    .await;
-            }
-
            let approval_ctx = ApprovalCtx {
                session: tool_ctx.session,
                turn: turn_ctx,
                call_id: &tool_ctx.call_id,
                retry_reason: None,
-                risk,
+                risk: None,
            };
            let decision = tool.start_approval_async(req, approval_ctx).await;

@@ -92,8 +83,6 @@ impl ToolOrchestrator {
        if tool.wants_escalated_first_attempt(req) {
            initial_sandbox = crate::exec::SandboxType::None;
        }
-        // Platform-specific flag gating is handled by SandboxManager::select_initial
-        // via crate::safety::get_platform_sandbox().
        let initial_attempt = SandboxAttempt {
            sandbox: initial_sandbox,
            policy: &turn_ctx.sandbox_policy,
@@ -109,16 +98,15 @@ impl ToolOrchestrator {
            }
            Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied { output }))) => {
                if !tool.escalate_on_failure() {
-                    return Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied {
-                        output,
-                    })));
+                    return Err(ToolError::SandboxDenied(
+                        "sandbox denied and no retry".to_string(),
+                    ));
                }
-                // Under `Never` or `OnRequest`, do not retry without sandbox; surface a concise
-                // sandbox denial that preserves the original output.
+                // Under `Never` or `OnRequest`, do not retry without sandbox; surface a concise message
+                // derived from the actual output (platform-agnostic).
                if !tool.wants_no_sandbox_approval(approval_policy) {
-                    return Err(ToolError::Codex(CodexErr::Sandbox(SandboxErr::Denied {
-                        output,
-                    })));
+                    let msg = build_never_denied_message_from_output(output.as_ref());
+                    return Err(ToolError::SandboxDenied(msg));
                }

                // Ask for approval before retrying without sandbox.
@@ -179,6 +167,29 @@ impl ToolOrchestrator {
    }
 }

+fn build_never_denied_message_from_output(output: &ExecToolCallOutput) -> String {
+    let body = format!(
+        "{}\n{}\n{}",
+        output.stderr.text, output.stdout.text, output.aggregated_output.text
+    )
+    .to_lowercase();
+
+    let detail = if body.contains("permission denied") {
+        Some("Permission denied")
+    } else if body.contains("operation not permitted") {
+        Some("Operation not permitted")
+    } else if body.contains("read-only file system") {
+        Some("Read-only file system")
+    } else {
+        None
+    };
+
+    match detail {
+        Some(tag) => format!("failed in sandbox: {tag}"),
+        None => "failed in sandbox".to_string(),
+    }
+}
+
 fn build_denial_reason_from_output(_output: &ExecToolCallOutput) -> String {
    // Keep approval reason terse and stable for UX/tests, but accept the
    // output so we can evolve heuristics later without touching call sites.
--- a/codex-rs/core/src/tools/parallel.rs
+++ b/codex-rs/core/src/tools/parallel.rs
@@ -1,5 +1,4 @@
 use std::sync::Arc;
-use std::time::Instant;

 use tokio::sync::RwLock;
 use tokio_util::either::Either;
@@ -54,16 +53,13 @@ impl ToolCallRuntime {
        let turn = Arc::clone(&self.turn_context);
        let tracker = Arc::clone(&self.tracker);
        let lock = Arc::clone(&self.parallel_execution);
-        let started = Instant::now();
+        let aborted_response = Self::aborted_response(&call);
        let readiness = self.turn_context.tool_call_gate.clone();

        let handle: AbortOnDropHandle<Result<ResponseInputItem, FunctionCallError>> =
            AbortOnDropHandle::new(tokio::spawn(async move {
                tokio::select! {
-                    _ = cancellation_token.cancelled() => {
-                        let secs = started.elapsed().as_secs_f32().max(0.1);
-                        Ok(Self::aborted_response(&call, secs))
-                    },
+                    _ = cancellation_token.cancelled() => Ok(aborted_response),
                    res = async {
                        tracing::info!("waiting for tool gate");
                        readiness.wait_ready().await;
@@ -75,7 +71,7 @@ impl ToolCallRuntime {
                        };

                        router
-                            .dispatch_tool_call(session, turn, tracker, call.clone())
+                            .dispatch_tool_call(session, turn, tracker, call)
                            .await
                    } => res,
                }
@@ -95,32 +91,23 @@ impl ToolCallRuntime {
 }

 impl ToolCallRuntime {
-    fn aborted_response(call: &ToolCall, secs: f32) -> ResponseInputItem {
+    fn aborted_response(call: &ToolCall) -> ResponseInputItem {
        match &call.payload {
            ToolPayload::Custom { .. } => ResponseInputItem::CustomToolCallOutput {
                call_id: call.call_id.clone(),
-                output: Self::abort_message(call, secs),
+                output: "aborted".to_string(),
            },
            ToolPayload::Mcp { .. } => ResponseInputItem::McpToolCallOutput {
                call_id: call.call_id.clone(),
-                result: Err(Self::abort_message(call, secs)),
+                result: Err("aborted".to_string()),
            },
            _ => ResponseInputItem::FunctionCallOutput {
                call_id: call.call_id.clone(),
                output: FunctionCallOutputPayload {
-                    content: Self::abort_message(call, secs),
+                    content: "aborted".to_string(),
                    ..Default::default()
                },
            },
        }
    }
-
-    fn abort_message(call: &ToolCall, secs: f32) -> String {
-        match call.tool_name.as_str() {
-            "shell" | "container.exec" | "local_shell" | "unified_exec" => {
-                format!("Wall time: {secs:.1} seconds\naborted by user")
-            }
-            _ => format!("aborted by user after {secs:.1}s"),
-        }
-    }
 }
--- a/codex-rs/core/src/tools/sandboxing.rs
+++ b/codex-rs/core/src/tools/sandboxing.rs
@@ -173,6 +173,7 @@ pub(crate) trait ProvidesSandboxRetryData {
 #[derive(Debug)]
 pub(crate) enum ToolError {
    Rejected(String),
+    SandboxDenied(String),
    Codex(CodexErr),
 }

--- a/codex-rs/core/src/user_instructions.rs
+++ b/codex-rs/core/src/user_instructions.rs
@@ -3,25 +3,29 @@ use serde::Serialize;

 use codex_protocol::models::ContentItem;
 use codex_protocol::models::ResponseItem;
+use codex_protocol::protocol::USER_INSTRUCTIONS_CLOSE_TAG;
+use codex_protocol::protocol::USER_INSTRUCTIONS_OPEN_TAG;

-pub const USER_INSTRUCTIONS_OPEN_TAG_LEGACY: &str = "<user_instructions>";
-pub const USER_INSTRUCTIONS_PREFIX: &str = "# AGENTS.md instructions for ";
+/// Wraps user instructions in a tag so the model can classify them easily.

 #[derive(Debug, Clone, Serialize, Deserialize, PartialEq)]
 #[serde(rename = "user_instructions", rename_all = "snake_case")]
 pub(crate) struct UserInstructions {
-    pub directory: String,
-    pub text: String,
+    text: String,
 }

 impl UserInstructions {
-    pub fn is_user_instructions(message: &[ContentItem]) -> bool {
-        if let [ContentItem::InputText { text }] = message {
-            text.starts_with(USER_INSTRUCTIONS_PREFIX)
-                || text.starts_with(USER_INSTRUCTIONS_OPEN_TAG_LEGACY)
-        } else {
-            false
-        }
+    pub fn new<T: Into<String>>(text: T) -> Self {
+        Self { text: text.into() }
+    }
+
+    /// Serializes the user instructions to an XML-like tagged block that starts
+    /// with <user_instructions> so clients can classify it.
+    pub fn serialize_to_xml(self) -> String {
+        format!(
+            "{USER_INSTRUCTIONS_OPEN_TAG}\n\n{}\n\n{USER_INSTRUCTIONS_CLOSE_TAG}",
+            self.text
+        )
    }
 }

@@ -31,88 +35,8 @@ impl From<UserInstructions> for ResponseItem {
            id: None,
            role: "user".to_string(),
            content: vec![ContentItem::InputText {
-                text: format!(
-                    "{USER_INSTRUCTIONS_PREFIX}{directory}\n\n<INSTRUCTIONS>\n{contents}\n</INSTRUCTIONS>",
-                    directory = ui.directory,
-                    contents = ui.text
-                ),
+                text: ui.serialize_to_xml(),
            }],
        }
    }
 }
-
-#[derive(Debug, Clone, Serialize, Deserialize, PartialEq)]
-#[serde(rename = "developer_instructions", rename_all = "snake_case")]
-pub(crate) struct DeveloperInstructions {
-    text: String,
-}
-
-impl DeveloperInstructions {
-    pub fn new<T: Into<String>>(text: T) -> Self {
-        Self { text: text.into() }
-    }
-
-    pub fn into_text(self) -> String {
-        self.text
-    }
-}
-
-impl From<DeveloperInstructions> for ResponseItem {
-    fn from(di: DeveloperInstructions) -> Self {
-        ResponseItem::Message {
-            id: None,
-            role: "developer".to_string(),
-            content: vec![ContentItem::InputText {
-                text: di.into_text(),
-            }],
-        }
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn test_user_instructions() {
-        let user_instructions = UserInstructions {
-            directory: "test_directory".to_string(),
-            text: "test_text".to_string(),
-        };
-        let response_item: ResponseItem = user_instructions.into();
-
-        let ResponseItem::Message { role, content, .. } = response_item else {
-            panic!("expected ResponseItem::Message");
-        };
-
-        assert_eq!(role, "user");
-
-        let [ContentItem::InputText { text }] = content.as_slice() else {
-            panic!("expected one InputText content item");
-        };
-
-        assert_eq!(
-            text,
-            "# AGENTS.md instructions for test_directory\n\n<INSTRUCTIONS>\ntest_text\n</INSTRUCTIONS>",
-        );
-    }
-
-    #[test]
-    fn test_is_user_instructions() {
-        assert!(UserInstructions::is_user_instructions(
-            &[ContentItem::InputText {
-                text: "# AGENTS.md instructions for test_directory\n\n<INSTRUCTIONS>\ntest_text\n</INSTRUCTIONS>".to_string(),
-            }]
-        ));
-        assert!(UserInstructions::is_user_instructions(&[
-            ContentItem::InputText {
-                text: "<user_instructions>test_text</user_instructions>".to_string(),
-            }
-        ]));
-        assert!(!UserInstructions::is_user_instructions(&[
-            ContentItem::InputText {
-                text: "test_text".to_string(),
-            }
-        ]));
-    }
-}
--- a/codex-rs/core/src/util.rs
+++ b/codex-rs/core/src/util.rs
@@ -1,8 +1,6 @@
 use std::time::Duration;

 use rand::Rng;
-use tracing::debug;
-use tracing::error;

 const INITIAL_DELAY_MS: u64 = 200;
 const BACKOFF_FACTOR: f64 = 2.0;
@@ -13,55 +11,3 @@ pub(crate) fn backoff(attempt: u64) -> Duration {
    let jitter = rand::rng().random_range(0.9..1.1);
    Duration::from_millis((base as f64 * jitter) as u64)
 }
-
-pub(crate) fn error_or_panic(message: String) {
-    if cfg!(debug_assertions) || env!("CARGO_PKG_VERSION").contains("alpha") {
-        panic!("{message}");
-    } else {
-        error!("{message}");
-    }
-}
-
-pub(crate) fn try_parse_error_message(text: &str) -> String {
-    debug!("Parsing server error response: {}", text);
-    let json = serde_json::from_str::<serde_json::Value>(text).unwrap_or_default();
-    if let Some(error) = json.get("error")
-        && let Some(message) = error.get("message")
-        && let Some(message_str) = message.as_str()
-    {
-        return message_str.to_string();
-    }
-    if text.is_empty() {
-        return "Unknown error".to_string();
-    }
-    text.to_string()
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn test_try_parse_error_message() {
-        let text = r#"{
-  "error": {
-    "message": "Your refresh token has already been used to generate a new access token. Please try signing in again.",
-    "type": "invalid_request_error",
-    "param": null,
-    "code": "refresh_token_reused"
-  }
-}"#;
-        let message = try_parse_error_message(text);
-        assert_eq!(
-            message,
-            "Your refresh token has already been used to generate a new access token. Please try signing in again."
-        );
-    }
-
-    #[test]
-    fn test_try_parse_error_message_no_error() {
-        let text = r#"{"message": "test"}"#;
-        let message = try_parse_error_message(text);
-        assert_eq!(message, r#"{"message": "test"}"#);
-    }
-}
--- a/codex-rs/core/templates/compact/history_bridge.md
+++ b/codex-rs/core/templates/compact/history_bridge.md
@@ -0,0 +1,7 @@
+You were originally given instructions from a user over one or more turns. Here were the user messages:
+
+{{ user_messages_text }}
+
+Another language model started to solve this problem and produced a summary of its thinking process. You also have access to the state of the tools that were used by that language model. Use this to build on the work that has already been done and avoid duplicating work. Here is the summary produced by the other language model, use the information in this summary to assist with your own analysis:
+
+{{ summary_text }}
--- a/codex-rs/core/templates/compact/prompt.md
+++ b/codex-rs/core/templates/compact/prompt.md
@@ -1,9 +1,5 @@
-You are performing a CONTEXT CHECKPOINT COMPACTION. Create a handoff summary for another LLM that will resume the task.
-
-Include:
- Current progress and key decisions made
- Important context, constraints, or user preferences
- What remains to be done (clear next steps)
- Any critical data, examples, or references needed to continue
-
-Be concise, structured, and focused on helping the next LLM seamlessly continue the work.
+You have exceeded the maximum number of tokens, please stop coding and instead write a short memento message for the next agent. Your note should:
+- Summarize what you finished and what still needs work. If there was a recent update_plan call, repeat its steps verbatim.
+- List outstanding TODOs with file paths / line numbers so they're easy to find.
+- Flag code that needs more tests (edge cases, performance, integration, etc.).
+- Record any open bugs, quirks, or setup steps that will make it easier for the next agent to pick up where you left off.
--- a/codex-rs/core/templates/review/exit_interrupted.xml
+++ b/codex-rs/core/templates/review/exit_interrupted.xml
@@ -1,8 +0,0 @@
-<user_action>
-  <context>User initiated a review task, but was interrupted. If user asks about this, tell them to re-initiate a review with `/review` and wait for it to complete.</context>
-  <action>review</action>
-  <results>
-  None.
-  </results>
-</user_action>
-
--- a/codex-rs/core/templates/review/exit_success.xml
+++ b/codex-rs/core/templates/review/exit_success.xml
@@ -1,8 +0,0 @@
-<user_action>
-  <context>User initiated a review task. Here's the full review output from reviewer model. User may select one or more comments to resolve.</context>
-  <action>review</action>
-  <results>
-  {results}
-  </results>
-  </user_action>
-
--- a/codex-rs/core/templates/review/history_message_completed.md
+++ b/codex-rs/core/templates/review/history_message_completed.md
@@ -1,8 +0,0 @@
-<user_action>
-  <context>User initiated a review task. Here's the full review output from reviewer model. User may select one or more comments to resolve.</context>
-  <action>review</action>
-  <results>
-  {findings}
-  </results>
-</user_action>
-
--- a/Show More
+++ b/Show More